Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7176522c authored by Peter Hurley's avatar Peter Hurley Committed by Gustavo Padovan
Browse files

Bluetooth: cmtp: Fix deadlock in session deletion 



Commit fada4ac3 introduced the usage of kthread API.
kthread_stop is a blocking function which returns only when
the thread exits. In this case, the thread can't exit because it's
waiting for the write lock, which is being held by cmtp_del_connection()
which is waiting for the thread to exit -- deadlock.

Revert cmtp_reset_ctr to its original behavior: non-blocking signalling
for the session to terminate.

Signed-off-by: default avatarPeter Hurley <peter@hurleysoftware.com>
Signed-off-by: default avatarGustavo F. Padovan <padovan@profusion.mobi>
parent 751c10a5

net/bluetooth/cmtp/capi.c

+2 −1
Original line number Original line Diff line number Diff line
@@ -386,7 +386,8 @@ static void cmtp_reset_ctr(struct capi_ctr *ctrl) 




	capi_ctr_down(ctrl);

	capi_ctr_down(ctrl);





	kthread_stop(session->task);

	atomic_inc(&session->terminate);

	wake_up_process(session->task);

}

}





static void cmtp_register_appl(struct capi_ctr *ctrl, __u16 appl, capi_register_params *rp)

static void cmtp_register_appl(struct capi_ctr *ctrl, __u16 appl, capi_register_params *rp)

net/bluetooth/cmtp/cmtp.h

+1 −0
Original line number Original line Diff line number Diff line
@@ -81,6 +81,7 @@ struct cmtp_session { 




	char name[BTNAMSIZ];

	char name[BTNAMSIZ];





	atomic_t terminate;

	struct task_struct *task;

	struct task_struct *task;





	wait_queue_head_t wait;

	wait_queue_head_t wait;

net/bluetooth/cmtp/core.c

+3 −2
Original line number Original line Diff line number Diff line
@@ -295,7 +295,7 @@ static int cmtp_session(void *arg) 
	while (1) {

	while (1) {

		set_current_state(TASK_INTERRUPTIBLE);

		set_current_state(TASK_INTERRUPTIBLE);





		if (kthread_should_stop())

		if (atomic_read(&session->terminate))

			break;

			break;

		if (sk->sk_state != BT_CONNECTED)

		if (sk->sk_state != BT_CONNECTED)

			break;

			break;
@@ -416,7 +416,8 @@ int cmtp_del_connection(struct cmtp_conndel_req *req) 
		skb_queue_purge(&session->transmit);

		skb_queue_purge(&session->transmit);





		/* Stop session thread */

		/* Stop session thread */

		kthread_stop(session->task);

		atomic_inc(&session->terminate);

		wake_up_process(session->task);

	} else

	} else

		err = -ENOENT;

		err = -ENOENT;