2007-02-09 14:24:33 +00:00
|
|
|
/*
|
2005-04-16 22:20:36 +00:00
|
|
|
BlueZ - Bluetooth protocol stack for Linux
|
2010-05-28 15:53:46 +00:00
|
|
|
Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
|
|
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License version 2 as
|
|
|
|
|
published by the Free Software Foundation;
|
|
|
|
|
|
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
|
|
|
|
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
|
|
|
|
|
IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
|
2007-02-09 14:24:33 +00:00
|
|
|
CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
|
|
|
|
|
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
|
|
|
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
2005-04-16 22:20:36 +00:00
|
|
|
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
|
|
|
|
2007-02-09 14:24:33 +00:00
|
|
|
ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
|
|
|
|
|
COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
|
2005-04-16 22:20:36 +00:00
|
|
|
SOFTWARE IS DISCLAIMED.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* Bluetooth HCI connection handling. */
|
|
|
|
|
|
2012-05-23 07:04:22 +00:00
|
|
|
#include <linux/export.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
#include <net/bluetooth/bluetooth.h>
|
|
|
|
|
#include <net/bluetooth/hci_core.h>
|
2014-05-20 06:45:47 +00:00
|
|
|
#include <net/bluetooth/l2cap.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2013-10-10 21:54:16 +00:00
|
|
|
#include "smp.h"
|
2013-10-10 21:54:15 +00:00
|
|
|
#include "a2mp.h"
|
|
|
|
|
|
2013-08-19 12:24:03 +00:00
|
|
|
struct sco_param {
|
|
|
|
|
u16 pkt_type;
|
|
|
|
|
u16 max_latency;
|
2014-09-24 19:41:46 +00:00
|
|
|
u8 retrans_effort;
|
2013-08-19 12:24:03 +00:00
|
|
|
};
|
|
|
|
|
|
2014-09-23 09:01:07 +00:00
|
|
|
static const struct sco_param esco_param_cvsd[] = {
|
2014-09-24 19:41:46 +00:00
|
|
|
{ EDR_ESCO_MASK & ~ESCO_2EV3, 0x000a, 0x01 }, /* S3 */
|
|
|
|
|
{ EDR_ESCO_MASK & ~ESCO_2EV3, 0x0007, 0x01 }, /* S2 */
|
|
|
|
|
{ EDR_ESCO_MASK | ESCO_EV3, 0x0007, 0x01 }, /* S1 */
|
|
|
|
|
{ EDR_ESCO_MASK | ESCO_HV3, 0xffff, 0x01 }, /* D1 */
|
|
|
|
|
{ EDR_ESCO_MASK | ESCO_HV1, 0xffff, 0x01 }, /* D0 */
|
2013-08-19 12:24:03 +00:00
|
|
|
};
|
|
|
|
|
|
2014-09-23 09:01:07 +00:00
|
|
|
static const struct sco_param sco_param_cvsd[] = {
|
2014-09-24 19:41:46 +00:00
|
|
|
{ EDR_ESCO_MASK | ESCO_HV3, 0xffff, 0xff }, /* D1 */
|
|
|
|
|
{ EDR_ESCO_MASK | ESCO_HV1, 0xffff, 0xff }, /* D0 */
|
2014-09-23 09:01:07 +00:00
|
|
|
};
|
|
|
|
|
|
2014-09-25 06:48:01 +00:00
|
|
|
static const struct sco_param esco_param_msbc[] = {
|
2014-09-24 19:41:46 +00:00
|
|
|
{ EDR_ESCO_MASK & ~ESCO_2EV3, 0x000d, 0x02 }, /* T2 */
|
|
|
|
|
{ EDR_ESCO_MASK | ESCO_EV3, 0x0008, 0x02 }, /* T1 */
|
2013-08-19 12:24:03 +00:00
|
|
|
};
|
|
|
|
|
|
2012-07-27 22:32:55 +00:00
|
|
|
static void hci_le_create_connection_cancel(struct hci_conn *conn)
|
2011-02-11 01:38:47 +00:00
|
|
|
{
|
|
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
2012-07-27 22:32:55 +00:00
|
|
|
static void hci_acl_create_connection(struct hci_conn *conn)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
struct inquiry_entry *ie;
|
|
|
|
|
struct hci_cp_create_conn cp;
|
|
|
|
|
|
2012-02-17 09:40:57 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
conn->state = BT_CONNECT;
|
2012-01-16 07:49:58 +00:00
|
|
|
conn->out = true;
|
2014-07-16 08:42:27 +00:00
|
|
|
conn->role = HCI_ROLE_MASTER;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2006-10-15 15:30:56 +00:00
|
|
|
conn->attempt++;
|
|
|
|
|
|
2008-07-14 18:13:47 +00:00
|
|
|
conn->link_policy = hdev->link_policy;
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
memset(&cp, 0, sizeof(cp));
|
|
|
|
|
bacpy(&cp.bdaddr, &conn->dst);
|
|
|
|
|
cp.pscan_rep_mode = 0x02;
|
|
|
|
|
|
2010-12-01 14:58:25 +00:00
|
|
|
ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
|
|
|
|
|
if (ie) {
|
2008-07-14 18:13:48 +00:00
|
|
|
if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
|
|
|
|
|
cp.pscan_rep_mode = ie->data.pscan_rep_mode;
|
|
|
|
|
cp.pscan_mode = ie->data.pscan_mode;
|
|
|
|
|
cp.clock_offset = ie->data.clock_offset |
|
2014-03-12 17:52:35 +00:00
|
|
|
cpu_to_le16(0x8000);
|
2008-07-14 18:13:48 +00:00
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
memcpy(conn->dev_class, ie->data.dev_class, 3);
|
2012-01-16 04:47:28 +00:00
|
|
|
if (ie->data.ssp_mode > 0)
|
|
|
|
|
set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2008-07-14 18:13:46 +00:00
|
|
|
cp.pkt_type = cpu_to_le16(conn->pkt_type);
|
2005-04-16 22:20:36 +00:00
|
|
|
if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
|
2007-10-20 12:55:10 +00:00
|
|
|
cp.role_switch = 0x01;
|
2005-04-16 22:20:36 +00:00
|
|
|
else
|
2007-10-20 12:55:10 +00:00
|
|
|
cp.role_switch = 0x00;
|
2006-10-15 15:30:56 +00:00
|
|
|
|
2007-10-20 11:33:56 +00:00
|
|
|
hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2012-07-27 22:32:55 +00:00
|
|
|
static void hci_acl_create_connection_cancel(struct hci_conn *conn)
|
2006-09-26 07:43:48 +00:00
|
|
|
{
|
|
|
|
|
struct hci_cp_create_conn_cancel cp;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2006-09-26 07:43:48 +00:00
|
|
|
|
2011-12-01 12:33:27 +00:00
|
|
|
if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
|
2006-09-26 07:43:48 +00:00
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
bacpy(&cp.bdaddr, &conn->dst);
|
2007-10-20 11:33:56 +00:00
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
|
2006-09-26 07:43:48 +00:00
|
|
|
}
|
|
|
|
|
|
2013-04-11 16:54:56 +00:00
|
|
|
static void hci_reject_sco(struct hci_conn *conn)
|
|
|
|
|
{
|
|
|
|
|
struct hci_cp_reject_sync_conn_req cp;
|
|
|
|
|
|
2014-09-24 10:14:46 +00:00
|
|
|
cp.reason = HCI_ERROR_REJ_LIMITED_RESOURCES;
|
2013-04-11 16:54:56 +00:00
|
|
|
bacpy(&cp.bdaddr, &conn->dst);
|
|
|
|
|
|
|
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_REJECT_SYNC_CONN_REQ, sizeof(cp), &cp);
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-18 17:33:32 +00:00
|
|
|
int hci_disconnect(struct hci_conn *conn, __u8 reason)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
|
struct hci_cp_disconnect cp;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2014-08-18 17:33:34 +00:00
|
|
|
/* When we are master of an established connection and it enters
|
|
|
|
|
* the disconnect timeout, then go ahead and try to read the
|
|
|
|
|
* current clock offset. Processing of the result is done
|
|
|
|
|
* within the event handling and hci_clock_offset_evt function.
|
|
|
|
|
*/
|
|
|
|
|
if (conn->type == ACL_LINK && conn->role == HCI_ROLE_MASTER) {
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
2014-10-25 08:48:58 +00:00
|
|
|
struct hci_cp_read_clock_offset clkoff_cp;
|
2014-08-18 17:33:34 +00:00
|
|
|
|
2014-10-25 08:48:58 +00:00
|
|
|
clkoff_cp.handle = cpu_to_le16(conn->handle);
|
|
|
|
|
hci_send_cmd(hdev, HCI_OP_READ_CLOCK_OFFSET, sizeof(clkoff_cp),
|
|
|
|
|
&clkoff_cp);
|
2014-08-18 17:33:34 +00:00
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
conn->state = BT_DISCONN;
|
|
|
|
|
|
2007-03-26 03:12:50 +00:00
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
2005-04-16 22:20:36 +00:00
|
|
|
cp.reason = reason;
|
2014-08-18 17:33:32 +00:00
|
|
|
return hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2014-06-27 11:45:08 +00:00
|
|
|
static void hci_amp_disconn(struct hci_conn *conn)
|
2012-10-10 14:38:27 +00:00
|
|
|
{
|
|
|
|
|
struct hci_cp_disconn_phy_link cp;
|
|
|
|
|
|
|
|
|
|
BT_DBG("hcon %p", conn);
|
|
|
|
|
|
|
|
|
|
conn->state = BT_DISCONN;
|
|
|
|
|
|
|
|
|
|
cp.phy_handle = HCI_PHY_HANDLE(conn->handle);
|
2014-06-27 11:45:08 +00:00
|
|
|
cp.reason = hci_proto_disconn_ind(conn);
|
2012-10-10 14:38:27 +00:00
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_DISCONN_PHY_LINK,
|
|
|
|
|
sizeof(cp), &cp);
|
|
|
|
|
}
|
|
|
|
|
|
2012-07-27 22:32:54 +00:00
|
|
|
static void hci_add_sco(struct hci_conn *conn, __u16 handle)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
struct hci_cp_add_sco cp;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
conn->state = BT_CONNECT;
|
2012-01-16 07:49:58 +00:00
|
|
|
conn->out = true;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-02-06 08:13:37 +00:00
|
|
|
conn->attempt++;
|
|
|
|
|
|
2007-03-26 03:12:50 +00:00
|
|
|
cp.handle = cpu_to_le16(handle);
|
2008-07-14 18:13:46 +00:00
|
|
|
cp.pkt_type = cpu_to_le16(conn->pkt_type);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2007-10-20 11:33:56 +00:00
|
|
|
hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2013-08-19 12:24:03 +00:00
|
|
|
bool hci_setup_sync(struct hci_conn *conn, __u16 handle)
|
2007-10-20 12:55:10 +00:00
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
struct hci_cp_setup_sync_conn cp;
|
2013-08-19 12:24:03 +00:00
|
|
|
const struct sco_param *param;
|
2007-10-20 12:55:10 +00:00
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2007-10-20 12:55:10 +00:00
|
|
|
|
|
|
|
|
conn->state = BT_CONNECT;
|
2012-01-16 07:49:58 +00:00
|
|
|
conn->out = true;
|
2007-10-20 12:55:10 +00:00
|
|
|
|
2009-02-06 08:13:37 +00:00
|
|
|
conn->attempt++;
|
|
|
|
|
|
2007-10-20 12:55:10 +00:00
|
|
|
cp.handle = cpu_to_le16(handle);
|
|
|
|
|
|
2014-03-12 17:52:35 +00:00
|
|
|
cp.tx_bandwidth = cpu_to_le32(0x00001f40);
|
|
|
|
|
cp.rx_bandwidth = cpu_to_le32(0x00001f40);
|
2013-08-19 12:23:59 +00:00
|
|
|
cp.voice_setting = cpu_to_le16(conn->setting);
|
|
|
|
|
|
|
|
|
|
switch (conn->setting & SCO_AIRMODE_MASK) {
|
|
|
|
|
case SCO_AIRMODE_TRANSP:
|
2014-09-25 06:48:01 +00:00
|
|
|
if (conn->attempt > ARRAY_SIZE(esco_param_msbc))
|
2013-08-19 12:24:03 +00:00
|
|
|
return false;
|
2014-09-25 06:48:01 +00:00
|
|
|
param = &esco_param_msbc[conn->attempt - 1];
|
2013-08-19 12:23:59 +00:00
|
|
|
break;
|
|
|
|
|
case SCO_AIRMODE_CVSD:
|
2014-09-23 09:01:07 +00:00
|
|
|
if (lmp_esco_capable(conn->link)) {
|
|
|
|
|
if (conn->attempt > ARRAY_SIZE(esco_param_cvsd))
|
|
|
|
|
return false;
|
|
|
|
|
param = &esco_param_cvsd[conn->attempt - 1];
|
|
|
|
|
} else {
|
|
|
|
|
if (conn->attempt > ARRAY_SIZE(sco_param_cvsd))
|
|
|
|
|
return false;
|
|
|
|
|
param = &sco_param_cvsd[conn->attempt - 1];
|
|
|
|
|
}
|
2013-08-19 12:23:59 +00:00
|
|
|
break;
|
2013-08-19 12:24:03 +00:00
|
|
|
default:
|
|
|
|
|
return false;
|
2013-08-19 12:23:59 +00:00
|
|
|
}
|
2007-10-20 12:55:10 +00:00
|
|
|
|
2014-09-24 19:41:46 +00:00
|
|
|
cp.retrans_effort = param->retrans_effort;
|
2013-08-19 12:24:03 +00:00
|
|
|
cp.pkt_type = __cpu_to_le16(param->pkt_type);
|
|
|
|
|
cp.max_latency = __cpu_to_le16(param->max_latency);
|
|
|
|
|
|
|
|
|
|
if (hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp) < 0)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
return true;
|
2007-10-20 12:55:10 +00:00
|
|
|
}
|
|
|
|
|
|
2014-07-02 14:37:31 +00:00
|
|
|
u8 hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max, u16 latency,
|
|
|
|
|
u16 to_multiplier)
|
2011-02-16 22:44:53 +00:00
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
2014-06-29 14:43:26 +00:00
|
|
|
struct hci_conn_params *params;
|
|
|
|
|
struct hci_cp_le_conn_update cp;
|
2011-02-16 22:44:53 +00:00
|
|
|
|
2014-06-29 14:43:26 +00:00
|
|
|
hci_dev_lock(hdev);
|
2011-02-16 22:44:53 +00:00
|
|
|
|
2014-06-29 14:43:26 +00:00
|
|
|
params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
|
|
|
|
|
if (params) {
|
|
|
|
|
params->conn_min_interval = min;
|
|
|
|
|
params->conn_max_interval = max;
|
|
|
|
|
params->conn_latency = latency;
|
|
|
|
|
params->supervision_timeout = to_multiplier;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hci_dev_unlock(hdev);
|
|
|
|
|
|
|
|
|
|
memset(&cp, 0, sizeof(cp));
|
2011-02-16 22:44:53 +00:00
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
|
|
|
|
cp.conn_interval_min = cpu_to_le16(min);
|
|
|
|
|
cp.conn_interval_max = cpu_to_le16(max);
|
|
|
|
|
cp.conn_latency = cpu_to_le16(latency);
|
|
|
|
|
cp.supervision_timeout = cpu_to_le16(to_multiplier);
|
2014-03-12 17:52:35 +00:00
|
|
|
cp.min_ce_len = cpu_to_le16(0x0000);
|
|
|
|
|
cp.max_ce_len = cpu_to_le16(0x0000);
|
2011-02-16 22:44:53 +00:00
|
|
|
|
|
|
|
|
hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
|
2014-07-02 14:37:31 +00:00
|
|
|
|
|
|
|
|
if (params)
|
|
|
|
|
return 0x01;
|
|
|
|
|
|
|
|
|
|
return 0x00;
|
2011-02-16 22:44:53 +00:00
|
|
|
}
|
|
|
|
|
|
2014-02-28 00:00:28 +00:00
|
|
|
void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __le64 rand,
|
2012-05-17 03:36:25 +00:00
|
|
|
__u8 ltk[16])
|
2011-06-09 21:50:47 +00:00
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
struct hci_cp_le_start_enc cp;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2011-06-09 21:50:47 +00:00
|
|
|
|
|
|
|
|
memset(&cp, 0, sizeof(cp));
|
|
|
|
|
|
|
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
2014-02-28 00:00:28 +00:00
|
|
|
cp.rand = rand;
|
2011-06-09 21:50:47 +00:00
|
|
|
cp.ediv = ediv;
|
2014-02-28 00:00:28 +00:00
|
|
|
memcpy(cp.ltk, ltk, sizeof(cp.ltk));
|
2011-06-09 21:50:47 +00:00
|
|
|
|
|
|
|
|
hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
|
|
|
|
|
}
|
|
|
|
|
|
2010-07-26 14:06:00 +00:00
|
|
|
/* Device _must_ be locked */
|
|
|
|
|
void hci_sco_setup(struct hci_conn *conn, __u8 status)
|
|
|
|
|
{
|
|
|
|
|
struct hci_conn *sco = conn->link;
|
|
|
|
|
|
|
|
|
|
if (!sco)
|
|
|
|
|
return;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
|
|
|
|
|
2010-07-26 14:06:00 +00:00
|
|
|
if (!status) {
|
|
|
|
|
if (lmp_esco_capable(conn->hdev))
|
|
|
|
|
hci_setup_sync(sco, conn->handle);
|
|
|
|
|
else
|
|
|
|
|
hci_add_sco(sco, conn->handle);
|
|
|
|
|
} else {
|
|
|
|
|
hci_proto_connect_cfm(sco, status);
|
|
|
|
|
hci_conn_del(sco);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-06-17 16:03:21 +00:00
|
|
|
static void hci_conn_timeout(struct work_struct *work)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2011-06-17 16:03:21 +00:00
|
|
|
struct hci_conn *conn = container_of(work, struct hci_conn,
|
2012-05-17 03:36:25 +00:00
|
|
|
disc_work.work);
|
Bluetooth: Fix for ACL disconnect when pairing fails
When pairing fails hci_conn refcnt drops below zero. This cause that
ACL link is not disconnected when disconnect timeout fires.
Probably this is because l2cap_conn_del calls l2cap_chan_del for each
channel, and inside l2cap_chan_del conn is dropped. After that loop
hci_chan_del is called which also drops conn.
Anyway, as it is desrcibed in hci_core.h, it is known that refcnt
drops below 0 sometimes and it should be fine. If so, let disconnect
link when hci_conn_timeout fires and refcnt is 0 or below. This patch
does it.
This affects PTS test SM_TC_JW_BV_05_C
Logs from scenario:
[69713.706227] [6515] pair_device:
[69713.706230] [6515] hci_conn_add: hci0 dst 00:1b:dc:06:06:22
[69713.706233] [6515] hci_dev_hold: hci0 orig refcnt 8
[69713.706235] [6515] hci_conn_init_sysfs: conn ffff88021f65a000
[69713.706239] [6515] hci_req_add_ev: hci0 opcode 0x200d plen 25
[69713.706242] [6515] hci_prepare_cmd: skb len 28
[69713.706243] [6515] hci_req_run: length 1
[69713.706248] [6515] hci_conn_hold: hcon ffff88021f65a000 orig refcnt 0
[69713.706251] [6515] hci_dev_put: hci0 orig refcnt 9
[69713.706281] [8909] hci_cmd_work: hci0 cmd_cnt 1 cmd queued 1
[69713.706288] [8909] hci_send_frame: hci0 type 1 len 28
[69713.706290] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 28
[69713.706316] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.706382] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.711664] [8909] hci_rx_work: hci0
[69713.711668] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 6
[69713.711680] [8909] hci_rx_work: hci0 Event packet
[69713.711683] [8909] hci_cs_le_create_conn: hci0 status 0x00
[69713.711685] [8909] hci_sent_cmd_data: hci0 opcode 0x200d
[69713.711688] [8909] hci_req_cmd_complete: opcode 0x200d status 0x00
[69713.711690] [8909] hci_sent_cmd_data: hci0 opcode 0x200d
[69713.711695] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.711744] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.818875] [8909] hci_rx_work: hci0
[69713.818889] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 21
[69713.818913] [8909] hci_rx_work: hci0 Event packet
[69713.818917] [8909] hci_le_conn_complete_evt: hci0 status 0x00
[69713.818922] [8909] hci_send_to_control: len 19
[69713.818927] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.818938] [8909] hci_conn_add_sysfs: conn ffff88021f65a000
[69713.818975] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
[69713.818981] [6515] hci_sock_recvmsg: sock ffff88005e75a080, sk ffff88010323ac00
...
[69713.819021] [8909] hci_dev_hold: hci0 orig refcnt 10
[69713.819025] [8909] l2cap_connect_cfm: hcon ffff88021f65a000 bdaddr 00:1b:dc:06:06:22 status 0
[69713.819028] [8909] hci_chan_create: hci0 hcon ffff88021f65a000
[69713.819031] [8909] l2cap_conn_add: hcon ffff88021f65a000 conn ffff880221005c00 hchan ffff88020d60b1c0
[69713.819034] [8909] l2cap_conn_ready: conn ffff880221005c00
[69713.819036] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.819037] [8909] smp_conn_security: conn ffff880221005c00 hcon ffff88021f65a000 level 0x02
[69713.819039] [8909] smp_chan_create:
[69713.819041] [8909] hci_conn_hold: hcon ffff88021f65a000 orig refcnt 1
[69713.819043] [8909] smp_send_cmd: code 0x01
[69713.819045] [8909] hci_send_acl: hci0 chan ffff88020d60b1c0 flags 0x0000
[69713.819046] [5949] hci_sock_recvmsg: sock ffff8800941a9900, sk ffff88012bf4e800
[69713.819049] [8909] hci_queue_acl: hci0 nonfrag skb ffff88005157c100 len 15
[69713.819055] [5949] hci_sock_recvmsg: sock ffff8800941a9900, sk ffff88012bf4e800
[69713.819057] [8909] l2cap_le_conn_ready:
[69713.819064] [8909] l2cap_chan_create: chan ffff88005ede2c00
[69713.819066] [8909] l2cap_chan_hold: chan ffff88005ede2c00 orig refcnt 1
[69713.819069] [8909] l2cap_sock_init: sk ffff88005ede5800
[69713.819072] [8909] bt_accept_enqueue: parent ffff880160356000, sk ffff88005ede5800
[69713.819074] [8909] __l2cap_chan_add: conn ffff880221005c00, psm 0x00, dcid 0x0004
[69713.819076] [8909] l2cap_chan_hold: chan ffff88005ede2c00 orig refcnt 2
[69713.819078] [8909] hci_conn_hold: hcon ffff88021f65a000 orig refcnt 2
[69713.819080] [8909] smp_conn_security: conn ffff880221005c00 hcon ffff88021f65a000 level 0x01
[69713.819082] [8909] l2cap_sock_ready_cb: sk ffff88005ede5800, parent ffff880160356000
[69713.819086] [8909] le_pairing_complete_cb: status 0
[69713.819091] [8909] hci_tx_work: hci0 acl 10 sco 8 le 0
[69713.819093] [8909] hci_sched_acl: hci0
[69713.819094] [8909] hci_sched_sco: hci0
[69713.819096] [8909] hci_sched_esco: hci0
[69713.819098] [8909] hci_sched_le: hci0
[69713.819099] [8909] hci_chan_sent: hci0
[69713.819101] [8909] hci_chan_sent: chan ffff88020d60b1c0 quote 10
[69713.819104] [8909] hci_sched_le: chan ffff88020d60b1c0 skb ffff88005157c100 len 15 priority 7
[69713.819106] [8909] hci_send_frame: hci0 type 2 len 15
[69713.819108] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 15
[69713.819119] [8909] hci_chan_sent: hci0
[69713.819121] [8909] hci_prio_recalculate: hci0
[69713.819123] [8909] process_pending_rx:
[69713.819226] [6450] hci_sock_recvmsg: sock ffff88005e758780, sk ffff88010323d400
...
[69713.822022] [6450] l2cap_sock_accept: sk ffff880160356000 timeo 0
[69713.822024] [6450] bt_accept_dequeue: parent ffff880160356000
[69713.822026] [6450] bt_accept_unlink: sk ffff88005ede5800 state 1
[69713.822028] [6450] l2cap_sock_accept: new socket ffff88005ede5800
[69713.822368] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.822375] [6450] l2cap_sock_getsockopt: sk ffff88005ede5800
[69713.822383] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.822414] [6450] bt_sock_poll: sock ffff8800941ab700, sk ffff88005ede5800
...
[69713.823255] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.823259] [6450] l2cap_sock_getsockopt: sk ffff88005ede5800
[69713.824322] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.824330] [6450] l2cap_sock_getsockopt: sk ffff88005ede5800
[69713.825029] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
...
[69713.825187] [6450] l2cap_sock_sendmsg: sock ffff8800941ab700, sk ffff88005ede5800
[69713.825189] [6450] bt_sock_wait_ready: sk ffff88005ede5800
[69713.825192] [6450] l2cap_create_basic_pdu: chan ffff88005ede2c00 len 3
[69713.825196] [6450] l2cap_do_send: chan ffff88005ede2c00, skb ffff880160b0b500 len 7 priority 0
[69713.825199] [6450] hci_send_acl: hci0 chan ffff88020d60b1c0 flags 0x0000
[69713.825201] [6450] hci_queue_acl: hci0 nonfrag skb ffff880160b0b500 len 11
[69713.825210] [8909] hci_tx_work: hci0 acl 9 sco 8 le 0
[69713.825213] [8909] hci_sched_acl: hci0
[69713.825214] [8909] hci_sched_sco: hci0
[69713.825216] [8909] hci_sched_esco: hci0
[69713.825217] [8909] hci_sched_le: hci0
[69713.825219] [8909] hci_chan_sent: hci0
[69713.825221] [8909] hci_chan_sent: chan ffff88020d60b1c0 quote 9
[69713.825223] [8909] hci_sched_le: chan ffff88020d60b1c0 skb ffff880160b0b500 len 11 priority 0
[69713.825225] [8909] hci_send_frame: hci0 type 2 len 11
[69713.825227] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 11
[69713.825242] [8909] hci_chan_sent: hci0
[69713.825253] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.825253] [8909] hci_prio_recalculate: hci0
[69713.825292] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.825768] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
...
[69713.866902] [8909] hci_rx_work: hci0
[69713.866921] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 7
[69713.866928] [8909] hci_rx_work: hci0 Event packet
[69713.866931] [8909] hci_num_comp_pkts_evt: hci0 num_hndl 1
[69713.866937] [8909] hci_tx_work: hci0 acl 9 sco 8 le 0
[69713.866939] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.866940] [8909] hci_sched_acl: hci0
...
[69713.866944] [8909] hci_sched_le: hci0
[69713.866953] [8909] hci_chan_sent: hci0
[69713.866997] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.867840] [28074] hci_rx_work: hci0
[69713.867844] [28074] hci_send_to_monitor: hdev ffff88021f0c7000 len 7
[69713.867850] [28074] hci_rx_work: hci0 Event packet
[69713.867853] [28074] hci_num_comp_pkts_evt: hci0 num_hndl 1
[69713.867857] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.867858] [28074] hci_tx_work: hci0 acl 10 sco 8 le 0
[69713.867860] [28074] hci_sched_acl: hci0
[69713.867861] [28074] hci_sched_sco: hci0
[69713.867862] [28074] hci_sched_esco: hci0
[69713.867863] [28074] hci_sched_le: hci0
[69713.867865] [28074] hci_chan_sent: hci0
[69713.867888] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69714.145661] [8909] hci_rx_work: hci0
[69714.145666] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 10
[69714.145676] [8909] hci_rx_work: hci0 ACL data packet
[69714.145679] [8909] hci_acldata_packet: hci0 len 6 handle 0x002d flags 0x0002
[69714.145681] [8909] hci_conn_enter_active_mode: hcon ffff88021f65a000 mode 0
[69714.145683] [8909] l2cap_recv_acldata: conn ffff880221005c00 len 6 flags 0x2
[69714.145693] [8909] l2cap_recv_frame: len 2, cid 0x0006
[69714.145696] [8909] hci_send_to_control: len 14
[69714.145710] [8909] smp_chan_destroy:
[69714.145713] [8909] pairing_complete: status 3
[69714.145714] [8909] cmd_complete: sock ffff88010323ac00
[69714.145717] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 3
[69714.145719] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69714.145720] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
[69714.145722] [6515] hci_sock_recvmsg: sock ffff88005e75a080, sk ffff88010323ac00
[69714.145724] [6450] bt_sock_poll: sock ffff8801db6b4f00, sk ffff880160351c00
...
[69714.145735] [6515] hci_sock_recvmsg: sock ffff88005e75a080, sk ffff88010323ac00
[69714.145737] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 2
[69714.145739] [8909] l2cap_conn_del: hcon ffff88021f65a000 conn ffff880221005c00, err 13
[69714.145740] [6450] bt_sock_poll: sock ffff8801db6b5400, sk ffff88021e775000
[69714.145743] [6450] bt_sock_poll: sock ffff8801db6b5e00, sk ffff880160356000
[69714.145744] [8909] l2cap_chan_hold: chan ffff88005ede2c00 orig refcnt 3
[69714.145746] [6450] bt_sock_poll: sock ffff8800941ab700, sk ffff88005ede5800
[69714.145748] [8909] l2cap_chan_del: chan ffff88005ede2c00, conn ffff880221005c00, err 13
[69714.145749] [8909] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 4
[69714.145751] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 1
[69714.145754] [6450] bt_sock_poll: sock ffff8800941ab700, sk ffff88005ede5800
[69714.145756] [8909] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 3
[69714.145759] [8909] hci_chan_del: hci0 hcon ffff88021f65a000 chan ffff88020d60b1c0
[69714.145766] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69714.145787] [6515] hci_sock_release: sock ffff88005e75a080 sk ffff88010323ac00
[69714.146002] [6450] hci_sock_recvmsg: sock ffff88005e758780, sk ffff88010323d400
[69714.150795] [6450] l2cap_sock_release: sock ffff8800941ab700, sk ffff88005ede5800
[69714.150799] [6450] l2cap_sock_shutdown: sock ffff8800941ab700, sk ffff88005ede5800
[69714.150802] [6450] l2cap_chan_close: chan ffff88005ede2c00 state BT_CLOSED
[69714.150805] [6450] l2cap_sock_kill: sk ffff88005ede5800 state BT_CLOSED
[69714.150806] [6450] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 2
[69714.150808] [6450] l2cap_sock_destruct: sk ffff88005ede5800
[69714.150809] [6450] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 1
[69714.150811] [6450] l2cap_chan_destroy: chan ffff88005ede2c00
[69714.150970] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
...
[69714.151991] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 0
[69716.150339] [8909] hci_conn_timeout: hcon ffff88021f65a000 state BT_CONNECTED, refcnt -1
Signed-off-by: Lukasz Rymanowski <lukasz.rymanowski@tieto.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-06-17 11:04:20 +00:00
|
|
|
int refcnt = atomic_read(&conn->refcnt);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p state %s", conn, state_to_string(conn->state));
|
2005-04-16 22:20:36 +00:00
|
|
|
|
Bluetooth: Fix for ACL disconnect when pairing fails
When pairing fails hci_conn refcnt drops below zero. This cause that
ACL link is not disconnected when disconnect timeout fires.
Probably this is because l2cap_conn_del calls l2cap_chan_del for each
channel, and inside l2cap_chan_del conn is dropped. After that loop
hci_chan_del is called which also drops conn.
Anyway, as it is desrcibed in hci_core.h, it is known that refcnt
drops below 0 sometimes and it should be fine. If so, let disconnect
link when hci_conn_timeout fires and refcnt is 0 or below. This patch
does it.
This affects PTS test SM_TC_JW_BV_05_C
Logs from scenario:
[69713.706227] [6515] pair_device:
[69713.706230] [6515] hci_conn_add: hci0 dst 00:1b:dc:06:06:22
[69713.706233] [6515] hci_dev_hold: hci0 orig refcnt 8
[69713.706235] [6515] hci_conn_init_sysfs: conn ffff88021f65a000
[69713.706239] [6515] hci_req_add_ev: hci0 opcode 0x200d plen 25
[69713.706242] [6515] hci_prepare_cmd: skb len 28
[69713.706243] [6515] hci_req_run: length 1
[69713.706248] [6515] hci_conn_hold: hcon ffff88021f65a000 orig refcnt 0
[69713.706251] [6515] hci_dev_put: hci0 orig refcnt 9
[69713.706281] [8909] hci_cmd_work: hci0 cmd_cnt 1 cmd queued 1
[69713.706288] [8909] hci_send_frame: hci0 type 1 len 28
[69713.706290] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 28
[69713.706316] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.706382] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.711664] [8909] hci_rx_work: hci0
[69713.711668] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 6
[69713.711680] [8909] hci_rx_work: hci0 Event packet
[69713.711683] [8909] hci_cs_le_create_conn: hci0 status 0x00
[69713.711685] [8909] hci_sent_cmd_data: hci0 opcode 0x200d
[69713.711688] [8909] hci_req_cmd_complete: opcode 0x200d status 0x00
[69713.711690] [8909] hci_sent_cmd_data: hci0 opcode 0x200d
[69713.711695] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.711744] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.818875] [8909] hci_rx_work: hci0
[69713.818889] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 21
[69713.818913] [8909] hci_rx_work: hci0 Event packet
[69713.818917] [8909] hci_le_conn_complete_evt: hci0 status 0x00
[69713.818922] [8909] hci_send_to_control: len 19
[69713.818927] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.818938] [8909] hci_conn_add_sysfs: conn ffff88021f65a000
[69713.818975] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
[69713.818981] [6515] hci_sock_recvmsg: sock ffff88005e75a080, sk ffff88010323ac00
...
[69713.819021] [8909] hci_dev_hold: hci0 orig refcnt 10
[69713.819025] [8909] l2cap_connect_cfm: hcon ffff88021f65a000 bdaddr 00:1b:dc:06:06:22 status 0
[69713.819028] [8909] hci_chan_create: hci0 hcon ffff88021f65a000
[69713.819031] [8909] l2cap_conn_add: hcon ffff88021f65a000 conn ffff880221005c00 hchan ffff88020d60b1c0
[69713.819034] [8909] l2cap_conn_ready: conn ffff880221005c00
[69713.819036] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.819037] [8909] smp_conn_security: conn ffff880221005c00 hcon ffff88021f65a000 level 0x02
[69713.819039] [8909] smp_chan_create:
[69713.819041] [8909] hci_conn_hold: hcon ffff88021f65a000 orig refcnt 1
[69713.819043] [8909] smp_send_cmd: code 0x01
[69713.819045] [8909] hci_send_acl: hci0 chan ffff88020d60b1c0 flags 0x0000
[69713.819046] [5949] hci_sock_recvmsg: sock ffff8800941a9900, sk ffff88012bf4e800
[69713.819049] [8909] hci_queue_acl: hci0 nonfrag skb ffff88005157c100 len 15
[69713.819055] [5949] hci_sock_recvmsg: sock ffff8800941a9900, sk ffff88012bf4e800
[69713.819057] [8909] l2cap_le_conn_ready:
[69713.819064] [8909] l2cap_chan_create: chan ffff88005ede2c00
[69713.819066] [8909] l2cap_chan_hold: chan ffff88005ede2c00 orig refcnt 1
[69713.819069] [8909] l2cap_sock_init: sk ffff88005ede5800
[69713.819072] [8909] bt_accept_enqueue: parent ffff880160356000, sk ffff88005ede5800
[69713.819074] [8909] __l2cap_chan_add: conn ffff880221005c00, psm 0x00, dcid 0x0004
[69713.819076] [8909] l2cap_chan_hold: chan ffff88005ede2c00 orig refcnt 2
[69713.819078] [8909] hci_conn_hold: hcon ffff88021f65a000 orig refcnt 2
[69713.819080] [8909] smp_conn_security: conn ffff880221005c00 hcon ffff88021f65a000 level 0x01
[69713.819082] [8909] l2cap_sock_ready_cb: sk ffff88005ede5800, parent ffff880160356000
[69713.819086] [8909] le_pairing_complete_cb: status 0
[69713.819091] [8909] hci_tx_work: hci0 acl 10 sco 8 le 0
[69713.819093] [8909] hci_sched_acl: hci0
[69713.819094] [8909] hci_sched_sco: hci0
[69713.819096] [8909] hci_sched_esco: hci0
[69713.819098] [8909] hci_sched_le: hci0
[69713.819099] [8909] hci_chan_sent: hci0
[69713.819101] [8909] hci_chan_sent: chan ffff88020d60b1c0 quote 10
[69713.819104] [8909] hci_sched_le: chan ffff88020d60b1c0 skb ffff88005157c100 len 15 priority 7
[69713.819106] [8909] hci_send_frame: hci0 type 2 len 15
[69713.819108] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 15
[69713.819119] [8909] hci_chan_sent: hci0
[69713.819121] [8909] hci_prio_recalculate: hci0
[69713.819123] [8909] process_pending_rx:
[69713.819226] [6450] hci_sock_recvmsg: sock ffff88005e758780, sk ffff88010323d400
...
[69713.822022] [6450] l2cap_sock_accept: sk ffff880160356000 timeo 0
[69713.822024] [6450] bt_accept_dequeue: parent ffff880160356000
[69713.822026] [6450] bt_accept_unlink: sk ffff88005ede5800 state 1
[69713.822028] [6450] l2cap_sock_accept: new socket ffff88005ede5800
[69713.822368] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.822375] [6450] l2cap_sock_getsockopt: sk ffff88005ede5800
[69713.822383] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.822414] [6450] bt_sock_poll: sock ffff8800941ab700, sk ffff88005ede5800
...
[69713.823255] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.823259] [6450] l2cap_sock_getsockopt: sk ffff88005ede5800
[69713.824322] [6450] l2cap_sock_getname: sock ffff8800941ab700, sk ffff88005ede5800
[69713.824330] [6450] l2cap_sock_getsockopt: sk ffff88005ede5800
[69713.825029] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
...
[69713.825187] [6450] l2cap_sock_sendmsg: sock ffff8800941ab700, sk ffff88005ede5800
[69713.825189] [6450] bt_sock_wait_ready: sk ffff88005ede5800
[69713.825192] [6450] l2cap_create_basic_pdu: chan ffff88005ede2c00 len 3
[69713.825196] [6450] l2cap_do_send: chan ffff88005ede2c00, skb ffff880160b0b500 len 7 priority 0
[69713.825199] [6450] hci_send_acl: hci0 chan ffff88020d60b1c0 flags 0x0000
[69713.825201] [6450] hci_queue_acl: hci0 nonfrag skb ffff880160b0b500 len 11
[69713.825210] [8909] hci_tx_work: hci0 acl 9 sco 8 le 0
[69713.825213] [8909] hci_sched_acl: hci0
[69713.825214] [8909] hci_sched_sco: hci0
[69713.825216] [8909] hci_sched_esco: hci0
[69713.825217] [8909] hci_sched_le: hci0
[69713.825219] [8909] hci_chan_sent: hci0
[69713.825221] [8909] hci_chan_sent: chan ffff88020d60b1c0 quote 9
[69713.825223] [8909] hci_sched_le: chan ffff88020d60b1c0 skb ffff880160b0b500 len 11 priority 0
[69713.825225] [8909] hci_send_frame: hci0 type 2 len 11
[69713.825227] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 11
[69713.825242] [8909] hci_chan_sent: hci0
[69713.825253] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.825253] [8909] hci_prio_recalculate: hci0
[69713.825292] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.825768] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
...
[69713.866902] [8909] hci_rx_work: hci0
[69713.866921] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 7
[69713.866928] [8909] hci_rx_work: hci0 Event packet
[69713.866931] [8909] hci_num_comp_pkts_evt: hci0 num_hndl 1
[69713.866937] [8909] hci_tx_work: hci0 acl 9 sco 8 le 0
[69713.866939] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.866940] [8909] hci_sched_acl: hci0
...
[69713.866944] [8909] hci_sched_le: hci0
[69713.866953] [8909] hci_chan_sent: hci0
[69713.866997] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.867840] [28074] hci_rx_work: hci0
[69713.867844] [28074] hci_send_to_monitor: hdev ffff88021f0c7000 len 7
[69713.867850] [28074] hci_rx_work: hci0 Event packet
[69713.867853] [28074] hci_num_comp_pkts_evt: hci0 num_hndl 1
[69713.867857] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69713.867858] [28074] hci_tx_work: hci0 acl 10 sco 8 le 0
[69713.867860] [28074] hci_sched_acl: hci0
[69713.867861] [28074] hci_sched_sco: hci0
[69713.867862] [28074] hci_sched_esco: hci0
[69713.867863] [28074] hci_sched_le: hci0
[69713.867865] [28074] hci_chan_sent: hci0
[69713.867888] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69714.145661] [8909] hci_rx_work: hci0
[69714.145666] [8909] hci_send_to_monitor: hdev ffff88021f0c7000 len 10
[69714.145676] [8909] hci_rx_work: hci0 ACL data packet
[69714.145679] [8909] hci_acldata_packet: hci0 len 6 handle 0x002d flags 0x0002
[69714.145681] [8909] hci_conn_enter_active_mode: hcon ffff88021f65a000 mode 0
[69714.145683] [8909] l2cap_recv_acldata: conn ffff880221005c00 len 6 flags 0x2
[69714.145693] [8909] l2cap_recv_frame: len 2, cid 0x0006
[69714.145696] [8909] hci_send_to_control: len 14
[69714.145710] [8909] smp_chan_destroy:
[69714.145713] [8909] pairing_complete: status 3
[69714.145714] [8909] cmd_complete: sock ffff88010323ac00
[69714.145717] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 3
[69714.145719] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69714.145720] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
[69714.145722] [6515] hci_sock_recvmsg: sock ffff88005e75a080, sk ffff88010323ac00
[69714.145724] [6450] bt_sock_poll: sock ffff8801db6b4f00, sk ffff880160351c00
...
[69714.145735] [6515] hci_sock_recvmsg: sock ffff88005e75a080, sk ffff88010323ac00
[69714.145737] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 2
[69714.145739] [8909] l2cap_conn_del: hcon ffff88021f65a000 conn ffff880221005c00, err 13
[69714.145740] [6450] bt_sock_poll: sock ffff8801db6b5400, sk ffff88021e775000
[69714.145743] [6450] bt_sock_poll: sock ffff8801db6b5e00, sk ffff880160356000
[69714.145744] [8909] l2cap_chan_hold: chan ffff88005ede2c00 orig refcnt 3
[69714.145746] [6450] bt_sock_poll: sock ffff8800941ab700, sk ffff88005ede5800
[69714.145748] [8909] l2cap_chan_del: chan ffff88005ede2c00, conn ffff880221005c00, err 13
[69714.145749] [8909] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 4
[69714.145751] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 1
[69714.145754] [6450] bt_sock_poll: sock ffff8800941ab700, sk ffff88005ede5800
[69714.145756] [8909] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 3
[69714.145759] [8909] hci_chan_del: hci0 hcon ffff88021f65a000 chan ffff88020d60b1c0
[69714.145766] [5949] hci_sock_recvmsg: sock ffff8800941a9680, sk ffff88012bf4d000
[69714.145787] [6515] hci_sock_release: sock ffff88005e75a080 sk ffff88010323ac00
[69714.146002] [6450] hci_sock_recvmsg: sock ffff88005e758780, sk ffff88010323d400
[69714.150795] [6450] l2cap_sock_release: sock ffff8800941ab700, sk ffff88005ede5800
[69714.150799] [6450] l2cap_sock_shutdown: sock ffff8800941ab700, sk ffff88005ede5800
[69714.150802] [6450] l2cap_chan_close: chan ffff88005ede2c00 state BT_CLOSED
[69714.150805] [6450] l2cap_sock_kill: sk ffff88005ede5800 state BT_CLOSED
[69714.150806] [6450] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 2
[69714.150808] [6450] l2cap_sock_destruct: sk ffff88005ede5800
[69714.150809] [6450] l2cap_chan_put: chan ffff88005ede2c00 orig refcnt 1
[69714.150811] [6450] l2cap_chan_destroy: chan ffff88005ede2c00
[69714.150970] [6450] bt_sock_poll: sock ffff88005e758500, sk ffff88010323b800
...
[69714.151991] [8909] hci_conn_drop: hcon ffff88021f65a000 orig refcnt 0
[69716.150339] [8909] hci_conn_timeout: hcon ffff88021f65a000 state BT_CONNECTED, refcnt -1
Signed-off-by: Lukasz Rymanowski <lukasz.rymanowski@tieto.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-06-17 11:04:20 +00:00
|
|
|
WARN_ON(refcnt < 0);
|
|
|
|
|
|
|
|
|
|
/* FIXME: It was observed that in pairing failed scenario, refcnt
|
|
|
|
|
* drops below 0. Probably this is because l2cap_conn_del calls
|
|
|
|
|
* l2cap_chan_del for each channel, and inside l2cap_chan_del conn is
|
|
|
|
|
* dropped. After that loop hci_chan_del is called which also drops
|
|
|
|
|
* conn. For now make sure that ACL is alive if refcnt is higher then 0,
|
|
|
|
|
* otherwise drop it.
|
|
|
|
|
*/
|
|
|
|
|
if (refcnt > 0)
|
2005-04-16 22:20:36 +00:00
|
|
|
return;
|
|
|
|
|
|
2006-09-26 07:43:48 +00:00
|
|
|
switch (conn->state) {
|
|
|
|
|
case BT_CONNECT:
|
2008-07-14 18:13:49 +00:00
|
|
|
case BT_CONNECT2:
|
2011-02-11 01:38:47 +00:00
|
|
|
if (conn->out) {
|
|
|
|
|
if (conn->type == ACL_LINK)
|
2012-07-27 22:32:55 +00:00
|
|
|
hci_acl_create_connection_cancel(conn);
|
2011-02-11 01:38:47 +00:00
|
|
|
else if (conn->type == LE_LINK)
|
2012-07-27 22:32:55 +00:00
|
|
|
hci_le_create_connection_cancel(conn);
|
2013-04-11 16:54:56 +00:00
|
|
|
} else if (conn->type == SCO_LINK || conn->type == ESCO_LINK) {
|
|
|
|
|
hci_reject_sco(conn);
|
2011-02-11 01:38:47 +00:00
|
|
|
}
|
2006-09-26 07:43:48 +00:00
|
|
|
break;
|
2008-07-14 18:13:49 +00:00
|
|
|
case BT_CONFIG:
|
2007-02-09 14:24:33 +00:00
|
|
|
case BT_CONNECTED:
|
2014-06-27 11:45:09 +00:00
|
|
|
if (conn->type == AMP_LINK) {
|
|
|
|
|
hci_amp_disconn(conn);
|
|
|
|
|
} else {
|
|
|
|
|
__u8 reason = hci_proto_disconn_ind(conn);
|
|
|
|
|
hci_disconnect(conn, reason);
|
|
|
|
|
}
|
2006-09-26 07:43:48 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2005-04-16 22:20:36 +00:00
|
|
|
conn->state = BT_CLOSED;
|
2006-09-26 07:43:48 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2011-12-07 15:24:33 +00:00
|
|
|
/* Enter sniff mode */
|
2013-10-16 15:11:40 +00:00
|
|
|
static void hci_conn_idle(struct work_struct *work)
|
2011-12-07 15:24:33 +00:00
|
|
|
{
|
2013-10-16 15:11:40 +00:00
|
|
|
struct hci_conn *conn = container_of(work, struct hci_conn,
|
|
|
|
|
idle_work.work);
|
2011-12-07 15:24:33 +00:00
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p mode %d", conn, conn->mode);
|
2011-12-07 15:24:33 +00:00
|
|
|
|
|
|
|
|
if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
|
|
|
|
|
struct hci_cp_sniff_subrate cp;
|
|
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
2014-03-12 17:52:35 +00:00
|
|
|
cp.max_latency = cpu_to_le16(0);
|
|
|
|
|
cp.min_remote_timeout = cpu_to_le16(0);
|
|
|
|
|
cp.min_local_timeout = cpu_to_le16(0);
|
2011-12-07 15:24:33 +00:00
|
|
|
hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
|
|
|
|
|
}
|
|
|
|
|
|
2012-01-16 04:10:31 +00:00
|
|
|
if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
|
2011-12-07 15:24:33 +00:00
|
|
|
struct hci_cp_sniff_mode cp;
|
|
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
|
|
|
|
cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
|
|
|
|
|
cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
|
2014-03-12 17:52:35 +00:00
|
|
|
cp.attempt = cpu_to_le16(4);
|
|
|
|
|
cp.timeout = cpu_to_le16(1);
|
2011-12-07 15:24:33 +00:00
|
|
|
hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-16 15:11:39 +00:00
|
|
|
static void hci_conn_auto_accept(struct work_struct *work)
|
2011-04-28 18:28:54 +00:00
|
|
|
{
|
2013-10-16 15:11:39 +00:00
|
|
|
struct hci_conn *conn = container_of(work, struct hci_conn,
|
|
|
|
|
auto_accept_work.work);
|
2011-04-28 18:28:54 +00:00
|
|
|
|
2013-10-16 15:11:39 +00:00
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
|
2012-05-17 03:36:25 +00:00
|
|
|
&conn->dst);
|
2011-04-28 18:28:54 +00:00
|
|
|
}
|
|
|
|
|
|
2014-02-28 15:45:46 +00:00
|
|
|
static void le_conn_timeout(struct work_struct *work)
|
|
|
|
|
{
|
|
|
|
|
struct hci_conn *conn = container_of(work, struct hci_conn,
|
|
|
|
|
le_conn_timeout.work);
|
2014-03-25 08:30:49 +00:00
|
|
|
struct hci_dev *hdev = conn->hdev;
|
2014-02-28 15:45:46 +00:00
|
|
|
|
|
|
|
|
BT_DBG("");
|
|
|
|
|
|
2014-03-25 08:30:49 +00:00
|
|
|
/* We could end up here due to having done directed advertising,
|
|
|
|
|
* so clean up the state if necessary. This should however only
|
|
|
|
|
* happen with broken hardware or if low duty cycle was used
|
|
|
|
|
* (which doesn't have a timeout of its own).
|
|
|
|
|
*/
|
|
|
|
|
if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
|
|
|
|
|
u8 enable = 0x00;
|
|
|
|
|
hci_send_cmd(hdev, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable),
|
|
|
|
|
&enable);
|
|
|
|
|
hci_le_conn_failed(conn, HCI_ERROR_ADVERTISING_TIMEOUT);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-28 15:45:46 +00:00
|
|
|
hci_le_create_connection_cancel(conn);
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-16 08:56:07 +00:00
|
|
|
struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst,
|
|
|
|
|
u8 role)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
|
struct hci_conn *conn;
|
|
|
|
|
|
2012-09-25 09:49:43 +00:00
|
|
|
BT_DBG("%s dst %pMR", hdev->name, dst);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2014-07-21 07:50:06 +00:00
|
|
|
conn = kzalloc(sizeof(*conn), GFP_KERNEL);
|
2006-07-03 08:02:33 +00:00
|
|
|
if (!conn)
|
2005-04-16 22:20:36 +00:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
bacpy(&conn->dst, dst);
|
2013-10-13 12:23:59 +00:00
|
|
|
bacpy(&conn->src, &hdev->bdaddr);
|
2008-07-14 18:13:46 +00:00
|
|
|
conn->hdev = hdev;
|
|
|
|
|
conn->type = type;
|
2014-07-16 08:56:07 +00:00
|
|
|
conn->role = role;
|
2008-07-14 18:13:46 +00:00
|
|
|
conn->mode = HCI_CM_ACTIVE;
|
|
|
|
|
conn->state = BT_OPEN;
|
2009-09-03 09:34:19 +00:00
|
|
|
conn->auth_type = HCI_AT_GENERAL_BONDING;
|
2011-01-25 11:28:33 +00:00
|
|
|
conn->io_capability = hdev->io_capability;
|
2011-02-19 15:06:01 +00:00
|
|
|
conn->remote_auth = 0xff;
|
2011-04-28 10:07:55 +00:00
|
|
|
conn->key_type = 0xff;
|
2014-05-09 19:35:28 +00:00
|
|
|
conn->tx_power = HCI_TX_POWER_INVALID;
|
2014-05-14 11:43:05 +00:00
|
|
|
conn->max_tx_power = HCI_TX_POWER_INVALID;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-01-16 04:47:28 +00:00
|
|
|
set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
|
2009-04-26 18:01:22 +00:00
|
|
|
conn->disc_timeout = HCI_DISCONN_TIMEOUT;
|
2006-07-03 08:02:33 +00:00
|
|
|
|
2014-07-16 08:56:07 +00:00
|
|
|
if (conn->role == HCI_ROLE_MASTER)
|
|
|
|
|
conn->out = true;
|
|
|
|
|
|
2008-07-14 18:13:46 +00:00
|
|
|
switch (type) {
|
|
|
|
|
case ACL_LINK:
|
|
|
|
|
conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
|
|
|
|
|
break;
|
2014-03-24 18:21:50 +00:00
|
|
|
case LE_LINK:
|
|
|
|
|
/* conn->src should reflect the local identity address */
|
|
|
|
|
hci_copy_identity_address(hdev, &conn->src, &conn->src_type);
|
|
|
|
|
break;
|
2008-07-14 18:13:46 +00:00
|
|
|
case SCO_LINK:
|
|
|
|
|
if (lmp_esco_capable(hdev))
|
2009-02-06 08:13:37 +00:00
|
|
|
conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
|
|
|
|
|
(hdev->esco_type & EDR_ESCO_MASK);
|
2008-07-14 18:13:46 +00:00
|
|
|
else
|
|
|
|
|
conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
|
|
|
|
|
break;
|
|
|
|
|
case ESCO_LINK:
|
2009-02-06 08:13:37 +00:00
|
|
|
conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
|
2008-07-14 18:13:46 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
skb_queue_head_init(&conn->data_q);
|
2006-07-03 08:02:33 +00:00
|
|
|
|
2012-02-22 11:06:43 +00:00
|
|
|
INIT_LIST_HEAD(&conn->chan_list);
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2011-06-17 16:03:21 +00:00
|
|
|
INIT_DELAYED_WORK(&conn->disc_work, hci_conn_timeout);
|
2013-10-16 15:11:39 +00:00
|
|
|
INIT_DELAYED_WORK(&conn->auto_accept_work, hci_conn_auto_accept);
|
2013-10-16 15:11:40 +00:00
|
|
|
INIT_DELAYED_WORK(&conn->idle_work, hci_conn_idle);
|
2014-02-28 15:45:46 +00:00
|
|
|
INIT_DELAYED_WORK(&conn->le_conn_timeout, le_conn_timeout);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
atomic_set(&conn->refcnt, 0);
|
|
|
|
|
|
|
|
|
|
hci_dev_hold(hdev);
|
|
|
|
|
|
|
|
|
|
hci_conn_hash_add(hdev, conn);
|
2011-12-15 00:58:44 +00:00
|
|
|
if (hdev->notify)
|
2005-04-16 22:20:36 +00:00
|
|
|
hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
|
|
|
|
|
|
2009-05-03 01:24:06 +00:00
|
|
|
hci_conn_init_sysfs(conn);
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return conn;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int hci_conn_del(struct hci_conn *conn)
|
|
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("%s hcon %p handle %d", hdev->name, conn, conn->handle);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2011-06-17 16:03:21 +00:00
|
|
|
cancel_delayed_work_sync(&conn->disc_work);
|
2013-10-16 15:11:39 +00:00
|
|
|
cancel_delayed_work_sync(&conn->auto_accept_work);
|
2013-10-16 15:11:40 +00:00
|
|
|
cancel_delayed_work_sync(&conn->idle_work);
|
2011-04-28 18:28:54 +00:00
|
|
|
|
2007-07-11 07:51:55 +00:00
|
|
|
if (conn->type == ACL_LINK) {
|
2005-04-16 22:20:36 +00:00
|
|
|
struct hci_conn *sco = conn->link;
|
|
|
|
|
if (sco)
|
|
|
|
|
sco->link = NULL;
|
|
|
|
|
|
|
|
|
|
/* Unacked frames */
|
|
|
|
|
hdev->acl_cnt += conn->sent;
|
2011-02-11 01:38:48 +00:00
|
|
|
} else if (conn->type == LE_LINK) {
|
2014-10-28 21:23:26 +00:00
|
|
|
cancel_delayed_work(&conn->le_conn_timeout);
|
2014-02-28 15:45:46 +00:00
|
|
|
|
2011-02-11 01:38:48 +00:00
|
|
|
if (hdev->le_pkts)
|
|
|
|
|
hdev->le_cnt += conn->sent;
|
|
|
|
|
else
|
|
|
|
|
hdev->acl_cnt += conn->sent;
|
2007-07-11 07:51:55 +00:00
|
|
|
} else {
|
|
|
|
|
struct hci_conn *acl = conn->link;
|
|
|
|
|
if (acl) {
|
|
|
|
|
acl->link = NULL;
|
2013-04-06 18:28:37 +00:00
|
|
|
hci_conn_drop(acl);
|
2007-07-11 07:51:55 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2011-12-14 15:02:51 +00:00
|
|
|
hci_chan_list_flush(conn);
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2012-05-29 10:59:02 +00:00
|
|
|
if (conn->amp_mgr)
|
|
|
|
|
amp_mgr_put(conn->amp_mgr);
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
hci_conn_hash_del(hdev, conn);
|
2011-12-15 00:58:44 +00:00
|
|
|
if (hdev->notify)
|
2005-04-16 22:20:36 +00:00
|
|
|
hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
|
2008-07-14 18:13:51 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
skb_queue_purge(&conn->data_q);
|
|
|
|
|
|
Bluetooth: remove unneeded hci_conn_hold/put_device()
hci_conn_hold/put_device() is used to control when hci_conn->dev is no
longer needed and can be deleted from the system. Lets first look how they
are currently used throughout the code (excluding HIDP!).
All code that uses hci_conn_hold_device() looks like this:
...
hci_conn_hold_device();
hci_conn_add_sysfs();
...
On the other side, hci_conn_put_device() is exclusively used in
hci_conn_del().
So, considering that hci_conn_del() must not be called twice (which would
fail horribly), we know that hci_conn_put_device() is only called _once_
(which is in hci_conn_del()).
On the other hand, hci_conn_add_sysfs() must not be called twice, either
(it would call device_add twice, which breaks the device, see
drivers/base/core.c). So we know that hci_conn_hold_device() is also
called only once (it's only called directly before hci_conn_add_sysfs()).
So hold and put are known to be called only once. That means we can safely
remove them and directly call hci_conn_del_sysfs() in hci_conn_del().
But there is one issue left: HIDP also uses hci_conn_hold/put_device().
However, this case can be ignored and simply removed as it is totally
broken. The issue is, the only thing HIDP delays with
hci_conn_hold_device() is the removal of the hci_conn->dev from sysfs.
But, the hci_conn device has no mechanism to get notified when its own
parent (hci_dev) gets removed from sysfs. hci_dev_hold/put() does _not_
control when it is removed but only when the device object is created
and destroyed.
And hci_dev calls hci_conn_flush_*() when it removes itself from sysfs,
which itself causes hci_conn_del() to be called, but it does _not_ cause
hci_conn_del_sysfs() to be called, which is wrong.
Hence, we fix it to call hci_conn_del_sysfs() in hci_conn_del(). This
guarantees that a hci_conn object is removed from sysfs _before_ its
parent hci_dev is removed.
The changes to HIDP look scary, wrong and broken. However, if you look at
the HIDP session management, you will notice they're already broken in the
exact _same_ way (ever tried "unplugging" HIDP devices? Breaks _all_ the
time).
So this patch only makes HIDP look _scary_ and _obviously broken_. It does
not break HIDP itself, it already is!
See later patches in this series which fix HIDP to use proper
session-management.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-06 18:28:38 +00:00
|
|
|
hci_conn_del_sysfs(conn);
|
2009-02-21 08:13:34 +00:00
|
|
|
|
2014-10-11 21:44:47 +00:00
|
|
|
if (test_bit(HCI_CONN_PARAM_REMOVAL_PEND, &conn->flags))
|
|
|
|
|
hci_conn_params_del(conn->hdev, &conn->dst, conn->dst_type);
|
|
|
|
|
|
2009-05-09 01:20:43 +00:00
|
|
|
hci_dev_put(hdev);
|
|
|
|
|
|
Bluetooth: introduce hci_conn ref-counting
We currently do not allow using hci_conn from outside of HCI-core.
However, several other users could make great use of it. This includes
HIDP, rfcomm and all other sub-protocols that rely on an active
connection.
Hence, we now introduce hci_conn ref-counting. We currently never call
get_device(). put_device() is exclusively used in hci_conn_del_sysfs().
Hence, we currently never have a greater device-refcnt than 1.
Therefore, it is safe to move the put_device() call from
hci_conn_del_sysfs() to hci_conn_del() (it's the only caller). In fact,
this even fixes a "use-after-free" bug as we access hci_conn after calling
hci_conn_del_sysfs() in hci_conn_del().
From now on we can add references to hci_conn objects in other layers
(like l2cap_sock, HIDP, rfcomm, ...) and grab a reference via
hci_conn_get(). This does _not_ guarantee, that the connection is still
alive. But, this isn't what we want. We can simply lock the hci_conn
device and use "device_is_registered(hci_conn->dev)" to test that.
However, this is hardly necessary as outside users should never rely on
the HCI connection to be alive, anyway. Instead, they should solely rely
on the device-object to be available.
But if sub-devices want the hci_conn object as sysfs parent, they need to
be notified when the connection drops. This will be introduced in later
patches with l2cap_users.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-06 18:28:39 +00:00
|
|
|
hci_conn_put(conn);
|
2011-06-30 19:30:44 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
|
|
|
|
|
{
|
|
|
|
|
int use_src = bacmp(src, BDADDR_ANY);
|
2011-11-01 08:58:56 +00:00
|
|
|
struct hci_dev *hdev = NULL, *d;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-09-25 09:49:43 +00:00
|
|
|
BT_DBG("%pMR -> %pMR", src, dst);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2011-12-22 18:30:27 +00:00
|
|
|
read_lock(&hci_dev_list_lock);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2011-11-01 08:58:56 +00:00
|
|
|
list_for_each_entry(d, &hci_dev_list, list) {
|
2012-05-23 07:04:21 +00:00
|
|
|
if (!test_bit(HCI_UP, &d->flags) ||
|
2013-09-04 01:08:37 +00:00
|
|
|
test_bit(HCI_USER_CHANNEL, &d->dev_flags) ||
|
2012-06-19 12:21:21 +00:00
|
|
|
d->dev_type != HCI_BREDR)
|
2005-04-16 22:20:36 +00:00
|
|
|
continue;
|
|
|
|
|
|
2007-02-09 14:24:33 +00:00
|
|
|
/* Simple routing:
|
2005-04-16 22:20:36 +00:00
|
|
|
* No source address - find interface with bdaddr != dst
|
|
|
|
|
* Source address - find interface with bdaddr == src
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
if (use_src) {
|
|
|
|
|
if (!bacmp(&d->bdaddr, src)) {
|
|
|
|
|
hdev = d; break;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (bacmp(&d->bdaddr, dst)) {
|
|
|
|
|
hdev = d; break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (hdev)
|
|
|
|
|
hdev = hci_dev_hold(hdev);
|
|
|
|
|
|
2011-12-22 18:30:27 +00:00
|
|
|
read_unlock(&hci_dev_list_lock);
|
2005-04-16 22:20:36 +00:00
|
|
|
return hdev;
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(hci_get_route);
|
|
|
|
|
|
2014-01-30 21:22:08 +00:00
|
|
|
/* This function requires the caller holds hdev->lock */
|
2014-02-26 23:21:41 +00:00
|
|
|
void hci_le_conn_failed(struct hci_conn *conn, u8 status)
|
2014-01-30 21:22:08 +00:00
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
2014-08-15 18:06:54 +00:00
|
|
|
struct hci_conn_params *params;
|
|
|
|
|
|
|
|
|
|
params = hci_pend_le_action_lookup(&hdev->pend_le_conns, &conn->dst,
|
|
|
|
|
conn->dst_type);
|
|
|
|
|
if (params && params->conn) {
|
|
|
|
|
hci_conn_drop(params->conn);
|
2014-08-17 20:28:57 +00:00
|
|
|
hci_conn_put(params->conn);
|
2014-08-15 18:06:54 +00:00
|
|
|
params->conn = NULL;
|
|
|
|
|
}
|
2014-01-30 21:22:08 +00:00
|
|
|
|
|
|
|
|
conn->state = BT_CLOSED;
|
|
|
|
|
|
|
|
|
|
mgmt_connect_failed(hdev, &conn->dst, conn->type, conn->dst_type,
|
|
|
|
|
status);
|
|
|
|
|
|
|
|
|
|
hci_proto_connect_cfm(conn, status);
|
|
|
|
|
|
|
|
|
|
hci_conn_del(conn);
|
Bluetooth: Introduce LE auto connection infrastructure
This patch introduces the LE auto connection infrastructure which
will be used to implement the LE auto connection options.
In summary, the auto connection mechanism works as follows: Once the
first pending LE connection is created, the background scanning is
started. When the target device is found in range, the kernel
autonomously starts the connection attempt. If connection is
established successfully, that pending LE connection is deleted and
the background is stopped.
To achieve that, this patch introduces the hci_update_background_scan()
which controls the background scanning state. This function starts or
stops the background scanning based on the hdev->pend_le_conns list. If
there is no pending LE connection, the background scanning is stopped.
Otherwise, we start the background scanning.
Then, every time a pending LE connection is added we call hci_update_
background_scan() so the background scanning is started (in case it is
not already running). Likewise, every time a pending LE connection is
deleted we call hci_update_background_scan() so the background scanning
is stopped (in case this was the last pending LE connection) or it is
started again (in case we have more pending LE connections). Finally,
we also call hci_update_background_scan() in hci_le_conn_failed() so
the background scan is restarted in case the connection establishment
fails. This way the background scanning keeps running until all pending
LE connection are established.
At this point, resolvable addresses are not support by this
infrastructure. The proper support is added in upcoming patches.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-26 23:21:47 +00:00
|
|
|
|
|
|
|
|
/* Since we may have temporarily stopped the background scanning in
|
|
|
|
|
* favor of connection establishment, we should restart it.
|
|
|
|
|
*/
|
|
|
|
|
hci_update_background_scan(hdev);
|
2014-03-25 08:30:49 +00:00
|
|
|
|
|
|
|
|
/* Re-enable advertising in case this was a failed connection
|
|
|
|
|
* attempt as a peripheral.
|
|
|
|
|
*/
|
|
|
|
|
mgmt_reenable_advertising(hdev);
|
2014-01-30 21:22:08 +00:00
|
|
|
}
|
|
|
|
|
|
2013-10-08 11:21:17 +00:00
|
|
|
static void create_le_conn_complete(struct hci_dev *hdev, u8 status)
|
|
|
|
|
{
|
|
|
|
|
struct hci_conn *conn;
|
|
|
|
|
|
|
|
|
|
if (status == 0)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
BT_ERR("HCI request failed to create LE connection: status 0x%2.2x",
|
|
|
|
|
status);
|
|
|
|
|
|
|
|
|
|
hci_dev_lock(hdev);
|
|
|
|
|
|
|
|
|
|
conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
|
|
|
|
|
if (!conn)
|
|
|
|
|
goto done;
|
|
|
|
|
|
2014-02-26 23:21:41 +00:00
|
|
|
hci_le_conn_failed(conn, status);
|
2013-10-08 11:21:17 +00:00
|
|
|
|
|
|
|
|
done:
|
|
|
|
|
hci_dev_unlock(hdev);
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-26 23:21:42 +00:00
|
|
|
static void hci_req_add_le_create_conn(struct hci_request *req,
|
|
|
|
|
struct hci_conn *conn)
|
|
|
|
|
{
|
|
|
|
|
struct hci_cp_le_create_conn cp;
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
u8 own_addr_type;
|
|
|
|
|
|
|
|
|
|
memset(&cp, 0, sizeof(cp));
|
|
|
|
|
|
|
|
|
|
/* Update random address, but set require_privacy to false so
|
|
|
|
|
* that we never connect with an unresolvable address.
|
|
|
|
|
*/
|
|
|
|
|
if (hci_update_random_address(req, false, &own_addr_type))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
cp.scan_interval = cpu_to_le16(hdev->le_scan_interval);
|
|
|
|
|
cp.scan_window = cpu_to_le16(hdev->le_scan_window);
|
|
|
|
|
bacpy(&cp.peer_addr, &conn->dst);
|
|
|
|
|
cp.peer_addr_type = conn->dst_type;
|
|
|
|
|
cp.own_address_type = own_addr_type;
|
|
|
|
|
cp.conn_interval_min = cpu_to_le16(conn->le_conn_min_interval);
|
|
|
|
|
cp.conn_interval_max = cpu_to_le16(conn->le_conn_max_interval);
|
2014-06-29 14:43:27 +00:00
|
|
|
cp.conn_latency = cpu_to_le16(conn->le_conn_latency);
|
|
|
|
|
cp.supervision_timeout = cpu_to_le16(conn->le_supv_timeout);
|
2014-03-12 17:52:35 +00:00
|
|
|
cp.min_ce_len = cpu_to_le16(0x0000);
|
|
|
|
|
cp.max_ce_len = cpu_to_le16(0x0000);
|
2014-02-26 23:21:42 +00:00
|
|
|
|
|
|
|
|
hci_req_add(req, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
|
2014-02-28 10:54:15 +00:00
|
|
|
|
|
|
|
|
conn->state = BT_CONNECT;
|
2014-02-26 23:21:42 +00:00
|
|
|
}
|
|
|
|
|
|
2014-03-25 08:30:49 +00:00
|
|
|
static void hci_req_directed_advertising(struct hci_request *req,
|
|
|
|
|
struct hci_conn *conn)
|
|
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = req->hdev;
|
|
|
|
|
struct hci_cp_le_set_adv_param cp;
|
|
|
|
|
u8 own_addr_type;
|
|
|
|
|
u8 enable;
|
|
|
|
|
|
2014-07-08 12:07:49 +00:00
|
|
|
/* Clear the HCI_LE_ADV bit temporarily so that the
|
2014-03-25 08:30:49 +00:00
|
|
|
* hci_update_random_address knows that it's safe to go ahead
|
|
|
|
|
* and write a new random address. The flag will be set back on
|
|
|
|
|
* as soon as the SET_ADV_ENABLE HCI command completes.
|
|
|
|
|
*/
|
2014-07-08 12:07:49 +00:00
|
|
|
clear_bit(HCI_LE_ADV, &hdev->dev_flags);
|
2014-03-25 08:30:49 +00:00
|
|
|
|
|
|
|
|
/* Set require_privacy to false so that the remote device has a
|
|
|
|
|
* chance of identifying us.
|
|
|
|
|
*/
|
|
|
|
|
if (hci_update_random_address(req, false, &own_addr_type) < 0)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
memset(&cp, 0, sizeof(cp));
|
|
|
|
|
cp.type = LE_ADV_DIRECT_IND;
|
|
|
|
|
cp.own_address_type = own_addr_type;
|
|
|
|
|
cp.direct_addr_type = conn->dst_type;
|
|
|
|
|
bacpy(&cp.direct_addr, &conn->dst);
|
|
|
|
|
cp.channel_map = hdev->le_adv_channel_map;
|
|
|
|
|
|
|
|
|
|
hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp);
|
|
|
|
|
|
|
|
|
|
enable = 0x01;
|
|
|
|
|
hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
|
|
|
|
|
|
|
|
|
|
conn->state = BT_CONNECT;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-26 23:21:44 +00:00
|
|
|
struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst,
|
2014-07-07 12:02:28 +00:00
|
|
|
u8 dst_type, u8 sec_level, u16 conn_timeout,
|
2014-07-16 08:42:28 +00:00
|
|
|
u8 role)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2014-02-03 16:56:19 +00:00
|
|
|
struct hci_conn_params *params;
|
2013-10-03 21:25:44 +00:00
|
|
|
struct hci_conn *conn;
|
2014-02-18 19:41:36 +00:00
|
|
|
struct smp_irk *irk;
|
2014-02-26 23:21:42 +00:00
|
|
|
struct hci_request req;
|
2013-10-08 11:21:17 +00:00
|
|
|
int err;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2013-10-08 11:21:18 +00:00
|
|
|
/* Some devices send ATT messages as soon as the physical link is
|
|
|
|
|
* established. To be able to handle these ATT messages, the user-
|
|
|
|
|
* space first establishes the connection and then starts the pairing
|
|
|
|
|
* process.
|
|
|
|
|
*
|
|
|
|
|
* So if a hci_conn object already exists for the following connection
|
|
|
|
|
* attempt, we simply update pending_sec_level and auth_type fields
|
|
|
|
|
* and return the object found.
|
|
|
|
|
*/
|
2013-10-03 21:25:44 +00:00
|
|
|
conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
|
2013-10-08 11:21:18 +00:00
|
|
|
if (conn) {
|
|
|
|
|
conn->pending_sec_level = sec_level;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
2012-05-30 13:39:21 +00:00
|
|
|
|
2013-10-08 11:21:18 +00:00
|
|
|
/* Since the controller supports only one LE connection attempt at a
|
|
|
|
|
* time, we return -EBUSY if there is any connection attempt running.
|
|
|
|
|
*/
|
|
|
|
|
conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
|
|
|
|
|
if (conn)
|
|
|
|
|
return ERR_PTR(-EBUSY);
|
2013-10-03 21:25:45 +00:00
|
|
|
|
2014-02-18 23:13:43 +00:00
|
|
|
/* When given an identity address with existing identity
|
|
|
|
|
* resolving key, the connection needs to be established
|
|
|
|
|
* to a resolvable random address.
|
|
|
|
|
*
|
|
|
|
|
* This uses the cached random resolvable address from
|
|
|
|
|
* a previous scan. When no cached address is available,
|
|
|
|
|
* try connecting to the identity address instead.
|
|
|
|
|
*
|
|
|
|
|
* Storing the resolvable random address is required here
|
|
|
|
|
* to handle connection failures. The address will later
|
|
|
|
|
* be resolved back into the original identity address
|
|
|
|
|
* from the connect request.
|
|
|
|
|
*/
|
2014-02-18 19:41:36 +00:00
|
|
|
irk = hci_find_irk_by_addr(hdev, dst, dst_type);
|
|
|
|
|
if (irk && bacmp(&irk->rpa, BDADDR_ANY)) {
|
|
|
|
|
dst = &irk->rpa;
|
|
|
|
|
dst_type = ADDR_LE_DEV_RANDOM;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-16 08:56:07 +00:00
|
|
|
conn = hci_conn_add(hdev, LE_LINK, dst, role);
|
2013-10-08 11:21:18 +00:00
|
|
|
if (!conn)
|
|
|
|
|
return ERR_PTR(-ENOMEM);
|
2012-04-20 18:46:08 +00:00
|
|
|
|
2014-02-18 19:41:36 +00:00
|
|
|
conn->dst_type = dst_type;
|
2013-10-08 11:21:18 +00:00
|
|
|
conn->sec_level = BT_SECURITY_LOW;
|
2013-10-03 21:25:44 +00:00
|
|
|
conn->pending_sec_level = sec_level;
|
2014-07-06 10:41:15 +00:00
|
|
|
conn->conn_timeout = conn_timeout;
|
2014-02-03 16:56:19 +00:00
|
|
|
|
2014-03-25 08:30:49 +00:00
|
|
|
hci_req_init(&req, hdev);
|
|
|
|
|
|
2014-07-08 12:07:52 +00:00
|
|
|
/* Disable advertising if we're active. For master role
|
|
|
|
|
* connections most controllers will refuse to connect if
|
|
|
|
|
* advertising is enabled, and for slave role connections we
|
|
|
|
|
* anyway have to disable it in order to start directed
|
|
|
|
|
* advertising.
|
|
|
|
|
*/
|
|
|
|
|
if (test_bit(HCI_LE_ADV, &hdev->dev_flags)) {
|
|
|
|
|
u8 enable = 0x00;
|
|
|
|
|
hci_req_add(&req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable),
|
|
|
|
|
&enable);
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-07 12:02:28 +00:00
|
|
|
/* If requested to connect as slave use directed advertising */
|
2014-07-16 08:42:28 +00:00
|
|
|
if (conn->role == HCI_ROLE_SLAVE) {
|
2014-07-08 12:07:53 +00:00
|
|
|
/* If we're active scanning most controllers are unable
|
|
|
|
|
* to initiate advertising. Simply reject the attempt.
|
|
|
|
|
*/
|
|
|
|
|
if (test_bit(HCI_LE_SCAN, &hdev->dev_flags) &&
|
|
|
|
|
hdev->le_scan_type == LE_SCAN_ACTIVE) {
|
|
|
|
|
skb_queue_purge(&req.cmd_q);
|
|
|
|
|
hci_conn_del(conn);
|
|
|
|
|
return ERR_PTR(-EBUSY);
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-25 08:30:49 +00:00
|
|
|
hci_req_directed_advertising(&req, conn);
|
|
|
|
|
goto create_conn;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-03 16:56:19 +00:00
|
|
|
params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
|
|
|
|
|
if (params) {
|
|
|
|
|
conn->le_conn_min_interval = params->conn_min_interval;
|
|
|
|
|
conn->le_conn_max_interval = params->conn_max_interval;
|
2014-06-29 14:43:27 +00:00
|
|
|
conn->le_conn_latency = params->conn_latency;
|
|
|
|
|
conn->le_supv_timeout = params->supervision_timeout;
|
2014-02-03 16:56:19 +00:00
|
|
|
} else {
|
|
|
|
|
conn->le_conn_min_interval = hdev->le_conn_min_interval;
|
|
|
|
|
conn->le_conn_max_interval = hdev->le_conn_max_interval;
|
2014-06-30 10:34:36 +00:00
|
|
|
conn->le_conn_latency = hdev->le_conn_latency;
|
|
|
|
|
conn->le_supv_timeout = hdev->le_supv_timeout;
|
2014-02-03 16:56:19 +00:00
|
|
|
}
|
2011-05-31 17:20:56 +00:00
|
|
|
|
2014-02-26 23:21:42 +00:00
|
|
|
/* If controller is scanning, we stop it since some controllers are
|
2014-02-28 18:26:13 +00:00
|
|
|
* not able to scan and connect at the same time. Also set the
|
|
|
|
|
* HCI_LE_SCAN_INTERRUPTED flag so that the command complete
|
|
|
|
|
* handler for scan disabling knows to set the correct discovery
|
|
|
|
|
* state.
|
2014-02-26 23:21:42 +00:00
|
|
|
*/
|
|
|
|
|
if (test_bit(HCI_LE_SCAN, &hdev->dev_flags)) {
|
|
|
|
|
hci_req_add_le_scan_disable(&req);
|
2014-02-28 18:26:13 +00:00
|
|
|
set_bit(HCI_LE_SCAN_INTERRUPTED, &hdev->dev_flags);
|
2014-02-26 23:21:42 +00:00
|
|
|
}
|
|
|
|
|
|
2014-02-28 18:26:13 +00:00
|
|
|
hci_req_add_le_create_conn(&req, conn);
|
|
|
|
|
|
2014-03-25 08:30:49 +00:00
|
|
|
create_conn:
|
2014-02-28 18:26:13 +00:00
|
|
|
err = hci_req_run(&req, create_le_conn_complete);
|
2014-02-26 23:21:42 +00:00
|
|
|
if (err) {
|
|
|
|
|
hci_conn_del(conn);
|
2013-10-08 11:21:18 +00:00
|
|
|
return ERR_PTR(err);
|
2014-02-26 23:21:42 +00:00
|
|
|
}
|
2011-02-11 01:38:47 +00:00
|
|
|
|
2013-10-08 11:21:18 +00:00
|
|
|
done:
|
|
|
|
|
hci_conn_hold(conn);
|
2013-10-03 21:25:44 +00:00
|
|
|
return conn;
|
2012-07-27 22:32:56 +00:00
|
|
|
}
|
2011-02-11 01:38:47 +00:00
|
|
|
|
2014-02-26 23:21:44 +00:00
|
|
|
struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst,
|
|
|
|
|
u8 sec_level, u8 auth_type)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
|
struct hci_conn *acl;
|
2011-02-11 01:38:47 +00:00
|
|
|
|
2013-10-02 10:43:13 +00:00
|
|
|
if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
|
2014-07-18 08:15:26 +00:00
|
|
|
return ERR_PTR(-EOPNOTSUPP);
|
2013-10-02 10:43:13 +00:00
|
|
|
|
2010-12-01 14:58:25 +00:00
|
|
|
acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
|
|
|
|
|
if (!acl) {
|
2014-07-16 08:56:07 +00:00
|
|
|
acl = hci_conn_add(hdev, ACL_LINK, dst, HCI_ROLE_MASTER);
|
2010-12-01 14:58:25 +00:00
|
|
|
if (!acl)
|
2012-02-19 12:06:48 +00:00
|
|
|
return ERR_PTR(-ENOMEM);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hci_conn_hold(acl);
|
|
|
|
|
|
2008-09-09 05:19:20 +00:00
|
|
|
if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
|
2011-01-19 06:36:52 +00:00
|
|
|
acl->sec_level = BT_SECURITY_LOW;
|
|
|
|
|
acl->pending_sec_level = sec_level;
|
2008-09-09 05:19:20 +00:00
|
|
|
acl->auth_type = auth_type;
|
2012-07-27 22:32:55 +00:00
|
|
|
hci_acl_create_connection(acl);
|
2008-09-09 05:19:20 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-07-29 01:35:59 +00:00
|
|
|
return acl;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-19 12:23:59 +00:00
|
|
|
struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type, bdaddr_t *dst,
|
|
|
|
|
__u16 setting)
|
2012-07-29 01:35:59 +00:00
|
|
|
{
|
|
|
|
|
struct hci_conn *acl;
|
|
|
|
|
struct hci_conn *sco;
|
|
|
|
|
|
2013-08-19 12:23:54 +00:00
|
|
|
acl = hci_connect_acl(hdev, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING);
|
2012-07-29 01:35:59 +00:00
|
|
|
if (IS_ERR(acl))
|
2007-07-11 07:51:55 +00:00
|
|
|
return acl;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2010-12-01 14:58:25 +00:00
|
|
|
sco = hci_conn_hash_lookup_ba(hdev, type, dst);
|
|
|
|
|
if (!sco) {
|
2014-07-16 08:56:07 +00:00
|
|
|
sco = hci_conn_add(hdev, type, dst, HCI_ROLE_MASTER);
|
2010-12-01 14:58:25 +00:00
|
|
|
if (!sco) {
|
2013-04-06 18:28:37 +00:00
|
|
|
hci_conn_drop(acl);
|
2012-02-19 12:06:48 +00:00
|
|
|
return ERR_PTR(-ENOMEM);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2007-07-11 07:51:55 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2007-07-11 07:51:55 +00:00
|
|
|
acl->link = sco;
|
|
|
|
|
sco->link = acl;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2007-07-11 07:51:55 +00:00
|
|
|
hci_conn_hold(sco);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2013-08-19 12:23:59 +00:00
|
|
|
sco->setting = setting;
|
|
|
|
|
|
2007-07-11 07:51:55 +00:00
|
|
|
if (acl->state == BT_CONNECTED &&
|
2012-05-17 03:36:25 +00:00
|
|
|
(sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
|
2012-01-16 04:47:28 +00:00
|
|
|
set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
|
2011-05-24 01:06:04 +00:00
|
|
|
hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
|
2009-11-13 22:16:32 +00:00
|
|
|
|
2012-01-16 04:10:31 +00:00
|
|
|
if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->flags)) {
|
2010-07-26 14:06:00 +00:00
|
|
|
/* defer SCO setup until mode change completed */
|
2012-01-16 04:10:31 +00:00
|
|
|
set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->flags);
|
2010-07-26 14:06:00 +00:00
|
|
|
return sco;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hci_sco_setup(acl, 0x00);
|
2007-10-20 12:55:10 +00:00
|
|
|
}
|
2007-07-11 07:51:55 +00:00
|
|
|
|
|
|
|
|
return sco;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-09 05:19:20 +00:00
|
|
|
/* Check link security requirement */
|
|
|
|
|
int hci_conn_check_link_mode(struct hci_conn *conn)
|
|
|
|
|
{
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2008-09-09 05:19:20 +00:00
|
|
|
|
2014-03-19 21:10:25 +00:00
|
|
|
/* In Secure Connections Only mode, it is required that Secure
|
|
|
|
|
* Connections is used and the link is encrypted with AES-CCM
|
|
|
|
|
* using a P-256 authenticated combination key.
|
|
|
|
|
*/
|
|
|
|
|
if (test_bit(HCI_SC_ONLY, &conn->hdev->flags)) {
|
|
|
|
|
if (!hci_conn_sc_enabled(conn) ||
|
|
|
|
|
!test_bit(HCI_CONN_AES_CCM, &conn->flags) ||
|
|
|
|
|
conn->key_type != HCI_LK_AUTH_COMBINATION_P256)
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-24 14:03:50 +00:00
|
|
|
if (hci_conn_ssp_enabled(conn) &&
|
|
|
|
|
!test_bit(HCI_CONN_ENCRYPT, &conn->flags))
|
2008-09-09 05:19:20 +00:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/* Authenticate remote device */
|
2009-02-09 01:48:38 +00:00
|
|
|
static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2011-01-19 06:36:52 +00:00
|
|
|
if (conn->pending_sec_level > sec_level)
|
|
|
|
|
sec_level = conn->pending_sec_level;
|
|
|
|
|
|
2009-02-12 15:23:03 +00:00
|
|
|
if (sec_level > conn->sec_level)
|
2011-01-19 06:36:52 +00:00
|
|
|
conn->pending_sec_level = sec_level;
|
2014-06-24 14:03:50 +00:00
|
|
|
else if (test_bit(HCI_CONN_AUTH, &conn->flags))
|
2005-04-16 22:20:36 +00:00
|
|
|
return 1;
|
|
|
|
|
|
2011-01-19 06:36:49 +00:00
|
|
|
/* Make sure we preserve an existing MITM requirement*/
|
|
|
|
|
auth_type |= (conn->auth_type & 0x01);
|
|
|
|
|
|
2009-02-12 15:23:03 +00:00
|
|
|
conn->auth_type = auth_type;
|
|
|
|
|
|
2012-01-16 04:10:31 +00:00
|
|
|
if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
|
2005-04-16 22:20:36 +00:00
|
|
|
struct hci_cp_auth_requested cp;
|
2012-01-13 14:11:30 +00:00
|
|
|
|
2007-03-26 03:12:50 +00:00
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
2008-07-14 18:13:50 +00:00
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
|
2012-05-17 03:36:25 +00:00
|
|
|
sizeof(cp), &cp);
|
2014-04-11 19:02:32 +00:00
|
|
|
|
|
|
|
|
/* If we're already encrypted set the REAUTH_PEND flag,
|
|
|
|
|
* otherwise set the ENCRYPT_PEND.
|
|
|
|
|
*/
|
2014-06-24 14:03:50 +00:00
|
|
|
if (test_bit(HCI_CONN_ENCRYPT, &conn->flags))
|
2012-01-16 04:10:31 +00:00
|
|
|
set_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
|
2014-04-11 19:02:32 +00:00
|
|
|
else
|
|
|
|
|
set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2009-01-15 20:58:04 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2011-04-28 10:07:55 +00:00
|
|
|
/* Encrypt the the link */
|
|
|
|
|
static void hci_conn_encrypt(struct hci_conn *conn)
|
|
|
|
|
{
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2011-04-28 10:07:55 +00:00
|
|
|
|
2012-01-16 04:10:31 +00:00
|
|
|
if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
|
2011-04-28 10:07:55 +00:00
|
|
|
struct hci_cp_set_conn_encrypt cp;
|
|
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
|
|
|
|
cp.encrypt = 0x01;
|
|
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
|
2012-05-17 03:36:25 +00:00
|
|
|
&cp);
|
2011-04-28 10:07:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-15 20:58:04 +00:00
|
|
|
/* Enable security */
|
2014-07-17 12:35:38 +00:00
|
|
|
int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type,
|
|
|
|
|
bool initiator)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-08-24 00:32:44 +00:00
|
|
|
if (conn->type == LE_LINK)
|
|
|
|
|
return smp_conn_security(conn, sec_level);
|
|
|
|
|
|
2011-04-28 10:07:55 +00:00
|
|
|
/* For sdp we don't need the link key. */
|
2009-01-15 20:58:04 +00:00
|
|
|
if (sec_level == BT_SECURITY_SDP)
|
|
|
|
|
return 1;
|
|
|
|
|
|
2011-04-28 10:07:55 +00:00
|
|
|
/* For non 2.1 devices and low security level we don't need the link
|
|
|
|
|
key. */
|
2012-01-18 19:33:12 +00:00
|
|
|
if (sec_level == BT_SECURITY_LOW && !hci_conn_ssp_enabled(conn))
|
2009-04-28 16:04:55 +00:00
|
|
|
return 1;
|
2009-01-15 20:58:04 +00:00
|
|
|
|
2011-04-28 10:07:55 +00:00
|
|
|
/* For other security levels we need the link key. */
|
2014-06-24 14:03:50 +00:00
|
|
|
if (!test_bit(HCI_CONN_AUTH, &conn->flags))
|
2011-04-28 10:07:55 +00:00
|
|
|
goto auth;
|
|
|
|
|
|
2014-01-16 06:37:39 +00:00
|
|
|
/* An authenticated FIPS approved combination key has sufficient
|
|
|
|
|
* security for security level 4. */
|
|
|
|
|
if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256 &&
|
|
|
|
|
sec_level == BT_SECURITY_FIPS)
|
|
|
|
|
goto encrypt;
|
|
|
|
|
|
|
|
|
|
/* An authenticated combination key has sufficient security for
|
|
|
|
|
security level 3. */
|
|
|
|
|
if ((conn->key_type == HCI_LK_AUTH_COMBINATION_P192 ||
|
|
|
|
|
conn->key_type == HCI_LK_AUTH_COMBINATION_P256) &&
|
|
|
|
|
sec_level == BT_SECURITY_HIGH)
|
2011-04-28 10:07:55 +00:00
|
|
|
goto encrypt;
|
|
|
|
|
|
|
|
|
|
/* An unauthenticated combination key has sufficient security for
|
|
|
|
|
security level 1 and 2. */
|
2014-01-10 10:07:20 +00:00
|
|
|
if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 ||
|
|
|
|
|
conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) &&
|
2012-05-17 03:36:25 +00:00
|
|
|
(sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
|
2011-04-28 10:07:55 +00:00
|
|
|
goto encrypt;
|
|
|
|
|
|
|
|
|
|
/* A combination key has always sufficient security for the security
|
|
|
|
|
levels 1 or 2. High security level requires the combination key
|
|
|
|
|
is generated using maximum PIN code length (16).
|
|
|
|
|
For pre 2.1 units. */
|
|
|
|
|
if (conn->key_type == HCI_LK_COMBINATION &&
|
2014-01-16 06:37:39 +00:00
|
|
|
(sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW ||
|
|
|
|
|
conn->pin_length == 16))
|
2011-04-28 10:07:55 +00:00
|
|
|
goto encrypt;
|
|
|
|
|
|
|
|
|
|
auth:
|
2012-01-16 04:10:31 +00:00
|
|
|
if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
|
2014-07-17 12:35:39 +00:00
|
|
|
if (initiator)
|
|
|
|
|
set_bit(HCI_CONN_AUTH_INITIATOR, &conn->flags);
|
|
|
|
|
|
2011-06-13 12:37:35 +00:00
|
|
|
if (!hci_conn_auth(conn, sec_level, auth_type))
|
|
|
|
|
return 0;
|
2011-04-28 10:07:55 +00:00
|
|
|
|
|
|
|
|
encrypt:
|
2014-06-24 14:03:50 +00:00
|
|
|
if (test_bit(HCI_CONN_ENCRYPT, &conn->flags))
|
2011-04-28 10:07:55 +00:00
|
|
|
return 1;
|
2009-01-15 20:58:04 +00:00
|
|
|
|
2011-04-28 10:07:55 +00:00
|
|
|
hci_conn_encrypt(conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2009-01-15 20:58:04 +00:00
|
|
|
EXPORT_SYMBOL(hci_conn_security);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2011-05-06 07:42:31 +00:00
|
|
|
/* Check secure link requirement */
|
|
|
|
|
int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
|
|
|
|
|
{
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2011-05-06 07:42:31 +00:00
|
|
|
|
2014-02-01 19:32:25 +00:00
|
|
|
/* Accept if non-secure or higher security level is required */
|
|
|
|
|
if (sec_level != BT_SECURITY_HIGH && sec_level != BT_SECURITY_FIPS)
|
|
|
|
|
return 1;
|
2011-05-06 07:42:31 +00:00
|
|
|
|
2014-02-01 19:32:25 +00:00
|
|
|
/* Accept if secure or higher security level is already present */
|
|
|
|
|
if (conn->sec_level == BT_SECURITY_HIGH ||
|
|
|
|
|
conn->sec_level == BT_SECURITY_FIPS)
|
2011-05-06 07:42:31 +00:00
|
|
|
return 1;
|
|
|
|
|
|
2014-02-01 19:32:25 +00:00
|
|
|
/* Reject not secure link */
|
|
|
|
|
return 0;
|
2011-05-06 07:42:31 +00:00
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(hci_conn_check_secure);
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/* Change link key */
|
|
|
|
|
int hci_conn_change_link_key(struct hci_conn *conn)
|
|
|
|
|
{
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-01-16 04:10:31 +00:00
|
|
|
if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
|
2005-04-16 22:20:36 +00:00
|
|
|
struct hci_cp_change_conn_link_key cp;
|
2007-03-26 03:12:50 +00:00
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
2008-07-14 18:13:50 +00:00
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
|
2012-05-17 03:36:25 +00:00
|
|
|
sizeof(cp), &cp);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2009-01-15 20:58:04 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Switch role */
|
2009-01-15 20:58:04 +00:00
|
|
|
int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2014-07-16 08:42:27 +00:00
|
|
|
if (role == conn->role)
|
2005-04-16 22:20:36 +00:00
|
|
|
return 1;
|
|
|
|
|
|
2012-01-16 04:10:31 +00:00
|
|
|
if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->flags)) {
|
2005-04-16 22:20:36 +00:00
|
|
|
struct hci_cp_switch_role cp;
|
|
|
|
|
bacpy(&cp.bdaddr, &conn->dst);
|
|
|
|
|
cp.role = role;
|
2007-10-20 11:33:56 +00:00
|
|
|
hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2009-01-15 20:58:04 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(hci_conn_switch_role);
|
|
|
|
|
|
2006-07-03 08:02:33 +00:00
|
|
|
/* Enter active mode */
|
2011-05-24 01:06:04 +00:00
|
|
|
void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
|
2006-07-03 08:02:33 +00:00
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p mode %d", conn, conn->mode);
|
2006-07-03 08:02:33 +00:00
|
|
|
|
2011-05-24 01:06:04 +00:00
|
|
|
if (conn->mode != HCI_CM_SNIFF)
|
|
|
|
|
goto timer;
|
|
|
|
|
|
2012-01-16 04:47:28 +00:00
|
|
|
if (!test_bit(HCI_CONN_POWER_SAVE, &conn->flags) && !force_active)
|
2006-07-03 08:02:33 +00:00
|
|
|
goto timer;
|
|
|
|
|
|
2012-01-16 04:10:31 +00:00
|
|
|
if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
|
2006-07-03 08:02:33 +00:00
|
|
|
struct hci_cp_exit_sniff_mode cp;
|
2007-03-26 03:12:50 +00:00
|
|
|
cp.handle = cpu_to_le16(conn->handle);
|
2007-10-20 11:33:56 +00:00
|
|
|
hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
|
2006-07-03 08:02:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
timer:
|
|
|
|
|
if (hdev->idle_timeout > 0)
|
2013-10-16 15:11:40 +00:00
|
|
|
queue_delayed_work(hdev->workqueue, &conn->idle_work,
|
|
|
|
|
msecs_to_jiffies(hdev->idle_timeout));
|
2006-07-03 08:02:33 +00:00
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/* Drop all connection on the device */
|
|
|
|
|
void hci_conn_hash_flush(struct hci_dev *hdev)
|
|
|
|
|
{
|
|
|
|
|
struct hci_conn_hash *h = &hdev->conn_hash;
|
2012-02-02 08:32:17 +00:00
|
|
|
struct hci_conn *c, *n;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
BT_DBG("hdev %s", hdev->name);
|
|
|
|
|
|
2012-02-02 08:32:17 +00:00
|
|
|
list_for_each_entry_safe(c, n, &h->list, list) {
|
2005-04-16 22:20:36 +00:00
|
|
|
c->state = BT_CLOSED;
|
|
|
|
|
|
2011-11-07 12:20:25 +00:00
|
|
|
hci_proto_disconn_cfm(c, HCI_ERROR_LOCAL_HOST_TERM);
|
2005-04-16 22:20:36 +00:00
|
|
|
hci_conn_del(c);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2007-10-20 11:33:56 +00:00
|
|
|
/* Check pending connect attempts */
|
|
|
|
|
void hci_conn_check_pending(struct hci_dev *hdev)
|
|
|
|
|
{
|
|
|
|
|
struct hci_conn *conn;
|
|
|
|
|
|
|
|
|
|
BT_DBG("hdev %s", hdev->name);
|
|
|
|
|
|
|
|
|
|
hci_dev_lock(hdev);
|
|
|
|
|
|
|
|
|
|
conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
|
|
|
|
|
if (conn)
|
2012-07-27 22:32:55 +00:00
|
|
|
hci_acl_create_connection(conn);
|
2007-10-20 11:33:56 +00:00
|
|
|
|
|
|
|
|
hci_dev_unlock(hdev);
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-24 14:03:50 +00:00
|
|
|
static u32 get_link_mode(struct hci_conn *conn)
|
|
|
|
|
{
|
|
|
|
|
u32 link_mode = 0;
|
|
|
|
|
|
2014-07-16 08:42:27 +00:00
|
|
|
if (conn->role == HCI_ROLE_MASTER)
|
2014-06-24 14:03:50 +00:00
|
|
|
link_mode |= HCI_LM_MASTER;
|
|
|
|
|
|
|
|
|
|
if (test_bit(HCI_CONN_ENCRYPT, &conn->flags))
|
|
|
|
|
link_mode |= HCI_LM_ENCRYPT;
|
|
|
|
|
|
|
|
|
|
if (test_bit(HCI_CONN_AUTH, &conn->flags))
|
|
|
|
|
link_mode |= HCI_LM_AUTH;
|
|
|
|
|
|
|
|
|
|
if (test_bit(HCI_CONN_SECURE, &conn->flags))
|
|
|
|
|
link_mode |= HCI_LM_SECURE;
|
|
|
|
|
|
|
|
|
|
if (test_bit(HCI_CONN_FIPS, &conn->flags))
|
|
|
|
|
link_mode |= HCI_LM_FIPS;
|
|
|
|
|
|
|
|
|
|
return link_mode;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
int hci_get_conn_list(void __user *arg)
|
|
|
|
|
{
|
2012-05-23 07:04:19 +00:00
|
|
|
struct hci_conn *c;
|
2005-04-16 22:20:36 +00:00
|
|
|
struct hci_conn_list_req req, *cl;
|
|
|
|
|
struct hci_conn_info *ci;
|
|
|
|
|
struct hci_dev *hdev;
|
|
|
|
|
int n = 0, size, err;
|
|
|
|
|
|
|
|
|
|
if (copy_from_user(&req, arg, sizeof(req)))
|
|
|
|
|
return -EFAULT;
|
|
|
|
|
|
|
|
|
|
if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
size = sizeof(req) + req.conn_num * sizeof(*ci);
|
|
|
|
|
|
2010-12-01 14:58:25 +00:00
|
|
|
cl = kmalloc(size, GFP_KERNEL);
|
|
|
|
|
if (!cl)
|
2005-04-16 22:20:36 +00:00
|
|
|
return -ENOMEM;
|
|
|
|
|
|
2010-12-01 14:58:25 +00:00
|
|
|
hdev = hci_dev_get(req.dev_id);
|
|
|
|
|
if (!hdev) {
|
2005-04-16 22:20:36 +00:00
|
|
|
kfree(cl);
|
|
|
|
|
return -ENODEV;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ci = cl->conn_info;
|
|
|
|
|
|
2011-06-17 16:03:21 +00:00
|
|
|
hci_dev_lock(hdev);
|
2011-11-01 08:58:56 +00:00
|
|
|
list_for_each_entry(c, &hdev->conn_hash.list, list) {
|
2005-04-16 22:20:36 +00:00
|
|
|
bacpy(&(ci + n)->bdaddr, &c->dst);
|
|
|
|
|
(ci + n)->handle = c->handle;
|
|
|
|
|
(ci + n)->type = c->type;
|
|
|
|
|
(ci + n)->out = c->out;
|
|
|
|
|
(ci + n)->state = c->state;
|
2014-06-24 14:03:50 +00:00
|
|
|
(ci + n)->link_mode = get_link_mode(c);
|
2005-04-16 22:20:36 +00:00
|
|
|
if (++n >= req.conn_num)
|
|
|
|
|
break;
|
|
|
|
|
}
|
2011-06-17 16:03:21 +00:00
|
|
|
hci_dev_unlock(hdev);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
cl->dev_id = hdev->id;
|
|
|
|
|
cl->conn_num = n;
|
|
|
|
|
size = sizeof(req) + n * sizeof(*ci);
|
|
|
|
|
|
|
|
|
|
hci_dev_put(hdev);
|
|
|
|
|
|
|
|
|
|
err = copy_to_user(arg, cl, size);
|
|
|
|
|
kfree(cl);
|
|
|
|
|
|
|
|
|
|
return err ? -EFAULT : 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
|
|
|
|
|
{
|
|
|
|
|
struct hci_conn_info_req req;
|
|
|
|
|
struct hci_conn_info ci;
|
|
|
|
|
struct hci_conn *conn;
|
|
|
|
|
char __user *ptr = arg + sizeof(req);
|
|
|
|
|
|
|
|
|
|
if (copy_from_user(&req, arg, sizeof(req)))
|
|
|
|
|
return -EFAULT;
|
|
|
|
|
|
2011-06-17 16:03:21 +00:00
|
|
|
hci_dev_lock(hdev);
|
2005-04-16 22:20:36 +00:00
|
|
|
conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
|
|
|
|
|
if (conn) {
|
|
|
|
|
bacpy(&ci.bdaddr, &conn->dst);
|
|
|
|
|
ci.handle = conn->handle;
|
|
|
|
|
ci.type = conn->type;
|
|
|
|
|
ci.out = conn->out;
|
|
|
|
|
ci.state = conn->state;
|
2014-06-24 14:03:50 +00:00
|
|
|
ci.link_mode = get_link_mode(conn);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2011-06-17 16:03:21 +00:00
|
|
|
hci_dev_unlock(hdev);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
if (!conn)
|
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
|
|
return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
|
|
|
|
|
}
|
2008-07-14 18:13:50 +00:00
|
|
|
|
|
|
|
|
int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
|
|
|
|
|
{
|
|
|
|
|
struct hci_auth_info_req req;
|
|
|
|
|
struct hci_conn *conn;
|
|
|
|
|
|
|
|
|
|
if (copy_from_user(&req, arg, sizeof(req)))
|
|
|
|
|
return -EFAULT;
|
|
|
|
|
|
2011-06-17 16:03:21 +00:00
|
|
|
hci_dev_lock(hdev);
|
2008-07-14 18:13:50 +00:00
|
|
|
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
|
|
|
|
|
if (conn)
|
|
|
|
|
req.type = conn->auth_type;
|
2011-06-17 16:03:21 +00:00
|
|
|
hci_dev_unlock(hdev);
|
2008-07-14 18:13:50 +00:00
|
|
|
|
|
|
|
|
if (!conn)
|
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
|
|
return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
|
|
|
|
|
}
|
2011-11-02 13:52:01 +00:00
|
|
|
|
|
|
|
|
struct hci_chan *hci_chan_create(struct hci_conn *conn)
|
|
|
|
|
{
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
struct hci_chan *chan;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("%s hcon %p", hdev->name, conn);
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2014-08-17 21:41:44 +00:00
|
|
|
if (test_bit(HCI_CONN_DROP, &conn->flags)) {
|
|
|
|
|
BT_DBG("Refusing to create new hci_chan");
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-21 07:50:06 +00:00
|
|
|
chan = kzalloc(sizeof(*chan), GFP_KERNEL);
|
2011-11-02 13:52:01 +00:00
|
|
|
if (!chan)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
2014-08-17 21:41:42 +00:00
|
|
|
chan->conn = hci_conn_get(conn);
|
2011-11-02 13:52:01 +00:00
|
|
|
skb_queue_head_init(&chan->data_q);
|
2012-10-23 22:24:13 +00:00
|
|
|
chan->state = BT_CONNECTED;
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2011-12-14 17:08:48 +00:00
|
|
|
list_add_rcu(&chan->list, &conn->chan_list);
|
2011-11-02 13:52:01 +00:00
|
|
|
|
|
|
|
|
return chan;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-06 12:05:43 +00:00
|
|
|
void hci_chan_del(struct hci_chan *chan)
|
2011-11-02 13:52:01 +00:00
|
|
|
{
|
|
|
|
|
struct hci_conn *conn = chan->conn;
|
|
|
|
|
struct hci_dev *hdev = conn->hdev;
|
|
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("%s hcon %p chan %p", hdev->name, conn, chan);
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2011-12-14 17:08:48 +00:00
|
|
|
list_del_rcu(&chan->list);
|
|
|
|
|
|
|
|
|
|
synchronize_rcu();
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2014-08-18 17:33:27 +00:00
|
|
|
/* Prevent new hci_chan's to be created for this hci_conn */
|
2014-08-17 21:41:44 +00:00
|
|
|
set_bit(HCI_CONN_DROP, &conn->flags);
|
2014-08-17 21:41:43 +00:00
|
|
|
|
2014-08-17 21:41:42 +00:00
|
|
|
hci_conn_put(conn);
|
2012-10-25 12:20:51 +00:00
|
|
|
|
2011-11-02 13:52:01 +00:00
|
|
|
skb_queue_purge(&chan->data_q);
|
|
|
|
|
kfree(chan);
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-14 15:02:51 +00:00
|
|
|
void hci_chan_list_flush(struct hci_conn *conn)
|
2011-11-02 13:52:01 +00:00
|
|
|
{
|
2012-02-02 08:32:18 +00:00
|
|
|
struct hci_chan *chan, *n;
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2012-06-15 08:50:28 +00:00
|
|
|
BT_DBG("hcon %p", conn);
|
2011-11-02 13:52:01 +00:00
|
|
|
|
2012-02-02 08:32:18 +00:00
|
|
|
list_for_each_entry_safe(chan, n, &conn->chan_list, list)
|
2011-11-02 13:52:01 +00:00
|
|
|
hci_chan_del(chan);
|
|
|
|
|
}
|
2012-10-10 14:38:28 +00:00
|
|
|
|
|
|
|
|
static struct hci_chan *__hci_chan_lookup_handle(struct hci_conn *hcon,
|
|
|
|
|
__u16 handle)
|
|
|
|
|
{
|
|
|
|
|
struct hci_chan *hchan;
|
|
|
|
|
|
|
|
|
|
list_for_each_entry(hchan, &hcon->chan_list, list) {
|
|
|
|
|
if (hchan->handle == handle)
|
|
|
|
|
return hchan;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct hci_chan *hci_chan_lookup_handle(struct hci_dev *hdev, __u16 handle)
|
|
|
|
|
{
|
|
|
|
|
struct hci_conn_hash *h = &hdev->conn_hash;
|
|
|
|
|
struct hci_conn *hcon;
|
|
|
|
|
struct hci_chan *hchan = NULL;
|
|
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
|
|
|
|
|
|
list_for_each_entry_rcu(hcon, &h->list, list) {
|
|
|
|
|
hchan = __hci_chan_lookup_handle(hcon, handle);
|
|
|
|
|
if (hchan)
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rcu_read_unlock();
|
|
|
|
|
|
|
|
|
|
return hchan;
|
|
|
|
|
}
|