Bluetooth: SMP packets are only valid on LE connections When receiving SMP packets on a BR/EDR connection, then just drop the packet and do not try to process it. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

commit: 7b9899dbcf432b188f3cc22bd1ad9e8050c496fc [log] [tgz]
author: Marcel Holtmann <marcel@holtmann.org> Thu Oct 03 00:00:57 2013 -0700
committer: Johan Hedberg <johan.hedberg@intel.com> Thu Oct 03 10:09:12 2013 +0300
tree: 4c5e2df70e2cf98cdda9f18ae9710a43c35bc5c7
parent: 94b6a09b67ac4f0772d298aec0973fe3261150a0 [diff] [blame]
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index b5562ab..6e049497 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c

@@ -847,10 +847,16 @@
 
 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
 {
+	struct hci_conn *hcon = conn->hcon;
 	__u8 code = skb->data[0];
 	__u8 reason;
 	int err = 0;
 
+	if (hcon->type != LE_LINK) {
+		kfree_skb(skb);
+		return -ENOTSUPP;
+	}
+
 	if (!test_bit(HCI_LE_ENABLED, &conn->hcon->hdev->dev_flags)) {
 		err = -ENOTSUPP;
 		reason = SMP_PAIRING_NOTSUPP;
commit	7b9899dbcf432b188f3cc22bd1ad9e8050c496fc	[log] [tgz]
author	Marcel Holtmann <marcel@holtmann.org>	Thu Oct 03 00:00:57 2013 -0700
committer	Johan Hedberg <johan.hedberg@intel.com>	Thu Oct 03 10:09:12 2013 +0300
tree	4c5e2df70e2cf98cdda9f18ae9710a43c35bc5c7
parent	94b6a09b67ac4f0772d298aec0973fe3261150a0 [diff] [blame]