tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Bluetooth: Errata Service Release 8, Erratum 3253

L2CAP: New result values
0x0006 - Connection refused – Invalid Source CID
0x0007 - Connection refused – Source CID already allocated

As per the ESR08_V1.0.0, 1.11.2 Erratum 3253, Page No. 54,
"Remote CID invalid Issue".
Applies to Core Specification versions: V5.0, V4.2, v4.1, v4.0, and v3.0 + HS
Vol 3, Part A, Section 4.2, 4.3, 4.14, 4.15.

Core Specification Version 5.0, Page No.1753, Table 4.6 and
Page No. 1767, Table 4.14

New result values are added to l2cap connect/create channel response as
0x0006 - Connection refused – Invalid Source CID
0x0007 - Connection refused – Source CID already allocated

Signed-off-by: Mallikarjun Phulari <mallikarjun.phulari@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

authored by

Mallikarjun Phulari and committed by
Marcel Holtmann dd1a8f8a 571f7390

+12 -2
+2
include/net/bluetooth/l2cap.h
··· 277 277 #define L2CAP_CR_SEC_BLOCK 0x0003 278 278 #define L2CAP_CR_NO_MEM 0x0004 279 279 #define L2CAP_CR_BAD_AMP 0x0005 280 + #define L2CAP_CR_INVALID_SCID 0x0006 281 + #define L2CAP_CR_SCID_IN_USE 0x0007 280 282 281 283 /* credit based connect results */ 282 284 #define L2CAP_CR_LE_SUCCESS 0x0000
+10 -2
net/bluetooth/l2cap_core.c
··· 3816 3816 3817 3817 result = L2CAP_CR_NO_MEM; 3818 3818 3819 - /* Check if we already have channel with that dcid */ 3820 - if (__l2cap_get_chan_by_dcid(conn, scid)) 3819 + /* Check for valid dynamic CID range (as per Erratum 3253) */ 3820 + if (scid < L2CAP_CID_DYN_START || scid > L2CAP_CID_DYN_END) { 3821 + result = L2CAP_CR_INVALID_SCID; 3821 3822 goto response; 3823 + } 3824 + 3825 + /* Check if we already have channel with that dcid */ 3826 + if (__l2cap_get_chan_by_dcid(conn, scid)) { 3827 + result = L2CAP_CR_SCID_IN_USE; 3828 + goto response; 3829 + } 3822 3830 3823 3831 chan = pchan->ops->new_connection(pchan); 3824 3832 if (!chan)