Merge tag 'for-net-2025-04-16' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth (a43ae7cf) · Commits · git / linux-net

drivers/bluetooth/hci_vhci.c

+5 −5

Original line number	Diff line number	Diff line
		@@ -289,18 +289,18 @@ static void vhci_coredump(struct hci_dev *hdev)

		static void vhci_coredump_hdr(struct hci_dev hdev, struct sk_buff skb)
		{
		char buf[80];
		const char *buf;

		snprintf(buf, sizeof(buf), "Controller Name: vhci_ctrl\n");
		buf = "Controller Name: vhci_ctrl\n";
		skb_put_data(skb, buf, strlen(buf));

		snprintf(buf, sizeof(buf), "Firmware Version: vhci_fw\n");
		buf = "Firmware Version: vhci_fw\n";
		skb_put_data(skb, buf, strlen(buf));

		snprintf(buf, sizeof(buf), "Driver: vhci_drv\n");
		buf = "Driver: vhci_drv\n";
		skb_put_data(skb, buf, strlen(buf));

		snprintf(buf, sizeof(buf), "Vendor: vhci\n");
		buf = "Vendor: vhci\n";
		skb_put_data(skb, buf, strlen(buf));
		}

+17 −1

Original line number	Diff line number	Diff line
		@@ -7539,8 +7539,24 @@ void l2cap_recv_acldata(struct hci_conn hcon, struct sk_buff skb, u16 flags)
		if (skb->len > len) {
		BT_ERR("Frame is too long (len %u, expected len %d)",
		skb->len, len);
		/* PTS test cases L2CAP/COS/CED/BI-14-C and BI-15-C
		* (Multiple Signaling Command in one PDU, Data
		* Truncated, BR/EDR) send a C-frame to the IUT with
		* PDU Length set to 8 and Channel ID set to the
		* correct signaling channel for the logical link.
		* The Information payload contains one L2CAP_ECHO_REQ
		* packet with Data Length set to 0 with 0 octets of
		* echo data and one invalid command packet due to
		* data truncated in PDU but present in HCI packet.
		*
		* Shorter the socket buffer to the PDU length to
		* allow to process valid commands from the PDU before
		* setting the socket unreliable.
		*/
		skb->len = len;
		l2cap_recv_frame(conn, skb);
		l2cap_conn_unreliable(conn, ECOMM);
		goto drop;
		goto unlock;
		}

		/* Append fragment into frame (with header) */