linux-hardened/sound/core
Arjan van de Ven 763437a9e7 ALSA: pcm - fix race condition in wait_for_avail()
wait_for_avail() in pcm_lib.c has a race in it (observed in practice by an
Intel validation group).

The function is supposed to return once space in the buffer has become
available, or if some timeout happens.  The entity that creates space (irq
handler of sound driver and some such) will do a wake up on a waitqueue
that this function registers for.

However there are two races in the existing code

1) If space became available between the caller noticing there was no
   space and this function actually sleeping, the wakeup is missed and the
   timeout condition will happen instead

2) If a wakeup happened but not sufficient space became available, the
   code will loop again and wait for more space.  However, if the second
   wake comes in prior to hitting the schedule_timeout_interruptible(), it
   will be missed, and potentially you'll wait out until the timeout
   happens.

The fix consists of using more careful setting of the current state (so
that if a wakeup happens in the main loop window, the schedule_timeout()
falls through) and by checking for available space prior to going into the
schedule_timeout() loop, but after being on the waitqueue and having the
state set to interruptible.

[tiwai: the following changes have been added to Arjan's original patch:
 - merged akpm's fix for waitqueue adding order into a single patch
 - reduction of duplicated code of avail check
]

Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Cc: <stable@kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2011-09-15 09:03:16 +02:00
..
oss ALSA: core: remove unused variables. 2011-05-26 08:19:04 +02:00
seq ALSA: core: remove unused variables. 2011-05-26 08:19:04 +02:00
control.c ALSA: core: remove unused variables. 2011-05-26 08:19:04 +02:00
control_compat.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
device.c ALSA: core: sparse cleanups 2011-02-14 17:10:11 +01:00
hrtimer.c ALSA: hrtimer: remove superfluous tasklet invocation 2011-02-10 18:53:32 +01:00
hwdep.c ALSA: hwdep - Make open callback optional 2009-02-05 09:10:20 +01:00
hwdep_compat.c [PATCH] hwdep_compat missed __user annotations 2006-10-10 15:37:21 -07:00
info.c get rid of create_proc_entry() abuses - proc_mkdir() is there for purpose 2011-07-24 10:12:33 -04:00
info_oss.c ALSA: Kill snd_assert() in sound/core/* 2008-08-13 11:46:35 +02:00
init.c ALSA: core: remove unused variables. 2011-05-26 08:19:04 +02:00
isadma.c ALSA: snd_dma_pointer workaround for chipsets with buggy DMA 2009-10-11 18:03:13 +02:00
jack.c ALSA: fix one memory leak in sound jack 2011-02-21 09:33:49 +01:00
Kconfig ALSA: sound/core/pcm_timer.c: use lib/gcd.c 2009-12-22 08:24:35 +01:00
Makefile ALSA: Fix SG-buffer DMA with non-coherent architectures 2009-07-08 14:20:20 +02:00
memalloc.c ALSA: core: sparse cleanups 2011-02-14 17:10:11 +01:00
memory.c [ALSA] Remove sound/driver.h 2008-01-31 17:29:48 +01:00
misc.c ALSA: Use %pV for snd_printk() 2011-06-10 15:35:20 +02:00
pcm.c ALSA: core: sparse cleanups 2011-02-14 17:10:11 +01:00
pcm_compat.c ALSA: sound/core/pcm_compat.c: adjust array index 2011-07-28 15:12:02 +02:00
pcm_lib.c ALSA: pcm - fix race condition in wait_for_avail() 2011-09-15 09:03:16 +02:00
pcm_memory.c Fix common misspellings 2011-03-31 11:26:23 -03:00
pcm_misc.c ALSA: core: sparse cleanups 2011-02-14 17:10:11 +01:00
pcm_native.c ALSA: core: remove unused variables. 2011-05-26 08:19:04 +02:00
pcm_timer.c ALSA: sound/core/pcm_timer.c: use lib/gcd.c 2009-12-22 08:24:35 +01:00
rawmidi.c ALSA: Use krealloc() in possible places 2011-07-12 08:05:16 +02:00
rawmidi_compat.c
rtctimer.c ALSA: rtctimer.c needs module.h 2011-07-30 08:03:35 +02:00
sgbuf.c ALSA: Fix vunmap and free order in snd_free_sgbuf_pages() 2009-03-18 08:04:01 +01:00
sound.c Merge branch 'topic/workq-update' into topic/misc 2010-12-13 09:29:52 +01:00
sound_oss.c ALSA: Remove warning message for invalid OSS minor ranges 2010-01-18 14:18:55 +01:00
timer.c ALSA: timer - Add NULL-check for invalid slave timer 2011-08-08 12:28:22 +02:00
timer_compat.c ALSA: Kill snd_assert() in sound/core/* 2008-08-13 11:46:35 +02:00
vmaster.c Fix common misspellings 2011-03-31 11:26:23 -03:00