Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp817723lqt; Fri, 19 Apr 2024 11:13:28 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUdQ+w1NZdLIGcpvJMs12DbIpio0vqTLgLHdBsrIYPbeN19wf9NKp6bdl3AXyXpXek4PhIjy9MHHYFJGi8LHJznF/Go5UZF5EQu0SqAmw== X-Google-Smtp-Source: AGHT+IFdR44ki8VwsMOALIGutuEnH24ffgffSgZ4+sMF1sLIb3XQOBC8kSnr6KwZX3H+63GTjJup X-Received: by 2002:a50:cd4f:0:b0:570:5e7d:95ec with SMTP id d15-20020a50cd4f000000b005705e7d95ecmr2330198edj.6.1713550407646; Fri, 19 Apr 2024 11:13:27 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713550407; cv=pass; d=google.com; s=arc-20160816; b=Eto+vzggjsR4vxc15xkLQlZbBhZKN4ldoQ9xxfEKM8IYGVGtLBjJVRkNF5nZZNJXPS 1UeZHc6ICGNkwH9fkycY/0sT7ImeEUcmP94gJYRLAmA50oTmpG1v2+RSVPWEO6+L9klM M17ytyAa2LJj5kRXwuT3C1Av7bERXP7udpNrALa+nmVAcFHjfav7q7wfjM13XCned5xv dVeKDEwXaN++vexAA1U9Jr8wJqZM94mo+4bfDCjL7moM3ztr/F+/HHjHdQHWjFbt1Jtq feSV1CwzoaBsU6qWAc5lEYotcAbJnB+waa6+0ecOqpCq2VdhioRszcdDnhPJG3dAx3E5 Wddw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=wXuQiZ6Uxljth7h4zsRrHEZmoGaHKO2VIyJBKdyFiaI=; fh=BHydNZZZzy96/6hTj4qU26FgCvsmDaoc9mZTrbDwmo4=; b=VNfrViy497XkzExf+9rk7s+2ARbkRLzRhLxl+kSOHnniPm1ZxKaYPhR4IPi7fUUF9C wnSUG+lVakZmZzT2POj/AgvAgER783uJrtwHr8R+tfCtQpZhc4mQJqmVd8KroS6orkhK 3OHBiKj2vMpT8JDL/w/lytZmJZzxB7pu5DJAc9zqb2xYsY1GGRbJU5kfY9vfCkiowejW hTPwY1nFoHs6pTmyUAeDyBY/8knHnoXZlegM0g6SxF/D7SM21ArnDI1HrozxaScfdHw3 NkPifz1QmyUDK2Rgc1acnxkO9TvA3//gUyGVlFXKFsDLn4Crbfikbh6EHBYoIHgWCr3H fGjw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b="ls7XD/PU"; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-151860-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151860-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id u23-20020aa7d997000000b0056e7410dc3csi2331445eds.491.2024.04.19.11.13.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 11:13:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-151860-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b="ls7XD/PU"; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-151860-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151860-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 619311F22D0E for ; Fri, 19 Apr 2024 18:13:27 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 34BC813BC3A; Fri, 19 Apr 2024 18:13:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ls7XD/PU" Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3AB3D77F13; Fri, 19 Apr 2024 18:13:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.176 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713550398; cv=none; b=DHRcQCzAg+JoJ+dQxQ8RaPlXogMr1toljtwKz/13jyzECr5nMdXChHKIBqL8x5HHPG+Lg4s2QdE3WoV86/T37Vvn9H0rNhDw0Dq3tx/KYG4dNzFol9ybq89o7vFmoMsWcxye8PALu2qsvo/U0loklCavJIC6isPfL4dBdZ1l6Qg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713550398; c=relaxed/simple; bh=hOoTnHiBwf2rX2MwVUrEk0jw4KfQYDg5tOPaL5cUa0w=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=D7kSbVvoZiwVp9I7EdSi7EVL7vaeShTv6RWXjEz/NAgONStwYBPgQ70gmXpdyhd1CeMzHUWWyzd0G8XN/cy/zlM60iJWU+qjfR6QZ7y3ByK5OmC1xspe6txqwkJi6TQcPC2udp93ZDgB/YIEhpWTdyojhFTSpzijW++zlqMVmFw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ls7XD/PU; arc=none smtp.client-ip=209.85.210.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-6f103b541aeso180666b3a.3; Fri, 19 Apr 2024 11:13:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1713550396; x=1714155196; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wXuQiZ6Uxljth7h4zsRrHEZmoGaHKO2VIyJBKdyFiaI=; b=ls7XD/PUuZVrS7t429gpMqgX313kAKXXk/6ul12jXoYy2E36nL8IdmthFEVJOxvaFE vazT9CInI9Mn674XQd53aIa/zdKuoLRAYZPPBArrvth4mhHxdigVDuOdco52YtQ5RoqI H4YkA1BmS2jbtRmLTGImPlkgAeEh2GXDcgpplsLEV+sZoY6NvWxB0t0we5jV0A/PwtdM +o+0FAWVnz6ePHZKqm3I2BX+JzlhOPWmxC60OjtHgoFbu77j8OPZnTWNJnbYjZ8YBN64 HJ2OEcqHzqWJQXIWUSOA9uz5AS/U40rWLBTG5RKY6yoDVTXAtg8UxZIpfNrbM3XK29J+ sV9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713550396; x=1714155196; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wXuQiZ6Uxljth7h4zsRrHEZmoGaHKO2VIyJBKdyFiaI=; b=p8b8vwGvelTQXWhgV0es+RwLkhJtkKBDRxXeCnmoevj9pnPU/OEKYWAQ5Tiaq3SLJs RZWpoW4bRj02hiF2G/wItGK0b+l6x08Jse0xbhhpKue7tmuLFFEI6kRTd0hEe3ZJiTLk InpTEqLPlbSx+2z/cwKXjCuS20PD71/YchSRIQXjQ6qPKNXZEaV2A0qopg7X6zE/WUij vf8aHhJ0YnCEK9JP9TG/AQUKiljTaOUfDQUvRoNeypK3PIo83RyFppzR5OamAVKGyTcf 5iVJhsQa6Ky/mGyOjQH1ohq8Hi9cXIefRWBfeY0HfVt/BAAKpKlpXWMppuSd9+QhDFiA Rknw== X-Forwarded-Encrypted: i=1; AJvYcCXMS/nf1bWZgE2JZjt31ZUr8fc2vrQE4mx7/r9GnK3dADuh3SRMAojDHj/UrHMICi+YNtNR8UmnM47bNVprlGe5pN/p+lD2URRu6v5vv9h2PDIULhp/pApcQ1dKkGaB4soUxcTEaV+Fc/EPkK6k8SeOR9nruuPprkXHn1nh1jMZ X-Gm-Message-State: AOJu0YzGGpulgb08Lzb5D910i2/daTWtsDcZvI9OhPMqlsE+H+iLrP8o CX3KZ1xm2z3Lbf5WOkg1URWAoe0rigNB0r0l8UjLACRc+nsetFhWGN6ALxUZ/+I= X-Received: by 2002:a05:6a20:96db:b0:1a9:5e63:501b with SMTP id hq27-20020a056a2096db00b001a95e63501bmr2934392pzc.44.1713550396318; Fri, 19 Apr 2024 11:13:16 -0700 (PDT) Received: from kernelexploit-virtual-machine.localdomain ([121.185.186.233]) by smtp.gmail.com with ESMTPSA id x16-20020a17090a531000b002a537abb536sm5148563pjh.57.2024.04.19.11.13.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 11:13:15 -0700 (PDT) From: Jeongjun Park To: syzbot+393d0ef63475d9bb1f16@syzkaller.appspotmail.com Cc: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, linux-kernel@vger.kernel.org, linux-ppp@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, syzkaller-bugs@googlegroups.com, Jeongjun Park Subject: [PATCH net,v2] net: ppp: Fix deadlock caused by unsafe-irq lock in ap_get() Date: Sat, 20 Apr 2024 03:12:38 +0900 Message-Id: <20240419181238.29399-1-aha310510@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <000000000000423dd10611261d47@google.com> References: <000000000000423dd10611261d47@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit read_lock() present in ap_get() is interrupt-vulnerable, so the function needs to be modified. Reported-by: syzbot+393d0ef63475d9bb1f16@syzkaller.appspotmail.com Signed-off-by: Jeongjun Park --- drivers/net/ppp/ppp_async.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/ppp/ppp_async.c b/drivers/net/ppp/ppp_async.c index c33c3db3cc08..d12b8155e839 100644 --- a/drivers/net/ppp/ppp_async.c +++ b/drivers/net/ppp/ppp_async.c @@ -134,11 +134,11 @@ static struct asyncppp *ap_get(struct tty_struct *tty) { struct asyncppp *ap; - read_lock(&disc_data_lock); + read_lock_irq(&disc_data_lock); ap = tty->disc_data; if (ap != NULL) refcount_inc(&ap->refcnt); - read_unlock(&disc_data_lock); + read_unlock_irq(&disc_data_lock); return ap; } -- 2.34.1