1. 29 10月, 2021 7 次提交
    • L
      Bluetooth: hci_sync: Convert MGMT_OP_START_DISCOVERY · abfeea47
      Luiz Augusto von Dentz 提交于
      This make use of hci_cmd_sync_queue for MGMT_OP_START_DISCOVERY,
      MGMT_OP_START_SERVICE_DISCOVERY and MGMT_OP_STOP_DISCOVERY to use
      hci_cmd_sync_queue so they no longer depend on hdev->discov_update work
      to send any commands.
      
      Tested with:
      
      tools/mgmt-tester -s "Start Discovery"
      
      Test Summary
      ------------
      Start Discovery - Not powered 1                      Passed
      Start Discovery - Invalid parameters 1               Passed
      Start Discovery - Not supported 1                    Passed
      Start Discovery - Success 1                          Passed
      Start Discovery - Success 2                          Passed
      Start Discovery - Power Off 1                        Passed
      Start Discovery BREDR LE - (Ext Scan Enable)         Passed
      Start Discovery LE - (Ext Scan Enable)               Passed
      Start Discovery LE - (Ext Scan Param)                Passed
      Start Discovery - (2m, Scan Param)                   Passed
      Start Discovery - (coded, Scan Param)                Passed
      Start Discovery - (1m, 2m, coded, Scan Param)        Passed
      LL Privacy - Start Discovery 1 (Disable RL)          Passed
      LL Privacy - Start Discovery 2 (Disable RL)          Passed
      Total: 14, Passed: 14 (100.0%), Failed: 0, Not Run: 0
      
      tools/mgmt-tester -s "Start Service"
      
      Test Summary
      ------------
      Start Service Discovery - Not powered 1              Passed
      Start Service Discovery - Invalid parameters 1       Passed
      Start Service Discovery - Not supported 1            Passed
      Start Service Discovery - Success 1                  Passed
      Start Service Discovery - Success 2                  Passed
      Total: 5, Passed: 5 (100.0%), Failed: 0, Not Run: 0
      
      tools/mgmt-tester -s "Stop Discovery"
      
      Test Summary
      ------------
      Stop Discovery - Success 1                           Passed
      Stop Discovery - BR/EDR (Inquiry) Success 1          Passed
      Stop Discovery - Rejected 1                          Passed
      Stop Discovery - Invalid parameters 1                Passed
      Stop Discovery - (Ext Scan Disable)                  Passed
      Total: 5, Passed: 5 (100.0%), Failed: 0, Not Run: 0
      Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      abfeea47
    • L
      Bluetooth: hci_sync: Convert MGMT_SET_POWERED · cf75ad8b
      Luiz Augusto von Dentz 提交于
      This make use of hci_cmd_sync_queue when MGMT_SET_POWERED is used so all
      commands are run within hdev->cmd_sync_work instead of
      hdev->power_on_work and hdev->power_off_work.
      
      In addition to that the power on sequence now takes into account if
      local IRK needs to be programmed in the resolving list.
      
      Tested with:
      
      tools/mgmt-tester -s "Set powered"
      
      Test Summary
      ------------
      Set powered on - Success                             Passed
      Set powered on - Invalid parameters 1                Passed
      Set powered on - Invalid parameters 2                Passed
      Set powered on - Invalid parameters 3                Passed
      Set powered on - Invalid index                       Passed
      Set powered on - Privacy and Advertising             Passed
      Set powered off - Success                            Passed
      Set powered off - Class of Device                    Passed
      Set powered off - Invalid parameters 1               Passed
      Set powered off - Invalid parameters 2               Passed
      Set powered off - Invalid parameters 3               Passed
      Total: 11, Passed: 11 (100.0%), Failed: 0, Not Run: 0
      Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      cf75ad8b
    • L
      Bluetooth: hci_sync: Rework background scan · 5bee2fd6
      Luiz Augusto von Dentz 提交于
      This replaces the use of hci_update_background_scan with
      hci_update_passive_scan which runs from cmd_work_sync and deal properly
      with resolving list when LL privacy is enabled.
      Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      5bee2fd6
    • L
      Bluetooth: hci_sync: Enable advertising when LL privacy is enabled · ad383c2c
      Luiz Augusto von Dentz 提交于
      This enables advertising when LL privacy is enabled and changes the
      command sequence when resolving list is updated to also account for when
      advertising is enabled using the following sequence:
      
      If there are devices to scan:
      
      Disable Scanning -> Update Accept List ->
      use_ll_privacy((Disable Advertising) -> Disable Resolving List ->
      Update Resolving List -> Enable Resolving List -> (Enable Advertising)) ->
      Enable Scanning
      
      Otherwise:
      
      Disable Scanning
      
      Errors during the Update Accept List stage are handled gracefully by
      restoring any previous state (e.g. advertising) and disabling the use of
      accept list as either accept list or resolving list could not be
      updated.
      
      Tested with:
      
      mgmt-tester -s "LL Privacy"
      
      Test Summary
      ------------
      LL Privacy - Add Device 1 (Add to WL)                Passed
      LL Privacy - Add Device 2 (Add to RL)                Passed
      LL Privacy - Add Device 3 (Enable RL)                Passed
      LL Privacy - Add Device 4 (2 Devices to WL)          Passed
      LL Privacy - Add Device 5 (2 Devices to RL)          Passed
      LL Privacy - Add Device 6 (RL is full)               Passed
      LL Privacy - Add Device 7 (WL is full)               Passed
      LL Privacy - Add Device 8 (Disable Adv)              Passed
      LL Privacy - Add Device 9 (Multi Adv)                Passed
      LL Privacy - Add Device 10 (Multi Dev and Multi Adv) Passed
      LL Privacy - Remove Device 1 (Remove from WL)        Passed
      LL Privacy - Remove Device 2 (Remove from RL)        Passed
      LL Privacy - Remove Device 3 (Disable RL)            Passed
      LL Privacy - Remove Device 4 (Disable Adv)           Passed
      LL Privacy - Remove Device 5 (Multi Adv)             Passed
      LL Privacy - Start Discovery 1 (Disable RL)          Passed
      LL Privacy - Start Discovery 2 (Disable RL)          Passed
      Total: 18, Passed: 18 (100.0%), Failed: 0, Not Run: 0
      Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      ad383c2c
    • L
      Bluetooth: hci_sync: Make use of hci_cmd_sync_queue set 3 · e8907f76
      Luiz Augusto von Dentz 提交于
      This make use of hci_cmd_sync_queue for the following MGMT commands:
      
          Add Device
          Remove Device
      
      Tested with:
      
      mgmt-tester -s "Add Device"
      
      Test Summary
      ------------
      Add Device - Invalid Params 1                        Passed
      Add Device - Invalid Params 2                        Passed
      Add Device - Invalid Params 3                        Passed
      Add Device - Invalid Params 4                        Passed
      Add Device - Success 1                               Passed
      Add Device - Success 2                               Passed
      Add Device - Success 3                               Passed
      Add Device - Success 4                               Passed
      Add Device - Success 5                               Passed
      Add Device - Success 6 - Add to whitelist            Passed
      Add Device - Success 7 - Add to resolv list          Passed
      Add Device - Success 8 - Enable resolv list          Passed
      Total: 12, Passed: 12 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.209 seconds
      
      mgmt-tester -s "Remove Device"
      
      Test Summary
      ------------
      Remove Device - Invalid Params 1                     Passed
      Remove Device - Invalid Params 2                     Passed
      Remove Device - Invalid Params 3                     Passed
      Remove Device - Success 1                            Passed
      Remove Device - Success 2                            Passed
      Remove Device - Success 3                            Passed
      Remove Device - Success 4                            Passed
      Remove Device - Success 5                            Passed
      Remove Device - Success 6 - All Devices              Passed
      Remove Device - Success 7 - Remove from whitelist    Passed
      Remove Device - Success 8 - Remove from resolv list  Passed
      Total: 11, Passed: 11 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 4.26 seconds
      Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      e8907f76
    • L
      Bluetooth: hci_sync: Make use of hci_cmd_sync_queue set 2 · cba6b758
      Luiz Augusto von Dentz 提交于
      This make use of hci_cmd_sync_queue for the following MGMT commands:
      
      Add Advertising
      Remove Advertising
      Add Extended Advertising Parameters
      Add Extended Advertising Data
      
      mgmt-tester -s "Add Advertising"
      
      Test Summary
      ------------
      Add Advertising - Failure: LE off                    Passed
      Add Advertising - Invalid Params 1 (AD too long)     Passed
      Add Advertising - Invalid Params 2 (Malformed len)   Passed
      Add Advertising - Invalid Params 3 (Malformed len)   Passed
      Add Advertising - Invalid Params 4 (Malformed len)   Passed
      Add Advertising - Invalid Params 5 (AD too long)     Passed
      Add Advertising - Invalid Params 6 (ScRsp too long)  Passed
      Add Advertising - Invalid Params 7 (Malformed len)   Passed
      Add Advertising - Invalid Params 8 (Malformed len)   Passed
      Add Advertising - Invalid Params 9 (Malformed len)   Passed
      Add Advertising - Invalid Params 10 (ScRsp too long) Passed
      Add Advertising - Rejected (Timeout, !Powered)       Passed
      Add Advertising - Success 1 (Powered, Add Adv Inst)  Passed
      Add Advertising - Success 2 (!Powered, Add Adv Inst) Passed
      Add Advertising - Success 3 (!Powered, Adv Enable)   Passed
      Add Advertising - Success 4 (Set Adv on override)    Passed
      Add Advertising - Success 5 (Set Adv off override)   Passed
      Add Advertising - Success 6 (Scan Rsp Dta, Adv ok)   Passed
      Add Advertising - Success 7 (Scan Rsp Dta, Scan ok)  Passed
      Add Advertising - Success 8 (Connectable Flag)       Passed
      Add Advertising - Success 9 (General Discov Flag)    Passed
      Add Advertising - Success 10 (Limited Discov Flag)   Passed
      Add Advertising - Success 11 (Managed Flags)         Passed
      Add Advertising - Success 12 (TX Power Flag)         Passed
      Add Advertising - Success 13 (ADV_SCAN_IND)          Passed
      Add Advertising - Success 14 (ADV_NONCONN_IND)       Passed
      Add Advertising - Success 15 (ADV_IND)               Passed
      Add Advertising - Success 16 (Connectable -> on)     Passed
      Add Advertising - Success 17 (Connectable -> off)    Passed
      Add Advertising - Success 18 (Power -> off, Remove)  Passed
      Add Advertising - Success 19 (Power -> off, Keep)    Passed
      Add Advertising - Success 20 (Add Adv override)      Passed
      Add Advertising - Success 21 (Timeout expires)       Passed
      Add Advertising - Success 22 (LE -> off, Remove)     Passed
      Add Advertising - Success (Empty ScRsp)              Passed
      Add Advertising - Success (ScRsp only)               Passed
      Add Advertising - Invalid Params (ScRsp too long)    Passed
      Add Advertising - Success (ScRsp appear)             Passed
      Add Advertising - Invalid Params (ScRsp appear long) Passed
      Add Advertising - Success (Appear is null)           Passed
      Add Advertising - Success (Name is null)             Passed
      Add Advertising - Success (Complete name)            Passed
      Add Advertising - Success (Shortened name)           Passed
      Add Advertising - Success (Short name)               Passed
      Add Advertising - Success (Name + data)              Passed
      Add Advertising - Invalid Params (Name + data)       Passed
      Add Advertising - Success (Name+data+appear)         Passed
      Total: 47, Passed: 47 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 2.17 seconds
      
      mgmt-tester -s "Remove Advertising"
      
      Test Summary
      ------------
      Remove Advertising - Invalid Params 1                Passed
      Remove Advertising - Success 1                       Passed
      Remove Advertising - Success 2                       Passed
      Total: 3, Passed: 3 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.0585 seconds
      
      mgmt-tester -s "Ext Adv MGMT Params"
      
      Test Summary:
      ------------
      Ext Adv MGMT Params - Unpowered                      Passed
      Ext Adv MGMT Params - Invalid parameters             Passed
      Ext Adv MGMT Params - Success                        Passed
      Ext Adv MGMT Params - (5.0) Success                  Passed
      Total: 4, Passed: 4 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.0746 seconds
      
      mgmt-tester -s "Ext Adv MGMT -"
      
      Test Summary
      ------------
      Ext Adv MGMT - Data set without Params               Passed
      Ext Adv MGMT - AD Data (5.0) Invalid parameters      Passed
      Ext Adv MGMT - AD Data (5.0) Success                 Passed
      Ext Adv MGMT - AD Scan Response (5.0) Success        Passed
      Total: 4, Passed: 4 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.0805 seconds
      Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      cba6b758
    • L
      Bluetooth: hci_sync: Make use of hci_cmd_sync_queue set 1 · 161510cc
      Luiz Augusto von Dentz 提交于
      This make use of hci_cmd_sync_queue for the following MGMT commands:
      
      Set Device Class
      Set Device ID
      Add UUID
      Remove UUID
      
      tools/mgmt-tester -s "Set Device Class"
      
      Test Summary
      ------------
      Set Device Class - Success 1                         Passed
      Set Device Class - Success 2                         Passed
      Set Device Class - Invalid parameters 1              Passed
      Total: 3, Passed: 3 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.0599 seconds
      
      tools/mgmt-tester -s "Set Device ID"
      
      Test Summary
      ------------
      Set Device ID - Success 1                            Passed
      Set Device ID - Success 2                            Passed
      Set Device ID - Disable                              Passed
      Set Device ID - Power off and Power on               Passed
      Set Device ID - SSP off and Power on                 Passed
      Set Device ID - Invalid Parameter                    Passed
      Total: 6, Passed: 6 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.107 seconds
      
      tools/mgmt-tester -s "Add UUID"
      
      Test Summary
      ------------
      Add UUID - UUID-16 1                                 Passed
      Add UUID - UUID-16 multiple 1                        Passed
      Add UUID - UUID-16 partial 1                         Passed
      Add UUID - UUID-32 1                                 Passed
      Add UUID - UUID-32 multiple 1                        Passed
      Add UUID - UUID-32 partial 1                         Passed
      Add UUID - UUID-128 1                                Passed
      Add UUID - UUID-128 multiple 1                       Passed
      Add UUID - UUID-128 partial 1                        Passed
      Add UUID - UUID mix                                  Passed
      Total: 10, Passed: 10 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.198 seconds
      
      tools/mgmt-tester -s "Remove UUID"
      
      Test Summary
      ------------
      Remove UUID - Success 1                              Passed
      Remove UUID - All UUID - Success 2                   Passed
      Remove UUID - Power Off - Success 3                  Passed
      Remove UUID - Power Off and On - Success 4           Passed
      Remove UUID - Not Exist - Invalid Params 1           Passed
      Total: 5, Passed: 5 (100.0%), Failed: 0, Not Run: 0
      Overall execution time: 0.0908 seconds
      Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      161510cc
  2. 07 10月, 2021 1 次提交
  3. 29 9月, 2021 2 次提交
  4. 28 9月, 2021 1 次提交
  5. 21 9月, 2021 1 次提交
  6. 08 9月, 2021 1 次提交
  7. 30 8月, 2021 3 次提交
  8. 19 8月, 2021 1 次提交
    • K
      Bluetooth: mgmt: Pessimize compile-time bounds-check · a31e5a41
      Kees Cook 提交于
      After gaining __alloc_size hints, GCC thinks it can reach a memcpy()
      with eir_len == 0 (since it can't see into the rewrite of status).
      Instead, check eir_len == 0, avoiding this future warning:
      
      In function 'eir_append_data',
          inlined from 'read_local_oob_ext_data_complete' at net/bluetooth/mgmt.c:7210:12:
      ./include/linux/fortify-string.h:54:29: warning: '__builtin_memcpy' offset 5 is out of the bounds [0, 3] [-Warray-bounds]
      ...
      net/bluetooth/hci_request.h:133:2: note: in expansion of macro 'memcpy'
        133 |  memcpy(&eir[eir_len], data, data_len);
            |  ^~~~~~
      
      Cc: Marcel Holtmann <marcel@holtmann.org>
      Cc: Johan Hedberg <johan.hedberg@gmail.com>
      Cc: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Jakub Kicinski <kuba@kernel.org>
      Cc: linux-bluetooth@vger.kernel.org
      Cc: netdev@vger.kernel.org
      Signed-off-by: NKees Cook <keescook@chromium.org>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      a31e5a41
  9. 29 7月, 2021 1 次提交
  10. 26 6月, 2021 9 次提交
  11. 03 6月, 2021 1 次提交
  12. 08 4月, 2021 1 次提交
  13. 06 4月, 2021 1 次提交
    • D
      Bluetooth: Do not set cur_adv_instance in adv param MGMT request · b6f1b79d
      Daniel Winkler 提交于
      We set hdev->cur_adv_instance in the adv param MGMT request to allow the
      callback to the hci param request to set the tx power to the correct
      instance. Now that the callbacks use the advertising handle from the hci
      request (as they should), this workaround is no longer necessary.
      
      Furthermore, this change resolves a race condition that is more
      prevalent when using the extended advertising MGMT calls - if
      hdev->cur_adv_instance is set in the params request, then when the data
      request is called, we believe our new instance is already active. This
      treats it as an update and immediately schedules the instance with the
      controller, which has a potential race with the software rotation adv
      update. By not setting hdev->cur_adv_instance too early, the new
      instance is queued as it should be, to be used when the rotation comes
      around again.
      
      This change is tested on harrison peak to confirm that it resolves the
      race condition on registration, and that there is no regression in
      single- and multi-advertising automated tests.
      Reviewed-by: NMiao-chen Chou <mcchou@chromium.org>
      Signed-off-by: NDaniel Winkler <danielwinkler@google.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      b6f1b79d
  14. 27 3月, 2021 5 次提交
  15. 04 3月, 2021 1 次提交
    • D
      Bluetooth: Allow scannable adv with extended MGMT APIs · ff02db13
      Daniel Winkler 提交于
      An issue was found, where if a bluetooth client requests a broadcast
      advertisement with scan response data, it will not be properly
      registered with the controller. This is because at the time that the
      hci_cp_le_set_scan_param structure is created, the scan response will
      not yet have been received since it comes in a second MGMT call. With
      empty scan response, the request defaults to a non-scannable PDU type.
      On some controllers, the subsequent scan response request will fail due
      to incorrect PDU type, and others will succeed and not use the scan
      response.
      
      This fix allows the advertising parameters MGMT call to include a flag
      to let the kernel know whether a scan response will be coming, so that
      the correct PDU type is used in the first place. A bluetoothd change is
      also incoming to take advantage of it.
      
      To test this, I created a broadcast advertisement with scan response
      data and registered it on the hatch chromebook. Without this change, the
      request fails, and with it will succeed.
      Reviewed-by: NAlain Michaud <alainm@chromium.org>
      Reviewed-by: NSonny Sasaka <sonnysasaka@chromium.org>
      Reviewed-by: NMiao-chen Chou <mcchou@chromium.org>
      Signed-off-by: NDaniel Winkler <danielwinkler@google.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      ff02db13
  16. 03 2月, 2021 1 次提交
    • H
      Bluetooth: Fix crash in mgmt_add_adv_patterns_monitor_complete · b1810feb
      Howard Chung 提交于
      If hci_add_adv_monitor is a pending command(e.g. forward to
      msft_add_monitor_pattern), it is possible that
      mgmt_add_adv_patterns_monitor_complete gets called before
      cmd->user_data gets set, which will cause a crash when we
      try to get the moniter handle through cmd->user_data in
      mgmt_add_adv_patterns_monitor_complete.
      
      This moves the cmd->user_data assignment earlier than
      hci_add_adv_monitor.
      
      RIP: 0010:mgmt_add_adv_patterns_monitor_complete+0x82/0x187 [bluetooth]
      Code: 1e bf 03 00 00 00 be 52 00 00 00 4c 89 ea e8 9e
      e4 02 00 49 89 c6 48 85 c0 0f 84 06 01 00 00 48 89 5d b8 4c 89 fb 4d 8b
      7e 30 <41> 0f b7 47 18 66 89 45 c0 45 84 e4 75 5a 4d 8b 56 28 48 8d 4d
      c8
      RSP: 0018:ffffae81807dbcb8 EFLAGS: 00010286
      RAX: ffff91c4bdf723c0 RBX: 0000000000000000 RCX: ffff91c4e5da5b80
      RDX: ffff91c405680000 RSI: 0000000000000052 RDI: ffff91c49d654c00
      RBP: ffffae81807dbd00 R08: ffff91c49fb157e0 R09: ffff91c49fb157e0
      R10: 000000000002a4f0 R11: ffffffffc0819cfd R12: 0000000000000000
      R13: ffff91c405680000 R14: ffff91c4bdf723c0 R15: 0000000000000000
      FS:  0000000000000000(0000) GS:ffff91c4ea300000(0000)
      knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 0000000000000018 CR3: 0000000133612002 CR4:
      00000000003606e0
      Call Trace:
       ? msft_le_monitor_advertisement_cb+0x111/0x141
      [bluetooth]
       hci_event_packet+0x425e/0x631c [bluetooth]
       ? printk+0x59/0x73
       ? __switch_to_asm+0x41/0x70
       ?
      msft_le_set_advertisement_filter_enable_cb+0xa6/0xa6 [bluetooth]
       ? bt_dbg+0xb4/0xbb [bluetooth]
       ? __switch_to_asm+0x41/0x70
       hci_rx_work+0x101/0x319 [bluetooth]
       process_one_work+0x257/0x506
       worker_thread+0x10d/0x284
       kthread+0x14c/0x154
       ? process_one_work+0x506/0x506
       ? kthread_blkcg+0x2c/0x2c
       ret_from_fork+0x1f/0x40
      Reviewed-by: NMiao-chen Chou <mcchou@chromium.org>
      Reviewed-by: NManish Mandlik <mmandlik@chromium.org>
      Reviewed-by: NArchie Pusaka <apusaka@chromium.org>
      Signed-off-by: NHoward Chung <howardchung@google.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      b1810feb
  17. 25 1月, 2021 3 次提交