On Tue, Jan 10, 2023 at 01:40:59PM +0530, rhythm.m.mahajan@xxxxxxxxxx wrote: > > > On 07/10/22 12:19 pm, Greg KH wrote: > > On Thu, Oct 06, 2022 at 10:31:27AM -0700, Zubin Mithra wrote: > > > From: Takashi Iwai <tiwai@xxxxxxx> > > > > > > commit 8423f0b6d513b259fdab9c9bf4aaa6188d054c2d upstream. > > > > > > There is a small race window at snd_pcm_oss_sync() that is called from > > > OSS PCM SNDCTL_DSP_SYNC ioctl; namely the function calls > > > snd_pcm_oss_make_ready() at first, then takes the params_lock mutex > > > for the rest. When the stream is set up again by another thread > > > between them, it leads to inconsistency, and may result in unexpected > > > results such as NULL dereference of OSS buffer as a fuzzer spotted > > > recently. > > > > > > The fix is simply to cover snd_pcm_oss_make_ready() call into the same > > > params_lock mutex with snd_pcm_oss_make_ready_locked() variant. > > > > > > Reported-and-tested-by: butt3rflyh4ck <butterflyhuangxx@xxxxxxxxx> > > > Reviewed-by: Jaroslav Kysela <perex@xxxxxxxx> > > > Cc: <stable@xxxxxxxxxxxxxxx> > > > Link: https://lore.kernel.org/r/CAFcO6XN7JDM4xSXGhtusQfS2mSBcx50VJKwQpCq=WeLt57aaZA@xxxxxxxxxxxxxx > > > Link: https://lore.kernel.org/r/20220905060714.22549-1-tiwai@xxxxxxx > > > Signed-off-by: Takashi Iwai <tiwai@xxxxxxx> > > > Signed-off-by: Zubin Mithra <zsm@xxxxxxxxxx> > > > --- > > > Note: > > > * 8423f0b6d513 is present in linux-5.15.y and linux-5.4.y; missing in > > > linux-5.10.y. > > > * Backport addresses conflict due to surrounding context. > > > * Tests run: build and boot. > > > > Now queued up, thanks. > > > > greg k-h > > This patch applies cleanly on 4.14 LTS as well. Can we have this patch in > 4.14? I have tested for build and boot. Can you provide a working patch for this for 4.14.y and 4.19.y that you have tested the sound works properly with this patch applied? Booting doesn't invoke sound usually :) thanks, greg k-h
