When we receive "Command Disallowed" response to HCI_CREATE_CONNECTION, we'll try to connect again later, assuming that the command failed either because there's already concurrent "Create Connection" requests on the card and all "slots" for new connections are exhausted, or the card is in the middle of doing an HCI Inquiry. Both of those conditions we should know about, so do some sanity checking to ensure one of them actually applies. If they don't, log an error and delete the connection. Signed-off-by: Jonas Dreßler <verdre@xxxxxxx> --- net/bluetooth/hci_event.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index e1f5b6f90..1376092c5 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c @@ -2323,8 +2323,28 @@ static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status) if (status) { if (conn && conn->state == BT_CONNECT) { + /* If the request failed with "Command Disallowed", the + * card is either using all its available "slots" for + * attempting new connections, or it's currently + * doing an HCI Inquiry. In these cases we'll try to + * do the "Create Connection" request again later. + */ if (status == HCI_ERROR_COMMAND_DISALLOWED) { conn->state = BT_CONNECT2; + + if (!hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT) && + !test_bit(HCI_INQUIRY, &hdev->flags)) { + bt_dev_err(hdev, + "\"Create Connection\" returned error " + "(0x%2.2x) indicating to try again, but " + "there's no concurrent \"Create " + "Connection\" nor an ongoing inquiry", + status); + + conn->state = BT_CLOSED; + hci_connect_cfm(conn, status); + hci_conn_del(conn); + } } else { conn->state = BT_CLOSED; hci_connect_cfm(conn, status); -- 2.43.0