[PATCH 2/2] ALSA: pcm: Clear the full allocated memory at hw_params

[Lars-Peter Clausen]

On 12/18/20 3:56 PM, Takashi Iwai wrote:
> The PCM hw_params core function tries to clear up the PCM buffer
> before actually using for avoiding the information leak from the
> previous usages or the usage before a new allocation.  It performs the
> memset() with runtime->dma_bytes, but this might still leave some
> remaining bytes untouched; namely, the PCM buffer size is aligned in
> page size for mmap, hence runtime->dma_bytes doesn't necessarily cover
> all PCM buffer pages, and the remaining bytes are exposed via mmap.
>
> This patch changes the memory clearance to cover the all buffer pages
> if the stream is supposed to be mmap-ready (that guarantees that the
> buffer size is aligned in page size).
>
> Signed-off-by: Takashi Iwai <tiwai at suse.de>

Reviewed-by: Lars-Peter Clausen <lars at metafoo.de>

> ---
>   sound/core/pcm_native.c | 9 +++++++--
>   1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
> index 47b155a49226..9f3f8e953ff0 100644
> --- a/sound/core/pcm_native.c
> +++ b/sound/core/pcm_native.c
> @@ -755,8 +755,13 @@ static int snd_pcm_hw_params(struct snd_pcm_substream *substream,
>   		runtime->boundary *= 2;
>   
>   	/* clear the buffer for avoiding possible kernel info leaks */
> -	if (runtime->dma_area && !substream->ops->copy_user)
> -		memset(runtime->dma_area, 0, runtime->dma_bytes);
> +	if (runtime->dma_area && !substream->ops->copy_user) {
> +		size_t size = runtime->dma_bytes;
> +
> +		if (runtime->info & SNDRV_PCM_INFO_MMAP)
> +			size = PAGE_ALIGN(size);
> +		memset(runtime->dma_area, 0, size);
> +	}
>   
>   	snd_pcm_timer_resolution_change(substream);
>   	snd_pcm_set_state(substream, SNDRV_PCM_STATE_SETUP);