Revert "Bluetooth: af_bluetooth: Fix deadlock"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

This reverts commit cb8adca52f306563d958a863bb0cbae9c184d1ae which is
commit f7b94bdc1ec107c92262716b073b3e816d4784fb upstream.

It is reported to cause regressions in the 6.1.y tree, so revert it for
now.

Link: https://lore.kernel.org/all/CADRbXaDqx6S+7tzdDPPEpRu9eDLrHQkqoWTTGfKJSRxY=hT5MQ@xxxxxxxxxxxxxx/
Reported-by: Jeremy Lainé <jeremy.laine@xxxxxxx>
Cc: Salvatore Bonaccorso <carnil@xxxxxxxxxx>
Cc: Mike <user.service2016@xxxxxxxxx>
Cc: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Cc: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Cc: Paul Menzel <pmenzel@xxxxxxxxxxxxx>
Cc: Pauli Virtanen <pav@xxxxxx>
Cc: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
Cc: Sasha Levin <sashal@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 net/bluetooth/af_bluetooth.c |   10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -307,11 +307,14 @@ int bt_sock_recvmsg(struct socket *sock,
 	if (flags & MSG_OOB)
 		return -EOPNOTSUPP;
 
+	lock_sock(sk);
+
 	skb = skb_recv_datagram(sk, flags, &err);
 	if (!skb) {
 		if (sk->sk_shutdown & RCV_SHUTDOWN)
 			err = 0;
 
+		release_sock(sk);
 		return err;
 	}
 
@@ -337,6 +340,8 @@ int bt_sock_recvmsg(struct socket *sock,
 
 	skb_free_datagram(sk, skb);
 
+	release_sock(sk);
+
 	if (flags & MSG_TRUNC)
 		copied = skblen;
 
@@ -559,11 +564,10 @@ int bt_sock_ioctl(struct socket *sock, u
 		if (sk->sk_state == BT_LISTEN)
 			return -EINVAL;
 
-		spin_lock(&sk->sk_receive_queue.lock);
+		lock_sock(sk);
 		skb = skb_peek(&sk->sk_receive_queue);
 		amount = skb ? skb->len : 0;
-		spin_unlock(&sk->sk_receive_queue.lock);
-
+		release_sock(sk);
 		err = put_user(amount, (int __user *)arg);
 		break;
 


Patches currently in stable-queue which might be from gregkh@xxxxxxxxxxxxxxxxxxx are

queue-6.1/revert-bluetooth-hci_sync-fix-overwriting-request-callback.patch
queue-6.1/revert-bluetooth-hci_core-fix-possible-buffer-overflow.patch
queue-6.1/revert-bluetooth-fix-use-after-free-in-accessing-skb-after-sending-it.patch
queue-6.1/revert-bluetooth-hci_conn-consolidate-code-for-aborting-connections.patch
queue-6.1/revert-bluetooth-af_bluetooth-fix-deadlock.patch




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux