Calvin Owens b489556a85 Bluetooth: fix corruption in h4_recv_buf() after cleanup ...

A different structure is stored in drvdata for the drivers which used
that duplicate function, but h4_recv_buf() assumes drvdata is always an
hci_uart structure.

Consequently, alignment and padding are now randomly corrupted for
btmtkuart, btnxpuart, and bpa10x in h4_recv_buf(), causing erratic
breakage.

Fix this by making the hci_uart structure the explicit argument to
h4_recv_buf(). Every caller already has a reference to hci_uart, and
already obtains the hci_hdev reference through it, so this actually
eliminates a redundant pointer indirection for all existing callers.

Fixes: 93f06f8f0d ("Bluetooth: remove duplicate h4_recv_buf() in header")
Reported-by: Francesco Valla <francesco@valla.it>
Closes: https://lore.kernel.org/lkml/6837167.ZASKD2KPVS@fedora.fritz.box/
Signed-off-by: Calvin Owens <calvin@wbinvd.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

2025-10-24 10:31:24 -04:00

..

ath3k.c

move asm/unaligned.h to linux/unaligned.h

2024-10-02 17:23:23 -04:00

bcm203x.c

Bluetooth: bcm203x: remove superfluous header files

2022-03-18 17:12:09 +01:00

bfusb.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00

bluecard_cs.c

treewide, timers: Rename from_timer() to timer_container_of()

2025-06-08 09:07:37 +02:00

bpa10x.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

bt3c_cs.c

Bluetooth: bt3c_cs: Fix obsolete function

2018-09-27 12:57:39 +02:00

btbcm.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00

btbcm.h

Bluetooth: hci_bcm: Add support for FW loading in autobaud mode

2022-07-21 17:04:38 -07:00

btintel_pcie.c

Bluetooth: btintel_pcie: Fix event packet loss issue

2025-10-24 10:31:06 -04:00

btintel_pcie.h

Bluetooth: btintel_pcie: Refactor Device Coredump

2025-09-27 11:37:00 -04:00

btintel.c

Bluetooth: btintel: Add support for BlazarIW core

2025-09-27 11:36:59 -04:00

btintel.h

Bluetooth: btintel: Define a macro for Intel Reset vendor command

2025-07-23 10:31:03 -04:00

btmrvl_debugfs.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_390.RULE

2022-06-10 14:51:36 +02:00

btmrvl_drv.h

treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_390.RULE

2022-06-10 14:51:36 +02:00

btmrvl_main.c

Bluetooth: Use str_enable_disable-like helpers

2025-01-15 10:36:11 -05:00

btmrvl_sdio.c

Bluetooth: btmrvl_sdio: Fix wakeup source leaks on device unbind

2025-05-21 10:27:20 -04:00

btmrvl_sdio.h

treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_390.RULE

2022-06-10 14:51:36 +02:00

btmtk.c

Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown

2025-08-15 09:44:49 -04:00

btmtk.h

Bluetooth: btmtk: remove #ifdef around declarations

2024-07-26 10:56:54 -04:00

btmtksdio.c

Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset

2025-10-24 10:20:50 -04:00

btmtkuart.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

btnxpuart.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

btqca.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00

btqca.h

Bluetooth: qca: add WCN3950 support

2025-03-25 12:42:35 -04:00

btqcomsmd.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00

btrsi.c

move asm/unaligned.h to linux/unaligned.h

2024-10-02 17:23:23 -04:00

btrtl.c

Bluetooth: btrtl: Fix typo in comment

2025-07-23 10:29:50 -04:00

btrtl.h

Bluetooth: btrtl: Add Realtek devcoredump support

2023-08-11 11:35:14 -07:00

btsdio.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00

btusb.c

Bluetooth: btusb: Add new VID/PID 13d3/3633 for MT7922

2025-09-27 11:37:01 -04:00

dtl1_cs.c

networking: add and use skb_put_u8()

2017-06-16 11:48:40 -04:00

hci_ag6xx.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_aml.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_ath.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_bcm4377.c

Bluetooth: hci_bcm4377: Fix typo in comment

2025-07-23 10:30:04 -04:00

hci_bcm.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_bcsp.c

Bluetooth: bcsp: receive data only if registered

2025-09-27 11:37:02 -04:00

hci_h4.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_h5.c

treewide, timers: Rename from_timer() to timer_container_of()

2025-06-08 09:07:37 +02:00

hci_intel.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_ldisc.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00

hci_ll.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_mrvl.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_nokia.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_qca.c

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_serdev.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00

hci_uart.h

Bluetooth: fix corruption in h4_recv_buf() after cleanup

2025-10-24 10:31:24 -04:00

hci_vhci.c

Bluetooth: vhci: Prevent use-after-free by removing debugfs files early

2025-08-29 14:47:20 -04:00

Kconfig

Bluetooth: Fix build after header cleanup

2025-09-20 10:57:44 -04:00

Makefile

Bluetooth: hci_uart: Add support for Amlogic HCI UART

2024-09-10 12:44:10 -04:00

virtio_bt.c

Bluetooth: hci_dev: replace 'quirks' integer by 'quirk_flags' bitmap

2025-07-16 15:37:53 -04:00