From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Jeffy Chen <jeffy.chen@rock-chips.com>,
Brian Norris <briannorris@chromium.org>,
AL Yu-Chen Cho <acho@suse.com>,
Marcel Holtmann <marcel@holtmann.org>,
Jiri Slaby <jslaby@suse.cz>
Subject: [PATCH 3.18 19/22] Bluetooth: bnep: fix possible might sleep error in bnep_session
Date: Mon, 28 Aug 2017 10:06:03 +0200 [thread overview]
Message-ID: <20170828080454.586610937@linuxfoundation.org> (raw)
In-Reply-To: <20170828080453.804109196@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jeffy Chen <jeffy.chen@rock-chips.com>
commit 25717382c1dd0ddced2059053e3ca5088665f7a5 upstream.
It looks like bnep_session has same pattern as the issue reported in
old rfcomm:
while (1) {
set_current_state(TASK_INTERRUPTIBLE);
if (condition)
break;
// may call might_sleep here
schedule();
}
__set_current_state(TASK_RUNNING);
Which fixed at:
dfb2fae Bluetooth: Fix nested sleeps
So let's fix it at the same way, also follow the suggestion of:
https://lwn.net/Articles/628628/
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
Reviewed-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: AL Yu-Chen Cho <acho@suse.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Cc: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/bluetooth/bnep/core.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -451,16 +451,16 @@ static int bnep_session(void *arg)
struct net_device *dev = s->dev;
struct sock *sk = s->sock->sk;
struct sk_buff *skb;
- wait_queue_t wait;
+ DEFINE_WAIT_FUNC(wait, woken_wake_function);
BT_DBG("");
set_user_nice(current, -15);
- init_waitqueue_entry(&wait, current);
add_wait_queue(sk_sleep(sk), &wait);
while (1) {
- set_current_state(TASK_INTERRUPTIBLE);
+ /* Ensure session->terminate is updated */
+ smp_mb__before_atomic();
if (atomic_read(&s->terminate))
break;
@@ -482,9 +482,8 @@ static int bnep_session(void *arg)
break;
netif_wake_queue(dev);
- schedule();
+ wait_woken(&wait, TASK_INTERRUPTIBLE, MAX_SCHEDULE_TIMEOUT);
}
- __set_current_state(TASK_RUNNING);
remove_wait_queue(sk_sleep(sk), &wait);
/* Cleanup session */
@@ -621,7 +620,7 @@ int bnep_del_connection(struct bnep_conn
s = __bnep_get_session(req->dst);
if (s) {
atomic_inc(&s->terminate);
- wake_up_process(s->task);
+ wake_up_interruptible(sk_sleep(s->sock->sk));
} else
err = -ENOENT;
next prev parent reply other threads:[~2017-08-28 8:16 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-28 8:05 [PATCH 3.18 00/22] 3.18.68-stable review Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 01/22] dccp: purge write queue in dccp_destroy_sock() Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 02/22] dccp: defer ccid_hc_tx_delete() at dismantle time Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 03/22] sctp: fully initialize the IPv6 address in sctp_v6_to_addr() Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 04/22] tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 05/22] irda: do not leak initialized list.dev to userspace Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 06/22] net: sched: fix NULL pointer dereference when action calls some targets Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 07/22] net_sched: fix order of queue length updates in qdisc_replace() Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 08/22] Input: trackpoint - add new trackpoint firmware ID Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 09/22] ALSA: core: Fix unexpected error at replacing user TLV Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 10/22] ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978) Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 12/22] tracing: Fix freeing of filter in create_filter() when set_str is false Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 13/22] cifs: Fix df output for users with quota limits Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 14/22] cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup() Greg Kroah-Hartman
2017-08-28 8:05 ` [PATCH 3.18 15/22] nfsd: Limit end of page list when decoding NFSv4 WRITE Greg Kroah-Hartman
2017-08-28 8:06 ` [PATCH 3.18 16/22] perf/core: Fix group {cpu,task} validation Greg Kroah-Hartman
2017-08-28 8:06 ` [PATCH 3.18 17/22] Bluetooth: hidp: fix possible might sleep error in hidp_session_thread Greg Kroah-Hartman
2017-08-28 8:06 ` [PATCH 3.18 18/22] Bluetooth: cmtp: fix possible might sleep error in cmtp_session Greg Kroah-Hartman
2017-08-28 8:06 ` Greg Kroah-Hartman [this message]
2017-08-28 8:06 ` [PATCH 3.18 20/22] iio: imu: adis16480: Fix acceleration scale factor for adis16480 Greg Kroah-Hartman
2017-08-28 8:06 ` [PATCH 3.18 21/22] staging: rtl8188eu: add RNX-N150NUB support Greg Kroah-Hartman
2017-08-28 8:06 ` [PATCH 3.18 22/22] ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal Greg Kroah-Hartman
2017-08-28 19:37 ` [PATCH 3.18 00/22] 3.18.68-stable review Shuah Khan
2017-08-29 0:08 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170828080454.586610937@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=acho@suse.com \
--cc=briannorris@chromium.org \
--cc=jeffy.chen@rock-chips.com \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=marcel@holtmann.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.