[PATCH 5.10/5.15 0/1] Bluetooth: Fix deadlock in vhci_send_frame

From: Daniil Dulov
Date: Wed Feb 21 2024 - 09:59:58 EST

Next message: Paolo Bonzini: "Re: CVE-2023-52437: Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
Previous message: Daniil Dulov: "[PATCH 5.10/5.15 1/1] Bluetooth: Fix deadlock in vhci_send_frame"
Next in thread: Daniil Dulov: "[PATCH 5.10/5.15 1/1] Bluetooth: Fix deadlock in vhci_send_frame"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Syzkaller reports a potential circular dependency leading to deadlock
in 5.10 and 5.15 stable releases since the commit
92d4abd66f70 ("Bluetooth: vhci: Fix race when opening vhci device")
that caused this crash was backported to these branches.
The problem has been fixed by the following upstream patch that was
adapted to 5.10 and 5.15. All of the changes made to the patch
in order to adapt it are described at the end of commit message.

This patch has already been backported to the following stable branches:
v6.6 - https://lore.kernel.org/stable/20231230115814.038261305@xxxxxxxxxxxxxxxxxxx/
v6.1 - https://lore.kernel.org/stable/20231230115807.749489379@xxxxxxxxxxxxxxxxxxx/

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Next message: Paolo Bonzini: "Re: CVE-2023-52437: Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
Previous message: Daniil Dulov: "[PATCH 5.10/5.15 1/1] Bluetooth: Fix deadlock in vhci_send_frame"
Next in thread: Daniil Dulov: "[PATCH 5.10/5.15 1/1] Bluetooth: Fix deadlock in vhci_send_frame"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]