Add support to create connection to LE devices using
whitelist. With this, the Controller can try to connect
to multiple devices at the same time. The following
interfaces are added.
1. Add/Remove device from whitelist
2. Clear all the devices from whitelist
3. Create Connection to devices from whitelist
4. Cancel create connection to whitelist devices
CRs-fixed: 388980
Change-Id: I3900c71255e754f80bb2873ae19a41b94cca76c3
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
(cherry picked from commit 93bef895b01b79f49af60ba1394c9c3f6e563212)
(cherry picked from commit 377ee2bf1fc37bcbeae872661646bdd6a5f8da31)
Found there are some IOT issues when this command is sent from
DUT. This command is only a dummy implementation. As this doesn't
have any impact on functionality, disabled the feature.
Change-Id: Ib435ac17df9d0377bd0b41fdc33b68c738eeaccc
CRs-Fixed: 390090
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
(cherry picked from commit ed37c51ddc9b1514f5e5bfec1ae4763a85e2faad)
Added a new function to verify whether the LE Connection Update
parameters are valid instaed of verifying all the LE Connection
parameters since only update parameters are set in the Connection
Update Request.
CRs-Fixed: 387146
Change-Id: I9fe6b51e44e2793f3945613fdfde3a039804746f
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
(cherry picked from commit 95319af0612d58788279748f586cc57221c3443e)
Send device disconnection reason to bluez on receiving the
diconnection complete event so that low energy profiles
such as proximity can decide to reconnect if the reason
is link loss.
CRs-Fixed: 378240
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
(cherry picked from commit da09d26a75ee1c7c1911dcfbe0128fd09f6631f4)
Change-Id: Iab1fede47f44342d87be6c3c5aa7590754fd950c
Signed-off-by: Sudhir Sharma <sudsha@codeaurora.org>
Found in a rare case there is possibility that remote device
sent disconnect on a connection and DUT is trying send data
on the same. In that case accessing some released wakelock
is causing issue. The current changes are to use locking
mechanism to validate the connection before acting on the
wake lock.
CRs-Fixed: 394651
Change-Id: I6a4188a7d0d05a8cfbe66d3680473d549157917a
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
(cherry picked from commit 6aadc41fcbd28dc3899a4b5d098e5f316588a029)
Signed-off-by: Sudhir Sharma <sudsha@codeaurora.org>
In hci_connect API there is check for existing link, before
connect operation in order to avoid queuing connect if connection
already exist. This check for Synchronous connections is not
validating for ESCO and SCO connection types which are possible
synchronous connections.The current change takes care of verifying
both before proceeding to add a new connection.
Change-Id: I9018e0938bcd222bb6d80944e1b113e07227b066
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
(cherry picked from commit 645f4d465ba131c87a99fdebcef5e597181b33c8)
Signed-off-by: Sudhir Sharma <sudsha@codeaurora.org>
Have maximum blocking time for shutdown operation as DISCONNECT_TIMEOUT.
During this period when SCO connection closes, the userspace will be
updated on the close operation. Existing approach of immidiate return
on shutdown call can cause synchronization issues on SCO state between
kernel and userspace. This happens when disconnect operation takes
more time at kernel space.
Change-Id: Id9e6a61c2c3d4ba2cf6da574fc49bc6894a8f96a
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
While hid device unpair process, we are trying to access released
socket as apart of getting hci device which results a kernel panic.
CRs-fixed: 387164
Change-Id: I1f3f3f92cfd1d3b39793bc5a142001d5e26d76c4
Signed-off-by: Ram Mohan Korukonda <rkorukon@codeaurora.org>
shutdown should wait for SCO link to be properly disconnected before
detroying the socket, otherwise an application using the socket may
assume link is properly disconnected before it really happens which
can be a problem when e.g synchronizing profile switch.
Change-Id: Ifc59bfd90c264d9c742ce254161a21518108c3cb
Signed-off-by: Luiz Augusto von Dentz <luiz.dentz-von@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
Found there is possibility of sniff subrate collision with some
IOT devices. When this collision happned if the remote device
send subrate values that doesn't match with DUT supported
values exit sniff mode. This will allow DUT to reconfigure
sniff after idle time.
CRs-Fixed: 380811
Change-Id: Ie9502a48411635fbea73f935f99ea4f444556b41
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
When data transfer is in progress on a ACL connection, all the time
the set_active_mode API will be called to update the timer for next
sniff mode. If there is ACL disconnect triggered from remote side,
there is possibility of hci connection delete when set_active
routine in progress. Found a condition where delete API destroyed
the wake lock, which is used in set_active API. In codition leads
to crash in set_wakelock API. The current change is to lock hdev,
before set_active and set_sniff APIs are called. This avoids the
race condition in accessing hci connection, while delete in progress
and vice versa.
CRs-Fixed: 383490
Change-Id: I625ebb8c8f09ddf2afcd300d20ab3bf8e164b485
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
It is possible that during BT OFF operation the hcon
could be released from a tasklet context while we are
trying to send the l2cap disconnect req. Make sure
that hcon is valid before dereferencing it during
l2cap disconnect req.
CRs-fixed: 383345
Change-Id: Icb12c62560013b5ebb047c1c5d4bfe04b3a793ef
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
In rfcomm_session_put API the session count is decremented
and when it is equal to zero rfcomm_session_del is called
where session is removed from sessions list and freed. The
current change is verify the existance of session in list
before acting session. The avoids the possibility of action
on a deleted session, which causes crash.
CRs-Fixed: 383000
Change-Id: Ia55607b08ee388465494f08bbe1627102d281f8a
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
The BT host has fixed set of buffers to send data to SoC, generic value
is 5. When a connection, like A2DP playback is ready to send data it
fills one of the buffer available and sends to SoC. Once SoC got
acknowledged from remote side that the data received it updates the host
and the buffer is freed. Till host is acknowledged the send Complete
info, the data buffer is locked for that data transfer. The below is the
example for buffers availability.
Total free Buffers count : 5
Connections : 1
Conn_1 need to send data, picks buf_1 and send to SoC
free Buffers count: 4
Buffers used by Conn_1 : 1
Still Conn_1 has more data to send ....
free Buffers count: 3
Buffers used by Conn_1 : 2
Remote device Ack for buf_1, so 1 buffer is freed, updated state is
free Buffers count : 4
Buffers used by Conn_1 : 1
When there are more ACL connections to transfer data, like one
connection for A2DP playback and one for OPP data transfer, all the data
buffers available with host can be used by any ACL which has ready data
to send. This allows maximum throughputs possibility from host. But the
existing solution has a problem. If one connection has used all the
buffers at a instanace of time, and didnt release (this happens when remote
device doesnt ACK to send) the other connections will not have buffers to
send. In current usecase A2dp data cannot be sent to headset as OPP
connection is lost. The current change is, when there are more
connections the quota for a connection that it can use maximum is
total buffers-1. This allows other connections not to get blocked,
at the same time through puts are not going to dropped.
CRs-Fixed: 370497
Change-Id: Iac34f0a223555de80d1daebde34c7fc87668c0d5
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
LE connections don't have sniff/active connection
mode, unlike BR/EDR. Make sure that the link which
has been requested to enter sniff/active mode is not
an LE connection.
CRs-fixed: 376972
Change-Id: Iec4714d1c2ea7621267f9064b7046eb9d5ff9462
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
Added support to let the userspace know about the updated
LE connection parameters. On receiving successful connection
complete and connection parameters update event from the BT
Controller, send a mgmt event to the userspace bluetoothd.
CRs-fixed: 380271
Change-Id: If8c3d785188e0d4f38c7431d01c016f399137408
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
The start encryption command fails when the LE update
connection parameters request is pending.
Hence, prevent the update of LE connection parameters during the
bonding process. The update of connection parameters is
not necessary during bonding process.
CRs-fixed: 380257
Change-Id: I41cb3998fecc2297d61ec97d66ac35a0bd41ca80
Signed-off-by: Subramanian Srinivasan <subrsrin@codeaurora.org>
In error conditions Adapter state machine via Bluez tries to reset
the hci device, during that in some rare scenario if some pending event
comes from riva, the command complete apis tries to access some already
freed memory in reset sequence.
CRs-fixed: 369658
Change-Id: I5e9ce0a4322d07a26602c7f74b1484720f6b4d75
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
Since the context where unlink will be called is unaware of
validity of hci_conn pointer, fetch the valid hci_conn
before unlink.
CRs-fixed: 370274
Change-Id: I30a35acdf75c9b4787af6629c7b32d2d31b8ad80
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Update the hdev scan state with Inquiry start/cancel commands in
non-LE case accordingly. And also there was no check to see the
SCAN_BR mode before sending inquiry cancel.Added a check to see
if the scan state is SCAN_BR,then send inquiry cancel
Change-Id: I222f500fc20b991f4c3ec7eb1fc70bf20649f142
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
CRs-fixed: 359771
Store the MTU to use the proper MTU requested by remote if the
configuration fails for other options. If the remote does not
send the MTU in the next configuration request,
we need to use that value.
CRs-fixed: 373233
Change-Id: I35d9aa777f237bce5a4194036261128af1a7ada7
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Class of device information is required to the bluez userspace
to write to persistant storage and also update upper layers on
request. So update the local CoD info to bluez once the hci write
is successful.
Change-Id: If45910d4b391616592b49d77d87ca0314be1f033
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
If due to timing issues out of our control, an outbound ATT Indicate
is delayed to the point that user space code does not receive
confirmation within it time-out period, both Client and Server
sockets must be torn down. We also must always respond to incoming
ATT Indicate pkt with a Confirmation, as the Error Response is an
illegal response for Indicate.
CRs-Fixed: 363355
Change-Id: I4003a59e1a731a08818f18d5b79db537e2aa2619
Signed-off-by: Brian Gix <bgix@codeaurora.org>
This change addresses an L2CAP ERTM throughput problem when a remote
device does not fully utilize the available transmit window.
The L2CAP ERTM transmit window size determines the maximum number of
unacked frames that may be outstanding at any time. It is configured
separately for each direction of an ERTM connection. Each side sends a
configuration request with a tx_win field indicating how many unacked
frames it is capable of receiving before sending an ack. The
configuration response's tx_win field shows how many frames the
transmitter will actually send before waiting for an ack.
It's important to trace both the actual transmit window (to check for
validity of incoming frames) and the number of frames that the
transmitter will send before waiting (to send acks at the appropriate
time). Now there are separate tx_win and ack_win values. ack_win is
updated based on configuration responses, and is used to determine
when acks are sent.
CRs-fixed: 370909
Change-Id: I6d9ef55a2ff2f5f3d0117ad376a09e4cc26fe742
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
AMP feature is decommitted from Android PL's. Make advertising and
support for the A2MP protocol depend on an L2CAP module parameter
and make the default state disabled.
Change-Id: Icb9827d2d4205818d6c3b49e7a53938666f769e8
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
In case of 2.1 capable devices, when remote device had unpaired,
successive connect from the DUT was resulting in general bonding with
automatic accept allowed for numeric comparison
(i.e. authentication_requirements = 0x04). This lead to bad user
experience as user confirmation pop up wasn't notified on the DUT. Now
its ensured that if remote device has unpaired then DUT would trigger
dedicated bonding as part of the DUT intiated connect.
CRs-fixed: 362572
Change-Id: Id55f6cf3cc70621c29f583aa913fc08180e2d8f0
Signed-off-by: Royston Rodrigues <roystonr@codeaurora.org>
When an adapter gets powered off or is removed any pending commands
should receive a ENETDOWN or ENODEV status response.
Change-Id: I2fec5fa19b2349a48a6aafd5b33ef7946067f16b
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
CRs-fixed: 364664
[bneti@codeaurora.org: Resolved conflict]
The fix in commit ff9718f8254b96dc313dd998c195c1c3769417ba was not
complete. In l2cap_logical_link_complete the socket pointer was
dereferenced in two places, the previous fix only handled one of
the locations.
This fixes an infrequent crash when performing OPP or FTP transfer
over AMP (Bluetooth 3.0+HS).
Change-Id: I730a503b143723ffff1765602151d66fe87103da
CRs-fixed: 360758
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
Holding a wakelock avoids suspend power collapse, which
allow the BT idle timer to kick in, which eventually
initiates BT low power modes.
CRs-Fixed: 361067
Change-Id: I93e3950b6f854e70dbce092a5529120ec008c2b8
Signed-off-by: Rahul Kashyap <rkashyap@codeaurora.org>
Remove holding the AMP manger list lock when sending the
A2MP Change Notify message, as this uses L2CAP and will
lock the socket and possibly sleep.
This removes a potential deadlock and a "BUG: sleeping
function called from invalid context" message from the
kernel log.
Change-Id: Icf8c5afc1a5cde36517bb979820c83a20ee207fd
CRs-fixed: 358736
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
In order to support extended window sizes with L2CAP streaming mode,
an extended window size option must be included in the outgoing
configuration request when an application has requested a transmit
window larger than the default transmit window.
Streaming mode does not have a transmit window, so initialization of
the transmit window data structures was not taking place. However, the
transmit window socket option does trigger use of extended headers,
which are required for full streaming mode support and
qualification. Utilizing the existing transmit window initialization
code enables extended header use.
CRs-fixed: 355437
Change-Id: I7bf25b7a70bb2b68c0f5bfd42b2b46b99d68e990
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Various LE profiles require very specific LE parameters for
both establishing and maintaining LE connections to remote
peripherals. These LE only parameters are encapsulated into
a single sockopts structure, and may be passed from user space.
CRs-Fixed: 335971
Change-Id: I408edb97ab0fa9717c7d3fe5fc8ad6ac179a2fff
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Possible for l2cap_logical_link_complete handler to be scheduled
twice with mis-behaving PAL. Since handler clears the socket pointer
must check for NULL socket pointer.
This fixes an infrequent crash when performing OPP or FTP transfer
over AMP (Bluetooth 3.0+HS).
CRs-fixed: 355451
Change-Id: I2e78529f4f1e3b411af13fe6a68a49e724a581ee
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
On LE connections, either side may request security elevation. This
patch propogates the secuity level being requested by remote devices
to local servers and clients.
CRs-Fixed: 352637
Change-Id: Ia9ada039f0fef03c35c19d90b415423117e00e9a
Signed-off-by: Brian Gix <bgix@codeaurora.org>
The hci_dev should be locked/unlocked with the _bh form of
the spin lock, and function may not return while lock is held.
Change-Id: I2179a59506c2b212db5fb5b57bc27bff165b2cc6
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Restarting Riva will abruptly disconnect the hci device, which can
tear down the hci_conn struct on one processor while RFCOMM code
is running on another. This would keep l2cap_chan_del from being
executed while RFCOMM is in the middle of using a socket.
CRs-fixed: 351273
Change-Id: I37c82cac022a1d1c0fd60791f7c15b56e2415850
Signed-off-by: Ankit Verma <ankitv@codeaurora.org>
When BT2.1 link is in encrypted state, if HOST posts
SET_CONNECTION_ENCRYPTION with enable as on, in some cases
SoC fails to generate ENCRYPT_CHANGE event. Since the link is
already in encrypted state with current link key, HOST can avoid
repeated request for encrypting the link while doing service level
authentication. This patch avoids the repeated request for encrypting
the link after service level authentication from HOST, if the link
is already encrypted by current link key.
Change-Id: I9402d64310f0e4e6240ca6ed610e0108de061a12
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Code executing in process context should use hci_dev_lock_bh()
and hci_dev_unlock_bh() instead of hci_dev_lock/hci_dev_unlock
when dealing with the hci_dev lock so that it cannot be
interrupted while the lock is held.
Change-Id: Iebc2da96837db29ab4911b0429399e3e9ba4b93e
CRs-fixed: 350532
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
Sometimes an ACL link must be raised to a higher security level after
an L2CAP connection is requested, but before a connection response is
sent. In these cases, a connection response would be sent by L2CAP
but would not be followed by a configuration request. If the remote
device waits for a configuration request, the connection stalls. This
change immediately sends a configuration request after a connect
response rather than waiting for a configuration request from the
remote device.
Change-Id: I118329ebf5f10a763d992975e04a817e13a1c665
CRs-fixed: 349285
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
If the remote device does not support Encryption Pause,
It might disable Encryption during role switch. Allow a
Grace period of 500 ms for such devices to re-enable.
Change-Id: I8af8082e16e185fe8c15adaf07169cc73179c59f
CRs-fixed: 336828
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
The Security levels have been decided based on
remote_features or remote_extended_features for 2.0
and 2.1 devices. In case of security mode - 3 pairing,
this data is not available since pairing happens before
ACL connection complete. This patch fixes this problem.
Change-Id: I0397d090fb1eecaf7b8cf385c3bf47c75fa5a8fb
CRs-fixed: 350377
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Fix issue where when setting up an AMP link the socket pointer
is not set when the logical link complete callback is called,
resulting in the L2CAP channel being disconnected.
The socket pointer must be set before the HCI logical link
create command is sent, as it is possible for the logical link
complete event to arrive before the HCI command send logic
has returned.
Change-Id: I5d89c14d45bd6b4cf47d5754f822b435ce8076a8
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
CRs-fixed: 344553
It is possible for the AMP move state to become WAIT_CONFIRM_RSP
before the logical link complete handler runs, so must allow
that state in the handler.
This fixes an issue where the move to AMP fails when moving a
second channel onto an existing logical link. In this case
the move responses are received from the remote very close
together (because there is no logical link to create) and they
are processed (and the state changed to WAIT_CONFIRM_RSP) before
the logical link complete handler runs on the work queue.
Change-Id: I0fc33c3e447ec8bd0009db406622adfc1cd83429
CRs-fixed: 348299
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
Take a reference on the hci_conn and do not de-reference l2cap_conn
while setting up the A2MP fixed channel. l2cap_conn is not reference
counted and may go away before the channel is set up.
This fixes scenario where the ACL disconnects (and l2cap_conn goes
away) while amp_conn_ind worker is running or is on the workqueue
waiting to run.
Change-Id: I10fc6d9b146fcc5e010f26a046f7e0570f2b93dd
CRs-fixed: 347079
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
Fix sending alert from the proximity client when the
received RSSI of the remote device equals the threshold
set on the client.
CRs-fixed: 344936
Change-Id: I598d7d66b492cb76754280d657b6e6d55dd0903b
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
This improves compatbility with a lot of headset / chipset
combinations. Ideally this should not be needed.
Change-Id: I8b676701e12e416aa7d60801b9d353b15d102709
Signed-off-by: hyungseoung.yoo <hyungseoung.yoo@samsung.com>
Signed-off-by: Jaikumar Ganesh <jaikumarg@android.com>
For non SSP devices, MEDIUM_SECURITY has to be used for pairing. This
can be determined and set while receiving remote supported features
event for BT2.0 devices.
Change-Id: I24558d40be01c4232fff4a871e2b57e390d4128a
CRs-fixed: 345945
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Fix issue where if a SCO connection is initiated during an AMP
OBEX transfer the fallback to BR-EDR fails and the OBEX connection
is disconnected.
When moving a channel back to BR-EDR L2CAP must allow for receiving
a Move Channel Response with Pending status before receiving the
Response with Success status.
Change-Id: I017bf607fa8ab5d0d582d61538c9a0e5ec25cd26
CRs-fixed: 341363
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
Fix issue where if there are two OBEX connections on an AMP link and one
of them is moved back to BR-EDR (or disconnected) the remaining connection
ceases to transfer any data, times out, and disconnects.
The l2cap_data pointer of the AMP hci_conn structure should not be cleared
whenever an L2CAP channel on AMP is deleted, it should only be cleared
when the last L2CAP channel on the AMP is deleted. This allows multiple
L2CAP channels to be open concurrently on AMP.
CRs-fixed: 344557
Change-Id: Ifb15a7156437a6ab7a7a76c3dae4b1cd901c796f
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
