From: "K. Y. Srinivasan" <[email protected]> The recent changes to the connector code introduced this bug where even when a callback was invoked, we would return an error resulting in double freeing of the skb. This patch fixes this bug.
Signed-off-by: K. Y. Srinivasan <[email protected]> Acked-by: Evgeniy Polyakov <[email protected]> Cc: stable <[email protected]> [.39] Signed-off-by: Greg Kroah-Hartman <[email protected]> --- drivers/connector/connector.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c index 219d88a..dde6a0f 100644 --- a/drivers/connector/connector.c +++ b/drivers/connector/connector.c @@ -139,6 +139,7 @@ static int cn_call_callback(struct sk_buff *skb) spin_unlock_bh(&dev->cbdev->queue_lock); if (cbq != NULL) { + err = 0; cbq->callback(msg, nsp); kfree_skb(skb); cn_queue_release_callback(cbq); -- 1.7.5.4 _______________________________________________ stable mailing list [email protected] http://linux.kernel.org/mailman/listinfo/stable
