ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot (230f6460) · Commits · Mirrors / git.yoctoproject.org / linux-yocto

Commit 230f6460 authored Jul 12, 2022 by

Peter Ujfalusi Committed by Greg Kroah-Hartman Aug 25, 2022

ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot

[ Upstream commit acacd9ee

 ]

It is not yet clear, but it is possible to create a firmware so broken
that it will send a reply message before a FW_READY message (it is not
yet clear if FW_READY will arrive later).
Since the reply_data is allocated only after the FW_READY message, this
will lead to a NULL pointer dereference if not filtered out.

The issue was reported with IPC4 firmware but the same condition is present
for IPC3.

Reported-by: Kai Vehmanen <kai.vehmanen@linux.intel.com>
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@linux.intel.com>
Reviewed-by: Ranjani Sridharan <ranjani.sridharan@linux.intel.com>
Reviewed-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Link: https://lore.kernel.org/r/20220712122357.31282-2-peter.ujfalusi@linux.intel.com
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 62c86390

Hide whitespace changes

Inline Side-by-side

Please register or to comment