Bluetooth: Add extra channel checks for control open/close messages
authorMarcel Holtmann <marcel@holtmann.org>
Tue, 30 Aug 2016 03:00:38 +0000 (05:00 +0200)
committerMarcel Holtmann <marcel@holtmann.org>
Mon, 19 Sep 2016 18:19:34 +0000 (20:19 +0200)
The control open and close monitoring events require special channel
checks to ensure messages are only send when the right events happen.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
net/bluetooth/hci_sock.c

index ca13fac1c1324f8a9f05a19afafd8a918ac560ad..b22efe272f7e51e2ccdb1bb14afb5664806151bd 100644 (file)
@@ -479,7 +479,7 @@ static struct sk_buff *create_monitor_ctrl_open(struct sock *sk)
 {
        struct hci_mon_hdr *hdr;
        struct sk_buff *skb;
-       u16 format = 0x0002;
+       u16 format;
        u8 ver[3];
        u32 flags;
 
@@ -487,11 +487,20 @@ static struct sk_buff *create_monitor_ctrl_open(struct sock *sk)
        if (!hci_pi(sk)->cookie)
                return NULL;
 
+       switch (hci_pi(sk)->channel) {
+       case HCI_CHANNEL_CONTROL:
+               format = 0x0002;
+               mgmt_fill_version_info(ver);
+               break;
+       default:
+               /* No message for unsupported format */
+               return NULL;
+       }
+
        skb = bt_skb_alloc(14 + TASK_COMM_LEN , GFP_ATOMIC);
        if (!skb)
                return NULL;
 
-       mgmt_fill_version_info(ver);
        flags = hci_sock_test_flag(sk, HCI_SOCK_TRUSTED) ? 0x1 : 0x0;
 
        put_unaligned_le32(hci_pi(sk)->cookie, skb_put(skb, 4));
@@ -523,6 +532,14 @@ static struct sk_buff *create_monitor_ctrl_close(struct sock *sk)
        if (!hci_pi(sk)->cookie)
                return NULL;
 
+       switch (hci_pi(sk)->channel) {
+       case HCI_CHANNEL_CONTROL:
+               break;
+       default:
+               /* No message for unsupported format */
+               return NULL;
+       }
+
        skb = bt_skb_alloc(4, GFP_ATOMIC);
        if (!skb)
                return NULL;
@@ -652,9 +669,6 @@ static void send_monitor_control_replay(struct sock *mon_sk)
        sk_for_each(sk, &hci_sk_list.head) {
                struct sk_buff *skb;
 
-               if (hci_pi(sk)->channel != HCI_CHANNEL_CONTROL)
-                       continue;
-
                skb = create_monitor_ctrl_open(sk);
                if (!skb)
                        continue;