Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
can't handle it. Fixed commit is not where bug was introduced, but
changes the context significantly.
Cc: [email protected]
Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
Signed-off-by: Michał Mirosław <[email protected]>
---
sound/core/pcm_native.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
index aef860256278..3ad399cb6f30 100644
--- a/sound/core/pcm_native.c
+++ b/sound/core/pcm_native.c
@@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
}
pcm_file = f.file->private_data;
substream1 = pcm_file->substream;
+
+ if (substream == substream1) {
+ res = -EDEADLK;
+ goto _badf;
+ }
+
group = kzalloc(sizeof(*group), GFP_KERNEL);
if (!group) {
res = -ENOMEM;
--
2.20.1
On Mon, 08 Jun 2020 12:06:32 +0200,
Michał Mirosław wrote:
>
> Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
> can't handle it. Fixed commit is not where bug was introduced, but
> changes the context significantly.
>
> Cc: [email protected]
> Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
> Signed-off-by: Michał Mirosław <[email protected]>
Thanks for the fix. Just a minor point:
> @@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
> }
> pcm_file = f.file->private_data;
> substream1 = pcm_file->substream;
> +
> + if (substream == substream1) {
> + res = -EDEADLK;
We've never used this error code, hence it may confuse the user-space
side. I'd use a more standard -EINVAL instead; the error is basically
an invalid argument, after all.
thanks,
Takashi
Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
can't handle it. Fixed commit is not where bug was introduced, but
changes the context significantly.
Cc: [email protected]
Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
Signed-off-by: Michał Mirosław <[email protected]>
---
v2: EDEADLK -> EINVAL
---
sound/core/pcm_native.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
index aef860256278..434e7b604bad 100644
--- a/sound/core/pcm_native.c
+++ b/sound/core/pcm_native.c
@@ -2166,6 +2166,12 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd)
}
pcm_file = f.file->private_data;
substream1 = pcm_file->substream;
+
+ if (substream == substream1) {
+ res = -EINVAL;
+ goto _badf;
+ }
+
group = kzalloc(sizeof(*group), GFP_KERNEL);
if (!group) {
res = -ENOMEM;
--
2.20.1
On Mon, 08 Jun 2020 18:50:39 +0200,
Michał Mirosław wrote:
>
> Prevent SNDRV_PCM_IOCTL_LINK linking stream to itself - the code
> can't handle it. Fixed commit is not where bug was introduced, but
> changes the context significantly.
>
> Cc: [email protected]
> Fixes: 0888c321de70 ("pcm_native: switch to fdget()/fdput()")
> Signed-off-by: Michał Mirosław <[email protected]>
> ---
> v2: EDEADLK -> EINVAL
Applied now. Thanks!
Takashi