diff options
author | Tedd Ho-Jeong An <tedd.an@intel.com> | 2015-06-30 20:43:40 +0200 |
---|---|---|
committer | Marcel Holtmann <marcel@holtmann.org> | 2015-06-30 21:46:19 +0200 |
commit | ab944c83f6690df0c7f67e6bcc29fc0c82ef6021 (patch) | |
tree | 6bd6bc8d21cab72ef5c07b1e1fa963668fdb4b4c /net/bluetooth | |
parent | Bluetooth: hidp: Initialize list header of hidp session user (diff) | |
download | linux-ab944c83f6690df0c7f67e6bcc29fc0c82ef6021.tar.xz linux-ab944c83f6690df0c7f67e6bcc29fc0c82ef6021.zip |
Bluetooth: Reinitialize the list after deletion for session user list
If the user->list is deleted with list_del(), it doesn't initialize the
entry which can cause the issue with list_empty(). According to the
comment from the list.h, list_empty() returns false even if the list is
empty and put the entry in an undefined state.
/**
* list_del - deletes entry from list.
* @entry: the element to delete from the list.
* Note: list_empty() on entry does not return true after this, the entry is
* in an undefined state.
*/
Because of this behavior, list_empty() returns false even if list is empty
when the device is reconnected.
So, user->list needs to be re-initialized after list_del(). list.h already
have a macro list_del_init() which deletes the entry and initailze it again.
Signed-off-by: Tedd Ho-Jeong An <tedd.an@intel.com>
Tested-by: Jörg Otte <jrg.otte@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth')
-rw-r--r-- | net/bluetooth/l2cap_core.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index 51594fb7b9e7..45fffa413642 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c @@ -1634,7 +1634,7 @@ void l2cap_unregister_user(struct l2cap_conn *conn, struct l2cap_user *user) if (list_empty(&user->list)) goto out_unlock; - list_del(&user->list); + list_del_init(&user->list); user->remove(conn, user); out_unlock: @@ -1648,7 +1648,7 @@ static void l2cap_unregister_all_users(struct l2cap_conn *conn) while (!list_empty(&conn->users)) { user = list_first_entry(&conn->users, struct l2cap_user, list); - list_del(&user->list); + list_del_init(&user->list); user->remove(conn, user); } } |