| Message ID | 20250614041910.219584-1-ipravdin.official@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | HCI: coredump: Use tmp buffer with dev_coredumpv | expand |
This is automated email and please do not reply to this email! Dear submitter, Thank you for submitting the patches to the linux bluetooth mailing list. This is a CI test results with your patch series: PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=972075 ---Test result--- Test Summary: CheckPatch PENDING 0.34 seconds GitLint PENDING 0.21 seconds SubjectPrefix FAIL 0.35 seconds BuildKernel PASS 24.96 seconds CheckAllWarning PASS 27.07 seconds CheckSparse PASS 30.18 seconds BuildKernel32 PASS 24.56 seconds TestRunnerSetup PASS 460.60 seconds TestRunner_l2cap-tester PASS 24.99 seconds TestRunner_iso-tester FAIL 7.88 seconds TestRunner_bnep-tester PASS 5.82 seconds TestRunner_mgmt-tester FAIL 136.75 seconds TestRunner_rfcomm-tester PASS 9.40 seconds TestRunner_sco-tester PASS 14.61 seconds TestRunner_ioctl-tester PASS 9.95 seconds TestRunner_mesh-tester PASS 7.18 seconds TestRunner_smp-tester PASS 8.51 seconds TestRunner_userchan-tester PASS 6.06 seconds IncrementalBuild PENDING 0.56 seconds Details ############################## Test: CheckPatch - PENDING Desc: Run checkpatch.pl script Output: ############################## Test: GitLint - PENDING Desc: Run gitlint Output: ############################## Test: SubjectPrefix - FAIL Desc: Check subject contains "Bluetooth" prefix Output: "Bluetooth: " prefix is not specified in the subject ############################## Test: TestRunner_iso-tester - FAIL Desc: Run iso-tester with test-runner Output: No test result found ############################## Test: TestRunner_mgmt-tester - FAIL Desc: Run mgmt-tester with test-runner Output: Total: 490, Passed: 484 (98.8%), Failed: 2, Not Run: 4 Failed Test Cases LL Privacy - Add Device 2 (2 Devices to AL) Failed 0.196 seconds LL Privacy - Start Discovery 2 (Disable RL) Failed 0.190 seconds ############################## Test: IncrementalBuild - PENDING Desc: Incremental build with the patches in the series Output: --- Regards, Linux Bluetooth
diff --git a/net/bluetooth/coredump.c b/net/bluetooth/coredump.c index 819eacb38762..1232c9a94f95 100644 --- a/net/bluetooth/coredump.c +++ b/net/bluetooth/coredump.c @@ -243,6 +243,7 @@ static void hci_devcd_handle_pkt_pattern(struct hci_dev *hdev, static void hci_devcd_dump(struct hci_dev *hdev) { struct sk_buff *skb; + char *coredump; u32 size; bt_dev_dbg(hdev, "state %d", hdev->dump.state); @@ -250,7 +251,11 @@ static void hci_devcd_dump(struct hci_dev *hdev) size = hdev->dump.tail - hdev->dump.head; /* Emit a devcoredump with the available data */ - dev_coredumpv(&hdev->dev, hdev->dump.head, size, GFP_KERNEL); + coredump = vmalloc(size); + if (coredump) { + memcpy(coredump, hdev->dump.head, size); + dev_coredumpv(&hdev->dev, coredump, size, GFP_KERNEL); + } /* Send a copy to monitor as a diagnostic packet */ skb = bt_skb_alloc(size, GFP_ATOMIC);
Create and use new vmalloc'ed buffer with dev_coredumpv. From dev_coredumpv documentation: `This function takes ownership of the vmalloc'ed data and will free it when it is no longer used.` As hdev->dump is used after dev_coredumpv, create temporary buffer to hold hdev->dump data. Reported-by: syzbot+ac3c79181f6aecc5120c@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/67eaa688.050a0220.1547ec.014a.GAE@google.com Fixes: b257e02ecc46 ("HCI: coredump: Log devcd dumps into the monitor") Signed-off-by: Ivan Pravdin <ipravdin.official@gmail.com> --- net/bluetooth/coredump.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)