ACK/Cmnt: [SRU][J][PATCH 0/1] Cherry-pick a patch to reject connection when malformed L2CAP signal packet is received

Hui Wang hui.wang at canonical.com
Wed Jan 10 02:47:50 UTC 2024 

On 1/9/24 22:40, Tim Gardner wrote:
> On 1/8/24 8:07 PM, Hui Wang wrote:
>> BugLink: https://bugs.launchpad.net/bugs/2047634
>>
>> The patch is merged in mainline kernel v6.7-rc7, so Noble kernel
>> already have this fix. And this patch is CCed to stable at vger.kernel.org,
>> M and L kernel will have this fix with the SRU update sooner or later.
>> For Jammy kernel, an OEM customer is waiting for this patch
>> to be merged to Jammy kernel and OEM kernel, here I submit the
>> review reqeust for Jammy only.
>>
>> [Impact]
>> An OEM customer want to do the bluetooth profile testing suite (PTS)
>> test, and they found if sending 2 commands and one of them is "unknown
>> comands", the bluetooth stack doesn't reply the ack as expected, this
>> broke the customer's PTS test.
>>
>> [Fix]
>> Cherry-pick a mainline kernel patch, this could fix this issue.
>>
>> [Test]
>> After applying the patch, test it with PTS:
>>
>> 1. Configure the PTS: set PSM to 0x1011, so that it initiates L2CAP 
>> connection
>>     over PSM 0x1011, which is the default PSM for l2test, the testing 
>> tool for
>>     L2CAP layer provided by bluez.
>>
>> 2. Set device as connectable:
>>   $ sudo btmgmt connectable on
>>
>> 3. Run l2test on the device in preparation for testing:
>>   $ sudo l2test -d
>>
>> 4. Run the L2CAP/COS/CED/BI-02-C test on PTS. The test suite will 
>> initiate
>>     L2CAP connection automatically.
>>
>> 5. Verify that the test verdict on the PTS is PASS.
>>
>> And I also tested the patched kernel with 2 bt headsets, 1 bt 
>> keyboard and
>> my mobile phone, all worked as well as before.
>>
>> [Where problems could occur]
>> This makes L2CAP implementation more conforming to the specification.
>> It has possibility to make some bt devices could not work with patched
>> kernel, but this possibility is very low, I tested the patched kernel
>> with 2 bt headsets, 1 bt keyboard and my Android mobile phone, all
>> worked as well as before.
>>
>>
>> Frédéric Danis (1):
>>    Bluetooth: L2CAP: Send reject on command corrupted request
>>
>>   net/bluetooth/l2cap_core.c | 21 +++++++++++++++------
>>   1 file changed, 15 insertions(+), 6 deletions(-)
>>
> Acked-by: Tim Gardner <tim.gardner at canonical.com>
>
> We really should apply to Mantic and Lunar as well. Stable updates can 
> be slow to arrive.

OK, got it. And I just cherry-picked the patch to M & L, and did the 
building test and regression test, all worked well.

Thanks.

More information about the kernel-team mailing list