From: Andrei Emeltchenko Date: Fri, 24 Feb 2012 14:35:32 +0000 (+0200) Subject: Bluetooth: Fix double locking in LE and conless chan X-Git-Tag: firefly_0821_release~3680^2~3338^2~112^2~38 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=5b4cedaa14bd1fe3ca1d59c684203a6ae7747faa;p=firefly-linux-kernel-4.4.55.git Bluetooth: Fix double locking in LE and conless chan Remove socket lock since chan->ops->recv locks socket itself. Signed-off-by: Andrei Emeltchenko Reviewed-by: Ulisses Furquim Acked-by: Gustavo F. Padovan Signed-off-by: Johan Hedberg --- diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index 5f4cfea33915..db04c9e4e1d9 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c @@ -4369,18 +4369,13 @@ done: static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, struct sk_buff *skb) { - struct sock *sk = NULL; struct l2cap_chan *chan; chan = l2cap_global_chan_by_psm(0, psm, conn->src); if (!chan) goto drop; - sk = chan->sk; - - lock_sock(sk); - - BT_DBG("sk %p, len %d", sk, skb->len); + BT_DBG("chan %p, len %d", chan, skb->len); if (chan->state != BT_BOUND && chan->state != BT_CONNECTED) goto drop; @@ -4389,31 +4384,23 @@ static inline int l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm, str goto drop; if (!chan->ops->recv(chan->data, skb)) - goto done; + return 0; drop: kfree_skb(skb); -done: - if (sk) - release_sock(sk); return 0; } static inline int l2cap_att_channel(struct l2cap_conn *conn, __le16 cid, struct sk_buff *skb) { - struct sock *sk = NULL; struct l2cap_chan *chan; chan = l2cap_global_chan_by_scid(0, cid, conn->src); if (!chan) goto drop; - sk = chan->sk; - - lock_sock(sk); - - BT_DBG("sk %p, len %d", sk, skb->len); + BT_DBG("chan %p, len %d", chan, skb->len); if (chan->state != BT_BOUND && chan->state != BT_CONNECTED) goto drop; @@ -4422,14 +4409,11 @@ static inline int l2cap_att_channel(struct l2cap_conn *conn, __le16 cid, struct goto drop; if (!chan->ops->recv(chan->data, skb)) - goto done; + return 0; drop: kfree_skb(skb); -done: - if (sk) - release_sock(sk); return 0; }