Linux kernel stable tree
Go to file
Ruihan Li 000c2fa2c1 bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
Previously, channel open messages were always sent to monitors on the first
ioctl() call for unbound HCI sockets, even if the command and arguments
were completely invalid. This can leave an exploitable hole with the abuse
of invalid ioctl calls.

This commit hardens the ioctl processing logic by first checking if the
command is valid, and immediately returning with an ENOIOCTLCMD error code
if it is not. This ensures that ioctl calls with invalid commands are free
of side effects, and increases the difficulty of further exploitation by
forcing exploitation to find a way to pass a valid command first.

Signed-off-by: Ruihan Li <lrh2000@pku.edu.cn>
Co-developed-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
2023-04-23 22:05:06 -07:00
arch arm64: dts: rockchip: Update compatible for bluetooth 2023-04-23 21:47:27 -07:00
block block: don't set GD_NEED_PART_SCAN if scan partition failed 2023-04-06 20:41:53 -06:00
certs Kbuild updates for v6.3 2023-02-26 11:53:25 -08:00
crypto asymmetric_keys: log on fatal failures in PE/pkcs7 2023-03-21 16:23:56 +00:00
Documentation dt-bindings: net: Add WCN6855 Bluetooth 2023-04-23 21:57:14 -07:00
drivers Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" 2023-04-23 22:04:52 -07:00
fs Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-20 16:29:51 -07:00
include Bluetooth: Add new quirk for broken set random RPA timeout for ATS2851 2023-04-23 22:04:26 -07:00
init init/initramfs: Fix argument forwarding to panic() in panic_show_mem() 2023-04-16 17:37:01 +09:00
io_uring Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-20 16:29:51 -07:00
ipc Merge branch 'work.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2023-02-24 19:20:07 -08:00
kernel bpf-next-for-netdev 2023-04-21 20:32:37 -07:00
lib Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-20 16:29:51 -07:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-20 16:29:51 -07:00
net bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() 2023-04-23 22:05:06 -07:00
rust rust: allow to use INIT_STACK_ALL_ZERO 2023-04-19 19:34:43 +02:00
samples samples/bpf: sampleip: Replace PAGE_OFFSET with _text address 2023-04-13 21:57:11 -07:00
scripts Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-20 16:29:51 -07:00
security Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-03-24 10:10:20 -07:00
sound ALSA: hda/hdmi: disable KAE for Intel DG2 2023-04-14 07:50:52 +02:00
tools bpf-next-for-netdev 2023-04-21 20:32:37 -07:00
usr initramfs: Check negative timestamp to prevent broken cpio archive 2023-04-16 17:37:01 +09:00
virt KVM: PPC: Make KVM_CAP_IRQFD_RESAMPLE platform dependent 2023-03-31 11:19:05 -04:00
.clang-format cpumask: re-introduce constant-sized cpumask optimizations 2023-03-05 14:30:34 -08:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for *.dtso files 2023-02-26 15:28:23 +09:00
.gitignore .gitignore: Do not ignore .kunitconfig files 2023-04-19 18:48:48 -07:00
.mailmap Networking fixes for 6.3-rc8, including fixes from netfilter and bpf 2023-04-20 11:03:51 -07:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS There is no particular theme here - mainly quick hits all over the tree. 2023-02-23 17:55:40 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Bluetooth: NXP: Add protocol support for NXP Bluetooth chipsets 2023-04-23 21:51:55 -07:00
Makefile Linux 6.3-rc7 2023-04-16 15:23:53 -07:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.