FAILED: patch "[PATCH] ASoC: qcom: Fix sc7280 lpass potential buffer overflow" failed to apply to 6.1-stable tree
The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x a31a4934b31faea76e735bab17e63d02fcd8e029 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2025042138-spherical-reabsorb-d6da@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From a31a4934b31faea76e735bab17e63d02fcd8e029 Mon Sep 17 00:00:00 2001 From: Evgeny Pimenov pimenoveu12@gmail.com Date: Tue, 1 Apr 2025 23:40:58 +0300 Subject: [PATCH] ASoC: qcom: Fix sc7280 lpass potential buffer overflow
Case values introduced in commit 5f78e1fb7a3e ("ASoC: qcom: Add driver support for audioreach solution") cause out of bounds access in arrays of sc7280 driver data (e.g. in case of RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).
Redefine LPASS_MAX_PORTS to consider the maximum possible port id for q6dsp as sc7280 driver utilizes some of those values.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 77d0ffef793d ("ASoC: qcom: Add macro for lpass DAI id's max limit") Cc: stable@vger.kernel.org # v6.0+ Suggested-by: Mikhail Kobuk m.kobuk@ispras.ru Suggested-by: Alexey Khoroshilov khoroshilov@ispras.ru Signed-off-by: Evgeny Pimenov pimenoveu12@gmail.com Link: https://patch.msgid.link/20250401204058.32261-1-pimenoveu12@gmail.com Signed-off-by: Mark Brown broonie@kernel.org
diff --git a/sound/soc/qcom/lpass.h b/sound/soc/qcom/lpass.h index 27a2bf9a6613..de3ec6f594c1 100644 --- a/sound/soc/qcom/lpass.h +++ b/sound/soc/qcom/lpass.h @@ -13,10 +13,11 @@ #include <linux/platform_device.h> #include <linux/regmap.h> #include <dt-bindings/sound/qcom,lpass.h> +#include <dt-bindings/sound/qcom,q6afe.h> #include "lpass-hdmi.h"
#define LPASS_AHBIX_CLOCK_FREQUENCY 131072000 -#define LPASS_MAX_PORTS (LPASS_CDC_DMA_VA_TX8 + 1) +#define LPASS_MAX_PORTS (DISPLAY_PORT_RX_7 + 1) #define LPASS_MAX_MI2S_PORTS (8) #define LPASS_MAX_DMA_CHANNELS (8) #define LPASS_MAX_HDMI_DMA_CHANNELS (4)
Case values introduced in commit 5f78e1fb7a3e ("ASoC: qcom: Add driver support for audioreach solution") cause out of bounds access in arrays of sc7280 driver data (e.g. in case of RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).
Redefine LPASS_MAX_PORTS to consider the maximum possible port id for q6dsp as sc7280 driver utilizes some of those values.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 77d0ffef793d ("ASoC: qcom: Add macro for lpass DAI id's max limit") Cc: stable@vger.kernel.org # v6.0+ Suggested-by: Mikhail Kobuk m.kobuk@ispras.ru Suggested-by: Alexey Khoroshilov khoroshilov@ispras.ru Signed-off-by: Evgeny Pimenov pimenoveu12@gmail.com --- sound/soc/qcom/lpass.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/soc/qcom/lpass.h b/sound/soc/qcom/lpass.h index b96116ea8116..68594b108e0e 100644 --- a/sound/soc/qcom/lpass.h +++ b/sound/soc/qcom/lpass.h @@ -17,7 +17,7 @@ #include "lpass-hdmi.h"
#define LPASS_AHBIX_CLOCK_FREQUENCY 131072000 -#define LPASS_MAX_PORTS (DISPLAY_PORT_RX_7 + 1) +#define LPASS_MAX_PORTS (QUINARY_MI2S_TX + 1) #define LPASS_MAX_MI2S_PORTS (8) #define LPASS_MAX_DMA_CHANNELS (8) #define LPASS_MAX_HDMI_DMA_CHANNELS (4)
[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ⚠️ Found matching upstream commit but patch is missing proper reference to it
Found matching upstream commit: a31a4934b31faea76e735bab17e63d02fcd8e029
Status in newer kernel trees: 6.14.y | Not found 6.12.y | Not found 6.6.y | Not found
Note: The patch differs from the upstream commit: --- 1: a31a4934b31fa < -: ------------- ASoC: qcom: Fix sc7280 lpass potential buffer overflow -: ------------- > 1: 420102835862f Linux 6.1.134 ---
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-6.1.y | Success | Success |
On Mon, 21 Apr 2025 22:15:41 -0400 Sasha Levin sashal@kernel.org wrote:
[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ⚠️ Found matching upstream commit but patch is missing proper reference to it
Found matching upstream commit: a31a4934b31faea76e735bab17e63d02fcd8e029
This founded upstream commit is correct.
Status in newer kernel trees: 6.14.y | Not found 6.12.y | Not found 6.6.y | Not found
Note: The patch differs from the upstream commit:
1: a31a4934b31fa < -: ------------- ASoC: qcom: Fix sc7280 lpass potential buffer overflow
-: ------------- > 1: 420102835862f Linux 6.1.134
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-6.1.y | Success | Success |
linux-stable-mirror@lists.linaro.org
-
Evgeny Pimenov -
gregkh@linuxfoundation.org -
Sasha Levin