This bug is awaiting verification that the linux- hwe-6.5/6.5.0-25.25~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux- hwe-6.5' to 'verification-done-jammy-linux-hwe-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-hwe-6.5' to 'verification-failed-jammy-linux-hwe-6.5'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: kernel-spammed-jammy-linux-hwe-6.5-v2 verification-needed-jammy-linux-hwe-6.5 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2047634 Title: Reject connection when malformed L2CAP signal packet is received Status in linux package in Ubuntu: Fix Released Status in linux source package in Jammy: Fix Committed Status in linux source package in Mantic: Fix Released Status in linux source package in Noble: Fix Released Bug description: The patch is merged in mainline kernel v6.7-rc7, so Noble kernel already have this fix. And this patch is CCed to sta...@vger.kernel.org, M and L kernel will have this fix with the SRU update sooner or later. For Jammy kernel, an OEM customer is waiting for this patch to be merged to Jammy kernel and OEM kernel, here I submit the review reqeust for Jammy only. [Impact] An OEM customer want to do the bluetooth profile testing suite (PTS) test, and they found if sending 2 commands and one of them is "unknown comands", the bluetooth stack doesn't reply the ack as expected, this broke the customer's PTS test. [Fix] Cherry-pick a mainline kernel patch, this could fix this issue. [Test] After applying the patch, test it with PTS: 1. Configure the PTS: set PSM to 0x1011, so that it initiates L2CAP connection over PSM 0x1011, which is the default PSM for l2test, the testing tool for L2CAP layer provided by bluez. 2. Set device as connectable: $ sudo btmgmt connectable on 3. Run l2test on the device in preparation for testing: $ sudo l2test -d 4. Run the L2CAP/COS/CED/BI-02-C test on PTS. The test suite will initiate L2CAP connection automatically. 5. Verify that the test verdict on the PTS is PASS. And I also tested the patched kernel with 2 bt headsets, 1 bt keyboard and my mobile phone, all worked as well as before. [Where problems could occur] This makes L2CAP implementation more conforming to the specification. It has possibility to make some bt devices could not work with patched kernel, but this possibility is very low, I tested the patched kernel with 2 bt headsets, 1 bt keyboard and my Android mobile phone, all worked as well as before. [Impact] In the qualification test the from the Bluetooth SIG i.e. the Profile Testing Suite (PTS), in the L2CAP/COS/CED/BI-02-C, packet containing the following L2CAP packets are sent: 1. A malformed L2CAP_CONNECTION_REQ packet; and 2. An L2CAP packet with unknown command. For compliance to the L2CAP specification, BlueZ is expected to send: 1. An L2CAP_CONNECTION_RSP packet; and 2. An L2CAP_COMMAND_REJECT_RSP packet. However, the later one is not sent. [Fix] Clean cherry pick from commit 37b85190ca1ed790fe230f0ba134b10a3d3d1add (Bluetooth: L2CAP: Send reject on command corrupted request) [Test] After applying the patch, test it with PTS: 1. Configure the PTS: set PSM to 0x1011, so that it initiates L2CAP connection over PSM 0x1011, which is the default PSM for l2test, the testing tool for L2CAP layer provided by bluez. 2. Set device as connectable: $ sudo btmgmt connectable on 3. Run l2test on the device in preparation for testing: $ sudo l2test -d 4. Run the L2CAP/COS/CED/BI-02-C test on PTS. The test suite will initiate L2CAP connection automatically. 5. Verify that the test verdict on the PTS is PASS. [Where problems could occur] This makes L2CAP implementation more conforming to the specification. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2047634/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp