1. 05 Mar, 2014 1 commit
    • Claudio Takahasi's avatar
      Bluetooth: Fix removing Long Term Key · 5981a882
      Claudio Takahasi authored
      This patch fixes authentication failure on LE link re-connection when
      BlueZ acts as slave (peripheral). LTK is removed from the internal list
      after its first use causing PIN or Key missing reply when re-connecting
      the link. The LE Long Term Key Request event indicates that the master
      is attempting to encrypt or re-encrypt the link.
      
      Pre-condition: BlueZ host paired and running as slave.
      How to reproduce(master):
      
        1) Establish an ACL LE encrypted link
        2) Disconnect the link
        3) Try to re-establish the ACL LE encrypted link (fails)
      
      > HCI Event: LE Meta Event (0x3e) plen 19
            LE Connection Complete (0x01)
              Status: Success (0x00)
              Handle: 64
              Role: Slave (0x01)
      ...
      @ Device Connected: 00:02:72:DC:29:C9 (1) flags 0x0000
      > HCI Event: LE Meta Event (0x3e) plen 13
            LE Long Term Key Request (0x05)
              Handle: 64
              Random number: 875be18439d9aa37
              Encryption diversifier: 0x76ed
      < HCI Command: LE Long Term Key Request Reply (0x08|0x001a) plen 18
              Handle: 64
              Long term key: 2aa531db2fce9f00a0569c7d23d17409
      > HCI Event: Command Complete (0x0e) plen 6
            LE Long Term Key Request Reply (0x08|0x001a) ncmd 1
              Status: Success (0x00)
              Handle: 64
      > HCI Event: Encryption Change (0x08) plen 4
              Status: Success (0x00)
              Handle: 64
              Encryption: Enabled with AES-CCM (0x01)
      ...
      @ Device Disconnected: 00:02:72:DC:29:C9 (1) reason 3
      < HCI Command: LE Set Advertise Enable (0x08|0x000a) plen 1
              Advertising: Enabled (0x01)
      > HCI Event: Command Complete (0x0e) plen 4
            LE Set Advertise Enable (0x08|0x000a) ncmd 1
              Status: Success (0x00)
      > HCI Event: LE Meta Event (0x3e) plen 19
            LE Connection Complete (0x01)
              Status: Success (0x00)
              Handle: 64
              Role: Slave (0x01)
      ...
      @ Device Connected: 00:02:72:DC:29:C9 (1) flags 0x0000
      > HCI Event: LE Meta Event (0x3e) plen 13
            LE Long Term Key Request (0x05)
              Handle: 64
              Random number: 875be18439d9aa37
              Encryption diversifier: 0x76ed
      < HCI Command: LE Long Term Key Request Neg Reply (0x08|0x001b) plen 2
              Handle: 64
      > HCI Event: Command Complete (0x0e) plen 6
            LE Long Term Key Request Neg Reply (0x08|0x001b) ncmd 1
              Status: Success (0x00)
              Handle: 64
      > HCI Event: Disconnect Complete (0x05) plen 4
              Status: Success (0x00)
              Handle: 64
              Reason: Authentication Failure (0x05)
      @ Device Disconnected: 00:02:72:DC:29:C9 (1) reason 0
      Signed-off-by: default avatarClaudio Takahasi <claudio.takahasi@openbossa.org>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
      5981a882
  2. 04 Mar, 2014 1 commit
  3. 28 Feb, 2014 19 commits
  4. 27 Feb, 2014 19 commits
    • Johan Hedberg's avatar
      Bluetooth: Add hci_copy_identity_address convenience function · a1f4c318
      Johan Hedberg authored
      The number of places needing the local Identity Address are starting to
      grow so it's better to have a single place for the logic of determining
      it. This patch adds a convenience function for getting the Identity
      Address and updates the two current places needing this to use it.
      Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      a1f4c318
    • Johan Hedberg's avatar
      Bluetooth: Add tracking of advertising address type · 56ed2cb8
      Johan Hedberg authored
      To know the real source address for incoming connections (needed e.g.
      for SMP) we should store the own_address_type parameter that was used
      for the last HCI_LE_Write_Advertising_Parameters command. This patch
      adds a proper command complete handler for the command and stores the
      address type in a new adv_addr_type variable in the hci_dev struct.
      Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      56ed2cb8
    • Lukasz Rymanowski's avatar
      Bluetooth: Fix response on confirm_name · d3a2541d
      Lukasz Rymanowski authored
      According to mgmt-api.txt, in case of confirm name command,
      cmd_complete should be always use as a response. Not command status
      as it is now for failures.
      Using command complete on failure is actually better as client might
      be interested in device address for which confirm name failed.
      Signed-off-by: default avatarLukasz Rymanowski <lukasz.rymanowski@tieto.com>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      d3a2541d
    • Andre Guedes's avatar
      Bluetooth: Update background scan parameters · dd2ef8e2
      Andre Guedes authored
      If new scanning parameters are set while background scan is running,
      we should restart background scanning so these parameters are updated.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      dd2ef8e2
    • Andre Guedes's avatar
      Bluetooth: Create hci_req_add_le_passive_scan helper · 8ef30fd3
      Andre Guedes authored
      This patches creates the public hci_req_add_le_passive_scan helper so
      it can be re-used outside hci_core.c in the next patch.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      8ef30fd3
    • Andre Guedes's avatar
      Bluetooth: Add le_auto_conn file on debugfs · 7d474e06
      Andre Guedes authored
      This patch adds to debugfs the le_auto_conn file. This file will be
      used to test LE auto connection infrastructure.
      
      This file accept writes in the following format:
        "add <address> <address_type> [auto_connect]"
        "del <address> <address_type>"
        "clr"
      
      The <address type> values are:
        * 0 for public address
        * 1 for random address
      
      The [auto_connect] values are (for more details see struct hci_
      conn_params):
        * 0 for disabled (default)
        * 1 for always
        * 2 for link loss
      
      So for instance, if you want the kernel autonomously establishes
      connections with device AA:BB:CC:DD:EE:FF (public address) every
      time the device enters in connectable mode (starts advertising),
      you should run the command:
      $ echo "add AA:BB:CC:DD:EE:FF 0 1" > /sys/kernel/debug/bluetooth/hci0/le_auto_conn
      
      To delete the connection parameters for that device, run the command:
      $ echo "del AA:BB:CC:DD:EE:FF 0" > /sys/kernel/debug/bluetooth/hci0/le_auto_conn
      
      To clear the connection parameters list, run the command:
      $ echo "clr" > /sys/kernel/debug/bluetooth/hci0/le_auto_conn
      
      Finally. to get the list of connection parameters configured in kernel,
      read the le_auto_conn file:
      $ cat /sys/kernel/debug/bluetooth/hci0/le_auto_conn
      
      This file is created only if LE is enabled.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      7d474e06
    • Andre Guedes's avatar
      Bluetooth: Support resolvable private addresses · 5b906a84
      Andre Guedes authored
      Only identity addresses are inserted into hdev->pend_le_conns. So,
      in order to support resolvable private addresses in auto connection
      mechanism, we should resolve the address before checking for pending
      connections.
      
      Thus, this patch adds an extra check in check_pending_le_conn() and
      updates 'addr' and 'addr_type' variables before hci_pend_le_conn_
      lookup().
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      5b906a84
    • Andre Guedes's avatar
      Bluetooth: Connection parameters and resolvable address · a9b0a04c
      Andre Guedes authored
      We should only accept connection parameters from identity addresses
      (public or random static). Thus, we should check the address type
      in hci_conn_params_add().
      
      Additionally, since the IRK is removed during unpair, we should also
      remove the connection parameters from that device.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      a9b0a04c
    • Andre Guedes's avatar
      Bluetooth: Auto connection and power on · 6046dc3e
      Andre Guedes authored
      When hdev is closed (e.g. Mgmt power off command, RFKILL or controller
      is reset), the ongoing active connections are silently dropped by the
      controller (no Disconnection Complete Event is sent to host). For that
      reason, the devices that require HCI_AUTO_CONN_ALWAYS are not added to
      hdev->pend_le_conns list and they won't auto connect.
      
      So to fix this issue, during hdev closing, we remove all pending LE
      connections. After adapter is powered on, we add a pending LE connection
      for each HCI_AUTO_CONN_ALWAYS address.
      
      This way, the auto connection mechanism works propely after a power
      off and power on sequence as well as RFKILL block/unblock.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      6046dc3e
    • Andre Guedes's avatar
      Bluetooth: Temporarily stop background scanning on discovery · c54c3860
      Andre Guedes authored
      If the user sends a mgmt start discovery command while the background
      scanning is running, we should temporarily stop it. Once the discovery
      finishes, we start the background scanning again.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      c54c3860
    • Andre Guedes's avatar
      Bluetooth: Connection parameters and auto connection · cef952ce
      Andre Guedes authored
      This patch modifies hci_conn_params_add() and hci_conn_params_del() so
      they also add/delete pending LE connections according to the auto_
      connect option. This way, background scan is automatically triggered/
      untriggered when connection parameters are added/removed.
      
      For instance, when a new connection parameters with HCI_AUTO_CONN_ALWAYS
      option is added and we are not connected to the device, we add a pending
      LE connection for that device.
      
      Likewise, when the connection parameters are updated we add or delete
      a pending LE connection according to its new auto_connect option.
      
      Finally, when the connection parameter is deleted we also delete the
      pending LE connection (if any).
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      cef952ce
    • Andre Guedes's avatar
      Bluetooth: Introduce LE auto connect options · 9fcb18ef
      Andre Guedes authored
      This patch introduces the LE auto connection options: HCI_AUTO_CONN_
      ALWAYS and HCI_AUTO_CONN_LINK_LOSS. Their working mechanism are
      described as follows:
      
      The HCI_AUTO_CONN_ALWAYS option configures the kernel to always re-
      establish the connection, no matter the reason the connection was
      terminated. This feature is required by some LE profiles such as
      HID over GATT, Health Thermometer and Blood Pressure. These profiles
      require the host autonomously connect to the device as soon as it
      enters in connectable mode (start advertising) so the device is able
      to delivery notifications or indications.
      
      The BT_AUTO_CONN_LINK_LOSS option configures the kernel to re-
      establish the connection in case the connection was terminated due
      to a link loss. This feature is required by the majority of LE
      profiles such as Proximity, Find Me, Cycling Speed and Cadence and
      Time.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      9fcb18ef
    • Andre Guedes's avatar
      Bluetooth: Introduce LE auto connection infrastructure · a4790dbd
      Andre Guedes authored
      This patch introduces the LE auto connection infrastructure which
      will be used to implement the LE auto connection options.
      
      In summary, the auto connection mechanism works as follows: Once the
      first pending LE connection is created, the background scanning is
      started. When the target device is found in range, the kernel
      autonomously starts the connection attempt. If connection is
      established successfully, that pending LE connection is deleted and
      the background is stopped.
      
      To achieve that, this patch introduces the hci_update_background_scan()
      which controls the background scanning state. This function starts or
      stops the background scanning based on the hdev->pend_le_conns list. If
      there is no pending LE connection, the background scanning is stopped.
      Otherwise, we start the background scanning.
      
      Then, every time a pending LE connection is added we call hci_update_
      background_scan() so the background scanning is started (in case it is
      not already running). Likewise, every time a pending LE connection is
      deleted we call hci_update_background_scan() so the background scanning
      is stopped (in case this was the last pending LE connection) or it is
      started again (in case we have more pending LE connections). Finally,
      we also call hci_update_background_scan() in hci_le_conn_failed() so
      the background scan is restarted in case the connection establishment
      fails. This way the background scanning keeps running until all pending
      LE connection are established.
      
      At this point, resolvable addresses are not support by this
      infrastructure. The proper support is added in upcoming patches.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      a4790dbd
    • Andre Guedes's avatar
      Bluetooth: Introduce hdev->pend_le_conn list · 77a77a30
      Andre Guedes authored
      This patch introduces the hdev->pend_le_conn list which holds the
      device addresses the kernel should autonomously connect. It also
      introduces some helper functions to manipulate the list.
      
      The list and helper functions will be used by the next patch which
      implements the LE auto connection infrastructure.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      77a77a30
    • Andre Guedes's avatar
      Bluetooth: Move address type conversion to outside hci_connect_le · 6f77d8c7
      Andre Guedes authored
      This patch moves address type conversion (L2CAP address type to HCI
      address type) to outside hci_connect_le. This way, we avoid back and
      forth address type conversion in a comming patch.
      
      So hci_connect_le() now expects 'dst_type' parameter in HCI address
      type convention.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      6f77d8c7
    • Andre Guedes's avatar
      Bluetooth: Refactor HCI connection code · 04a6c589
      Andre Guedes authored
      hci_connect() is a very simple and useless wrapper of hci_connect_acl
      and hci_connect_le functions. Addtionally, all places where hci_connect
      is called the link type value is passed explicitly. This way, we can
      safely delete hci_connect, declare hci_connect_acl and hci_connect_le
      in hci_core.h and call them directly.
      
      No functionality is changed by this patch.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      04a6c589
    • Andre Guedes's avatar
      Bluetooth: Remove unused function · c99ed834
      Andre Guedes authored
      This patch removes hci_create_le_conn() since it is not used anymore.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      c99ed834
    • Andre Guedes's avatar
      Bluetooth: Stop scanning on LE connection · 2acf3d90
      Andre Guedes authored
      Some LE controllers don't support scanning and creating a connection
      at the same time. So we should always stop scanning in order to
      establish the connection.
      
      Since we may prematurely stop the discovery procedure in favor of
      the connection establishment, we should also cancel hdev->le_scan_
      disable delayed work and set the discovery state to DISCOVERY_STOPPED.
      
      This change does a small improvement since it is not mandatory the
      user stops scanning before connecting anymore. Moreover, this change
      is required by upcoming LE auto connection mechanism in order to work
      properly with controllers that don't support background scanning and
      connection establishment at the same time.
      
      In future, we might want to do a small optimization by checking if
      controller is able to scan and connect at the same time. For now,
      we want the simplest approach so we always stop scanning (even if
      the controller is able to carry out both operations).
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      2acf3d90
    • Andre Guedes's avatar
      Bluetooth: Declare le_conn_failed in hci_core.h · 06c053fb
      Andre Guedes authored
      This patch adds the "hci_" prefix to le_conn_failed() helper and
      declares it in hci_core.h so it can be reused in hci_event.c.
      Signed-off-by: default avatarAndre Guedes <andre.guedes@openbossa.org>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      06c053fb