public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-04 08:17:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/net/bluetooth
History
Kiran K ecb71f2566 Bluetooth: Fix race condition in handling NOP command 
For NOP command, need to cancel work scheduled on cmd_timer,
on receiving command status or commmand complete event.

Below use case might lead to race condition multiple when NOP
commands are queued sequentially:

hci_cmd_work() {
   if (atomic_read(&hdev->cmd_cnt) {
            .
            .
            .
      atomic_dec(&hdev->cmd_cnt);
      hci_send_frame(hdev,...);
      schedule_delayed_work(&hdev->cmd_timer,...);
   }
}

On receiving event for first NOP, the work scheduled on hdev->cmd_timer
is not cancelled and second NOP is dequeued and sent to controller.

While waiting for an event for second NOP command, work scheduled on
cmd_timer for the first NOP can get scheduled, resulting in sending third
NOP command (sending back to back NOP commands). This might
cause issues at controller side (like memory overrun, controller going
unresponsive) resulting in hci tx timeouts, hardware errors etc.

The fix to this issue is to cancel the delayed work scheduled on
cmd_timer on receiving command status or command complete event for
NOP command (this patch handles NOP command same as any other SIG
command).

Signed-off-by: Kiran K <kiran.k@intel.com>
Reviewed-by: Chethan T N <chethan.tumkur.narayan@intel.com>
Reviewed-by: Srivatsa Ravishankar <ravishankar.srivatsa@intel.com>
Acked-by: Manish Mandlik <mmandlik@google.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2021-08-16 18:04:23 +02:00
..
bnep Bluetooth: bnep: Use the correct print format 2021-06-26 07:12:40 +02:00
cmtp Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow 2021-08-05 15:05:37 +02:00
hidp Bluetooth: hidp: Use the correct print format 2021-06-26 07:12:40 +02:00
rfcomm Bluetooth: switch to lock_sock in RFCOMM 2021-08-10 10:40:48 -07:00
6lowpan.c Bluetooth: 6lowpan: Use the correct print format 2021-06-26 07:12:41 +02:00
a2mp.c Bluetooth: a2mp: Use the correct print format 2021-06-26 07:12:41 +02:00
a2mp.h
af_bluetooth.c Bluetooth: fix indentation and alignment reported by checkpatch 2021-01-29 16:51:45 +01:00
amp.c Bluetooth: amp: Use the correct print format 2021-06-26 07:12:41 +02:00
amp.h
aosp.c Bluetooth: Add support for reading AOSP vendor capabilities 2021-04-06 14:11:23 -07:00
aosp.h Bluetooth: Add support for reading AOSP vendor capabilities 2021-04-06 14:11:23 -07:00
ecdh_helper.c crypto: ecdh - move curve_id of ECDH from the key to algorithm name 2021-03-13 00:04:03 +11:00
ecdh_helper.h Fix misc new gcc warnings 2021-04-27 17:05:53 -07:00
hci_conn.c Bluetooth: use inclusive language in HCI role comments 2021-06-26 07:12:43 +02:00
hci_core.c Bluetooth: Move shutdown callback before flushing tx and rx queue 2021-08-16 17:48:11 +02:00
hci_debugfs.c Bluetooth: use inclusive language when filtering devices 2021-06-26 07:12:44 +02:00
hci_debugfs.h
hci_event.c Bluetooth: Fix race condition in handling NOP command 2021-08-16 18:04:23 +02:00
hci_request.c Bluetooth: Fix not generating RPA when required 2021-08-03 23:30:50 +02:00
hci_request.h Bluetooth: Resume advertising after LE connection 2020-11-09 13:33:19 +01:00
hci_sock.c Bluetooth: defer cleanup of resources in hci_unregister_dev() 2021-07-28 15:42:21 -07:00
hci_sysfs.c Bluetooth: defer cleanup of resources in hci_unregister_dev() 2021-07-28 15:42:21 -07:00
Kconfig Bluetooth: Add support for reading AOSP vendor capabilities 2021-04-06 14:11:23 -07:00
l2cap_core.c Bluetooth: use inclusive language when filtering devices 2021-06-26 07:12:44 +02:00
l2cap_sock.c Bluetooth: check for zapped sk before connecting 2021-03-23 16:03:48 +01:00
leds.c
leds.h
lib.c
Makefile Bluetooth: Add support for reading AOSP vendor capabilities 2021-04-06 14:11:23 -07:00
mgmt.c Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd 2021-07-28 15:42:24 -07:00
mgmt_config.c Bluetooth: mgmt: Use the correct print format 2021-06-26 07:12:42 +02:00
mgmt_config.h
mgmt_util.c
mgmt_util.h
msft.c Bluetooth: msft: Use the correct print format 2021-06-26 07:12:42 +02:00
msft.h Bluetooth: Allow Microsoft extension to indicate curve validation 2021-04-08 12:26:34 +02:00
sco.c Bluetooth: fix repeated calls to sco_sock_kill 2021-08-10 10:40:48 -07:00
selftest.c crypto: ecdh - move curve_id of ECDH from the key to algorithm name 2021-03-13 00:04:03 +11:00
selftest.h
smp.c Bluetooth: use inclusive language in HCI role comments 2021-06-26 07:12:43 +02:00
smp.h Bluetooth: use inclusive language in SMP 2021-06-26 07:12:37 +02:00