| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Dec 2020 18:07:07 +0100
From: Ricardo Ribalda <ribalda@...omium.org>
To: "Gorski, Mateusz" <mateusz.gorski@...ux.intel.com>
Cc: Cezary Rojewski <cezary.rojewski@...el.com>,
Pierre-Louis Bossart <pierre-louis.bossart@...ux.intel.com>,
Liam Girdwood <liam.r.girdwood@...ux.intel.com>,
Jie Yang <yang.jie@...ux.intel.com>,
Mark Brown <broonie@...nel.org>,
Jaroslav Kysela <perex@...ex.cz>,
Takashi Iwai <tiwai@...e.com>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
alsa-devel@...a-project.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] ASoC: Intel: Skylake: skl-topology: Fix OOPs ib skl_tplg_complete
Hi Mateusz
On Mon, Dec 14, 2020 at 6:07 PM Gorski, Mateusz
<mateusz.gorski@...ux.intel.com> wrote:
>
>
> > If dobj->control is not initialized we end up in an OOPs during
> > skl_tplg_complete:
> >
> > [ 26.553358] BUG: kernel NULL pointer dereference, address:
> > 0000000000000078
> > [ 26.561151] #PF: supervisor read access in kernel mode
> > [ 26.566897] #PF: error_code(0x0000) - not-present page
> > [ 26.572642] PGD 0 P4D 0
> > [ 26.575479] Oops: 0000 [#1] PREEMPT SMP PTI
> > [ 26.580158] CPU: 2 PID: 2082 Comm: udevd Tainted: G C
> > 5.4.81 #4
> > [ 26.588232] Hardware name: HP Soraka/Soraka, BIOS
> > Google_Soraka.10431.106.0 12/03/2019
> > [ 26.597082] RIP: 0010:skl_tplg_complete+0x70/0x144 [snd_soc_skl]
> >
> > Fixes: 2d744ecf2b98 ("ASoC: Intel: Skylake: Automatic DMIC format configuration according to information from NHL")
> > Signed-off-by: Ricardo Ribalda <ribalda@...omium.org>
> > ---
> > sound/soc/intel/skylake/skl-topology.c | 15 ++++++++-------
> > 1 file changed, 8 insertions(+), 7 deletions(-)
> >
> > diff --git a/sound/soc/intel/skylake/skl-topology.c b/sound/soc/intel/skylake/skl-topology.c
> > index 40bee10b0c65..0955cbb4e918 100644
> > --- a/sound/soc/intel/skylake/skl-topology.c
> > +++ b/sound/soc/intel/skylake/skl-topology.c
> > @@ -3619,19 +3619,20 @@ static void skl_tplg_complete(struct snd_soc_component *component)
> >
> > list_for_each_entry(dobj, &component->dobj_list, list) {
> > struct snd_kcontrol *kcontrol = dobj->control.kcontrol;
> > - struct soc_enum *se =
> > - (struct soc_enum *)kcontrol->private_value;
> > - char **texts = dobj->control.dtexts;
> > + struct soc_enum *se;
> > + char **texts;
> > char chan_text[4];
> >
> > - if (dobj->type != SND_SOC_DOBJ_ENUM ||
> > - dobj->control.kcontrol->put !=
> > - skl_tplg_multi_config_set_dmic)
> > + if (dobj->type != SND_SOC_DOBJ_ENUM || !kcontrol ||
> > + kcontrol->put != skl_tplg_multi_config_set_dmic)
> > continue;
> > +
> > + se = (struct soc_enum *)kcontrol->private_value;
> > + texts = dobj->control.dtexts;
> > sprintf(chan_text, "c%d", mach->mach_params.dmic_num);
> >
> > for (i = 0; i < se->items; i++) {
> > - struct snd_ctl_elem_value val;
> > + struct snd_ctl_elem_value val = {};
> >
> > if (strstr(texts[i], chan_text)) {
> > val.value.enumerated.item[0] = i;
>
>
> Hi Ricardo,
>
> there is another thread regarding this issue (with fix provided by
> Lukasz Majczak), you can find it here:
>
> https://www.spinics.net/lists/stable/msg431524.html
I saw it just after I sent it :(. The most embarrassing thing is that
we are working in the same project ;)
Sorry for the noise
>
>
> Thanks,
> Mateusz
>
--
Ricardo Ribalda
Powered by blists - more mailing lists