[PATCH] Bluetooth: btmtk: remove extra copy in cmd array init
Luiz Augusto von Dentz
luiz.dentz at gmail.com
Wed May 20 05:55:46 PDT 2026
Hi Jiajia,
On Tue, May 19, 2026 at 10:15 PM Jiajia Liu <liujiajia at kylinos.cn> wrote:
>
> In btmtk_setup_firmware_79xx, the data length indicated by wmt_params.dlen
> in the cmd buffer is MTK_SEC_MAP_NEED_SEND_SIZE + 1. Except for the first
> byte, the remaining length is MTK_SEC_MAP_NEED_SEND_SIZE. memcpy copied one
> more byte to cmd + 1 than the remaining length. Align the length passed to
> memcpy to avoid exceeding current section map.
>
> Signed-off-by: Jiajia Liu <liujiajia at kylinos.cn>
> ---
> drivers/bluetooth/btmtk.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/bluetooth/btmtk.c b/drivers/bluetooth/btmtk.c
> index ea7a031000cd..53cba71cb07f 100644
> --- a/drivers/bluetooth/btmtk.c
> +++ b/drivers/bluetooth/btmtk.c
> @@ -188,7 +188,7 @@ int btmtk_setup_firmware_79xx(struct hci_dev *hdev, const char *fwname,
> MTK_FW_ROM_PATCH_GD_SIZE +
> MTK_FW_ROM_PATCH_SEC_MAP_SIZE * i +
> MTK_SEC_MAP_COMMON_SIZE,
> - MTK_SEC_MAP_NEED_SEND_SIZE + 1);
> + MTK_SEC_MAP_NEED_SEND_SIZE);
>
> wmt_params.op = BTMTK_WMT_PATCH_DWNLD;
> wmt_params.status = &status;
> --
> 2.53.0
>
Have you tested this on the actual hardware? If not we need a Tested-by.
--
Luiz Augusto von Dentz
More information about the Linux-mediatek
mailing list