Bluetooth: controller: Add explicit opcode check in unknown rsp PDU (c895d1d0) · Commits · Wenxi XU / zephyr

subsys/bluetooth/controller/ll_sw/ull_conn.c

+12 −8

Original line number	Diff line number	Diff line
		@@ -5859,10 +5859,14 @@ static inline int ctrl_rx(memq_link_t link, struct node_rx_pdu *rx,
		goto ull_conn_rx_unknown_rsp_send;
		}

		struct pdu_data_llctrl llctrl = (void )&pdu_rx->llctrl;

		if (0) {
		#if defined(CONFIG_BT_CTLR_CONN_PARAM_REQ)
		} else if (conn->llcp_conn_param.ack !=
		conn->llcp_conn_param.req) {
		} else if ((conn->llcp_conn_param.ack !=
		conn->llcp_conn_param.req) &&
		(llctrl->unknown_rsp.type ==
		PDU_DATA_LLCTRL_TYPE_CONN_PARAM_REQ)) {
		struct lll_conn *lll = &conn->lll;
		struct node_rx_cu *cu;

		@@ -5924,7 +5928,9 @@ static inline int ctrl_rx(memq_link_t link, struct node_rx_pdu *rx,
		#endif /* CONFIG_BT_CTLR_CONN_PARAM_REQ */

		#if defined(CONFIG_BT_CTLR_DATA_LENGTH)
		} else if (conn->llcp_length.req != conn->llcp_length.ack) {
		} else if ((conn->llcp_length.req != conn->llcp_length.ack) &&
		(llctrl->unknown_rsp.type ==
		PDU_DATA_LLCTRL_TYPE_LENGTH_REQ)) {
		/* Procedure complete */
		conn->llcp_length.ack = conn->llcp_length.req;

		@@ -5934,8 +5940,9 @@ static inline int ctrl_rx(memq_link_t link, struct node_rx_pdu *rx,
		#endif /* CONFIG_BT_CTLR_DATA_LENGTH */

		#if defined(CONFIG_BT_CTLR_PHY)
		} else if (conn->llcp_phy.req !=
		conn->llcp_phy.ack) {
		} else if ((conn->llcp_phy.req != conn->llcp_phy.ack) &&
		(llctrl->unknown_rsp.type ==
		PDU_DATA_LLCTRL_TYPE_PHY_REQ)) {
		struct lll_conn *lll = &conn->lll;

		/* Procedure complete */
		@@ -5963,9 +5970,6 @@ static inline int ctrl_rx(memq_link_t link, struct node_rx_pdu *rx,
		#endif /* CONFIG_BT_CTLR_PHY */

		} else {
		struct pdu_data_llctrl *llctrl;

		llctrl = (void *)&pdu_rx->llctrl;
		switch (llctrl->unknown_rsp.type) {

		#if defined(CONFIG_BT_CTLR_LE_PING)

Admin message