GitHub/exynos8895/android_kernel_samsung_universal8895.git
10 years agoBluetooth: Convert pend_le_conn list to a generic action list
Johan Hedberg [Fri, 4 Jul 2014 09:37:17 +0000 (12:37 +0300)]
Bluetooth: Convert pend_le_conn list to a generic action list

In preparation to store also HCI_AUTO_CONN_REPORT entries in a list it
makes sense to convert the existing pend_le_conn list head of
hci_conn_params into a more generically named "action". This makes sense
because a parameter entry will never participate in more than one action
list.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix missing return statement in process_adv_report
Johan Hedberg [Fri, 4 Jul 2014 09:37:16 +0000 (12:37 +0300)]
Bluetooth: Fix missing return statement in process_adv_report

If we're doing passive scanning we shouldn't proceed with any of the
code that deals with active scanning (pending reports, etc.). This patch
fixes a missing return statement for the passive scanning section in the
process_adv_report() function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add support for controller configuration info command
Marcel Holtmann [Thu, 3 Jul 2014 22:46:56 +0000 (00:46 +0200)]
Bluetooth: Add support for controller configuration info command

The Read Controller Configuration Information command allows retrieving
details about possible configurations option. The supported options are
returned and also the missing options (if any).

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add identity address check in param lookup functions
Johan Hedberg [Thu, 3 Jul 2014 16:33:51 +0000 (19:33 +0300)]
Bluetooth: Add identity address check in param lookup functions

Since we only store entries with identity addresses in the
le_conn_params and pend_le_conns lists we can avoid unnecessary lookups
by checking for an identity address before diving into the lists
themselves.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Remove unnecessary checks for auto-connected devices
Johan Hedberg [Thu, 3 Jul 2014 16:33:50 +0000 (19:33 +0300)]
Bluetooth: Remove unnecessary checks for auto-connected devices

If a device is in the pend_le_conns list it cannot at the same time also
have the need to be notified through mgmt_device_found. By making
check_pending_le_conn return whether it found an entry or not we can
avoid unnecessary checks in process_adv_report().

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Use hci_conn_params in pend_le_conns
Johan Hedberg [Thu, 3 Jul 2014 16:33:49 +0000 (19:33 +0300)]
Bluetooth: Use hci_conn_params in pend_le_conns

Since the connection parameters are always a basis for adding entries to
hdev->pend_le_conns (so far of type bdaddr_list) it's simpler and more
efficient to have the parameters themselves be the entries in the
pend_le_conns list. We do this by adding another list_head to the
hci_conn_params struct.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Remove redundant IRK lookup
Johan Hedberg [Thu, 3 Jul 2014 16:33:48 +0000 (19:33 +0300)]
Bluetooth: Remove redundant IRK lookup

When processing passive scanning results we need the resolved identity
address both in check_pending_le_conn() as well as later in
process_adv_report(). Since process_adv_report() calls
check_pending_le_conn() we can simply resolve the IRK earlier in the
function and thereby eliminate a second lookup.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix missing update of pend_le_reports
Johan Hedberg [Thu, 3 Jul 2014 16:33:47 +0000 (19:33 +0300)]
Bluetooth: Fix missing update of pend_le_reports

When calling Remove Device for an entry using HCI_AUTO_CONN_REPORT we
need to decrement the pend_le_reports value correspondingly. This patch
fixes one such missing action in the Remove Device command handler.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix buffer overflow with variable length commands
Johan Hedberg [Thu, 3 Jul 2014 10:52:27 +0000 (13:52 +0300)]
Bluetooth: Fix buffer overflow with variable length commands

The handler for variable length commands were trying to calculate the
expected length of the command based on the given parameter count, and
then comparing that with the received data. However, the expected count
was stored in a u16 which can easily overflow. With a carefully crafted
command this can then be made to match the given data even though the
parameter count is actually way too big, resulting in a buffer overflow
when parsing the parameters.

This patch fixes the issue by calculating a per-command maximum
parameter count and returns INVALID_PARAMS if it is exceeded.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Support scanning for devices using RPA
Johan Hedberg [Wed, 2 Jul 2014 20:09:24 +0000 (23:09 +0300)]
Bluetooth: Support scanning for devices using RPA

When we're scanning for specific devices that use an RPA we need to
convert the RPA to the identity address before looking up the entry in
the connection parameters. This patch adds the necessary code to do this
in the process_adv_report() function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add support for background LE scanning
Johan Hedberg [Wed, 2 Jul 2014 19:42:02 +0000 (22:42 +0300)]
Bluetooth: Add support for background LE scanning

If we have one or more devices with HCI_AUTO_CONN_REPORT we should do
background scanning and emit mgmt_device_found events. This patch
modifies the hci_update_background_scan() function to extend the
conditions needed to trigger scanning, and adds the necessary code to
process_adv_report() to emit mgmt_device_found events.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Allow mgmt_device_found events for kernel-side scanning
Johan Hedberg [Wed, 2 Jul 2014 19:42:01 +0000 (22:42 +0300)]
Bluetooth: Allow mgmt_device_found events for kernel-side scanning

When the kernel is doing LE scanning because of one or more devices
added with action 0x00 through the Add Device command we do want to let
mgmt_device_found() to proceed with sending an event. This kind of
devices are tracked with hdev->pend_le_reports, so check this value
before bailing out from the function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Track number of added devices with HCI_AUTO_CONN_REPORT
Johan Hedberg [Wed, 2 Jul 2014 19:42:00 +0000 (22:42 +0300)]
Bluetooth: Track number of added devices with HCI_AUTO_CONN_REPORT

To be able to make the right choice of whether to start passive scanning
or to send out a mgmt_device_found event we need to know if there are
any devices in the le_conn_params list with the auto_connect value set
to HCI_AUTO_CONN_REPORT. This patch adds a counter for this kind of
devices.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Support HCI_QUIRK_RAW_DEVICE for hci_vhci driver
Marcel Holtmann [Wed, 2 Jul 2014 23:35:10 +0000 (01:35 +0200)]
Bluetooth: Support HCI_QUIRK_RAW_DEVICE for hci_vhci driver

This adds support for configuring the hci_vhci virtual controllers
as a raw-only device using HCI_QUIRK_RAW_DEVICE. This is useful for
testing the kernel internal infrastructure.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add support for Read Unconfigured Index List command
Marcel Holtmann [Wed, 2 Jul 2014 20:10:52 +0000 (22:10 +0200)]
Bluetooth: Add support for Read Unconfigured Index List command

This command allows to get the list of currently known controller that
are in unconfigured state.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add support for Unconfigured Index Removed events
Marcel Holtmann [Wed, 2 Jul 2014 19:30:55 +0000 (21:30 +0200)]
Bluetooth: Add support for Unconfigured Index Removed events

When a controller in an unconfigured state gets removed, then send
Unconfigured Index Removed events.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add support for Unconfigured Index Added events
Marcel Holtmann [Wed, 2 Jul 2014 19:30:54 +0000 (21:30 +0200)]
Bluetooth: Add support for Unconfigured Index Added events

When a controller is in unconfigured state it is currently hidden
from the management interface. This change now announces the new
controller with an Unconfigured Index Added event and allows clients
to easily detect the controller.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Introduce unconfigured controller state
Marcel Holtmann [Wed, 2 Jul 2014 17:10:33 +0000 (19:10 +0200)]
Bluetooth: Introduce unconfigured controller state

With the new unconfigured controller state it is possible to provide a
fully functional HCI transport, but disable the higher level operations
that would normally happen. This way userspace can try to configure the
controller before releases the unconfigured state.

The internal state is represented by HCI_UNCONFIGURED. This replaces the
HCI_QUIRK_RAW_DEVICE quirk as internal state representation. This is now
a real state and drivers can use the quirk to actually trigger this
state. In the future this will allow a more fine grained switching from
unconfigured state to configured state for controller inititialization.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Don't send connection parameters without identity address
Johan Hedberg [Wed, 2 Jul 2014 14:37:34 +0000 (17:37 +0300)]
Bluetooth: Don't send connection parameters without identity address

If we don't have an identity address for connection parameters it
doesn't really make sense to send them to user space. Instead just
ignore them for now. Later we can add support for sending them when we
eventually get the identity through pairing.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Make is_identity_address a global function
Johan Hedberg [Wed, 2 Jul 2014 14:37:33 +0000 (17:37 +0300)]
Bluetooth: Make is_identity_address a global function

There are more places that can take advantage of is_identity_address()
besides hci_core.c. This patch moves the function to hci_core.h and
gives it the appropriate hci_ prefix.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Pass store hint to mgmt_new_conn_param
Johan Hedberg [Wed, 2 Jul 2014 14:37:32 +0000 (17:37 +0300)]
Bluetooth: Pass store hint to mgmt_new_conn_param

The calling functions of mgmt_new_conn_param have more information about
the parameters, such as whether the kernel is tracking them or not. It
makes therefore sense to have them pass an initial store_hint value to
the mgmt_new_conn_param function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Make hci_le_conn_update return the store hint
Johan Hedberg [Wed, 2 Jul 2014 14:37:31 +0000 (17:37 +0300)]
Bluetooth: Make hci_le_conn_update return the store hint

The caller of hci_le_conn_update is directly interested in knowing what
the best value is for the store_hint parameter of the corresponding
mgmt event. Since hci_le_conn_update knows whether there were stored
parameters that were updated or not we can have it return an initial
store_hint value to the caller.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix missing update of conn params
Johan Hedberg [Wed, 2 Jul 2014 14:37:30 +0000 (17:37 +0300)]
Bluetooth: Fix missing update of conn params

We should update any stored connection parameters when we receive the LE
Remote Connection Parameter Request HCI event. This patch adds the
necessary code to the function that handles the event.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add Load Connection Parameters command
Johan Hedberg [Wed, 2 Jul 2014 14:37:29 +0000 (17:37 +0300)]
Bluetooth: Add Load Connection Parameters command

This patch implements the new Load Connection Parameters mgmt command
that's intended to load the desired connection parameters for LE
devices.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Remove only enabled entries with Remove Device command
Johan Hedberg [Wed, 2 Jul 2014 14:37:28 +0000 (17:37 +0300)]
Bluetooth: Remove only enabled entries with Remove Device command

The Remove Device mgmt command is supposed to undo what the Add Device
command does. An entry added by Add Device cannot have the
HCI_AUTO_CONN_DISABLED auto_connect value, so we should treat this as an
invalid entry to remove. This patch adds the necessary pieces to the
Remove Device command handler so that it only removes entries which were
added by Add Device.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add new auto_conn value matching mgmt action 0x00
Johan Hedberg [Wed, 2 Jul 2014 14:37:27 +0000 (17:37 +0300)]
Bluetooth: Add new auto_conn value matching mgmt action 0x00

The 0x00 action value of mgmt means "scan and report" but do not
connect. This is different from HCI_AUTO_CONN_DISABLED so we need a new
value for it.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add specific connection parameter clear functions
Johan Hedberg [Wed, 2 Jul 2014 14:37:26 +0000 (17:37 +0300)]
Bluetooth: Add specific connection parameter clear functions

In some circumstances we'll need to either clear only the enabled
parameters or only the disabled ones. This patch adds convenience
functions for this purpose.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Rename hci_conn_params_clear to hci_conn_params_clear_all
Johan Hedberg [Wed, 2 Jul 2014 14:37:25 +0000 (17:37 +0300)]
Bluetooth: Rename hci_conn_params_clear to hci_conn_params_clear_all

We'll soon have specific clear functions for clearing enabled or
disabled entries, so rename the function that removes everything to
clear_all().

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix sparse warning with btmrvl driver
Johan Hedberg [Wed, 2 Jul 2014 13:45:39 +0000 (16:45 +0300)]
Bluetooth: Fix sparse warning with btmrvl driver

This patch fixes the following sparse warning caused by a missing
declaration in the header file:

drivers/bluetooth/btmrvl_main.c:218:5: warning: symbol 'btmrvl_pscan_window_reporting' was not declared. Should it be static?

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Check for default address of Broadcom BCM20702A0 controllers
Marcel Holtmann [Wed, 2 Jul 2014 10:38:22 +0000 (12:38 +0200)]
Bluetooth: Check for default address of Broadcom BCM20702A0 controllers

The Broadcom BCM20702A0 USB controllers might come with the default
address 00:20:70:02:A0:00 when booting up. If this happens, then warn
about such address being used.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Check for default address of Intel USB controllers
Marcel Holtmann [Wed, 2 Jul 2014 10:06:45 +0000 (12:06 +0200)]
Bluetooth: Check for default address of Intel USB controllers

Some Intel Bluetooth controllers come with a default address. If this
address is found, print an error to warn the user about it.

The controller is fully operational, but the danger of duplicate
Bluetooth addresses might causes issues. At least with a clear
error it becomes easier to debug these cases.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Default to internal use manufacturer identifier
Marcel Holtmann [Wed, 2 Jul 2014 09:30:51 +0000 (11:30 +0200)]
Bluetooth: Default to internal use manufacturer identifier

When allocating a new controller structure, then default to the internal
use value 0xffff first. Default to 0x0000 is a bad idea since that is
the manufacturer identifier of Ericsson Technology Licensing.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add public address configration for Intel USB devices
Marcel Holtmann [Wed, 2 Jul 2014 09:25:25 +0000 (11:25 +0200)]
Bluetooth: Add public address configration for Intel USB devices

For the Intel based USB devices add support for configuration of
the public device address.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Drop LE connections for blocked devices
Johan Hedberg [Wed, 2 Jul 2014 06:36:22 +0000 (09:36 +0300)]
Bluetooth: Drop LE connections for blocked devices

Unlike BR/EDR we cannot reject LE connections of blocked devices but
have to do it as soon as we get a LE Connection Complete event. The
patch adds a blacklist check to the hci_le_conn_complete_evt function
and drops all connections for blocked devices.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Centralize looking up blocked devices to l2cap_recv_frame
Johan Hedberg [Wed, 2 Jul 2014 06:36:21 +0000 (09:36 +0300)]
Bluetooth: Centralize looking up blocked devices to l2cap_recv_frame

The ATT channel isn't the only one that we should ensure doesn't receive
data from blocked devices. SMP is another, and in general we don't want
data packets going to any of the various handlers. Therefore, add a
single check to the l2cap_recv_frame function.

The patch fixes at the same time the use of a correct address type. The
blacklist stores the values with the user space facing triple type
wheras hci_conn->dst_type uses the HCI address type (0x00 or 0x01).

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add public address configration for Broadcom USB devices
Marcel Holtmann [Tue, 1 Jul 2014 22:53:48 +0000 (00:53 +0200)]
Bluetooth: Add public address configration for Broadcom USB devices

For the Broadcom based USB devices add support for configuration of
the public device address.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add support for hdev->set_bdaddr callback handling
Marcel Holtmann [Tue, 1 Jul 2014 22:53:47 +0000 (00:53 +0200)]
Bluetooth: Add support for hdev->set_bdaddr callback handling

Some embedded controllers allow the programming of a public address
and this adds vendor support for supporting OEM confguration of such
addresses.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Introduce "New Connection Parameter" Event
Andre Guedes [Tue, 1 Jul 2014 21:10:11 +0000 (18:10 -0300)]
Bluetooth: Introduce "New Connection Parameter" Event

This patch introduces a new Mgmt event called "New Connection Parameter".
This event indicates to userspace the connection parameters values the
remote device requested.

The user may store these values and load them into kernel. This way, next
time a connection is established to that device, the kernel will use those
parameters values instead of the default ones.

This event is sent when the remote device requests new connection
parameters through connection parameter update procedure. This event is
not sent for slave connections.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Enable new LE meta event
Andre Guedes [Tue, 1 Jul 2014 21:10:10 +0000 (18:10 -0300)]
Bluetooth: Enable new LE meta event

The Bluetooth 4.1 introduces a new LE meta event called "LE Remote
Connection Parameter Request" event. In order to the controller
sends this event to host, we should enable it during controller
initialization.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Move LE event mask setting into init3 phase
Andre Guedes [Tue, 1 Jul 2014 21:10:09 +0000 (18:10 -0300)]
Bluetooth: Move LE event mask setting into init3 phase

During init2 phase, the LE local features have not be read yet so
we aren't able to rely on hdev->le_features to determine if the
controller supports the Connection Parameters Request Procedure.

For that reason, this patch moves LE event mask setting from init2
into init3 initialization phase.

The hdev->le_features mask will be checked by the next patch in order
to know if "LE Remote Connection Parameter Request Event" should be
enabled.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Connection Parameter Update Procedure
Andre Guedes [Tue, 1 Jul 2014 21:10:08 +0000 (18:10 -0300)]
Bluetooth: Connection Parameter Update Procedure

This patch adds support for LE Connection Parameters Request Link
Layer control procedure introduced in Core spec 4.1. This procedure
allows a Peripheral or Central to update the Link Layer connection
parameters of an established connection.

Regarding the acceptance of connection parameters, the LL procedure
follows the same approach of L2CAP procedure (see l2cap_conn_param_
update_req function). We accept any connection parameters values as
long as they are within the valid range.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: btmrvl: wait for HOST_SLEEP_ENABLE event in suspend
Chin-Ran Lo [Tue, 1 Jul 2014 21:00:14 +0000 (14:00 -0700)]
Bluetooth: btmrvl: wait for HOST_SLEEP_ENABLE event in suspend

After BT_CMD_HOST_SLEEP_ENABLE command finishes, driver should
wait until getting BT_EVENT_HOST_SLEEP_ENABLE event to complete
suspend procedure.
Without this patch the suspend handler would return success
earlier. By the time when the BT_EVENT_HOST_SLEEP_ENABLE event
comes in the controller driver could have already turned off the
bus clock. This causes kernel crash or system reboot eventually.

Cc: <stable@vger.kernel.org> # 3.13+
Signed-off-by: Chin-Ran Lo <crlo@marvell.com>
Signed-off-by: Jeff CF Chen <jeffc@marvell.com>
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: btmrvl: indicate pscan scheduling instant in a debug event
Bing Zhao [Mon, 31 Mar 2014 21:41:44 +0000 (14:41 -0700)]
Bluetooth: btmrvl: indicate pscan scheduling instant in a debug event

A vendor specific command is sent to firmware during
initialization to enable this feature. This command is for
SD8897 only.

Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix redundant device (un)blocked events
Johan Hedberg [Tue, 1 Jul 2014 19:09:47 +0000 (22:09 +0300)]
Bluetooth: Fix redundant device (un)blocked events

For the Block/Unblock Device mgmt commands we should only emit the
Blocked/Unblocked events on any socket except for the one which received
the command. The code was previously incorrectly trying to look up a
non-existent pending command and thereby ending up not skipping the
command socket for the event.

We can simplify the code a lot by simply sending the event directly from
the command handler functions. We have the reference to the command
socket available there which makes it easy to pass to the mgmt_event
function for skipping.

The only notable side-effect of this is that the old blacklisting
ioctl's no-longer cause mgmt events to be emitted, however as user space
versions using these ioctl's are not mgmt-aware this is acceptable.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Ensure that background scanning gets enabled on power on
Marcel Holtmann [Tue, 1 Jul 2014 17:28:24 +0000 (19:28 +0200)]
Bluetooth: Ensure that background scanning gets enabled on power on

The background scanning normally gets enabled during power on by
adding devices to the pending connection list. However devices
might be already on that list and the list of devices is empty,
then it is better to trigger the background manually.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Do not trigger background scanning when HCI_AUTO_OFF is set
Marcel Holtmann [Tue, 1 Jul 2014 17:28:23 +0000 (19:28 +0200)]
Bluetooth: Do not trigger background scanning when HCI_AUTO_OFF is set

When a new controller is initialized, but not powered from userspace
at the moment, the HCI_AUTO_OFF flag is still set. During this period,
userspace might program device for auto-connection, but never power
on the controller. In this case do not try to start background
scanning and leave it for later to be started.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Allow re-encryption with LTK when STK is in use
Johan Hedberg [Tue, 1 Jul 2014 16:14:13 +0000 (19:14 +0300)]
Bluetooth: Allow re-encryption with LTK when STK is in use

If we're encrypted with the STK we should allow re-encryption with an
LTK even though the achieved security level is the same. This patch adds
the necessary logic to the smp_sufficient_security function which is
used to determine whether to proceed with encryption or not.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add flag to track STK encryption
Johan Hedberg [Tue, 1 Jul 2014 16:14:12 +0000 (19:14 +0300)]
Bluetooth: Add flag to track STK encryption

There are certain subtle differences in behavior when we're encrypted
with the STK, such as allowing re-encryption even though the security
level stays the same. Because of this, add a flag to track whether we're
encrypted with an STK or not.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix redundant encryption when receiving Security Request
Johan Hedberg [Tue, 1 Jul 2014 15:40:20 +0000 (18:40 +0300)]
Bluetooth: Fix redundant encryption when receiving Security Request

If we're already encrypted with a good enough LTK we should just ignore
an incoming SMP Security Request. The code was already taking care of
this in the smp_conn_security function before calling smp_ltk_encrypt
but failed to do the same in smp_cmd_security_req. This patch fixes the
issue by moving up the smp_sufficient_security function and using it in
the Security Request handler before trying to request encryption.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add support for Not Connectable flag for Device Found events
Marcel Holtmann [Tue, 1 Jul 2014 12:11:21 +0000 (14:11 +0200)]
Bluetooth: Add support for Not Connectable flag for Device Found events

The Device Found events of the management interface should indicate if
it is possible to connect to a remote device or if it is broadcaster
only advertising. To allow this differentation the Not Connectable flag
is introduced that will be set when it is known that a device can not
be connected.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Provide flags parameter direct to mgmt_device_found
Marcel Holtmann [Tue, 1 Jul 2014 12:11:20 +0000 (14:11 +0200)]
Bluetooth: Provide flags parameter direct to mgmt_device_found

Providing the flags parameter directly to mgmt_device_found function
makes the core simpler and more readable. With this it becomes a lot
easier to add new flags in the future.

This also changes hci_inquiry_cache_update to just return that flags
needed for mgmt_device_found since that is its only use for the two
return parameters anyway.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Fix merge of advertising data and scan response data
Marcel Holtmann [Tue, 1 Jul 2014 12:11:19 +0000 (14:11 +0200)]
Bluetooth: Fix merge of advertising data and scan response data

The advertising data and scan response data are merged in the wrong
order. It should be advertsing data first and then scan response data
and not the other way around.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Cc: stable@vger.kernel.org # 3.16
10 years agoBluetooth: Remove connection interval parameters from hci_conn_params_set
Marcel Holtmann [Tue, 1 Jul 2014 10:11:06 +0000 (12:11 +0200)]
Bluetooth: Remove connection interval parameters from hci_conn_params_set

The connection interval parameter of hci_conn_params_set are always used
with the controller defaults. So just let hci_conn_params_add set the
controller default and not bother resetting them to controller defaults
every time the hci_conn_params_set is called.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Use hci_conn_params_add within hci_conn_params_set
Marcel Holtmann [Tue, 1 Jul 2014 10:11:05 +0000 (12:11 +0200)]
Bluetooth: Use hci_conn_params_add within hci_conn_params_set

The hci_conn_params_add function provides the default allocation of
connection parameters. To avoid code duplication, use that code from
hci_conn_params_set to allocate or lookup parameter struct.

As a benefit the connection latency and supervision timeout parameters
are no longer reset to default when calling hci_conn_params_set.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Change hci_conn_params_add to return the parameter struct
Marcel Holtmann [Tue, 1 Jul 2014 10:11:04 +0000 (12:11 +0200)]
Bluetooth: Change hci_conn_params_add to return the parameter struct

When adding new connection parameters, it is useful to return either
the existing struct or the newly created one.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Use bool for smp_ltk_encrypt return value
Marcel Holtmann [Tue, 1 Jul 2014 08:59:24 +0000 (10:59 +0200)]
Bluetooth: Use bool for smp_ltk_encrypt return value

The return value of smp_ltk_encrypt is simple boolean, so just use
bool and make the code a bit more readable.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Fallback to SCO on error code 0x10 (Connection Accept Timeout)
Nick Pelly [Mon, 30 Jun 2014 05:55:01 +0000 (11:25 +0530)]
Bluetooth: Fallback to SCO on error code 0x10 (Connection Accept Timeout)

This is to support the Motorola HF850 carkit which reports the error
code 0x10 for an eSCO attempt, even though it advertises eSCO support.

With this patch we will retry with a SCO connection, which succeeds.

Signed-off-by: Nick Pelly <npelly@google.com>
Signed-off-by: Kiran Kumar Raparthy <kiran.kumar@linaro.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Allow L2CAP getpeername() for BT_CONFIG state
Johan Hedberg [Tue, 1 Jul 2014 09:07:23 +0000 (12:07 +0300)]
Bluetooth: Allow L2CAP getpeername() for BT_CONFIG state

We have all the necessary remote information for getpeername() when we
are in the BT_CONFIG state so this should be allowed. This is
particularly important for LE sockets where changing the security level
will temporarily move the socket into BT_CONFIG state.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: constify seq_operations
Fabian Frederick [Mon, 30 Jun 2014 17:26:23 +0000 (19:26 +0200)]
Bluetooth: constify seq_operations

bt_seq_ops is only used with __seq_open_private as
const struct seq_operations *

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Connection parameters check helper
Andre Guedes [Thu, 26 Jun 2014 00:52:52 +0000 (21:52 -0300)]
Bluetooth: Connection parameters check helper

This patch renames l2cap_check_conn_param() to hci_check_conn_params()
and moves it to hci_core.h so it can reused in others files. This helper
will be reused in the next patch.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Start background scanning only when controller is ready
Marcel Holtmann [Mon, 30 Jun 2014 14:04:12 +0000 (16:04 +0200)]
Bluetooth: Start background scanning only when controller is ready

When the controller is not active or in init/setup phase, do not
try to start or stop background scanning.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add default connection parameters before pairing
Marcel Holtmann [Mon, 30 Jun 2014 10:34:40 +0000 (12:34 +0200)]
Bluetooth: Add default connection parameters before pairing

When trying to pair a new Bluetooth Low Energy device, then make sure
that the default connections parameters are in place before trying to
establish the first connection to that device. With the connection
parameters structure allocated, the slave preferred values can now
easily be tracked and all future connections will use the correct
values from that start decreasing connection establishment time.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Provide function to create and set connection parameters
Marcel Holtmann [Mon, 30 Jun 2014 10:34:39 +0000 (12:34 +0200)]
Bluetooth: Provide function to create and set connection parameters

In some cases it is useful to not overwrite connection parametes and
instead just create default ones if they don't exist. This function
does exactly that. hci_conn_params_add will allow to create new
default connection parameters. hci_conn_params_set will set the
values and also create new parameters if they don't exist.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Expose default supervision timeout setting via debugfs
Marcel Holtmann [Mon, 30 Jun 2014 10:34:38 +0000 (12:34 +0200)]
Bluetooth: Expose default supervision timeout setting via debugfs

The controller has a default value for the supervision timeout. Expose
this via debugfs for testing purposes.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Expose default connection latency setting via debugfs
Marcel Holtmann [Mon, 30 Jun 2014 10:34:37 +0000 (12:34 +0200)]
Bluetooth: Expose default connection latency setting via debugfs

The controller has a default value for the connection latency. Expose
this via debugfs for testing purposes.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Provide defaults for LE connection latency and timeout
Marcel Holtmann [Mon, 30 Jun 2014 10:34:36 +0000 (12:34 +0200)]
Bluetooth: Provide defaults for LE connection latency and timeout

Store the connection latency and supervision timeout default values
with all the other controller defaults. And when needed use them
for new connections.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add Device Added and Device Removed management events
Marcel Holtmann [Sun, 29 Jun 2014 20:28:34 +0000 (22:28 +0200)]
Bluetooth: Add Device Added and Device Removed management events

When devices are added or removed, then make sure that events are send
out to all other clients so that the list of devices can be easily
tracked. This is especially important when external clients are
adding or removing devices within the auto-connection list.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Replace le_auto_conn debugfs with device_list entry
Marcel Holtmann [Sun, 29 Jun 2014 14:15:49 +0000 (16:15 +0200)]
Bluetooth: Replace le_auto_conn debugfs with device_list entry

Since the auto-connection handling has gained offical management
command support, remove the le_auto_conn debugfs entry.

For debugging purposes replace it a simple device_list debugfs
entry that allows listing of the current internal auto-connection
list used for passive scanning.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add support for Add/Remove Device management commands
Marcel Holtmann [Sun, 29 Jun 2014 17:44:03 +0000 (19:44 +0200)]
Bluetooth: Add support for Add/Remove Device management commands

This allows adding or removing devices from the background scanning
list the kernel maintains. Device flagged for auto-connection will
be automatically connected if they are found.

The passive scanning required for auto-connection will be started
and stopped on demand.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Use LE connection parameters if known
Marcel Holtmann [Sun, 29 Jun 2014 14:43:27 +0000 (16:43 +0200)]
Bluetooth: Use LE connection parameters if known

When the LE connection parameters for connection latency and
supervision timeout are known, then use then. If they are not
know fallback to defaults.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Store latency and supervision timeout in connection params
Marcel Holtmann [Sun, 29 Jun 2014 14:43:26 +0000 (16:43 +0200)]
Bluetooth: Store latency and supervision timeout in connection params

When the slave updates the connection parameters, store also the
connection latency and supervision timeout information in the
internal list of connection parameters for known devices.

Having these values available allowes the auto-connection
procedure to use the correct values from the beginning without
having to request an update on every connection establishment.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Update background scanning from hci_conn_params_clear
Marcel Holtmann [Sun, 29 Jun 2014 11:41:51 +0000 (13:41 +0200)]
Bluetooth: Update background scanning from hci_conn_params_clear

When calling hci_conn_params_clear function, it should update the
background scanning properly and not require a separate call to
update it.

For the case when the function is used during unregister of a
controller, an extra safe guard is but in place.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Clear pending connections from hci_conn_params_clear
Marcel Holtmann [Sun, 29 Jun 2014 11:41:50 +0000 (13:41 +0200)]
Bluetooth: Clear pending connections from hci_conn_params_clear

When hci_conn_params_clear is called, it is always followed by a
call to hci_pend_le_conns_clear. So instead of making this explicit
just make sure it is always called. This makes this function similar
on how hci_conn_params_add and hci_conn_params_del work.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Move hci_pend_le_conn_* functions to different location
Marcel Holtmann [Sun, 29 Jun 2014 11:41:49 +0000 (13:41 +0200)]
Bluetooth: Move hci_pend_le_conn_* functions to different location

The hci_pend_le_conn_* function should be placed before their actual
users. So move them before hci_conn_params_* functions.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Don't use non-resolvable private address for passive scanning
Marcel Holtmann [Sun, 29 Jun 2014 10:20:15 +0000 (12:20 +0200)]
Bluetooth: Don't use non-resolvable private address for passive scanning

The usage of non-resovlable private addresses for passive scanning is
a bad idea. Passive scanning will not send any SCAN_REQ and thus using
your identity address for passive scanning is not a privacy issue.

It is important to use the identity address during passive scanning
since that is the only way devices using direct advertising will be
reported correctly by the controller. This is overlooked detail in
the Bluetooth specification that current controllers are not able
to report direct advertising events for other than their current
address.

When remote peers are using direct advertising and scanning is done
with non-resolvable private address these devices will not be found.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Restrict access for raw-only controllers
Marcel Holtmann [Sun, 29 Jun 2014 10:13:05 +0000 (12:13 +0200)]
Bluetooth: Restrict access for raw-only controllers

Bluetooth controllers that are marked for raw-only usage can only be
used with user channel access. Any other operation should be rejected.

This simplifies the whole raw-only support since it now depends on
the fact that the controller is marked with HCI_QUIRK_RAW_DEVICE and
runtime raw access is restricted to user channel operation.

The kernel internal processing of HCI commands and events is designed
around the case that either the kernel has full control over the device
or that the device is driven from userspace. This now makes a clear
distinction between these two possible operation modes.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add support for Get Clock Info mgmt command
Johan Hedberg [Sat, 28 Jun 2014 14:54:07 +0000 (17:54 +0300)]
Bluetooth: Add support for Get Clock Info mgmt command

This patch implements support for the Get Clock Information mgmt
command. This is done by performing one or two HCI_Read_Clock commands
and creating the response from the stored values in the hci_dev and
hci_conn structs.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add tracking of local and piconet clock values
Johan Hedberg [Sat, 28 Jun 2014 14:54:06 +0000 (17:54 +0300)]
Bluetooth: Add tracking of local and piconet clock values

This patch adds support for storing the local and piconet clock values
from the HCI_Read_Clock command response to the hci_dev and hci_conn
structs. This will be later used in another patch to implement support
for the Get Clock Info mgmt command.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Use kzalloc instead of kmalloc for pending mgmt commands
Johan Hedberg [Sat, 28 Jun 2014 14:54:05 +0000 (17:54 +0300)]
Bluetooth: Use kzalloc instead of kmalloc for pending mgmt commands

By using kzalloc we ensure that there are no struct members, such as the
user_data pointer, left uninitialized.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Increment management interface revision
Marcel Holtmann [Sat, 28 Jun 2014 10:36:10 +0000 (12:36 +0200)]
Bluetooth: Increment management interface revision

This patch increments the management interface revision due to the
changes with the debug key command and other fixes.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Send HCI_Read_Clock_Offset before disconnecting
Marcel Holtmann [Fri, 27 Jun 2014 12:32:16 +0000 (14:32 +0200)]
Bluetooth: Send HCI_Read_Clock_Offset before disconnecting

When the connection is in master role and it is going to be
disconnected based on the disconnection timeout, then send
the HCI_Read_Clock_Offset command in an attempt to update the
clock offset value in the inquiry cache.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Remove unneeded hci_conn_disconnect abstraction
Marcel Holtmann [Fri, 27 Jun 2014 11:45:09 +0000 (13:45 +0200)]
Bluetooth: Remove unneeded hci_conn_disconnect abstraction

The abstraction of disconnect operation via hci_conn_disconnect is not
needed and it does not add any readability. Handle the difference of
AMP physical channels and BR/EDR/LE connection in the timeout callback.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Remove reason parameter from hci_amp_disconn function
Marcel Holtmann [Fri, 27 Jun 2014 11:45:08 +0000 (13:45 +0200)]
Bluetooth: Remove reason parameter from hci_amp_disconn function

The hci_amp_disconn function is a local function and there is no
need for a reason parameter. That one can be retrieved from the
hci_conn object easily.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Remove unnecessary hcon->smp_conn variable
Johan Hedberg [Fri, 27 Jun 2014 11:23:07 +0000 (14:23 +0300)]
Bluetooth: Remove unnecessary hcon->smp_conn variable

The smp_conn member of struct hci_conn was simply a pointer to the
l2cap_conn object. Since we already have hcon->l2cap_data that points to
the same thing there's no need to have this second variable. This patch
removes it and changes the single place that was using it to use
hcon->l2cap_data instead.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix missing check for SMP session in smp_user_confirm_reply
Johan Hedberg [Fri, 27 Jun 2014 11:23:06 +0000 (14:23 +0300)]
Bluetooth: Fix missing check for SMP session in smp_user_confirm_reply

The smp_user_confirm_reply() function is called whenever user space
sends a user confirmation reply mgmt command. In case of a misbehaving
user space, or if the SMP session was removed by the time the command
comes it is important that we return an appropriate error and do not try
to access the non-existent SMP context. This patch adds the appropriate
check for the HCI_CONN_LE_SMP_PEND flag before proceeding further.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Remove unnecessary hci_dev_unlock for smp_user_confirm_reply
Johan Hedberg [Fri, 27 Jun 2014 11:23:05 +0000 (14:23 +0300)]
Bluetooth: Remove unnecessary hci_dev_unlock for smp_user_confirm_reply

Now that the SMP context has it's own crypto handle it doesn't need to
lock the hci_dev anymore for most operations. This means that it is safe
to call smp_user_confirm_reply with the lock already held.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Update SMP crypto functions to take the SMP context
Johan Hedberg [Fri, 27 Jun 2014 11:23:04 +0000 (14:23 +0300)]
Bluetooth: Update SMP crypto functions to take the SMP context

Passing the full SMP context instead of just the crypto context lets us
use the crypto handle from the context which in turn removes the need to
lock the hci_dev. Passing the SMP context instead of just the crypto
handle allows a bit more detailed logging which is helpful in
multi-adapter scenarios.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add dedicated AES instance for each SMP context
Johan Hedberg [Fri, 27 Jun 2014 11:23:03 +0000 (14:23 +0300)]
Bluetooth: Add dedicated AES instance for each SMP context

Many places have to be extra careful to not hold the hdev lock when
calling into the SMP code. This is because the SMP crypto functions use
the crypto handle that's part of the hci_dev struct. Giving the SMP
context its own handle helps simplifying the locking logic and removes
the risk for deadlocks.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix missing hdev locking in smp_cmd_ident_addr_info
Johan Hedberg [Fri, 27 Jun 2014 11:23:02 +0000 (14:23 +0300)]
Bluetooth: Fix missing hdev locking in smp_cmd_ident_addr_info

The hdev lock must be held before calling into smp_distribute_keys. Also
things such as hci_add_irk() require the lock. This patch fixes the
issue by adding the necessary locking into the smp_cmd_ident_addr_info
function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Use macro instead of hard-coded value
Andre Guedes [Wed, 25 Jun 2014 19:44:45 +0000 (16:44 -0300)]
Bluetooth: Use macro instead of hard-coded value

This patch replaces the hard-coded value in hci_bdaddr_is_rpa() helper
by the corresponding macro ADDR_LE_DEV_RANDOM.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Convert hci_conn->link_mode into flags
Johan Hedberg [Tue, 24 Jun 2014 14:03:50 +0000 (17:03 +0300)]
Bluetooth: Convert hci_conn->link_mode into flags

Since the link_mode member of the hci_conn struct is a bit field and we
already have a flags member as well it makes sense to merge these two
together. This patch moves all used link_mode bits into corresponding
flags. To keep backwards compatibility with user space we still need to
provide a get_link_mode() helper function for the ioctl's that expect a
link_mode style value.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Remove ssp_debug_mode debugfs option
Marcel Holtmann [Tue, 24 Jun 2014 11:13:04 +0000 (13:13 +0200)]
Bluetooth: Remove ssp_debug_mode debugfs option

The ssp_debug_mode debugfs option for developers is no longer
needed. Support for using Secure Simple Pairing (SSP) debug
mode is exposed by the management interface now.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years agoBluetooth: Add support for mode 0x02 for mgmt_set_debug_keys
Johan Hedberg [Tue, 24 Jun 2014 11:00:28 +0000 (14:00 +0300)]
Bluetooth: Add support for mode 0x02 for mgmt_set_debug_keys

This patch adds a new valid mode 0x02 for the mgmt_set_debug_keys
command. The 0x02 mode sets the HCI_USE_DEBUG_KEYS flag which makes us
always use debug keys for pairing.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add a new HCI_USE_DEBUG_KEYS flag
Johan Hedberg [Tue, 24 Jun 2014 11:00:27 +0000 (14:00 +0300)]
Bluetooth: Add a new HCI_USE_DEBUG_KEYS flag

To pave the way for actively using debug keys for pairing this patch
adds a new HCI_USE_DEBUG_KEYS flag for the purpose. When the flag is set
we issue a HCI_Write_SSP_Debug mode whenever HCI_Write_SSP_Mode(0x01)
has been issued as well as before issuing a HCI_Write_SSP_Mode(0x00)
command.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix ignoring debug keys in mgmt_load_link_keys
Johan Hedberg [Tue, 24 Jun 2014 11:00:26 +0000 (14:00 +0300)]
Bluetooth: Fix ignoring debug keys in mgmt_load_link_keys

We should never allow user space to feed back debug keys to the kernel.
If the user desires to use debug keys require setting the appropriate
debug keys mode and performing a new pairing.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Convert hcon->flush_key to a proper flag
Johan Hedberg [Tue, 24 Jun 2014 10:15:53 +0000 (13:15 +0300)]
Bluetooth: Convert hcon->flush_key to a proper flag

There's no point in having boolean variables in the hci_conn struct
since it already has a flags member. This patch converts the flush_key
member into a proper flag.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Don't store debug keys if flag for them is not set
Johan Hedberg [Tue, 24 Jun 2014 10:15:51 +0000 (13:15 +0300)]
Bluetooth: Don't store debug keys if flag for them is not set

Instead of waiting for a disconnection to occur to remove a debug key
simply never store it in the list to begin with. This means we can also
remove the debug keys check when looking up keys in
hci_link_key_request_evt().

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Rename HCI_DEBUG_KEYS to HCI_KEEP_DEBUG_KEYS
Johan Hedberg [Tue, 24 Jun 2014 10:15:50 +0000 (13:15 +0300)]
Bluetooth: Rename HCI_DEBUG_KEYS to HCI_KEEP_DEBUG_KEYS

We're planning to add a flag to actively use debug keys in addition to
simply just accepting them, which makes the current generically named
DEBUG_KEYS flag a bit confusing. Since the flag in practice affects
whether the kernel keeps debug keys around or not rename it to
HCI_KEEP_DEBUG_KEYS.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Move mgmt event sending out from hci_add_link_key()
Johan Hedberg [Tue, 24 Jun 2014 10:15:49 +0000 (13:15 +0300)]
Bluetooth: Move mgmt event sending out from hci_add_link_key()

There are two callers of hci_add_link_key(). The first one is the HCI
Link Key Notification event and the second one the mgmt code that
receives a list of link keys from user space. Previously we've had the
hci_add_link_key() function being responsible for also emitting a mgmt
signal but for the latter use case this should not happen. Because of
this a rather awkward new_key paramter has been passed to the function.

This patch moves the mgmt event sending out from the hci_add_link_key()
function, thereby making the code a bit more understandable.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Update hci_add_link_key() to return pointer to key
Johan Hedberg [Tue, 24 Jun 2014 10:15:48 +0000 (13:15 +0300)]
Bluetooth: Update hci_add_link_key() to return pointer to key

By returning the added (or updated) key we pave the way for further
refactoring (in subsequent patches) that allows moving the mgmt event
sending out from this function (and thereby removal of the awkward
new_key parameter).

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>