Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v3.4.105 2014-07-09T17:51:20+00:00 2014-07-09T17:51:20+00:00 Syam Sidhardhan s.syam@samsung.com 2012-04-12T15:03:17+00:00 urn:sha1:eb688f6a4b6090dbcdccc935cf074618c0f421c1 commit e10b9969f217c948c5523045f44eba4d3a758ff0 upstream. In this API, we were using sizeof operator for an array given as function argument, which is invalid. However this API is not used anywhere. Signed-off-by: Syam Sidhardhan <s.syam@samsung.com> Signed-off-by: Gustavo Padovan <gustavo@padovan.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2013-06-20T18:58:44+00:00 Johan Hedberg johan.hedberg@intel.com 2013-05-29T06:51:29+00:00 urn:sha1:2147439889d33148785d20cdff01491f5617965f commit 96570ffcca0b872dc8626e97569d2697f374d868 upstream. If hci_dev_open fails we need to ensure that the corresponding mgmt_set_powered command gets an appropriate response. This patch fixes the missing response by adding a new mgmt_set_powered_failed function that's used to indicate a power on failure to mgmt. Since a situation with the device being rfkilled may require special handling in user space the patch uses a new dedicated mgmt status code for this. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-10-02T17:30:34+00:00 Vinicius Costa Gomes vinicius.gomes@openbossa.org 2012-08-24T00:32:43+00:00 urn:sha1:0fcc0805df9cf7483e927cf6a4dc94938318c06a commit cc110922da7e902b62d18641a370fec01a9fa794 upstream. To make it clear that it may be called from contexts that may not have any knowledge of L2CAP, we change the connection parameter, to receive a hci_conn. This also makes it clear that it is checking the security of the link. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-05-14T17:51:25+00:00 Gustavo Padovan gustavo@padovan.org 2012-05-13T06:20:07+00:00 urn:sha1:a7d7723ae7c0178d715c06c5621e8fd8014ba92f It fixes L2CAP socket based security level elevation during a connection. The HID profile needs this (for keyboards) and it is the only way to achieve the security level elevation when using the management interface to talk to the kernel (hence the management enabling patch being the one that exposes this issue). It enables the userspace a security level change when the socket is already connected and create a way to notify the socket the result of the request. At the moment of the request the socket is made non writable, if the request fails the connections closes, otherwise the socket is made writable again, POLL_OUT is emmited. Signed-off-by: Gustavo Padovan <gustavo@padovan.org> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com> 2012-04-16T09:57:45+00:00 Vishal Agarwal vishal.agarwal@stericsson.com 2012-04-16T09:14:44+00:00 urn:sha1:6ec5bcadc21e13ceba8c144e4731eccac01d04f7 If a key is non persistent then it should not be used in future connections but it should be kept for current connection. And it should be removed when connecion is removed. Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> 2012-04-16T09:57:40+00:00 Vishal Agarwal vishal.agarwal@stericsson.com 2012-04-13T12:13:22+00:00 urn:sha1:745c0ce35f904aeff8e1ea325c259a14a00ff1b7 This patch changes the return type of function hci_persistent_key from int to bool because it makes more sense to return information whether a key is persistent or not as a bool. Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> 2012-04-05T18:05:51+00:00 Gustavo Padovan gustavo@padovan.org 2012-03-29T12:47:53+00:00 urn:sha1:66f3b913e68e8e62bd2f9499495eeb6cc81b2662 To ensure that old user space versions do not accidentally pick up and try to use the management channel, use a different channel number. Reported-by: Keith Packard <keithp@keithp.com> Acked-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo@padovan.org> 2012-03-28T18:13:18+00:00 Andrei Emeltchenko andrei.emeltchenko@intel.com 2012-03-19T07:42:31+00:00 urn:sha1:c732a2af12e20f2784c8b0c9d2e289579313a413 Silence sparse warnings: net/bluetooth/mgmt.c:865:19: warning: cast to restricted __le16 Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo@padovan.org> 2012-03-28T15:02:40+00:00 Johan Hedberg johan.hedberg@intel.com 2012-03-26T11:21:42+00:00 urn:sha1:6c0c331e4c8ff6c0f7fa6cc5fd08d853d6c579c4 If passed 0 as data_length the (parsed < data_length - 1) test will be true and cause a buffer overflow. In practice we need at least two bytes for the element length and type so add a test for it to the very beginning of the function. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo@padovan.org> 2012-03-28T15:02:40+00:00 Johan Hedberg johan.hedberg@intel.com 2012-03-26T11:21:41+00:00 urn:sha1:84d9d0716b2d5f4a27de4801bd2dbf7aff5e1c38 The parsed variable is already incremented inside the for-loop so there no need to increment it again (not to mention that the code was incrementing it the wrong amount). Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo@padovan.org>