* [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request
@ 2010-06-16 12:52 Emeltchenko Andrei
2010-06-19 0:53 ` Gustavo F. Padovan
0 siblings, 1 reply; 6+ messages in thread
From: Emeltchenko Andrei @ 2010-06-16 12:52 UTC (permalink / raw)
To: linux-bluetooth
From: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
Due to race condition in L2CAP state machine L2CAP Connection Request
may be sent twice for SDP with the same source channel id. Problems
reported connecting to Apple products, some carkit, Blackberry phones.
...
2010-06-07 21:18:03.651031 < ACL data: handle 1 flags 0x02 dlen 12
L2CAP(s): Connect req: psm 1 scid 0x0040
2010-06-07 21:18:03.653473 > HCI Event: Number of Completed Packets (0x13) plen 5
handle 1 packets 1
2010-06-07 21:18:03.653808 > HCI Event: Auth Complete (0x06) plen 3
status 0x00 handle 1
2010-06-07 21:18:03.653869 < ACL data: handle 1 flags 0x02 dlen 12
L2CAP(s): Connect req: psm 1 scid 0x0040
...
Patch uses L2CAP_CONF_CONNECT_PEND flag to mark that L2CAP Connection
Request has been sent.
Modified version of Ville Tervo patch.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
---
net/bluetooth/l2cap.c | 11 +++++++++--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index fc81acb..1ed51ad 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -387,13 +387,16 @@ static void l2cap_do_start(struct sock *sk)
if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
return;
- if (l2cap_check_security(sk)) {
+ if (l2cap_check_security(sk) &&
+ ! l2cap_pi(sk)->conf_state &
+ L2CAP_CONF_CONNECT_PEND) {
struct l2cap_conn_req req;
req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
req.psm = l2cap_pi(sk)->psm;
l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+ l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
L2CAP_CONN_REQ, sizeof(req), &req);
}
@@ -441,13 +444,16 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
}
if (sk->sk_state == BT_CONNECT) {
- if (l2cap_check_security(sk)) {
+ if (l2cap_check_security(sk) &&
+ ! l2cap_pi(sk)->conf_state &
+ L2CAP_CONF_CONNECT_PEND) {
struct l2cap_conn_req req;
req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
req.psm = l2cap_pi(sk)->psm;
l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+ l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
L2CAP_CONN_REQ, sizeof(req), &req);
}
@@ -3828,6 +3834,7 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+ l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
L2CAP_CONN_REQ, sizeof(req), &req);
} else {
--
1.7.0.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request
2010-06-16 12:52 Emeltchenko Andrei
@ 2010-06-19 0:53 ` Gustavo F. Padovan
2010-06-21 9:16 ` Andrei Emeltchenko
0 siblings, 1 reply; 6+ messages in thread
From: Gustavo F. Padovan @ 2010-06-19 0:53 UTC (permalink / raw)
To: Emeltchenko Andrei; +Cc: linux-bluetooth
Hi Andrei,
* Emeltchenko Andrei <Andrei.Emeltchenko.news@gmail.com> [2010-06-16 15:52:05 +0300]:
> From: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
>
> Due to race condition in L2CAP state machine L2CAP Connection Request
> may be sent twice for SDP with the same source channel id. Problems
> reported connecting to Apple products, some carkit, Blackberry phones.
>
> ...
> 2010-06-07 21:18:03.651031 < ACL data: handle 1 flags 0x02 dlen 12
> L2CAP(s): Connect req: psm 1 scid 0x0040
> 2010-06-07 21:18:03.653473 > HCI Event: Number of Completed Packets (0x13) plen 5
> handle 1 packets 1
> 2010-06-07 21:18:03.653808 > HCI Event: Auth Complete (0x06) plen 3
> status 0x00 handle 1
> 2010-06-07 21:18:03.653869 < ACL data: handle 1 flags 0x02 dlen 12
> L2CAP(s): Connect req: psm 1 scid 0x0040
> ...
>
> Patch uses L2CAP_CONF_CONNECT_PEND flag to mark that L2CAP Connection
> Request has been sent.
>
> Modified version of Ville Tervo patch.
>
> Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
> ---
> net/bluetooth/l2cap.c | 11 +++++++++--
> 1 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
> index fc81acb..1ed51ad 100644
> --- a/net/bluetooth/l2cap.c
> +++ b/net/bluetooth/l2cap.c
> @@ -387,13 +387,16 @@ static void l2cap_do_start(struct sock *sk)
> if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
> return;
>
> - if (l2cap_check_security(sk)) {
> + if (l2cap_check_security(sk) &&
> + ! l2cap_pi(sk)->conf_state &
> + L2CAP_CONF_CONNECT_PEND) {
This is wrong, you have to add parentheses here:
!(l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND)
> struct l2cap_conn_req req;
> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
> req.psm = l2cap_pi(sk)->psm;
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
> }
> @@ -441,13 +444,16 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
> }
>
> if (sk->sk_state == BT_CONNECT) {
> - if (l2cap_check_security(sk)) {
> + if (l2cap_check_security(sk) &&
> + ! l2cap_pi(sk)->conf_state &
> + L2CAP_CONF_CONNECT_PEND) {
Here too.
> struct l2cap_conn_req req;
> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
> req.psm = l2cap_pi(sk)->psm;
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
> }
> @@ -3828,6 +3834,7 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
> } else {
> --
> 1.7.0.4
Otherwise the patch seem fine to me.
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Gustavo F. Padovan
http://padovan.org
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request
2010-06-19 0:53 ` Gustavo F. Padovan
@ 2010-06-21 9:16 ` Andrei Emeltchenko
0 siblings, 0 replies; 6+ messages in thread
From: Andrei Emeltchenko @ 2010-06-21 9:16 UTC (permalink / raw)
To: Gustavo F. Padovan; +Cc: linux-bluetooth
On Sat, Jun 19, 2010 at 3:53 AM, Gustavo F. Padovan <gustavo@padovan.org> wrote:
> Hi Andrei,
>
> * Emeltchenko Andrei <Andrei.Emeltchenko.news@gmail.com> [2010-06-16 15:52:05 +0300]:
>
>> From: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
>>
>> Due to race condition in L2CAP state machine L2CAP Connection Request
>> may be sent twice for SDP with the same source channel id. Problems
>> reported connecting to Apple products, some carkit, Blackberry phones.
>>
>> ...
>> 2010-06-07 21:18:03.651031 < ACL data: handle 1 flags 0x02 dlen 12
>> L2CAP(s): Connect req: psm 1 scid 0x0040
>> 2010-06-07 21:18:03.653473 > HCI Event: Number of Completed Packets (0x13) plen 5
>> handle 1 packets 1
>> 2010-06-07 21:18:03.653808 > HCI Event: Auth Complete (0x06) plen 3
>> status 0x00 handle 1
>> 2010-06-07 21:18:03.653869 < ACL data: handle 1 flags 0x02 dlen 12
>> L2CAP(s): Connect req: psm 1 scid 0x0040
>> ...
>>
>> Patch uses L2CAP_CONF_CONNECT_PEND flag to mark that L2CAP Connection
>> Request has been sent.
>>
>> Modified version of Ville Tervo patch.
>>
>> Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
>> ---
>> net/bluetooth/l2cap.c | 11 +++++++++--
>> 1 files changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
>> index fc81acb..1ed51ad 100644
>> --- a/net/bluetooth/l2cap.c
>> +++ b/net/bluetooth/l2cap.c
>> @@ -387,13 +387,16 @@ static void l2cap_do_start(struct sock *sk)
>> if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
>> return;
>>
>> - if (l2cap_check_security(sk)) {
>> + if (l2cap_check_security(sk) &&
>> + ! l2cap_pi(sk)->conf_state &
>> + L2CAP_CONF_CONNECT_PEND) {
>
> This is wrong, you have to add parentheses here:
> !(l2cap_pi(sk)->conf_state & L2CAP_CONF_CONNECT_PEND)
Ah! My mistake when rearranging patch. Thanks a lot for the review.
I will send a new patch when I will test everything.
Regards,
Andrei
>
>> struct l2cap_conn_req req;
>> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
>> req.psm = l2cap_pi(sk)->psm;
>>
>> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>>
>> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
>> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
>> L2CAP_CONN_REQ, sizeof(req), &req);
>> }
>> @@ -441,13 +444,16 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
>> }
>>
>> if (sk->sk_state == BT_CONNECT) {
>> - if (l2cap_check_security(sk)) {
>> + if (l2cap_check_security(sk) &&
>> + ! l2cap_pi(sk)->conf_state &
>> + L2CAP_CONF_CONNECT_PEND) {
>
> Here too.
>
>> struct l2cap_conn_req req;
>> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
>> req.psm = l2cap_pi(sk)->psm;
>>
>> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>>
>> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
>> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
>> L2CAP_CONN_REQ, sizeof(req), &req);
>> }
>> @@ -3828,6 +3834,7 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
>>
>> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>>
>> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
>> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
>> L2CAP_CONN_REQ, sizeof(req), &req);
>> } else {
>> --
>> 1.7.0.4
>
> Otherwise the patch seem fine to me.
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
> --
> Gustavo F. Padovan
> http://padovan.org
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request
@ 2010-06-23 7:30 Emeltchenko Andrei
2010-07-06 10:11 ` Andrei Emeltchenko
2010-07-06 15:14 ` Marcel Holtmann
0 siblings, 2 replies; 6+ messages in thread
From: Emeltchenko Andrei @ 2010-06-23 7:30 UTC (permalink / raw)
To: linux-bluetooth
From: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
Due to race condition in L2CAP state machine L2CAP Connection Request
may be sent twice for SDP with the same source channel id. Problems
reported connecting to Apple products, some carkit, Blackberry phones.
...
2010-06-07 21:18:03.651031 < ACL data: handle 1 flags 0x02 dlen 12
L2CAP(s): Connect req: psm 1 scid 0x0040
2010-06-07 21:18:03.653473 > HCI Event: Number of Completed Packets (0x13) plen 5
handle 1 packets 1
2010-06-07 21:18:03.653808 > HCI Event: Auth Complete (0x06) plen 3
status 0x00 handle 1
2010-06-07 21:18:03.653869 < ACL data: handle 1 flags 0x02 dlen 12
L2CAP(s): Connect req: psm 1 scid 0x0040
...
Patch uses L2CAP_CONF_CONNECT_PEND flag to mark that L2CAP Connection
Request has been sent.
Modified version of Ville Tervo patch.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
---
net/bluetooth/l2cap.c | 11 +++++++++--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index bb00015..7f82f7b 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -409,13 +409,16 @@ static void l2cap_do_start(struct sock *sk)
if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
return;
- if (l2cap_check_security(sk)) {
+ if (l2cap_check_security(sk) &&
+ !(l2cap_pi(sk)->conf_state &
+ L2CAP_CONF_CONNECT_PEND)) {
struct l2cap_conn_req req;
req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
req.psm = l2cap_pi(sk)->psm;
l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+ l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
L2CAP_CONN_REQ, sizeof(req), &req);
}
@@ -464,13 +467,16 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
}
if (sk->sk_state == BT_CONNECT) {
- if (l2cap_check_security(sk)) {
+ if (l2cap_check_security(sk) &&
+ !(l2cap_pi(sk)->conf_state &
+ L2CAP_CONF_CONNECT_PEND)) {
struct l2cap_conn_req req;
req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
req.psm = l2cap_pi(sk)->psm;
l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+ l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
L2CAP_CONN_REQ, sizeof(req), &req);
}
@@ -4407,6 +4413,7 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
l2cap_pi(sk)->ident = l2cap_get_ident(conn);
+ l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
L2CAP_CONN_REQ, sizeof(req), &req);
} else {
--
1.7.0.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request
2010-06-23 7:30 [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request Emeltchenko Andrei
@ 2010-07-06 10:11 ` Andrei Emeltchenko
2010-07-06 15:14 ` Marcel Holtmann
1 sibling, 0 replies; 6+ messages in thread
From: Andrei Emeltchenko @ 2010-07-06 10:11 UTC (permalink / raw)
To: linux-bluetooth
On Wed, Jun 23, 2010 at 10:30 AM, Emeltchenko Andrei
<Andrei.Emeltchenko.news@gmail.com> wrote:
ping
> From: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
>
> Due to race condition in L2CAP state machine L2CAP Connection Request
> may be sent twice for SDP with the same source channel id. Problems
> reported connecting to Apple products, some carkit, Blackberry phones.
>
> ...
> 2010-06-07 21:18:03.651031 < ACL data: handle 1 flags 0x02 dlen 12
> L2CAP(s): Connect req: psm 1 scid 0x0040
> 2010-06-07 21:18:03.653473 > HCI Event: Number of Completed Packets (0x13) plen 5
> handle 1 packets 1
> 2010-06-07 21:18:03.653808 > HCI Event: Auth Complete (0x06) plen 3
> status 0x00 handle 1
> 2010-06-07 21:18:03.653869 < ACL data: handle 1 flags 0x02 dlen 12
> L2CAP(s): Connect req: psm 1 scid 0x0040
> ...
>
> Patch uses L2CAP_CONF_CONNECT_PEND flag to mark that L2CAP Connection
> Request has been sent.
>
> Modified version of Ville Tervo patch.
>
> Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
> ---
> net/bluetooth/l2cap.c | 11 +++++++++--
> 1 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
> index bb00015..7f82f7b 100644
> --- a/net/bluetooth/l2cap.c
> +++ b/net/bluetooth/l2cap.c
> @@ -409,13 +409,16 @@ static void l2cap_do_start(struct sock *sk)
> if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
> return;
>
> - if (l2cap_check_security(sk)) {
> + if (l2cap_check_security(sk) &&
> + !(l2cap_pi(sk)->conf_state &
> + L2CAP_CONF_CONNECT_PEND)) {
> struct l2cap_conn_req req;
> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
> req.psm = l2cap_pi(sk)->psm;
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
> }
> @@ -464,13 +467,16 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
> }
>
> if (sk->sk_state == BT_CONNECT) {
> - if (l2cap_check_security(sk)) {
> + if (l2cap_check_security(sk) &&
> + !(l2cap_pi(sk)->conf_state &
> + L2CAP_CONF_CONNECT_PEND)) {
> struct l2cap_conn_req req;
> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
> req.psm = l2cap_pi(sk)->psm;
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
> }
> @@ -4407,6 +4413,7 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
> } else {
> --
> 1.7.0.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request
2010-06-23 7:30 [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request Emeltchenko Andrei
2010-07-06 10:11 ` Andrei Emeltchenko
@ 2010-07-06 15:14 ` Marcel Holtmann
1 sibling, 0 replies; 6+ messages in thread
From: Marcel Holtmann @ 2010-07-06 15:14 UTC (permalink / raw)
To: Emeltchenko Andrei; +Cc: linux-bluetooth
Hi Andrei,
> Due to race condition in L2CAP state machine L2CAP Connection Request
> may be sent twice for SDP with the same source channel id. Problems
> reported connecting to Apple products, some carkit, Blackberry phones.
>
> ...
> 2010-06-07 21:18:03.651031 < ACL data: handle 1 flags 0x02 dlen 12
> L2CAP(s): Connect req: psm 1 scid 0x0040
> 2010-06-07 21:18:03.653473 > HCI Event: Number of Completed Packets (0x13) plen 5
> handle 1 packets 1
> 2010-06-07 21:18:03.653808 > HCI Event: Auth Complete (0x06) plen 3
> status 0x00 handle 1
> 2010-06-07 21:18:03.653869 < ACL data: handle 1 flags 0x02 dlen 12
> L2CAP(s): Connect req: psm 1 scid 0x0040
> ...
>
> Patch uses L2CAP_CONF_CONNECT_PEND flag to mark that L2CAP Connection
> Request has been sent.
patch in general looks fine, but I do have some comments.
> diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
> index bb00015..7f82f7b 100644
> --- a/net/bluetooth/l2cap.c
> +++ b/net/bluetooth/l2cap.c
> @@ -409,13 +409,16 @@ static void l2cap_do_start(struct sock *sk)
> if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
> return;
>
> - if (l2cap_check_security(sk)) {
> + if (l2cap_check_security(sk) &&
> + !(l2cap_pi(sk)->conf_state &
> + L2CAP_CONF_CONNECT_PEND)) {
I think having some l2cap_check_pending() would be a good idea. This
high indentation is not easy to read.
> struct l2cap_conn_req req;
> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
> req.psm = l2cap_pi(sk)->psm;
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
If we look at the other cases we have done this, then either have an
empty line between these two commands. Or remove the other empty line.
> }
> @@ -464,13 +467,16 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
> }
>
> if (sk->sk_state == BT_CONNECT) {
> - if (l2cap_check_security(sk)) {
> + if (l2cap_check_security(sk) &&
> + !(l2cap_pi(sk)->conf_state &
> + L2CAP_CONF_CONNECT_PEND)) {
See above.
> struct l2cap_conn_req req;
> req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
> req.psm = l2cap_pi(sk)->psm;
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
See above.
> }
> @@ -4407,6 +4413,7 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
>
> l2cap_pi(sk)->ident = l2cap_get_ident(conn);
>
> + l2cap_pi(sk)->conf_state |= L2CAP_CONF_CONNECT_PEND;
> l2cap_send_cmd(conn, l2cap_pi(sk)->ident,
> L2CAP_CONN_REQ, sizeof(req), &req);
> } else {
See above.
Regards
Marcel
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2010-07-06 15:14 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-06-23 7:30 [PATCH] Bluetooth: check l2cap pending status before sending l2cap connect request Emeltchenko Andrei
2010-07-06 10:11 ` Andrei Emeltchenko
2010-07-06 15:14 ` Marcel Holtmann
-- strict thread matches above, loose matches on Subject: below --
2010-06-16 12:52 Emeltchenko Andrei
2010-06-19 0:53 ` Gustavo F. Padovan
2010-06-21 9:16 ` Andrei Emeltchenko
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).