lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <84fd4012-966b-4983-b015-ffce06509b5e@molgen.mpg.de>
Date: Sat, 30 Aug 2025 07:11:10 +0200
From: Paul Menzel <pmenzel@...gen.mpg.de>
To: Calvin Owens <calvin@...nvd.org>
Cc: linux-kernel@...r.kernel.org, linux-bluetooth@...r.kernel.org,
 Luiz Augusto von Dentz <luiz.von.dentz@...el.com>,
 oe-kbuild-all@...ts.linux.dev, Marcel Holtmann <marcel@...tmann.org>,
 Sean Wang <sean.wang@...iatek.com>, linux-mediatek@...ts.infradead.org
Subject: Re: [PATCH] Bluetooth: btmtksdio: Fix build after header cleanup

Dear Calvin,


Thank you for your patch, and addressing the regression right away.

Am 30.08.25 um 02:50 schrieb Calvin Owens:
> Syzbot found a randconfig which fails after my recent patch:
> 
>      drivers/bluetooth/btmtksdio.c:442:33: error: array type has incomplete element type ‘struct h4_recv_pkt’
>        442 | static const struct h4_recv_pkt mtk_recv_pkts[] = {
>            |                                 ^~~~~~~~~~~~~
>      drivers/bluetooth/btmtksdio.c:443:11: error: ‘H4_RECV_ACL’ undeclared here (not in a function)
>        443 |         { H4_RECV_ACL,      .recv = btmtksdio_recv_acl },
>            |           ^~~~~~~~~~~
>      drivers/bluetooth/btmtksdio.c:444:11: error: ‘H4_RECV_SCO’ undeclared here (not in a function)
>        444 |         { H4_RECV_SCO,      .recv = hci_recv_frame },
>            |           ^~~~~~~~~~~
>      drivers/bluetooth/btmtksdio.c:445:11: error: ‘H4_RECV_EVENT’ undeclared here (not in a function)
>        445 |         { H4_RECV_EVENT,    .recv = btmtksdio_recv_event },
> 
> ...because we can have BT_MTKSDIO=y with BT_HCIUART_H4=n, and the
> definitions used here are gated on BT_HCIUART_H4 in hci_uart.h.

The drivers below seem to be affected:

     drivers/bluetooth/bpa10x.c:     { H4_RECV_EVENT,   .recv = 
hci_recv_frame },
     drivers/bluetooth/btmtksdio.c:  { H4_RECV_EVENT,    .recv = 
btmtksdio_recv_event },
     drivers/bluetooth/btmtkuart.c:  { H4_RECV_EVENT,    .recv = 
btmtkuart_recv_event },
     drivers/bluetooth/btnxpuart.c:  { H4_RECV_EVENT,        .recv = 
hci_recv_frame },

> I think the simplest way to fix this is to remove the gate on the
> definitions in hci_uart.h. Since the constants are macros, there's no
> runtime cost to doing so, and nothing seems to rely on their absence in
> the BT_HCIUART_H4=n case.

Looking at the implementation, it looks like they only work with the H4 
protocol? So maybe, that should be denoted in the Kconfig files?

> I let randconfig builds run for awhile in drivers/bluetooth/ and didn't
> hit anything else, so hopefully this was the only fallout.
> 
> Fixes: 74bcec450eea ("Bluetooth: remove duplicate h4_recv_buf() in header")
> Reported-by: kernel test robot <lkp@...el.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202508300413.OnIedvRh-lkp@intel.com/
> Signed-off-by: Calvin Owens <calvin@...nvd.org>
> ---
>   drivers/bluetooth/hci_uart.h | 2 --
>   1 file changed, 2 deletions(-)
> 
> diff --git a/drivers/bluetooth/hci_uart.h b/drivers/bluetooth/hci_uart.h
> index 5ea5dd80e297..fd0624988aba 100644
> --- a/drivers/bluetooth/hci_uart.h
> +++ b/drivers/bluetooth/hci_uart.h
> @@ -121,7 +121,6 @@ void hci_uart_set_flow_control(struct hci_uart *hu, bool enable);
>   void hci_uart_set_speeds(struct hci_uart *hu, unsigned int init_speed,
>   			 unsigned int oper_speed);
>   
> -#ifdef CONFIG_BT_HCIUART_H4
>   int h4_init(void);
>   int h4_deinit(void);
>   
> @@ -165,7 +164,6 @@ struct h4_recv_pkt {
>   struct sk_buff *h4_recv_buf(struct hci_dev *hdev, struct sk_buff *skb,
>   			    const unsigned char *buffer, int count,
>   			    const struct h4_recv_pkt *pkts, int pkts_count);
> -#endif
>   
>   #ifdef CONFIG_BT_HCIUART_BCSP
>   int bcsp_init(void);

It’s a valid fix.

Reviewed-by: Paul Menzel <pmenzel@...gen.mpg.de>


Kind regards,

Paul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ