diff options
author | Samuel Ortiz <samuel@sortiz.org> | 2006-09-27 20:05:38 -0700 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-09-28 18:02:46 -0700 |
commit | da349f1c2e0a0bf8958cdaf14e8f33acdf3182a5 (patch) | |
tree | c959dd1fe9a4104f94febd0ac6928d9f286f12f8 /net/irda | |
parent | 1a9e9ef684ec2bd27fcdb373a82957a0c050daf6 (diff) | |
download | kernel_samsung_smdk4412-da349f1c2e0a0bf8958cdaf14e8f33acdf3182a5.zip kernel_samsung_smdk4412-da349f1c2e0a0bf8958cdaf14e8f33acdf3182a5.tar.gz kernel_samsung_smdk4412-da349f1c2e0a0bf8958cdaf14e8f33acdf3182a5.tar.bz2 |
[IrDA]: af_irda.c cleanups
We lock the socket when both releasing and getting a disconnected
notification. In the latter case, we also ste the socket as orphan.
This fixes a potential kernel bug that can be triggered when we get the
disconnection notification before closing the socket.
Signed-off-by: Samuel Ortiz <samuel@sortiz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/irda')
-rw-r--r-- | net/irda/af_irda.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c index 17699ee..7b7cd5b 100644 --- a/net/irda/af_irda.c +++ b/net/irda/af_irda.c @@ -132,13 +132,14 @@ static void irda_disconnect_indication(void *instance, void *sap, /* Prevent race conditions with irda_release() and irda_shutdown() */ if (!sock_flag(sk, SOCK_DEAD) && sk->sk_state != TCP_CLOSE) { + lock_sock(sk); sk->sk_state = TCP_CLOSE; sk->sk_err = ECONNRESET; sk->sk_shutdown |= SEND_SHUTDOWN; sk->sk_state_change(sk); - /* Uh-oh... Should use sock_orphan ? */ - sock_set_flag(sk, SOCK_DEAD); + sock_orphan(sk); + release_sock(sk); /* Close our TSAP. * If we leave it open, IrLMP put it back into the list of @@ -1212,6 +1213,7 @@ static int irda_release(struct socket *sock) if (sk == NULL) return 0; + lock_sock(sk); sk->sk_state = TCP_CLOSE; sk->sk_shutdown |= SEND_SHUTDOWN; sk->sk_state_change(sk); @@ -1221,6 +1223,7 @@ static int irda_release(struct socket *sock) sock_orphan(sk); sock->sk = NULL; + release_sock(sk); /* Purge queues (see sock_init_data()) */ skb_queue_purge(&sk->sk_receive_queue); @@ -1353,6 +1356,7 @@ static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock, IRDA_DEBUG(4, "%s()\n", __FUNCTION__); IRDA_ASSERT(self != NULL, return -1;); + IRDA_ASSERT(!sock_error(sk), return -1;); skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, flags & MSG_DONTWAIT, &err); @@ -1405,6 +1409,7 @@ static int irda_recvmsg_stream(struct kiocb *iocb, struct socket *sock, IRDA_DEBUG(3, "%s()\n", __FUNCTION__); IRDA_ASSERT(self != NULL, return -1;); + IRDA_ASSERT(!sock_error(sk), return -1;); if (sock->flags & __SO_ACCEPTCON) return(-EINVAL); |