From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
syzkaller <syzkaller@googlegroups.com>,
Jiri Slaby <jslaby@suse.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH 3.18 32/32] n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
Date: Mon, 1 Jan 2018 15:22:39 +0100 [thread overview]
Message-ID: <20180101140019.583034666@linuxfoundation.org> (raw)
In-Reply-To: <20180101140012.582300879@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Linus Torvalds <torvalds@linux-foundation.org>
commit 966031f340185eddd05affcf72b740549f056348 upstream.
We added support for EXTPROC back in 2010 in commit 26df6d13406d ("tty:
Add EXTPROC support for LINEMODE") and the intent was to allow it to
override some (all?) ICANON behavior. Quoting from that original commit
message:
There is a new bit in the termios local flag word, EXTPROC.
When this bit is set, several aspects of the terminal driver
are disabled. Input line editing, character echo, and mapping
of signals are all disabled. This allows the telnetd to turn
off these functions when in linemode, but still keep track of
what state the user wants the terminal to be in.
but the problem turns out that "several aspects of the terminal driver
are disabled" is a bit ambiguous, and you can really confuse the n_tty
layer by setting EXTPROC and then causing some of the ICANON invariants
to no longer be maintained.
This fixes at least one such case (TIOCINQ) becoming unhappy because of
the confusion over whether ICANON really means ICANON when EXTPROC is set.
This basically makes TIOCINQ match the case of read: if EXTPROC is set,
we ignore ICANON. Also, make sure to reset the ICANON state ie EXTPROC
changes, not just if ICANON changes.
Fixes: 26df6d13406d ("tty: Add EXTPROC support for LINEMODE")
Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Reported-by: syzkaller <syzkaller@googlegroups.com>
Cc: Jiri Slaby <jslaby@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/tty/n_tty.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/drivers/tty/n_tty.c
+++ b/drivers/tty/n_tty.c
@@ -1809,7 +1809,7 @@ static void n_tty_set_termios(struct tty
{
struct n_tty_data *ldata = tty->disc_data;
- if (!old || (old->c_lflag ^ tty->termios.c_lflag) & ICANON) {
+ if (!old || (old->c_lflag ^ tty->termios.c_lflag) & (ICANON | EXTPROC)) {
bitmap_zero(ldata->read_flags, N_TTY_BUF_SIZE);
ldata->line_start = ldata->read_tail;
if (!L_ICANON(tty) || !read_cnt(ldata)) {
@@ -2525,7 +2525,7 @@ static int n_tty_ioctl(struct tty_struct
return put_user(tty_chars_in_buffer(tty), (int __user *) arg);
case TIOCINQ:
down_write(&tty->termios_rwsem);
- if (L_ICANON(tty))
+ if (L_ICANON(tty) && !L_EXTPROC(tty))
retval = inq_canon(ldata);
else
retval = read_cnt(ldata);
next prev parent reply other threads:[~2018-01-01 14:24 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-01 14:22 [PATCH 3.18 00/32] 3.18.91-stable review Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 01/32] ACPI: APEI / ERST: Fix missing error handling in erst_reader() Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 02/32] crypto: mcryptd - protect the per-CPU queue with a lock Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 03/32] mfd: twl4030-audio: Fix sibling-node lookup Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 04/32] mfd: twl6040: Fix child-node lookup Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 05/32] ALSA: rawmidi: Avoid racy info ioctl via ctl device Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 06/32] ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 07/32] PCI / PM: Force devices to D0 in pci_pm_thaw_noirq() Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 08/32] parisc: Hide Diva-built-in serial aux and graphics card Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 09/32] KVM: X86: Fix load RFLAGS w/o the fixed bit Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 10/32] powerpc/perf: Dereference BHRB entries safely Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 11/32] net: mvneta: clear interface link status on port disable Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 12/32] tracing: Remove extra zeroing out of the ring buffer page Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 13/32] tracing: Fix possible double free on failure of allocating trace buffer Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 14/32] tracing: Fix crash when it fails to alloc ring buffer Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 15/32] ring-buffer: Mask out the info bits when returning buffer page length Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 16/32] ASoC: twl4030: fix child-node lookup Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 17/32] kbuild: add -fno-stack-check to kernel build options Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 18/32] ipv4: igmp: guard against silly MTU values Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 19/32] ipv6: mcast: better catch silly mtu values Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 20/32] net: igmp: Use correct source address on IGMPv3 reports Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 21/32] netlink: Add netns check on taps Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 22/32] net: qmi_wwan: add Sierra EM7565 1199:9091 Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 23/32] tcp md5sig: Use skbs saddr when replying to an incoming segment Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 24/32] tg3: Fix rx hang on MTU change with 5717/5719 Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 25/32] net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 26/32] sctp: Replace use of sockets_allocated with specified macro Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 27/32] net: ipv4: fix for a race condition in raw_sendmsg Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 28/32] USB: serial: option: add support for Telit ME910 PID 0x1101 Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 29/32] usb: Add device quirk for Logitech HD Pro Webcam C925e Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 30/32] usb: add RESET_RESUME for ELSA MicroLink 56K Greg Kroah-Hartman
2018-01-01 14:22 ` [PATCH 3.18 31/32] usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 Greg Kroah-Hartman
2018-01-01 14:22 ` Greg Kroah-Hartman [this message]
2018-01-01 18:07 ` [PATCH 3.18 00/32] 3.18.91-stable review kernelci.org bot
2018-01-02 16:46 ` Guenter Roeck
2018-01-02 22:22 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180101140019.583034666@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=jslaby@suse.com \
--cc=linux-kernel@vger.kernel.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=stable@vger.kernel.org \
--cc=syzkaller@googlegroups.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox