forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/net/bluetooth
History
Marcel Holtmann 1020738fc1 Bluetooth: Fix sleeping function in RFCOMM within invalid context 
commit 485f1eff73 upstream.

With the commit 9e726b1742 the
rfcomm_session_put() gets accidentially called from a timeout
callback and results in this:

BUG: sleeping function called from invalid context at net/core/sock.c:1897
in_atomic(): 1, irqs_disabled(): 0, pid: 0, name: swapper
Pid: 0, comm: swapper Tainted: P           2.6.32 #31
Call Trace:
 <IRQ>  [<ffffffff81036455>] __might_sleep+0xf8/0xfa
 [<ffffffff8138ef1d>] lock_sock_nested+0x29/0xc4
 [<ffffffffa03921b3>] lock_sock+0xb/0xd [l2cap]
 [<ffffffffa03948e6>] l2cap_sock_shutdown+0x1c/0x76 [l2cap]
 [<ffffffff8106adea>] ? clockevents_program_event+0x75/0x7e
 [<ffffffff8106bea2>] ? tick_dev_program_event+0x37/0xa5
 [<ffffffffa0394967>] l2cap_sock_release+0x27/0x67 [l2cap]
 [<ffffffff8138c971>] sock_release+0x1a/0x67
 [<ffffffffa03d2492>] rfcomm_session_del+0x34/0x53 [rfcomm]
 [<ffffffffa03d24c5>] rfcomm_session_put+0x14/0x16 [rfcomm]
 [<ffffffffa03d28b4>] rfcomm_session_timeout+0xe/0x1a [rfcomm]
 [<ffffffff810554a8>] run_timer_softirq+0x1e2/0x29a
 [<ffffffffa03d28a6>] ? rfcomm_session_timeout+0x0/0x1a [rfcomm]
 [<ffffffff8104e0f6>] __do_softirq+0xfe/0x1c5
 [<ffffffff8100e8ce>] ? timer_interrupt+0x1a/0x21
 [<ffffffff8100cc4c>] call_softirq+0x1c/0x28
 [<ffffffff8100e05b>] do_softirq+0x33/0x6b
 [<ffffffff8104daf6>] irq_exit+0x36/0x85
 [<ffffffff8100d7a9>] do_IRQ+0xa6/0xbd
 [<ffffffff8100c493>] ret_from_intr+0x0/0xa
 <EOI>  [<ffffffff812585b3>] ? acpi_idle_enter_bm+0x269/0x294
 [<ffffffff812585a9>] ? acpi_idle_enter_bm+0x25f/0x294
 [<ffffffff81373ddc>] ? cpuidle_idle_call+0x97/0x107
 [<ffffffff8100aca0>] ? cpu_idle+0x53/0xaa
 [<ffffffff81429006>] ? rest_init+0x7a/0x7c
 [<ffffffff8177bc8c>] ? start_kernel+0x389/0x394
 [<ffffffff8177b29c>] ? x86_64_start_reservations+0xac/0xb0
 [<ffffffff8177b384>] ? x86_64_start_kernel+0xe4/0xeb

To fix this, the rfcomm_session_put() needs to be moved out of
rfcomm_session_timeout() into rfcomm_process_sessions(). In that
context it is perfectly fine to sleep and disconnect the socket.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Tested-by: David John <davidjon@xenontk.org>
Cc: Chase Douglas <chase.douglas@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-04-01 15:58:10 -07:00
..
bnep net: Add DEVTYPE support for Ethernet based devices 2009-09-11 12:54:55 -07:00
cmtp isdn: rename capi_ctr_reseted() to capi_ctr_down() 2009-06-08 00:45:50 -07:00
hidp HID: consolidate connect and disconnect into core code 2009-09-17 15:15:11 +02:00
rfcomm Bluetooth: Fix sleeping function in RFCOMM within invalid context 2010-04-01 15:58:10 -07:00
af_bluetooth.c net: mark read-only arrays as const 2009-08-05 10:42:58 -07:00
hci_conn.c Bluetooth: Set general bonding security for ACL by default 2009-11-16 01:30:28 +01:00
hci_core.c Bluetooth: Convert hdev->req_lock to a mutex 2009-08-22 14:35:02 -07:00
hci_event.c Bluetooth: Add extra device reference counting for connections 2009-08-22 14:19:26 -07:00
hci_sock.c net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
hci_sysfs.c bluetooth: scheduling while atomic bug fix 2009-10-19 19:36:45 -07:00
Kconfig Bluetooth: Add missing selection of CONFIG_CRC16 for L2CAP layer 2009-08-24 16:34:35 -07:00
l2cap.c Bluetooth: Fix regression with L2CAP configuration in Basic Mode 2009-11-16 01:31:41 +01:00
lib.c [NET] BLUETOOTH: Fix whitespace errors. 2007-02-10 23:19:20 -08:00
Makefile
sco.c net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00