The async signal (SIGIO) support for ALSA timer API has been never used by real applications, but yet it can be a cause of various potential deadlocks, as spotted by syzkaller. Let's drop the feature as the simplest solution.
Reported-by: syzbot+1ee0910eca9c94f71f25@syzkaller.appspotmail.com Reported-by: syzbot+49b10793b867871ee26f@syzkaller.appspotmail.com Reported-by: syzbot+8285e973a41b5aa68902@syzkaller.appspotmail.com Signed-off-by: Takashi Iwai tiwai@suse.de --- sound/core/timer.c | 13 ------------- 1 file changed, 13 deletions(-)
diff --git a/sound/core/timer.c b/sound/core/timer.c index b3214baa8919..4ac3ab2cf575 100644 --- a/sound/core/timer.c +++ b/sound/core/timer.c @@ -83,7 +83,6 @@ struct snd_timer_user { unsigned int filter; struct timespec64 tstamp; /* trigger tstamp */ wait_queue_head_t qchange_sleep; - struct fasync_struct *fasync; struct mutex ioctl_lock; };
@@ -1345,7 +1344,6 @@ static void snd_timer_user_interrupt(struct snd_timer_instance *timeri, } __wake: spin_unlock(&tu->qlock); - kill_fasync(&tu->fasync, SIGIO, POLL_IN); wake_up(&tu->qchange_sleep); }
@@ -1383,7 +1381,6 @@ static void snd_timer_user_ccallback(struct snd_timer_instance *timeri, spin_lock_irqsave(&tu->qlock, flags); snd_timer_user_append_to_tqueue(tu, &r1); spin_unlock_irqrestore(&tu->qlock, flags); - kill_fasync(&tu->fasync, SIGIO, POLL_IN); wake_up(&tu->qchange_sleep); }
@@ -1453,7 +1450,6 @@ static void snd_timer_user_tinterrupt(struct snd_timer_instance *timeri, spin_unlock(&tu->qlock); if (append == 0) return; - kill_fasync(&tu->fasync, SIGIO, POLL_IN); wake_up(&tu->qchange_sleep); }
@@ -2130,14 +2126,6 @@ static long snd_timer_user_ioctl(struct file *file, unsigned int cmd, return ret; }
-static int snd_timer_user_fasync(int fd, struct file * file, int on) -{ - struct snd_timer_user *tu; - - tu = file->private_data; - return fasync_helper(fd, file, on, &tu->fasync); -} - static ssize_t snd_timer_user_read(struct file *file, char __user *buffer, size_t count, loff_t *offset) { @@ -2280,7 +2268,6 @@ static const struct file_operations snd_timer_f_ops = .poll = snd_timer_user_poll, .unlocked_ioctl = snd_timer_user_ioctl, .compat_ioctl = snd_timer_user_ioctl_compat, - .fasync = snd_timer_user_fasync, };
/* unregister the system timer */