| From 9eb1fbfa0a737fd4d3a6d12d71c5ea9af622b887 Mon Sep 17 00:00:00 2001 |
| From: Johan Hedberg <johan.hedberg@intel.com> |
| Date: Fri, 11 Apr 2014 12:02:31 -0700 |
| Subject: Bluetooth: Fix triggering BR/EDR L2CAP Connect too early |
| |
| From: Johan Hedberg <johan.hedberg@intel.com> |
| |
| commit 9eb1fbfa0a737fd4d3a6d12d71c5ea9af622b887 upstream. |
| |
| Commit 1c2e004183178 introduced an event handler for the encryption key |
| refresh complete event with the intent of fixing some LE/SMP cases. |
| However, this event is shared with BR/EDR and there we actually want to |
| act only on the auth_complete event (which comes after the key refresh). |
| |
| If we do not do this we may trigger an L2CAP Connect Request too early |
| and cause the remote side to return a security block error. |
| |
| Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> |
| Signed-off-by: Marcel Holtmann <marcel@holtmann.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| net/bluetooth/hci_event.c | 6 ++++++ |
| 1 file changed, 6 insertions(+) |
| |
| --- a/net/bluetooth/hci_event.c |
| +++ b/net/bluetooth/hci_event.c |
| @@ -3051,6 +3051,12 @@ static void hci_key_refresh_complete_evt |
| if (!conn) |
| goto unlock; |
| |
| + /* For BR/EDR the necessary steps are taken through the |
| + * auth_complete event. |
| + */ |
| + if (conn->type != LE_LINK) |
| + goto unlock; |
| + |
| if (!ev->status) |
| conn->sec_level = conn->pending_sec_level; |
| |