[v2] control_hw: Fix issue when applying seccomp policy

Message ID	20180817031227.187676-1-hychao@chromium.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <alsa-devel-bounces@alsa-project.org> From: Hsin-Yu Chao <hychao@chromium.org> To: alsa-devel@alsa-project.org Date: Fri, 17 Aug 2018 11:12:27 +0800 Message-Id: <20180817031227.187676-1-hychao@chromium.org> Cc: vinod.koul@intel.com, dgreid@chromium.org, Hsin-Yu Chao <hychao@chromium.org> Subject: [alsa-devel] [PATCH v2] control_hw: Fix issue when applying seccomp policy Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: alsa-devel-bounces@alsa-project.org Sender: alsa-devel-bounces@alsa-project.org
Series	[v2] control_hw: Fix issue when applying seccomp policy \| expand [v2] control_hw: Fix issue when applying seccomp policy

Message ID

20180817031227.187676-1-hychao@chromium.org (mailing list archive)

State

New, archived

Headers

From: Hsin-Yu Chao <hychao@chromium.org>
To: alsa-devel@alsa-project.org
Date: Fri, 17 Aug 2018 11:12:27 +0800
Message-Id: <20180817031227.187676-1-hychao@chromium.org>
Cc: vinod.koul@intel.com, dgreid@chromium.org,
 Hsin-Yu Chao <hychao@chromium.org>
Subject: [alsa-devel] [PATCH v2] control_hw: Fix issue when applying seccomp
	policy
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: alsa-devel-bounces@alsa-project.org
Sender: alsa-devel-bounces@alsa-project.org

Series

[v2] control_hw: Fix issue when applying seccomp policy | expand

Commit Message

Hsin-Yu Chao Aug. 17, 2018, 3:12 a.m. UTC

When seccomp policy is applied to filter ioctl syscall with
SNDRV_CTL_IOCTL_TLV_COMMAND, SNDRV_CTL_IOCTL_TLV_READ and
SNDRV_CTL_IOCTL_TLV_WRITE in whiltelist, alsa-lib still breaks
in at snd_ctl_hw_elem_tlv().

The problem behind is because ioctl() takes unsigned long cmd
argument, and the signed bit of local int variable could cause
0xff bytes appended after casted to unsigned long.
In kernel, seccomp data struct takes 64 bits argument to check
against seccomp rules, these unexpected 0xff bytes could make
the rule check fail.

Fix the problem by passing unsigned int to ioctl.

Signed-off-by: Hsin-Yu Chao <hychao@chromium.org>
---
 src/control/control_hw.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Takashi Iwai Aug. 19, 2018, 8:09 a.m. UTC | #1

On Fri, 17 Aug 2018 05:12:27 +0200,
Hsin-Yu Chao wrote:
> 
> When seccomp policy is applied to filter ioctl syscall with
> SNDRV_CTL_IOCTL_TLV_COMMAND, SNDRV_CTL_IOCTL_TLV_READ and
> SNDRV_CTL_IOCTL_TLV_WRITE in whiltelist, alsa-lib still breaks
> in at snd_ctl_hw_elem_tlv().
> 
> The problem behind is because ioctl() takes unsigned long cmd
> argument, and the signed bit of local int variable could cause
> 0xff bytes appended after casted to unsigned long.
> In kernel, seccomp data struct takes 64 bits argument to check
> against seccomp rules, these unexpected 0xff bytes could make
> the rule check fail.
> 
> Fix the problem by passing unsigned int to ioctl.
> 
> Signed-off-by: Hsin-Yu Chao <hychao@chromium.org>

Thanks, applied now.


Takashi

diff --git a/src/control/control_hw.c b/src/control/control_hw.c
index 68eca522..b54d65f2 100644
--- a/src/control/control_hw.c
+++ b/src/control/control_hw.c
@@ -215,7 +215,7 @@  static int snd_ctl_hw_elem_tlv(snd_ctl_t *handle, int op_flag,
 			       unsigned int numid,
 			       unsigned int *tlv, unsigned int tlv_size)
 {
-	int inum;
+	unsigned int inum;
 	snd_ctl_hw_t *hw = handle->private_data;
 	struct snd_ctl_tlv *xtlv;

[v2] control_hw: Fix issue when applying seccomp policy

Commit Message

Comments

Patch