The following changes since commit b9881d9a761a7e078c394ff8e30e1659d74f898f:
Merge branch 'bonding-ns-validation-fixes' (2023-04-07 08:47:20 +0100)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git tags/for-net-2023-04-07
for you to fetch changes up to 501455403627300b45e33d41e0730f862618449b:
Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (2023-04-07 12:18:09 -0700)
----------------------------------------------------------------
bluetooth pull request for net:
- Fix not setting Dath Path for broadcast sink
- Fix not cleaning up on LE Connection failure
- SCO: Fix possible circular locking dependency
- L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
- Fix race condition in hidp_session_thread
- btbcm: Fix logic error in forming the board name
- btbcm: Fix use after free in btsdio_remove
----------------------------------------------------------------
Claudia Draghicescu (1):
Bluetooth: Set ISO Data Path on broadcast sink
Luiz Augusto von Dentz (6):
Bluetooth: hci_conn: Fix not cleaning up on LE Connection failure
Bluetooth: Fix printing errors if LE Connection times out
Bluetooth: SCO: Fix possible circular locking dependency on sco_connect_cfm
Bluetooth: SCO: Fix possible circular locking dependency sco_sock_getsockopt
Bluetooth: hci_conn: Fix possible UAF
Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
Min Li (1):
Bluetooth: Fix race condition in hidp_session_thread
Sasha Finkelstein (1):
bluetooth: btbcm: Fix logic error in forming the board name.
Zheng Wang (1):
Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
drivers/bluetooth/btbcm.c | 2 +-
drivers/bluetooth/btsdio.c | 1 +
include/net/bluetooth/hci_core.h | 1 +
net/bluetooth/hci_conn.c | 61 ++++++++++++++++++----------
net/bluetooth/hci_event.c | 18 ++++-----
net/bluetooth/hci_sync.c | 13 ++++--
net/bluetooth/hidp/core.c | 2 +-
net/bluetooth/l2cap_core.c | 24 +++---------
net/bluetooth/sco.c | 85 +++++++++++++++++++++++-----------------
9 files changed, 116 insertions(+), 91 deletions(-)
On Fri, 7 Apr 2023 12:32:01 -0700 Luiz Augusto von Dentz wrote:
> The following changes since commit b9881d9a761a7e078c394ff8e30e1659d74f898f:
>
> Merge branch 'bonding-ns-validation-fixes' (2023-04-07 08:47:20 +0100)
>
> are available in the Git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git tags/for-net-2023-04-07
>
> for you to fetch changes up to 501455403627300b45e33d41e0730f862618449b:
>
> Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (2023-04-07 12:18:09 -0700)
>
> ----------------------------------------------------------------
> bluetooth pull request for net:
>
> - Fix not setting Dath Path for broadcast sink
> - Fix not cleaning up on LE Connection failure
> - SCO: Fix possible circular locking dependency
> - L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
> - Fix race condition in hidp_session_thread
> - btbcm: Fix logic error in forming the board name
> - btbcm: Fix use after free in btsdio_remove
Looks like we got a Fixes tag issue (Fixes: Fixes: 8e8b92ee60de... )
and clang is not on-board:
net/bluetooth/hci_conn.c:1214:7: warning: variable 'params' is uninitialized when used here [-Wuninitialized]
(params && params->explicit_connect))
^~~~~~
net/bluetooth/hci_conn.c:1203:32: note: initialize the variable 'params' to silence this warning
struct hci_conn_params *params;
^
Hi Jakub,
On Fri, Apr 7, 2023 at 6:33 PM Jakub Kicinski <[email protected]> wrote:
>
> On Fri, 7 Apr 2023 12:32:01 -0700 Luiz Augusto von Dentz wrote:
> > The following changes since commit b9881d9a761a7e078c394ff8e30e1659d74f898f:
> >
> > Merge branch 'bonding-ns-validation-fixes' (2023-04-07 08:47:20 +0100)
> >
> > are available in the Git repository at:
> >
> > git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git tags/for-net-2023-04-07
> >
> > for you to fetch changes up to 501455403627300b45e33d41e0730f862618449b:
> >
> > Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (2023-04-07 12:18:09 -0700)
> >
> > ----------------------------------------------------------------
> > bluetooth pull request for net:
> >
> > - Fix not setting Dath Path for broadcast sink
> > - Fix not cleaning up on LE Connection failure
> > - SCO: Fix possible circular locking dependency
> > - L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
> > - Fix race condition in hidp_session_thread
> > - btbcm: Fix logic error in forming the board name
> > - btbcm: Fix use after free in btsdio_remove
>
> Looks like we got a Fixes tag issue (Fixes: Fixes: 8e8b92ee60de... )
> and clang is not on-board:
>
> net/bluetooth/hci_conn.c:1214:7: warning: variable 'params' is uninitialized when used here [-Wuninitialized]
> (params && params->explicit_connect))
> ^~~~~~
> net/bluetooth/hci_conn.c:1203:32: note: initialize the variable 'params' to silence this warning
> struct hci_conn_params *params;
> ^
Looks like Ive applied the wrong version of some patches, will send
the correct one sortly.
--
Luiz Augusto von Dentz