Bluetooth: Fix index added after unregister

When a userchannel socket is released, we should check whether the hdev
is already unregistered before sending out an IndexAdded.

Signed-off-by: Abhishek Pandit-Subedi <abhishekpandit@chromium.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 189e3115c8c62c947872d62b8b0744d8b96d8620..bd8358b44aa4cf3b8aac7a459a68a8be394428e5 100644 (file)
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -869,7 +869,8 @@ static int hci_sock_release(struct socket *sock)
 
        hdev = hci_pi(sk)->hdev;
        if (hdev) {
-               if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
+               if (hci_pi(sk)->channel == HCI_CHANNEL_USER &&
+                   !hci_dev_test_flag(hdev, HCI_UNREGISTER)) {
                        /* When releasing a user channel exclusive access,
                         * call hci_dev_do_close directly instead of calling
                         * hci_dev_close to ensure the exclusive access will
@@ -878,6 +879,11 @@ static int hci_sock_release(struct socket *sock)
                         * The checking of HCI_AUTO_OFF is not needed in this
                         * case since it will have been cleared already when
                         * opening the user channel.
+                        *
+                        * Make sure to also check that we haven't already
+                        * unregistered since all the cleanup will have already
+                        * been complete and hdev will get released when we put
+                        * below.
                         */
                        hci_dev_do_close(hdev);
                        hci_dev_clear_flag(hdev, HCI_USER_CHANNEL);