Bluetooth: Prevent double register of suspend

Suspend notifier should only be registered and unregistered once per
hdev. Simplify this by only registering during driver registration and
simply exiting early when HCI_USER_CHANNEL is set.

Reported-by: syzbot <syzkaller@googlegroups.com>
Fixes: 359ee4f834f5 (Bluetooth: Unregister suspend with userchannel)
Signed-off-by: Abhishek Pandit-Subedi <abhishekpandit@chromium.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 063fbb8e07ca737798d6c636992f34ef978d2d6f..0540555b370481f6399227161897c02bc0af650e 100644 (file)
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -2406,6 +2406,10 @@ static int hci_suspend_notifier(struct notifier_block *nb, unsigned long action,
                container_of(nb, struct hci_dev, suspend_notifier);
        int ret = 0;
 
+       /* Userspace has full control of this device. Do nothing. */
+       if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL))
+               return NOTIFY_DONE;
+
        if (action == PM_SUSPEND_PREPARE)
                ret = hci_suspend_dev(hdev);
        else if (action == PM_POST_SUSPEND)

diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index b2a33a05c93eddc1c07fdc142396f843d1e076db..06581223238c54b05e90c0a19818754f061a325f 100644 (file)
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -887,7 +887,6 @@ static int hci_sock_release(struct socket *sock)
                         */
                        hci_dev_do_close(hdev);
                        hci_dev_clear_flag(hdev, HCI_USER_CHANNEL);
-                       hci_register_suspend_notifier(hdev);
                        mgmt_index_added(hdev);
                }
 
@@ -1216,7 +1215,6 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
                }
 
                mgmt_index_removed(hdev);
-               hci_unregister_suspend_notifier(hdev);
 
                err = hci_dev_open(hdev->id);
                if (err) {
@@ -1231,7 +1229,6 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
                                err = 0;
                        } else {
                                hci_dev_clear_flag(hdev, HCI_USER_CHANNEL);
-                               hci_register_suspend_notifier(hdev);
                                mgmt_index_added(hdev);
                                hci_dev_put(hdev);
                                goto done;