From: Mat Martineau Date: Thu, 5 Aug 2010 22:54:22 +0000 (-0700) Subject: Bluetooth: Fix endianness issue with L2CAP MPS configuration X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=86b1b26326279299c93ddb11ab4782d3896bf84c;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git Bluetooth: Fix endianness issue with L2CAP MPS configuration Incoming configuration values must be converted to native CPU order before use. This fixes a bug where a little-endian MPS value is compared to a native CPU value. On big-endian processors, this can cause ERTM and streaming mode segmentation to produce PDUs that are larger than the remote stack is expecting, or that would produce fragmented skbs that the current FCS code cannot handle. Signed-off-by: Mat Martineau Signed-off-by: Marcel Holtmann --- diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index 3e3cd9d4e52c..9d1f1544d9d3 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c @@ -2705,8 +2705,9 @@ done: case L2CAP_MODE_ERTM: pi->remote_tx_win = rfc.txwin_size; pi->remote_max_tx = rfc.max_transmit; - if (rfc.max_pdu_size > pi->conn->mtu - 10) - rfc.max_pdu_size = le16_to_cpu(pi->conn->mtu - 10); + + if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10) + rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10); pi->remote_mps = le16_to_cpu(rfc.max_pdu_size); @@ -2723,8 +2724,8 @@ done: break; case L2CAP_MODE_STREAMING: - if (rfc.max_pdu_size > pi->conn->mtu - 10) - rfc.max_pdu_size = le16_to_cpu(pi->conn->mtu - 10); + if (le16_to_cpu(rfc.max_pdu_size) > pi->conn->mtu - 10) + rfc.max_pdu_size = cpu_to_le16(pi->conn->mtu - 10); pi->remote_mps = le16_to_cpu(rfc.max_pdu_size);