From: Milton Miller <miltonm@bga.com>
To: Amit Shah <amit.shah@redhat.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>,
linux-kernel@vger.kernel.org, linuxppc-dev@ozlabs.org,
greg@kroah.com, Amit Shah <amit.shah@redhat.com>
Subject: Re: hvc_console: Don't access hvc_task if not initialised
Date: Thu, 24 Mar 2011 08:58:04 -0600 [thread overview]
Message-ID: <hvc-kick-notask@mdm.bga.com> (raw)
In-Reply-To: <df8ea6d65c1ceeb25b0a3fdfc66995b8a8273ea5.1300951793.git.amit.shah@redhat.com>
[removed stable list from discussion]
On Thu, 24 Mar 2011 07:29:58 -0000, Amit Shah wrote:
> hvc_open() can be called without having any backing device. This
> results in a call to hvc_kick() which calls wake_up_process on a NULL
> pointer.
How is hvc_open called without a hvc_driver registered to the tty layer?
> Ensure hvc is initialised by checking for a non-NULL hvc_task
> before waking up the hvc thread.
No if the task is missing the subsystem is really stuck. Put a check
in open and refuse to open.
>
> This was found by an autotest run for virtio_console without having a
> console backend.
>
stack trace please
> CC: stable@kernel.org
> Signed-off-by: Amit Shah <amit.shah@redhat.com>
>
> ---
> drivers/tty/hvc/hvc_console.c | 3 +++
> 1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/drivers/tty/hvc/hvc_console.c b/drivers/tty/hvc/hvc_console.c
> index e9cba13..b2cb5cc 100644
> --- a/drivers/tty/hvc/hvc_console.c
> +++ b/drivers/tty/hvc/hvc_console.c
> @@ -286,6 +286,9 @@ EXPORT_SYMBOL_GPL(hvc_instantiate);
> /* Wake the sleeping khvcd */
> void hvc_kick(void)
> {
> + if (!hvc_task)
> + return;
> +
> hvc_kicked = 1;
> wake_up_process(hvc_task);
> }
WARNING: multiple messages have this Message-ID (diff)
From: Milton Miller <miltonm@bga.com>
To: Amit Shah <amit.shah@redhat.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>,
linux-kernel@vger.kernel.org, benh@kernel.crashing.org,
greg@kroah.com, Amit Shah <amit.shah@redhat.com>,
linuxppc-dev@ozlabs.org
Subject: Re: hvc_console: Don't access hvc_task if not initialised
Date: Thu, 24 Mar 2011 08:58:04 -0600 [thread overview]
Message-ID: <hvc-kick-notask@mdm.bga.com> (raw)
In-Reply-To: <df8ea6d65c1ceeb25b0a3fdfc66995b8a8273ea5.1300951793.git.amit.shah@redhat.com>
[removed stable list from discussion]
On Thu, 24 Mar 2011 07:29:58 -0000, Amit Shah wrote:
> hvc_open() can be called without having any backing device. This
> results in a call to hvc_kick() which calls wake_up_process on a NULL
> pointer.
How is hvc_open called without a hvc_driver registered to the tty layer?
> Ensure hvc is initialised by checking for a non-NULL hvc_task
> before waking up the hvc thread.
No if the task is missing the subsystem is really stuck. Put a check
in open and refuse to open.
>
> This was found by an autotest run for virtio_console without having a
> console backend.
>
stack trace please
> CC: stable@kernel.org
> Signed-off-by: Amit Shah <amit.shah@redhat.com>
>
> ---
> drivers/tty/hvc/hvc_console.c | 3 +++
> 1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/drivers/tty/hvc/hvc_console.c b/drivers/tty/hvc/hvc_console.c
> index e9cba13..b2cb5cc 100644
> --- a/drivers/tty/hvc/hvc_console.c
> +++ b/drivers/tty/hvc/hvc_console.c
> @@ -286,6 +286,9 @@ EXPORT_SYMBOL_GPL(hvc_instantiate);
> /* Wake the sleeping khvcd */
> void hvc_kick(void)
> {
> + if (!hvc_task)
> + return;
> +
> hvc_kicked = 1;
> wake_up_process(hvc_task);
> }
next prev parent reply other threads:[~2011-03-24 15:14 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-24 7:29 [PATCH] hvc_console: Don't access hvc_task if not initialised Amit Shah
2011-03-24 7:29 ` Amit Shah
2011-03-24 14:58 ` Milton Miller [this message]
2011-03-24 14:58 ` Milton Miller
2011-03-25 8:47 ` Amit Shah
2011-03-25 8:47 ` Amit Shah
2011-03-28 17:52 ` Milton Miller
2011-03-28 17:52 ` Milton Miller
2011-04-20 12:33 ` Amit Shah
2011-04-20 12:33 ` Amit Shah
2011-04-20 14:34 ` Greg KH
2011-04-20 14:34 ` Greg KH
2011-04-20 17:06 ` Amit Shah
2011-04-20 17:06 ` Amit Shah
2011-04-27 5:01 ` Rusty Russell
2011-04-27 5:01 ` Rusty Russell
2011-04-27 6:31 ` Amit Shah
2011-04-27 6:31 ` Amit Shah
2011-04-28 0:09 ` Greg KH
2011-04-28 0:09 ` Greg KH
2011-04-28 4:00 ` Amit Shah
2011-04-28 4:00 ` Amit Shah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=hvc-kick-notask@mdm.bga.com \
--to=miltonm@bga.com \
--cc=amit.shah@redhat.com \
--cc=greg@kroah.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@ozlabs.org \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.