mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-25 18:30:06 +00:00
Code Issues Releases Wiki Activity
linux-stable/sound/core
History
Takashi Iwai b5a663aa42 ALSA: timer: Harden slave timer list handling 
A slave timer instance might be still accessible in a racy way while
operating the master instance as it lacks of locking.  Since the
master operation is mostly protected with timer->lock, we should cope
with it while changing the slave instance, too.  Also, some linked
lists (active_list and ack_list) of slave instances aren't unlinked
immediately at stopping or closing, and this may lead to unexpected
accesses.

This patch tries to address these issues.  It adds spin lock of
timer->lock (either from master or slave, which is equivalent) in a
few places.  For avoiding a deadlock, we ensure that the global
slave_active_lock is always locked at first before each timer lock.

Also, ack and active_list of slave instances are properly unlinked at
snd_timer_stop() and snd_timer_close().

Last but not least, remove the superfluous call of _snd_timer_stop()
at removing slave links.  This is a noop, and calling it may confuse
readers wrt locking.  Further cleanup will follow in a later patch.

Actually we've got reports of use-after-free by syzkaller fuzzer, and
this hopefully fixes these issues.

Reported-by: Dmitry Vyukov <dvyukov@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2016-01-15 15:50:34 +01:00
..
oss ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc 2015-12-20 22:31:02 +01:00
seq ALSA: seq: Fix race at timer setup and close 2016-01-12 17:50:41 +01:00
compress_offload.c ALSA: compress: add support for 32bit calls in a 64bit kernel 2015-12-07 10:44:48 +01:00
control.c ALSA: ctl: fix to handle several elements added by one operation for userspace element 2015-04-13 10:31:49 +02:00
control_compat.c ALSA: control: Use standard printk helpers 2014-02-14 08:14:14 +01:00
ctljack.c ALSA: jack: Fix endless loop at unique index detection 2015-06-26 06:59:57 +02:00
device.c Merge branch 'topic/hda-unbind' into for-next 2015-03-16 14:48:20 +01:00
hrtimer.c sound: Use hrtimer_resolution instead of hrtimer_get_res() 2015-04-22 17:06:48 +02:00
hwdep.c ALSA: replace CONFIG_PROC_FS with CONFIG_SND_PROC_FS 2015-05-27 21:25:19 +02:00
hwdep_compat.c
info.c ALSA: info: Drop kerneldoc comment from snd_info_create_entry() 2015-05-18 09:45:11 +02:00
info_oss.c ALSA: core: Clean up OSS proc file management 2015-04-24 17:31:08 +02:00
init.c ALSA: hda_intel: add card number to irq description 2016-01-12 21:05:16 +01:00
isadma.c ALSA: core: Use standard printk helpers 2014-02-14 08:14:15 +01:00
jack.c ALSA: jack: Remove MODULE_*() macros 2015-05-21 11:32:51 +02:00
Kconfig ALSA: timer: add config item to export PCM timer disabling for expert 2015-10-16 14:31:38 +02:00
Makefile ALSA: timer: add config item to export PCM timer disabling for expert 2015-10-16 14:31:38 +02:00
memalloc.c genalloc: rename of_get_named_gen_pool() to of_gen_pool_get() 2015-06-30 19:45:01 -07:00
memory.c ALSA: Include linux/uaccess.h and linux/bitopts.h instead of asm/* 2015-01-28 17:25:07 +01:00
misc.c ALSA: Allow pass NULL dev for snd_pci_quirk_lookup() 2014-10-08 12:08:38 +02:00
pcm.c ALSA: pcm: remove structure member of 'struct snd_pcm_hwptr_log *' type because this structure had been removed 2015-09-13 12:03:15 +02:00
pcm_compat.c ALSA: core: pass audio tstamp config from userspace in compat mode 2015-02-20 17:30:05 +01:00
pcm_dmaengine.c ALSA: Fix spelling typo in Documentation/DocBook/alsa-driver-api.xml 2015-03-04 12:12:59 +01:00
pcm_drm_eld.c ALSA: pcm: add DRM ELD helper 2015-05-22 16:01:44 +02:00
pcm_iec958.c ALSA: pcm: add IEC958 channel status helper 2015-05-22 16:01:47 +02:00
pcm_lib.c ALSA: Constify ratden/ratnum constraints 2015-10-28 11:42:22 +01:00
pcm_memory.c ALSA: Include linux/io.h instead of asm/io.h 2015-01-28 16:49:33 +01:00
pcm_misc.c ALSA: pcm: Add big-endian DSD sample formats and fix XMOS DSD sample format 2014-11-21 15:13:28 +01:00
pcm_native.c ALSA: pcm: constify action_ops structures 2015-11-30 11:39:13 +01:00
pcm_timer.c ALSA: pcm: Use standard printk helpers 2014-02-14 08:14:15 +01:00
pcm_trace.h ALSA: pcm: Replace PCM hwptr tracking with tracepoints 2014-11-04 14:09:14 +01:00
rawmidi.c ALSA: core: Drop superfluous error/debug messages after malloc failures 2015-03-10 15:42:14 +01:00
rawmidi_compat.c
rtctimer.c ALSA: timer: Use standard printk helpers 2014-02-14 08:14:17 +01:00
sgbuf.c ALSA: core: Deletion of unnecessary checks before two function calls 2014-11-21 20:06:57 +01:00
sound.c ALSA: replace CONFIG_PROC_FS with CONFIG_SND_PROC_FS 2015-05-27 21:25:19 +02:00
sound_oss.c ALSA: replace CONFIG_PROC_FS with CONFIG_SND_PROC_FS 2015-05-27 21:25:19 +02:00
timer.c ALSA: timer: Harden slave timer list handling 2016-01-15 15:50:34 +01:00
timer_compat.c
vmaster.c ALSA: core: Use standard printk helpers 2014-02-14 08:14:15 +01:00