From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E76F3CDB474 for ; Fri, 20 Oct 2023 16:51:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229709AbjJTQvK (ORCPT ); Fri, 20 Oct 2023 12:51:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34234 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229576AbjJTQvK (ORCPT ); Fri, 20 Oct 2023 12:51:10 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9E0BCCA for ; Fri, 20 Oct 2023 09:51:08 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id DEA81C433C7; Fri, 20 Oct 2023 16:51:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1697820668; bh=UxcsiI/3vFy6mHRMZguagYnbHlujibYrxAnFu2X46a4=; h=Subject:To:Cc:From:Date:From; b=R7fzOznlCh5NPvKa6gD3VSXL4WyP5CtHG9qvAEv3L1L49KIHnnK/w/li38GWl1/NR 82A04VbLMW+uzRkKVVfXI+8N8a7kIQp5D9W6ynJWvwwbqNwP9TsVf428HXOhjCGl46 391i+rMXOJIS24VyEx8OWXe+jTGHXcUr1X2A8dgQ= Subject: FAILED: patch "[PATCH] Bluetooth: ISO: Fix invalid context error" failed to apply to 6.5-stable tree To: iulia.tanasescu@nxp.com, luiz.von.dentz@intel.com Cc: From: Date: Fri, 20 Oct 2023 18:51:05 +0200 Message-ID: <2023102005-stomp-defy-0f8e@gregkh> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org The patch below does not apply to the 6.5-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to . To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.5.y git checkout FETCH_HEAD git cherry-pick -x acab8ff29a2a226409cfe04e6d2e0896928c1b3a # git commit -s git send-email --to '' --in-reply-to '2023102005-stomp-defy-0f8e@gregkh' --subject-prefix 'PATCH 6.5.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From acab8ff29a2a226409cfe04e6d2e0896928c1b3a Mon Sep 17 00:00:00 2001 From: Iulia Tanasescu Date: Thu, 28 Sep 2023 10:52:57 +0300 Subject: [PATCH] Bluetooth: ISO: Fix invalid context error This moves the hci_le_terminate_big_sync call from rx_work to cmd_sync_work, to avoid calling sleeping function from an invalid context. Reported-by: syzbot+c715e1bd8dfbcb1ab176@syzkaller.appspotmail.com Fixes: a0bfde167b50 ("Bluetooth: ISO: Add support for connecting multiple BISes") Signed-off-by: Iulia Tanasescu Signed-off-by: Luiz Augusto von Dentz diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index 31d02b54eea1..e6cfc65abcb8 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c @@ -7021,6 +7021,14 @@ static void hci_le_cis_req_evt(struct hci_dev *hdev, void *data, hci_dev_unlock(hdev); } +static int hci_iso_term_big_sync(struct hci_dev *hdev, void *data) +{ + u8 handle = PTR_UINT(data); + + return hci_le_terminate_big_sync(hdev, handle, + HCI_ERROR_LOCAL_HOST_TERM); +} + static void hci_le_create_big_complete_evt(struct hci_dev *hdev, void *data, struct sk_buff *skb) { @@ -7065,16 +7073,17 @@ static void hci_le_create_big_complete_evt(struct hci_dev *hdev, void *data, rcu_read_lock(); } + rcu_read_unlock(); + if (!ev->status && !i) /* If no BISes have been connected for the BIG, * terminate. This is in case all bound connections * have been closed before the BIG creation * has completed. */ - hci_le_terminate_big_sync(hdev, ev->handle, - HCI_ERROR_LOCAL_HOST_TERM); + hci_cmd_sync_queue(hdev, hci_iso_term_big_sync, + UINT_PTR(ev->handle), NULL); - rcu_read_unlock(); hci_dev_unlock(hdev); }