Bluetooth: Check if we really are in WAIT_F when F bit comes F-bit set should be processed only if we are in the WAIT_F state. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi> Reviewed-by: João Paulo Rechi Vita <jprvita@profusion.mobi> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

commit: 9b16dc6551cbde65d0ac525af3c46efab53a2c46 [log] [tgz]
author: Gustavo F. Padovan <padovan@profusion.mobi> Wed May 05 20:05:57 2010 -0300
committer: Marcel Holtmann <marcel@holtmann.org> Mon May 10 09:28:52 2010 +0200
tree: 6634c109c4d6de8f3b06cfd0c026d605c70c2402
parent: a2e12a2a312f816d5970b0c809d43b399fbfe90c [diff]
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index 5a5203f..eb5cb29 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c

@@ -3503,7 +3503,8 @@
 
 	BT_DBG("sk %p rx_control 0x%4.4x len %d", sk, rx_control, skb->len);
 
-	if (L2CAP_CTRL_FINAL & rx_control) {
+	if (L2CAP_CTRL_FINAL & rx_control &&
+			l2cap_pi(sk)->conn_state & L2CAP_CONN_WAIT_F) {
 		del_timer(&pi->monitor_timer);
 		if (pi->unacked_frames > 0)
 			__mod_retrans_timer();
@@ -3727,7 +3728,8 @@
 {
 	BT_DBG("sk %p rx_control 0x%4.4x len %d", sk, rx_control, skb->len);
 
-	if (L2CAP_CTRL_FINAL & rx_control) {
+	if (L2CAP_CTRL_FINAL & rx_control &&
+			l2cap_pi(sk)->conn_state & L2CAP_CONN_WAIT_F) {
 		del_timer(&l2cap_pi(sk)->monitor_timer);
 		if (l2cap_pi(sk)->unacked_frames > 0)
 			__mod_retrans_timer();
commit	9b16dc6551cbde65d0ac525af3c46efab53a2c46	[log] [tgz]
author	Gustavo F. Padovan <padovan@profusion.mobi>	Wed May 05 20:05:57 2010 -0300
committer	Marcel Holtmann <marcel@holtmann.org>	Mon May 10 09:28:52 2010 +0200
tree	6634c109c4d6de8f3b06cfd0c026d605c70c2402
parent	a2e12a2a312f816d5970b0c809d43b399fbfe90c [diff]