[Bug 205735] New: Kernel 4.19.42 and newer have broke my Bluetooth keyboard/mouse support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.kernel.org/show_bug.cgi?id=205735

            Bug ID: 205735
           Summary: Kernel 4.19.42 and newer have broke my Bluetooth
                    keyboard/mouse support
           Product: Drivers
           Version: 2.5
    Kernel Version: 4.19.42 and all newer also 5.4
          Hardware: All
                OS: Linux
              Tree: Mainline
            Status: NEW
          Severity: blocking
          Priority: P1
         Component: Bluetooth
          Assignee: linux-bluetooth@xxxxxxxxxxxxxxx
          Reporter: cijoml@xxxxxxxx
        Regression: No

Hello guys,

I own a very old Logitech diNovo media set with Keyboard, Mouse MX1000
for Bluetooth and Mediapad.
Since 4.19.41 I was able to use it without problem, but kernel 4.19.42
introduced two patches which one of them problably broke my Bluetooth
setup support.
According to the changelog those might be:

commit 38f092c41cebaff589e88cc22686b289a6840559
Author: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Date: Wed Apr 24 22:19:17 2019 +0200

Bluetooth: Align minimum encryption key size for LE and BR/EDR connections

commit d5bb334a8e171b262e48f378bd2096c0ea458265 upstream.

The minimum encryption key size for LE connections is 56 bits and to
align LE with BR/EDR, enforce 56 bits of minimum encryption key size for
BR/EDR connections as well.

Signed-off-by: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Signed-off-by: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

commit c6d1f9b4b2cb768e29f5d44af143f25ad89062b1
Author: Young Xiao <YangX92@xxxxxxxxxxx>
Date: Fri Apr 12 15:24:30 2019 +0800

Bluetooth: hidp: fix buffer overflow

commit a1616a5ac99ede5d605047a9012481ce7ff18b16 upstream.

Struct ca is copied from userspace. It is not checked whether the "name"
field is NULL terminated, which allows local users to obtain potentially
sensitive information from kernel stack memory, via a HIDPCONNADD command.

This vulnerability is similar to CVE-2011-1079.

Signed-off-by: Young Xiao <YangX92@xxxxxxxxxxx>
Signed-off-by: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

My current working setup with 4.19.41 is as follows:

root@thinkpad:/home/cijoml# hcitool con
Connections:
> ACL 00:07:61:49:2A:6A handle 69 state 1 lm MASTER AUTH ENCRYPT
> ACL 00:07:61:3E:1C:71 handle 71 state 1 lm MASTER AUTH ENCRYPT
> ACL 00:07:61:49:E0:3D handle 68 state 1 lm MASTER

root@thinkpad:/home/cijoml# hcitool info 00:07:61:3E:1C:71
Requesting information ...
BD Address: 00:07:61:3E:1C:71
OUI Company: Logitech Europe SA (00-07-61)
Device Name: Logitech diNovo Keyboard
LMP Version: 1.2 (0x2) LMP Subversion: 0x545
Manufacturer: Cambridge Silicon Radio (10)
Features: 0xfc 0xff 0x0f 0x00 0x08 0x08 0x00 0x00
<encryption> <slot offset> <timing accuracy> <role switch>
<hold mode> <sniff mode> <park state> <RSSI> <channel quality>
<SCO link> <HV2 packets> <HV3 packets> <u-law log> <A-law log>
<CVSD> <paging scheme> <power control> <transparent SCO>
<AFH cap. slave> <AFH cap. master>
root@thinkpad:/home/cijoml# hcitool info 00:07:61:49:E0:3D
Requesting information ...
BD Address: 00:07:61:49:E0:3D
OUI Company: Logitech Europe SA (00-07-61)
Device Name: Logitech MX1000 mouse
LMP Version: 1.2 (0x2) LMP Subversion: 0x545
Manufacturer: Cambridge Silicon Radio (10)
Features: 0xfc 0xff 0x0f 0x00 0x08 0x08 0x00 0x00
<encryption> <slot offset> <timing accuracy> <role switch>
<hold mode> <sniff mode> <park state> <RSSI> <channel quality>
<SCO link> <HV2 packets> <HV3 packets> <u-law log> <A-law log>
<CVSD> <paging scheme> <power control> <transparent SCO>
<AFH cap. slave> <AFH cap. master>
root@thinkpad:/home/cijoml# hcitool info 00:07:61:49:2A:6A
Requesting information ...
BD Address: 00:07:61:49:2A:6A
OUI Company: Logitech Europe SA (00-07-61)
Device Name: Logitech Mediapad
LMP Version: 1.2 (0x2) LMP Subversion: 0x545
Manufacturer: Cambridge Silicon Radio (10)
Features: 0xfc 0xff 0x0f 0x00 0x08 0x08 0x00 0x00
<encryption> <slot offset> <timing accuracy> <role switch>
<hold mode> <sniff mode> <park state> <RSSI> <channel quality>
<SCO link> <HV2 packets> <HV3 packets> <u-law log> <A-law log>
<CVSD> <paging scheme> <power control> <transparent SCO>
<AFH cap. slave> <AFH cap. master>


Can anybody please look at this and fix the support for my Bluetooth
set so I do not need to throw it into dustbin?

Thank you in advance

Michal

-- 
You are receiving this mail because:
You are the assignee for the bug.



[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux