Re: what's the kernel policy WRT firmware parsing security?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jaroslav,

On Sun, Oct 06, 2019 at 04:10:28PM +0200, Jaroslav Kysela wrote:
> Dne 06. 10. 19 v 12:47 Guennadi Liakhovetski napsal(a):
> > Hi,
> > 
> > I decided to have a look at whether the ALSA topology parsing is bullet
> > proof against malformed topology files. It seems not quite to be the case.
> > At least I seem to have found a possibility of crashing the kernel by a
> > malformed topology file. I haven't tested it, so, maybe I'm wrong.
> > 
> > In principle, firmware files can only be written by root, and if you have
> > root access to the system, it's anyway doomed. Is this the approach and
> > we aren't really trying to make topology parsing 100% safe, or do we want
> > to fix any such possible parsing issues?
> 
> The kernel should not crash. Dot. If you found a serious issue, please,
> report it or better, send the fix.

Sorry, I'm still configuring / getting used to mutt and git send-mail on this
PC, so adding you to CC didn't work out :-/ Here's a link:
https://mailman.alsa-project.org/pipermail/alsa-devel/2019-October/156352.html

Thanks
Guennadi

> 				Thanks,
> 					Jaroslav
> 
> -- 
> Jaroslav Kysela <perex@xxxxxxxx>
> Linux Sound Maintainer; ALSA Project; Red Hat, Inc.
_______________________________________________
Alsa-devel mailing list
Alsa-devel@xxxxxxxxxxxxxxxx
https://mailman.alsa-project.org/mailman/listinfo/alsa-devel



[Index of Archives]     [ALSA User]     [Linux Audio Users]     [Pulse Audio]     [Kernel Archive]     [Asterisk PBX]     [Photo Sharing]     [Linux Sound]     [Video 4 Linux]     [Gimp]     [Yosemite News]

  Powered by Linux