lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 3 Feb 2019 23:29:00 -0800
From:   Myungho Jung <mhjungk@...il.com>
To:     Johan Hovold <johan@...nel.org>
Cc:     Marcel Holtmann <marcel@...tmann.org>,
        Johan Hedberg <johan.hedberg@...il.com>,
        linux-bluetooth@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] Bluetooth: Add NULL check for tiocmget() and
 tiocmset()

On Sun, Feb 03, 2019 at 11:53:23AM +0100, Johan Hovold wrote:
> On Sat, Feb 02, 2019 at 10:38:24PM -0800, Myungho Jung wrote:
> > On Thu, Jan 31, 2019 at 04:40:00PM +0100, Johan Hovold wrote:
> > > On Tue, Jan 29, 2019 at 09:39:28PM -0800, Myungho Jung wrote:
> > > > tiocmget() and tiocmset() operations are optional and some tty drivers
> > > > like pty miss the operations. We need NULL check to prevent from
> > > > dereference.
> > > > 
> > > > Signed-off-by: Myungho Jung <mhjungk@...il.com>
> > > > ---
> > > >  drivers/bluetooth/hci_ath.c   | 6 ++++++
> > > >  drivers/bluetooth/hci_ldisc.c | 4 ++++
> > > >  2 files changed, 10 insertions(+)
> > > 
> > > Ah, you had already submitted a v2.
> > > 
> > > I still suggest splitting this one in two patches and that you add a
> > > Fixes and stable tag to each so that they both get backported to stable.
> > > 
> > > Also, when resubmitting, make sure to include a short changelog here
> > > below the cut-off line (---).
> > > 
> > > > 
> > > > diff --git a/drivers/bluetooth/hci_ath.c b/drivers/bluetooth/hci_ath.c
> > > > index d568fbd94d6c..fb9f6323a911 100644
> > > > --- a/drivers/bluetooth/hci_ath.c
> > > > +++ b/drivers/bluetooth/hci_ath.c
> > > > @@ -185,8 +185,14 @@ static int ath_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr)
> > > >  
> > > >  static int ath_setup(struct hci_uart *hu)
> > > >  {
> > > > +	struct tty_struct *tty = hu->tty;
> > > > +
> > > >  	BT_DBG("hu %p", hu);
> > > >  
> > > > +	/* tty driver should support operations to set RTS */
> > > > +	if (!tty->driver->ops->tiocmget || !tty->driver->ops->tiocmset)
> > > > +		return -EOPNOTSUPP;
> > > 
> > > -ENODEV might be more appropriate.
> > > 
> > > Johan
> > 
> > I'll split into 2 seperate patches. So, do I need to add stable tag on each
> > patch like below to be cherry-picked?
> > 
> > Cc: <stable@...r.kernel.org> # <hash>: <summary>
> > 
> > I looked for a good example from mailing list but didn't find one.
> 
> Almost right, the format you use above is actually used to identify
> dependencies for backports.
> 
> You should add a Fixes tag identifying the commit which introduced each
> bug and a stable-cc tag. If you want you can indicate the version after
> a # sign, but that can also be inferred from the fixes tag.
> 
> For the hci_ldisc fix I think the tags would be:
> 
> 	Fixes: 2a973dfada2b ("Bluetooth: hci_uart: Add new line discipline enhancements")
> 	Cc: stable <stable@...r.kernel.org>     # 4.2
> 
> You can use git blame to track down the offending commits.
> 
> This should all be explained here:
> 
> 	https://www.kernel.org/doc/html/latest/process/submitting-patches.html
> 
> Johan

Thank you for the explanation. I'll carefully read the page and submit the next
patch.

Thanks,
Myungho

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ