From 8ca2f9036972f1a524b6fd67299ce55551214051 Mon Sep 17 00:00:00 2001 From: Takashi Iwai Date: May 25 2023 07:19:30 +0000 Subject: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp (git-fixes). --- diff --git a/patches.suse/Bluetooth-L2CAP-fix-bad-unlock-balance-in-l2cap_disc.patch b/patches.suse/Bluetooth-L2CAP-fix-bad-unlock-balance-in-l2cap_disc.patch new file mode 100644 index 0000000..a6e60b6 --- /dev/null +++ b/patches.suse/Bluetooth-L2CAP-fix-bad-unlock-balance-in-l2cap_disc.patch @@ -0,0 +1,37 @@ +From 25e97f7b1866e6b8503be349eeea44bb52d661ce Mon Sep 17 00:00:00 2001 +From: Min Li +Date: Mon, 17 Apr 2023 10:27:54 +0800 +Subject: [PATCH] Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp +Git-commit: 25e97f7b1866e6b8503be349eeea44bb52d661ce +Patch-mainline: v6.4-rc1 +References: git-fixes + +conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, +if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' +is triggered. + +Reported-by: syzbot+9519d6b5b79cf7787cf3@syzkaller.appspotmail.com +Link: https://lore.kernel.org/all/000000000000894f5f05f95e9f4d@google.com/ +Signed-off-by: Min Li +Signed-off-by: Luiz Augusto von Dentz +Acked-by: Takashi Iwai + +--- + net/bluetooth/l2cap_core.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c +index 5cc95fd17f7d..376b523c7b26 100644 +--- a/net/bluetooth/l2cap_core.c ++++ b/net/bluetooth/l2cap_core.c +@@ -4693,7 +4693,6 @@ static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, + + chan = l2cap_get_chan_by_scid(conn, scid); + if (!chan) { +- mutex_unlock(&conn->chan_lock); + return 0; + } + +-- +2.35.3 + diff --git a/series.conf b/series.conf index 902f627..f2601da 100644 --- a/series.conf +++ b/series.conf @@ -19942,6 +19942,7 @@ patches.suse/wifi-mt76-mt7921e-improve-reliability-of-dma-reset.patch patches.suse/Bluetooth-btintel-Add-LE-States-quirk-support.patch patches.suse/Revert-Bluetooth-btsdio-fix-use-after-free-bug-in-bt.patch + patches.suse/Bluetooth-L2CAP-fix-bad-unlock-balance-in-l2cap_disc.patch patches.suse/bluetooth-Perform-careful-capability-checks-in-hci_s.patch patches.suse/net-mana-Rename-mana_refill_rxoob-and-remove-some-em.patch patches.suse/net-mana-Check-if-netdev-napi_alloc_frag-returns-sin.patch