git.baikalelectronics.ru Git - kernel.git/commit

author	Curtis Malainey <cujomalainey@chromium.org>
	Fri, 11 Jan 2019 00:21:04 +0000 (16:21 -0800)
committer	Mark Brown <broonie@kernel.org>
	Mon, 14 Jan 2019 22:48:16 +0000 (22:48 +0000)
commit	bc834ed12d70602a1ee53ba49fbf65abf9762d42
tree	654dca904bfc7902802b06b64fa40030747fce82	tree \| snapshot
parent	ea541088822326699d5f4adb2f3c7a6abd6c98d1	commit \| diff

ASoC: soc-core: fix init platform memory handling

snd_soc_init_platform initializes pointers to snd_soc_dai_link which is
statically allocated and it does this by devm_kzalloc. In the event of
an EPROBE_DEFER the memory will be freed and the pointers are left
dangling. snd_soc_init_platform sees the dangling pointers and assumes
they are pointing to initialized memory and does not reallocate them on
the second probe attempt which results in a use after free bug since
devm has freed the memory from the first probe attempt.

Since the intention for snd_soc_dai_link->platform is that it can be set
statically by the machine driver we need to respect the pointer in the
event we did not set it but still catch dangling pointers. The solution
is to add a flag to track whether the pointer was dynamically allocated
or not.

Signed-off-by: Curtis Malainey <cujomalainey@chromium.org>
Signed-off-by: Mark Brown <broonie@kernel.org>

include/sound/soc.h		diff \| blob \| history
sound/soc/soc-core.c		diff \| blob \| history