[alsa-devel] [PATCH 2/2] ALSA: seq: More protection for concurrent write and ioctl races
Nicolai Stange
nstange at suse.de
Thu Mar 8 11:38:30 CET 2018
Takashi Iwai <tiwai at suse.de> writes:
> This patch is an attempt for further hardening against races between
> the concurrent write and ioctls. The previous fix d15d662e89fc
> ("ALSA: seq: Fix racy pool initializations") covered the race of the
> pool initialization at writer and the pool resize ioctl by the
> client->ioctl_mutex (CVE-2018-1000004). However, basically this mutex
> should be applied more widely to the whole write operation for
> avoiding the unexpected pool operations by another thread.
>
> The only change outside snd_seq_write() is the additional mutex
> argument to helper functions, so that we can unlock / relock the given
> mutex temporarily during schedule() call for blocking write.
>
> Fixes: d15d662e89fc ("ALSA: seq: Fix racy pool initializations")
> Reported-by: 范龙飞 <long7573 at 126.com>
> Reported-by: Nicolai Stange <nstange at suse.de>
> Cc: <stable at vger.kernel.org>
> Signed-off-by: Takashi Iwai <tiwai at suse.de>
> ---
Reviewed-and-tested-by: Nicolai Stange <nstange at suse.de>
--
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
HRB 21284 (AG Nürnberg)
More information about the Alsa-devel
mailing list