Commit Graph

130 Commits

Author SHA1 Message Date
Dan Carpenter 0b444af8da ALSA: seq: potential out of bounds in do_control()
Smatch complains that "control" is user specifigy and needs to be
capped.  The call tree to understand this warning is quite long.

snd_seq_write()  <-- get the event from the user
  snd_seq_client_enqueue_event()
    snd_seq_deliver_event()
      deliver_to_subscribers()
        snd_seq_deliver_single_event()
          snd_opl3_oss_event_input()
            snd_midi_process_event()
              do_control()

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-02-12 11:07:48 +01:00
Takashi Iwai 3fe9cf390f Merge branch 'topic/snd-device' into for-next 2015-02-03 17:57:16 +01:00
Takashi Iwai 40a4b26385 ALSA: Simplify snd_device_register() variants
Now that all callers have been replaced with
snd_device_register_for_dev(), let's drop the obsolete device
registration code and concentrate only on the code handling struct
device directly.  That said,

- remove the old snd_device_register(),
- rename snd_device_register_for_dev() with snd_device_register(),
- drop superfluous arguments from snd_device_register(),
- change snd_unregister_device() to pass the device pointer directly

Reviewed-by: Jaroslav Kysela <perex@perex.cz>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-02-02 17:01:26 +01:00
Takashi Iwai 5205388d2d ALSA: seq: Handle the device directly
Like the previous change for the timer device, this patch changes the
device management for the ALSA sequencer device using the struct
device directly.

Reviewed-by: Jaroslav Kysela <perex@perex.cz>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-02-02 14:42:45 +01:00
Clemens Ladisch a55bdf1ec5 ALSA: seq: remove unused callback_all field
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-26 13:56:58 +01:00
Clemens Ladisch de20b572a3 ALSA: seq: fix off-by-one error in port limit check
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-26 13:54:47 +01:00
Clemens Ladisch 467be357c6 ALSA: seq: correctly report maximum number of ports
Due to SNDRV_SEQ_ADDRESS_BROADCAST, not all 256 port number values can
be used.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-26 13:54:39 +01:00
Takashi Iwai 7533185eee Merge branch 'for-linus' into for-next
Sync with the latest 3.19-rc state for applying other ALSA sequencer
core fixes.
2015-01-26 13:53:41 +01:00
Clemens Ladisch 0767e95bb9 ALSA: seq-dummy: remove deadlock-causing events on close
When the last subscriber to a "Through" port has been removed, the
subscribed destination ports might still be active, so it would be
wrong to send "all sounds off" and "reset controller" events to them.
The proper place for such a shutdown would be the closing of the actual
MIDI port (and close_substream() in rawmidi.c already can do this).

This also fixes a deadlock when dummy_unuse() tries to send events to
its own port that is already locked because it is being freed.

Reported-by: Peter Billam <peter@www.pjb.com.au>
Cc: <stable@vger.kernel.org>
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-26 13:53:13 +01:00
Markus Elfring 57dca36ee2 ALSA: seq: Deletion of unnecessary checks before the function call "snd_midi_event_free"
The snd_midi_event_free() function tests whether its argument is NULL and then
returns immediately. Thus the test around the call is not needed.

This issue was detected by using the Coccinelle software.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-04 15:11:05 +01:00
Markus Elfring d712eaf29d ALSA: core: Deletion of unnecessary checks before two function calls
The functions snd_seq_oss_timer_delete() and vunmap() perform also input
parameter validation. Thus the test around the call is not needed.

This issue was detected by using the Coccinelle software.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-11-21 20:06:57 +01:00
Takashi Iwai d5129f33a0 Subject: ALSA: seq: Remove autoload locks in driver registration
Since we're calling request_module() asynchronously now, we can get
rid of the autoload lock in snd_seq_device_register_driver(), as well
as in the snd-seq driver registration itself.  This enables the
automatic loading of dependent sequencer modules, such as
snd-seq-virmidi from snd-emu10k1-synth.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-10-18 20:25:19 +02:00
Takashi Iwai 68ab61084d ALSA: seq: bind seq driver automatically
Currently the sequencer module binding is performed independently from
the card module itself.  The reason behind it is to keep the sequencer
stuff optional and allow the system running without it (e.g. for using
PCM or rawmidi only).  This works in most cases, but a remaining
problem is that the binding isn't done automatically when a new driver
module is probed.  Typically this becomes visible when a hotplug
driver like usb audio is used.

This patch tries to address this and other potential issues.  First,
the seq-binder (seq_device.c) tries to load a missing driver module at
creating a new device object.  This is done asynchronously in a workq
for avoiding the deadlock (modprobe call in module init path).

This action, however, should be enabled only when the sequencer stuff
was already initialized, i.e. snd-seq module was already loaded.  For
that, a new function, snd_seq_autoload_init() is introduced here; this
clears the blocking of autoloading, and also tries to load all pending
driver modules.

Reported-by: Adam Goode <agoode@chromium.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-10-18 20:25:12 +02:00
Takashi Iwai 54841a06c5 ALSA: seq: Use atomic ops for autoload refcount
... just to robustify for races.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-10-15 14:00:16 +02:00
Rasmus Villemoes b245a822a4 ALSA: seq: seq_memory.c: Fix closing brace followed by if
Add a newline and, while at it, remove a space and redundant braces.

Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-06-23 17:58:33 +02:00
Adam Goode 27423257b7 ALSA: seq: Continue broadcasting events to ports if one of them fails
Sometimes PORT_EXIT messages are lost when a process is exiting.
This happens if you subscribe to the announce port with client A,
then subscribe to the announce port with client B, then kill client A.
Client B will not see the PORT_EXIT message because client A's port is
closing and is earlier in the announce port subscription list. The
for each loop will try to send the announcement to client A and fail,
then will stop trying to broadcast to other ports. Killing B works fine
since the announcement will already have gone to A. The CLIENT_EXIT
message does not get lost.

How to reproduce problem:

*** termA
$ aseqdump -p 0:1
  0:1   Port subscribed            0:1 -> 128:0

*** termB
$ aseqdump -p 0:1

*** termA
  0:1   Client start               client 129
  0:1   Port start                 129:0
  0:1   Port subscribed            0:1 -> 129:0

*** termB
  0:1   Port subscribed            0:1 -> 129:0

*** termA
^C

*** termB
  0:1   Client exit                client 128
   <--- expected Port exit as well (before client exit)

Signed-off-by: Adam Goode <agoode@google.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-06-04 17:30:58 +02:00
Adam Goode 21fd3e956e ALSA: seq: correctly detect input buffer overflow
snd_seq_event_dup returns -ENOMEM in some buffer-full conditions,
but usually returns -EAGAIN. Make -EAGAIN trigger the overflow
condition in snd_seq_fifo_event_in so that the fifo is cleared
and -ENOSPC is returned to userspace as stated in the alsa-lib docs.

Signed-off-by: Adam Goode <agoode@google.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-06-04 07:12:12 +02:00
Masanari Iida 53403a8013 ALSA: core: Fix format string mismatch in seq_midi.c
Fix format string mismatch in snd_seq_midisynth_register_port().
Argument type of p is unsigned int.

Signed-off-by: Masanari Iida <standby24x7@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-04-28 12:18:47 +02:00
Takashi Iwai bb343e7969 ALSA: seq_oss: Use standard printk helpers
Use the standard pr_xxx() helpers instead of home-baked snd_print*().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-02-14 08:14:18 +01:00
Takashi Iwai 04cc79a048 ALSA: seq: Use standard printk helpers
Use the standard pr_xxx() helpers instead of home-baked snd_print*().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-02-14 08:14:18 +01:00
Takashi Iwai f2f9307a4f ALSA: core: Use standard printk helpers
Use dev_err() & co as much as possible.  If not available (no device
assigned at the calling point), use pr_xxx() helpers instead.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-02-14 08:14:15 +01:00
Takashi Iwai a67ca25b6c ALSA: seq_oss: Drop debug prints
The debug prints in snd-seq-oss module are rather useless.
Let's clean up before further modifications.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-02-14 08:14:13 +01:00
Takashi Iwai 80d7d771ae ALSA: Drop unused name argument in snd_register_oss_device()
The last argument, name, of snd_oss_register_device() is nowhere
referred in the function in the current code.  Let's drop it.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-02-12 10:58:19 +01:00
Takashi Iwai 256ca9c3ad ALSA: seq-oss: Initialize MIDI clients asynchronously
We've got bug reports that the module loading stuck on Debian system
with 3.10 kernel.  The debugging session revealed that the initial
registration of OSS sequencer clients stuck at module loading time,
which involves again with request_module() at the init phase.  This is
triggered only by special --install stuff Debian is using, but it's
still not good to have such loops.

As a workaround, call the registration part asynchronously.  This is a
better approach irrespective of the hang fix, in anyway.

Reported-and-tested-by: Philipp Matthias Hahn <pmhahn@pmhahn.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2013-07-17 09:19:24 +02:00
Takashi Iwai 66efdc71d9 ALSA: seq: Fix missing error handling in snd_seq_timer_open()
snd_seq_timer_open() didn't catch the whole error path but let through
if the timer id is a slave.  This may lead to Oops by accessing the
uninitialized pointer.

 BUG: unable to handle kernel NULL pointer dereference at 00000000000002ae
 IP: [<ffffffff819b3477>] snd_seq_timer_open+0xe7/0x130
 PGD 785cd067 PUD 76964067 PMD 0
 Oops: 0002 [#4] SMP
 CPU 0
 Pid: 4288, comm: trinity-child7 Tainted: G      D W 3.9.0-rc1+ #100 Bochs Bochs
 RIP: 0010:[<ffffffff819b3477>]  [<ffffffff819b3477>] snd_seq_timer_open+0xe7/0x130
 RSP: 0018:ffff88006ece7d38  EFLAGS: 00010246
 RAX: 0000000000000286 RBX: ffff88007851b400 RCX: 0000000000000000
 RDX: 000000000000ffff RSI: ffff88006ece7d58 RDI: ffff88006ece7d38
 RBP: ffff88006ece7d98 R08: 000000000000000a R09: 000000000000fffe
 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
 R13: ffff8800792c5400 R14: 0000000000e8f000 R15: 0000000000000007
 FS:  00007f7aaa650700(0000) GS:ffff88007f800000(0000) GS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 00000000000002ae CR3: 000000006efec000 CR4: 00000000000006f0
 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
 Process trinity-child7 (pid: 4288, threadinfo ffff88006ece6000, task ffff880076a8a290)
 Stack:
  0000000000000286 ffffffff828f2be0 ffff88006ece7d58 ffffffff810f354d
  65636e6575716573 2065756575712072 ffff8800792c0030 0000000000000000
  ffff88006ece7d98 ffff8800792c5400 ffff88007851b400 ffff8800792c5520
 Call Trace:
  [<ffffffff810f354d>] ? trace_hardirqs_on+0xd/0x10
  [<ffffffff819b17e9>] snd_seq_queue_timer_open+0x29/0x70
  [<ffffffff819ae01a>] snd_seq_ioctl_set_queue_timer+0xda/0x120
  [<ffffffff819acb9b>] snd_seq_do_ioctl+0x9b/0xd0
  [<ffffffff819acbe0>] snd_seq_ioctl+0x10/0x20
  [<ffffffff811b9542>] do_vfs_ioctl+0x522/0x570
  [<ffffffff8130a4b3>] ? file_has_perm+0x83/0xa0
  [<ffffffff810f354d>] ? trace_hardirqs_on+0xd/0x10
  [<ffffffff811b95ed>] sys_ioctl+0x5d/0xa0
  [<ffffffff813663fe>] ? trace_hardirqs_on_thunk+0x3a/0x3f
  [<ffffffff81faed69>] system_call_fastpath+0x16/0x1b

Reported-and-tested-by: Tommi Rantala <tt.rantala@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2013-03-11 09:40:36 +01:00
Dan Carpenter 85c50a5899 ALSA: seq: seq_oss_event: missing range checks
The "dev" variable could be out of bounds.  Calling
snd_seq_oss_synth_is_valid() checks that it is is a valid device
which has been opened.  We check this inside set_note_event() so
this function can't succeed without a valid "dev".  But we need to
do the check earlier to prevent invalid dereferences and memory
corruption.

One call tree where "dev" could be out of bounds is:
-> snd_seq_oss_oob_user()
   -> snd_seq_oss_process_event()
      -> extended_event()
         -> note_on_event()

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2013-03-04 16:39:50 +01:00
Adam Buchbinder d93cf0687c various: Fix spelling of "registered" in comments.
Some comments misspell "registered"; this fixes them. No code changes.

Signed-off-by: Adam Buchbinder <adam.buchbinder@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2012-11-19 14:29:46 +01:00
Andi Kleen 8dea9d382a ALSA: lto, sound: Fix export symbols for !CONFIG_MODULES
The new LTO EXPORT_SYMBOL references symbols even without CONFIG_MODULES.
Since these functions are macros in this case this doesn't work.
Add a ifdef to fix the build.

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2012-08-20 11:53:10 +02:00
Lucas De Marchi 970e248649 Documentation: remove references to /etc/modprobe.conf
Usage of /etc/modprobe.conf file was deprecated by module-init-tools and
is no longer parsed by new kmod tool. References to this file are
replaced in Documentation, comments and Kconfig according to the
context.

There are also some references to the old /etc/modules.conf from 2.4
kernels that are being removed.

Signed-off-by: Lucas De Marchi <lucas.demarchi@profusion.mobi>
Acked-by: Takashi Iwai <tiwai@suse.de>
Acked-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-03-30 16:03:15 -07:00
Paul Gortmaker 51990e8254 device.h: cleanup users outside of linux/include (C files)
For files that are actively using linux/device.h, make sure
that they call it out.  This will allow us to clean up some
of the implicit uses of linux/device.h within include/*
without introducing build regressions.

Yes, this was created by "cheating" -- i.e. the headers were
cleaned up, and then the fallout was found and fixed, and then
the two commits were reordered.  This ensures we don't introduce
build regressions into the git history.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2012-03-11 14:27:37 -04:00
Rusty Russell a67ff6a540 ALSA: module_param: make bool parameters really bool
module_param(bool) used to counter-intuitively take an int.  In
fddd5201 (mid-2009) we allowed bool or int/unsigned int using a messy
trick.

It's time to remove the int/unsigned int option.  For this version
it'll simply give a warning, but it'll break next kernel version.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2011-12-19 10:34:41 +01:00
Paul Gortmaker d81a6d7176 sound: Add export.h for THIS_MODULE/EXPORT_SYMBOL where needed
These aren't modules, but they do make use of these macros, so
they will need export.h to get that definition.  Previously,
they got it via the implicit module.h inclusion.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2011-10-31 19:31:22 -04:00
Paul Gortmaker da155d5b40 sound: Add module.h to the previously silent sound users
Lots of sound drivers were getting module.h via the implicit presence
of it in <linux/device.h> but we are going to clean that up.  So
fix up those users now.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2011-10-31 19:31:21 -04:00
Paul Gortmaker 65a772172b sound: fix drivers needing module.h not moduleparam.h
The implicit presence of module.h lured several users into
incorrectly thinking that they only needed/used modparam.h
but once we clean up the module.h presence, these will show
up as build failures, so fix 'em now.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2011-10-31 19:31:19 -04:00
Luca Tettamanti 78fa2c4d24 ALSA: core: remove unused variables.
Drop a few variables that are never read.

Signed-off-by: Luca Tettamanti <kronos.it@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2011-05-26 08:19:04 +02:00
Lucas De Marchi 25985edced Fix common misspellings
Fixes generated by 'codespell' and manually reviewed.

Signed-off-by: Lucas De Marchi <lucas.demarchi@profusion.mobi>
2011-03-31 11:26:23 -03:00
Justin P. Mattock b6aa63eeb3 sound:core:seq:seq_ports.c Remove one to many n's in a word.
The Patch below removes one to many "n's" in a word..

Signed-off-by: Justin P. Mattock <justinmattock@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2011-02-27 10:05:53 +01:00
Clemens Ladisch fea952e5cc ALSA: core: sparse cleanups
Change the core code where sparse complains.  In most cases, this means
just adding annotations to confirm that we indeed want to do the dirty
things we're doing.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2011-02-14 17:10:11 +01:00
Kay Sievers 03cfe6f57d ALSA: support module on-demand loading for seq and timer
If CONFIG_SND_DYNAMIC_MINORS is used, assign /dev/snd/seq and
/dev/snd/timer the usual static minors, and export specific
module aliases to generate udev module on-demand loading
instructions:

  $ cat /lib/modules/2.6.33.4-smp/modules.devname
  # Device nodes to trigger on-demand module loading.
  microcode cpu/microcode c10:184
  fuse fuse c10:229
  ppp_generic ppp c108:0
  tun net/tun c10:200
  uinput uinput c10:223
  dm_mod mapper/control c10:236
  snd_timer snd/timer c116:33
  snd_seq snd/seq c116:1

The last two lines instruct udev to create device nodes, even
when the modules are not loaded at that time.

As soon as userspace accesses any of these nodes, the in-kernel
module-loader will load the module, and the device can be used.

The header file minor calculation needed to be simplified to
make __stringify() (supports only two indirections) in
the MODULE_ALIAS macro work.

This is part of systemd's effort to get rid of unconditional
module load instructions and needless init scripts.

Cc: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2010-11-24 05:53:25 +01:00
Arnd Bergmann 6038f373a3 llseek: automatically add .llseek fop
All file_operations should get a .llseek operation so we can make
nonseekable_open the default for future file operations without a
.llseek pointer.

The three cases that we can automatically detect are no_llseek, seq_lseek
and default_llseek. For cases where we can we can automatically prove that
the file offset is always ignored, we use noop_llseek, which maintains
the current behavior of not returning an error from a seek.

New drivers should normally not use noop_llseek but instead use no_llseek
and call nonseekable_open at open time.  Existing drivers can be converted
to do the same when the maintainer knows for certain that no user code
relies on calling seek on the device file.

The generated code is often incorrectly indented and right now contains
comments that clarify for each added line why a specific variant was
chosen. In the version that gets submitted upstream, the comments will
be gone and I will manually fix the indentation, because there does not
seem to be a way to do that using coccinelle.

Some amount of new code is currently sitting in linux-next that should get
the same modifications, which I will do at the end of the merge window.

Many thanks to Julia Lawall for helping me learn to write a semantic
patch that does all this.

===== begin semantic patch =====
// This adds an llseek= method to all file operations,
// as a preparation for making no_llseek the default.
//
// The rules are
// - use no_llseek explicitly if we do nonseekable_open
// - use seq_lseek for sequential files
// - use default_llseek if we know we access f_pos
// - use noop_llseek if we know we don't access f_pos,
//   but we still want to allow users to call lseek
//
@ open1 exists @
identifier nested_open;
@@
nested_open(...)
{
<+...
nonseekable_open(...)
...+>
}

@ open exists@
identifier open_f;
identifier i, f;
identifier open1.nested_open;
@@
int open_f(struct inode *i, struct file *f)
{
<+...
(
nonseekable_open(...)
|
nested_open(...)
)
...+>
}

@ read disable optional_qualifier exists @
identifier read_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
expression E;
identifier func;
@@
ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
{
<+...
(
   *off = E
|
   *off += E
|
   func(..., off, ...)
|
   E = *off
)
...+>
}

@ read_no_fpos disable optional_qualifier exists @
identifier read_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
@@
ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
{
... when != off
}

@ write @
identifier write_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
expression E;
identifier func;
@@
ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
{
<+...
(
  *off = E
|
  *off += E
|
  func(..., off, ...)
|
  E = *off
)
...+>
}

@ write_no_fpos @
identifier write_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
@@
ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
{
... when != off
}

@ fops0 @
identifier fops;
@@
struct file_operations fops = {
 ...
};

@ has_llseek depends on fops0 @
identifier fops0.fops;
identifier llseek_f;
@@
struct file_operations fops = {
...
 .llseek = llseek_f,
...
};

@ has_read depends on fops0 @
identifier fops0.fops;
identifier read_f;
@@
struct file_operations fops = {
...
 .read = read_f,
...
};

@ has_write depends on fops0 @
identifier fops0.fops;
identifier write_f;
@@
struct file_operations fops = {
...
 .write = write_f,
...
};

@ has_open depends on fops0 @
identifier fops0.fops;
identifier open_f;
@@
struct file_operations fops = {
...
 .open = open_f,
...
};

// use no_llseek if we call nonseekable_open
////////////////////////////////////////////
@ nonseekable1 depends on !has_llseek && has_open @
identifier fops0.fops;
identifier nso ~= "nonseekable_open";
@@
struct file_operations fops = {
...  .open = nso, ...
+.llseek = no_llseek, /* nonseekable */
};

@ nonseekable2 depends on !has_llseek @
identifier fops0.fops;
identifier open.open_f;
@@
struct file_operations fops = {
...  .open = open_f, ...
+.llseek = no_llseek, /* open uses nonseekable */
};

// use seq_lseek for sequential files
/////////////////////////////////////
@ seq depends on !has_llseek @
identifier fops0.fops;
identifier sr ~= "seq_read";
@@
struct file_operations fops = {
...  .read = sr, ...
+.llseek = seq_lseek, /* we have seq_read */
};

// use default_llseek if there is a readdir
///////////////////////////////////////////
@ fops1 depends on !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier readdir_e;
@@
// any other fop is used that changes pos
struct file_operations fops = {
... .readdir = readdir_e, ...
+.llseek = default_llseek, /* readdir is present */
};

// use default_llseek if at least one of read/write touches f_pos
/////////////////////////////////////////////////////////////////
@ fops2 depends on !fops1 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read.read_f;
@@
// read fops use offset
struct file_operations fops = {
... .read = read_f, ...
+.llseek = default_llseek, /* read accesses f_pos */
};

@ fops3 depends on !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier write.write_f;
@@
// write fops use offset
struct file_operations fops = {
... .write = write_f, ...
+	.llseek = default_llseek, /* write accesses f_pos */
};

// Use noop_llseek if neither read nor write accesses f_pos
///////////////////////////////////////////////////////////

@ fops4 depends on !fops1 && !fops2 && !fops3 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read_no_fpos.read_f;
identifier write_no_fpos.write_f;
@@
// write fops use offset
struct file_operations fops = {
...
 .write = write_f,
 .read = read_f,
...
+.llseek = noop_llseek, /* read and write both use no f_pos */
};

@ depends on has_write && !has_read && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier write_no_fpos.write_f;
@@
struct file_operations fops = {
... .write = write_f, ...
+.llseek = noop_llseek, /* write uses no f_pos */
};

@ depends on has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read_no_fpos.read_f;
@@
struct file_operations fops = {
... .read = read_f, ...
+.llseek = noop_llseek, /* read uses no f_pos */
};

@ depends on !has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
@@
struct file_operations fops = {
...
+.llseek = noop_llseek, /* no read or write fn */
};
===== End semantic patch =====

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Cc: Julia Lawall <julia@diku.dk>
Cc: Christoph Hellwig <hch@infradead.org>
2010-10-15 15:53:27 +02:00
Takashi Iwai 27f7ad5382 ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
The error handling in snd_seq_oss_open() has several bad codes that
do dereferecing released pointers and double-free of kmalloc'ed data.
The object dp is release in free_devinfo() that is called via
private_free callback.  The rest shouldn't touch this object any more.

The patch changes delete_port() to call kfree() in any case, and gets
rid of unnecessary calls of destructors in snd_seq_oss_open().

Fixes CVE-2010-3080.

Reported-and-tested-by: Tavis Ormandy <taviso@cmpxchg8b.com>
Cc: <stable@kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2010-09-08 10:45:34 +02:00
Takashi Iwai 02f4865fa4 ALSA: core - Define llseek fops
Set no_llseek to llseek file ops of each sound component (but for hwdep).
This avoids the implicit BKL invocation via generic_file_llseek() used
as default when fops.llseek is NULL.

Also call nonseekable_open() at each open ops to ensure the file flags
have no seek bit.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2010-04-13 12:01:21 +02:00
Tejun Heo 5a0e3ad6af include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files.  percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.

percpu.h -> slab.h dependency is about to be removed.  Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability.  As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.

  http://userweb.kernel.org/~tj/misc/slabh-sweep.py

The script does the followings.

* Scan files for gfp and slab usages and update includes such that
  only the necessary includes are there.  ie. if only gfp is used,
  gfp.h, if slab is used, slab.h.

* When the script inserts a new include, it looks at the include
  blocks and try to put the new include such that its order conforms
  to its surrounding.  It's put in the include block which contains
  core kernel includes, in the same order that the rest are ordered -
  alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
  doesn't seem to be any matching order.

* If the script can't find a place to put a new include (mostly
  because the file doesn't have fitting include block), it prints out
  an error message indicating which .h file needs to be added to the
  file.

The conversion was done in the following steps.

1. The initial automatic conversion of all .c files updated slightly
   over 4000 files, deleting around 700 includes and adding ~480 gfp.h
   and ~3000 slab.h inclusions.  The script emitted errors for ~400
   files.

2. Each error was manually checked.  Some didn't need the inclusion,
   some needed manual addition while adding it to implementation .h or
   embedding .c file was more appropriate for others.  This step added
   inclusions to around 150 files.

3. The script was run again and the output was compared to the edits
   from #2 to make sure no file was left behind.

4. Several build tests were done and a couple of problems were fixed.
   e.g. lib/decompress_*.c used malloc/free() wrappers around slab
   APIs requiring slab.h to be added manually.

5. The script was run on all .h files but without automatically
   editing them as sprinkling gfp.h and slab.h inclusions around .h
   files could easily lead to inclusion dependency hell.  Most gfp.h
   inclusion directives were ignored as stuff from gfp.h was usually
   wildly available and often used in preprocessor macros.  Each
   slab.h inclusion directive was examined and added manually as
   necessary.

6. percpu.h was updated not to include slab.h.

7. Build test were done on the following configurations and failures
   were fixed.  CONFIG_GCOV_KERNEL was turned off for all tests (as my
   distributed build env didn't work with gcov compiles) and a few
   more options had to be turned off depending on archs to make things
   build (like ipr on powerpc/64 which failed due to missing writeq).

   * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
   * powerpc and powerpc64 SMP allmodconfig
   * sparc and sparc64 SMP allmodconfig
   * ia64 SMP allmodconfig
   * s390 SMP allmodconfig
   * alpha SMP allmodconfig
   * um on x86_64 SMP allmodconfig

8. percpu.h modifications were reverted so that it could be applied as
   a separate patch and serve as bisection point.

Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.

Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-30 22:02:32 +09:00
Thadeu Lima de Souza Cascardo c85a400499 ALSA: trivial: sound seq ioctl dbg: print hexadecimal value padded with 0s
Instead of padding with blanks and printing "number=0x a", print
"number=0x0a".

Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@holoscopio.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2010-02-02 00:27:47 +01:00
Clemens Ladisch a32f66746c sound: seq_timer: simplify snd_seq_timer_set_tick_resolution() parameters
As snd_seq_timer_set_tick_resolution() is always called with the same
three fields of struct snd_seq_timer, it suffices to give that as the
only parameter.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Jaroslav Kysela <perex@perex.cz>
2010-01-18 16:38:30 +01:00
Takashi Iwai 0f23c5cc50 Merge branch 'topic/midi' into for-linus
* topic/midi:
  sound: rawmidi: disable active-sensing-on-close by default
  sound: seq_oss_midi: remove magic numbers
  sound: seq_midi: do not send MIDI reset when closing
  seq-midi: always log message on output overrun
2009-09-10 15:32:56 +02:00
Jaswinder Singh Rajput f96e080821 ALSA: OSS sequencer should be initialized after snd_seq_system_client_init
When build SND_SEQUENCER in kernel then OSS sequencer(alsa_seq_oss_init)
is initialized before System (snd_seq_system_client_init) which leads to
memory leak :

unreferenced object 0xf6b0e680 (size 256):
  comm "swapper", pid 1, jiffies 4294670753
  backtrace:
    [<c108ac5c>] create_object+0x135/0x204
    [<c108adfe>] kmemleak_alloc+0x26/0x4c
    [<c1087de2>] kmem_cache_alloc+0x72/0xff
    [<c126d2ac>] seq_create_client1+0x22/0x160
    [<c126e3b6>] snd_seq_create_kernel_client+0x72/0xef
    [<c1485a05>] snd_seq_oss_create_client+0x86/0x142
    [<c1485920>] alsa_seq_oss_init+0xf6/0x155
    [<c1001059>] do_one_initcall+0x4f/0x111
    [<c14655be>] kernel_init+0x115/0x166
    [<c10032af>] kernel_thread_helper+0x7/0x10
    [<ffffffff>] 0xffffffff
unreferenced object 0xf688a580 (size 64):
  comm "swapper", pid 1, jiffies 4294670753
  backtrace:
    [<c108ac5c>] create_object+0x135/0x204
    [<c108adfe>] kmemleak_alloc+0x26/0x4c
    [<c1087de2>] kmem_cache_alloc+0x72/0xff
    [<c126f964>] snd_seq_pool_new+0x1c/0xb8
    [<c126d311>] seq_create_client1+0x87/0x160
    [<c126e3b6>] snd_seq_create_kernel_client+0x72/0xef
    [<c1485a05>] snd_seq_oss_create_client+0x86/0x142
    [<c1485920>] alsa_seq_oss_init+0xf6/0x155
    [<c1001059>] do_one_initcall+0x4f/0x111
    [<c14655be>] kernel_init+0x115/0x166
    [<c10032af>] kernel_thread_helper+0x7/0x10
    [<ffffffff>] 0xffffffff
unreferenced object 0xf6b0e480 (size 256):
  comm "swapper", pid 1, jiffies 4294670754
  backtrace:
    [<c108ac5c>] create_object+0x135/0x204
    [<c108adfe>] kmemleak_alloc+0x26/0x4c
    [<c1087de2>] kmem_cache_alloc+0x72/0xff
    [<c12725a0>] snd_seq_create_port+0x51/0x21c
    [<c126de50>] snd_seq_ioctl_create_port+0x57/0x13c
    [<c126d07a>] snd_seq_do_ioctl+0x4a/0x69
    [<c126d0de>] snd_seq_kernel_client_ctl+0x33/0x49
    [<c1485a74>] snd_seq_oss_create_client+0xf5/0x142
    [<c1485920>] alsa_seq_oss_init+0xf6/0x155
    [<c1001059>] do_one_initcall+0x4f/0x111
    [<c14655be>] kernel_init+0x115/0x166
    [<c10032af>] kernel_thread_helper+0x7/0x10
    [<ffffffff>] 0xffffffff

The correct order should be :

System (snd_seq_system_client_init) should be initialized before
OSS sequencer(alsa_seq_oss_init) which is equivalent to :

1. insmod sound/core/seq/snd-seq-device.ko
2. insmod sound/core/seq/snd-seq.ko
3. insmod sound/core/seq/snd-seq-midi-event.ko
4. insmod sound/core/seq/oss/snd-seq-oss.ko

Including sound/core/seq/oss/Makefile after other seq modules
fixes the ordering and memory leak.

Signed-off-by: Jaswinder Singh Rajput <jaswinderrajput@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2009-07-19 19:10:01 +02:00
Clemens Ladisch 2d4b842014 sound: rawmidi: disable active-sensing-on-close by default
Sending an Active Sensing message when closing a port can interfere with
the following data if the port is reopened and a note-on is sent before
the device's timeout has elapsed.  Therefore, it is better to disable
this setting by default.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2009-07-15 11:57:20 +02:00
Clemens Ladisch 08d033405a sound: seq_oss_midi: remove magic numbers
Instead of using magic numbers for the controlles sent when resetting
a port, use the symbols from asoundef.h.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2009-07-15 11:57:08 +02:00
Clemens Ladisch b86c87288c sound: seq_midi: do not send MIDI reset when closing
Sending a MIDI reset message when closing a port is wrong because we
only want to shut the device up, not to reset all settings.
Furthermore, many devices ignore this message.

Fortunately, the RawMIDI layer already shuts the device up, so we can
ignore this matter here.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2009-07-15 11:56:58 +02:00