On Mon, Oct 15, 2018 at 03:39:10PM -0700, Matthias Kaehlcke wrote:
> With commit e16337622016 ("Bluetooth: Handle bt_accept_enqueue() socket
> atomically") lock_sock[_nested]() is used to acquire the socket lock
> before manipulating the socket. lock_sock[_nested]() may block, which
> is problematic since bt_accept_enqueue() can be called in bottom half
> context (e.g. from rfcomm_connect_ind()).
>
> The socket API provides bh_lock_sock[_nested]() to acquire the socket
> lock in bottom half context. Check the context in bt_accept_enqueue()
> and use the appropriate locking mechanism for the context.
>
> Fixes: e16337622016 ("Bluetooth: Handle bt_accept_enqueue() socket atomically")
> Signed-off-by: Matthias Kaehlcke <mka@xxxxxxxxxxxx>
> ---
> Not sure if this is the correct solution, it's certainly not elegant and
> checkpatch.pl complains that in_atomic() shouldn't be used outside of
> core kernel code. I'm open to other suggestions :)
>
> net/bluetooth/af_bluetooth.c | 14 ++++++++++++--
> 1 file changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
> index deacc52d7ff1..0f0540dbb44a 100644
> --- a/net/bluetooth/af_bluetooth.c
> +++ b/net/bluetooth/af_bluetooth.c
> @@ -159,10 +159,20 @@ void bt_accept_enqueue(struct sock *parent, struct sock *sk)
> BT_DBG("parent %p, sk %p", parent, sk);
>
> sock_hold(sk);
> - lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
> +
> + if (in_atomic())
> + bh_lock_sock_nested(sk);
> + else
> + lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
> +
> list_add_tail(&bt_sk(sk)->accept_q, &bt_sk(parent)->accept_q);
> bt_sk(sk)->parent = parent;
> - release_sock(sk);
> +
> + if (in_atomic())
> + bh_unlock_sock(sk);
> + else
> + release_sock(sk);
> +
> parent->sk_ack_backlog++;
> }
> EXPORT_SYMBOL(bt_accept_enqueue);
Any comments or ideas for a better solutions?
Thanks
Matthias
