aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth
diff options
context:
space:
mode:
authorDave Young <hidave.darkstar@gmail.com>2009-08-03 00:26:16 -0400
committerDavid S. Miller <davem@davemloft.net>2009-08-03 16:24:39 -0400
commitaf0d3b103bcfa877343ee338de12002cd50c9ee5 (patch)
treea06b348fae8d295b17e7620d00df6701f678d449 /net/bluetooth
parenteb4ad826419ab5b1260bc1625249114767d36bea (diff)
bluetooth: rfcomm_init bug fix
rfcomm tty may be used before rfcomm_tty_driver initilized, The problem is that now socket layer init before tty layer, if userspace program do socket callback right here then oops will happen. reporting in: http://marc.info/?l=linux-bluetooth&m=124404919324542&w=2 make 3 changes: 1. remove #ifdef in rfcomm/core.c, make it blank function when rfcomm tty not selected in rfcomm.h 2. tune the rfcomm_init error patch to ensure tty driver initilized before rfcomm socket usage. 3. remove __exit for rfcomm_cleanup_sockets because above change need call it in a __init function. Reported-by: Oliver Hartkopp <oliver@hartkopp.net> Tested-by: Oliver Hartkopp <oliver@hartkopp.net> Signed-off-by: Dave Young <hidave.darkstar@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/rfcomm/core.c27
-rw-r--r--net/bluetooth/rfcomm/sock.c2
2 files changed, 20 insertions, 9 deletions
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index e50566ebf9f..94b3388c188 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -2080,28 +2080,41 @@ static CLASS_ATTR(rfcomm_dlc, S_IRUGO, rfcomm_dlc_sysfs_show, NULL);
2080/* ---- Initialization ---- */ 2080/* ---- Initialization ---- */
2081static int __init rfcomm_init(void) 2081static int __init rfcomm_init(void)
2082{ 2082{
2083 int ret;
2084
2083 l2cap_load(); 2085 l2cap_load();
2084 2086
2085 hci_register_cb(&rfcomm_cb); 2087 hci_register_cb(&rfcomm_cb);
2086 2088
2087 rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd"); 2089 rfcomm_thread = kthread_run(rfcomm_run, NULL, "krfcommd");
2088 if (IS_ERR(rfcomm_thread)) { 2090 if (IS_ERR(rfcomm_thread)) {
2089 hci_unregister_cb(&rfcomm_cb); 2091 ret = PTR_ERR(rfcomm_thread);
2090 return PTR_ERR(rfcomm_thread); 2092 goto out_thread;
2091 } 2093 }
2092 2094
2093 if (class_create_file(bt_class, &class_attr_rfcomm_dlc) < 0) 2095 if (class_create_file(bt_class, &class_attr_rfcomm_dlc) < 0)
2094 BT_ERR("Failed to create RFCOMM info file"); 2096 BT_ERR("Failed to create RFCOMM info file");
2095 2097
2096 rfcomm_init_sockets(); 2098 ret = rfcomm_init_ttys();
2099 if (ret)
2100 goto out_tty;
2097 2101
2098#ifdef CONFIG_BT_RFCOMM_TTY 2102 ret = rfcomm_init_sockets();
2099 rfcomm_init_ttys(); 2103 if (ret)
2100#endif 2104 goto out_sock;
2101 2105
2102 BT_INFO("RFCOMM ver %s", VERSION); 2106 BT_INFO("RFCOMM ver %s", VERSION);
2103 2107
2104 return 0; 2108 return 0;
2109
2110out_sock:
2111 rfcomm_cleanup_ttys();
2112out_tty:
2113 kthread_stop(rfcomm_thread);
2114out_thread:
2115 hci_unregister_cb(&rfcomm_cb);
2116
2117 return ret;
2105} 2118}
2106 2119
2107static void __exit rfcomm_exit(void) 2120static void __exit rfcomm_exit(void)
@@ -2112,9 +2125,7 @@ static void __exit rfcomm_exit(void)
2112 2125
2113 kthread_stop(rfcomm_thread); 2126 kthread_stop(rfcomm_thread);
2114 2127
2115#ifdef CONFIG_BT_RFCOMM_TTY
2116 rfcomm_cleanup_ttys(); 2128 rfcomm_cleanup_ttys();
2117#endif
2118 2129
2119 rfcomm_cleanup_sockets(); 2130 rfcomm_cleanup_sockets();
2120} 2131}
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c
index 7f482784e9f..0b85e811685 100644
--- a/net/bluetooth/rfcomm/sock.c
+++ b/net/bluetooth/rfcomm/sock.c
@@ -1132,7 +1132,7 @@ error:
1132 return err; 1132 return err;
1133} 1133}
1134 1134
1135void __exit rfcomm_cleanup_sockets(void) 1135void rfcomm_cleanup_sockets(void)
1136{ 1136{
1137 class_remove_file(bt_class, &class_attr_rfcomm); 1137 class_remove_file(bt_class, &class_attr_rfcomm);
1138 1138