[alsa-devel] [RFC PATCH v2] ASoC: dpcm: prevent snd_soc_dpcm use after free
Mark Brown
broonie at kernel.org
Wed Mar 6 18:09:44 CET 2019
On Wed, Mar 06, 2019 at 10:19:38AM +0100, Jaroslav Kysela wrote:
> Dne 06. 03. 19 v 9:46 KaiChieh Chuang napsal(a):
> > + spin_lock(&fe->card->dpcm_lock);
> > list_del(&dpcm->list_be);
> > list_del(&dpcm->list_fe);
> > kfree(dpcm);
> > + spin_unlock(&fe->card->dpcm_lock);
> The unlock might be moved before kfree(). Also, I don't see the
> list_add() spin lock protection in your patch.
Yes, the free *needs* to be outside of the spinlocked section - we
shouldn't do dynamic memory operations in atomics context.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://mailman.alsa-project.org/pipermail/alsa-devel/attachments/20190306/c1cf69a9/attachment.sig>
More information about the Alsa-devel
mailing list