[Bluetooth] Disable disconnect timer during Simple Pairing

During the Simple Pairing process the HCI disconnect timer must be
disabled. The way to do this is by holding a reference count of the
HCI connection. The Simple Pairing process on both sides starts with
an IO Capabilities Request and ends with Simple Pairing Complete.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h
index efc8c555c182453af8511ec3f00f229536469d0a..79629ff40e3ef0c9398fbcc742d3e47effcd82de 100644 (file)
--- a/include/net/bluetooth/hci.h
+++ b/include/net/bluetooth/hci.h
@@ -794,6 +794,17 @@ struct extended_inquiry_info {
        __u8     data[240];
 } __attribute__ ((packed));
 
+#define HCI_EV_IO_CAPA_REQUEST         0x31
+struct hci_ev_io_capa_request {
+       bdaddr_t bdaddr;
+} __attribute__ ((packed));
+
+#define HCI_EV_SIMPLE_PAIR_COMPLETE    0x36
+struct hci_ev_simple_pair_complete {
+       __u8     status;
+       bdaddr_t bdaddr;
+} __attribute__ ((packed));
+
 /* Internal events generated by Bluetooth stack */
 #define HCI_EV_STACK_INTERNAL  0xfd
 struct hci_ev_stack_internal {

diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index e47676128bb529ac0430b8e3ade04df012fd464f..7c9ac01cd8f94029f97fd0a75696ef2f3f5c93ed 100644 (file)
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -1464,6 +1464,38 @@ static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct
        hci_dev_unlock(hdev);
 }
 
+static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
+{
+       struct hci_ev_io_capa_request *ev = (void *) skb->data;
+       struct hci_conn *conn;
+
+       BT_DBG("%s", hdev->name);
+
+       hci_dev_lock(hdev);
+
+       conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
+       if (conn)
+               hci_conn_hold(conn);
+
+       hci_dev_unlock(hdev);
+}
+
+static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
+{
+       struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
+       struct hci_conn *conn;
+
+       BT_DBG("%s", hdev->name);
+
+       hci_dev_lock(hdev);
+
+       conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
+       if (conn)
+               hci_conn_put(conn);
+
+       hci_dev_unlock(hdev);
+}
+
 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
 {
        struct hci_event_hdr *hdr = (void *) skb->data;
@@ -1588,6 +1620,14 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
                hci_extended_inquiry_result_evt(hdev, skb);
                break;
 
+       case HCI_EV_IO_CAPA_REQUEST:
+               hci_io_capa_request_evt(hdev, skb);
+               break;
+
+       case HCI_EV_SIMPLE_PAIR_COMPLETE:
+               hci_simple_pair_complete_evt(hdev, skb);
+               break;
+
        default:
                BT_DBG("%s event 0x%x", hdev->name, event);
                break;