[PATCH] Bluetooth: fix oops in rfcomm tty code (v3)

From: Vegard Nossum
Date: Mon Jul 21 2008 - 13:32:53 EST


I've respun the patch, now addressing Marcel's comments.

The change is basically that we _don't_ hold the &rfcomm_dev_lock while
registering tty devices. Instead, to prevent the race, we unregister the
device *before* it's removed from the list.

Does this look any better? I think that if I don't make it this time, I
will give up and let somebody else fix it :-)

I've tested it briefly and it doesn't block the creation of new devices,
however, it seems that the device is now deleted as soon as the first
socket is closed, which means that in order to create /dev/rfcomm0 and
also open it, in the test program, the first socket must not be closed
before the device is opened. I'm sure if this is the intended behaviour?