Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / 0ac7e7002c4d0841197e9ccb8cfecc5b8c58b200^! / .
commit0ac7e7002c4d0841197e9ccb8cfecc5b8c58b200[log] [tgz]
authorDavid Herrmann <dh.herrmann@googlemail.com>Sat Oct 08 14:58:47 2011 +0200
committerGustavo F. Padovan <padovan@profusion.mobi>Fri Oct 14 15:22:28 2011 -0300
tree5050ba12aedf48b75660ab9175fcae26250cd603
parent928abaa777501ddab94b1b49aae485a2c730d303 [diff]
Bluetooth: Fix hci core device initialization

We must not call device_del() if we didn't use device_add(). See module.c
for comments on that. Therefore, we need to call device_initialize() when
allocating the hci device and later device_add() instead of
device_register().

This also fixes a bug when hci_register_dev() failed and we call
hci_free_dev() without a valid core device. hci_free_dev() segfaults while
calling put_device() on invalid memory.

We already do this with hci_conn connections (hci_conn_init_sysfs()) so
they do not need to be fixed.

Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>

diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
index 32cddb0..c8cc23c 100644
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h

@@ -608,6 +608,7 @@
 int hci_recv_fragment(struct hci_dev *hdev, int type, void *data, int count);
 int hci_recv_stream_fragment(struct hci_dev *hdev, void *data, int count);
 
+void hci_init_sysfs(struct hci_dev *hdev);
 int hci_register_sysfs(struct hci_dev *hdev);
 void hci_unregister_sysfs(struct hci_dev *hdev);
 void hci_conn_init_sysfs(struct hci_conn *conn);

diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index b84458d..d2445cb 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c

@@ -912,6 +912,7 @@
 	if (!hdev)
 		return NULL;
 
+	hci_init_sysfs(hdev);
 	skb_queue_head_init(&hdev->driver_init);
 
 	return hdev;

diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c
index 22f1a6c..a7d5de3 100644
--- a/net/bluetooth/hci_sysfs.c
+++ b/net/bluetooth/hci_sysfs.c

@@ -542,6 +542,17 @@
 DEFINE_SIMPLE_ATTRIBUTE(auto_accept_delay_fops, auto_accept_delay_get,
 					auto_accept_delay_set, "%llu\n");
 
+void hci_init_sysfs(struct hci_dev *hdev)
+{
+	struct device *dev = &hdev->dev;
+
+	dev->type = &bt_host;
+	dev->class = bt_class;
+
+	dev_set_drvdata(dev, hdev);
+	device_initialize(dev);
+}
+
 int hci_register_sysfs(struct hci_dev *hdev)
 {
 	struct device *dev = &hdev->dev;
@@ -549,15 +560,10 @@
 
 	BT_DBG("%p name %s bus %d", hdev, hdev->name, hdev->bus);
 
-	dev->type = &bt_host;
-	dev->class = bt_class;
 	dev->parent = hdev->parent;
-
 	dev_set_name(dev, "%s", hdev->name);
 
-	dev_set_drvdata(dev, hdev);
-
-	err = device_register(dev);
+	err = device_add(dev);
 	if (err < 0)
 		return err;