From: Santosh Nayak <[email protected]>
Silencing Static checker warning.
1. Endian warning
2. variable dereferenced before check 'sk' .
Signed-off-by: Santosh Nayak <[email protected]>
---
net/bluetooth/l2cap_sock.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index 401d942..d206321 100644
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -82,7 +82,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
}
if (la.l2_cid)
- err = l2cap_add_scid(chan, la.l2_cid);
+ err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
else
err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
@@ -123,7 +123,8 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al
if (la.l2_cid && la.l2_psm)
return -EINVAL;
- err = l2cap_chan_connect(chan, la.l2_psm, la.l2_cid, &la.l2_bdaddr);
+ err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
+ &la.l2_bdaddr);
if (err)
goto done;
@@ -795,7 +796,7 @@ static void l2cap_sock_kill(struct sock *sk)
static int l2cap_sock_shutdown(struct socket *sock, int how)
{
struct sock *sk = sock->sk;
- struct l2cap_chan *chan = l2cap_pi(sk)->chan;
+ struct l2cap_chan *chan;
int err = 0;
BT_DBG("sock %p, sk %p", sock, sk);
@@ -803,6 +804,8 @@ static int l2cap_sock_shutdown(struct socket *sock, int how)
if (!sk)
return 0;
+ chan = l2cap_pi(sk)->chan;
+
lock_sock(sk);
if (!sk->sk_shutdown) {
if (chan->mode == L2CAP_MODE_ERTM)
--
1.7.4.4
Hi Santosh,
On Wed, Feb 29, 2012 at 7:06 PM, santosh nayak
<[email protected]> wrote:
> From: Santosh Nayak <[email protected]>
>
> Silencing Static checker warning.
> 1. Endian warning
> 2. variable dereferenced before check 'sk' .
>
> Signed-off-by: Santosh Nayak <[email protected]>
> ---
> =A0net/bluetooth/l2cap_sock.c | =A0 =A09 ++++++---
> =A01 files changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
> index 401d942..d206321 100644
> --- a/net/bluetooth/l2cap_sock.c
> +++ b/net/bluetooth/l2cap_sock.c
> @@ -82,7 +82,7 @@ static int l2cap_sock_bind(struct socket *sock, struct =
sockaddr *addr, int alen)
> =A0 =A0 =A0 =A0}
>
> =A0 =A0 =A0 =A0if (la.l2_cid)
> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 err =3D l2cap_add_scid(chan, la.l2_cid);
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 err =3D l2cap_add_scid(chan, __le16_to_cpu(=
la.l2_cid));
> =A0 =A0 =A0 =A0else
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0err =3D l2cap_add_psm(chan, &la.l2_bdaddr,=
la.l2_psm);
>
> @@ -123,7 +123,8 @@ static int l2cap_sock_connect(struct socket *sock, st=
ruct sockaddr *addr, int al
> =A0 =A0 =A0 =A0if (la.l2_cid && la.l2_psm)
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return -EINVAL;
>
> - =A0 =A0 =A0 err =3D l2cap_chan_connect(chan, la.l2_psm, la.l2_cid, &la.=
l2_bdaddr);
> + =A0 =A0 =A0 err =3D l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(l=
a.l2_cid),
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 &la.l2_bdad=
dr);
> =A0 =A0 =A0 =A0if (err)
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0goto done;
>
> @@ -795,7 +796,7 @@ static void l2cap_sock_kill(struct sock *sk)
> =A0static int l2cap_sock_shutdown(struct socket *sock, int how)
> =A0{
> =A0 =A0 =A0 =A0struct sock *sk =3D sock->sk;
> - =A0 =A0 =A0 struct l2cap_chan *chan =3D l2cap_pi(sk)->chan;
> + =A0 =A0 =A0 struct l2cap_chan *chan;
> =A0 =A0 =A0 =A0int err =3D 0;
>
> =A0 =A0 =A0 =A0BT_DBG("sock %p, sk %p", sock, sk);
> @@ -803,6 +804,8 @@ static int l2cap_sock_shutdown(struct socket *sock, i=
nt how)
> =A0 =A0 =A0 =A0if (!sk)
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return 0;
>
> + =A0 =A0 =A0 chan =3D l2cap_pi(sk)->chan;
> +
Didn't I fix this bug already?
http://permalink.gmane.org/gmane.linux.bluez.kernel/21537
Regards,
Andrei
On Wed, Feb 29, 2012 at 10:36:57PM +0530, santosh nayak wrote:
> From: Santosh Nayak <[email protected]>
>
> Silencing Static checker warning.
> 1. Endian warning
It's not an endian warning, it's an endian bug. This code won't
work on big endian systems. Don't mix bugfixes and other changes.
Probably at some point someone will be updating their kernel for
an embedded platform and they'll do a "git log --pretty=oneline" and
they'll notice your endian fix and decide it's super important to
them. Right now it's hard to find.
regards,
dan carpenter
Hi Santosh,
> > Silencing Static checker warning.
> > 1. Endian warning
> > 2. variable dereferenced before check 'sk' .
> >
> > Signed-off-by: Santosh Nayak <[email protected]>
> > ---
> > net/bluetooth/l2cap_sock.c | 9 ++++++---
> > 1 files changed, 6 insertions(+), 3 deletions(-)
> >
> > diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
> > index 401d942..d206321 100644
> > --- a/net/bluetooth/l2cap_sock.c
> > +++ b/net/bluetooth/l2cap_sock.c
> > @@ -82,7 +82,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
> > }
> >
> > if (la.l2_cid)
> > - err = l2cap_add_scid(chan, la.l2_cid);
> > + err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
> > else
> > err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
> >
> > @@ -123,7 +123,8 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al
> > if (la.l2_cid && la.l2_psm)
> > return -EINVAL;
> >
> > - err = l2cap_chan_connect(chan, la.l2_psm, la.l2_cid, &la.l2_bdaddr);
> > + err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
> > + &la.l2_bdaddr);
> > if (err)
> > goto done;
>
> I am not sure about this one. Need to go back and read through the
> source code. The value provided from userspace is already in the right
> host endian. Could be that we mess up our internal classification. And
> instead of adding __le16_to_cpu we should fix its classification.
I confused myself here, so the provided PSM and CID values coming from
userspace are little endian. Patch is correct.
Acked-by: Marcel Holtmann <[email protected]>
Regards
Marcel
Hi Santosh,
> Silencing Static checker warning.
> 1. Endian warning
> 2. variable dereferenced before check 'sk' .
>
> Signed-off-by: Santosh Nayak <[email protected]>
> ---
> net/bluetooth/l2cap_sock.c | 9 ++++++---
> 1 files changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
> index 401d942..d206321 100644
> --- a/net/bluetooth/l2cap_sock.c
> +++ b/net/bluetooth/l2cap_sock.c
> @@ -82,7 +82,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
> }
>
> if (la.l2_cid)
> - err = l2cap_add_scid(chan, la.l2_cid);
> + err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
> else
> err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
>
> @@ -123,7 +123,8 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al
> if (la.l2_cid && la.l2_psm)
> return -EINVAL;
>
> - err = l2cap_chan_connect(chan, la.l2_psm, la.l2_cid, &la.l2_bdaddr);
> + err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
> + &la.l2_bdaddr);
> if (err)
> goto done;
I am not sure about this one. Need to go back and read through the
source code. The value provided from userspace is already in the right
host endian. Could be that we mess up our internal classification. And
instead of adding __le16_to_cpu we should fix its classification.
> @@ -795,7 +796,7 @@ static void l2cap_sock_kill(struct sock *sk)
> static int l2cap_sock_shutdown(struct socket *sock, int how)
> {
> struct sock *sk = sock->sk;
> - struct l2cap_chan *chan = l2cap_pi(sk)->chan;
> + struct l2cap_chan *chan;
> int err = 0;
>
> BT_DBG("sock %p, sk %p", sock, sk);
> @@ -803,6 +804,8 @@ static int l2cap_sock_shutdown(struct socket *sock, int how)
> if (!sk)
> return 0;
>
> + chan = l2cap_pi(sk)->chan;
> +
> lock_sock(sk);
> if (!sk->sk_shutdown) {
> if (chan->mode == L2CAP_MODE_ERTM)
This one is fine.
Regards
Marcel
Hi Dan,
> > How long has this code been in tree?
> > It isn't obvious to me that this change won't break code on BE systems
> > where the application code is already fixing the endianness.
> >
>
> It looks like we've had an endian bug since last February.
>
> b62f328b8f20a "Bluetooth: Add server socket support for LE
> connection"
>
> + l2cap_pi(sk)->scid = la.l2_cid;
>
> ->scid was cpu endian.
this is a bug. No questions asked.
However you can only exercise this code if you work with Bluetooth Low
Energy and that is not enabled by default since it is not fully finished
yet. CID is only used by Low Energy.
Bluetooth BR/EDR only uses PSM part of the socket address and that has
been endian safe.
Regards
Marcel
On Fri, Mar 02, 2012 at 09:15:37AM -0000, David Laight wrote:
> How long has this code been in tree?
> It isn't obvious to me that this change won't break code on BE systems
> where the application code is already fixing the endianness.
>
It looks like we've had an endian bug since last February.
b62f328b8f20a "Bluetooth: Add server socket support for LE
connection"
+ l2cap_pi(sk)->scid = la.l2_cid;
->scid was cpu endian.
regards,
dan carpenter
=20
> > > diff --git a/net/bluetooth/l2cap_sock.c
b/net/bluetooth/l2cap_sock.c
> > > index 401d942..d206321 100644
> > > --- a/net/bluetooth/l2cap_sock.c
> > > +++ b/net/bluetooth/l2cap_sock.c
> > > @@ -82,7 +82,7 @@ static int l2cap_sock_bind(struct socket *sock,
struct sockaddr *addr, int alen)
> > > }
> > > =20
> > > if (la.l2_cid)
> > > - err =3D l2cap_add_scid(chan, la.l2_cid);
> > > + err =3D l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
> > > else
> > > err =3D l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
> > > =20
> > > @@ -123,7 +123,8 @@ static int l2cap_sock_connect(struct socket
*sock, struct sockaddr *addr, int al
> > > if (la.l2_cid && la.l2_psm)
> > > return -EINVAL;
> > > =20
> > > - err =3D l2cap_chan_connect(chan, la.l2_psm, la.l2_cid,
&la.l2_bdaddr);
> > > + err =3D l2cap_chan_connect(chan, la.l2_psm,
__le16_to_cpu(la.l2_cid),
> > > + &la.l2_bdaddr);
> > > if (err)
> > > goto done;
> >=20
> > I am not sure about this one. Need to go back and read through the
> > source code. The value provided from userspace is already in the
right
> > host endian. Could be that we mess up our internal classification.
And
> > instead of adding __le16_to_cpu we should fix its classification.
>=20
> I confused myself here, so the provided PSM and CID values coming from
> userspace are little endian. Patch is correct.
How long has this code been in tree?
It isn't obvious to me that this change won't break code on BE systems
where the application code is already fixing the endianness.
David
On Thu, Mar 01, 2012 at 11:07:14AM +0530, santosh prasad nayak wrote:
> @Dan,
> In future patches I will take care of it. Is it ok ? If
> required I can resend the patch with required changes on subject line.
>
Nope. Andrei's patch is already in linux-next so you'll have to
redo this.
> @Andrei
>
> In my local clone your changes are not visible.
>
> What is the schedule of linux-next ?
> Is it updated every week or bi-weekly or monthly ?
>
It's updated every day. http://linux.f-seidel.de/linux-next/pmwiki/
regards,
dan carpenter
Hi Santosh,
On Thu, Mar 01, 2012 at 11:07:14AM +0530, santosh prasad nayak wrote:
> @Dan,
> In future patches I will take care of it. Is it ok ? If
> required I can resend the patch with required changes on subject line.
>
> @Andrei
>
> In my local clone your changes are not visible.
>
> What is the schedule of linux-next ?
> Is it updated every week or bi-weekly or monthly ?
We use Johan's tree so far:
git://git.kernel.org/pub/scm/linux/kernel/git/jh/bluetooth-next.git
I think the tree we use shall be published on bluez.org website.
The change seems to be included to:
"pull request: bluetooth-next 2012-02-24"
http://www.spinics.net/lists/linux-wireless/msg85442.html
Best regards
Andrei Emeltchenko
@Dan,
In future patches I will take care of it. Is it ok ? If
required I can resend the patch with required changes on subject line.
@Andrei
In my local clone your changes are not visible.
What is the schedule of linux-next ?
Is it updated every week or bi-weekly or monthly ?
Regards
Santosh
On Thu, Mar 1, 2012 at 2:15 AM, Andrei Emeltchenko
<[email protected]> wrote:
> Hi Santosh,
>
> On Wed, Feb 29, 2012 at 7:06 PM, santosh nayak
> <[email protected]> wrote:
>> From: Santosh Nayak <[email protected]>
>>
>> Silencing Static checker warning.
>> 1. Endian warning
>> 2. variable dereferenced before check 'sk' .
>>
>> Signed-off-by: Santosh Nayak <[email protected]>
>> ---
>> =A0net/bluetooth/l2cap_sock.c | =A0 =A09 ++++++---
>> =A01 files changed, 6 insertions(+), 3 deletions(-)
>>
>> diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
>> index 401d942..d206321 100644
>> --- a/net/bluetooth/l2cap_sock.c
>> +++ b/net/bluetooth/l2cap_sock.c
>> @@ -82,7 +82,7 @@ static int l2cap_sock_bind(struct socket *sock, struct=
sockaddr *addr, int alen)
>> =A0 =A0 =A0 =A0}
>>
>> =A0 =A0 =A0 =A0if (la.l2_cid)
>> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 err =3D l2cap_add_scid(chan, la.l2_cid);
>> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 err =3D l2cap_add_scid(chan, __le16_to_cpu=
(la.l2_cid));
>> =A0 =A0 =A0 =A0else
>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0err =3D l2cap_add_psm(chan, &la.l2_bdaddr=
, la.l2_psm);
>>
>> @@ -123,7 +123,8 @@ static int l2cap_sock_connect(struct socket *sock, s=
truct sockaddr *addr, int al
>> =A0 =A0 =A0 =A0if (la.l2_cid && la.l2_psm)
>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return -EINVAL;
>>
>> - =A0 =A0 =A0 err =3D l2cap_chan_connect(chan, la.l2_psm, la.l2_cid, &la=
.l2_bdaddr);
>> + =A0 =A0 =A0 err =3D l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(=
la.l2_cid),
>> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 &la.l2_bda=
ddr);
>> =A0 =A0 =A0 =A0if (err)
>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0goto done;
>>
>> @@ -795,7 +796,7 @@ static void l2cap_sock_kill(struct sock *sk)
>> =A0static int l2cap_sock_shutdown(struct socket *sock, int how)
>> =A0{
>> =A0 =A0 =A0 =A0struct sock *sk =3D sock->sk;
>> - =A0 =A0 =A0 struct l2cap_chan *chan =3D l2cap_pi(sk)->chan;
>> + =A0 =A0 =A0 struct l2cap_chan *chan;
>> =A0 =A0 =A0 =A0int err =3D 0;
>>
>> =A0 =A0 =A0 =A0BT_DBG("sock %p, sk %p", sock, sk);
>> @@ -803,6 +804,8 @@ static int l2cap_sock_shutdown(struct socket *sock, =
int how)
>> =A0 =A0 =A0 =A0if (!sk)
>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return 0;
>>
>> + =A0 =A0 =A0 chan =3D l2cap_pi(sk)->chan;
>> +
>
> Didn't I fix this bug already?
>
> http://permalink.gmane.org/gmane.linux.bluez.kernel/21537
>
> Regards,
> Andrei