CC: [email protected] TO: [email protected] TO: Guenter Roeck <[email protected]>
tree: https://chromium.googlesource.com/chromiumos/third_party/kernel chromeos-5.10 head: a14daa5347bacafd6b416560b38bc48a3e80cc67 commit: ad25b27bf35f7dcf7f3c87bfc7852599e6242111 [98/107] UPSTREAM: Bluetooth: SMP: Convert BT_ERR/BT_DBG to bt_dev_err/bt_dev_dbg :::::: branch date: 22 hours ago :::::: commit date: 22 hours ago config: h8300-randconfig-m031-20210618 (attached as .config) compiler: h8300-linux-gcc (GCC) 9.3.0 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> Reported-by: Dan Carpenter <[email protected]> smatch warnings: net/bluetooth/smp.c:1634 smp_user_confirm_reply() warn: variable dereferenced before check 'conn' (see line 1632) vim +/conn +1634 net/bluetooth/smp.c 760b018b6cf08e Johan Hedberg 2014-06-06 1623 2b64d153a0cc9d Brian Gix 2011-12-21 1624 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey) 2b64d153a0cc9d Brian Gix 2011-12-21 1625 { b10e8017bd9d02 Johan Hedberg 2014-06-27 1626 struct l2cap_conn *conn = hcon->l2cap_data; 5d88cc73dded31 Johan Hedberg 2014-08-08 1627 struct l2cap_chan *chan; 2b64d153a0cc9d Brian Gix 2011-12-21 1628 struct smp_chan *smp; 2b64d153a0cc9d Brian Gix 2011-12-21 1629 u32 value; fc75cc8684d21d Johan Hedberg 2014-09-05 1630 int err; 2b64d153a0cc9d Brian Gix 2011-12-21 1631 ad25b27bf35f7d Luiz Augusto von Dentz 2021-03-15 @1632 bt_dev_dbg(conn->hcon->hdev, ""); 2b64d153a0cc9d Brian Gix 2011-12-21 1633 fc75cc8684d21d Johan Hedberg 2014-09-05 @1634 if (!conn) 2b64d153a0cc9d Brian Gix 2011-12-21 1635 return -ENOTCONN; 2b64d153a0cc9d Brian Gix 2011-12-21 1636 5d88cc73dded31 Johan Hedberg 2014-08-08 1637 chan = conn->smp; 5d88cc73dded31 Johan Hedberg 2014-08-08 1638 if (!chan) 5d88cc73dded31 Johan Hedberg 2014-08-08 1639 return -ENOTCONN; 5d88cc73dded31 Johan Hedberg 2014-08-08 1640 fc75cc8684d21d Johan Hedberg 2014-09-05 1641 l2cap_chan_lock(chan); fc75cc8684d21d Johan Hedberg 2014-09-05 1642 if (!chan->data) { fc75cc8684d21d Johan Hedberg 2014-09-05 1643 err = -ENOTCONN; fc75cc8684d21d Johan Hedberg 2014-09-05 1644 goto unlock; fc75cc8684d21d Johan Hedberg 2014-09-05 1645 } fc75cc8684d21d Johan Hedberg 2014-09-05 1646 5d88cc73dded31 Johan Hedberg 2014-08-08 1647 smp = chan->data; 2b64d153a0cc9d Brian Gix 2011-12-21 1648 760b018b6cf08e Johan Hedberg 2014-06-06 1649 if (test_bit(SMP_FLAG_SC, &smp->flags)) { 760b018b6cf08e Johan Hedberg 2014-06-06 1650 err = sc_user_reply(smp, mgmt_op, passkey); 760b018b6cf08e Johan Hedberg 2014-06-06 1651 goto unlock; 760b018b6cf08e Johan Hedberg 2014-06-06 1652 } 760b018b6cf08e Johan Hedberg 2014-06-06 1653 2b64d153a0cc9d Brian Gix 2011-12-21 1654 switch (mgmt_op) { 2b64d153a0cc9d Brian Gix 2011-12-21 1655 case MGMT_OP_USER_PASSKEY_REPLY: 2b64d153a0cc9d Brian Gix 2011-12-21 1656 value = le32_to_cpu(passkey); 943a732ab6440f Johan Hedberg 2014-03-18 1657 memset(smp->tk, 0, sizeof(smp->tk)); ad25b27bf35f7d Luiz Augusto von Dentz 2021-03-15 1658 bt_dev_dbg(conn->hcon->hdev, "PassKey: %d", value); 943a732ab6440f Johan Hedberg 2014-03-18 1659 put_unaligned_le32(value, smp->tk); 19186c7b45c134 Gustavo A. R. Silva 2020-07-08 1660 fallthrough; 2b64d153a0cc9d Brian Gix 2011-12-21 1661 case MGMT_OP_USER_CONFIRM_REPLY: 4a74d65868f10d Johan Hedberg 2014-05-20 1662 set_bit(SMP_FLAG_TK_VALID, &smp->flags); 2b64d153a0cc9d Brian Gix 2011-12-21 1663 break; 2b64d153a0cc9d Brian Gix 2011-12-21 1664 case MGMT_OP_USER_PASSKEY_NEG_REPLY: 2b64d153a0cc9d Brian Gix 2011-12-21 1665 case MGMT_OP_USER_CONFIRM_NEG_REPLY: 84794e119a22f6 Johan Hedberg 2013-11-06 1666 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED); fc75cc8684d21d Johan Hedberg 2014-09-05 1667 err = 0; fc75cc8684d21d Johan Hedberg 2014-09-05 1668 goto unlock; 2b64d153a0cc9d Brian Gix 2011-12-21 1669 default: 84794e119a22f6 Johan Hedberg 2013-11-06 1670 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED); fc75cc8684d21d Johan Hedberg 2014-09-05 1671 err = -EOPNOTSUPP; fc75cc8684d21d Johan Hedberg 2014-09-05 1672 goto unlock; 2b64d153a0cc9d Brian Gix 2011-12-21 1673 } 2b64d153a0cc9d Brian Gix 2011-12-21 1674 fc75cc8684d21d Johan Hedberg 2014-09-05 1675 err = 0; fc75cc8684d21d Johan Hedberg 2014-09-05 1676 2b64d153a0cc9d Brian Gix 2011-12-21 1677 /* If it is our turn to send Pairing Confirm, do so now */ 1cc6114402f864 Johan Hedberg 2014-05-20 1678 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) { 1cc6114402f864 Johan Hedberg 2014-05-20 1679 u8 rsp = smp_confirm(smp); 1cc6114402f864 Johan Hedberg 2014-05-20 1680 if (rsp) 1cc6114402f864 Johan Hedberg 2014-05-20 1681 smp_failure(conn, rsp); 1cc6114402f864 Johan Hedberg 2014-05-20 1682 } 2b64d153a0cc9d Brian Gix 2011-12-21 1683 fc75cc8684d21d Johan Hedberg 2014-09-05 1684 unlock: fc75cc8684d21d Johan Hedberg 2014-09-05 1685 l2cap_chan_unlock(chan); fc75cc8684d21d Johan Hedberg 2014-09-05 1686 return err; 2b64d153a0cc9d Brian Gix 2011-12-21 1687 } 2b64d153a0cc9d Brian Gix 2011-12-21 1688 :::::: The code at line 1634 was first introduced by commit :::::: fc75cc8684d21d3649b28c4c37d4ce3f000759e4 Bluetooth: Fix locking of the SMP context :::::: TO: Johan Hedberg <[email protected]> :::::: CC: Marcel Holtmann <[email protected]> --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected]
.config.gz
Description: application/gzip
_______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
