Bluetooth: Fix issue with switching BR/EDR back on when disabled

For dual-mode controllers it is possible to disable BR/EDR and operate as LE single mode controllers with a static random address. If that is the case, then refuse switching BR/EDR back on after the controller has been powered. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

Bluetooth: Fix issue with switching BR/EDR back on when disabled
For dual-mode controllers it is possible to disable BR/EDR and operate as LE single mode controllers with a static random address. If that is the case, then refuse switching BR/EDR back on after the controller has been powered. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
111e4bcc · Marcel Holtmann · Johan Hedberg · eeb5a067 · 111e4bcc
Commit 111e4bcc authored Jan 14, 2015 by Marcel Holtmann Committed by Johan Hedberg Jan 15, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 0 deletions

net/bluetooth/mgmt.c net/bluetooth/mgmt.c +15 -0

No files found.
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -4683,6 +4683,21 @@ static int set_bredr(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
 		err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
 				 MGMT_STATUS_REJECTED);
 		goto unlock;
+	} else {
+		/* When configuring a dual-mode controller to operate
+		 * with LE only and using a static address, then switching
+		 * BR/EDR back on is not allowed.
+		 *
+		 * Dual-mode controllers shall operate with the public
+		 * address as its identity address for BR/EDR and LE. So
+		 * reject the attempt to create an invalid configuration.
+		 */
+		if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) &&
+		    bacmp(&hdev->static_addr, BDADDR_ANY)) {
+			err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
+					 MGMT_STATUS_REJECTED);
+			goto unlock;
+		}
 	}

 	if (mgmt_pending_find(MGMT_OP_SET_BREDR, hdev)) {