Bluetooth: Fix controller configuration with HCI_QUIRK_INVALID_BDADDR

commit 8bfe8442ff20fdc2d965c197103d935a99bd3296 upstream. When controllers set the HCI_QUIRK_INVALID_BDADDR flag, it is required by userspace to program a valid public Bluetooth device address into the controller before it can be used. After successful address configuration, the internal state changes and the controller runs the complete initialization procedure. However one small difference is that this is no longer the HCI_SETUP stage. The HCI_SETUP stage is only valid during initial controller setup. In this case the stack runs the initialization as part of the HCI_CONFIG stage. The controller version information, default name and supported commands are only stored during HCI_SETUP. While these information are static, they are not read initially when HCI_QUIRK_INVALID_BDADDR is set. So when running in HCI_CONFIG state, these information need to be updated as well. This especially impacts Bluetooth 4.1 and later controllers using extended feature pages and second event mask page. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Bluetooth: Fix controller configuration with HCI_QUIRK_INVALID_BDADDR
commit 8bfe8442ff20fdc2d965c197103d935a99bd3296 upstream. When controllers set the HCI_QUIRK_INVALID_BDADDR flag, it is required by userspace to program a valid public Bluetooth device address into the controller before it can be used. After successful address configuration, the internal state changes and the controller runs the complete initialization procedure. However one small difference is that this is no longer the HCI_SETUP stage. The HCI_SETUP stage is only valid during initial controller setup. In this case the stack runs the initialization as part of the HCI_CONFIG stage. The controller version information, default name and supported commands are only stored during HCI_SETUP. While these information are static, they are not read initially when HCI_QUIRK_INVALID_BDADDR is set. So when running in HCI_CONFIG state, these information need to be updated as well. This especially impacts Bluetooth 4.1 and later controllers using extended feature pages and second event mask page. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Marcel Holtmann · Greg Kroah-Hartman
1 parent 0de8cd646b
Showing 1 changed file with 6 additions and 3 deletions Side-by-side Diff
net/bluetooth/hci_event.c
@@ -239,7 +239,8 @@
 	if (rp->status)
 		return;
  
-	if (test_bit(HCI_SETUP, &hdev->dev_flags))
+	if (test_bit(HCI_SETUP, &hdev->dev_flags) ||
+	    test_bit(HCI_CONFIG, &hdev->dev_flags))
 		memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
 }
  
@@ -494,7 +495,8 @@
 	if (rp->status)
 		return;
  
-	if (test_bit(HCI_SETUP, &hdev->dev_flags)) {
+	if (test_bit(HCI_SETUP, &hdev->dev_flags) ||
+	    test_bit(HCI_CONFIG, &hdev->dev_flags)) {
 		hdev->hci_ver = rp->hci_ver;
 		hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
 		hdev->lmp_ver = rp->lmp_ver;
@@ -513,7 +515,8 @@
 	if (rp->status)
 		return;
  
-	if (test_bit(HCI_SETUP, &hdev->dev_flags))
+	if (test_bit(HCI_SETUP, &hdev->dev_flags) ||
+	    test_bit(HCI_CONFIG, &hdev->dev_flags))
 		memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
 }
...	...	@@ -239,7 +239,8 @@
239	239	if (rp->status)
240	240	return;
241	241
242		- if (test_bit(HCI_SETUP, &hdev->dev_flags))
	242	+ if (test_bit(HCI_SETUP, &hdev->dev_flags) \|\|
	243	+ test_bit(HCI_CONFIG, &hdev->dev_flags))
243	244	memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
244	245	}
245	246
...	...	@@ -494,7 +495,8 @@
494	495	if (rp->status)
495	496	return;
496	497
497		- if (test_bit(HCI_SETUP, &hdev->dev_flags)) {
	498	+ if (test_bit(HCI_SETUP, &hdev->dev_flags) \|\|
	499	+ test_bit(HCI_CONFIG, &hdev->dev_flags)) {
498	500	hdev->hci_ver = rp->hci_ver;
499	501	hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
500	502	hdev->lmp_ver = rp->lmp_ver;
...	...	@@ -513,7 +515,8 @@
513	515	if (rp->status)
514	516	return;
515	517
516		- if (test_bit(HCI_SETUP, &hdev->dev_flags))
	518	+ if (test_bit(HCI_SETUP, &hdev->dev_flags) \|\|
	519	+ test_bit(HCI_CONFIG, &hdev->dev_flags))
517	520	memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
518	521	}
519	522