| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Jan 2024 16:50:59 +0000
From: Matthias Kaehlcke <mka@...omium.org>
To: Johan Hovold <johan+linaro@...nel.org>
Cc: Marcel Holtmann <marcel@...tmann.org>,
Johan Hedberg <johan.hedberg@...il.com>,
Luiz Augusto von Dentz <luiz.dentz@...il.com>,
Bjorn Andersson <quic_bjorande@...cinc.com>,
Konrad Dybcio <konrad.dybcio@...aro.org>,
linux-bluetooth@...r.kernel.org, linux-arm-msm@...r.kernel.org,
linux-kernel@...r.kernel.org, stable@...r.kernel.org,
Balakrishna Godavarthi <quic_bgodavar@...cinc.com>,
Doug Anderson <dianders@...gle.com>,
Stephen Boyd <swboyd@...gle.com>
Subject: Re: [PATCH] Bluetooth: qca: fix device-address endianness
Hi Johan,
On Wed, Dec 27, 2023 at 07:03:06PM +0100, Johan Hovold wrote:
> The WCN6855 firmware on the Lenovo ThinkPad X13s expects the Bluetooth
> device address in MSB order when setting it using the
> EDL_WRITE_BD_ADDR_OPCODE command.
>
> Presumably, this is the case for all non-ROME devices which all use the
> EDL_WRITE_BD_ADDR_OPCODE command for this (unlike the ROME devices which
> use a different command and expect the address in LSB order).
>
> Reverse the little-endian address before setting it to make sure that
> the address can be configured using tools like btmgmt or using the
> 'local-bd-address' devicetree property.
>
> Note that this can potentially break systems with boot firmware which
> has started relying on the broken behaviour and is incorrectly passing
> the address via devicetree in MSB order.
We should not break existing devices. Their byte order for
'local-bd-address' may not adhere to the 'spec', however in practice
it is the correct format for existing kernels.
I suggest adding a quirk like 'local-bd-address-msb-quirk' or
'qcom,local-bd-address-msb-quirk' to make sure existing devices keep
working properly.
Thanks
Matthias
>
> Fixes: 5c0a1001c8be ("Bluetooth: hci_qca: Add helper to set device address")
> Cc: stable@...r.kernel.org # 5.1
> Cc: Balakrishna Godavarthi <quic_bgodavar@...cinc.com>
> Cc: Matthias Kaehlcke <mka@...omium.org>
> Signed-off-by: Johan Hovold <johan+linaro@...nel.org>
> ---
>
> Hi Qualcomm people,
>
> Could you please verify with your documentation that all non-ROME
> devices expect the address provided in the EDL_WRITE_BD_ADDR_OPCODE
> command in MSB order?
>
> I assume this is not something that anyone would change between firmware
> revisions, but if that turns out to be the case, we'd need to reverse
> the address based on firmware revision or similar.
>
> Johan
>
>
> drivers/bluetooth/btqca.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c
> index fdb0fae88d1c..29035daf21bc 100644
> --- a/drivers/bluetooth/btqca.c
> +++ b/drivers/bluetooth/btqca.c
> @@ -826,11 +826,15 @@ EXPORT_SYMBOL_GPL(qca_uart_setup);
>
> int qca_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr)
> {
> + bdaddr_t bdaddr_swapped;
> struct sk_buff *skb;
> int err;
>
> - skb = __hci_cmd_sync_ev(hdev, EDL_WRITE_BD_ADDR_OPCODE, 6, bdaddr,
> - HCI_EV_VENDOR, HCI_INIT_TIMEOUT);
> + baswap(&bdaddr_swapped, bdaddr);
> +
> + skb = __hci_cmd_sync_ev(hdev, EDL_WRITE_BD_ADDR_OPCODE, 6,
> + &bdaddr_swapped, HCI_EV_VENDOR,
> + HCI_INIT_TIMEOUT);
> if (IS_ERR(skb)) {
> err = PTR_ERR(skb);
> bt_dev_err(hdev, "QCA Change address cmd failed (%d)", err);
> --
> 2.41.0
>
Powered by blists - more mailing lists