Bluetooth: Limit L2CAP_OPTIONS socket option usage with LE

Most of the values in L2CAP_OPTIONS are not applicable for LE and those
that are have different semantics. It makes therefore sense to
completely block this socket option for LE and add (in a separate patch)
a new socket option for tweaking the values that do make sense (mainly
the send and receive MTU). Legacy user space ATT code still depends on
getsockopt for L2CAP_OPTIONS though so we need to plug a hole for that
for backwards compatibility.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index 61e25ba..a20fcc3 100644 (file)
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -370,6 +370,16 @@ static int l2cap_sock_getsockopt_old(struct socket *sock, int optname,
 
        switch (optname) {
        case L2CAP_OPTIONS:
+               /* LE sockets should use BT_SNDMTU/BT_RCVMTU, but since
+                * legacy ATT code depends on getsockopt for
+                * L2CAP_OPTIONS we need to let this pass.
+                */
+               if (bdaddr_type_is_le(chan->src_type) &&
+                   chan->scid != L2CAP_CID_ATT) {
+                       err = -EINVAL;
+                       break;
+               }
+
                memset(&opts, 0, sizeof(opts));
                opts.imtu     = chan->imtu;
                opts.omtu     = chan->omtu;
@@ -564,6 +574,11 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname,
 
        switch (optname) {
        case L2CAP_OPTIONS:
+               if (bdaddr_type_is_le(chan->src_type)) {
+                       err = -EINVAL;
+                       break;
+               }
+
                if (sk->sk_state == BT_CONNECTED) {
                        err = -EINVAL;
                        break;