Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e41ca81e authored by paulhsia's avatar paulhsia Committed by Greg Kroah-Hartman
Browse files

ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() 



[ Upstream commit f5cdc9d4003a2f66ea57b3edd3e04acc2b1a4439 ]

If the nullity check for `substream->runtime` is outside of the lock
region, it is possible to have a null runtime in the critical section
if snd_pcm_detach_substream is called right before the lock.

Signed-off-by: default avatarpaulhsia <paulhsia@chromium.org>
Link: https://lore.kernel.org/r/20191112171715.128727-2-paulhsia@chromium.org


Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 78a917be

sound/core/pcm_lib.c

+6 −2
Original line number Diff line number Diff line
@@ -1797,11 +1797,14 @@ void snd_pcm_period_elapsed(struct snd_pcm_substream *substream) 
	struct snd_pcm_runtime *runtime;

	unsigned long flags;



	if (PCM_RUNTIME_CHECK(substream))

	if (snd_BUG_ON(!substream))

		return;

	runtime = substream->runtime;



	snd_pcm_stream_lock_irqsave(substream, flags);

	if (PCM_RUNTIME_CHECK(substream))

		goto _unlock;

	runtime = substream->runtime;



	if (!snd_pcm_running(substream) ||

	    snd_pcm_update_hw_ptr0(substream, 1) < 0)

		goto _end;
@@ -1812,6 +1815,7 @@ void snd_pcm_period_elapsed(struct snd_pcm_substream *substream) 
#endif

 _end:

	kill_fasync(&runtime->fasync, SIGIO, POLL_IN);

 _unlock:

	snd_pcm_stream_unlock_irqrestore(substream, flags);

}

EXPORT_SYMBOL(snd_pcm_period_elapsed);