On Sat, Jun 01, 2019 at 09:25:54AM -0400, Sasha Levin wrote:
> From: Sahara <keun-o.park@xxxxxxxxxxxxx>
>
> [ Upstream commit b9ca5f8560af244489b4a1bc1ae88b341f24bc95 ]
>
> Especially when a linked tty is used such as pty, the linked tty
> port's buf works have not been cancelled while master tty port's
> buf work has been cancelled. Since release_one_tty and flush_to_ldisc
> run in workqueue threads separately, when pty_cleanup happens and
> link tty port is freed, flush_to_ldisc tries to access freed port
> and port->itty, eventually it causes a panic.
> This patch utilizes the magic value with holding the tty_mutex to
> check if the tty->link is valid.
>
> Fixes: 2b022ab7542d ("pty: cancel pty slave port buf's work in tty_release")
> Signed-off-by: Sahara <keun-o.park@xxxxxxxxxxxxx>
> Cc: stable <stable@xxxxxxxxxxxxxxx>
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
> ---
> drivers/tty/pty.c | 7 +++++++
> drivers/tty/tty_io.c | 3 +++
> 2 files changed, 10 insertions(+)
For some reason I did not apply this to the stable kernels, and this
shouldn't only be for 4.4.y, so please drop this.
thanks,
greg k-h
