Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS
authorLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fri, 27 Mar 2020 18:32:14 +0000 (11:32 -0700)
committerMarcel Holtmann <marcel@holtmann.org>
Thu, 2 Apr 2020 06:25:19 +0000 (08:25 +0200)
L2CAP_OPTIONS shall only be used with BR/EDR modes.

Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
net/bluetooth/l2cap_sock.c

index 117ba20ea194601838074f5285835cf04f0c8cd9..cfb402645c261b346a5a74f0702b7cfcc38c25f4 100644 (file)
@@ -424,6 +424,20 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
                        break;
                }
 
+               /* Only BR/EDR modes are supported here */
+               switch (chan->mode) {
+               case L2CAP_MODE_BASIC:
+               case L2CAP_MODE_ERTM:
+               case L2CAP_MODE_STREAMING:
+                       break;
+               default:
+                       err = -EINVAL;
+                       break;
+               }
+
+               if (err < 0)
+                       break;
+
                memset(&opts, 0, sizeof(opts));
                opts.imtu     = chan->imtu;
                opts.omtu     = chan->omtu;
@@ -698,10 +712,8 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
                        break;
                }
 
-               chan->mode = opts.mode;
-               switch (chan->mode) {
-               case L2CAP_MODE_LE_FLOWCTL:
-                       break;
+               /* Only BR/EDR modes are supported here */
+               switch (opts.mode) {
                case L2CAP_MODE_BASIC:
                        clear_bit(CONF_STATE2_DEVICE, &chan->conf_state);
                        break;
@@ -715,6 +727,11 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
                        break;
                }
 
+               if (err < 0)
+                       break;
+
+               chan->mode = opts.mode;
+
                BT_DBG("mode 0x%2.2x", chan->mode);
 
                chan->imtu = opts.imtu;