commit 56e5cb86eb377970825486a5861f5926d65e64c1
author Johan Hedberg <johan.hedberg@intel.com> Tue Nov 08 20:40:16 2011 +0200
committer Gustavo F. Padovan <padovan@profusion.mobi> Wed Nov 09 12:33:46 2011 -0200
tree 87e57ea9c98f2663a359717b658c05d0ee2fecac
parent 2e58ef3e11d0775795345a20185b5a7c4bdae194

Bluetooth: Add missing hci_dev locking when calling mgmt functions

Now that the pending commands are within struct hci_dev we can properly
control access to them throught the hci_dev locking mechanism.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>

net/bluetooth/mgmt.c

diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index be198f3..be4c3d0 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -1335,16 +1335,19 @@
 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
 {
 	struct pending_cmd *cmd;
+	struct hci_dev *hdev = conn->hdev;
 
 	BT_DBG("status %u", status);
 
-	cmd = find_pairing(conn);
-	if (!cmd) {
-		BT_DBG("Unable to find a pending command");
-		return;
-	}
+	hci_dev_lock_bh(hdev);
 
-	pairing_complete(cmd, status);
+	cmd = find_pairing(conn);
+	if (!cmd)
+		BT_DBG("Unable to find a pending command");
+	else
+		pairing_complete(cmd, status);
+
+	hci_dev_unlock_bh(hdev);
 }
 
 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
@@ -2302,9 +2305,7 @@
 		goto failed;
 	}
 
-	hci_dev_lock_bh(hdev);
 	update_eir(hdev);
-	hci_dev_unlock_bh(hdev);
 
 	err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
 								sizeof(ev));