[alsa-devel] what's the kernel policy WRT firmware parsing security?
Guennadi Liakhovetski
guennadi.liakhovetski at linux.intel.com
Sun Oct 6 12:47:15 CEST 2019
Hi,
I decided to have a look at whether the ALSA topology parsing is bullet
proof against malformed topology files. It seems not quite to be the case.
At least I seem to have found a possibility of crashing the kernel by a
malformed topology file. I haven't tested it, so, maybe I'm wrong.
In principle, firmware files can only be written by root, and if you have
root access to the system, it's anyway doomed. Is this the approach and
we aren't really trying to make topology parsing 100% safe, or do we want
to fix any such possible parsing issues?
Thanks
Guennadi
More information about the Alsa-devel
mailing list