diff options
| author | Richard Fitzgerald <rf@opensource.cirrus.com> | 2025-09-17 17:06:09 +0100 | 
|---|---|---|
| committer | Takashi Iwai <tiwai@suse.de> | 2025-09-17 18:19:04 +0200 | 
| commit | 7dd670db9afdca6aed4a9f99776cb72e6ed5a1f5 (patch) | |
| tree | 8bea8998960b25f7dcb3110a82b3350c4931f935 /lib/memory-notifier-error-inject.c | |
| parent | 44499ecb4f2817743c37d861bdb3e95f37d3d9cd (diff) | |
ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL
Check in snd_intel_dsp_check_soundwire() that the pointer returned by
ACPI_HANDLE() is not NULL, before passing it on to other functions.
The original code assumed a non-NULL return, but if it was unexpectedly
NULL it would end up passed to acpi_walk_namespace() as the start
point, and would result in
[    3.219028] BUG: kernel NULL pointer dereference, address:
0000000000000018
[    3.219029] #PF: supervisor read access in kernel mode
[    3.219030] #PF: error_code(0x0000) - not-present page
[    3.219031] PGD 0 P4D 0
[    3.219032] Oops: Oops: 0000 [#1] SMP NOPTI
[    3.219035] CPU: 2 UID: 0 PID: 476 Comm: (udev-worker) Tainted: G S
AW   E       6.17.0-rc5-test #1 PREEMPT(voluntary)
[    3.219038] Tainted: [S]=CPU_OUT_OF_SPEC, [A]=OVERRIDDEN_ACPI_TABLE,
[W]=WARN, [E]=UNSIGNED_MODULE
[    3.219040] RIP: 0010:acpi_ns_walk_namespace+0xb5/0x480
This problem was triggered by a bugged DSDT that the kernel couldn't parse.
But it shouldn't be possible to SEGFAULT the kernel just because of some
bugs in ACPI.
Fixes: 0650857570d1 ("ALSA: hda: add autodetection for SoundWire")
Signed-off-by: Richard Fitzgerald <rf@opensource.cirrus.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Diffstat (limited to 'lib/memory-notifier-error-inject.c')
0 files changed, 0 insertions, 0 deletions
