ALSA: emu10k1: Avoid access to invalid pages when period=1

When period=1, the driver tries to allocate a bit bigger buffer than
requested by the user due to the irq latency tolerance.  This may lead
to accesses over the actually allocated pages.

This patch adds a check of the page index and assigns the silent page
when it's over the given buffer size.

Signed-off-by: Takashi Iwai <tiwai@suse.de>

diff --git a/sound/pci/emu10k1/memory.c b/sound/pci/emu10k1/memory.c
index 4f502a2bdc3c51759ef26a4c4f80c858cc6192f9..0a436626182b9cc358def5a31f7a7daabf43c484 100644 (file)
--- a/sound/pci/emu10k1/memory.c
+++ b/sound/pci/emu10k1/memory.c
@@ -326,7 +326,10 @@ snd_emu10k1_alloc_pages(struct snd_emu10k1 *emu, struct snd_pcm_substream *subst
        for (page = blk->first_page; page <= blk->last_page; page++, idx++) {
                unsigned long ofs = idx << PAGE_SHIFT;
                dma_addr_t addr;
-               addr = snd_pcm_sgbuf_get_addr(substream, ofs);
+               if (ofs >= runtime->dma_bytes)
+                       addr = emu->silent_page.addr;
+               else
+                       addr = snd_pcm_sgbuf_get_addr(substream, ofs);
                if (! is_valid_page(emu, addr)) {
                        printk(KERN_ERR "emu: failure page = %d\n", idx);
                        mutex_unlock(&hdr->block_mutex);