| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 May 2013 08:54:17 -0400 From: Peter Hurley <peter@...leysoftware.com> To: channing <chao.bi@...el.com> CC: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Jiri Slaby <jslaby@...e.cz>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] tty_buffer: avoid race due to tty_buffer_free_all() being misused On 05/16/2013 04:59 AM, channing wrote: > > In tty_buffer.c, function tty_buffer_free_all() is used to remove > all buffers for a tty, although it's declared that it mustn't be called > when the tty is in use, it cannot guarantee that. we can observe some > device driver make use it by mistake, for example, while tty device is > releasing, the tty data forwarding is not stopped, then it might hit > the case that tty buffer is being used while tty_buffer_free_all() > free this tty buffer, and finally lead to random error at any places, > and it's not clear to debug. What kernel version? > Although device driver could do better, it's simpler and safer to > strengthen protection in the view of tty buffer, by adding a tty->buf.lock > in tty_buffer_free_all() to avoid it racing with ongoing tty buffer > operations. Sorry, but this isn't correct. The driver cannot continue to perform i/o concurrently with tty_port_destroy(). If the concurrent use you're observing is with flush_to_ldisc(), that should be fixed in current mainline. Regards, Peter Hurley -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists