On Tue, 09 Jun 2020 13:47:33 +0200,
Christoph Hellwig wrote:
>
> Alex, can you try this patch?
Also could you check whether just papering over the memset() call
alone avoids the crash like below? For PulseAudio and dmix/dsnoop,
it's the only code path that accesses the vmapped buffer, I believe.
If this works more or less, I'll cook a more comprehensive fix.
thanks,
Takashi
--- a/sound/core/pcm_native.c
+++ b/sound/core/pcm_native.c
@@ -754,9 +754,11 @@ static int snd_pcm_hw_params(struct snd_pcm_substream
*substream,
while (runtime->boundary * 2 <= LONG_MAX - runtime->buffer_size)
runtime->boundary *= 2;
+#if 0
/* clear the buffer for avoiding possible kernel info leaks */
if (runtime->dma_area && !substream->ops->copy_user)
memset(runtime->dma_area, 0, runtime->dma_bytes);
+#endif
snd_pcm_timer_resolution_change(substream);
snd_pcm_set_state(substream, SNDRV_PCM_STATE_SETUP);
