|
Takashi Iwai |
ada088 |
From be8597239379f0f53c9710dd6ab551bbf535bec6 Mon Sep 17 00:00:00 2001
|
|
Takashi Iwai |
ada088 |
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
|
|
Takashi Iwai |
ada088 |
Date: Mon, 22 Mar 2021 07:52:07 +0900
|
|
Takashi Iwai |
ada088 |
Subject: [PATCH] Bluetooth: initialize skb_queue_head at l2cap_chan_create()
|
|
Takashi Iwai |
ada088 |
Git-commit: be8597239379f0f53c9710dd6ab551bbf535bec6
|
|
Takashi Iwai |
ada088 |
Patch-mainline: v5.13-rc1
|
|
Takashi Iwai |
ada088 |
References: git-fixes
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
syzbot is hitting "INFO: trying to register non-static key." message [1],
|
|
Takashi Iwai |
ada088 |
for "struct l2cap_chan"->tx_q.lock spinlock is not yet initialized when
|
|
Takashi Iwai |
ada088 |
l2cap_chan_del() is called due to e.g. timeout.
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
Since "struct l2cap_chan"->lock mutex is initialized at l2cap_chan_create()
|
|
Takashi Iwai |
ada088 |
immediately after "struct l2cap_chan" is allocated using kzalloc(), let's
|
|
Takashi Iwai |
ada088 |
as well initialize "struct l2cap_chan"->{tx_q,srej_q}.lock spinlocks there.
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
[1] https://syzkaller.appspot.com/bug?extid=fadfba6a911f6bf71842
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
Reported-and-tested-by: syzbot <syzbot+fadfba6a911f6bf71842@syzkaller.appspotmail.com>
|
|
Takashi Iwai |
ada088 |
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
|
|
Takashi Iwai |
ada088 |
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
|
|
Takashi Iwai |
ada088 |
Acked-by: Takashi Iwai <tiwai@suse.de>
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
---
|
|
Takashi Iwai |
ada088 |
net/bluetooth/l2cap_core.c | 2 ++
|
|
Takashi Iwai |
ada088 |
1 file changed, 2 insertions(+)
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
|
|
Takashi Iwai |
ada088 |
index 59ab9689b37d..56e1975cdef1 100644
|
|
Takashi Iwai |
ada088 |
--- a/net/bluetooth/l2cap_core.c
|
|
Takashi Iwai |
ada088 |
+++ b/net/bluetooth/l2cap_core.c
|
|
Takashi Iwai |
ada088 |
@@ -451,6 +451,8 @@ struct l2cap_chan *l2cap_chan_create(void)
|
|
Takashi Iwai |
ada088 |
if (!chan)
|
|
Takashi Iwai |
ada088 |
return NULL;
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
+ skb_queue_head_init(&chan->tx_q);
|
|
Takashi Iwai |
ada088 |
+ skb_queue_head_init(&chan->srej_q);
|
|
Takashi Iwai |
ada088 |
mutex_init(&chan->lock);
|
|
Takashi Iwai |
ada088 |
|
|
Takashi Iwai |
ada088 |
/* Set default lock nesting level */
|
|
Takashi Iwai |
ada088 |
--
|
|
Takashi Iwai |
ada088 |
2.26.2
|
|
Takashi Iwai |
ada088 |
|