This fixes bluetoothd exit when AT+VTS command is badly formatted,
e.g. as AT+VTS\xfe\xfe[...]=1
Verification it done for the numeric value to be larger than 0x23,
that corresponds to the hash '#', and to be lower than 0x44, that
corresponds to 'D', such that the tone is in {0-9, *, #, A, B, C, D}.
It makes sense to try to reuse the same SEP whenever possible when
reconfiguring streams. In fact this is even necessary with a particular
BMW car kit which doesn't allow a new stream to be set up to any other
SEP.
This patch cleans up the reference counting of the HID control and
interrupt channels. Particularly the connection failure cases weren't
properly handled previously.
Based on the original report and patch from Jaikumar Ganesh.
When parsing endpoint properties application my not have set some of the
mandatory properties, also the size of capability is now initialized with
0 so if the codec doesn't have any capabilities (e.g. pcm) the variable
won't be used uninitialized.
This fixes possible bluetoothd crash on AVDTP Suspend request timeout
if A2DP client was destroyed after the request was sent but before its
timeout handled.
If Suspend request times out due to any reason, then references to A2DP
session and stream are cleared in unix_client. Therefore, callback cannot
be removed when unix_client is destroyed (e.g. on incomming call).
After that, consequent Abort request is sent. If the request times out
as well, than stream_state_changed callback is invoked to change AVDTP
state to Idle, which causes crash due to NULL dereferencing.
Therefore, it is important to keep references to AVDTP session and stream
in unix_client until it is destroyed.
There is no need for HCIDEVUP/fork in such cases it will just consume
more resources for no reason.
To fix this HCI_DEV_REG is no longer generate for adapter already up
instead init_device is called directly which simplify the code path.
The kernel seems to have some state tracking issues if we close the
bonding socket before it gets into connected state. This needs to be
investigated on the kernel side but a simple fix is to let the socket be
closed in its BtIO callback instead of through some HCI event (for the
successful case).
This patch refactors the pairing code in hciops and the core daemon to
better match the management interface. Particularly all logic regarding
IO capabilities and authentication requirements are moved into hciops.c.
The patch is quite big because there are a lot of cross-dependencies
which makes it difficult to split the changes up into smaller chunks.
The important adapter_ops preparations for the management interface in
this patch are the create_bonding and cancel_bonding callbacks. Those
will be directly mapped to corresponding management commands.
This patch implements refusal of a MDL reconnection if the new L2CAP
connection presents a different MTU. Accordingly to HDP spec. item 3.5.
It aims to pass the TC_SNK_HCT_BV_07_C PTS test. (It does not pass yet
because PTS itself seems to have issues. See tickets 7212, 7214 and
7244 for details.)
Modify headers to enable support for flushable packets. Following
commit: 8bcbd526c84724d8de087130d53e79da256e34bf to linux kernel
implements functionality on kernel side.
Remove sending of the scan disable command when the device is being
powered off. This was originally a safe-guard for the non-connectable
GAP test case in case the HCI driver leaves the controller powered after
the DEV_DOWN ioctl, but now-days it can be expected that drivers behave
properly.
