From patchwork Tue Jun 14 14:52:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Soenke Huster X-Patchwork-Id: 12881227 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 42ED5C43334 for ; Tue, 14 Jun 2022 14:53:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235304AbiFNOxs (ORCPT ); Tue, 14 Jun 2022 10:53:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50674 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343895AbiFNOx2 (ORCPT ); Tue, 14 Jun 2022 10:53:28 -0400 Received: from giacobini.uberspace.de (giacobini.uberspace.de [185.26.156.129]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2BF0D31DCC for ; Tue, 14 Jun 2022 07:53:26 -0700 (PDT) Received: (qmail 16120 invoked by uid 990); 14 Jun 2022 14:53:24 -0000 Authentication-Results: giacobini.uberspace.de; auth=pass (plain) From: Soenke Huster To: Marcel Holtmann , Johan Hedberg , Luiz Augusto von Dentz Cc: Soenke Huster , linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] Bluetooth: virtio_bt: Use skb_put to set length Date: Tue, 14 Jun 2022 16:52:54 +0200 Message-Id: <20220614145253.132230-1-soenke.huster@eknoes.de> X-Mailer: git-send-email 2.36.1 MIME-Version: 1.0 X-Rspamd-Bar: / X-Rspamd-Report: BAYES_HAM(-2.923086) R_MISSING_CHARSET(0.5) MIME_GOOD(-0.1) MID_CONTAINS_FROM(1) SUSPICIOUS_RECIPS(1.5) X-Rspamd-Score: -0.023086 Received: from unknown (HELO unkown) (::1) by giacobini.uberspace.de (Haraka/2.8.28) with ESMTPSA; Tue, 14 Jun 2022 16:53:24 +0200 Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org By using skb_put we ensure that skb->tail is set correctly. Currently, skb->tail is always zero, which leads to errors, such as the following page fault in rfcomm_recv_frame: BUG: unable to handle page fault for address: ffffed1021de29ff #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page RIP: 0010:rfcomm_run+0x831/0x4040 (net/bluetooth/rfcomm/core.c:1751) Signed-off-by: Soenke Huster --- drivers/bluetooth/virtio_bt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/bluetooth/virtio_bt.c b/drivers/bluetooth/virtio_bt.c index 67c21263f9e0..fd281d439505 100644 --- a/drivers/bluetooth/virtio_bt.c +++ b/drivers/bluetooth/virtio_bt.c @@ -219,7 +219,7 @@ static void virtbt_rx_work(struct work_struct *work) if (!skb) return; - skb->len = len; + skb_put(skb, len); virtbt_rx_handle(vbt, skb); if (virtbt_add_inbuf(vbt) < 0)