- 15 Jan, 2019 4 commits
-
-
Silvio Cesare authored
Change snprintf to scnprintf. There are generally two cases where using snprintf causes problems. 1) Uses of size += snprintf(buf, SIZE - size, fmt, ...) In this case, if snprintf would have written more characters than what the buffer size (SIZE) is, then size will end up larger than SIZE. In later uses of snprintf, SIZE - size will result in a negative number, leading to problems. Note that size might already be too large by using size = snprintf before the code reaches a case of size += snprintf. 2) If size is ultimately used as a length parameter for a copy back to user space, then it will potentially allow for a buffer overflow and information disclosure when size is greater than SIZE. When the size is used to index the buffer directly, we can have memory corruption. This also means when size = snprintf... is used, it may also cause problems since size may become large. Copying to userspace is mitigated by the HARDENED_USERCOPY kernel configuration. The solution to these issues is to use scnprintf which returns the number of characters actually written to the buffer, so the size variable will never exceed SIZE. Signed-off-by:
Silvio Cesare <silvio.cesare@gmail.com> Cc: Liam Girdwood <lgirdwood@gmail.com> Cc: Mark Brown <broonie@kernel.org> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: Kees Cook <keescook@chromium.org> Cc: Will Deacon <will.deacon@arm.com> Cc: Greg KH <greg@kroah.com> Signed-off-by:
Willy Tarreau <w@1wt.eu> Signed-off-by:
Mark Brown <broonie@kernel.org>
-
Shuming Fan authored
Fix typo which causes headphone no sound while using BCLK as PLL source. Signed-off-by:
Shuming Fan <shumingf@realtek.com> Signed-off-by:
-
Matthias Reichl authored
cpu and platform are optional components in DAI links. For example codec-codec links usually have no platform set. Call snd_soc_find_component only if the name or of_node of a cpu or platform is set. Otherwise it will return NULL and soc_init_dai_link bails out immediately with -EPROBE_DEFER, meaning registering a card with NULL cpu or platform in DAI links can never succeed. Fixes: 8780cf11 ("ASoC: soc-core: defer card probe until all component is added to list") Signed-off-by:
Matthias Reichl <hias@horus.com> Signed-off-by:
-
Mark Brown authored
There are some use cases where you're checking for a lot of things on a card and it makes sense that you might end up trying to call snd_soc_find_component() without either a name or an of_node. Currently in that case we try to dereference the name and crash but it's more useful to allow the caller to just treat that as a case where we don't find anything, that error handling will already exist. Inspired by a patch from Ajit Pandey fixing some callers. Fixes: 8780cf11 ("ASoC: soc-core: defer card probe until all component is added to list") Reported-by:
Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com> Signed-off-by:
-
- 14 Jan, 2019 1 commit
-
-
Curtis Malainey authored
snd_soc_init_platform initializes pointers to snd_soc_dai_link which is statically allocated and it does this by devm_kzalloc. In the event of an EPROBE_DEFER the memory will be freed and the pointers are left dangling. snd_soc_init_platform sees the dangling pointers and assumes they are pointing to initialized memory and does not reallocate them on the second probe attempt which results in a use after free bug since devm has freed the memory from the first probe attempt. Since the intention for snd_soc_dai_link->platform is that it can be set statically by the machine driver we need to respect the pointer in the event we did not set it but still catch dangling pointers. The solution is to add a flag to track whether the pointer was dynamically allocated or not. Signed-off-by:
Curtis Malainey <cujomalainey@chromium.org> Signed-off-by:
-
- 10 Jan, 2019 1 commit
-
-
Rohit kumar authored
soc_init_dai_link() calls soc_find_component() which needs to be within client_mutex lock. Add client_mutex lock around soc_init_dai_link() in snd_soc_register_card() to avoid lockdep warning. Fixes: 8780cf11 ("ASoC: soc-core: defer card probe until all component is added to list") Reported-by:
Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Signed-off-by:
Rohit kumar <rohitkr@codeaurora.org> Signed-off-by:
Ajit Pandey <ajitp@codeaurora.org> Signed-off-by:
-
- 09 Jan, 2019 2 commits
-
-
Mac Chiang authored
move the codec PLL to rt5682_codec_init, because codec only need to config the clock source/PLL once. As the result, remove the platform_clock_controls since no need to control clock anymore. Signed-off-by:
Mac Chiang <mac.chiang@intel.com> Acked-by:
-
Ajit Pandey authored
DAI component probe is not called if it is not present in component list during sound card registration. Check if component is available in component list for platform and cpu dai before soundcard registration. Signed-off-by:
-
- 07 Jan, 2019 2 commits
-
-
Kangjie Lu authored
snd_pcm_lib_malloc_pages() may fail, so let's check its status and return its error code upstream. Signed-off-by:
Kangjie Lu <kjlu@umn.edu> Acked-by:
-
b-ak authored
During the bootup of the kernel, the DAPM bias level is in the OFF state. As soon as the DAPM framework kicks in it pushes the codec into STANDBY state. The probe function doesn't prepare the clock, and STANDBY state does a clk_disable_unprepare() without checking the previous state. This leads to an OOPS. Not transitioning from an OFF state to the STANDBY state fixes the problem. Signed-off-by:
b-ak <anur.bhargav@gmail.com> Signed-off-by:
-
- 04 Jan, 2019 2 commits
-
-
Peter Ujfalusi authored
McASP can loose it's context when runtime_pm is disabled. Save and restore the context when suspending and resuming the device. Signed-off-by:
Peter Ujfalusi <peter.ujfalusi@ti.com> Signed-off-by:
-
Yizhuo authored
Inside function rt274_i2c_probe(), if regmap_read() function returns -EINVAL, then local variable "val" leaves uninitialized but used in if statement. This is potentially unsafe. Signed-off-by:
Yizhuo <yzhai003@ucr.edu> Signed-off-by:
-
- 03 Jan, 2019 12 commits
-
-
Shuming Fan authored
The ADC mixer setting needs to restore to default value after calibration. Signed-off-by:
-
Sinan Kaya authored
After 'commit 5d32a665 ("PCI/ACPI: Allow ACPI to be built without CONFIG_PCI set")' dependencies on CONFIG_PCI that previously were satisfied implicitly through dependencies on CONFIG_ACPI have to be specified directly. This code relies on IOSF_MBI and IOSF_MBI depends on PCI. For this reason, add a direct dependency on CONFIG_PCI to the IOSF_MBI driver. Fixes: 5d32a665 ("PCI/ACPI: Allow ACPI to be built without CONFIG_PCI set") Signed-off-by:
Sinan Kaya <okaya@kernel.org> Acked-by:
-
Dan Carpenter authored
The problem is seen in the q6asm_dai_compr_set_params() function: ret = q6asm_map_memory_regions(dir, prtd->audio_client, prtd->phys, (prtd->pcm_size / prtd->periods), ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ prtd->periods); In this code prtd->pcm_size is the buffer_size and prtd->periods comes from params->buffer.fragments. If we allow the number of fragments to be zero then it results in a divide by zero bug. One possible fix would be to use prtd->pcm_count directly instead of using the division to re-calculate it. But I decided that it doesn't really make sense to allow zero fragments. Signed-off-by:Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
-
Dan Carpenter authored
We can't return directly if snd_dma_alloc_pages() fails; we first need to free prtd->audio_client and prtd. Fixes: 22930c79 ("ASoC: qdsp6: q6asm-dai: Add support to compress offload") Signed-off-by:
-
Dan Carpenter authored
The q6asm_audio_client_alloc() doesn't return NULL, it returns error pointers. Fixes: 22930c79 ("ASoC: qdsp6: q6asm-dai: Add support to compress offload") Signed-off-by:
-
Dan Carpenter authored
The q6asm_fe_dais[] array has MAX_SESSIONS (8) elements so the > comparison should be >= or we access one element beyond the end of the array. Fixes: 22930c79 ("ASoC: qdsp6: q6asm-dai: Add support to compress offload") Signed-off-by:
-
Dan Carpenter authored
We accidentally call mutex_unlock(&pcm512x->mutex); twice in a row. I re-wrote the error handling to use "goto unlock;" instead of returning directly. Hopefully, it makes the code a little simpler. Fixes: 3500f1c5 ("ASoC: pcm512x: Implement the digital_mute interface") Signed-off-by:
Dimitris Papavasiliou <dpapavas@gmail.com> Signed-off-by:
-
Maruthi Srinivas Bayyavarapu authored
Changed License header from C to C++ style comment block. Signed-off-by:
Maruthi Srinivas Bayyavarapu <maruthi.srinivas.bayyavarapu@xilinx.com> Signed-off-by:
-
Rander Wang authored
For some reason this field was set to zero when all other drivers use .dynamic = 1 for front-ends. This change was tested on Dell XPS13 and has no impact with the existing legacy driver. The SOF driver also works with this change which enables it to override the fixed topology. Signed-off-by:
Rander Wang <rander.wang@linux.intel.com> Acked-by:
-
Geert Uytterhoeven authored
Fixes: 33f8db9a ("ASoC: xlnx: enable i2s driver build") Signed-off-by:
Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by:
-
Dan Carpenter authored
The intent was to print the address as a hexadecimal but there is an extra "u" in the "0x%08ulx" format specification so it is displayed as decimal. Fixes: aef3b06a ("[ALSA] SH7760 ASoC support") Signed-off-by:
-
Rohit kumar authored
Headset codec is connected over PRIMARY_MI2S interface. Call set_jack for codec associated with Primary Mi2s interface. Also, set_jack to NULL when jack is freed. Signed-off-by:
-
- 18 Dec, 2018 11 commits
-
-
Mark Brown authored
-
Mark Brown authored
-
Peter Ujfalusi authored
We no longer have these options used anywhere. Signed-off-by:
Tony Lindgren <tony@atomide.com> Signed-off-by:
-
Peter Ujfalusi authored
Use the new options for default audio support. Signed-off-by:
-
Peter Ujfalusi authored
No audio support is enabled by default via ASoC, disable the code as well. Signed-off-by:
-
Peter Ujfalusi authored
Use the new options for default audio support and enable Nokia n900 audio as well. Signed-off-by:
-
Peter Ujfalusi authored
The codec selection config options for DMA365 has been changed. Signed-off-by:
-
Peter Ujfalusi authored
The MCBSP config option has been changed. Signed-off-by:
-
Peter Ujfalusi authored
The MCBSP config option has been changed. Signed-off-by:
-
Peter Ujfalusi authored
The sound/soc/davinci and omap directories are merged under sound/soc/ti. Add myself as maintainer and update the OMAP audio support section with the new path and file names. Signed-off-by:
-
Peter Ujfalusi authored
Create new directory to contain all Texas Instruments specific DAI, platform and machine drivers instead of scattering them under davinci and omap directories. There is already inter dependency between the two directories becasue of McASP (on dra7x it is serviced by sDMA, not EDMA). With the upcoming AM654 we will need to introduce new platform driver for UDMA and it does not fit under davinci, nor under omap. With the move I have restructured the Kconfig to be more usable in the era of simple-sound-card: CPU DAIs can be selected individually and they will select the platform driver they can be served with. To avoid breakage, I have moved over deprecated Kconfig options so defconfig builds will work without regression. Signed-off-by:
Jarkko Nikula <jarkko.nikula@bitmer.com> Acked-by:
-
- 16 Dec, 2018 1 commit
-
-
Linus Torvalds authored
-
- 14 Dec, 2018 4 commits
-
-
Linus Torvalds authored
Merge misc fixes from Andrew Morton: "11 fixes" * emailed patches from Andrew Morton <akpm@linux-foundation.org>: scripts/spdxcheck.py: always open files in binary mode checkstack.pl: fix for aarch64 userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered fs/iomap.c: get/put the page in iomap_page_create/release() hugetlbfs: call VM_BUG_ON_PAGE earlier in free_huge_page() memblock: annotate memblock_is_reserved() with __init_memblock psi: fix reference to kernel commandline enable arch/sh/include/asm/io.h: provide prototypes for PCI I/O mapping in asm/io.h mm/sparse: add common helper to mark all memblocks present mm: introduce common STRUCT_PAGE_MAX_SHIFT define alpha: fix hang caused by the bootmem removal
-
Thierry Reding authored
The spdxcheck script currently falls over when confronted with a binary file (such as Documentation/logo.gif). To avoid that, always open files in binary mode and decode line-by-line, ignoring encoding errors. One tricky case is when piping data into the script and reading it from standard input. By default, standard input will be opened in text mode, so we need to reopen it in binary mode. The breakage only happens with python3 and results in a UnicodeDecodeError (according to Uwe). Link: http://lkml.kernel.org/r/20181212131210.28024-1-thierry.reding@gmail.com Fixes: 6f4d29df ("scripts/spdxcheck.py: make python3 compliant") Signed-off-by:
Thierry Reding <treding@nvidia.com> Reviewed-by:
Jeremy Cline <jcline@redhat.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Joe Perches <joe@perches.com> Cc: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Cc: <stable@vger.kernel.org> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Qian Cai authored
There is actually a space after "sp," like this, ffff2000080813c8: a9bb7bfd stp x29, x30, [sp, #-80]! Right now, checkstack.pl isn't able to print anything on aarch64, because it won't be able to match the stating objdump line of a function due to this missing space. Hence, it displays every stack as zero-size. After this patch, checkpatch.pl is able to match the start of a function's objdump, and is then able to calculate each function's stack correctly. Link: http://lkml.kernel.org/r/20181207195843.38528-1-cai@lca.pwSigned-off-by:Qian Cai <cai@lca.pw> Signed-off-by:
-
Andrea Arcangeli authored
Calling UFFDIO_UNREGISTER on virtual ranges not yet registered in uffd could trigger an harmless false positive WARN_ON. Check the vma is already registered before checking VM_MAYWRITE to shut off the false positive warning. Link: http://lkml.kernel.org/r/20181206212028.18726-2-aarcange@redhat.com Cc: <stable@vger.kernel.org> Fixes: 29ec9066 ("userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas") Signed-off-by:
Andrea Arcangeli <aarcange@redhat.com> Reported-by: syzbot+06c7092e7d71218a2c16@syzkaller.appspotmail.com Acked-by:
Mike Rapoport <rppt@linux.ibm.com> Acked-by:
Hugh Dickins <hughd@google.com> Acked-by:
Peter Xu <peterx@redhat.com> Signed-off-by:
-
