github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
2c74374c2e
linux/include
History
Takashi Iwai 0f6947f5f5 ALSA: pcm: Fix races among concurrent hw_params and hw_free calls 
commit 92ee3c60ec upstream.

Currently we have neither proper check nor protection against the
concurrent calls of PCM hw_params and hw_free ioctls, which may result
in a UAF.  Since the existing PCM stream lock can't be used for
protecting the whole ioctl operations, we need a new mutex to protect
those racy calls.

This patch introduced a new mutex, runtime->buffer_mutex, and applies
it to both hw_params and hw_free ioctl code paths.  Along with it, the
both functions are slightly modified (the mmap_count check is moved
into the state-check block) for code simplicity.

Reported-by: Hu Jiahui <kirin.say@gmail.com>
Cc: <stable@vger.kernel.org>
Reviewed-by: Jaroslav Kysela <perex@perex.cz>
Link: https://lore.kernel.org/r/20220322170720.3529-2-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-03-28 09:57:09 +02:00
..
acpi ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions 2022-01-27 10:54:18 +01:00
asm-generic vmlinux.lds.h: Handle clang's module.{c,d}tor sections 2021-08-18 08:59:18 +02:00
clocksource clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG 2021-07-14 16:56:12 +02:00
crypto crypto: public_key: fix overflow during implicit conversion 2021-09-18 13:40:08 +02:00
drm drm: protect drm_master pointers in drm_lease.c 2021-09-18 13:40:19 +02:00
dt-bindings clk: imx8mq: remove SYS PLL 1/2 clock gates 2021-07-14 16:56:20 +02:00
keys certs: Add EFI_CERT_X509_GUID support for dbx entries 2021-06-30 08:47:30 -04:00
kunit
kvm
linux net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() 2022-03-23 09:13:28 +01:00
math-emu
media media: subdev: disallow ioctl for saa6588/davinci 2021-07-19 09:45:02 +02:00
memory memory: renesas-rpc-if: Correct QSPI data transfer in Manual mode 2021-11-18 14:03:47 +01:00
misc
net esp: Fix possible buffer overflow in ESP transformation 2022-03-23 09:13:29 +01:00
pcmcia
ras
rdma RDMA/netlink: Add __maybe_unused to static inline in C file 2021-11-26 10:39:21 +01:00
scsi scsi: iscsi: Fix conn use after free during resets 2021-07-20 16:05:41 +02:00
soc firmware: raspberrypi: Keep count of all consumers 2021-09-15 09:50:41 +02:00
sound ALSA: pcm: Fix races among concurrent hw_params and hw_free calls 2022-03-28 09:57:09 +02:00
target scsi: target: Fix ordered tag handling 2021-11-26 10:39:11 +01:00
trace cgroup: Trace event cgroup id fields should be u64 2022-01-27 10:53:52 +01:00
uapi HID: add mapping for KEY_ALL_APPLICATIONS 2022-03-08 19:09:38 +01:00
vdso
video
xen xen/gnttab: fix gnttab_end_foreign_access() without page specified 2022-03-11 12:11:54 +01:00