lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 Dec 2020 11:14:43 +0100
From:   Takashi Iwai <tiwai@...e.de>
To:     Lars-Peter Clausen <lars@...afoo.de>
Cc:     Robin Gong <yibin.gong@....com>, perex@...ex.cz, tiwai@...e.com,
        akpm@...ux-foundation.org, xiang@...nel.org,
        pierre-louis.bossart@...ux.intel.com, gustavoars@...nel.org,
        shengjiu.wang@....com, alsa-devel@...a-project.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 ] ALSA: core: memalloc: add page alignment for iram

On Thu, 17 Dec 2020 10:55:42 +0100,
Takashi Iwai wrote:
> 
> On Thu, 17 Dec 2020 10:43:45 +0100,
> Lars-Peter Clausen wrote:
> > 
> > On 12/17/20 5:15 PM, Robin Gong wrote:
> > > Since mmap for userspace is based on page alignment, add page alignment
> > > for iram alloc from pool, otherwise, some good data located in the same
> > > page of dmab->area maybe touched wrongly by userspace like pulseaudio.
> > >
> > I wonder, do we also have to align size to be a multiple of PAGE_SIZE
> > to avoid leaking unrelated data?
> 
> Hm, a good question.  Basically the PCM buffer size itself shouldn't
> be influenced by that (i.e. no hw-constraint or such is needed), but
> the padding should be cleared indeed.  I somehow left those to the
> allocator side, but maybe it's safer to clear the whole buffer in
> sound/core/memalloc.c commonly.

That said, something like below (totally untested).
We might pass the pass-aligned size to dmab->bytes field instead of
keeping the original value, too.


Takashi

---
--- a/sound/core/memalloc.c
+++ b/sound/core/memalloc.c
@@ -126,6 +126,7 @@ static inline gfp_t snd_mem_get_gfp_flags(const struct device *dev,
 int snd_dma_alloc_pages(int type, struct device *device, size_t size,
 			struct snd_dma_buffer *dmab)
 {
+	size_t orig_size = size;
 	gfp_t gfp;
 
 	if (WARN_ON(!size))
@@ -133,6 +134,7 @@ int snd_dma_alloc_pages(int type, struct device *device, size_t size,
 	if (WARN_ON(!dmab))
 		return -ENXIO;
 
+	size = PAGE_ALIGN(size);
 	dmab->dev.type = type;
 	dmab->dev.dev = device;
 	dmab->bytes = 0;
@@ -177,7 +179,8 @@ int snd_dma_alloc_pages(int type, struct device *device, size_t size,
 	}
 	if (! dmab->area)
 		return -ENOMEM;
-	dmab->bytes = size;
+	memset(dmab->area, 0, size);
+	dmab->bytes = orig_size;
 	return 0;
 }
 EXPORT_SYMBOL(snd_dma_alloc_pages);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ