On Tue, 09 Jun 2020 13:47:33 +0200, Christoph Hellwig wrote: > > Alex, can you try this patch? Also could you check whether just papering over the memset() call alone avoids the crash like below? For PulseAudio and dmix/dsnoop, it's the only code path that accesses the vmapped buffer, I believe. If this works more or less, I'll cook a more comprehensive fix. thanks, Takashi --- a/sound/core/pcm_native.c +++ b/sound/core/pcm_native.c @@ -754,9 +754,11 @@ static int snd_pcm_hw_params(struct snd_pcm_substream *substream, while (runtime->boundary * 2 <= LONG_MAX - runtime->buffer_size) runtime->boundary *= 2; +#if 0 /* clear the buffer for avoiding possible kernel info leaks */ if (runtime->dma_area && !substream->ops->copy_user) memset(runtime->dma_area, 0, runtime->dma_bytes); +#endif snd_pcm_timer_resolution_change(substream); snd_pcm_set_state(substream, SNDRV_PCM_STATE_SETUP);
