Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth

Johan Hedberg says: ==================== pull request: bluetooth 2015-12-01 Here's a Bluetooth fix for the 4.4-rc series that fixes a memory leak of the Security Manager L2CAP channel that'll happen for every LE connection. Please let me know if there are any issues pulling. Thanks. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2015-12-03 12:04:05 -0500
committer: David S. Miller <davem@davemloft.net> 2015-12-03 12:04:05 -0500
commit: 79aecc7216379788e0c6900ac50ea2d579190219 (patch)
tree: e2b3f6861b6ead1724e18a039badac2c04948353 /net/bluetooth
parent: df849ba3a88cdf4480decd7008f95ff627387c0f (diff)
parent: 7883746bc663150e8acd7a57397fc889698b0b33 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index c91353841e40..ffed8a1d4f27 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -3027,8 +3027,13 @@ static void smp_ready_cb(struct l2cap_chan *chan)
 
 	BT_DBG("chan %p", chan);
 
+	/* No need to call l2cap_chan_hold() here since we already own
+	 * the reference taken in smp_new_conn_cb(). This is just the
+	 * first time that we tie it to a specific pointer. The code in
+	 * l2cap_core.c ensures that there's no risk this function wont
+	 * get called if smp_new_conn_cb was previously called.
+	 */
 	conn->smp = chan;
-	l2cap_chan_hold(chan);
 
 	if (hcon->type == ACL_LINK && test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
 		bredr_pairing(chan);
author	David S. Miller <davem@davemloft.net>	2015-12-03 12:04:05 -0500
committer	David S. Miller <davem@davemloft.net>	2015-12-03 12:04:05 -0500
commit	79aecc7216379788e0c6900ac50ea2d579190219 (patch)
tree	e2b3f6861b6ead1724e18a039badac2c04948353 /net/bluetooth
parent	df849ba3a88cdf4480decd7008f95ff627387c0f (diff)
parent	7883746bc663150e8acd7a57397fc889698b0b33 (diff)