5.10-stable patches

added patches:
	serial-core-check-uartclk-for-zero-to-avoid-divide-by-zero.patch

diff --git a/queue-5.10/serial-core-check-uartclk-for-zero-to-avoid-divide-by-zero.patch b/queue-5.10/serial-core-check-uartclk-for-zero-to-avoid-divide-by-zero.patch
new file mode 100644 (file)
index 0000000..62203bd
--- /dev/null
+++ b/queue-5.10/serial-core-check-uartclk-for-zero-to-avoid-divide-by-zero.patch
@@ -0,0 +1,68 @@
+From 6eabce6608d6f3440f4c03aa3d3ef50a47a3d193 Mon Sep 17 00:00:00 2001
+From: George Kennedy <george.kennedy@oracle.com>
+Date: Wed, 17 Jul 2024 07:24:38 -0500
+Subject: serial: core: check uartclk for zero to avoid divide by zero
+
+From: George Kennedy <george.kennedy@oracle.com>
+
+commit 6eabce6608d6f3440f4c03aa3d3ef50a47a3d193 upstream.
+
+Calling ioctl TIOCSSERIAL with an invalid baud_base can
+result in uartclk being zero, which will result in a
+divide by zero error in uart_get_divisor(). The check for
+uartclk being zero in uart_set_info() needs to be done
+before other settings are made as subsequent calls to
+ioctl TIOCSSERIAL for the same port would be impacted if
+the uartclk check was done where uartclk gets set.
+
+Oops: divide error: 0000  PREEMPT SMP KASAN PTI
+RIP: 0010:uart_get_divisor (drivers/tty/serial/serial_core.c:580)
+Call Trace:
+ <TASK>
+serial8250_get_divisor (drivers/tty/serial/8250/8250_port.c:2576
+    drivers/tty/serial/8250/8250_port.c:2589)
+serial8250_do_set_termios (drivers/tty/serial/8250/8250_port.c:502
+    drivers/tty/serial/8250/8250_port.c:2741)
+serial8250_set_termios (drivers/tty/serial/8250/8250_port.c:2862)
+uart_change_line_settings (./include/linux/spinlock.h:376
+    ./include/linux/serial_core.h:608 drivers/tty/serial/serial_core.c:222)
+uart_port_startup (drivers/tty/serial/serial_core.c:342)
+uart_startup (drivers/tty/serial/serial_core.c:368)
+uart_set_info (drivers/tty/serial/serial_core.c:1034)
+uart_set_info_user (drivers/tty/serial/serial_core.c:1059)
+tty_set_serial (drivers/tty/tty_io.c:2637)
+tty_ioctl (drivers/tty/tty_io.c:2647 drivers/tty/tty_io.c:2791)
+__x64_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:907
+    fs/ioctl.c:893 fs/ioctl.c:893)
+do_syscall_64 (arch/x86/entry/common.c:52
+    (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))
+entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
+
+Reported-by: syzkaller <syzkaller@googlegroups.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: George Kennedy <george.kennedy@oracle.com>
+Rule: add
+Link: https://lore.kernel.org/stable/1721148848-9784-1-git-send-email-george.kennedy%40oracle.com
+Link: https://lore.kernel.org/r/1721219078-3209-1-git-send-email-george.kennedy@oracle.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/tty/serial/serial_core.c |    8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+--- a/drivers/tty/serial/serial_core.c
++++ b/drivers/tty/serial/serial_core.c
+@@ -862,6 +862,14 @@ static int uart_set_info(struct tty_stru
+       new_flags = (__force upf_t)new_info->flags;
+       old_custom_divisor = uport->custom_divisor;
+ 
++      if (!(uport->flags & UPF_FIXED_PORT)) {
++              unsigned int uartclk = new_info->baud_base * 16;
++              /* check needs to be done here before other settings made */
++              if (uartclk == 0) {
++                      retval = -EINVAL;
++                      goto exit;
++              }
++      }
+       if (!capable(CAP_SYS_ADMIN)) {
+               retval = -EPERM;
+               if (change_irq || change_port ||

diff --git a/queue-5.10/series b/queue-5.10/series
index ed7b8d54689e507df8fc14d6ff643fb09fa7d78a..aa9e0a8f17a03c1460b37721ddd4ebf29922d427 100644 (file)
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -326,3 +326,4 @@ scsi-mpt3sas-remove-scsi_dma_map-error-messages.patch
 scsi-mpt3sas-avoid-iommu-page-faults-on-report-zones.patch
 irqchip-meson-gpio-support-more-than-8-channels-gpio.patch
 irqchip-meson-gpio-convert-meson_gpio_irq_controller.patch
+serial-core-check-uartclk-for-zero-to-avoid-divide-by-zero.patch