Commit 923efc4d authored by Hongbo Yao's avatar Hongbo Yao Committed by Zheng Zengkai
Browse files

tty: fix possible deadlock in console_unlock 

euler inclusion
category: bugfix
bugzilla: 9509, https://gitee.com/openeuler/kernel/issues/I4K61K
CVE: NA

Reference: http://openeuler.huawei.com/bugzilla/show_bug.cgi?id=9509



------------------------------------------------

Syzkaller hit 'possible deadlock in console_unlock' for several times.
Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&(&port->lock)->rlock);
                               lock(&port_lock_key);
                               lock(&(&port->lock)->rlock);
  lock(console_owner);

The problem is that call_console_driver->console_driver also can do
this thing

   uart_port->lock
    tty_wakeup
     tty_port->lock

So we can have the following:

tty_write
 tty_port->lock
  printk
   call_console_driver
    console_driver
     uart_port->lock
      tty_wakeup
       tty_port->lock      << deadlock

To solve this problem,  switch to printk_safe mode around that kmalloc(),
this will redirect all printk()-s from kmalloc() to a special per-CPU
buffer, which will be flushed later from a safe context (irq work).

Signed-off-by: default avatarHongbo Yao <yaohongbo@huawei.com>
Signed-off-by: default avatarPeng Wu <wupeng58@huawei.com>
Reviewed-by: default avatarYang Yingliang <yangyingliang@huawei.com>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>
Reviewed-by: default avatarCheng Jian <cj.chengjian@huawei.com>
Reviewed-by: default avatarCheng Jian <cj.chengjian@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 827138d4
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment