From: Robert Jarzmik <robert.jarzmik@free.fr>
To: Takashi Iwai <tiwai@suse.de>
Cc: "Dmitry Torokhov" <dmitry.torokhov@gmail.com>,
"Haojian Zhuang" <haojian.zhuang@gmail.com>,
"Liam Girdwood" <lgirdwood@gmail.com>,
"Mark Brown" <broonie@kernel.org>,
"Lee Jones" <lee.jones@linaro.org>,
"Lars-Peter Clausen" <lars@metafoo.de>,
"Charles Keepax" <ckeepax@opensource.wolfsonmicro.com>,
"Jaroslav Kysela" <perex@perex.cz>,
"Daniel Mack" <daniel@zonque.org>, <alsa-devel@alsa-project.org>,
<linux-arm-kernel@lists.infradead.org>,
<patches@opensource.wolfsonmicro.com>,
<linux-input@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<stable@vger.kernel.org>
Subject: Re: [PATCH v2 12/12] ASoC: Fix use-after-free at card unregistration
Date: Mon, 19 Jun 2017 13:57:20 +0200 [thread overview]
Message-ID: <87injstckf.fsf@belgarion.home> (raw)
In-Reply-To: <s5hefug72iu.wl-tiwai@suse.de> (Takashi Iwai's message of "Mon, 19 Jun 2017 11:25:13 +0200")
Takashi Iwai <tiwai@suse.de> writes:
> On Mon, 19 Jun 2017 09:27:09 +0200,
> Robert Jarzmik wrote:
>>
>> From: Takashi Iwai <tiwai@suse.de>
>>
>> soc_cleanup_card_resources() call snd_card_free() at the last of its
>> procedure. This turned out to lead to a use-after-free.
>> PCM runtimes have been already removed via soc_remove_pcm_runtimes(),
>> while it's dereferenced later in soc_pcm_free() called via
>> snd_card_free().
>>
>> The fix is simple: just move the snd_card_free() call to the beginning
>> of the whole procedure. This also gives another benefit: it
>> guarantees that all operations have been shut down before actually
>> releasing the resources, which was racy until now.
>>
>> Reported-and-tested-by: Robert Jarzmik <robert.jarzmik@free.fr>
>> Cc: <stable@vger.kernel.org>
>> Signed-off-by: Takashi Iwai <tiwai@suse.de>
>
> This patch must be superfluous :)
Haha :)
My serie shifted by one, so the very first of the serie is therefore missing,
formerly "ALSA: ac97: split out the generic ac97 registers" in
https://patchwork.kernel.org/patch/9398143/, and the shift triggered the
inclusion of the last patch of my tree, ie. yours :)
Cheers.
--
Robert
next prev parent reply other threads:[~2017-06-19 11:57 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1497857229-12049-1-git-send-email-robert.jarzmik@free.fr>
2017-06-19 7:27 ` [PATCH v2 12/12] ASoC: Fix use-after-free at card unregistration Robert Jarzmik
2017-06-19 9:25 ` Takashi Iwai
2017-06-19 11:57 ` Robert Jarzmik [this message]
2017-06-28 19:53 ` [alsa-devel] " Mark Brown
2017-06-28 22:03 ` Robert Jarzmik
2017-06-30 11:56 ` Mark Brown
2017-06-30 15:06 ` Robert Jarzmik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87injstckf.fsf@belgarion.home \
--to=robert.jarzmik@free.fr \
--cc=alsa-devel@alsa-project.org \
--cc=broonie@kernel.org \
--cc=ckeepax@opensource.wolfsonmicro.com \
--cc=daniel@zonque.org \
--cc=dmitry.torokhov@gmail.com \
--cc=haojian.zhuang@gmail.com \
--cc=lars@metafoo.de \
--cc=lee.jones@linaro.org \
--cc=lgirdwood@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-input@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=patches@opensource.wolfsonmicro.com \
--cc=perex@perex.cz \
--cc=stable@vger.kernel.org \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox