On Wed, 16 Aug 2023 18:02:43 +0200, Takashi Iwai wrote:
Hi,
this is another set of patches to attempt papering over the UAF problems that are seen when the delayed kobject release is enabled, as initially reported by Curtis: https://lore.kernel.org/r/20230801171928.1460120-1-cujomalainey@chromium.org
There was a previous patch set with a different approach (using the device refcount dependencies), but this is a sort of step-back to the old way. https://lore.kernel.org/r/20230807135207.17708-1-tiwai@suse.de
After discussions and evaluations, we agreed that decoupling the struct device from each sound component object is the safest (and easiest) way as of now. For applying the changes more consistently, I introduced a new helper for the struct device allocation and initialization, and applied all components.
A couple of more changes for card_dev refcount managed aren't included in this patch set, though. They might be good to have, but this patch set should suffice for the currently seen UAF problems.
For a long-term solution, we may restructure the device management, then the struct devices may be embedded again in each object. But, it'll need lots of other changes and cleanups, a big TODO.
The latest patches are found in topic/dev-split branch of sound.git tree.
Takashi
===
Takashi Iwai (9): ALSA: core: Introduce snd_device_alloc() ALSA: control: Don't embed ctl_dev ALSA: pcm: Don't embed device ALSA: hwdep: Don't embed device ALSA: rawmidi: Don't embed device ALSA: compress: Don't embed device ALSA: timer: Create device with snd_device_alloc() ALSA: seq: Create device with snd_device_alloc() ALSA: core: Drop snd_device_initialize()
Although the patch set was sent as RFC, I merged them now for 6.6 with Acks, as there is no further plan to change.
thanks,
Takashi