git.kernel.dk Git - linux-2.6-block.git/commit

author	Benjamin Berg <bberg@redhat.com>
	Fri, 17 Dec 2021 15:28:09 +0000 (16:28 +0100)
committer	Marcel Holtmann <marcel@holtmann.org>
	Wed, 22 Dec 2021 22:01:27 +0000 (23:01 +0100)
commit	744451c162a514044a912cbbd64b7a386035cc5b
tree	3b98ed43f097ae8e357b895c93078b1932207e6b	tree \| snapshot
parent	df1e5c51492fd93ffc293acdcc6f00698d19fedc	commit \| diff

Bluetooth: hci_sync: Push sync command cancellation to workqueue

syzbot reported that hci_cmd_sync_cancel may sleep from the wrong
context. To avoid this, create a new work item that pushes the relevant
parts into a different context.

Note that we keep the old implementation with the name
__hci_cmd_sync_cancel as the sleeping behaviour is desired in some
cases.

Reported-and-tested-by: syzbot+485cc00ea7cf41dfdbf1@syzkaller.appspotmail.com
Fixes: c97a747efc93 ("Bluetooth: btusb: Cancel sync commands for certain URB errors")
Signed-off-by: Benjamin Berg <bberg@redhat.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

include/net/bluetooth/hci_core.h		diff \| blob \| blame \| history
include/net/bluetooth/hci_sync.h		diff \| blob \| blame \| history
net/bluetooth/hci_core.c		diff \| blob \| blame \| history
net/bluetooth/hci_request.c		diff \| blob \| blame \| history
net/bluetooth/hci_sync.c		diff \| blob \| blame \| history