OrgACRN
/
acrn-kernel
mirror of https://github.com/projectacrn/acrn-kernel.git
1
0
Fork 0
Code Issues Releases Wiki Activity
acrn-kernel/sound/core
History
Takashi Iwai 3eb4e47a94 ALSA: pcm: Fix potential data race at PCM memory allocation helpers 
commit bd55842ed9 upstream.

The PCM memory allocation helpers have a sanity check against too many
buffer allocations.  However, the check is performed without a proper
lock and the allocation isn't serialized; this allows user to allocate
more memories than predefined max size.

Practically seen, this isn't really a big problem, as it's more or
less some "soft limit" as a sanity check, and it's not possible to
allocate unlimitedly.  But it's still better to address this for more
consistent behavior.

The patch covers the size check in do_alloc_pages() with the
card->memory_mutex, and increases the allocated size there for
preventing the further overflow.  When the actual allocation fails,
the size is decreased accordingly.

Reported-by: BassCheck <bass@buaa.edu.cn>
Reported-by: Tuo Li <islituo@gmail.com>
Link: https://lore.kernel.org/r/CADm8Tek6t0WedK+3Y6rbE5YEt19tML8BUL45N2ji4ZAz1KcN_A@mail.gmail.com
Reviewed-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20230703112430.30634-1-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2023-07-19 16:21:47 +02:00
..
oss ALSA: oss: avoid missing-prototype warnings 2023-06-09 10:34:16 +02:00
seq ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event 2022-11-19 09:20:11 +01:00
Kconfig ALSA: control: Add input validation 2022-06-15 07:45:28 +02:00
Makefile
compress_offload.c ALSA: compress: Fix kernel doc warnings 2022-07-13 13:42:36 +02:00
control.c ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF 2023-01-14 10:33:44 +01:00
control_compat.c
control_led.c ALSA: control-led: use strscpy in set_led_id() 2023-01-18 11:58:09 +01:00
ctljack.c
device.c ALSA: core: Fix missing return value comments for kernel docs 2022-07-13 13:42:38 +02:00
hrtimer.c
hwdep.c
hwdep_compat.c
info.c ALSA: info: Fix llseek return value when using callback 2022-08-17 15:13:30 +02:00
info_oss.c
init.c ALSA: core: Fix double-free at snd_card_new() 2022-09-19 14:36:06 +02:00
isadma.c sound updates for 6.0-rc1 2022-08-06 10:19:51 -07:00
jack.c ALSA: jack: Fix mutex call in snd_jack_report() 2023-07-19 16:21:47 +02:00
memalloc.c ALSA: memalloc: Workaround for Xen PV 2023-02-09 11:28:02 +01:00
memalloc_local.h ALSA: memalloc: remove snd_dma_sg_ops declaration 2022-09-09 09:09:40 +02:00
memory.c
misc.c ALSA: core: Add async signal helpers 2022-07-29 12:57:10 +02:00
pcm.c ALSA: pcm: Avoid reference to status->state 2022-09-27 08:44:05 +02:00
pcm_compat.c ALSA: pcm: Avoid reference to status->state 2022-09-27 08:44:05 +02:00
pcm_dmaengine.c ALSA: dmaengine: increment buffer pointer atomically 2022-09-27 08:55:05 +02:00
pcm_drm_eld.c
pcm_iec958.c
pcm_lib.c ALSA: usb-audio: Fix recursive locking at XRUN during syncing 2023-04-06 12:10:43 +02:00
pcm_local.h
pcm_memory.c ALSA: pcm: Fix potential data race at PCM memory allocation helpers 2023-07-19 16:21:47 +02:00
pcm_misc.c
pcm_native.c ALSA: pcm: Set missing stop_operating flag at undoing trigger start 2022-12-31 13:32:22 +01:00
pcm_param_trace.h
pcm_timer.c
pcm_trace.h
rawmidi.c ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() 2022-10-11 09:02:32 +02:00
rawmidi_compat.c
seq_device.c
sound.c
sound_oss.c ALSA: oss: Fix potential deadlock at unregistration 2022-10-11 09:02:43 +02:00
timer.c ALSA: timer: Use deferred fasync helper 2022-07-29 12:57:11 +02:00
timer_compat.c
vmaster.c ALSA: core: Fix missing return value comments for kernel docs 2022-07-13 13:42:38 +02:00