linux-stable/net/bluetooth
Sonny Sasaka d16f05223a Bluetooth: Handle Inquiry Cancel error after Inquiry Complete
[ Upstream commit adf1d69264 ]

After sending Inquiry Cancel command to the controller, it is possible
that Inquiry Complete event comes before Inquiry Cancel command complete
event. In this case the Inquiry Cancel command will have status of
Command Disallowed since there is no Inquiry session to be cancelled.
This case should not be treated as error, otherwise we can reach an
inconsistent state.

Example of a btmon trace when this happened:

< HCI Command: Inquiry Cancel (0x01|0x0002) plen 0
> HCI Event: Inquiry Complete (0x01) plen 1
        Status: Success (0x00)
> HCI Event: Command Complete (0x0e) plen 4
      Inquiry Cancel (0x01|0x0002) ncmd 1
        Status: Command Disallowed (0x0c)

Signed-off-by: Sonny Sasaka <sonnysasaka@chromium.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-10-01 13:12:43 +02:00
..
bnep Bluetooth: bnep: fix possible might sleep error in bnep_session 2017-06-27 19:32:11 +02:00
cmtp Bluetooth: cmtp: fix possible might sleep error in cmtp_session 2017-06-27 19:32:11 +02:00
hidp Bluetooth: hidp: fix buffer overflow 2019-05-10 17:53:15 +02:00
rfcomm Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl 2020-04-13 10:34:35 +02:00
6lowpan.c Bluetooth: add a mutex lock to avoid UAF in do_enale_set 2020-08-21 09:48:04 +02:00
a2mp.c networking: make skb_pull & friends return void pointers 2017-06-16 11:48:39 -04:00
a2mp.h
af_bluetooth.c net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:25:34 +01:00
amp.c Bluetooth: fix assignments on error variable err 2017-04-12 22:02:38 +02:00
amp.h
ecdh_helper.c Bluetooth: Delete error messages for failed memory allocations in two functions 2017-05-22 10:23:41 +02:00
ecdh_helper.h Bluetooth: convert smp and selftest to crypto kpp API 2017-04-25 04:53:42 +02:00
hci_conn.c Bluetooth: Fix memory leak in hci_connect_le_scan 2020-01-09 10:17:57 +01:00
hci_core.c Bluetooth: hci_core: fix init for HCI_USER_CHANNEL 2019-12-31 12:37:12 +01:00
hci_debugfs.c Bluetooth: Add debugfs fields for hardware and firmware info 2016-07-18 09:33:28 +03:00
hci_debugfs.h
hci_event.c Bluetooth: Handle Inquiry Cancel error after Inquiry Complete 2020-10-01 13:12:43 +02:00
hci_request.c Bluetooth: Fix advertising duplicated flags 2019-12-31 12:37:19 +01:00
hci_request.h Bluetooth: Fix append max 11 bytes of name to scan rsp data 2016-10-19 18:42:37 +02:00
hci_sock.c Bluetooth: Fix race condition in hci_release_sock() 2020-02-05 14:18:16 +00:00
hci_sysfs.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig Revert "Bluetooth: Add option for disabling legacy ioctl interfaces" 2017-09-28 13:20:32 -07:00
l2cap_core.c Bluetooth: L2CAP: handle l2cap config request during open state 2020-10-01 13:12:37 +02:00
l2cap_sock.c Bluetooth: prefetch channel before killing sock 2020-10-01 13:12:33 +02:00
leds.c Bluetooth: Add combined LED trigger for controller power 2016-09-19 20:19:34 +02:00
leds.h Bluetooth: Add combined LED trigger for controller power 2016-09-19 20:19:34 +02:00
lib.c Bluetooth: make baswap src const 2017-09-01 22:49:47 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mgmt.c Bluetooth: SMP: fix crash in unpairing 2018-11-04 14:52:39 +01:00
mgmt_util.c networking: make skb_push & __skb_push return void pointers 2017-06-16 11:48:40 -04:00
mgmt_util.h
sco.c Bluetooth: Fix locking in bt_accept_enqueue() for BH context 2019-03-13 14:03:10 -07:00
selftest.c Bluetooth: kfree tmp rather than an alias to it 2017-08-11 21:19:46 +02:00
selftest.h
smp.c Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug 2019-07-31 07:28:43 +02:00
smp.h Bluetooth: SMP: fix crash in unpairing 2018-11-04 14:52:39 +01:00