tmp_suning_uos_patched

History

Takashi Iwai bd7d88b087 ALSA: seq: Fix race of snd_seq_timer_open() commit 83e197a8414c0ba545e7e3916ce05f836f349273 upstream. The timer instance per queue is exclusive, and snd_seq_timer_open() should have managed the concurrent accesses. It looks as if it's checking the already existing timer instance at the beginning, but it's not right, because there is no protection, hence any later concurrent call of snd_seq_timer_open() may override the timer instance easily. This may result in UAF, as the leftover timer instance can keep running while the queue itself gets closed, as spotted by syzkaller recently. For avoiding the race, add a proper check at the assignment of tmr->timeri again, and return -EBUSY if it's been already registered. Reported-by: syzbot+ddc1260a83ed1cbf6fb5@syzkaller.appspotmail.com Cc: <stable@vger.kernel.org> Link: https://lore.kernel.org/r/000000000000dce34f05c42f110c@google.com Link: https://lore.kernel.org/r/20210610152059.24633-1-tiwai@suse.de Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2021-06-16 12:01:38 +02:00
..
oss	ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info()	2021-01-27 11:54:51 +01:00
Kconfig	treewide: Add SPDX license identifier - Makefile/Kconfig	2019-05-21 10:50:46 +02:00
Makefile	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
seq_clientmgr.c	ALSA: seq: Fix concurrent access to queue current tick/time	2020-02-14 15:53:09 +01:00
seq_clientmgr.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_compat.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_dummy.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_fifo.c	ALSA: seq: Fix potential concurrent access to the deleted pool	2019-08-25 09:31:10 +02:00
seq_fifo.h	ALSA: seq: Fix potential concurrent access to the deleted pool	2019-08-25 09:31:10 +02:00
seq_info.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_info.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_lock.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_lock.h	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
seq_memory.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_memory.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_midi_emul.c	ALSA: Use fallthrough pseudo-keyword	2020-07-09 13:01:29 +02:00
seq_midi_event.c	ALSA: seq: More constifications	2020-01-05 16:14:29 +01:00
seq_midi.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_ports.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_ports.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_prioq.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_prioq.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_queue.c	ALSA: seq: Fix concurrent access to queue current tick/time	2020-02-14 15:53:09 +01:00
seq_queue.h	ALSA: seq: Use bool for snd_seq_queue internal flags	2021-01-06 14:56:52 +01:00
seq_system.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_system.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00
seq_timer.c	ALSA: seq: Fix race of snd_seq_timer_open()	2021-06-16 12:01:38 +02:00
seq_timer.h	ALSA: seq: Fix concurrent access to queue current tick/time	2020-02-14 15:53:09 +01:00
seq_virmidi.c	ALSA: seq: virmidi: Fix running status after receiving sysex	2020-03-16 10:06:22 +01:00
seq.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156	2019-05-30 11:26:35 -07:00