aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth/mgmt.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/bluetooth/mgmt.c')
-rw-r--r--net/bluetooth/mgmt.c33
1 files changed, 22 insertions, 11 deletions
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index f7c2969d8829..3db8525b0293 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -2281,8 +2281,9 @@ failed:
2281 return err; 2281 return err;
2282} 2282}
2283 2283
2284static int stop_discovery(struct sock *sk, u16 index) 2284static int stop_discovery(struct sock *sk, u16 index, void *data, u16 len)
2285{ 2285{
2286 struct mgmt_cp_stop_discovery *mgmt_cp = data;
2286 struct hci_dev *hdev; 2287 struct hci_dev *hdev;
2287 struct pending_cmd *cmd; 2288 struct pending_cmd *cmd;
2288 struct hci_cp_remote_name_req_cancel cp; 2289 struct hci_cp_remote_name_req_cancel cp;
@@ -2291,6 +2292,10 @@ static int stop_discovery(struct sock *sk, u16 index)
2291 2292
2292 BT_DBG("hci%u", index); 2293 BT_DBG("hci%u", index);
2293 2294
2295 if (len != sizeof(*mgmt_cp))
2296 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2297 MGMT_STATUS_INVALID_PARAMS);
2298
2294 hdev = hci_dev_get(index); 2299 hdev = hci_dev_get(index);
2295 if (!hdev) 2300 if (!hdev)
2296 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, 2301 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
@@ -2299,8 +2304,16 @@ static int stop_discovery(struct sock *sk, u16 index)
2299 hci_dev_lock(hdev); 2304 hci_dev_lock(hdev);
2300 2305
2301 if (!hci_discovery_active(hdev)) { 2306 if (!hci_discovery_active(hdev)) {
2302 err = cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, 2307 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2303 MGMT_STATUS_REJECTED); 2308 MGMT_STATUS_REJECTED,
2309 &mgmt_cp->type, sizeof(mgmt_cp->type));
2310 goto unlock;
2311 }
2312
2313 if (hdev->discovery.type != mgmt_cp->type) {
2314 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2315 MGMT_STATUS_INVALID_PARAMS,
2316 &mgmt_cp->type, sizeof(mgmt_cp->type));
2304 goto unlock; 2317 goto unlock;
2305 } 2318 }
2306 2319
@@ -2323,7 +2336,7 @@ static int stop_discovery(struct sock *sk, u16 index)
2323 if (!e) { 2336 if (!e) {
2324 mgmt_pending_remove(cmd); 2337 mgmt_pending_remove(cmd);
2325 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY, 0, 2338 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY, 0,
2326 NULL, 0); 2339 &mgmt_cp->type, sizeof(mgmt_cp->type));
2327 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 2340 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2328 goto unlock; 2341 goto unlock;
2329 } 2342 }
@@ -2706,7 +2719,7 @@ int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2706 err = start_discovery(sk, index, cp, len); 2719 err = start_discovery(sk, index, cp, len);
2707 break; 2720 break;
2708 case MGMT_OP_STOP_DISCOVERY: 2721 case MGMT_OP_STOP_DISCOVERY:
2709 err = stop_discovery(sk, index); 2722 err = stop_discovery(sk, index, cp, len);
2710 break; 2723 break;
2711 case MGMT_OP_CONFIRM_NAME: 2724 case MGMT_OP_CONFIRM_NAME:
2712 err = confirm_name(sk, index, cp, len); 2725 err = confirm_name(sk, index, cp, len);
@@ -3369,7 +3382,9 @@ int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3369 if (!cmd) 3382 if (!cmd)
3370 return -ENOENT; 3383 return -ENOENT;
3371 3384
3372 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status)); 3385 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3386 &hdev->discovery.type,
3387 sizeof(hdev->discovery.type));
3373 mgmt_pending_remove(cmd); 3388 mgmt_pending_remove(cmd);
3374 3389
3375 return err; 3390 return err;
@@ -3389,12 +3404,8 @@ int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
3389 if (cmd != NULL) { 3404 if (cmd != NULL) {
3390 u8 type = hdev->discovery.type; 3405 u8 type = hdev->discovery.type;
3391 3406
3392 if (discovering) 3407 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0,
3393 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0,
3394 &type, sizeof(type)); 3408 &type, sizeof(type));
3395 else
3396 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0,
3397 NULL, 0);
3398 mgmt_pending_remove(cmd); 3409 mgmt_pending_remove(cmd);
3399 } 3410 }
3400 3411