Eric Lee / smarc-ti-linux-kernel

Download as
Browse Code »

Commit ea8ae2516ac43028a01c40b58ffa80d3b0afb802

Authored by Marcel Holtmann
Committed by Johan Hedberg
1 parent 65891feac2
Exists in ti-lsk-linux-4.1.y and in 10 other branches dlt-processor-sdk-linux-03.00.00.04, processor-sdk-linux-02.00.01, smarc-ti-lsk-linux-4.1.y, smarct3x-processor-sdk-04.01.00.06, smarct3x-processor-sdk-linux-02.00.01, smarct3x-processor-sdk-linux-03.00.00.04, smarct4x-800-processor-sdk-linux-02.00.01, smarct4x-processor-sdk-04.01.00.06, smarct4x-processor-sdk-linux-02.00.01, smarct4x-processor-sdk-linux-03.00.00.04

Bluetooth: Fix bug with filter in service discovery optimization 

The optimization for filtering out extended inquiry results, advertising
reports or scan response data based on provided UUID list has a logic
bug. In case no match is found in the advertising data, the scan
response is ignored and not checked against the filter. This will lead
to events being filtered wrongly.

Change the code to actually only drop the events when the scan response
data is not present. If it is present, it needs to be checked against
the provided filter.

The patch is a bit more complex than it needs to be. That is because
it also fixes this compiler warning that some gcc versions produce.

  CC      net/bluetooth/mgmt.o
net/bluetooth/mgmt.c: In function ‘mgmt_device_found’:
net/bluetooth/mgmt.c:7028:7: warning: ‘match’ may be used uninitialized in this function [-Wmaybe-uninitialized]
  bool match;
       ^

It seems that gcc can not clearly figure out the context of the match
variable. So just change the branches for the extended inquiry response
and advertising data around so that it is clear.

Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

Showing 1 changed file with 9 additions and 5 deletions Side-by-side Diff

net/bluetooth/mgmt.c
Diff comments   View file @ ea8ae25
... ... @@ -7081,14 +7081,16 @@
7081 7081 * kept and checking possible scan response data
7082 7082 * will be skipped.
7083 7083 */
7084   - if (hdev->discovery.uuid_count > 0) {
  7084 + if (hdev->discovery.uuid_count > 0)
7085 7085 match = eir_has_uuids(eir, eir_len,
7086 7086 hdev->discovery.uuid_count,
7087 7087 hdev->discovery.uuids);
7088   - if (!match)
7089   - return;
7090   - }
  7088 + else
  7089 + match = true;
7091 7090  
  7091 + if (!match && !scan_rsp_len)
  7092 + return;
  7093 +
7092 7094 /* Copy EIR or advertising data into event */
7093 7095 memcpy(ev->eir, eir, eir_len);
7094 7096 } else {
7095 7097  
... ... @@ -7096,8 +7098,10 @@
7096 7098 * provided, results with empty EIR or advertising data
7097 7099 * should be dropped since they do not match any UUID.
7098 7100 */
7099   - if (hdev->discovery.uuid_count > 0)
  7101 + if (hdev->discovery.uuid_count > 0 && !scan_rsp_len)
7100 7102 return;
  7103 +
  7104 + match = false;
7101 7105 }
7102 7106  
7103 7107 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))