| Message ID | 20230524171158.kernel.v1.1.Ie9c81a5f8bbdb4f9a2007c56f05001d7e674dbe0@changeid |
|---|---|
| State | Accepted |
| Commit | c84040a1085a7d54b7abf7e496a67698752e7eff |
| Headers | show |
| Series | [kernel,v1] Bluetooth: hci_sync: add lock to protect HCI_UNREGISTER | expand |
This is automated email and please do not reply to this email! Dear submitter, Thank you for submitting the patches to the linux bluetooth mailing list. This is a CI test results with your patch series: PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=750829 ---Test result--- Test Summary: CheckPatch PASS 1.07 seconds GitLint PASS 0.37 seconds SubjectPrefix PASS 0.14 seconds BuildKernel PASS 33.07 seconds CheckAllWarning PASS 34.78 seconds CheckSparse PASS 39.17 seconds CheckSmatch PASS 110.97 seconds BuildKernel32 PASS 31.36 seconds TestRunnerSetup PASS 442.40 seconds TestRunner_l2cap-tester PASS 16.63 seconds TestRunner_iso-tester PASS 21.83 seconds TestRunner_bnep-tester PASS 5.45 seconds TestRunner_mgmt-tester PASS 112.10 seconds TestRunner_rfcomm-tester PASS 8.59 seconds TestRunner_sco-tester PASS 7.94 seconds TestRunner_ioctl-tester PASS 9.20 seconds TestRunner_mesh-tester PASS 6.81 seconds TestRunner_smp-tester PASS 7.90 seconds TestRunner_userchan-tester PASS 5.70 seconds IncrementalBuild PASS 29.21 seconds --- Regards, Linux Bluetooth
diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h index c86ecce34854..9a21b4787df5 100644 --- a/include/net/bluetooth/hci_core.h +++ b/include/net/bluetooth/hci_core.h @@ -515,6 +515,7 @@ struct hci_dev { struct work_struct cmd_sync_work; struct list_head cmd_sync_work_list; struct mutex cmd_sync_work_lock; + struct mutex hdev_unregister_lock; struct work_struct cmd_sync_cancel_work; struct work_struct reenable_adv_work; diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index a856b1051d35..216c78656133 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c @@ -2686,7 +2686,9 @@ void hci_unregister_dev(struct hci_dev *hdev) { BT_DBG("%p name %s bus %d", hdev, hdev->name, hdev->bus); + mutex_lock(&hdev->hdev_unregister_lock); hci_dev_set_flag(hdev, HCI_UNREGISTER); + mutex_unlock(&hdev->hdev_unregister_lock); write_lock(&hci_dev_list_lock); list_del(&hdev->list); diff --git a/net/bluetooth/hci_sync.c b/net/bluetooth/hci_sync.c index 647a8ce54062..2038335bdc85 100644 --- a/net/bluetooth/hci_sync.c +++ b/net/bluetooth/hci_sync.c @@ -629,6 +629,7 @@ void hci_cmd_sync_init(struct hci_dev *hdev) INIT_WORK(&hdev->cmd_sync_work, hci_cmd_sync_work); INIT_LIST_HEAD(&hdev->cmd_sync_work_list); mutex_init(&hdev->cmd_sync_work_lock); + mutex_init(&hdev->hdev_unregister_lock); INIT_WORK(&hdev->cmd_sync_cancel_work, hci_cmd_sync_cancel_work); INIT_WORK(&hdev->reenable_adv_work, reenable_adv); @@ -692,14 +693,19 @@ int hci_cmd_sync_submit(struct hci_dev *hdev, hci_cmd_sync_work_func_t func, void *data, hci_cmd_sync_work_destroy_t destroy) { struct hci_cmd_sync_work_entry *entry; + int err = 0; - if (hci_dev_test_flag(hdev, HCI_UNREGISTER)) - return -ENODEV; + mutex_lock(&hdev->hdev_unregister_lock); + if (hci_dev_test_flag(hdev, HCI_UNREGISTER)) { + err = -ENODEV; + goto unlock; + } entry = kmalloc(sizeof(*entry), GFP_KERNEL); - if (!entry) - return -ENOMEM; - + if (!entry) { + err = -ENOMEM; + goto unlock; + } entry->func = func; entry->data = data; entry->destroy = destroy; @@ -710,7 +716,9 @@ int hci_cmd_sync_submit(struct hci_dev *hdev, hci_cmd_sync_work_func_t func, queue_work(hdev->req_workqueue, &hdev->cmd_sync_work); - return 0; +unlock: + mutex_unlock(&hdev->hdev_unregister_lock); + return err; } EXPORT_SYMBOL(hci_cmd_sync_submit);
When the HCI_UNREGISTER flag is set, no jobs should be scheduled. Fix potential race when HCI_UNREGISTER is set after the flag is tested in hci_cmd_sync_queue. Fixes: 0b94f2651f56 ("Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set") Signed-off-by: Zhengping Jiang <jiangzp@google.com> --- Changes in v1: - Add a lock to protect HCI_UNREGISTER flag include/net/bluetooth/hci_core.h | 1 + net/bluetooth/hci_core.c | 2 ++ net/bluetooth/hci_sync.c | 20 ++++++++++++++------ 3 files changed, 17 insertions(+), 6 deletions(-)