| Message ID | 20230417022754.4925-1-lm0963hack@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | ed62f7eeea0d9b73a7a96b3b9db2b77143db3700 |
| Headers | show |
| Series | Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp | expand |
| Context | Check | Description |
|---|---|---|
| tedd_an/pre-ci_am | success | Success |
| tedd_an/CheckPatch | success | CheckPatch PASS |
| tedd_an/GitLint | success | Gitlint PASS |
| tedd_an/SubjectPrefix | success | Gitlint PASS |
| tedd_an/BuildKernel | success | BuildKernel PASS |
| tedd_an/CheckAllWarning | success | CheckAllWarning PASS |
| tedd_an/CheckSparse | success | CheckSparse PASS |
| tedd_an/CheckSmatch | success | CheckSparse PASS |
| tedd_an/BuildKernel32 | success | BuildKernel32 PASS |
| tedd_an/TestRunnerSetup | success | TestRunnerSetup PASS |
| tedd_an/TestRunner_l2cap-tester | success | TestRunner PASS |
| tedd_an/TestRunner_iso-tester | success | TestRunner PASS |
| tedd_an/TestRunner_bnep-tester | success | TestRunner PASS |
| tedd_an/TestRunner_mgmt-tester | success | TestRunner PASS |
| tedd_an/TestRunner_rfcomm-tester | success | TestRunner PASS |
| tedd_an/TestRunner_sco-tester | success | TestRunner PASS |
| tedd_an/TestRunner_ioctl-tester | success | TestRunner PASS |
| tedd_an/TestRunner_mesh-tester | success | TestRunner PASS |
| tedd_an/TestRunner_smp-tester | success | TestRunner PASS |
| tedd_an/TestRunner_userchan-tester | success | TestRunner PASS |
| tedd_an/IncrementalBuild | success | Incremental Build PASS |
This is automated email and please do not reply to this email! Dear submitter, Thank you for submitting the patches to the linux bluetooth mailing list. This is a CI test results with your patch series: PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=740288 ---Test result--- Test Summary: CheckPatch PASS 0.65 seconds GitLint PASS 0.33 seconds SubjectPrefix PASS 0.12 seconds BuildKernel PASS 31.13 seconds CheckAllWarning PASS 34.38 seconds CheckSparse PASS 38.65 seconds CheckSmatch PASS 108.88 seconds BuildKernel32 PASS 30.23 seconds TestRunnerSetup PASS 430.89 seconds TestRunner_l2cap-tester PASS 16.20 seconds TestRunner_iso-tester PASS 19.26 seconds TestRunner_bnep-tester PASS 5.19 seconds TestRunner_mgmt-tester PASS 109.74 seconds TestRunner_rfcomm-tester PASS 8.39 seconds TestRunner_sco-tester PASS 7.82 seconds TestRunner_ioctl-tester PASS 8.98 seconds TestRunner_mesh-tester PASS 6.55 seconds TestRunner_smp-tester PASS 7.62 seconds TestRunner_userchan-tester PASS 5.47 seconds IncrementalBuild PASS 28.74 seconds --- Regards, Linux Bluetooth
Hello: This patch was applied to bluetooth/bluetooth-next.git (master) by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>: On Mon, 17 Apr 2023 10:27:54 +0800 you wrote: > conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, > if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' > is triggered. > > Reported-by: syzbot+9519d6b5b79cf7787cf3@syzkaller.appspotmail.com > Link: https://lore.kernel.org/all/000000000000894f5f05f95e9f4d@google.com/ > Signed-off-by: Min Li <lm0963hack@gmail.com> > > [...] Here is the summary with links: - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp https://git.kernel.org/bluetooth/bluetooth-next/c/ed62f7eeea0d You are awesome, thank you!
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index 55a7226233f9..24d075282996 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c @@ -4694,7 +4694,6 @@ static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, chan = l2cap_get_chan_by_scid(conn, scid); if (!chan) { - mutex_unlock(&conn->chan_lock); return 0; }
conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered. Reported-by: syzbot+9519d6b5b79cf7787cf3@syzkaller.appspotmail.com Link: https://lore.kernel.org/all/000000000000894f5f05f95e9f4d@google.com/ Signed-off-by: Min Li <lm0963hack@gmail.com> --- net/bluetooth/l2cap_core.c | 1 - 1 file changed, 1 deletion(-)