diff options
| author | David S. Miller <davem@davemloft.net> | 2014-12-16 15:16:48 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2014-12-16 15:16:48 -0500 |
| commit | c9f2c3d36c10717159caae4b66410f74ce45d30c (patch) | |
| tree | b691f572aecdefc2366380c3215a45dc2e91f3ad | |
| parent | 6539c44d08ac2eea693b6163135169b9c8c18bb1 (diff) | |
| parent | 9a1dce3a059111a7289680f4b8c0ec4f8736b6ee (diff) | |
Merge tag 'master-2014-12-15' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
John W. Linville says:
====================
pull request: wireless 2014-12-16
Please pull this batch of fixes intended for the 3.19 stream!
For the Bluetooth bits, Johan says:
"The patches consist of:
- Coccinelle warning fix
- hci_dev_lock/unlock fixes
- Fixes for pending mgmt command handling
- Fixes for properly following the force_lesc_support switch
- Fix for a Microsoft branded Broadcom adapter
- New device id for Atheros AR3012
- Fix for BR/EDR Secure Connections enabling"
Along with that...
Brian Norris avoids leaking some kernel memory contents via printk in brcmsmac.
Julia Lawall corrects some misspellings in a few drivers.
Larry Finger gives us one more rtlwifi fix to correct a porting oversight.
Wei Yongjun fixes a sparse warning in rtlwifi.
Please let me know if there are problems!
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | drivers/bluetooth/ath3k.c | 2 | ||||
| -rw-r--r-- | drivers/bluetooth/btusb.c | 1 | ||||
| -rw-r--r-- | drivers/net/wireless/brcm80211/brcmsmac/main.c | 2 | ||||
| -rw-r--r-- | drivers/net/wireless/hostap/hostap_cs.c | 15 | ||||
| -rw-r--r-- | drivers/net/wireless/rtlwifi/rtl8192ce/hw.c | 2 | ||||
| -rw-r--r-- | drivers/net/wireless/rtlwifi/rtl8192cu/hw.c | 2 | ||||
| -rw-r--r-- | drivers/net/wireless/rtlwifi/rtl8821ae/dm.c | 11 | ||||
| -rw-r--r-- | drivers/net/wireless/zd1211rw/zd_chip.c | 6 | ||||
| -rw-r--r-- | net/bluetooth/hci_conn.c | 2 | ||||
| -rw-r--r-- | net/bluetooth/hci_core.c | 60 | ||||
| -rw-r--r-- | net/bluetooth/hci_event.c | 20 | ||||
| -rw-r--r-- | net/bluetooth/l2cap_core.c | 5 | ||||
| -rw-r--r-- | net/bluetooth/mgmt.c | 85 | ||||
| -rw-r--r-- | net/bluetooth/smp.c | 5 |
14 files changed, 143 insertions, 75 deletions
diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c index fce758896280..1ee27ac18de0 100644 --- a/drivers/bluetooth/ath3k.c +++ b/drivers/bluetooth/ath3k.c | |||
| @@ -87,6 +87,7 @@ static const struct usb_device_id ath3k_table[] = { | |||
| 87 | { USB_DEVICE(0x04CA, 0x3007) }, | 87 | { USB_DEVICE(0x04CA, 0x3007) }, |
| 88 | { USB_DEVICE(0x04CA, 0x3008) }, | 88 | { USB_DEVICE(0x04CA, 0x3008) }, |
| 89 | { USB_DEVICE(0x04CA, 0x300b) }, | 89 | { USB_DEVICE(0x04CA, 0x300b) }, |
| 90 | { USB_DEVICE(0x04CA, 0x3010) }, | ||
| 90 | { USB_DEVICE(0x0930, 0x0219) }, | 91 | { USB_DEVICE(0x0930, 0x0219) }, |
| 91 | { USB_DEVICE(0x0930, 0x0220) }, | 92 | { USB_DEVICE(0x0930, 0x0220) }, |
| 92 | { USB_DEVICE(0x0930, 0x0227) }, | 93 | { USB_DEVICE(0x0930, 0x0227) }, |
| @@ -140,6 +141,7 @@ static const struct usb_device_id ath3k_blist_tbl[] = { | |||
| 140 | { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 }, | 141 | { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 }, |
| 141 | { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 }, | 142 | { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 }, |
| 142 | { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 }, | 143 | { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 }, |
| 144 | { USB_DEVICE(0x04ca, 0x3010), .driver_info = BTUSB_ATH3012 }, | ||
| 143 | { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, | 145 | { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, |
| 144 | { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 }, | 146 | { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 }, |
| 145 | { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 }, | 147 | { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 }, |
diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index 31dd24ac9926..19cf2cf22e87 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c | |||
| @@ -167,6 +167,7 @@ static const struct usb_device_id blacklist_table[] = { | |||
| 167 | { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 }, | 167 | { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 }, |
| 168 | { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 }, | 168 | { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 }, |
| 169 | { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 }, | 169 | { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 }, |
| 170 | { USB_DEVICE(0x04ca, 0x3010), .driver_info = BTUSB_ATH3012 }, | ||
| 170 | { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, | 171 | { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, |
| 171 | { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 }, | 172 | { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 }, |
| 172 | { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 }, | 173 | { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 }, |
diff --git a/drivers/net/wireless/brcm80211/brcmsmac/main.c b/drivers/net/wireless/brcm80211/brcmsmac/main.c index a104d7ac3796..eb8584a9c49a 100644 --- a/drivers/net/wireless/brcm80211/brcmsmac/main.c +++ b/drivers/net/wireless/brcm80211/brcmsmac/main.c | |||
| @@ -316,7 +316,7 @@ static const u16 xmtfifo_sz[][NFIFO] = { | |||
| 316 | static const char * const fifo_names[] = { | 316 | static const char * const fifo_names[] = { |
| 317 | "AC_BK", "AC_BE", "AC_VI", "AC_VO", "BCMC", "ATIM" }; | 317 | "AC_BK", "AC_BE", "AC_VI", "AC_VO", "BCMC", "ATIM" }; |
| 318 | #else | 318 | #else |
| 319 | static const char fifo_names[6][0]; | 319 | static const char fifo_names[6][1]; |
| 320 | #endif | 320 | #endif |
| 321 | 321 | ||
| 322 | #ifdef DEBUG | 322 | #ifdef DEBUG |
diff --git a/drivers/net/wireless/hostap/hostap_cs.c b/drivers/net/wireless/hostap/hostap_cs.c index b6ec51923b20..50033aa7c7d5 100644 --- a/drivers/net/wireless/hostap/hostap_cs.c +++ b/drivers/net/wireless/hostap/hostap_cs.c | |||
| @@ -381,18 +381,15 @@ static void prism2_pccard_genesis_reset(local_info_t *local, int hcr) | |||
| 381 | 381 | ||
| 382 | res = pcmcia_read_config_byte(hw_priv->link, CISREG_COR, &old_cor); | 382 | res = pcmcia_read_config_byte(hw_priv->link, CISREG_COR, &old_cor); |
| 383 | if (res != 0) { | 383 | if (res != 0) { |
| 384 | printk(KERN_DEBUG "prism2_pccard_genesis_sreset failed 1 " | 384 | printk(KERN_DEBUG "%s failed 1 (%d)\n", __func__, res); |
| 385 | "(%d)\n", res); | ||
| 386 | return; | 385 | return; |
| 387 | } | 386 | } |
| 388 | printk(KERN_DEBUG "prism2_pccard_genesis_sreset: original COR %02x\n", | 387 | printk(KERN_DEBUG "%s: original COR %02x\n", __func__, old_cor); |
| 389 | old_cor); | ||
| 390 | 388 | ||
| 391 | res = pcmcia_write_config_byte(hw_priv->link, CISREG_COR, | 389 | res = pcmcia_write_config_byte(hw_priv->link, CISREG_COR, |
| 392 | old_cor | COR_SOFT_RESET); | 390 | old_cor | COR_SOFT_RESET); |
| 393 | if (res != 0) { | 391 | if (res != 0) { |
| 394 | printk(KERN_DEBUG "prism2_pccard_genesis_sreset failed 2 " | 392 | printk(KERN_DEBUG "%s failed 2 (%d)\n", __func__, res); |
| 395 | "(%d)\n", res); | ||
| 396 | return; | 393 | return; |
| 397 | } | 394 | } |
| 398 | 395 | ||
| @@ -401,8 +398,7 @@ static void prism2_pccard_genesis_reset(local_info_t *local, int hcr) | |||
| 401 | /* Setup Genesis mode */ | 398 | /* Setup Genesis mode */ |
| 402 | res = pcmcia_write_config_byte(hw_priv->link, CISREG_CCSR, hcr); | 399 | res = pcmcia_write_config_byte(hw_priv->link, CISREG_CCSR, hcr); |
| 403 | if (res != 0) { | 400 | if (res != 0) { |
| 404 | printk(KERN_DEBUG "prism2_pccard_genesis_sreset failed 3 " | 401 | printk(KERN_DEBUG "%s failed 3 (%d)\n", __func__, res); |
| 405 | "(%d)\n", res); | ||
| 406 | return; | 402 | return; |
| 407 | } | 403 | } |
| 408 | mdelay(10); | 404 | mdelay(10); |
| @@ -410,8 +406,7 @@ static void prism2_pccard_genesis_reset(local_info_t *local, int hcr) | |||
| 410 | res = pcmcia_write_config_byte(hw_priv->link, CISREG_COR, | 406 | res = pcmcia_write_config_byte(hw_priv->link, CISREG_COR, |
| 411 | old_cor & ~COR_SOFT_RESET); | 407 | old_cor & ~COR_SOFT_RESET); |
| 412 | if (res != 0) { | 408 | if (res != 0) { |
| 413 | printk(KERN_DEBUG "prism2_pccard_genesis_sreset failed 4 " | 409 | printk(KERN_DEBUG "%s failed 4 (%d)\n", __func__, res); |
| 414 | "(%d)\n", res); | ||
| 415 | return; | 410 | return; |
| 416 | } | 411 | } |
| 417 | 412 | ||
diff --git a/drivers/net/wireless/rtlwifi/rtl8192ce/hw.c b/drivers/net/wireless/rtlwifi/rtl8192ce/hw.c index d2ec5160bbf0..5c646d5f7bb8 100644 --- a/drivers/net/wireless/rtlwifi/rtl8192ce/hw.c +++ b/drivers/net/wireless/rtlwifi/rtl8192ce/hw.c | |||
| @@ -955,6 +955,7 @@ int rtl92ce_hw_init(struct ieee80211_hw *hw) | |||
| 955 | local_save_flags(flags); | 955 | local_save_flags(flags); |
| 956 | local_irq_enable(); | 956 | local_irq_enable(); |
| 957 | 957 | ||
| 958 | rtlhal->fw_ready = false; | ||
| 958 | rtlpriv->intf_ops->disable_aspm(hw); | 959 | rtlpriv->intf_ops->disable_aspm(hw); |
| 959 | rtstatus = _rtl92ce_init_mac(hw); | 960 | rtstatus = _rtl92ce_init_mac(hw); |
| 960 | if (!rtstatus) { | 961 | if (!rtstatus) { |
| @@ -971,6 +972,7 @@ int rtl92ce_hw_init(struct ieee80211_hw *hw) | |||
| 971 | goto exit; | 972 | goto exit; |
| 972 | } | 973 | } |
| 973 | 974 | ||
| 975 | rtlhal->fw_ready = true; | ||
| 974 | rtlhal->last_hmeboxnum = 0; | 976 | rtlhal->last_hmeboxnum = 0; |
| 975 | rtl92c_phy_mac_config(hw); | 977 | rtl92c_phy_mac_config(hw); |
| 976 | /* because last function modify RCR, so we update | 978 | /* because last function modify RCR, so we update |
diff --git a/drivers/net/wireless/rtlwifi/rtl8192cu/hw.c b/drivers/net/wireless/rtlwifi/rtl8192cu/hw.c index 873363acbacf..551321728ae0 100644 --- a/drivers/net/wireless/rtlwifi/rtl8192cu/hw.c +++ b/drivers/net/wireless/rtlwifi/rtl8192cu/hw.c | |||
| @@ -1592,7 +1592,7 @@ void rtl92cu_get_hw_reg(struct ieee80211_hw *hw, u8 variable, u8 *val) | |||
| 1592 | } | 1592 | } |
| 1593 | } | 1593 | } |
| 1594 | 1594 | ||
| 1595 | bool usb_cmd_send_packet(struct ieee80211_hw *hw, struct sk_buff *skb) | 1595 | static bool usb_cmd_send_packet(struct ieee80211_hw *hw, struct sk_buff *skb) |
| 1596 | { | 1596 | { |
| 1597 | /* Currently nothing happens here. | 1597 | /* Currently nothing happens here. |
| 1598 | * Traffic stops after some seconds in WPA2 802.11n mode. | 1598 | * Traffic stops after some seconds in WPA2 802.11n mode. |
diff --git a/drivers/net/wireless/rtlwifi/rtl8821ae/dm.c b/drivers/net/wireless/rtlwifi/rtl8821ae/dm.c index 9be106109921..ba30b0d250fd 100644 --- a/drivers/net/wireless/rtlwifi/rtl8821ae/dm.c +++ b/drivers/net/wireless/rtlwifi/rtl8821ae/dm.c | |||
| @@ -2078,8 +2078,7 @@ void rtl8821ae_dm_txpwr_track_set_pwr(struct ieee80211_hw *hw, | |||
| 2078 | if (rtldm->tx_rate != 0xFF) | 2078 | if (rtldm->tx_rate != 0xFF) |
| 2079 | tx_rate = rtl8821ae_hw_rate_to_mrate(hw, rtldm->tx_rate); | 2079 | tx_rate = rtl8821ae_hw_rate_to_mrate(hw, rtldm->tx_rate); |
| 2080 | 2080 | ||
| 2081 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, | 2081 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, "===>%s\n", __func__); |
| 2082 | "===>rtl8812ae_dm_txpwr_track_set_pwr\n"); | ||
| 2083 | 2082 | ||
| 2084 | if (tx_rate != 0xFF) { /* Mimic Modify High Rate BBSwing Limit.*/ | 2083 | if (tx_rate != 0xFF) { /* Mimic Modify High Rate BBSwing Limit.*/ |
| 2085 | /*CCK*/ | 2084 | /*CCK*/ |
| @@ -2128,7 +2127,7 @@ void rtl8821ae_dm_txpwr_track_set_pwr(struct ieee80211_hw *hw, | |||
| 2128 | 2127 | ||
| 2129 | if (method == BBSWING) { | 2128 | if (method == BBSWING) { |
| 2130 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, | 2129 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, |
| 2131 | "===>rtl8812ae_dm_txpwr_track_set_pwr\n"); | 2130 | "===>%s\n", __func__); |
| 2132 | if (rf_path == RF90_PATH_A) { | 2131 | if (rf_path == RF90_PATH_A) { |
| 2133 | final_swing_idx[RF90_PATH_A] = | 2132 | final_swing_idx[RF90_PATH_A] = |
| 2134 | (rtldm->ofdm_index[RF90_PATH_A] > | 2133 | (rtldm->ofdm_index[RF90_PATH_A] > |
| @@ -2260,7 +2259,8 @@ void rtl8821ae_dm_txpower_tracking_callback_thermalmeter( | |||
| 2260 | rtldm->txpower_trackinginit = true; | 2259 | rtldm->txpower_trackinginit = true; |
| 2261 | 2260 | ||
| 2262 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, | 2261 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, |
| 2263 | "===>rtl8812ae_dm_txpower_tracking_callback_thermalmeter,\n pDM_Odm->BbSwingIdxCckBase: %d,pDM_Odm->BbSwingIdxOfdmBase[A]:%d, pDM_Odm->DefaultOfdmIndex: %d\n", | 2262 | "===>%s,\n pDM_Odm->BbSwingIdxCckBase: %d,pDM_Odm->BbSwingIdxOfdmBase[A]:%d, pDM_Odm->DefaultOfdmIndex: %d\n", |
| 2263 | __func__, | ||
| 2264 | rtldm->swing_idx_cck_base, | 2264 | rtldm->swing_idx_cck_base, |
| 2265 | rtldm->swing_idx_ofdm_base[RF90_PATH_A], | 2265 | rtldm->swing_idx_ofdm_base[RF90_PATH_A], |
| 2266 | rtldm->default_ofdm_index); | 2266 | rtldm->default_ofdm_index); |
| @@ -2539,8 +2539,7 @@ void rtl8821ae_dm_txpower_tracking_callback_thermalmeter( | |||
| 2539 | } | 2539 | } |
| 2540 | } | 2540 | } |
| 2541 | 2541 | ||
| 2542 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, | 2542 | RT_TRACE(rtlpriv, COMP_POWER_TRACKING, DBG_LOUD, "<===%s\n", __func__); |
| 2543 | "<===rtl8812ae_dm_txpower_tracking_callback_thermalmeter\n"); | ||
| 2544 | } | 2543 | } |
| 2545 | 2544 | ||
| 2546 | void rtl8821ae_dm_check_txpower_tracking_thermalmeter(struct ieee80211_hw *hw) | 2545 | void rtl8821ae_dm_check_txpower_tracking_thermalmeter(struct ieee80211_hw *hw) |
diff --git a/drivers/net/wireless/zd1211rw/zd_chip.c b/drivers/net/wireless/zd1211rw/zd_chip.c index 73a49b868035..07b94eda9604 100644 --- a/drivers/net/wireless/zd1211rw/zd_chip.c +++ b/drivers/net/wireless/zd1211rw/zd_chip.c | |||
| @@ -129,7 +129,7 @@ int zd_ioread32v_locked(struct zd_chip *chip, u32 *values, const zd_addr_t *addr | |||
| 129 | r = zd_ioread16v_locked(chip, v16, a16, count16); | 129 | r = zd_ioread16v_locked(chip, v16, a16, count16); |
| 130 | if (r) { | 130 | if (r) { |
| 131 | dev_dbg_f(zd_chip_dev(chip), | 131 | dev_dbg_f(zd_chip_dev(chip), |
| 132 | "error: zd_ioread16v_locked. Error number %d\n", r); | 132 | "error: %s. Error number %d\n", __func__, r); |
| 133 | return r; | 133 | return r; |
| 134 | } | 134 | } |
| 135 | 135 | ||
| @@ -256,8 +256,8 @@ int zd_iowrite32a_locked(struct zd_chip *chip, | |||
| 256 | if (r) { | 256 | if (r) { |
| 257 | zd_usb_iowrite16v_async_end(&chip->usb, 0); | 257 | zd_usb_iowrite16v_async_end(&chip->usb, 0); |
| 258 | dev_dbg_f(zd_chip_dev(chip), | 258 | dev_dbg_f(zd_chip_dev(chip), |
| 259 | "error _zd_iowrite32v_locked." | 259 | "error _%s. Error number %d\n", __func__, |
| 260 | " Error number %d\n", r); | 260 | r); |
| 261 | return r; | 261 | return r; |
| 262 | } | 262 | } |
| 263 | } | 263 | } |
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index 79d84b88b8f0..fe18825cc8a4 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c | |||
| @@ -661,7 +661,7 @@ static void hci_req_add_le_create_conn(struct hci_request *req, | |||
| 661 | memset(&cp, 0, sizeof(cp)); | 661 | memset(&cp, 0, sizeof(cp)); |
| 662 | 662 | ||
| 663 | /* Update random address, but set require_privacy to false so | 663 | /* Update random address, but set require_privacy to false so |
| 664 | * that we never connect with an unresolvable address. | 664 | * that we never connect with an non-resolvable address. |
| 665 | */ | 665 | */ |
| 666 | if (hci_update_random_address(req, false, &own_addr_type)) | 666 | if (hci_update_random_address(req, false, &own_addr_type)) |
| 667 | return; | 667 | return; |
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index 93f92a085506..5dcacf9607e4 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c | |||
| @@ -1373,8 +1373,6 @@ static void hci_init1_req(struct hci_request *req, unsigned long opt) | |||
| 1373 | 1373 | ||
| 1374 | static void bredr_setup(struct hci_request *req) | 1374 | static void bredr_setup(struct hci_request *req) |
| 1375 | { | 1375 | { |
| 1376 | struct hci_dev *hdev = req->hdev; | ||
| 1377 | |||
| 1378 | __le16 param; | 1376 | __le16 param; |
| 1379 | __u8 flt_type; | 1377 | __u8 flt_type; |
| 1380 | 1378 | ||
| @@ -1403,14 +1401,6 @@ static void bredr_setup(struct hci_request *req) | |||
| 1403 | /* Connection accept timeout ~20 secs */ | 1401 | /* Connection accept timeout ~20 secs */ |
| 1404 | param = cpu_to_le16(0x7d00); | 1402 | param = cpu_to_le16(0x7d00); |
| 1405 | hci_req_add(req, HCI_OP_WRITE_CA_TIMEOUT, 2, ¶m); | 1403 | hci_req_add(req, HCI_OP_WRITE_CA_TIMEOUT, 2, ¶m); |
| 1406 | |||
| 1407 | /* AVM Berlin (31), aka "BlueFRITZ!", reports version 1.2, | ||
| 1408 | * but it does not support page scan related HCI commands. | ||
| 1409 | */ | ||
| 1410 | if (hdev->manufacturer != 31 && hdev->hci_ver > BLUETOOTH_VER_1_1) { | ||
| 1411 | hci_req_add(req, HCI_OP_READ_PAGE_SCAN_ACTIVITY, 0, NULL); | ||
| 1412 | hci_req_add(req, HCI_OP_READ_PAGE_SCAN_TYPE, 0, NULL); | ||
| 1413 | } | ||
| 1414 | } | 1404 | } |
| 1415 | 1405 | ||
| 1416 | static void le_setup(struct hci_request *req) | 1406 | static void le_setup(struct hci_request *req) |
| @@ -1718,6 +1708,16 @@ static void hci_init3_req(struct hci_request *req, unsigned long opt) | |||
| 1718 | if (hdev->commands[5] & 0x10) | 1708 | if (hdev->commands[5] & 0x10) |
| 1719 | hci_setup_link_policy(req); | 1709 | hci_setup_link_policy(req); |
| 1720 | 1710 | ||
| 1711 | if (hdev->commands[8] & 0x01) | ||
| 1712 | hci_req_add(req, HCI_OP_READ_PAGE_SCAN_ACTIVITY, 0, NULL); | ||
| 1713 | |||
| 1714 | /* Some older Broadcom based Bluetooth 1.2 controllers do not | ||
| 1715 | * support the Read Page Scan Type command. Check support for | ||
| 1716 | * this command in the bit mask of supported commands. | ||
| 1717 | */ | ||
| 1718 | if (hdev->commands[13] & 0x01) | ||
| 1719 | hci_req_add(req, HCI_OP_READ_PAGE_SCAN_TYPE, 0, NULL); | ||
| 1720 | |||
| 1721 | if (lmp_le_capable(hdev)) { | 1721 | if (lmp_le_capable(hdev)) { |
| 1722 | u8 events[8]; | 1722 | u8 events[8]; |
| 1723 | 1723 | ||
| @@ -2634,6 +2634,12 @@ static int hci_dev_do_close(struct hci_dev *hdev) | |||
| 2634 | drain_workqueue(hdev->workqueue); | 2634 | drain_workqueue(hdev->workqueue); |
| 2635 | 2635 | ||
| 2636 | hci_dev_lock(hdev); | 2636 | hci_dev_lock(hdev); |
| 2637 | |||
| 2638 | if (!test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) { | ||
| 2639 | if (hdev->dev_type == HCI_BREDR) | ||
| 2640 | mgmt_powered(hdev, 0); | ||
| 2641 | } | ||
| 2642 | |||
| 2637 | hci_inquiry_cache_flush(hdev); | 2643 | hci_inquiry_cache_flush(hdev); |
| 2638 | hci_pend_le_actions_clear(hdev); | 2644 | hci_pend_le_actions_clear(hdev); |
| 2639 | hci_conn_hash_flush(hdev); | 2645 | hci_conn_hash_flush(hdev); |
| @@ -2681,14 +2687,6 @@ static int hci_dev_do_close(struct hci_dev *hdev) | |||
| 2681 | hdev->flags &= BIT(HCI_RAW); | 2687 | hdev->flags &= BIT(HCI_RAW); |
| 2682 | hdev->dev_flags &= ~HCI_PERSISTENT_MASK; | 2688 | hdev->dev_flags &= ~HCI_PERSISTENT_MASK; |
| 2683 | 2689 | ||
| 2684 | if (!test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) { | ||
| 2685 | if (hdev->dev_type == HCI_BREDR) { | ||
| 2686 | hci_dev_lock(hdev); | ||
| 2687 | mgmt_powered(hdev, 0); | ||
| 2688 | hci_dev_unlock(hdev); | ||
| 2689 | } | ||
| 2690 | } | ||
| 2691 | |||
| 2692 | /* Controller radio is available but is currently powered down */ | 2690 | /* Controller radio is available but is currently powered down */ |
| 2693 | hdev->amp_status = AMP_STATUS_POWERED_DOWN; | 2691 | hdev->amp_status = AMP_STATUS_POWERED_DOWN; |
| 2694 | 2692 | ||
| @@ -3083,7 +3081,9 @@ static void hci_power_on(struct work_struct *work) | |||
| 3083 | 3081 | ||
| 3084 | err = hci_dev_do_open(hdev); | 3082 | err = hci_dev_do_open(hdev); |
| 3085 | if (err < 0) { | 3083 | if (err < 0) { |
| 3084 | hci_dev_lock(hdev); | ||
| 3086 | mgmt_set_powered_failed(hdev, err); | 3085 | mgmt_set_powered_failed(hdev, err); |
| 3086 | hci_dev_unlock(hdev); | ||
| 3087 | return; | 3087 | return; |
| 3088 | } | 3088 | } |
| 3089 | 3089 | ||
| @@ -3959,17 +3959,29 @@ int hci_update_random_address(struct hci_request *req, bool require_privacy, | |||
| 3959 | } | 3959 | } |
| 3960 | 3960 | ||
| 3961 | /* In case of required privacy without resolvable private address, | 3961 | /* In case of required privacy without resolvable private address, |
| 3962 | * use an unresolvable private address. This is useful for active | 3962 | * use an non-resolvable private address. This is useful for active |
| 3963 | * scanning and non-connectable advertising. | 3963 | * scanning and non-connectable advertising. |
| 3964 | */ | 3964 | */ |
| 3965 | if (require_privacy) { | 3965 | if (require_privacy) { |
| 3966 | bdaddr_t urpa; | 3966 | bdaddr_t nrpa; |
| 3967 | |||
| 3968 | while (true) { | ||
| 3969 | /* The non-resolvable private address is generated | ||
| 3970 | * from random six bytes with the two most significant | ||
| 3971 | * bits cleared. | ||
| 3972 | */ | ||
| 3973 | get_random_bytes(&nrpa, 6); | ||
| 3974 | nrpa.b[5] &= 0x3f; | ||
| 3967 | 3975 | ||
| 3968 | get_random_bytes(&urpa, 6); | 3976 | /* The non-resolvable private address shall not be |
| 3969 | urpa.b[5] &= 0x3f; /* Clear two most significant bits */ | 3977 | * equal to the public address. |
| 3978 | */ | ||
| 3979 | if (bacmp(&hdev->bdaddr, &nrpa)) | ||
| 3980 | break; | ||
| 3981 | } | ||
| 3970 | 3982 | ||
| 3971 | *own_addr_type = ADDR_LE_DEV_RANDOM; | 3983 | *own_addr_type = ADDR_LE_DEV_RANDOM; |
| 3972 | set_random_addr(req, &urpa); | 3984 | set_random_addr(req, &nrpa); |
| 3973 | return 0; | 3985 | return 0; |
| 3974 | } | 3986 | } |
| 3975 | 3987 | ||
| @@ -5625,7 +5637,7 @@ void hci_req_add_le_passive_scan(struct hci_request *req) | |||
| 5625 | u8 filter_policy; | 5637 | u8 filter_policy; |
| 5626 | 5638 | ||
| 5627 | /* Set require_privacy to false since no SCAN_REQ are send | 5639 | /* Set require_privacy to false since no SCAN_REQ are send |
| 5628 | * during passive scanning. Not using an unresolvable address | 5640 | * during passive scanning. Not using an non-resolvable address |
| 5629 | * here is important so that peer devices using direct | 5641 | * here is important so that peer devices using direct |
| 5630 | * advertising with our address will be correctly reported | 5642 | * advertising with our address will be correctly reported |
| 5631 | * by the controller. | 5643 | * by the controller. |
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index 322abbbbcef9..39a5c8a01726 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c | |||
| @@ -257,6 +257,8 @@ static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb) | |||
| 257 | if (!sent) | 257 | if (!sent) |
| 258 | return; | 258 | return; |
| 259 | 259 | ||
| 260 | hci_dev_lock(hdev); | ||
| 261 | |||
| 260 | if (!status) { | 262 | if (!status) { |
| 261 | __u8 param = *((__u8 *) sent); | 263 | __u8 param = *((__u8 *) sent); |
| 262 | 264 | ||
| @@ -268,6 +270,8 @@ static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb) | |||
| 268 | 270 | ||
| 269 | if (test_bit(HCI_MGMT, &hdev->dev_flags)) | 271 | if (test_bit(HCI_MGMT, &hdev->dev_flags)) |
| 270 | mgmt_auth_enable_complete(hdev, status); | 272 | mgmt_auth_enable_complete(hdev, status); |
| 273 | |||
| 274 | hci_dev_unlock(hdev); | ||
| 271 | } | 275 | } |
| 272 | 276 | ||
| 273 | static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) | 277 | static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb) |
| @@ -443,6 +447,8 @@ static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) | |||
| 443 | if (!sent) | 447 | if (!sent) |
| 444 | return; | 448 | return; |
| 445 | 449 | ||
| 450 | hci_dev_lock(hdev); | ||
| 451 | |||
| 446 | if (!status) { | 452 | if (!status) { |
| 447 | if (sent->mode) | 453 | if (sent->mode) |
| 448 | hdev->features[1][0] |= LMP_HOST_SSP; | 454 | hdev->features[1][0] |= LMP_HOST_SSP; |
| @@ -458,6 +464,8 @@ static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb) | |||
| 458 | else | 464 | else |
| 459 | clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags); | 465 | clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags); |
| 460 | } | 466 | } |
| 467 | |||
| 468 | hci_dev_unlock(hdev); | ||
| 461 | } | 469 | } |
| 462 | 470 | ||
| 463 | static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb) | 471 | static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb) |
| @@ -471,6 +479,8 @@ static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb) | |||
| 471 | if (!sent) | 479 | if (!sent) |
| 472 | return; | 480 | return; |
| 473 | 481 | ||
| 482 | hci_dev_lock(hdev); | ||
| 483 | |||
| 474 | if (!status) { | 484 | if (!status) { |
| 475 | if (sent->support) | 485 | if (sent->support) |
| 476 | hdev->features[1][0] |= LMP_HOST_SC; | 486 | hdev->features[1][0] |= LMP_HOST_SC; |
| @@ -486,6 +496,8 @@ static void hci_cc_write_sc_support(struct hci_dev *hdev, struct sk_buff *skb) | |||
| 486 | else | 496 | else |
| 487 | clear_bit(HCI_SC_ENABLED, &hdev->dev_flags); | 497 | clear_bit(HCI_SC_ENABLED, &hdev->dev_flags); |
| 488 | } | 498 | } |
| 499 | |||
| 500 | hci_dev_unlock(hdev); | ||
| 489 | } | 501 | } |
| 490 | 502 | ||
| 491 | static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) | 503 | static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb) |
| @@ -1135,6 +1147,8 @@ static void hci_cc_le_set_scan_enable(struct hci_dev *hdev, | |||
| 1135 | if (!cp) | 1147 | if (!cp) |
| 1136 | return; | 1148 | return; |
| 1137 | 1149 | ||
| 1150 | hci_dev_lock(hdev); | ||
| 1151 | |||
| 1138 | switch (cp->enable) { | 1152 | switch (cp->enable) { |
| 1139 | case LE_SCAN_ENABLE: | 1153 | case LE_SCAN_ENABLE: |
| 1140 | set_bit(HCI_LE_SCAN, &hdev->dev_flags); | 1154 | set_bit(HCI_LE_SCAN, &hdev->dev_flags); |
| @@ -1184,6 +1198,8 @@ static void hci_cc_le_set_scan_enable(struct hci_dev *hdev, | |||
| 1184 | BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable); | 1198 | BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable); |
| 1185 | break; | 1199 | break; |
| 1186 | } | 1200 | } |
| 1201 | |||
| 1202 | hci_dev_unlock(hdev); | ||
| 1187 | } | 1203 | } |
| 1188 | 1204 | ||
| 1189 | static void hci_cc_le_read_white_list_size(struct hci_dev *hdev, | 1205 | static void hci_cc_le_read_white_list_size(struct hci_dev *hdev, |
| @@ -1278,6 +1294,8 @@ static void hci_cc_write_le_host_supported(struct hci_dev *hdev, | |||
| 1278 | if (!sent) | 1294 | if (!sent) |
| 1279 | return; | 1295 | return; |
| 1280 | 1296 | ||
| 1297 | hci_dev_lock(hdev); | ||
| 1298 | |||
| 1281 | if (sent->le) { | 1299 | if (sent->le) { |
| 1282 | hdev->features[1][0] |= LMP_HOST_LE; | 1300 | hdev->features[1][0] |= LMP_HOST_LE; |
| 1283 | set_bit(HCI_LE_ENABLED, &hdev->dev_flags); | 1301 | set_bit(HCI_LE_ENABLED, &hdev->dev_flags); |
| @@ -1291,6 +1309,8 @@ static void hci_cc_write_le_host_supported(struct hci_dev *hdev, | |||
| 1291 | hdev->features[1][0] |= LMP_HOST_LE_BREDR; | 1309 | hdev->features[1][0] |= LMP_HOST_LE_BREDR; |
| 1292 | else | 1310 | else |
| 1293 | hdev->features[1][0] &= ~LMP_HOST_LE_BREDR; | 1311 | hdev->features[1][0] &= ~LMP_HOST_LE_BREDR; |
| 1312 | |||
| 1313 | hci_dev_unlock(hdev); | ||
| 1294 | } | 1314 | } |
| 1295 | 1315 | ||
| 1296 | static void hci_cc_set_adv_param(struct hci_dev *hdev, struct sk_buff *skb) | 1316 | static void hci_cc_set_adv_param(struct hci_dev *hdev, struct sk_buff *skb) |
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index a2b6dfa38a0c..d04dc0095736 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c | |||
| @@ -6966,8 +6966,9 @@ static struct l2cap_conn *l2cap_conn_add(struct hci_conn *hcon) | |||
| 6966 | test_bit(HCI_HS_ENABLED, &hcon->hdev->dev_flags)) | 6966 | test_bit(HCI_HS_ENABLED, &hcon->hdev->dev_flags)) |
| 6967 | conn->local_fixed_chan |= L2CAP_FC_A2MP; | 6967 | conn->local_fixed_chan |= L2CAP_FC_A2MP; |
| 6968 | 6968 | ||
| 6969 | if (bredr_sc_enabled(hcon->hdev) && | 6969 | if (test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags) && |
| 6970 | test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) | 6970 | (bredr_sc_enabled(hcon->hdev) || |
| 6971 | test_bit(HCI_FORCE_LESC, &hcon->hdev->dbg_flags))) | ||
| 6971 | conn->local_fixed_chan |= L2CAP_FC_SMP_BREDR; | 6972 | conn->local_fixed_chan |= L2CAP_FC_SMP_BREDR; |
| 6972 | 6973 | ||
| 6973 | mutex_init(&conn->ident_lock); | 6974 | mutex_init(&conn->ident_lock); |
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index 7384f1161336..06c2e652e4b6 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c | |||
| @@ -2199,12 +2199,14 @@ static void le_enable_complete(struct hci_dev *hdev, u8 status) | |||
| 2199 | { | 2199 | { |
| 2200 | struct cmd_lookup match = { NULL, hdev }; | 2200 | struct cmd_lookup match = { NULL, hdev }; |
| 2201 | 2201 | ||
| 2202 | hci_dev_lock(hdev); | ||
| 2203 | |||
| 2202 | if (status) { | 2204 | if (status) { |
| 2203 | u8 mgmt_err = mgmt_status(status); | 2205 | u8 mgmt_err = mgmt_status(status); |
| 2204 | 2206 | ||
| 2205 | mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp, | 2207 | mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp, |
| 2206 | &mgmt_err); | 2208 | &mgmt_err); |
| 2207 | return; | 2209 | goto unlock; |
| 2208 | } | 2210 | } |
| 2209 | 2211 | ||
| 2210 | mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match); | 2212 | mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match); |
| @@ -2222,17 +2224,16 @@ static void le_enable_complete(struct hci_dev *hdev, u8 status) | |||
| 2222 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) { | 2224 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) { |
| 2223 | struct hci_request req; | 2225 | struct hci_request req; |
| 2224 | 2226 | ||
| 2225 | hci_dev_lock(hdev); | ||
| 2226 | |||
| 2227 | hci_req_init(&req, hdev); | 2227 | hci_req_init(&req, hdev); |
| 2228 | update_adv_data(&req); | 2228 | update_adv_data(&req); |
| 2229 | update_scan_rsp_data(&req); | 2229 | update_scan_rsp_data(&req); |
| 2230 | hci_req_run(&req, NULL); | 2230 | hci_req_run(&req, NULL); |
| 2231 | 2231 | ||
| 2232 | hci_update_background_scan(hdev); | 2232 | hci_update_background_scan(hdev); |
| 2233 | |||
| 2234 | hci_dev_unlock(hdev); | ||
| 2235 | } | 2233 | } |
| 2234 | |||
| 2235 | unlock: | ||
| 2236 | hci_dev_unlock(hdev); | ||
| 2236 | } | 2237 | } |
| 2237 | 2238 | ||
| 2238 | static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len) | 2239 | static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len) |
| @@ -3114,14 +3115,13 @@ static void pairing_complete(struct pending_cmd *cmd, u8 status) | |||
| 3114 | conn->disconn_cfm_cb = NULL; | 3115 | conn->disconn_cfm_cb = NULL; |
| 3115 | 3116 | ||
| 3116 | hci_conn_drop(conn); | 3117 | hci_conn_drop(conn); |
| 3117 | hci_conn_put(conn); | ||
| 3118 | |||
| 3119 | mgmt_pending_remove(cmd); | ||
| 3120 | 3118 | ||
| 3121 | /* The device is paired so there is no need to remove | 3119 | /* The device is paired so there is no need to remove |
| 3122 | * its connection parameters anymore. | 3120 | * its connection parameters anymore. |
| 3123 | */ | 3121 | */ |
| 3124 | clear_bit(HCI_CONN_PARAM_REMOVAL_PEND, &conn->flags); | 3122 | clear_bit(HCI_CONN_PARAM_REMOVAL_PEND, &conn->flags); |
| 3123 | |||
| 3124 | hci_conn_put(conn); | ||
| 3125 | } | 3125 | } |
| 3126 | 3126 | ||
| 3127 | void mgmt_smp_complete(struct hci_conn *conn, bool complete) | 3127 | void mgmt_smp_complete(struct hci_conn *conn, bool complete) |
| @@ -3130,8 +3130,10 @@ void mgmt_smp_complete(struct hci_conn *conn, bool complete) | |||
| 3130 | struct pending_cmd *cmd; | 3130 | struct pending_cmd *cmd; |
| 3131 | 3131 | ||
| 3132 | cmd = find_pairing(conn); | 3132 | cmd = find_pairing(conn); |
| 3133 | if (cmd) | 3133 | if (cmd) { |
| 3134 | cmd->cmd_complete(cmd, status); | 3134 | cmd->cmd_complete(cmd, status); |
| 3135 | mgmt_pending_remove(cmd); | ||
| 3136 | } | ||
| 3135 | } | 3137 | } |
| 3136 | 3138 | ||
| 3137 | static void pairing_complete_cb(struct hci_conn *conn, u8 status) | 3139 | static void pairing_complete_cb(struct hci_conn *conn, u8 status) |
| @@ -3141,10 +3143,13 @@ static void pairing_complete_cb(struct hci_conn *conn, u8 status) | |||
| 3141 | BT_DBG("status %u", status); | 3143 | BT_DBG("status %u", status); |
| 3142 | 3144 | ||
| 3143 | cmd = find_pairing(conn); | 3145 | cmd = find_pairing(conn); |
| 3144 | if (!cmd) | 3146 | if (!cmd) { |
| 3145 | BT_DBG("Unable to find a pending command"); | 3147 | BT_DBG("Unable to find a pending command"); |
| 3146 | else | 3148 | return; |
| 3147 | cmd->cmd_complete(cmd, mgmt_status(status)); | 3149 | } |
| 3150 | |||
| 3151 | cmd->cmd_complete(cmd, mgmt_status(status)); | ||
| 3152 | mgmt_pending_remove(cmd); | ||
| 3148 | } | 3153 | } |
| 3149 | 3154 | ||
| 3150 | static void le_pairing_complete_cb(struct hci_conn *conn, u8 status) | 3155 | static void le_pairing_complete_cb(struct hci_conn *conn, u8 status) |
| @@ -3157,10 +3162,13 @@ static void le_pairing_complete_cb(struct hci_conn *conn, u8 status) | |||
| 3157 | return; | 3162 | return; |
| 3158 | 3163 | ||
| 3159 | cmd = find_pairing(conn); | 3164 | cmd = find_pairing(conn); |
| 3160 | if (!cmd) | 3165 | if (!cmd) { |
| 3161 | BT_DBG("Unable to find a pending command"); | 3166 | BT_DBG("Unable to find a pending command"); |
| 3162 | else | 3167 | return; |
| 3163 | cmd->cmd_complete(cmd, mgmt_status(status)); | 3168 | } |
| 3169 | |||
| 3170 | cmd->cmd_complete(cmd, mgmt_status(status)); | ||
| 3171 | mgmt_pending_remove(cmd); | ||
| 3164 | } | 3172 | } |
| 3165 | 3173 | ||
| 3166 | static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data, | 3174 | static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data, |
| @@ -3274,8 +3282,10 @@ static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data, | |||
| 3274 | cmd->user_data = hci_conn_get(conn); | 3282 | cmd->user_data = hci_conn_get(conn); |
| 3275 | 3283 | ||
| 3276 | if ((conn->state == BT_CONNECTED || conn->state == BT_CONFIG) && | 3284 | if ((conn->state == BT_CONNECTED || conn->state == BT_CONFIG) && |
| 3277 | hci_conn_security(conn, sec_level, auth_type, true)) | 3285 | hci_conn_security(conn, sec_level, auth_type, true)) { |
| 3278 | pairing_complete(cmd, 0); | 3286 | cmd->cmd_complete(cmd, 0); |
| 3287 | mgmt_pending_remove(cmd); | ||
| 3288 | } | ||
| 3279 | 3289 | ||
| 3280 | err = 0; | 3290 | err = 0; |
| 3281 | 3291 | ||
| @@ -3317,7 +3327,8 @@ static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data, | |||
| 3317 | goto unlock; | 3327 | goto unlock; |
| 3318 | } | 3328 | } |
| 3319 | 3329 | ||
| 3320 | pairing_complete(cmd, MGMT_STATUS_CANCELLED); | 3330 | cmd->cmd_complete(cmd, MGMT_STATUS_CANCELLED); |
| 3331 | mgmt_pending_remove(cmd); | ||
| 3321 | 3332 | ||
| 3322 | err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0, | 3333 | err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0, |
| 3323 | addr, sizeof(*addr)); | 3334 | addr, sizeof(*addr)); |
| @@ -3791,7 +3802,7 @@ static bool trigger_discovery(struct hci_request *req, u8 *status) | |||
| 3791 | 3802 | ||
| 3792 | /* All active scans will be done with either a resolvable | 3803 | /* All active scans will be done with either a resolvable |
| 3793 | * private address (when privacy feature has been enabled) | 3804 | * private address (when privacy feature has been enabled) |
| 3794 | * or unresolvable private address. | 3805 | * or non-resolvable private address. |
| 3795 | */ | 3806 | */ |
| 3796 | err = hci_update_random_address(req, true, &own_addr_type); | 3807 | err = hci_update_random_address(req, true, &own_addr_type); |
| 3797 | if (err < 0) { | 3808 | if (err < 0) { |
| @@ -4279,12 +4290,14 @@ static void set_advertising_complete(struct hci_dev *hdev, u8 status) | |||
| 4279 | { | 4290 | { |
| 4280 | struct cmd_lookup match = { NULL, hdev }; | 4291 | struct cmd_lookup match = { NULL, hdev }; |
| 4281 | 4292 | ||
| 4293 | hci_dev_lock(hdev); | ||
| 4294 | |||
| 4282 | if (status) { | 4295 | if (status) { |
| 4283 | u8 mgmt_err = mgmt_status(status); | 4296 | u8 mgmt_err = mgmt_status(status); |
| 4284 | 4297 | ||
| 4285 | mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, | 4298 | mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, |
| 4286 | cmd_status_rsp, &mgmt_err); | 4299 | cmd_status_rsp, &mgmt_err); |
| 4287 | return; | 4300 | goto unlock; |
| 4288 | } | 4301 | } |
| 4289 | 4302 | ||
| 4290 | if (test_bit(HCI_LE_ADV, &hdev->dev_flags)) | 4303 | if (test_bit(HCI_LE_ADV, &hdev->dev_flags)) |
| @@ -4299,6 +4312,9 @@ static void set_advertising_complete(struct hci_dev *hdev, u8 status) | |||
| 4299 | 4312 | ||
| 4300 | if (match.sk) | 4313 | if (match.sk) |
| 4301 | sock_put(match.sk); | 4314 | sock_put(match.sk); |
| 4315 | |||
| 4316 | unlock: | ||
| 4317 | hci_dev_unlock(hdev); | ||
| 4302 | } | 4318 | } |
| 4303 | 4319 | ||
| 4304 | static int set_advertising(struct sock *sk, struct hci_dev *hdev, void *data, | 4320 | static int set_advertising(struct sock *sk, struct hci_dev *hdev, void *data, |
| @@ -6081,6 +6097,11 @@ static int powered_update_hci(struct hci_dev *hdev) | |||
| 6081 | hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp); | 6097 | hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp); |
| 6082 | } | 6098 | } |
| 6083 | 6099 | ||
| 6100 | if (bredr_sc_enabled(hdev) && !lmp_host_sc_capable(hdev)) { | ||
| 6101 | u8 sc = 0x01; | ||
| 6102 | hci_req_add(&req, HCI_OP_WRITE_SC_SUPPORT, sizeof(sc), &sc); | ||
| 6103 | } | ||
| 6104 | |||
| 6084 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags) && | 6105 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags) && |
| 6085 | lmp_bredr_capable(hdev)) { | 6106 | lmp_bredr_capable(hdev)) { |
| 6086 | struct hci_cp_write_le_host_supported cp; | 6107 | struct hci_cp_write_le_host_supported cp; |
| @@ -6130,8 +6151,7 @@ static int powered_update_hci(struct hci_dev *hdev) | |||
| 6130 | int mgmt_powered(struct hci_dev *hdev, u8 powered) | 6151 | int mgmt_powered(struct hci_dev *hdev, u8 powered) |
| 6131 | { | 6152 | { |
| 6132 | struct cmd_lookup match = { NULL, hdev }; | 6153 | struct cmd_lookup match = { NULL, hdev }; |
| 6133 | u8 status_not_powered = MGMT_STATUS_NOT_POWERED; | 6154 | u8 status, zero_cod[] = { 0, 0, 0 }; |
| 6134 | u8 zero_cod[] = { 0, 0, 0 }; | ||
| 6135 | int err; | 6155 | int err; |
| 6136 | 6156 | ||
| 6137 | if (!test_bit(HCI_MGMT, &hdev->dev_flags)) | 6157 | if (!test_bit(HCI_MGMT, &hdev->dev_flags)) |
| @@ -6147,7 +6167,20 @@ int mgmt_powered(struct hci_dev *hdev, u8 powered) | |||
| 6147 | } | 6167 | } |
| 6148 | 6168 | ||
| 6149 | mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match); | 6169 | mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match); |
| 6150 | mgmt_pending_foreach(0, hdev, cmd_complete_rsp, &status_not_powered); | 6170 | |
| 6171 | /* If the power off is because of hdev unregistration let | ||
| 6172 | * use the appropriate INVALID_INDEX status. Otherwise use | ||
| 6173 | * NOT_POWERED. We cover both scenarios here since later in | ||
| 6174 | * mgmt_index_removed() any hci_conn callbacks will have already | ||
| 6175 | * been triggered, potentially causing misleading DISCONNECTED | ||
| 6176 | * status responses. | ||
| 6177 | */ | ||
| 6178 | if (test_bit(HCI_UNREGISTER, &hdev->dev_flags)) | ||
| 6179 | status = MGMT_STATUS_INVALID_INDEX; | ||
| 6180 | else | ||
| 6181 | status = MGMT_STATUS_NOT_POWERED; | ||
| 6182 | |||
| 6183 | mgmt_pending_foreach(0, hdev, cmd_complete_rsp, &status); | ||
| 6151 | 6184 | ||
| 6152 | if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0) | 6185 | if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0) |
| 6153 | mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, | 6186 | mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, |
| @@ -6681,8 +6714,10 @@ void mgmt_auth_failed(struct hci_conn *conn, u8 hci_status) | |||
| 6681 | mgmt_event(MGMT_EV_AUTH_FAILED, conn->hdev, &ev, sizeof(ev), | 6714 | mgmt_event(MGMT_EV_AUTH_FAILED, conn->hdev, &ev, sizeof(ev), |
| 6682 | cmd ? cmd->sk : NULL); | 6715 | cmd ? cmd->sk : NULL); |
| 6683 | 6716 | ||
| 6684 | if (cmd) | 6717 | if (cmd) { |
| 6685 | pairing_complete(cmd, status); | 6718 | cmd->cmd_complete(cmd, status); |
| 6719 | mgmt_pending_remove(cmd); | ||
| 6720 | } | ||
| 6686 | } | 6721 | } |
| 6687 | 6722 | ||
| 6688 | void mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status) | 6723 | void mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status) |
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index 6a46252fe66f..b67749bb55bf 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c | |||
| @@ -1673,7 +1673,8 @@ static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb) | |||
| 1673 | /* SMP over BR/EDR requires special treatment */ | 1673 | /* SMP over BR/EDR requires special treatment */ |
| 1674 | if (conn->hcon->type == ACL_LINK) { | 1674 | if (conn->hcon->type == ACL_LINK) { |
| 1675 | /* We must have a BR/EDR SC link */ | 1675 | /* We must have a BR/EDR SC link */ |
| 1676 | if (!test_bit(HCI_CONN_AES_CCM, &conn->hcon->flags)) | 1676 | if (!test_bit(HCI_CONN_AES_CCM, &conn->hcon->flags) && |
| 1677 | !test_bit(HCI_FORCE_LESC, &hdev->dbg_flags)) | ||
| 1677 | return SMP_CROSS_TRANSP_NOT_ALLOWED; | 1678 | return SMP_CROSS_TRANSP_NOT_ALLOWED; |
| 1678 | 1679 | ||
| 1679 | set_bit(SMP_FLAG_SC, &smp->flags); | 1680 | set_bit(SMP_FLAG_SC, &smp->flags); |
| @@ -2927,7 +2928,7 @@ static struct l2cap_chan *smp_add_cid(struct hci_dev *hdev, u16 cid) | |||
| 2927 | tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, 0); | 2928 | tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, 0); |
| 2928 | if (IS_ERR(tfm_aes)) { | 2929 | if (IS_ERR(tfm_aes)) { |
| 2929 | BT_ERR("Unable to create crypto context"); | 2930 | BT_ERR("Unable to create crypto context"); |
| 2930 | return ERR_PTR(PTR_ERR(tfm_aes)); | 2931 | return ERR_CAST(tfm_aes); |
| 2931 | } | 2932 | } |
| 2932 | 2933 | ||
| 2933 | create_chan: | 2934 | create_chan: |