ALSA: seq: More protection for concurrent write and ioctl races (7bd80091) · Commits · Cristian Ciocaltea / Linux Next

Commit 7bd80091 authored 7 years ago by Takashi Iwai

ALSA: seq: More protection for concurrent write and ioctl races


This patch is an attempt for further hardening against races between
the concurrent write and ioctls.  The previous fix d15d662e
("ALSA: seq: Fix racy pool initializations") covered the race of the
pool initialization at writer and the pool resize ioctl by the
client->ioctl_mutex (CVE-2018-1000004).  However, basically this mutex
should be applied more widely to the whole write operation for
avoiding the unexpected pool operations by another thread.

The only change outside snd_seq_write() is the additional mutex
argument to helper functions, so that we can unlock / relock the given
mutex temporarily during schedule() call for blocking write.

Fixes: d15d662e ("ALSA: seq: Fix racy pool initializations")
Reported-by: 范龙飞 <long7573@126.com>
Reported-by: Nicolai Stange <nstange@suse.de>
Reviewed-and-tested-by: Nicolai Stange <nstange@suse.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

parent d8573936

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 24 additions and 13 deletions

Please register or to comment