UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/net
History
Aaron Thompson 8fb8e912af Bluetooth: ISO: Fix multiple init when debugfs is disabled 
commit a9b7b535ba192c6b77e6c15a4c82d853163eab8c upstream.

If bt_debugfs is not created successfully, which happens if either
CONFIG_DEBUG_FS or CONFIG_DEBUG_FS_ALLOW_ALL is unset, then iso_init()
returns early and does not set iso_inited to true. This means that a
subsequent call to iso_init() will result in duplicate calls to
proto_register(), bt_sock_register(), etc.

With CONFIG_LIST_HARDENED and CONFIG_BUG_ON_DATA_CORRUPTION enabled, the
duplicate call to proto_register() triggers this BUG():

  list_add double add: new=ffffffffc0b280d0, prev=ffffffffbab56250,
    next=ffffffffc0b280d0.
  ------------[ cut here ]------------
  kernel BUG at lib/list_debug.c:35!
  Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI
  CPU: 2 PID: 887 Comm: bluetoothd Not tainted 6.10.11-1-ao-desktop #1
  RIP: 0010:__list_add_valid_or_report+0x9a/0xa0
  ...
    __list_add_valid_or_report+0x9a/0xa0
    proto_register+0x2b5/0x340
    iso_init+0x23/0x150 [bluetooth]
    set_iso_socket_func+0x68/0x1b0 [bluetooth]
    kmem_cache_free+0x308/0x330
    hci_sock_sendmsg+0x990/0x9e0 [bluetooth]
    __sock_sendmsg+0x7b/0x80
    sock_write_iter+0x9a/0x110
    do_iter_readv_writev+0x11d/0x220
    vfs_writev+0x180/0x3e0
    do_writev+0xca/0x100
  ...

This change removes the early return. The check for iso_debugfs being
NULL was unnecessary, it is always NULL when iso_inited is false.

Cc: stable@vger.kernel.org
Fixes: ccf74f2390 ("Bluetooth: Add BTPROTO_ISO socket type")
Signed-off-by: Aaron Thompson <dev@aaront.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2024-10-22 15:46:31 +02:00
..
6lowpan
9p net/9p: fix uninit-value in p9_client_rpc() 2024-06-16 13:47:41 +02:00
802
8021q net: gro: fix udp bad offset in socket lookup by adding {inner_}network_offset to napi_gro_cb 2024-05-17 12:02:07 +02:00
appletalk appletalk: Fix Use-After-Free in atalk_ioctl 2023-12-20 17:01:50 +01:00
atm atm: Fix Use-After-Free in do_vcc_ioctl 2023-12-20 17:01:48 +01:00
ax25 ax25: Replace kfree() in ax25_dev_free() with ax25_dev_put() 2024-06-21 14:38:14 +02:00
batman-adv batman-adv: Don't accept TT entries for out-of-spec VIDs 2024-07-05 09:34:04 +02:00
bluetooth Bluetooth: ISO: Fix multiple init when debugfs is disabled 2024-10-22 15:46:31 +02:00
bpf bpf: Set run context for rawtp test_run callback 2024-06-21 14:38:16 +02:00
bpfilter net: Use umd_cleanup_helper() 2023-05-31 13:06:57 +02:00
bridge bridge: Handle error of rtnl_register_module(). 2024-10-17 15:24:29 +02:00
caif sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
can can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). 2024-10-04 16:28:58 +02:00
ceph libceph: init the cursor when preparing sparse read in msgr2 2024-10-17 15:24:10 +02:00
core rtnetlink: add RTNL_FLAG_DUMP_UNLOCKED flag 2024-10-17 15:24:29 +02:00
dcb net: dcb: choose correct policy to parse DCB_ATTR_BCN 2023-08-01 21:07:46 -07:00
dccp tcp/dccp: do not care about families in inet_twsk_purge() 2024-08-29 17:33:46 +02:00
devlink devlink: fix port new reply cmd type 2024-03-26 18:20:11 -04:00
dns_resolver keys, dns: Fix size check of V1 server-list header 2024-01-25 15:35:41 -08:00
dsa net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events 2024-10-10 11:58:07 +02:00
ethernet ethernet: Add helper for assigning packet type when dest address does not match device address 2024-05-02 16:32:46 +02:00
ethtool ethtool: check device is present when getting link settings 2024-09-04 13:28:26 +02:00
handshake net/handshake: Fix handshake_req_destroy_test1 2024-02-23 09:24:50 +01:00
hsr hsr: Simplify code for announcing HSR nodes timer setup 2024-05-17 12:02:24 +02:00
ieee802154 sysctl-6.6-rc1 2023-08-29 17:39:15 -07:00
ife net: sched: ife: fix potential use-after-free 2024-01-01 12:42:30 +00:00
ipv4 netfilter: fib: check correct rtable in vrf setups 2024-10-17 15:24:28 +02:00
ipv6 netfilter: fib: check correct rtable in vrf setups 2024-10-17 15:24:28 +02:00
iucv s390/iucv: fix receive buffer virtual vs physical address confusion 2024-08-29 17:33:39 +02:00
kcm kcm: Serialise kcm_sendmsg() for the same socket. 2024-08-29 17:33:46 +02:00
key Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-08-18 12:44:56 -07:00
l2tp l2tp: fix lockdep splat 2024-08-14 13:58:40 +02:00
l3mdev
lapb
llc llc: call sock_orphan() at release time 2024-02-05 20:14:36 +00:00
mac80211 wifi: mac80211: Avoid address calculations via out of bounds array indexing 2024-10-17 15:24:32 +02:00
mac802154 mac802154: Fix potential RCU dereference issue in mac802154_scan_worker 2024-10-10 11:57:59 +02:00
mctp mctp: Handle error of rtnl_register_module(). 2024-10-17 15:24:29 +02:00
mpls mpls: Handle error of rtnl_register_module(). 2024-10-17 15:24:30 +02:00
mptcp mptcp: prevent MPC handshake on port-based signal endpoints 2024-10-22 15:46:25 +02:00
ncsi net/ncsi: Fix the multi thread manner of NCSI driver 2024-06-21 14:38:14 +02:00
netfilter netfilter: xtables: avoid NFPROTO_UNSPEC where needed 2024-10-17 15:24:28 +02:00
netlabel calipso: fix memory leak in netlbl_calipso_add_pass() 2024-01-25 15:35:14 -08:00
netlink net: Fix an unsafe loop on the list 2024-10-17 15:24:35 +02:00
netrom netrom: Fix a memory leak in nr_heartbeat_expiry() 2024-06-27 13:49:06 +02:00
nfc nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies 2024-08-19 06:04:28 +02:00
nsh nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). 2024-05-17 12:02:02 +02:00
openvswitch net: ovs: fix ovs_drop_reasons error 2024-08-29 17:33:50 +02:00
packet af_packet: Handle outgoing VLAN packets without hardware offloading 2024-08-03 08:54:13 +02:00
phonet phonet: Handle error of rtnl_register_module(). 2024-10-17 15:24:30 +02:00
psample psample: Require 'CAP_NET_ADMIN' when joining "packets" group 2023-12-13 18:45:10 +01:00
qrtr net: qrtr: Update packets cloning when broadcasting 2024-10-04 16:29:41 +02:00
rds net:rds: Fix possible deadlock in rds_message_put 2024-08-19 06:04:27 +02:00
rfkill net: rfkill: gpio: set GPIO direction 2024-01-01 12:42:41 +00:00
rose net/rose: fix races in rose_kill_by_device() 2024-01-01 12:42:31 +00:00
rxrpc rxrpc: Fix uninitialised variable in rxrpc_send_data() 2024-10-17 15:24:24 +02:00
sched net/sched: accept TCA_STAB only for root qdisc 2024-10-17 15:24:28 +02:00
sctp sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start 2024-10-17 15:24:28 +02:00
smc net/smc: add the max value of fallback reason count 2024-08-14 13:58:40 +02:00
strparser
sunrpc sunrpc: use the struct net as the svc proc private 2024-08-19 06:04:23 +02:00
switchdev net: bridge: switchdev: Skip MDB replays of deferred events on offload 2024-03-01 13:35:06 +01:00
tipc tipc: guard against string buffer overrun 2024-10-10 11:57:25 +02:00
tls tls: fix missing memory barrier in tls_init 2024-06-12 11:12:50 +02:00
unix af_unix: Remove put_pid()/put_cred() in copy_peercred(). 2024-09-12 11:11:29 +02:00
vmw_vsock vsock: fix recursive ->recvmsg calls 2024-08-29 17:33:21 +02:00
wireless wifi: cfg80211: Set correct chandef when starting CAC 2024-10-10 11:57:22 +02:00
x25 net/x25: fix incorrect parameter validation in the x25_getsockopt() function 2024-03-26 18:19:41 -04:00
xdp xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING 2024-04-17 11:19:28 +02:00
xfrm xfrm: call xfrm_dev_policy_delete when kill policy 2024-08-03 08:53:42 +02:00
Kconfig bpf: Add fd-based tcx multi-prog infra with link support 2023-07-19 10:07:27 -07:00
Kconfig.debug
Makefile
compat.c
devres.c
socket.c net: explicitly clear the sk pointer, when pf->create fails 2024-10-17 15:24:35 +02:00
sysctl_net.c sysctl: treewide: drop unused argument ctl_table_root::set_ownership(table) 2024-08-11 12:47:13 +02:00