client/advertising.c:
Allowing discoverable property to list in the parsing
function when discoverable is off.
Test steps:
From DUT, bluetoothctl go to menu advertise
set discoverable to off and then advertise on.
The code was supporting a maximum of 25 bytes (31 - 6) to be entered as
advertising data, but in case of EA is used that allows up to 245 bytes
(251 - 6) to be entered.
This adds support for advertise.rsi command which can be used to request
the generation of RSI and include it as part of advertising data:
[bluetooth]# advertise.rsi --help
Show/Enable/Disable RSI to be advertised
Usage:
rsi [on/off]
[bluetooth]# advertise.rsi
RSI: on
[bluetooth]# advertise on
...
Advertising object registered
Tx Power: off
Name: off
Appearance: off
Discoverable: on
RSI: on
[bluetooth]#
advertise.data when no parameter is given shall print what is set on
ad.data not the ad.manufacturer which is a different field set by
advertise.manufacturer.
This fixes the following errors:
client/advertising.c:129:4: warning: Value stored to 'n' is never read
[deadcode.DeadStores]
n = sizeof(str) - 1;
^ ~~~~~~~~~~~~~~~
client/advertising.c:1012:25: warning: Dereference of null pointer
(loaded from variable 'min') [core.NullDereference]
if (ad.min_interval != *min) {
^~~~
When setting a advertising.name other than on/off it shall also disable
local-name flag from Includes as that would cause an error when parsed
by the daemon.
This prints both Data and Discoverable if advertise command succeeds:
[bluetooth]# advertise.data 0x26 0x01 0x00
[bluetooth]# advertise.discoverable on
[bluetooth]# advertise on
Advertising object registered
Data Type: 0x26
01 00 ..
Tx Power: off
Name: off
Apperance: off
Discoverable: on
This adds advertise.discoverable command which can be used to set it
own instance:
[bluetooth]# advertise.discoverable on
[bluetooth]# advertise on
@ MGMT Command: Add Advertising (0x003e) plen 14
Instance: 1
Flags: 0x00000001
Switch into Connectable mode
Duration: 0
Timeout: 0
Advertising data length: 3
Flags: 0x02
LE General Discoverable Mode
Scan response length: 0
< HCI Command: LE Set Advertising Data (0x08|0x0008) plen 32
Length: 3
Flags: 0x02
LE General Discoverable Mode
This adds data command to advertise menu which can be used to set
an arbitrary/profile specific advertising type and data:
[bluetooth]# data 0x26 0x01 0x01 0x00
Returns the FAILURE status since there is no meaning of stay in
non-interactive mode when executing some commands with an invalid
argument or with no controller. Also returns with the SUCCESS status
when getting a scan filtering value or disconnecting a non-default
device.
Since commit 65eff5c2 ("client: Rename set-service to service"), data
are appended in every run of advertise service with data arguments as
below:
[bluetooth]# service 1 1 2
[bluetooth]# service
UUID: SDP(1)
01 02 ..
[bluetooth]# service 1 1 2 3
[bluetooth]# service
UUID: SDP(1)
01 02 01 02 03 .....
Make the command return the current value if no parameters:
[bluetooth]# service 0x1820 00 00 00
[bluetooth]# service
UUID: Internet Protocol Support (0x1820)
00 00 00 ...
This adds the following command which can be used to control the
advertisement intervals:
[bluetooth]# set-advertise-duration 4
[bluetooth]# set-advertise-timeout 4
[bluetooth]# advertise on
[CHG] Controller B8:8A:60:D8:17:D7 SupportedInstances: 0x04
[CHG] Controller B8:8A:60:D8:17:D7 ActiveInstances: 0x01
Advertising object registered
[CHG] Controller B8:8A:60:D8:17:D7 SupportedInstances: 0x05
[CHG] Controller B8:8A:60:D8:17:D7 ActiveInstances: 0x00
When data is too much, the data may include values not making sense, so
this patch clears the advertising manufacturer/service data corresponding
to the running command.
Even if running set-advertise-manufacturer with data having an invalid
value, client does not clear the advertising service data and clears the
advertising manufacturer data.
While testing advertisement, I encountered Seg fault in client, when bluetoothd
tries to fetch the Adv data set by client. It can happen either while fetching
Manufacturer specific data or Service data. Backtrace is provided below for reference
After fix is applied, advertisement works fine for me. I am sending the following patch
your review. Thank you.
Passing val instead of &val in dbus_message_iter_append_fixed_array
DBUS API causes segmentation fault while fecthing Manufacturer
data or service data set by client.
BT Before Fix:
[bluetooth]# set-advertise-name Test
[bluetooth]# set-advertise-uuids 0x1824
[bluetooth]# set-advertise-manufacturer 0x75 0x02 0x03 0x04
[bluetooth]# advertise on
Program received signal SIGSEGV, Segmentation fault.
in append_array_variant(iter=iter@entry=0x7fffffffd780,
val=val@entry=0x62485a <ad+90>, n_elements=n_elements@entry=3, type=121) at client/advertising.c:178
in dict_append_basic_array(type=121, n_elements=3,
val=0x62485a <ad+90>, key=0x624858 <ad+88>, key_type=113, dict=0x7fffffffd730) at client/advertising.c:205
get_manufacturer_data(property=<optimized out>, iter=0x7fffffffd840,
user_data=<optimized out>) at client/advertising.c:253
After Fix:
[bluetooth]# set-advertise-name Test
[bluetooth]# set-advertise-uuids 0x1824
[bluetooth]# set-advertise-manufacturer 0x75 0x02 0x03 0x04
[bluetooth]# advertise on
[CHG] Controller 00:19:0E:11:55:44 SupportedInstances: 0x04
[CHG] Controller 00:19:0E:11:55:44 ActiveInstances: 0x01
Advertising object registered
[bluetooth]#
If repeating to set on/off with set-advertise-name after setting local
name, and then may dump core by double free. This patch uses g_free()
instead of free().
Since advertise command does not free the variable ad.type when repeating
to enable and disable advertising, the following memory leak occurs.
11 bytes in 1 blocks are definitely lost in loss record 20 of 190
at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x4E89718: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
by 0x4EA24EE: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
by 0x40EBC8: ad_register (advertising.c:343)
by 0x40A666: cmd_advertise (main.c:2344)
by 0x40ABA3: rl_handler (main.c:2664)
by 0x53C16F4: rl_callback_read_char (in /lib/x86_64-linux-gnu/libreadline.so.6.3)
by 0x405AFC: input_handler (main.c:110)
by 0x4E84049: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
by 0x4E843EF: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
by 0x4E84711: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.2)
by 0x4055FE: main (main.c:2865)
This allows bluetoothd to detect changes done by the user without
having to rely on advertise command to unregister and register again:
bluetooth]# set-advertise-name blah
[bluetooth]# advertise on
@ MGMT Command: Add Advertising (0x003e) plen 17
Instance: 1
Flags: 0x00000003
Switch into Connectable mode
Advertise as Discoverable
Duration: 0
Timeout: 0
Advertising data length: 0
Scan response length: 6
Name (complete): blah
[bluetooth]# set-advertise-name bleh
@ MGMT Command: Add Advertising (0x003e) plen 17
Instance: 1
Flags: 0x00000003
Switch into Connectable mode
Advertise as Discoverable
Duration: 0
Timeout: 0
Advertising data length: 0
Scan response length: 6
Name (complete): bleh
