+24

net/bluetooth/af_bluetooth.c

reviewed

··· 157 157 sk->sk_protocol = proto; 158 158 sk->sk_state = BT_OPEN; 159 159 160 160 + /* Init peer information so it can be properly monitored */ 161 161 + if (!kern) { 162 162 + spin_lock(&sk->sk_peer_lock); 163 163 + sk->sk_peer_pid = get_pid(task_tgid(current)); 164 164 + sk->sk_peer_cred = get_current_cred(); 165 165 + spin_unlock(&sk->sk_peer_lock); 166 166 + } 167 167 + 160 168 return sk; 161 169 } 162 170 EXPORT_SYMBOL(bt_sock_alloc); ··· 187 179 188 180 void bt_accept_enqueue(struct sock *parent, struct sock *sk, bool bh) 189 181 { 182 182 + const struct cred *old_cred; 183 183 + struct pid *old_pid; 184 184 + 190 185 BT_DBG("parent %p, sk %p", parent, sk); 191 186 192 187 sock_hold(sk); ··· 201 190 202 191 list_add_tail(&bt_sk(sk)->accept_q, &bt_sk(parent)->accept_q); 203 192 bt_sk(sk)->parent = parent; 193 193 + 194 194 + /* Copy credentials from parent since for incoming connections the 195 195 + * socket is allocated by the kernel. 196 196 + */ 197 197 + spin_lock(&sk->sk_peer_lock); 198 198 + old_pid = sk->sk_peer_pid; 199 199 + old_cred = sk->sk_peer_cred; 200 200 + sk->sk_peer_pid = get_pid(parent->sk_peer_pid); 201 201 + sk->sk_peer_cred = get_cred(parent->sk_peer_cred); 202 202 + spin_unlock(&sk->sk_peer_lock); 203 203 + 204 204 + put_pid(old_pid); 205 205 + put_cred(old_cred); 204 206 205 207 if (bh) 206 208 bh_unlock_sock(sk);

+1 -9

net/bluetooth/hidp/sock.c

reviewed

··· 256 256 if (sock->type != SOCK_RAW) 257 257 return -ESOCKTNOSUPPORT; 258 258 259 259 - sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hidp_proto, kern); 259 259 + sk = bt_sock_alloc(net, sock, &hidp_proto, protocol, GFP_ATOMIC, kern); 260 260 if (!sk) 261 261 return -ENOMEM; 262 262 263 263 - sock_init_data(sock, sk); 264 264 - 265 263 sock->ops = &hidp_sock_ops; 266 266 - 267 264 sock->state = SS_UNCONNECTED; 268 268 - 269 269 - sock_reset_flag(sk, SOCK_ZAPPED); 270 270 - 271 271 - sk->sk_protocol = protocol; 272 272 - sk->sk_state = BT_OPEN; 273 265 274 266 bt_sock_link(&hidp_sk_list, sk); 275 267

-19

net/bluetooth/l2cap_sock.c

reviewed

··· 178 178 return err; 179 179 } 180 180 181 181 - static void l2cap_sock_init_pid(struct sock *sk) 182 182 - { 183 183 - struct l2cap_chan *chan = l2cap_pi(sk)->chan; 184 184 - 185 185 - /* Only L2CAP_MODE_EXT_FLOWCTL ever need to access the PID in order to 186 186 - * group the channels being requested. 187 187 - */ 188 188 - if (chan->mode != L2CAP_MODE_EXT_FLOWCTL) 189 189 - return; 190 190 - 191 191 - spin_lock(&sk->sk_peer_lock); 192 192 - sk->sk_peer_pid = get_pid(task_tgid(current)); 193 193 - spin_unlock(&sk->sk_peer_lock); 194 194 - } 195 195 - 196 181 static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, 197 182 int alen, int flags) 198 183 { ··· 253 268 chan->mode != L2CAP_MODE_EXT_FLOWCTL) 254 269 chan->mode = L2CAP_MODE_LE_FLOWCTL; 255 270 256 256 - l2cap_sock_init_pid(sk); 257 257 - 258 271 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid), 259 272 &la.l2_bdaddr, la.l2_bdaddr_type); 260 273 if (err) ··· 307 324 err = -EOPNOTSUPP; 308 325 goto done; 309 326 } 310 310 - 311 311 - l2cap_sock_init_pid(sk); 312 327 313 328 sk->sk_max_ack_backlog = backlog; 314 329 sk->sk_ack_backlog = 0;