Bluetooth: switch to lock_sock in SCO

mainline inclusion from mainline-v5.14-rc1 commit 27c24fda category: bugfix bugzilla: 185743 https://gitee.com/openeuler/kernel/issues/I4DDEL CVE: CVE-2021-3640 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27c24fda62b601d6f9ca5e992502578c4310876f ------------------------------------------------- Since sco_sock_timeout is now scheduled using delayed work, it is no longer run in SOFTIRQ context. Hence bh_lock_sock is no longer necessary in SCO to synchronise between user contexts and SOFTIRQ processing. As such, calls to bh_lock_sock should be replaced with lock_sock to synchronize with other concurrent processes that use lock_sock. Signed-off-by: N Desmond Cheong Zhi Xi <desmondcheongzx@gmail.com> Signed-off-by: N Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Signed-off-by: N Lijun Fang <fanglijun3@huawei.com> Reviewed-by: N Xiu Jianfeng <xiujianfeng@huawei.com> Reviewed-by: N Jason Yan <yanaijie@huawei.com> Signed-off-by: N Chen Jun <chenjun102@huawei.com> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com>

Bluetooth: switch to lock_sock in SCO
mainline inclusion from mainline-v5.14-rc1 commit 27c24fda category: bugfix bugzilla: 185743 https://gitee.com/openeuler/kernel/issues/I4DDEL CVE: CVE-2021-3640 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27c24fda62b601d6f9ca5e992502578c4310876f ------------------------------------------------- Since sco_sock_timeout is now scheduled using delayed work, it is no longer run in SOFTIRQ context. Hence bh_lock_sock is no longer necessary in SCO to synchronise between user contexts and SOFTIRQ processing. As such, calls to bh_lock_sock should be replaced with lock_sock to synchronize with other concurrent processes that use lock_sock. Signed-off-by: N Desmond Cheong Zhi Xi <desmondcheongzx@gmail.com> Signed-off-by: N Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Signed-off-by: N Lijun Fang <fanglijun3@huawei.com> Reviewed-by: N Xiu Jianfeng <xiujianfeng@huawei.com> Reviewed-by: N Jason Yan <yanaijie@huawei.com> Signed-off-by: N Chen Jun <chenjun102@huawei.com> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com>
06742c56 · Desmond Cheong Zhi Xi · Zheng Zengkai · 9ca291d9 · 06742c56
显示空白变更内容
内联并排

Showing with 9 addition and 9 deletion

net/bluetooth/sco.c net/bluetooth/sco.c +9 -9

未找到文件。
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -93,10 +93,10 @@ static void sco_sock_timeout(struct work_struct *work)

 	BT_DBG("sock %p state %d", sk, sk->sk_state);

-	bh_lock_sock(sk);
+	lock_sock(sk);
 	sk->sk_err = ETIMEDOUT;
 	sk->sk_state_change(sk);
-	bh_unlock_sock(sk);
+	release_sock(sk);

 	sock_put(sk);
 }
@@ -192,10 +192,10 @@ static void sco_conn_del(struct hci_conn *hcon, int err)

 	if (sk) {
 		sock_hold(sk);
-		bh_lock_sock(sk);
+		lock_sock(sk);
 		sco_sock_clear_timer(sk);
 		sco_chan_del(sk, err);
-		bh_unlock_sock(sk);
+		release_sock(sk);
 		sock_put(sk);

 		/* Ensure no more work items will run before freeing conn. */
@@ -1101,10 +1101,10 @@ static void sco_conn_ready(struct sco_conn *conn)

 	if (sk) {
 		sco_sock_clear_timer(sk);
-		bh_lock_sock(sk);
+		lock_sock(sk);
 		sk->sk_state = BT_CONNECTED;
 		sk->sk_state_change(sk);
-		bh_unlock_sock(sk);
+		release_sock(sk);
 	} else {
 		sco_conn_lock(conn);

@@ -1119,12 +1119,12 @@ static void sco_conn_ready(struct sco_conn *conn)
 			return;
 		}

-		bh_lock_sock(parent);
+		lock_sock(parent);

 		sk = sco_sock_alloc(sock_net(parent), NULL,
 				    BTPROTO_SCO, GFP_ATOMIC, 0);
 		if (!sk) {
-			bh_unlock_sock(parent);
+			release_sock(parent);
 			sco_conn_unlock(conn);
 			return;
 		}
@@ -1145,7 +1145,7 @@ static void sco_conn_ready(struct sco_conn *conn)
 		/* Wake up parent */
 		parent->sk_data_ready(parent);

-		bh_unlock_sock(parent);
+		release_sock(parent);

 		sco_conn_unlock(conn);
 	}