diff options
| author | Mat Martineau <mathewm@codeaurora.org> | 2012-05-02 09:42:00 -0700 | 
|---|---|---|
| committer | Gustavo Padovan <gustavo.padovan@collabora.co.uk> | 2012-05-16 16:13:51 -0300 | 
| commit | ef191aded58c5e6860b01f463818584a420a4d6b (patch) | |
| tree | 3459b8a02ec5b4ef4566f139275c1c9dc234b3ce /kernel/timer.c | |
| parent | 35c84d76ee52f49fe2635d8cd686b5b658e8d892 (diff) | |
Bluetooth: Restore locking semantics when looking up L2CAP channels
As the comment for l2cap_get_chan_by_scid indicated, the function used
to return a locked socket.  The lock for the socket was acquired while
the channel list was also locked.
When locking was moved over to the l2cap_chan structure, the channel
lock was no longer acquired with the channel list still locked.  This
made it possible for the l2cap_chan to be deleted after
conn->chan_lock was released but before l2cap_chan_lock was called.
Making the call to l2cap_chan_lock before releasing conn->chan_lock
makes it impossible for the l2cap_chan to be deleted at the wrong
time.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Reviewed-by: Ulisses Furquim <ulisses@profusion.mobi>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Diffstat (limited to 'kernel/timer.c')
0 files changed, 0 insertions, 0 deletions
