kernel/linux.git/sound/firewire, branch v6.18.21Linux kernel stable tree (mirror)https://git.radix-linux.su/kernel/linux.git/atom?h=v6.18.212026-04-02T11:23:17+00:00ALSA: firewire-lib: fix uninitialized local variable2026-04-02T11:23:17+00:00Alexey Nepomnyashihsdl@nppct.ru2026-03-16T19:18:22+00:00urn:sha1:c215d25cf050b86c74c7600363e8576a8d5a8b70
commit bb120ad57def62e3f23e3d999c5fbed11f610993 upstream.
Similar to commit d8dc8720468a ("ALSA: firewire-lib: fix uninitialized
local variable"), the local variable `curr_cycle_time` in
process_rx_packets() is declared without initialization.
When the tracepoint event is not probed, the variable may appear to be
used without being initialized. In practice the value is only relevant
when the tracepoint is enabled, however initializing it avoids potential
use of an uninitialized value and improves code safety.
Initialize `curr_cycle_time` to zero.
Fixes: fef4e61b0b76 ("ALSA: firewire-lib: extend tracepoints event including CYCLE_TIME of 1394 OHCI")
Cc: stable@vger.kernel.org
Signed-off-by: Alexey Nepomnyashih <sdl@nppct.ru>
Link: https://patch.msgid.link/20260316191824.83249-1-sdl@nppct.ru
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
ALSA: dice: fix buffer overflow in detect_stream_formats()2025-12-18T13:03:42+00:00Junrui Luomoonafterrain@outlook.com2025-11-28T04:06:31+00:00urn:sha1:1e1b3207a53e50d5a66289fffc1f7d52cd9c50f9
commit 324f3e03e8a85931ce0880654e3c3eb38b0f0bba upstream.
The function detect_stream_formats() reads the stream_count value directly
from a FireWire device without validating it. This can lead to
out-of-bounds writes when a malicious device provides a stream_count value
greater than MAX_STREAMS.
Fix by applying the same validation to both TX and RX stream counts in
detect_stream_formats().
Reported-by: Yuhao Jiang <danisjiang@gmail.com>
Reported-by: Junrui Luo <moonafterrain@outlook.com>
Fixes: 58579c056c1c ("ALSA: dice: use extended protocol to detect available stream formats")
Cc: stable@vger.kernel.org
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Junrui Luo <moonafterrain@outlook.com>
Link: https://patch.msgid.link/SYBPR01MB7881B043FC68B4C0DA40B73DAFDCA@SYBPR01MB7881.ausprd01.prod.outlook.com
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
ALSA: firewire-motu: add bounds check in put_user loop for DSP events2025-12-18T13:03:39+00:00Junrui Luomoonafterrain@outlook.com2025-12-09T05:16:41+00:00urn:sha1:8f9e51cf2a2a43d0cd72d3dc0b5ccea3f639c187
[ Upstream commit 298e753880b6ea99ac30df34959a7a03b0878eed ]
In the DSP event handling code, a put_user() loop copies event data.
When the user buffer size is not aligned to 4 bytes, it could overwrite
beyond the buffer boundary.
Fix by adding a bounds check before put_user().
Suggested-by: Takashi Iwai <tiwai@suse.de>
Fixes: 634ec0b2906e ("ALSA: firewire-motu: notify event for parameter change in register DSP model")
Signed-off-by: Junrui Luo <moonafterrain@outlook.com>
Link: https://patch.msgid.link/SYBPR01MB788112C72AF8A1C8C448B4B8AFA3A@SYBPR01MB7881.ausprd01.prod.outlook.com
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events2025-12-18T13:03:37+00:00Junrui Luomoonafterrain@outlook.com2025-12-03T04:27:03+00:00urn:sha1:cdda0d06f8650e33255f79839f188bbece44117c
[ Upstream commit 210d77cca3d0494ed30a5c628b20c1d95fa04fb1 ]
The DSP event handling code in hwdep_read() could write more bytes to
the user buffer than requested, when a user provides a buffer smaller
than the event header size (8 bytes).
Fix by using min_t() to clamp the copy size, This ensures we never copy
more than the user requested.
Reported-by: Yuhao Jiang <danisjiang@gmail.com>
Reported-by: Junrui Luo <moonafterrain@outlook.com>
Fixes: 634ec0b2906e ("ALSA: firewire-motu: notify event for parameter change in register DSP model")
Signed-off-by: Junrui Luo <moonafterrain@outlook.com>
Link: https://patch.msgid.link/SYBPR01MB78810656377E79E58350D951AFD9A@SYBPR01MB7881.ausprd01.prod.outlook.com
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings2025-10-14T13:12:52+00:00Randy Dunlaprdunlap@infradead.org2025-10-14T03:05:52+00:00urn:sha1:d41f68dff783d181a8fd462e612bda0fbab7f735
Fix spelling of CIP_NO_HEADER to prevent a kernel-doc warning.
Warning: amdtp-stream.h:57 Enum value 'CIP_NO_HEADER' not described in enum 'cip_flags'
Warning: amdtp-stream.h:57 Excess enum value '%CIP_NO_HEADERS' description in 'cip_flags'
Fixes: 3b196c394dd9f ("ALSA: firewire-lib: add no-header packet processing")
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
ALSA: firewire: motu: Use guard() for spin locks2025-08-30T08:04:22+00:00Takashi Iwaitiwai@suse.de2025-08-30T08:03:50+00:00urn:sha1:914c62f21842420ec4118503e0da815faf0acdfe
Clean up the code using guard() for spin locks.
Merely code refactoring, and no behavior change.
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Link: https://patch.msgid.link/20250830080351.25600-1-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
ALSA: firewire: lib: Use guard() for spin locks2025-08-30T08:02:27+00:00Takashi Iwaitiwai@suse.de2025-08-28T13:27:23+00:00urn:sha1:38ac99ff0ab15bf2231058168e988f66740c0785
Clean up the code using guard() for spin locks.
Merely code refactoring, and no behavior change.
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://patch.msgid.link/20250828132802.9032-20-tiwai@suse.de
ALSA: firewire: tascam: Use guard() for spin locks2025-08-30T08:02:27+00:00Takashi Iwaitiwai@suse.de2025-08-28T13:27:22+00:00urn:sha1:8885ab5f215cc99918b4b711c2d8578004ae5481
Clean up the code using guard() for spin locks.
Merely code refactoring, and no behavior change.
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://patch.msgid.link/20250828132802.9032-19-tiwai@suse.de
ALSA: firewire: oxfw: Use guard() for spin locks2025-08-30T08:02:27+00:00Takashi Iwaitiwai@suse.de2025-08-28T13:27:21+00:00urn:sha1:cae230e4d0a9a4234e042c8eaa19bb9b11879792
Clean up the code using guard() for spin locks.
Merely code refactoring, and no behavior change.
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://patch.msgid.link/20250828132802.9032-18-tiwai@suse.de
ALSA: firewire: fireworks: Use guard() for spin locks2025-08-30T08:02:22+00:00Takashi Iwaitiwai@suse.de2025-08-28T13:27:19+00:00urn:sha1:0b8bf8d00f4015f85a9fd5799e39ba10b42fa5e3
Clean up the code using guard() for spin locks.
Merely code refactoring, and no behavior change.
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://patch.msgid.link/20250828132802.9032-16-tiwai@suse.de