From: Nicolai Stange <nstange@suse.de>
To: Takashi Iwai <tiwai@suse.de>
Cc: alsa-devel@alsa-project.org, "Miroslav Benes" <mbenes@suse.cz>,
范龙飞 <long7573@126.com>, "Nicolai Stange" <nstange@suse.de>
Subject: Re: [PATCH 2/2] ALSA: seq: More protection for concurrent write and ioctl races
Date: Thu, 08 Mar 2018 11:38:30 +0100 [thread overview]
Message-ID: <87371akg2h.fsf@suse.de> (raw)
In-Reply-To: <20180308071856.12149-3-tiwai@suse.de> (Takashi Iwai's message of "Thu, 8 Mar 2018 08:18:56 +0100")
Takashi Iwai <tiwai@suse.de> writes:
> This patch is an attempt for further hardening against races between
> the concurrent write and ioctls. The previous fix d15d662e89fc
> ("ALSA: seq: Fix racy pool initializations") covered the race of the
> pool initialization at writer and the pool resize ioctl by the
> client->ioctl_mutex (CVE-2018-1000004). However, basically this mutex
> should be applied more widely to the whole write operation for
> avoiding the unexpected pool operations by another thread.
>
> The only change outside snd_seq_write() is the additional mutex
> argument to helper functions, so that we can unlock / relock the given
> mutex temporarily during schedule() call for blocking write.
>
> Fixes: d15d662e89fc ("ALSA: seq: Fix racy pool initializations")
> Reported-by: 范龙飞 <long7573@126.com>
> Reported-by: Nicolai Stange <nstange@suse.de>
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Takashi Iwai <tiwai@suse.de>
> ---
Reviewed-and-tested-by: Nicolai Stange <nstange@suse.de>
--
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
HRB 21284 (AG Nürnberg)
_______________________________________________
Alsa-devel mailing list
Alsa-devel@alsa-project.org
http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
prev parent reply other threads:[~2018-03-08 10:38 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-08 7:18 [PATCH 0/2] More hardening for ALSA sequencer write/ioctl races Takashi Iwai
2018-03-08 7:18 ` [PATCH 1/2] ALSA: seq: Don't allow resizing pool in use Takashi Iwai
2018-03-08 10:44 ` Nicolai Stange
2018-03-08 10:56 ` Takashi Iwai
2018-03-08 7:18 ` [PATCH 2/2] ALSA: seq: More protection for concurrent write and ioctl races Takashi Iwai
2018-03-08 10:38 ` Nicolai Stange [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87371akg2h.fsf@suse.de \
--to=nstange@suse.de \
--cc=alsa-devel@alsa-project.org \
--cc=long7573@126.com \
--cc=mbenes@suse.cz \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.