diff options
author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-11-27 20:29:05 -0800 |
---|---|---|
committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-11-27 20:29:05 -0800 |
commit | f215cb6d14156fa2aedacfff94dcb244b29742e4 (patch) | |
tree | 2cad80754eb7fc00262275de9e0735870fc9e8b8 | |
parent | Updated to 5.9.11 (diff) | |
download | linux-ck-f215cb6d14156fa2aedacfff94dcb244b29742e4.tar.xz |
Rebuild with bluetooth and efivar hotfixes
-rw-r--r-- | 0003-Bluetooth-Fix-attempting-to-set-RPA-timeout-when-unsupported.patch | 48 | ||||
-rw-r--r-- | 0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch | 58 | ||||
-rw-r--r-- | PKGBUILD | 8 |
3 files changed, 113 insertions, 1 deletions
diff --git a/0003-Bluetooth-Fix-attempting-to-set-RPA-timeout-when-unsupported.patch b/0003-Bluetooth-Fix-attempting-to-set-RPA-timeout-when-unsupported.patch new file mode 100644 index 0000000..f6bebdd --- /dev/null +++ b/0003-Bluetooth-Fix-attempting-to-set-RPA-timeout-when-unsupported.patch @@ -0,0 +1,48 @@ +From 4264c74c96e7907b60ee6ed82670317d19ed7ebe Mon Sep 17 00:00:00 2001 +From: Edward Vear <edwardvear@gmail.com> +Date: Tue, 27 Oct 2020 00:02:03 -0700 +Subject: Bluetooth: Fix attempting to set RPA timeout when unsupported + +During controller initialization, an LE Set RPA Timeout command is sent +to the controller if supported. However, the value checked to determine +if the command is supported is incorrect. Page 1921 of the Bluetooth +Core Spec v5.2 shows that bit 2 of octet 35 of the Supported_Commands +field corresponds to the LE Set RPA Timeout command, but currently +bit 6 of octet 35 is checked. This patch checks the correct value +instead. + +This issue led to the error seen in the following btmon output during +initialization of an adapter (rtl8761b) and prevented initialization +from completing. + +< HCI Command: LE Set Resolvable Private Address Timeout (0x08|0x002e) plen 2 + Timeout: 900 seconds +> HCI Event: Command Complete (0x0e) plen 4 + LE Set Resolvable Private Address Timeout (0x08|0x002e) ncmd 2 + Status: Unsupported Remote Feature / Unsupported LMP Feature (0x1a) += Close Index: 00:E0:4C:6B:E5:03 + +The error did not appear when running with this patch. + +Signed-off-by: Edward Vear <edwardvear@gmail.com> +Signed-off-by: Marcel Holtmann <marcel@holtmann.org> +--- + net/bluetooth/hci_core.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c +index be9cdf5dabe5..30a5267af490 100644 +--- a/net/bluetooth/hci_core.c ++++ b/net/bluetooth/hci_core.c +@@ -763,7 +763,7 @@ static int hci_init3_req(struct hci_request *req, unsigned long opt) + hci_req_add(req, HCI_OP_LE_CLEAR_RESOLV_LIST, 0, NULL); + } + +- if (hdev->commands[35] & 0x40) { ++ if (hdev->commands[35] & 0x04) { + __le16 rpa_timeout = cpu_to_le16(hdev->rpa_timeout); + + /* Set RPA timeout */ +-- +cgit v1.2.3-1-gf6bb5 + diff --git a/0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch b/0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch new file mode 100644 index 0000000..6589b85 --- /dev/null +++ b/0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch @@ -0,0 +1,58 @@ +From a163474e9b86c2c25f20733385d8b1d6de492a7f Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel <ardb@kernel.org> +Date: Wed, 25 Nov 2020 08:45:55 +0100 +Subject: efivarfs: revert "fix memory leak in efivarfs_create()" + +The memory leak addressed by commit fe5186cf12e3 is a false positive: +all allocations are recorded in a linked list, and freed when the +filesystem is unmounted. This leads to double frees, and as reported +by David, leads to crashes if SLUB is configured to self destruct when +double frees occur. + +So drop the redundant kfree() again, and instead, mark the offending +pointer variable so the allocation is ignored by kmemleak. + +Cc: Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com> +Fixes: fe5186cf12e3 ("efivarfs: fix memory leak in efivarfs_create()") +Reported-by: David Laight <David.Laight@aculab.com> +Signed-off-by: Ard Biesheuvel <ardb@kernel.org> +--- + fs/efivarfs/inode.c | 2 ++ + fs/efivarfs/super.c | 1 - + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c +index 96c0c86f3fff..0297ad95eb5c 100644 +--- a/fs/efivarfs/inode.c ++++ b/fs/efivarfs/inode.c +@@ -7,6 +7,7 @@ + #include <linux/efi.h> + #include <linux/fs.h> + #include <linux/ctype.h> ++#include <linux/kmemleak.h> + #include <linux/slab.h> + #include <linux/uuid.h> + +@@ -103,6 +104,7 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, + var->var.VariableName[i] = '\0'; + + inode->i_private = var; ++ kmemleak_ignore(var); + + err = efivar_entry_add(var, &efivarfs_list); + if (err) +diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c +index f943fd0b0699..15880a68faad 100644 +--- a/fs/efivarfs/super.c ++++ b/fs/efivarfs/super.c +@@ -21,7 +21,6 @@ LIST_HEAD(efivarfs_list); + static void efivarfs_evict_inode(struct inode *inode) + { + clear_inode(inode); +- kfree(inode->i_private); + } + + static const struct super_operations efivarfs_ops = { +-- +cgit v1.2.3-1-gf6bb5 + @@ -31,7 +31,7 @@ _ckpatchversion=ck1 else pkgver=${_supver}.${_majver}.${_minver} fi -pkgrel=1 +pkgrel=2 pkgdesc='Linux-ck' url='https://kernel.org' #url='http://ck.kolivas.org/patches/' @@ -48,6 +48,8 @@ source=( https://www.kernel.org/pub/linux/kernel/v${_supver}.x/${_srcname}.tar.{xz,sign} 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch 0002-Bluetooth-Fix-LL-PRivacy-BLE-device-fails-to-connect.patch + 0003-Bluetooth-Fix-attempting-to-set-RPA-timeout-when-unsupported.patch + 0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch linux-ck-patch-${_supver}.${_majver}-${_ckpatchversion}.xz::http://ck.kolivas.org/patches/${_supver}.0/${_supver}.${_majver}/${_supver}.${_majver}-${_ckpatchversion}/patch-${_supver}.${_majver}-${_ckpatchversion}.xz kernel_gcc_patch-${_gccpatchver}.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/${_gccpatchver}.tar.gz ath9k-regdom-hack.patch @@ -64,6 +66,8 @@ b2sums=('fbcf8b93e4a37e0f45c2de4275ecdfdb80ade1a6cf7e2b62cb331cce2d8fc247eedc14c 'SKIP' 'c1e9177debee553e03873dff9293e7a21a53297fc4b3df8b9f54a8839cf1c7d6803945fc7d64676fe8c04cb54ef331b59c4348fbc9915060162177be503d9e96' '647c9a8580f3f716e39e0bc086acff1fc34d3592011c931c8e00259c395cdd7fff94d71b963cd87850b8e0f67dd31b719ce4f1cc855e553e42a5694ff6bd53dc' + '6729b31b33dc2dc8ee6222ae3782d31bd567e002ee9655f7453ec80c6deda247153b59b9c71f0c60095e491165ab1c8c7bdbff5cc538e9ea920bec889870edec' + 'e71dc75ea9d5c20c88672dfb094e18527bde7a4afb095d2060e9dcf58f3acfb762643dabae736496539aac8772c47aea0ee0857a40ef44e1e5521882d200b7ff' 'c19099ad66168db4608dee44e1913c07c035bc002a91267abc2e1eadf1788ddb5be3b17e3fdfeddcba96526dfa2b9fcc43a5dd0f8236d94c864e6477924a6718' '7f1eb5938472f57748216bd00e0c875feab99fc1c5cb89babfea467ee30ca5c8e9fc5a691efe2e602bef1ea79820c5383822d7cec354b48d23321ccda8ee8127' 'b6ef77035611139fa9a6d5b8d30570e2781bb4da483bb569884b0bd0129b62e0b82a5a6776fefe43fee801c70d39de1ea4d4c177f7cedd5ac135e3c64f7b895a' @@ -89,6 +93,8 @@ prepare() { echo "Applying hotfixes" patch -p1 -i ../0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch patch -p1 -i ../0002-Bluetooth-Fix-LL-PRivacy-BLE-device-fails-to-connect.patch + patch -p1 -i ../0003-Bluetooth-Fix-attempting-to-set-RPA-timeout-when-unsupported.patch + patch -p1 -i ../0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch patch -p1 -i ../sphinx-workaround.patch |