summaryrefslogtreecommitdiffstats
path: root/net/bluetooth
diff options
context:
space:
mode:
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/Kconfig27
-rw-r--r--net/bluetooth/Makefile4
-rw-r--r--net/bluetooth/af_bluetooth.c6
-rw-r--r--net/bluetooth/hci_conn.c4
-rw-r--r--net/bluetooth/hci_core.c1636
-rw-r--r--net/bluetooth/hci_debugfs.c1076
-rw-r--r--net/bluetooth/hci_debugfs.h26
-rw-r--r--net/bluetooth/hci_event.c71
-rw-r--r--net/bluetooth/hci_request.c555
-rw-r--r--net/bluetooth/hci_request.h54
-rw-r--r--net/bluetooth/mgmt.c265
-rw-r--r--net/bluetooth/rfcomm/core.c4
-rw-r--r--net/bluetooth/selftest.c244
-rw-r--r--net/bluetooth/selftest.h45
-rw-r--r--net/bluetooth/smp.c335
-rw-r--r--net/bluetooth/smp.h13
16 files changed, 2703 insertions, 1662 deletions
diff --git a/net/bluetooth/Kconfig b/net/bluetooth/Kconfig
index 29bcafc41adf..7de74635a110 100644
--- a/net/bluetooth/Kconfig
+++ b/net/bluetooth/Kconfig
@@ -64,4 +64,31 @@ config BT_6LOWPAN
64 help 64 help
65 IPv6 compression over Bluetooth Low Energy. 65 IPv6 compression over Bluetooth Low Energy.
66 66
67config BT_SELFTEST
68 bool "Bluetooth self testing support"
69 depends on BT && DEBUG_KERNEL
70 help
71 Run self tests when initializing the Bluetooth subsystem. This
72 is a developer option and can cause significant delay when booting
73 the system.
74
75 When the Bluetooth subsystem is built as module, then the test
76 cases are run first thing at module load time. When the Bluetooth
77 subsystem is compiled into the kernel image, then the test cases
78 are run late in the initcall hierarchy.
79
80config BT_SELFTEST_ECDH
81 bool "ECDH test cases"
82 depends on BT_LE && BT_SELFTEST
83 help
84 Run test cases for ECDH cryptographic functionality used by the
85 Bluetooth Low Energy Secure Connections feature.
86
87config BT_SELFTEST_SMP
88 bool "SMP test cases"
89 depends on BT_LE && BT_SELFTEST
90 help
91 Run test cases for SMP cryptographic functionality, including both
92 legacy SMP as well as the Secure Connections features.
93
67source "drivers/bluetooth/Kconfig" 94source "drivers/bluetooth/Kconfig"
diff --git a/net/bluetooth/Makefile b/net/bluetooth/Makefile
index a5432a6a0ae6..8e96e3072266 100644
--- a/net/bluetooth/Makefile
+++ b/net/bluetooth/Makefile
@@ -13,6 +13,8 @@ bluetooth_6lowpan-y := 6lowpan.o
13 13
14bluetooth-y := af_bluetooth.o hci_core.o hci_conn.o hci_event.o mgmt.o \ 14bluetooth-y := af_bluetooth.o hci_core.o hci_conn.o hci_event.o mgmt.o \
15 hci_sock.o hci_sysfs.o l2cap_core.o l2cap_sock.o smp.o sco.o lib.o \ 15 hci_sock.o hci_sysfs.o l2cap_core.o l2cap_sock.o smp.o sco.o lib.o \
16 a2mp.o amp.o ecc.o 16 a2mp.o amp.o ecc.o hci_request.o hci_debugfs.o
17
18bluetooth-$(CONFIG_BT_SELFTEST) += selftest.o
17 19
18subdir-ccflags-y += -D__CHECK_ENDIAN__ 20subdir-ccflags-y += -D__CHECK_ENDIAN__
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index 012e3b03589d..ce22e0cfa923 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -31,6 +31,8 @@
31#include <net/bluetooth/bluetooth.h> 31#include <net/bluetooth/bluetooth.h>
32#include <linux/proc_fs.h> 32#include <linux/proc_fs.h>
33 33
34#include "selftest.h"
35
34#define VERSION "2.20" 36#define VERSION "2.20"
35 37
36/* Bluetooth sockets */ 38/* Bluetooth sockets */
@@ -716,6 +718,10 @@ static int __init bt_init(void)
716 718
717 BT_INFO("Core ver %s", VERSION); 719 BT_INFO("Core ver %s", VERSION);
718 720
721 err = bt_selftest();
722 if (err < 0)
723 return err;
724
719 bt_debugfs = debugfs_create_dir("bluetooth", NULL); 725 bt_debugfs = debugfs_create_dir("bluetooth", NULL);
720 726
721 err = bt_sysfs_init(); 727 err = bt_sysfs_init();
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index fe18825cc8a4..75240aaca101 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -25,11 +25,13 @@
25/* Bluetooth HCI connection handling. */ 25/* Bluetooth HCI connection handling. */
26 26
27#include <linux/export.h> 27#include <linux/export.h>
28#include <linux/debugfs.h>
28 29
29#include <net/bluetooth/bluetooth.h> 30#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h> 31#include <net/bluetooth/hci_core.h>
31#include <net/bluetooth/l2cap.h> 32#include <net/bluetooth/l2cap.h>
32 33
34#include "hci_request.h"
33#include "smp.h" 35#include "smp.h"
34#include "a2mp.h" 36#include "a2mp.h"
35 37
@@ -546,6 +548,8 @@ int hci_conn_del(struct hci_conn *conn)
546 548
547 hci_conn_del_sysfs(conn); 549 hci_conn_del_sysfs(conn);
548 550
551 debugfs_remove_recursive(conn->debugfs);
552
549 if (test_bit(HCI_CONN_PARAM_REMOVAL_PEND, &conn->flags)) 553 if (test_bit(HCI_CONN_PARAM_REMOVAL_PEND, &conn->flags))
550 hci_conn_params_del(conn->hdev, &conn->dst, conn->dst_type); 554 hci_conn_params_del(conn->hdev, &conn->dst, conn->dst_type);
551 555
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 5dcacf9607e4..5ef5221c1813 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -37,6 +37,8 @@
37#include <net/bluetooth/l2cap.h> 37#include <net/bluetooth/l2cap.h>
38#include <net/bluetooth/mgmt.h> 38#include <net/bluetooth/mgmt.h>
39 39
40#include "hci_request.h"
41#include "hci_debugfs.h"
40#include "smp.h" 42#include "smp.h"
41 43
42static void hci_rx_work(struct work_struct *work); 44static void hci_rx_work(struct work_struct *work);
@@ -137,938 +139,6 @@ static const struct file_operations dut_mode_fops = {
137 .llseek = default_llseek, 139 .llseek = default_llseek,
138}; 140};
139 141
140static int features_show(struct seq_file *f, void *ptr)
141{
142 struct hci_dev *hdev = f->private;
143 u8 p;
144
145 hci_dev_lock(hdev);
146 for (p = 0; p < HCI_MAX_PAGES && p <= hdev->max_page; p++) {
147 seq_printf(f, "%2u: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
148 "0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n", p,
149 hdev->features[p][0], hdev->features[p][1],
150 hdev->features[p][2], hdev->features[p][3],
151 hdev->features[p][4], hdev->features[p][5],
152 hdev->features[p][6], hdev->features[p][7]);
153 }
154 if (lmp_le_capable(hdev))
155 seq_printf(f, "LE: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
156 "0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n",
157 hdev->le_features[0], hdev->le_features[1],
158 hdev->le_features[2], hdev->le_features[3],
159 hdev->le_features[4], hdev->le_features[5],
160 hdev->le_features[6], hdev->le_features[7]);
161 hci_dev_unlock(hdev);
162
163 return 0;
164}
165
166static int features_open(struct inode *inode, struct file *file)
167{
168 return single_open(file, features_show, inode->i_private);
169}
170
171static const struct file_operations features_fops = {
172 .open = features_open,
173 .read = seq_read,
174 .llseek = seq_lseek,
175 .release = single_release,
176};
177
178static int blacklist_show(struct seq_file *f, void *p)
179{
180 struct hci_dev *hdev = f->private;
181 struct bdaddr_list *b;
182
183 hci_dev_lock(hdev);
184 list_for_each_entry(b, &hdev->blacklist, list)
185 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type);
186 hci_dev_unlock(hdev);
187
188 return 0;
189}
190
191static int blacklist_open(struct inode *inode, struct file *file)
192{
193 return single_open(file, blacklist_show, inode->i_private);
194}
195
196static const struct file_operations blacklist_fops = {
197 .open = blacklist_open,
198 .read = seq_read,
199 .llseek = seq_lseek,
200 .release = single_release,
201};
202
203static int uuids_show(struct seq_file *f, void *p)
204{
205 struct hci_dev *hdev = f->private;
206 struct bt_uuid *uuid;
207
208 hci_dev_lock(hdev);
209 list_for_each_entry(uuid, &hdev->uuids, list) {
210 u8 i, val[16];
211
212 /* The Bluetooth UUID values are stored in big endian,
213 * but with reversed byte order. So convert them into
214 * the right order for the %pUb modifier.
215 */
216 for (i = 0; i < 16; i++)
217 val[i] = uuid->uuid[15 - i];
218
219 seq_printf(f, "%pUb\n", val);
220 }
221 hci_dev_unlock(hdev);
222
223 return 0;
224}
225
226static int uuids_open(struct inode *inode, struct file *file)
227{
228 return single_open(file, uuids_show, inode->i_private);
229}
230
231static const struct file_operations uuids_fops = {
232 .open = uuids_open,
233 .read = seq_read,
234 .llseek = seq_lseek,
235 .release = single_release,
236};
237
238static int inquiry_cache_show(struct seq_file *f, void *p)
239{
240 struct hci_dev *hdev = f->private;
241 struct discovery_state *cache = &hdev->discovery;
242 struct inquiry_entry *e;
243
244 hci_dev_lock(hdev);
245
246 list_for_each_entry(e, &cache->all, all) {
247 struct inquiry_data *data = &e->data;
248 seq_printf(f, "%pMR %d %d %d 0x%.2x%.2x%.2x 0x%.4x %d %d %u\n",
249 &data->bdaddr,
250 data->pscan_rep_mode, data->pscan_period_mode,
251 data->pscan_mode, data->dev_class[2],
252 data->dev_class[1], data->dev_class[0],
253 __le16_to_cpu(data->clock_offset),
254 data->rssi, data->ssp_mode, e->timestamp);
255 }
256
257 hci_dev_unlock(hdev);
258
259 return 0;
260}
261
262static int inquiry_cache_open(struct inode *inode, struct file *file)
263{
264 return single_open(file, inquiry_cache_show, inode->i_private);
265}
266
267static const struct file_operations inquiry_cache_fops = {
268 .open = inquiry_cache_open,
269 .read = seq_read,
270 .llseek = seq_lseek,
271 .release = single_release,
272};
273
274static int link_keys_show(struct seq_file *f, void *ptr)
275{
276 struct hci_dev *hdev = f->private;
277 struct link_key *key;
278
279 rcu_read_lock();
280 list_for_each_entry_rcu(key, &hdev->link_keys, list)
281 seq_printf(f, "%pMR %u %*phN %u\n", &key->bdaddr, key->type,
282 HCI_LINK_KEY_SIZE, key->val, key->pin_len);
283 rcu_read_unlock();
284
285 return 0;
286}
287
288static int link_keys_open(struct inode *inode, struct file *file)
289{
290 return single_open(file, link_keys_show, inode->i_private);
291}
292
293static const struct file_operations link_keys_fops = {
294 .open = link_keys_open,
295 .read = seq_read,
296 .llseek = seq_lseek,
297 .release = single_release,
298};
299
300static int dev_class_show(struct seq_file *f, void *ptr)
301{
302 struct hci_dev *hdev = f->private;
303
304 hci_dev_lock(hdev);
305 seq_printf(f, "0x%.2x%.2x%.2x\n", hdev->dev_class[2],
306 hdev->dev_class[1], hdev->dev_class[0]);
307 hci_dev_unlock(hdev);
308
309 return 0;
310}
311
312static int dev_class_open(struct inode *inode, struct file *file)
313{
314 return single_open(file, dev_class_show, inode->i_private);
315}
316
317static const struct file_operations dev_class_fops = {
318 .open = dev_class_open,
319 .read = seq_read,
320 .llseek = seq_lseek,
321 .release = single_release,
322};
323
324static int voice_setting_get(void *data, u64 *val)
325{
326 struct hci_dev *hdev = data;
327
328 hci_dev_lock(hdev);
329 *val = hdev->voice_setting;
330 hci_dev_unlock(hdev);
331
332 return 0;
333}
334
335DEFINE_SIMPLE_ATTRIBUTE(voice_setting_fops, voice_setting_get,
336 NULL, "0x%4.4llx\n");
337
338static int auto_accept_delay_set(void *data, u64 val)
339{
340 struct hci_dev *hdev = data;
341
342 hci_dev_lock(hdev);
343 hdev->auto_accept_delay = val;
344 hci_dev_unlock(hdev);
345
346 return 0;
347}
348
349static int auto_accept_delay_get(void *data, u64 *val)
350{
351 struct hci_dev *hdev = data;
352
353 hci_dev_lock(hdev);
354 *val = hdev->auto_accept_delay;
355 hci_dev_unlock(hdev);
356
357 return 0;
358}
359
360DEFINE_SIMPLE_ATTRIBUTE(auto_accept_delay_fops, auto_accept_delay_get,
361 auto_accept_delay_set, "%llu\n");
362
363static ssize_t force_sc_support_read(struct file *file, char __user *user_buf,
364 size_t count, loff_t *ppos)
365{
366 struct hci_dev *hdev = file->private_data;
367 char buf[3];
368
369 buf[0] = test_bit(HCI_FORCE_SC, &hdev->dbg_flags) ? 'Y': 'N';
370 buf[1] = '\n';
371 buf[2] = '\0';
372 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
373}
374
375static ssize_t force_sc_support_write(struct file *file,
376 const char __user *user_buf,
377 size_t count, loff_t *ppos)
378{
379 struct hci_dev *hdev = file->private_data;
380 char buf[32];
381 size_t buf_size = min(count, (sizeof(buf)-1));
382 bool enable;
383
384 if (test_bit(HCI_UP, &hdev->flags))
385 return -EBUSY;
386
387 if (copy_from_user(buf, user_buf, buf_size))
388 return -EFAULT;
389
390 buf[buf_size] = '\0';
391 if (strtobool(buf, &enable))
392 return -EINVAL;
393
394 if (enable == test_bit(HCI_FORCE_SC, &hdev->dbg_flags))
395 return -EALREADY;
396
397 change_bit(HCI_FORCE_SC, &hdev->dbg_flags);
398
399 return count;
400}
401
402static const struct file_operations force_sc_support_fops = {
403 .open = simple_open,
404 .read = force_sc_support_read,
405 .write = force_sc_support_write,
406 .llseek = default_llseek,
407};
408
409static ssize_t force_lesc_support_read(struct file *file, char __user *user_buf,
410 size_t count, loff_t *ppos)
411{
412 struct hci_dev *hdev = file->private_data;
413 char buf[3];
414
415 buf[0] = test_bit(HCI_FORCE_LESC, &hdev->dbg_flags) ? 'Y': 'N';
416 buf[1] = '\n';
417 buf[2] = '\0';
418 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
419}
420
421static ssize_t force_lesc_support_write(struct file *file,
422 const char __user *user_buf,
423 size_t count, loff_t *ppos)
424{
425 struct hci_dev *hdev = file->private_data;
426 char buf[32];
427 size_t buf_size = min(count, (sizeof(buf)-1));
428 bool enable;
429
430 if (copy_from_user(buf, user_buf, buf_size))
431 return -EFAULT;
432
433 buf[buf_size] = '\0';
434 if (strtobool(buf, &enable))
435 return -EINVAL;
436
437 if (enable == test_bit(HCI_FORCE_LESC, &hdev->dbg_flags))
438 return -EALREADY;
439
440 change_bit(HCI_FORCE_LESC, &hdev->dbg_flags);
441
442 return count;
443}
444
445static const struct file_operations force_lesc_support_fops = {
446 .open = simple_open,
447 .read = force_lesc_support_read,
448 .write = force_lesc_support_write,
449 .llseek = default_llseek,
450};
451
452static ssize_t sc_only_mode_read(struct file *file, char __user *user_buf,
453 size_t count, loff_t *ppos)
454{
455 struct hci_dev *hdev = file->private_data;
456 char buf[3];
457
458 buf[0] = test_bit(HCI_SC_ONLY, &hdev->dev_flags) ? 'Y': 'N';
459 buf[1] = '\n';
460 buf[2] = '\0';
461 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
462}
463
464static const struct file_operations sc_only_mode_fops = {
465 .open = simple_open,
466 .read = sc_only_mode_read,
467 .llseek = default_llseek,
468};
469
470static int idle_timeout_set(void *data, u64 val)
471{
472 struct hci_dev *hdev = data;
473
474 if (val != 0 && (val < 500 || val > 3600000))
475 return -EINVAL;
476
477 hci_dev_lock(hdev);
478 hdev->idle_timeout = val;
479 hci_dev_unlock(hdev);
480
481 return 0;
482}
483
484static int idle_timeout_get(void *data, u64 *val)
485{
486 struct hci_dev *hdev = data;
487
488 hci_dev_lock(hdev);
489 *val = hdev->idle_timeout;
490 hci_dev_unlock(hdev);
491
492 return 0;
493}
494
495DEFINE_SIMPLE_ATTRIBUTE(idle_timeout_fops, idle_timeout_get,
496 idle_timeout_set, "%llu\n");
497
498static int rpa_timeout_set(void *data, u64 val)
499{
500 struct hci_dev *hdev = data;
501
502 /* Require the RPA timeout to be at least 30 seconds and at most
503 * 24 hours.
504 */
505 if (val < 30 || val > (60 * 60 * 24))
506 return -EINVAL;
507
508 hci_dev_lock(hdev);
509 hdev->rpa_timeout = val;
510 hci_dev_unlock(hdev);
511
512 return 0;
513}
514
515static int rpa_timeout_get(void *data, u64 *val)
516{
517 struct hci_dev *hdev = data;
518
519 hci_dev_lock(hdev);
520 *val = hdev->rpa_timeout;
521 hci_dev_unlock(hdev);
522
523 return 0;
524}
525
526DEFINE_SIMPLE_ATTRIBUTE(rpa_timeout_fops, rpa_timeout_get,
527 rpa_timeout_set, "%llu\n");
528
529static int sniff_min_interval_set(void *data, u64 val)
530{
531 struct hci_dev *hdev = data;
532
533 if (val == 0 || val % 2 || val > hdev->sniff_max_interval)
534 return -EINVAL;
535
536 hci_dev_lock(hdev);
537 hdev->sniff_min_interval = val;
538 hci_dev_unlock(hdev);
539
540 return 0;
541}
542
543static int sniff_min_interval_get(void *data, u64 *val)
544{
545 struct hci_dev *hdev = data;
546
547 hci_dev_lock(hdev);
548 *val = hdev->sniff_min_interval;
549 hci_dev_unlock(hdev);
550
551 return 0;
552}
553
554DEFINE_SIMPLE_ATTRIBUTE(sniff_min_interval_fops, sniff_min_interval_get,
555 sniff_min_interval_set, "%llu\n");
556
557static int sniff_max_interval_set(void *data, u64 val)
558{
559 struct hci_dev *hdev = data;
560
561 if (val == 0 || val % 2 || val < hdev->sniff_min_interval)
562 return -EINVAL;
563
564 hci_dev_lock(hdev);
565 hdev->sniff_max_interval = val;
566 hci_dev_unlock(hdev);
567
568 return 0;
569}
570
571static int sniff_max_interval_get(void *data, u64 *val)
572{
573 struct hci_dev *hdev = data;
574
575 hci_dev_lock(hdev);
576 *val = hdev->sniff_max_interval;
577 hci_dev_unlock(hdev);
578
579 return 0;
580}
581
582DEFINE_SIMPLE_ATTRIBUTE(sniff_max_interval_fops, sniff_max_interval_get,
583 sniff_max_interval_set, "%llu\n");
584
585static int conn_info_min_age_set(void *data, u64 val)
586{
587 struct hci_dev *hdev = data;
588
589 if (val == 0 || val > hdev->conn_info_max_age)
590 return -EINVAL;
591
592 hci_dev_lock(hdev);
593 hdev->conn_info_min_age = val;
594 hci_dev_unlock(hdev);
595
596 return 0;
597}
598
599static int conn_info_min_age_get(void *data, u64 *val)
600{
601 struct hci_dev *hdev = data;
602
603 hci_dev_lock(hdev);
604 *val = hdev->conn_info_min_age;
605 hci_dev_unlock(hdev);
606
607 return 0;
608}
609
610DEFINE_SIMPLE_ATTRIBUTE(conn_info_min_age_fops, conn_info_min_age_get,
611 conn_info_min_age_set, "%llu\n");
612
613static int conn_info_max_age_set(void *data, u64 val)
614{
615 struct hci_dev *hdev = data;
616
617 if (val == 0 || val < hdev->conn_info_min_age)
618 return -EINVAL;
619
620 hci_dev_lock(hdev);
621 hdev->conn_info_max_age = val;
622 hci_dev_unlock(hdev);
623
624 return 0;
625}
626
627static int conn_info_max_age_get(void *data, u64 *val)
628{
629 struct hci_dev *hdev = data;
630
631 hci_dev_lock(hdev);
632 *val = hdev->conn_info_max_age;
633 hci_dev_unlock(hdev);
634
635 return 0;
636}
637
638DEFINE_SIMPLE_ATTRIBUTE(conn_info_max_age_fops, conn_info_max_age_get,
639 conn_info_max_age_set, "%llu\n");
640
641static int identity_show(struct seq_file *f, void *p)
642{
643 struct hci_dev *hdev = f->private;
644 bdaddr_t addr;
645 u8 addr_type;
646
647 hci_dev_lock(hdev);
648
649 hci_copy_identity_address(hdev, &addr, &addr_type);
650
651 seq_printf(f, "%pMR (type %u) %*phN %pMR\n", &addr, addr_type,
652 16, hdev->irk, &hdev->rpa);
653
654 hci_dev_unlock(hdev);
655
656 return 0;
657}
658
659static int identity_open(struct inode *inode, struct file *file)
660{
661 return single_open(file, identity_show, inode->i_private);
662}
663
664static const struct file_operations identity_fops = {
665 .open = identity_open,
666 .read = seq_read,
667 .llseek = seq_lseek,
668 .release = single_release,
669};
670
671static int random_address_show(struct seq_file *f, void *p)
672{
673 struct hci_dev *hdev = f->private;
674
675 hci_dev_lock(hdev);
676 seq_printf(f, "%pMR\n", &hdev->random_addr);
677 hci_dev_unlock(hdev);
678
679 return 0;
680}
681
682static int random_address_open(struct inode *inode, struct file *file)
683{
684 return single_open(file, random_address_show, inode->i_private);
685}
686
687static const struct file_operations random_address_fops = {
688 .open = random_address_open,
689 .read = seq_read,
690 .llseek = seq_lseek,
691 .release = single_release,
692};
693
694static int static_address_show(struct seq_file *f, void *p)
695{
696 struct hci_dev *hdev = f->private;
697
698 hci_dev_lock(hdev);
699 seq_printf(f, "%pMR\n", &hdev->static_addr);
700 hci_dev_unlock(hdev);
701
702 return 0;
703}
704
705static int static_address_open(struct inode *inode, struct file *file)
706{
707 return single_open(file, static_address_show, inode->i_private);
708}
709
710static const struct file_operations static_address_fops = {
711 .open = static_address_open,
712 .read = seq_read,
713 .llseek = seq_lseek,
714 .release = single_release,
715};
716
717static ssize_t force_static_address_read(struct file *file,
718 char __user *user_buf,
719 size_t count, loff_t *ppos)
720{
721 struct hci_dev *hdev = file->private_data;
722 char buf[3];
723
724 buf[0] = test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags) ? 'Y': 'N';
725 buf[1] = '\n';
726 buf[2] = '\0';
727 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
728}
729
730static ssize_t force_static_address_write(struct file *file,
731 const char __user *user_buf,
732 size_t count, loff_t *ppos)
733{
734 struct hci_dev *hdev = file->private_data;
735 char buf[32];
736 size_t buf_size = min(count, (sizeof(buf)-1));
737 bool enable;
738
739 if (test_bit(HCI_UP, &hdev->flags))
740 return -EBUSY;
741
742 if (copy_from_user(buf, user_buf, buf_size))
743 return -EFAULT;
744
745 buf[buf_size] = '\0';
746 if (strtobool(buf, &enable))
747 return -EINVAL;
748
749 if (enable == test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags))
750 return -EALREADY;
751
752 change_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags);
753
754 return count;
755}
756
757static const struct file_operations force_static_address_fops = {
758 .open = simple_open,
759 .read = force_static_address_read,
760 .write = force_static_address_write,
761 .llseek = default_llseek,
762};
763
764static int white_list_show(struct seq_file *f, void *ptr)
765{
766 struct hci_dev *hdev = f->private;
767 struct bdaddr_list *b;
768
769 hci_dev_lock(hdev);
770 list_for_each_entry(b, &hdev->le_white_list, list)
771 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type);
772 hci_dev_unlock(hdev);
773
774 return 0;
775}
776
777static int white_list_open(struct inode *inode, struct file *file)
778{
779 return single_open(file, white_list_show, inode->i_private);
780}
781
782static const struct file_operations white_list_fops = {
783 .open = white_list_open,
784 .read = seq_read,
785 .llseek = seq_lseek,
786 .release = single_release,
787};
788
789static int identity_resolving_keys_show(struct seq_file *f, void *ptr)
790{
791 struct hci_dev *hdev = f->private;
792 struct smp_irk *irk;
793
794 rcu_read_lock();
795 list_for_each_entry_rcu(irk, &hdev->identity_resolving_keys, list) {
796 seq_printf(f, "%pMR (type %u) %*phN %pMR\n",
797 &irk->bdaddr, irk->addr_type,
798 16, irk->val, &irk->rpa);
799 }
800 rcu_read_unlock();
801
802 return 0;
803}
804
805static int identity_resolving_keys_open(struct inode *inode, struct file *file)
806{
807 return single_open(file, identity_resolving_keys_show,
808 inode->i_private);
809}
810
811static const struct file_operations identity_resolving_keys_fops = {
812 .open = identity_resolving_keys_open,
813 .read = seq_read,
814 .llseek = seq_lseek,
815 .release = single_release,
816};
817
818static int long_term_keys_show(struct seq_file *f, void *ptr)
819{
820 struct hci_dev *hdev = f->private;
821 struct smp_ltk *ltk;
822
823 rcu_read_lock();
824 list_for_each_entry_rcu(ltk, &hdev->long_term_keys, list)
825 seq_printf(f, "%pMR (type %u) %u 0x%02x %u %.4x %.16llx %*phN\n",
826 &ltk->bdaddr, ltk->bdaddr_type, ltk->authenticated,
827 ltk->type, ltk->enc_size, __le16_to_cpu(ltk->ediv),
828 __le64_to_cpu(ltk->rand), 16, ltk->val);
829 rcu_read_unlock();
830
831 return 0;
832}
833
834static int long_term_keys_open(struct inode *inode, struct file *file)
835{
836 return single_open(file, long_term_keys_show, inode->i_private);
837}
838
839static const struct file_operations long_term_keys_fops = {
840 .open = long_term_keys_open,
841 .read = seq_read,
842 .llseek = seq_lseek,
843 .release = single_release,
844};
845
846static int conn_min_interval_set(void *data, u64 val)
847{
848 struct hci_dev *hdev = data;
849
850 if (val < 0x0006 || val > 0x0c80 || val > hdev->le_conn_max_interval)
851 return -EINVAL;
852
853 hci_dev_lock(hdev);
854 hdev->le_conn_min_interval = val;
855 hci_dev_unlock(hdev);
856
857 return 0;
858}
859
860static int conn_min_interval_get(void *data, u64 *val)
861{
862 struct hci_dev *hdev = data;
863
864 hci_dev_lock(hdev);
865 *val = hdev->le_conn_min_interval;
866 hci_dev_unlock(hdev);
867
868 return 0;
869}
870
871DEFINE_SIMPLE_ATTRIBUTE(conn_min_interval_fops, conn_min_interval_get,
872 conn_min_interval_set, "%llu\n");
873
874static int conn_max_interval_set(void *data, u64 val)
875{
876 struct hci_dev *hdev = data;
877
878 if (val < 0x0006 || val > 0x0c80 || val < hdev->le_conn_min_interval)
879 return -EINVAL;
880
881 hci_dev_lock(hdev);
882 hdev->le_conn_max_interval = val;
883 hci_dev_unlock(hdev);
884
885 return 0;
886}
887
888static int conn_max_interval_get(void *data, u64 *val)
889{
890 struct hci_dev *hdev = data;
891
892 hci_dev_lock(hdev);
893 *val = hdev->le_conn_max_interval;
894 hci_dev_unlock(hdev);
895
896 return 0;
897}
898
899DEFINE_SIMPLE_ATTRIBUTE(conn_max_interval_fops, conn_max_interval_get,
900 conn_max_interval_set, "%llu\n");
901
902static int conn_latency_set(void *data, u64 val)
903{
904 struct hci_dev *hdev = data;
905
906 if (val > 0x01f3)
907 return -EINVAL;
908
909 hci_dev_lock(hdev);
910 hdev->le_conn_latency = val;
911 hci_dev_unlock(hdev);
912
913 return 0;
914}
915
916static int conn_latency_get(void *data, u64 *val)
917{
918 struct hci_dev *hdev = data;
919
920 hci_dev_lock(hdev);
921 *val = hdev->le_conn_latency;
922 hci_dev_unlock(hdev);
923
924 return 0;
925}
926
927DEFINE_SIMPLE_ATTRIBUTE(conn_latency_fops, conn_latency_get,
928 conn_latency_set, "%llu\n");
929
930static int supervision_timeout_set(void *data, u64 val)
931{
932 struct hci_dev *hdev = data;
933
934 if (val < 0x000a || val > 0x0c80)
935 return -EINVAL;
936
937 hci_dev_lock(hdev);
938 hdev->le_supv_timeout = val;
939 hci_dev_unlock(hdev);
940
941 return 0;
942}
943
944static int supervision_timeout_get(void *data, u64 *val)
945{
946 struct hci_dev *hdev = data;
947
948 hci_dev_lock(hdev);
949 *val = hdev->le_supv_timeout;
950 hci_dev_unlock(hdev);
951
952 return 0;
953}
954
955DEFINE_SIMPLE_ATTRIBUTE(supervision_timeout_fops, supervision_timeout_get,
956 supervision_timeout_set, "%llu\n");
957
958static int adv_channel_map_set(void *data, u64 val)
959{
960 struct hci_dev *hdev = data;
961
962 if (val < 0x01 || val > 0x07)
963 return -EINVAL;
964
965 hci_dev_lock(hdev);
966 hdev->le_adv_channel_map = val;
967 hci_dev_unlock(hdev);
968
969 return 0;
970}
971
972static int adv_channel_map_get(void *data, u64 *val)
973{
974 struct hci_dev *hdev = data;
975
976 hci_dev_lock(hdev);
977 *val = hdev->le_adv_channel_map;
978 hci_dev_unlock(hdev);
979
980 return 0;
981}
982
983DEFINE_SIMPLE_ATTRIBUTE(adv_channel_map_fops, adv_channel_map_get,
984 adv_channel_map_set, "%llu\n");
985
986static int adv_min_interval_set(void *data, u64 val)
987{
988 struct hci_dev *hdev = data;
989
990 if (val < 0x0020 || val > 0x4000 || val > hdev->le_adv_max_interval)
991 return -EINVAL;
992
993 hci_dev_lock(hdev);
994 hdev->le_adv_min_interval = val;
995 hci_dev_unlock(hdev);
996
997 return 0;
998}
999
1000static int adv_min_interval_get(void *data, u64 *val)
1001{
1002 struct hci_dev *hdev = data;
1003
1004 hci_dev_lock(hdev);
1005 *val = hdev->le_adv_min_interval;
1006 hci_dev_unlock(hdev);
1007
1008 return 0;
1009}
1010
1011DEFINE_SIMPLE_ATTRIBUTE(adv_min_interval_fops, adv_min_interval_get,
1012 adv_min_interval_set, "%llu\n");
1013
1014static int adv_max_interval_set(void *data, u64 val)
1015{
1016 struct hci_dev *hdev = data;
1017
1018 if (val < 0x0020 || val > 0x4000 || val < hdev->le_adv_min_interval)
1019 return -EINVAL;
1020
1021 hci_dev_lock(hdev);
1022 hdev->le_adv_max_interval = val;
1023 hci_dev_unlock(hdev);
1024
1025 return 0;
1026}
1027
1028static int adv_max_interval_get(void *data, u64 *val)
1029{
1030 struct hci_dev *hdev = data;
1031
1032 hci_dev_lock(hdev);
1033 *val = hdev->le_adv_max_interval;
1034 hci_dev_unlock(hdev);
1035
1036 return 0;
1037}
1038
1039DEFINE_SIMPLE_ATTRIBUTE(adv_max_interval_fops, adv_max_interval_get,
1040 adv_max_interval_set, "%llu\n");
1041
1042static int device_list_show(struct seq_file *f, void *ptr)
1043{
1044 struct hci_dev *hdev = f->private;
1045 struct hci_conn_params *p;
1046 struct bdaddr_list *b;
1047
1048 hci_dev_lock(hdev);
1049 list_for_each_entry(b, &hdev->whitelist, list)
1050 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type);
1051 list_for_each_entry(p, &hdev->le_conn_params, list) {
1052 seq_printf(f, "%pMR (type %u) %u\n", &p->addr, p->addr_type,
1053 p->auto_connect);
1054 }
1055 hci_dev_unlock(hdev);
1056
1057 return 0;
1058}
1059
1060static int device_list_open(struct inode *inode, struct file *file)
1061{
1062 return single_open(file, device_list_show, inode->i_private);
1063}
1064
1065static const struct file_operations device_list_fops = {
1066 .open = device_list_open,
1067 .read = seq_read,
1068 .llseek = seq_lseek,
1069 .release = single_release,
1070};
1071
1072/* ---- HCI requests ---- */ 142/* ---- HCI requests ---- */
1073 143
1074static void hci_req_sync_complete(struct hci_dev *hdev, u8 result) 144static void hci_req_sync_complete(struct hci_dev *hdev, u8 result)
@@ -1553,10 +623,16 @@ static void hci_init2_req(struct hci_request *req, unsigned long opt)
1553 if (lmp_le_capable(hdev)) 623 if (lmp_le_capable(hdev))
1554 le_setup(req); 624 le_setup(req);
1555 625
1556 /* AVM Berlin (31), aka "BlueFRITZ!", doesn't support the read 626 /* All Bluetooth 1.2 and later controllers should support the
1557 * local supported commands HCI command. 627 * HCI command for reading the local supported commands.
628 *
629 * Unfortunately some controllers indicate Bluetooth 1.2 support,
630 * but do not have support for this command. If that is the case,
631 * the driver can quirk the behavior and skip reading the local
632 * supported commands.
1558 */ 633 */
1559 if (hdev->manufacturer != 31 && hdev->hci_ver > BLUETOOTH_VER_1_1) 634 if (hdev->hci_ver > BLUETOOTH_VER_1_1 &&
635 !test_bit(HCI_QUIRK_BROKEN_LOCAL_COMMANDS, &hdev->quirks))
1560 hci_req_add(req, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL); 636 hci_req_add(req, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
1561 637
1562 if (lmp_ssp_capable(hdev)) { 638 if (lmp_ssp_capable(hdev)) {
@@ -1735,6 +811,12 @@ static void hci_init3_req(struct hci_request *req, unsigned long opt)
1735 * Parameter Request 811 * Parameter Request
1736 */ 812 */
1737 813
814 /* If the controller supports the Data Length Extension
815 * feature, enable the corresponding event.
816 */
817 if (hdev->le_features[0] & HCI_LE_DATA_LEN_EXT)
818 events[0] |= 0x40; /* LE Data Length Change */
819
1738 /* If the controller supports Extended Scanner Filter 820 /* If the controller supports Extended Scanner Filter
1739 * Policies, enable the correspondig event. 821 * Policies, enable the correspondig event.
1740 */ 822 */
@@ -1765,6 +847,14 @@ static void hci_init3_req(struct hci_request *req, unsigned long opt)
1765 hci_req_add(req, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL); 847 hci_req_add(req, HCI_OP_LE_READ_ADV_TX_POWER, 0, NULL);
1766 } 848 }
1767 849
850 if (hdev->le_features[0] & HCI_LE_DATA_LEN_EXT) {
851 /* Read LE Maximum Data Length */
852 hci_req_add(req, HCI_OP_LE_READ_MAX_DATA_LEN, 0, NULL);
853
854 /* Read LE Suggested Default Data Length */
855 hci_req_add(req, HCI_OP_LE_READ_DEF_DATA_LEN, 0, NULL);
856 }
857
1768 hci_set_le_support(req); 858 hci_set_le_support(req);
1769 } 859 }
1770 860
@@ -1847,102 +937,13 @@ static int __hci_init(struct hci_dev *hdev)
1847 if (!test_bit(HCI_SETUP, &hdev->dev_flags)) 937 if (!test_bit(HCI_SETUP, &hdev->dev_flags))
1848 return 0; 938 return 0;
1849 939
1850 debugfs_create_file("features", 0444, hdev->debugfs, hdev, 940 hci_debugfs_create_common(hdev);
1851 &features_fops);
1852 debugfs_create_u16("manufacturer", 0444, hdev->debugfs,
1853 &hdev->manufacturer);
1854 debugfs_create_u8("hci_version", 0444, hdev->debugfs, &hdev->hci_ver);
1855 debugfs_create_u16("hci_revision", 0444, hdev->debugfs, &hdev->hci_rev);
1856 debugfs_create_file("device_list", 0444, hdev->debugfs, hdev,
1857 &device_list_fops);
1858 debugfs_create_file("blacklist", 0444, hdev->debugfs, hdev,
1859 &blacklist_fops);
1860 debugfs_create_file("uuids", 0444, hdev->debugfs, hdev, &uuids_fops);
1861
1862 debugfs_create_file("conn_info_min_age", 0644, hdev->debugfs, hdev,
1863 &conn_info_min_age_fops);
1864 debugfs_create_file("conn_info_max_age", 0644, hdev->debugfs, hdev,
1865 &conn_info_max_age_fops);
1866
1867 if (lmp_bredr_capable(hdev)) {
1868 debugfs_create_file("inquiry_cache", 0444, hdev->debugfs,
1869 hdev, &inquiry_cache_fops);
1870 debugfs_create_file("link_keys", 0400, hdev->debugfs,
1871 hdev, &link_keys_fops);
1872 debugfs_create_file("dev_class", 0444, hdev->debugfs,
1873 hdev, &dev_class_fops);
1874 debugfs_create_file("voice_setting", 0444, hdev->debugfs,
1875 hdev, &voice_setting_fops);
1876 }
1877 941
1878 if (lmp_ssp_capable(hdev)) { 942 if (lmp_bredr_capable(hdev))
1879 debugfs_create_file("auto_accept_delay", 0644, hdev->debugfs, 943 hci_debugfs_create_bredr(hdev);
1880 hdev, &auto_accept_delay_fops);
1881 debugfs_create_file("force_sc_support", 0644, hdev->debugfs,
1882 hdev, &force_sc_support_fops);
1883 debugfs_create_file("sc_only_mode", 0444, hdev->debugfs,
1884 hdev, &sc_only_mode_fops);
1885 if (lmp_le_capable(hdev))
1886 debugfs_create_file("force_lesc_support", 0644,
1887 hdev->debugfs, hdev,
1888 &force_lesc_support_fops);
1889 }
1890
1891 if (lmp_sniff_capable(hdev)) {
1892 debugfs_create_file("idle_timeout", 0644, hdev->debugfs,
1893 hdev, &idle_timeout_fops);
1894 debugfs_create_file("sniff_min_interval", 0644, hdev->debugfs,
1895 hdev, &sniff_min_interval_fops);
1896 debugfs_create_file("sniff_max_interval", 0644, hdev->debugfs,
1897 hdev, &sniff_max_interval_fops);
1898 }
1899 944
1900 if (lmp_le_capable(hdev)) { 945 if (lmp_le_capable(hdev)) {
1901 debugfs_create_file("identity", 0400, hdev->debugfs, 946 hci_debugfs_create_le(hdev);
1902 hdev, &identity_fops);
1903 debugfs_create_file("rpa_timeout", 0644, hdev->debugfs,
1904 hdev, &rpa_timeout_fops);
1905 debugfs_create_file("random_address", 0444, hdev->debugfs,
1906 hdev, &random_address_fops);
1907 debugfs_create_file("static_address", 0444, hdev->debugfs,
1908 hdev, &static_address_fops);
1909
1910 /* For controllers with a public address, provide a debug
1911 * option to force the usage of the configured static
1912 * address. By default the public address is used.
1913 */
1914 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
1915 debugfs_create_file("force_static_address", 0644,
1916 hdev->debugfs, hdev,
1917 &force_static_address_fops);
1918
1919 debugfs_create_u8("white_list_size", 0444, hdev->debugfs,
1920 &hdev->le_white_list_size);
1921 debugfs_create_file("white_list", 0444, hdev->debugfs, hdev,
1922 &white_list_fops);
1923 debugfs_create_file("identity_resolving_keys", 0400,
1924 hdev->debugfs, hdev,
1925 &identity_resolving_keys_fops);
1926 debugfs_create_file("long_term_keys", 0400, hdev->debugfs,
1927 hdev, &long_term_keys_fops);
1928 debugfs_create_file("conn_min_interval", 0644, hdev->debugfs,
1929 hdev, &conn_min_interval_fops);
1930 debugfs_create_file("conn_max_interval", 0644, hdev->debugfs,
1931 hdev, &conn_max_interval_fops);
1932 debugfs_create_file("conn_latency", 0644, hdev->debugfs,
1933 hdev, &conn_latency_fops);
1934 debugfs_create_file("supervision_timeout", 0644, hdev->debugfs,
1935 hdev, &supervision_timeout_fops);
1936 debugfs_create_file("adv_channel_map", 0644, hdev->debugfs,
1937 hdev, &adv_channel_map_fops);
1938 debugfs_create_file("adv_min_interval", 0644, hdev->debugfs,
1939 hdev, &adv_min_interval_fops);
1940 debugfs_create_file("adv_max_interval", 0644, hdev->debugfs,
1941 hdev, &adv_max_interval_fops);
1942 debugfs_create_u16("discov_interleaved_timeout", 0644,
1943 hdev->debugfs,
1944 &hdev->discov_interleaved_timeout);
1945
1946 smp_register(hdev); 947 smp_register(hdev);
1947 } 948 }
1948 949
@@ -3659,23 +2660,6 @@ struct hci_conn_params *hci_conn_params_lookup(struct hci_dev *hdev,
3659 return NULL; 2660 return NULL;
3660} 2661}
3661 2662
3662static bool is_connected(struct hci_dev *hdev, bdaddr_t *addr, u8 type)
3663{
3664 struct hci_conn *conn;
3665
3666 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, addr);
3667 if (!conn)
3668 return false;
3669
3670 if (conn->dst_type != type)
3671 return false;
3672
3673 if (conn->state != BT_CONNECTED)
3674 return false;
3675
3676 return true;
3677}
3678
3679/* This function requires the caller holds hdev->lock */ 2663/* This function requires the caller holds hdev->lock */
3680struct hci_conn_params *hci_pend_le_action_lookup(struct list_head *list, 2664struct hci_conn_params *hci_pend_le_action_lookup(struct list_head *list,
3681 bdaddr_t *addr, u8 addr_type) 2665 bdaddr_t *addr, u8 addr_type)
@@ -3731,47 +2715,6 @@ struct hci_conn_params *hci_conn_params_add(struct hci_dev *hdev,
3731 return params; 2715 return params;
3732} 2716}
3733 2717
3734/* This function requires the caller holds hdev->lock */
3735int hci_conn_params_set(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type,
3736 u8 auto_connect)
3737{
3738 struct hci_conn_params *params;
3739
3740 params = hci_conn_params_add(hdev, addr, addr_type);
3741 if (!params)
3742 return -EIO;
3743
3744 if (params->auto_connect == auto_connect)
3745 return 0;
3746
3747 list_del_init(&params->action);
3748
3749 switch (auto_connect) {
3750 case HCI_AUTO_CONN_DISABLED:
3751 case HCI_AUTO_CONN_LINK_LOSS:
3752 hci_update_background_scan(hdev);
3753 break;
3754 case HCI_AUTO_CONN_REPORT:
3755 list_add(&params->action, &hdev->pend_le_reports);
3756 hci_update_background_scan(hdev);
3757 break;
3758 case HCI_AUTO_CONN_DIRECT:
3759 case HCI_AUTO_CONN_ALWAYS:
3760 if (!is_connected(hdev, addr, addr_type)) {
3761 list_add(&params->action, &hdev->pend_le_conns);
3762 hci_update_background_scan(hdev);
3763 }
3764 break;
3765 }
3766
3767 params->auto_connect = auto_connect;
3768
3769 BT_DBG("addr %pMR (type %u) auto_connect %u", addr, addr_type,
3770 auto_connect);
3771
3772 return 0;
3773}
3774
3775static void hci_conn_params_free(struct hci_conn_params *params) 2718static void hci_conn_params_free(struct hci_conn_params *params)
3776{ 2719{
3777 if (params->conn) { 2720 if (params->conn) {
@@ -3901,112 +2844,6 @@ static void le_scan_disable_work(struct work_struct *work)
3901 BT_ERR("Disable LE scanning request failed: err %d", err); 2844 BT_ERR("Disable LE scanning request failed: err %d", err);
3902} 2845}
3903 2846
3904static void set_random_addr(struct hci_request *req, bdaddr_t *rpa)
3905{
3906 struct hci_dev *hdev = req->hdev;
3907
3908 /* If we're advertising or initiating an LE connection we can't
3909 * go ahead and change the random address at this time. This is
3910 * because the eventual initiator address used for the
3911 * subsequently created connection will be undefined (some
3912 * controllers use the new address and others the one we had
3913 * when the operation started).
3914 *
3915 * In this kind of scenario skip the update and let the random
3916 * address be updated at the next cycle.
3917 */
3918 if (test_bit(HCI_LE_ADV, &hdev->dev_flags) ||
3919 hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT)) {
3920 BT_DBG("Deferring random address update");
3921 set_bit(HCI_RPA_EXPIRED, &hdev->dev_flags);
3922 return;
3923 }
3924
3925 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6, rpa);
3926}
3927
3928int hci_update_random_address(struct hci_request *req, bool require_privacy,
3929 u8 *own_addr_type)
3930{
3931 struct hci_dev *hdev = req->hdev;
3932 int err;
3933
3934 /* If privacy is enabled use a resolvable private address. If
3935 * current RPA has expired or there is something else than
3936 * the current RPA in use, then generate a new one.
3937 */
3938 if (test_bit(HCI_PRIVACY, &hdev->dev_flags)) {
3939 int to;
3940
3941 *own_addr_type = ADDR_LE_DEV_RANDOM;
3942
3943 if (!test_and_clear_bit(HCI_RPA_EXPIRED, &hdev->dev_flags) &&
3944 !bacmp(&hdev->random_addr, &hdev->rpa))
3945 return 0;
3946
3947 err = smp_generate_rpa(hdev, hdev->irk, &hdev->rpa);
3948 if (err < 0) {
3949 BT_ERR("%s failed to generate new RPA", hdev->name);
3950 return err;
3951 }
3952
3953 set_random_addr(req, &hdev->rpa);
3954
3955 to = msecs_to_jiffies(hdev->rpa_timeout * 1000);
3956 queue_delayed_work(hdev->workqueue, &hdev->rpa_expired, to);
3957
3958 return 0;
3959 }
3960
3961 /* In case of required privacy without resolvable private address,
3962 * use an non-resolvable private address. This is useful for active
3963 * scanning and non-connectable advertising.
3964 */
3965 if (require_privacy) {
3966 bdaddr_t nrpa;
3967
3968 while (true) {
3969 /* The non-resolvable private address is generated
3970 * from random six bytes with the two most significant
3971 * bits cleared.
3972 */
3973 get_random_bytes(&nrpa, 6);
3974 nrpa.b[5] &= 0x3f;
3975
3976 /* The non-resolvable private address shall not be
3977 * equal to the public address.
3978 */
3979 if (bacmp(&hdev->bdaddr, &nrpa))
3980 break;
3981 }
3982
3983 *own_addr_type = ADDR_LE_DEV_RANDOM;
3984 set_random_addr(req, &nrpa);
3985 return 0;
3986 }
3987
3988 /* If forcing static address is in use or there is no public
3989 * address use the static address as random address (but skip
3990 * the HCI command if the current random address is already the
3991 * static one.
3992 */
3993 if (test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags) ||
3994 !bacmp(&hdev->bdaddr, BDADDR_ANY)) {
3995 *own_addr_type = ADDR_LE_DEV_RANDOM;
3996 if (bacmp(&hdev->static_addr, &hdev->random_addr))
3997 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6,
3998 &hdev->static_addr);
3999 return 0;
4000 }
4001
4002 /* Neither privacy nor static address is being used so use a
4003 * public address.
4004 */
4005 *own_addr_type = ADDR_LE_DEV_PUBLIC;
4006
4007 return 0;
4008}
4009
4010/* Copy the Identity Address of the controller. 2847/* Copy the Identity Address of the controller.
4011 * 2848 *
4012 * If the controller has a public BD_ADDR, then by default use that one. 2849 * If the controller has a public BD_ADDR, then by default use that one.
@@ -4015,12 +2852,18 @@ int hci_update_random_address(struct hci_request *req, bool require_privacy,
4015 * 2852 *
4016 * For debugging purposes it is possible to force controllers with a 2853 * For debugging purposes it is possible to force controllers with a
4017 * public address to use the static random address instead. 2854 * public address to use the static random address instead.
2855 *
2856 * In case BR/EDR has been disabled on a dual-mode controller and
2857 * userspace has configured a static address, then that address
2858 * becomes the identity address instead of the public BR/EDR address.
4018 */ 2859 */
4019void hci_copy_identity_address(struct hci_dev *hdev, bdaddr_t *bdaddr, 2860void hci_copy_identity_address(struct hci_dev *hdev, bdaddr_t *bdaddr,
4020 u8 *bdaddr_type) 2861 u8 *bdaddr_type)
4021{ 2862{
4022 if (test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags) || 2863 if (test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags) ||
4023 !bacmp(&hdev->bdaddr, BDADDR_ANY)) { 2864 !bacmp(&hdev->bdaddr, BDADDR_ANY) ||
2865 (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) &&
2866 bacmp(&hdev->static_addr, BDADDR_ANY))) {
4024 bacpy(bdaddr, &hdev->static_addr); 2867 bacpy(bdaddr, &hdev->static_addr);
4025 *bdaddr_type = ADDR_LE_DEV_RANDOM; 2868 *bdaddr_type = ADDR_LE_DEV_RANDOM;
4026 } else { 2869 } else {
@@ -4059,6 +2902,12 @@ struct hci_dev *hci_alloc_dev(void)
4059 hdev->le_conn_max_interval = 0x0038; 2902 hdev->le_conn_max_interval = 0x0038;
4060 hdev->le_conn_latency = 0x0000; 2903 hdev->le_conn_latency = 0x0000;
4061 hdev->le_supv_timeout = 0x002a; 2904 hdev->le_supv_timeout = 0x002a;
2905 hdev->le_def_tx_len = 0x001b;
2906 hdev->le_def_tx_time = 0x0148;
2907 hdev->le_max_tx_len = 0x001b;
2908 hdev->le_max_tx_time = 0x0148;
2909 hdev->le_max_rx_len = 0x001b;
2910 hdev->le_max_rx_time = 0x0148;
4062 2911
4063 hdev->rpa_timeout = HCI_DEFAULT_RPA_TIMEOUT; 2912 hdev->rpa_timeout = HCI_DEFAULT_RPA_TIMEOUT;
4064 hdev->discov_interleaved_timeout = DISCOV_INTERLEAVED_TIMEOUT; 2913 hdev->discov_interleaved_timeout = DISCOV_INTERLEAVED_TIMEOUT;
@@ -4539,76 +3388,11 @@ static void hci_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
4539 } 3388 }
4540} 3389}
4541 3390
4542void hci_req_init(struct hci_request *req, struct hci_dev *hdev)
4543{
4544 skb_queue_head_init(&req->cmd_q);
4545 req->hdev = hdev;
4546 req->err = 0;
4547}
4548
4549int hci_req_run(struct hci_request *req, hci_req_complete_t complete)
4550{
4551 struct hci_dev *hdev = req->hdev;
4552 struct sk_buff *skb;
4553 unsigned long flags;
4554
4555 BT_DBG("length %u", skb_queue_len(&req->cmd_q));
4556
4557 /* If an error occurred during request building, remove all HCI
4558 * commands queued on the HCI request queue.
4559 */
4560 if (req->err) {
4561 skb_queue_purge(&req->cmd_q);
4562 return req->err;
4563 }
4564
4565 /* Do not allow empty requests */
4566 if (skb_queue_empty(&req->cmd_q))
4567 return -ENODATA;
4568
4569 skb = skb_peek_tail(&req->cmd_q);
4570 bt_cb(skb)->req.complete = complete;
4571
4572 spin_lock_irqsave(&hdev->cmd_q.lock, flags);
4573 skb_queue_splice_tail(&req->cmd_q, &hdev->cmd_q);
4574 spin_unlock_irqrestore(&hdev->cmd_q.lock, flags);
4575
4576 queue_work(hdev->workqueue, &hdev->cmd_work);
4577
4578 return 0;
4579}
4580
4581bool hci_req_pending(struct hci_dev *hdev) 3391bool hci_req_pending(struct hci_dev *hdev)
4582{ 3392{
4583 return (hdev->req_status == HCI_REQ_PEND); 3393 return (hdev->req_status == HCI_REQ_PEND);
4584} 3394}
4585 3395
4586static struct sk_buff *hci_prepare_cmd(struct hci_dev *hdev, u16 opcode,
4587 u32 plen, const void *param)
4588{
4589 int len = HCI_COMMAND_HDR_SIZE + plen;
4590 struct hci_command_hdr *hdr;
4591 struct sk_buff *skb;
4592
4593 skb = bt_skb_alloc(len, GFP_ATOMIC);
4594 if (!skb)
4595 return NULL;
4596
4597 hdr = (struct hci_command_hdr *) skb_put(skb, HCI_COMMAND_HDR_SIZE);
4598 hdr->opcode = cpu_to_le16(opcode);
4599 hdr->plen = plen;
4600
4601 if (plen)
4602 memcpy(skb_put(skb, plen), param, plen);
4603
4604 BT_DBG("skb len %d", skb->len);
4605
4606 bt_cb(skb)->pkt_type = HCI_COMMAND_PKT;
4607 bt_cb(skb)->opcode = opcode;
4608
4609 return skb;
4610}
4611
4612/* Send HCI command */ 3396/* Send HCI command */
4613int hci_send_cmd(struct hci_dev *hdev, __u16 opcode, __u32 plen, 3397int hci_send_cmd(struct hci_dev *hdev, __u16 opcode, __u32 plen,
4614 const void *param) 3398 const void *param)
@@ -4634,43 +3418,6 @@ int hci_send_cmd(struct hci_dev *hdev, __u16 opcode, __u32 plen,
4634 return 0; 3418 return 0;
4635} 3419}
4636 3420
4637/* Queue a command to an asynchronous HCI request */
4638void hci_req_add_ev(struct hci_request *req, u16 opcode, u32 plen,
4639 const void *param, u8 event)
4640{
4641 struct hci_dev *hdev = req->hdev;
4642 struct sk_buff *skb;
4643
4644 BT_DBG("%s opcode 0x%4.4x plen %d", hdev->name, opcode, plen);
4645
4646 /* If an error occurred during request building, there is no point in
4647 * queueing the HCI command. We can simply return.
4648 */
4649 if (req->err)
4650 return;
4651
4652 skb = hci_prepare_cmd(hdev, opcode, plen, param);
4653 if (!skb) {
4654 BT_ERR("%s no memory for command (opcode 0x%4.4x)",
4655 hdev->name, opcode);
4656 req->err = -ENOMEM;
4657 return;
4658 }
4659
4660 if (skb_queue_empty(&req->cmd_q))
4661 bt_cb(skb)->req.start = true;
4662
4663 bt_cb(skb)->req.event = event;
4664
4665 skb_queue_tail(&req->cmd_q, skb);
4666}
4667
4668void hci_req_add(struct hci_request *req, u16 opcode, u32 plen,
4669 const void *param)
4670{
4671 hci_req_add_ev(req, opcode, plen, param, 0);
4672}
4673
4674/* Get data from the previously sent command */ 3421/* Get data from the previously sent command */
4675void *hci_sent_cmd_data(struct hci_dev *hdev, __u16 opcode) 3422void *hci_sent_cmd_data(struct hci_dev *hdev, __u16 opcode)
4676{ 3423{
@@ -5518,302 +4265,3 @@ static void hci_cmd_work(struct work_struct *work)
5518 } 4265 }
5519 } 4266 }
5520} 4267}
5521
5522void hci_req_add_le_scan_disable(struct hci_request *req)
5523{
5524 struct hci_cp_le_set_scan_enable cp;
5525
5526 memset(&cp, 0, sizeof(cp));
5527 cp.enable = LE_SCAN_DISABLE;
5528 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(cp), &cp);
5529}
5530
5531static void add_to_white_list(struct hci_request *req,
5532 struct hci_conn_params *params)
5533{
5534 struct hci_cp_le_add_to_white_list cp;
5535
5536 cp.bdaddr_type = params->addr_type;
5537 bacpy(&cp.bdaddr, &params->addr);
5538
5539 hci_req_add(req, HCI_OP_LE_ADD_TO_WHITE_LIST, sizeof(cp), &cp);
5540}
5541
5542static u8 update_white_list(struct hci_request *req)
5543{
5544 struct hci_dev *hdev = req->hdev;
5545 struct hci_conn_params *params;
5546 struct bdaddr_list *b;
5547 uint8_t white_list_entries = 0;
5548
5549 /* Go through the current white list programmed into the
5550 * controller one by one and check if that address is still
5551 * in the list of pending connections or list of devices to
5552 * report. If not present in either list, then queue the
5553 * command to remove it from the controller.
5554 */
5555 list_for_each_entry(b, &hdev->le_white_list, list) {
5556 struct hci_cp_le_del_from_white_list cp;
5557
5558 if (hci_pend_le_action_lookup(&hdev->pend_le_conns,
5559 &b->bdaddr, b->bdaddr_type) ||
5560 hci_pend_le_action_lookup(&hdev->pend_le_reports,
5561 &b->bdaddr, b->bdaddr_type)) {
5562 white_list_entries++;
5563 continue;
5564 }
5565
5566 cp.bdaddr_type = b->bdaddr_type;
5567 bacpy(&cp.bdaddr, &b->bdaddr);
5568
5569 hci_req_add(req, HCI_OP_LE_DEL_FROM_WHITE_LIST,
5570 sizeof(cp), &cp);
5571 }
5572
5573 /* Since all no longer valid white list entries have been
5574 * removed, walk through the list of pending connections
5575 * and ensure that any new device gets programmed into
5576 * the controller.
5577 *
5578 * If the list of the devices is larger than the list of
5579 * available white list entries in the controller, then
5580 * just abort and return filer policy value to not use the
5581 * white list.
5582 */
5583 list_for_each_entry(params, &hdev->pend_le_conns, action) {
5584 if (hci_bdaddr_list_lookup(&hdev->le_white_list,
5585 &params->addr, params->addr_type))
5586 continue;
5587
5588 if (white_list_entries >= hdev->le_white_list_size) {
5589 /* Select filter policy to accept all advertising */
5590 return 0x00;
5591 }
5592
5593 if (hci_find_irk_by_addr(hdev, &params->addr,
5594 params->addr_type)) {
5595 /* White list can not be used with RPAs */
5596 return 0x00;
5597 }
5598
5599 white_list_entries++;
5600 add_to_white_list(req, params);
5601 }
5602
5603 /* After adding all new pending connections, walk through
5604 * the list of pending reports and also add these to the
5605 * white list if there is still space.
5606 */
5607 list_for_each_entry(params, &hdev->pend_le_reports, action) {
5608 if (hci_bdaddr_list_lookup(&hdev->le_white_list,
5609 &params->addr, params->addr_type))
5610 continue;
5611
5612 if (white_list_entries >= hdev->le_white_list_size) {
5613 /* Select filter policy to accept all advertising */
5614 return 0x00;
5615 }
5616
5617 if (hci_find_irk_by_addr(hdev, &params->addr,
5618 params->addr_type)) {
5619 /* White list can not be used with RPAs */
5620 return 0x00;
5621 }
5622
5623 white_list_entries++;
5624 add_to_white_list(req, params);
5625 }
5626
5627 /* Select filter policy to use white list */
5628 return 0x01;
5629}
5630
5631void hci_req_add_le_passive_scan(struct hci_request *req)
5632{
5633 struct hci_cp_le_set_scan_param param_cp;
5634 struct hci_cp_le_set_scan_enable enable_cp;
5635 struct hci_dev *hdev = req->hdev;
5636 u8 own_addr_type;
5637 u8 filter_policy;
5638
5639 /* Set require_privacy to false since no SCAN_REQ are send
5640 * during passive scanning. Not using an non-resolvable address
5641 * here is important so that peer devices using direct
5642 * advertising with our address will be correctly reported
5643 * by the controller.
5644 */
5645 if (hci_update_random_address(req, false, &own_addr_type))
5646 return;
5647
5648 /* Adding or removing entries from the white list must
5649 * happen before enabling scanning. The controller does
5650 * not allow white list modification while scanning.
5651 */
5652 filter_policy = update_white_list(req);
5653
5654 /* When the controller is using random resolvable addresses and
5655 * with that having LE privacy enabled, then controllers with
5656 * Extended Scanner Filter Policies support can now enable support
5657 * for handling directed advertising.
5658 *
5659 * So instead of using filter polices 0x00 (no whitelist)
5660 * and 0x01 (whitelist enabled) use the new filter policies
5661 * 0x02 (no whitelist) and 0x03 (whitelist enabled).
5662 */
5663 if (test_bit(HCI_PRIVACY, &hdev->dev_flags) &&
5664 (hdev->le_features[0] & HCI_LE_EXT_SCAN_POLICY))
5665 filter_policy |= 0x02;
5666
5667 memset(&param_cp, 0, sizeof(param_cp));
5668 param_cp.type = LE_SCAN_PASSIVE;
5669 param_cp.interval = cpu_to_le16(hdev->le_scan_interval);
5670 param_cp.window = cpu_to_le16(hdev->le_scan_window);
5671 param_cp.own_address_type = own_addr_type;
5672 param_cp.filter_policy = filter_policy;
5673 hci_req_add(req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
5674 &param_cp);
5675
5676 memset(&enable_cp, 0, sizeof(enable_cp));
5677 enable_cp.enable = LE_SCAN_ENABLE;
5678 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
5679 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
5680 &enable_cp);
5681}
5682
5683static void update_background_scan_complete(struct hci_dev *hdev, u8 status)
5684{
5685 if (status)
5686 BT_DBG("HCI request failed to update background scanning: "
5687 "status 0x%2.2x", status);
5688}
5689
5690/* This function controls the background scanning based on hdev->pend_le_conns
5691 * list. If there are pending LE connection we start the background scanning,
5692 * otherwise we stop it.
5693 *
5694 * This function requires the caller holds hdev->lock.
5695 */
5696void hci_update_background_scan(struct hci_dev *hdev)
5697{
5698 struct hci_request req;
5699 struct hci_conn *conn;
5700 int err;
5701
5702 if (!test_bit(HCI_UP, &hdev->flags) ||
5703 test_bit(HCI_INIT, &hdev->flags) ||
5704 test_bit(HCI_SETUP, &hdev->dev_flags) ||
5705 test_bit(HCI_CONFIG, &hdev->dev_flags) ||
5706 test_bit(HCI_AUTO_OFF, &hdev->dev_flags) ||
5707 test_bit(HCI_UNREGISTER, &hdev->dev_flags))
5708 return;
5709
5710 /* No point in doing scanning if LE support hasn't been enabled */
5711 if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
5712 return;
5713
5714 /* If discovery is active don't interfere with it */
5715 if (hdev->discovery.state != DISCOVERY_STOPPED)
5716 return;
5717
5718 /* Reset RSSI and UUID filters when starting background scanning
5719 * since these filters are meant for service discovery only.
5720 *
5721 * The Start Discovery and Start Service Discovery operations
5722 * ensure to set proper values for RSSI threshold and UUID
5723 * filter list. So it is safe to just reset them here.
5724 */
5725 hci_discovery_filter_clear(hdev);
5726
5727 hci_req_init(&req, hdev);
5728
5729 if (list_empty(&hdev->pend_le_conns) &&
5730 list_empty(&hdev->pend_le_reports)) {
5731 /* If there is no pending LE connections or devices
5732 * to be scanned for, we should stop the background
5733 * scanning.
5734 */
5735
5736 /* If controller is not scanning we are done. */
5737 if (!test_bit(HCI_LE_SCAN, &hdev->dev_flags))
5738 return;
5739
5740 hci_req_add_le_scan_disable(&req);
5741
5742 BT_DBG("%s stopping background scanning", hdev->name);
5743 } else {
5744 /* If there is at least one pending LE connection, we should
5745 * keep the background scan running.
5746 */
5747
5748 /* If controller is connecting, we should not start scanning
5749 * since some controllers are not able to scan and connect at
5750 * the same time.
5751 */
5752 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
5753 if (conn)
5754 return;
5755
5756 /* If controller is currently scanning, we stop it to ensure we
5757 * don't miss any advertising (due to duplicates filter).
5758 */
5759 if (test_bit(HCI_LE_SCAN, &hdev->dev_flags))
5760 hci_req_add_le_scan_disable(&req);
5761
5762 hci_req_add_le_passive_scan(&req);
5763
5764 BT_DBG("%s starting background scanning", hdev->name);
5765 }
5766
5767 err = hci_req_run(&req, update_background_scan_complete);
5768 if (err)
5769 BT_ERR("Failed to run HCI request: err %d", err);
5770}
5771
5772static bool disconnected_whitelist_entries(struct hci_dev *hdev)
5773{
5774 struct bdaddr_list *b;
5775
5776 list_for_each_entry(b, &hdev->whitelist, list) {
5777 struct hci_conn *conn;
5778
5779 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &b->bdaddr);
5780 if (!conn)
5781 return true;
5782
5783 if (conn->state != BT_CONNECTED && conn->state != BT_CONFIG)
5784 return true;
5785 }
5786
5787 return false;
5788}
5789
5790void hci_update_page_scan(struct hci_dev *hdev, struct hci_request *req)
5791{
5792 u8 scan;
5793
5794 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
5795 return;
5796
5797 if (!hdev_is_powered(hdev))
5798 return;
5799
5800 if (mgmt_powering_down(hdev))
5801 return;
5802
5803 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags) ||
5804 disconnected_whitelist_entries(hdev))
5805 scan = SCAN_PAGE;
5806 else
5807 scan = SCAN_DISABLED;
5808
5809 if (test_bit(HCI_PSCAN, &hdev->flags) == !!(scan & SCAN_PAGE))
5810 return;
5811
5812 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
5813 scan |= SCAN_INQUIRY;
5814
5815 if (req)
5816 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
5817 else
5818 hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
5819}
diff --git a/net/bluetooth/hci_debugfs.c b/net/bluetooth/hci_debugfs.c
new file mode 100644
index 000000000000..ee33ce88d3d8
--- /dev/null
+++ b/net/bluetooth/hci_debugfs.c
@@ -0,0 +1,1076 @@
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3
4 Copyright (C) 2014 Intel Corporation
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22*/
23
24#include <linux/debugfs.h>
25
26#include <net/bluetooth/bluetooth.h>
27#include <net/bluetooth/hci_core.h>
28
29#include "hci_debugfs.h"
30
31static int features_show(struct seq_file *f, void *ptr)
32{
33 struct hci_dev *hdev = f->private;
34 u8 p;
35
36 hci_dev_lock(hdev);
37 for (p = 0; p < HCI_MAX_PAGES && p <= hdev->max_page; p++) {
38 seq_printf(f, "%2u: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
39 "0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n", p,
40 hdev->features[p][0], hdev->features[p][1],
41 hdev->features[p][2], hdev->features[p][3],
42 hdev->features[p][4], hdev->features[p][5],
43 hdev->features[p][6], hdev->features[p][7]);
44 }
45 if (lmp_le_capable(hdev))
46 seq_printf(f, "LE: 0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x "
47 "0x%2.2x 0x%2.2x 0x%2.2x 0x%2.2x\n",
48 hdev->le_features[0], hdev->le_features[1],
49 hdev->le_features[2], hdev->le_features[3],
50 hdev->le_features[4], hdev->le_features[5],
51 hdev->le_features[6], hdev->le_features[7]);
52 hci_dev_unlock(hdev);
53
54 return 0;
55}
56
57static int features_open(struct inode *inode, struct file *file)
58{
59 return single_open(file, features_show, inode->i_private);
60}
61
62static const struct file_operations features_fops = {
63 .open = features_open,
64 .read = seq_read,
65 .llseek = seq_lseek,
66 .release = single_release,
67};
68
69static int device_list_show(struct seq_file *f, void *ptr)
70{
71 struct hci_dev *hdev = f->private;
72 struct hci_conn_params *p;
73 struct bdaddr_list *b;
74
75 hci_dev_lock(hdev);
76 list_for_each_entry(b, &hdev->whitelist, list)
77 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type);
78 list_for_each_entry(p, &hdev->le_conn_params, list) {
79 seq_printf(f, "%pMR (type %u) %u\n", &p->addr, p->addr_type,
80 p->auto_connect);
81 }
82 hci_dev_unlock(hdev);
83
84 return 0;
85}
86
87static int device_list_open(struct inode *inode, struct file *file)
88{
89 return single_open(file, device_list_show, inode->i_private);
90}
91
92static const struct file_operations device_list_fops = {
93 .open = device_list_open,
94 .read = seq_read,
95 .llseek = seq_lseek,
96 .release = single_release,
97};
98
99static int blacklist_show(struct seq_file *f, void *p)
100{
101 struct hci_dev *hdev = f->private;
102 struct bdaddr_list *b;
103
104 hci_dev_lock(hdev);
105 list_for_each_entry(b, &hdev->blacklist, list)
106 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type);
107 hci_dev_unlock(hdev);
108
109 return 0;
110}
111
112static int blacklist_open(struct inode *inode, struct file *file)
113{
114 return single_open(file, blacklist_show, inode->i_private);
115}
116
117static const struct file_operations blacklist_fops = {
118 .open = blacklist_open,
119 .read = seq_read,
120 .llseek = seq_lseek,
121 .release = single_release,
122};
123
124static int uuids_show(struct seq_file *f, void *p)
125{
126 struct hci_dev *hdev = f->private;
127 struct bt_uuid *uuid;
128
129 hci_dev_lock(hdev);
130 list_for_each_entry(uuid, &hdev->uuids, list) {
131 u8 i, val[16];
132
133 /* The Bluetooth UUID values are stored in big endian,
134 * but with reversed byte order. So convert them into
135 * the right order for the %pUb modifier.
136 */
137 for (i = 0; i < 16; i++)
138 val[i] = uuid->uuid[15 - i];
139
140 seq_printf(f, "%pUb\n", val);
141 }
142 hci_dev_unlock(hdev);
143
144 return 0;
145}
146
147static int uuids_open(struct inode *inode, struct file *file)
148{
149 return single_open(file, uuids_show, inode->i_private);
150}
151
152static const struct file_operations uuids_fops = {
153 .open = uuids_open,
154 .read = seq_read,
155 .llseek = seq_lseek,
156 .release = single_release,
157};
158
159static int conn_info_min_age_set(void *data, u64 val)
160{
161 struct hci_dev *hdev = data;
162
163 if (val == 0 || val > hdev->conn_info_max_age)
164 return -EINVAL;
165
166 hci_dev_lock(hdev);
167 hdev->conn_info_min_age = val;
168 hci_dev_unlock(hdev);
169
170 return 0;
171}
172
173static int conn_info_min_age_get(void *data, u64 *val)
174{
175 struct hci_dev *hdev = data;
176
177 hci_dev_lock(hdev);
178 *val = hdev->conn_info_min_age;
179 hci_dev_unlock(hdev);
180
181 return 0;
182}
183
184DEFINE_SIMPLE_ATTRIBUTE(conn_info_min_age_fops, conn_info_min_age_get,
185 conn_info_min_age_set, "%llu\n");
186
187static int conn_info_max_age_set(void *data, u64 val)
188{
189 struct hci_dev *hdev = data;
190
191 if (val == 0 || val < hdev->conn_info_min_age)
192 return -EINVAL;
193
194 hci_dev_lock(hdev);
195 hdev->conn_info_max_age = val;
196 hci_dev_unlock(hdev);
197
198 return 0;
199}
200
201static int conn_info_max_age_get(void *data, u64 *val)
202{
203 struct hci_dev *hdev = data;
204
205 hci_dev_lock(hdev);
206 *val = hdev->conn_info_max_age;
207 hci_dev_unlock(hdev);
208
209 return 0;
210}
211
212DEFINE_SIMPLE_ATTRIBUTE(conn_info_max_age_fops, conn_info_max_age_get,
213 conn_info_max_age_set, "%llu\n");
214
215void hci_debugfs_create_common(struct hci_dev *hdev)
216{
217 debugfs_create_file("features", 0444, hdev->debugfs, hdev,
218 &features_fops);
219 debugfs_create_u16("manufacturer", 0444, hdev->debugfs,
220 &hdev->manufacturer);
221 debugfs_create_u8("hci_version", 0444, hdev->debugfs, &hdev->hci_ver);
222 debugfs_create_u16("hci_revision", 0444, hdev->debugfs, &hdev->hci_rev);
223 debugfs_create_file("device_list", 0444, hdev->debugfs, hdev,
224 &device_list_fops);
225 debugfs_create_file("blacklist", 0444, hdev->debugfs, hdev,
226 &blacklist_fops);
227 debugfs_create_file("uuids", 0444, hdev->debugfs, hdev, &uuids_fops);
228
229 debugfs_create_file("conn_info_min_age", 0644, hdev->debugfs, hdev,
230 &conn_info_min_age_fops);
231 debugfs_create_file("conn_info_max_age", 0644, hdev->debugfs, hdev,
232 &conn_info_max_age_fops);
233}
234
235static int inquiry_cache_show(struct seq_file *f, void *p)
236{
237 struct hci_dev *hdev = f->private;
238 struct discovery_state *cache = &hdev->discovery;
239 struct inquiry_entry *e;
240
241 hci_dev_lock(hdev);
242
243 list_for_each_entry(e, &cache->all, all) {
244 struct inquiry_data *data = &e->data;
245 seq_printf(f, "%pMR %d %d %d 0x%.2x%.2x%.2x 0x%.4x %d %d %u\n",
246 &data->bdaddr,
247 data->pscan_rep_mode, data->pscan_period_mode,
248 data->pscan_mode, data->dev_class[2],
249 data->dev_class[1], data->dev_class[0],
250 __le16_to_cpu(data->clock_offset),
251 data->rssi, data->ssp_mode, e->timestamp);
252 }
253
254 hci_dev_unlock(hdev);
255
256 return 0;
257}
258
259static int inquiry_cache_open(struct inode *inode, struct file *file)
260{
261 return single_open(file, inquiry_cache_show, inode->i_private);
262}
263
264static const struct file_operations inquiry_cache_fops = {
265 .open = inquiry_cache_open,
266 .read = seq_read,
267 .llseek = seq_lseek,
268 .release = single_release,
269};
270
271static int link_keys_show(struct seq_file *f, void *ptr)
272{
273 struct hci_dev *hdev = f->private;
274 struct link_key *key;
275
276 rcu_read_lock();
277 list_for_each_entry_rcu(key, &hdev->link_keys, list)
278 seq_printf(f, "%pMR %u %*phN %u\n", &key->bdaddr, key->type,
279 HCI_LINK_KEY_SIZE, key->val, key->pin_len);
280 rcu_read_unlock();
281
282 return 0;
283}
284
285static int link_keys_open(struct inode *inode, struct file *file)
286{
287 return single_open(file, link_keys_show, inode->i_private);
288}
289
290static const struct file_operations link_keys_fops = {
291 .open = link_keys_open,
292 .read = seq_read,
293 .llseek = seq_lseek,
294 .release = single_release,
295};
296
297static int dev_class_show(struct seq_file *f, void *ptr)
298{
299 struct hci_dev *hdev = f->private;
300
301 hci_dev_lock(hdev);
302 seq_printf(f, "0x%.2x%.2x%.2x\n", hdev->dev_class[2],
303 hdev->dev_class[1], hdev->dev_class[0]);
304 hci_dev_unlock(hdev);
305
306 return 0;
307}
308
309static int dev_class_open(struct inode *inode, struct file *file)
310{
311 return single_open(file, dev_class_show, inode->i_private);
312}
313
314static const struct file_operations dev_class_fops = {
315 .open = dev_class_open,
316 .read = seq_read,
317 .llseek = seq_lseek,
318 .release = single_release,
319};
320
321static int voice_setting_get(void *data, u64 *val)
322{
323 struct hci_dev *hdev = data;
324
325 hci_dev_lock(hdev);
326 *val = hdev->voice_setting;
327 hci_dev_unlock(hdev);
328
329 return 0;
330}
331
332DEFINE_SIMPLE_ATTRIBUTE(voice_setting_fops, voice_setting_get,
333 NULL, "0x%4.4llx\n");
334
335static int auto_accept_delay_set(void *data, u64 val)
336{
337 struct hci_dev *hdev = data;
338
339 hci_dev_lock(hdev);
340 hdev->auto_accept_delay = val;
341 hci_dev_unlock(hdev);
342
343 return 0;
344}
345
346static int auto_accept_delay_get(void *data, u64 *val)
347{
348 struct hci_dev *hdev = data;
349
350 hci_dev_lock(hdev);
351 *val = hdev->auto_accept_delay;
352 hci_dev_unlock(hdev);
353
354 return 0;
355}
356
357DEFINE_SIMPLE_ATTRIBUTE(auto_accept_delay_fops, auto_accept_delay_get,
358 auto_accept_delay_set, "%llu\n");
359
360static ssize_t sc_only_mode_read(struct file *file, char __user *user_buf,
361 size_t count, loff_t *ppos)
362{
363 struct hci_dev *hdev = file->private_data;
364 char buf[3];
365
366 buf[0] = test_bit(HCI_SC_ONLY, &hdev->dev_flags) ? 'Y': 'N';
367 buf[1] = '\n';
368 buf[2] = '\0';
369 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
370}
371
372static const struct file_operations sc_only_mode_fops = {
373 .open = simple_open,
374 .read = sc_only_mode_read,
375 .llseek = default_llseek,
376};
377
378static ssize_t force_sc_support_read(struct file *file, char __user *user_buf,
379 size_t count, loff_t *ppos)
380{
381 struct hci_dev *hdev = file->private_data;
382 char buf[3];
383
384 buf[0] = test_bit(HCI_FORCE_SC, &hdev->dbg_flags) ? 'Y': 'N';
385 buf[1] = '\n';
386 buf[2] = '\0';
387 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
388}
389
390static ssize_t force_sc_support_write(struct file *file,
391 const char __user *user_buf,
392 size_t count, loff_t *ppos)
393{
394 struct hci_dev *hdev = file->private_data;
395 char buf[32];
396 size_t buf_size = min(count, (sizeof(buf)-1));
397 bool enable;
398
399 if (test_bit(HCI_UP, &hdev->flags))
400 return -EBUSY;
401
402 if (copy_from_user(buf, user_buf, buf_size))
403 return -EFAULT;
404
405 buf[buf_size] = '\0';
406 if (strtobool(buf, &enable))
407 return -EINVAL;
408
409 if (enable == test_bit(HCI_FORCE_SC, &hdev->dbg_flags))
410 return -EALREADY;
411
412 change_bit(HCI_FORCE_SC, &hdev->dbg_flags);
413
414 return count;
415}
416
417static const struct file_operations force_sc_support_fops = {
418 .open = simple_open,
419 .read = force_sc_support_read,
420 .write = force_sc_support_write,
421 .llseek = default_llseek,
422};
423
424static ssize_t force_lesc_support_read(struct file *file,
425 char __user *user_buf,
426 size_t count, loff_t *ppos)
427{
428 struct hci_dev *hdev = file->private_data;
429 char buf[3];
430
431 buf[0] = test_bit(HCI_FORCE_LESC, &hdev->dbg_flags) ? 'Y': 'N';
432 buf[1] = '\n';
433 buf[2] = '\0';
434 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
435}
436
437static ssize_t force_lesc_support_write(struct file *file,
438 const char __user *user_buf,
439 size_t count, loff_t *ppos)
440{
441 struct hci_dev *hdev = file->private_data;
442 char buf[32];
443 size_t buf_size = min(count, (sizeof(buf)-1));
444 bool enable;
445
446 if (copy_from_user(buf, user_buf, buf_size))
447 return -EFAULT;
448
449 buf[buf_size] = '\0';
450 if (strtobool(buf, &enable))
451 return -EINVAL;
452
453 if (enable == test_bit(HCI_FORCE_LESC, &hdev->dbg_flags))
454 return -EALREADY;
455
456 change_bit(HCI_FORCE_LESC, &hdev->dbg_flags);
457
458 return count;
459}
460
461static const struct file_operations force_lesc_support_fops = {
462 .open = simple_open,
463 .read = force_lesc_support_read,
464 .write = force_lesc_support_write,
465 .llseek = default_llseek,
466};
467
468static int idle_timeout_set(void *data, u64 val)
469{
470 struct hci_dev *hdev = data;
471
472 if (val != 0 && (val < 500 || val > 3600000))
473 return -EINVAL;
474
475 hci_dev_lock(hdev);
476 hdev->idle_timeout = val;
477 hci_dev_unlock(hdev);
478
479 return 0;
480}
481
482static int idle_timeout_get(void *data, u64 *val)
483{
484 struct hci_dev *hdev = data;
485
486 hci_dev_lock(hdev);
487 *val = hdev->idle_timeout;
488 hci_dev_unlock(hdev);
489
490 return 0;
491}
492
493DEFINE_SIMPLE_ATTRIBUTE(idle_timeout_fops, idle_timeout_get,
494 idle_timeout_set, "%llu\n");
495
496static int sniff_min_interval_set(void *data, u64 val)
497{
498 struct hci_dev *hdev = data;
499
500 if (val == 0 || val % 2 || val > hdev->sniff_max_interval)
501 return -EINVAL;
502
503 hci_dev_lock(hdev);
504 hdev->sniff_min_interval = val;
505 hci_dev_unlock(hdev);
506
507 return 0;
508}
509
510static int sniff_min_interval_get(void *data, u64 *val)
511{
512 struct hci_dev *hdev = data;
513
514 hci_dev_lock(hdev);
515 *val = hdev->sniff_min_interval;
516 hci_dev_unlock(hdev);
517
518 return 0;
519}
520
521DEFINE_SIMPLE_ATTRIBUTE(sniff_min_interval_fops, sniff_min_interval_get,
522 sniff_min_interval_set, "%llu\n");
523
524static int sniff_max_interval_set(void *data, u64 val)
525{
526 struct hci_dev *hdev = data;
527
528 if (val == 0 || val % 2 || val < hdev->sniff_min_interval)
529 return -EINVAL;
530
531 hci_dev_lock(hdev);
532 hdev->sniff_max_interval = val;
533 hci_dev_unlock(hdev);
534
535 return 0;
536}
537
538static int sniff_max_interval_get(void *data, u64 *val)
539{
540 struct hci_dev *hdev = data;
541
542 hci_dev_lock(hdev);
543 *val = hdev->sniff_max_interval;
544 hci_dev_unlock(hdev);
545
546 return 0;
547}
548
549DEFINE_SIMPLE_ATTRIBUTE(sniff_max_interval_fops, sniff_max_interval_get,
550 sniff_max_interval_set, "%llu\n");
551
552void hci_debugfs_create_bredr(struct hci_dev *hdev)
553{
554 debugfs_create_file("inquiry_cache", 0444, hdev->debugfs, hdev,
555 &inquiry_cache_fops);
556 debugfs_create_file("link_keys", 0400, hdev->debugfs, hdev,
557 &link_keys_fops);
558 debugfs_create_file("dev_class", 0444, hdev->debugfs, hdev,
559 &dev_class_fops);
560 debugfs_create_file("voice_setting", 0444, hdev->debugfs, hdev,
561 &voice_setting_fops);
562
563 if (lmp_ssp_capable(hdev)) {
564 debugfs_create_file("auto_accept_delay", 0644, hdev->debugfs,
565 hdev, &auto_accept_delay_fops);
566 debugfs_create_file("sc_only_mode", 0444, hdev->debugfs,
567 hdev, &sc_only_mode_fops);
568
569 debugfs_create_file("force_sc_support", 0644, hdev->debugfs,
570 hdev, &force_sc_support_fops);
571
572 if (lmp_le_capable(hdev))
573 debugfs_create_file("force_lesc_support", 0644,
574 hdev->debugfs, hdev,
575 &force_lesc_support_fops);
576 }
577
578 if (lmp_sniff_capable(hdev)) {
579 debugfs_create_file("idle_timeout", 0644, hdev->debugfs,
580 hdev, &idle_timeout_fops);
581 debugfs_create_file("sniff_min_interval", 0644, hdev->debugfs,
582 hdev, &sniff_min_interval_fops);
583 debugfs_create_file("sniff_max_interval", 0644, hdev->debugfs,
584 hdev, &sniff_max_interval_fops);
585 }
586}
587
588static int identity_show(struct seq_file *f, void *p)
589{
590 struct hci_dev *hdev = f->private;
591 bdaddr_t addr;
592 u8 addr_type;
593
594 hci_dev_lock(hdev);
595
596 hci_copy_identity_address(hdev, &addr, &addr_type);
597
598 seq_printf(f, "%pMR (type %u) %*phN %pMR\n", &addr, addr_type,
599 16, hdev->irk, &hdev->rpa);
600
601 hci_dev_unlock(hdev);
602
603 return 0;
604}
605
606static int identity_open(struct inode *inode, struct file *file)
607{
608 return single_open(file, identity_show, inode->i_private);
609}
610
611static const struct file_operations identity_fops = {
612 .open = identity_open,
613 .read = seq_read,
614 .llseek = seq_lseek,
615 .release = single_release,
616};
617
618static int rpa_timeout_set(void *data, u64 val)
619{
620 struct hci_dev *hdev = data;
621
622 /* Require the RPA timeout to be at least 30 seconds and at most
623 * 24 hours.
624 */
625 if (val < 30 || val > (60 * 60 * 24))
626 return -EINVAL;
627
628 hci_dev_lock(hdev);
629 hdev->rpa_timeout = val;
630 hci_dev_unlock(hdev);
631
632 return 0;
633}
634
635static int rpa_timeout_get(void *data, u64 *val)
636{
637 struct hci_dev *hdev = data;
638
639 hci_dev_lock(hdev);
640 *val = hdev->rpa_timeout;
641 hci_dev_unlock(hdev);
642
643 return 0;
644}
645
646DEFINE_SIMPLE_ATTRIBUTE(rpa_timeout_fops, rpa_timeout_get,
647 rpa_timeout_set, "%llu\n");
648
649static int random_address_show(struct seq_file *f, void *p)
650{
651 struct hci_dev *hdev = f->private;
652
653 hci_dev_lock(hdev);
654 seq_printf(f, "%pMR\n", &hdev->random_addr);
655 hci_dev_unlock(hdev);
656
657 return 0;
658}
659
660static int random_address_open(struct inode *inode, struct file *file)
661{
662 return single_open(file, random_address_show, inode->i_private);
663}
664
665static const struct file_operations random_address_fops = {
666 .open = random_address_open,
667 .read = seq_read,
668 .llseek = seq_lseek,
669 .release = single_release,
670};
671
672static int static_address_show(struct seq_file *f, void *p)
673{
674 struct hci_dev *hdev = f->private;
675
676 hci_dev_lock(hdev);
677 seq_printf(f, "%pMR\n", &hdev->static_addr);
678 hci_dev_unlock(hdev);
679
680 return 0;
681}
682
683static int static_address_open(struct inode *inode, struct file *file)
684{
685 return single_open(file, static_address_show, inode->i_private);
686}
687
688static const struct file_operations static_address_fops = {
689 .open = static_address_open,
690 .read = seq_read,
691 .llseek = seq_lseek,
692 .release = single_release,
693};
694
695static ssize_t force_static_address_read(struct file *file,
696 char __user *user_buf,
697 size_t count, loff_t *ppos)
698{
699 struct hci_dev *hdev = file->private_data;
700 char buf[3];
701
702 buf[0] = test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags) ? 'Y': 'N';
703 buf[1] = '\n';
704 buf[2] = '\0';
705 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
706}
707
708static ssize_t force_static_address_write(struct file *file,
709 const char __user *user_buf,
710 size_t count, loff_t *ppos)
711{
712 struct hci_dev *hdev = file->private_data;
713 char buf[32];
714 size_t buf_size = min(count, (sizeof(buf)-1));
715 bool enable;
716
717 if (test_bit(HCI_UP, &hdev->flags))
718 return -EBUSY;
719
720 if (copy_from_user(buf, user_buf, buf_size))
721 return -EFAULT;
722
723 buf[buf_size] = '\0';
724 if (strtobool(buf, &enable))
725 return -EINVAL;
726
727 if (enable == test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags))
728 return -EALREADY;
729
730 change_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags);
731
732 return count;
733}
734
735static const struct file_operations force_static_address_fops = {
736 .open = simple_open,
737 .read = force_static_address_read,
738 .write = force_static_address_write,
739 .llseek = default_llseek,
740};
741
742static int white_list_show(struct seq_file *f, void *ptr)
743{
744 struct hci_dev *hdev = f->private;
745 struct bdaddr_list *b;
746
747 hci_dev_lock(hdev);
748 list_for_each_entry(b, &hdev->le_white_list, list)
749 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type);
750 hci_dev_unlock(hdev);
751
752 return 0;
753}
754
755static int white_list_open(struct inode *inode, struct file *file)
756{
757 return single_open(file, white_list_show, inode->i_private);
758}
759
760static const struct file_operations white_list_fops = {
761 .open = white_list_open,
762 .read = seq_read,
763 .llseek = seq_lseek,
764 .release = single_release,
765};
766
767static int identity_resolving_keys_show(struct seq_file *f, void *ptr)
768{
769 struct hci_dev *hdev = f->private;
770 struct smp_irk *irk;
771
772 rcu_read_lock();
773 list_for_each_entry_rcu(irk, &hdev->identity_resolving_keys, list) {
774 seq_printf(f, "%pMR (type %u) %*phN %pMR\n",
775 &irk->bdaddr, irk->addr_type,
776 16, irk->val, &irk->rpa);
777 }
778 rcu_read_unlock();
779
780 return 0;
781}
782
783static int identity_resolving_keys_open(struct inode *inode, struct file *file)
784{
785 return single_open(file, identity_resolving_keys_show,
786 inode->i_private);
787}
788
789static const struct file_operations identity_resolving_keys_fops = {
790 .open = identity_resolving_keys_open,
791 .read = seq_read,
792 .llseek = seq_lseek,
793 .release = single_release,
794};
795
796static int long_term_keys_show(struct seq_file *f, void *ptr)
797{
798 struct hci_dev *hdev = f->private;
799 struct smp_ltk *ltk;
800
801 rcu_read_lock();
802 list_for_each_entry_rcu(ltk, &hdev->long_term_keys, list)
803 seq_printf(f, "%pMR (type %u) %u 0x%02x %u %.4x %.16llx %*phN\n",
804 &ltk->bdaddr, ltk->bdaddr_type, ltk->authenticated,
805 ltk->type, ltk->enc_size, __le16_to_cpu(ltk->ediv),
806 __le64_to_cpu(ltk->rand), 16, ltk->val);
807 rcu_read_unlock();
808
809 return 0;
810}
811
812static int long_term_keys_open(struct inode *inode, struct file *file)
813{
814 return single_open(file, long_term_keys_show, inode->i_private);
815}
816
817static const struct file_operations long_term_keys_fops = {
818 .open = long_term_keys_open,
819 .read = seq_read,
820 .llseek = seq_lseek,
821 .release = single_release,
822};
823
824static int conn_min_interval_set(void *data, u64 val)
825{
826 struct hci_dev *hdev = data;
827
828 if (val < 0x0006 || val > 0x0c80 || val > hdev->le_conn_max_interval)
829 return -EINVAL;
830
831 hci_dev_lock(hdev);
832 hdev->le_conn_min_interval = val;
833 hci_dev_unlock(hdev);
834
835 return 0;
836}
837
838static int conn_min_interval_get(void *data, u64 *val)
839{
840 struct hci_dev *hdev = data;
841
842 hci_dev_lock(hdev);
843 *val = hdev->le_conn_min_interval;
844 hci_dev_unlock(hdev);
845
846 return 0;
847}
848
849DEFINE_SIMPLE_ATTRIBUTE(conn_min_interval_fops, conn_min_interval_get,
850 conn_min_interval_set, "%llu\n");
851
852static int conn_max_interval_set(void *data, u64 val)
853{
854 struct hci_dev *hdev = data;
855
856 if (val < 0x0006 || val > 0x0c80 || val < hdev->le_conn_min_interval)
857 return -EINVAL;
858
859 hci_dev_lock(hdev);
860 hdev->le_conn_max_interval = val;
861 hci_dev_unlock(hdev);
862
863 return 0;
864}
865
866static int conn_max_interval_get(void *data, u64 *val)
867{
868 struct hci_dev *hdev = data;
869
870 hci_dev_lock(hdev);
871 *val = hdev->le_conn_max_interval;
872 hci_dev_unlock(hdev);
873
874 return 0;
875}
876
877DEFINE_SIMPLE_ATTRIBUTE(conn_max_interval_fops, conn_max_interval_get,
878 conn_max_interval_set, "%llu\n");
879
880static int conn_latency_set(void *data, u64 val)
881{
882 struct hci_dev *hdev = data;
883
884 if (val > 0x01f3)
885 return -EINVAL;
886
887 hci_dev_lock(hdev);
888 hdev->le_conn_latency = val;
889 hci_dev_unlock(hdev);
890
891 return 0;
892}
893
894static int conn_latency_get(void *data, u64 *val)
895{
896 struct hci_dev *hdev = data;
897
898 hci_dev_lock(hdev);
899 *val = hdev->le_conn_latency;
900 hci_dev_unlock(hdev);
901
902 return 0;
903}
904
905DEFINE_SIMPLE_ATTRIBUTE(conn_latency_fops, conn_latency_get,
906 conn_latency_set, "%llu\n");
907
908static int supervision_timeout_set(void *data, u64 val)
909{
910 struct hci_dev *hdev = data;
911
912 if (val < 0x000a || val > 0x0c80)
913 return -EINVAL;
914
915 hci_dev_lock(hdev);
916 hdev->le_supv_timeout = val;
917 hci_dev_unlock(hdev);
918
919 return 0;
920}
921
922static int supervision_timeout_get(void *data, u64 *val)
923{
924 struct hci_dev *hdev = data;
925
926 hci_dev_lock(hdev);
927 *val = hdev->le_supv_timeout;
928 hci_dev_unlock(hdev);
929
930 return 0;
931}
932
933DEFINE_SIMPLE_ATTRIBUTE(supervision_timeout_fops, supervision_timeout_get,
934 supervision_timeout_set, "%llu\n");
935
936static int adv_channel_map_set(void *data, u64 val)
937{
938 struct hci_dev *hdev = data;
939
940 if (val < 0x01 || val > 0x07)
941 return -EINVAL;
942
943 hci_dev_lock(hdev);
944 hdev->le_adv_channel_map = val;
945 hci_dev_unlock(hdev);
946
947 return 0;
948}
949
950static int adv_channel_map_get(void *data, u64 *val)
951{
952 struct hci_dev *hdev = data;
953
954 hci_dev_lock(hdev);
955 *val = hdev->le_adv_channel_map;
956 hci_dev_unlock(hdev);
957
958 return 0;
959}
960
961DEFINE_SIMPLE_ATTRIBUTE(adv_channel_map_fops, adv_channel_map_get,
962 adv_channel_map_set, "%llu\n");
963
964static int adv_min_interval_set(void *data, u64 val)
965{
966 struct hci_dev *hdev = data;
967
968 if (val < 0x0020 || val > 0x4000 || val > hdev->le_adv_max_interval)
969 return -EINVAL;
970
971 hci_dev_lock(hdev);
972 hdev->le_adv_min_interval = val;
973 hci_dev_unlock(hdev);
974
975 return 0;
976}
977
978static int adv_min_interval_get(void *data, u64 *val)
979{
980 struct hci_dev *hdev = data;
981
982 hci_dev_lock(hdev);
983 *val = hdev->le_adv_min_interval;
984 hci_dev_unlock(hdev);
985
986 return 0;
987}
988
989DEFINE_SIMPLE_ATTRIBUTE(adv_min_interval_fops, adv_min_interval_get,
990 adv_min_interval_set, "%llu\n");
991
992static int adv_max_interval_set(void *data, u64 val)
993{
994 struct hci_dev *hdev = data;
995
996 if (val < 0x0020 || val > 0x4000 || val < hdev->le_adv_min_interval)
997 return -EINVAL;
998
999 hci_dev_lock(hdev);
1000 hdev->le_adv_max_interval = val;
1001 hci_dev_unlock(hdev);
1002
1003 return 0;
1004}
1005
1006static int adv_max_interval_get(void *data, u64 *val)
1007{
1008 struct hci_dev *hdev = data;
1009
1010 hci_dev_lock(hdev);
1011 *val = hdev->le_adv_max_interval;
1012 hci_dev_unlock(hdev);
1013
1014 return 0;
1015}
1016
1017DEFINE_SIMPLE_ATTRIBUTE(adv_max_interval_fops, adv_max_interval_get,
1018 adv_max_interval_set, "%llu\n");
1019
1020void hci_debugfs_create_le(struct hci_dev *hdev)
1021{
1022 debugfs_create_file("identity", 0400, hdev->debugfs, hdev,
1023 &identity_fops);
1024 debugfs_create_file("rpa_timeout", 0644, hdev->debugfs, hdev,
1025 &rpa_timeout_fops);
1026 debugfs_create_file("random_address", 0444, hdev->debugfs, hdev,
1027 &random_address_fops);
1028 debugfs_create_file("static_address", 0444, hdev->debugfs, hdev,
1029 &static_address_fops);
1030
1031 /* For controllers with a public address, provide a debug
1032 * option to force the usage of the configured static
1033 * address. By default the public address is used.
1034 */
1035 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
1036 debugfs_create_file("force_static_address", 0644,
1037 hdev->debugfs, hdev,
1038 &force_static_address_fops);
1039
1040 debugfs_create_u8("white_list_size", 0444, hdev->debugfs,
1041 &hdev->le_white_list_size);
1042 debugfs_create_file("white_list", 0444, hdev->debugfs, hdev,
1043 &white_list_fops);
1044 debugfs_create_file("identity_resolving_keys", 0400, hdev->debugfs,
1045 hdev, &identity_resolving_keys_fops);
1046 debugfs_create_file("long_term_keys", 0400, hdev->debugfs, hdev,
1047 &long_term_keys_fops);
1048 debugfs_create_file("conn_min_interval", 0644, hdev->debugfs, hdev,
1049 &conn_min_interval_fops);
1050 debugfs_create_file("conn_max_interval", 0644, hdev->debugfs, hdev,
1051 &conn_max_interval_fops);
1052 debugfs_create_file("conn_latency", 0644, hdev->debugfs, hdev,
1053 &conn_latency_fops);
1054 debugfs_create_file("supervision_timeout", 0644, hdev->debugfs, hdev,
1055 &supervision_timeout_fops);
1056 debugfs_create_file("adv_channel_map", 0644, hdev->debugfs, hdev,
1057 &adv_channel_map_fops);
1058 debugfs_create_file("adv_min_interval", 0644, hdev->debugfs, hdev,
1059 &adv_min_interval_fops);
1060 debugfs_create_file("adv_max_interval", 0644, hdev->debugfs, hdev,
1061 &adv_max_interval_fops);
1062 debugfs_create_u16("discov_interleaved_timeout", 0644, hdev->debugfs,
1063 &hdev->discov_interleaved_timeout);
1064}
1065
1066void hci_debugfs_create_conn(struct hci_conn *conn)
1067{
1068 struct hci_dev *hdev = conn->hdev;
1069 char name[6];
1070
1071 if (IS_ERR_OR_NULL(hdev->debugfs))
1072 return;
1073
1074 snprintf(name, sizeof(name), "%u", conn->handle);
1075 conn->debugfs = debugfs_create_dir(name, hdev->debugfs);
1076}
diff --git a/net/bluetooth/hci_debugfs.h b/net/bluetooth/hci_debugfs.h
new file mode 100644
index 000000000000..fb68efe083c5
--- /dev/null
+++ b/net/bluetooth/hci_debugfs.h
@@ -0,0 +1,26 @@
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2014 Intel Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23void hci_debugfs_create_common(struct hci_dev *hdev);
24void hci_debugfs_create_bredr(struct hci_dev *hdev);
25void hci_debugfs_create_le(struct hci_dev *hdev);
26void hci_debugfs_create_conn(struct hci_conn *conn);
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 3f2e8b830cbd..0881efd0ad2d 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -30,6 +30,8 @@
30#include <net/bluetooth/hci_core.h> 30#include <net/bluetooth/hci_core.h>
31#include <net/bluetooth/mgmt.h> 31#include <net/bluetooth/mgmt.h>
32 32
33#include "hci_request.h"
34#include "hci_debugfs.h"
33#include "a2mp.h" 35#include "a2mp.h"
34#include "amp.h" 36#include "amp.h"
35#include "smp.h" 37#include "smp.h"
@@ -1282,6 +1284,55 @@ static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
1282 memcpy(hdev->le_states, rp->le_states, 8); 1284 memcpy(hdev->le_states, rp->le_states, 8);
1283} 1285}
1284 1286
1287static void hci_cc_le_read_def_data_len(struct hci_dev *hdev,
1288 struct sk_buff *skb)
1289{
1290 struct hci_rp_le_read_def_data_len *rp = (void *) skb->data;
1291
1292 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1293
1294 if (rp->status)
1295 return;
1296
1297 hdev->le_def_tx_len = le16_to_cpu(rp->tx_len);
1298 hdev->le_def_tx_time = le16_to_cpu(rp->tx_time);
1299}
1300
1301static void hci_cc_le_write_def_data_len(struct hci_dev *hdev,
1302 struct sk_buff *skb)
1303{
1304 struct hci_cp_le_write_def_data_len *sent;
1305 __u8 status = *((__u8 *) skb->data);
1306
1307 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1308
1309 if (status)
1310 return;
1311
1312 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_WRITE_DEF_DATA_LEN);
1313 if (!sent)
1314 return;
1315
1316 hdev->le_def_tx_len = le16_to_cpu(sent->tx_len);
1317 hdev->le_def_tx_time = le16_to_cpu(sent->tx_time);
1318}
1319
1320static void hci_cc_le_read_max_data_len(struct hci_dev *hdev,
1321 struct sk_buff *skb)
1322{
1323 struct hci_rp_le_read_max_data_len *rp = (void *) skb->data;
1324
1325 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1326
1327 if (rp->status)
1328 return;
1329
1330 hdev->le_max_tx_len = le16_to_cpu(rp->tx_len);
1331 hdev->le_max_tx_time = le16_to_cpu(rp->tx_time);
1332 hdev->le_max_rx_len = le16_to_cpu(rp->rx_len);
1333 hdev->le_max_rx_time = le16_to_cpu(rp->rx_time);
1334}
1335
1285static void hci_cc_write_le_host_supported(struct hci_dev *hdev, 1336static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1286 struct sk_buff *skb) 1337 struct sk_buff *skb)
1287{ 1338{
@@ -2115,6 +2166,7 @@ static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2115 } else 2166 } else
2116 conn->state = BT_CONNECTED; 2167 conn->state = BT_CONNECTED;
2117 2168
2169 hci_debugfs_create_conn(conn);
2118 hci_conn_add_sysfs(conn); 2170 hci_conn_add_sysfs(conn);
2119 2171
2120 if (test_bit(HCI_AUTH, &hdev->flags)) 2172 if (test_bit(HCI_AUTH, &hdev->flags))
@@ -2130,7 +2182,7 @@ static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2130 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES, 2182 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
2131 sizeof(cp), &cp); 2183 sizeof(cp), &cp);
2132 2184
2133 hci_update_page_scan(hdev, NULL); 2185 hci_update_page_scan(hdev);
2134 } 2186 }
2135 2187
2136 /* Set packet type for incoming connection */ 2188 /* Set packet type for incoming connection */
@@ -2316,7 +2368,7 @@ static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2316 if (test_bit(HCI_CONN_FLUSH_KEY, &conn->flags)) 2368 if (test_bit(HCI_CONN_FLUSH_KEY, &conn->flags))
2317 hci_remove_link_key(hdev, &conn->dst); 2369 hci_remove_link_key(hdev, &conn->dst);
2318 2370
2319 hci_update_page_scan(hdev, NULL); 2371 hci_update_page_scan(hdev);
2320 } 2372 }
2321 2373
2322 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type); 2374 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
@@ -2854,6 +2906,18 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2854 hci_cc_le_read_supported_states(hdev, skb); 2906 hci_cc_le_read_supported_states(hdev, skb);
2855 break; 2907 break;
2856 2908
2909 case HCI_OP_LE_READ_DEF_DATA_LEN:
2910 hci_cc_le_read_def_data_len(hdev, skb);
2911 break;
2912
2913 case HCI_OP_LE_WRITE_DEF_DATA_LEN:
2914 hci_cc_le_write_def_data_len(hdev, skb);
2915 break;
2916
2917 case HCI_OP_LE_READ_MAX_DATA_LEN:
2918 hci_cc_le_read_max_data_len(hdev, skb);
2919 break;
2920
2857 case HCI_OP_WRITE_LE_HOST_SUPPORTED: 2921 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2858 hci_cc_write_le_host_supported(hdev, skb); 2922 hci_cc_write_le_host_supported(hdev, skb);
2859 break; 2923 break;
@@ -3584,6 +3648,7 @@ static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3584 conn->handle = __le16_to_cpu(ev->handle); 3648 conn->handle = __le16_to_cpu(ev->handle);
3585 conn->state = BT_CONNECTED; 3649 conn->state = BT_CONNECTED;
3586 3650
3651 hci_debugfs_create_conn(conn);
3587 hci_conn_add_sysfs(conn); 3652 hci_conn_add_sysfs(conn);
3588 break; 3653 break;
3589 3654
@@ -4124,6 +4189,7 @@ static void hci_phy_link_complete_evt(struct hci_dev *hdev,
4124 hcon->disc_timeout = HCI_DISCONN_TIMEOUT; 4189 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
4125 hci_conn_drop(hcon); 4190 hci_conn_drop(hcon);
4126 4191
4192 hci_debugfs_create_conn(hcon);
4127 hci_conn_add_sysfs(hcon); 4193 hci_conn_add_sysfs(hcon);
4128 4194
4129 amp_physical_cfm(bredr_hcon, hcon); 4195 amp_physical_cfm(bredr_hcon, hcon);
@@ -4330,6 +4396,7 @@ static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
4330 conn->le_conn_latency = le16_to_cpu(ev->latency); 4396 conn->le_conn_latency = le16_to_cpu(ev->latency);
4331 conn->le_supv_timeout = le16_to_cpu(ev->supervision_timeout); 4397 conn->le_supv_timeout = le16_to_cpu(ev->supervision_timeout);
4332 4398
4399 hci_debugfs_create_conn(conn);
4333 hci_conn_add_sysfs(conn); 4400 hci_conn_add_sysfs(conn);
4334 4401
4335 hci_proto_connect_cfm(conn, ev->status); 4402 hci_proto_connect_cfm(conn, ev->status);
diff --git a/net/bluetooth/hci_request.c b/net/bluetooth/hci_request.c
new file mode 100644
index 000000000000..324c6418b17c
--- /dev/null
+++ b/net/bluetooth/hci_request.c
@@ -0,0 +1,555 @@
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3
4 Copyright (C) 2014 Intel Corporation
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22*/
23
24#include <net/bluetooth/bluetooth.h>
25#include <net/bluetooth/hci_core.h>
26
27#include "smp.h"
28#include "hci_request.h"
29
30void hci_req_init(struct hci_request *req, struct hci_dev *hdev)
31{
32 skb_queue_head_init(&req->cmd_q);
33 req->hdev = hdev;
34 req->err = 0;
35}
36
37int hci_req_run(struct hci_request *req, hci_req_complete_t complete)
38{
39 struct hci_dev *hdev = req->hdev;
40 struct sk_buff *skb;
41 unsigned long flags;
42
43 BT_DBG("length %u", skb_queue_len(&req->cmd_q));
44
45 /* If an error occurred during request building, remove all HCI
46 * commands queued on the HCI request queue.
47 */
48 if (req->err) {
49 skb_queue_purge(&req->cmd_q);
50 return req->err;
51 }
52
53 /* Do not allow empty requests */
54 if (skb_queue_empty(&req->cmd_q))
55 return -ENODATA;
56
57 skb = skb_peek_tail(&req->cmd_q);
58 bt_cb(skb)->req.complete = complete;
59
60 spin_lock_irqsave(&hdev->cmd_q.lock, flags);
61 skb_queue_splice_tail(&req->cmd_q, &hdev->cmd_q);
62 spin_unlock_irqrestore(&hdev->cmd_q.lock, flags);
63
64 queue_work(hdev->workqueue, &hdev->cmd_work);
65
66 return 0;
67}
68
69struct sk_buff *hci_prepare_cmd(struct hci_dev *hdev, u16 opcode, u32 plen,
70 const void *param)
71{
72 int len = HCI_COMMAND_HDR_SIZE + plen;
73 struct hci_command_hdr *hdr;
74 struct sk_buff *skb;
75
76 skb = bt_skb_alloc(len, GFP_ATOMIC);
77 if (!skb)
78 return NULL;
79
80 hdr = (struct hci_command_hdr *) skb_put(skb, HCI_COMMAND_HDR_SIZE);
81 hdr->opcode = cpu_to_le16(opcode);
82 hdr->plen = plen;
83
84 if (plen)
85 memcpy(skb_put(skb, plen), param, plen);
86
87 BT_DBG("skb len %d", skb->len);
88
89 bt_cb(skb)->pkt_type = HCI_COMMAND_PKT;
90 bt_cb(skb)->opcode = opcode;
91
92 return skb;
93}
94
95/* Queue a command to an asynchronous HCI request */
96void hci_req_add_ev(struct hci_request *req, u16 opcode, u32 plen,
97 const void *param, u8 event)
98{
99 struct hci_dev *hdev = req->hdev;
100 struct sk_buff *skb;
101
102 BT_DBG("%s opcode 0x%4.4x plen %d", hdev->name, opcode, plen);
103
104 /* If an error occurred during request building, there is no point in
105 * queueing the HCI command. We can simply return.
106 */
107 if (req->err)
108 return;
109
110 skb = hci_prepare_cmd(hdev, opcode, plen, param);
111 if (!skb) {
112 BT_ERR("%s no memory for command (opcode 0x%4.4x)",
113 hdev->name, opcode);
114 req->err = -ENOMEM;
115 return;
116 }
117
118 if (skb_queue_empty(&req->cmd_q))
119 bt_cb(skb)->req.start = true;
120
121 bt_cb(skb)->req.event = event;
122
123 skb_queue_tail(&req->cmd_q, skb);
124}
125
126void hci_req_add(struct hci_request *req, u16 opcode, u32 plen,
127 const void *param)
128{
129 hci_req_add_ev(req, opcode, plen, param, 0);
130}
131
132void hci_req_add_le_scan_disable(struct hci_request *req)
133{
134 struct hci_cp_le_set_scan_enable cp;
135
136 memset(&cp, 0, sizeof(cp));
137 cp.enable = LE_SCAN_DISABLE;
138 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(cp), &cp);
139}
140
141static void add_to_white_list(struct hci_request *req,
142 struct hci_conn_params *params)
143{
144 struct hci_cp_le_add_to_white_list cp;
145
146 cp.bdaddr_type = params->addr_type;
147 bacpy(&cp.bdaddr, &params->addr);
148
149 hci_req_add(req, HCI_OP_LE_ADD_TO_WHITE_LIST, sizeof(cp), &cp);
150}
151
152static u8 update_white_list(struct hci_request *req)
153{
154 struct hci_dev *hdev = req->hdev;
155 struct hci_conn_params *params;
156 struct bdaddr_list *b;
157 uint8_t white_list_entries = 0;
158
159 /* Go through the current white list programmed into the
160 * controller one by one and check if that address is still
161 * in the list of pending connections or list of devices to
162 * report. If not present in either list, then queue the
163 * command to remove it from the controller.
164 */
165 list_for_each_entry(b, &hdev->le_white_list, list) {
166 struct hci_cp_le_del_from_white_list cp;
167
168 if (hci_pend_le_action_lookup(&hdev->pend_le_conns,
169 &b->bdaddr, b->bdaddr_type) ||
170 hci_pend_le_action_lookup(&hdev->pend_le_reports,
171 &b->bdaddr, b->bdaddr_type)) {
172 white_list_entries++;
173 continue;
174 }
175
176 cp.bdaddr_type = b->bdaddr_type;
177 bacpy(&cp.bdaddr, &b->bdaddr);
178
179 hci_req_add(req, HCI_OP_LE_DEL_FROM_WHITE_LIST,
180 sizeof(cp), &cp);
181 }
182
183 /* Since all no longer valid white list entries have been
184 * removed, walk through the list of pending connections
185 * and ensure that any new device gets programmed into
186 * the controller.
187 *
188 * If the list of the devices is larger than the list of
189 * available white list entries in the controller, then
190 * just abort and return filer policy value to not use the
191 * white list.
192 */
193 list_for_each_entry(params, &hdev->pend_le_conns, action) {
194 if (hci_bdaddr_list_lookup(&hdev->le_white_list,
195 &params->addr, params->addr_type))
196 continue;
197
198 if (white_list_entries >= hdev->le_white_list_size) {
199 /* Select filter policy to accept all advertising */
200 return 0x00;
201 }
202
203 if (hci_find_irk_by_addr(hdev, &params->addr,
204 params->addr_type)) {
205 /* White list can not be used with RPAs */
206 return 0x00;
207 }
208
209 white_list_entries++;
210 add_to_white_list(req, params);
211 }
212
213 /* After adding all new pending connections, walk through
214 * the list of pending reports and also add these to the
215 * white list if there is still space.
216 */
217 list_for_each_entry(params, &hdev->pend_le_reports, action) {
218 if (hci_bdaddr_list_lookup(&hdev->le_white_list,
219 &params->addr, params->addr_type))
220 continue;
221
222 if (white_list_entries >= hdev->le_white_list_size) {
223 /* Select filter policy to accept all advertising */
224 return 0x00;
225 }
226
227 if (hci_find_irk_by_addr(hdev, &params->addr,
228 params->addr_type)) {
229 /* White list can not be used with RPAs */
230 return 0x00;
231 }
232
233 white_list_entries++;
234 add_to_white_list(req, params);
235 }
236
237 /* Select filter policy to use white list */
238 return 0x01;
239}
240
241void hci_req_add_le_passive_scan(struct hci_request *req)
242{
243 struct hci_cp_le_set_scan_param param_cp;
244 struct hci_cp_le_set_scan_enable enable_cp;
245 struct hci_dev *hdev = req->hdev;
246 u8 own_addr_type;
247 u8 filter_policy;
248
249 /* Set require_privacy to false since no SCAN_REQ are send
250 * during passive scanning. Not using an non-resolvable address
251 * here is important so that peer devices using direct
252 * advertising with our address will be correctly reported
253 * by the controller.
254 */
255 if (hci_update_random_address(req, false, &own_addr_type))
256 return;
257
258 /* Adding or removing entries from the white list must
259 * happen before enabling scanning. The controller does
260 * not allow white list modification while scanning.
261 */
262 filter_policy = update_white_list(req);
263
264 /* When the controller is using random resolvable addresses and
265 * with that having LE privacy enabled, then controllers with
266 * Extended Scanner Filter Policies support can now enable support
267 * for handling directed advertising.
268 *
269 * So instead of using filter polices 0x00 (no whitelist)
270 * and 0x01 (whitelist enabled) use the new filter policies
271 * 0x02 (no whitelist) and 0x03 (whitelist enabled).
272 */
273 if (test_bit(HCI_PRIVACY, &hdev->dev_flags) &&
274 (hdev->le_features[0] & HCI_LE_EXT_SCAN_POLICY))
275 filter_policy |= 0x02;
276
277 memset(&param_cp, 0, sizeof(param_cp));
278 param_cp.type = LE_SCAN_PASSIVE;
279 param_cp.interval = cpu_to_le16(hdev->le_scan_interval);
280 param_cp.window = cpu_to_le16(hdev->le_scan_window);
281 param_cp.own_address_type = own_addr_type;
282 param_cp.filter_policy = filter_policy;
283 hci_req_add(req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
284 &param_cp);
285
286 memset(&enable_cp, 0, sizeof(enable_cp));
287 enable_cp.enable = LE_SCAN_ENABLE;
288 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
289 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
290 &enable_cp);
291}
292
293static void set_random_addr(struct hci_request *req, bdaddr_t *rpa)
294{
295 struct hci_dev *hdev = req->hdev;
296
297 /* If we're advertising or initiating an LE connection we can't
298 * go ahead and change the random address at this time. This is
299 * because the eventual initiator address used for the
300 * subsequently created connection will be undefined (some
301 * controllers use the new address and others the one we had
302 * when the operation started).
303 *
304 * In this kind of scenario skip the update and let the random
305 * address be updated at the next cycle.
306 */
307 if (test_bit(HCI_LE_ADV, &hdev->dev_flags) ||
308 hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT)) {
309 BT_DBG("Deferring random address update");
310 set_bit(HCI_RPA_EXPIRED, &hdev->dev_flags);
311 return;
312 }
313
314 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6, rpa);
315}
316
317int hci_update_random_address(struct hci_request *req, bool require_privacy,
318 u8 *own_addr_type)
319{
320 struct hci_dev *hdev = req->hdev;
321 int err;
322
323 /* If privacy is enabled use a resolvable private address. If
324 * current RPA has expired or there is something else than
325 * the current RPA in use, then generate a new one.
326 */
327 if (test_bit(HCI_PRIVACY, &hdev->dev_flags)) {
328 int to;
329
330 *own_addr_type = ADDR_LE_DEV_RANDOM;
331
332 if (!test_and_clear_bit(HCI_RPA_EXPIRED, &hdev->dev_flags) &&
333 !bacmp(&hdev->random_addr, &hdev->rpa))
334 return 0;
335
336 err = smp_generate_rpa(hdev, hdev->irk, &hdev->rpa);
337 if (err < 0) {
338 BT_ERR("%s failed to generate new RPA", hdev->name);
339 return err;
340 }
341
342 set_random_addr(req, &hdev->rpa);
343
344 to = msecs_to_jiffies(hdev->rpa_timeout * 1000);
345 queue_delayed_work(hdev->workqueue, &hdev->rpa_expired, to);
346
347 return 0;
348 }
349
350 /* In case of required privacy without resolvable private address,
351 * use an non-resolvable private address. This is useful for active
352 * scanning and non-connectable advertising.
353 */
354 if (require_privacy) {
355 bdaddr_t nrpa;
356
357 while (true) {
358 /* The non-resolvable private address is generated
359 * from random six bytes with the two most significant
360 * bits cleared.
361 */
362 get_random_bytes(&nrpa, 6);
363 nrpa.b[5] &= 0x3f;
364
365 /* The non-resolvable private address shall not be
366 * equal to the public address.
367 */
368 if (bacmp(&hdev->bdaddr, &nrpa))
369 break;
370 }
371
372 *own_addr_type = ADDR_LE_DEV_RANDOM;
373 set_random_addr(req, &nrpa);
374 return 0;
375 }
376
377 /* If forcing static address is in use or there is no public
378 * address use the static address as random address (but skip
379 * the HCI command if the current random address is already the
380 * static one.
381 *
382 * In case BR/EDR has been disabled on a dual-mode controller
383 * and a static address has been configured, then use that
384 * address instead of the public BR/EDR address.
385 */
386 if (test_bit(HCI_FORCE_STATIC_ADDR, &hdev->dbg_flags) ||
387 !bacmp(&hdev->bdaddr, BDADDR_ANY) ||
388 (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) &&
389 bacmp(&hdev->static_addr, BDADDR_ANY))) {
390 *own_addr_type = ADDR_LE_DEV_RANDOM;
391 if (bacmp(&hdev->static_addr, &hdev->random_addr))
392 hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6,
393 &hdev->static_addr);
394 return 0;
395 }
396
397 /* Neither privacy nor static address is being used so use a
398 * public address.
399 */
400 *own_addr_type = ADDR_LE_DEV_PUBLIC;
401
402 return 0;
403}
404
405static bool disconnected_whitelist_entries(struct hci_dev *hdev)
406{
407 struct bdaddr_list *b;
408
409 list_for_each_entry(b, &hdev->whitelist, list) {
410 struct hci_conn *conn;
411
412 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &b->bdaddr);
413 if (!conn)
414 return true;
415
416 if (conn->state != BT_CONNECTED && conn->state != BT_CONFIG)
417 return true;
418 }
419
420 return false;
421}
422
423void __hci_update_page_scan(struct hci_request *req)
424{
425 struct hci_dev *hdev = req->hdev;
426 u8 scan;
427
428 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
429 return;
430
431 if (!hdev_is_powered(hdev))
432 return;
433
434 if (mgmt_powering_down(hdev))
435 return;
436
437 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags) ||
438 disconnected_whitelist_entries(hdev))
439 scan = SCAN_PAGE;
440 else
441 scan = SCAN_DISABLED;
442
443 if (test_bit(HCI_PSCAN, &hdev->flags) == !!(scan & SCAN_PAGE))
444 return;
445
446 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
447 scan |= SCAN_INQUIRY;
448
449 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
450}
451
452void hci_update_page_scan(struct hci_dev *hdev)
453{
454 struct hci_request req;
455
456 hci_req_init(&req, hdev);
457 __hci_update_page_scan(&req);
458 hci_req_run(&req, NULL);
459}
460
461/* This function controls the background scanning based on hdev->pend_le_conns
462 * list. If there are pending LE connection we start the background scanning,
463 * otherwise we stop it.
464 *
465 * This function requires the caller holds hdev->lock.
466 */
467void __hci_update_background_scan(struct hci_request *req)
468{
469 struct hci_dev *hdev = req->hdev;
470 struct hci_conn *conn;
471
472 if (!test_bit(HCI_UP, &hdev->flags) ||
473 test_bit(HCI_INIT, &hdev->flags) ||
474 test_bit(HCI_SETUP, &hdev->dev_flags) ||
475 test_bit(HCI_CONFIG, &hdev->dev_flags) ||
476 test_bit(HCI_AUTO_OFF, &hdev->dev_flags) ||
477 test_bit(HCI_UNREGISTER, &hdev->dev_flags))
478 return;
479
480 /* No point in doing scanning if LE support hasn't been enabled */
481 if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
482 return;
483
484 /* If discovery is active don't interfere with it */
485 if (hdev->discovery.state != DISCOVERY_STOPPED)
486 return;
487
488 /* Reset RSSI and UUID filters when starting background scanning
489 * since these filters are meant for service discovery only.
490 *
491 * The Start Discovery and Start Service Discovery operations
492 * ensure to set proper values for RSSI threshold and UUID
493 * filter list. So it is safe to just reset them here.
494 */
495 hci_discovery_filter_clear(hdev);
496
497 if (list_empty(&hdev->pend_le_conns) &&
498 list_empty(&hdev->pend_le_reports)) {
499 /* If there is no pending LE connections or devices
500 * to be scanned for, we should stop the background
501 * scanning.
502 */
503
504 /* If controller is not scanning we are done. */
505 if (!test_bit(HCI_LE_SCAN, &hdev->dev_flags))
506 return;
507
508 hci_req_add_le_scan_disable(req);
509
510 BT_DBG("%s stopping background scanning", hdev->name);
511 } else {
512 /* If there is at least one pending LE connection, we should
513 * keep the background scan running.
514 */
515
516 /* If controller is connecting, we should not start scanning
517 * since some controllers are not able to scan and connect at
518 * the same time.
519 */
520 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
521 if (conn)
522 return;
523
524 /* If controller is currently scanning, we stop it to ensure we
525 * don't miss any advertising (due to duplicates filter).
526 */
527 if (test_bit(HCI_LE_SCAN, &hdev->dev_flags))
528 hci_req_add_le_scan_disable(req);
529
530 hci_req_add_le_passive_scan(req);
531
532 BT_DBG("%s starting background scanning", hdev->name);
533 }
534}
535
536static void update_background_scan_complete(struct hci_dev *hdev, u8 status)
537{
538 if (status)
539 BT_DBG("HCI request failed to update background scanning: "
540 "status 0x%2.2x", status);
541}
542
543void hci_update_background_scan(struct hci_dev *hdev)
544{
545 int err;
546 struct hci_request req;
547
548 hci_req_init(&req, hdev);
549
550 __hci_update_background_scan(&req);
551
552 err = hci_req_run(&req, update_background_scan_complete);
553 if (err && err != -ENODATA)
554 BT_ERR("Failed to run HCI request: err %d", err);
555}
diff --git a/net/bluetooth/hci_request.h b/net/bluetooth/hci_request.h
new file mode 100644
index 000000000000..adf074d33544
--- /dev/null
+++ b/net/bluetooth/hci_request.h
@@ -0,0 +1,54 @@
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2014 Intel Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23struct hci_request {
24 struct hci_dev *hdev;
25 struct sk_buff_head cmd_q;
26
27 /* If something goes wrong when building the HCI request, the error
28 * value is stored in this field.
29 */
30 int err;
31};
32
33void hci_req_init(struct hci_request *req, struct hci_dev *hdev);
34int hci_req_run(struct hci_request *req, hci_req_complete_t complete);
35void hci_req_add(struct hci_request *req, u16 opcode, u32 plen,
36 const void *param);
37void hci_req_add_ev(struct hci_request *req, u16 opcode, u32 plen,
38 const void *param, u8 event);
39void hci_req_cmd_complete(struct hci_dev *hdev, u16 opcode, u8 status);
40
41struct sk_buff *hci_prepare_cmd(struct hci_dev *hdev, u16 opcode, u32 plen,
42 const void *param);
43
44void hci_req_add_le_scan_disable(struct hci_request *req);
45void hci_req_add_le_passive_scan(struct hci_request *req);
46
47void hci_update_page_scan(struct hci_dev *hdev);
48void __hci_update_page_scan(struct hci_request *req);
49
50int hci_update_random_address(struct hci_request *req, bool require_privacy,
51 u8 *own_addr_type);
52
53void hci_update_background_scan(struct hci_dev *hdev);
54void __hci_update_background_scan(struct hci_request *req);
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 693ce8bcd06e..3d2f7ad1e655 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -32,6 +32,7 @@
32#include <net/bluetooth/l2cap.h> 32#include <net/bluetooth/l2cap.h>
33#include <net/bluetooth/mgmt.h> 33#include <net/bluetooth/mgmt.h>
34 34
35#include "hci_request.h"
35#include "smp.h" 36#include "smp.h"
36 37
37#define MGMT_VERSION 1 38#define MGMT_VERSION 1
@@ -138,7 +139,7 @@ struct pending_cmd {
138 size_t param_len; 139 size_t param_len;
139 struct sock *sk; 140 struct sock *sk;
140 void *user_data; 141 void *user_data;
141 void (*cmd_complete)(struct pending_cmd *cmd, u8 status); 142 int (*cmd_complete)(struct pending_cmd *cmd, u8 status);
142}; 143};
143 144
144/* HCI to MGMT error code conversion table */ 145/* HCI to MGMT error code conversion table */
@@ -1486,16 +1487,16 @@ static void cmd_complete_rsp(struct pending_cmd *cmd, void *data)
1486 cmd_status_rsp(cmd, data); 1487 cmd_status_rsp(cmd, data);
1487} 1488}
1488 1489
1489static void generic_cmd_complete(struct pending_cmd *cmd, u8 status) 1490static int generic_cmd_complete(struct pending_cmd *cmd, u8 status)
1490{ 1491{
1491 cmd_complete(cmd->sk, cmd->index, cmd->opcode, status, cmd->param, 1492 return cmd_complete(cmd->sk, cmd->index, cmd->opcode, status,
1492 cmd->param_len); 1493 cmd->param, cmd->param_len);
1493} 1494}
1494 1495
1495static void addr_cmd_complete(struct pending_cmd *cmd, u8 status) 1496static int addr_cmd_complete(struct pending_cmd *cmd, u8 status)
1496{ 1497{
1497 cmd_complete(cmd->sk, cmd->index, cmd->opcode, status, cmd->param, 1498 return cmd_complete(cmd->sk, cmd->index, cmd->opcode, status, cmd->param,
1498 sizeof(struct mgmt_addr_info)); 1499 sizeof(struct mgmt_addr_info));
1499} 1500}
1500 1501
1501static u8 mgmt_bredr_support(struct hci_dev *hdev) 1502static u8 mgmt_bredr_support(struct hci_dev *hdev)
@@ -1566,7 +1567,7 @@ static void set_discoverable_complete(struct hci_dev *hdev, u8 status)
1566 * entries. 1567 * entries.
1567 */ 1568 */
1568 hci_req_init(&req, hdev); 1569 hci_req_init(&req, hdev);
1569 hci_update_page_scan(hdev, &req); 1570 __hci_update_page_scan(&req);
1570 update_class(&req); 1571 update_class(&req);
1571 hci_req_run(&req, NULL); 1572 hci_req_run(&req, NULL);
1572 1573
@@ -1813,7 +1814,7 @@ static void set_connectable_complete(struct hci_dev *hdev, u8 status)
1813 1814
1814 if (conn_changed || discov_changed) { 1815 if (conn_changed || discov_changed) {
1815 new_settings(hdev, cmd->sk); 1816 new_settings(hdev, cmd->sk);
1816 hci_update_page_scan(hdev, NULL); 1817 hci_update_page_scan(hdev);
1817 if (discov_changed) 1818 if (discov_changed)
1818 mgmt_update_adv_data(hdev); 1819 mgmt_update_adv_data(hdev);
1819 hci_update_background_scan(hdev); 1820 hci_update_background_scan(hdev);
@@ -1847,7 +1848,7 @@ static int set_connectable_update_settings(struct hci_dev *hdev,
1847 return err; 1848 return err;
1848 1849
1849 if (changed) { 1850 if (changed) {
1850 hci_update_page_scan(hdev, NULL); 1851 hci_update_page_scan(hdev);
1851 hci_update_background_scan(hdev); 1852 hci_update_background_scan(hdev);
1852 return new_settings(hdev, sk); 1853 return new_settings(hdev, sk);
1853 } 1854 }
@@ -2227,9 +2228,8 @@ static void le_enable_complete(struct hci_dev *hdev, u8 status)
2227 hci_req_init(&req, hdev); 2228 hci_req_init(&req, hdev);
2228 update_adv_data(&req); 2229 update_adv_data(&req);
2229 update_scan_rsp_data(&req); 2230 update_scan_rsp_data(&req);
2231 __hci_update_background_scan(&req);
2230 hci_req_run(&req, NULL); 2232 hci_req_run(&req, NULL);
2231
2232 hci_update_background_scan(hdev);
2233 } 2233 }
2234 2234
2235unlock: 2235unlock:
@@ -3098,16 +3098,17 @@ static struct pending_cmd *find_pairing(struct hci_conn *conn)
3098 return NULL; 3098 return NULL;
3099} 3099}
3100 3100
3101static void pairing_complete(struct pending_cmd *cmd, u8 status) 3101static int pairing_complete(struct pending_cmd *cmd, u8 status)
3102{ 3102{
3103 struct mgmt_rp_pair_device rp; 3103 struct mgmt_rp_pair_device rp;
3104 struct hci_conn *conn = cmd->user_data; 3104 struct hci_conn *conn = cmd->user_data;
3105 int err;
3105 3106
3106 bacpy(&rp.addr.bdaddr, &conn->dst); 3107 bacpy(&rp.addr.bdaddr, &conn->dst);
3107 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type); 3108 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
3108 3109
3109 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status, 3110 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
3110 &rp, sizeof(rp)); 3111 &rp, sizeof(rp));
3111 3112
3112 /* So we don't get further callbacks for this connection */ 3113 /* So we don't get further callbacks for this connection */
3113 conn->connect_cfm_cb = NULL; 3114 conn->connect_cfm_cb = NULL;
@@ -3122,6 +3123,8 @@ static void pairing_complete(struct pending_cmd *cmd, u8 status)
3122 clear_bit(HCI_CONN_PARAM_REMOVAL_PEND, &conn->flags); 3123 clear_bit(HCI_CONN_PARAM_REMOVAL_PEND, &conn->flags);
3123 3124
3124 hci_conn_put(conn); 3125 hci_conn_put(conn);
3126
3127 return err;
3125} 3128}
3126 3129
3127void mgmt_smp_complete(struct hci_conn *conn, bool complete) 3130void mgmt_smp_complete(struct hci_conn *conn, bool complete)
@@ -3947,9 +3950,10 @@ failed:
3947 return err; 3950 return err;
3948} 3951}
3949 3952
3950static void service_discovery_cmd_complete(struct pending_cmd *cmd, u8 status) 3953static int service_discovery_cmd_complete(struct pending_cmd *cmd, u8 status)
3951{ 3954{
3952 cmd_complete(cmd->sk, cmd->index, cmd->opcode, status, cmd->param, 1); 3955 return cmd_complete(cmd->sk, cmd->index, cmd->opcode, status,
3956 cmd->param, 1);
3953} 3957}
3954 3958
3955static int start_service_discovery(struct sock *sk, struct hci_dev *hdev, 3959static int start_service_discovery(struct sock *sk, struct hci_dev *hdev,
@@ -4697,7 +4701,7 @@ static int set_bredr(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
4697 hci_req_init(&req, hdev); 4701 hci_req_init(&req, hdev);
4698 4702
4699 write_fast_connectable(&req, false); 4703 write_fast_connectable(&req, false);
4700 hci_update_page_scan(hdev, &req); 4704 __hci_update_page_scan(&req);
4701 4705
4702 /* Since only the advertising data flags will change, there 4706 /* Since only the advertising data flags will change, there
4703 * is no need to update the scan response data. 4707 * is no need to update the scan response data.
@@ -5091,10 +5095,11 @@ static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
5091 return err; 5095 return err;
5092} 5096}
5093 5097
5094static void conn_info_cmd_complete(struct pending_cmd *cmd, u8 status) 5098static int conn_info_cmd_complete(struct pending_cmd *cmd, u8 status)
5095{ 5099{
5096 struct hci_conn *conn = cmd->user_data; 5100 struct hci_conn *conn = cmd->user_data;
5097 struct mgmt_rp_get_conn_info rp; 5101 struct mgmt_rp_get_conn_info rp;
5102 int err;
5098 5103
5099 memcpy(&rp.addr, cmd->param, sizeof(rp.addr)); 5104 memcpy(&rp.addr, cmd->param, sizeof(rp.addr));
5100 5105
@@ -5108,11 +5113,13 @@ static void conn_info_cmd_complete(struct pending_cmd *cmd, u8 status)
5108 rp.max_tx_power = HCI_TX_POWER_INVALID; 5113 rp.max_tx_power = HCI_TX_POWER_INVALID;
5109 } 5114 }
5110 5115
5111 cmd_complete(cmd->sk, cmd->index, MGMT_OP_GET_CONN_INFO, status, 5116 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_GET_CONN_INFO, status,
5112 &rp, sizeof(rp)); 5117 &rp, sizeof(rp));
5113 5118
5114 hci_conn_drop(conn); 5119 hci_conn_drop(conn);
5115 hci_conn_put(conn); 5120 hci_conn_put(conn);
5121
5122 return err;
5116} 5123}
5117 5124
5118static void conn_info_refresh_complete(struct hci_dev *hdev, u8 hci_status) 5125static void conn_info_refresh_complete(struct hci_dev *hdev, u8 hci_status)
@@ -5286,11 +5293,12 @@ unlock:
5286 return err; 5293 return err;
5287} 5294}
5288 5295
5289static void clock_info_cmd_complete(struct pending_cmd *cmd, u8 status) 5296static int clock_info_cmd_complete(struct pending_cmd *cmd, u8 status)
5290{ 5297{
5291 struct hci_conn *conn = cmd->user_data; 5298 struct hci_conn *conn = cmd->user_data;
5292 struct mgmt_rp_get_clock_info rp; 5299 struct mgmt_rp_get_clock_info rp;
5293 struct hci_dev *hdev; 5300 struct hci_dev *hdev;
5301 int err;
5294 5302
5295 memset(&rp, 0, sizeof(rp)); 5303 memset(&rp, 0, sizeof(rp));
5296 memcpy(&rp.addr, &cmd->param, sizeof(rp.addr)); 5304 memcpy(&rp.addr, &cmd->param, sizeof(rp.addr));
@@ -5310,12 +5318,15 @@ static void clock_info_cmd_complete(struct pending_cmd *cmd, u8 status)
5310 } 5318 }
5311 5319
5312complete: 5320complete:
5313 cmd_complete(cmd->sk, cmd->index, cmd->opcode, status, &rp, sizeof(rp)); 5321 err = cmd_complete(cmd->sk, cmd->index, cmd->opcode, status, &rp,
5322 sizeof(rp));
5314 5323
5315 if (conn) { 5324 if (conn) {
5316 hci_conn_drop(conn); 5325 hci_conn_drop(conn);
5317 hci_conn_put(conn); 5326 hci_conn_put(conn);
5318 } 5327 }
5328
5329 return err;
5319} 5330}
5320 5331
5321static void get_clock_info_complete(struct hci_dev *hdev, u8 status) 5332static void get_clock_info_complete(struct hci_dev *hdev, u8 status)
@@ -5425,6 +5436,65 @@ unlock:
5425 return err; 5436 return err;
5426} 5437}
5427 5438
5439static bool is_connected(struct hci_dev *hdev, bdaddr_t *addr, u8 type)
5440{
5441 struct hci_conn *conn;
5442
5443 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, addr);
5444 if (!conn)
5445 return false;
5446
5447 if (conn->dst_type != type)
5448 return false;
5449
5450 if (conn->state != BT_CONNECTED)
5451 return false;
5452
5453 return true;
5454}
5455
5456/* This function requires the caller holds hdev->lock */
5457static int hci_conn_params_set(struct hci_request *req, bdaddr_t *addr,
5458 u8 addr_type, u8 auto_connect)
5459{
5460 struct hci_dev *hdev = req->hdev;
5461 struct hci_conn_params *params;
5462
5463 params = hci_conn_params_add(hdev, addr, addr_type);
5464 if (!params)
5465 return -EIO;
5466
5467 if (params->auto_connect == auto_connect)
5468 return 0;
5469
5470 list_del_init(&params->action);
5471
5472 switch (auto_connect) {
5473 case HCI_AUTO_CONN_DISABLED:
5474 case HCI_AUTO_CONN_LINK_LOSS:
5475 __hci_update_background_scan(req);
5476 break;
5477 case HCI_AUTO_CONN_REPORT:
5478 list_add(&params->action, &hdev->pend_le_reports);
5479 __hci_update_background_scan(req);
5480 break;
5481 case HCI_AUTO_CONN_DIRECT:
5482 case HCI_AUTO_CONN_ALWAYS:
5483 if (!is_connected(hdev, addr, addr_type)) {
5484 list_add(&params->action, &hdev->pend_le_conns);
5485 __hci_update_background_scan(req);
5486 }
5487 break;
5488 }
5489
5490 params->auto_connect = auto_connect;
5491
5492 BT_DBG("addr %pMR (type %u) auto_connect %u", addr, addr_type,
5493 auto_connect);
5494
5495 return 0;
5496}
5497
5428static void device_added(struct sock *sk, struct hci_dev *hdev, 5498static void device_added(struct sock *sk, struct hci_dev *hdev,
5429 bdaddr_t *bdaddr, u8 type, u8 action) 5499 bdaddr_t *bdaddr, u8 type, u8 action)
5430{ 5500{
@@ -5437,10 +5507,31 @@ static void device_added(struct sock *sk, struct hci_dev *hdev,
5437 mgmt_event(MGMT_EV_DEVICE_ADDED, hdev, &ev, sizeof(ev), sk); 5507 mgmt_event(MGMT_EV_DEVICE_ADDED, hdev, &ev, sizeof(ev), sk);
5438} 5508}
5439 5509
5510static void add_device_complete(struct hci_dev *hdev, u8 status)
5511{
5512 struct pending_cmd *cmd;
5513
5514 BT_DBG("status 0x%02x", status);
5515
5516 hci_dev_lock(hdev);
5517
5518 cmd = mgmt_pending_find(MGMT_OP_ADD_DEVICE, hdev);
5519 if (!cmd)
5520 goto unlock;
5521
5522 cmd->cmd_complete(cmd, mgmt_status(status));
5523 mgmt_pending_remove(cmd);
5524
5525unlock:
5526 hci_dev_unlock(hdev);
5527}
5528
5440static int add_device(struct sock *sk, struct hci_dev *hdev, 5529static int add_device(struct sock *sk, struct hci_dev *hdev,
5441 void *data, u16 len) 5530 void *data, u16 len)
5442{ 5531{
5443 struct mgmt_cp_add_device *cp = data; 5532 struct mgmt_cp_add_device *cp = data;
5533 struct pending_cmd *cmd;
5534 struct hci_request req;
5444 u8 auto_conn, addr_type; 5535 u8 auto_conn, addr_type;
5445 int err; 5536 int err;
5446 5537
@@ -5457,14 +5548,24 @@ static int add_device(struct sock *sk, struct hci_dev *hdev,
5457 MGMT_STATUS_INVALID_PARAMS, 5548 MGMT_STATUS_INVALID_PARAMS,
5458 &cp->addr, sizeof(cp->addr)); 5549 &cp->addr, sizeof(cp->addr));
5459 5550
5551 hci_req_init(&req, hdev);
5552
5460 hci_dev_lock(hdev); 5553 hci_dev_lock(hdev);
5461 5554
5555 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_DEVICE, hdev, data, len);
5556 if (!cmd) {
5557 err = -ENOMEM;
5558 goto unlock;
5559 }
5560
5561 cmd->cmd_complete = addr_cmd_complete;
5562
5462 if (cp->addr.type == BDADDR_BREDR) { 5563 if (cp->addr.type == BDADDR_BREDR) {
5463 /* Only incoming connections action is supported for now */ 5564 /* Only incoming connections action is supported for now */
5464 if (cp->action != 0x01) { 5565 if (cp->action != 0x01) {
5465 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_DEVICE, 5566 err = cmd->cmd_complete(cmd,
5466 MGMT_STATUS_INVALID_PARAMS, 5567 MGMT_STATUS_INVALID_PARAMS);
5467 &cp->addr, sizeof(cp->addr)); 5568 mgmt_pending_remove(cmd);
5468 goto unlock; 5569 goto unlock;
5469 } 5570 }
5470 5571
@@ -5473,7 +5574,7 @@ static int add_device(struct sock *sk, struct hci_dev *hdev,
5473 if (err) 5574 if (err)
5474 goto unlock; 5575 goto unlock;
5475 5576
5476 hci_update_page_scan(hdev, NULL); 5577 __hci_update_page_scan(&req);
5477 5578
5478 goto added; 5579 goto added;
5479 } 5580 }
@@ -5493,19 +5594,25 @@ static int add_device(struct sock *sk, struct hci_dev *hdev,
5493 /* If the connection parameters don't exist for this device, 5594 /* If the connection parameters don't exist for this device,
5494 * they will be created and configured with defaults. 5595 * they will be created and configured with defaults.
5495 */ 5596 */
5496 if (hci_conn_params_set(hdev, &cp->addr.bdaddr, addr_type, 5597 if (hci_conn_params_set(&req, &cp->addr.bdaddr, addr_type,
5497 auto_conn) < 0) { 5598 auto_conn) < 0) {
5498 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_DEVICE, 5599 err = cmd->cmd_complete(cmd, MGMT_STATUS_FAILED);
5499 MGMT_STATUS_FAILED, 5600 mgmt_pending_remove(cmd);
5500 &cp->addr, sizeof(cp->addr));
5501 goto unlock; 5601 goto unlock;
5502 } 5602 }
5503 5603
5504added: 5604added:
5505 device_added(sk, hdev, &cp->addr.bdaddr, cp->addr.type, cp->action); 5605 device_added(sk, hdev, &cp->addr.bdaddr, cp->addr.type, cp->action);
5506 5606
5507 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_DEVICE, 5607 err = hci_req_run(&req, add_device_complete);
5508 MGMT_STATUS_SUCCESS, &cp->addr, sizeof(cp->addr)); 5608 if (err < 0) {
5609 /* ENODATA means no HCI commands were needed (e.g. if
5610 * the adapter is powered off).
5611 */
5612 if (err == -ENODATA)
5613 err = cmd->cmd_complete(cmd, MGMT_STATUS_SUCCESS);
5614 mgmt_pending_remove(cmd);
5615 }
5509 5616
5510unlock: 5617unlock:
5511 hci_dev_unlock(hdev); 5618 hci_dev_unlock(hdev);
@@ -5523,24 +5630,55 @@ static void device_removed(struct sock *sk, struct hci_dev *hdev,
5523 mgmt_event(MGMT_EV_DEVICE_REMOVED, hdev, &ev, sizeof(ev), sk); 5630 mgmt_event(MGMT_EV_DEVICE_REMOVED, hdev, &ev, sizeof(ev), sk);
5524} 5631}
5525 5632
5633static void remove_device_complete(struct hci_dev *hdev, u8 status)
5634{
5635 struct pending_cmd *cmd;
5636
5637 BT_DBG("status 0x%02x", status);
5638
5639 hci_dev_lock(hdev);
5640
5641 cmd = mgmt_pending_find(MGMT_OP_REMOVE_DEVICE, hdev);
5642 if (!cmd)
5643 goto unlock;
5644
5645 cmd->cmd_complete(cmd, mgmt_status(status));
5646 mgmt_pending_remove(cmd);
5647
5648unlock:
5649 hci_dev_unlock(hdev);
5650}
5651
5526static int remove_device(struct sock *sk, struct hci_dev *hdev, 5652static int remove_device(struct sock *sk, struct hci_dev *hdev,
5527 void *data, u16 len) 5653 void *data, u16 len)
5528{ 5654{
5529 struct mgmt_cp_remove_device *cp = data; 5655 struct mgmt_cp_remove_device *cp = data;
5656 struct pending_cmd *cmd;
5657 struct hci_request req;
5530 int err; 5658 int err;
5531 5659
5532 BT_DBG("%s", hdev->name); 5660 BT_DBG("%s", hdev->name);
5533 5661
5662 hci_req_init(&req, hdev);
5663
5534 hci_dev_lock(hdev); 5664 hci_dev_lock(hdev);
5535 5665
5666 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_DEVICE, hdev, data, len);
5667 if (!cmd) {
5668 err = -ENOMEM;
5669 goto unlock;
5670 }
5671
5672 cmd->cmd_complete = addr_cmd_complete;
5673
5536 if (bacmp(&cp->addr.bdaddr, BDADDR_ANY)) { 5674 if (bacmp(&cp->addr.bdaddr, BDADDR_ANY)) {
5537 struct hci_conn_params *params; 5675 struct hci_conn_params *params;
5538 u8 addr_type; 5676 u8 addr_type;
5539 5677
5540 if (!bdaddr_type_is_valid(cp->addr.type)) { 5678 if (!bdaddr_type_is_valid(cp->addr.type)) {
5541 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_DEVICE, 5679 err = cmd->cmd_complete(cmd,
5542 MGMT_STATUS_INVALID_PARAMS, 5680 MGMT_STATUS_INVALID_PARAMS);
5543 &cp->addr, sizeof(cp->addr)); 5681 mgmt_pending_remove(cmd);
5544 goto unlock; 5682 goto unlock;
5545 } 5683 }
5546 5684
@@ -5549,14 +5687,13 @@ static int remove_device(struct sock *sk, struct hci_dev *hdev,
5549 &cp->addr.bdaddr, 5687 &cp->addr.bdaddr,
5550 cp->addr.type); 5688 cp->addr.type);
5551 if (err) { 5689 if (err) {
5552 err = cmd_complete(sk, hdev->id, 5690 err = cmd->cmd_complete(cmd,
5553 MGMT_OP_REMOVE_DEVICE, 5691 MGMT_STATUS_INVALID_PARAMS);
5554 MGMT_STATUS_INVALID_PARAMS, 5692 mgmt_pending_remove(cmd);
5555 &cp->addr, sizeof(cp->addr));
5556 goto unlock; 5693 goto unlock;
5557 } 5694 }
5558 5695
5559 hci_update_page_scan(hdev, NULL); 5696 __hci_update_page_scan(&req);
5560 5697
5561 device_removed(sk, hdev, &cp->addr.bdaddr, 5698 device_removed(sk, hdev, &cp->addr.bdaddr,
5562 cp->addr.type); 5699 cp->addr.type);
@@ -5571,23 +5708,23 @@ static int remove_device(struct sock *sk, struct hci_dev *hdev,
5571 params = hci_conn_params_lookup(hdev, &cp->addr.bdaddr, 5708 params = hci_conn_params_lookup(hdev, &cp->addr.bdaddr,
5572 addr_type); 5709 addr_type);
5573 if (!params) { 5710 if (!params) {
5574 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_DEVICE, 5711 err = cmd->cmd_complete(cmd,
5575 MGMT_STATUS_INVALID_PARAMS, 5712 MGMT_STATUS_INVALID_PARAMS);
5576 &cp->addr, sizeof(cp->addr)); 5713 mgmt_pending_remove(cmd);
5577 goto unlock; 5714 goto unlock;
5578 } 5715 }
5579 5716
5580 if (params->auto_connect == HCI_AUTO_CONN_DISABLED) { 5717 if (params->auto_connect == HCI_AUTO_CONN_DISABLED) {
5581 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_DEVICE, 5718 err = cmd->cmd_complete(cmd,
5582 MGMT_STATUS_INVALID_PARAMS, 5719 MGMT_STATUS_INVALID_PARAMS);
5583 &cp->addr, sizeof(cp->addr)); 5720 mgmt_pending_remove(cmd);
5584 goto unlock; 5721 goto unlock;
5585 } 5722 }
5586 5723
5587 list_del(&params->action); 5724 list_del(&params->action);
5588 list_del(&params->list); 5725 list_del(&params->list);
5589 kfree(params); 5726 kfree(params);
5590 hci_update_background_scan(hdev); 5727 __hci_update_background_scan(&req);
5591 5728
5592 device_removed(sk, hdev, &cp->addr.bdaddr, cp->addr.type); 5729 device_removed(sk, hdev, &cp->addr.bdaddr, cp->addr.type);
5593 } else { 5730 } else {
@@ -5595,9 +5732,9 @@ static int remove_device(struct sock *sk, struct hci_dev *hdev,
5595 struct bdaddr_list *b, *btmp; 5732 struct bdaddr_list *b, *btmp;
5596 5733
5597 if (cp->addr.type) { 5734 if (cp->addr.type) {
5598 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_DEVICE, 5735 err = cmd->cmd_complete(cmd,
5599 MGMT_STATUS_INVALID_PARAMS, 5736 MGMT_STATUS_INVALID_PARAMS);
5600 &cp->addr, sizeof(cp->addr)); 5737 mgmt_pending_remove(cmd);
5601 goto unlock; 5738 goto unlock;
5602 } 5739 }
5603 5740
@@ -5607,7 +5744,7 @@ static int remove_device(struct sock *sk, struct hci_dev *hdev,
5607 kfree(b); 5744 kfree(b);
5608 } 5745 }
5609 5746
5610 hci_update_page_scan(hdev, NULL); 5747 __hci_update_page_scan(&req);
5611 5748
5612 list_for_each_entry_safe(p, tmp, &hdev->le_conn_params, list) { 5749 list_for_each_entry_safe(p, tmp, &hdev->le_conn_params, list) {
5613 if (p->auto_connect == HCI_AUTO_CONN_DISABLED) 5750 if (p->auto_connect == HCI_AUTO_CONN_DISABLED)
@@ -5620,12 +5757,19 @@ static int remove_device(struct sock *sk, struct hci_dev *hdev,
5620 5757
5621 BT_DBG("All LE connection parameters were removed"); 5758 BT_DBG("All LE connection parameters were removed");
5622 5759
5623 hci_update_background_scan(hdev); 5760 __hci_update_background_scan(&req);
5624 } 5761 }
5625 5762
5626complete: 5763complete:
5627 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_DEVICE, 5764 err = hci_req_run(&req, remove_device_complete);
5628 MGMT_STATUS_SUCCESS, &cp->addr, sizeof(cp->addr)); 5765 if (err < 0) {
5766 /* ENODATA means no HCI commands were needed (e.g. if
5767 * the adapter is powered off).
5768 */
5769 if (err == -ENODATA)
5770 err = cmd->cmd_complete(cmd, MGMT_STATUS_SUCCESS);
5771 mgmt_pending_remove(cmd);
5772 }
5629 5773
5630unlock: 5774unlock:
5631 hci_dev_unlock(hdev); 5775 hci_dev_unlock(hdev);
@@ -6037,8 +6181,9 @@ void mgmt_index_removed(struct hci_dev *hdev)
6037} 6181}
6038 6182
6039/* This function requires the caller holds hdev->lock */ 6183/* This function requires the caller holds hdev->lock */
6040static void restart_le_actions(struct hci_dev *hdev) 6184static void restart_le_actions(struct hci_request *req)
6041{ 6185{
6186 struct hci_dev *hdev = req->hdev;
6042 struct hci_conn_params *p; 6187 struct hci_conn_params *p;
6043 6188
6044 list_for_each_entry(p, &hdev->le_conn_params, list) { 6189 list_for_each_entry(p, &hdev->le_conn_params, list) {
@@ -6060,7 +6205,7 @@ static void restart_le_actions(struct hci_dev *hdev)
6060 } 6205 }
6061 } 6206 }
6062 6207
6063 hci_update_background_scan(hdev); 6208 __hci_update_background_scan(req);
6064} 6209}
6065 6210
6066static void powered_complete(struct hci_dev *hdev, u8 status) 6211static void powered_complete(struct hci_dev *hdev, u8 status)
@@ -6071,8 +6216,6 @@ static void powered_complete(struct hci_dev *hdev, u8 status)
6071 6216
6072 hci_dev_lock(hdev); 6217 hci_dev_lock(hdev);
6073 6218
6074 restart_le_actions(hdev);
6075
6076 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match); 6219 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
6077 6220
6078 new_settings(hdev, match.sk); 6221 new_settings(hdev, match.sk);
@@ -6130,6 +6273,8 @@ static int powered_update_hci(struct hci_dev *hdev)
6130 6273
6131 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) 6274 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags))
6132 enable_advertising(&req); 6275 enable_advertising(&req);
6276
6277 restart_le_actions(&req);
6133 } 6278 }
6134 6279
6135 link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags); 6280 link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
@@ -6139,7 +6284,7 @@ static int powered_update_hci(struct hci_dev *hdev)
6139 6284
6140 if (lmp_bredr_capable(hdev)) { 6285 if (lmp_bredr_capable(hdev)) {
6141 write_fast_connectable(&req, false); 6286 write_fast_connectable(&req, false);
6142 hci_update_page_scan(hdev, &req); 6287 __hci_update_page_scan(&req);
6143 update_class(&req); 6288 update_class(&req);
6144 update_name(&req); 6289 update_name(&req);
6145 update_eir(&req); 6290 update_eir(&req);
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 73f8c75abe6e..4fea24275b17 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -771,7 +771,7 @@ static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src,
771 771
772 bacpy(&addr.l2_bdaddr, dst); 772 bacpy(&addr.l2_bdaddr, dst);
773 addr.l2_family = AF_BLUETOOTH; 773 addr.l2_family = AF_BLUETOOTH;
774 addr.l2_psm = cpu_to_le16(RFCOMM_PSM); 774 addr.l2_psm = cpu_to_le16(L2CAP_PSM_RFCOMM);
775 addr.l2_cid = 0; 775 addr.l2_cid = 0;
776 addr.l2_bdaddr_type = BDADDR_BREDR; 776 addr.l2_bdaddr_type = BDADDR_BREDR;
777 *err = kernel_connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK); 777 *err = kernel_connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
@@ -2038,7 +2038,7 @@ static int rfcomm_add_listener(bdaddr_t *ba)
2038 /* Bind socket */ 2038 /* Bind socket */
2039 bacpy(&addr.l2_bdaddr, ba); 2039 bacpy(&addr.l2_bdaddr, ba);
2040 addr.l2_family = AF_BLUETOOTH; 2040 addr.l2_family = AF_BLUETOOTH;
2041 addr.l2_psm = cpu_to_le16(RFCOMM_PSM); 2041 addr.l2_psm = cpu_to_le16(L2CAP_PSM_RFCOMM);
2042 addr.l2_cid = 0; 2042 addr.l2_cid = 0;
2043 addr.l2_bdaddr_type = BDADDR_BREDR; 2043 addr.l2_bdaddr_type = BDADDR_BREDR;
2044 err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 2044 err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr));
diff --git a/net/bluetooth/selftest.c b/net/bluetooth/selftest.c
new file mode 100644
index 000000000000..9c67315172cf
--- /dev/null
+++ b/net/bluetooth/selftest.c
@@ -0,0 +1,244 @@
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3
4 Copyright (C) 2014 Intel Corporation
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22*/
23
24#include <net/bluetooth/bluetooth.h>
25#include <net/bluetooth/hci_core.h>
26
27#include "ecc.h"
28#include "smp.h"
29#include "selftest.h"
30
31#if IS_ENABLED(CONFIG_BT_SELFTEST_ECDH)
32
33static const u8 priv_a_1[32] __initconst = {
34 0xbd, 0x1a, 0x3c, 0xcd, 0xa6, 0xb8, 0x99, 0x58,
35 0x99, 0xb7, 0x40, 0xeb, 0x7b, 0x60, 0xff, 0x4a,
36 0x50, 0x3f, 0x10, 0xd2, 0xe3, 0xb3, 0xc9, 0x74,
37 0x38, 0x5f, 0xc5, 0xa3, 0xd4, 0xf6, 0x49, 0x3f,
38};
39static const u8 priv_b_1[32] __initconst = {
40 0xfd, 0xc5, 0x7f, 0xf4, 0x49, 0xdd, 0x4f, 0x6b,
41 0xfb, 0x7c, 0x9d, 0xf1, 0xc2, 0x9a, 0xcb, 0x59,
42 0x2a, 0xe7, 0xd4, 0xee, 0xfb, 0xfc, 0x0a, 0x90,
43 0x9a, 0xbb, 0xf6, 0x32, 0x3d, 0x8b, 0x18, 0x55,
44};
45static const u8 pub_a_1[64] __initconst = {
46 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
47 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
48 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
49 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20,
50
51 0x8b, 0xd2, 0x89, 0x15, 0xd0, 0x8e, 0x1c, 0x74,
52 0x24, 0x30, 0xed, 0x8f, 0xc2, 0x45, 0x63, 0x76,
53 0x5c, 0x15, 0x52, 0x5a, 0xbf, 0x9a, 0x32, 0x63,
54 0x6d, 0xeb, 0x2a, 0x65, 0x49, 0x9c, 0x80, 0xdc,
55};
56static const u8 pub_b_1[64] __initconst = {
57 0x90, 0xa1, 0xaa, 0x2f, 0xb2, 0x77, 0x90, 0x55,
58 0x9f, 0xa6, 0x15, 0x86, 0xfd, 0x8a, 0xb5, 0x47,
59 0x00, 0x4c, 0x9e, 0xf1, 0x84, 0x22, 0x59, 0x09,
60 0x96, 0x1d, 0xaf, 0x1f, 0xf0, 0xf0, 0xa1, 0x1e,
61
62 0x4a, 0x21, 0xb1, 0x15, 0xf9, 0xaf, 0x89, 0x5f,
63 0x76, 0x36, 0x8e, 0xe2, 0x30, 0x11, 0x2d, 0x47,
64 0x60, 0x51, 0xb8, 0x9a, 0x3a, 0x70, 0x56, 0x73,
65 0x37, 0xad, 0x9d, 0x42, 0x3e, 0xf3, 0x55, 0x4c,
66};
67static const u8 dhkey_1[32] __initconst = {
68 0x98, 0xa6, 0xbf, 0x73, 0xf3, 0x34, 0x8d, 0x86,
69 0xf1, 0x66, 0xf8, 0xb4, 0x13, 0x6b, 0x79, 0x99,
70 0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,
71 0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec,
72};
73
74static const u8 priv_a_2[32] __initconst = {
75 0x63, 0x76, 0x45, 0xd0, 0xf7, 0x73, 0xac, 0xb7,
76 0xff, 0xdd, 0x03, 0x72, 0xb9, 0x72, 0x85, 0xb4,
77 0x41, 0xb6, 0x5d, 0x0c, 0x5d, 0x54, 0x84, 0x60,
78 0x1a, 0xa3, 0x9a, 0x3c, 0x69, 0x16, 0xa5, 0x06,
79};
80static const u8 priv_b_2[32] __initconst = {
81 0xba, 0x30, 0x55, 0x50, 0x19, 0xa2, 0xca, 0xa3,
82 0xa5, 0x29, 0x08, 0xc6, 0xb5, 0x03, 0x88, 0x7e,
83 0x03, 0x2b, 0x50, 0x73, 0xd4, 0x2e, 0x50, 0x97,
84 0x64, 0xcd, 0x72, 0x0d, 0x67, 0xa0, 0x9a, 0x52,
85};
86static const u8 pub_a_2[64] __initconst = {
87 0xdd, 0x78, 0x5c, 0x74, 0x03, 0x9b, 0x7e, 0x98,
88 0xcb, 0x94, 0x87, 0x4a, 0xad, 0xfa, 0xf8, 0xd5,
89 0x43, 0x3e, 0x5c, 0xaf, 0xea, 0xb5, 0x4c, 0xf4,
90 0x9e, 0x80, 0x79, 0x57, 0x7b, 0xa4, 0x31, 0x2c,
91
92 0x4f, 0x5d, 0x71, 0x43, 0x77, 0x43, 0xf8, 0xea,
93 0xd4, 0x3e, 0xbd, 0x17, 0x91, 0x10, 0x21, 0xd0,
94 0x1f, 0x87, 0x43, 0x8e, 0x40, 0xe2, 0x52, 0xcd,
95 0xbe, 0xdf, 0x98, 0x38, 0x18, 0x12, 0x95, 0x91,
96};
97static const u8 pub_b_2[64] __initconst = {
98 0xcc, 0x00, 0x65, 0xe1, 0xf5, 0x6c, 0x0d, 0xcf,
99 0xec, 0x96, 0x47, 0x20, 0x66, 0xc9, 0xdb, 0x84,
100 0x81, 0x75, 0xa8, 0x4d, 0xc0, 0xdf, 0xc7, 0x9d,
101 0x1b, 0x3f, 0x3d, 0xf2, 0x3f, 0xe4, 0x65, 0xf4,
102
103 0x79, 0xb2, 0xec, 0xd8, 0xca, 0x55, 0xa1, 0xa8,
104 0x43, 0x4d, 0x6b, 0xca, 0x10, 0xb0, 0xc2, 0x01,
105 0xc2, 0x33, 0x4e, 0x16, 0x24, 0xc4, 0xef, 0xee,
106 0x99, 0xd8, 0xbb, 0xbc, 0x48, 0xd0, 0x01, 0x02,
107};
108static const u8 dhkey_2[32] __initconst = {
109 0x69, 0xeb, 0x21, 0x32, 0xf2, 0xc6, 0x05, 0x41,
110 0x60, 0x19, 0xcd, 0x5e, 0x94, 0xe1, 0xe6, 0x5f,
111 0x33, 0x07, 0xe3, 0x38, 0x4b, 0x68, 0xe5, 0x62,
112 0x3f, 0x88, 0x6d, 0x2f, 0x3a, 0x84, 0x85, 0xab,
113};
114
115static const u8 priv_a_3[32] __initconst = {
116 0xbd, 0x1a, 0x3c, 0xcd, 0xa6, 0xb8, 0x99, 0x58,
117 0x99, 0xb7, 0x40, 0xeb, 0x7b, 0x60, 0xff, 0x4a,
118 0x50, 0x3f, 0x10, 0xd2, 0xe3, 0xb3, 0xc9, 0x74,
119 0x38, 0x5f, 0xc5, 0xa3, 0xd4, 0xf6, 0x49, 0x3f,
120};
121static const u8 pub_a_3[64] __initconst = {
122 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
123 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
124 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
125 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20,
126
127 0x8b, 0xd2, 0x89, 0x15, 0xd0, 0x8e, 0x1c, 0x74,
128 0x24, 0x30, 0xed, 0x8f, 0xc2, 0x45, 0x63, 0x76,
129 0x5c, 0x15, 0x52, 0x5a, 0xbf, 0x9a, 0x32, 0x63,
130 0x6d, 0xeb, 0x2a, 0x65, 0x49, 0x9c, 0x80, 0xdc,
131};
132static const u8 dhkey_3[32] __initconst = {
133 0x2d, 0xab, 0x00, 0x48, 0xcb, 0xb3, 0x7b, 0xda,
134 0x55, 0x7b, 0x8b, 0x72, 0xa8, 0x57, 0x87, 0xc3,
135 0x87, 0x27, 0x99, 0x32, 0xfc, 0x79, 0x5f, 0xae,
136 0x7c, 0x1c, 0xf9, 0x49, 0xe6, 0xd7, 0xaa, 0x70,
137};
138
139static int __init test_ecdh_sample(const u8 priv_a[32], const u8 priv_b[32],
140 const u8 pub_a[64], const u8 pub_b[64],
141 const u8 dhkey[32])
142{
143 u8 dhkey_a[32], dhkey_b[32];
144
145 ecdh_shared_secret(pub_b, priv_a, dhkey_a);
146 ecdh_shared_secret(pub_a, priv_b, dhkey_b);
147
148 if (memcmp(dhkey_a, dhkey, 32))
149 return -EINVAL;
150
151 if (memcmp(dhkey_b, dhkey, 32))
152 return -EINVAL;
153
154 return 0;
155}
156
157static int __init test_ecdh(void)
158{
159 ktime_t calltime, delta, rettime;
160 unsigned long long duration;
161 int err;
162
163 calltime = ktime_get();
164
165 err = test_ecdh_sample(priv_a_1, priv_b_1, pub_a_1, pub_b_1, dhkey_1);
166 if (err) {
167 BT_ERR("ECDH sample 1 failed");
168 return err;
169 }
170
171 err = test_ecdh_sample(priv_a_2, priv_b_2, pub_a_2, pub_b_2, dhkey_2);
172 if (err) {
173 BT_ERR("ECDH sample 2 failed");
174 return err;
175 }
176
177 err = test_ecdh_sample(priv_a_3, priv_a_3, pub_a_3, pub_a_3, dhkey_3);
178 if (err) {
179 BT_ERR("ECDH sample 3 failed");
180 return err;
181 }
182
183 rettime = ktime_get();
184 delta = ktime_sub(rettime, calltime);
185 duration = (unsigned long long) ktime_to_ns(delta) >> 10;
186
187 BT_INFO("ECDH test passed in %lld usecs", duration);
188
189 return 0;
190}
191
192#else
193
194static inline int test_ecdh(void)
195{
196 return 0;
197}
198
199#endif
200
201static int __init run_selftest(void)
202{
203 int err;
204
205 BT_INFO("Starting self testing");
206
207 err = test_ecdh();
208 if (err)
209 goto done;
210
211 err = bt_selftest_smp();
212
213done:
214 BT_INFO("Finished self testing");
215
216 return err;
217}
218
219#if IS_MODULE(CONFIG_BT)
220
221/* This is run when CONFIG_BT_SELFTEST=y and CONFIG_BT=m and is just a
222 * wrapper to allow running this at module init.
223 *
224 * If CONFIG_BT_SELFTEST=n, then this code is not compiled at all.
225 */
226int __init bt_selftest(void)
227{
228 return run_selftest();
229}
230
231#else
232
233/* This is run when CONFIG_BT_SELFTEST=y and CONFIG_BT=y and is run
234 * via late_initcall() as last item in the initialization sequence.
235 *
236 * If CONFIG_BT_SELFTEST=n, then this code is not compiled at all.
237 */
238static int __init bt_selftest_init(void)
239{
240 return run_selftest();
241}
242late_initcall(bt_selftest_init);
243
244#endif
diff --git a/net/bluetooth/selftest.h b/net/bluetooth/selftest.h
new file mode 100644
index 000000000000..2aa0a346a913
--- /dev/null
+++ b/net/bluetooth/selftest.h
@@ -0,0 +1,45 @@
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2014 Intel Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23#if IS_ENABLED(CONFIG_BT_SELFTEST) && IS_MODULE(CONFIG_BT)
24
25/* When CONFIG_BT_SELFTEST=y and the CONFIG_BT=m, then the self testing
26 * is run at module loading time.
27 */
28int bt_selftest(void);
29
30#else
31
32/* When CONFIG_BT_SELFTEST=y and CONFIG_BT=y, then the self testing
33 * is run via late_initcall() to make sure that subsys_initcall() of
34 * the Bluetooth subsystem and device_initcall() of the Crypto subsystem
35 * do not clash.
36 *
37 * When CONFIG_BT_SELFTEST=n, then this turns into an empty call that
38 * has no impact.
39 */
40static inline int bt_selftest(void)
41{
42 return 0;
43}
44
45#endif
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index b67749bb55bf..358264c0e785 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -223,8 +223,9 @@ static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
223 return err; 223 return err;
224} 224}
225 225
226static int smp_f5(struct crypto_hash *tfm_cmac, u8 w[32], u8 n1[16], u8 n2[16], 226static int smp_f5(struct crypto_hash *tfm_cmac, const u8 w[32],
227 u8 a1[7], u8 a2[7], u8 mackey[16], u8 ltk[16]) 227 const u8 n1[16], const u8 n2[16], const u8 a1[7],
228 const u8 a2[7], u8 mackey[16], u8 ltk[16])
228{ 229{
229 /* The btle, salt and length "magic" values are as defined in 230 /* The btle, salt and length "magic" values are as defined in
230 * the SMP section of the Bluetooth core specification. In ASCII 231 * the SMP section of the Bluetooth core specification. In ASCII
@@ -276,7 +277,7 @@ static int smp_f5(struct crypto_hash *tfm_cmac, u8 w[32], u8 n1[16], u8 n2[16],
276} 277}
277 278
278static int smp_f6(struct crypto_hash *tfm_cmac, const u8 w[16], 279static int smp_f6(struct crypto_hash *tfm_cmac, const u8 w[16],
279 const u8 n1[16], u8 n2[16], const u8 r[16], 280 const u8 n1[16], const u8 n2[16], const u8 r[16],
280 const u8 io_cap[3], const u8 a1[7], const u8 a2[7], 281 const u8 io_cap[3], const u8 a1[7], const u8 a2[7],
281 u8 res[16]) 282 u8 res[16])
282{ 283{
@@ -3021,3 +3022,331 @@ void smp_unregister(struct hci_dev *hdev)
3021 smp_del_chan(chan); 3022 smp_del_chan(chan);
3022 } 3023 }
3023} 3024}
3025
3026#if IS_ENABLED(CONFIG_BT_SELFTEST_SMP)
3027
3028static int __init test_ah(struct crypto_blkcipher *tfm_aes)
3029{
3030 const u8 irk[16] = {
3031 0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,
3032 0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec };
3033 const u8 r[3] = { 0x94, 0x81, 0x70 };
3034 const u8 exp[3] = { 0xaa, 0xfb, 0x0d };
3035 u8 res[3];
3036 int err;
3037
3038 err = smp_ah(tfm_aes, irk, r, res);
3039 if (err)
3040 return err;
3041
3042 if (memcmp(res, exp, 3))
3043 return -EINVAL;
3044
3045 return 0;
3046}
3047
3048static int __init test_c1(struct crypto_blkcipher *tfm_aes)
3049{
3050 const u8 k[16] = {
3051 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
3052 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
3053 const u8 r[16] = {
3054 0xe0, 0x2e, 0x70, 0xc6, 0x4e, 0x27, 0x88, 0x63,
3055 0x0e, 0x6f, 0xad, 0x56, 0x21, 0xd5, 0x83, 0x57 };
3056 const u8 preq[7] = { 0x01, 0x01, 0x00, 0x00, 0x10, 0x07, 0x07 };
3057 const u8 pres[7] = { 0x02, 0x03, 0x00, 0x00, 0x08, 0x00, 0x05 };
3058 const u8 _iat = 0x01;
3059 const u8 _rat = 0x00;
3060 const bdaddr_t ra = { { 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1 } };
3061 const bdaddr_t ia = { { 0xa6, 0xa5, 0xa4, 0xa3, 0xa2, 0xa1 } };
3062 const u8 exp[16] = {
3063 0x86, 0x3b, 0xf1, 0xbe, 0xc5, 0x4d, 0xa7, 0xd2,
3064 0xea, 0x88, 0x89, 0x87, 0xef, 0x3f, 0x1e, 0x1e };
3065 u8 res[16];
3066 int err;
3067
3068 err = smp_c1(tfm_aes, k, r, preq, pres, _iat, &ia, _rat, &ra, res);
3069 if (err)
3070 return err;
3071
3072 if (memcmp(res, exp, 16))
3073 return -EINVAL;
3074
3075 return 0;
3076}
3077
3078static int __init test_s1(struct crypto_blkcipher *tfm_aes)
3079{
3080 const u8 k[16] = {
3081 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
3082 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
3083 const u8 r1[16] = {
3084 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11 };
3085 const u8 r2[16] = {
3086 0x00, 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99 };
3087 const u8 exp[16] = {
3088 0x62, 0xa0, 0x6d, 0x79, 0xae, 0x16, 0x42, 0x5b,
3089 0x9b, 0xf4, 0xb0, 0xe8, 0xf0, 0xe1, 0x1f, 0x9a };
3090 u8 res[16];
3091 int err;
3092
3093 err = smp_s1(tfm_aes, k, r1, r2, res);
3094 if (err)
3095 return err;
3096
3097 if (memcmp(res, exp, 16))
3098 return -EINVAL;
3099
3100 return 0;
3101}
3102
3103static int __init test_f4(struct crypto_hash *tfm_cmac)
3104{
3105 const u8 u[32] = {
3106 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
3107 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
3108 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
3109 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20 };
3110 const u8 v[32] = {
3111 0xfd, 0xc5, 0x7f, 0xf4, 0x49, 0xdd, 0x4f, 0x6b,
3112 0xfb, 0x7c, 0x9d, 0xf1, 0xc2, 0x9a, 0xcb, 0x59,
3113 0x2a, 0xe7, 0xd4, 0xee, 0xfb, 0xfc, 0x0a, 0x90,
3114 0x9a, 0xbb, 0xf6, 0x32, 0x3d, 0x8b, 0x18, 0x55 };
3115 const u8 x[16] = {
3116 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
3117 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
3118 const u8 z = 0x00;
3119 const u8 exp[16] = {
3120 0x2d, 0x87, 0x74, 0xa9, 0xbe, 0xa1, 0xed, 0xf1,
3121 0x1c, 0xbd, 0xa9, 0x07, 0xf1, 0x16, 0xc9, 0xf2 };
3122 u8 res[16];
3123 int err;
3124
3125 err = smp_f4(tfm_cmac, u, v, x, z, res);
3126 if (err)
3127 return err;
3128
3129 if (memcmp(res, exp, 16))
3130 return -EINVAL;
3131
3132 return 0;
3133}
3134
3135static int __init test_f5(struct crypto_hash *tfm_cmac)
3136{
3137 const u8 w[32] = {
3138 0x98, 0xa6, 0xbf, 0x73, 0xf3, 0x34, 0x8d, 0x86,
3139 0xf1, 0x66, 0xf8, 0xb4, 0x13, 0x6b, 0x79, 0x99,
3140 0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,
3141 0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec };
3142 const u8 n1[16] = {
3143 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
3144 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
3145 const u8 n2[16] = {
3146 0xcf, 0xc4, 0x3d, 0xff, 0xf7, 0x83, 0x65, 0x21,
3147 0x6e, 0x5f, 0xa7, 0x25, 0xcc, 0xe7, 0xe8, 0xa6 };
3148 const u8 a1[7] = { 0xce, 0xbf, 0x37, 0x37, 0x12, 0x56, 0x00 };
3149 const u8 a2[7] = { 0xc1, 0xcf, 0x2d, 0x70, 0x13, 0xa7, 0x00 };
3150 const u8 exp_ltk[16] = {
3151 0x38, 0x0a, 0x75, 0x94, 0xb5, 0x22, 0x05, 0x98,
3152 0x23, 0xcd, 0xd7, 0x69, 0x11, 0x79, 0x86, 0x69 };
3153 const u8 exp_mackey[16] = {
3154 0x20, 0x6e, 0x63, 0xce, 0x20, 0x6a, 0x3f, 0xfd,
3155 0x02, 0x4a, 0x08, 0xa1, 0x76, 0xf1, 0x65, 0x29 };
3156 u8 mackey[16], ltk[16];
3157 int err;
3158
3159 err = smp_f5(tfm_cmac, w, n1, n2, a1, a2, mackey, ltk);
3160 if (err)
3161 return err;
3162
3163 if (memcmp(mackey, exp_mackey, 16))
3164 return -EINVAL;
3165
3166 if (memcmp(ltk, exp_ltk, 16))
3167 return -EINVAL;
3168
3169 return 0;
3170}
3171
3172static int __init test_f6(struct crypto_hash *tfm_cmac)
3173{
3174 const u8 w[16] = {
3175 0x20, 0x6e, 0x63, 0xce, 0x20, 0x6a, 0x3f, 0xfd,
3176 0x02, 0x4a, 0x08, 0xa1, 0x76, 0xf1, 0x65, 0x29 };
3177 const u8 n1[16] = {
3178 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
3179 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
3180 const u8 n2[16] = {
3181 0xcf, 0xc4, 0x3d, 0xff, 0xf7, 0x83, 0x65, 0x21,
3182 0x6e, 0x5f, 0xa7, 0x25, 0xcc, 0xe7, 0xe8, 0xa6 };
3183 const u8 r[16] = {
3184 0xc8, 0x0f, 0x2d, 0x0c, 0xd2, 0x42, 0xda, 0x08,
3185 0x54, 0xbb, 0x53, 0xb4, 0x3b, 0x34, 0xa3, 0x12 };
3186 const u8 io_cap[3] = { 0x02, 0x01, 0x01 };
3187 const u8 a1[7] = { 0xce, 0xbf, 0x37, 0x37, 0x12, 0x56, 0x00 };
3188 const u8 a2[7] = { 0xc1, 0xcf, 0x2d, 0x70, 0x13, 0xa7, 0x00 };
3189 const u8 exp[16] = {
3190 0x61, 0x8f, 0x95, 0xda, 0x09, 0x0b, 0x6c, 0xd2,
3191 0xc5, 0xe8, 0xd0, 0x9c, 0x98, 0x73, 0xc4, 0xe3 };
3192 u8 res[16];
3193 int err;
3194
3195 err = smp_f6(tfm_cmac, w, n1, n2, r, io_cap, a1, a2, res);
3196 if (err)
3197 return err;
3198
3199 if (memcmp(res, exp, 16))
3200 return -EINVAL;
3201
3202 return 0;
3203}
3204
3205static int __init test_g2(struct crypto_hash *tfm_cmac)
3206{
3207 const u8 u[32] = {
3208 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
3209 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
3210 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
3211 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20 };
3212 const u8 v[32] = {
3213 0xfd, 0xc5, 0x7f, 0xf4, 0x49, 0xdd, 0x4f, 0x6b,
3214 0xfb, 0x7c, 0x9d, 0xf1, 0xc2, 0x9a, 0xcb, 0x59,
3215 0x2a, 0xe7, 0xd4, 0xee, 0xfb, 0xfc, 0x0a, 0x90,
3216 0x9a, 0xbb, 0xf6, 0x32, 0x3d, 0x8b, 0x18, 0x55 };
3217 const u8 x[16] = {
3218 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
3219 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
3220 const u8 y[16] = {
3221 0xcf, 0xc4, 0x3d, 0xff, 0xf7, 0x83, 0x65, 0x21,
3222 0x6e, 0x5f, 0xa7, 0x25, 0xcc, 0xe7, 0xe8, 0xa6 };
3223 const u32 exp_val = 0x2f9ed5ba % 1000000;
3224 u32 val;
3225 int err;
3226
3227 err = smp_g2(tfm_cmac, u, v, x, y, &val);
3228 if (err)
3229 return err;
3230
3231 if (val != exp_val)
3232 return -EINVAL;
3233
3234 return 0;
3235}
3236
3237static int __init test_h6(struct crypto_hash *tfm_cmac)
3238{
3239 const u8 w[16] = {
3240 0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,
3241 0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec };
3242 const u8 key_id[4] = { 0x72, 0x62, 0x65, 0x6c };
3243 const u8 exp[16] = {
3244 0x99, 0x63, 0xb1, 0x80, 0xe2, 0xa9, 0xd3, 0xe8,
3245 0x1c, 0xc9, 0x6d, 0xe7, 0x02, 0xe1, 0x9a, 0x2d };
3246 u8 res[16];
3247 int err;
3248
3249 err = smp_h6(tfm_cmac, w, key_id, res);
3250 if (err)
3251 return err;
3252
3253 if (memcmp(res, exp, 16))
3254 return -EINVAL;
3255
3256 return 0;
3257}
3258
3259static int __init run_selftests(struct crypto_blkcipher *tfm_aes,
3260 struct crypto_hash *tfm_cmac)
3261{
3262 ktime_t calltime, delta, rettime;
3263 unsigned long long duration;
3264 int err;
3265
3266 calltime = ktime_get();
3267
3268 err = test_ah(tfm_aes);
3269 if (err) {
3270 BT_ERR("smp_ah test failed");
3271 return err;
3272 }
3273
3274 err = test_c1(tfm_aes);
3275 if (err) {
3276 BT_ERR("smp_c1 test failed");
3277 return err;
3278 }
3279
3280 err = test_s1(tfm_aes);
3281 if (err) {
3282 BT_ERR("smp_s1 test failed");
3283 return err;
3284 }
3285
3286 err = test_f4(tfm_cmac);
3287 if (err) {
3288 BT_ERR("smp_f4 test failed");
3289 return err;
3290 }
3291
3292 err = test_f5(tfm_cmac);
3293 if (err) {
3294 BT_ERR("smp_f5 test failed");
3295 return err;
3296 }
3297
3298 err = test_f6(tfm_cmac);
3299 if (err) {
3300 BT_ERR("smp_f6 test failed");
3301 return err;
3302 }
3303
3304 err = test_g2(tfm_cmac);
3305 if (err) {
3306 BT_ERR("smp_g2 test failed");
3307 return err;
3308 }
3309
3310 err = test_h6(tfm_cmac);
3311 if (err) {
3312 BT_ERR("smp_h6 test failed");
3313 return err;
3314 }
3315
3316 rettime = ktime_get();
3317 delta = ktime_sub(rettime, calltime);
3318 duration = (unsigned long long) ktime_to_ns(delta) >> 10;
3319
3320 BT_INFO("SMP test passed in %lld usecs", duration);
3321
3322 return 0;
3323}
3324
3325int __init bt_selftest_smp(void)
3326{
3327 struct crypto_blkcipher *tfm_aes;
3328 struct crypto_hash *tfm_cmac;
3329 int err;
3330
3331 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
3332 if (IS_ERR(tfm_aes)) {
3333 BT_ERR("Unable to create ECB crypto context");
3334 return PTR_ERR(tfm_aes);
3335 }
3336
3337 tfm_cmac = crypto_alloc_hash("cmac(aes)", 0, CRYPTO_ALG_ASYNC);
3338 if (IS_ERR(tfm_cmac)) {
3339 BT_ERR("Unable to create CMAC crypto context");
3340 crypto_free_blkcipher(tfm_aes);
3341 return PTR_ERR(tfm_cmac);
3342 }
3343
3344 err = run_selftests(tfm_aes, tfm_cmac);
3345
3346 crypto_free_hash(tfm_cmac);
3347 crypto_free_blkcipher(tfm_aes);
3348
3349 return err;
3350}
3351
3352#endif
diff --git a/net/bluetooth/smp.h b/net/bluetooth/smp.h
index 3296bf42ae80..60c5b73fcb4b 100644
--- a/net/bluetooth/smp.h
+++ b/net/bluetooth/smp.h
@@ -192,4 +192,17 @@ int smp_generate_rpa(struct hci_dev *hdev, const u8 irk[16], bdaddr_t *rpa);
192int smp_register(struct hci_dev *hdev); 192int smp_register(struct hci_dev *hdev);
193void smp_unregister(struct hci_dev *hdev); 193void smp_unregister(struct hci_dev *hdev);
194 194
195#if IS_ENABLED(CONFIG_BT_SELFTEST_SMP)
196
197int bt_selftest_smp(void);
198
199#else
200
201static inline int bt_selftest_smp(void)
202{
203 return 0;
204}
205
206#endif
207
195#endif /* __SMP_H */ 208#endif /* __SMP_H */
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-23 14:45:21 -0500