Appearance Characteristic value is still under discussion. Temporary
solution which maps directly the device class of device(major and minor)
into Device Characteristic value without shifting the two less significant
bits reserved to Format Type. The second byte of the device class
contains the major class in the 5 less significant bits.
Declaration and definition of the Device Appearance Characteristic
defined in the GAP Characteristics for Low Energy section: Bluetooth
Core Specification, Volume 3, Part C, section 12.2.
A2DP sink endpoint shall not be created if A2DP sink interface is disabled.
Same holds for A2DP source endpoint and A2DP source interface.
Such fixes bluetoothd crash when SDP record is registered and remote
device tries to connect and stream to A2DP sink which is not initialized.
Dereferencing of NULL happens in source_new_stream since device->source
was not created.
There's no need to expose the auto-accept case to the core daemon so
move it to hciops. For the management interface this will all be handled
on the kernel side.
Mode required to allow better GATT procedures control. Some scenarios
require sequential commands without disconnection and delay between
operations. It is also desirable to change some connection parameters
of an active connection.
If an advertising report did not contain a "Flags" AD Type (e.g. a Scan
response), the previous flags value was mistakenly set to 0x00. This fix
makes sure dev->flags is only updated for valid values.
During device creation if discovery is active we suspend it to avoid
interfering with pairing, but although it attempt to cancel name request
there could be one already completed which would cause next name on the
list to be requested.
This fixes bluetoothd exit when AT+VTS command is badly formatted,
e.g. as AT+VTS\xfe\xfe[...]=1
Verification it done for the numeric value to be larger than 0x23,
that corresponds to the hash '#', and to be lower than 0x44, that
corresponds to 'D', such that the tone is in {0-9, *, #, A, B, C, D}.
It makes sense to try to reuse the same SEP whenever possible when
reconfiguring streams. In fact this is even necessary with a particular
BMW car kit which doesn't allow a new stream to be set up to any other
SEP.
This patch cleans up the reference counting of the HID control and
interrupt channels. Particularly the connection failure cases weren't
properly handled previously.
Based on the original report and patch from Jaikumar Ganesh.
When parsing endpoint properties application my not have set some of the
mandatory properties, also the size of capability is now initialized with
0 so if the codec doesn't have any capabilities (e.g. pcm) the variable
won't be used uninitialized.
This fixes possible bluetoothd crash on AVDTP Suspend request timeout
if A2DP client was destroyed after the request was sent but before its
timeout handled.
If Suspend request times out due to any reason, then references to A2DP
session and stream are cleared in unix_client. Therefore, callback cannot
be removed when unix_client is destroyed (e.g. on incomming call).
After that, consequent Abort request is sent. If the request times out
as well, than stream_state_changed callback is invoked to change AVDTP
state to Idle, which causes crash due to NULL dereferencing.
Therefore, it is important to keep references to AVDTP session and stream
in unix_client until it is destroyed.
There is no need for HCIDEVUP/fork in such cases it will just consume
more resources for no reason.
To fix this HCI_DEV_REG is no longer generate for adapter already up
instead init_device is called directly which simplify the code path.
