Bluetooth: Fix using the correct source address type
authorJohan Hedberg <johan.hedberg@intel.com>
Sat, 12 Nov 2016 15:03:07 +0000 (17:03 +0200)
committerMarcel Holtmann <marcel@holtmann.org>
Tue, 22 Nov 2016 21:50:46 +0000 (22:50 +0100)
The hci_get_route() API is used to look up local HCI devices, however
so far it has been incapable of dealing with anything else than the
public address of HCI devices. This completely breaks with LE-only HCI
devices that do not come with a public address, but use a static
random address instead.

This patch exteds the hci_get_route() API with a src_type parameter
that's used for comparing with the right address of each HCI device.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
include/net/bluetooth/hci_core.h
net/bluetooth/6lowpan.c
net/bluetooth/hci_conn.c
net/bluetooth/l2cap_core.c
net/bluetooth/rfcomm/tty.c
net/bluetooth/sco.c

index f00bf667ec3399dd38850e048557c41fa7786dc6..554671c81f4a39a8a773a01a318af0b1c70b5617 100644 (file)
@@ -1018,7 +1018,7 @@ static inline void hci_set_drvdata(struct hci_dev *hdev, void *data)
 }
 
 struct hci_dev *hci_dev_get(int index);
-struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src);
+struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src, u8 src_type);
 
 struct hci_dev *hci_alloc_dev(void);
 void hci_free_dev(struct hci_dev *hdev);
index d020299baba41253022ca277711801bc9732828c..1904a93f47d50a2bd1c2c1651f48b1ab762ece3c 100644 (file)
@@ -1090,7 +1090,6 @@ static int get_l2cap_conn(char *buf, bdaddr_t *addr, u8 *addr_type,
 {
        struct hci_conn *hcon;
        struct hci_dev *hdev;
-       bdaddr_t *src = BDADDR_ANY;
        int n;
 
        n = sscanf(buf, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx %hhu",
@@ -1101,7 +1100,8 @@ static int get_l2cap_conn(char *buf, bdaddr_t *addr, u8 *addr_type,
        if (n < 7)
                return -EINVAL;
 
-       hdev = hci_get_route(addr, src);
+       /* The LE_PUBLIC address type is ignored because of BDADDR_ANY */
+       hdev = hci_get_route(addr, BDADDR_ANY, BDADDR_LE_PUBLIC);
        if (!hdev)
                return -ENOENT;
 
index 3809617aa98d83c428fc56606e0aa05562272c40..dc59eae5471788e42091ba7fc907585d36e99c2d 100644 (file)
@@ -613,7 +613,7 @@ int hci_conn_del(struct hci_conn *conn)
        return 0;
 }
 
-struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
+struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src, uint8_t src_type)
 {
        int use_src = bacmp(src, BDADDR_ANY);
        struct hci_dev *hdev = NULL, *d;
@@ -634,7 +634,29 @@ struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
                 */
 
                if (use_src) {
-                       if (!bacmp(&d->bdaddr, src)) {
+                       bdaddr_t id_addr;
+                       u8 id_addr_type;
+
+                       if (src_type == BDADDR_BREDR) {
+                               if (!lmp_bredr_capable(d))
+                                       continue;
+                               bacpy(&id_addr, &d->bdaddr);
+                               id_addr_type = BDADDR_BREDR;
+                       } else {
+                               if (!lmp_le_capable(d))
+                                       continue;
+
+                               hci_copy_identity_address(d, &id_addr,
+                                                         &id_addr_type);
+
+                               /* Convert from HCI to three-value type */
+                               if (id_addr_type == ADDR_LE_DEV_PUBLIC)
+                                       id_addr_type = BDADDR_LE_PUBLIC;
+                               else
+                                       id_addr_type = BDADDR_LE_RANDOM;
+                       }
+
+                       if (!bacmp(&id_addr, src) && id_addr_type == src_type) {
                                hdev = d; break;
                        }
                } else {
index d4cad29b033fc6d8601913013f291ab287648928..577f1c01454a566cc63431ff8bb76f08785431ca 100644 (file)
@@ -7060,7 +7060,7 @@ int l2cap_chan_connect(struct l2cap_chan *chan, __le16 psm, u16 cid,
        BT_DBG("%pMR -> %pMR (type %u) psm 0x%2.2x", &chan->src, dst,
               dst_type, __le16_to_cpu(psm));
 
-       hdev = hci_get_route(dst, &chan->src);
+       hdev = hci_get_route(dst, &chan->src, chan->src_type);
        if (!hdev)
                return -EHOSTUNREACH;
 
index 8e385a0ae60e0bd6e4b1ed7615905a7170c4a8bc..2f2cb5e27cdd4dc9b6079b5d602c89e510bd9ab8 100644 (file)
@@ -178,7 +178,7 @@ static void rfcomm_reparent_device(struct rfcomm_dev *dev)
        struct hci_dev *hdev;
        struct hci_conn *conn;
 
-       hdev = hci_get_route(&dev->dst, &dev->src);
+       hdev = hci_get_route(&dev->dst, &dev->src, BDADDR_BREDR);
        if (!hdev)
                return;
 
index f52bcbf2e58cd8b8ded4c3d65c8dd9b87034b002..3125ce670c2f241f446daae17a37fbcc5f485574 100644 (file)
@@ -219,7 +219,7 @@ static int sco_connect(struct sock *sk)
 
        BT_DBG("%pMR -> %pMR", &sco_pi(sk)->src, &sco_pi(sk)->dst);
 
-       hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src);
+       hdev = hci_get_route(&sco_pi(sk)->dst, &sco_pi(sk)->src, BDADDR_BREDR);
        if (!hdev)
                return -EHOSTUNREACH;