Bluetooth: Don't check encryption for L2CAP raw sockets

For L2CAP sockets with medium and high security requirement a missing encryption will enforce the closing of the link. For the L2CAP raw sockets this is not needed, so skip that check. This fixes a crash when pairing Bluetooth 2.0 (and earlier) devices since the L2CAP state machine got confused and then locked up the whole system. Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

Bluetooth: Don't check encryption for L2CAP raw sockets
For L2CAP sockets with medium and high security requirement a missing encryption will enforce the closing of the link. For the L2CAP raw sockets this is not needed, so skip that check. This fixes a crash when pairing Bluetooth 2.0 (and earlier) devices since the L2CAP state machine got confused and then locked up the whole system. Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Marcel Holtmann
1 parent 43c2e57f94
Showing 1 changed file with 3 additions and 0 deletions Side-by-side Diff
net/bluetooth/l2cap.c
@@ -2420,6 +2420,9 @@
  
 static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
 {
+	if (sk->sk_type != SOCK_SEQPACKET)
+		return;
+
 	if (encrypt == 0x00) {
 		if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
 			l2cap_sock_clear_timer(sk);
...	...	@@ -2420,6 +2420,9 @@
2420	2420
2421	2421	static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
2422	2422	{
	2423	+ if (sk->sk_type != SOCK_SEQPACKET)
	2424	+ return;
	2425	+
2423	2426	if (encrypt == 0x00) {
2424	2427	if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
2425	2428	l2cap_sock_clear_timer(sk);