The involved values are all unsigned and thus unsigned int should be
used instead of signed int. Assigning ~0 to a signed int results in -1,
which is confusing and error-prone, while the code is trying to set the
maximum value possible.
The code still works because the C standard defines that unsigned
comparison will be performed in these cases, when comparing an unsigned
int and a signed int.
Signed-off-by: Mikel Astiz <mikel.astiz.oss@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
AMP Info will be used in Discovery Response.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
This patch prevents resetting of discovery type while stopping
discovery, since otherwise the wrong type might be send in case of
discovery failure. It also doesn't matter that we are "lazy" with
updating the type since it is anyway reset when starting discovery again
and it's not needed to know the current discovery state.
Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should return -EALREADY in hci_cancel_inquiry since it is more
suitable than -EPERM error code.
Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
This patch adds to hci_core the hci_cancel_le_scan function which
should be used to cancel an ongoing LE scan.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
opcode to be accessed is in le16 format so convert it
first to cpu byte order.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Correct type warnings reported by sparse to show that this
functions takes ediv argument in __le16 format.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
If a key is non persistent then it should not be used in future
connections but it should be kept for current connection. And it
should be removed when connecion is removed.
Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch changes the return type of function hci_persistent_key
from int to bool because it makes more sense to return information
whether a key is persistent or not as a bool.
Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Remove all #inclusions of asm/system.h preparatory to splitting and killing
it. Performed with the following command:
perl -p -i -e 's!^#\s*include\s*<asm/system[.]h>.*\n!!' `grep -Irl '^#\s*include\s*<asm/system[.]h>' *`
Signed-off-by: David Howells <dhowells@redhat.com>
We are not supposed to force DISCOVERY_STOPPED in inquiry_cache_flush
because we may break the discovery state machine. For instance, during
interleaved discovery, when we are about to start inquiry, the state
machine forcibly goes to DISCOVERY_STOPPED while it should stay in
DISCOVERY_FINDING state.
This problem results in unexpected behaviors such as sending two
mgmt_discovering events to userspace (when only one event is expected)
and Stop Discovery failures.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Some CSR controllers will generate a spontaneous reset during init and
just eat up any pending command without sending a command complete for
it. This patch solves the issue by just resending whatever was the last
sent command. hci_send_cmd is not used since we need to bypass all other
commands in the send queue.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
"count" is type int so the cast to __u16 truncates the high bits away
and triggers a Smatch static checker warning. It looks like a high
value of count could cause a forever loop, but I didn't follow it
through to see if count is capped somewhere.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch makes sure that legacy pairing vs SSP infomation gets
properly propageted to the device_found events in the form of the legacy
pairing flag.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
We should assume a value of 0 for the device class when powered off.
The appropriate place to do this is in hci_dev_do_close().
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
When powering off we should assume that the EIR data isn't valid
anymore. This patch makes sure it gets cleared in hci_dev_do_close and
thereby ensures that a correct new EIR is recreated when powering on
again.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
This patch makes it possible to toggle the connectable & discoverable
settings when powered off. Two new hdev->dev_flags flags are added to
track what the scan mode should be when the device is finally powered
on.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
When the controller gets brought up for initial setup, it will be brought
back down after a timeout. In that case, don't send a New Settings event.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch adds an address type parameter to the Discovering event. The
value matches that given to Start/Stop Discovery.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Since neither High Speed (HS) nor Low Energy (LE) are fully implemented
yet, only expose them in supported settings when enabled.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The HCI monitor channel can be used to monitor all packets and events
from the Bluetooth subsystem. The monitor is not bound to any specific
HCI device and allows even capturing multiple devices at the same time.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The HCI notifier handling was never used outside of Bluetooth core layer
and thus remove it and replace it with direct function calls. Also move
the stack internal event generation into the HCI socket layer.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The sending functions for HCI raw and control sockets have nothing in
common except that they iterate over the socket list. Split them into
two so they can do their job more efficient. In addition the code becomes
more readable.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch merges DISCOVERY_INQUIRY and DISCOVERY_LE_SCAN states
into a new state called DISCOVERY_FINDING.
From the discovery perspective, we are pretty much worried about
to know just if we are finding devices than what exactly phase of
"finding devices" (inquiry or LE scan) we are currently running.
Besides, to know if the controller is performing inquiry or LE scan
we should check HCI_INQUIRY or HCI_LE_SCAN bits in hdev flags.
Moreover, merging this two states will simplify the discovery state
machine and will keep interleaved discovery implementation simpler.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch adds to struct discovery_state the field 'type' so that
we can track the discovery type the device is performing.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We are not supposed to send mgmt_discovering events if we are transiting
from DISCOVERY_STARTING to DISCOVERY_STOPPED state. It doesn't make
sense to send mgmt_discovering event once discovery procedure has not
been even started.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch updates the implmentation for mgmt_block_device and
mgmt_unblock_device and their corresponding events to match the latest
API specification.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
We are not supposed to block in start_discovery() because
start_discovery code is running in write() syscall context
and this would block the write operation on the mgmt socket.
This way, we cannot directly call hci_do_le_scan() to scan
LE devices in start_discovery(). To overcome this issue a
derefered work (hdev->le_scan) was created so we can properly
call hci_do_le_scan().
The helper function hci_le_scan() simply set LE scan parameters
and queue hdev->le_scan work. The work is queued on system_long_wq
since it can sleep for a few seconds in the worst case (timeout).
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch adds to hci_core the hci_do_le_scan function which
should be used to scan LE devices.
In order to enable LE scan, hci_do_le_scan() sends commands (Set
LE Scan Parameters and Set LE Scan Enable) to the controller and
waits for its results. If commands were executed successfully a
delayed work is scheduled to disable the ongoing scanning after
some amount of time. This function blocks.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch does a trivial code refacting in hci_discovery_active.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Send MGMT Discovering events once LE scan starts/stops so the
userspace can track when local adapters are discovering LE devices.
This way, we also keep the same behavior of inquiry which sends MGMT
Discovering events once inquiry starts/stops even if it is triggered
by an external tool (e.g. hcitool).
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
We should only perform a reset in hci_dev_do_close if the
HCI_QUIRK_NO_RESET flag is set (since in such a case a reset will not be
performed when initializing the device).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
If we want to have proper pairing support over LE we need to
inform userspace that a new LTK is available, so userspace
can store that key permanently.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This updates all the users of the older way, that was using the
link_keys list to store the SMP keys, to use the new way.
This includes defining new types for the keys, we have a type for each
combination of STK/LTK and Master/Slave.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This includes a new list for storing the keys and a new structure used
to represent each key.
Some notes: authenticated is used to identify that the key may be used
to setup a HIGH security link. As the same list is used to store both
the STK's and the LTK's the type field is used so we can separate
between those two types of keys and if the key should be used when
in the master or slave role.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This function is not called in interrupt context anymore, so it
should use GFP_KERNEL to allocate memory.
Signed-off-by: Andre Guedes <aguedespe@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Fix the following build warning:
CC [M] net/bluetooth/hci_core.o
net/bluetooth/hci_core.c: In function ‘__check_enable_hs’:
net/bluetooth/hci_core.c:2587: warning: return from incompatible pointer type
module_param in hci_core.c passes 'enable_hs' as bool format, so fix
this variable definition type.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch makes sure that devices with stronger signal (RSSI closer to
0) are sorted first in the resolve list and will therefore get their
names resolved first during device discovery. Since it's more likely
that the device the user is trying to discover has a strong signal due
to its proximity this ensures that the user gets the "device found"
event for it more quickly.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
There's no point in exposing these to user-space (which is what happens
to everything in hdev->flags) so move them to dev_flags instead.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Since we remove the owner field of hci_dev hci_dev_put and __hci_dev_put
do the same so we can merge them into one function. Same for
hci_dev_hold and __hci_dev_hold.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The hci_dev->dev device structure has an internal refcount. This
refcount is used to protect the whole hci_dev object. However, we
currently do not use it. Therefore, if someone calls hci_free_dev() we
currently immediately destroy the hci_dev object because we never took
the device refcount.
This even happens if the hci_dev->refcnt is not 0. In fact, the
hci_dev->refcnt is totally useless in its current state. Therefore, we
simply remove hci_dev->refcnt and instead use hci_dev->dev refcnt.
This fixes all the symptoms and also correctly integrates the device
structure into our bluetooth bus system.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
After unregistering an hci_dev object a bluetooth driver does not have
any callbacks in the hci_dev structure left over. Therefore, there is no
need to keep a reference to the module.
Previously, we needed this to protect the hci-destruct callback.
However, this callback is no longer available so we do not need this
owner field, anymore. Drivers now call hci_unregister_dev() and they
are done with the object.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Several drivers already provide an empty callback so we can actually
make this optional and then remove all those empty callbacks in the
drivers.
This callback isn't needed at all by most drivers as they can remove
their allocated structures on device disconnect and not on hci
destruction.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Adds HCI_ACL_TX_TIMEOUT and clear conversion from msec to jiffies
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This patch adds the necessary logic to perform name lookups after
inquiry completes. This is done by checking for entries in the resolve
list after each inquiry complete and remote name complete HCI event.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
This patch adds proper state tracking to the device discovery process.
This makes it possible to return appropriate errors when trying to stop
a non-active discovery or start discovery when it is already ongoing.
Once name resolving is implemented this also makes it possible to know
what the right action to do is when a remote name lookup is cancelled.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
This struct is used for not just inquiry caching but also for general
device discovery state tracking so it's better to rename it to something
more appropriate.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
For the remote name state tracking for the management interface to work
the cache needs to be flushed whenever inquiry is started. The
hci_do_inquiry function is only used by the management interface so by
having the flushing done from it ensures that old ioctl based
functionality isn't affected.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
If user-space has already confirmed the name for a remote device we
shouldn't request confirmation again. The simplest way to do this is to
return the name state from hci_inquiry_cache_update (if it is anything
else than unknown then we do not need confirmation from user-space).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
This patch adds initial support for mgmt_confirm_name. It adds the
necessary tracking of the name state by extending the inquiry cache. The
actual name resolving operation (to be done once inquiry is finished) is
not yet part of this patch.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
This makes it possible to use the convenience functions provided for
standard kernel list types and it also makes it easier to extend the use
of the cache for the management interface where e.g. name resolving
control will be needed.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
This reverts commit e1b6eb3ccb.
This was causing a delay of 10 seconds in the resume process of a Thinkpad
laptop. I'm afraid this could affect more devices once 3.2 is released.
Reported-by: Tomáš Janoušek <tomi@nomi.cz>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
They don't need to disable interrupts anymore, we only run in process
context now.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The struct hci_proto and all related register/unregister and dispatching
code was removed. HCI core code now call directly the SCO and L2CAP
event functions.
Signed-off-by: Ulisses Furquim <ulisses@profusion.mobi>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The hci_task_lock mutex (previously a lock) was supposed to protect the
register/unregister of HCI protocols against RX/TX tasks. This will not
be needed anymore because SCO and L2CAP will always be compiled.
Moreover, with the recent move of RX/TX to workqueues per device the
global hci_task_lock was causing starvation between different HCI
devices.
Signed-off-by: Ulisses Furquim <ulisses@profusion.mobi>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Current controller initialization is moved tp bredr_init and new
function added amp_init to handle later AMP init sequence. Current
AMP init sequence include Reset and Read Local Version.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Incoming sk_buffs always have bt_cb(skb)->force_active set to 0, so
it's misleading to use that value from the control block when calling
hci_conn_enter_active_mode() for incoming data. The destination socket
is not known in the HCI layer, so the force_active setting for each
socket isn't known either. Hard-coding the force_active parameter does
not change any behavior, but makes it obvious that incoming ACL data
never exits sniff mode.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
We do not want the service cache to be enabled indefinitely after
mgmt_read_info is called. To solve this a timer is added which will
automatically disable the cache if mgmt_set_dev_class isn't called
within 5 seconds of calling mgmt_read_info.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
hdev->workqueue should be only for rx/tx, so move this one out.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Update hdev workqueue API usage to use the new interface, this new
interface also allow us to mark this workqueue as WQ_HIGHPRI, so now rx
and tx work gets higher priority when running.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
hdev->workqueue will be only for for rx/tx/cmd processing, all other small
works should go to the system workqueue for now.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This should simplify Bluetooth core processing a lot.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
As part of the moving on all the Bluetooth processing to Process context.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Handling hci_conn_hash with RCU make us avoid some locking and disable
tasklets.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Instead of using tasklet_disable() to prevent acess to the channel use, we
can use RCU and improve the performance of our code.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Now we can sleep in any path inside Bluetooth core, so mutex can make
sense here.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
As HCI rx path is now done in process context it makes sense to do all the
timer in process context as well.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Now we run everything in HCI in process context, so it's a better idea use
mutex instead spin_lock. The macro remains hci_dev_lock() (and I got rid
of hci_dev_lock_bh()), of course.
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Run recv process in workqueue helps a lot with our processing as the recv
path will also be in the process context, i.e., now all our tx and rx are
in process context.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Remove old code not touched for several years.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch adds the dev_flags field to struct hci_dev. This new
flags variable should be used to define flags related to BR/EDR
and/or LE controller itself. It should be used to define flags
which represents states from the controller. The dev_flags is
cleared in case the controller sends a Reset Command Complete
Event to the host.
Also, this patch adds the HCI_LE_SCAN flag which was created to
track if the controller is performing LE scan or not. The flag
is set/cleared when the controller starts/stops scanning.
This is an initial effort to stop using hdev->flags to define
internal flags since it is exported to userspace by an ioctl.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Use queue instead of stack discipline for device list. When processing
dev_list with list_for_each* devices will be prosessed in order they
were added (Usually BR/EDR first and AMP later).
Also output from hciconfig looks nicer :-)
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Fixes bluetooth compiling when CONFIG_BT_L2CAP is not enabled
net/built-in.o: In function `hci_dev_open':
(.text+0xdce9a): undefined reference to `enable_hs'
Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The cancel_delayed_work_sync function should not be used if we hold any
locks. Luckily all places where this is the case it is also safe to use
the non-sync version.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Now that the pending commands are within struct hci_dev we can properly
control access to them throught the hci_dev locking mechanism.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch moves the pending management command list (previously global
to mgmt.c) into struct hci_dev. This makes it possible to do proper
locking when accessing it (through the existing hci_dev locks) and
thereby avoid race conditions.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The current global pending command list in mgmt.c is racy. Possibly the
simplest way to fix it is to have per-hci dev lists instead of a global
one (all commands that need a pending struct are hci_dev specific).
This way the list can be protected using the already existing per-hci
dev lock. To enable this refactoring the first thing that needs to be
done is to ensure that the mgmt functions have access to the hci_dev
struct (instead of just the dev id).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
BR/EDR link keys have their own commands and events (separate from SMP)
and the remove_keys command (previously remove_key) removes keys of any
kind for the specified remote address.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The power off code doesn't need to use its own custom timer since the
delayed_work API provides the exact same functionality.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Based on the revised mgmt API set_discoverable has a timeout parameter
to specify how long the adapter will remain discoverable. A value of 0
means "indefinitively".
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch adds a function to hci_core to cancel an ongoing inquiry.
According to the Bluetooth spec, the inquiry cancel command should
only be issued after the inquiry command has been issued, a command
status event has been received for the inquiry command, and before
the inquiry complete event occurs.
As HCI_INQUIRY flag is only set just after an inquiry command status
event occurs and it is cleared just after an inquiry complete event
occurs, the inquiry cancel command should be issued only if HCI_INQUIRY
flag is set.
Additionally, cancel inquiry related code from stop_discovery() were
replaced by a hci_cancel_inquiry() call.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch adds a function to hci_core to carry out inquiry.
All inquiry code from start_discovery() were replaced by a
hci_do_inquiry() call.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
It's convenient to use the HCI device index the AMP controller id, but
the spec requires that an AMP controller never has id 0.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
To avoid starvation the priority is recalculated so that the starving
channels are promoted to HCI_PRIO_MAX - 1 (6).
HCI_PRIO_MAX (7) is considered special, because it requires CAP_NET_ADMIN
capability which can be used to provide more guaranties, so it is not used
when promoting.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The quote is calculated based on the first buffer in the queue so if the
priority changes to something lower than the priority of the first skb
the quote needs to be recalculated.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This implement priority based scheduler using skbuffer priority set via
SO_PRIORITY socket option.
It introduces hci_chan_hash (list of HCI Channel/hci_chan) per connection,
each item in this list refer to a L2CAP connection and it is used to
queue the data for transmission.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
I've noticed that my CSR usb dongle was not working if it was plugged in when
PC was booting. It looks like I get two HCI reset command complete events (see
hcidump logs below).
The root cause is reset called from off_timer. Timeout for this reset to
complete is set to 250ms and my bt dongle requires more time for replying with
command complete event. After that, chip seems to reply with reset command
complete event for next non-reset command.
Attached patch increase mentioned timeout to HCI_INIT_TIMEOUT, this value is
already used for timeouting hci_reset_req in hci_dev_reset().
This might also be related to BT not working after suspend that was reported
here some time ago.
Hcidump log:
2011-09-12 23:13:27.379465 < HCI Command: Reset (0x03|0x0003) plen 0
2011-09-12 23:13:27.380797 > HCI Event: Command Complete (0x0e) plen 4
Reset (0x03|0x0003) ncmd 1
status 0x00
2011-09-12 23:13:27.380859 < HCI Command: Read Local Supported Features (0x04|0x000
3) plen 0
2011-09-12 23:13:27.760789 > HCI Event: Command Complete (0x0e) plen 4
Reset (0x03|0x0003) ncmd 1
status 0x00
2011-09-12 23:13:27.760831 < HCI Command: Read Local Version Information (0x04|0x00
01) plen 0
2011-09-12 23:13:27.764780 > HCI Event: Command Complete (0x0e) plen 12
Read Local Version Information (0x04|0x0001) ncmd 1
status 0x00
HCI Version: 1.1 (0x1) HCI Revision: 0x36f
LMP Version: 1.1 (0x1) LMP Subversion: 0x36f
Manufacturer: Cambridge Silicon Radio (10)
Signed-off-by: Szymon Janc <szymon@janc.net.pl>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
When all items in the list have the same type there is no much of a point
to use list_for_each except if you want to use the list pointer itself.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
hci_unregister_dev cannot fail and always returns 0. The drivers already ignore
the return value so we can safely make it return void.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
I've noticed that my CSR usb dongle was not working if it was plugged in when
PC was booting. It looks like I get two HCI reset command complete events (see
hcidump logs below).
The root cause is reset called from off_timer. Timeout for this reset to
complete is set to 250ms and my bt dongle requires more time for replying with
command complete event. After that, chip seems to reply with reset command
complete event for next non-reset command.
Attached patch increase mentioned timeout to HCI_INIT_TIMEOUT, this value is
already used for timeouting hci_reset_req in hci_dev_reset().
This might also be related to BT not working after suspend that was reported
here some time ago.
Hcidump log:
2011-09-12 23:13:27.379465 < HCI Command: Reset (0x03|0x0003) plen 0
2011-09-12 23:13:27.380797 > HCI Event: Command Complete (0x0e) plen 4
Reset (0x03|0x0003) ncmd 1
status 0x00
2011-09-12 23:13:27.380859 < HCI Command: Read Local Supported Features (0x04|0x000
3) plen 0
2011-09-12 23:13:27.760789 > HCI Event: Command Complete (0x0e) plen 4
Reset (0x03|0x0003) ncmd 1
status 0x00
2011-09-12 23:13:27.760831 < HCI Command: Read Local Version Information (0x04|0x00
01) plen 0
2011-09-12 23:13:27.764780 > HCI Event: Command Complete (0x0e) plen 12
Read Local Version Information (0x04|0x0001) ncmd 1
status 0x00
HCI Version: 1.1 (0x1) HCI Revision: 0x36f
LMP Version: 1.1 (0x1) LMP Subversion: 0x36f
Manufacturer: Cambridge Silicon Radio (10)
Signed-off-by: Szymon Janc <szymon@janc.net.pl>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
We need to catch errors when calling hci_add_sysfs() and return them to
the caller to avoid kernel oopses on device_add() failure.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
As we introduced hci_init_sysfs() we should also rename
hci_register_sysfs() and hci_unregister_sysfs() to hci_add_sysfs() and
hci_del_sysfs() like we do with hci_conn_add/del_sysfs(). It looks more
consistent now.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
We must not call device_del() if we didn't use device_add(). See module.c
for comments on that. Therefore, we need to call device_initialize() when
allocating the hci device and later device_add() instead of
device_register().
This also fixes a bug when hci_register_dev() failed and we call
hci_free_dev() without a valid core device. hci_free_dev() segfaults while
calling put_device() on invalid memory.
We already do this with hci_conn connections (hci_conn_init_sysfs()) so
they do not need to be fixed.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Add management interface events for blocking/unblocking a device.
Sender of the block device command gets cmd complete and other
mgmt sockets get the event. Event is also sent to mgmt sockets when
blocking is done with ioctl, e.g when blocking a device with
hciconfig. This makes it possible for bluetoothd to track status
of blocked devices when a third party block or unblocks a device.
Event sending is handled in mgmt_device_blocked function which gets
called from hci_blacklist_add in hci_core.c. A pending command is
added in mgmt_block_device, so that it can found when sending the
event - the event is not sent to the socket from which the pending
command came. Locks were moved out from hci_core.c to hci_sock.c
and mgmt.c, because locking is needed also for mgmt_pending_add in
mgmt.c.
Signed-off-by: Antti Julku <antti.julku@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The objective is to make the core to have as little as possible
information about SMP procedures and logic. Now, all the SMP
specific information is hidden from the core.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This checks if there is any existing connection according to its type
before start iterating in the list and immediately stop iterating when
reaching the number of connections.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
No command should be send before Command Complete event for HCI
reset is received. This fix regression introduced by commit
6bd32326cda(Bluetooth: Use proper timer for hci command timout)
for chips whose reset command takes longer to complete (e.g. CSR)
resulting in next command being send before HCI reset completed.
Signed-off-by: Szymon Janc <szymon@janc.net.pl>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
There was a small typo here so we never actually hit the goto which
would call hci_dev_unlock_bh().
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
In some cases it will be useful having the key size used for
encrypting the link. For example, some profiles may restrict
some operations depending on the key length.
The key size is stored in the key that is passed to userspace
using the pin_length field in the key structure.
For now this field is only valid for LE controllers. 3.0+HS
controllers define the Read Encryption Key Size command, this
field is intended for storing the value returned by that
command.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
As the LTK (the new type of key being handled now) has more data
associated with it, we need to store this extra data and retrieve
the keys based on that data.
Methods for searching for a key and for adding a new LTK are
introduced here.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The enable_smp parameter is no longer needed. It can be replaced by
checking lmp_host_le_capable.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Since we have the extended LMP features properly implemented, we
should check the LMP_HOST_LE bit to know if the host supports LE.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Make it easier to use more normal logging styles later.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Move blacklisting functions to hci_core.c, so that they can
be used by both management interface and hci socket interface.
Signed-off-by: Antti Julku <antti.julku@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This will allow using the crypto subsystem for encrypting data. As SMP
(Security Manager Protocol) is implemented almost entirely on the host
side and the crypto module already implements the needed methods
(AES-128), it makes sense to use it.
There's now a new module option to enable/disable SMP support.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Add BT_POWER socket option used to control the power
characteristics of the underlying ACL link. When the remote end
has put the link in sniff mode and the host stack wants to send
data we need need to explicitly exit sniff mode to work well with
certain devices (For example, A2DP on Plantronics Voyager 855).
However, this causes problems with HID devices.
Hence, moving into active mode when sending data, irrespective
of who set the sniff mode has been made as a socket option. By
default, we will move into active mode. HID devices can set the
L2CAP socket option to prevent this from happening.
Currently, this has been implemented for L2CAP sockets. This has been
tested with incoming and outgoing L2CAP sockets for HID and A2DP.
Based on discussions on linux-bluetooth and patches submitted by
Andrei Emeltchenko.
Signed-off-by: Jaikumar Ganesh <jaikumar@google.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch adds a timer to clear 'adv_entries' after three minutes.
After some amount of time, the advertising entries cached during
the last LE scan should be considered expired and they should be
removed from the advertising cache.
It was chosen a three minutes timeout as an initial attempt. This
value might change in future.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch implements the LE advertising cache. It stores sensitive
information (bdaddr and bdaddr_type so far) gathered from LE
advertising report events.
Only advertising entries from connectables devices are added to the
cache.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Semicolons are not necessary after switch/while/for/if braces
so remove them.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Even for keys that shouldn't be stored some use cases require the
knowledge of a new key having been created so that the conclusion of a
successful pairing can be made. Therefore, always send the mgmt_new_key
event but add a store_hint parameter to it to indicate to user space
whether the key should be stored or not.
Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
User space shouldn't have any need for the old key type so remove it
from the corresponding Management interface event.
Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
If a controller generates a changed combination key as its first key the
connection key type will not be correctly set. In these situations make
sure the update the connection key type when such a buggy controller is
detected.
Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Even if there's no previous key stored the connection might still be
secured with a non-persistent key and in that case the key type in the
hci_conn struct should be checked.
Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Link keys should only be stored if very specific criteria of the
authentication process are fulfilled. This patch essentially copies the
criteria that user space has so far been using to the kernel side so
that the management interface works properly.
Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Introduce the link key types defs and use them instead of magic numbers.
Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Resolved logic conflicts causing a build failure due to
drivers/net/r8169.c changes using a patch from Stephen Rothwell.
Signed-off-by: David S. Miller <davem@davemloft.net>
In the teardown path the reset command is sent to the controller,
this event causes the command timer to be reactivated.
So the timer is removed in two situations, when the adapter isn't
marked as UP and when we know that some command has been sent.
Reported-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
After we made debugobjects working again, we got the following:
WARNING: at lib/debugobjects.c:262 debug_print_object+0x8e/0xb0()
Hardware name: System Product Name
ODEBUG: free active (active state 0) object type: timer_list hint: hci_cmd_timer+0x0/0x60
Pid: 2125, comm: dmsetup Tainted: G W 2.6.38-06707-gc62b389 #110375
Call Trace:
[<ffffffff8104700a>] warn_slowpath_common+0x7a/0xb0
[<ffffffff810470b6>] warn_slowpath_fmt+0x46/0x50
[<ffffffff812d3a5e>] debug_print_object+0x8e/0xb0
[<ffffffff81bd8810>] ? hci_cmd_timer+0x0/0x60
[<ffffffff812d4685>] debug_check_no_obj_freed+0x125/0x230
[<ffffffff810f1063>] ? check_object+0xb3/0x2b0
[<ffffffff810f3630>] kfree+0x150/0x190
[<ffffffff81be4d06>] ? bt_host_release+0x16/0x20
[<ffffffff81be4d06>] bt_host_release+0x16/0x20
[<ffffffff813a1907>] device_release+0x27/0xa0
[<ffffffff812c519c>] kobject_release+0x4c/0xa0
[<ffffffff812c5150>] ? kobject_release+0x0/0xa0
[<ffffffff812c61f6>] kref_put+0x36/0x70
[<ffffffff812c4d37>] kobject_put+0x27/0x60
[<ffffffff813a21f7>] put_device+0x17/0x20
[<ffffffff81bda4f9>] hci_free_dev+0x29/0x30
[<ffffffff81928be6>] vhci_release+0x36/0x70
[<ffffffff810fb366>] fput+0xd6/0x1f0
[<ffffffff810f8fe6>] filp_close+0x66/0x90
[<ffffffff810f90a9>] sys_close+0x99/0xf0
[<ffffffff81d4c96b>] system_call_fastpath+0x16/0x1b
That timer was introduced with commit 6bd32326cda(Bluetooth: Use
proper timer for hci command timout)
Timer seems to be running when the thing is closed. Removing the timer
unconditionally fixes the problem. And yes, it needs to be fixed
before the HCI_UP check.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
We can't send new commands before a cmd_complete for the HCI_RESET command
shows up.
Reported-by: Mikko Vinni <mmvinni@yahoo.com>
Reported-by: Justin P. Mattock <justinmattock@gmail.com>
Reported-by: Ed Tomlinson <edt@aei.ca>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Tested-by: Justin P. Mattock <justinmattock@gmail.com>
Tested-by: Mikko Vinni <mmvinni@yahoo.com>
Tested-by: Ed Tomlinson <edt@aei.ca>
This patch adds commands to add and remove remote OOB data to the managment
interface. Remote data is stored in kernel and can be used by corresponding
HCI commands and events when needed.
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
