lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <fa781c84-759c-4c31-811c-d8a93bfb8f1e@amlogic.com>
Date: Thu, 3 Jul 2025 16:48:06 +0800
From: Yang Li <yang.li@...ogic.com>
To: Luiz Augusto von Dentz <luiz.dentz@...il.com>
Cc: Marcel Holtmann <marcel@...tmann.org>,
 Johan Hedberg <johan.hedberg@...il.com>,
 "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
 Simon Horman <horms@...nel.org>, linux-bluetooth@...r.kernel.org,
 netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Bluetooth: hci_core: lookup pa sync need check BIG sync
 state

Hi,
Please forgive my oversight,
I replied to the wrong email. Kindly ignore that response.
> Hi Luiz,
>> [ EXTERNAL EMAIL ]
>>
>> Hi,
>>
>> On Tue, Jul 1, 2025 at 9:18 PM Yang Li via B4 Relay
>> <devnull+yang.li.amlogic.com@...nel.org> wrote:
>>> From: Yang Li <yang.li@...ogic.com>
>>>
>>> Ignore the big sync connections, we are looking for the PA
>>> sync connection that was created as a result of the PA sync
>>> established event.
>> Were you seeing an issue with this, if you do please describe it and
>> add the traces, debug logs, etc.
>
> Since the PA sync connection is set to BT_CONNECTED in 
> hci_le_big_sync_established_evt, if its status is BT_CONNECTED when 
> hci_abort_conn_sync is called, hci_disconnect_sync() will be executed, 
> which will cause the PA sync connection to be deleted.
>
> int hci_abort_conn_sync(struct hci_dev *hdev, struct hci_conn *conn, 
> u8 reason)
> {
> ...
>     switch (conn->state) {
>     case BT_CONNECTED:
>     case BT_CONFIG:
>         err = hci_disconnect_sync(hdev, conn, reason);
>         break;
> ...
>
> stack trace as below:
>
> [   55.154495][0 T1966  d.] CPU: 0 PID: 1966 Comm: kworker/u9:0 
> Tainted: G           O       6.6.77 #104
> [   55.155721][0 T1966  d.] Hardware name: Amlogic (DT)
> [   55.156336][0 T1966  d.] Workqueue: hci0 hci_cmd_sync_work
> [   55.157018][0 T1966  d.] Call trace:
> [   55.157461][0 T1966  d.]  dump_backtrace+0x94/0xec
> [   55.158056][0 T1966  d.]  show_stack+0x18/0x24
> [   55.158607][0 T1966  d.]  dump_stack_lvl+0x48/0x60
> [   55.159205][0 T1966  d.]  dump_stack+0x18/0x24
> [   55.159756][0 T1966  d.]  hci_conn_del+0x1c/0x12c
> [   55.160341][0 T1966  d.]  hci_conn_failed+0xdc/0x150
> [   55.160958][0 T1966  d.]  hci_abort_conn_sync+0x204/0x388
> [   55.161630][0 T1966  d.]  abort_conn_sync+0x58/0x80
> [   55.162237][0 T1966  d.]  hci_cmd_sync_work+0x94/0x100
> [   55.162877][0 T1966  d.]  process_one_work+0x168/0x444
> [   55.163516][0 T1966  d.]  worker_thread+0x378/0x3f4
> [   55.164122][0 T1966  d.]  kthread+0x108/0x10c
> [   55.164664][0 T1966  d.]  ret_from_fork+0x10/0x20
> [   55.165408][0 T1966  d.] hci0 hcon 000000004f36962c handle 3841 #PA 
> sync connection
>
>
> btmon trace:
>
> < HCI Command: Disconnect (0x01|0x0006) plen 3             #75 [hci0] 
> 14.640630
>         Handle: 3841
>         Reason: Remote User Terminated Connection (0x13)
> > HCI Event: Command Status (0x0f) plen 4                  #76 [hci0] 
> 14.642103
>       Disconnect (0x01|0x0006) ncmd 1
>         Status: Invalid HCI Command Parameters (0x12)
>
>
> So the current question is whether the PA sync connection, which is 
> marked as BT_CONNECTED, really needs to be disconnected.
> If it does need to be disconnected, then the PA sync terminate command 
> must be executed.
> However, in my opinion, the PA sync connection should not be 
> disconnected.
>
>>
>>> Signed-off-by: Yang Li <yang.li@...ogic.com>
>>> ---
>>>   include/net/bluetooth/hci_core.h | 7 +++++++
>>>   1 file changed, 7 insertions(+)
>>>
>>> diff --git a/include/net/bluetooth/hci_core.h 
>>> b/include/net/bluetooth/hci_core.h
>>> index 3ce1fb6f5822..646b0c5fd7a5 100644
>>> --- a/include/net/bluetooth/hci_core.h
>>> +++ b/include/net/bluetooth/hci_core.h
>>> @@ -1400,6 +1400,13 @@ hci_conn_hash_lookup_pa_sync_handle(struct 
>>> hci_dev *hdev, __u16 sync_handle)
>>>                  if (c->type != BIS_LINK)
>>>                          continue;
>>>
>>> +               /* Ignore the big sync connections, we are looking
>>> +                * for the PA sync connection that was created as
>>> +                * a result of the PA sync established event.
>>> +                */
>>> +               if (test_bit(HCI_CONN_BIG_SYNC, &c->flags))
>>> +                       continue;
>>> +
>> hci_conn_hash_lookup_pa_sync_big_handle does:
>>
>>          if (c->type != BIS_LINK ||
>>              !test_bit(HCI_CONN_PA_SYNC, &c->flags))
>>
>>>                  /* Ignore the listen hcon, we are looking
>>>                   * for the child hcon that was created as
>>>                   * a result of the PA sync established event.
>>>
>>> ---
>>> base-commit: 3bc46213b81278f3a9df0324768e152de71eb9fe
>>> change-id: 20250701-pa_sync-2fc7fc9f592c
>>>
>>> Best regards,
>>> -- 
>>> Yang Li <yang.li@...ogic.com>
>>>
>>>
>>
>> -- 
>> Luiz Augusto von Dentz

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ