[alsa-devel] what's the kernel policy WRT firmware parsing security?
Jaroslav Kysela
perex at perex.cz
Sun Oct 6 16:10:28 CEST 2019
Dne 06. 10. 19 v 12:47 Guennadi Liakhovetski napsal(a):
> Hi,
>
> I decided to have a look at whether the ALSA topology parsing is bullet
> proof against malformed topology files. It seems not quite to be the case.
> At least I seem to have found a possibility of crashing the kernel by a
> malformed topology file. I haven't tested it, so, maybe I'm wrong.
>
> In principle, firmware files can only be written by root, and if you have
> root access to the system, it's anyway doomed. Is this the approach and
> we aren't really trying to make topology parsing 100% safe, or do we want
> to fix any such possible parsing issues?
The kernel should not crash. Dot. If you found a serious issue, please,
report it or better, send the fix.
Thanks,
Jaroslav
--
Jaroslav Kysela <perex at perex.cz>
Linux Sound Maintainer; ALSA Project; Red Hat, Inc.
More information about the Alsa-devel
mailing list