diff options
Diffstat (limited to 'net/bluetooth/mgmt.c')
| -rw-r--r-- | net/bluetooth/mgmt.c | 148 |
1 files changed, 89 insertions, 59 deletions
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index 64c0418a6221..53e109eb043e 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c | |||
| @@ -179,7 +179,7 @@ static int read_controller_info(struct sock *sk, u16 index) | |||
| 179 | 179 | ||
| 180 | hci_del_off_timer(hdev); | 180 | hci_del_off_timer(hdev); |
| 181 | 181 | ||
| 182 | hci_dev_lock(hdev); | 182 | hci_dev_lock_bh(hdev); |
| 183 | 183 | ||
| 184 | set_bit(HCI_MGMT, &hdev->flags); | 184 | set_bit(HCI_MGMT, &hdev->flags); |
| 185 | 185 | ||
| @@ -208,7 +208,7 @@ static int read_controller_info(struct sock *sk, u16 index) | |||
| 208 | 208 | ||
| 209 | memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name)); | 209 | memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name)); |
| 210 | 210 | ||
| 211 | hci_dev_unlock(hdev); | 211 | hci_dev_unlock_bh(hdev); |
| 212 | hci_dev_put(hdev); | 212 | hci_dev_put(hdev); |
| 213 | 213 | ||
| 214 | return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp)); | 214 | return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp)); |
| @@ -316,7 +316,7 @@ static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 316 | if (!hdev) | 316 | if (!hdev) |
| 317 | return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV); | 317 | return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV); |
| 318 | 318 | ||
| 319 | hci_dev_lock(hdev); | 319 | hci_dev_lock_bh(hdev); |
| 320 | 320 | ||
| 321 | up = test_bit(HCI_UP, &hdev->flags); | 321 | up = test_bit(HCI_UP, &hdev->flags); |
| 322 | if ((cp->val && up) || (!cp->val && !up)) { | 322 | if ((cp->val && up) || (!cp->val && !up)) { |
| @@ -343,7 +343,7 @@ static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 343 | err = 0; | 343 | err = 0; |
| 344 | 344 | ||
| 345 | failed: | 345 | failed: |
| 346 | hci_dev_unlock(hdev); | 346 | hci_dev_unlock_bh(hdev); |
| 347 | hci_dev_put(hdev); | 347 | hci_dev_put(hdev); |
| 348 | return err; | 348 | return err; |
| 349 | } | 349 | } |
| @@ -368,7 +368,7 @@ static int set_discoverable(struct sock *sk, u16 index, unsigned char *data, | |||
| 368 | if (!hdev) | 368 | if (!hdev) |
| 369 | return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV); | 369 | return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV); |
| 370 | 370 | ||
| 371 | hci_dev_lock(hdev); | 371 | hci_dev_lock_bh(hdev); |
| 372 | 372 | ||
| 373 | if (!test_bit(HCI_UP, &hdev->flags)) { | 373 | if (!test_bit(HCI_UP, &hdev->flags)) { |
| 374 | err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN); | 374 | err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN); |
| @@ -403,7 +403,7 @@ static int set_discoverable(struct sock *sk, u16 index, unsigned char *data, | |||
| 403 | mgmt_pending_remove(cmd); | 403 | mgmt_pending_remove(cmd); |
| 404 | 404 | ||
| 405 | failed: | 405 | failed: |
| 406 | hci_dev_unlock(hdev); | 406 | hci_dev_unlock_bh(hdev); |
| 407 | hci_dev_put(hdev); | 407 | hci_dev_put(hdev); |
| 408 | 408 | ||
| 409 | return err; | 409 | return err; |
| @@ -429,7 +429,7 @@ static int set_connectable(struct sock *sk, u16 index, unsigned char *data, | |||
| 429 | if (!hdev) | 429 | if (!hdev) |
| 430 | return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV); | 430 | return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV); |
| 431 | 431 | ||
| 432 | hci_dev_lock(hdev); | 432 | hci_dev_lock_bh(hdev); |
| 433 | 433 | ||
| 434 | if (!test_bit(HCI_UP, &hdev->flags)) { | 434 | if (!test_bit(HCI_UP, &hdev->flags)) { |
| 435 | err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN); | 435 | err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN); |
| @@ -463,7 +463,7 @@ static int set_connectable(struct sock *sk, u16 index, unsigned char *data, | |||
| 463 | mgmt_pending_remove(cmd); | 463 | mgmt_pending_remove(cmd); |
| 464 | 464 | ||
| 465 | failed: | 465 | failed: |
| 466 | hci_dev_unlock(hdev); | 466 | hci_dev_unlock_bh(hdev); |
| 467 | hci_dev_put(hdev); | 467 | hci_dev_put(hdev); |
| 468 | 468 | ||
| 469 | return err; | 469 | return err; |
| @@ -522,7 +522,7 @@ static int set_pairable(struct sock *sk, u16 index, unsigned char *data, | |||
| 522 | if (!hdev) | 522 | if (!hdev) |
| 523 | return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV); | 523 | return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV); |
| 524 | 524 | ||
| 525 | hci_dev_lock(hdev); | 525 | hci_dev_lock_bh(hdev); |
| 526 | 526 | ||
| 527 | if (cp->val) | 527 | if (cp->val) |
| 528 | set_bit(HCI_PAIRABLE, &hdev->flags); | 528 | set_bit(HCI_PAIRABLE, &hdev->flags); |
| @@ -538,7 +538,7 @@ static int set_pairable(struct sock *sk, u16 index, unsigned char *data, | |||
| 538 | err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk); | 538 | err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk); |
| 539 | 539 | ||
| 540 | failed: | 540 | failed: |
| 541 | hci_dev_unlock(hdev); | 541 | hci_dev_unlock_bh(hdev); |
| 542 | hci_dev_put(hdev); | 542 | hci_dev_put(hdev); |
| 543 | 543 | ||
| 544 | return err; | 544 | return err; |
| @@ -739,7 +739,7 @@ static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 739 | if (!hdev) | 739 | if (!hdev) |
| 740 | return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV); | 740 | return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV); |
| 741 | 741 | ||
| 742 | hci_dev_lock(hdev); | 742 | hci_dev_lock_bh(hdev); |
| 743 | 743 | ||
| 744 | uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC); | 744 | uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC); |
| 745 | if (!uuid) { | 745 | if (!uuid) { |
| @@ -763,7 +763,7 @@ static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 763 | err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0); | 763 | err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0); |
| 764 | 764 | ||
| 765 | failed: | 765 | failed: |
| 766 | hci_dev_unlock(hdev); | 766 | hci_dev_unlock_bh(hdev); |
| 767 | hci_dev_put(hdev); | 767 | hci_dev_put(hdev); |
| 768 | 768 | ||
| 769 | return err; | 769 | return err; |
| @@ -788,7 +788,7 @@ static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 788 | if (!hdev) | 788 | if (!hdev) |
| 789 | return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV); | 789 | return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV); |
| 790 | 790 | ||
| 791 | hci_dev_lock(hdev); | 791 | hci_dev_lock_bh(hdev); |
| 792 | 792 | ||
| 793 | if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) { | 793 | if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) { |
| 794 | err = hci_uuids_clear(hdev); | 794 | err = hci_uuids_clear(hdev); |
| @@ -823,7 +823,7 @@ static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 823 | err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0); | 823 | err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0); |
| 824 | 824 | ||
| 825 | unlock: | 825 | unlock: |
| 826 | hci_dev_unlock(hdev); | 826 | hci_dev_unlock_bh(hdev); |
| 827 | hci_dev_put(hdev); | 827 | hci_dev_put(hdev); |
| 828 | 828 | ||
| 829 | return err; | 829 | return err; |
| @@ -847,7 +847,7 @@ static int set_dev_class(struct sock *sk, u16 index, unsigned char *data, | |||
| 847 | if (!hdev) | 847 | if (!hdev) |
| 848 | return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV); | 848 | return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV); |
| 849 | 849 | ||
| 850 | hci_dev_lock(hdev); | 850 | hci_dev_lock_bh(hdev); |
| 851 | 851 | ||
| 852 | hdev->major_class = cp->major; | 852 | hdev->major_class = cp->major; |
| 853 | hdev->minor_class = cp->minor; | 853 | hdev->minor_class = cp->minor; |
| @@ -857,7 +857,7 @@ static int set_dev_class(struct sock *sk, u16 index, unsigned char *data, | |||
| 857 | if (err == 0) | 857 | if (err == 0) |
| 858 | err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0); | 858 | err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0); |
| 859 | 859 | ||
| 860 | hci_dev_unlock(hdev); | 860 | hci_dev_unlock_bh(hdev); |
| 861 | hci_dev_put(hdev); | 861 | hci_dev_put(hdev); |
| 862 | 862 | ||
| 863 | return err; | 863 | return err; |
| @@ -879,7 +879,7 @@ static int set_service_cache(struct sock *sk, u16 index, unsigned char *data, | |||
| 879 | if (!hdev) | 879 | if (!hdev) |
| 880 | return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV); | 880 | return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV); |
| 881 | 881 | ||
| 882 | hci_dev_lock(hdev); | 882 | hci_dev_lock_bh(hdev); |
| 883 | 883 | ||
| 884 | BT_DBG("hci%u enable %d", index, cp->enable); | 884 | BT_DBG("hci%u enable %d", index, cp->enable); |
| 885 | 885 | ||
| @@ -897,7 +897,7 @@ static int set_service_cache(struct sock *sk, u16 index, unsigned char *data, | |||
| 897 | err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL, | 897 | err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL, |
| 898 | 0); | 898 | 0); |
| 899 | 899 | ||
| 900 | hci_dev_unlock(hdev); | 900 | hci_dev_unlock_bh(hdev); |
| 901 | hci_dev_put(hdev); | 901 | hci_dev_put(hdev); |
| 902 | 902 | ||
| 903 | return err; | 903 | return err; |
| @@ -908,7 +908,7 @@ static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 908 | struct hci_dev *hdev; | 908 | struct hci_dev *hdev; |
| 909 | struct mgmt_cp_load_keys *cp; | 909 | struct mgmt_cp_load_keys *cp; |
| 910 | u16 key_count, expected_len; | 910 | u16 key_count, expected_len; |
| 911 | int i; | 911 | int i, err; |
| 912 | 912 | ||
| 913 | cp = (void *) data; | 913 | cp = (void *) data; |
| 914 | 914 | ||
| @@ -918,9 +918,9 @@ static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 918 | key_count = get_unaligned_le16(&cp->key_count); | 918 | key_count = get_unaligned_le16(&cp->key_count); |
| 919 | 919 | ||
| 920 | expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info); | 920 | expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info); |
| 921 | if (expected_len != len) { | 921 | if (expected_len > len) { |
| 922 | BT_ERR("load_keys: expected %u bytes, got %u bytes", | 922 | BT_ERR("load_keys: expected at least %u bytes, got %u bytes", |
| 923 | len, expected_len); | 923 | expected_len, len); |
| 924 | return -EINVAL; | 924 | return -EINVAL; |
| 925 | } | 925 | } |
| 926 | 926 | ||
| @@ -931,7 +931,7 @@ static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 931 | BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys, | 931 | BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys, |
| 932 | key_count); | 932 | key_count); |
| 933 | 933 | ||
| 934 | hci_dev_lock(hdev); | 934 | hci_dev_lock_bh(hdev); |
| 935 | 935 | ||
| 936 | hci_link_keys_clear(hdev); | 936 | hci_link_keys_clear(hdev); |
| 937 | 937 | ||
| @@ -942,17 +942,36 @@ static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 942 | else | 942 | else |
| 943 | clear_bit(HCI_DEBUG_KEYS, &hdev->flags); | 943 | clear_bit(HCI_DEBUG_KEYS, &hdev->flags); |
| 944 | 944 | ||
| 945 | for (i = 0; i < key_count; i++) { | 945 | len -= sizeof(*cp); |
| 946 | struct mgmt_key_info *key = &cp->keys[i]; | 946 | i = 0; |
| 947 | |||
| 948 | while (i < len) { | ||
| 949 | struct mgmt_key_info *key = (void *) cp->keys + i; | ||
| 950 | |||
| 951 | i += sizeof(*key) + key->dlen; | ||
| 952 | |||
| 953 | if (key->type == HCI_LK_SMP_LTK) { | ||
| 954 | struct key_master_id *id = (void *) key->data; | ||
| 955 | |||
| 956 | if (key->dlen != sizeof(struct key_master_id)) | ||
| 957 | continue; | ||
| 958 | |||
| 959 | hci_add_ltk(hdev, 0, &key->bdaddr, key->pin_len, | ||
| 960 | id->ediv, id->rand, key->val); | ||
| 961 | |||
| 962 | continue; | ||
| 963 | } | ||
| 947 | 964 | ||
| 948 | hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type, | 965 | hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type, |
| 949 | key->pin_len); | 966 | key->pin_len); |
| 950 | } | 967 | } |
| 951 | 968 | ||
| 952 | hci_dev_unlock(hdev); | 969 | err = cmd_complete(sk, index, MGMT_OP_LOAD_KEYS, NULL, 0); |
| 970 | |||
| 971 | hci_dev_unlock_bh(hdev); | ||
| 953 | hci_dev_put(hdev); | 972 | hci_dev_put(hdev); |
| 954 | 973 | ||
| 955 | return 0; | 974 | return err; |
| 956 | } | 975 | } |
| 957 | 976 | ||
| 958 | static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len) | 977 | static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len) |
| @@ -971,7 +990,7 @@ static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 971 | if (!hdev) | 990 | if (!hdev) |
| 972 | return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV); | 991 | return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV); |
| 973 | 992 | ||
| 974 | hci_dev_lock(hdev); | 993 | hci_dev_lock_bh(hdev); |
| 975 | 994 | ||
| 976 | err = hci_remove_link_key(hdev, &cp->bdaddr); | 995 | err = hci_remove_link_key(hdev, &cp->bdaddr); |
| 977 | if (err < 0) { | 996 | if (err < 0) { |
| @@ -994,7 +1013,7 @@ static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 994 | } | 1013 | } |
| 995 | 1014 | ||
| 996 | unlock: | 1015 | unlock: |
| 997 | hci_dev_unlock(hdev); | 1016 | hci_dev_unlock_bh(hdev); |
| 998 | hci_dev_put(hdev); | 1017 | hci_dev_put(hdev); |
| 999 | 1018 | ||
| 1000 | return err; | 1019 | return err; |
| @@ -1020,7 +1039,7 @@ static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 1020 | if (!hdev) | 1039 | if (!hdev) |
| 1021 | return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV); | 1040 | return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV); |
| 1022 | 1041 | ||
| 1023 | hci_dev_lock(hdev); | 1042 | hci_dev_lock_bh(hdev); |
| 1024 | 1043 | ||
| 1025 | if (!test_bit(HCI_UP, &hdev->flags)) { | 1044 | if (!test_bit(HCI_UP, &hdev->flags)) { |
| 1026 | err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN); | 1045 | err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN); |
| @@ -1055,7 +1074,7 @@ static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 1055 | mgmt_pending_remove(cmd); | 1074 | mgmt_pending_remove(cmd); |
| 1056 | 1075 | ||
| 1057 | failed: | 1076 | failed: |
| 1058 | hci_dev_unlock(hdev); | 1077 | hci_dev_unlock_bh(hdev); |
| 1059 | hci_dev_put(hdev); | 1078 | hci_dev_put(hdev); |
| 1060 | 1079 | ||
| 1061 | return err; | 1080 | return err; |
| @@ -1076,7 +1095,7 @@ static int get_connections(struct sock *sk, u16 index) | |||
| 1076 | if (!hdev) | 1095 | if (!hdev) |
| 1077 | return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV); | 1096 | return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV); |
| 1078 | 1097 | ||
| 1079 | hci_dev_lock(hdev); | 1098 | hci_dev_lock_bh(hdev); |
| 1080 | 1099 | ||
| 1081 | count = 0; | 1100 | count = 0; |
| 1082 | list_for_each(p, &hdev->conn_hash.list) { | 1101 | list_for_each(p, &hdev->conn_hash.list) { |
| @@ -1103,7 +1122,7 @@ static int get_connections(struct sock *sk, u16 index) | |||
| 1103 | 1122 | ||
| 1104 | unlock: | 1123 | unlock: |
| 1105 | kfree(rp); | 1124 | kfree(rp); |
| 1106 | hci_dev_unlock(hdev); | 1125 | hci_dev_unlock_bh(hdev); |
| 1107 | hci_dev_put(hdev); | 1126 | hci_dev_put(hdev); |
| 1108 | return err; | 1127 | return err; |
| 1109 | } | 1128 | } |
| @@ -1149,7 +1168,7 @@ static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data, | |||
| 1149 | if (!hdev) | 1168 | if (!hdev) |
| 1150 | return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV); | 1169 | return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV); |
| 1151 | 1170 | ||
| 1152 | hci_dev_lock(hdev); | 1171 | hci_dev_lock_bh(hdev); |
| 1153 | 1172 | ||
| 1154 | if (!test_bit(HCI_UP, &hdev->flags)) { | 1173 | if (!test_bit(HCI_UP, &hdev->flags)) { |
| 1155 | err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN); | 1174 | err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN); |
| @@ -1190,7 +1209,7 @@ static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data, | |||
| 1190 | mgmt_pending_remove(cmd); | 1209 | mgmt_pending_remove(cmd); |
| 1191 | 1210 | ||
| 1192 | failed: | 1211 | failed: |
| 1193 | hci_dev_unlock(hdev); | 1212 | hci_dev_unlock_bh(hdev); |
| 1194 | hci_dev_put(hdev); | 1213 | hci_dev_put(hdev); |
| 1195 | 1214 | ||
| 1196 | return err; | 1215 | return err; |
| @@ -1216,7 +1235,7 @@ static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data, | |||
| 1216 | return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, | 1235 | return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, |
| 1217 | ENODEV); | 1236 | ENODEV); |
| 1218 | 1237 | ||
| 1219 | hci_dev_lock(hdev); | 1238 | hci_dev_lock_bh(hdev); |
| 1220 | 1239 | ||
| 1221 | if (!test_bit(HCI_UP, &hdev->flags)) { | 1240 | if (!test_bit(HCI_UP, &hdev->flags)) { |
| 1222 | err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, | 1241 | err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, |
| @@ -1227,7 +1246,7 @@ static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data, | |||
| 1227 | err = send_pin_code_neg_reply(sk, index, hdev, cp); | 1246 | err = send_pin_code_neg_reply(sk, index, hdev, cp); |
| 1228 | 1247 | ||
| 1229 | failed: | 1248 | failed: |
| 1230 | hci_dev_unlock(hdev); | 1249 | hci_dev_unlock_bh(hdev); |
| 1231 | hci_dev_put(hdev); | 1250 | hci_dev_put(hdev); |
| 1232 | 1251 | ||
| 1233 | return err; | 1252 | return err; |
| @@ -1250,14 +1269,14 @@ static int set_io_capability(struct sock *sk, u16 index, unsigned char *data, | |||
| 1250 | if (!hdev) | 1269 | if (!hdev) |
| 1251 | return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV); | 1270 | return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV); |
| 1252 | 1271 | ||
| 1253 | hci_dev_lock(hdev); | 1272 | hci_dev_lock_bh(hdev); |
| 1254 | 1273 | ||
| 1255 | hdev->io_capability = cp->io_capability; | 1274 | hdev->io_capability = cp->io_capability; |
| 1256 | 1275 | ||
| 1257 | BT_DBG("%s IO capability set to 0x%02x", hdev->name, | 1276 | BT_DBG("%s IO capability set to 0x%02x", hdev->name, |
| 1258 | hdev->io_capability); | 1277 | hdev->io_capability); |
| 1259 | 1278 | ||
| 1260 | hci_dev_unlock(hdev); | 1279 | hci_dev_unlock_bh(hdev); |
| 1261 | hci_dev_put(hdev); | 1280 | hci_dev_put(hdev); |
| 1262 | 1281 | ||
| 1263 | return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0); | 1282 | return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0); |
| @@ -1343,7 +1362,7 @@ static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 1343 | if (!hdev) | 1362 | if (!hdev) |
| 1344 | return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV); | 1363 | return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV); |
| 1345 | 1364 | ||
| 1346 | hci_dev_lock(hdev); | 1365 | hci_dev_lock_bh(hdev); |
| 1347 | 1366 | ||
| 1348 | if (cp->io_cap == 0x03) { | 1367 | if (cp->io_cap == 0x03) { |
| 1349 | sec_level = BT_SECURITY_MEDIUM; | 1368 | sec_level = BT_SECURITY_MEDIUM; |
| @@ -1385,7 +1404,7 @@ static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len) | |||
| 1385 | err = 0; | 1404 | err = 0; |
| 1386 | 1405 | ||
| 1387 | unlock: | 1406 | unlock: |
| 1388 | hci_dev_unlock(hdev); | 1407 | hci_dev_unlock_bh(hdev); |
| 1389 | hci_dev_put(hdev); | 1408 | hci_dev_put(hdev); |
| 1390 | 1409 | ||
| 1391 | return err; | 1410 | return err; |
| @@ -1417,7 +1436,7 @@ static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data, | |||
| 1417 | if (!hdev) | 1436 | if (!hdev) |
| 1418 | return cmd_status(sk, index, mgmt_op, ENODEV); | 1437 | return cmd_status(sk, index, mgmt_op, ENODEV); |
| 1419 | 1438 | ||
| 1420 | hci_dev_lock(hdev); | 1439 | hci_dev_lock_bh(hdev); |
| 1421 | 1440 | ||
| 1422 | if (!test_bit(HCI_UP, &hdev->flags)) { | 1441 | if (!test_bit(HCI_UP, &hdev->flags)) { |
| 1423 | err = cmd_status(sk, index, mgmt_op, ENETDOWN); | 1442 | err = cmd_status(sk, index, mgmt_op, ENETDOWN); |
| @@ -1435,7 +1454,7 @@ static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data, | |||
| 1435 | mgmt_pending_remove(cmd); | 1454 | mgmt_pending_remove(cmd); |
| 1436 | 1455 | ||
| 1437 | failed: | 1456 | failed: |
| 1438 | hci_dev_unlock(hdev); | 1457 | hci_dev_unlock_bh(hdev); |
| 1439 | hci_dev_put(hdev); | 1458 | hci_dev_put(hdev); |
| 1440 | 1459 | ||
| 1441 | return err; | 1460 | return err; |
| @@ -1459,7 +1478,7 @@ static int set_local_name(struct sock *sk, u16 index, unsigned char *data, | |||
| 1459 | if (!hdev) | 1478 | if (!hdev) |
| 1460 | return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV); | 1479 | return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV); |
| 1461 | 1480 | ||
| 1462 | hci_dev_lock(hdev); | 1481 | hci_dev_lock_bh(hdev); |
| 1463 | 1482 | ||
| 1464 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len); | 1483 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len); |
| 1465 | if (!cmd) { | 1484 | if (!cmd) { |
| @@ -1474,7 +1493,7 @@ static int set_local_name(struct sock *sk, u16 index, unsigned char *data, | |||
| 1474 | mgmt_pending_remove(cmd); | 1493 | mgmt_pending_remove(cmd); |
| 1475 | 1494 | ||
| 1476 | failed: | 1495 | failed: |
| 1477 | hci_dev_unlock(hdev); | 1496 | hci_dev_unlock_bh(hdev); |
| 1478 | hci_dev_put(hdev); | 1497 | hci_dev_put(hdev); |
| 1479 | 1498 | ||
| 1480 | return err; | 1499 | return err; |
| @@ -1493,7 +1512,7 @@ static int read_local_oob_data(struct sock *sk, u16 index) | |||
| 1493 | return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, | 1512 | return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, |
| 1494 | ENODEV); | 1513 | ENODEV); |
| 1495 | 1514 | ||
| 1496 | hci_dev_lock(hdev); | 1515 | hci_dev_lock_bh(hdev); |
| 1497 | 1516 | ||
| 1498 | if (!test_bit(HCI_UP, &hdev->flags)) { | 1517 | if (!test_bit(HCI_UP, &hdev->flags)) { |
| 1499 | err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, | 1518 | err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, |
| @@ -1523,7 +1542,7 @@ static int read_local_oob_data(struct sock *sk, u16 index) | |||
| 1523 | mgmt_pending_remove(cmd); | 1542 | mgmt_pending_remove(cmd); |
| 1524 | 1543 | ||
| 1525 | unlock: | 1544 | unlock: |
| 1526 | hci_dev_unlock(hdev); | 1545 | hci_dev_unlock_bh(hdev); |
| 1527 | hci_dev_put(hdev); | 1546 | hci_dev_put(hdev); |
| 1528 | 1547 | ||
| 1529 | return err; | 1548 | return err; |
| @@ -1547,7 +1566,7 @@ static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data, | |||
| 1547 | return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, | 1566 | return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, |
| 1548 | ENODEV); | 1567 | ENODEV); |
| 1549 | 1568 | ||
| 1550 | hci_dev_lock(hdev); | 1569 | hci_dev_lock_bh(hdev); |
| 1551 | 1570 | ||
| 1552 | err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash, | 1571 | err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash, |
| 1553 | cp->randomizer); | 1572 | cp->randomizer); |
| @@ -1557,7 +1576,7 @@ static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data, | |||
| 1557 | err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL, | 1576 | err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL, |
| 1558 | 0); | 1577 | 0); |
| 1559 | 1578 | ||
| 1560 | hci_dev_unlock(hdev); | 1579 | hci_dev_unlock_bh(hdev); |
| 1561 | hci_dev_put(hdev); | 1580 | hci_dev_put(hdev); |
| 1562 | 1581 | ||
| 1563 | return err; | 1582 | return err; |
| @@ -1581,7 +1600,7 @@ static int remove_remote_oob_data(struct sock *sk, u16 index, | |||
| 1581 | return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, | 1600 | return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, |
| 1582 | ENODEV); | 1601 | ENODEV); |
| 1583 | 1602 | ||
| 1584 | hci_dev_lock(hdev); | 1603 | hci_dev_lock_bh(hdev); |
| 1585 | 1604 | ||
| 1586 | err = hci_remove_remote_oob_data(hdev, &cp->bdaddr); | 1605 | err = hci_remove_remote_oob_data(hdev, &cp->bdaddr); |
| 1587 | if (err < 0) | 1606 | if (err < 0) |
| @@ -1591,7 +1610,7 @@ static int remove_remote_oob_data(struct sock *sk, u16 index, | |||
| 1591 | err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, | 1610 | err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, |
| 1592 | NULL, 0); | 1611 | NULL, 0); |
| 1593 | 1612 | ||
| 1594 | hci_dev_unlock(hdev); | 1613 | hci_dev_unlock_bh(hdev); |
| 1595 | hci_dev_put(hdev); | 1614 | hci_dev_put(hdev); |
| 1596 | 1615 | ||
| 1597 | return err; | 1616 | return err; |
| @@ -1958,17 +1977,28 @@ int mgmt_connectable(u16 index, u8 connectable) | |||
| 1958 | 1977 | ||
| 1959 | int mgmt_new_key(u16 index, struct link_key *key, u8 persistent) | 1978 | int mgmt_new_key(u16 index, struct link_key *key, u8 persistent) |
| 1960 | { | 1979 | { |
| 1961 | struct mgmt_ev_new_key ev; | 1980 | struct mgmt_ev_new_key *ev; |
| 1981 | int err, total; | ||
| 1962 | 1982 | ||
| 1963 | memset(&ev, 0, sizeof(ev)); | 1983 | total = sizeof(struct mgmt_ev_new_key) + key->dlen; |
| 1984 | ev = kzalloc(total, GFP_ATOMIC); | ||
| 1985 | if (!ev) | ||
| 1986 | return -ENOMEM; | ||
| 1964 | 1987 | ||
| 1965 | ev.store_hint = persistent; | 1988 | bacpy(&ev->key.bdaddr, &key->bdaddr); |
| 1966 | bacpy(&ev.key.bdaddr, &key->bdaddr); | 1989 | ev->key.type = key->type; |
| 1967 | ev.key.type = key->type; | 1990 | memcpy(ev->key.val, key->val, 16); |
| 1968 | memcpy(ev.key.val, key->val, 16); | 1991 | ev->key.pin_len = key->pin_len; |
| 1969 | ev.key.pin_len = key->pin_len; | 1992 | ev->key.dlen = key->dlen; |
| 1993 | ev->store_hint = persistent; | ||
| 1970 | 1994 | ||
| 1971 | return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL); | 1995 | memcpy(ev->key.data, key->data, key->dlen); |
| 1996 | |||
| 1997 | err = mgmt_event(MGMT_EV_NEW_KEY, index, ev, total, NULL); | ||
| 1998 | |||
| 1999 | kfree(ev); | ||
| 2000 | |||
| 2001 | return err; | ||
| 1972 | } | 2002 | } |
| 1973 | 2003 | ||
| 1974 | int mgmt_connected(u16 index, bdaddr_t *bdaddr) | 2004 | int mgmt_connected(u16 index, bdaddr_t *bdaddr) |