Bluetooth: Fix calculation of SCO handle for packet processing

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When processing SCO packets, the handle is wrongly assumed as 16-bit
value. The actual size is 12-bits and the other 4-bits are used for
packet flags.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

authored by

Marcel Holtmann and committed by

Johan Hedberg 6 years ago debdedf2 77131dfe

+5 -2

1 changed file

expand all

net

bluetooth

hci_core.c

+5 -2

net/bluetooth/hci_core.c

··· 4387 4387 { 4388 4388 struct hci_sco_hdr *hdr = (void *) skb->data; 4389 4389 struct hci_conn *conn; 4390 - __u16 handle; 4390 + __u16 handle, flags; 4391 4391 4392 4392 skb_pull(skb, HCI_SCO_HDR_SIZE); 4393 4393 4394 4394 handle = __le16_to_cpu(hdr->handle); 4395 + flags = hci_flags(handle); 4396 + handle = hci_handle(handle); 4395 4397 4396 - BT_DBG("%s len %d handle 0x%4.4x", hdev->name, skb->len, handle); 4398 + BT_DBG("%s len %d handle 0x%4.4x flags 0x%4.4x", hdev->name, skb->len, 4399 + handle, flags); 4397 4400 4398 4401 hdev->stat.sco_rx++; 4399 4402