Re: [PATCH] Bluetooth: HIDP: guard session->conn in hidp_connection_del

Next message: David Hildenbrand (Arm): "Re: [BUG] WARNING in workingset_activation triggered by KVM page fault path on Linux 7.0.0-08391-g1d51b370a0f8"
Previous message: Shakeel Butt: "Re: [BUG] WARNING in workingset_activation triggered by KVM page fault path on Linux 7.0.0-08391-g1d51b370a0f8"
In reply to: Pauli Virtanen: "Re: [PATCH] Bluetooth: HIDP: guard session-&gt;conn in hidp_connection_del"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Luiz Augusto von Dentz

Date: Wed Apr 22 2026 - 11:54:42 EST

Hi Michael,

On Wed, Apr 22, 2026 at 11:09 AM Michael Bommarito
<michael.bommarito@xxxxxxxxx> wrote:
>
> On Wed, Apr 22, 2026 at 10:55 AM Luiz Augusto von Dentz
> <luiz.dentz@xxxxxxxxx> wrote:
> > We might need a lock in order to access the session->conn:
>
> This one is a little easier than the other txwin_size issue in terms
> of blast radius.
>
> What pattern would you prefer here?
>
> Option 1, smaller but ordering questions: hold the semaphore across
> check and use like this:
>
> down_read(&hidp_session_sem);
> if (session->conn)
> l2cap_unregister_user(session->conn, &session->user);
> up_read(&hidp_session_sem)
>
>
> Option 2, more correct but more cycles: snapshot the conn and use outside
>
> down_read(&hidp_session_sem);
> conn = session->conn;
> if (conn)
> l2cap_conn_get(conn);
> up_read(&hidp_session_sem);
> if (conn) {
> l2cap_unregister_user(conn, &session->user);
> l2cap_conn_put(conn);
> }

Neither seems completely correct, in my opinion. I guess we want to
use option 2 but set the session->conn to NULL since it will call
l2cap_unregister_user.

> Thanks,
> Mike Bommarito

--
Luiz Augusto von Dentz