- 23 Mar, 2015 1 commit
-
-
Marcel Holtmann authored
For the Apple Bluetooth devices that are Broadcom based, it makes sense to read the chip information. It is a single HCI command and might help gathering more information about these devices. Signed-off-by:
Marcel Holtmann <marcel@holtmann.org> Signed-off-by:
Johan Hedberg <johan.hedberg@intel.com>
-
- 22 Mar, 2015 1 commit
-
-
Johan Hedberg authored
The hci_request in le_scan_disable_work_complete() was being initialized in a general context but only used in a specific branch in the function (when simultaneous discovery is not supported). This patch moves the usage to be limited to the branch where hci_req_run() is actually called. Signed-off-by:
-
- 21 Mar, 2015 1 commit
-
-
Marcel Holtmann authored
The Broadcom devices expose their chip id via Read Verbose Config Version Info command. While this information is not used at the moment, it might be useful for debugging purposes and so read it before patching the firmware. This makes it show up in dmesg and HCI traces taken for the system. Signed-off-by:
-
- 20 Mar, 2015 3 commits
-
-
Jakub Pawlowski authored
This patch expose controller quirks through debugfs. It would be useful for BlueZ tests using vhci. Currently there is no way to test quirk dependent behaviour. It might be also useful for manual testing. Signed-off-by:
Jakub Pawlowski <jpawlowski@google.com> Signed-off-by:
-
Marcel Holtmann authored
Using the HCI_MAX_AD_LENGTH for the max advertising data and max scan response data length makes more sense than hardcoding the value. Signed-off-by:
-
Marcel Holtmann authored
Currently the enabling of LE on LE only devices causes an error. This is a bit difference from other commands where trying to set the same existing settings causes a positive response. Fix this behavior for this single corner case. Signed-off-by:
-
- 19 Mar, 2015 1 commit
-
-
Nicolas Iooss authored
Signed-off-by:
Nicolas Iooss <nicolas.iooss_linux@m4x.org> Fixes: b6eea9ca ("mac802154: introduce driver-ops header") Acked-by:
Alexander Aring <alex.aring@gmail.com> Signed-off-by:
-
- 18 Mar, 2015 3 commits
-
-
Brad Campbell authored
The TI CC2521 is an RF power amplifier that is designed to interface with the CC2520. Conveniently, it directly interfaces with the CC2520 and does not require any pins to be connected to a microcontroller/processor. Adding a CC2591 increases the CC2520's range, which is useful for border router and other wall-powered applications. Using the CC2591 with the CC2520 requires configuring the CC2520 GPIOs that are connected to the CC2591 to correctly set the CC2591 into TX and RX modes. Further, TI recommends that the CC2520_TXPOWER and CC2520_AGCCTRL1 registers are set differently to maximize the CC2591's performance. These settings are covered in TI Application Note AN065. This patch adds an optional `amplified` field to the cc2520 entry in the device tree. If present, the CC2520 will be configured to operate with a CC2591. The expected pin mapping is: CC2520 GPIO0 --> CC2591 EN CC2520 GPIO5 --> CC2591 PAEN Signed-off-by:
Brad Campbell <bradjc5@gmail.com> Acked-by:
Varka Bhadram <varkabhadram@gmail.com> Signed-off-by:
-
Brad Campbell authored
Storing the `platform_data` struct inside of the SPI struct when using the device tree allows for a later function to edit the content of that struct. This patch refactors the `cc2520_get_platformat_data` function to accept a pointer to a `cc2520_platform_data` struct and populates the fields inside of it. This change mirrors commit aaa1c4d2 ("at86rf230: copy pdata to driver allocated space"). Signed-off-by:
-
Marcel Holtmann authored
When the allocation of the L2CAP channel for the BR/EDR security manager fails, then the smp variable might be NULL. In that case do not try to free the non-existing crypto contexts Reported-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
-
- 17 Mar, 2015 16 commits
-
-
Johan Hedberg authored
OS X version 10.10.2 (and possibly older versions) doesn't support LE Secure Connections but incorrectly copies all authentication request bits from a Security Request to its Pairing Request. The result is that an SC capable initiator (such as BlueZ) will think OS X intends to do SC when in fact it's incapable of it: < ACL Data TX: Handle 3585 flags 0x00 dlen 6 SMP: Security Request (0x0b) len 1 Authentication requirement: Bonding, No MITM, SC, No Keypresses (0x09) > ACL Data RX: Handle 3585 flags 0x02 dlen 11 SMP: Pairing Request (0x01) len 6 IO capability: KeyboardDisplay (0x04) OOB data: Authentication data not present (0x00) Authentication requirement: Bonding, No MITM, SC, No Keypresses (0x09) Max encryption key size: 16 Initiator key distribution: EncKey (0x01) Responder key distribution: EncKey IdKey Sign (0x07) < ACL Data TX: Handle 3585 flags 0x00 dlen 11 SMP: Pairing Response (0x02) len 6 IO capability: NoInputNoOutput (0x03) OOB data: Authentication data not present (0x00) Authentication requirement: Bonding, No MITM, SC, No Keypresses (0x09) Max encryption key size: 16 Initiator key distribution: EncKey (0x01) Responder key distribution: EncKey Sign (0x05) The pairing eventually fails when we get an unexpected Pairing Confirm PDU instead of a Public Key PDU: > ACL Data RX: Handle 3585 flags 0x02 dlen 21 SMP: Pairing Confirm (0x03) len 16 Confim value: bcc3bed31b8f313a78ec3cce32685faf It is only at this point that we can speculate that the remote doesn't really support SC. This patch creates a workaround for the just-works model, however the MITM case is unsolvable because the OS X user has already been requested to enter a PIN which we're now expected to randomly generate and show the user (i.e. a chicken-and-egg problem). Signed-off-by: -
Johan Hedberg authored
The mgmt.c file should be reserved purely for HCI_CHANNEL_CONTROL. The mgmt_control() function in it is already completely generic and has a single user in hci_sock.c. This patch moves the function there and renames it a bit more appropriately to hci_mgmt_cmd() (as it's a command dispatcher). Signed-off-by:
-
Johan Hedberg authored
In order to make the mgmt command handling more generic we can't have a direct call to mgmt_init_hdev() from mgmt_control(). This patch adds a new callback to struct hci_mgmt_chan. And sets it to point to the mgmt_init_hdev() function for the HCI_CHANNEL_CONTROL instance. Signed-off-by:
-
Johan Hedberg authored
There are several mgmt protocol features that will be needed by more than just the current HCI_CHANNEL_CONTROL. These include sending generic events as well as handling pending commands. This patch moves these functions out from mgmt.c to a new mgmt_util.c file. Signed-off-by:
-
Johan Hedberg authored
To be able to have pending commands for different HCI channels we need to be able to distinguish for which channel a command was sent to. The channel information is already part of the socket data and can be fetched using the recently added hci_sock_get_channel() function. To not require all mgmt.c code to pass an extra channel parameter this patch also adds a helper pending_find() & pending_find_data() functions which act as a wrapper to the new mgmt_pending_find() & mgmt_pending_find_data() APIs. Signed-off-by:
-
Johan Hedberg authored
We'll need to have access to which HCI channel a socket is bound to, in order to manage pending mgmt commands in clean way. This patch adds a helper for the purpose. Signed-off-by:
-
Jakub Pawlowski authored
CSR controllers can do both LE scan and BR/EDR inquiry at once. Signed-off-by:
-
Jakub Pawlowski authored
Intel controllers can do both LE scan and BR/EDR inquiry at once. Signed-off-by:
-
Jakub Pawlowski authored
Atheros controllers can do both LE scan and BR/EDR inquiry at once. Signed-off-by:
-
Jakub Pawlowski authored
When doing scan through mgmt api, some controllers can do both le and classic scan at same time. They can be distinguished by HCI_QUIRK_SIMULTANEOUS_DISCOVERY set. This patch enables them to use this feature when doing dual mode scan. Instead of doing le, then classic scan, both scans are run at once. Signed-off-by:
-
Jakub Pawlowski authored
This patch refactor BR/EDR inquiry and LE scan triggering logic into separate methods. Signed-off-by:
-
Jakub Pawlowski authored
Some controllers allow both LE scan and BR/EDR inquiry to run at the same time, while others allow only one, LE SCAN or BR/EDR inquiry at given time. Since this is specific to each controller, add a new quirk setting that allows drivers to tell the core wether given controller can do both LE scan and BR/EDR inquiry at same time. Signed-off-by:
-
Alexander Aring authored
This patch fix an issue when at86rf230_read_subreg was successful. The function at86rf230_read_subreg will directly call regmap_read which returns zero on successful. Nobody figured out issues yet because it was only necessary to evaluate dvdd state while probing. This could make trouble because the stack variable could have an random value. The function is also used by reset the irq line before requesting irq, but the value isn't evaluated afterwards. Signed-off-by:
-
Marcel Holtmann authored
Signed-off-by:
-
Marcel Holtmann authored
When a different user requests a new set of local out-of-band data, then inform all previous users that the data has been updated. To limit the scope of users, the updates are limited to previous users. If a user has never requested out-of-band data, it will also not see the update. Signed-off-by:
-
Marcel Holtmann authored
The length of the respone packet for Read Local OOB Extended Data command has a calculation error. In case LE Secure Connections support is not enabled, the actual response is shorter. Keep this in mind and update the value accordingly. Signed-off-by:
-
- 16 Mar, 2015 14 commits
-
-
Marcel Holtmann authored
In case LE Secure Connections is not enabled, then the command for returning local out-of-band data should not include the confirmation and random value for LE SC pairing. All other fields are still valid, but these two need to be left out. In that case it is also no needed to generate the public/private key pair for out-of-band pairing. Signed-off-by:
-
Marcel Holtmann authored
This seems to be a simple typo in the debugfs entry for the remote out-of-band data entries. Signed-off-by:
-
Marcel Holtmann authored
The variable for the out-of-band random number was badly named and with that confusing. Just rename it to local_rand so it is clear what value it represents. Signed-off-by:
-
Marcel Holtmann authored
Just for pure debugging purposes print the remote out-of-band data that has been received and is going to be used. Signed-off-by:
-
Marcel Holtmann authored
Signed-off-by:
-
Johan Hedberg authored
It might be a bit counterintuitive to set a 'local' flag based on remote data. This patch adds a clarifying comment to the pairing req/rsp handlers when setting the LOCAL_OOB flag based on the PDU received from the remote side. Signed-off-by:
-
Johan Hedberg authored
When we receive the remote public key, if we have remote OOB data there's no point in sending our public key to the remote if the OOB data doesn't match. This patch moves the test for this higher up in the smp_cmd_public_key() function. Signed-off-by:
-
Johan Hedberg authored
If we haven't received remote OOB data we cannot perform any special checks on the confirm value. This patch updates the check after having received the public key to only perform the verification if we have remote OOB data present. Signed-off-by:
-
Johan Hedberg authored
If the SMP Pairing Request or Response PDU received from the remote device indicates that it has received our OOB data we should set the SMP_FLAG_LOCAL_OOB flag. Signed-off-by:
-
Johan Hedberg authored
There are several decisions in the SMP logic that depend not only on whether we're doing SMP or not, but also whether local and/or remote OOB data is present. This patch splits the existing SMP_FLAG_OOB into two new flags to track local and remote OOB data respectively. Signed-off-by:
-
Johan Hedberg authored
We need to store the local ra/rb value in order to verify the Check value received from the remote. This patch adds a new 'lr' for the local ra/rb value and makes sure it gets used when verifying the DHKey Check PDU received from the remote. Signed-off-by:
-
Marcel Holtmann authored
Signed-off-by:
-
Marcel Holtmann authored
The OOB public and secret key pair is different from the non-OOB pairing procedure. SO when OOB method is in use, then use this key pair instead of generating a new one. Signed-off-by:
-
Marcel Holtmann authored
Then the local out-of-band data for LE SC pairing is requested via Read Local OOB Extended Data command, then fill in the values generated by the smp_generate_oob function. Every call of this command will overwrite previously generated values. Signed-off-by:
-
