summaryrefslogtreecommitdiff
path: root/include/net/bluetooth
AgeCommit message (Collapse)Author
2012-04-22Bluetooth: hci_core: fix NULL-pointer dereference at unregisterJohan Hovold
commit 94324962066231a938564bebad0f941cd2d06bb2 upstream. Make sure hci_dev_open returns immediately if hci_dev_unregister has been called. This fixes a race between hci_dev_open and hci_dev_unregister which can lead to a NULL-pointer dereference. Bug is 100% reproducible using hciattach and a disconnected serial port: 0. # hciattach -n /dev/ttyO1 any noflow 1. hci_dev_open called from hci_power_on grabs req lock 2. hci_init_req executes but device fails to initialise (times out eventually) 3. hci_dev_open is called from hci_sock_ioctl and sleeps on req lock 4. hci_uart_tty_close calls hci_dev_unregister and sleeps on req lock in hci_dev_do_close 5. hci_dev_open (1) releases req lock 6. hci_dev_do_close grabs req lock and returns as device is not up 7. hci_dev_unregister sleeps in destroy_workqueue 8. hci_dev_open (3) grabs req lock, calls hci_init_req and eventually sleeps 9. hci_dev_unregister finishes, while hci_dev_open is still running... [ 79.627136] INFO: trying to register non-static key. [ 79.632354] the code is fine but needs lockdep annotation. [ 79.638122] turning off the locking correctness validator. [ 79.643920] [<c00188bc>] (unwind_backtrace+0x0/0xf8) from [<c00729c4>] (__lock_acquire+0x1590/0x1ab0) [ 79.653594] [<c00729c4>] (__lock_acquire+0x1590/0x1ab0) from [<c00733f8>] (lock_acquire+0x9c/0x128) [ 79.663085] [<c00733f8>] (lock_acquire+0x9c/0x128) from [<c0040a88>] (run_timer_softirq+0x150/0x3ac) [ 79.672668] [<c0040a88>] (run_timer_softirq+0x150/0x3ac) from [<c003a3b8>] (__do_softirq+0xd4/0x22c) [ 79.682281] [<c003a3b8>] (__do_softirq+0xd4/0x22c) from [<c003a924>] (irq_exit+0x8c/0x94) [ 79.690856] [<c003a924>] (irq_exit+0x8c/0x94) from [<c0013a50>] (handle_IRQ+0x34/0x84) [ 79.699157] [<c0013a50>] (handle_IRQ+0x34/0x84) from [<c0008530>] (omap3_intc_handle_irq+0x48/0x4c) [ 79.708648] [<c0008530>] (omap3_intc_handle_irq+0x48/0x4c) from [<c037499c>] (__irq_usr+0x3c/0x60) [ 79.718048] Exception stack(0xcf281fb0 to 0xcf281ff8) [ 79.723358] 1fa0: 0001e6a0 be8dab00 0001e698 00036698 [ 79.731933] 1fc0: 0002df98 0002df38 0000001f 00000000 b6f234d0 00000000 00000004 00000000 [ 79.740509] 1fe0: 0001e6f8 be8d6aa0 be8dac50 0000aab8 80000010 ffffffff [ 79.747497] Unable to handle kernel NULL pointer dereference at virtual address 00000000 [ 79.756011] pgd = cf3b4000 [ 79.758850] [00000000] *pgd=8f0c7831, *pte=00000000, *ppte=00000000 [ 79.765502] Internal error: Oops: 80000007 [#1] [ 79.770294] Modules linked in: [ 79.773529] CPU: 0 Tainted: G W (3.3.0-rc6-00002-gb5d5c87 #421) [ 79.781066] PC is at 0x0 [ 79.783721] LR is at run_timer_softirq+0x16c/0x3ac [ 79.788787] pc : [<00000000>] lr : [<c0040aa4>] psr: 60000113 [ 79.788787] sp : cf281ee0 ip : 00000000 fp : cf280000 [ 79.800903] r10: 00000004 r9 : 00000100 r8 : b6f234d0 [ 79.806427] r7 : c0519c28 r6 : cf093488 r5 : c0561a00 r4 : 00000000 [ 79.813323] r3 : 00000000 r2 : c054eee0 r1 : 00000001 r0 : 00000000 [ 79.820190] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user [ 79.827728] Control: 10c5387d Table: 8f3b4019 DAC: 00000015 [ 79.833801] Process gpsd (pid: 1265, stack limit = 0xcf2802e8) [ 79.839965] Stack: (0xcf281ee0 to 0xcf282000) [ 79.844573] 1ee0: 00000002 00000000 c0040a24 00000000 00000002 cf281f08 00200200 00000000 [ 79.853210] 1f00: 00000000 cf281f18 cf281f08 00000000 00000000 00000000 cf281f18 cf281f18 [ 79.861816] 1f20: 00000000 00000001 c056184c 00000000 00000001 b6f234d0 c0561848 00000004 [ 79.870452] 1f40: cf280000 c003a3b8 c051e79c 00000001 00000000 00000100 3fa9e7b8 0000000a [ 79.879089] 1f60: 00000025 cf280000 00000025 00000000 00000000 b6f234d0 00000000 00000004 [ 79.887756] 1f80: 00000000 c003a924 c053ad38 c0013a50 fa200000 cf281fb0 ffffffff c0008530 [ 79.896362] 1fa0: 0001e6a0 0000aab8 80000010 c037499c 0001e6a0 be8dab00 0001e698 00036698 [ 79.904998] 1fc0: 0002df98 0002df38 0000001f 00000000 b6f234d0 00000000 00000004 00000000 [ 79.913665] 1fe0: 0001e6f8 be8d6aa0 be8dac50 0000aab8 80000010 ffffffff 00fbf700 04ffff00 [ 79.922302] [<c0040aa4>] (run_timer_softirq+0x16c/0x3ac) from [<c003a3b8>] (__do_softirq+0xd4/0x22c) [ 79.931945] [<c003a3b8>] (__do_softirq+0xd4/0x22c) from [<c003a924>] (irq_exit+0x8c/0x94) [ 79.940582] [<c003a924>] (irq_exit+0x8c/0x94) from [<c0013a50>] (handle_IRQ+0x34/0x84) [ 79.948913] [<c0013a50>] (handle_IRQ+0x34/0x84) from [<c0008530>] (omap3_intc_handle_irq+0x48/0x4c) [ 79.958404] [<c0008530>] (omap3_intc_handle_irq+0x48/0x4c) from [<c037499c>] (__irq_usr+0x3c/0x60) [ 79.967773] Exception stack(0xcf281fb0 to 0xcf281ff8) [ 79.973083] 1fa0: 0001e6a0 be8dab00 0001e698 00036698 [ 79.981658] 1fc0: 0002df98 0002df38 0000001f 00000000 b6f234d0 00000000 00000004 00000000 [ 79.990234] 1fe0: 0001e6f8 be8d6aa0 be8dac50 0000aab8 80000010 ffffffff [ 79.997161] Code: bad PC value [ 80.000396] ---[ end trace 6f6739840475f9ee ]--- [ 80.005279] Kernel panic - not syncing: Fatal exception in interrupt Signed-off-by: Johan Hovold <jhovold@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2011-05-16Merge branch 'master' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem Conflicts: drivers/net/wireless/iwlwifi/iwl-agn-tx.c net/mac80211/sta_info.h
2011-05-11Bluetooth: Double check sec req for pre 2.1 deviceWaldemar Rymarkiewicz
In case of pre v2.1 devices authentication request will return success immediately if the link key already exists without any authentication process. That means, it's not possible to re-authenticate the link if you already have combination key and for instance want to re-authenticate to get the high security (use 16 digit pin). Therefore, it's necessary to check security requirements on auth complete event to prevent not enough secure connection. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-05-05Merge branch 'master' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem Conflicts: drivers/net/wireless/libertas/if_cs.c drivers/net/wireless/rtlwifi/pci.c net/bluetooth/l2cap_sock.c
2011-05-05Bluetooth: Remove l2cap_sk_listGustavo F. Padovan
A new list was added to replace the socket based one. This new list doesn't depent on sock and then fits better inside l2cap_core.c code. It also rename l2cap_chan_alloc() to l2cap_chan_create() and l2cap_chan_free() to l2cap_chan_destroy) Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-05-05Bluetooth: Handle psm == 0 case inside l2cap_add_psm()Gustavo F. Padovan
When the user doesn't specify a psm we have the choose one for the channel. Now we do this inside l2cap_add_psm(). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-05-05Bluetooth: Add l2cap_add_psm() and l2cap_add_scid()Gustavo F. Padovan
The intention is to get rid of the l2cap_sk_list usage inside l2cap_core.c. l2cap_sk_list will soon be replaced by a list that does not depend on socket usage. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Add store_hint parameter to mgmt_new_keyJohan Hedberg
Even for keys that shouldn't be stored some use cases require the knowledge of a new key having been created so that the conclusion of a successful pairing can be made. Therefore, always send the mgmt_new_key event but add a store_hint parameter to it to indicate to user space whether the key should be stored or not. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Remove old_key_type from mgmt_ev_new_keyJohan Hedberg
User space shouldn't have any need for the old key type so remove it from the corresponding Management interface event. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Fix link key persistent storage criteriaJohan Hedberg
Link keys should only be stored if very specific criteria of the authentication process are fulfilled. This patch essentially copies the criteria that user space has so far been using to the kernel side so that the management interface works properly. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Add confirm_hint parameter to user confirmation requestsJohan Hedberg
When accepting a pairing request which fulfills the SSP auto-accept criteria we need to push the request all the way to the user for confirmation. This patch adds a new hint to the user_confirm_request management event so user space can know when to show a numeric comparison dialog and when to show a simple yes/no confirmation dialog. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Add variable SSP auto-accept delay supportJohan Hedberg
Some test systems require an arbitrary delay to the auto-accept test cases for Secure Simple Pairing in order for the tests to pass. Previously when this was handled in user space it was worked around by code modifications and recompilation, but now that it's on the kernel side it's more convenient if there's a debugfs interface for it. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Add secure flag for mgmt_pin_code_reqWaldemar Rymarkiewicz
Extend the mgmt_pin_code_request interface to require secure pin code (16 digit) for authentication. This is a kernel part of the secure pin code requirement notification to user space agent. Code styling fix by Johan Hedberg. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Map sec_level to link key requirementsWaldemar Rymarkiewicz
Keep the link key type together with connection and use it to map security level to link key requirements. Authenticate and/or encrypt connection if the link is insufficiently secure. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Add definitions for link key typesWaldemar Rymarkiewicz
Introduce the link key types defs and use them instead of magic numbers. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Add discovering event to the Management interfaceJohan Hedberg
This patch adds a new event to the Management interface to track when local adapters are discovering remote devices. For now this only tracks BR/EDR discovery procedures. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Add basic discovery commands to the management interfaceJohan Hedberg
This patch adds start_discovery and stop_discovery commands to the management interface. Right now their implementation is fairly simplistic and the parameters are fixed to what user space has defaulted to so far. This is the very initial phase for discovery implementation into the kernel. Next steps include name resolution, LE scanning and bdaddr type handling. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Don't export l2cap_sock_opsGustavo F. Padovan
l2cap_sk_ops can be static, it's not used outside l2cap_sock.c Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Fix memory leak with L2CAP channelsGustavo F. Padovan
A new l2cap_chan_free() is added to free the channels. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Move conn to struct l2cap_chanGustavo F. Padovan
There is no need to the socket deal directly with the channel, most of the time it cares about the channel only. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Move more vars to struct l2cap_chanGustavo F. Padovan
In this commit, psm, scid and dcid. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-28Bluetooth: Move more channel info to struct l2cap_chanGustavo F. Padovan
In this commit, omtu, imtu, flush_to, mode and sport. It also remove the pi var from l2cap_sock_sendmsg(). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-27Bluetooth: Move more vars to struct l2cap_chanGustavo F. Padovan
In this commit all ERTM and Streaming Mode specific vars. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-27Bluetooth: Move some more elements to struct l2cap_chanGustavo F. Padovan
In this commit sec_level, force_reliable, role_switch and flushable. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-27Bluetooth: Rename l2cap_do_connect() to l2cap_chan_connect()Gustavo F. Padovan
l2cap_chan_connect() is a much better name and reflects what this functions is doing (or will do once socket dependence is removed from the core). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-27Bluetooth: Move conf_state to struct l2cap_chanGustavo F. Padovan
First move of elements depending on user data. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-27Bluetooth: Refactor L2CAP channel allocationGustavo F. Padovan
If the allocation happens at l2cap_sock_create() will be able to use the struct l2cap_chan to store channel info that comes from the user via setsockopt. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-25Merge branch 'for-davem' of ↵David S. Miller
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6
2011-04-24net: Remove __KERNEL__ cpp checks from include/netDavid S. Miller
These header files are never installed to user consumption, so any __KERNEL__ cpp checks are superfluous. Projects should also not copy these files into their userland utility sources and try to use them there. If they insist on doing so, the onus is on them to sanitize the headers as needed. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-04-13Bluetooth: Move tx queue to struct l2cap_chanGustavo F. Padovan
tx_q is the queue used by ERTM mode. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-13Bluetooth: Move SREJ list to struct l2cap_chanGustavo F. Padovan
As part of moving all the Channel related operation to struct l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move busy workqueue to struct l2cap_chanGustavo F. Padovan
As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move srej and busy queues to struct l2cap_chanGustavo F. Padovan
As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move ERTM timers to struct l2cap_chanGustavo F. Padovan
This also triggered a change in l2cap_send_disconn_req() parameters. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move remote info to struct l2cap_chanGustavo F. Padovan
As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move SDU related vars to struct l2cap_chanGustavo F. Padovan
As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move more ERTM stuff to struct l2cap_chanGustavo F. Padovan
As part of the moving channel stuff to l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move of ERTM *_seq vars to struct l2cap_chanGustavo F. Padovan
As part of the moving channel to stuff to struct l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move conn_state to struct l2cap_chanGustavo F. Padovan
This is part of "moving things to l2cap_chan". As one the first move it triggered a big number of changes in the funcions parameters, basically changing the struct sock param to struct l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: clean up l2cap_sock_recvmsg()Gustavo F. Padovan
Move some channel specific stuff to l2cap_core.c, this will make things more clear. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move conf_{req,rsp} stuff to struct l2cap_chanGustavo F. Padovan
They are also l2cap_chan specific. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Move ident to struct l2cap_chanGustavo F. Padovan
ident is chan property, no need to reside on socket. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Remove struct del_listGustavo F. Padovan
As we use struct list_head to keep L2CAP channels list the workaround with del_list is not needed anymore. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Use struct list_head for L2CAP channels listGustavo F. Padovan
Use a well known Kernel API is always a good idea than implement your own list. In the future we might use RCU on this list. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-07Bluetooth: Create struct l2cap_chanGustavo F. Padovan
struct l2cap_chan cames to create a clear separation between what properties and data belongs to the L2CAP channel and what belongs to the socket. By now we just fold the struct sock * in struct l2cap_chan as all the channel info is struct l2cap_pinfo today. In the next commits we will see a move of channel stuff to struct l2cap_chan. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-04Bluetooth: Add mgmt_remote_name eventJohan Hedberg
This patch adds a new remote_name event to the Management interface which is sent every time the name of a remote device is resolved (over BR/EDR). Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-04-04Bluetooth: Add mgmt_device_found eventJohan Hedberg
This patch adds a device_found event to the Management interface. For now the event only maps to BR/EDR inquiry result HCI events, but in the future the plan is to also use it for the LE device discovery process. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-03-31Merge branch 'master' of ↵Gustavo F. Padovan
git://git.kernel.org/pub/scm/linux/kernel/git/padovan/bluetooth-2.6
2011-03-31Bluetooth: Fix HCI_RESET command synchronizationGustavo F. Padovan
We can't send new commands before a cmd_complete for the HCI_RESET command shows up. Reported-by: Mikko Vinni <mmvinni@yahoo.com> Reported-by: Justin P. Mattock <justinmattock@gmail.com> Reported-by: Ed Tomlinson <edt@aei.ca> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi> Tested-by: Justin P. Mattock <justinmattock@gmail.com> Tested-by: Mikko Vinni <mmvinni@yahoo.com> Tested-by: Ed Tomlinson <edt@aei.ca>
2011-03-31Bluetooth: Add local Extended Inquiry Response (EIR) supportJohan Hedberg
This patch adds automated creation of the local EIR data based on what 16-bit UUIDs are registered and what the device name is. This should cover the majority use cases, however things like 32/128-bit UUIDs, TX power and Device ID will need to be added later to be on par with what bluetoothd is capable of doing (without the Management interface). Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>