From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x22754o9GHSMNPjw8eDfJGwTXmOB695+5cIi/HgRcxcM5AX5q6a+NIGGoi8e+G7WuxvT1n8TW ARC-Seal: i=1; a=rsa-sha256; t=1519055191; cv=none; d=google.com; s=arc-20160816; b=qg2qxdnbH0CHF7cQuk2PLoUAknTXN4OWGhskyL3+7pFlTg9GEbdHOGDKAviS+sJpyE r4x6nKPQQishju6PzlrZWnHjzS//reaNx1V/an6FrSDc+Zv8/GUJM1UYoydmj37xeLVh yBqzpdJzxg6PCoz5R0Q9pN8r5xUqjebXwlycQV8O8fRN8uR5nxA4vl0POK4RbfJiSNzX RF3mj11p3z4DxDlDFPM6+D7R4scVZb8AW3aIpfSw6dj67fUCKsgnCgvWL627UWrTgf44 AbObXJJAmT2aZtm3LZ6lG+o7P4ZP8boUJJeFpxKx4Ry02aTsdLem3FV9aCDgPT6jznVF wy2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:user-agent:references:in-reply-to:subject:cc:to:from :message-id:date:arc-authentication-results; bh=5lxCFoQboQp6CZvjr7KezmrtZNtcZaCAYT+MVq733bQ=; b=hVMJQg71J57PH8imQ4TOq+lkKis1lS/F7jBeXwjhU80iRypRtcMF0x3ZXlCDQxXqzj gYScWUvpxYrE/mEsaQCzaQt5cYy7IYfvx7UZynZm3soT//MRgZYjDdrWtmqOMDLFcYEN hFUe5zzwWde60IFcc960sVujqzJ5260FWDR+JatwBynjDpQ3F93fdSc0/WFxxo2tVmWB aq4m6aKcTDYjnavx2/J+bE2ne+Nd7Po1vW5t0NAb8kUGo/b3UXrW+OXzPEiak3GHMVcz apKSFz/8nLXM/3eiKgkHxgvcXbBVYpfwXl3UOca/EbkqJ1FfNHut8Vy7uzk09Hmra89y CM9Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of tiwai@suse.de designates 195.135.220.15 as permitted sender) smtp.mailfrom=tiwai@suse.de Authentication-Results: mx.google.com; spf=pass (google.com: domain of tiwai@suse.de designates 195.135.220.15 as permitted sender) smtp.mailfrom=tiwai@suse.de Date: Mon, 19 Feb 2018 16:46:29 +0100 Message-ID: From: Takashi Iwai To: Greg Kroah-Hartman Cc: Andres Bertens , linux-kernel@vger.kernel.org, stable@vger.kernel.org, ben@decadent.org.uk Subject: Re: Linux 3.16.54: suspend stops working. In-Reply-To: <2f37c140-3cd4-e1e6-9c41-631b637d4883@yahoo.com> References: <02c917a9-83ad-6510-fe7d-9ab8b4519041@yahoo.com> <2f37c140-3cd4-e1e6-9c41-631b637d4883@yahoo.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 Emacs/25.3 (x86_64-suse-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-LABELS: =?utf-8?b?IlxcSW1wb3J0YW50Ig==?= X-GMAIL-THRID: =?utf-8?q?1592844816031933182?= X-GMAIL-MSGID: =?utf-8?q?1592844816031933182?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: On Mon, 19 Feb 2018 16:36:03 +0100, Andres Bertens wrote: > > Hi, > > Yes sir, supend works with the attached patch! > > As for using some sequencer audio stuff, I have enabled > CONFIG_SND_SEQUENCER and some others *SEQ* as modules in my kernel > config. Nothing else to my knowledge. Good to hear! Greg, could you revert the previous one and apply the new one instead? Below is with a more description explaining the difference. Or if you prefer an incremental patch instead of revert and re-apply, let me know. I'll cook it. thanks, Takashi -- 8< -- From: Takashi Iwai Subject: [PATCH] ALSA: seq: Make ioctls race-free (revised) commit b3defb791b26ea0683a93a4f49c77ec45ec96f10 upstream. The ALSA sequencer ioctls have no protection against racy calls while the concurrent operations may lead to interfere with each other. As reported recently, for example, the concurrent calls of setting client pool with a combination of write calls may lead to either the unkillable dead-lock or UAF. As a slightly big hammer solution, this patch introduces the mutex to make each ioctl exclusive. Although this may reduce performance via parallel ioctl calls, usually it's not demanded for sequencer usages, hence it should be negligible. [ NOTE: this is the revised backport of the commit b3defb791b26. We had another backport (e.g. 623e5c8ae32b in 4.4.115), but it applies the new mutex also to the code paths via faked kernel-to-kernel ioctls, and it seems leading to a deadlock, as reported recently as a regression. This revised patch takes the mutex only in the code path invoked by user-space, just like the original fix patch does -- tiwai ] Reported-by: Luo Quan Reviewed-by: Kees Cook Reviewed-by: Greg Kroah-Hartman Cc: Signed-off-by: Takashi Iwai --- sound/core/seq/seq_clientmgr.c | 7 ++++++- sound/core/seq/seq_clientmgr.h | 1 + 2 files changed, 7 insertions(+), 1 deletion(-) --- a/sound/core/seq/seq_clientmgr.c +++ b/sound/core/seq/seq_clientmgr.c @@ -236,6 +236,7 @@ static struct snd_seq_client *seq_create rwlock_init(&client->ports_lock); mutex_init(&client->ports_mutex); INIT_LIST_HEAD(&client->ports_list_head); + mutex_init(&client->ioctl_mutex); /* find free slot in the client table */ spin_lock_irqsave(&clients_lock, flags); @@ -2220,11 +2221,15 @@ static int snd_seq_do_ioctl(struct snd_s static long snd_seq_ioctl(struct file *file, unsigned int cmd, unsigned long arg) { struct snd_seq_client *client = file->private_data; + long ret; if (snd_BUG_ON(!client)) return -ENXIO; - return snd_seq_do_ioctl(client, cmd, (void __user *) arg); + mutex_lock(&client->ioctl_mutex); + ret = snd_seq_do_ioctl(client, cmd, (void __user *) arg); + mutex_unlock(&client->ioctl_mutex); + return ret; } #ifdef CONFIG_COMPAT --- a/sound/core/seq/seq_clientmgr.h +++ b/sound/core/seq/seq_clientmgr.h @@ -59,6 +59,7 @@ struct snd_seq_client { struct list_head ports_list_head; rwlock_t ports_lock; struct mutex ports_mutex; + struct mutex ioctl_mutex; int convert32; /* convert 32->64bit */ /* output pool */