Bluetooth: Hold ref on hci_conn when setting up A2MP fixed channel

Take a reference on the hci_conn and do not de-reference l2cap_conn while setting up the A2MP fixed channel. l2cap_conn is not reference counted and may go away before the channel is set up. This fixes scenario where the ACL disconnects (and l2cap_conn goes away) while amp_conn_ind worker is running or is on the workqueue waiting to run. Change-Id: I10fc6d9b146fcc5e010f26a046f7e0570f2b93dd CRs-fixed: 347079 Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
2012-03-30 12:59:33 -07:00
parent 588ee1105d
commit ffbdb5f0b3
3 changed files with 23 additions and 19 deletions
--- a/include/net/bluetooth/amp.h
+++ b/include/net/bluetooth/amp.h
@@ -1,5 +1,5 @@
 /*
-   Copyright (c) 2010-2011 Code Aurora Forum.  All rights reserved.
+   Copyright (c) 2010-2012 Code Aurora Forum.  All rights reserved.

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License version 2 and
@@ -115,7 +115,7 @@ int amp_init(void);
 void amp_exit(void);

 /* L2CAP-AMP fixed channel interface */
-void amp_conn_ind(struct l2cap_conn *conn, struct sk_buff *skb);
+void amp_conn_ind(struct hci_conn *hcon, struct sk_buff *skb);

 /* L2CAP-AMP link interface */
 void amp_create_physical(struct l2cap_conn *conn, struct sock *sk);
@@ -256,7 +256,7 @@ struct amp_work_state_change {
 };
 struct amp_work_conn_ind {
 	struct work_struct work;
-	struct l2cap_conn *conn;
+	struct hci_conn *hcon;
 	struct sk_buff *skb;
 };
 struct amp_work_create_physical {