Takashi Iwai fbd3eb7f66 ALSA: control: Add verification for kctl accesses
The current implementation of ALSA control API fully relies on the
callbacks of each driver, and there is no verification of the values
passed via API.  This patch is an attempt to improve the situation
slightly by adding the validation code for the values stored via info
and get callbacks.

The patch adds a new kconfig, CONFIG_SND_CTL_VALIDATION.  It depends
on CONFIG_SND_DEBUG and off as default since the validation would
require a slight overhead including the additional call of info
callback at each get callback invocation.

When this config is enabled, the values stored by each info callback
invocation are verified, namely:
- Whether the info type is valid
- Whether the number of enum items is non-zero
- Whether the given info count is within the allowed boundary

Similarly, the values stored at each get callback are verified as
well:
- Whether the values are within the given range
- Whether the values are aligned with the given step
- Whether any further changes are seen in the data array over the
  given info count

The last point helps identifying a possibly invalid data type access,
typically a case where the info callback declares the type being
SNDRV_CTL_ELEM_TYPE_ENUMERATED while the get/put callbacks store
the values in value.integer.value[] array.

When a validation fails, the ALSA core logs an error message including
the device and the control ID, and the API call also returns an
error.  So, with the new validation turned on, the driver behavior
difference may be visible on user-space, too -- it's intentional,
though, so that we can catch an error more clearly.

The patch also introduces a new ctl access type,
SNDRV_CTL_ELEM_ACCESS_SKIP_CHECK.  A driver may pass this flag with
other access bits to indicate that the ctl element won't be verified.
It's useful when a driver code is specially written to access the data
greater than info->count size by some reason.  For example, this flag
is actually set now in HD-audio HDMI codec driver which needs to clear
the data array in the case of the disconnected monitor.

Also, the PCM channel-map helper code is slightly modified to avoid
the false-positive hit by this validation code, too.

Link: https://lore.kernel.org/r/20200104083556.27789-1-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2020-01-04 09:37:59 +01:00

198 lines
5.0 KiB
Plaintext

# SPDX-License-Identifier: GPL-2.0-only
# ALSA soundcard-configuration
config SND_TIMER
tristate
config SND_PCM
tristate
select SND_TIMER if SND_PCM_TIMER
config SND_PCM_ELD
bool
config SND_PCM_IEC958
bool
config SND_DMAENGINE_PCM
tristate
config SND_HWDEP
tristate
config SND_SEQ_DEVICE
tristate
config SND_RAWMIDI
tristate
select SND_SEQ_DEVICE if SND_SEQUENCER != n
config SND_COMPRESS_OFFLOAD
tristate
config SND_JACK
bool
# enable input device support in jack layer
config SND_JACK_INPUT_DEV
bool
depends on SND_JACK
default y if INPUT=y || INPUT=SND
config SND_OSSEMUL
bool "Enable OSS Emulation"
select SOUND_OSS_CORE
help
This option enables the build of OSS emulation layer.
config SND_MIXER_OSS
tristate "OSS Mixer API"
depends on SND_OSSEMUL
help
To enable OSS mixer API emulation (/dev/mixer*), say Y here
and read <file:Documentation/sound/designs/oss-emulation.rst>.
Many programs still use the OSS API, so say Y.
To compile this driver as a module, choose M here: the module
will be called snd-mixer-oss.
config SND_PCM_OSS
tristate "OSS PCM (digital audio) API"
depends on SND_OSSEMUL
select SND_PCM
help
To enable OSS digital audio (PCM) emulation (/dev/dsp*), say Y
here and read <file:Documentation/sound/designs/oss-emulation.rst>.
Many programs still use the OSS API, so say Y.
To compile this driver as a module, choose M here: the module
will be called snd-pcm-oss.
config SND_PCM_OSS_PLUGINS
bool "OSS PCM (digital audio) API - Include plugin system"
depends on SND_PCM_OSS
default y
help
If you disable this option, the ALSA's OSS PCM API will not
support conversion of channels, formats and rates. It will
behave like most of new OSS/Free drivers in 2.4/2.6 kernels.
config SND_PCM_TIMER
bool "PCM timer interface" if EXPERT
default y
help
If you disable this option, pcm timer will be unavailable, so
those stubs that use pcm timer (e.g. dmix, dsnoop & co) may work
incorrectlly.
For some embedded devices, we may disable it to reduce memory
footprint, about 20KB on x86_64 platform.
config SND_HRTIMER
tristate "HR-timer backend support"
depends on HIGH_RES_TIMERS
select SND_TIMER
help
Say Y here to enable HR-timer backend for ALSA timer. ALSA uses
the hrtimer as a precise timing source. The ALSA sequencer code
also can use this timing source.
To compile this driver as a module, choose M here: the module
will be called snd-hrtimer.
config SND_DYNAMIC_MINORS
bool "Dynamic device file minor numbers"
help
If you say Y here, the minor numbers of ALSA device files in
/dev/snd/ are allocated dynamically. This allows you to have
more than 8 sound cards, but requires a dynamic device file
system like udev.
If you are unsure about this, say N here.
config SND_MAX_CARDS
int "Max number of sound cards"
range 4 256
default 32
depends on SND_DYNAMIC_MINORS
help
Specify the max number of sound cards that can be assigned
on a single machine.
config SND_SUPPORT_OLD_API
bool "Support old ALSA API"
default y
help
Say Y here to support the obsolete ALSA PCM API (ver.0.9.0 rc3
or older).
config SND_PROC_FS
bool "Sound Proc FS Support" if EXPERT
depends on PROC_FS
default y
help
Say 'N' to disable Sound proc FS, which may reduce code size about
9KB on x86_64 platform.
If unsure say Y.
config SND_VERBOSE_PROCFS
bool "Verbose procfs contents"
depends on SND_PROC_FS
default y
help
Say Y here to include code for verbose procfs contents (provides
useful information to developers when a problem occurs). On the
other side, it makes the ALSA subsystem larger.
config SND_VERBOSE_PRINTK
bool "Verbose printk"
help
Say Y here to enable verbose log messages. These messages
will help to identify source file and position containing
printed messages.
You don't need this unless you're debugging ALSA.
config SND_DEBUG
bool "Debug"
help
Say Y here to enable ALSA debug code.
config SND_DEBUG_VERBOSE
bool "More verbose debug"
depends on SND_DEBUG
help
Say Y here to enable extra-verbose debugging messages.
Let me repeat: it enables EXTRA-VERBOSE DEBUGGING messages.
So, say Y only if you are ready to be annoyed.
config SND_PCM_XRUN_DEBUG
bool "Enable PCM ring buffer overrun/underrun debugging"
default n
depends on SND_DEBUG && SND_VERBOSE_PROCFS
help
Say Y to enable the PCM ring buffer overrun/underrun debugging.
It is usually not required, but if you have trouble with
sound clicking when system is loaded, it may help to determine
the process or driver which causes the scheduling gaps.
config SND_CTL_VALIDATION
bool "Perform sanity-checks for each control element access"
depends on SND_DEBUG
help
Say Y to enable the additional validation of each control element
access, including sanity-checks like whether the values returned
from the driver are in the proper ranges or the check of the invalid
access at out-of-array areas.
config SND_VMASTER
bool
config SND_DMA_SGBUF
def_bool y
depends on X86
source "sound/core/seq/Kconfig"