Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp2225215pxb; Mon, 12 Apr 2021 18:34:39 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyELQU0Y4mcEySbBPBSVAXfuLp0JpfrLtUv77cI3H1/RV0uKG6bqED8mTrPHx7Ibjl7BISk X-Received: by 2002:aa7:9843:0:b029:24e:8215:f546 with SMTP id n3-20020aa798430000b029024e8215f546mr5006591pfq.10.1618277679289; Mon, 12 Apr 2021 18:34:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618277679; cv=none; d=google.com; s=arc-20160816; b=QUapvpA7D3h14wApMxx9L0v2sq71IlEV8dF8wGvx6PqS3wlg1NlRKw/EMl/cSiYfXP Fen7x/sK0JM6ncbP8vALPQoEzpFfRF9iIT5v5BD2yxoFSCS90tWKEqR4Ep/s5bbloFw7 UcPrWFjrXj/hOemPHGFw4tmN7VP8T6mqw7Np6StkCEGe354vXJxs7SiLxJMp9q8AELDj NlTusm7ku5O6Sg/habKGpCn9mDgEPScEVCHLydp8Ji12H3P1y5IiA8wFSq2yLvWPL/4L V9WaE7CCh64Pb8Xa3jJ0iIoLhohhfhcIqLZRT0JNdUaFBHpUYQ/7EzJ/a/tdTiVZcT+x 4/cQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=rju2giUOEbXrwNHF8EXBEaeGCCOhDatpgqjENNObKvI=; b=IWVKr0LFdq2pPZBcQF4qv+hCyuydmv4fXUMhpauPVQiVrwKTrh9Ikx2uBKpLM9Vjpm pKi8SwFsBADnims5DGHkVNIm1qG2tJ/A0aVWPJrQ7kFH6e2ovhNqs1DNQ/Xuyfmou0Rl 4WOchv62i6aiJC56KBtHMwjUk1811RnpYIqkLZJjHZN6AdOndeLHBnuRFB1yFRhZD56K Ru9SNBGLBa+AksxJjGWMnN26z74vz2QAwfW4fpxG97YdP8eA7NmwMD08DzeJt1RghGD7 VR803ULU+w9y9OTT38WBF1cAqg4vNB/X98eCK1lh585+mbmV79dyOkoQrmVFhYGlY8c0 xNWw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Td6fSxOD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g18si15626614pgi.184.2021.04.12.18.34.27; Mon, 12 Apr 2021 18:34:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Td6fSxOD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240822AbhDLMFR (ORCPT + 99 others); Mon, 12 Apr 2021 08:05:17 -0400 Received: from mail.kernel.org ([198.145.29.99]:43610 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240815AbhDLMFQ (ORCPT ); Mon, 12 Apr 2021 08:05:16 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id D5C5561278; Mon, 12 Apr 2021 12:04:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1618229098; bh=xdrYUH4/jDF35cvZx/pzEQSYElhm/upOwIxaqWCv2pY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Td6fSxOD8m8yQFA5BaZK/zIeZlOVgo3bJtV3gcLx1GEdMel67+RM9dBrPYoOJXyzg jbWAAVLNXpt8SNaBPdUMWTvokXP/cpvnUJuOi5dNhMSoR9nvtPIYYRgsaqeuQbDmcD xE1j2OjiAuyOzgNJATV00TwUOIll5aFoXAyCUnnA= Date: Mon, 12 Apr 2021 14:04:55 +0200 From: Greg Kroah-Hartman To: Tetsuo Handa Cc: Samo Pogacnik , Petr Mladek , Jiri Slaby , Sergey Senozhatsky , Steven Rostedt , John Ogness , linux-kernel@vger.kernel.org, syzkaller-bugs Subject: Re: How to handle concurrent access to /dev/ttyprintk ? Message-ID: References: <20210403041444.4081-1-penguin-kernel@I-love.SAKURA.ne.jp> <3c15d32f-c568-7f6f-fa7e-af4deb9b49f9@i-love.sakura.ne.jp> <051b550c-1cdd-6503-d2b7-0877bf0578fc@i-love.sakura.ne.jp> <32e75be6-6e9f-b33f-d585-13db220519da@i-love.sakura.ne.jp> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <32e75be6-6e9f-b33f-d585-13db220519da@i-love.sakura.ne.jp> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 12, 2021 at 08:25:27PM +0900, Tetsuo Handa wrote: > On 2021/04/12 19:44, Greg Kroah-Hartman wrote: > > And trying to "open exclusive only" just does not work, the kernel can > > not enforce that at all, sorry. Any driver that you see trying to do > > that is trivial to work around in userspace, making the kernel code > > pointless. > > You mean something like below cannot be used? > > diff --git a/drivers/char/ttyprintk.c b/drivers/char/ttyprintk.c > index 6a0059e508e3..57200569918a 100644 > --- a/drivers/char/ttyprintk.c > +++ b/drivers/char/ttyprintk.c > @@ -84,14 +84,26 @@ static int tpk_printk(const unsigned char *buf, int count) > return count; > } > > +static DEFINE_MUTEX(open_close_lock); Hah, nope, does not work at all! Think about sending an open file descriptor all around the system, or through a pipe, your "open only once" check does not prevent that at all. > > Like any tty port, if you have multiple accesses, all bets are off and > > hilarity ensues. Just don't do that and expect things to be working > > well. > > Since syzkaller is a fuzzer, syzkaller happily opens /dev/ttyprintk from > multiple threads. Should we update syzkaller to use CONFIG_TTY_PRINTK=n ? Why? Can you not hit the same tty code paths from any other tty driver being open multiple times? Why is ttyprintk somehow "special" here? thanks, greg k-h