system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-10-08 20:34:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/net
History
Jaganath Kanakkassery 3ad675827f Bluetooth: Fix missing hci_dev_lock/unlock in mgmt req_complete() 
mgmt_pending_remove() should be called with hci_dev_lock protection
and currently the rule to take dev lock is that all mgmt req_complete
functions should take dev lock. So this patch fixes the same in the
missing functions

Without this patch there is a chance of invalid memory access while
accessing the mgmt_pending list like below

bluetoothd:  392] [0] Backtrace:
bluetoothd:  392] [0] [<c04ec770>] (pending_eir_or_class+0x0/0x68) from [<c04f1830>] (add_uuid+0x34/0x1c4)
bluetoothd:  392] [0] [<c04f17fc>] (add_uuid+0x0/0x1c4) from [<c04f3cc4>] (mgmt_control+0x204/0x274)
bluetoothd:  392] [0] [<c04f3ac0>] (mgmt_control+0x0/0x274) from [<c04f609c>] (hci_sock_sendmsg+0x80/0x308)
bluetoothd:  392] [0] [<c04f601c>] (hci_sock_sendmsg+0x0/0x308) from [<c03d4d68>] (sock_aio_write+0x144/0x174)
bluetoothd:  392] [0]  r8:00000000 r7 7c1be90 r6 7c1be18 r5:00000017 r4 a90ea80
bluetoothd:  392] [0] [<c03d4c24>] (sock_aio_write+0x0/0x174) from [<c00e2d4c>] (do_sync_write+0xb0/0xe0)
bluetoothd:  392] [0] [<c00e2c9c>] (do_sync_write+0x0/0xe0) from [<c00e371c>] (vfs_write+0x134/0x13c)
bluetoothd:  392] [0]  r8:00000000 r7 7c1bf70 r6:beeca5c8 r5:00000017 r4 7c05900
bluetoothd:  392] [0] [<c00e35e8>] (vfs_write+0x0/0x13c) from [<c00e3910>] (sys_write+0x44/0x70)
bluetoothd:  392] [0]  r8:00000000 r7:00000004 r6:00000017 r5:beeca5c8 r4 7c05900
bluetoothd:  392] [0] [<c00e38cc>] (sys_write+0x0/0x70) from [<c000e3c0>] (ret_fast_syscall+0x0/0x30)
bluetoothd:  392] [0]  r9 7c1a000 r8:c000e568 r6:400b5f10 r5:403896d8 r4:beeca604
bluetoothd:  392] [0] Code: e28cc00c e152000c 0a00000f e3a00001 (e1d210b8)
bluetoothd:  392] [0] ---[ end trace 67b6ac67435864c4 ]---
bluetoothd:  392] [0] Kernel panic - not syncing: Fatal exception

Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-12-11 14:08:47 +01:00
..
6lowpan net/6lowpan: Remove FSF address from GPL statement. 2014-12-05 12:43:04 +01:00
9p 9p/trans_virtio: enable VQs early 2014-10-15 10:25:04 +10:30
802 net: set name_assign_type in alloc_netdev() 2014-07-15 16:12:48 -07:00
8021q net: better IFF_XMIT_DST_RELEASE support 2014-10-07 13:22:11 -04:00
appletalk Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-07-16 14:09:34 -07:00
atm net: better IFF_XMIT_DST_RELEASE support 2014-10-07 13:22:11 -04:00
ax25 net: Fix use after free by removing length arg from sk_data_ready callbacks. 2014-04-11 16:15:36 -04:00
batman-adv batman-adv: replace strnicmp with strncasecmp 2014-10-14 02:18:24 +02:00
bluetooth Bluetooth: Fix missing hci_dev_lock/unlock in mgmt req_complete() 2014-12-11 14:08:47 +01:00
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-08 16:22:22 -04:00
caif caif_usb: use target structure member in memset 2014-10-14 16:05:45 -04:00
can can: add hash based access to single EFF frame filters 2014-05-19 09:38:24 +02:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2014-10-15 06:46:01 +02:00
core Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-18 09:31:37 -07:00
dcb dcbnl : Fix misleading dcb_app->priority explanation 2014-07-30 17:21:05 -07:00
dccp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-18 09:31:37 -07:00
decnet af_decnet: Use time_after_eq 2014-08-22 12:23:11 -07:00
dns_resolver Merge commit 'v3.16' into next 2014-10-01 00:44:04 +10:00
dsa Net: DSA: Fix checking for get_phy_flags function 2014-10-19 12:46:31 -04:00
ethernet net: Add function for parsing the header length out of linear ethernet frames 2014-09-05 17:47:02 -07:00
hsr net/hsr: Remove left-over never-true conditional code. 2014-07-11 15:04:40 -07:00
ieee802154 net/ieee802154: Remove and add extra blank lines as needed. 2014-12-05 12:43:05 +01:00
ipv4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-19 11:41:57 -07:00
ipv6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-19 11:41:57 -07:00
ipx net: Split sk_no_check into sk_no_check_{rx,tx} 2014-05-23 16:28:53 -04:00
irda irda: add __init to irlan_open 2014-09-30 17:08:06 -04:00
iucv iucv: Convert pr_warning to pr_warn 2014-09-10 12:40:10 -07:00
key af_key: remove unnecessary break after return 2014-07-15 16:27:00 -07:00
l2tp l2tp: Refactor l2tp core driver to make use of the common UDP tunnel functions 2014-09-19 15:57:15 -04:00
lapb
llc net_dma: simple removal 2014-09-28 07:05:16 -07:00
mac80211 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless 2014-10-07 14:48:29 -04:00
mac802154 mac802154: use goto label on failure 2014-12-05 14:18:42 +01:00
mpls net: Remove gso_send_check as an offload callback 2014-09-26 00:22:47 -04:00
netfilter netfilter: replace strnicmp with strncasecmp 2014-10-14 02:18:24 +02:00
netlabel netlabel: kernel-doc warning fix 2014-10-09 01:40:05 -04:00
netlink fix misuses of f_count() in ppp and netlink 2014-10-09 02:39:17 -04:00
netrom netrom: use linux/uaccess.h 2014-10-17 23:52:54 -04:00
nfc NFC: nci: Add support for proprietary RF Protocols 2014-09-24 02:02:24 +02:00
openvswitch openvswitch: Set flow-key members. 2014-10-17 23:54:02 -04:00
packet net: Pass a "more" indication down into netdev_start_xmit() code paths. 2014-09-01 17:39:55 -07:00
phonet net: fix rcu access on phonet_routes 2014-10-06 18:16:30 -04:00
rds Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-18 09:31:37 -07:00
rfkill net: rfkill: kernel-doc warning fixes 2014-10-08 15:24:15 -04:00
rose rose: use %*ph specifier 2014-09-07 16:07:25 -07:00
rxrpc Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2014-10-12 10:13:55 -04:00
sched net_sched: restore qdisc quota fairness limits after bulk dequeue 2014-10-09 19:12:26 -04:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-18 09:31:37 -07:00
sunrpc Merge branch 'for-3.18' of git://linux-nfs.org/~bfields/linux 2014-10-08 12:51:44 -04:00
tipc tipc: fix bug in bundled buffer reception 2014-10-17 23:50:53 -04:00
unix af_unix: remove 0 assignment on static 2014-10-07 17:03:14 -04:00
vmw_vsock vsock: Make transport the proto owner 2014-05-05 13:13:50 -04:00
wimax wimax: convert printk to pr_foo() 2014-10-07 20:28:44 -04:00
wireless lib80211: remove unused print_ssid() 2014-10-14 02:18:27 +02:00
x25 net: Fix use after free by removing length arg from sk_data_ready callbacks. 2014-04-11 16:15:36 -04:00
xfrm net: cleanup and document skb fclone layout 2014-10-01 16:34:25 -04:00
compat.c net: sendmsg: fix NULL pointer dereference 2014-07-29 12:20:22 -07:00
Kconfig net: bpf: fix bpf syscall dependence on anon_inodes 2014-10-10 15:02:23 -04:00
Makefile 6lowpan: introduce new net/6lowpan directory 2014-07-12 01:53:30 +02:00
nonet.c
socket.c File locking related changes for v3.18 (pile #1) 2014-10-11 13:21:34 -04:00
sysctl_net.c