Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp2378144lqp; Sun, 24 Mar 2024 16:43:47 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUoFowgpoCVp6WHknCdRyQUWAliFOSmHRZ69SW18HCj78QWASnTjO3dT5Ie5k+jnKGBDkWfM07KQ285k8x6TfhVnN90E1lFYCxr1hFYLA== X-Google-Smtp-Source: AGHT+IEw+S4g/3F8d7+9Pbq/CmDLOZyrXfbmPk8JAiv+TDVWjAzrP7mFCEbM1WqDn0IY6blUZo52 X-Received: by 2002:ad4:5a51:0:b0:696:7902:983a with SMTP id ej17-20020ad45a51000000b006967902983amr5050639qvb.2.1711323827173; Sun, 24 Mar 2024 16:43:47 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711323827; cv=pass; d=google.com; s=arc-20160816; b=tzT69/VZ3MVSuJCfKPaSKwvog5be1/Kxw97lFBev45EgNW8sqlJHLLaZ5ghcBhW4k3 fRTmWY8FjR4ERtEQw916t1uK30fwO/xuM3vWTF5WqKAKIKtlW3Gr+/pLfrSSElFaeeVU wZ2VD3uYJEGD593Uwn447jj1ZNGyOZ3LwkabNiC486001apbaHbppne2Eabn9qRPZ4As 2EFJJs+xrcMuZPv03MvGq5oNrCtYm0F5Hjdde8+KvSuphYPAqDtBq28Qb3v+wfeTS/UE X61Xg+1yaj7b9TVwqZ4yNU4H5jBAjUXbsR8tODE8jA22tUQ0N2fZfVOtUaJ1Df4XTms6 0AKQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=pSZqMBvSHPNd/LdcsZBLAESSD1M5wCMA3EuczGge/QY=; fh=/TnrLxI5sd/8bhOUk5NCak+Scug04k+QZYgHCAWUD88=; b=wJ3UZ2jDeGhHnyfhZzAl4vEMhlLhZrcSkzC3u2ZAzUJSL+eLmjWLLFdD4R0g6GdMo8 KMFljX/DAQfkHQhcOuqZ6CWgyxDmACjXXjOXcYueQWBjvPvrDnmuOM5ZiVhum/une06L UXWHOkCzCCPy30uMVZRxt9bjfCYwScDzuCsNqdaDXhUrwRWwMHOnFi3JxasyGtKfxU+T Q1FIEFikdIf6n1oIdxdRePBtz2uYZYj/55SZQ3Gumnux8pQdemgRpu0xiRfeDgUl3dKB RVGeKyBf36AgNtWGjtrDdy7N57Guud68tYDngLcTaB3iHS+PlJ949bMUWBmSYE5rCxce n3gQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bi0wxxlm; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-113205-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-113205-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id r14-20020a0562140c4e00b006961178758asi6937395qvj.221.2024.03.24.16.43.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 Mar 2024 16:43:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-113205-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bi0wxxlm; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-113205-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-113205-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id DFA471C226CB for ; Sun, 24 Mar 2024 23:43:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5B61417D24A; Sun, 24 Mar 2024 22:40:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="bi0wxxlm" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4DA7617D228; Sun, 24 Mar 2024 22:40:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711320007; cv=none; b=powViEbk3gCVdEnWPcOrm+vHAQr6dICWUQ0zDKqGyNBWHt4B1Lfiv4fzvmznSHDclRQ/vaXLsxmuUjAj3w1/4VwfoEukHPgcu+d+r7KG+X0GHthkTDADP1TeK/2+aVFXRhpzZRhHN077RLLqjAwCyqR0z2ji8RoB22xJuJMcNcc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711320007; c=relaxed/simple; bh=DJS3TGp3Td4MV9ZRjIwo5xMPi1BQTcb3/FYgdCrfEqo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=cE2T0aPT+g6VhJZ5yeT0ce9vwbAM3JwCKDDRidggr2q5l4Lf+j4fsV9hECHjmTMMZGJSNsPQF+WEuy2AmPeLStYvp/gwlPR2sVv2u42I1pFpt4JamYQF81HId0GvTmE/AtEhbaioRpmq+5JeaSfwgK/YWxNLdB6WbRnxy/KvoCw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=bi0wxxlm; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id A0E9CC433F1; Sun, 24 Mar 2024 22:40:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711320007; bh=DJS3TGp3Td4MV9ZRjIwo5xMPi1BQTcb3/FYgdCrfEqo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bi0wxxlmbGD36mkdAwNw1jBoDGOeoGcC6n5ki994OZOOzY8ogBCSYqb1EFypREDxH hPqjXYSnKmmlwnoJgZ1bipySV/41oN5D1FSsd00xFA1nNiZ2AtMpccjIYzsaLlllGg BQKPdkEohIjGoTgrS2ty3OwoIqX3+wmRVC5yhUux+ocAnqnEonLSbU2FC08KFVXUq4 5lgL0CCJC6Sxkkfg7yTZZsXsBH6OTI5StFkFTL7+whlA4OObrfE0NgbmjbUnHf1HFa RAkinz3+MSVaax2I4/gHZyo6yAQbKGjGPrz6RWA94Dj3MGAXa6hbZzTmKw/WLOH5f4 PQDyPbIvbvtpw== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Luiz Augusto von Dentz , Sasha Levin Subject: [PATCH 6.8 314/715] Bluetooth: btusb: Fix memory leak Date: Sun, 24 Mar 2024 18:28:13 -0400 Message-ID: <20240324223455.1342824-315-sashal@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240324223455.1342824-1-sashal@kernel.org> References: <20240324223455.1342824-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit From: Luiz Augusto von Dentz [ Upstream commit 79f4127a502c5905f04da1f20a7bbe07103fb77c ] This checks if CONFIG_DEV_COREDUMP is enabled before attempting to clone the skb and also make sure btmtk_process_coredump frees the skb passed following the same logic. Fixes: 0b7015132878 ("Bluetooth: btusb: mediatek: add MediaTek devcoredump support") Signed-off-by: Luiz Augusto von Dentz Signed-off-by: Sasha Levin --- drivers/bluetooth/btmtk.c | 4 +++- drivers/bluetooth/btusb.c | 10 ++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/drivers/bluetooth/btmtk.c b/drivers/bluetooth/btmtk.c index aaabb732082cd..285418dbb43f5 100644 --- a/drivers/bluetooth/btmtk.c +++ b/drivers/bluetooth/btmtk.c @@ -372,8 +372,10 @@ int btmtk_process_coredump(struct hci_dev *hdev, struct sk_buff *skb) struct btmediatek_data *data = hci_get_priv(hdev); int err; - if (!IS_ENABLED(CONFIG_DEV_COREDUMP)) + if (!IS_ENABLED(CONFIG_DEV_COREDUMP)) { + kfree_skb(skb); return 0; + } switch (data->cd_info.state) { case HCI_DEVCOREDUMP_IDLE: diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index d31edad7a0560..6cb87d47ad7d5 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -3273,7 +3273,6 @@ static int btusb_recv_acl_mtk(struct hci_dev *hdev, struct sk_buff *skb) { struct btusb_data *data = hci_get_drvdata(hdev); u16 handle = le16_to_cpu(hci_acl_hdr(skb)->handle); - struct sk_buff *skb_cd; switch (handle) { case 0xfc6f: /* Firmware dump from device */ @@ -3286,9 +3285,12 @@ static int btusb_recv_acl_mtk(struct hci_dev *hdev, struct sk_buff *skb) * for backward compatibility, so we have to clone the packet * extraly for the in-kernel coredump support. */ - skb_cd = skb_clone(skb, GFP_ATOMIC); - if (skb_cd) - btmtk_process_coredump(hdev, skb_cd); + if (IS_ENABLED(CONFIG_DEV_COREDUMP)) { + struct sk_buff *skb_cd = skb_clone(skb, GFP_ATOMIC); + + if (skb_cd) + btmtk_process_coredump(hdev, skb_cd); + } fallthrough; case 0x05ff: /* Firmware debug logging 1 */ -- 2.43.0