connector: fix skb double free in cn_rx_skb()

When a skb is delivered to a registered callback, cn_call_callback()
incorrectly returns -ENODEV after freeing the skb, causing cn_rx_skb()
to free the skb a second time.

Reported-by: Eric B Munson <emunson@mgebm.net>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Tested-by: Eric B Munson <emunson@mgebm.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

drivers/connector/connector.c

@@ -142,6 +142,7 @@ static int cn_call_callback(struct sk_buff *skb)
 		cbq->callback(msg, nsp);
 		kfree_skb(skb);
 		cn_queue_release_callback(cbq);
+		err = 0;
 	}
 
 	return err;