[PATCH] ppp: Fix deadlock caused by unsafe-irq lock in ap_get()

From: Jeongjun Park
Date: Thu Apr 18 2024 - 13:59:27 EST

Next message: Dmitry Baryshkov: "Re: [PATCH 2/2] usb: typec: qcom-pmic: fix pdphy start() error handling"
Previous message: Andy Shevchenko: "Re: [PATCH v3 1/3] serial: sc16is7xx: announce support of SER_RS485_RTS_ON_SEND"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

read_lock() present in ap_get() is interrupt-vulnerable, so the function needs to be modified.

Reported-by: syzbot+393d0ef63475d9bb1f16@xxxxxxxxxxxxxxxxxxxxxxxxx
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Jeongjun Park <aha310510@xxxxxxxxx>
---
drivers/net/ppp/ppp_async.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/net/ppp/ppp_async.c b/drivers/net/ppp/ppp_async.c
index c33c3db3cc08..dc1d4633428a 100644
--- a/drivers/net/ppp/ppp_async.c
+++ b/drivers/net/ppp/ppp_async.c
@@ -133,12 +133,13 @@ static DEFINE_RWLOCK(disc_data_lock);
static struct asyncppp *ap_get(struct tty_struct *tty)
{
struct asyncppp *ap;
+ unsigned long flags;

- read_lock(&disc_data_lock);
+ flags = read_lock_irqsave(&disc_data_lock);
ap = tty->disc_data;
if (ap != NULL)
refcount_inc(&ap->refcnt);
- read_unlock(&disc_data_lock);
+ read_unlock_irqrestore(&disc_data_lock, flags);
return ap;
}

--
2.34.1

Next message: Dmitry Baryshkov: "Re: [PATCH 2/2] usb: typec: qcom-pmic: fix pdphy start() error handling"
Previous message: Andy Shevchenko: "Re: [PATCH v3 1/3] serial: sc16is7xx: announce support of SER_RS485_RTS_ON_SEND"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]