In the Linux kernel, the following vulnerability has been resolved: tty:
tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp
testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft
lockup, which look like this one: Workqueue: events_unbound flush_to_ldisc
Call trace: dump_backtrace+0x0/0x1ec show_stack+0x24/0x30
dump_stack+0xd0/0x128 panic+0x15c/0x374 watchdog_timer_fn+0x2b8/0x304
__run_hrtimer+0x88/0x2c0 __hrtimer_run_queues+0xa4/0x120
hrtimer_interrupt+0xfc/0x270 arch_timer_handler_phys+0x40/0x50
handle_percpu_devid_irq+0x94/0x220 __handle_domain_irq+0x88/0xf0
gic_handle_irq+0x84/0xfc el1_irq+0xc8/0x180 slip_unesc+0x80/0x214 [slip]
tty_ldisc_receive_buf+0x64/0x80 tty_port_default_receive_buf+0x50/0x90
flush_to_ldisc+0xbc/0x110 process_one_work+0x1d4/0x4b0
worker_thread+0x180/0x430 kthread+0x11c/0x120 In the testcase pty04, The
first process call the write syscall to send data to the pty master. At the
same time, the workqueue will do the flush_to_ldisc to pop data in a loop
until there is no more data left. When the sender and workqueue running in
different core, the sender sends data fastly in full time which will result
in workqueue doing work in loop for a long time and occuring softlockup in
flush_to_ldisc with kernel configured without preempt. So I add
need_resched check and cond_resched in the flush_to_ldisc loop to avoid it.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure-4.15 | < any | UNKNOWN |
git.kernel.org/linus/3968ddcf05fb4b9409cd1859feb06a5b0550a1c1 (5.16-rc1)
git.kernel.org/stable/c/0380f643f3a7a61b0845cdc738959c2ad5735d61
git.kernel.org/stable/c/3968ddcf05fb4b9409cd1859feb06a5b0550a1c1
git.kernel.org/stable/c/4c1623651a0936ee197859824cdae6ebbd04d3ed
git.kernel.org/stable/c/4f300f47dbcf9c3d4b2ea76c8554c8f360400725
git.kernel.org/stable/c/5c34486f04700f1ba04907231dce0cc2705c2d7d
git.kernel.org/stable/c/77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41
git.kernel.org/stable/c/b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc
git.kernel.org/stable/c/d491c84df5c469dd9621863b6a770b3428137063
launchpad.net/bugs/cve/CVE-2021-47185
nvd.nist.gov/vuln/detail/CVE-2021-47185
security-tracker.debian.org/tracker/CVE-2021-47185
www.cve.org/CVERecord?id=CVE-2021-47185