Commit graph

10650 commits

Author SHA1 Message Date
Xiaoyu Ye
7def49a588 ASoC: msm-cpe: Fix range checking in function fw_name_store
The range checking between "WCD_CPE_IMAGE_FNAME_MAX" and
"copy_count" is off-by-one due to the size of array
"core->dyn_fname" is "WCD_CPE_IMAGE_FNAME_MAX". Subtract
one from the range checking to fix this issue.

Change-Id: I87fd55206f79ad7b13c3878f6642bf5579303b17
Signed-off-by: Xiaoyu Ye <benyxy@codeaurora.org>
2017-05-22 16:46:46 -07:00
Bhalchandra Gajare
53fea72ac3 ASoC: msm-lsm-client: use kzalloc instead of kmalloc
In the ioctl function, driver allocates memory to store data
internally before calling copy_to_user to copy data to user-space.
It is possible that kernel internal information can be leaked to
user space through this if the allocated memory is not completely
overwritten with valid data. Use kzalloc to fix this.

CRs-fixed: 2026045
Change-Id: I754ae2157034a135aaca4a15badf10d2567b7ed6
Signed-off-by: Bhalchandra Gajare <gajare@codeaurora.org>
2017-05-22 05:35:32 -07:00
Siena Richard
0a5bf59253 ASoC: msm: qdsp6v2: clear address on error
Set address to NULL on error to ensure a stale address is not used.

CRs-Fixed: 2038685
Signed-off-by: Siena Richard <sienar@codeaurora.org>
Change-Id: I17e7b7b404625d21721b2466e70fa8be2370b517
2017-05-11 12:24:36 -07:00
LuK1337
d354864125 Import T813XXU2BQD1 kernel source changes
Change-Id: I029a632786a1e30cb0067755d16b55a583c7b235
2017-04-22 16:30:03 +02:00
LuK1337
5f24ef8dce codecs: rt5659: Don't delay calibration procedure
* Due to gts210vewifi being unable to register sound
  card reliably this method doesn't always work.

Change-Id: Id965d0c653a5318d90fcfe4a3ad4eb2c936213c2
2017-04-18 23:12:30 +02:00
LuK1337
064219cdad Revert "codecs: rt5659: Revert back to M calibration"
This reverts commit a7cd234cfe.
2017-04-18 23:12:02 +02:00
Luca Stefani
bd3d0c9363 Revert "ASoC: compress: Fix compress device direction check"
This reverts commit 9a76e683b6.
2017-04-18 17:29:43 +02:00
Luca Stefani
ff1ebfd98d This is the 3.10.102 stable release
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJXXS5iAAoJEE44bZycYXAvDj8P/jbhmGAgW6tw2cnS90QIZDqG
 M/nclEId61jICNvbfP6zsioKeWyrmzr5G7NjqTThsSNhCo/DXs3ddMqLy3pOaFdq
 mytXtHIUpwZoplEib+ODinW40CMqnu11XSWEcee2nrsPuGNsnc7BY0wmFBa6UVCV
 rOZef9SN9lJcZSYY/auvgLDXOXdQ+NMxp5hau30aF5HBO8hTDXStjPRcUwCvz7aR
 govTQJHlS4HzLH3JOYS3Dt8IYFDOrKhQIby2nFdw7eiUxHCRy2F0asabTh3DzCw1
 iLvFroozjyVXwozfWMqLCvMa+514MXJy8Nkva6xiAHraC8UrgfPtcNsTdgtkdH9T
 V2Am9b0L7yiBdG6hsZLxkU3akk7vU/0dtppwzvudANT6i2tGcDSBeaZq3T2pAv7B
 7coY53GzHZdQnbdTZbYeS1fxebxyXw50D5OJkF8DyLhoL7Uj2Dvv0QdjKv+U/e5D
 VQ+ZyGcBdCLuOzflXysI10E01y0/M3FrkubgGBM4Oh0eYKCHJaHG/NCZy5JY/qxy
 S0phem8RbeZPbcL14z+5buWIi1lUkTiCIMG8c32ZEmDh84drnICqABA0RzKmqdkj
 ucQa+PzkMQ1DyhAMUl/CwpBfSqf1Zs3agLo78Kp5MTGfeAA90m0SeVqhmDgWhwqG
 HhSlsPFfMfmJl5S0uJpQ
 =UhFl
 -----END PGP SIGNATURE-----

Merge tag 'v3.10.102' into HEAD

This is the 3.10.102 stable release

Change-Id: Ic7d338fb190966b26aa151361fc37414f701d8b2
2017-04-18 17:22:08 +02:00
Luca Stefani
b46b1587e9 This is the 3.10.101 stable release
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABCAAGBQJW6X7DAAoJEDjbvchgkmk+RqMP/23oS5ZXheNwIwKzWO8f1tnZ
 Em+1+p5zZ8cFV/mWHz6Jxxt0/3tEteT1m3sWGJLvG3Uzz1kd7alS/omxU0Lf4WEf
 Qzso9R5sg4+SKUtAhRmJlXhLvVwnKc5KiGyrBt4ZBrwViHy+phr6/uPUTI5m6u48
 Xzujf+onqeojNXTfMxAq90r9a/AHmVlTwQ+j6SqPkKKbCrtHp9bjrMEb2JFbk8CN
 dPhJQuKgUjUx0Scfk2KOecS89e0Kr+k8RWFstPtR0eUkvNlfzjcK7SD1WZ5i0yd4
 d89tG/X9T2uTVeO2hTxKmTmOAxgiBS/RAljXgA+3j1VTPBMuOvYjyIVQ8RwROFtp
 UbgkSabwhX2prKj1J0zXNUjSvYyiGQ1mXWcHemZxaJAZKl0rWwHeBuNHPuJCPAWJ
 ZVqFkA0jrKcDbF+pnt9nkWEC1vFkO0kaZAY8hYtUiXkA8ohoC+4rIap09sgGzHiM
 ElN9VZbg8dJOMfSrnFkIO8t8SQzlnLo3lNQsKF8HbtB2UsIODALYasuj61KXlt1s
 xo4bKgKVncRqA0neMdOjVlu4U8qs3f2f8FDFMdX3lAlq/Pcgo/wJCUuhl3y3cr4+
 9FRTaWxbtg7zCfvlV4JmgF9KjNdq+w6CU6ZbtRSDuBhtCx5dpMNGqD9igY6xtV4P
 GN3zWp59z0D40kIU+bLd
 =3YTQ
 -----END PGP SIGNATURE-----

Merge tag 'v3.10.101' into HEAD

This is the 3.10.101 stable release
2017-04-18 17:17:55 +02:00
Luca Stefani
4bead31629 This is the 3.10.97 stable release
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABCAAGBQJWx5XJAAoJEDjbvchgkmk+03kQAJkDjox3A7B9fdLPYOv/ophX
 c91Hd3TgKeioTLJiAgMXPpITWRDnwovPJVSlc1lZltojGtWg6JWE/W1/vQ3mNaJi
 cykBUngEp7qvLE08DUNDWW0PZaulBEY9sW2mcW4KgzxDQxoC2l8YnCLEjY8m5GMf
 AIw9SxmT9Kz2FSdDbH9/CCG7uVuKrPcBOmqSOOrl6bKV19dVnF6S46VDYuH3Y8hf
 8akUAgxl7pecHUywBWOdqfMWOhNokesYVAlHL0aYIukjL1rP+0WrjoJ9mOcfC47x
 DNzkT2wvjThbcESn/vAayX4LWLgTMx+UShiaMekEYxXBDp3t2rlGU2i/7oLmrexQ
 8P5qtT+x/sOORonQgplO7kPeSez54buCw7HLfxUAJGUjNhEmiOZb3kaH8uidLOVz
 J5FfrlxHS3HXX1nYAclEcNsnwo1U6lAnjZpT78lR9hpdzrjLaNj/LwswzrgVVq+E
 GOpyrTEvklgQCH5PdLA9+Iz49L5AXvg3vJnMcS9l8yyj1642gdemM9za7iKD5rwK
 TF6WdSySgxjameBI9EBQsS/9iPg3GK7jEq+CRUOLwRwfvFpL1etfrwkX7tRGhZkp
 kL3wqntlSb4UZbylxQ/SBRa/rogwjYFCKNiti66mkY7eYJwPa07OCUBvCxh/10GN
 ahTCcFEzYgg/BJqcL/dy
 =OLxa
 -----END PGP SIGNATURE-----

Merge tag 'v3.10.97' into HEAD

This is the 3.10.97 stable release

Change-Id: I57a42ce0af10c340f15384bab609c07fc6ab4b81
2017-04-18 17:17:20 +02:00
Luca Stefani
e516c31e99 This is the 3.10.96 stable release
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABCAAGBQJWqv2IAAoJEDjbvchgkmk+180QAKqYrypT3cyClNOHGRFRaxID
 Sxo8S9tr8apxaIeP/nfZH3fYXyoadKBwxet15PNYwGVex3jBIVO0M0kspNPu9guG
 ogM0hf558EiWpdN5kydwCyN2ukJkhPP9r1ZQ5T84UcqflIboLDYXksqW1w8JX7wm
 dumt8kbbnN42e9S1bXD79CRaBB+dkNBTg0fdfpCi7pOQvUQD9DAs/j6XM1ZkOouX
 P+/vnIWbRwzbVqlJSaWNfBotlNsydosazJD9lg8iFIRDpVGJPKYbDMP2MPpyrmyA
 mesNRIy0wD9cixXW6jMS3fkSOY27N5hZIYYVPWQ8vfCcooTej4GHw37C7Inlh8z6
 iWf/sy1Hu+vniJKAr0BD86ocZxnaMv//BQtwCJZv3TfuQ93QkaRmEznEnCHYGN4M
 thoaS7oYGfrJnsHKkh913Kr3K7QuvyFttOE058PloYzJbCPV+YVRa/UGyuR6qOCl
 SbuSMXDdUDcf/Wznr6S6p6T2GIfM8GYvfm7hzIYwHpClCQpDR3lRdonDAg82mdMh
 YCNbEZQ32+l8idBX/YG97MskMD869237yh4MLUUWoxLTbevAblkYSt81WuDO4Gya
 PcWcB+zH4t2Y25W9yVoTKmaJSJPhT4ngNFSy7V8zKgVG2Vmz4YIuLRhd6N2/fGcd
 FVSXw7uHZhrn+SEl+L6W
 =tiwo
 -----END PGP SIGNATURE-----

Merge tag 'v3.10.96' into HEAD

This is the 3.10.96 stable release

Change-Id: I428f544d161be44e66e56e2d6900700e798cdd0a
2017-04-18 17:16:02 +02:00
Luca Stefani
82b37d9f2f Merge remote-tracking branch 'f2fs/linux-3.10.y' into HEAD
Change-Id: Ic2fe24529f029909ddd96490bd6d885d60f88be2
2017-04-18 17:02:28 +02:00
LuK1337
4e71469c73 Merge tag 'LA.BR.1.3.6-03510-8976.0' into HEAD
Change-Id: Ie506850703bf9550ede802c13ba5f8c2ce723fa3
2017-04-18 12:11:50 +02:00
Luca Stefani
a7cd234cfe codecs: rt5659: Revert back to M calibration
Change-Id: Iae98fd7f298b906ced14379af72411e199b65758
2017-04-18 12:11:12 +02:00
Luca Stefani
ac1e4ac5d8 sound: rt5659: Fake msm8952-tomtom-snd-card model
Change-Id: I6ebd997e382457f15fed86b9014e65c12e10652c
2017-04-18 12:11:12 +02:00
LuK1337
fc9499e55a Import latest Samsung release
* Package version: T713XXU2BQCO

Change-Id: I293d9e7f2df458c512d59b7a06f8ca6add610c99
2017-04-18 03:43:52 +02:00
Alexy Joseph
367fab472d ASoC: qdsp6v2: Remove Eagle code
Eagle driver is not in use any more.
Remove the code and associated calls
to it.

CRs-Fixed: 1103106
Change-Id: Ice5333861beda9538f0783b70b3267523d16fd2b
Signed-off-by: Alexy Joseph <alexyj@codeaurora.org>
2017-04-11 19:13:47 +05:30
Xiaojun Sang
f50da43b79 ASoC: msm: qdsp6v2: set pointer to NULL after free
Pointer after kfree is not sanitized.
Set pointer to NULL.

CRs-Fixed: 2008031
Change-Id: Ia59a57fcd142a6ed18d168992b8da4019314afa4
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
2017-03-30 16:53:52 +05:30
Karthikeyan Mani
e8dbcc4d77 ASoC: msm: qdsp6v2: Fix out-of-bounds access in put functions
Add out of bounds check in routing put functions
for the mux value before accessing the texts
pointer of soc_enum struct with mux as index.

CRs-fixed: 1097569
Change-Id: Ib9ef8d398f0765754b0f79666963fac043b66077
Signed-off-by: Karthikeyan Mani <kmani@codeaurora.org>
2017-03-16 14:05:56 +05:30
Walter Yang
4e551b3aeb ASoC: Add backend user count checking
Add backend user count checking to protect the index
boundary.

Change-Id: Ic1b61d1f7130252cc54da0b16553858714988dbd
CRs-Fixed: 2009216
Signed-off-by: Walter Yang <yandongy@codeaurora.org>
2017-03-14 18:18:58 -07:00
Linux Build Service Account
0a47b43e88 Merge "ASoC: msm: acquire lock in ioctl" 2017-03-06 10:26:23 -08:00
Yeleswarapu Nagaradhesh
4ec8121178 ASoC: msm: acquire lock in ioctl
If two ioctls are triggered with different commands,
there is a possibility to access freed confidence level
memory. To resolve this acquire lock in ioctl.
Also release mutex lock properly in error cases.

CRs-Fixed: 1103085
Change-Id: I7d6b2eff21c8297e5f0755a0c141254be32f777d
Signed-off-by: Yeleswarapu Nagaradhesh <nagaradh@codeaurora.org>
2017-03-06 14:44:00 +05:30
Surendar karka
2ce28b2554 ASoC: msm: qdsp6v2: Add support to set volume in ASM loopback
Allow to set volume in ASM for the loopback driver. Without the
get() function the corresponding volume mixer control is
failing to set volume.

CRs-Fixed: 1034862
Change-Id: I621dd9de3a8d4a0f4102227989e1dd17638c20ea
Signed-off-by: Surendar karka <sukark@codeaurora.org>
2017-03-06 14:14:33 +05:30
Siena Richard
d03144e72c ASoC: msm: qdsp6v2: completely deallocate on cal block creation failure
Completely deallocate the cal block if creation fails to ensure no
memory leaks are present.

CRs-Fixed: 1112751
Change-Id: I76916c8b3f7e8e9b864dc39dab96f7d330774473
Signed-off-by: Siena Richard <sienar@codeaurora.org>
2017-02-23 11:14:37 -08:00
Xiaoyu Ye
202abda348 ASoC: msm: qdsp6v2: Fix an incorrect string comparison logic
A conditional branch is skipped due to incorrect string comparison.
It is fixed by using "strcmp" to perform string comparison.

CRs-fixed: 1085889
Change-Id: I12be44ac272fc5079230feb6ae24c68ccde99cf2
Signed-off-by: Xiaoyu Ye <benyxy@codeaurora.org>
Signed-off-by: Bhalchandra Gajare <gajare@codeaurora.org>
2017-02-10 01:38:10 -08:00
Linux Build Service Account
5a36366e06 Merge "ASoC: qdsp6v2: prevent null pointer dereference for _vol_cmds" 2017-01-30 14:58:04 -08:00
Linux Build Service Account
7dd1cd4303 Merge "Revert "ASoC: wcd_cpe_core: Perform irq cleanup once the bus is up"" 2017-01-30 14:58:04 -08:00
Linux Build Service Account
e0137078b3 Merge "ASoC: msm-cpe-lsm: cleanup ioctl functions" 2017-01-30 08:23:53 -08:00
Linux Build Service Account
27e0cf39cb Merge "drivers: soc: qcom: Add overflow check in ADM driver" 2017-01-30 08:23:52 -08:00
Linux Build Service Account
0b59271bd3 Merge "ASoC: msm: qdsp6v2: return error when copy from userspace fails" 2017-01-30 08:23:47 -08:00
Linux Build Service Account
b0a1a8833d Merge "ASoC: msm: qdsp6v2: DAP: Add check to validate param length" 2017-01-30 08:23:45 -08:00
Xiaojun Sang
5e9c8dba56 ASoC: qdsp6v2: prevent null pointer dereference for _vol_cmds
In case of memory allocation failure, _vol_cmd_cnt is not reset.
In _volume_cmds_free, null pointer dereference would happen for
_vol_cmds[i].
To prevent it, reset _vol_cmd_cnt when memory allocation fails.

CRs-Fixed: 1089598
Change-Id: Icb998549cdb999c6db2fd52aef505f200e630da5
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
2017-01-30 15:35:01 +05:30
Walter Yang
12cae94bb2 ASoC: msm-cpe-lsm: cleanup ioctl functions
Some of the ioctl command handling is not properly using the
copy_from_user interface. Fix these issues and cleanup the ioctl
functions to make sure there is no illegal memory access.

CRs-Fixed: 1090482
Change-Id: Ib18e4b132d3487a3103335768aad5df2ebe13f2d
Signed-off-by: Walter Yang <yandongy@codeaurora.org>
2017-01-30 14:28:25 +05:30
Banajit Goswami
2ebf105d6f Revert "ASoC: wcd_cpe_core: Perform irq cleanup once the bus is up"
This reverts commit 74041210be67 ("ASoC: wcd_cpe_core: Perform irq
cleanup once the bus is up")

CRs-Fixed: 1102353
Change-Id: I7883615b009051c20e11b95b7fca0ef82225e6f5
Signed-off-by: Banajit Goswami <bgoswami@codeaurora.org>
Signed-off-by: Bhalchandra Gajare <gajare@codeaurora.org>
2017-01-30 00:47:30 -08:00
Karthik Reddy Katta
e023a636d2 drivers: soc: qcom: Add overflow check in ADM driver
Add overflow check for param length to prevent
heap overflow while allocating memory for
ADM parameters.

CRs-Fixed: 1103334
Change-Id: I1163aeaabbc84dba4cd0739a35ecbdee18b42717
Signed-off-by: Karthik Reddy Katta <a_katta@codeaurora.org>
2017-01-30 13:55:16 +05:30
Siena Richard
859d6579af ASoC: msm: qdsp6v2: return error when copy from userspace fails
A copy_from_user is not always expected to succeed. Therefore, check
for an error before operating on the buffer post copy.

Change-Id: Ibba9a47c84e735d30e32eeac5b80d51044b7a9e8
CRs-Fixed: 1094852
Signed-off-by: Siena Richard <sienar@codeaurora.org>
2017-01-27 03:23:18 -08:00
Sharad Sangle
9d6c3a2ff7 ASoC: msm: qdsp6v2: DAP: Add check to validate param length
To avoid buffer overflow, validate input length used to
set Dolby params.

Change-Id: I3f9d6040f118f63b60c20c83b0d8cae638f4a530
CRs-Fixed: 1095947
Signed-off-by: Sharad Sangle <assangle@codeaurora.org>
2017-01-27 02:53:48 -08:00
Xiaoyu Ye
ecf169bd6b ASoC: msm: qdsp6v2: Add range checking in msm_dai_q6_set_channel_map
Range checking is added to prevent buffer overflow that due to inputs
can be set by user space.

CRs-Fixed: 1098363
Change-Id: I057261291806240ee6d7b8106a5e83a7665e013d
Signed-off-by: Xiaoyu Ye <benyxy@codeaurora.org>
2017-01-27 02:35:52 -08:00
yidongh
163582b516 ASOC: msm: Restrict loop index to avoid buffer overread
Add restriction in msm_dolby_dap_param_to_get_control_get
to avoid reading buffer data with index over buffer size.

Change-Id: I2bd443d4db1a272d20341fbb5b15891a8acf0bc8
CRs-Fixed: 1096076
Signed-off-by: Yidong Huang <yidongh@codeaurora.org>
2017-01-19 15:03:10 +08:00
Linux Build Service Account
156ccbb984 Merge "ASoC: msm: qdsp6v2: DAP: Add check to validate param length" 2017-01-16 04:32:42 -08:00
Linux Build Service Account
2a3b369fe8 Merge "ASoC: msm: q6dspv2: use correct variable type to store ION buff size" 2017-01-15 08:16:45 -08:00
Linux Build Service Account
18ebb80fcc Merge "ASoC: msm: q6dspv2: fix potentional information leak" 2017-01-12 16:11:51 -08:00
Meng Wang
e0245d5450 ASoC: msm: q6dspv2: fix potentional information leak
The heap buffer pointed to out_buffer and in_buffer are allocated
but uninitlalized. It may cause information leak.
Change to kzalloc instead of kmalloc when allocating kernel buffers
to avoid information leak.

CRs-Fixed: 1087020
Change-Id: I6f9b7a630158355a7f920dcf9cfffe537b1c6a85
Signed-off-by: Meng Wang <mwang@codeaurora.org>
2017-01-10 22:51:29 -08:00
Karthik Reddy Katta
25ab82f5d7 drivers: soc: qcom: Add overflow check for sound model size
Overflow check is added for sound model size to prevent
heap overflow while allocating memory for sound model data.

CRs-Fixed: 1100682
Change-Id: Id38523a5e79028c692670e84d5fe924a855a5a10
Signed-off-by: Karthik Reddy Katta <a_katta@codeaurora.org>
2017-01-10 22:48:34 -08:00
kunleiz
e879fc7eca ASoC: msm: qdsp6v2: DAP: Add check to validate param length
Return an error code to ensure valid length value is valid.

CRs-fixed: 1102987
Change-Id: I6a679d08342d1da58c20b5c3d4e436dd335764ae
Signed-off-by: kunleiz <kunleiz@codeaurora.org>
2017-01-10 22:46:00 -08:00
Banajit Goswami
d12d85b91e ASoC: msm: q6dspv2: use correct variable type to store ION buff size
The size of the physical memory allocated for ION buffers
are of type size_t. Change updates the type of variables
sent to ION drivers to size_t to avoid any mismatch.

Change-Id: I3d33ed922b979652c64027e6f1c6f0a8ed4850a3
Signed-off-by: Banajit Goswami <bgoswami@codeaurora.org>
2017-01-09 03:29:14 -08:00
Linux Build Service Account
5072fd3a9d Merge "ASoC: soc: prevent risk of buffer overflow" 2017-01-06 04:11:10 -08:00
Linux Build Service Account
54699eb79c Merge "ASoC: qdsp6v2: fix potential bug of infinite loop" 2017-01-06 04:11:09 -08:00
Linux Build Service Account
1b0c6ec66b Merge "ASoC: msm-lsm-client: cleanup ioctl functions" 2017-01-06 04:11:06 -08:00
Linux Build Service Account
3b82d37666 Merge "ASoC: soc: msm: initialize buffer to prevent kernel data leakage" 2017-01-06 04:11:04 -08:00
Linux Build Service Account
f1af63f8a2 Merge "ASoC: wcd9335: Fix out of bounds for mad input value" 2017-01-06 04:11:04 -08:00
Linux Build Service Account
3379409aeb Merge "ASoC: wcd9330: Fix out of bounds for mad input value" 2017-01-06 04:11:03 -08:00
Linux Build Service Account
797e984939 Merge "ASoC: wcd9320: Fix out of bounds for mad input value" 2017-01-06 04:11:02 -08:00
Xiaojun Sang
1a0bf95d9a ASoC: soc: prevent risk of buffer overflow
In case of large value for bufcnt_t or bufcnt,
cmd_size may overflow. Buffer size allocated by cmd_size might
be not as expected.
Possible buffer overflow could happen.

CRs-Fixed: 1084210
Change-Id: I9556f18dd6a9fdf3f76c133ae75c04ecce171f08
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
2017-01-05 02:06:52 -08:00
Xiaojun Sang
a9e79718d1 ASoC: qdsp6v2: fix potential bug of infinite loop
When variable bufsz equals to 0, there would be infinite loop
at q6asm_audio_client_buf_alloc.
Fix the potential bug by checking bufsz beforehand.

CRs-Fixed: 1072280
Change-Id: I9640112b8945dc603e3af55fc1096bea9f7e6634
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
2017-01-05 01:52:41 -08:00
Bhalchandra Gajare
530f3a0fd8 ASoC: msm-lsm-client: cleanup ioctl functions
Some of the ioctl command handling is not properly using the
copy_from_user interface. Fix these issues and cleanup the ioctl
functions to make sure there is no illegal memory access.

CRs-Fixed: 1087469
Change-Id: Ieb1beb92e7854a05b8045de0ce179d12c9a6da74
Signed-off-by: Bhalchandra Gajare <gajare@codeaurora.org>
2017-01-03 23:31:16 -08:00
Xiaojun Sang
ae6485b965 ASoC: soc: msm: initialize buffer to prevent kernel data leakage
To prevent potential kernel stack data leakage, initialize
channel_map[].

CRs-Fixed: 1100878
Change-Id: I7b81cea20485bc7514551672bb54c7fd455049e3
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
2017-01-03 23:23:11 -08:00
Karthikeyan Mani
1e895f4704 ASoC: wcd9335: Fix out of bounds for mad input value
Add check in tasha_mad_input_put function to
return error on out of bounds access using
mad input value.

CRs-fixed: 1096799
Change-Id: Iddaa3fef362f7cb1919aa3bd8dd4b83133fe7c97
Signed-off-by: Karthikeyan Mani <kmani@codeaurora.org>
2017-01-03 23:18:55 -08:00
Karthikeyan Mani
424c78e96d ASoC: wcd9330: Fix out of bounds for mad input value
Add check in tomtom_mad_input_put function to
return error on out of bounds access using
mad input value.

CRs-fixed: 1096799
Change-Id: Ied86bf88301e555b25eaa190d2d786cdad691ccd
Signed-off-by: Karthikeyan Mani <kmani@codeaurora.org>
2017-01-03 23:18:39 -08:00
Karthikeyan Mani
c9198deaef ASoC: wcd9320: Fix out of bounds for mad input value
Add check in taiko_mad_input_put function to
return error on out of bounds access using
mad input value

CRs-fixed: 1096799
Change-Id: I75ce9e881cf05a50e874a555b2f8bd3286cdaed4
Signed-off-by: Karthikeyan Mani <kmani@codeaurora.org>
2017-01-03 23:18:29 -08:00
Sharad Sangle
6b7ecac777 ASoC: msm: qdsp6v2: DAP: Add check to validate param length
To avoid buffer overflow, validate input length used to
fetch visualizer data.

CRs-fixed: 1096672
Change-Id: I224bc2f20d94182713c565972fb0bd52cad6f3fd
Signed-off-by: Sharad Sangle <assangle@codeaurora.org>
2017-01-03 22:29:31 -08:00
SoumyaManagoli
c96c94eac1 ASoC: msm: Update 8952-slimbus driver with AVS 2.7 support
Update machine driver AFE API calls compatible
with adsp version AVS 2.6 and AVS 2.7.

CRs-Fixed: 1094689
Change-Id: Ida8ead8a2826b5b7e69f503fdda32a7aa9a421b5
Signed-off-by: SoumyaManagoli <smanag@codeaurora.org>
2016-11-29 17:40:24 +05:30
Laxminath Kasam
227ec1921d ASoC: msm: Update machine driver with AVS 2.7 support
Update machine driver AFE API calls compatible
with adsp version AVS 2.6 and AVS 2.7
Update of mclk flag in suspend call.

Change-Id: Id0b300bcf585895cc659a1882710d825d0e7a808
Signed-off-by: Laxminath Kasam <lkasam@codeaurora.org>
Signed-off-by: Divya Narayanan Poojary <dnaray@codeaurora.org>
2016-11-15 10:56:47 +05:30
Laxminath Kasam
d990217def ASoC: msm: add support for AVS 2.7 in native drivers
In Q6 asm and afe drivers, add API support
for AVS 2.7. Update compress driver to use
ASM volume gain compatible to verion used

Change-Id: I152a3410c99cfa37dca0eadb30b97f121f5d0a89
Signed-off-by: Laxminath Kasam <lkasam@codeaurora.org>
Signed-off-by: Divya Narayanan Poojary <dnaray@codeaurora.org>
2016-11-14 18:46:24 +05:30
Ramlal Karra
2e6a457e55 ASoC: msm: qdsp6v2: Add support to query adsp version
Q6 core service provides API to query ADSP
version. Update the apr with get()/set()
to use this adsp version by platform/machine drivers

Change-Id: Icf480991b4b7847cd872ab7286ed1132facff0a4
Signed-off-by: Laxminath Kasam <lkasam@codeaurora.org>
Signed-off-by: Divya Narayanan Poojary <dnaray@codeaurora.org>
2016-11-14 18:37:12 +05:30
Karthik Reddy Katta
51464dccb7 ASoC: msm: qdsp6v2: Fix timeout error in ADM_CMD_SET_PP_PARAMS_V5
Timeout error is observed  while waiting for
ADM_CMD_SET_PP_PARAMS_V5 command's response.
Fix the condition logic in wait_event_timeout()
to match the value set in adm_callback() when
response to ADM_CMD_SET_PP_PARAMS_V5 is received.

CRs-Fixed: 1030674
Change-Id: I711c860dc3de479eec0d22369d19615aef572ea1
Signed-off-by: Karthik Reddy Katta <a_katta@codeaurora.org>
2016-11-04 00:05:38 -07:00
Ravi Kumar Siddojigari
4d27721b0d ASoC: Add args validation in snd_soc_read/write functions
validation of the codec variable passed to the snd_soc_read
and snd_soc_write functions are missing and can lead to DoS
as referred in CVE-2016-6690

Bug:28838221

Change-Id: I5020f77e252bade5e97efb592afb71fe1b18d952
Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>
Signed-off-by: Srinivasa Rao Kuppala <srkupp@codeaurora.org>
2016-10-27 22:05:28 -07:00
Rohit kumar
275037e9ea ASoC: msm8x16-wcd: Remove 20ms sleep in rx chain PMD
Removed 20ms delay in RX chain PMD as it is not required.
This improves device switch and tear down latency.

CRs-Fixed: 1070432
Change-Id: Id6996dff163f390a662f628da710d8bb238f7fca
Signed-off-by: Rohit kumar <rohitkr@codeaurora.org>
2016-10-18 21:00:28 -07:00
Laxminath Kasam
86db9a5bfb ASoC: msm: add q6core ready check before io access
Before accessing io mapped address, check if
qdsp6 is ready to avoid dataabort issue.

Change-Id: Ia65875cd1087520befa0d12f928dc3fd1478031a
Signed-off-by: Laxminath Kasam <lkasam@codeaurora.org>
2016-10-13 00:16:45 -07:00
Shiv Maliyappanahalli
a712ad950d ASoC: msm: qdsp6v2: set token for stereo_to_custom_stereo command
Set token value with port index and copp id so that
correct wait queue handle can be deduced in the
callback of adm_set_stereo_to_custom_stereo command.

Change-Id: Ica4c1442c1143f46de2baa6eaf1890ad0cb4b742
Signed-off-by: Shiv Maliyappanahalli <smaliyap@codeaurora.org>
2016-10-02 23:43:02 -07:00
Linux Build Service Account
2836feb0dc Merge "ASoC: msm: initialize the params array before using it" 2016-09-26 17:26:13 -07:00
Linux Build Service Account
446cc1e68e Merge "ASoC: soc: change audio drivers to use %pK" 2016-09-26 11:16:15 -07:00
Linux Build Service Account
ce4f8c5835 Merge "ASoC: soc: change audio cpe drivers to use %pK" 2016-09-26 11:16:15 -07:00
Walter Yang
62c02898a5 ASoC: msm: initialize the params array before using it
The params array is used without initialization, which may cause
security issues. Initialize it as all zero after the definition.

CRs-Fixed: 1062271
Change-Id: If462fe3d82f139d72547f82dc7eb564f83cb35bf
Signed-off-by: Walter Yang <yandongy@codeaurora.org>
2016-09-26 02:51:09 -07:00
Xiaojun Sang
5c5b851abe ASoC: soc: change audio drivers to use %pK
Change all audio driver to use %pK instead
of %p. %pK hides addresses when the users doesn't
have kernel permissions. If address information
is needed echo 0 > /proc/sys/kernel/kptr_restrict.

CRs-Fixed: 1052832
Change-Id: I9ff5cf06b019c566973eb609bf5d37969b98d31d
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
2016-09-26 01:40:40 -07:00
Xiaojun Sang
9eb9c42ff3 ASoC: soc: change audio cpe drivers to use %pK
Change cpe driver to use %pK instead of %p.
%pK hides addresses when the users doesn't
have kernel permissions. If address information
is needed echo 0 > /proc/sys/kernel/kptr_restrict.

CRs-Fixed: 1052832
Change-Id: I741d9e5c5b415011348e862c3f1ee4fe28c3969f
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
2016-09-26 01:39:51 -07:00
Surendar karka
de37ad8632 ASoC: msm: qdsp6v2: check param length for EAC3 format
Initialize param length with user space argument and
check the condition for maximum length in
SND_AUDIOCODEC_EAC3 format.

CRs-Fixed: 1032820
Change-Id: I710c1f743d7502e93989e8cc487078366570e723
Signed-off-by: Surendar karka <sukark@codeaurora.org>
2016-09-26 00:22:51 -07:00
Linux Build Service Account
d5184a8945 Merge "ASoC: utils: initialize dummy_codec before use" 2016-09-23 23:19:21 -07:00
Linux Build Service Account
c0e54e6166 Merge "ASoC: wcd-mbhc: correct cross connection check" 2016-09-23 23:19:20 -07:00
Linux Build Service Account
13bf74d005 Merge "ASoC: wcd-mbhc: fix inconsistent detection of euro headset" 2016-09-23 23:19:20 -07:00
Linux Build Service Account
9566895a9e Merge "ASoC: msm: Add Buffer overflow check" 2016-09-23 11:49:43 -07:00
Yeleswarapu Nagaradhesh
ef97090632 ASoC: wcd-mbhc: correct cross connection check
Schmitt trigger result is wrong if PA is enabled.
So, don't check for cross connection when PA is enabled.

CRs-Fixed: 1061507
Change-Id: Iad71abbed72aa40b5c839260f5c297a885f7d128
Signed-off-by: Yeleswarapu Nagaradhesh <nagaradh@codeaurora.org>
2016-09-22 23:20:56 -07:00
dojha
dc6b448e93 ASoC: wcd-mbhc: fix inconsistent detection of euro headset
Cross connection sometimes gets detected late. The issue faced is
cable is reported as headset initially, cross connection is
detected later. But before confirming cross connection, playback
starts on headset, so checking for cross connection is not
confirmed. Cable remains reported as headset. So check for cross
connection just before reporting headset.

CRs-Fixed: 1028002
Change-Id: Ida4f277f13c9a193cd7c92063b99bcf1104f107e
Signed-off-by: Divya Ojha <dojha@codeaurora.org>
2016-09-22 23:18:57 -07:00
Karthik Reddy Katta
b7094c554f ASoC: msm: Add Buffer overflow check
The overflow check is required to ensure that user space data
in kernel may not go beyond buffer boundary.

CRs-Fixed: 1064411
Change-Id: I54c28a8942cf1a6a47a4e8272f3159b35d753ead
Signed-off-by: Karthik Reddy Katta <a_katta@codeaurora.org>
2016-09-22 12:24:46 -07:00
Meng Wang
2dbcc6fa22 ASoC: utils: initialize dummy_codec before use
dummy_codec is not initialized before use, which
could cause kernel panic. Initialize dummy_codec before use.

Change-Id: Iedf7a3accbd14138ab7ed9e4e36a98fd7ca9a839
Signed-off-by: Meng Wang <mwang@codeaurora.org>
2016-09-22 12:14:07 -07:00
Laxminath Kasam
8aa27b7359 ASoC: wcd9335: reduce speaker teardown latency
In tasha codec, speaker teardown latency is high.
Acquire clock gear for complete teardown sequence
to improve latency.

CRs-Fixed: 1065561
Change-Id: I7db756e363cb66d22eb5d516e6e512e89e26e6a3
Signed-off-by: Laxminath Kasam <lkasam@codeaurora.org>
2016-09-21 05:09:46 -07:00
Walter Yang
653f4571de ASoC: msm: set pointers to NULL after kfree
In lsm-related driver files, some pointers are not set as NULL
after the memory is freed, which will leave many dangling pointers.
Set them to NULL explicitly to avoid potential risk.

CRs-Fixed: 880388
Change-Id: I44925240705608510266a51225cc02611637c571
Signed-off-by: Walter Yang <yandongy@codeaurora.org>
2016-09-12 04:21:41 -07:00
Pradosh Das
72b69ffec9 Merge commit 'b73847a75055daf57295a8d32fd2c3f998d0b72a' into HEAD
Change-Id: I240d1eae11f98e46ac3c3dfbd69805e4343921fd
Signed-off-by: Pradosh Das <prados@codeaurora.org>
2016-09-08 23:14:17 +05:30
Laxminath Kasam
abe32f1ca0 ASoC: wcd9335: Fix compander disable after SSR
After SSR, observe tones heard with high volume.
compander and hph_mode mixer controls are reset
in post reset callback which will not be in
sync with userspace settings. Avoid reset of
compander and hph_mode controls in post reset
callback.

CRs-Fixed: 1010471
Change-Id: Iacb3e27a35027037613e82e483b10b635d492a75
Signed-off-by: Laxminath Kasam <lkasam@codeaurora.org>
2016-09-01 02:59:38 -07:00
Ashish Jain
246ecc54ee ASoC: msm: qdsp6v2: DAP: Enable non DAP modules on DAP disable
Non DAP modules are disabled when DAP is enabled, and when DAP
is disabled they are suppose to move to a state as set in the
calibration data. Modules which dont have an explicit enable param
remain disabled even when DAP is disabled. Hence send an explicit
enable command to DSP for all modules followed by the
calibration data, this ensures correct state of all modules.

Change-Id: I6f8873bb11d96a20f6401eba5fe2979b6a14e11e
CRs-Fixed: 1049611
Signed-off-by: Ashish Jain <ashishj@codeaurora.org>
2016-08-24 19:59:33 -07:00
Linux Build Service Account
ed6472d52e Merge "ASoC: msm: qdsp6v2: DAP: Update check to validate data length" 2016-08-09 22:23:36 -07:00
Phani Kumar Uppalapati
6c6a0906bd ASoC: wcd9335: Enable standalone ldo_h
Add support for standalone enablement of ldo_h
in wcd9335 hardware. This is required to enable
certain audio TX use-cases.

CRs-fixed: 1032443
Change-Id: Iea068907241b42846d95d8e62e59409cdd29ca42
Signed-off-by: Phani Kumar Uppalapati <phaniu@codeaurora.org>
Signed-off-by: SoumyaManagoli <smanag@codeaurora.org>
2016-08-04 13:16:46 +05:30
Ashish Jain
56c4e8930e ASoC: msm: qdsp6v2: DAP: Update check to validate data length
A big negative data length value can bypass the current check,
update the condition to ensure that only valid data length is used
to copy the params.

CRs-Fixed: 1041130
Change-Id: I6e1a58e901e4c042acfb0ab0a6223dec2949aefe
Signed-off-by: Ashish Jain <ashishj@codeaurora.org>
2016-07-31 20:59:44 -07:00
Ben Romberger
515a74b801 ASoC : msm: qdsp6v2: Add size check in audio cal ioctl
For the audio get calibration ioctl compare the allocated
buffer size to the size of the header and cal type header
to ensure the buffer is big enough.

CRs-Fixed: 1038127
Change-Id: I851b4454e8420706ad3263d67e892720d46e5718
Signed-off-by: Ben Romberger <bromberg@codeaurora.org>
2016-07-27 01:12:43 -07:00
Pradosh Das
571b43a792 Merge commit '4742aa9efad673157273b07095ac1070dd2f02ea' into HEAD
Conflicts:
        drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c
        sound/soc/msm/msm8952-slimbus.c

Change-Id: If4516c52837e61afda301496b9053cb44ea59dd9
Signed-off-by: Pradosh Das <prados@codeaurora.org>
2016-07-26 12:02:09 +05:30
Ashish Jain
07120b47e5 ASoC: msm: qdsp6v2: DAP: Update check to validate data length
A big negative data length value can bypass the current check,
update the condition to ensure that only valid data length is used
to copy the params.

CRs-Fixed: 1041130
Change-Id: I6e1a58e901e4c042acfb0ab0a6223dec2949aefe
Signed-off-by: Ashish Jain <ashishj@codeaurora.org>
2016-07-21 07:48:02 -07:00
Linux Build Service Account
a5ed42c3d4 Merge "ASoc: wcd9335: Fixed supported sample rates in tash_mad1 DAI" 2016-07-21 04:32:14 -07:00
Laxminath Kasam
abd1f28cc0 ASoC: dapm: correct the macro to SND_SOC_DAPM_CLASS_RUNTIME
macro SND_SOC_DAPM_CLASS_PCM is deprecated.
Replace with updated macro SND_SOC_DAPM_CLASS_RUNTIME.

Change-Id: I1f94a32f2b6020eea84923019631caf9c3c63128
Signed-off-by: Laxminath Kasam <lkasam@codeaurora.org>
2016-07-18 00:14:43 -07:00
Pavan Chikkala
212bbc2898 ASoc: wcd9335: Fixed supported sample rates in tash_mad1 DAI
Supported sample rates list in tash_mad1 DAI is not matching with
the given minimum and maximum sample rates

Added additional supported sample rates

Change-Id: Ia44f8dc2f6ab4c59fae7de6d9cebe073bed3ed31
Signed-off-by: Pavan Chikkala <pavanc@codeaurora.org>
2016-07-14 23:28:24 -07:00
Linux Build Service Account
8d8a1d03fd Merge "ASoc: wcd9335: Fixed supported sample rates in tash_mad1 DAI" 2016-07-14 05:16:22 -07:00