This bug was fixed in the package linux - 4.18.0-16.17
---------------
linux (4.18.0-16.17) cosmic; urgency=medium
* linux: 4.18.0-16.17 -proposed tracker (LP: #1814749)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* CVE-2018-16880
- vhost: fix OOB in get_rx_bufs()
* RTL8822BE WiFi Disabled in Kernel 4.18.0-12 (LP: #1806472)
- SAUCE: staging: rtlwifi: allow RTLWIFI_DEBUG_ST to be disabled
- [Config] CONFIG_RTLWIFI_DEBUG_ST=n
- SAUCE: Add r8822be to signature inclusion list
* kernel oops in bcache module (LP: #1793901)
- SAUCE: bcache: never writeback a discard operation
* CVE-2018-18397
- userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
- userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
- userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas
- userfaultfd: shmem: add i_size checks
- userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set
* Ignore "incomplete report" from Elan touchpanels (LP: #1813733)
- HID: i2c-hid: Ignore input report if there's no data present on Elan
touchpanels
* Vsock connect fails with ENODEV for large CID (LP: #1813934)
- vhost/vsock: fix vhost vsock cid hashing inconsistent
* Fix non-working pinctrl-intel (LP: #1811777)
- pinctrl: intel: Do pin translation in other GPIO operations as well
* ip6_gre: fix tunnel list corruption for x-netns (LP: #1812875)
- ip6_gre: fix tunnel list corruption for x-netns
* Backported commit breaks audio (fixed upstream) (LP: #1811566)
- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook
Clapper
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook
Gnawty
* kvm_stat : missing python dependency (LP: #1798776)
- tools/kvm_stat: switch to python3
* [SRU] Fix Xorg crash with nomodeset when BIOS enable 64-bit fb addr
(LP: #1812797)
- vgaarb: Add support for 64-bit frame buffer address
- vgaarb: Keep adding VGA device in queue
* Fix non-working QCA Rome Bluetooth after S3 (LP: #1812812)
- USB: Add new USB LPM helpers
- USB: Consolidate LPM checks to avoid enabling LPM twice
* [SRU] IO's are issued with incorrect Scatter Gather Buffer (LP: #1795453)
- scsi: megaraid_sas: Use 63-bit DMA addressing
* x86/mm: Found insecure W+X mapping at address (ptrval)/0xc00a0000
(LP: #1813532)
- x86/mm: Do not warn about PCI BIOS W+X mappings
* CVE-2019-6133
- fork: record start_time late
* Fix not working Goodix touchpad (LP: #1811929)
- HID: i2c-hid: Disable runtime PM on Goodix touchpad
* bluetooth controller not detected with 4.15 kernel (LP: #1810797)
- SAUCE: btqcomsmd: introduce BT_QCOMSMD_HACK
- [Config] arm64: snapdragon: BT_QCOMSMD_HACK=y
* X1 Extreme: only one of the two SSDs is loaded (LP: #1811755)
- nvme-core: rework a NQN copying operation
- nvme: pad fake subsys NQN vid and ssvid with zeros
- nvme: introduce NVME_QUIRK_IGNORE_DEV_SUBNQN
* Crash on "ip link add foo type ipip" (LP: #1811803)
- SAUCE: fan: Fix NULL pointer dereference
-- Stefan Bader <stefan.ba...@canonical.com> Thu, 07 Feb 2019 23:23:02
+0100
** Changed in: linux (Ubuntu Cosmic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16880
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1810797
Title:
bluetooth controller not detected with 4.15 kernel
Status in linux package in Ubuntu:
Fix Released
Status in linux-snapdragon package in Ubuntu:
Invalid
Status in linux source package in Bionic:
Fix Released
Status in linux-snapdragon source package in Bionic:
Invalid
Status in linux source package in Cosmic:
Fix Released
Status in linux-snapdragon source package in Cosmic:
Invalid
Bug description:
Impact:
Upon boot, no hci device is available to userspace, thus bluetooth
communication is not possible.
Defect analysis:
The root of the problem lies in these two patches:
$ git log --online drivers/bluetooth/btqcomsmd.c
...
766154b Bluetooth: btqcomsmd: retrieve BD address from DT property
6e51811 Bluetooth: btqcomsmd: Add support for BD address setup
...
Qualcomm engineer found that btqcomsmd had no BD address burned in
(nor via ROM, neither internally) and it was always coming up with the
same address, probably derived from manufacturer ID and / or chip ID.
To fix this, they pushed the burden of generating a unique per-board
BD address to the Qualcomm bootloader and make it pass down via DTB to
the live kernel - and if no address was present in the DTB, the hci
was left unconfigured.
Fix:
So *technically* speaking, the kernel is correct in this case, it's
our dragonboard image (e.g. Ubuntu Core) that doesn't extract the
generated BD address from the Qualcomm bootloader and pass it down to
the kernel.
On the other hand, having Bluetooth working out of the box (even with
a dummy address), is a nice feature to have, so i slightly modified
Qualcomm's code introduced in the two above patches, and made the lack
of BD address in DTB non fatal:
if BD_is_present_in_DTB()
read_BD_and_apply_setup()
else
let_hci_core_generate_BD()
end if
And surrounded the modification in #ifdef...#endif brackets to keep it
local.
How to test:
By default, on a patched kernel, the hci device will have a default
address:
ubuntu@dragon410c:~$ hcitool dev
Devices:
hci0 00:00:00:00:5A:AD
the address " 00:00:00:00:5A:AD" might vary, but will be consistent
after every reboot.
The other option is to specify a custom BD address, e.g. using uboot
to manipulate the dtb - we assume the dtb was loaded in memory at
${fdt_addr}:
dragonboard410c => fdt addr ${fdt_addr}
dragonboard410c => fdt print /soc/wcnss/smd-edge/wcnss/bt/
bt {
compatible = "qcom,wcnss-bt";
};
dragonboard410c => fdt resize
dragonboard410c => fdt set /soc/wcnss/smd-edge/wcnss/bt/ local-bd-
address [ 55 44 33 22 11 00 ]
dragonboard410c => fdt print /soc/wcnss/smd-edge/wcnss/bt/
bt {
local-bd-address = [55 44 33 22 11 00];
compatible = "qcom,wcnss-bt";
};
then proceed with the rest of the boot process and check hci:
$ hcitool dev
Devices:
hci0 00:11:22:33:44:55
In both cases, blueooth work afterward, and can be used to communicate
with other devices:
ubuntu@dragon410c:~$ hcitool scan
Scanning ...
C0:BD:54:12:4E:D1 My dummy device
Regression potential:
None, the fix is surronded with #ifdef...#endif thus it doesn't exist
outside of it.
--
Using the core18 image from
http://cdimage.ubuntu.com/ubuntu-core/18/stable/current/
Kernel snap: 4.15.0-39.42 (72)
rfkill shows there is an hci0 device:
$ rfkill list
0: hci0: Bluetooth
Soft blocked: no
Hard blocked: no
1: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no
But bluetoothctl does not detect any controller:
$ sudo bluetoothctl
08:58 Agent registered
08:58 [bluetooth]# list
[...no output...]
If you revert to the 4.4 kernel [4.4.0-1106.111 (76)] it works:
$ sudo bluetoothctl
[NEW] Controller 00:00:00:00:5A:AD BlueZ 5.47 [default]
Agent registered
[bluetooth]# list
Controller 00:00:00:00:5A:AD BlueZ 5.47 [default]
[bluetooth]# show
Controller 00:00:00:00:5A:AD
Name: BlueZ 5.47
Alias: BlueZ 5.47
Class: 0x00000000
Powered: no
Discoverable: no
Pairable: yes
UUID: Generic Attribute Profile (00001801-0000-1000-8000-00805f9b34fb)
UUID: A/V Remote Control (0000110e-0000-1000-8000-00805f9b34fb)
UUID: OBEX File Transfer (00001106-0000-1000-8000-00805f9b34fb)
UUID: Generic Access Profile (00001800-0000-1000-8000-00805f9b34fb)
UUID: OBEX Object Push (00001105-0000-1000-8000-00805f9b34fb)
UUID: PnP Information (00001200-0000-1000-8000-00805f9b34fb)
UUID: A/V Remote Control Target (0000110c-0000-1000-8000-00805f9b34fb)
UUID: IrMC Sync (00001104-0000-1000-8000-00805f9b34fb)
UUID: Vendor specific (00005005-0000-1000-8000-0002ee000001)
UUID: Message Notification Se.. (00001133-0000-1000-8000-00805f9b34fb)
UUID: Phonebook Access Server (0000112f-0000-1000-8000-00805f9b34fb)
UUID: Message Access Server (00001132-0000-1000-8000-00805f9b34fb)
Modalias: usb:v1D6Bp0246d052F
Discovering: no
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1810797/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
