diff options
| author |   Gustavo Padovan <gustavo.padovan@collabora.co.uk> | 2013-10-21 14:21:39 -0200 |
|---|---|---|
| committer |   Marcel Holtmann <marcel@holtmann.org> | 2013-10-21 12:58:17 -0700 |
| commit | acdcabf532908fbefbea294fcad2e3989d1dc036 (patch) | |
| tree | 96498c6e4b766277d643621891cacdf3ecb6d346 /net/bluetooth/l2cap_sock.c | |
| parent | Bluetooth: Do not access chan->sk directly (diff) | |
| download | linux-dev-acdcabf532908fbefbea294fcad2e3989d1dc036.tar.xz linux-dev-acdcabf532908fbefbea294fcad2e3989d1dc036.zip | |
Bluetooth: Hold socket in defer callback in L2CAP socket
In both places that we use the defer callback the socket lock is held for
a indirect sk access inside __l2cap_change_state() and chan->ops->defer(),
all the rest of the code between lock_sock() and release_sock() is
already protected by the channel lock and won't be affected by this
change.
We now use l2cap_change_state(), the locked version of the change state
function, and the defer callback does the locking itself now. This does
not affect other uses of the defer callback.
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth/l2cap_sock.c')
| -rw-r--r-- | net/bluetooth/l2cap_sock.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c index a0b31db1246e..e55999228c8a 100644 --- a/net/bluetooth/l2cap_sock.c +++ b/net/bluetooth/l2cap_sock.c @@ -1195,11 +1195,15 @@ static void l2cap_sock_ready_cb(struct l2cap_chan *chan) static void l2cap_sock_defer_cb(struct l2cap_chan *chan) { - struct sock *sk = chan->data; - struct sock *parent = bt_sk(sk)->parent; + struct sock *parent, *sk = chan->data; + + lock_sock(sk); + parent = bt_sk(sk)->parent; if (parent) parent->sk_data_ready(parent, 0); + + release_sock(sk); } static void l2cap_sock_resume_cb(struct l2cap_chan *chan) |