summaryrefslogtreecommitdiffstats
path: root/net/bluetooth
diff options
context:
space:
mode:
authorTedd Ho-Jeong An <tedd.an@intel.com>2015-06-30 11:43:40 -0700
committerMarcel Holtmann <marcel@holtmann.org>2015-06-30 21:46:19 +0200
commitab944c83f6690df0c7f67e6bcc29fc0c82ef6021 (patch)
tree6bd6bc8d21cab72ef5c07b1e1fa963668fdb4b4c /net/bluetooth
parent7c258670ce655659a4c8d1013676c55e74d09ee7 (diff)
downloadlinux-stable-ab944c83f6690df0c7f67e6bcc29fc0c82ef6021.tar.gz
linux-stable-ab944c83f6690df0c7f67e6bcc29fc0c82ef6021.tar.bz2
linux-stable-ab944c83f6690df0c7f67e6bcc29fc0c82ef6021.zip
Bluetooth: Reinitialize the list after deletion for session user list
If the user->list is deleted with list_del(), it doesn't initialize the entry which can cause the issue with list_empty(). According to the comment from the list.h, list_empty() returns false even if the list is empty and put the entry in an undefined state. /** * list_del - deletes entry from list. * @entry: the element to delete from the list. * Note: list_empty() on entry does not return true after this, the entry is * in an undefined state. */ Because of this behavior, list_empty() returns false even if list is empty when the device is reconnected. So, user->list needs to be re-initialized after list_del(). list.h already have a macro list_del_init() which deletes the entry and initailze it again. Signed-off-by: Tedd Ho-Jeong An <tedd.an@intel.com> Tested-by: Jörg Otte <jrg.otte@gmail.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/l2cap_core.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 51594fb7b9e7..45fffa413642 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1634,7 +1634,7 @@ void l2cap_unregister_user(struct l2cap_conn *conn, struct l2cap_user *user)
if (list_empty(&user->list))
goto out_unlock;
- list_del(&user->list);
+ list_del_init(&user->list);
user->remove(conn, user);
out_unlock:
@@ -1648,7 +1648,7 @@ static void l2cap_unregister_all_users(struct l2cap_conn *conn)
while (!list_empty(&conn->users)) {
user = list_first_entry(&conn->users, struct l2cap_user, list);
- list_del(&user->list);
+ list_del_init(&user->list);
user->remove(conn, user);
}
}