iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ALSA: timer: Use deferred fasync helper

Browse Source 
For avoiding the potential deadlock via kill_fasync() call, use the
new fasync helpers to defer the invocation from PCI API.  Note that
it's merely a workaround.

Reported-by: syzbot+1ee0910eca9c94f71f25@syzkaller.appspotmail.com
Reported-by: syzbot+49b10793b867871ee26f@syzkaller.appspotmail.com
Reported-by: syzbot+8285e973a41b5aa68902@syzkaller.appspotmail.com
Link: https://lore.kernel.org/r/20220728125945.29533-3-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
This commit is contained in:
Takashi Iwai 2022-07-28 14:59:43 +02:00
parent ef34a0ae7a
commit 95cc637c1a
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
sound/core/timer.c
View File

@ -83,7 +83,7 @@ struct snd_timer_user {
unsigned int filter; unsigned int filter;
struct timespec64 tstamp; /* trigger tstamp */ struct timespec64 tstamp; /* trigger tstamp */
wait_queue_head_t qchange_sleep; wait_queue_head_t qchange_sleep;
struct fasync_struct *fasync; struct snd_fasync *fasync;
struct mutex ioctl_lock; struct mutex ioctl_lock;
}; };
@ -1345,7 +1345,7 @@ static void snd_timer_user_interrupt(struct snd_timer_instance *timeri,
} }
__wake: __wake:
spin_unlock(&tu->qlock); spin_unlock(&tu->qlock);
kill_fasync(&tu->fasync, SIGIO, POLL_IN); snd_kill_fasync(tu->fasync, SIGIO, POLL_IN);
wake_up(&tu->qchange_sleep); wake_up(&tu->qchange_sleep);
} }
@ -1383,7 +1383,7 @@ static void snd_timer_user_ccallback(struct snd_timer_instance *timeri,
spin_lock_irqsave(&tu->qlock, flags); spin_lock_irqsave(&tu->qlock, flags);
snd_timer_user_append_to_tqueue(tu, &r1); snd_timer_user_append_to_tqueue(tu, &r1);
spin_unlock_irqrestore(&tu->qlock, flags); spin_unlock_irqrestore(&tu->qlock, flags);
kill_fasync(&tu->fasync, SIGIO, POLL_IN); snd_kill_fasync(tu->fasync, SIGIO, POLL_IN);
wake_up(&tu->qchange_sleep); wake_up(&tu->qchange_sleep);
} }
@ -1453,7 +1453,7 @@ static void snd_timer_user_tinterrupt(struct snd_timer_instance *timeri,
spin_unlock(&tu->qlock); spin_unlock(&tu->qlock);
if (append == 0) if (append == 0)
return; return;
kill_fasync(&tu->fasync, SIGIO, POLL_IN); snd_kill_fasync(tu->fasync, SIGIO, POLL_IN);
wake_up(&tu->qchange_sleep); wake_up(&tu->qchange_sleep);
} }
@ -1521,6 +1521,7 @@ static int snd_timer_user_release(struct inode *inode, struct file *file)
snd_timer_instance_free(tu->timeri); snd_timer_instance_free(tu->timeri);
} }
mutex_unlock(&tu->ioctl_lock); mutex_unlock(&tu->ioctl_lock);
snd_fasync_free(tu->fasync);
kfree(tu->queue); kfree(tu->queue);
kfree(tu->tqueue); kfree(tu->tqueue);
kfree(tu); kfree(tu);
@ -2135,7 +2136,7 @@ static int snd_timer_user_fasync(int fd, struct file * file, int on)
struct snd_timer_user *tu; struct snd_timer_user *tu;
tu = file->private_data; tu = file->private_data;
return fasync_helper(fd, file, on, &tu->fasync); return snd_fasync_helper(fd, file, on, &tu->fasync);
} }
static ssize_t snd_timer_user_read(struct file *file, char __user *buffer, static ssize_t snd_timer_user_read(struct file *file, char __user *buffer,