| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 9 Jun 2007 20:18:05 +0200
From: Björn Steinbrink <B.Steinbrink@....de>
To: Paul Fulghum <paulkf@...rogate.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Arnd Bergmann <arnd@...db.de>,
Alan Cox <alan@...rguk.ukuu.org.uk>,
Nicolas Mailhot <nicolas.mailhot@...oste.net>,
Randy Dunlap <randy.dunlap@...cle.com>,
"bugme-daemon@...nel-bugs.osdl.org"
<bugme-daemon@...zilla.kernel.org>, linux-kernel@...r.kernel.org,
Mel Gorman <mel@....ul.ie>,
Christoph Lameter <clameter@....com>
Subject: Re: [PATCH] tty restore locked ioctl file op
On 2007.06.08 15:34:17 -0500, Paul Fulghum wrote:
> Restore tty locked ioctl handler which was replaced with
> an unlocked ioctl handler in hung_up_tty_fops by the patch:
>
> commit e10cc1df1d2014f68a4bdcf73f6dd122c4561f94
> Author: Paul Fulghum <paulkf@...rogate.com>
> Date: Thu May 10 22:22:50 2007 -0700
>
> tty: add compat_ioctl
>
> This was reported in:
> [Bug 8473] New: Oops: 0010 [1] SMP
>
> The bug is caused by switching to hung_up_tty_fops in do_tty_hangup.
> An ioctl call can be waiting on BLK after testing for existence of
> the locked ioctl handler in the normal tty fops, but before calling
> the locked ioctl handler. If a hangup occurs at that point, the
> locked ioctl fop is NULL and an oops occurs.
Sorry for the delay, your mails didn't make it into my inbox, and I
usually just mark threads on which I'm Cc'ed as read in my lkml mailbox,
thus I didn't notice it earlier. Any traces of the lost mails on your
side?
The patch works as expected, no Oops in sight. Regarding the
reproducability, it might be that it was easier to trigger on rc1. When
I retried today with rc4, I only got 2 Oopses in a minute, while the
first test had spitten out about 20 Oopses in 10 seconds (not sure if I
really had rc1 running back then, though).
Thanks,
Björn
> Signed-off-by: Paul Fulghum <paulkf@...rogate.com>
>
> --- a/drivers/char/tty_io.c 2007-06-08 14:26:10.000000000 -0500
> +++ b/drivers/char/tty_io.c 2007-06-08 14:28:58.000000000 -0500
> @@ -1173,8 +1173,14 @@ static unsigned int hung_up_tty_poll(str
> return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
> }
>
> -static long hung_up_tty_ioctl(struct file * file,
> - unsigned int cmd, unsigned long arg)
> +static int hung_up_tty_ioctl(struct inode * inode, struct file * file,
> + unsigned int cmd, unsigned long arg)
> +{
> + return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
> +}
> +
> +static long hung_up_tty_compat_ioctl(struct file * file,
> + unsigned int cmd, unsigned long arg)
> {
> return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
> }
> @@ -1222,8 +1228,8 @@ static const struct file_operations hung
> .read = hung_up_tty_read,
> .write = hung_up_tty_write,
> .poll = hung_up_tty_poll,
> - .unlocked_ioctl = hung_up_tty_ioctl,
> - .compat_ioctl = hung_up_tty_ioctl,
> + .ioctl = hung_up_tty_ioctl,
> + .compat_ioctl = hung_up_tty_compat_ioctl,
> .release = tty_release,
> };
>
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists