| From f06d977309d09253c744e54e75c5295ecc52b7b4 Mon Sep 17 00:00:00 2001 |
| From: Jeffy Chen <jeffy.chen@rock-chips.com> |
| Date: Tue, 27 Jun 2017 17:34:43 +0800 |
| Subject: Bluetooth: cmtp: fix possible might sleep error in cmtp_session |
| |
| From: Jeffy Chen <jeffy.chen@rock-chips.com> |
| |
| commit f06d977309d09253c744e54e75c5295ecc52b7b4 upstream. |
| |
| It looks like cmtp_session has same pattern as the issue reported in |
| old rfcomm: |
| |
| while (1) { |
| set_current_state(TASK_INTERRUPTIBLE); |
| if (condition) |
| break; |
| // may call might_sleep here |
| schedule(); |
| } |
| __set_current_state(TASK_RUNNING); |
| |
| Which fixed at: |
| dfb2fae Bluetooth: Fix nested sleeps |
| |
| So let's fix it at the same way, also follow the suggestion of: |
| https://lwn.net/Articles/628628/ |
| |
| Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com> |
| Reviewed-by: Brian Norris <briannorris@chromium.org> |
| Reviewed-by: AL Yu-Chen Cho <acho@suse.com> |
| Signed-off-by: Marcel Holtmann <marcel@holtmann.org> |
| Cc: Jiri Slaby <jslaby@suse.cz> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| net/bluetooth/cmtp/core.c | 17 ++++++++++------- |
| 1 file changed, 10 insertions(+), 7 deletions(-) |
| |
| --- a/net/bluetooth/cmtp/core.c |
| +++ b/net/bluetooth/cmtp/core.c |
| @@ -280,16 +280,16 @@ static int cmtp_session(void *arg) |
| struct cmtp_session *session = arg; |
| struct sock *sk = session->sock->sk; |
| struct sk_buff *skb; |
| - wait_queue_t wait; |
| + DEFINE_WAIT_FUNC(wait, woken_wake_function); |
| |
| BT_DBG("session %p", session); |
| |
| set_user_nice(current, -15); |
| |
| - init_waitqueue_entry(&wait, current); |
| add_wait_queue(sk_sleep(sk), &wait); |
| while (1) { |
| - set_current_state(TASK_INTERRUPTIBLE); |
| + /* Ensure session->terminate is updated */ |
| + smp_mb__before_atomic(); |
| |
| if (atomic_read(&session->terminate)) |
| break; |
| @@ -306,9 +306,8 @@ static int cmtp_session(void *arg) |
| |
| cmtp_process_transmit(session); |
| |
| - schedule(); |
| + wait_woken(&wait, TASK_INTERRUPTIBLE, MAX_SCHEDULE_TIMEOUT); |
| } |
| - __set_current_state(TASK_RUNNING); |
| remove_wait_queue(sk_sleep(sk), &wait); |
| |
| down_write(&cmtp_session_sem); |
| @@ -389,7 +388,7 @@ int cmtp_add_connection(struct cmtp_conn |
| err = cmtp_attach_device(session); |
| if (err < 0) { |
| atomic_inc(&session->terminate); |
| - wake_up_process(session->task); |
| + wake_up_interruptible(sk_sleep(session->sock->sk)); |
| up_write(&cmtp_session_sem); |
| return err; |
| } |
| @@ -423,7 +422,11 @@ int cmtp_del_connection(struct cmtp_conn |
| |
| /* Stop session thread */ |
| atomic_inc(&session->terminate); |
| - wake_up_process(session->task); |
| + |
| + /* Ensure session->terminate is updated */ |
| + smp_mb__after_atomic(); |
| + |
| + wake_up_interruptible(sk_sleep(session->sock->sk)); |
| } else |
| err = -ENOENT; |
| |