| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <939606fc0825aa17729ab9a1400f3993043fa2d3.1645573830.git.objelf@gmail.com>
Date: Wed, 23 Feb 2022 07:56:00 +0800
From: <sean.wang@...iatek.com>
To: <marcel@...tmann.org>, <johan.hedberg@...il.com>
CC: <Mark-YW.Chen@...iatek.com>, <sean.wang@...iatek.com>,
<Soul.Huang@...iatek.com>, <YN.Chen@...iatek.com>,
<Leon.Yen@...iatek.com>, <Eric-SY.Chang@...iatek.com>,
<Deren.Wu@...iatek.com>, <km.lin@...iatek.com>,
<robin.chiu@...iatek.com>, <Eddie.Chen@...iatek.com>,
<ch.yeh@...iatek.com>, <posh.sun@...iatek.com>,
<ted.huang@...iatek.com>, <Eric.Liang@...iatek.com>,
<Stella.Chang@...iatek.com>, <Tom.Chou@...iatek.com>,
<steve.lee@...iatek.com>, <jsiuda@...gle.com>,
<frankgor@...gle.com>, <jemele@...gle.com>,
<abhishekpandit@...gle.com>, <michaelfsun@...gle.com>,
<mcchou@...omium.org>, <shawnku@...gle.com>,
<linux-bluetooth@...r.kernel.org>,
<linux-mediatek@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>, Yake Yang <yake.yang@...iatek.com>
Subject: [PATCH 2/2] Bluetooth: btmtksdio: Fix kernel oops when sdio suspend.
From: Yake Yang <yake.yang@...iatek.com>
Do not kfree the skb when the skb failed to send with __hci_cmd_sync
2435.241210] Call trace:
[ 2435.241224] kfree_skb+0x20/0x140
[ 2435.241240] btmtksdio_sdio_wakeup+0x8c/0xcc
[ 2435.241360] hci_suspend_notifier+0x108/0x184
[ 2435.241377] notifier_call_chain_robust+0x58/0xd8
[ 2435.241390] blocking_notifier_call_chain_robust+0x54/0x84
[ 2435.241402] pm_notifier_call_chain_robust+0x2c/0x4c
[ 2435.241414] suspend_prepare+0x40/0x238
[ 2435.241425] enter_state+0xec/0x3a8
[ 2435.241436] pm_suspend+0x60/0xcc
[ 2435.241446] state_store+0xb8/0x114
[ 2435.241460] kobj_attr_store+0x18/0x2c
[ 2435.241473] sysfs_kf_write+0x44/0x58
[ 2435.241486] kernfs_fop_write_iter+0xf4/0x190
[ 2435.241500] vfs_write+0x2b0/0x2e4
[ 2435.241511] ksys_write+0x80/0xec
[ 2435.241523] __arm64_sys_write+0x24/0x30
[ 2435.241538] el0_svc_common+0xf0/0x1d8
[ 2435.241550] do_el0_svc_compat+0x28/0x54
[ 2435.241564] el0_svc_compat+0x10/0x1c
[ 2435.241574] el0_sync_compat_handler+0xa8/0xcc
[ 2435.241586] el0_sync_compat+0x188/0x1c0
[ 2435.241606] Code: a9014ff4 910003fd b40002c0 aa0003f3 (b84d4c08)
[ 2435.241619] ---[ end trace d496539b850baf14 ]---
Fixes: ce64b3e94919 ("Bluetooth: mt7921s: Support wake on bluetooth")
Co-developed-by: Sean Wang <sean.wang@...iatek.com>
Signed-off-by: Sean Wang <sean.wang@...iatek.com>
Signed-off-by: Yake Yang <yake.yang@...iatek.com>
---
drivers/bluetooth/btmtksdio.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/bluetooth/btmtksdio.c b/drivers/bluetooth/btmtksdio.c
index cbb09e1b823d..df3f9d090529 100644
--- a/drivers/bluetooth/btmtksdio.c
+++ b/drivers/bluetooth/btmtksdio.c
@@ -1226,8 +1226,8 @@ static bool btmtksdio_sdio_wakeup(struct hci_dev *hdev)
&bt_awake, HCI_CMD_TIMEOUT);
if (IS_ERR(skb))
may_wakeup = false;
-
- kfree_skb(skb);
+ else
+ kfree_skb(skb);
}
return may_wakeup;
--
2.25.1
Powered by blists - more mailing lists