19 Aug
2018
19 Aug
'18
8:09 a.m.
On Fri, 17 Aug 2018 05:12:27 +0200, Hsin-Yu Chao wrote:
When seccomp policy is applied to filter ioctl syscall with SNDRV_CTL_IOCTL_TLV_COMMAND, SNDRV_CTL_IOCTL_TLV_READ and SNDRV_CTL_IOCTL_TLV_WRITE in whiltelist, alsa-lib still breaks in at snd_ctl_hw_elem_tlv().
The problem behind is because ioctl() takes unsigned long cmd argument, and the signed bit of local int variable could cause 0xff bytes appended after casted to unsigned long. In kernel, seccomp data struct takes 64 bits argument to check against seccomp rules, these unexpected 0xff bytes could make the rule check fail.
Fix the problem by passing unsigned int to ioctl.
Signed-off-by: Hsin-Yu Chao hychao@chromium.org
Thanks, applied now.
Takashi