| hci_event.c (0337966d121ebebf73a1c346123e8112796e684e) | hci_event.c (2064ee332e4c1b7495cf68b84355c213d8fe71fd) |
|---|---|
| 1/* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved. 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as --- 1174 unchanged lines hidden (view full) --- 1183 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 1184 else if (!hci_dev_test_flag(hdev, HCI_LE_ADV) && 1185 hdev->discovery.state == DISCOVERY_FINDING) 1186 hci_req_reenable_advertising(hdev); 1187 1188 break; 1189 1190 default: | 1/* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved. 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as --- 1174 unchanged lines hidden (view full) --- 1183 hci_discovery_set_state(hdev, DISCOVERY_STOPPED); 1184 else if (!hci_dev_test_flag(hdev, HCI_LE_ADV) && 1185 hdev->discovery.state == DISCOVERY_FINDING) 1186 hci_req_reenable_advertising(hdev); 1187 1188 break; 1189 1190 default: |
| 1191 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable); | 1191 bt_dev_err(hdev, "use of reserved LE_Scan_Enable param %d", 1192 cp->enable); |
| 1192 break; 1193 } 1194 1195 hci_dev_unlock(hdev); 1196} 1197 1198static void hci_cc_le_read_white_list_size(struct hci_dev *hdev, 1199 struct sk_buff *skb) --- 280 unchanged lines hidden (view full) --- 1480 } else 1481 conn->state = BT_CONNECT2; 1482 } 1483 } else { 1484 if (!conn) { 1485 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr, 1486 HCI_ROLE_MASTER); 1487 if (!conn) | 1193 break; 1194 } 1195 1196 hci_dev_unlock(hdev); 1197} 1198 1199static void hci_cc_le_read_white_list_size(struct hci_dev *hdev, 1200 struct sk_buff *skb) --- 280 unchanged lines hidden (view full) --- 1481 } else 1482 conn->state = BT_CONNECT2; 1483 } 1484 } else { 1485 if (!conn) { 1486 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr, 1487 HCI_ROLE_MASTER); 1488 if (!conn) |
| 1488 BT_ERR("No memory for new connection"); | 1489 bt_dev_err(hdev, "no memory for new connection"); |
| 1489 } 1490 } 1491 1492 hci_dev_unlock(hdev); 1493} 1494 1495static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status) 1496{ --- 767 unchanged lines hidden (view full) --- 2264 memcpy(ie->data.dev_class, ev->dev_class, 3); 2265 2266 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, 2267 &ev->bdaddr); 2268 if (!conn) { 2269 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr, 2270 HCI_ROLE_SLAVE); 2271 if (!conn) { | 1490 } 1491 } 1492 1493 hci_dev_unlock(hdev); 1494} 1495 1496static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status) 1497{ --- 767 unchanged lines hidden (view full) --- 2265 memcpy(ie->data.dev_class, ev->dev_class, 3); 2266 2267 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, 2268 &ev->bdaddr); 2269 if (!conn) { 2270 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr, 2271 HCI_ROLE_SLAVE); 2272 if (!conn) { |
| 2272 BT_ERR("No memory for new connection"); | 2273 bt_dev_err(hdev, "no memory for new connection"); |
| 2273 hci_dev_unlock(hdev); 2274 return; 2275 } 2276 } 2277 2278 memcpy(conn->dev_class, ev->dev_class, 3); 2279 2280 hci_dev_unlock(hdev); --- 145 unchanged lines hidden (view full) --- 2426 if (!conn) 2427 goto unlock; 2428 2429 if (!ev->status) { 2430 clear_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); 2431 2432 if (!hci_conn_ssp_enabled(conn) && 2433 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) { | 2274 hci_dev_unlock(hdev); 2275 return; 2276 } 2277 } 2278 2279 memcpy(conn->dev_class, ev->dev_class, 3); 2280 2281 hci_dev_unlock(hdev); --- 145 unchanged lines hidden (view full) --- 2427 if (!conn) 2428 goto unlock; 2429 2430 if (!ev->status) { 2431 clear_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); 2432 2433 if (!hci_conn_ssp_enabled(conn) && 2434 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) { |
| 2434 BT_INFO("re-auth of legacy device is not possible."); | 2435 bt_dev_info(hdev, "re-auth of legacy device is not possible."); |
| 2435 } else { 2436 set_bit(HCI_CONN_AUTH, &conn->flags); 2437 conn->sec_level = conn->pending_sec_level; 2438 } 2439 } else { 2440 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING) 2441 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); 2442 --- 87 unchanged lines hidden (view full) --- 2530{ 2531 const struct hci_rp_read_enc_key_size *rp; 2532 struct hci_conn *conn; 2533 u16 handle; 2534 2535 BT_DBG("%s status 0x%02x", hdev->name, status); 2536 2537 if (!skb || skb->len < sizeof(*rp)) { | 2436 } else { 2437 set_bit(HCI_CONN_AUTH, &conn->flags); 2438 conn->sec_level = conn->pending_sec_level; 2439 } 2440 } else { 2441 if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING) 2442 set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags); 2443 --- 87 unchanged lines hidden (view full) --- 2531{ 2532 const struct hci_rp_read_enc_key_size *rp; 2533 struct hci_conn *conn; 2534 u16 handle; 2535 2536 BT_DBG("%s status 0x%02x", hdev->name, status); 2537 2538 if (!skb || skb->len < sizeof(*rp)) { |
| 2538 BT_ERR("%s invalid HCI Read Encryption Key Size response", 2539 hdev->name); | 2539 bt_dev_err(hdev, "invalid read key size response"); |
| 2540 return; 2541 } 2542 2543 rp = (void *)skb->data; 2544 handle = le16_to_cpu(rp->handle); 2545 2546 hci_dev_lock(hdev); 2547 2548 conn = hci_conn_hash_lookup_handle(hdev, handle); 2549 if (!conn) 2550 goto unlock; 2551 2552 /* If we fail to read the encryption key size, assume maximum 2553 * (which is the same we do also when this HCI command isn't 2554 * supported. 2555 */ 2556 if (rp->status) { | 2540 return; 2541 } 2542 2543 rp = (void *)skb->data; 2544 handle = le16_to_cpu(rp->handle); 2545 2546 hci_dev_lock(hdev); 2547 2548 conn = hci_conn_hash_lookup_handle(hdev, handle); 2549 if (!conn) 2550 goto unlock; 2551 2552 /* If we fail to read the encryption key size, assume maximum 2553 * (which is the same we do also when this HCI command isn't 2554 * supported. 2555 */ 2556 if (rp->status) { |
| 2557 BT_ERR("%s failed to read key size for handle %u", hdev->name, 2558 handle); | 2557 bt_dev_err(hdev, "failed to read key size for handle %u", 2558 handle); |
| 2559 conn->enc_key_size = HCI_LINK_KEY_SIZE; 2560 } else { 2561 conn->enc_key_size = rp->key_size; 2562 } 2563 2564 if (conn->state == BT_CONFIG) { 2565 conn->state = BT_CONNECTED; 2566 hci_connect_cfm(conn, 0); --- 92 unchanged lines hidden (view full) --- 2659 } 2660 2661 hci_req_init(&req, hdev); 2662 2663 cp.handle = cpu_to_le16(conn->handle); 2664 hci_req_add(&req, HCI_OP_READ_ENC_KEY_SIZE, sizeof(cp), &cp); 2665 2666 if (hci_req_run_skb(&req, read_enc_key_size_complete)) { | 2559 conn->enc_key_size = HCI_LINK_KEY_SIZE; 2560 } else { 2561 conn->enc_key_size = rp->key_size; 2562 } 2563 2564 if (conn->state == BT_CONFIG) { 2565 conn->state = BT_CONNECTED; 2566 hci_connect_cfm(conn, 0); --- 92 unchanged lines hidden (view full) --- 2659 } 2660 2661 hci_req_init(&req, hdev); 2662 2663 cp.handle = cpu_to_le16(conn->handle); 2664 hci_req_add(&req, HCI_OP_READ_ENC_KEY_SIZE, sizeof(cp), &cp); 2665 2666 if (hci_req_run_skb(&req, read_enc_key_size_complete)) { |
| 2667 BT_ERR("Sending HCI Read Encryption Key Size failed"); | 2667 bt_dev_err(hdev, "sending read key size failed"); |
| 2668 conn->enc_key_size = HCI_LINK_KEY_SIZE; 2669 goto notify; 2670 } 2671 2672 goto unlock; 2673 } 2674 2675notify: --- 516 unchanged lines hidden (view full) --- 3192} 3193 3194static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb) 3195{ 3196 struct hci_ev_num_comp_pkts *ev = (void *) skb->data; 3197 int i; 3198 3199 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) { | 2668 conn->enc_key_size = HCI_LINK_KEY_SIZE; 2669 goto notify; 2670 } 2671 2672 goto unlock; 2673 } 2674 2675notify: --- 516 unchanged lines hidden (view full) --- 3192} 3193 3194static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb) 3195{ 3196 struct hci_ev_num_comp_pkts *ev = (void *) skb->data; 3197 int i; 3198 3199 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) { |
| 3200 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode); | 3200 bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode); |
| 3201 return; 3202 } 3203 3204 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) + 3205 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) { 3206 BT_DBG("%s bad parameters", hdev->name); 3207 return; 3208 } --- 35 unchanged lines hidden (view full) --- 3244 3245 case SCO_LINK: 3246 hdev->sco_cnt += count; 3247 if (hdev->sco_cnt > hdev->sco_pkts) 3248 hdev->sco_cnt = hdev->sco_pkts; 3249 break; 3250 3251 default: | 3201 return; 3202 } 3203 3204 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) + 3205 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) { 3206 BT_DBG("%s bad parameters", hdev->name); 3207 return; 3208 } --- 35 unchanged lines hidden (view full) --- 3244 3245 case SCO_LINK: 3246 hdev->sco_cnt += count; 3247 if (hdev->sco_cnt > hdev->sco_pkts) 3248 hdev->sco_cnt = hdev->sco_pkts; 3249 break; 3250 3251 default: |
| 3252 BT_ERR("Unknown type %d conn %p", conn->type, conn); | 3252 bt_dev_err(hdev, "unknown type %d conn %p", 3253 conn->type, conn); |
| 3253 break; 3254 } 3255 } 3256 3257 queue_work(hdev->workqueue, &hdev->tx_work); 3258} 3259 3260static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev, --- 5 unchanged lines hidden (view full) --- 3266 case HCI_PRIMARY: 3267 return hci_conn_hash_lookup_handle(hdev, handle); 3268 case HCI_AMP: 3269 chan = hci_chan_lookup_handle(hdev, handle); 3270 if (chan) 3271 return chan->conn; 3272 break; 3273 default: | 3254 break; 3255 } 3256 } 3257 3258 queue_work(hdev->workqueue, &hdev->tx_work); 3259} 3260 3261static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev, --- 5 unchanged lines hidden (view full) --- 3267 case HCI_PRIMARY: 3268 return hci_conn_hash_lookup_handle(hdev, handle); 3269 case HCI_AMP: 3270 chan = hci_chan_lookup_handle(hdev, handle); 3271 if (chan) 3272 return chan->conn; 3273 break; 3274 default: |
| 3274 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type); | 3275 bt_dev_err(hdev, "unknown dev_type %d", hdev->dev_type); |
| 3275 break; 3276 } 3277 3278 return NULL; 3279} 3280 3281static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb) 3282{ 3283 struct hci_ev_num_comp_blocks *ev = (void *) skb->data; 3284 int i; 3285 3286 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) { | 3276 break; 3277 } 3278 3279 return NULL; 3280} 3281 3282static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb) 3283{ 3284 struct hci_ev_num_comp_blocks *ev = (void *) skb->data; 3285 int i; 3286 3287 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) { |
| 3287 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode); | 3288 bt_dev_err(hdev, "wrong event for mode %d", hdev->flow_ctl_mode); |
| 3288 return; 3289 } 3290 3291 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) + 3292 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) { 3293 BT_DBG("%s bad parameters", hdev->name); 3294 return; 3295 } --- 19 unchanged lines hidden (view full) --- 3315 case ACL_LINK: 3316 case AMP_LINK: 3317 hdev->block_cnt += block_count; 3318 if (hdev->block_cnt > hdev->num_blocks) 3319 hdev->block_cnt = hdev->num_blocks; 3320 break; 3321 3322 default: | 3289 return; 3290 } 3291 3292 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) + 3293 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) { 3294 BT_DBG("%s bad parameters", hdev->name); 3295 return; 3296 } --- 19 unchanged lines hidden (view full) --- 3316 case ACL_LINK: 3317 case AMP_LINK: 3318 hdev->block_cnt += block_count; 3319 if (hdev->block_cnt > hdev->num_blocks) 3320 hdev->block_cnt = hdev->num_blocks; 3321 break; 3322 3323 default: |
| 3323 BT_ERR("Unknown type %d conn %p", conn->type, conn); | 3324 bt_dev_err(hdev, "unknown type %d conn %p", 3325 conn->type, conn); |
| 3324 break; 3325 } 3326 } 3327 3328 queue_work(hdev->workqueue, &hdev->tx_work); 3329} 3330 3331static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb) --- 1142 unchanged lines hidden (view full) --- 4474 * connection, so ensure that the state bit is cleared. 4475 */ 4476 hci_dev_clear_flag(hdev, HCI_LE_ADV); 4477 4478 conn = hci_lookup_le_connect(hdev); 4479 if (!conn) { 4480 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr, ev->role); 4481 if (!conn) { | 3326 break; 3327 } 3328 } 3329 3330 queue_work(hdev->workqueue, &hdev->tx_work); 3331} 3332 3333static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb) --- 1142 unchanged lines hidden (view full) --- 4476 * connection, so ensure that the state bit is cleared. 4477 */ 4478 hci_dev_clear_flag(hdev, HCI_LE_ADV); 4479 4480 conn = hci_lookup_le_connect(hdev); 4481 if (!conn) { 4482 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr, ev->role); 4483 if (!conn) { |
| 4482 BT_ERR("No memory for new connection"); | 4484 bt_dev_err(hdev, "no memory for new connection"); |
| 4483 goto unlock; 4484 } 4485 4486 conn->dst_type = ev->bdaddr_type; 4487 4488 /* If we didn't have a hci_conn object previously 4489 * but we're in master role this must be something 4490 * initiated using a white list. Since white list based --- 253 unchanged lines hidden (view full) --- 4744 switch (type) { 4745 case LE_ADV_IND: 4746 case LE_ADV_DIRECT_IND: 4747 case LE_ADV_SCAN_IND: 4748 case LE_ADV_NONCONN_IND: 4749 case LE_ADV_SCAN_RSP: 4750 break; 4751 default: | 4485 goto unlock; 4486 } 4487 4488 conn->dst_type = ev->bdaddr_type; 4489 4490 /* If we didn't have a hci_conn object previously 4491 * but we're in master role this must be something 4492 * initiated using a white list. Since white list based --- 253 unchanged lines hidden (view full) --- 4746 switch (type) { 4747 case LE_ADV_IND: 4748 case LE_ADV_DIRECT_IND: 4749 case LE_ADV_SCAN_IND: 4750 case LE_ADV_NONCONN_IND: 4751 case LE_ADV_SCAN_RSP: 4752 break; 4753 default: |
| 4752 BT_ERR_RATELIMITED("Unknown advertising packet type: 0x%02x", 4753 type); | 4754 bt_dev_err_ratelimited(hdev, "unknown advertising packet " 4755 "type: 0x%02x", type); |
| 4754 return; 4755 } 4756 4757 /* Find the end of the data in case the report contains padded zero 4758 * bytes at the end causing an invalid length value. 4759 * 4760 * When data is NULL, len is 0 so there is no need for extra ptr 4761 * check as 'ptr < data + 0' is already false in such case. 4762 */ 4763 for (ptr = data; ptr < data + len && *ptr; ptr += *ptr + 1) { 4764 if (ptr + 1 + *ptr > data + len) 4765 break; 4766 } 4767 4768 real_len = ptr - data; 4769 4770 /* Adjust for actual length */ 4771 if (len != real_len) { | 4756 return; 4757 } 4758 4759 /* Find the end of the data in case the report contains padded zero 4760 * bytes at the end causing an invalid length value. 4761 * 4762 * When data is NULL, len is 0 so there is no need for extra ptr 4763 * check as 'ptr < data + 0' is already false in such case. 4764 */ 4765 for (ptr = data; ptr < data + len && *ptr; ptr += *ptr + 1) { 4766 if (ptr + 1 + *ptr > data + len) 4767 break; 4768 } 4769 4770 real_len = ptr - data; 4771 4772 /* Adjust for actual length */ 4773 if (len != real_len) { |
| 4772 BT_ERR_RATELIMITED("%s advertising data length corrected", 4773 hdev->name); | 4774 bt_dev_err_ratelimited(hdev, "advertising data len corrected"); |
| 4774 len = real_len; 4775 } 4776 4777 /* If the direct address is present, then this report is from 4778 * a LE Direct Advertising Report event. In that case it is 4779 * important to see if the address is matching the local 4780 * controller address. 4781 */ --- 405 unchanged lines hidden (view full) --- 5187{ 5188 struct hci_ev_cmd_complete *ev; 5189 struct hci_event_hdr *hdr; 5190 5191 if (!skb) 5192 return false; 5193 5194 if (skb->len < sizeof(*hdr)) { | 4775 len = real_len; 4776 } 4777 4778 /* If the direct address is present, then this report is from 4779 * a LE Direct Advertising Report event. In that case it is 4780 * important to see if the address is matching the local 4781 * controller address. 4782 */ --- 405 unchanged lines hidden (view full) --- 5188{ 5189 struct hci_ev_cmd_complete *ev; 5190 struct hci_event_hdr *hdr; 5191 5192 if (!skb) 5193 return false; 5194 5195 if (skb->len < sizeof(*hdr)) { |
| 5195 BT_ERR("Too short HCI event"); | 5196 bt_dev_err(hdev, "too short HCI event"); |
| 5196 return false; 5197 } 5198 5199 hdr = (void *) skb->data; 5200 skb_pull(skb, HCI_EVENT_HDR_SIZE); 5201 5202 if (event) { 5203 if (hdr->evt != event) 5204 return false; 5205 return true; 5206 } 5207 5208 if (hdr->evt != HCI_EV_CMD_COMPLETE) { | 5197 return false; 5198 } 5199 5200 hdr = (void *) skb->data; 5201 skb_pull(skb, HCI_EVENT_HDR_SIZE); 5202 5203 if (event) { 5204 if (hdr->evt != event) 5205 return false; 5206 return true; 5207 } 5208 5209 if (hdr->evt != HCI_EV_CMD_COMPLETE) { |
| 5209 BT_DBG("Last event is not cmd complete (0x%2.2x)", hdr->evt); | 5210 bt_dev_err(hdev, "last event is not cmd complete (0x%2.2x)", 5211 hdr->evt); |
| 5210 return false; 5211 } 5212 5213 if (skb->len < sizeof(*ev)) { | 5212 return false; 5213 } 5214 5215 if (skb->len < sizeof(*ev)) { |
| 5214 BT_ERR("Too short cmd_complete event"); | 5216 bt_dev_err(hdev, "too short cmd_complete event"); |
| 5215 return false; 5216 } 5217 5218 ev = (void *) skb->data; 5219 skb_pull(skb, sizeof(*ev)); 5220 5221 if (opcode != __le16_to_cpu(ev->opcode)) { 5222 BT_DBG("opcode doesn't match (0x%2.2x != 0x%2.2x)", opcode, --- 231 unchanged lines hidden --- | 5217 return false; 5218 } 5219 5220 ev = (void *) skb->data; 5221 skb_pull(skb, sizeof(*ev)); 5222 5223 if (opcode != __le16_to_cpu(ev->opcode)) { 5224 BT_DBG("opcode doesn't match (0x%2.2x != 0x%2.2x)", opcode, --- 231 unchanged lines hidden --- |