[alsa-devel] [PATCH] ALSA: pcm: Avoid possible info leaks from PCM stream buffers

[Lionel Koenig]

On Wed, Dec 11, 2019 at 04:57:42PM +0100, Takashi Iwai wrote:
> The current PCM code doesn't initialize explicitly the buffers
> allocated for PCM streams, hence it might leak some uninitialized
> kernel data or previous stream contents by mmapping or reading the
> buffer before actually starting the stream.
> 
> Since this is a common problem, this patch simply adds the clearance
> of the buffer data at hw_params callback.  Although this does only
> zero-clear no matter which format is used, which doesn't mean the
> silence for some formats, but it should be OK because the intention is
> just to clear the previous data on the buffer.

I have tested this patch on the same way I tested the previous one and
didn't experience any leakage of data. 
Thanks for helping putting that together.

Kind regards,
Lionel

> 
> Reported-by: Lionel Koenig <lionel.koenig at gmail.com>
> Cc: <stable at vger.kernel.org>
> Signed-off-by: Takashi Iwai <tiwai at suse.de>
> ---
> 
> This is a revised patch of the previous one
>   20191210130219.27919-1-tiwai at suse.de
> 
>  sound/core/pcm_native.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
> index 1fe581167b7b..d083225344a0 100644
> --- a/sound/core/pcm_native.c
> +++ b/sound/core/pcm_native.c
> @@ -739,6 +739,10 @@ static int snd_pcm_hw_params(struct snd_pcm_substream *substream,
>  	while (runtime->boundary * 2 <= LONG_MAX - runtime->buffer_size)
>  		runtime->boundary *= 2;
>  
> +	/* clear the buffer for avoiding possible kernel info leaks */
> +	if (runtime->dma_area && !substream->ops->copy_user)
> +		memset(runtime->dma_area, 0, runtime->dma_bytes);
> +
>  	snd_pcm_timer_resolution_change(substream);
>  	snd_pcm_set_state(substream, SNDRV_PCM_STATE_SETUP);
>