bluetooth: Check for hcon during during sock_close It is possible that during BT OFF operation the hcon could be released from a tasklet context while we are trying to send the l2cap disconnect req. Make sure that hcon is valid before dereferencing it during l2cap disconnect req. CRs-fixed: 383345 Change-Id: Icb12c62560013b5ebb047c1c5d4bfe04b3a793ef Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>

commit: 059f5ba91071172970d8db0a1a954c57c23e53d8 [log] [tgz]
author: Sunny Kapdi <sunnyk@codeaurora.org> Fri Jul 27 16:19:43 2012 -0700
committer: Sunny Kapdi <sunnyk@codeaurora.org> Tue Jul 31 15:03:09 2012 -0700
tree: 76d039a8ff022f3dff005f23db98c98aa81992a1
parent: 3ae134c2e35ae687a574d51ced6525eb952c5369 [diff]
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 733dc22..22a4dbe 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c

@@ -701,6 +701,9 @@
 	if (!skb)
 		return;
 
+	if (conn->hcon == NULL || conn->hcon->hdev == NULL)
+		return;
+
 	if (lmp_no_flush_capable(conn->hcon->hdev))
 		flags = ACL_START_NO_FLUSH;
 	else
commit	059f5ba91071172970d8db0a1a954c57c23e53d8	[log] [tgz]
author	Sunny Kapdi <sunnyk@codeaurora.org>	Fri Jul 27 16:19:43 2012 -0700
committer	Sunny Kapdi <sunnyk@codeaurora.org>	Tue Jul 31 15:03:09 2012 -0700
tree	76d039a8ff022f3dff005f23db98c98aa81992a1
parent	3ae134c2e35ae687a574d51ced6525eb952c5369 [diff]