Takashi Iwai df160c6cdf UPSTREAM: ALSA: timer: Fix link corruption due to double start or stop ... commit f784beb75ce82f4136f8a0960d3ee872f7109e09 upstream. Although ALSA timer code got hardening for races, it still causes use-after-free error. This is however rather a corrupted linked list, not actually the concurrent accesses. Namely, when timer start is triggered twice, list_add_tail() is called twice, too. This ends up with the link corruption and triggers KASAN error. The simplest fix would be replacing list_add_tail() with list_move_tail(), but fundamentally it's the problem that we don't check the double start/stop correctly. So, the right fix here is to add the proper checks to snd_timer_start() and snd_timer_stop() (and their variants). Bug: 37240993 Change-Id: I86a327c4479fecf9b502ba6122c8ae67a2326754 BugLink: http://lkml.kernel.org/r/CACT4Y+ZyPRoMQjmawbvmCEDrkBD2BQuH7R09=eOkf5ESK8kJAw@mail.gmail.com Reported-by: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Siqi Lin <siqilin@google.com>		2018-01-13 17:13:37 +03:00
..
aoa
arm	ASoC: fix broken pxa SoC support	2016-04-27 18:55:20 +08:00
atmel
compress_offload
core	UPSTREAM: ALSA: timer: Fix link corruption due to double start or stop	2018-01-13 17:13:37 +03:00
drivers	ALSA: pcsp: Fix the order of input device unregistration	2014-04-14 06:44:31 -07:00
firewire
i2c	ALSA: ak411x: Fix stall in work callback	2015-04-14 17:33:59 +08:00
isa
mips
oss
parisc
pci	ALSA: rme96: Fix unexpected volume reset after rate changes	2016-10-26 23:15:35 +08:00
pcmcia
ppc
sh
soc	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
sparc
spi
synth	ALSA: synth: Fix conflicting OSS device registration on AWE32	2016-04-27 18:55:27 +08:00
usb	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
ac97_bus.c
Kconfig
last.c
Makefile
sound_core.c
sound_firmware.c