Bluetooth: Don't check encryption for L2CAP raw sockets

For L2CAP sockets with medium and high security requirement a missing
encryption will enforce the closing of the link. For the L2CAP raw
sockets this is not needed, so skip that check.

This fixes a crash when pairing Bluetooth 2.0 (and earlier) devices
since the L2CAP state machine got confused and then locked up the whole
system.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index 71a064fa0285ee9fed853fe830b870239c965044..b677af671f315697c0db32ffc33df27639845058 100644 (file)
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -2420,6 +2420,9 @@ static int l2cap_disconn_ind(struct hci_conn *hcon, u8 reason)
 
 static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
 {
+       if (sk->sk_type != SOCK_SEQPACKET)
+               return;
+
        if (encrypt == 0x00) {
                if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
                        l2cap_sock_clear_timer(sk);