Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-26 06:02:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
1d661ed54d
linux/drivers
History
Duoming Zhou ec4eb8a86a drivers: net: slip: fix NPD bug in sl_tx_timeout() 
When a slip driver is detaching, the slip_close() will act to
cleanup necessary resources and sl->tty is set to NULL in
slip_close(). Meanwhile, the packet we transmit is blocked,
sl_tx_timeout() will be called. Although slip_close() and
sl_tx_timeout() use sl->lock to synchronize, we don`t judge
whether sl->tty equals to NULL in sl_tx_timeout() and the
null pointer dereference bug will happen.

   (Thread 1)                 |      (Thread 2)
                              | slip_close()
                              |   spin_lock_bh(&sl->lock)
                              |   ...
...                           |   sl->tty = NULL //(1)
sl_tx_timeout()               |   spin_unlock_bh(&sl->lock)
  spin_lock(&sl->lock);       |
  ...                         |   ...
  tty_chars_in_buffer(sl->tty)|
    if (tty->ops->..) //(2)   |
    ...                       |   synchronize_rcu()

We set NULL to sl->tty in position (1) and dereference sl->tty
in position (2).

This patch adds check in sl_tx_timeout(). If sl->tty equals to
NULL, sl_tx_timeout() will goto out.

Signed-off-by: Duoming Zhou <duoming@zju.edu.cn>
Reviewed-by: Jiri Slaby <jirislaby@kernel.org>
Link: https://lore.kernel.org/r/20220405132206.55291-1-duoming@zju.edu.cn
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-04-06 23:00:16 -07:00
..
accessibility
acpi libnvdimm for 5.18 2022-03-30 10:04:11 -07:00
amba
android
ata Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-03-17 13:56:58 -07:00
auxdisplay
base Device properties code update for 5.18-rc1 2022-03-29 11:30:12 -07:00
bcma Core MTD changes: 2022-03-25 13:35:34 -07:00
block xen: branch for v5.18-rc1 2022-03-28 14:32:39 -07:00
bluetooth Bluetooth: ath3k: remove superfluous header files 2022-03-18 17:12:09 +01:00
bus Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
cdrom SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
char dma-mapping updates for Linux 5.18 2022-03-29 08:50:14 -07:00
clk There's one large change in the core clk framework here. We change how 2022-03-30 10:11:04 -07:00
clocksource asm-generic updates for 5.18 2022-03-23 18:03:08 -07:00
comedi
connector
counter Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
cpufreq Merge branch 'cpufreq/arm/linux-next' of git://git.kernel.org/pub/scm/linux/kernel/git/vireshk/pm 2022-03-22 12:15:47 +01:00
cpuidle ARM driver updates for 5.18 2022-03-23 18:23:13 -07:00
crypto This push fixes the following issues: 2022-03-31 11:17:39 -07:00
cxl cxl/core/port: Fix NULL but dereferenced coccicheck error 2022-03-22 10:51:17 -07:00
dax dax for 5.18 2022-03-24 18:12:09 -07:00
dca
devfreq
dio
dma dmaengine updates for v5.18-rc1 2022-03-30 10:54:49 -07:00
dma-buf
edac Merge branch 'edac-amd64' into edac-updates-for-v5.18 2022-03-21 10:34:57 +01:00
eisa
extcon
firewire
firmware Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
fpga
fsi
gnss
gpio Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
gpu xen: branch for v5.18-rc1 2022-03-28 14:32:39 -07:00
greybus
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid 2022-03-25 12:22:16 -07:00
hsi
hv hyperv-next for 5.18 2022-03-24 12:30:37 -07:00
hwmon Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
hwspinlock
hwtracing Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
i2c Merge branch 'i2c/for-mergewindow' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2022-03-26 12:46:08 -07:00
i3c
idle cpuidle: intel_idle: Drop redundant backslash at line end 2022-03-17 14:32:59 +01:00
iio Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
infiniband SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
input xen: branch for v5.18-rc1 2022-03-28 14:32:39 -07:00
interconnect
iommu dma-mapping updates for Linux 5.18 2022-03-29 08:50:14 -07:00
ipack
irqchip asm-generic updates for 5.18 2022-03-23 18:03:08 -07:00
isdn mISDN: fix typo "frame to short" -> "frame too short" 2022-03-21 13:26:38 +00:00
leds LED updates for 5.18-rc1. Nothing major here, there are two drivers 2022-03-27 14:09:48 -07:00
macintosh
mailbox
mcb
md Driver core changes for 5.18-rc1 2022-03-28 12:41:28 -07:00
media drm for 5.18-rc1 2022-03-24 16:19:43 -07:00
memory ARM driver updates for 5.18 2022-03-23 18:23:13 -07:00
memstick
message
mfd - New Drivers 2022-03-25 13:56:18 -07:00
misc Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
mmc TTY/Serial driver changes for 5.18-rc1 2022-03-28 13:00:51 -07:00
most
mtd Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
mux
net drivers: net: slip: fix NPD bug in sl_tx_timeout() 2022-04-06 23:00:16 -07:00
nfc spi: Updates for v5.18 2022-03-21 18:33:57 -07:00
ntb
nubus
nvdimm libnvdimm for 5.18 2022-03-30 10:04:11 -07:00
nvme for-5.18/64bit-pi-2022-03-25 2022-03-26 12:01:35 -07:00
nvmem nvmem: brcm_nvram: parse NVRAM content into NVMEM cells 2022-03-18 14:08:36 +01:00
of Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
opp
parisc parisc: Fix CPU affinity for Lasi, WAX and Dino chips 2022-03-29 21:37:12 +02:00
parport parport_pc: Also enable driver for PCI systems 2022-03-18 14:01:41 +01:00
pci xen: branch for v5.18-rc1 2022-03-28 14:32:39 -07:00
pcmcia
peci
perf RISC-V Patches for the 5.18 Merge Window, Part 1 2022-03-25 10:11:38 -07:00
phy phy: PHY_FSL_LYNX_28G should depend on ARCH_LAYERSCAPE 2022-03-29 08:45:16 -07:00
pinctrl Pin control bulk changes for the v5.18 kernel cycle 2022-03-28 11:52:53 -07:00
platform Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
pnp PNP update for 5.18-rc1 2022-03-21 14:46:01 -07:00
power Driver core changes for 5.18-rc1 2022-03-28 12:41:28 -07:00
powercap
pps pps: generators: pps_gen_parport: Switch to use module_parport_driver() 2022-03-18 14:01:19 +01:00
ps3
ptp ptp: ocp: handle error from nvmem_device_find 2022-03-30 12:08:11 -07:00
pwm
rapidio
ras
regulator regulator: Fixes for v5.18 2022-03-30 10:58:28 -07:00
remoteproc remoteproc updates for v5.18 2022-03-30 10:50:48 -07:00
reset
rpmsg
rtc - New Drivers 2022-03-25 13:56:18 -07:00
s390 s390 updates for the 5.18 merge window 2022-03-25 10:01:34 -07:00
sbus
scsi xen: branch for v5.18-rc1 2022-03-28 14:32:39 -07:00
sh
siox
slimbus
soc Networking changes for 5.18. 2022-03-24 13:13:26 -07:00
soundwire Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
spi Core MTD changes: 2022-03-25 13:35:34 -07:00
spmi
ssb
staging Staging driver update for 5.18-rc1 2022-03-28 12:50:50 -07:00
target SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
tc
tee ARM driver updates for 5.18 2022-03-23 18:23:13 -07:00
thermal Merge branch 'thermal-hfi' 2022-03-18 19:00:26 +01:00
thunderbolt Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
tty TTY/Serial driver changes for 5.18-rc1 2022-03-28 13:00:51 -07:00
uio
usb xen: branch for v5.18-rc1 2022-03-28 14:32:39 -07:00
vdpa IOMMU Updates for Linux v5.18 2022-03-24 19:48:57 -07:00
vfio
vhost Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-03-17 13:56:58 -07:00
video Driver core changes for 5.18-rc1 2022-03-28 12:41:28 -07:00
virt Char/Misc and other driver updates for 5.18-rc1 2022-03-28 12:27:35 -07:00
virtio mm: enforce pageblock_order < MAX_ORDER 2022-03-22 15:57:06 -07:00
visorbus
vlynq
vme
w1 w1: w1_therm: Add support for Maxim MAX31850 thermoelement IF. 2022-03-18 14:07:09 +01:00
watchdog - New Drivers 2022-03-25 13:56:18 -07:00
xen xen: don't hang when resuming PCI device 2022-03-25 14:22:15 -05:00
zorro
Kconfig
Makefile