1. 09 Jun, 2017 23 commits
  2. 08 Jun, 2017 9 commits
  3. 07 Jun, 2017 8 commits
    • Takashi Sakamoto's avatar
      ALSA: pcm: obsolete RULES_DEBUG local macro · c6706de0
      Takashi Sakamoto authored
      Added tracepoints obsoleted RULES_DEBUG local macro and relevant codes.
      Signed-off-by: default avatarTakashi Sakamoto <o-takashi@sakamocchi.jp>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      c6706de0
    • Takashi Sakamoto's avatar
      ALSA: pcm: enable parameter tracepoints only when CONFIG_SND_DEBUG is enabled · 37567c55
      Takashi Sakamoto authored
      In a previous commit, tracepoints are added for PCM parameter processing.
      As long as I know, this implementation increases size of relocatable
      object by 35%. For vendors who are conscious of memory footprint, it
      brings apparent disadvantage.
      
      This commit utilizes CONFIG_SND_DEBUG configuration to enable/disable the
      tracepoints.
      Signed-off-by: default avatarTakashi Sakamoto <o-takashi@sakamocchi.jp>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      37567c55
    • Takashi Sakamoto's avatar
      ALSA: pcm: tracepoints for refining PCM parameters · be4e31da
      Takashi Sakamoto authored
      When working for devices which support configurable modes for its data
      transmission or which consists of several components, developers are
      likely to use rules of parameters of PCM substream. However, there's no
      infrastructure to assist their work.
      
      In old days, ALSA PCM core got a local 'RULES_DEBUG' macro to debug
      refinement of parameters for PCM substream. Although this is merely a
      makeshift. With some modifications, we get the infrastructure.
      
      This commit is for the purpose. Refinement of mask/interval type of
      PCM parameters is probed as tracepoint events as 'hw_mask_param' and
      'hw_interval_param' on existent 'snd_pcm' subsystem.
      Signed-off-by: default avatarTakashi Sakamoto <o-takashi@sakamocchi.jp>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      be4e31da
    • Takashi Iwai's avatar
      ALSA: timer: Wrap with spinlock for queue access · d7f910bf
      Takashi Iwai authored
      For accessing the snd_timer_user queue indices, we take tu->qlock.
      But it's forgotten in a couple of places.
      
      The one in snd_timer_user_params() should be safe without the
      spinlock as the timer is already stopped.  But it's better for
      consistency.
      
      The one in poll is just a read-out, so it's not inevitably needed, but
      it'd be good to make the result consistent, too.
      Tested-by: default avatarAlexander Potapenko <glider@google.com>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      d7f910bf
    • Takashi Iwai's avatar
      ALSA: timer: Improve user queue reallocation · 890e2cb5
      Takashi Iwai authored
      ALSA timer may reallocate the user queue upon request, and it happens
      at three places for now: at opening, at SNDRV_TIMER_IOCTL_PARAMS, and
      at SNDRV_TIMER_IOCTL_SELECT.  However, the last one,
      snd_timer_user_tselect(), doesn't need to reallocate the buffer since
      it doesn't change the queue size.  It does just because tu->tread
      might have been changed before starting the timer.
      
      Instead of *_SELECT ioctl, we should reallocate the queue at
      SNDRV_TIMER_IOCTL_TREAD; then the timer is guaranteed to be stopped,
      thus we can reassign the buffer more safely.
      
      This patch implements that with a slight code refactoring.
      Essentially, the patch achieves:
      - Introduce realloc_user_queue() for (re-)allocating the ring buffer,
        and call it from all places.  Also, realloc_user_queue() uses
        kcalloc() for avoiding possible leaks.
      - Add the buffer reallocation at SNDRV_TIMER_IOCTL_TREAD.  When it
        fails, tu->tread is restored to the old value, too.
      - Drop the buffer reallocation at snd_timer_user_tselect().
      Tested-by: default avatarAlexander Potapenko <glider@google.com>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      890e2cb5
    • Takashi Iwai's avatar
      Merge branch 'for-linus' into for-next · 4c7aba46
      Takashi Iwai authored
      For applying more ALSA timer cleanups.
      4c7aba46
    • Takashi Iwai's avatar
      ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT · ba3021b2
      Takashi Iwai authored
      snd_timer_user_tselect() reallocates the queue buffer dynamically, but
      it forgot to reset its indices.  Since the read may happen
      concurrently with ioctl and snd_timer_user_tselect() allocates the
      buffer via kmalloc(), this may lead to the leak of uninitialized
      kernel-space data, as spotted via KMSAN:
      
        BUG: KMSAN: use of unitialized memory in snd_timer_user_read+0x6c4/0xa10
        CPU: 0 PID: 1037 Comm: probe Not tainted 4.11.0-rc5+ #2739
        Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
        Call Trace:
         __dump_stack lib/dump_stack.c:16
         dump_stack+0x143/0x1b0 lib/dump_stack.c:52
         kmsan_report+0x12a/0x180 mm/kmsan/kmsan.c:1007
         kmsan_check_memory+0xc2/0x140 mm/kmsan/kmsan.c:1086
         copy_to_user ./arch/x86/include/asm/uaccess.h:725
         snd_timer_user_read+0x6c4/0xa10 sound/core/timer.c:2004
         do_loop_readv_writev fs/read_write.c:716
         __do_readv_writev+0x94c/0x1380 fs/read_write.c:864
         do_readv_writev fs/read_write.c:894
         vfs_readv fs/read_write.c:908
         do_readv+0x52a/0x5d0 fs/read_write.c:934
         SYSC_readv+0xb6/0xd0 fs/read_write.c:1021
         SyS_readv+0x87/0xb0 fs/read_write.c:1018
      
      This patch adds the missing reset of queue indices.  Together with the
      previous fix for the ioctl/read race, we cover the whole problem.
      Reported-by: default avatarAlexander Potapenko <glider@google.com>
      Tested-by: default avatarAlexander Potapenko <glider@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      ba3021b2
    • Takashi Iwai's avatar
      ALSA: timer: Fix race between read and ioctl · d11662f4
      Takashi Iwai authored
      The read from ALSA timer device, the function snd_timer_user_tread(),
      may access to an uninitialized struct snd_timer_user fields when the
      read is concurrently performed while the ioctl like
      snd_timer_user_tselect() is invoked.  We have already fixed the races
      among ioctls via a mutex, but we seem to have forgotten the race
      between read vs ioctl.
      
      This patch simply applies (more exactly extends the already applied
      range of) tu->ioctl_lock in snd_timer_user_tread() for closing the
      race window.
      Reported-by: default avatarAlexander Potapenko <glider@google.com>
      Tested-by: default avatarAlexander Potapenko <glider@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      d11662f4