Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Vitaly Chikunov]

Sasha, Greg,

On Tue, Jul 09, 2024 at 12:18:57PM GMT, Sasha Levin wrote:
> From: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
> 
> [ Upstream commit 0298f51652be47b79780833e0b63194e1231fa34 ]
> 
> It was reported that recent fix for memory corruption during topology
> load, causes corruption in other cases. Instead of being overeager with
> checking topology, assume that it is properly formatted and just
> duplicate strings.

Can this backport actually be applied to the 6.9/6.6/6.1 stable branches?

I have multiple bug reports about sound not working and memory
corruption on some laptops (for example ICL RAYbook Si1516). See for
example bug reports[1][2], and the fix discussion [3].

dmesg messages from Lenovo ThinkBook 13 gen 1:


  [ 3.555191] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware info: version 2:2:0-57864
  [ 3.555206] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware: ABI 3:22:1 Kernel ABI 3:23:0
  [ 3.574043] sof-audio-pci-intel-cnl 0000:00:1f.3: Topology: ABI 3:22:1 Kernel ABI 3:23:0
  [ 3.575180] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink MIXER1.0> not found
  [ 3.575772] sof-audio-pci-intel-cnl 0000:00:1f.3: error: tplg component load failed -22
  [ 3.575793] sof-audio-pci-intel-cnl 0000:00:1f.3: error: failed to load DSP topology -22
  [ 3.575801] sof-audio-pci-intel-cnl 0000:00:1f.3: ASoC: error at snd_soc_component_probe on 0000:00:1f.3: -22

Error messages from other boots showing memory corruption:

  [ 3.904397] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PCM0C03-std-def-alt0.p11@jh\x86Ŝ\xff\xff@\xc8\xff\x82Ŝ\xff\xff`P\x82\xbb\xff\xff\xff\xff\x94$A\xbc\xff\xff\xff\xff\x06 not found
  [ 3.966777] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PGA1.0\x01 not found
  [ 3.899748] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source BUF2.0 not found
  [ 3.975359] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source PCM0P\x01pcsc-lite.conf not found
  [ 7.275851] sof-audio-pci-intel-tgl 0000:00:1f.3: error: source HDA1.IN/0123456789:;<=>? not found

[1] https://github.com/thesofproject/sof/issues/9339
[2] https://github.com/thesofproject/sof/issues/9341
[3] https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d

Thanks,

> 
> Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
> Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
> Suggested-by: Péter Ujfalusi <peter.ujfalusi@linux.intel.com>
> Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
> Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@linux.intel.com
> Signed-off-by: Mark Brown <broonie@kernel.org>
> Signed-off-by: Sasha Levin <sashal@kernel.org>
> ---
>  sound/soc/soc-topology.c | 12 +++---------
>  1 file changed, 3 insertions(+), 9 deletions(-)
> 
> diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c
> index 52752e0a5dc27..27aba69894b17 100644
> --- a/sound/soc/soc-topology.c
> +++ b/sound/soc/soc-topology.c
> @@ -1052,21 +1052,15 @@ static int soc_tplg_dapm_graph_elems_load(struct soc_tplg *tplg,
>  			break;
>  		}
>  
> -		route->source = devm_kmemdup(tplg->dev, elem->source,
> -					     min(strlen(elem->source), maxlen),
> -					     GFP_KERNEL);
> -		route->sink = devm_kmemdup(tplg->dev, elem->sink,
> -					   min(strlen(elem->sink), maxlen),
> -					   GFP_KERNEL);
> +		route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
> +		route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
>  		if (!route->source || !route->sink) {
>  			ret = -ENOMEM;
>  			break;
>  		}
>  
>  		if (strnlen(elem->control, maxlen) != 0) {
> -			route->control = devm_kmemdup(tplg->dev, elem->control,
> -						      min(strlen(elem->control), maxlen),
> -						      GFP_KERNEL);
> +			route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
>  			if (!route->control) {
>  				ret = -ENOMEM;
>  				break;
> -- 
> 2.43.0
> 

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Pierre-Louis Bossart]

On 8/5/24 18:17, Vitaly Chikunov wrote:
> Sasha, Greg,
> 
> On Tue, Jul 09, 2024 at 12:18:57PM GMT, Sasha Levin wrote:
>> From: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>>
>> [ Upstream commit 0298f51652be47b79780833e0b63194e1231fa34 ]
>>
>> It was reported that recent fix for memory corruption during topology
>> load, causes corruption in other cases. Instead of being overeager with
>> checking topology, assume that it is properly formatted and just
>> duplicate strings.
> 
> Can this backport actually be applied to the 6.9/6.6/6.1 stable branches?
> 
> I have multiple bug reports about sound not working and memory
> corruption on some laptops (for example ICL RAYbook Si1516). See for
> example bug reports[1][2], and the fix discussion [3].
> 
> dmesg messages from Lenovo ThinkBook 13 gen 1:
> 
> 
>   [ 3.555191] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware info: version 2:2:0-57864
>   [ 3.555206] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware: ABI 3:22:1 Kernel ABI 3:23:0
>   [ 3.574043] sof-audio-pci-intel-cnl 0000:00:1f.3: Topology: ABI 3:22:1 Kernel ABI 3:23:0
>   [ 3.575180] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink MIXER1.0> not found
>   [ 3.575772] sof-audio-pci-intel-cnl 0000:00:1f.3: error: tplg component load failed -22
>   [ 3.575793] sof-audio-pci-intel-cnl 0000:00:1f.3: error: failed to load DSP topology -22
>   [ 3.575801] sof-audio-pci-intel-cnl 0000:00:1f.3: ASoC: error at snd_soc_component_probe on 0000:00:1f.3: -22
> 
> Error messages from other boots showing memory corruption:
> 
>   [ 3.904397] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PCM0C03-std-def-alt0.p11@jh\x86Ŝ\xff\xff@\xc8\xff\x82Ŝ\xff\xff`P\x82\xbb\xff\xff\xff\xff\x94$A\xbc\xff\xff\xff\xff\x06 not found
>   [ 3.966777] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PGA1.0\x01 not found
>   [ 3.899748] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source BUF2.0 not found
>   [ 3.975359] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source PCM0P\x01pcsc-lite.conf not found
>   [ 7.275851] sof-audio-pci-intel-tgl 0000:00:1f.3: error: source HDA1.IN/0123456789:;<=>? not found
> 
> [1] https://github.com/thesofproject/sof/issues/9339
> [2] https://github.com/thesofproject/sof/issues/9341
> [3] https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d

Agree, the commit "ASoC: topology: Fix references to freed memory"
[ Upstream commit 97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1 ]
should not have landed on any -stable branch. It should be reverted or
this follow-up fix be applied.

> 
> Thanks,
> 
>>
>> Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
>> Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
>> Suggested-by: Péter Ujfalusi <peter.ujfalusi@linux.intel.com>
>> Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>> Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@linux.intel.com
>> Signed-off-by: Mark Brown <broonie@kernel.org>
>> Signed-off-by: Sasha Levin <sashal@kernel.org>
>> ---
>>  sound/soc/soc-topology.c | 12 +++---------
>>  1 file changed, 3 insertions(+), 9 deletions(-)
>>
>> diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c
>> index 52752e0a5dc27..27aba69894b17 100644
>> --- a/sound/soc/soc-topology.c
>> +++ b/sound/soc/soc-topology.c
>> @@ -1052,21 +1052,15 @@ static int soc_tplg_dapm_graph_elems_load(struct soc_tplg *tplg,
>>  			break;
>>  		}
>>  
>> -		route->source = devm_kmemdup(tplg->dev, elem->source,
>> -					     min(strlen(elem->source), maxlen),
>> -					     GFP_KERNEL);
>> -		route->sink = devm_kmemdup(tplg->dev, elem->sink,
>> -					   min(strlen(elem->sink), maxlen),
>> -					   GFP_KERNEL);
>> +		route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
>> +		route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
>>  		if (!route->source || !route->sink) {
>>  			ret = -ENOMEM;
>>  			break;
>>  		}
>>  
>>  		if (strnlen(elem->control, maxlen) != 0) {
>> -			route->control = devm_kmemdup(tplg->dev, elem->control,
>> -						      min(strlen(elem->control), maxlen),
>> -						      GFP_KERNEL);
>> +			route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
>>  			if (!route->control) {
>>  				ret = -ENOMEM;
>>  				break;
>> -- 
>> 2.43.0
>>

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Thorsten Leemhuis]

Hi, top-posting for once, to make this easily accessible to everyone.

Greg, Sasha, to me it looks like something fell through the cracks.
Pierre-Louis afaics about a week ago asked (see the quote below) to
revert 97ab304ecd95c0 ("ASoC: topology: Fix references to freed memory")
[v6.10-rc6, v6.9.11, v6.6.42, v6.1.101] from the stable branches *or*
pick up b9dd212b14d27a ("ASoC: topology: Fix route memory corruption").
But nothing like that has happened yet and I can't see any of those
resolutions in the 6.6 queue.

Side note: I have a very strong feeling that I'm missing or
misunderstood something, but I decided to send this mail despite this...
If something like that was the case: apologies in advance.

Ciao, Thorsten

On 05.08.24 19:09, Pierre-Louis Bossart wrote:
> On 8/5/24 18:17, Vitaly Chikunov wrote:
>> Sasha, Greg,
>>
>> On Tue, Jul 09, 2024 at 12:18:57PM GMT, Sasha Levin wrote:
>>> From: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>>>
>>> [ Upstream commit 0298f51652be47b79780833e0b63194e1231fa34 ]
>>>
>>> It was reported that recent fix for memory corruption during topology
>>> load, causes corruption in other cases. Instead of being overeager with
>>> checking topology, assume that it is properly formatted and just
>>> duplicate strings.
>>
>> Can this backport actually be applied to the 6.9/6.6/6.1 stable branches?
>>
>> I have multiple bug reports about sound not working and memory
>> corruption on some laptops (for example ICL RAYbook Si1516). See for
>> example bug reports[1][2], and the fix discussion [3].
>>
>> dmesg messages from Lenovo ThinkBook 13 gen 1:
>>
>>
>>   [ 3.555191] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware info: version 2:2:0-57864
>>   [ 3.555206] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware: ABI 3:22:1 Kernel ABI 3:23:0
>>   [ 3.574043] sof-audio-pci-intel-cnl 0000:00:1f.3: Topology: ABI 3:22:1 Kernel ABI 3:23:0
>>   [ 3.575180] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink MIXER1.0> not found
>>   [ 3.575772] sof-audio-pci-intel-cnl 0000:00:1f.3: error: tplg component load failed -22
>>   [ 3.575793] sof-audio-pci-intel-cnl 0000:00:1f.3: error: failed to load DSP topology -22
>>   [ 3.575801] sof-audio-pci-intel-cnl 0000:00:1f.3: ASoC: error at snd_soc_component_probe on 0000:00:1f.3: -22
>>
>> Error messages from other boots showing memory corruption:
>>
>>   [ 3.904397] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PCM0C03-std-def-alt0.p11@jh\x86Ŝ\xff\xff@\xc8\xff\x82Ŝ\xff\xff`P\x82\xbb\xff\xff\xff\xff\x94$A\xbc\xff\xff\xff\xff\x06 not found
>>   [ 3.966777] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PGA1.0\x01 not found
>>   [ 3.899748] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source BUF2.0 not found
>>   [ 3.975359] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source PCM0P\x01pcsc-lite.conf not found
>>   [ 7.275851] sof-audio-pci-intel-tgl 0000:00:1f.3: error: source HDA1.IN/0123456789:;<=>? not found
>>
>> [1] https://github.com/thesofproject/sof/issues/9339
>> [2] https://github.com/thesofproject/sof/issues/9341
>> [3] https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
> 
> Agree, the commit "ASoC: topology: Fix references to freed memory"
> [ Upstream commit 97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1 ]
> should not have landed on any -stable branch. It should be reverted or
> this follow-up fix be applied.
> 
>>
>> Thanks,
>>
>>>
>>> Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
>>> Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
>>> Suggested-by: Péter Ujfalusi <peter.ujfalusi@linux.intel.com>
>>> Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>>> Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@linux.intel.com
>>> Signed-off-by: Mark Brown <broonie@kernel.org>
>>> Signed-off-by: Sasha Levin <sashal@kernel.org>
>>> ---
>>>  sound/soc/soc-topology.c | 12 +++---------
>>>  1 file changed, 3 insertions(+), 9 deletions(-)
>>>
>>> diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c
>>> index 52752e0a5dc27..27aba69894b17 100644
>>> --- a/sound/soc/soc-topology.c
>>> +++ b/sound/soc/soc-topology.c
>>> @@ -1052,21 +1052,15 @@ static int soc_tplg_dapm_graph_elems_load(struct soc_tplg *tplg,
>>>  			break;
>>>  		}
>>>  
>>> -		route->source = devm_kmemdup(tplg->dev, elem->source,
>>> -					     min(strlen(elem->source), maxlen),
>>> -					     GFP_KERNEL);
>>> -		route->sink = devm_kmemdup(tplg->dev, elem->sink,
>>> -					   min(strlen(elem->sink), maxlen),
>>> -					   GFP_KERNEL);
>>> +		route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
>>> +		route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
>>>  		if (!route->source || !route->sink) {
>>>  			ret = -ENOMEM;
>>>  			break;
>>>  		}
>>>  
>>>  		if (strnlen(elem->control, maxlen) != 0) {
>>> -			route->control = devm_kmemdup(tplg->dev, elem->control,
>>> -						      min(strlen(elem->control), maxlen),
>>> -						      GFP_KERNEL);
>>> +			route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
>>>  			if (!route->control) {
>>>  				ret = -ENOMEM;
>>>  				break;
>>> -- 
>>> 2.43.0
>>>
> 

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Amadeusz Sławiński]

I guess that for completeness you need to apply both patches:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1
was an incorrect fix which was later fixed by:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34

Applying just first one will result in runtime problems, while applying 
just second one will result in missing NULL checks on allocation.

On 8/12/2024 11:53 AM, Thorsten Leemhuis wrote:
> Hi, top-posting for once, to make this easily accessible to everyone.
> 
> Greg, Sasha, to me it looks like something fell through the cracks.
> Pierre-Louis afaics about a week ago asked (see the quote below) to
> revert 97ab304ecd95c0 ("ASoC: topology: Fix references to freed memory")
> [v6.10-rc6, v6.9.11, v6.6.42, v6.1.101] from the stable branches *or*
> pick up b9dd212b14d27a ("ASoC: topology: Fix route memory corruption").
> But nothing like that has happened yet and I can't see any of those
> resolutions in the 6.6 queue.
> 
> Side note: I have a very strong feeling that I'm missing or
> misunderstood something, but I decided to send this mail despite this...
> If something like that was the case: apologies in advance.
> 
> Ciao, Thorsten
> 
> On 05.08.24 19:09, Pierre-Louis Bossart wrote:
>> On 8/5/24 18:17, Vitaly Chikunov wrote:
>>> Sasha, Greg,
>>>
>>> On Tue, Jul 09, 2024 at 12:18:57PM GMT, Sasha Levin wrote:
>>>> From: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>>>>
>>>> [ Upstream commit 0298f51652be47b79780833e0b63194e1231fa34 ]
>>>>
>>>> It was reported that recent fix for memory corruption during topology
>>>> load, causes corruption in other cases. Instead of being overeager with
>>>> checking topology, assume that it is properly formatted and just
>>>> duplicate strings.
>>>
>>> Can this backport actually be applied to the 6.9/6.6/6.1 stable branches?
>>>
>>> I have multiple bug reports about sound not working and memory
>>> corruption on some laptops (for example ICL RAYbook Si1516). See for
>>> example bug reports[1][2], and the fix discussion [3].
>>>
>>> dmesg messages from Lenovo ThinkBook 13 gen 1:
>>>
>>>
>>>    [ 3.555191] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware info: version 2:2:0-57864
>>>    [ 3.555206] sof-audio-pci-intel-cnl 0000:00:1f.3: Firmware: ABI 3:22:1 Kernel ABI 3:23:0
>>>    [ 3.574043] sof-audio-pci-intel-cnl 0000:00:1f.3: Topology: ABI 3:22:1 Kernel ABI 3:23:0
>>>    [ 3.575180] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink MIXER1.0> not found
>>>    [ 3.575772] sof-audio-pci-intel-cnl 0000:00:1f.3: error: tplg component load failed -22
>>>    [ 3.575793] sof-audio-pci-intel-cnl 0000:00:1f.3: error: failed to load DSP topology -22
>>>    [ 3.575801] sof-audio-pci-intel-cnl 0000:00:1f.3: ASoC: error at snd_soc_component_probe on 0000:00:1f.3: -22
>>>
>>> Error messages from other boots showing memory corruption:
>>>
>>>    [ 3.904397] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PCM0C03-std-def-alt0.p11@jh\x86Ŝ\xff\xff@\xc8\xff\x82Ŝ\xff\xff`P\x82\xbb\xff\xff\xff\xff\x94$A\xbc\xff\xff\xff\xff\x06 not found
>>>    [ 3.966777] sof-audio-pci-intel-cnl 0000:00:1f.3: error: sink PGA1.0\x01 not found
>>>    [ 3.899748] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source BUF2.0 not found
>>>    [ 3.975359] sof-audio-pci-intel-cnl 0000:00:1f.3: error: source PCM0P\x01pcsc-lite.conf not found
>>>    [ 7.275851] sof-audio-pci-intel-tgl 0000:00:1f.3: error: source HDA1.IN/0123456789:;<=>? not found
>>>
>>> [1] https://github.com/thesofproject/sof/issues/9339
>>> [2] https://github.com/thesofproject/sof/issues/9341
>>> [3] https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
>>
>> Agree, the commit "ASoC: topology: Fix references to freed memory"
>> [ Upstream commit 97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1 ]
>> should not have landed on any -stable branch. It should be reverted or
>> this follow-up fix be applied.
>>
>>>
>>> Thanks,
>>>
>>>>
>>>> Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
>>>> Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
>>>> Suggested-by: Péter Ujfalusi <peter.ujfalusi@linux.intel.com>
>>>> Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
>>>> Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@linux.intel.com
>>>> Signed-off-by: Mark Brown <broonie@kernel.org>
>>>> Signed-off-by: Sasha Levin <sashal@kernel.org>
>>>> ---
>>>>   sound/soc/soc-topology.c | 12 +++---------
>>>>   1 file changed, 3 insertions(+), 9 deletions(-)
>>>>
>>>> diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c
>>>> index 52752e0a5dc27..27aba69894b17 100644
>>>> --- a/sound/soc/soc-topology.c
>>>> +++ b/sound/soc/soc-topology.c
>>>> @@ -1052,21 +1052,15 @@ static int soc_tplg_dapm_graph_elems_load(struct soc_tplg *tplg,
>>>>   			break;
>>>>   		}
>>>>   
>>>> -		route->source = devm_kmemdup(tplg->dev, elem->source,
>>>> -					     min(strlen(elem->source), maxlen),
>>>> -					     GFP_KERNEL);
>>>> -		route->sink = devm_kmemdup(tplg->dev, elem->sink,
>>>> -					   min(strlen(elem->sink), maxlen),
>>>> -					   GFP_KERNEL);
>>>> +		route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
>>>> +		route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
>>>>   		if (!route->source || !route->sink) {
>>>>   			ret = -ENOMEM;
>>>>   			break;
>>>>   		}
>>>>   
>>>>   		if (strnlen(elem->control, maxlen) != 0) {
>>>> -			route->control = devm_kmemdup(tplg->dev, elem->control,
>>>> -						      min(strlen(elem->control), maxlen),
>>>> -						      GFP_KERNEL);
>>>> +			route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
>>>>   			if (!route->control) {
>>>>   				ret = -ENOMEM;
>>>>   				break;
>>>> -- 
>>>> 2.43.0
>>>>
>>

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Greg Kroah-Hartman]

On Mon, Aug 12, 2024 at 12:01:48PM +0200, Amadeusz Sławiński wrote:
> I guess that for completeness you need to apply both patches:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1

This is already in the tree.

> was an incorrect fix which was later fixed by:
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34

This commit will not apply :(

> Applying just first one will result in runtime problems, while applying just
> second one will result in missing NULL checks on allocation.

The second patch can not apply to the stable trees, so we need a
backported version please.

thanks,

greg k-h

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Vitaly Chikunov]

Greg,

On Mon, Aug 12, 2024 at 12:25:54PM +0200, Greg Kroah-Hartman wrote:
> On Mon, Aug 12, 2024 at 12:01:48PM +0200, Amadeusz Sławiński wrote:
> > I guess that for completeness you need to apply both patches:
> > 
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1
> 
> This is already in the tree.
> 
> > was an incorrect fix which was later fixed by:
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
> 
> This commit will not apply :(

It depends upon e0e7bc2cbee9 ("ASoC: topology: Clean up route loading"),
which was in the same patchset that didn't get applied.
  
  https://lore.kernel.org/stable/?q=ASoC%3A+topology%3A+Clean+up+route+loading

I see, Mark Brown said it's not suitable material for stable kernels
(since it's code cleanup), and Sasha Levin dropped it, and the dependent
commit with real fix.

Thanks,

> 
> > Applying just first one will result in runtime problems, while applying just
> > second one will result in missing NULL checks on allocation.
> 
> The second patch can not apply to the stable trees, so we need a
> backported version please.
> 
> thanks,
> 
> greg k-h

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Greg Kroah-Hartman]

On Mon, Aug 12, 2024 at 01:38:42PM +0300, Vitaly Chikunov wrote:
> Greg,
> 
> On Mon, Aug 12, 2024 at 12:25:54PM +0200, Greg Kroah-Hartman wrote:
> > On Mon, Aug 12, 2024 at 12:01:48PM +0200, Amadeusz Sławiński wrote:
> > > I guess that for completeness you need to apply both patches:
> > > 
> > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1
> > 
> > This is already in the tree.
> > 
> > > was an incorrect fix which was later fixed by:
> > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
> > 
> > This commit will not apply :(
> 
> It depends upon e0e7bc2cbee9 ("ASoC: topology: Clean up route loading"),
> which was in the same patchset that didn't get applied.
>   
>   https://lore.kernel.org/stable/?q=ASoC%3A+topology%3A+Clean+up+route+loading
> 
> I see, Mark Brown said it's not suitable material for stable kernels
> (since it's code cleanup), and Sasha Levin dropped it, and the dependent
> commit with real fix.

Ok, then someone needs to provide a working backport please...

thanks,

greg k-h

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Amadeusz Sławiński]

On 8/12/2024 4:11 PM, Greg Kroah-Hartman wrote:
> On Mon, Aug 12, 2024 at 01:38:42PM +0300, Vitaly Chikunov wrote:
>> Greg,
>>
>> On Mon, Aug 12, 2024 at 12:25:54PM +0200, Greg Kroah-Hartman wrote:
>>> On Mon, Aug 12, 2024 at 12:01:48PM +0200, Amadeusz Sławiński wrote:
>>>> I guess that for completeness you need to apply both patches:
>>>>
>>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1
>>>
>>> This is already in the tree.
>>>
>>>> was an incorrect fix which was later fixed by:
>>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
>>>
>>> This commit will not apply :(
>>
>> It depends upon e0e7bc2cbee9 ("ASoC: topology: Clean up route loading"),
>> which was in the same patchset that didn't get applied.
>>    
>>    https://lore.kernel.org/stable/?q=ASoC%3A+topology%3A+Clean+up+route+loading
>>
>> I see, Mark Brown said it's not suitable material for stable kernels
>> (since it's code cleanup), and Sasha Levin dropped it, and the dependent
>> commit with real fix.
> 
> Ok, then someone needs to provide a working backport please...
> 

Should this be cherry-pick of both (they should apply cleanly):
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=e0e7bc2cbee93778c4ad7d9a792d425ffb5af6f7
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
or just the second one adjusted to apply for stable trees?

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Vitaly Chikunov]

Greg, Amadeusz,

On Tue, Aug 13, 2024 at 04:42:04PM +0200, Amadeusz Sławiński wrote:
> On 8/12/2024 4:11 PM, Greg Kroah-Hartman wrote:
> > On Mon, Aug 12, 2024 at 01:38:42PM +0300, Vitaly Chikunov wrote:
> > > Greg,
> > > 
> > > On Mon, Aug 12, 2024 at 12:25:54PM +0200, Greg Kroah-Hartman wrote:
> > > > On Mon, Aug 12, 2024 at 12:01:48PM +0200, Amadeusz Sławiński wrote:
> > > > > I guess that for completeness you need to apply both patches:
> > > > > 
> > > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1
> > > > 
> > > > This is already in the tree.
> > > > 
> > > > > was an incorrect fix which was later fixed by:
> > > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
> > > > 
> > > > This commit will not apply :(
> > > 
> > > It depends upon e0e7bc2cbee9 ("ASoC: topology: Clean up route loading"),
> > > which was in the same patchset that didn't get applied.
> > >    https://lore.kernel.org/stable/?q=ASoC%3A+topology%3A+Clean+up+route+loading
> > > 
> > > I see, Mark Brown said it's not suitable material for stable kernels
> > > (since it's code cleanup), and Sasha Levin dropped it, and the dependent
> > > commit with real fix.
> > 
> > Ok, then someone needs to provide a working backport please...
> > 
> 
> Should this be cherry-pick of both (they should apply cleanly):
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=e0e7bc2cbee93778c4ad7d9a792d425ffb5af6f7
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
> or just the second one adjusted to apply for stable trees?

I think having commit with memory corruption fix is more important to
stable kernels than not having the code cleanup commit. So, I would
suggest stable policy to be changed a bit, and minor commits like this
code cleanup, be allowed in stable if they are dependence of bug fixing
commits.

Additionally, these neutral commits just make stable trees become closer
to mainline trees (which allows more bug fix commits to be applied
cleanly).

Thanks,

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Mark Brown]

[-- Attachment #1: Type: text/plain, Size: 1224 bytes --]

On Wed, Aug 14, 2024 at 03:00:53AM +0300, Vitaly Chikunov wrote:
> On Tue, Aug 13, 2024 at 04:42:04PM +0200, Amadeusz Sławiński wrote:

> > Should this be cherry-pick of both (they should apply cleanly):
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=e0e7bc2cbee93778c4ad7d9a792d425ffb5af6f7
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
> > or just the second one adjusted to apply for stable trees?

> I think having commit with memory corruption fix is more important to
> stable kernels than not having the code cleanup commit. So, I would
> suggest stable policy to be changed a bit, and minor commits like this
> code cleanup, be allowed in stable if they are dependence of bug fixing
> commits.

> Additionally, these neutral commits just make stable trees become closer
> to mainline trees (which allows more bug fix commits to be applied
> cleanly).

The reason I nacked the cleanup commit was just that there was no
indication that it was a dependency or anything, it just looked like
standard stuff with not reviewing bot output.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Amadeusz Sławiński]

On 8/14/2024 12:33 PM, Mark Brown wrote:
> On Wed, Aug 14, 2024 at 03:00:53AM +0300, Vitaly Chikunov wrote:
>> On Tue, Aug 13, 2024 at 04:42:04PM +0200, Amadeusz Sławiński wrote:
> 
>>> Should this be cherry-pick of both (they should apply cleanly):
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=e0e7bc2cbee93778c4ad7d9a792d425ffb5af6f7
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/soc/soc-topology.c?id=0298f51652be47b79780833e0b63194e1231fa34
>>> or just the second one adjusted to apply for stable trees?
> 
>> I think having commit with memory corruption fix is more important to
>> stable kernels than not having the code cleanup commit. So, I would
>> suggest stable policy to be changed a bit, and minor commits like this
>> code cleanup, be allowed in stable if they are dependence of bug fixing
>> commits.
> 
>> Additionally, these neutral commits just make stable trees become closer
>> to mainline trees (which allows more bug fix commits to be applied
>> cleanly).
> 
> The reason I nacked the cleanup commit was just that there was no
> indication that it was a dependency or anything, it just looked like
> standard stuff with not reviewing bot output.

I've send both patches for stable in 
https://lore.kernel.org/linux-sound/20240814140657.2369433-1-amadeuszx.slawinski@linux.intel.com/T/#t

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Greg Kroah-Hartman]

On Mon, Aug 12, 2024 at 11:53:17AM +0200, Thorsten Leemhuis wrote:
> Hi, top-posting for once, to make this easily accessible to everyone.
> 
> Greg, Sasha, to me it looks like something fell through the cracks.
> Pierre-Louis afaics about a week ago asked (see the quote below) to
> revert 97ab304ecd95c0 ("ASoC: topology: Fix references to freed memory")
> [v6.10-rc6, v6.9.11, v6.6.42, v6.1.101] from the stable branches *or*
> pick up b9dd212b14d27a ("ASoC: topology: Fix route memory corruption").

Commit b9dd212b14d27a is a merge commit, nothing that we can take at all
here, sorry.

> But nothing like that has happened yet and I can't see any of those
> resolutions in the 6.6 queue.

Again, I can't take a merge commit :(

thanks,

greg k-h

Re: [PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Sasha Levin]

On Mon, Aug 12, 2024 at 11:53:17AM +0200, Thorsten Leemhuis wrote:
>Hi, top-posting for once, to make this easily accessible to everyone.
>
>Greg, Sasha, to me it looks like something fell through the cracks.
>Pierre-Louis afaics about a week ago asked (see the quote below) to
>revert 97ab304ecd95c0 ("ASoC: topology: Fix references to freed memory")
>[v6.10-rc6, v6.9.11, v6.6.42, v6.1.101] from the stable branches *or*
>pick up b9dd212b14d27a ("ASoC: topology: Fix route memory corruption").
>But nothing like that has happened yet and I can't see any of those
>resolutions in the 6.6 queue.
>
>Side note: I have a very strong feeling that I'm missing or
>misunderstood something, but I decided to send this mail despite this...
>If something like that was the case: apologies in advance.

For AUTOSEL mails, I only end up looking at the threads when I'm about
to actually queue those commits up into the stable-queue, which is what
happened here.

-- 
Thanks,
Sasha

[PATCH AUTOSEL 6.9 01/40] workqueue: Refactor worker ID formatting and make wq_worker_comm() use full ID string

[Sasha Levin]

From: Tejun Heo <tj@kernel.org>

[ Upstream commit 2a1b02bcba78f8498ab00d6142e1238d85b01591 ]

Currently, worker ID formatting is open coded in create_worker(),
init_rescuer() and worker_thread() (for %WORKER_DIE case). The formatted ID
is saved into task->comm and wq_worker_comm() uses it as the base name to
append extra information to when generating the name to be shown to
userspace.

However, TASK_COMM_LEN is only 16 leading to badly truncated names for
rescuers. For example, the rescuer for the inet_frag_wq workqueue becomes:

  $ ps -ef | grep '[k]worker/R-inet'
  root         483       2  0 Apr26 ?        00:00:00 [kworker/R-inet_]

Even for non-rescue workers, it's easy to run over 15 characters on
moderately large machines.

Fit it by consolidating worker ID formatting into a new helper
format_worker_id() and calling it from wq_worker_comm() to obtain the
untruncated worker ID string.

  $ ps -ef | grep '[k]worker/R-inet'
  root          60       2  0 12:10 ?        00:00:00 [kworker/R-inet_frag_wq]

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-tested-by: Jan Engelhardt <jengelh@inai.de>
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 kernel/workqueue.c | 51 ++++++++++++++++++++++++++++++----------------
 1 file changed, 34 insertions(+), 17 deletions(-)

diff --git a/kernel/workqueue.c b/kernel/workqueue.c
index d2dbe099286b9..7634fc32ee05a 100644
--- a/kernel/workqueue.c
+++ b/kernel/workqueue.c
@@ -124,6 +124,7 @@ enum wq_internal_consts {
 	HIGHPRI_NICE_LEVEL	= MIN_NICE,
 
 	WQ_NAME_LEN		= 32,
+	WORKER_ID_LEN		= 10 + WQ_NAME_LEN, /* "kworker/R-" + WQ_NAME_LEN */
 };
 
 /*
@@ -2778,6 +2779,26 @@ static void worker_detach_from_pool(struct worker *worker)
 		complete(detach_completion);
 }
 
+static int format_worker_id(char *buf, size_t size, struct worker *worker,
+			    struct worker_pool *pool)
+{
+	if (worker->rescue_wq)
+		return scnprintf(buf, size, "kworker/R-%s",
+				 worker->rescue_wq->name);
+
+	if (pool) {
+		if (pool->cpu >= 0)
+			return scnprintf(buf, size, "kworker/%d:%d%s",
+					 pool->cpu, worker->id,
+					 pool->attrs->nice < 0  ? "H" : "");
+		else
+			return scnprintf(buf, size, "kworker/u%d:%d",
+					 pool->id, worker->id);
+	} else {
+		return scnprintf(buf, size, "kworker/dying");
+	}
+}
+
 /**
  * create_worker - create a new workqueue worker
  * @pool: pool the new worker will belong to
@@ -2794,7 +2815,6 @@ static struct worker *create_worker(struct worker_pool *pool)
 {
 	struct worker *worker;
 	int id;
-	char id_buf[23];
 
 	/* ID is needed to determine kthread name */
 	id = ida_alloc(&pool->worker_ida, GFP_KERNEL);
@@ -2813,17 +2833,14 @@ static struct worker *create_worker(struct worker_pool *pool)
 	worker->id = id;
 
 	if (!(pool->flags & POOL_BH)) {
-		if (pool->cpu >= 0)
-			snprintf(id_buf, sizeof(id_buf), "%d:%d%s", pool->cpu, id,
-				 pool->attrs->nice < 0  ? "H" : "");
-		else
-			snprintf(id_buf, sizeof(id_buf), "u%d:%d", pool->id, id);
+		char id_buf[WORKER_ID_LEN];
 
+		format_worker_id(id_buf, sizeof(id_buf), worker, pool);
 		worker->task = kthread_create_on_node(worker_thread, worker,
-					pool->node, "kworker/%s", id_buf);
+						      pool->node, "%s", id_buf);
 		if (IS_ERR(worker->task)) {
 			if (PTR_ERR(worker->task) == -EINTR) {
-				pr_err("workqueue: Interrupted when creating a worker thread \"kworker/%s\"\n",
+				pr_err("workqueue: Interrupted when creating a worker thread \"%s\"\n",
 				       id_buf);
 			} else {
 				pr_err_once("workqueue: Failed to create a worker thread: %pe",
@@ -3386,7 +3403,6 @@ static int worker_thread(void *__worker)
 		raw_spin_unlock_irq(&pool->lock);
 		set_pf_worker(false);
 
-		set_task_comm(worker->task, "kworker/dying");
 		ida_free(&pool->worker_ida, worker->id);
 		worker_detach_from_pool(worker);
 		WARN_ON_ONCE(!list_empty(&worker->entry));
@@ -5430,6 +5446,7 @@ static int wq_clamp_max_active(int max_active, unsigned int flags,
 static int init_rescuer(struct workqueue_struct *wq)
 {
 	struct worker *rescuer;
+	char id_buf[WORKER_ID_LEN];
 	int ret;
 
 	if (!(wq->flags & WQ_MEM_RECLAIM))
@@ -5443,7 +5460,9 @@ static int init_rescuer(struct workqueue_struct *wq)
 	}
 
 	rescuer->rescue_wq = wq;
-	rescuer->task = kthread_create(rescuer_thread, rescuer, "kworker/R-%s", wq->name);
+	format_worker_id(id_buf, sizeof(id_buf), rescuer, NULL);
+
+	rescuer->task = kthread_create(rescuer_thread, rescuer, "%s", id_buf);
 	if (IS_ERR(rescuer->task)) {
 		ret = PTR_ERR(rescuer->task);
 		pr_err("workqueue: Failed to create a rescuer kthread for wq \"%s\": %pe",
@@ -6272,19 +6291,15 @@ void show_freezable_workqueues(void)
 /* used to show worker information through /proc/PID/{comm,stat,status} */
 void wq_worker_comm(char *buf, size_t size, struct task_struct *task)
 {
-	int off;
-
-	/* always show the actual comm */
-	off = strscpy(buf, task->comm, size);
-	if (off < 0)
-		return;
-
 	/* stabilize PF_WQ_WORKER and worker pool association */
 	mutex_lock(&wq_pool_attach_mutex);
 
 	if (task->flags & PF_WQ_WORKER) {
 		struct worker *worker = kthread_data(task);
 		struct worker_pool *pool = worker->pool;
+		int off;
+
+		off = format_worker_id(buf, size, worker, pool);
 
 		if (pool) {
 			raw_spin_lock_irq(&pool->lock);
@@ -6303,6 +6318,8 @@ void wq_worker_comm(char *buf, size_t size, struct task_struct *task)
 			}
 			raw_spin_unlock_irq(&pool->lock);
 		}
+	} else {
+		strscpy(buf, task->comm, size);
 	}
 
 	mutex_unlock(&wq_pool_attach_mutex);
-- 
2.43.0

[PATCH AUTOSEL 6.9 17/40] ASoC: topology: Fix route memory corruption

[Sasha Levin]

From: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>

[ Upstream commit 0298f51652be47b79780833e0b63194e1231fa34 ]

It was reported that recent fix for memory corruption during topology
load, causes corruption in other cases. Instead of being overeager with
checking topology, assume that it is properly formatted and just
duplicate strings.

Reported-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Closes: https://lore.kernel.org/linux-sound/171812236450.201359.3019210915105428447.b4-ty@kernel.org/T/#m8c4bd5abf453960fde6f826c4b7f84881da63e9d
Suggested-by: Péter Ujfalusi <peter.ujfalusi@linux.intel.com>
Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@linux.intel.com>
Link: https://lore.kernel.org/r/20240613090126.841189-1-amadeuszx.slawinski@linux.intel.com
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 sound/soc/soc-topology.c | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c
index 52752e0a5dc27..27aba69894b17 100644
--- a/sound/soc/soc-topology.c
+++ b/sound/soc/soc-topology.c
@@ -1052,21 +1052,15 @@ static int soc_tplg_dapm_graph_elems_load(struct soc_tplg *tplg,
 			break;
 		}
 
-		route->source = devm_kmemdup(tplg->dev, elem->source,
-					     min(strlen(elem->source), maxlen),
-					     GFP_KERNEL);
-		route->sink = devm_kmemdup(tplg->dev, elem->sink,
-					   min(strlen(elem->sink), maxlen),
-					   GFP_KERNEL);
+		route->source = devm_kstrdup(tplg->dev, elem->source, GFP_KERNEL);
+		route->sink = devm_kstrdup(tplg->dev, elem->sink, GFP_KERNEL);
 		if (!route->source || !route->sink) {
 			ret = -ENOMEM;
 			break;
 		}
 
 		if (strnlen(elem->control, maxlen) != 0) {
-			route->control = devm_kmemdup(tplg->dev, elem->control,
-						      min(strlen(elem->control), maxlen),
-						      GFP_KERNEL);
+			route->control = devm_kstrdup(tplg->dev, elem->control, GFP_KERNEL);
 			if (!route->control) {
 				ret = -ENOMEM;
 				break;
-- 
2.43.0