Bluetooth: L2CAP: Fix not checking l2cap_chan security level

		       sizeof(req), &req);

}

static bool l2cap_check_enc_key_size(struct hci_conn *hcon)

static bool l2cap_check_enc_key_size(struct hci_conn *hcon,

				     struct l2cap_chan *chan)

{

	/* The minimum encryption key size needs to be enforced by the

	 * host stack before establishing any L2CAP connections. The

	int min_key_size = hcon->hdev->min_enc_key_size;

	/* On FIPS security level, key size must be 16 bytes */

	if (hcon->sec_level == BT_SECURITY_FIPS)

	if (chan->sec_level == BT_SECURITY_FIPS)

		min_key_size = 16;

	return (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags) ||

	    !__l2cap_no_conn_pending(chan))

		return;

	if (l2cap_check_enc_key_size(conn->hcon))

	if (l2cap_check_enc_key_size(conn->hcon, chan))

		l2cap_start_connection(chan);

	else

		__set_chan_timer(chan, L2CAP_DISC_TIMEOUT);

				continue;

			}

			if (l2cap_check_enc_key_size(conn->hcon))

			if (l2cap_check_enc_key_size(conn->hcon, chan))

				l2cap_start_connection(chan);

			else

				l2cap_chan_close(chan, ECONNREFUSED);

	/* Check if the ACL is secure enough (if not SDP) */

	if (psm != cpu_to_le16(L2CAP_PSM_SDP) &&

	    (!hci_conn_check_link_mode(conn->hcon) ||

	    !l2cap_check_enc_key_size(conn->hcon))) {

	    !l2cap_check_enc_key_size(conn->hcon, pchan))) {

		conn->disc_reason = HCI_ERROR_AUTH_FAILURE;

		result = L2CAP_CR_SEC_BLOCK;

		goto response;

		}

		if (chan->state == BT_CONNECT) {

			if (!status && l2cap_check_enc_key_size(hcon))

			if (!status && l2cap_check_enc_key_size(hcon, chan))

				l2cap_start_connection(chan);

			else

				__set_chan_timer(chan, L2CAP_DISC_TIMEOUT);

			struct l2cap_conn_rsp rsp;

			__u16 res, stat;

			if (!status && l2cap_check_enc_key_size(hcon)) {

			if (!status && l2cap_check_enc_key_size(hcon, chan)) {

				if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) {

					res = L2CAP_CR_PEND;

					stat = L2CAP_CS_AUTHOR_PEND;