Commit c15cd642 authored by David S. Miller's avatar David S. Miller

Merge tag 'for-net-2023-09-20' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth

bluetooth pull request for net:

 - Fix handling of HCI_QUIRK_STRICT_DUPLICATE_FILTER
 - Fix handling of listen for ISO unicast
 - Fix build warnings
 - Fix leaking content of local_codecs
 - Add shutdown function for QCA6174
 - Delete unused hci_req_prepare_suspend() declaration
 - Fix hci_link_tx_to RCU lock usage
 - Avoid redundant authentication
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 6b09edc1 b938790e
......@@ -4419,6 +4419,7 @@ static int btusb_probe(struct usb_interface *intf,
if (id->driver_info & BTUSB_QCA_ROME) {
data->setup_on_usb = btusb_setup_qca;
hdev->shutdown = btusb_shutdown_qca;
hdev->set_bdaddr = btusb_set_bdaddr_ath3012;
hdev->cmd_timeout = btusb_qca_cmd_timeout;
set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
......
......@@ -350,7 +350,7 @@ struct hci_dev {
struct list_head list;
struct mutex lock;
char name[8];
const char *name;
unsigned long flags;
__u16 id;
__u8 bus;
......
......@@ -2413,34 +2413,41 @@ int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type,
if (!test_bit(HCI_CONN_AUTH, &conn->flags))
goto auth;
/* An authenticated FIPS approved combination key has sufficient
* security for security level 4. */
if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256 &&
sec_level == BT_SECURITY_FIPS)
goto encrypt;
/* An authenticated combination key has sufficient security for
security level 3. */
if ((conn->key_type == HCI_LK_AUTH_COMBINATION_P192 ||
conn->key_type == HCI_LK_AUTH_COMBINATION_P256) &&
sec_level == BT_SECURITY_HIGH)
goto encrypt;
/* An unauthenticated combination key has sufficient security for
security level 1 and 2. */
if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 ||
conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) &&
(sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
goto encrypt;
/* A combination key has always sufficient security for the security
levels 1 or 2. High security level requires the combination key
is generated using maximum PIN code length (16).
For pre 2.1 units. */
if (conn->key_type == HCI_LK_COMBINATION &&
(sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW ||
conn->pin_length == 16))
goto encrypt;
switch (conn->key_type) {
case HCI_LK_AUTH_COMBINATION_P256:
/* An authenticated FIPS approved combination key has
* sufficient security for security level 4 or lower.
*/
if (sec_level <= BT_SECURITY_FIPS)
goto encrypt;
break;
case HCI_LK_AUTH_COMBINATION_P192:
/* An authenticated combination key has sufficient security for
* security level 3 or lower.
*/
if (sec_level <= BT_SECURITY_HIGH)
goto encrypt;
break;
case HCI_LK_UNAUTH_COMBINATION_P192:
case HCI_LK_UNAUTH_COMBINATION_P256:
/* An unauthenticated combination key has sufficient security
* for security level 2 or lower.
*/
if (sec_level <= BT_SECURITY_MEDIUM)
goto encrypt;
break;
case HCI_LK_COMBINATION:
/* A combination key has always sufficient security for the
* security levels 2 or lower. High security level requires the
* combination key is generated using maximum PIN code length
* (16). For pre 2.1 units.
*/
if (sec_level <= BT_SECURITY_MEDIUM || conn->pin_length == 16)
goto encrypt;
break;
default:
break;
}
auth:
if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
......
......@@ -2617,7 +2617,11 @@ int hci_register_dev(struct hci_dev *hdev)
if (id < 0)
return id;
snprintf(hdev->name, sizeof(hdev->name), "hci%d", id);
error = dev_set_name(&hdev->dev, "hci%u", id);
if (error)
return error;
hdev->name = dev_name(&hdev->dev);
hdev->id = id;
BT_DBG("%p name %s bus %d", hdev, hdev->name, hdev->bus);
......@@ -2639,8 +2643,6 @@ int hci_register_dev(struct hci_dev *hdev)
if (!IS_ERR_OR_NULL(bt_debugfs))
hdev->debugfs = debugfs_create_dir(hdev->name, bt_debugfs);
dev_set_name(&hdev->dev, "%s", hdev->name);
error = device_add(&hdev->dev);
if (error < 0)
goto err_wqueue;
......@@ -2784,6 +2786,7 @@ void hci_release_dev(struct hci_dev *hdev)
hci_conn_params_clear_all(hdev);
hci_discovery_filter_clear(hdev);
hci_blocked_keys_clear(hdev);
hci_codec_list_clear(&hdev->local_codecs);
hci_dev_unlock(hdev);
ida_simple_remove(&hci_index_ida, hdev->id);
......@@ -3418,7 +3421,12 @@ static void hci_link_tx_to(struct hci_dev *hdev, __u8 type)
if (c->type == type && c->sent) {
bt_dev_err(hdev, "killing stalled connection %pMR",
&c->dst);
/* hci_disconnect might sleep, so, we have to release
* the RCU read lock before calling it.
*/
rcu_read_unlock();
hci_disconnect(c, HCI_ERROR_REMOTE_USER_TERM);
rcu_read_lock();
}
}
......
......@@ -33,6 +33,7 @@
#include "hci_request.h"
#include "hci_debugfs.h"
#include "hci_codec.h"
#include "a2mp.h"
#include "amp.h"
#include "smp.h"
......
......@@ -71,7 +71,5 @@ struct sk_buff *hci_prepare_cmd(struct hci_dev *hdev, u16 opcode, u32 plen,
void hci_req_add_le_scan_disable(struct hci_request *req, bool rpa_le_conn);
void hci_req_add_le_passive_scan(struct hci_request *req);
void hci_req_prepare_suspend(struct hci_dev *hdev, enum suspended_state next);
void hci_request_setup(struct hci_dev *hdev);
void hci_request_cancel_all(struct hci_dev *hdev);
......@@ -413,11 +413,6 @@ static int hci_le_scan_restart_sync(struct hci_dev *hdev)
LE_SCAN_FILTER_DUP_ENABLE);
}
static int le_scan_restart_sync(struct hci_dev *hdev, void *data)
{
return hci_le_scan_restart_sync(hdev);
}
static void le_scan_restart(struct work_struct *work)
{
struct hci_dev *hdev = container_of(work, struct hci_dev,
......@@ -427,15 +422,15 @@ static void le_scan_restart(struct work_struct *work)
bt_dev_dbg(hdev, "");
hci_dev_lock(hdev);
status = hci_cmd_sync_queue(hdev, le_scan_restart_sync, NULL, NULL);
status = hci_le_scan_restart_sync(hdev);
if (status) {
bt_dev_err(hdev, "failed to restart LE scan: status %d",
status);
goto unlock;
return;
}
hci_dev_lock(hdev);
if (!test_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks) ||
!hdev->discovery.scan_start)
goto unlock;
......@@ -5079,6 +5074,7 @@ int hci_dev_close_sync(struct hci_dev *hdev)
memset(hdev->eir, 0, sizeof(hdev->eir));
memset(hdev->dev_class, 0, sizeof(hdev->dev_class));
bacpy(&hdev->random_addr, BDADDR_ANY);
hci_codec_list_clear(&hdev->local_codecs);
hci_dev_put(hdev);
return err;
......
......@@ -502,7 +502,7 @@ static void iso_recv_frame(struct iso_conn *conn, struct sk_buff *skb)
}
/* -------- Socket interface ---------- */
static struct sock *__iso_get_sock_listen_by_addr(bdaddr_t *ba)
static struct sock *__iso_get_sock_listen_by_addr(bdaddr_t *src, bdaddr_t *dst)
{
struct sock *sk;
......@@ -510,7 +510,10 @@ static struct sock *__iso_get_sock_listen_by_addr(bdaddr_t *ba)
if (sk->sk_state != BT_LISTEN)
continue;
if (!bacmp(&iso_pi(sk)->src, ba))
if (bacmp(&iso_pi(sk)->dst, dst))
continue;
if (!bacmp(&iso_pi(sk)->src, src))
return sk;
}
......@@ -952,7 +955,7 @@ static int iso_listen_cis(struct sock *sk)
write_lock(&iso_sk_list.lock);
if (__iso_get_sock_listen_by_addr(&iso_pi(sk)->src))
if (__iso_get_sock_listen_by_addr(&iso_pi(sk)->src, &iso_pi(sk)->dst))
err = -EADDRINUSE;
write_unlock(&iso_sk_list.lock);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment