| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Nov 2021 15:11:42 +0100
From: Marcel Holtmann <marcel@...tmann.org>
To: Archie Pusaka <apusaka@...gle.com>
Cc: linux-bluetooth <linux-bluetooth@...r.kernel.org>,
Luiz Augusto von Dentz <luiz.dentz@...il.com>,
CrosBT Upstreaming <chromeos-bluetooth-upstreaming@...omium.org>,
Archie Pusaka <apusaka@...omium.org>,
Miao-chen Chou <mcchou@...omium.org>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Johan Hedberg <johan.hedberg@...il.com>,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH v2 2/2] Bluetooth: Limit duration of Remote Name Resolve
Hi Archie,
> When doing remote name request, we cannot scan. In the normal case it's
> OK since we can expect it to finish within a short amount of time.
> However, there is a possibility to scan lots of devices that
> (1) requires Remote Name Resolve
> (2) is unresponsive to Remote Name Resolve
> When this happens, we are stuck to do Remote Name Resolve until all is
> done before continue scanning.
>
> This patch adds a time limit to stop us spending too long on remote
> name request.
>
> Signed-off-by: Archie Pusaka <apusaka@...omium.org>
> Reviewed-by: Miao-chen Chou <mcchou@...omium.org>
> ---
>
> (no changes since v1)
>
> include/net/bluetooth/hci_core.h | 3 +++
> net/bluetooth/hci_event.c | 7 +++++++
> 2 files changed, 10 insertions(+)
>
> diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
> index b5f061882c10..4112907bb49d 100644
> --- a/include/net/bluetooth/hci_core.h
> +++ b/include/net/bluetooth/hci_core.h
> @@ -88,6 +88,7 @@ struct discovery_state {
> u8 (*uuids)[16];
> unsigned long scan_start;
> unsigned long scan_duration;
> + unsigned long name_resolve_timeout;
> };
>
> #define SUSPEND_NOTIFIER_TIMEOUT msecs_to_jiffies(2000) /* 2 seconds */
> @@ -1762,6 +1763,8 @@ void hci_mgmt_chan_unregister(struct hci_mgmt_chan *c);
> #define DISCOV_LE_FAST_ADV_INT_MIN 0x00A0 /* 100 msec */
> #define DISCOV_LE_FAST_ADV_INT_MAX 0x00F0 /* 150 msec */
>
> +#define NAME_RESOLVE_DURATION msecs_to_jiffies(10240) /* msec */
> +
It is nice that you define the unit here, but we also want the amount. So 10.24 seconds.
> void mgmt_fill_version_info(void *ver);
> int mgmt_new_settings(struct hci_dev *hdev);
> void mgmt_index_added(struct hci_dev *hdev);
> diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
> index 2de3080659f9..6180ab0e8b8d 100644
> --- a/net/bluetooth/hci_event.c
> +++ b/net/bluetooth/hci_event.c
> @@ -2129,6 +2129,12 @@ static bool hci_resolve_next_name(struct hci_dev *hdev)
> if (list_empty(&discov->resolve))
> return false;
>
> + /* We should stop if we already spent too much time resolving names. */
> + if (time_after(jiffies, discov->name_resolve_timeout)) {
> + bt_dev_dbg(hdev, "Name resolve takes too long, stopping.");
I might be better to have bt_dev_warn_ratelimited here. I mean if this happens, you want to have something actionable in your logs. Or if you don’t care, then also scrap the message and include more details in the comments that you just abort since it is taking too long.
> + return false;
> + }
> +
> e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
> if (!e)
> return false;
> @@ -2716,6 +2722,7 @@ static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
> if (e && hci_resolve_name(hdev, e) == 0) {
> e->name_state = NAME_PENDING;
> hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
> + discov->name_resolve_timeout = jiffies + NAME_RESOLVE_DURATION;
> } else {
> /* When BR/EDR inquiry is active and no LE scanning is in
> * progress, then change discovery state to indicate completion.
Regards
Marcel
Powered by blists - more mailing lists