lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202009281945.Ykal1aWS%lkp@intel.com>
Date:   Mon, 28 Sep 2020 19:40:35 +0800
From:   kernel test robot <lkp@...el.com>
To:     Howard Chung <howardchung@...gle.com>,
        linux-bluetooth@...r.kernel.org, marcel@...tmann.org,
        luiz.dentz@...il.com
Cc:     kbuild-all@...ts.01.org, clang-built-linux@...glegroups.com,
        alainm@...omium.org, mcchou@...omium.org, mmandlik@...omium.orgi,
        Howard Chung <howardchung@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Johan Hedberg <johan.hedberg@...il.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v6 4/4] Bluetooth: Add toggle to switch off interleave
 scan

Hi Howard,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on bluetooth-next/master]
[also build test WARNING on net-next/master net/master v5.9-rc7 next-20200925]
[cannot apply to sparc-next/master]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/0day-ci/linux/commits/Howard-Chung/Bluetooth-Interleave-with-allowlist-scan/20200928-154335
base:   https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git master
config: x86_64-randconfig-r011-20200928 (attached as .config)
compiler: clang version 12.0.0 (https://github.com/llvm/llvm-project 6d374cf78c8a80a0bbfc7ce9bc80b3f183f44c80)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # install x86_64 cross compiling tool for clang build
        # apt-get install binutils-x86-64-linux-gnu
        # https://github.com/0day-ci/linux/commit/99ac4165fefc0a5c5afc88f7f0527fe45333098d
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Howard-Chung/Bluetooth-Interleave-with-allowlist-scan/20200928-154335
        git checkout 99ac4165fefc0a5c5afc88f7f0527fe45333098d
        # save the attached .config to linux build tree
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>

All warnings (new ones prefixed by >>):

>> net/bluetooth/mgmt_config.c:166:14: warning: format specifies type 'size_t' (aka 'unsigned long') but the argument has type 'u8' (aka 'unsigned char') [-Wformat]
                                       len, exp_data_len, type);
                                            ^~~~~~~~~~~~
   include/net/bluetooth/bluetooth.h:186:38: note: expanded from macro 'bt_dev_warn'
           BT_WARN("%s: " fmt, (hdev)->name, ##__VA_ARGS__)
                          ~~~                  ^~~~~~~~~~~
   include/net/bluetooth/bluetooth.h:174:47: note: expanded from macro 'BT_WARN'
   #define BT_WARN(fmt, ...)       bt_warn(fmt "\n", ##__VA_ARGS__)
                                           ~~~         ^~~~~~~~~~~
>> net/bluetooth/mgmt_config.c:159:3: warning: variable 'exp_data_len' is used uninitialized whenever switch default is taken [-Wsometimes-uninitialized]
                   default:
                   ^~~~~~~
   net/bluetooth/mgmt_config.c:164:14: note: uninitialized use occurs here
                   if (len != exp_data_len) {
                              ^~~~~~~~~~~~
   net/bluetooth/mgmt_config.c:111:18: note: initialize the variable 'exp_data_len' to silence this warning
                   u8 exp_data_len;
                                  ^
                                   = '\0'
   2 warnings generated.

vim +166 net/bluetooth/mgmt_config.c

    89	
    90	#define TO_TLV(x)		((struct mgmt_tlv *)(x))
    91	#define TLV_GET_LE16(tlv)	le16_to_cpu(*((__le16 *)(TO_TLV(tlv)->value)))
    92	#define TLV_GET_U8(tlv)		(*((__u8 *)(TO_TLV(tlv)->value)))
    93	int set_def_system_config(struct sock *sk, struct hci_dev *hdev, void *data,
    94				  u16 data_len)
    95	{
    96		u16 buffer_left = data_len;
    97		u8 *buffer = data;
    98	
    99		if (buffer_left < sizeof(struct mgmt_tlv)) {
   100			return mgmt_cmd_status(sk, hdev->id,
   101					       MGMT_OP_SET_DEF_SYSTEM_CONFIG,
   102					       MGMT_STATUS_INVALID_PARAMS);
   103		}
   104	
   105		/* First pass to validate the tlv */
   106		while (buffer_left >= sizeof(struct mgmt_tlv)) {
   107			const u8 len = TO_TLV(buffer)->length;
   108			const u16 exp_len = sizeof(struct mgmt_tlv) +
   109					    len;
   110			const u16 type = le16_to_cpu(TO_TLV(buffer)->type);
   111			u8 exp_data_len;
   112	
   113			if (buffer_left < exp_len) {
   114				bt_dev_warn(hdev, "invalid len left %d, exp >= %d",
   115					    buffer_left, exp_len);
   116	
   117				return mgmt_cmd_status(sk, hdev->id,
   118						MGMT_OP_SET_DEF_SYSTEM_CONFIG,
   119						MGMT_STATUS_INVALID_PARAMS);
   120			}
   121	
   122			/* Please see mgmt-api.txt for documentation of these values */
   123			switch (type) {
   124			case 0x0000:
   125			case 0x0001:
   126			case 0x0002:
   127			case 0x0003:
   128			case 0x0004:
   129			case 0x0005:
   130			case 0x0006:
   131			case 0x0007:
   132			case 0x0008:
   133			case 0x0009:
   134			case 0x000a:
   135			case 0x000b:
   136			case 0x000c:
   137			case 0x000d:
   138			case 0x000e:
   139			case 0x000f:
   140			case 0x0010:
   141			case 0x0011:
   142			case 0x0012:
   143			case 0x0013:
   144			case 0x0014:
   145			case 0x0015:
   146			case 0x0016:
   147			case 0x0017:
   148			case 0x0018:
   149			case 0x0019:
   150			case 0x001a:
   151			case 0x001b:
   152			case 0x001d:
   153			case 0x001e:
   154				exp_data_len = sizeof(u16);
   155				break;
   156			case 0x001f:
   157				exp_data_len = sizeof(u8);
   158				break;
 > 159			default:
   160				bt_dev_warn(hdev, "unsupported parameter %u", type);
   161				break;
   162			}
   163	
   164			if (len != exp_data_len) {
   165				bt_dev_warn(hdev, "invalid length %d, exp %zu for type %d",
 > 166					    len, exp_data_len, type);
   167	
   168				return mgmt_cmd_status(sk, hdev->id,
   169					MGMT_OP_SET_DEF_SYSTEM_CONFIG,
   170					MGMT_STATUS_INVALID_PARAMS);
   171			}
   172	
   173			buffer_left -= exp_len;
   174			buffer += exp_len;
   175		}
   176	
   177		buffer_left = data_len;
   178		buffer = data;
   179		while (buffer_left >= sizeof(struct mgmt_tlv)) {
   180			const u8 len = TO_TLV(buffer)->length;
   181			const u16 exp_len = sizeof(struct mgmt_tlv) +
   182					    len;
   183			const u16 type = le16_to_cpu(TO_TLV(buffer)->type);
   184	
   185			switch (type) {
   186			case 0x0000:
   187				hdev->def_page_scan_type = TLV_GET_LE16(buffer);
   188				break;
   189			case 0x0001:
   190				hdev->def_page_scan_int = TLV_GET_LE16(buffer);
   191				break;
   192			case 0x0002:
   193				hdev->def_page_scan_window = TLV_GET_LE16(buffer);
   194				break;
   195			case 0x0003:
   196				hdev->def_inq_scan_type = TLV_GET_LE16(buffer);
   197				break;
   198			case 0x0004:
   199				hdev->def_inq_scan_int = TLV_GET_LE16(buffer);
   200				break;
   201			case 0x0005:
   202				hdev->def_inq_scan_window = TLV_GET_LE16(buffer);
   203				break;
   204			case 0x0006:
   205				hdev->def_br_lsto = TLV_GET_LE16(buffer);
   206				break;
   207			case 0x0007:
   208				hdev->def_page_timeout = TLV_GET_LE16(buffer);
   209				break;
   210			case 0x0008:
   211				hdev->sniff_min_interval = TLV_GET_LE16(buffer);
   212				break;
   213			case 0x0009:
   214				hdev->sniff_max_interval = TLV_GET_LE16(buffer);
   215				break;
   216			case 0x000a:
   217				hdev->le_adv_min_interval = TLV_GET_LE16(buffer);
   218				break;
   219			case 0x000b:
   220				hdev->le_adv_max_interval = TLV_GET_LE16(buffer);
   221				break;
   222			case 0x000c:
   223				hdev->def_multi_adv_rotation_duration =
   224								   TLV_GET_LE16(buffer);
   225				break;
   226			case 0x000d:
   227				hdev->le_scan_interval = TLV_GET_LE16(buffer);
   228				break;
   229			case 0x000e:
   230				hdev->le_scan_window = TLV_GET_LE16(buffer);
   231				break;
   232			case 0x000f:
   233				hdev->le_scan_int_suspend = TLV_GET_LE16(buffer);
   234				break;
   235			case 0x0010:
   236				hdev->le_scan_window_suspend = TLV_GET_LE16(buffer);
   237				break;
   238			case 0x0011:
   239				hdev->le_scan_int_discovery = TLV_GET_LE16(buffer);
   240				break;
   241			case 0x00012:
   242				hdev->le_scan_window_discovery = TLV_GET_LE16(buffer);
   243				break;
   244			case 0x00013:
   245				hdev->le_scan_int_adv_monitor = TLV_GET_LE16(buffer);
   246				break;
   247			case 0x00014:
   248				hdev->le_scan_window_adv_monitor = TLV_GET_LE16(buffer);
   249				break;
   250			case 0x00015:
   251				hdev->le_scan_int_connect = TLV_GET_LE16(buffer);
   252				break;
   253			case 0x00016:
   254				hdev->le_scan_window_connect = TLV_GET_LE16(buffer);
   255				break;
   256			case 0x00017:
   257				hdev->le_conn_min_interval = TLV_GET_LE16(buffer);
   258				break;
   259			case 0x00018:
   260				hdev->le_conn_max_interval = TLV_GET_LE16(buffer);
   261				break;
   262			case 0x00019:
   263				hdev->le_conn_latency = TLV_GET_LE16(buffer);
   264				break;
   265			case 0x0001a:
   266				hdev->le_supv_timeout = TLV_GET_LE16(buffer);
   267				break;
   268			case 0x0001b:
   269				hdev->def_le_autoconnect_timeout =
   270						msecs_to_jiffies(TLV_GET_LE16(buffer));
   271				break;
   272			case 0x0001d:
   273				hdev->advmon_allowlist_duration = TLV_GET_LE16(buffer);
   274				break;
   275			case 0x0001e:
   276				hdev->advmon_no_filter_duration = TLV_GET_LE16(buffer);
   277				break;
   278			case 0x0001f:
   279				hdev->enable_advmon_interleave_scan = TLV_GET_U8(buffer);
   280				break;
   281			default:
   282				bt_dev_warn(hdev, "unsupported parameter %u", type);
   283				break;
   284			}
   285	
   286			buffer_left -= exp_len;
   287			buffer += exp_len;
   288		}
   289	
   290		return mgmt_cmd_complete(sk, hdev->id,
   291					 MGMT_OP_SET_DEF_SYSTEM_CONFIG, 0, NULL, 0);
   292	}
   293	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Download attachment ".config.gz" of type "application/gzip" (44468 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ