diff options
Diffstat (limited to 'debian/patches-rt/0082-printk-limit-second-loop-of-syslog_print_all.patch')
| -rw-r--r-- | debian/patches-rt/0082-printk-limit-second-loop-of-syslog_print_all.patch | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/debian/patches-rt/0082-printk-limit-second-loop-of-syslog_print_all.patch b/debian/patches-rt/0082-printk-limit-second-loop-of-syslog_print_all.patch new file mode 100644 index 000000000..41d143e99 --- /dev/null +++ b/debian/patches-rt/0082-printk-limit-second-loop-of-syslog_print_all.patch @@ -0,0 +1,56 @@ +From 6769883ba30e543644f62ababe6910c6774f1885 Mon Sep 17 00:00:00 2001 +From: John Ogness <john.ogness@linutronix.de> +Date: Wed, 17 Feb 2021 16:15:31 +0100 +Subject: [PATCH 082/323] printk: limit second loop of syslog_print_all +Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/5.10/older/patches-5.10.204-rt100.tar.xz + +The second loop of syslog_print_all() subtracts lengths that were +added in the first loop. With commit b031a684bfd0 ("printk: remove +logbuf_lock writer-protection of ringbuffer") it is possible that +records are (over)written during syslog_print_all(). This allows the +possibility of the second loop subtracting lengths that were never +added in the first loop. + +This situation can result in syslog_print_all() filling the buffer +starting from a later record, even though there may have been room +to fit the earlier record(s) as well. + +Fixes: b031a684bfd0 ("printk: remove logbuf_lock writer-protection of ringbuffer") +Signed-off-by: John Ogness <john.ogness@linutronix.de> +Reviewed-by: Petr Mladek <pmladek@suse.com> +--- + kernel/printk/printk.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c +index b0a3f7827819..044bb3791896 100644 +--- a/kernel/printk/printk.c ++++ b/kernel/printk/printk.c +@@ -1497,6 +1497,7 @@ static int syslog_print_all(char __user *buf, int size, bool clear) + struct printk_info info; + unsigned int line_count; + struct printk_record r; ++ u64 max_seq; + char *text; + int len = 0; + u64 seq; +@@ -1515,9 +1516,15 @@ static int syslog_print_all(char __user *buf, int size, bool clear) + prb_for_each_info(clear_seq, prb, seq, &info, &line_count) + len += get_record_print_text_size(&info, line_count, true, time); + ++ /* ++ * Set an upper bound for the next loop to avoid subtracting lengths ++ * that were never added. ++ */ ++ max_seq = seq; ++ + /* move first record forward until length fits into the buffer */ + prb_for_each_info(clear_seq, prb, seq, &info, &line_count) { +- if (len <= size) ++ if (len <= size || info.seq >= max_seq) + break; + len -= get_record_print_text_size(&info, line_count, true, time); + } +-- +2.43.0 + |