Bluetooth: Fix EBUSY condition test in l2cap_chan_connect
authorJohan Hedberg <johan.hedberg@intel.com>
Mon, 29 Apr 2013 16:35:37 +0000 (19:35 +0300)
committerGustavo Padovan <gustavo.padovan@collabora.co.uk>
Sat, 22 Jun 2013 23:23:47 +0000 (00:23 +0100)
The current test in l2cap_chan_connect is intended to protect against
multiple conflicting connect attempts. However, it assumes that there
will ever only be a single CID that is connected to, which is not true.
We do need to check for conflicts with connect attempts to the same
destination CID but this check is not in anyway specific to LE but can
be applied to BR/EDR as well.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
net/bluetooth/l2cap_core.c

index 29398293d5011033b17c1487094f3a9c1963d348..640423b4f411a6186d077cadfb969499dd27c42c 100644 (file)
@@ -1811,16 +1811,10 @@ int l2cap_chan_connect(struct l2cap_chan *chan, __le16 psm, u16 cid,
                goto done;
        }
 
-       if (hcon->type == LE_LINK) {
-               err = 0;
-
-               if (!list_empty(&conn->chan_l)) {
-                       err = -EBUSY;
-                       hci_conn_drop(hcon);
-               }
-
-               if (err)
-                       goto done;
+       if (cid && __l2cap_get_chan_by_dcid(conn, cid)) {
+               hci_conn_drop(hcon);
+               err = -EBUSY;
+               goto done;
        }
 
        /* Update source addr of the socket */