[alsa-devel] what's the kernel policy WRT firmware parsing security?

[alsa-devel] what's the kernel policy WRT firmware parsing security?

[Guennadi Liakhovetski]

Hi,

I decided to have a look at whether the ALSA topology parsing is bullet
proof against malformed topology files. It seems not quite to be the case.
At least I seem to have found a possibility of crashing the kernel by a
malformed topology file. I haven't tested it, so, maybe I'm wrong.

In principle, firmware files can only be written by root, and if you have
root access to the system, it's anyway doomed. Is this the approach and
we aren't really trying to make topology parsing 100% safe, or do we want
to fix any such possible parsing issues?

Thanks
Guennadi
_______________________________________________
Alsa-devel mailing list
Alsa-devel@alsa-project.org
https://mailman.alsa-project.org/mailman/listinfo/alsa-devel

Re: [alsa-devel] what's the kernel policy WRT firmware parsing security?

[Jaroslav Kysela]

Dne 06. 10. 19 v 12:47 Guennadi Liakhovetski napsal(a):
> Hi,
> 
> I decided to have a look at whether the ALSA topology parsing is bullet
> proof against malformed topology files. It seems not quite to be the case.
> At least I seem to have found a possibility of crashing the kernel by a
> malformed topology file. I haven't tested it, so, maybe I'm wrong.
> 
> In principle, firmware files can only be written by root, and if you have
> root access to the system, it's anyway doomed. Is this the approach and
> we aren't really trying to make topology parsing 100% safe, or do we want
> to fix any such possible parsing issues?

The kernel should not crash. Dot. If you found a serious issue, please,
report it or better, send the fix.

				Thanks,
					Jaroslav

-- 
Jaroslav Kysela <perex@perex.cz>
Linux Sound Maintainer; ALSA Project; Red Hat, Inc.
_______________________________________________
Alsa-devel mailing list
Alsa-devel@alsa-project.org
https://mailman.alsa-project.org/mailman/listinfo/alsa-devel

Re: [alsa-devel] what's the kernel policy WRT firmware parsing security?

[Guennadi Liakhovetski]

Hi Jaroslav,

On Sun, Oct 06, 2019 at 04:10:28PM +0200, Jaroslav Kysela wrote:
> Dne 06. 10. 19 v 12:47 Guennadi Liakhovetski napsal(a):
> > Hi,
> > 
> > I decided to have a look at whether the ALSA topology parsing is bullet
> > proof against malformed topology files. It seems not quite to be the case.
> > At least I seem to have found a possibility of crashing the kernel by a
> > malformed topology file. I haven't tested it, so, maybe I'm wrong.
> > 
> > In principle, firmware files can only be written by root, and if you have
> > root access to the system, it's anyway doomed. Is this the approach and
> > we aren't really trying to make topology parsing 100% safe, or do we want
> > to fix any such possible parsing issues?
> 
> The kernel should not crash. Dot. If you found a serious issue, please,
> report it or better, send the fix.

Sorry, I'm still configuring / getting used to mutt and git send-mail on this
PC, so adding you to CC didn't work out :-/ Here's a link:
https://mailman.alsa-project.org/pipermail/alsa-devel/2019-October/156352.html

Thanks
Guennadi

> 				Thanks,
> 					Jaroslav
> 
> -- 
> Jaroslav Kysela <perex@perex.cz>
> Linux Sound Maintainer; ALSA Project; Red Hat, Inc.
_______________________________________________
Alsa-devel mailing list
Alsa-devel@alsa-project.org
https://mailman.alsa-project.org/mailman/listinfo/alsa-devel