!14978 CVE-2024-56604_openEuler-1.0-LTS (234a8718) · Commits · EulixOS / Software / Kernel

include/net/bluetooth/bluetooth.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -268,6 +268,8 @@ void bt_sock_unregister(int proto);
		void bt_sock_link(struct bt_sock_list l, struct sock s);
		void bt_sock_unlink(struct bt_sock_list l, struct sock s);
		bool bt_sock_linked(struct bt_sock_list l, struct sock s);
		struct sock bt_sock_alloc(struct net net, struct socket *sock,
		struct proto *prot, int proto, gfp_t prio, int kern);
		int bt_sock_recvmsg(struct socket sock, struct msghdr msg, size_t len,
		int flags);
		int bt_sock_stream_recvmsg(struct socket sock, struct msghdr msg,

+21 −0

Original line number	Diff line number	Diff line
		@@ -138,6 +138,27 @@ static int bt_sock_create(struct net net, struct socket sock, int proto,
		return err;
		}

		struct sock bt_sock_alloc(struct net net, struct socket *sock,
		struct proto *prot, int proto, gfp_t prio, int kern)
		{
		struct sock *sk;

		sk = sk_alloc(net, PF_BLUETOOTH, prio, prot, kern);
		if (!sk)
		return NULL;

		sock_init_data(sock, sk);
		INIT_LIST_HEAD(&bt_sk(sk)->accept_q);

		sock_reset_flag(sk, SOCK_ZAPPED);

		sk->sk_protocol = proto;
		sk->sk_state = BT_OPEN;

		return sk;
		}
		EXPORT_SYMBOL(bt_sock_alloc);

		void bt_sock_link(struct bt_sock_list l, struct sock sk)
		{
		write_lock(&l->lock);

+1 −9

Original line number	Diff line number	Diff line
		@@ -201,21 +201,13 @@ static int bnep_sock_create(struct net net, struct socket sock, int protocol,
		if (sock->type != SOCK_RAW)
		return -ESOCKTNOSUPPORT;

		sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &bnep_proto, kern);
		sk = bt_sock_alloc(net, sock, &bnep_proto, protocol, GFP_ATOMIC, kern);
		if (!sk)
		return -ENOMEM;

		sock_init_data(sock, sk);

		sock->ops = &bnep_sock_ops;

		sock->state = SS_UNCONNECTED;

		sock_reset_flag(sk, SOCK_ZAPPED);

		sk->sk_protocol = protocol;
		sk->sk_state = BT_OPEN;

		bt_sock_link(&bnep_sk_list, sk);
		return 0;
		}

+2 −8

Original line number	Diff line number	Diff line
		@@ -2027,18 +2027,12 @@ static int hci_sock_create(struct net net, struct socket sock, int protocol,

		sock->ops = &hci_sock_ops;

		sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto, kern);
		sk = bt_sock_alloc(net, sock, &hci_sk_proto, protocol, GFP_ATOMIC,
		kern);
		if (!sk)
		return -ENOMEM;

		sock_init_data(sock, sk);

		sock_reset_flag(sk, SOCK_ZAPPED);

		sk->sk_protocol = protocol;

		sock->state = SS_UNCONNECTED;
		sk->sk_state = BT_OPEN;

		bt_sock_link(&hci_sk_list, sk);
		return 0;

+1 −9

Original line number	Diff line number	Diff line
		@@ -1611,21 +1611,13 @@ static struct sock l2cap_sock_alloc(struct net net, struct socket *sock,
		struct sock *sk;
		struct l2cap_chan *chan;

		sk = sk_alloc(net, PF_BLUETOOTH, prio, &l2cap_proto, kern);
		sk = bt_sock_alloc(net, sock, &l2cap_proto, proto, prio, kern);
		if (!sk)
		return NULL;

		sock_init_data(sock, sk);
		INIT_LIST_HEAD(&bt_sk(sk)->accept_q);

		sk->sk_destruct = l2cap_sock_destruct;
		sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;

		sock_reset_flag(sk, SOCK_ZAPPED);

		sk->sk_protocol = proto;
		sk->sk_state = BT_OPEN;

		chan = l2cap_chan_create();
		if (!chan) {
		sk_free(sk);