Fix issue where when setting up an AMP link the socket pointer
is not set when the logical link complete callback is called,
resulting in the L2CAP channel being disconnected.
The socket pointer must be set before the HCI logical link
create command is sent, as it is possible for the logical link
complete event to arrive before the HCI command send logic
has returned.
Change-Id: I5d89c14d45bd6b4cf47d5754f822b435ce8076a8
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
CRs-fixed: 344553
Take a reference on the hci_conn and do not de-reference l2cap_conn
while setting up the A2MP fixed channel. l2cap_conn is not reference
counted and may go away before the channel is set up.
This fixes scenario where the ACL disconnects (and l2cap_conn goes
away) while amp_conn_ind worker is running or is on the workqueue
waiting to run.
Change-Id: I10fc6d9b146fcc5e010f26a046f7e0570f2b93dd
CRs-fixed: 347079
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
This feature is required for implementing Low energy
proximity client immediate alert service. The proximtiy
client registers with the kernel for receiving RSSI updates
of the remote device. The kernel starts polling for RSSI
value using READ_RSSI HCI command and When it reaches
a particular threshold set by the proximity client,
updates are sent to the client.
Change-Id: I723dd140ad3bf02978c57b3ab127bb6768f28cca
CRs-fixed: 344936
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
Connection security level is modified based on remote device's
extended feature. Deciding SSP capability of remote device
by EIR response is incorrect, because few BT2.1 devices do not
send EIR and few BT2.1 devices which send EIR do not support
SSP. SSP capability of remote device has to be decided based on
remote_extended_features event. This patch makes sure that
MEDIUM_SECURITY is set for non ssp devices' pairing process.
Change-Id: I328a35a30895f2ab6abaaeec51b364ecd633e642
CRs-fixed: 339166
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Expose Bluetooth remote features to the userspace. A2DP profile
setup in the userspace would need this information to
determine if the remote side supports EDR ACL link or not.
Change-Id: Ib6713707baaf30ffe872247313b2185ae2897385
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
When a Bluetooth device is powered down while RFCOMM connections are
open, there are race conditions where RFCOMM tries to use an HCI
connection after the data structures have been deleted. Since the
powerdown procedure runs in process context, it is possible to lock
sockets before accessing them to close connections. This change adds
that locking, which will serialize socket access between processors
during powerdown.
Change-Id: I587720799b35d9ee6e66340bdeda8a2b9e2ea7b5
CRs-fixed: 336893
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Because traffic between the local GATT client(s) and
remote servers are subject to different controls than
remote clients and the local server, all on the shared
fixed CID, it is important to manage the traffic on
seperate sockets.
Change-Id: I62385143c86522f4b123b32592b69f2a0ae6dc76
CRs-fixed: 336029
Signed-off-by: Brian Gix <bgix@codeaurora.org>
We only support a 23 octet MTU, so auto-respond to all
MTU change requests with the 23 octet response.
Change-Id: Ic69d5f068759d983f8cd98b329acbb9d3a481c49
CRs-fixed: 336025
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Some rebalancing of refcnts due to issues found during testing:
Refcnt was not being released on security completion, if local side
was paired but the remote side had deleted the pairing info, and then
the re-pair failed to complete successfully.
Additionally, the refcnt was not held-released properly if pairing
was initiated due to the client socket being opened with security
level elevated from the start.
Change-Id: I120fed4dc74035d280781ca949a23d4cbcfa3f3e
CRs-fixed: 335993
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Increase the L2CAP move timeout to allow adequate time for both
controllers to exit sniff mode and exchange move signals. This
fixes an issue where sending a move request to move a channel
from AMP back to BR-EDR and both controllers need to exit sniff
first the move response is not received before the move timeout
expires and the channel is disconnected. This value needs to be
at least 4X the sniff interval.
Change-Id: I31d5b3fc52489a5e78818aa3bec654cb777f66f1
CRs-fixed: 341368
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
On ACL connection complete with a remote device, the remote
device lmp version should be available with Controller. The
current change is to read this information from controller to
host and update to bluez userspace through management APIs.
Change-Id: Ie152ed98fa0a6cf9ab170a6bb8c6a05b5b9dfcb0
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
When doing L2CAP configuration, use the correct retransmit and monitor
timeouts when configuring (or reconfiguring) AMP channels. The host
stack needs to use the timeouts read from incoming configuration
responses, and write appropriate timeouts when sending configuration
responses.
Change-Id: I1271ade93dbfee58a1cac115280704a327e901b2
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Added Flush Timeout parameter setting for l2cap channel. Bluetooth
profiles using l2cap can set this parameter to flush out the data
when it cannot be sent over the air with in timeout duration.
Change-Id: I60420c5be3a790aff26bc30e8089fdca47a99222
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
This change prevents running timers from being re-initialized
which causes system instablility. Also prevents starting a
discovery operation when already in progress.
CRs-fixed: 328673
Change-Id: Icda36a25fdcb40dab4f95f9cc39ca124b299e308
Signed-off-by: Brian Gix <bgix@codeaurora.org>
When connection initiated from the remote device the class of device
information is required to be updated to userspace through this
event.
Change-Id: I97d715a0b80e12d414ecf03d099955c8b12c82b4
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
When the connection is not in BT_CONNECTED state it was possible
for code in hci_chan_modify() to attempt to access the hci_chan
structure after it had already been deleted by hci_chan_put().
Change-Id: I5ae352ac12aa3b456e7bcf30633015d98b03e44b
CRs-fixed: 319934
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
To prevent timers from expiring on potentiatially free'd dynamic memory.
Change-Id: I8b9685150bcee72fa7ca71b221bc54b54516021e
Signed-off-by: Brian Gix <bgix@codeaurora.org>
mgmt_encrypt_link procedure is added by implementing
MGMT_OP_ENCRYPT_LINK and MGMT_EV_ENCRYPT_CHANGE
Change-Id: Ibed6e24c67bbea83318a67c636e02a93518de29d
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
Previously an offset was added to the hci dev number to generate the
AMP controller ID, because it was possible for the PAL to register
as hci0, and 0 is invalid for an AMP controller ID. Since this commit
462bf76d29 it is not possible for
the PAL to register as hci0, so this offset is no longer necessary.
Change-Id: I4b01ddca5fad3aebeb4c138b5aee8819bb146f3d
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
On some platforms, device state data can be left around, and some
commands may take longer than 1 second to execute. This change increases
the per command time-out, and reinitializes the features mask.
Change-Id: Ib707996b97139c97e9a0deacd4a11019cf75da8c
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Include auto-setting connection parameters during Pairing for
low latenecy, and default (high latency) settings for non-Pairing
connections.
Change-Id: Ie8e3f65da52213451dcc01fce38d95ae07d1b13b
Signed-off-by: Brian Gix <bgix@codeaurora.org>
The upstream kernel has acquired new BT socket options since
BT_AMP_POLICY was first defined, now BT_FLUSHABLE is option 8 and
BT_POWER is option 9. It will save us some future pain if we align
with upstream code now and make BT_AMP_POLICY be option 10.
In addition, the option values for BT_AMP_POLICY were changed during
the upstreaming process.
CRs-fixed: 313757
Change-Id: Ia31e9c8cfd5207a6dd44e40a605d3021f5ce9fd9
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
LE-Only devices require that an Address Type (Public or Random) be
included in Connection Requests. This info is available at Pairing
but must be cached so that it is available at reconnection time.
This change includes the Address type with the Pairing data.
Change-Id: I50c78ad31d8be70f5c3f49a0529039e4a26daaac
Signed-off-by: Brian Gix <bgix@codeaurora.org>
The A2MP response timeout should be greater than the Connection
Accept timeout set for AMP links, but less than the Link Supervision
Timeout on the BR-EDR link.
This allows for A2MP to fail, but the ACL connection can remain
established, so transfer can continue on BR-EDR.
Change-Id: I654ed12149d9cf194c07b1eb3433e8c23720a209
Signed-off-by: Peter Krystad <pkrystad@codeaurora.org>
Timer that was started at beginning of LE Pairing did not correctly
terminate pairing process when it fired, and was not properly cleaned
up on pairing completion.
Signed-off-by: Brian Gix <bgix@codeaurora.org>
When remote device is connected outside the control of BlueZ, it
needs to be informed of whether the new connection is LE or BR/EDR.
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Enabled ECB Block encoding for Low Energy pairing
Implemented missing components of MGMTOPS interface
Differentiated as needed between BR/EDR pairing and LE pairing
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Conflicts:
net/bluetooth/mgmt.c
SAP profile requires 16 pin length authentication for BT 1.2/2.0
devices as per specification. These changes were present for hciops
pluging, the current changes are for Management operations plugin.
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
This will be useful when userspace wants to restrict some kinds of
operations based on the length of the key size used to encrypt the
link.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
In some cases it will be useful having the key size used for
encrypting the link. For example, some profiles may restrict
some operations depending on the key length.
The key size is stored in the key that is passed to userspace
using the pin_length field in the key structure.
For now this field is only valid for LE controllers. 3.0+HS
controllers define the Read Encryption Key Size command, this
field is intended for storing the value returned by that
command.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
As the LTK (the new type of key being handled now) has more data
associated with it, we need to store this extra data and retrieve
the keys based on that data.
Methods for searching for a key and for adding a new LTK are
introduced here.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
We need these changes because SMP keys may have more information
associated with them, for example, in the LTK case, it has an
encrypted diversifier (ediv) and a random number (rand).
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This adds support for generating and distributing all the keys
specified in the third phase of SMP.
This will make possible to re-establish secure connections, resolve
private addresses and sign commands.
For now, the values generated are random.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
The ERTM receive buffer is now handled in a way that does not require
the busy queue and the associated polling code.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This change moves most L2CAP ERTM receive buffer handling out of the
L2CAP core and in to the socket code. It's up to the higher layer
(the socket code, in this case) to tell the core when its buffer is
full or has space available. The recv op should always accept
incoming ERTM data or else the connection will go down.
Within the socket layer, an skb that does not fit in the socket
receive buffer will be temporarily stored. When the socket is read
from, that skb will be placed in the receive buffer if possible. Once
adequate buffer space becomes available, the L2CAP core is informed
and the ERTM local busy state is cleared.
Receive buffer management for non-ERTM modes is unchanged.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Since we have the extended LMP features properly implemented, we
should check the LMP_HOST_LE bit to know if the host supports LE.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch adds a new module parameter to enable/disable host LE
support. By default host LE support is disabled.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This patch adds a handler to Write LE Host Supported command complete
events. Once this commands has completed successfully, we should
read the extended LMP features and update the extfeatures field in
hci_dev.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
