From 9845904fd489288bcf693642c1b31cc463c0b660 Mon Sep 17 00:00:00 2001
From: Johan Hedberg <johan.hedberg@intel.com>
Date: Fri, 12 Dec 2014 11:15:21 +0200
Subject: [PATCH] Bluetooth: Fix mgmt response status when removing adapter

When an adapter is removed (hci_unregister_dev) any pending mgmt
commands for that adapter should get the appropriate INVALID_INDEX
response. Since hci_unregister_dev() calls hci_dev_do_close() first
that'd so far have caused "not powered" responses to be sent.

Skipping the HCI_UNREGISTER case in mgmt_powered() is also not a
solution since before reaching the mgmt_index_removed() stage any
hci_conn callbacks (e.g. used by pairing) will get called, thereby
causing "disconnected" status responses to be sent.

The fix that covers all scenarios is to handle both INVALID_INDEX and
NOT_POWERED responses through the mgmt_powered() function. The
INVALID_INDEX response sending from mgmt_index_removed() is left
untouched since there are a couple of places not related to powering off
or removing an adapter that call it (e.g. configuring a new bdaddr).

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
---
 net/bluetooth/mgmt.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 1e33880ed562..23a0ca5a4737 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -6151,8 +6151,7 @@ static int powered_update_hci(struct hci_dev *hdev)
 int mgmt_powered(struct hci_dev *hdev, u8 powered)
 {
 	struct cmd_lookup match = { NULL, hdev };
-	u8 status_not_powered = MGMT_STATUS_NOT_POWERED;
-	u8 zero_cod[] = { 0, 0, 0 };
+	u8 status, zero_cod[] = { 0, 0, 0 };
 	int err;
 
 	if (!test_bit(HCI_MGMT, &hdev->dev_flags))
@@ -6168,7 +6167,20 @@ int mgmt_powered(struct hci_dev *hdev, u8 powered)
 	}
 
 	mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
-	mgmt_pending_foreach(0, hdev, cmd_complete_rsp, &status_not_powered);
+
+	/* If the power off is because of hdev unregistration let
+	 * use the appropriate INVALID_INDEX status. Otherwise use
+	 * NOT_POWERED. We cover both scenarios here since later in
+	 * mgmt_index_removed() any hci_conn callbacks will have already
+	 * been triggered, potentially causing misleading DISCONNECTED
+	 * status responses.
+	 */
+	if (test_bit(HCI_UNREGISTER, &hdev->dev_flags))
+		status = MGMT_STATUS_INVALID_INDEX;
+	else
+		status = MGMT_STATUS_NOT_POWERED;
+
+	mgmt_pending_foreach(0, hdev, cmd_complete_rsp, &status);
 
 	if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
 		mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
-- 
GitLab