lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 17 Mar 2017 16:26:19 +0100
From:   Pavel Machek <pavel@....cz>
To:     Sebastian Reichel <sre@...nel.org>
Cc:     Marcel Holtmann <marcel@...tmann.org>,
        Gustavo Padovan <gustavo@...ovan.org>,
        Johan Hedberg <johan.hedberg@...il.com>,
        Rob Herring <robh+dt@...nel.org>,
        Tony Lindgren <tony@...mide.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Jiri Slaby <jslaby@...e.com>,
        Mark Rutland <mark.rutland@....com>,
        linux-bluetooth@...r.kernel.org, linux-serial@...r.kernel.org,
        devicetree@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 10/10] Bluetooth: add nokia driver

Hi!

> +struct hci_nokia_neg_hdr {
> +	__u8	dlen;
> +} __packed;
> +
> +struct hci_nokia_neg_cmd {
> +	__u8	ack;
> +	__u16	baud;
> +	__u16	unused1;
> +	__u8	proto;
> +	__u16	sys_clk;
> +	__u16	unused2;
> +} __packed;

__u8 -> u8? This is not exported to userspace...

> +#define BT_BAUDRATE_DIVIDER	384000000

Is this really divider?

> +	int init_error;
> +	struct completion init_completion;
> +
> +	uint8_t man_id;
> +	uint8_t ver_id;

u8...

> +static int nokia_wait_for_cts(struct hci_uart *hu, bool state,
> +				 int timeout_ms)
> +{
> +	struct nokia_bt_dev *btdev = hu->priv;
> +	struct device *dev = &btdev->serdev->dev;
> +	unsigned long timeout;
> +	bool signal;
> +
> +	timeout = jiffies + msecs_to_jiffies(timeout_ms);
> +	while (!time_after(jiffies, timeout)) {
> +		signal = serdev_device_get_cts(btdev->serdev);
> +		if (signal == state) {
> +			dev_dbg(dev, "wait for cts... received!");
> +			return 0;
> +		}
> +		usleep_range(1000, 2000);
> +	}
> +
> +	return -ETIMEDOUT;
> +}

Do we have devices where cts triggers interrupt?

> +	if (btdev->init_error < 0)
> +		return btdev->init_error;
> +
> +	/* Change to previously negotiated speed. Flow Control
> +	 * is disabled until bluetooth adapter is ready to avoid
> +	 * broken bytes being ready by the bluetooth adapter
> +	 */

Umm. I'd at dot at end of sentence... but still can't understand the
sentence.

"to avoid broken bytes being received."?

> +	evt = (struct hci_nokia_neg_evt *)skb_pull(skb, sizeof(*hdr));
> +
> +	if (evt->ack != NOKIA_NEG_ACK) {
> +		dev_err(dev, "Negotiation received: wrong reply");
> +		btdev->init_error = -EINVAL;
> +	}

But we still return success and trust the man_id / ver_id?

> +	pkt = (struct hci_nokia_alive_pkt *)skb_pull(skb, sizeof(*hdr));
> +
> +	if (pkt->mid != NOKIA_ALIVE_RESP) {
> +		dev_err(dev, "Alive received: invalid response: 0x%02x!",
> +			pkt->mid);
> +		btdev->init_error = -EINVAL;
> +		goto finish_alive;
> +	}

ret = -EINVAL?

Thanks!
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ