diff mbox series

[5.10,2/2] Bluetooth: hci_core: Fix calling mgmt_device_connected

Message ID 20250113073100.34744-2-d.privalov@omp.ru (mailing list archive)
State New
Headers show
Series [5.10,1/2] Bluetooth: L2CAP: Fix uaf in l2cap_connect | expand

Commit Message

d.privalov Jan. 13, 2025, 7:31 a.m. UTC
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

commit 55abbd148dfb604ebf3f72d6c3dd2a8063d40718 upstream.

Since 61a939c68ee0 ("Bluetooth: Queue incoming ACL data until
BT_CONNECTED state is reached") there is no long the need to call
mgmt_device_connected as ACL data will be queued until BT_CONNECTED
state.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=219458
Link: https://github.com/bluez/bluez/issues/1014
Fixes: 333b4fd11e89 ("Bluetooth: L2CAP: Fix uaf in l2cap_connect")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Dmitriy Privalov <d.privalov@omp.ru>
---
 net/bluetooth/hci_core.c | 2 --
 1 file changed, 2 deletions(-)
diff mbox series

Patch

diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index f6cff34a85421c..f9e19f9cb5a386 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -3792,8 +3792,6 @@  static void hci_acldata_packet(struct hci_dev *hdev, struct sk_buff *skb)
 
 	hci_dev_lock(hdev);
 	conn = hci_conn_hash_lookup_handle(hdev, handle);
-	if (conn && hci_dev_test_flag(hdev, HCI_MGMT))
-		mgmt_device_connected(hdev, conn, 0, NULL, 0);
 	hci_dev_unlock(hdev);
 
 	if (conn) {