--- /dev/null
+From tiwai@suse.de Wed Jan 29 10:53:42 2020
+From: Takashi Iwai <tiwai@suse.de>
+Date: Wed, 29 Jan 2020 10:40:41 +0100
+Subject: ALSA: pcm: Add missing copy ops check before clearing buffer
+To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Andreas Schneider <asn@cryptomilk.org>, stable@vger.kernel.org, linux-kernel@vger.kernel.org
+Message-ID: <20200129094041.12272-1-tiwai@suse.de>
+
+From: Takashi Iwai <tiwai@suse.de>
+
+[ this is a fix specific to 4.4.y and 4.9.y stable trees;
+ 4.14.y and older already contain the right fix ]
+
+The stable 4.4.y and 4.9.y backports of the upstream commit
+add9d56d7b37 ("ALSA: pcm: Avoid possible info leaks from PCM stream
+buffers") dropped the check of substream->ops->copy_user as copy_user
+is a new member that isn't present in the older kernels.
+Although upstream drivers should work without this NULL check, it may
+cause a regression with a downstream driver that sets some
+inaccessible address to runtime->dma_area, leading to a crash at
+worst.
+
+Since such drivers must have ops->copy member on older kernels instead
+of ops->copy_user, this patch adds the missing check of ops->copy for
+fixing the regression.
+
+Reported-and-tested-by: Andreas Schneider <asn@cryptomilk.org>
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ sound/core/pcm_native.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/sound/core/pcm_native.c
++++ b/sound/core/pcm_native.c
+@@ -588,7 +588,7 @@ static int snd_pcm_hw_params(struct snd_
+ runtime->boundary *= 2;
+
+ /* clear the buffer for avoiding possible kernel info leaks */
+- if (runtime->dma_area)
++ if (runtime->dma_area && !substream->ops->copy)
+ memset(runtime->dma_area, 0, runtime->dma_bytes);
+
+ snd_pcm_timer_resolution_change(substream);
projects / thirdparty / kernel / stable-queue.git / commitdiff
