From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
patches@lists.linux.dev,
"Pierre-Louis Bossart" <pierre-louis.bossart@linux.intel.com>,
"Péter Ujfalusi" <peter.ujfalusi@linux.intel.com>,
"Amadeusz Sławiński" <amadeuszx.slawinski@linux.intel.com>,
"Mark Brown" <broonie@kernel.org>
Subject: [PATCH 6.1 07/38] ASoC: topology: Fix route memory corruption
Date: Thu, 15 Aug 2024 15:25:41 +0200 [thread overview]
Message-ID: <20240815131833.237753634@linuxfoundation.org> (raw)
In-Reply-To: <20240815131832.944273699@linuxfoundation.org>
6.1-stable review patch. If anyone has any objections, please let me know.
------------------
From: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
commit 0298f51652be47b79780833e0b63194e1231fa34 upstream.
It was reported that recent fix for memory corruption during topology
load, causes corruption in other cases. Instead of being overeager with
checking topology, assume that it is properly formatted and just
duplicate strings.
Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
Suggested-by: Péter Ujfalusi <peter.ujfalusi@linux.intel.com>
Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@linux.intel.com
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
sound/soc/soc-topology.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
--- a/sound/soc/soc-topology.c
+++ b/sound/soc/soc-topology.c
@@ -1093,21 +1093,15 @@ static int soc_tplg_dapm_graph_elems_loa
break;
}
- route->source = devm_kmemdup(tplg->dev, elem->source,
- min(strlen(elem->source), maxlen),
- GFP_KERNEL);
- route->sink = devm_kmemdup(tplg->dev, elem->sink,
- min(strlen(elem->sink), maxlen),
- GFP_KERNEL);
+ route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
+ route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
if (!route->source || !route->sink) {
ret = -ENOMEM;
break;
}
if (strnlen(elem->control, maxlen) != 0) {
- route->control = devm_kmemdup(tplg->dev, elem->control,
- min(strlen(elem->control), maxlen),
- GFP_KERNEL);
+ route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
if (!route->control) {
ret = -ENOMEM;
break;
next prev parent reply other threads:[~2024-08-15 14:06 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-15 13:25 [PATCH 6.1 00/38] 6.1.106-rc1 review Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 01/38] mptcp: pass addr to mptcp_pm_alloc_anno_list Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 02/38] mptcp: pm: reduce indentation blocks Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 03/38] mptcp: pm: dont try to create sf if alloc failed Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 04/38] mptcp: pm: do not ignore subflow if signal flag is also set Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 05/38] selftests: mptcp: join: test both signal & subflow Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 06/38] ASoC: topology: Clean up route loading Greg Kroah-Hartman
2024-08-15 13:25 ` Greg Kroah-Hartman [this message]
2024-08-15 13:25 ` [PATCH 6.1 08/38] exec: Fix ToCToU between perm check and set-uid/gid usage Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 09/38] LoongArch: Define __ARCH_WANT_NEW_STAT in unistd.h Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 10/38] nfsd: move reply cache initialization into nfsd startup Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 11/38] nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 12/38] NFSD: Refactor nfsd_reply_cache_free_locked() Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 13/38] NFSD: Rename nfsd_reply_cache_alloc() Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 14/38] NFSD: Replace nfsd_prune_bucket() Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 15/38] NFSD: Refactor the duplicate reply cache shrinker Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 16/38] NFSD: Rewrite synopsis of nfsd_percpu_counters_init() Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 17/38] NFSD: Fix frame size warning in svc_export_parse() Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 18/38] sunrpc: dont change ->sv_stats if it doesnt exist Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 19/38] nfsd: stop setting ->pg_stats for unused stats Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 20/38] sunrpc: pass in the sv_stats struct through svc_create_pooled Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 21/38] sunrpc: remove ->pg_stats from svc_program Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 22/38] sunrpc: use the struct net as the svc proc private Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 23/38] nfsd: rename NFSD_NET_* to NFSD_STATS_* Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 24/38] nfsd: expose /proc/net/sunrpc/nfsd in net namespaces Greg Kroah-Hartman
2024-08-15 13:25 ` [PATCH 6.1 25/38] nfsd: make all of the nfsd stats per-network namespace Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 26/38] nfsd: remove nfsd_stats, make th_cnt a global counter Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 27/38] nfsd: make svc_stat per-network namespace instead of global Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 28/38] nvme/pci: Add APST quirk for Lenovo N60z laptop Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 29/38] mptcp: fully established after ADD_ADDR echo on MPJ Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 30/38] drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 31/38] cgroup: Make operations on the cgroup root_list RCU safe Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 32/38] drm/i915: Add a function to mmap framebuffer obj Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 33/38] drm/i915: Fix a NULL vs IS_ERR() bug Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 34/38] drm/i915/gem: Adjust vma offset for framebuffer mmap offset Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 35/38] binfmt_flat: Fix corruption when not offsetting data start Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 36/38] cgroup: Move rcu_head up near the top of cgroup_root Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 37/38] wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values Greg Kroah-Hartman
2024-08-15 13:26 ` [PATCH 6.1 38/38] KVM: arm64: Dont pass a TLBI level hint when zapping table entries Greg Kroah-Hartman
2024-08-15 18:54 ` [PATCH 6.1 00/38] 6.1.106-rc1 review Pavel Machek
2024-08-15 18:55 ` Peter Schneider
2024-08-15 21:43 ` Florian Fainelli
2024-08-16 8:47 ` Anders Roxell
2024-08-16 11:24 ` Mark Brown
2024-08-16 19:44 ` Jon Hunter
2024-08-16 20:44 ` Ron Economos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240815131833.237753634@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=amadeuszx.slawinski@linux.intel.com \
--cc=broonie@kernel.org \
--cc=patches@lists.linux.dev \
--cc=peter.ujfalusi@linux.intel.com \
--cc=pierre-louis.bossart@linux.intel.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox