aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--MAINTAINERS8
-rw-r--r--drivers/bluetooth/ath3k.c4
-rw-r--r--drivers/bluetooth/btusb.c5
-rw-r--r--drivers/bluetooth/hci_ldisc.c2
-rw-r--r--include/net/bluetooth/hci.h3
-rw-r--r--include/net/bluetooth/hci_core.h12
-rw-r--r--include/net/bluetooth/mgmt.h2
-rw-r--r--net/bluetooth/hci_core.c7
-rw-r--r--net/bluetooth/l2cap_core.c3
-rw-r--r--net/bluetooth/l2cap_sock.c5
-rw-r--r--net/bluetooth/mgmt.c13
11 files changed, 45 insertions, 19 deletions
diff --git a/MAINTAINERS b/MAINTAINERS
index 6d05ae236036..6010b9d13b47 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1521,8 +1521,8 @@ M: Gustavo Padovan <gustavo@padovan.org>
1521M: Johan Hedberg <johan.hedberg@gmail.com> 1521M: Johan Hedberg <johan.hedberg@gmail.com>
1522L: linux-bluetooth@vger.kernel.org 1522L: linux-bluetooth@vger.kernel.org
1523W: http://www.bluez.org/ 1523W: http://www.bluez.org/
1524T: git git://git.kernel.org/pub/scm/linux/kernel/git/padovan/bluetooth.git 1524T: git git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git
1525T: git git://git.kernel.org/pub/scm/linux/kernel/git/jh/bluetooth.git 1525T: git git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git
1526S: Maintained 1526S: Maintained
1527F: drivers/bluetooth/ 1527F: drivers/bluetooth/
1528 1528
@@ -1532,8 +1532,8 @@ M: Gustavo Padovan <gustavo@padovan.org>
1532M: Johan Hedberg <johan.hedberg@gmail.com> 1532M: Johan Hedberg <johan.hedberg@gmail.com>
1533L: linux-bluetooth@vger.kernel.org 1533L: linux-bluetooth@vger.kernel.org
1534W: http://www.bluez.org/ 1534W: http://www.bluez.org/
1535T: git git://git.kernel.org/pub/scm/linux/kernel/git/padovan/bluetooth.git 1535T: git git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git
1536T: git git://git.kernel.org/pub/scm/linux/kernel/git/jh/bluetooth.git 1536T: git git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git
1537S: Maintained 1537S: Maintained
1538F: net/bluetooth/ 1538F: net/bluetooth/
1539F: include/net/bluetooth/ 1539F: include/net/bluetooth/
diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c
index 48442476ec00..ae9edca7b56d 100644
--- a/drivers/bluetooth/ath3k.c
+++ b/drivers/bluetooth/ath3k.c
@@ -72,7 +72,9 @@ static struct usb_device_id ath3k_table[] = {
72 72
73 /* Atheros AR3012 with sflash firmware*/ 73 /* Atheros AR3012 with sflash firmware*/
74 { USB_DEVICE(0x0CF3, 0x3004) }, 74 { USB_DEVICE(0x0CF3, 0x3004) },
75 { USB_DEVICE(0x0CF3, 0x311D) },
75 { USB_DEVICE(0x13d3, 0x3375) }, 76 { USB_DEVICE(0x13d3, 0x3375) },
77 { USB_DEVICE(0x04CA, 0x3005) },
76 78
77 /* Atheros AR5BBU12 with sflash firmware */ 79 /* Atheros AR5BBU12 with sflash firmware */
78 { USB_DEVICE(0x0489, 0xE02C) }, 80 { USB_DEVICE(0x0489, 0xE02C) },
@@ -89,7 +91,9 @@ static struct usb_device_id ath3k_blist_tbl[] = {
89 91
90 /* Atheros AR3012 with sflash firmware*/ 92 /* Atheros AR3012 with sflash firmware*/
91 { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, 93 { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 },
94 { USB_DEVICE(0x0cf3, 0x311D), .driver_info = BTUSB_ATH3012 },
92 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, 95 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 },
96 { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 },
93 97
94 { } /* Terminating entry */ 98 { } /* Terminating entry */
95}; 99};
diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
index 480cad920048..3311b812a0c6 100644
--- a/drivers/bluetooth/btusb.c
+++ b/drivers/bluetooth/btusb.c
@@ -61,7 +61,7 @@ static struct usb_device_id btusb_table[] = {
61 { USB_DEVICE_INFO(0xe0, 0x01, 0x01) }, 61 { USB_DEVICE_INFO(0xe0, 0x01, 0x01) },
62 62
63 /* Broadcom SoftSailing reporting vendor specific */ 63 /* Broadcom SoftSailing reporting vendor specific */
64 { USB_DEVICE(0x05ac, 0x21e1) }, 64 { USB_DEVICE(0x0a5c, 0x21e1) },
65 65
66 /* Apple MacBookPro 7,1 */ 66 /* Apple MacBookPro 7,1 */
67 { USB_DEVICE(0x05ac, 0x8213) }, 67 { USB_DEVICE(0x05ac, 0x8213) },
@@ -103,6 +103,7 @@ static struct usb_device_id btusb_table[] = {
103 /* Broadcom BCM20702A0 */ 103 /* Broadcom BCM20702A0 */
104 { USB_DEVICE(0x0a5c, 0x21e3) }, 104 { USB_DEVICE(0x0a5c, 0x21e3) },
105 { USB_DEVICE(0x0a5c, 0x21e6) }, 105 { USB_DEVICE(0x0a5c, 0x21e6) },
106 { USB_DEVICE(0x0a5c, 0x21e8) },
106 { USB_DEVICE(0x0a5c, 0x21f3) }, 107 { USB_DEVICE(0x0a5c, 0x21f3) },
107 { USB_DEVICE(0x413c, 0x8197) }, 108 { USB_DEVICE(0x413c, 0x8197) },
108 109
@@ -129,7 +130,9 @@ static struct usb_device_id blacklist_table[] = {
129 130
130 /* Atheros 3012 with sflash firmware */ 131 /* Atheros 3012 with sflash firmware */
131 { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, 132 { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 },
133 { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 },
132 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, 134 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 },
135 { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 },
133 136
134 /* Atheros AR5BBU12 with sflash firmware */ 137 /* Atheros AR5BBU12 with sflash firmware */
135 { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE }, 138 { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE },
diff --git a/drivers/bluetooth/hci_ldisc.c b/drivers/bluetooth/hci_ldisc.c
index fd5adb408f44..98a8c05d4f23 100644
--- a/drivers/bluetooth/hci_ldisc.c
+++ b/drivers/bluetooth/hci_ldisc.c
@@ -299,11 +299,11 @@ static void hci_uart_tty_close(struct tty_struct *tty)
299 hci_uart_close(hdev); 299 hci_uart_close(hdev);
300 300
301 if (test_and_clear_bit(HCI_UART_PROTO_SET, &hu->flags)) { 301 if (test_and_clear_bit(HCI_UART_PROTO_SET, &hu->flags)) {
302 hu->proto->close(hu);
303 if (hdev) { 302 if (hdev) {
304 hci_unregister_dev(hdev); 303 hci_unregister_dev(hdev);
305 hci_free_dev(hdev); 304 hci_free_dev(hdev);
306 } 305 }
306 hu->proto->close(hu);
307 } 307 }
308 308
309 kfree(hu); 309 kfree(hu);
diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h
index 344b0f972828..d47e523c9d83 100644
--- a/include/net/bluetooth/hci.h
+++ b/include/net/bluetooth/hci.h
@@ -92,6 +92,7 @@ enum {
92 HCI_SERVICE_CACHE, 92 HCI_SERVICE_CACHE,
93 HCI_LINK_KEYS, 93 HCI_LINK_KEYS,
94 HCI_DEBUG_KEYS, 94 HCI_DEBUG_KEYS,
95 HCI_UNREGISTER,
95 96
96 HCI_LE_SCAN, 97 HCI_LE_SCAN,
97 HCI_SSP_ENABLED, 98 HCI_SSP_ENABLED,
@@ -1327,8 +1328,8 @@ struct sockaddr_hci {
1327#define HCI_DEV_NONE 0xffff 1328#define HCI_DEV_NONE 0xffff
1328 1329
1329#define HCI_CHANNEL_RAW 0 1330#define HCI_CHANNEL_RAW 0
1330#define HCI_CHANNEL_CONTROL 1
1331#define HCI_CHANNEL_MONITOR 2 1331#define HCI_CHANNEL_MONITOR 2
1332#define HCI_CHANNEL_CONTROL 3
1332 1333
1333struct hci_filter { 1334struct hci_filter {
1334 unsigned long type_mask; 1335 unsigned long type_mask;
diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
index daefaac51131..6822d2595aff 100644
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -427,7 +427,7 @@ enum {
427static inline bool hci_conn_ssp_enabled(struct hci_conn *conn) 427static inline bool hci_conn_ssp_enabled(struct hci_conn *conn)
428{ 428{
429 struct hci_dev *hdev = conn->hdev; 429 struct hci_dev *hdev = conn->hdev;
430 return (test_bit(HCI_SSP_ENABLED, &hdev->flags) && 430 return (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
431 test_bit(HCI_CONN_SSP_ENABLED, &conn->flags)); 431 test_bit(HCI_CONN_SSP_ENABLED, &conn->flags));
432} 432}
433 433
@@ -907,11 +907,13 @@ static inline void hci_role_switch_cfm(struct hci_conn *conn, __u8 status,
907 907
908static inline bool eir_has_data_type(u8 *data, size_t data_len, u8 type) 908static inline bool eir_has_data_type(u8 *data, size_t data_len, u8 type)
909{ 909{
910 u8 field_len; 910 size_t parsed = 0;
911 size_t parsed;
912 911
913 for (parsed = 0; parsed < data_len - 1; parsed += field_len) { 912 if (data_len < 2)
914 field_len = data[0]; 913 return false;
914
915 while (parsed < data_len - 1) {
916 u8 field_len = data[0];
915 917
916 if (field_len == 0) 918 if (field_len == 0)
917 break; 919 break;
diff --git a/include/net/bluetooth/mgmt.h b/include/net/bluetooth/mgmt.h
index ffc1377e092e..ebfd91fc20f8 100644
--- a/include/net/bluetooth/mgmt.h
+++ b/include/net/bluetooth/mgmt.h
@@ -117,7 +117,7 @@ struct mgmt_mode {
117#define MGMT_OP_SET_DISCOVERABLE 0x0006 117#define MGMT_OP_SET_DISCOVERABLE 0x0006
118struct mgmt_cp_set_discoverable { 118struct mgmt_cp_set_discoverable {
119 __u8 val; 119 __u8 val;
120 __u16 timeout; 120 __le16 timeout;
121} __packed; 121} __packed;
122#define MGMT_SET_DISCOVERABLE_SIZE 3 122#define MGMT_SET_DISCOVERABLE_SIZE 3
123 123
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index e33af63a884a..92a857e3786d 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -665,6 +665,11 @@ int hci_dev_open(__u16 dev)
665 665
666 hci_req_lock(hdev); 666 hci_req_lock(hdev);
667 667
668 if (test_bit(HCI_UNREGISTER, &hdev->dev_flags)) {
669 ret = -ENODEV;
670 goto done;
671 }
672
668 if (hdev->rfkill && rfkill_blocked(hdev->rfkill)) { 673 if (hdev->rfkill && rfkill_blocked(hdev->rfkill)) {
669 ret = -ERFKILL; 674 ret = -ERFKILL;
670 goto done; 675 goto done;
@@ -1849,6 +1854,8 @@ void hci_unregister_dev(struct hci_dev *hdev)
1849 1854
1850 BT_DBG("%p name %s bus %d", hdev, hdev->name, hdev->bus); 1855 BT_DBG("%p name %s bus %d", hdev, hdev->name, hdev->bus);
1851 1856
1857 set_bit(HCI_UNREGISTER, &hdev->dev_flags);
1858
1852 write_lock(&hci_dev_list_lock); 1859 write_lock(&hci_dev_list_lock);
1853 list_del(&hdev->list); 1860 list_del(&hdev->list);
1854 write_unlock(&hci_dev_list_lock); 1861 write_unlock(&hci_dev_list_lock);
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index b8e17e4dac8b..94552b33d528 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1308,6 +1308,7 @@ static void l2cap_monitor_timeout(struct work_struct *work)
1308 if (chan->retry_count >= chan->remote_max_tx) { 1308 if (chan->retry_count >= chan->remote_max_tx) {
1309 l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED); 1309 l2cap_send_disconn_req(chan->conn, chan, ECONNABORTED);
1310 l2cap_chan_unlock(chan); 1310 l2cap_chan_unlock(chan);
1311 l2cap_chan_put(chan);
1311 return; 1312 return;
1312 } 1313 }
1313 1314
@@ -1316,6 +1317,7 @@ static void l2cap_monitor_timeout(struct work_struct *work)
1316 1317
1317 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL); 1318 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL);
1318 l2cap_chan_unlock(chan); 1319 l2cap_chan_unlock(chan);
1320 l2cap_chan_put(chan);
1319} 1321}
1320 1322
1321static void l2cap_retrans_timeout(struct work_struct *work) 1323static void l2cap_retrans_timeout(struct work_struct *work)
@@ -1335,6 +1337,7 @@ static void l2cap_retrans_timeout(struct work_struct *work)
1335 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL); 1337 l2cap_send_rr_or_rnr(chan, L2CAP_CTRL_POLL);
1336 1338
1337 l2cap_chan_unlock(chan); 1339 l2cap_chan_unlock(chan);
1340 l2cap_chan_put(chan);
1338} 1341}
1339 1342
1340static void l2cap_drop_acked_frames(struct l2cap_chan *chan) 1343static void l2cap_drop_acked_frames(struct l2cap_chan *chan)
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index c4fe583b0af6..29122ed28ea9 100644
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -82,7 +82,7 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
82 } 82 }
83 83
84 if (la.l2_cid) 84 if (la.l2_cid)
85 err = l2cap_add_scid(chan, la.l2_cid); 85 err = l2cap_add_scid(chan, __le16_to_cpu(la.l2_cid));
86 else 86 else
87 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm); 87 err = l2cap_add_psm(chan, &la.l2_bdaddr, la.l2_psm);
88 88
@@ -123,7 +123,8 @@ static int l2cap_sock_connect(struct socket *sock, struct sockaddr *addr, int al
123 if (la.l2_cid && la.l2_psm) 123 if (la.l2_cid && la.l2_psm)
124 return -EINVAL; 124 return -EINVAL;
125 125
126 err = l2cap_chan_connect(chan, la.l2_psm, la.l2_cid, &la.l2_bdaddr); 126 err = l2cap_chan_connect(chan, la.l2_psm, __le16_to_cpu(la.l2_cid),
127 &la.l2_bdaddr);
127 if (err) 128 if (err)
128 return err; 129 return err;
129 130
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 7fcff8887131..4ef275c69675 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -2523,13 +2523,18 @@ static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
2523 2523
2524 if (cp->val) { 2524 if (cp->val) {
2525 type = PAGE_SCAN_TYPE_INTERLACED; 2525 type = PAGE_SCAN_TYPE_INTERLACED;
2526 acp.interval = 0x0024; /* 22.5 msec page scan interval */ 2526
2527 /* 22.5 msec page scan interval */
2528 acp.interval = __constant_cpu_to_le16(0x0024);
2527 } else { 2529 } else {
2528 type = PAGE_SCAN_TYPE_STANDARD; /* default */ 2530 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2529 acp.interval = 0x0800; /* default 1.28 sec page scan */ 2531
2532 /* default 1.28 sec page scan */
2533 acp.interval = __constant_cpu_to_le16(0x0800);
2530 } 2534 }
2531 2535
2532 acp.window = 0x0012; /* default 11.25 msec page scan window */ 2536 /* default 11.25 msec page scan window */
2537 acp.window = __constant_cpu_to_le16(0x0012);
2533 2538
2534 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp), 2539 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2535 &acp); 2540 &acp);
@@ -2936,7 +2941,7 @@ int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2936 name, name_len); 2941 name, name_len);
2937 2942
2938 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0) 2943 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
2939 eir_len = eir_append_data(&ev->eir[eir_len], eir_len, 2944 eir_len = eir_append_data(ev->eir, eir_len,
2940 EIR_CLASS_OF_DEV, dev_class, 3); 2945 EIR_CLASS_OF_DEV, dev_class, 3);
2941 2946
2942 put_unaligned_le16(eir_len, &ev->eir_len); 2947 put_unaligned_le16(eir_len, &ev->eir_len);