| Message ID | dc38ec162b8c83e53cf48cc8dc4dbac78667e394.1591610330.git.mirq-linux@rere.qmqm.pl (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ALSA: pcm: stream linking locking fixes | expand |
On Mon, 08 Jun 2020 12:06:32 +0200, Michał Mirosław wrote: > > Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code > can't handle it. Fixed commit is not where bug was introduced, but > changes the context significantly. > > Cc: stable@vger.kernel.org > Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()") > Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl> Thanks for the fix. Just a minor point: > @@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd) > } > pcm_file = f.file->private_data; > substream1 = pcm_file->substream; > + > + if (substream == substream1) { > + res = -EDEADLK; We've never used this error code, hence it may confuse the user-space side. I'd use a more standard -EINVAL instead; the error is basically an invalid argument, after all. thanks, Takashi
diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c index aef860256278..3ad399cb6f30 100644 --- a/sound/core/pcm_native.c +++ b/sound/core/pcm_native.c @@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd) } pcm_file = f.file->private_data; substream1 = pcm_file->substream; + + if (substream == substream1) { + res = -EDEADLK; + goto _badf; + } + group = kzalloc(sizeof(*group), GFP_KERNEL); if (!group) { res = -ENOMEM;
Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code can't handle it. Fixed commit is not where bug was introduced, but changes the context significantly. Cc: stable@vger.kernel.org Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()") Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl> --- sound/core/pcm_native.c | 6 ++++++ 1 file changed, 6 insertions(+)