Fixed punctuation #397

tran-simon · 2017-03-24T19:00:32Z

Made the first letter of the first sentence (the 'b' in "builds") capital.

Added missing commas.

Made the first letter of the first sentence (the 'b' in "builds") capital. Added missing commas.

KernelPRBot · 2017-03-24T19:05:07Z

Hi @ThePotatoGod99!

Thanks for your contribution to the Linux kernel!

Linux kernel development happens on mailing lists, rather than on GitHub - this GitHub repository is a read-only mirror that isn't used for accepting contributions. So that your change can become part of Linux, please email it to us as a patch.

Sending patches isn't quite as simple as sending a pull request, but fortunately it is a well documented process.

Here's what to do:

Format your contribution according to kernel requirements
Decide who to send your contribution to
Set up your system to send your contribution as an email
Send your contribution and wait for feedback

How do I format my contribution?

The Linux kernel community is notoriously picky about how contributions are formatted and sent. Fortunately, they have documented their expectations.

Firstly, all contributions need to be formatted as patches. A patch is a plain text document showing the change you want to make to the code, and documenting why it is a good idea.

You can create patches with git format-patch.

Secondly, patches need 'commit messages', which is the human-friendly documentation explaining what the change is and why it's necessary.

Thirdly, changes have some technical requirements. There is a Linux kernel coding style, and there are licensing requirements you need to comply with.

Both of these are documented in the Submitting Patches documentation that is part of the kernel.

Note that you will almost certainly have to modify your existing git commits to satisfy these requirements. Don't worry: there are many guides on the internet for doing this.

Who do I send my contribution to?

The Linux kernel is composed of a number of subsystems. These subsystems are maintained by different people, and have different mailing lists where they discuss proposed changes.

If you don't already know what subsystem your change belongs to, the get_maintainer.pl script in the kernel source can help you.

get_maintainer.pl will take the patch or patches you created in the previous step, and tell you who is responsible for them, and what mailing lists are used. You can also take a look at the MAINTAINERS file by hand.

Make sure that your list of recipients includes a mailing list. If you can't find a more specific mailing list, then LKML - the Linux Kernel Mailing List - is the place to send your patches.

It's not usually necessary to subscribe to the mailing list before you send the patches, but if you're interested in kernel development, subscribing to a subsystem mailing list is a good idea. (At this point, you probably don't need to subscribe to LKML - it is a very high traffic list with about a thousand messages per day, which is often not useful for beginners.)

How do I send my contribution?

Use git send-email, which will ensure that your patches are formatted in the standard manner. In order to use git send-email, you'll need to configure git to use your SMTP email server.

For more information about using git send-email, look at the Git documentation or type git help send-email. There are a number of useful guides and tutorials about git send-email that can be found on the internet.

How do I get help if I'm stuck?

Firstly, don't get discouraged! There are an enormous number of resources on the internet, and many kernel developers who would like to see you succeed.

Many issues - especially about how to use certain tools - can be resolved by using your favourite internet search engine.

If you can't find an answer, there are a few places you can turn:

Kernel Newbies - this website contains a lot of useful resources for new kernel developers.
If you'd like a step-by-step, challenge-based introduction to kernel development, the Eudyptula Challenge would be an excellent start.
The kernel documentation - see also the Documentation directory in the kernel tree.

If you get really, really stuck, you could try the owners of this bot, @daxtens and @ajdlinux. Please be aware that we do have full-time jobs, so we are almost certainly the slowest way to get answers!

I sent my patch - now what?

You wait.

You can check that your email has been received by checking the mailing list archives for the mailing list you sent your patch to. Messages may not be received instantly, so be patient. Kernel developers are generally very busy people, so it may take a few weeks before your patch is looked at.

Then, you keep waiting. Three things may happen:

You might get a response to your email. Often these will be comments, which may require you to make changes to your patch, or explain why your way is the best way. You should respond to these comments, and you may need to submit another revision of your patch to address the issues raised.
Your patch might be merged into the subsystem tree. Code that becomes part of Linux isn't merged into the main repository straight away - it first goes into the subsystem tree, which is managed by the subsystem maintainer. It is then batched up with a number of other changes sent to Linus for inclusion. (This process is described in some detail in the kernel development process guide).
Your patch might be ignored completely. This happens sometimes - don't take it personally. Here's what to do:
- Wait a bit more - patches often take several weeks to get a response; more if they were sent at a busy time.
- Kernel developers often silently ignore patches that break the rules. Check for obvious violations of the the Submitting Patches guidelines, the style guidelines, and any other documentation you can find about your subsystem. Check that you're sending your patch to the right place.
- Try again later. When you resend it, don't add angry commentary, as that will get your patch ignored. It might also get you silently blacklisted.

Further information

Working with the kernel development community - the official documentation for new kernel contributors

Happy hacking!

This message was posted by a bot - if you have any questions or suggestions, please talk to my owners, @ajdlinux and @daxtens, or raise an issue at https://github.com/ajdlinux/KernelPRBot.

* lkl: Fix a crash issue when no configuration file is specified When no env variables nor json files are configured, it sometimes crashes due to uninitialized value of lkl_config->ifnum. This patch fixes this issue by simply zero-ing the values. Fixes: 842d02f ("lkl: Support json configuration and multiple interfaces") Signed-off-by: Hajime Tazaki <[email protected]> * lkl: fix typos on getsockopt/setsockopt This typo was there since the first version. Signed-off-by: Hajime Tazaki <[email protected]> * lkl: let debug print disabled if 0 is specified. Reported at https://goo.gl/WpdLjg Signed-off-by: Hajime Tazaki <[email protected]>

Fix checkpatch warnings: WARNING: Use #include <linux/io.h> instead of <asm/io.h> torvalds#38: FILE: drivers/tty/serial/sunzilog.c:38: +#include <asm/io.h> WARNING: line over 80 characters torvalds#109: FILE: drivers/tty/serial/sunzilog.c:109: +#define ZILOG_CHANNEL_FROM_PORT(PORT) ((struct zilog_channel __iomem *)((PORT)->membase)) WARNING: line over 80 characters torvalds#116: FILE: drivers/tty/serial/sunzilog.c:116: +#define ZS_WANTS_MODEM_STATUS(UP) ((UP)->flags & SUNZILOG_FLAG_MODEM_STATUS) WARNING: line over 80 characters torvalds#179: FILE: drivers/tty/serial/sunzilog.c:179: +static int __load_zsregs(struct zilog_channel __iomem *channel, unsigned char *regs) WARNING: Missing a blank line after declarations torvalds#188: FILE: drivers/tty/serial/sunzilog.c:188: + unsigned char stat = read_zsreg(channel, R1); + if (stat & ALL_SNT) ERROR: trailing whitespace torvalds#231: FILE: drivers/tty/serial/sunzilog.c:231: +^I$ WARNING: braces {} are not necessary for any arm of this statement torvalds#276: FILE: drivers/tty/serial/sunzilog.c:276: + if (ZS_TX_ACTIVE(up)) { [...] + } else { [...] ERROR: else should follow close brace '}' torvalds#378: FILE: drivers/tty/serial/sunzilog.c:378: + } + else if (r1 & PAR_ERR) ERROR: code indent should use tabs where possible torvalds#397: FILE: drivers/tty/serial/sunzilog.c:397: +^I^I ^Itty_insert_flip_char(port, ch, flag);$ WARNING: please, no space before tabs torvalds#397: FILE: drivers/tty/serial/sunzilog.c:397: +^I^I ^Itty_insert_flip_char(port, ch, flag);$ WARNING: line over 80 characters torvalds#440: FILE: drivers/tty/serial/sunzilog.c:440: + /* The Zilog just gives us an interrupt when DCD/CTS/etc. change. WARNING: line over 80 characters torvalds#441: FILE: drivers/tty/serial/sunzilog.c:441: + * But it does not tell us which bit has changed, we have to keep WARNING: Missing a blank line after declarations torvalds#464: FILE: drivers/tty/serial/sunzilog.c:464: + unsigned char status = readb(&channel->control); + ZSDELAY(); WARNING: line over 80 characters torvalds#468: FILE: drivers/tty/serial/sunzilog.c:468: + * It can occur because of how we do serial console writes. It would WARNING: line over 80 characters torvalds#469: FILE: drivers/tty/serial/sunzilog.c:469: + * be nice to transmit console writes just like we normally would for WARNING: line over 80 characters torvalds#470: FILE: drivers/tty/serial/sunzilog.c:470: + * a TTY line. (ie. buffered and TX interrupt driven). That is not WARNING: line over 80 characters torvalds#471: FILE: drivers/tty/serial/sunzilog.c:471: + * easy because console writes cannot sleep. One solution might be WARNING: line over 80 characters torvalds#593: FILE: drivers/tty/serial/sunzilog.c:593: +static __inline__ unsigned char sunzilog_read_channel_status(struct uart_port *port) WARNING: plain inline is preferred over __inline__ torvalds#593: FILE: drivers/tty/serial/sunzilog.c:593: +static __inline__ unsigned char sunzilog_read_channel_status(struct uart_port *port) ERROR: trailing whitespace torvalds#664: FILE: drivers/tty/serial/sunzilog.c:664: +^I/* NOTE: Not subject to 'transmitter active' rule. */ $ ERROR: trailing whitespace torvalds#752: FILE: drivers/tty/serial/sunzilog.c:752: +^I^I/* NOTE: Not subject to 'transmitter active' rule. */ $ ERROR: trailing whitespace torvalds#779: FILE: drivers/tty/serial/sunzilog.c:779: +^I^I/* NOTE: Not subject to 'transmitter active' rule. */ $ WARNING: line over 80 characters #999: FILE: drivers/tty/serial/sunzilog.c:999: +static int sunzilog_verify_port(struct uart_port *port, struct serial_struct *ser) WARNING: Missing a blank line after declarations #1142: FILE: drivers/tty/serial/sunzilog.c:1142: + unsigned char val = readb(&channel->control); + if (val & Tx_BUF_EMP) { WARNING: Prefer [subsystem eg: netdev]_info([subsystem]dev, ... then dev_info(dev, ... then pr_info(... to printk(KERN_INFO ... #1230: FILE: drivers/tty/serial/sunzilog.c:1230: + printk(KERN_INFO "Console: ttyS%d (SunZilog zs%d)\n", WARNING: braces {} are not necessary for single statement blocks #1383: FILE: drivers/tty/serial/sunzilog.c:1383: + if (__load_zsregs(channel, up->curregs)) { + up->flags |= SUNZILOG_FLAG_ESCC; + } WARNING: quoted string split across lines #1493: FILE: drivers/tty/serial/sunzilog.c:1493: + dev_info(&op->dev, "Keyboard at MMIO 0x%llx (irq = %d) " + "is a %s\n", WARNING: quoted string split across lines #1497: FILE: drivers/tty/serial/sunzilog.c:1497: + dev_info(&op->dev, "Mouse at MMIO 0x%llx (irq = %d) " + "is a %s\n", WARNING: Missing a blank line after declarations #1581: FILE: drivers/tty/serial/sunzilog.c:1581: + struct uart_sunzilog_port *up = sunzilog_irq_chain; + err = request_irq(zilog_irq, sunzilog_interrupt, IRQF_SHARED, WARNING: line over 80 characters #1590: FILE: drivers/tty/serial/sunzilog.c:1590: + /* printk (KERN_INFO "Enable IRQ for ZILOG Hardware %p\n", up); */ WARNING: line over 80 characters #1627: FILE: drivers/tty/serial/sunzilog.c:1627: + /* printk (KERN_INFO "Disable IRQ for ZILOG Hardware %p\n", up); */ ERROR: trailing statements should be on next line #1248: FILE: drivers/tty/serial/sunzilog.c:1248: + case B150: baud = 150; break; ERROR: trailing statements should be on next line #1249: FILE: drivers/tty/serial/sunzilog.c:1249: + case B300: baud = 300; break; ERROR: trailing statements should be on next line #1250: FILE: drivers/tty/serial/sunzilog.c:1250: + case B600: baud = 600; break; ERROR: trailing statements should be on next line #1251: FILE: drivers/tty/serial/sunzilog.c:1251: + case B1200: baud = 1200; break; ERROR: trailing statements should be on next line #1252: FILE: drivers/tty/serial/sunzilog.c:1252: + case B2400: baud = 2400; break; ERROR: trailing statements should be on next line #1253: FILE: drivers/tty/serial/sunzilog.c:1253: + case B4800: baud = 4800; break; ERROR: trailing statements should be on next line #1254: FILE: drivers/tty/serial/sunzilog.c:1254: + default: case B9600: baud = 9600; break; ERROR: trailing statements should be on next line #1255: FILE: drivers/tty/serial/sunzilog.c:1255: + case B19200: baud = 19200; break; ERROR: trailing statements should be on next line #1256: FILE: drivers/tty/serial/sunzilog.c:1256: + case B38400: baud = 38400; break; Signed-off-by: Enrico Weigelt <[email protected]>

Because of both sides doing L2CAP disconnection at the same time, it was possible to receive L2CAP Disconnection Response with CID that was already freed. That caused problems if CID was already reused and L2CAP Connection Request with same CID was sent out. Before this patch kernel deleted channel context regardless of the state of the channel. Example where leftover Disconnection Response (frame torvalds#402) causes local device to delete L2CAP channel which was not yet connected. This in turn confuses remote device's stack because same CID is re-used without properly disconnecting. Btmon capture before patch: ** snip ** > ACL Data RX: Handle 43 flags 0x02 dlen 8 torvalds#394 [hci1] 10.748949 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 torvalds#395 [hci1] 10.749062 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#396 [hci1] 10.749073 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#397 [hci1] 10.752391 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#398 [hci1] 10.753394 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#399 [hci1] 10.756499 L2CAP: Disconnection Request (0x06) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#400 [hci1] 10.756548 L2CAP: Disconnection Response (0x07) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#401 [hci1] 10.757459 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#402 [hci1] 10.759148 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 = bluetoothd: 00:1E:AB:4C:56:54: error updating services: Input/o.. 10.759447 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#403 [hci1] 10.759386 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#404 [hci1] 10.760397 L2CAP: Connection Request (0x02) ident 27 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 torvalds#405 [hci1] 10.760441 L2CAP: Connection Response (0x03) ident 27 len 8 Destination CID: 65 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 torvalds#406 [hci1] 10.760449 L2CAP: Configure Request (0x04) ident 19 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#407 [hci1] 10.761399 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 16 torvalds#408 [hci1] 10.762942 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Similar case after the patch: *snip* > ACL Data RX: Handle 43 flags 0x02 dlen 8 #22702 [hci0] 1664.411056 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 #22703 [hci0] 1664.411136 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22704 [hci0] 1664.411143 L2CAP: Disconnection Request (0x06) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22705 [hci0] 1664.414009 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22706 [hci0] 1664.415007 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22707 [hci0] 1664.418674 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22708 [hci0] 1664.418762 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22709 [hci0] 1664.421073 L2CAP: Connection Request (0x02) ident 12 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22710 [hci0] 1664.421371 L2CAP: Disconnection Response (0x07) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22711 [hci0] 1664.424082 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22712 [hci0] 1664.425040 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22713 [hci0] 1664.426103 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 #22714 [hci0] 1664.426186 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 #22715 [hci0] 1664.426196 L2CAP: Configure Request (0x04) ident 13 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > ACL Data RX: Handle 43 flags 0x02 dlen 16 #22716 [hci0] 1664.428804 L2CAP: Connection Response (0x03) ident 12 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Fix is to check that channel is in state BT_DISCONN before deleting the channel. This bug was found while fuzzing Bluez's OBEX implementation using Synopsys Defensics. Reported-by: Matti Kamunen <[email protected]> Reported-by: Ari Timonen <[email protected]> Signed-off-by: Matias Karhumaa <[email protected]>

Fix checkpatch warnings: WARNING: Use #include <linux/io.h> instead of <asm/io.h> torvalds#38: FILE: drivers/tty/serial/sunzilog.c:38: +#include <asm/io.h> WARNING: line over 80 characters torvalds#109: FILE: drivers/tty/serial/sunzilog.c:109: +#define ZILOG_CHANNEL_FROM_PORT(PORT) ((struct zilog_channel __iomem *)((PORT)->membase)) WARNING: line over 80 characters torvalds#116: FILE: drivers/tty/serial/sunzilog.c:116: +#define ZS_WANTS_MODEM_STATUS(UP) ((UP)->flags & SUNZILOG_FLAG_MODEM_STATUS) WARNING: line over 80 characters torvalds#179: FILE: drivers/tty/serial/sunzilog.c:179: +static int __load_zsregs(struct zilog_channel __iomem *channel, unsigned char *regs) WARNING: Missing a blank line after declarations torvalds#188: FILE: drivers/tty/serial/sunzilog.c:188: + unsigned char stat = read_zsreg(channel, R1); + if (stat & ALL_SNT) ERROR: trailing whitespace torvalds#231: FILE: drivers/tty/serial/sunzilog.c:231: +^I$ WARNING: braces {} are not necessary for any arm of this statement torvalds#276: FILE: drivers/tty/serial/sunzilog.c:276: + if (ZS_TX_ACTIVE(up)) { [...] + } else { [...] ERROR: else should follow close brace '}' torvalds#378: FILE: drivers/tty/serial/sunzilog.c:378: + } + else if (r1 & PAR_ERR) ERROR: code indent should use tabs where possible torvalds#397: FILE: drivers/tty/serial/sunzilog.c:397: +^I^I ^Itty_insert_flip_char(port, ch, flag);$ WARNING: please, no space before tabs torvalds#397: FILE: drivers/tty/serial/sunzilog.c:397: +^I^I ^Itty_insert_flip_char(port, ch, flag);$ WARNING: line over 80 characters torvalds#440: FILE: drivers/tty/serial/sunzilog.c:440: + /* The Zilog just gives us an interrupt when DCD/CTS/etc. change. WARNING: line over 80 characters torvalds#441: FILE: drivers/tty/serial/sunzilog.c:441: + * But it does not tell us which bit has changed, we have to keep WARNING: Missing a blank line after declarations torvalds#464: FILE: drivers/tty/serial/sunzilog.c:464: + unsigned char status = readb(&channel->control); + ZSDELAY(); WARNING: line over 80 characters torvalds#468: FILE: drivers/tty/serial/sunzilog.c:468: + * It can occur because of how we do serial console writes. It would WARNING: line over 80 characters torvalds#469: FILE: drivers/tty/serial/sunzilog.c:469: + * be nice to transmit console writes just like we normally would for WARNING: line over 80 characters torvalds#470: FILE: drivers/tty/serial/sunzilog.c:470: + * a TTY line. (ie. buffered and TX interrupt driven). That is not WARNING: line over 80 characters torvalds#471: FILE: drivers/tty/serial/sunzilog.c:471: + * easy because console writes cannot sleep. One solution might be WARNING: line over 80 characters torvalds#593: FILE: drivers/tty/serial/sunzilog.c:593: +static __inline__ unsigned char sunzilog_read_channel_status(struct uart_port *port) WARNING: plain inline is preferred over __inline__ torvalds#593: FILE: drivers/tty/serial/sunzilog.c:593: +static __inline__ unsigned char sunzilog_read_channel_status(struct uart_port *port) ERROR: trailing whitespace torvalds#664: FILE: drivers/tty/serial/sunzilog.c:664: +^I/* NOTE: Not subject to 'transmitter active' rule. */ $ ERROR: trailing whitespace torvalds#752: FILE: drivers/tty/serial/sunzilog.c:752: +^I^I/* NOTE: Not subject to 'transmitter active' rule. */ $ ERROR: trailing whitespace torvalds#779: FILE: drivers/tty/serial/sunzilog.c:779: +^I^I/* NOTE: Not subject to 'transmitter active' rule. */ $ WARNING: line over 80 characters #999: FILE: drivers/tty/serial/sunzilog.c:999: +static int sunzilog_verify_port(struct uart_port *port, struct serial_struct *ser) WARNING: Missing a blank line after declarations #1142: FILE: drivers/tty/serial/sunzilog.c:1142: + unsigned char val = readb(&channel->control); + if (val & Tx_BUF_EMP) { WARNING: Prefer [subsystem eg: netdev]_info([subsystem]dev, ... then dev_info(dev, ... then pr_info(... to printk(KERN_INFO ... #1230: FILE: drivers/tty/serial/sunzilog.c:1230: + printk(KERN_INFO "Console: ttyS%d (SunZilog zs%d)\n", WARNING: braces {} are not necessary for single statement blocks #1383: FILE: drivers/tty/serial/sunzilog.c:1383: + if (__load_zsregs(channel, up->curregs)) { + up->flags |= SUNZILOG_FLAG_ESCC; + } WARNING: quoted string split across lines #1493: FILE: drivers/tty/serial/sunzilog.c:1493: + dev_info(&op->dev, "Keyboard at MMIO 0x%llx (irq = %d) " + "is a %s\n", WARNING: quoted string split across lines #1497: FILE: drivers/tty/serial/sunzilog.c:1497: + dev_info(&op->dev, "Mouse at MMIO 0x%llx (irq = %d) " + "is a %s\n", WARNING: Missing a blank line after declarations #1581: FILE: drivers/tty/serial/sunzilog.c:1581: + struct uart_sunzilog_port *up = sunzilog_irq_chain; + err = request_irq(zilog_irq, sunzilog_interrupt, IRQF_SHARED, WARNING: line over 80 characters #1590: FILE: drivers/tty/serial/sunzilog.c:1590: + /* printk (KERN_INFO "Enable IRQ for ZILOG Hardware %p\n", up); */ WARNING: line over 80 characters #1627: FILE: drivers/tty/serial/sunzilog.c:1627: + /* printk (KERN_INFO "Disable IRQ for ZILOG Hardware %p\n", up); */ ERROR: trailing statements should be on next line #1248: FILE: drivers/tty/serial/sunzilog.c:1248: + case B150: baud = 150; break; ERROR: trailing statements should be on next line #1249: FILE: drivers/tty/serial/sunzilog.c:1249: + case B300: baud = 300; break; ERROR: trailing statements should be on next line #1250: FILE: drivers/tty/serial/sunzilog.c:1250: + case B600: baud = 600; break; ERROR: trailing statements should be on next line #1251: FILE: drivers/tty/serial/sunzilog.c:1251: + case B1200: baud = 1200; break; ERROR: trailing statements should be on next line #1252: FILE: drivers/tty/serial/sunzilog.c:1252: + case B2400: baud = 2400; break; ERROR: trailing statements should be on next line #1253: FILE: drivers/tty/serial/sunzilog.c:1253: + case B4800: baud = 4800; break; ERROR: trailing statements should be on next line #1254: FILE: drivers/tty/serial/sunzilog.c:1254: + default: case B9600: baud = 9600; break; ERROR: trailing statements should be on next line #1255: FILE: drivers/tty/serial/sunzilog.c:1255: + case B19200: baud = 19200; break; ERROR: trailing statements should be on next line #1256: FILE: drivers/tty/serial/sunzilog.c:1256: + case B38400: baud = 38400; break; Signed-off-by: Enrico Weigelt <[email protected]>

Because of both sides doing L2CAP disconnection at the same time, it was possible to receive L2CAP Disconnection Response with CID that was already freed. That caused problems if CID was already reused and L2CAP Connection Request with same CID was sent out. Before this patch kernel deleted channel context regardless of the state of the channel. Example where leftover Disconnection Response (frame torvalds#402) causes local device to delete L2CAP channel which was not yet connected. This in turn confuses remote device's stack because same CID is re-used without properly disconnecting. Btmon capture before patch: ** snip ** > ACL Data RX: Handle 43 flags 0x02 dlen 8 torvalds#394 [hci1] 10.748949 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 torvalds#395 [hci1] 10.749062 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#396 [hci1] 10.749073 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#397 [hci1] 10.752391 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#398 [hci1] 10.753394 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#399 [hci1] 10.756499 L2CAP: Disconnection Request (0x06) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#400 [hci1] 10.756548 L2CAP: Disconnection Response (0x07) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#401 [hci1] 10.757459 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#402 [hci1] 10.759148 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 = bluetoothd: 00:1E:AB:4C:56:54: error updating services: Input/o.. 10.759447 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#403 [hci1] 10.759386 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#404 [hci1] 10.760397 L2CAP: Connection Request (0x02) ident 27 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 torvalds#405 [hci1] 10.760441 L2CAP: Connection Response (0x03) ident 27 len 8 Destination CID: 65 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 torvalds#406 [hci1] 10.760449 L2CAP: Configure Request (0x04) ident 19 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#407 [hci1] 10.761399 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 16 torvalds#408 [hci1] 10.762942 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Similar case after the patch: *snip* > ACL Data RX: Handle 43 flags 0x02 dlen 8 #22702 [hci0] 1664.411056 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 #22703 [hci0] 1664.411136 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22704 [hci0] 1664.411143 L2CAP: Disconnection Request (0x06) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22705 [hci0] 1664.414009 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22706 [hci0] 1664.415007 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22707 [hci0] 1664.418674 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22708 [hci0] 1664.418762 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22709 [hci0] 1664.421073 L2CAP: Connection Request (0x02) ident 12 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22710 [hci0] 1664.421371 L2CAP: Disconnection Response (0x07) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22711 [hci0] 1664.424082 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22712 [hci0] 1664.425040 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22713 [hci0] 1664.426103 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 #22714 [hci0] 1664.426186 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 #22715 [hci0] 1664.426196 L2CAP: Configure Request (0x04) ident 13 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > ACL Data RX: Handle 43 flags 0x02 dlen 16 #22716 [hci0] 1664.428804 L2CAP: Connection Response (0x03) ident 12 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Fix is to check that channel is in state BT_DISCONN before deleting the channel. This bug was found while fuzzing Bluez's OBEX implementation using Synopsys Defensics. Reported-by: Matti Kamunen <[email protected]> Reported-by: Ari Timonen <[email protected]> Signed-off-by: Matias Karhumaa <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]>

Fix checkpatch warnings: WARNING: Use #include <linux/io.h> instead of <asm/io.h> torvalds#38: FILE: drivers/tty/serial/sunzilog.c:38: +#include <asm/io.h> WARNING: line over 80 characters torvalds#109: FILE: drivers/tty/serial/sunzilog.c:109: +#define ZILOG_CHANNEL_FROM_PORT(PORT) ((struct zilog_channel __iomem *)((PORT)->membase)) WARNING: line over 80 characters torvalds#116: FILE: drivers/tty/serial/sunzilog.c:116: +#define ZS_WANTS_MODEM_STATUS(UP) ((UP)->flags & SUNZILOG_FLAG_MODEM_STATUS) WARNING: line over 80 characters torvalds#179: FILE: drivers/tty/serial/sunzilog.c:179: +static int __load_zsregs(struct zilog_channel __iomem *channel, unsigned char *regs) WARNING: Missing a blank line after declarations torvalds#188: FILE: drivers/tty/serial/sunzilog.c:188: + unsigned char stat = read_zsreg(channel, R1); + if (stat & ALL_SNT) ERROR: trailing whitespace torvalds#231: FILE: drivers/tty/serial/sunzilog.c:231: +^I$ WARNING: braces {} are not necessary for any arm of this statement torvalds#276: FILE: drivers/tty/serial/sunzilog.c:276: + if (ZS_TX_ACTIVE(up)) { [...] + } else { [...] ERROR: else should follow close brace '}' torvalds#378: FILE: drivers/tty/serial/sunzilog.c:378: + } + else if (r1 & PAR_ERR) ERROR: code indent should use tabs where possible torvalds#397: FILE: drivers/tty/serial/sunzilog.c:397: +^I^I ^Itty_insert_flip_char(port, ch, flag);$ WARNING: please, no space before tabs torvalds#397: FILE: drivers/tty/serial/sunzilog.c:397: +^I^I ^Itty_insert_flip_char(port, ch, flag);$ WARNING: line over 80 characters torvalds#440: FILE: drivers/tty/serial/sunzilog.c:440: + /* The Zilog just gives us an interrupt when DCD/CTS/etc. change. WARNING: line over 80 characters torvalds#441: FILE: drivers/tty/serial/sunzilog.c:441: + * But it does not tell us which bit has changed, we have to keep WARNING: Missing a blank line after declarations torvalds#464: FILE: drivers/tty/serial/sunzilog.c:464: + unsigned char status = readb(&channel->control); + ZSDELAY(); WARNING: line over 80 characters torvalds#468: FILE: drivers/tty/serial/sunzilog.c:468: + * It can occur because of how we do serial console writes. It would WARNING: line over 80 characters torvalds#469: FILE: drivers/tty/serial/sunzilog.c:469: + * be nice to transmit console writes just like we normally would for WARNING: line over 80 characters torvalds#470: FILE: drivers/tty/serial/sunzilog.c:470: + * a TTY line. (ie. buffered and TX interrupt driven). That is not WARNING: line over 80 characters torvalds#471: FILE: drivers/tty/serial/sunzilog.c:471: + * easy because console writes cannot sleep. One solution might be WARNING: line over 80 characters torvalds#593: FILE: drivers/tty/serial/sunzilog.c:593: +static __inline__ unsigned char sunzilog_read_channel_status(struct uart_port *port) WARNING: plain inline is preferred over __inline__ torvalds#593: FILE: drivers/tty/serial/sunzilog.c:593: +static __inline__ unsigned char sunzilog_read_channel_status(struct uart_port *port) ERROR: trailing whitespace torvalds#664: FILE: drivers/tty/serial/sunzilog.c:664: +^I/* NOTE: Not subject to 'transmitter active' rule. */ $ ERROR: trailing whitespace torvalds#752: FILE: drivers/tty/serial/sunzilog.c:752: +^I^I/* NOTE: Not subject to 'transmitter active' rule. */ $ ERROR: trailing whitespace torvalds#779: FILE: drivers/tty/serial/sunzilog.c:779: +^I^I/* NOTE: Not subject to 'transmitter active' rule. */ $ WARNING: line over 80 characters #999: FILE: drivers/tty/serial/sunzilog.c:999: +static int sunzilog_verify_port(struct uart_port *port, struct serial_struct *ser) WARNING: Missing a blank line after declarations #1142: FILE: drivers/tty/serial/sunzilog.c:1142: + unsigned char val = readb(&channel->control); + if (val & Tx_BUF_EMP) { WARNING: Prefer [subsystem eg: netdev]_info([subsystem]dev, ... then dev_info(dev, ... then pr_info(... to printk(KERN_INFO ... #1230: FILE: drivers/tty/serial/sunzilog.c:1230: + printk(KERN_INFO "Console: ttyS%d (SunZilog zs%d)\n", WARNING: braces {} are not necessary for single statement blocks #1383: FILE: drivers/tty/serial/sunzilog.c:1383: + if (__load_zsregs(channel, up->curregs)) { + up->flags |= SUNZILOG_FLAG_ESCC; + } WARNING: quoted string split across lines #1493: FILE: drivers/tty/serial/sunzilog.c:1493: + dev_info(&op->dev, "Keyboard at MMIO 0x%llx (irq = %d) " + "is a %s\n", WARNING: quoted string split across lines #1497: FILE: drivers/tty/serial/sunzilog.c:1497: + dev_info(&op->dev, "Mouse at MMIO 0x%llx (irq = %d) " + "is a %s\n", WARNING: Missing a blank line after declarations #1581: FILE: drivers/tty/serial/sunzilog.c:1581: + struct uart_sunzilog_port *up = sunzilog_irq_chain; + err = request_irq(zilog_irq, sunzilog_interrupt, IRQF_SHARED, WARNING: line over 80 characters #1590: FILE: drivers/tty/serial/sunzilog.c:1590: + /* printk (KERN_INFO "Enable IRQ for ZILOG Hardware %p\n", up); */ WARNING: line over 80 characters #1627: FILE: drivers/tty/serial/sunzilog.c:1627: + /* printk (KERN_INFO "Disable IRQ for ZILOG Hardware %p\n", up); */ ERROR: trailing statements should be on next line #1248: FILE: drivers/tty/serial/sunzilog.c:1248: + case B150: baud = 150; break; ERROR: trailing statements should be on next line #1249: FILE: drivers/tty/serial/sunzilog.c:1249: + case B300: baud = 300; break; ERROR: trailing statements should be on next line #1250: FILE: drivers/tty/serial/sunzilog.c:1250: + case B600: baud = 600; break; ERROR: trailing statements should be on next line #1251: FILE: drivers/tty/serial/sunzilog.c:1251: + case B1200: baud = 1200; break; ERROR: trailing statements should be on next line #1252: FILE: drivers/tty/serial/sunzilog.c:1252: + case B2400: baud = 2400; break; ERROR: trailing statements should be on next line #1253: FILE: drivers/tty/serial/sunzilog.c:1253: + case B4800: baud = 4800; break; ERROR: trailing statements should be on next line #1254: FILE: drivers/tty/serial/sunzilog.c:1254: + default: case B9600: baud = 9600; break; ERROR: trailing statements should be on next line #1255: FILE: drivers/tty/serial/sunzilog.c:1255: + case B19200: baud = 19200; break; ERROR: trailing statements should be on next line #1256: FILE: drivers/tty/serial/sunzilog.c:1256: + case B38400: baud = 38400; break; Signed-off-by: Enrico Weigelt <[email protected]>

[ Upstream commit 28261da ] Because of both sides doing L2CAP disconnection at the same time, it was possible to receive L2CAP Disconnection Response with CID that was already freed. That caused problems if CID was already reused and L2CAP Connection Request with same CID was sent out. Before this patch kernel deleted channel context regardless of the state of the channel. Example where leftover Disconnection Response (frame torvalds#402) causes local device to delete L2CAP channel which was not yet connected. This in turn confuses remote device's stack because same CID is re-used without properly disconnecting. Btmon capture before patch: ** snip ** > ACL Data RX: Handle 43 flags 0x02 dlen 8 torvalds#394 [hci1] 10.748949 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 torvalds#395 [hci1] 10.749062 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#396 [hci1] 10.749073 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#397 [hci1] 10.752391 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#398 [hci1] 10.753394 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#399 [hci1] 10.756499 L2CAP: Disconnection Request (0x06) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#400 [hci1] 10.756548 L2CAP: Disconnection Response (0x07) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#401 [hci1] 10.757459 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#402 [hci1] 10.759148 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 = bluetoothd: 00:1E:AB:4C:56:54: error updating services: Input/o.. 10.759447 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#403 [hci1] 10.759386 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#404 [hci1] 10.760397 L2CAP: Connection Request (0x02) ident 27 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 torvalds#405 [hci1] 10.760441 L2CAP: Connection Response (0x03) ident 27 len 8 Destination CID: 65 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 torvalds#406 [hci1] 10.760449 L2CAP: Configure Request (0x04) ident 19 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#407 [hci1] 10.761399 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 16 torvalds#408 [hci1] 10.762942 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Similar case after the patch: *snip* > ACL Data RX: Handle 43 flags 0x02 dlen 8 #22702 [hci0] 1664.411056 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 #22703 [hci0] 1664.411136 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22704 [hci0] 1664.411143 L2CAP: Disconnection Request (0x06) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22705 [hci0] 1664.414009 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22706 [hci0] 1664.415007 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22707 [hci0] 1664.418674 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22708 [hci0] 1664.418762 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22709 [hci0] 1664.421073 L2CAP: Connection Request (0x02) ident 12 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22710 [hci0] 1664.421371 L2CAP: Disconnection Response (0x07) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22711 [hci0] 1664.424082 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22712 [hci0] 1664.425040 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22713 [hci0] 1664.426103 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 #22714 [hci0] 1664.426186 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 #22715 [hci0] 1664.426196 L2CAP: Configure Request (0x04) ident 13 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > ACL Data RX: Handle 43 flags 0x02 dlen 16 #22716 [hci0] 1664.428804 L2CAP: Connection Response (0x03) ident 12 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Fix is to check that channel is in state BT_DISCONN before deleting the channel. This bug was found while fuzzing Bluez's OBEX implementation using Synopsys Defensics. Reported-by: Matti Kamunen <[email protected]> Reported-by: Ari Timonen <[email protected]> Signed-off-by: Matias Karhumaa <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]> Signed-off-by: Sasha Levin <[email protected]>

[ Upstream commit 28261da ] Because of both sides doing L2CAP disconnection at the same time, it was possible to receive L2CAP Disconnection Response with CID that was already freed. That caused problems if CID was already reused and L2CAP Connection Request with same CID was sent out. Before this patch kernel deleted channel context regardless of the state of the channel. Example where leftover Disconnection Response (frame #402) causes local device to delete L2CAP channel which was not yet connected. This in turn confuses remote device's stack because same CID is re-used without properly disconnecting. Btmon capture before patch: ** snip ** > ACL Data RX: Handle 43 flags 0x02 dlen 8 #394 [hci1] 10.748949 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 #395 [hci1] 10.749062 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #396 [hci1] 10.749073 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Packets (0x13) plen 5 #397 [hci1] 10.752391 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Packets (0x13) plen 5 #398 [hci1] 10.753394 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #399 [hci1] 10.756499 L2CAP: Disconnection Request (0x06) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #400 [hci1] 10.756548 L2CAP: Disconnection Response (0x07) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #401 [hci1] 10.757459 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #402 [hci1] 10.759148 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 = bluetoothd: 00:1E:AB:4C:56:54: error updating services: Input/o.. 10.759447 > HCI Event: Number of Completed Packets (0x13) plen 5 #403 [hci1] 10.759386 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #404 [hci1] 10.760397 L2CAP: Connection Request (0x02) ident 27 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 #405 [hci1] 10.760441 L2CAP: Connection Response (0x03) ident 27 len 8 Destination CID: 65 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 #406 [hci1] 10.760449 L2CAP: Configure Request (0x04) ident 19 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > HCI Event: Number of Completed Packets (0x13) plen 5 #407 [hci1] 10.761399 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 16 #408 [hci1] 10.762942 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Similar case after the patch: *snip* > ACL Data RX: Handle 43 flags 0x02 dlen 8 #22702 [hci0] 1664.411056 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 #22703 [hci0] 1664.411136 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22704 [hci0] 1664.411143 L2CAP: Disconnection Request (0x06) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22705 [hci0] 1664.414009 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22706 [hci0] 1664.415007 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22707 [hci0] 1664.418674 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22708 [hci0] 1664.418762 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22709 [hci0] 1664.421073 L2CAP: Connection Request (0x02) ident 12 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22710 [hci0] 1664.421371 L2CAP: Disconnection Response (0x07) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22711 [hci0] 1664.424082 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22712 [hci0] 1664.425040 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22713 [hci0] 1664.426103 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 #22714 [hci0] 1664.426186 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 #22715 [hci0] 1664.426196 L2CAP: Configure Request (0x04) ident 13 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > ACL Data RX: Handle 43 flags 0x02 dlen 16 #22716 [hci0] 1664.428804 L2CAP: Connection Response (0x03) ident 12 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Fix is to check that channel is in state BT_DISCONN before deleting the channel. This bug was found while fuzzing Bluez's OBEX implementation using Synopsys Defensics. Reported-by: Matti Kamunen <[email protected]> Reported-by: Ari Timonen <[email protected]> Signed-off-by: Matias Karhumaa <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]> Signed-off-by: Sasha Levin <[email protected]>

[ Upstream commit 28261da ] Because of both sides doing L2CAP disconnection at the same time, it was possible to receive L2CAP Disconnection Response with CID that was already freed. That caused problems if CID was already reused and L2CAP Connection Request with same CID was sent out. Before this patch kernel deleted channel context regardless of the state of the channel. Example where leftover Disconnection Response (frame torvalds#402) causes local device to delete L2CAP channel which was not yet connected. This in turn confuses remote device's stack because same CID is re-used without properly disconnecting. Btmon capture before patch: ** snip ** > ACL Data RX: Handle 43 flags 0x02 dlen 8 torvalds#394 [hci1] 10.748949 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 torvalds#395 [hci1] 10.749062 Channel: 65 len 4 [PSM 3 mode 0] {chan 2} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#396 [hci1] 10.749073 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#397 [hci1] 10.752391 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#398 [hci1] 10.753394 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#399 [hci1] 10.756499 L2CAP: Disconnection Request (0x06) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#400 [hci1] 10.756548 L2CAP: Disconnection Response (0x07) ident 26 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 torvalds#401 [hci1] 10.757459 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#402 [hci1] 10.759148 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 = bluetoothd: 00:1E:AB:4C:56:54: error updating services: Input/o.. 10.759447 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#403 [hci1] 10.759386 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 torvalds#404 [hci1] 10.760397 L2CAP: Connection Request (0x02) ident 27 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 torvalds#405 [hci1] 10.760441 L2CAP: Connection Response (0x03) ident 27 len 8 Destination CID: 65 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 torvalds#406 [hci1] 10.760449 L2CAP: Configure Request (0x04) ident 19 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > HCI Event: Number of Completed Packets (0x13) plen 5 torvalds#407 [hci1] 10.761399 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 16 torvalds#408 [hci1] 10.762942 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Similar case after the patch: *snip* > ACL Data RX: Handle 43 flags 0x02 dlen 8 #22702 [hci0] 1664.411056 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Disconnect (DISC) (0x43) Address: 0x03 cr 1 dlci 0x00 Control: 0x53 poll/final 1 Length: 0 FCS: 0xfd < ACL Data TX: Handle 43 flags 0x00 dlen 8 #22703 [hci0] 1664.411136 Channel: 65 len 4 [PSM 3 mode 0] {chan 3} RFCOMM: Unnumbered Ack (UA) (0x63) Address: 0x03 cr 1 dlci 0x00 Control: 0x73 poll/final 1 Length: 0 FCS: 0xd7 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22704 [hci0] 1664.411143 L2CAP: Disconnection Request (0x06) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22705 [hci0] 1664.414009 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22706 [hci0] 1664.415007 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22707 [hci0] 1664.418674 L2CAP: Disconnection Request (0x06) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22708 [hci0] 1664.418762 L2CAP: Disconnection Response (0x07) ident 17 len 4 Destination CID: 65 Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 12 #22709 [hci0] 1664.421073 L2CAP: Connection Request (0x02) ident 12 len 4 PSM: 1 (0x0001) Source CID: 65 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22710 [hci0] 1664.421371 L2CAP: Disconnection Response (0x07) ident 11 len 4 Destination CID: 65 Source CID: 65 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22711 [hci0] 1664.424082 Num handles: 1 Handle: 43 Count: 1 > HCI Event: Number of Completed Pac.. (0x13) plen 5 #22712 [hci0] 1664.425040 Num handles: 1 Handle: 43 Count: 1 > ACL Data RX: Handle 43 flags 0x02 dlen 12 #22713 [hci0] 1664.426103 L2CAP: Connection Request (0x02) ident 18 len 4 PSM: 3 (0x0003) Source CID: 65 < ACL Data TX: Handle 43 flags 0x00 dlen 16 #22714 [hci0] 1664.426186 L2CAP: Connection Response (0x03) ident 18 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) < ACL Data TX: Handle 43 flags 0x00 dlen 27 #22715 [hci0] 1664.426196 L2CAP: Configure Request (0x04) ident 13 len 19 Destination CID: 65 Flags: 0x0000 Option: Maximum Transmission Unit (0x01) [mandatory] MTU: 1013 Option: Retransmission and Flow Control (0x04) [mandatory] Mode: Basic (0x00) TX window size: 0 Max transmit: 0 Retransmission timeout: 0 Monitor timeout: 0 Maximum PDU size: 0 > ACL Data RX: Handle 43 flags 0x02 dlen 16 #22716 [hci0] 1664.428804 L2CAP: Connection Response (0x03) ident 12 len 8 Destination CID: 66 Source CID: 65 Result: Connection successful (0x0000) Status: No further information available (0x0000) *snip* Fix is to check that channel is in state BT_DISCONN before deleting the channel. This bug was found while fuzzing Bluez's OBEX implementation using Synopsys Defensics. Reported-by: Matti Kamunen <[email protected]> Reported-by: Ari Timonen <[email protected]> Signed-off-by: Matias Karhumaa <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]> Signed-off-by: Sasha Levin <[email protected]>

[ 13.702813][ T1] file system registered [ 13.905931][ T156] Unable to handle kernel paging request at virtual address ffff80000bc00013 [ 13.919148][ T156] Mem abort info: [ 13.926204][ T156] ESR = 0x0000000096000061 [ 13.934130][ T156] EC = 0x25: DABT (current EL), IL = 32 bits [ 13.943647][ T156] SET = 0, FnV = 0 [ 13.950792][ T156] EA = 0, S1PTW = 0 [ 13.958046][ T156] FSC = 0x21: alignment fault [ 13.966206][ T156] Data abort info: [ 13.973200][ T156] ISV = 0, ISS = 0x00000061 [ 13.981146][ T156] CM = 0, WnR = 1 [ 13.988232][ T156] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000a2e80000 [ 13.999244][ T156] [ffff80000bc00013] pgd=10000001fffff003, p4d=10000001fffff003, pud=10000001ffffe003, pmd=1000000100de5003, pte=006800009da00f0f [ 14.019729][ T156] Internal error: Oops: 0000000096000061 [#1] PREEMPT SMP [ 14.030265][ T156] Modules linked in: [ 14.037488][ T156] CPU: 6 PID: 156 Comm: servicemanager Tainted: G W 6.2.0-rc8-01153-ge547a3f8ffed-dirty torvalds#397 875419ac35738882635cc222f82d9ee02b2c1883 [ 14.059663][ T156] Hardware name: Qualcomm Technologies, Inc. SM7125 IDP (DT) [ 14.070537][ T156] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 14.081867][ T156] pc : __arch_copy_from_user+0xc0/0x230 [ 14.090929][ T156] lr : persistent_ram_update_user+0x124/0x224 [ 14.100508][ T156] sp : ffff80000ce33b30 [ 14.108115][ T156] x29: ffff80000ce33b30 x28: ffff0000872c6600 x27: 0000000000000000 [ 14.119681][ T156] x26: 0000000000000000 x25: 000000000000000b x24: ffff000080d5d900 [ 14.131254][ T156] x23: 000000000000000b x22: 0000000000000007 x21: 000000000000000b [ 14.142832][ T156] x20: ffff80000bc00013 x19: 0000fffff0da2528 x18: ffff80000a5ab2f0 [ 14.154425][ T156] x17: 0000000000000028 x16: 0000000000009063 x15: 0000fffff0da2528 [ 14.166039][ T156] x14: 00000000ffffffff x13: 00000000000419c0 x12: 0000000000040000 [ 14.177660][ T156] x11: 000000000001ffff x10: ffff0000872c6fe0 x9 : ffff80000ac1f330 [ 14.189309][ T156] x8 : ffff0000872c6600 x7 : 0000000048590358 x6 : ffff80000bc00013 [ 14.200950][ T156] x5 : ffff80000bc0001e x4 : 0000fffff0da2528 x3 : df0000000d009c02 [ 14.212598][ T156] x2 : 000000000000000b x1 : 0000fffff0da2530 x0 : ffff80000bc00013 [ 14.224267][ T156] Call trace: [ 14.231087][ T156] __arch_copy_from_user+0xc0/0x230 [ 14.239896][ T156] persistent_ram_write_user+0x74/0x10c [ 14.249053][ T156] ramoops_pstore_write_user+0x34/0x50 [ 14.258143][ T156] write_pmsg+0xd0/0x120 [ 14.265962][ T156] do_iter_write+0x174/0x200 [ 14.274156][ T156] vfs_writev+0x70/0xc0 [ 14.281895][ T156] do_writev+0x74/0x130 [ 14.289648][ T156] __arm64_sys_writev+0x20/0x30 [ 14.298098][ T156] invoke_syscall+0x48/0x114 [ 14.306307][ T156] el0_svc_common.constprop.0+0x60/0x11c [ 14.315580][ T156] do_el0_svc+0x38/0xc0 [ 14.323367][ T156] el0_svc+0x48/0xc0 [ 14.330843][ T156] el0t_64_sync_handler+0xb8/0xbc [ 14.339493][ T156] el0t_64_sync+0x194/0x198 [ 14.347606][ T156] Code: a88120c7 36180082 f8400823 91002021 (f80084c3) [ 14.358230][ T156] ---[ end trace 0000000000000000 ]--- [ 14.372981][ T156] Kernel panic - not syncing: Oops: Fatal exception [ 14.383267][ T156] SMP: stopping secondary CPUs [ 14.391731][ T156] Kernel Offset: 0x80000 from 0xffff800008000000 [ 14.401761][ T156] PHYS_OFFSET: 0x80000000 [ 14.409742][ T156] CPU features: 0x80000,040a0108,cc00720b [ 14.419163][ T156] Memory Limit: none [ 14.432312][ T156] Rebooting in 5 seconds..

There are so many "ENOTSUPP" (-524) errors when running BPF selftests on a Loongarch platform since lacking BPF trampoline on Loongarch: ''' test_d_path_basic:PASS:setup 0 nsec libbpf: prog 'prog_stat': failed to attach: unknown error (-524) libbpf: prog 'prog_stat': failed to auto-attach: -524 test_d_path_basic:FAIL:setup attach failed: -524 torvalds#77/1 d_path/basic:FAIL torvalds#77/2 d_path/check_rdonly_mem:OK torvalds#77/3 d_path/check_alloc_mem:OK torvalds#77 d_path:FAIL ... ... test_module_attach:PASS:skel_open 0 nsec test_module_attach:PASS:set_attach_target 0 nsec test_module_attach:PASS:set_attach_target_explicit 0 nsec test_module_attach:PASS:skel_load 0 nsec libbpf: prog 'handle_fentry': failed to attach: unknown error (-524) libbpf: prog 'handle_fentry': failed to auto-attach: -524 test_module_attach:FAIL:skel_attach skeleton attach failed: -524 torvalds#167 module_attach:FAIL ... ... ringbuf_subtest:PASS:skel_open 0 nsec ringbuf_subtest:PASS:skel_load 0 nsec ringbuf_subtest:PASS:rw_cons_pos 0 nsec ringbuf_subtest:PASS:rw_extend 0 nsec ringbuf_subtest:PASS:exec_cons_pos_protect 0 nsec ringbuf_subtest:PASS:unmap_rw 0 nsec ringbuf_subtest:PASS:wr_prod_pos 0 nsec ringbuf_subtest:PASS:wr_prod_pos_err 0 nsec ringbuf_subtest:PASS:wr_data_page_one 0 nsec ringbuf_subtest:PASS:wr_data_page_one_err 0 nsec ringbuf_subtest:PASS:wr_data_page_two 0 nsec ringbuf_subtest:PASS:wr_data_page_all 0 nsec ringbuf_subtest:PASS:ro_prod_pos 0 nsec ringbuf_subtest:PASS:write_protect 0 nsec ringbuf_subtest:PASS:exec_protect 0 nsec ringbuf_subtest:PASS:ro_remap 0 nsec ringbuf_subtest:PASS:unmap_ro 0 nsec ringbuf_subtest:PASS:ro_prod_pos 0 nsec ringbuf_subtest:PASS:write_protect 0 nsec ringbuf_subtest:PASS:exec_protect 0 nsec ringbuf_subtest:PASS:ro_remap 0 nsec ringbuf_subtest:PASS:unmap_ro 0 nsec ringbuf_subtest:PASS:ringbuf_create 0 nsec ringbuf_subtest:FAIL:skel_attach skeleton attachment failed: -1 torvalds#277/1 ringbuf/ringbuf:FAIL torvalds#277/2 ringbuf/ringbuf_n:SKIP torvalds#277/3 ringbuf/ringbuf_map_key:SKIP torvalds#277 ringbuf:FAIL ... ... test_test_bprm_opts:PASS:skel_load 0 nsec libbpf: prog 'secure_exec': failed to attach: unknown error (-524) libbpf: prog 'secure_exec': failed to auto-attach: -524 test_test_bprm_opts:FAIL:attach attach failed: -524 torvalds#382 test_bprm_opts:FAIL ... ... test_test_ima:PASS:skel_load 0 nsec test_test_ima:PASS:ringbuf 0 nsec libbpf: prog 'bprm_committed_creds': failed to attach: \ unknown error (-524) libbpf: prog 'bprm_committed_creds': failed to auto-attach: -524 test_test_ima:FAIL:attach attach failed: -524 torvalds#384 test_ima:FAIL ... ... test_trace_ext:PASS:setup 0 nsec test_trace_ext:PASS:setup 0 nsec test_trace_ext:PASS:setup 0 nsec test_trace_ext:PASS:setup 0 nsec libbpf: prog 'test_pkt_md_access_new': failed to attach: \ unknown error (-524) libbpf: prog 'test_pkt_md_access_new': failed to auto-attach: -524 test_trace_ext:FAIL:setup freplace/test_pkt_md_access attach failed: -524 torvalds#397 trace_ext:FAIL ''' This patch uses ASSERT_OK() instead of CHECK() to skip these "ENOTSUPP" errors. With this change, the new output of these selftests look like: ''' torvalds#77/1 d_path/basic:SKIP torvalds#77/2 d_path/check_rdonly_mem:OK torvalds#77/3 d_path/check_alloc_mem:OK torvalds#77 d_path:OK (SKIP: 1/3) ... ... torvalds#167 module_attach:SKIP ... ... torvalds#277/1 ringbuf/ringbuf:SKIP torvalds#277/2 ringbuf/ringbuf_n:SKIP torvalds#277/3 ringbuf/ringbuf_map_key:SKIP torvalds#277 ringbuf:SKIP ... ... torvalds#382 test_bprm_opts:SKIP ... ... torvalds#384 test_ima:SKIP ... ... torvalds#397 trace_ext:SKIP ''' Signed-off-by: Geliang Tang <[email protected]>

Fixed punctuation

5dd1f02

Made the first letter of the first sentence (the 'b' in "builds") capital. Added missing commas.

tran-simon closed this Jun 18, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fixed punctuation #397

Fixed punctuation #397

tran-simon commented Mar 24, 2017

KernelPRBot commented Mar 24, 2017

Fixed punctuation #397

Fixed punctuation #397

Conversation

tran-simon commented Mar 24, 2017

KernelPRBot commented Mar 24, 2017

How do I format my contribution?

Who do I send my contribution to?

How do I send my contribution?

How do I get help if I'm stuck?

I sent my patch - now what?

Further information