From: Sasha Levin <sashal@kernel.org>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
syzbot+d952e5e28f5fb7718d23@syzkaller.appspotmail.com,
Takashi Iwai <tiwai@suse.de>
Subject: Re: [PATCH 5.2 03/20] ALSA: usb-audio: Sanity checks for each pipe and EP types
Date: Tue, 6 Aug 2019 22:38:08 -0400 [thread overview]
Message-ID: <20190807023808.GS17747@sasha-vm> (raw)
In-Reply-To: <20190802155154.GA28398@kroah.com>
On Fri, Aug 02, 2019 at 05:51:54PM +0200, Greg Kroah-Hartman wrote:
>On Fri, Aug 02, 2019 at 09:48:28AM -0400, Sasha Levin wrote:
>> On Fri, Aug 02, 2019 at 11:39:57AM +0200, Greg Kroah-Hartman wrote:
>> > From: Takashi Iwai <tiwai@suse.de>
>> >
>> > commit 801ebf1043ae7b182588554cc9b9ad3c14bc2ab5 upstream.
>> >
>> > The recent USB core code performs sanity checks for the given pipe and
>> > EP types, and it can be hit by manipulated USB descriptors by syzbot.
>> > For making syzbot happier, this patch introduces a local helper for a
>> > sanity check in the driver side and calls it at each place before the
>> > message handling, so that we can avoid the WARNING splats.
>> >
>> > Reported-by: syzbot+d952e5e28f5fb7718d23@syzkaller.appspotmail.com
>> > Signed-off-by: Takashi Iwai <tiwai@suse.de>
>> > Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>>
>> This commit has a fix: 5d78e1c2b7f4b ("ALSA: usb-audio: Fix gpf in
>> snd_usb_pipe_sanity_check") which was not pulled by Linus yet.
>>
>> I'm going to drop this commit and re-queue it together with it's fix
>> once it makes it upstream.
>
>Ah, thanks for doing that.
Now queued these two commits for 5.2.
--
Thanks,
Sasha
next prev parent reply other threads:[~2019-08-07 2:38 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-02 9:39 [PATCH 5.2 00/20] 5.2.6-stable review Greg Kroah-Hartman
2019-08-02 9:39 ` [PATCH 5.2 01/20] vsock: correct removal of socket from the list Greg Kroah-Hartman
2019-08-02 9:39 ` [PATCH 5.2 02/20] ISDN: hfcsusb: checking idx of ep configuration Greg Kroah-Hartman
2019-08-02 9:39 ` [PATCH 5.2 03/20] ALSA: usb-audio: Sanity checks for each pipe and EP types Greg Kroah-Hartman
2019-08-02 13:48 ` Sasha Levin
2019-08-02 15:51 ` Greg Kroah-Hartman
2019-08-07 2:38 ` Sasha Levin [this message]
2019-08-02 9:39 ` [PATCH 5.2 04/20] bpf: fix NULL deref in btf_type_is_resolve_source_only Greg Kroah-Hartman
2019-08-02 9:39 ` [PATCH 5.2 05/20] media: au0828: fix null dereference in error path Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 06/20] ath10k: Change the warning message string Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 07/20] media: cpia2_usb: first wake up, then free in disconnect Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 08/20] media: pvrusb2: use a different format for warnings Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 09/20] NFS: Cleanup if nfs_match_client is interrupted Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 10/20] media: radio-raremono: change devm_k*alloc to k*alloc Greg Kroah-Hartman
2019-08-02 10:04 ` Joe Perches
2019-08-06 5:34 ` Luke Nowakowski-Krijger
2019-08-02 9:40 ` [PATCH 5.2 11/20] xfrm: policy: fix bydst hlist corruption on hash rebuild Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 12/20] nvme: fix multipath crash when ANA is deactivated Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 13/20] Bluetooth: hci_uart: check for missing tty operations Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 14/20] sched/fair: Dont free p->numa_faults with concurrent readers Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 15/20] sched/fair: Use RCU accessors consistently for ->numa_group Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 16/20] /proc/<pid>/cmdline: remove all the special cases Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 17/20] /proc/<pid>/cmdline: add back the setproctitle() special case Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 18/20] drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 19/20] Fix allyesconfig output Greg Kroah-Hartman
2019-08-02 9:40 ` [PATCH 5.2 20/20] ceph: hold i_ceph_lock when removing caps for freeing inode Greg Kroah-Hartman
2019-08-02 17:21 ` [PATCH 5.2 00/20] 5.2.6-stable review Thierry Reding
2019-08-03 7:09 ` Greg Kroah-Hartman
2019-08-05 11:48 ` Thierry Reding
2019-08-09 8:52 ` Greg Kroah-Hartman
2019-08-09 13:04 ` Thierry Reding
2019-08-09 15:49 ` Greg Kroah-Hartman
2019-08-12 9:05 ` Thierry Reding
2021-01-04 12:39 ` Greg Kroah-Hartman
2019-08-02 23:25 ` shuah
2019-08-03 7:08 ` Greg Kroah-Hartman
2019-08-03 5:50 ` Naresh Kamboju
2019-08-03 7:11 ` Greg Kroah-Hartman
2019-08-03 16:00 ` Guenter Roeck
2019-08-04 7:15 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190807023808.GS17747@sasha-vm \
--to=sashal@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=syzbot+d952e5e28f5fb7718d23@syzkaller.appspotmail.com \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).