| Message ID | 20231212111431.4064760-1-Ilia.Gavrilov@infotecs.ru |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7651075vqy;
Tue, 12 Dec 2023 03:18:01 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IFkM8ePlVpe7UW8K8rGCwVr9KIoeFoJGFWCOz1qjshz7vi9E7N6CpAVpFOa9FZPpglY8Sn7
X-Received: by 2002:a05:6a00:1302:b0:6cd:dfae:1b44 with SMTP id
j2-20020a056a00130200b006cddfae1b44mr3507740pfu.34.1702379881377;
Tue, 12 Dec 2023 03:18:01 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1702379881; cv=none;
d=google.com; s=arc-20160816;
b=gp5Nwu9Mb6Q3i7kOx/Vgx09n5Le5iWvvexnl4h3ORx/i0tvHO2k8sfFk+7ospZlcVp
LNWDPLZJm2Grym2rl7Xc0U47BhC6cXADtx/mXvvqVcU1sBQ866rYXugVnFjnXhFsPutS
idS4FXo1m3/jt/+d1VFhBHGK4yXusy+wlMlGKzyIAjN8cVml3h2iL0ZzJrWN2M8uqsMw
gRH0K2+HHQfXFKRLRxBp9hABg3GcPozcKVZiz/h+3oOX9y5DvT3H65G+0Su1DM/+J355
gZnoxjuUvtZraWelMDLMB0/bWlMO16mDxyXwUN/nVzjZJ3lrFmRoDCqD4g4Rg0uiGba5
clZg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:mime-version:content-transfer-encoding
:content-language:accept-language:message-id:date:thread-index
:thread-topic:subject:cc:to:from:dkim-signature:dkim-filter;
bh=x2Jm0xUedAtS0RUe8qmWwG38faX4FDQ1yRUOKkXwBI0=;
fh=u9WMGtT6lxesL2nzz73lYcoMEOFVUAOsuQnbgfsY71g=;
b=Lw3ppXbI+K5rCBTnxURkcd6AnNlpg66259bj4nBpZhQJMxBKI88YZcGQHDVWHk8Lzt
ZALbF2mwBg0ygZ78GvR8dB0U9ppU1kU63Mkd88gNJPRyRFwLyzpk8K+Bouvk1NbLuK+f
KuRiX7ZtlbYJaG4X4m9NdguaE3WKxGuNVoIJ0z9Nnjbsek6v7G4nY0osGk/okmuLvrYz
78WDwKIuUVpF7hatQp13O65aRXRfFazBRyaN4TwwpxvjhD5btz/pw7IxQpBOElEzvE0g
XwWMTcy7Cxgc/nkgy86EprggjqFdAkut26s2G12XCZ7Q73aH+Od0yW3Q4wWgSMVNPgo5
UIEw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@infotecs.ru header.s=mx header.b=gxcsFfRD;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:2 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=infotecs.ru
Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2])
by mx.google.com with ESMTPS id
b4-20020a056a000cc400b006ce789c5378si7535767pfv.373.2023.12.12.03.18.01
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 12 Dec 2023 03:18:01 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:2 as permitted sender)
client-ip=2620:137:e000::3:2;
Authentication-Results: mx.google.com;
dkim=pass header.i=@infotecs.ru header.s=mx header.b=gxcsFfRD;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:2 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=infotecs.ru
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by agentk.vger.email (Postfix) with ESMTP id 259E98053C73;
Tue, 12 Dec 2023 03:17:59 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S1346329AbjLLLR2 (ORCPT <rfc822;dexuan.linux@gmail.com>
+ 99 others); Tue, 12 Dec 2023 06:17:28 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47898 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S1346320AbjLLLRX (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 12 Dec 2023 06:17:23 -0500
Received: from mx0.infotecs.ru (mx0.infotecs.ru [91.244.183.115])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C675F2
for <linux-kernel@vger.kernel.org>;
Tue, 12 Dec 2023 03:17:24 -0800 (PST)
Received: from mx0.infotecs-nt (localhost [127.0.0.1])
by mx0.infotecs.ru (Postfix) with ESMTP id 8BE8711D04A2;
Tue, 12 Dec 2023 14:17:21 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.11.0 mx0.infotecs.ru 8BE8711D04A2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infotecs.ru; s=mx;
t=1702379841; bh=x2Jm0xUedAtS0RUe8qmWwG38faX4FDQ1yRUOKkXwBI0=;
h=From:To:CC:Subject:Date:From;
b=gxcsFfRDr17YUaZXFg0rWjatkX9tAvNJ2Gul2BbjiUQr0McXov/6OwDxqjxr/7AdF
IfKdmNOfweNTRcpNzjHAwABK5CvsvZ0z0EJHxnmkVelD1hn8PG6aOGcAJSUGWZuWEd
f+G9UNnFfQZ7MSPaZBevzgEDWDSLMGagjq0hT8vs=
Received: from msk-exch-01.infotecs-nt (msk-exch-01.infotecs-nt [10.0.7.191])
by mx0.infotecs-nt (Postfix) with ESMTP id 875673029CDE;
Tue, 12 Dec 2023 14:17:21 +0300 (MSK)
From: Gavrilov Ilia <Ilia.Gavrilov@infotecs.ru>
To: "stable@vger.kernel.org" <stable@vger.kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
CC: Daniel Starke <daniel.starke@siemens.com>,
Jiri Slaby <jirislaby@kernel.org>,
Russ Gorby <russ.gorby@intel.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"lvc-project@linuxtesting.org" <lvc-project@linuxtesting.org>
Subject: [PATCH 5.10 0/3] tty: n_gsm: fix tty registration before control
channel open
Thread-Topic: [PATCH 5.10 0/3] tty: n_gsm: fix tty registration before control
channel open
Thread-Index: AQHaLOzG4q0VQXlQGEK0PfABOy9uPw==
Date: Tue, 12 Dec 2023 11:17:21 +0000
Message-ID: <20231212111431.4064760-1-Ilia.Gavrilov@infotecs.ru>
Accept-Language: ru-RU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.17.0.10]
x-exclaimer-md-config: 208ac3cd-1ed4-4982-a353-bdefac89ac0a
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-KLMS-Rule-ID: 5
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Status: not scanned, disabled by settings
X-KLMS-AntiSpam-Interceptor-Info: not scanned
X-KLMS-AntiPhishing: Clean, bases: 2023/12/12 08:32:00
X-KLMS-AntiVirus: Kaspersky Security for Linux Mail Server, version 8.0.3.30,
bases: 2023/12/12 02:27:00 #22664189
X-KLMS-AntiVirus-Status: Clean, skipped
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]);
Tue, 12 Dec 2023 03:17:59 -0800 (PST)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1785074672037819987
X-GMAIL-MSGID: 1785074686196966506
|
| Series |
tty: n_gsm: fix tty registration before control channel open
|
|
Message
Gavrilov Ilia
Dec. 12, 2023, 11:17 a.m. UTC
Syzkaller reports memory leak issue at gsmld_attach_gsm() in 5.10 stable releases. The reproducer injects the memory allocation errors to tty_register_device(); as a result, tty_kref_get() isn't called after this error, which leads to tty_struct leak. The issue has been fixed by the following patches that can be cleanly applied to the 5.10 branch. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with Syzkaller
Comments
On Tue, Dec 12, 2023 at 11:17:21AM +0000, Gavrilov Ilia wrote: > Syzkaller reports memory leak issue at gsmld_attach_gsm() in > 5.10 stable releases. The reproducer injects the memory allocation > errors to tty_register_device(); as a result, tty_kref_get() isn't called > after this error, which leads to tty_struct leak. > The issue has been fixed by the following patches that can be cleanly > applied to the 5.10 branch. > > Found by InfoTeCS on behalf of Linux Verification Center > (linuxtesting.org) with Syzkaller Do you actually have any hardware for this protocol running on the 5.10.y kernel? How was this tested? Why was just this specific set of patches picked to be backported? thanks, greg k-h
On 12/12/23 14:44, Greg Kroah-Hartman wrote: > On Tue, Dec 12, 2023 at 11:17:21AM +0000, Gavrilov Ilia wrote: >> Syzkaller reports memory leak issue at gsmld_attach_gsm() in >> 5.10 stable releases. The reproducer injects the memory allocation >> errors to tty_register_device(); as a result, tty_kref_get() isn't called >> after this error, which leads to tty_struct leak. >> The issue has been fixed by the following patches that can be cleanly >> applied to the 5.10 branch. >> >> Found by InfoTeCS on behalf of Linux Verification Center >> (linuxtesting.org) with Syzkaller > > Do you actually have any hardware for this protocol running on the > 5.10.y kernel? How was this tested? Why was just this specific set of > patches picked to be backported? > No, I don't have any hardware for this protocol. I tested this manually on virtual machines and using a reproducer (generated by syzkaller). The first patch fixes the main problem(memory leak). The third patch fixes the problem with а null pointer dereference. I added this patch because it has a "fixes" tag that references to the first patch. The third patch can't be applied cleanly without the second patch. > thanks, > > greg k-h