From 11e4b63abbe23872b45f325a7c6c8b7f9ff42cad Mon Sep 17 00:00:00 2001

From: Petr Mladek <pmladek@suse.com>

Date: Fri, 2 Jul 2021 17:06:57 +0200

Subject: [PATCH] printk/console: Check consistent sequence number when

 handling race in console_unlock()

Git-commit: 11e4b63abbe23872b45f325a7c6c8b7f9ff42cad

Patch-mainline: 5.15-rc1

References: bsc#1190111 stable-5.14.6

The standard printk() tries to flush the message to the console

immediately. It tries to take the console lock. If the lock is

already taken then the current owner is responsible for flushing

even the new message.

There is a small race window between checking whether a new message is

available and releasing the console lock. It is solved by re-checking

the state after releasing the console lock. If the check is positive

then console_unlock() tries to take the lock again and process the new

message as well.

The commit 996e966640ddea7b535c ("printk: remove logbuf_lock") causes that

console_seq is not longer read atomically. As a result, the re-check might

be done with an inconsistent 64-bit index.

Solve it by using the last sequence number that has been checked under

the console lock. In the worst case, it will take the lock again only

to realized that the new message has already been proceed. But it

was possible even before.

The variable next_seq is marked as __maybe_unused to call down compiler

warning when CONFIG_PRINTK is not defined.

Fixes: commit 996e966640ddea7b535c ("printk: remove logbuf_lock")

Reported-by: kernel test robot <lkp@intel.com>  # unused next_seq warning

Cc: stable@vger.kernel.org # 5.13

Signed-off-by: Petr Mladek <pmladek@suse.com>

Acked-by: Sergey Senozhatsky <senozhatsky@chromium.org>

Reviewed-by: John Ogness <john.ogness@linutronix.de>

Link: https://lore.kernel.org/r/20210702150657.26760-1-pmladek@suse.com

---

 kernel/printk/printk.c | 7 +++++--

 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c

index 142a58d124d9..6dad7da8f383 100644

--- a/kernel/printk/printk.c

+++ b/kernel/printk/printk.c

@@ -2545,6 +2545,7 @@ void console_unlock(void)

 	bool do_cond_resched, retry;

 	struct printk_info info;

 	struct printk_record r;

+	u64 __maybe_unused next_seq;

 	if (console_suspended) {

 		up_console_sem();

@@ -2654,8 +2655,10 @@ void console_unlock(void)

 			cond_resched();

 	}

-	console_locked = 0;

+	/* Get consistent value of the next-to-be-used sequence number. */

+	next_seq = console_seq;

+	console_locked = 0;

 	up_console_sem();

 	/*

@@ -2664,7 +2667,7 @@ void console_unlock(void)

 	 * there's a new owner and the console_unlock() from them will do the

 	 * flush, no worries.

 	 */

-	retry = prb_read_valid(prb, console_seq, NULL);

+	retry = prb_read_valid(prb, next_seq, NULL);

 	printk_safe_exit_irqrestore(flags);

 	if (retry && console_trylock())

-- 

2.26.2