提交 fcfb7866 编写于 作者: T Takashi Iwai

ALSA: emu10k1: Avoid access to invalid pages when period=1

When period=1, the driver tries to allocate a bit bigger buffer than
requested by the user due to the irq latency tolerance.  This may lead
to accesses over the actually allocated pages.

This patch adds a check of the page index and assigns the silent page
when it's over the given buffer size.
Signed-off-by: NTakashi Iwai <tiwai@suse.de>
上级 c810f903
...@@ -326,6 +326,9 @@ snd_emu10k1_alloc_pages(struct snd_emu10k1 *emu, struct snd_pcm_substream *subst ...@@ -326,6 +326,9 @@ snd_emu10k1_alloc_pages(struct snd_emu10k1 *emu, struct snd_pcm_substream *subst
for (page = blk->first_page; page <= blk->last_page; page++, idx++) { for (page = blk->first_page; page <= blk->last_page; page++, idx++) {
unsigned long ofs = idx << PAGE_SHIFT; unsigned long ofs = idx << PAGE_SHIFT;
dma_addr_t addr; dma_addr_t addr;
if (ofs >= runtime->dma_bytes)
addr = emu->silent_page.addr;
else
addr = snd_pcm_sgbuf_get_addr(substream, ofs); addr = snd_pcm_sgbuf_get_addr(substream, ofs);
if (! is_valid_page(emu, addr)) { if (! is_valid_page(emu, addr)) {
printk(KERN_ERR "emu: failure page = %d\n", idx); printk(KERN_ERR "emu: failure page = %d\n", idx);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册