diff options
-rw-r--r-- | .SRCINFO | 6 | ||||
-rw-r--r-- | 0090-ALSA-hda-Fix-potential-access-overflow-in-beep-helpe.patch | 42 | ||||
-rw-r--r-- | 0091-ALSA-ice1724-Fix-invalid-access-for-enumerated-ctl-i.patch | 42 | ||||
-rw-r--r-- | PKGBUILD | 8 |
4 files changed, 95 insertions, 3 deletions
@@ -1,6 +1,6 @@ pkgbase = linux-rc pkgver = 5.6.3rc1 - pkgrel = 1 + pkgrel = 2 url = https://www.kernel.org/ arch = x86_64 license = GPL2 @@ -15,6 +15,8 @@ pkgbase = linux-rc source = https://www.kernel.org/pub/linux/kernel/v5.x/linux-5.6.2.tar.sign source = config source = 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch + source = 0090-ALSA-hda-Fix-potential-access-overflow-in-beep-helpe.patch + source = 0091-ALSA-ice1724-Fix-invalid-access-for-enumerated-ctl-i.patch validpgpkeys = ABAF11C65A2970B130ABE3C479BE3E4300411886 validpgpkeys = 647F28654894E3BD457199BE38DBBDC86092693E sha256sums = ee5ed31823de85c302419f562789716d4718839de3189be737d9a9cc1ee34e8a @@ -23,6 +25,8 @@ pkgbase = linux-rc sha256sums = SKIP sha256sums = e78bfa9f5a1065d93396a37d59043bd79805f4681df27ef44dcddea8de092818 sha256sums = 69117e252eb3c3bdfda08008c3e6e383675a4df5db03cdb76095089ee6a221f3 + sha256sums = d9032bb428c42e093f2686ae2830133c3600496f93574b3b41dc0ec69af6d5ad + sha256sums = bc53f7ec92126955e221698e634d2185909e83bc526f7ff9c7ad86da3fd8c8f4 pkgname = linux-rc pkgdesc = The release candidate kernel and modules diff --git a/0090-ALSA-hda-Fix-potential-access-overflow-in-beep-helpe.patch b/0090-ALSA-hda-Fix-potential-access-overflow-in-beep-helpe.patch new file mode 100644 index 000000000000..484fac704a3c --- /dev/null +++ b/0090-ALSA-hda-Fix-potential-access-overflow-in-beep-helpe.patch @@ -0,0 +1,42 @@ +From 59b4a3ed754311917646a1032da4a42cdc2cfde6 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai <tiwai@suse.de> +Date: Tue, 7 Apr 2020 10:36:22 +0200 +Subject: [PATCH] ALSA: hda: Fix potential access overflow in beep helper + +The beep control helper function blindly stores the values in two +stereo channels no matter whether the actual control is mono or +stereo. This is practically harmless, but it annoys the recently +introduced sanity check, resulting in an error when the checker is +enabled. + +This patch corrects the behavior to store only on the defined array +member. + +BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=207139 +Cc: <stable@vger.kernel.org> +Signed-off-by: Takashi Iwai <tiwai@suse.de> +--- + sound/pci/hda/hda_beep.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/sound/pci/hda/hda_beep.c b/sound/pci/hda/hda_beep.c +index f5fd62ed4df5..841523f6b88d 100644 +--- a/sound/pci/hda/hda_beep.c ++++ b/sound/pci/hda/hda_beep.c +@@ -290,8 +290,12 @@ int snd_hda_mixer_amp_switch_get_beep(struct snd_kcontrol *kcontrol, + { + struct hda_codec *codec = snd_kcontrol_chip(kcontrol); + struct hda_beep *beep = codec->beep; ++ int chs = get_amp_channels(kcontrol); ++ + if (beep && (!beep->enabled || !ctl_has_mute(kcontrol))) { +- ucontrol->value.integer.value[0] = ++ if (chs & 1) ++ ucontrol->value.integer.value[0] = beep->enabled; ++ if (chs & 2) + ucontrol->value.integer.value[1] = beep->enabled; + return 0; + } +-- +2.25.0 + diff --git a/0091-ALSA-ice1724-Fix-invalid-access-for-enumerated-ctl-i.patch b/0091-ALSA-ice1724-Fix-invalid-access-for-enumerated-ctl-i.patch new file mode 100644 index 000000000000..dcaf4245145e --- /dev/null +++ b/0091-ALSA-ice1724-Fix-invalid-access-for-enumerated-ctl-i.patch @@ -0,0 +1,42 @@ +From 8cd18c2bdaf1ddb117654fd1ba4befbf770bf2b5 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai <tiwai@suse.de> +Date: Tue, 7 Apr 2020 10:31:44 +0200 +Subject: [PATCH] ALSA: ice1724: Fix invalid access for enumerated ctl items + +The access to Analog Capture Source control value implemented in +prodigy_hifi.c is wrong, as caught by the recently introduced sanity +check; it should be accessing value.enumerated.item[] instead of +value.integer.value[]. This patch corrects the wrong access pattern. + +BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=207139 +Cc: <stable@vger.kernel.org> +Signed-off-by: Takashi Iwai <tiwai@suse.de> +--- + sound/pci/ice1712/prodigy_hifi.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sound/pci/ice1712/prodigy_hifi.c b/sound/pci/ice1712/prodigy_hifi.c +index 91f83cef0e56..9aa12a67d370 100644 +--- a/sound/pci/ice1712/prodigy_hifi.c ++++ b/sound/pci/ice1712/prodigy_hifi.c +@@ -536,7 +536,7 @@ static int wm_adc_mux_enum_get(struct snd_kcontrol *kcontrol, + struct snd_ice1712 *ice = snd_kcontrol_chip(kcontrol); + + mutex_lock(&ice->gpio_mutex); +- ucontrol->value.integer.value[0] = wm_get(ice, WM_ADC_MUX) & 0x1f; ++ ucontrol->value.enumerated.item[0] = wm_get(ice, WM_ADC_MUX) & 0x1f; + mutex_unlock(&ice->gpio_mutex); + return 0; + } +@@ -550,7 +550,7 @@ static int wm_adc_mux_enum_put(struct snd_kcontrol *kcontrol, + + mutex_lock(&ice->gpio_mutex); + oval = wm_get(ice, WM_ADC_MUX); +- nval = (oval & 0xe0) | ucontrol->value.integer.value[0]; ++ nval = (oval & 0xe0) | ucontrol->value.enumerated.item[0]; + if (nval != oval) { + wm_put(ice, WM_ADC_MUX, nval); + change = 1; +-- +2.25.0 + @@ -2,7 +2,7 @@ # Contributor: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com> pkgbase=linux-rc -pkgrel=1 +pkgrel=2 _srcname=linux-5.6 _major=5.6 ### on initial release this is null otherwise it is the current stable subversion @@ -31,6 +31,8 @@ source=( https://www.kernel.org/pub/linux/kernel/v5.x/linux-$_fullver.tar.{xz,sign} config # the main kernel config file 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch + 0090-ALSA-hda-Fix-potential-access-overflow-in-beep-helpe.patch + 0091-ALSA-ice1724-Fix-invalid-access-for-enumerated-ctl-i.patch ) validpgpkeys=( 'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds @@ -41,7 +43,9 @@ sha256sums=('ee5ed31823de85c302419f562789716d4718839de3189be737d9a9cc1ee34e8a' '2d4d91d8329c1ed3826c61463650dd4bfbb6ad39dcee6dba4f98a7e94a67b5b9' 'SKIP' 'e78bfa9f5a1065d93396a37d59043bd79805f4681df27ef44dcddea8de092818' - '69117e252eb3c3bdfda08008c3e6e383675a4df5db03cdb76095089ee6a221f3') + '69117e252eb3c3bdfda08008c3e6e383675a4df5db03cdb76095089ee6a221f3' + 'd9032bb428c42e093f2686ae2830133c3600496f93574b3b41dc0ec69af6d5ad' + 'bc53f7ec92126955e221698e634d2185909e83bc526f7ff9c7ad86da3fd8c8f4') _kernelname=${pkgbase#linux} |