Bluetooth: Fix reference counting for LE-scan based connections
authorJohan Hedberg <johan.hedberg@intel.com>
Fri, 16 Oct 2015 07:07:50 +0000 (10:07 +0300)
committerMarcel Holtmann <marcel@holtmann.org>
Fri, 16 Oct 2015 07:24:41 +0000 (09:24 +0200)
commitb958f9a3e87766a88036616389eaaf3ad3bd5fc8
tree777aeff10b00deff3a174992ccf4c59b2ca31e6d
parent168b8a25c0ac30f427bfe6ad547779c4c363d042
Bluetooth: Fix reference counting for LE-scan based connections

The code should never directly call hci_conn_hash_del since many
cleanup & reference counting updates would be lost. Normally
hci_conn_del is the right thing to do, but in the case of a connection
doing LE scanning this could cause a deadlock due to doing a
cancel_delayed_work_sync() on the same work callback that we were
called from.

Connections in the LE scanning state actually need very little cleanup
- just a small subset of hci_conn_del. To solve the issue, refactor
out these essential pieces into a new hci_conn_cleanup() function and
call that from the two necessary places.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
net/bluetooth/hci_conn.c