rtime.felk.cvut.cz Git - hercules2020/nv-tegra/linux-4.4.git/commit

author	Dipen Patel <dipenp@nvidia.com>
	Fri, 12 Jan 2018 21:27:45 +0000 (13:27 -0800)
committer	mobile promotions <svcmobile_promotions@nvidia.com>
	Thu, 18 Jan 2018 08:18:29 +0000 (00:18 -0800)
commit	0d19fe3aad1229276a28a44abc580ed64539398d
tree	ae1ce59635e14d3ce7675b2b3cda27c6d8fe580e	tree \| snapshot
parent	7796efd4104489d3ceb1627889a265aee69f91fa	commit \| diff

Bluetooth: hci_uart: prevent kernel crash due to race condition

There is a race condition during tty close between
cancel_work_sync and hci_uart_tx_wakeup where
hci_uart_write_work may still be scheduled after call
to cancel_work_sync which causes kernel null reference
crash as hci_uart_tty_close frees the required resources

locking out hci_uart_tty_close, hci_uart_tx_wakeup and
work queue along with new flag HCI_UART_PROTO_READY
will prevent kernel crashes and race condition

Bug 200373122

Change-Id: If7c788a934ebf11a1498364db527c850a3105409
Reviewed-on: https://git-master.nvidia.com/r/1637439
GVS: Gerrit_Virtual_Submit
Reviewed-by: Dipen Patel <dipenp@nvidia.com>
Tested-by: Dipen Patel <dipenp@nvidia.com>
Reviewed-by: Winnie Hsu <whsu@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>

drivers/bluetooth/hci_ldisc.c		diff \| blob \| history
drivers/bluetooth/hci_uart.h		diff \| blob \| history