mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 21:57:43 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/tty
History
Tetsuo Handa 4bb1a53be8 tty: n_gsm: initialize more members at gsm_alloc_mux() 
syzbot is reporting use of uninitialized spinlock at gsmld_write() [1], for
commit 32dd59f969 ("tty: n_gsm: fix race condition in gsmld_write()")
allows accessing gsm->tx_lock before gsm_activate_mux() initializes it.

Since object initialization should be done right after allocation in order
to avoid accessing uninitialized memory, move initialization of
timer/work/waitqueue/spinlock from gsmld_open()/gsm_activate_mux() to
gsm_alloc_mux().

Link: https://syzkaller.appspot.com/bug?extid=cf155def4e717db68a12 [1]
Fixes: 32dd59f969 ("tty: n_gsm: fix race condition in gsmld_write()")
Reported-by: syzbot <syzbot+cf155def4e717db68a12@syzkaller.appspotmail.com>
Tested-by: syzbot <syzbot+cf155def4e717db68a12@syzkaller.appspotmail.com>
Cc: stable <stable@kernel.org>
Acked-by: Jiri Slaby <jirislaby@kernel.org>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Link: https://lore.kernel.org/r/2110618e-57f0-c1ce-b2ad-b6cacef3f60e@I-love.SAKURA.ne.jp
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-08-30 14:35:04 +02:00
..
hvc xen: branch for v5.19-rc1b 2022-06-04 13:42:53 -07:00
ipwireless
serdev tty: Replace acpi_bus_get_device() 2022-01-31 14:30:06 +01:00
serial tty: serial: atmel: Preserve previous USART mode if RS485 disabled 2022-08-30 14:33:08 +02:00
vt vt: Clear selection before changing the font 2022-08-30 14:30:52 +02:00
amiserial.c tty: amiserial: Fix comment typo 2022-07-28 16:33:29 +02:00
ehv_bytechan.c
goldfish.c tty: goldfish: Fix free_irq() on remove 2022-06-10 13:31:31 +02:00
Kconfig
Makefile
mips_ejtag_fdc.c serial: Convert SERIAL_XMIT_SIZE to UART_XMIT_SIZE 2022-06-27 14:41:31 +02:00
moxa.c
mxser.c tty: remove BOTHER ifdefs 2022-05-19 18:26:17 +02:00
n_gsm.c tty: n_gsm: initialize more members at gsm_alloc_mux() 2022-08-30 14:35:04 +02:00
n_hdlc.c Linux 5.16-rc6 2021-12-20 10:00:30 +01:00
n_null.c
n_tty.c tty: Use flow-control char function on closing path 2022-06-10 13:51:31 +02:00
nozomi.c
pty.c tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() 2022-07-08 15:16:28 +02:00
rpmsg_tty.c tty: rpmsg: Fix race condition releasing tty port 2022-01-26 14:50:26 +01:00
synclink_gt.c tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() 2022-04-14 18:26:30 +02:00
sysrq.c Merge branch 'rework/kthreads' into for-linus 2022-06-23 19:11:28 +02:00
tty.h tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() 2022-07-08 15:16:28 +02:00
tty_audit.c
tty_baudrate.c tty: remove IBSHIFT ifdefs 2022-05-19 18:26:17 +02:00
tty_buffer.c tty: Fix lookahead_buf crash with serdev 2022-08-30 14:31:53 +02:00
tty_io.c tty: fix typos in comments 2022-06-10 13:32:52 +02:00
tty_ioctl.c serial: Support for RS-485 multipoint addresses 2022-06-27 14:44:20 +02:00
tty_jobctrl.c signal: Replace __group_send_sig_info with send_signal_locked 2022-05-11 14:33:17 -05:00
tty_ldisc.c
tty_ldsem.c tty/ldsem: Fix syntax errors in comments 2021-12-21 09:15:49 +01:00
tty_mutex.c
tty_port.c tty: Implement lookahead to process XON/XOFF timely 2022-06-10 13:51:31 +02:00
ttynull.c
vcc.c