When AUTH_REQUESTED command status is error status, do the bonding
cleanup, so that there will not be any problem for next time
pairing process and in user space.
Change-Id: I0150382be902279b856099c840598c5be91d03ac
CRs-fixed: 331126
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Found incoming connection issue with IOT devices when link enters
sniff mode during pairing process. The current change avoids link
entering sniff mode when link key is not available for connection.
Change-Id: I26fbbccec8d7b3faa91cba8f976fb0e44d7f5344
CRs-Fixed: 331520
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
On ACL connection complete with a remote device, the remote
device lmp version should be available with Controller. The
current change is to read this information from controller to
host and update to bluez userspace through management APIs.
Change-Id: Ie152ed98fa0a6cf9ab170a6bb8c6a05b5b9dfcb0
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
When an incoming HCI logical link event came in at the same time
a socket structure was deleted, it was possible to end up with a stale
pointer to the socket. The socket and associated HCI channel struct
need to be properly reference counted so they are not freed
prematurely.
CRs-Fixed: 325023
Change-Id: Ia5724a9ce2000acd60a174c354be04029bac5324
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
When connection initiated from the remote device the class of device
information is required to be updated to userspace through this
event.
Change-Id: I97d715a0b80e12d414ecf03d099955c8b12c82b4
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
Security level will be set to MEDIUM in case where the remote device
is 2.0 device. This would prevent it from going to 16 digit pairing
in case where the remote device sends the EIR and still doesn't
support SSP
CRs-fixed: 318469
Change-Id: I9d03b2b628cc188de44f44cfc3f8e81fbf3cb79d
Signed-off-by: Bhakthavatsala Raghavendra <braghave@codeaurora.org>
Fixes a deadlock issue due to spinlock being acquired
first in the process context and followed by a second
acquisition in the interrupt context
CRs-fixed: 319052
Change-Id: If17be9fa6f020dd1abd248f8999c2614251fc509
Signed-off-by: Subramanian Srinivasan <subrsrin@codeaurora.org>
mgmt_encrypt_link procedure is added by implementing
MGMT_OP_ENCRYPT_LINK and MGMT_EV_ENCRYPT_CHANGE
Change-Id: Ibed6e24c67bbea83318a67c636e02a93518de29d
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Whenever local device name is changed, EIR payload
is updated with the modified local device name.
CRs-fixed: 314228
Change-Id: Ib2ec05b6ac4f4a55612716f0567ee04056579ed6
Signed-off-by: Royston Rodrigues <roystonr@codeaurora.org>
LE-Only devices require that an Address Type (Public or Random) be
included in Connection Requests. This info is available at Pairing
but must be cached so that it is available at reconnection time.
This change includes the Address type with the Pairing data.
Change-Id: I50c78ad31d8be70f5c3f49a0529039e4a26daaac
Signed-off-by: Brian Gix <bgix@codeaurora.org>
If LE devices stop advertising or go out of range, we need
to apply a timeout because the baseband doesn't.
Change-Id: I115672e21fd8aef56ac688b2df4664bb74b725e4
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Store the link key persistently if one of the following is true:
1. this is a legacy link key
2. this is a changed combination key and there was a previously
stored one
3. neither local nor remote side had no-bonding as a requirement
4. the local side had dedicated bonding as a requirement
5. the remote side is using dedicated bonding since in that case
also the local requirements are set to dedicated bonding
If none of the above match only keep the link key around for
this connection and set the temporary flag for the device.
Change-Id: Ib41bbd16dd964fd21214d9e784579b7092658a66
CRs-Fixed: 309161
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
Timer that was started at beginning of LE Pairing did not correctly
terminate pairing process when it fired, and was not properly cleaned
up on pairing completion.
Change-Id: Idf51bc8bf85cd6939d1d42fc16c7ee3071ab2420
Signed-off-by: Brian Gix <bgix@codeaurora.org>
When remote device do not have link key, DUT will try to reinitiate
authentication process. We should remove the link key before
reinitiating authentication process. This was fixed in hciops in
Bluez user space. Adding this change for mgmtops to handle this
case in kernel space.
CRs-fixed: 307063
Change-Id: I6a3f7ee2b73b609a663bf18b21a6852230668c29
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
When remote device is connected outside the control of BlueZ, it
needs to be informed of whether the new connection is LE or BR/EDR.
Change-Id: I58efe8ed3cf5db2b7cc0b3417447b1e3abcdc1c2
Signed-off-by: Brian Gix <bgix@codeaurora.org>
When LE was added, the refcnt's for the hci_conns used were not balanced
and some of this bleeded over between LE pairing and Legacy pairing.
CRs-fixed: 305391
Change-Id: I31070ae827f2eb5a59b317a0ee4bd80eae9e2aa0
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Redundant calls to hci_setup_event_mask() prematurly exited Init state
when first call when erroneously detected as the last cmd sent.
CRs-fixed: 302804
Change-Id: Ifac887ba134c52df524ecfe289d2f930ba360a2c
Signed-off-by: Brian Gix <bgix@codeaurora.org>
SAP profile requires 16 pin length authentication for BT 1.2/2.0
devices as per specification. These changes were present for hciops
pluging, the current changes are for Management operations plugin.
Change-Id: I4c27c3f833a001dfe7a4abf3db42253939544658
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Fix key storage when not bonding
Fix when LE ACL is disconnected after use
Change-Id: I4425612ebc3720d614c43574ddfc449722eb26d2
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Enabled ECB Block encoding for Low Energy pairing
Implemented missing components of MGMTOPS interface
Differentiated as needed between BR/EDR pairing and LE pairing
Change-Id: Ifb26a9c8ca0c57286fcee92e840835560930c093
Signed-off-by: Brian Gix <bgix@codeaurora.org>
When multiple Best Effort flow specs with known data rates exist
on an AMP logical link they must be combined and the Flow Spec Modify
command issued for the aggregate flow spec.
Change-Id: Iacab516c3caa4aac8415c107e7f2ec132ea5ddd2
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
Appended lines of code were intended to only apply to BR/EDR
initialization, but instead only affected AMP. This change moves the
code to the BR/EDR block and more clearly differentiates the AMP and
BR/EDR code.
Change-Id: I99e6b95a0eaa6017f019cb8f8228a5da99c90663
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
This fix reinitiates the authentication process when remote
device doesnot have the link key for the current connection.
Change-Id: I7160b2690964125d3e0839273aafda18fa436b6c
Signed-off-by: Rakesh KrishnaMoorthy <rakeshk@codeaurora.org>
Packet-based and block-based flow control use the same counting
method, so re-use the hci_dev fields instead of making a second set.
Change-Id: I2022ae49487a2a56f27d803f3bf522bd5350e60c
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
This adds support for AMP controllers to the Bluetooth HCI layer.
The architecture was agreed upon at the 2010 BlueZ Summit.
A new notion of an "HCI channel" is introduced, which corresponds
with AMP logical links. AMP controllers are also a new device type,
with a new set of HCI commands and events that need to be supported.
Change-Id: I6dbf96f800cbd6878a37c0a463f5261c8681134c
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
This undoes all upstream bluetooth core changes since around
b79f44c (Bluetooth: Fix keeping the command timer running,
2011-04-11).
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
The mgmt_ev_device_connected signal must be sent before any event
indications happen for sockets associated with the connection. Otherwise
e.g. device authorization for the sockets will fail with ENOTCONN as
user space things that there is no baseband link.
This patch fixes the issue by ensuring that the device_connected event
if sent (if it hasn't been so already) as soon as the first ACL data
packet arrives from the remote device.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
It fixes L2CAP socket based security level elevation during a
connection. The HID profile needs this (for keyboards) and it is the only
way to achieve the security level elevation when using the management
interface to talk to the kernel (hence the management enabling patch
being the one that exposes this issue).
It enables the userspace a security level change when the socket is
already connected and create a way to notify the socket the result of the
request. At the moment of the request the socket is made non writable, if
the request fails the connections closes, otherwise the socket is made
writable again, POLL_OUT is emmited.
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Command complete event for HCI_OP_USER_PASSKEY_NEG_REPLY would result
in calling handler function also for HCI_OP_LE_SET_SCAN_PARAM. This
could result in undefined behaviour.
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
If a key is non persistent then it should not be used in future
connections but it should be kept for current connection. And it
should be removed when connecion is removed.
Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This improves compatbility with a lot of headset / chipset
combinations. Ideally this should not be needed.
Change-Id: I8b676701e12e416aa7d60801b9d353b15d102709
Signed-off-by: hyungseoung.yoo <hyungseoung.yoo@samsung.com>
Signed-off-by: Jaikumar Ganesh <jaikumarg@android.com>
__u16 sco_pkt_type is introduced to struct sockaddr_sco. It allows bitwise
selection of SCO/eSCO packet types. Currently those bits are:
0x0001 HV1 may be used.
0x0002 HV2 may be used.
0x0004 HV3 may be used.
0x0008 EV3 may be used.
0x0010 EV4 may be used.
0x0020 EV5 may be used.
0x0040 2-EV3 may be used.
0x0080 3-EV3 may be used.
0x0100 2-EV5 may be used.
0x0200 3-EV5 may be used.
This is similar to the Packet Type parameter in the HCI Setup Synchronous
Connection Command, except that we are not reversing the logic on the EDR bits.
This makes the use of sco_pkt_tpye forward portable for the use case of
white-listing packet types, which we expect will be the primary use case.
If sco_pkt_type is zero, or userspace uses the old struct sockaddr_sco,
then the default behavior is to allow all packet types.
Packet type selection is just a request made to the Bluetooth chipset, and
it is up to the link manager on the chipset to negiotiate and decide on the
actual packet types used. Furthermore, when a SCO/eSCO connection is eventually
made there is no way for the host stack to determine which packet type was used
(however it is possible to get the link type of SCO or eSCO).
sco_pkt_type is ignored for incoming SCO connections. It is possible
to add this in the future as a parameter to the Accept Synchronous Connection
Command, however its a little trickier because the kernel does not
currently preserve sockaddr_sco data between userspace calls to accept().
The most common use for sco_pkt_type will be to white-list only SCO packets,
which can be done with the hci.h constant SCO_ESCO_MASK.
This patch is motivated by broken Bluetooth carkits such as the Motorolo
HF850 (it claims to support eSCO, but will actually reject eSCO connections
after 5 seconds) and the 2007/2008 Infiniti G35/37 (fails to route audio
if a 2-EV5 packet type is negiotiated). With this patch userspace can maintain
a list of compatible packet types to workaround remote devices such as these.
Based on a patch by Marcel Holtmann.
Rebased to 2.6.39.
Change-Id: Ide1c89574fa4f6f1b9218282e1af17051eb86315
Signed-off-by: Nick Pelly <npelly@google.com>
This is to support the Motorola HF850 carkit which reports the error code 0x10
for an eSCO attempt, even though it advertises eSCO support. Here is the
hcidump:
2009-09-22 15:40:24.492391 < HCI Command: Setup Synchronous Connection
(0x01|0x0028) plen 17
handle 1 voice setting 0x0060
2009-09-22 15:40:24.493002 > HCI Event: Command Status (0x0f) plen 4
Setup Synchronous Connection (0x01|0x0028) status 0x00 ncmd 1
2009-09-22 15:40:30.594869 > HCI Event: Synchronous Connect Complete (0x2c)
plen 17
status 0x10 handle 257 bdaddr 00:50:CD:20:C6:84 type eSCO
Error: Connection Accept Timeout Exceeded
With this patch we will retry with a SCO connection, which succeeds.
Unfortunately the Moto HF850 also takes 5 seconds to return the error for the
eSCO attempt, so it will still take 5 seconds to fallback to SCO with this
patch.
Signed-off-by: Nick Pelly <npelly@google.com>
Remove all #inclusions of asm/system.h preparatory to splitting and killing
it. Performed with the following command:
perl -p -i -e 's!^#\s*include\s*<asm/system[.]h>.*\n!!' `grep -Irl '^#\s*include\s*<asm/system[.]h>' *`
Signed-off-by: David Howells <dhowells@redhat.com>
When powering on we need to apply whatever name has been set through
mgmt_set_local_name. The appropriate place for this is mgmt_powered()
and not hci_setup() since this needs to be applied also if the HCI init
sequence was already completed but the adapter was still "powered off"
from a mgmt perspective due the the HCI_AUTO_OFF still being set.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
When doing reset HCI_PENDING_CLASS is one of the flags that should be
cleared (since it's used for a pending HCI command and a reset clear all
pending commands).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Last param of mgmt_device_connected is of pointer type, so use NULL
instead of 0 for it. This fix following sparse warning:
CHECK net/bluetooth/hci_event.c
net/bluetooth/hci_event.c:3262:74: warning: Using plain integer as NULL pointer
Signed-off-by: Szymon Janc <szymon@janc.net.pl>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch fixes the code to use the proper LMP_HOST_SSP define instead
of magic values and thereby makes the code more readable.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Previously the write_le_enable would trigger a read_host_features
command but since we have access to the value LE support was set to we
can simply just clear or set the bit in hdev->host_features. This also
removes a second unnecessary read_host_features command from the device
initialization procedure since LE is only enabled after the first
read_host_features command completes.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Mark request status as done for Read Local Version HCI command. In AMP
initialization this HCI command is the last and needs to be completed.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
With Bluetooth 1.1 controllers the last command in the HCI init sequence
will be a write_local_name, however there was no callback to indicate
init request completion in this case. This patch fixes the issue by
adding the necessary callback to the write_local_name_complete handler.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch updates the Device Connected events to match the latest API
by adding a flags parameter to them.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
