Merge tag 'for-net-next-2021-06-28' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next

-69

Documentation/devicetree/bindings/net/qualcomm-bluetooth.txt

··· 1 - Qualcomm Bluetooth Chips 2 - --------------------- 3 - 4 - This documents the binding structure and common properties for serial 5 - attached Qualcomm devices. 6 - 7 - Serial attached Qualcomm devices shall be a child node of the host UART 8 - device the slave device is attached to. 9 - 10 - Required properties: 11 - - compatible: should contain one of the following: 12 - * "qcom,qca6174-bt" 13 - * "qcom,qca9377-bt" 14 - * "qcom,wcn3990-bt" 15 - * "qcom,wcn3991-bt" 16 - * "qcom,wcn3998-bt" 17 - * "qcom,qca6390-bt" 18 - 19 - Optional properties for compatible string qcom,qca6174-bt: 20 - 21 - - enable-gpios: gpio specifier used to enable chip 22 - - clocks: clock provided to the controller (SUSCLK_32KHZ) 23 - - firmware-name: specify the name of nvm firmware to load 24 - 25 - Optional properties for compatible string qcom,qca9377-bt: 26 - 27 - - max-speed: see Documentation/devicetree/bindings/serial/serial.yaml 28 - 29 - Required properties for compatible string qcom,wcn399x-bt: 30 - 31 - - vddio-supply: VDD_IO supply regulator handle. 32 - - vddxo-supply: VDD_XO supply regulator handle. 33 - - vddrf-supply: VDD_RF supply regulator handle. 34 - - vddch0-supply: VDD_CH0 supply regulator handle. 35 - 36 - Optional properties for compatible string qcom,wcn399x-bt: 37 - 38 - - max-speed: see Documentation/devicetree/bindings/serial/serial.yaml 39 - - firmware-name: specify the name of nvm firmware to load 40 - - clocks: clock provided to the controller 41 - 42 - Examples: 43 - 44 - serial@7570000 { 45 - label = "BT-UART"; 46 - status = "okay"; 47 - 48 - bluetooth { 49 - compatible = "qcom,qca6174-bt"; 50 - 51 - enable-gpios = <&pm8994_gpios 19 GPIO_ACTIVE_HIGH>; 52 - clocks = <&divclk4>; 53 - firmware-name = "nvm_00440302.bin"; 54 - }; 55 - }; 56 - 57 - serial@898000 { 58 - bluetooth { 59 - compatible = "qcom,wcn3990-bt"; 60 - 61 - vddio-supply = <&vreg_s4a_1p8>; 62 - vddxo-supply = <&vreg_l7a_1p8>; 63 - vddrf-supply = <&vreg_l17a_1p3>; 64 - vddch0-supply = <&vreg_l25a_3p3>; 65 - max-speed = <3200000>; 66 - firmware-name = "crnv21.bin"; 67 - clocks = <&rpmhcc RPMH_RF_CLK2>; 68 - }; 69 - };

+183

Documentation/devicetree/bindings/net/qualcomm-bluetooth.yaml

··· 1 + # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) 2 + %YAML 1.2 3 + --- 4 + $id: http://devicetree.org/schemas/net/qualcomm-bluetooth.yaml# 5 + $schema: http://devicetree.org/meta-schemas/core.yaml# 6 + 7 + title: Qualcomm Bluetooth Chips 8 + 9 + maintainers: 10 + - Balakrishna Godavarthi <bgodavar@codeaurora.org> 11 + - Rocky Liao <rjliao@codeaurora.org> 12 + 13 + description: 14 + This binding describes Qualcomm UART-attached bluetooth chips. 15 + 16 + properties: 17 + compatible: 18 + enum: 19 + - qcom,qca6174-bt 20 + - qcom,qca9377-bt 21 + - qcom,wcn3990-bt 22 + - qcom,wcn3991-bt 23 + - qcom,wcn3998-bt 24 + - qcom,qca6390-bt 25 + - qcom,wcn6750-bt 26 + 27 + enable-gpios: 28 + maxItems: 1 29 + description: gpio specifier used to enable chip 30 + 31 + swctrl-gpios: 32 + maxItems: 1 33 + description: gpio specifier is used to find status 34 + of clock supply to SoC 35 + 36 + clocks: 37 + maxItems: 1 38 + description: clock provided to the controller (SUSCLK_32KHZ) 39 + 40 + vddio-supply: 41 + description: VDD_IO supply regulator handle 42 + 43 + vddxo-supply: 44 + description: VDD_XO supply regulator handle 45 + 46 + vddrf-supply: 47 + description: VDD_RF supply regulator handle 48 + 49 + vddch0-supply: 50 + description: VDD_CH0 supply regulator handle 51 + 52 + vddaon-supply: 53 + description: VDD_AON supply regulator handle 54 + 55 + vddbtcxmx-supply: 56 + description: VDD_BT_CXMX supply regulator handle 57 + 58 + vddrfacmn-supply: 59 + description: VDD_RFA_CMN supply regulator handle 60 + 61 + vddrfa0p8-supply: 62 + description: VDD_RFA_0P8 suppply regulator handle 63 + 64 + vddrfa1p7-supply: 65 + description: VDD_RFA_1P7 supply regulator handle 66 + 67 + vddrfa1p2-supply: 68 + description: VDD_RFA_1P2 supply regulator handle 69 + 70 + vddrfa2p2-supply: 71 + description: VDD_RFA_2P2 supply regulator handle 72 + 73 + vddasd-supply: 74 + description: VDD_ASD supply regulator handle 75 + 76 + max-speed: 77 + description: see Documentation/devicetree/bindings/serial/serial.yaml 78 + 79 + firmware-name: 80 + description: specify the name of nvm firmware to load 81 + 82 + local-bd-address: 83 + description: see Documentation/devicetree/bindings/net/bluetooth.txt 84 + 85 + 86 + required: 87 + - compatible 88 + 89 + additionalProperties: false 90 + 91 + allOf: 92 + - if: 93 + properties: 94 + compatible: 95 + contains: 96 + enum: 97 + - qcom,qca6174-bt 98 + then: 99 + required: 100 + - enable-gpios 101 + - clocks 102 + 103 + - if: 104 + properties: 105 + compatible: 106 + contains: 107 + enum: 108 + - qcom,wcn3990-bt 109 + - qcom,wcn3991-bt 110 + - qcom,wcn3998-bt 111 + then: 112 + required: 113 + - vddio-supply 114 + - vddxo-supply 115 + - vddrf-supply 116 + - vddch0-supply 117 + 118 + - if: 119 + properties: 120 + compatible: 121 + contains: 122 + enum: 123 + - qcom,wcn6750-bt 124 + then: 125 + required: 126 + - enable-gpios 127 + - swctrl-gpios 128 + - vddio-supply 129 + - vddaon-supply 130 + - vddbtcxmx-supply 131 + - vddrfacmn-supply 132 + - vddrfa0p8-supply 133 + - vddrfa1p7-supply 134 + - vddrfa1p2-supply 135 + - vddasd-supply 136 + 137 + examples: 138 + - | 139 + #include <dt-bindings/gpio/gpio.h> 140 + serial { 141 + 142 + bluetooth { 143 + compatible = "qcom,qca6174-bt"; 144 + enable-gpios = <&pm8994_gpios 19 GPIO_ACTIVE_HIGH>; 145 + clocks = <&divclk4>; 146 + firmware-name = "nvm_00440302.bin"; 147 + }; 148 + }; 149 + - | 150 + serial { 151 + 152 + bluetooth { 153 + compatible = "qcom,wcn3990-bt"; 154 + vddio-supply = <&vreg_s4a_1p8>; 155 + vddxo-supply = <&vreg_l7a_1p8>; 156 + vddrf-supply = <&vreg_l17a_1p3>; 157 + vddch0-supply = <&vreg_l25a_3p3>; 158 + max-speed = <3200000>; 159 + firmware-name = "crnv21.bin"; 160 + }; 161 + }; 162 + - | 163 + serial { 164 + 165 + bluetooth { 166 + compatible = "qcom,wcn6750-bt"; 167 + pinctrl-names = "default"; 168 + pinctrl-0 = <&bt_en_default>; 169 + enable-gpios = <&tlmm 85 GPIO_ACTIVE_HIGH>; 170 + swctrl-gpios = <&tlmm 86 GPIO_ACTIVE_HIGH>; 171 + vddio-supply = <&vreg_l19b_1p8>; 172 + vddaon-supply = <&vreg_s7b_0p9>; 173 + vddbtcxmx-supply = <&vreg_s7b_0p9>; 174 + vddrfacmn-supply = <&vreg_s7b_0p9>; 175 + vddrfa0p8-supply = <&vreg_s7b_0p9>; 176 + vddrfa1p7-supply = <&vreg_s1b_1p8>; 177 + vddrfa1p2-supply = <&vreg_s8b_1p2>; 178 + vddrfa2p2-supply = <&vreg_s1c_2p2>; 179 + vddasd-supply = <&vreg_l11c_2p8>; 180 + max-speed = <3200000>; 181 + firmware-name = "msnv11.bin"; 182 + }; 183 + };

+1

drivers/bluetooth/btbcm.c

··· 404 404 { 0x4217, "BCM4329B1" }, /* 002.002.023 */ 405 405 { 0x6106, "BCM4359C0" }, /* 003.001.006 */ 406 406 { 0x4106, "BCM4335A0" }, /* 002.001.006 */ 407 + { 0x410c, "BCM43430B0" }, /* 002.001.012 */ 407 408 { } 408 409 }; 409 410

+1 -3

drivers/bluetooth/btmrvl_sdio.c

··· 1461 1461 BT_ERR("Allocated buffer not enough"); 1462 1462 } 1463 1463 1464 - if (stat != RDWR_STATUS_DONE) { 1465 - continue; 1466 - } else { 1464 + if (stat == RDWR_STATUS_DONE) { 1467 1465 BT_INFO("%s done: size=0x%tx", 1468 1466 entry->mem_name, 1469 1467 dbg_ptr - entry->mem_ptr);

+2 -4

drivers/bluetooth/btmtkuart.c

··· 581 581 582 582 /* Enable the power domain and clock the device requires */ 583 583 pm_runtime_enable(dev); 584 - err = pm_runtime_get_sync(dev); 585 - if (err < 0) { 586 - pm_runtime_put_noidle(dev); 584 + err = pm_runtime_resume_and_get(dev); 585 + if (err < 0) 587 586 goto err_disable_rpm; 588 - } 589 587 590 588 err = clk_prepare_enable(bdev->clk); 591 589 if (err < 0)

+83 -30

drivers/bluetooth/btqca.c

··· 182 182 } 183 183 EXPORT_SYMBOL_GPL(qca_send_pre_shutdown_cmd); 184 184 185 - static void qca_tlv_check_data(struct qca_fw_config *config, 186 - const struct firmware *fw, enum qca_btsoc_type soc_type) 185 + static void qca_tlv_check_data(struct hci_dev *hdev, 186 + struct qca_fw_config *config, 187 + u8 *fw_data, enum qca_btsoc_type soc_type) 187 188 { 188 189 const u8 *data; 189 190 u32 type_len; ··· 195 194 struct tlv_type_nvm *tlv_nvm; 196 195 uint8_t nvm_baud_rate = config->user_baud_rate; 197 196 198 - tlv = (struct tlv_type_hdr *)fw->data; 199 - 200 - type_len = le32_to_cpu(tlv->type_len); 201 - length = (type_len >> 8) & 0x00ffffff; 202 - 203 - BT_DBG("TLV Type\t\t : 0x%x", type_len & 0x000000ff); 204 - BT_DBG("Length\t\t : %d bytes", length); 205 - 206 197 config->dnld_mode = QCA_SKIP_EVT_NONE; 207 198 config->dnld_type = QCA_SKIP_EVT_NONE; 208 199 209 200 switch (config->type) { 201 + case ELF_TYPE_PATCH: 202 + config->dnld_mode = QCA_SKIP_EVT_VSE_CC; 203 + config->dnld_type = QCA_SKIP_EVT_VSE_CC; 204 + 205 + bt_dev_dbg(hdev, "File Class : 0x%x", fw_data[4]); 206 + bt_dev_dbg(hdev, "Data Encoding : 0x%x", fw_data[5]); 207 + bt_dev_dbg(hdev, "File version : 0x%x", fw_data[6]); 208 + break; 210 209 case TLV_TYPE_PATCH: 210 + tlv = (struct tlv_type_hdr *)fw_data; 211 + type_len = le32_to_cpu(tlv->type_len); 211 212 tlv_patch = (struct tlv_type_patch *)tlv->data; 212 213 213 214 /* For Rome version 1.1 to 3.1, all segment commands ··· 221 218 config->dnld_mode = tlv_patch->download_mode; 222 219 config->dnld_type = config->dnld_mode; 223 220 221 + BT_DBG("TLV Type\t\t : 0x%x", type_len & 0x000000ff); 224 222 BT_DBG("Total Length : %d bytes", 225 223 le32_to_cpu(tlv_patch->total_size)); 226 224 BT_DBG("Patch Data Length : %d bytes", ··· 247 243 break; 248 244 249 245 case TLV_TYPE_NVM: 246 + tlv = (struct tlv_type_hdr *)fw_data; 247 + 248 + type_len = le32_to_cpu(tlv->type_len); 249 + length = (type_len >> 8) & 0x00ffffff; 250 + 251 + BT_DBG("TLV Type\t\t : 0x%x", type_len & 0x000000ff); 252 + BT_DBG("Length\t\t : %d bytes", length); 253 + 250 254 idx = 0; 251 255 data = tlv->data; 252 256 while (idx < length) { ··· 399 387 400 388 static int qca_download_firmware(struct hci_dev *hdev, 401 389 struct qca_fw_config *config, 402 - enum qca_btsoc_type soc_type) 390 + enum qca_btsoc_type soc_type, 391 + u8 rom_ver) 403 392 { 404 393 const struct firmware *fw; 394 + u8 *data; 405 395 const u8 *segment; 406 - int ret, remain, i = 0; 396 + int ret, size, remain, i = 0; 407 397 408 398 bt_dev_info(hdev, "QCA Downloading %s", config->fwname); 409 399 410 400 ret = request_firmware(&fw, config->fwname, &hdev->dev); 411 401 if (ret) { 412 - bt_dev_err(hdev, "QCA Failed to request file: %s (%d)", 413 - config->fwname, ret); 414 - return ret; 402 + /* For WCN6750, if mbn file is not present then check for 403 + * tlv file. 404 + */ 405 + if (soc_type == QCA_WCN6750 && config->type == ELF_TYPE_PATCH) { 406 + bt_dev_dbg(hdev, "QCA Failed to request file: %s (%d)", 407 + config->fwname, ret); 408 + config->type = TLV_TYPE_PATCH; 409 + snprintf(config->fwname, sizeof(config->fwname), 410 + "qca/msbtfw%02x.tlv", rom_ver); 411 + bt_dev_info(hdev, "QCA Downloading %s", config->fwname); 412 + ret = request_firmware(&fw, config->fwname, &hdev->dev); 413 + if (ret) { 414 + bt_dev_err(hdev, "QCA Failed to request file: %s (%d)", 415 + config->fwname, ret); 416 + return ret; 417 + } 418 + } else { 419 + bt_dev_err(hdev, "QCA Failed to request file: %s (%d)", 420 + config->fwname, ret); 421 + return ret; 422 + } 415 423 } 416 424 417 - qca_tlv_check_data(config, fw, soc_type); 425 + size = fw->size; 426 + data = vmalloc(fw->size); 427 + if (!data) { 428 + bt_dev_err(hdev, "QCA Failed to allocate memory for file: %s", 429 + config->fwname); 430 + release_firmware(fw); 431 + return -ENOMEM; 432 + } 418 433 419 - segment = fw->data; 420 - remain = fw->size; 434 + memcpy(data, fw->data, size); 435 + release_firmware(fw); 436 + 437 + qca_tlv_check_data(hdev, config, data, soc_type); 438 + 439 + segment = data; 440 + remain = size; 421 441 while (remain > 0) { 422 442 int segsize = min(MAX_SIZE_PER_TLV_SEGMENT, remain); 423 443 ··· 479 435 ret = qca_inject_cmd_complete_event(hdev); 480 436 481 437 out: 482 - release_firmware(fw); 438 + vfree(data); 483 439 484 440 return ret; 485 441 } ··· 546 502 547 503 config.user_baud_rate = baudrate; 548 504 505 + /* Firmware files to download are based on ROM version. 506 + * ROM version is derived from last two bytes of soc_ver. 507 + */ 508 + rom_ver = ((soc_ver & 0x00000f00) >> 0x04) | (soc_ver & 0x0000000f); 509 + 549 510 /* Download rampatch file */ 550 511 config.type = TLV_TYPE_PATCH; 551 512 if (qca_is_wcn399x(soc_type)) { 552 - /* Firmware files to download are based on ROM version. 553 - * ROM version is derived from last two bytes of soc_ver. 554 - */ 555 - rom_ver = ((soc_ver & 0x00000f00) >> 0x04) | 556 - (soc_ver & 0x0000000f); 557 513 snprintf(config.fwname, sizeof(config.fwname), 558 514 "qca/crbtfw%02x.tlv", rom_ver); 559 515 } else if (soc_type == QCA_QCA6390) { 560 - rom_ver = ((soc_ver & 0x00000f00) >> 0x04) | 561 - (soc_ver & 0x0000000f); 562 516 snprintf(config.fwname, sizeof(config.fwname), 563 517 "qca/htbtfw%02x.tlv", rom_ver); 518 + } else if (soc_type == QCA_WCN6750) { 519 + /* Choose mbn file by default.If mbn file is not found 520 + * then choose tlv file 521 + */ 522 + config.type = ELF_TYPE_PATCH; 523 + snprintf(config.fwname, sizeof(config.fwname), 524 + "qca/msbtfw%02x.mbn", rom_ver); 564 525 } else { 565 526 snprintf(config.fwname, sizeof(config.fwname), 566 527 "qca/rampatch_%08x.bin", soc_ver); 567 528 } 568 529 569 - err = qca_download_firmware(hdev, &config, soc_type); 530 + err = qca_download_firmware(hdev, &config, soc_type, rom_ver); 570 531 if (err < 0) { 571 532 bt_dev_err(hdev, "QCA Failed to download patch (%d)", err); 572 533 return err; ··· 597 548 else if (soc_type == QCA_QCA6390) 598 549 snprintf(config.fwname, sizeof(config.fwname), 599 550 "qca/htnv%02x.bin", rom_ver); 551 + else if (soc_type == QCA_WCN6750) 552 + snprintf(config.fwname, sizeof(config.fwname), 553 + "qca/msnv%02x.bin", rom_ver); 600 554 else 601 555 snprintf(config.fwname, sizeof(config.fwname), 602 556 "qca/nvm_%08x.bin", soc_ver); 603 557 604 - err = qca_download_firmware(hdev, &config, soc_type); 558 + err = qca_download_firmware(hdev, &config, soc_type, rom_ver); 605 559 if (err < 0) { 606 560 bt_dev_err(hdev, "QCA Failed to download NVM (%d)", err); 607 561 return err; ··· 616 564 return err; 617 565 } 618 566 619 - /* WCN399x supports the Microsoft vendor extension with 0xFD70 as the 567 + /* WCN399x and WCN6750 supports the Microsoft vendor extension with 0xFD70 as the 620 568 * VsMsftOpCode. 621 569 */ 622 570 switch (soc_type) { 623 571 case QCA_WCN3990: 624 572 case QCA_WCN3991: 625 573 case QCA_WCN3998: 574 + case QCA_WCN6750: 626 575 hci_set_msft_opcode(hdev, 0xFD70); 627 576 break; 628 577 default: ··· 637 584 return err; 638 585 } 639 586 640 - if (soc_type == QCA_WCN3991) { 587 + if (soc_type == QCA_WCN3991 || soc_type == QCA_WCN6750) { 641 588 /* get fw build info */ 642 589 err = qca_read_fw_build_info(hdev); 643 590 if (err < 0)

+13 -1

drivers/bluetooth/btqca.h

··· 80 80 81 81 enum qca_tlv_type { 82 82 TLV_TYPE_PATCH = 1, 83 - TLV_TYPE_NVM 83 + TLV_TYPE_NVM, 84 + ELF_TYPE_PATCH, 84 85 }; 85 86 86 87 struct qca_fw_config { ··· 144 143 QCA_WCN3998, 145 144 QCA_WCN3991, 146 145 QCA_QCA6390, 146 + QCA_WCN6750, 147 147 }; 148 148 149 149 #if IS_ENABLED(CONFIG_BT_QCA) ··· 162 160 return soc_type == QCA_WCN3990 || soc_type == QCA_WCN3991 || 163 161 soc_type == QCA_WCN3998; 164 162 } 163 + static inline bool qca_is_wcn6750(enum qca_btsoc_type soc_type) 164 + { 165 + return soc_type == QCA_WCN6750; 166 + } 167 + 165 168 #else 166 169 167 170 static inline int qca_set_bdaddr_rome(struct hci_dev *hdev, const bdaddr_t *bdaddr) ··· 195 188 } 196 189 197 190 static inline bool qca_is_wcn399x(enum qca_btsoc_type soc_type) 191 + { 192 + return false; 193 + } 194 + 195 + static inline bool qca_is_wcn6750(enum qca_btsoc_type soc_type) 198 196 { 199 197 return false; 200 198 }

+24 -11

drivers/bluetooth/btrtl.c

··· 132 132 .cfg_name = "rtl_bt/rtl8761a_config" }, 133 133 134 134 /* 8761B */ 135 - { IC_INFO(RTL_ROM_LMP_8761A, 0xb, 0xa, HCI_USB), 135 + { IC_INFO(RTL_ROM_LMP_8761A, 0xb, 0xa, HCI_UART), 136 136 .config_needed = false, 137 137 .has_rom_version = true, 138 138 .fw_name = "rtl_bt/rtl8761b_fw.bin", 139 139 .cfg_name = "rtl_bt/rtl8761b_config" }, 140 + 141 + /* 8761BU */ 142 + { IC_INFO(RTL_ROM_LMP_8761A, 0xb, 0xa, HCI_USB), 143 + .config_needed = false, 144 + .has_rom_version = true, 145 + .fw_name = "rtl_bt/rtl8761bu_fw.bin", 146 + .cfg_name = "rtl_bt/rtl8761bu_config" }, 140 147 141 148 /* 8822C with UART interface */ 142 149 { IC_INFO(RTL_ROM_LMP_8822B, 0xc, 0xa, HCI_UART), ··· 726 719 } 727 720 EXPORT_SYMBOL_GPL(btrtl_download_firmware); 728 721 729 - int btrtl_setup_realtek(struct hci_dev *hdev) 722 + void btrtl_set_quirks(struct hci_dev *hdev, struct btrtl_device_info *btrtl_dev) 730 723 { 731 - struct btrtl_device_info *btrtl_dev; 732 - int ret; 733 - 734 - btrtl_dev = btrtl_initialize(hdev, NULL); 735 - if (IS_ERR(btrtl_dev)) 736 - return PTR_ERR(btrtl_dev); 737 - 738 - ret = btrtl_download_firmware(hdev, btrtl_dev); 739 - 740 724 /* Enable controller to do both LE scan and BR/EDR inquiry 741 725 * simultaneously. 742 726 */ ··· 748 750 rtl_dev_dbg(hdev, "WBS supported not enabled."); 749 751 break; 750 752 } 753 + } 754 + EXPORT_SYMBOL_GPL(btrtl_set_quirks); 755 + 756 + int btrtl_setup_realtek(struct hci_dev *hdev) 757 + { 758 + struct btrtl_device_info *btrtl_dev; 759 + int ret; 760 + 761 + btrtl_dev = btrtl_initialize(hdev, NULL); 762 + if (IS_ERR(btrtl_dev)) 763 + return PTR_ERR(btrtl_dev); 764 + 765 + ret = btrtl_download_firmware(hdev, btrtl_dev); 766 + 767 + btrtl_set_quirks(hdev, btrtl_dev); 751 768 752 769 btrtl_free(btrtl_dev); 753 770 return ret;

+7

drivers/bluetooth/btrtl.h

··· 54 54 void btrtl_free(struct btrtl_device_info *btrtl_dev); 55 55 int btrtl_download_firmware(struct hci_dev *hdev, 56 56 struct btrtl_device_info *btrtl_dev); 57 + void btrtl_set_quirks(struct hci_dev *hdev, 58 + struct btrtl_device_info *btrtl_dev); 57 59 int btrtl_setup_realtek(struct hci_dev *hdev); 58 60 int btrtl_shutdown_realtek(struct hci_dev *hdev); 59 61 int btrtl_get_uart_settings(struct hci_dev *hdev, ··· 79 77 struct btrtl_device_info *btrtl_dev) 80 78 { 81 79 return -EOPNOTSUPP; 80 + } 81 + 82 + static inline void btrtl_set_quirks(struct hci_dev *hdev, 83 + struct btrtl_device_info *btrtl_dev) 84 + { 82 85 } 83 86 84 87 static inline int btrtl_setup_realtek(struct hci_dev *hdev)

+37 -8

drivers/bluetooth/btusb.c

··· 270 270 BTUSB_WIDEBAND_SPEECH }, 271 271 { USB_DEVICE(0x0cf3, 0xe360), .driver_info = BTUSB_QCA_ROME | 272 272 BTUSB_WIDEBAND_SPEECH }, 273 + { USB_DEVICE(0x0cf3, 0xe500), .driver_info = BTUSB_QCA_ROME | 274 + BTUSB_WIDEBAND_SPEECH }, 273 275 { USB_DEVICE(0x0489, 0xe092), .driver_info = BTUSB_QCA_ROME | 274 276 BTUSB_WIDEBAND_SPEECH }, 275 277 { USB_DEVICE(0x0489, 0xe09f), .driver_info = BTUSB_QCA_ROME | ··· 410 408 /* Additional MediaTek MT7615E Bluetooth devices */ 411 409 { USB_DEVICE(0x13d3, 0x3560), .driver_info = BTUSB_MEDIATEK}, 412 410 411 + /* Additional MediaTek MT7921 Bluetooth devices */ 412 + { USB_DEVICE(0x04ca, 0x3802), .driver_info = BTUSB_MEDIATEK | 413 + BTUSB_WIDEBAND_SPEECH | 414 + BTUSB_VALID_LE_STATES }, 415 + 413 416 /* Additional Realtek 8723AE Bluetooth devices */ 414 417 { USB_DEVICE(0x0930, 0x021d), .driver_info = BTUSB_REALTEK }, 415 418 { USB_DEVICE(0x13d3, 0x3394), .driver_info = BTUSB_REALTEK }, ··· 433 426 /* Additional Realtek 8723DE Bluetooth devices */ 434 427 { USB_DEVICE(0x0bda, 0xb009), .driver_info = BTUSB_REALTEK }, 435 428 { USB_DEVICE(0x2ff8, 0xb011), .driver_info = BTUSB_REALTEK }, 429 + 430 + /* Additional Realtek 8761BU Bluetooth devices */ 431 + { USB_DEVICE(0x0b05, 0x190e), .driver_info = BTUSB_REALTEK | 432 + BTUSB_WIDEBAND_SPEECH }, 436 433 437 434 /* Additional Realtek 8821AE Bluetooth devices */ 438 435 { USB_DEVICE(0x0b05, 0x17dc), .driver_info = BTUSB_REALTEK }, ··· 1760 1749 * which work with WBS at all. 1761 1750 */ 1762 1751 new_alts = btusb_find_altsetting(data, 6) ? 6 : 1; 1752 + /* Because mSBC frames do not need to be aligned to the 1753 + * SCO packet boundary. If support the Alt 3, use the 1754 + * Alt 3 for HCI payload >= 60 Bytes let air packet 1755 + * data satisfy 60 bytes. 1756 + */ 1757 + if (new_alts == 1 && btusb_find_altsetting(data, 3)) 1758 + new_alts = 3; 1763 1759 } 1764 1760 1765 1761 if (btusb_switch_alt_setting(hdev, new_alts) < 0) ··· 3330 3312 struct btmtk_wmt_hdr *hdr; 3331 3313 int err; 3332 3314 3333 - /* Submit control IN URB on demand to process the WMT event */ 3334 - err = btusb_mtk_submit_wmt_recv_urb(hdev); 3335 - if (err < 0) 3336 - return err; 3337 - 3338 3315 /* Send the WMT command and wait until the WMT event returns */ 3339 3316 hlen = sizeof(*hdr) + wmt_params->dlen; 3340 3317 if (hlen > 255) ··· 3354 3341 clear_bit(BTUSB_TX_WAIT_VND_EVT, &data->flags); 3355 3342 goto err_free_wc; 3356 3343 } 3344 + 3345 + /* Submit control IN URB on demand to process the WMT event */ 3346 + err = btusb_mtk_submit_wmt_recv_urb(hdev); 3347 + if (err < 0) 3348 + goto err_free_wc; 3357 3349 3358 3350 /* The vendor specific WMT commands are all answered by a vendor 3359 3351 * specific event and will have the Command Status or Command ··· 4080 4062 sent += size; 4081 4063 count -= size; 4082 4064 4065 + /* ep2 need time to switch from function acl to function dfu, 4066 + * so we add 20ms delay here. 4067 + */ 4068 + msleep(20); 4069 + 4083 4070 while (count) { 4084 4071 size = min_t(size_t, count, QCA_DFU_PACKET_LEN); 4085 4072 ··· 4177 4154 int err; 4178 4155 4179 4156 if (((ver->flag >> 8) & 0xff) == QCA_FLAG_MULTI_NVM) { 4180 - snprintf(fwname, sizeof(fwname), "qca/nvm_usb_%08x_%04x.bin", 4181 - le32_to_cpu(ver->rom_version), 4182 - le16_to_cpu(ver->board_id)); 4157 + /* if boardid equal 0, use default nvm without surfix */ 4158 + if (le16_to_cpu(ver->board_id) == 0x0) { 4159 + snprintf(fwname, sizeof(fwname), "qca/nvm_usb_%08x.bin", 4160 + le32_to_cpu(ver->rom_version)); 4161 + } else { 4162 + snprintf(fwname, sizeof(fwname), "qca/nvm_usb_%08x_%04x.bin", 4163 + le32_to_cpu(ver->rom_version), 4164 + le16_to_cpu(ver->board_id)); 4165 + } 4183 4166 } else { 4184 4167 snprintf(fwname, sizeof(fwname), "qca/nvm_usb_%08x.bin", 4185 4168 le32_to_cpu(ver->rom_version));

-1

drivers/bluetooth/hci_ag6xx.c

··· 199 199 fwname, err); 200 200 goto patch; 201 201 } 202 - fw_ptr = fw->data; 203 202 204 203 bt_dev_info(hdev, "Applying bddata (%s)", fwname); 205 204

+1 -4

drivers/bluetooth/hci_h5.c

··· 906 906 /* Give the device some time before the hci-core sends it a reset */ 907 907 usleep_range(10000, 20000); 908 908 909 - /* Enable controller to do both LE scan and BR/EDR inquiry 910 - * simultaneously. 911 - */ 912 - set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &h5->hu->hdev->quirks); 909 + btrtl_set_quirks(h5->hu->hdev, btrtl_dev); 913 910 914 911 out_free: 915 912 btrtl_free(btrtl_dev);

+95 -23

drivers/bluetooth/hci_qca.c

··· 218 218 struct qca_serdev { 219 219 struct hci_uart serdev_hu; 220 220 struct gpio_desc *bt_en; 221 + struct gpio_desc *sw_ctrl; 221 222 struct clk *susclk; 222 223 enum qca_btsoc_type btsoc_type; 223 224 struct qca_power *bt_power; ··· 605 604 if (hu->serdev) { 606 605 qcadev = serdev_device_get_drvdata(hu->serdev); 607 606 608 - if (qca_is_wcn399x(qcadev->btsoc_type)) 607 + if (qca_is_wcn399x(qcadev->btsoc_type) || 608 + qca_is_wcn6750(qcadev->btsoc_type)) 609 609 hu->init_speed = qcadev->init_speed; 610 610 611 611 if (qcadev->oper_speed) ··· 1310 1308 msecs_to_jiffies(CMD_TRANS_TIMEOUT_MS)); 1311 1309 1312 1310 /* Give the controller time to process the request */ 1313 - if (qca_is_wcn399x(qca_soc_type(hu))) 1311 + if (qca_is_wcn399x(qca_soc_type(hu)) || 1312 + qca_is_wcn6750(qca_soc_type(hu))) 1314 1313 usleep_range(1000, 10000); 1315 1314 else 1316 1315 msleep(300); ··· 1387 1384 1388 1385 static int qca_check_speeds(struct hci_uart *hu) 1389 1386 { 1390 - if (qca_is_wcn399x(qca_soc_type(hu))) { 1387 + if (qca_is_wcn399x(qca_soc_type(hu)) || 1388 + qca_is_wcn6750(qca_soc_type(hu))) { 1391 1389 if (!qca_get_speed(hu, QCA_INIT_SPEED) && 1392 1390 !qca_get_speed(hu, QCA_OPER_SPEED)) 1393 1391 return -EINVAL; ··· 1421 1417 /* Disable flow control for wcn3990 to deassert RTS while 1422 1418 * changing the baudrate of chip and host. 1423 1419 */ 1424 - if (qca_is_wcn399x(soc_type)) 1420 + if (qca_is_wcn399x(soc_type) || 1421 + qca_is_wcn6750(soc_type)) 1425 1422 hci_uart_set_flow_control(hu, true); 1426 1423 1427 1424 if (soc_type == QCA_WCN3990) { ··· 1439 1434 host_set_baudrate(hu, speed); 1440 1435 1441 1436 error: 1442 - if (qca_is_wcn399x(soc_type)) 1437 + if (qca_is_wcn399x(soc_type) || 1438 + qca_is_wcn6750(soc_type)) 1443 1439 hci_uart_set_flow_control(hu, false); 1444 1440 1445 1441 if (soc_type == QCA_WCN3990) { ··· 1591 1585 return !wakeup; 1592 1586 } 1593 1587 1594 - static int qca_wcn3990_init(struct hci_uart *hu) 1588 + static int qca_regulator_init(struct hci_uart *hu) 1595 1589 { 1590 + enum qca_btsoc_type soc_type = qca_soc_type(hu); 1596 1591 struct qca_serdev *qcadev; 1597 1592 int ret; 1593 + bool sw_ctrl_state; 1598 1594 1599 1595 /* Check for vregs status, may be hci down has turned 1600 1596 * off the voltage regulator. ··· 1615 1607 } 1616 1608 } 1617 1609 1618 - /* Forcefully enable wcn3990 to enter in to boot mode. */ 1619 - host_set_baudrate(hu, 2400); 1620 - ret = qca_send_power_pulse(hu, false); 1621 - if (ret) 1622 - return ret; 1610 + if (qca_is_wcn399x(soc_type)) { 1611 + /* Forcefully enable wcn399x to enter in to boot mode. */ 1612 + host_set_baudrate(hu, 2400); 1613 + ret = qca_send_power_pulse(hu, false); 1614 + if (ret) 1615 + return ret; 1616 + } 1617 + 1618 + /* For wcn6750 need to enable gpio bt_en */ 1619 + if (qcadev->bt_en) { 1620 + gpiod_set_value_cansleep(qcadev->bt_en, 0); 1621 + msleep(50); 1622 + gpiod_set_value_cansleep(qcadev->bt_en, 1); 1623 + msleep(50); 1624 + if (qcadev->sw_ctrl) { 1625 + sw_ctrl_state = gpiod_get_value_cansleep(qcadev->sw_ctrl); 1626 + bt_dev_dbg(hu->hdev, "SW_CTRL is %d", sw_ctrl_state); 1627 + } 1628 + } 1623 1629 1624 1630 qca_set_speed(hu, QCA_INIT_SPEED); 1625 - ret = qca_send_power_pulse(hu, true); 1626 - if (ret) 1627 - return ret; 1631 + 1632 + if (qca_is_wcn399x(soc_type)) { 1633 + ret = qca_send_power_pulse(hu, true); 1634 + if (ret) 1635 + return ret; 1636 + } 1628 1637 1629 1638 /* Now the device is in ready state to communicate with host. 1630 1639 * To sync host with device we need to reopen port. ··· 1674 1649 if (!hu->serdev) 1675 1650 return 0; 1676 1651 1677 - if (qca_is_wcn399x(soc_type)) { 1678 - ret = qca_wcn3990_init(hu); 1652 + if (qca_is_wcn399x(soc_type) || 1653 + qca_is_wcn6750(soc_type)) { 1654 + ret = qca_regulator_init(hu); 1679 1655 } else { 1680 1656 qcadev = serdev_device_get_drvdata(hu->serdev); 1681 1657 if (qcadev->bt_en) { ··· 1715 1689 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); 1716 1690 1717 1691 bt_dev_info(hdev, "setting up %s", 1718 - qca_is_wcn399x(soc_type) ? "wcn399x" : "ROME/QCA6390"); 1692 + qca_is_wcn399x(soc_type) ? "wcn399x" : 1693 + (soc_type == QCA_WCN6750) ? "wcn6750" : "ROME/QCA6390"); 1719 1694 1720 1695 qca->memdump_state = QCA_MEMDUMP_IDLE; 1721 1696 ··· 1727 1700 1728 1701 clear_bit(QCA_SSR_TRIGGERED, &qca->flags); 1729 1702 1730 - if (qca_is_wcn399x(soc_type)) { 1703 + if (qca_is_wcn399x(soc_type) || 1704 + qca_is_wcn6750(soc_type)) { 1731 1705 set_bit(HCI_QUIRK_USE_BDADDR_PROPERTY, &hdev->quirks); 1732 1706 1733 1707 ret = qca_read_soc_version(hdev, &ver, soc_type); ··· 1748 1720 qca_baudrate = qca_get_baudrate_value(speed); 1749 1721 } 1750 1722 1751 - if (!qca_is_wcn399x(soc_type)) { 1723 + if (!(qca_is_wcn399x(soc_type) || 1724 + qca_is_wcn6750(soc_type))) { 1752 1725 /* Get QCA version information */ 1753 1726 ret = qca_read_soc_version(hdev, &ver, soc_type); 1754 1727 if (ret) ··· 1857 1828 .num_vregs = 0, 1858 1829 }; 1859 1830 1831 + static const struct qca_device_data qca_soc_data_wcn6750 = { 1832 + .soc_type = QCA_WCN6750, 1833 + .vregs = (struct qca_vreg []) { 1834 + { "vddio", 5000 }, 1835 + { "vddaon", 26000 }, 1836 + { "vddbtcxmx", 126000 }, 1837 + { "vddrfacmn", 12500 }, 1838 + { "vddrfa0p8", 102000 }, 1839 + { "vddrfa1p7", 302000 }, 1840 + { "vddrfa1p2", 257000 }, 1841 + { "vddrfa2p2", 1700000 }, 1842 + { "vddasd", 200 }, 1843 + }, 1844 + .num_vregs = 9, 1845 + .capabilities = QCA_CAP_WIDEBAND_SPEECH | QCA_CAP_VALID_LE_STATES, 1846 + }; 1847 + 1860 1848 static void qca_power_shutdown(struct hci_uart *hu) 1861 1849 { 1862 1850 struct qca_serdev *qcadev; 1863 1851 struct qca_data *qca = hu->priv; 1864 1852 unsigned long flags; 1865 1853 enum qca_btsoc_type soc_type = qca_soc_type(hu); 1866 - 1867 - qcadev = serdev_device_get_drvdata(hu->serdev); 1854 + bool sw_ctrl_state; 1868 1855 1869 1856 /* From this point we go into power off state. But serial port is 1870 1857 * still open, stop queueing the IBS data and flush all the buffered ··· 1897 1852 if (!hu->serdev) 1898 1853 return; 1899 1854 1855 + qcadev = serdev_device_get_drvdata(hu->serdev); 1856 + 1900 1857 if (qca_is_wcn399x(soc_type)) { 1901 1858 host_set_baudrate(hu, 2400); 1902 1859 qca_send_power_pulse(hu, false); 1903 1860 qca_regulator_disable(qcadev); 1861 + } else if (soc_type == QCA_WCN6750) { 1862 + gpiod_set_value_cansleep(qcadev->bt_en, 0); 1863 + msleep(100); 1864 + qca_regulator_disable(qcadev); 1865 + if (qcadev->sw_ctrl) { 1866 + sw_ctrl_state = gpiod_get_value_cansleep(qcadev->sw_ctrl); 1867 + bt_dev_dbg(hu->hdev, "SW_CTRL is %d", sw_ctrl_state); 1868 + } 1904 1869 } else if (qcadev->bt_en) { 1905 1870 gpiod_set_value_cansleep(qcadev->bt_en, 0); 1906 1871 } ··· 2033 1978 if (!qcadev->oper_speed) 2034 1979 BT_DBG("UART will pick default operating speed"); 2035 1980 2036 - if (data && qca_is_wcn399x(data->soc_type)) { 1981 + if (data && 1982 + (qca_is_wcn399x(data->soc_type) || 1983 + qca_is_wcn6750(data->soc_type))) { 2037 1984 qcadev->btsoc_type = data->soc_type; 2038 1985 qcadev->bt_power = devm_kzalloc(&serdev->dev, 2039 1986 sizeof(struct qca_power), ··· 2052 1995 } 2053 1996 2054 1997 qcadev->bt_power->vregs_on = false; 1998 + 1999 + qcadev->bt_en = devm_gpiod_get_optional(&serdev->dev, "enable", 2000 + GPIOD_OUT_LOW); 2001 + if (!qcadev->bt_en && data->soc_type == QCA_WCN6750) { 2002 + dev_err(&serdev->dev, "failed to acquire BT_EN gpio\n"); 2003 + power_ctrl_enabled = false; 2004 + } 2005 + 2006 + qcadev->sw_ctrl = devm_gpiod_get_optional(&serdev->dev, "swctrl", 2007 + GPIOD_IN); 2008 + if (!qcadev->sw_ctrl && data->soc_type == QCA_WCN6750) 2009 + dev_warn(&serdev->dev, "failed to acquire SW_CTRL gpio\n"); 2055 2010 2056 2011 qcadev->susclk = devm_clk_get_optional(&serdev->dev, NULL); 2057 2012 if (IS_ERR(qcadev->susclk)) { ··· 2137 2068 struct qca_serdev *qcadev = serdev_device_get_drvdata(serdev); 2138 2069 struct qca_power *power = qcadev->bt_power; 2139 2070 2140 - if (qca_is_wcn399x(qcadev->btsoc_type) && power->vregs_on) 2071 + if ((qca_is_wcn399x(qcadev->btsoc_type) || 2072 + qca_is_wcn6750(qcadev->btsoc_type)) && 2073 + power->vregs_on) 2141 2074 qca_power_shutdown(&qcadev->serdev_hu); 2142 2075 else if (qcadev->susclk) 2143 2076 clk_disable_unprepare(qcadev->susclk); ··· 2315 2244 { .compatible = "qcom,wcn3990-bt", .data = &qca_soc_data_wcn3990}, 2316 2245 { .compatible = "qcom,wcn3991-bt", .data = &qca_soc_data_wcn3991}, 2317 2246 { .compatible = "qcom,wcn3998-bt", .data = &qca_soc_data_wcn3998}, 2247 + { .compatible = "qcom,wcn6750-bt", .data = &qca_soc_data_wcn6750}, 2318 2248 { /* sentinel */ } 2319 2249 }; 2320 2250 MODULE_DEVICE_TABLE(of, qca_bluetooth_of_match);

+3

drivers/bluetooth/virtio_bt.c

··· 34 34 int err; 35 35 36 36 skb = alloc_skb(1000, GFP_KERNEL); 37 + if (!skb) 38 + return -ENOMEM; 39 + 37 40 sg_init_one(sg, skb->data, 1000); 38 41 39 42 err = virtqueue_add_inbuf(vq, sg, 1, skb, GFP_KERNEL);

+51 -48

include/net/bluetooth/hci.h

··· 36 36 37 37 #define HCI_MAX_AMP_ASSOC_SIZE 672 38 38 39 - #define HCI_MAX_CSB_DATA_SIZE 252 39 + #define HCI_MAX_CPB_DATA_SIZE 252 40 40 41 41 /* HCI dev events */ 42 42 #define HCI_DEV_REG 1 ··· 339 339 #define HCI_PAIRING_TIMEOUT msecs_to_jiffies(60000) /* 60 seconds */ 340 340 #define HCI_INIT_TIMEOUT msecs_to_jiffies(10000) /* 10 seconds */ 341 341 #define HCI_CMD_TIMEOUT msecs_to_jiffies(2000) /* 2 seconds */ 342 + #define HCI_NCMD_TIMEOUT msecs_to_jiffies(4000) /* 4 seconds */ 342 343 #define HCI_ACL_TX_TIMEOUT msecs_to_jiffies(45000) /* 45 seconds */ 343 344 #define HCI_AUTO_OFF_TIMEOUT msecs_to_jiffies(2000) /* 2 seconds */ 344 345 #define HCI_POWER_OFF_TIMEOUT msecs_to_jiffies(5000) /* 5 seconds */ ··· 472 471 #define LMP_EXTFEATURES 0x80 473 472 474 473 /* Extended LMP features */ 475 - #define LMP_CSB_MASTER 0x01 476 - #define LMP_CSB_SLAVE 0x02 477 - #define LMP_SYNC_TRAIN 0x04 478 - #define LMP_SYNC_SCAN 0x08 474 + #define LMP_CPB_CENTRAL 0x01 475 + #define LMP_CPB_PERIPHERAL 0x02 476 + #define LMP_SYNC_TRAIN 0x04 477 + #define LMP_SYNC_SCAN 0x08 479 478 480 479 #define LMP_SC 0x01 481 480 #define LMP_PING 0x02 ··· 489 488 /* LE features */ 490 489 #define HCI_LE_ENCRYPTION 0x01 491 490 #define HCI_LE_CONN_PARAM_REQ_PROC 0x02 492 - #define HCI_LE_SLAVE_FEATURES 0x08 491 + #define HCI_LE_PERIPHERAL_FEATURES 0x08 493 492 #define HCI_LE_PING 0x10 494 493 #define HCI_LE_DATA_LEN_EXT 0x20 495 494 #define HCI_LE_LL_PRIVACY 0x40 ··· 498 497 #define HCI_LE_PHY_CODED 0x08 499 498 #define HCI_LE_EXT_ADV 0x10 500 499 #define HCI_LE_CHAN_SEL_ALG2 0x40 501 - #define HCI_LE_CIS_MASTER 0x10 502 - #define HCI_LE_CIS_SLAVE 0x20 500 + #define HCI_LE_CIS_CENTRAL 0x10 501 + #define HCI_LE_CIS_PERIPHERAL 0x20 503 502 504 503 /* Connection modes */ 505 504 #define HCI_CM_ACTIVE 0x0000 ··· 877 876 __u8 flow_spec_id; 878 877 } __packed; 879 878 880 - #define HCI_OP_SET_CSB 0x0441 881 - struct hci_cp_set_csb { 879 + #define HCI_OP_SET_CPB 0x0441 880 + struct hci_cp_set_cpb { 882 881 __u8 enable; 883 882 __u8 lt_addr; 884 883 __u8 lpo_allowed; 885 884 __le16 packet_type; 886 885 __le16 interval_min; 887 886 __le16 interval_max; 888 - __le16 csb_sv_tout; 887 + __le16 cpb_sv_tout; 889 888 } __packed; 890 - struct hci_rp_set_csb { 889 + struct hci_rp_set_cpb { 891 890 __u8 status; 892 891 __u8 lt_addr; 893 892 __le16 interval; ··· 1184 1183 __u8 lt_addr; 1185 1184 } __packed; 1186 1185 1187 - #define HCI_OP_SET_CSB_DATA 0x0c76 1188 - struct hci_cp_set_csb_data { 1186 + #define HCI_OP_SET_CPB_DATA 0x0c76 1187 + struct hci_cp_set_cpb_data { 1189 1188 __u8 lt_addr; 1190 1189 __u8 fragment; 1191 1190 __u8 data_length; 1192 - __u8 data[HCI_MAX_CSB_DATA_SIZE]; 1191 + __u8 data[HCI_MAX_CPB_DATA_SIZE]; 1193 1192 } __packed; 1194 - struct hci_rp_set_csb_data { 1193 + struct hci_rp_set_cpb_data { 1195 1194 __u8 status; 1196 1195 __u8 lt_addr; 1197 1196 } __packed; ··· 1505 1504 } __packed; 1506 1505 1507 1506 #define HCI_LE_USE_PEER_ADDR 0x00 1508 - #define HCI_LE_USE_WHITELIST 0x01 1507 + #define HCI_LE_USE_ACCEPT_LIST 0x01 1509 1508 1510 1509 #define HCI_OP_LE_CREATE_CONN 0x200d 1511 1510 struct hci_cp_le_create_conn { ··· 1525 1524 1526 1525 #define HCI_OP_LE_CREATE_CONN_CANCEL 0x200e 1527 1526 1528 - #define HCI_OP_LE_READ_WHITE_LIST_SIZE 0x200f 1529 - struct hci_rp_le_read_white_list_size { 1527 + #define HCI_OP_LE_READ_ACCEPT_LIST_SIZE 0x200f 1528 + struct hci_rp_le_read_accept_list_size { 1530 1529 __u8 status; 1531 1530 __u8 size; 1532 1531 } __packed; 1533 1532 1534 - #define HCI_OP_LE_CLEAR_WHITE_LIST 0x2010 1533 + #define HCI_OP_LE_CLEAR_ACCEPT_LIST 0x2010 1535 1534 1536 - #define HCI_OP_LE_ADD_TO_WHITE_LIST 0x2011 1537 - struct hci_cp_le_add_to_white_list { 1535 + #define HCI_OP_LE_ADD_TO_ACCEPT_LIST 0x2011 1536 + struct hci_cp_le_add_to_accept_list { 1538 1537 __u8 bdaddr_type; 1539 1538 bdaddr_t bdaddr; 1540 1539 } __packed; 1541 1540 1542 - #define HCI_OP_LE_DEL_FROM_WHITE_LIST 0x2012 1543 - struct hci_cp_le_del_from_white_list { 1541 + #define HCI_OP_LE_DEL_FROM_ACCEPT_LIST 0x2012 1542 + struct hci_cp_le_del_from_accept_list { 1544 1543 __u8 bdaddr_type; 1545 1544 bdaddr_t bdaddr; 1546 1545 } __packed; ··· 1775 1774 __u8 max_events; 1776 1775 } __packed; 1777 1776 1777 + #define HCI_MAX_EXT_AD_LENGTH 251 1778 + 1778 1779 #define HCI_OP_LE_SET_EXT_ADV_DATA 0x2037 1779 1780 struct hci_cp_le_set_ext_adv_data { 1780 1781 __u8 handle; 1781 1782 __u8 operation; 1782 1783 __u8 frag_pref; 1783 1784 __u8 length; 1784 - __u8 data[HCI_MAX_AD_LENGTH]; 1785 + __u8 data[]; 1785 1786 } __packed; 1786 1787 1787 1788 #define HCI_OP_LE_SET_EXT_SCAN_RSP_DATA 0x2038 ··· 1792 1789 __u8 operation; 1793 1790 __u8 frag_pref; 1794 1791 __u8 length; 1795 - __u8 data[HCI_MAX_AD_LENGTH]; 1792 + __u8 data[]; 1796 1793 } __packed; 1797 1794 1798 1795 #define LE_SET_ADV_DATA_OP_COMPLETE 0x03 ··· 1841 1838 #define HCI_OP_LE_SET_CIG_PARAMS 0x2062 1842 1839 struct hci_cis_params { 1843 1840 __u8 cis_id; 1844 - __le16 m_sdu; 1845 - __le16 s_sdu; 1846 - __u8 m_phy; 1847 - __u8 s_phy; 1848 - __u8 m_rtn; 1849 - __u8 s_rtn; 1841 + __le16 c_sdu; 1842 + __le16 p_pdu; 1843 + __u8 c_phy; 1844 + __u8 p_phy; 1845 + __u8 c_rtn; 1846 + __u8 p_rtn; 1850 1847 } __packed; 1851 1848 1852 1849 struct hci_cp_le_set_cig_params { 1853 1850 __u8 cig_id; 1854 - __u8 m_interval[3]; 1855 - __u8 s_interval[3]; 1856 - __u8 sca; 1851 + __u8 c_interval[3]; 1852 + __u8 p_interval[3]; 1853 + __u8 wc_sca; 1857 1854 __u8 packing; 1858 1855 __u8 framing; 1859 - __le16 m_latency; 1860 - __le16 s_latency; 1856 + __le16 c_latency; 1857 + __le16 p_latency; 1861 1858 __u8 num_cis; 1862 1859 struct hci_cis_params cis[]; 1863 1860 } __packed; ··· 2262 2259 __u8 status; 2263 2260 } __packed; 2264 2261 2265 - #define HCI_EV_SLAVE_PAGE_RESP_TIMEOUT 0x54 2262 + #define HCI_EV_PERIPHERAL_PAGE_RESP_TIMEOUT 0x54 2266 2263 2267 2264 #define HCI_EV_LE_CONN_COMPLETE 0x01 2268 2265 struct hci_ev_le_conn_complete { ··· 2420 2417 __le16 handle; 2421 2418 __u8 cig_sync_delay[3]; 2422 2419 __u8 cis_sync_delay[3]; 2423 - __u8 m_latency[3]; 2424 - __u8 s_latency[3]; 2425 - __u8 m_phy; 2426 - __u8 s_phy; 2420 + __u8 c_latency[3]; 2421 + __u8 p_latency[3]; 2422 + __u8 c_phy; 2423 + __u8 p_phy; 2427 2424 __u8 nse; 2428 - __u8 m_bn; 2429 - __u8 s_bn; 2430 - __u8 m_ft; 2431 - __u8 s_ft; 2432 - __le16 m_mtu; 2433 - __le16 s_mtu; 2425 + __u8 c_bn; 2426 + __u8 p_bn; 2427 + __u8 c_ft; 2428 + __u8 p_ft; 2429 + __le16 c_mtu; 2430 + __le16 p_mtu; 2434 2431 __le16 interval; 2435 2432 } __packed; 2436 2433

+15 -14

include/net/bluetooth/hci_core.h

··· 122 122 unsigned int amp_num; 123 123 unsigned int sco_num; 124 124 unsigned int le_num; 125 - unsigned int le_num_slave; 125 + unsigned int le_num_peripheral; 126 126 }; 127 127 128 128 struct bdaddr_list { ··· 228 228 __u16 remaining_time; 229 229 __u16 duration; 230 230 __u16 adv_data_len; 231 - __u8 adv_data[HCI_MAX_AD_LENGTH]; 231 + __u8 adv_data[HCI_MAX_EXT_AD_LENGTH]; 232 232 __u16 scan_rsp_len; 233 - __u8 scan_rsp_data[HCI_MAX_AD_LENGTH]; 233 + __u8 scan_rsp_data[HCI_MAX_EXT_AD_LENGTH]; 234 234 __s8 tx_power; 235 235 __u32 min_interval; 236 236 __u32 max_interval; ··· 327 327 __u8 max_page; 328 328 __u8 features[HCI_MAX_PAGES][8]; 329 329 __u8 le_features[8]; 330 - __u8 le_white_list_size; 330 + __u8 le_accept_list_size; 331 331 __u8 le_resolv_list_size; 332 332 __u8 le_num_of_adv_sets; 333 333 __u8 le_states[8]; ··· 470 470 struct delayed_work service_cache; 471 471 472 472 struct delayed_work cmd_timer; 473 + struct delayed_work ncmd_timer; 473 474 474 475 struct work_struct rx_work; 475 476 struct work_struct cmd_work; ··· 522 521 struct hci_conn_hash conn_hash; 523 522 524 523 struct list_head mgmt_pending; 525 - struct list_head blacklist; 526 - struct list_head whitelist; 524 + struct list_head reject_list; 525 + struct list_head accept_list; 527 526 struct list_head uuids; 528 527 struct list_head link_keys; 529 528 struct list_head long_term_keys; 530 529 struct list_head identity_resolving_keys; 531 530 struct list_head remote_oob_data; 532 - struct list_head le_white_list; 531 + struct list_head le_accept_list; 533 532 struct list_head le_resolv_list; 534 533 struct list_head le_conn_params; 535 534 struct list_head pend_le_conns; ··· 551 550 DECLARE_BITMAP(dev_flags, __HCI_NUM_FLAGS); 552 551 553 552 __s8 adv_tx_power; 554 - __u8 adv_data[HCI_MAX_AD_LENGTH]; 553 + __u8 adv_data[HCI_MAX_EXT_AD_LENGTH]; 555 554 __u8 adv_data_len; 556 - __u8 scan_rsp_data[HCI_MAX_AD_LENGTH]; 555 + __u8 scan_rsp_data[HCI_MAX_EXT_AD_LENGTH]; 557 556 __u8 scan_rsp_data_len; 558 557 559 558 struct list_head adv_instances; ··· 894 893 case LE_LINK: 895 894 h->le_num++; 896 895 if (c->role == HCI_ROLE_SLAVE) 897 - h->le_num_slave++; 896 + h->le_num_peripheral++; 898 897 break; 899 898 case SCO_LINK: 900 899 case ESCO_LINK: ··· 920 919 case LE_LINK: 921 920 h->le_num--; 922 921 if (c->role == HCI_ROLE_SLAVE) 923 - h->le_num_slave--; 922 + h->le_num_peripheral--; 924 923 break; 925 924 case SCO_LINK: 926 925 case ESCO_LINK: ··· 1394 1393 #define lmp_edr_5slot_capable(dev) ((dev)->features[0][5] & LMP_EDR_5SLOT) 1395 1394 1396 1395 /* ----- Extended LMP capabilities ----- */ 1397 - #define lmp_csb_master_capable(dev) ((dev)->features[2][0] & LMP_CSB_MASTER) 1398 - #define lmp_csb_slave_capable(dev) ((dev)->features[2][0] & LMP_CSB_SLAVE) 1396 + #define lmp_cpb_central_capable(dev) ((dev)->features[2][0] & LMP_CPB_CENTRAL) 1397 + #define lmp_cpb_peripheral_capable(dev) ((dev)->features[2][0] & LMP_CPB_PERIPHERAL) 1399 1398 #define lmp_sync_train_capable(dev) ((dev)->features[2][0] & LMP_SYNC_TRAIN) 1400 1399 #define lmp_sync_scan_capable(dev) ((dev)->features[2][0] & LMP_SYNC_SCAN) 1401 1400 #define lmp_sc_capable(dev) ((dev)->features[2][1] & LMP_SC) ··· 1769 1768 void mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key, 1770 1769 bool persistent); 1771 1770 void mgmt_device_connected(struct hci_dev *hdev, struct hci_conn *conn, 1772 - u32 flags, u8 *name, u8 name_len); 1771 + u8 *name, u8 name_len); 1773 1772 void mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, 1774 1773 u8 link_type, u8 addr_type, u8 reason, 1775 1774 bool mgmt_connected);

+2 -1

include/net/bluetooth/mgmt.h

··· 202 202 struct mgmt_ltk_info { 203 203 struct mgmt_addr_info addr; 204 204 __u8 type; 205 - __u8 master; 205 + __u8 initiator; 206 206 __u8 enc_size; 207 207 __le16 ediv; 208 208 __le64 rand; ··· 939 939 #define MGMT_DEV_FOUND_CONFIRM_NAME 0x01 940 940 #define MGMT_DEV_FOUND_LEGACY_PAIRING 0x02 941 941 #define MGMT_DEV_FOUND_NOT_CONNECTABLE 0x04 942 + #define MGMT_DEV_FOUND_INITIATED_CONN 0x08 942 943 943 944 #define MGMT_EV_DEVICE_FOUND 0x0012 944 945 struct mgmt_ev_device_found {

+9 -45

net/bluetooth/6lowpan.c

··· 103 103 return false; 104 104 } 105 105 106 - static inline struct lowpan_peer *peer_lookup_ba(struct lowpan_btle_dev *dev, 107 - bdaddr_t *ba, __u8 type) 108 - { 109 - struct lowpan_peer *peer; 110 - 111 - BT_DBG("peers %d addr %pMR type %d", atomic_read(&dev->peer_count), 112 - ba, type); 113 - 114 - rcu_read_lock(); 115 - 116 - list_for_each_entry_rcu(peer, &dev->peers, list) { 117 - BT_DBG("dst addr %pMR dst type %d", 118 - &peer->chan->dst, peer->chan->dst_type); 119 - 120 - if (bacmp(&peer->chan->dst, ba)) 121 - continue; 122 - 123 - if (type == peer->chan->dst_type) { 124 - rcu_read_unlock(); 125 - return peer; 126 - } 127 - } 128 - 129 - rcu_read_unlock(); 130 - 131 - return NULL; 132 - } 133 - 134 106 static inline struct lowpan_peer * 135 107 __peer_lookup_chan(struct lowpan_btle_dev *dev, struct l2cap_chan *chan) 136 108 { ··· 167 195 rcu_read_lock(); 168 196 169 197 list_for_each_entry_rcu(peer, &dev->peers, list) { 170 - BT_DBG("dst addr %pMR dst type %d ip %pI6c", 198 + BT_DBG("dst addr %pMR dst type %u ip %pI6c", 171 199 &peer->chan->dst, peer->chan->dst_type, 172 200 &peer->peer_addr); 173 201 ··· 478 506 479 507 local_skb = skb_clone(skb, GFP_ATOMIC); 480 508 481 - BT_DBG("xmit %s to %pMR type %d IP %pI6c chan %p", 509 + BT_DBG("xmit %s to %pMR type %u IP %pI6c chan %p", 482 510 netdev->name, 483 511 &pentry->chan->dst, pentry->chan->dst_type, 484 512 &pentry->peer_addr, pentry->chan); ··· 521 549 522 550 if (err) { 523 551 if (lowpan_cb(skb)->chan) { 524 - BT_DBG("xmit %s to %pMR type %d IP %pI6c chan %p", 552 + BT_DBG("xmit %s to %pMR type %u IP %pI6c chan %p", 525 553 netdev->name, &addr, addr_type, 526 554 &lowpan_cb(skb)->addr, lowpan_cb(skb)->chan); 527 555 err = send_pkt(lowpan_cb(skb)->chan, skb, netdev); ··· 663 691 static int setup_netdev(struct l2cap_chan *chan, struct lowpan_btle_dev **dev) 664 692 { 665 693 struct net_device *netdev; 666 - int err = 0; 694 + int err; 667 695 668 696 netdev = alloc_netdev(LOWPAN_PRIV_SIZE(sizeof(struct lowpan_btle_dev)), 669 697 IFACE_NAME_TEMPLATE, NET_NAME_UNKNOWN, ··· 790 818 791 819 BT_DBG("dev %p removing %speer %p", dev, 792 820 last ? "last " : "1 ", peer); 793 - BT_DBG("chan %p orig refcnt %d", chan, 821 + BT_DBG("chan %p orig refcnt %u", chan, 794 822 kref_read(&chan->kref)); 795 823 796 824 l2cap_chan_put(chan); ··· 879 907 .set_shutdown = l2cap_chan_no_set_shutdown, 880 908 }; 881 909 882 - static inline __u8 bdaddr_type(__u8 type) 883 - { 884 - if (type == ADDR_LE_DEV_PUBLIC) 885 - return BDADDR_LE_PUBLIC; 886 - else 887 - return BDADDR_LE_RANDOM; 888 - } 889 - 890 910 static int bt_6lowpan_connect(bdaddr_t *addr, u8 dst_type) 891 911 { 892 912 struct l2cap_chan *chan; ··· 904 940 { 905 941 struct lowpan_peer *peer; 906 942 907 - BT_DBG("conn %p dst type %d", conn, dst_type); 943 + BT_DBG("conn %p dst type %u", conn, dst_type); 908 944 909 945 peer = lookup_peer(conn); 910 946 if (!peer) ··· 936 972 937 973 atomic_set(&chan->nesting, L2CAP_NESTING_PARENT); 938 974 939 - BT_DBG("chan %p src type %d", chan, chan->src_type); 975 + BT_DBG("chan %p src type %u", chan, chan->src_type); 940 976 941 977 err = l2cap_add_psm(chan, addr, cpu_to_le16(L2CAP_PSM_IPSP)); 942 978 if (err) { ··· 977 1013 978 1014 *conn = (struct l2cap_conn *)hcon->l2cap_data; 979 1015 980 - BT_DBG("conn %p dst %pMR type %d", *conn, &hcon->dst, hcon->dst_type); 1016 + BT_DBG("conn %p dst %pMR type %u", *conn, &hcon->dst, hcon->dst_type); 981 1017 982 1018 return 0; 983 1019 } ··· 1119 1155 return -EALREADY; 1120 1156 } 1121 1157 1122 - BT_DBG("conn %p dst %pMR type %d user %d", conn, 1158 + BT_DBG("conn %p dst %pMR type %d user %u", conn, 1123 1159 &conn->hcon->dst, conn->hcon->dst_type, 1124 1160 addr_type); 1125 1161 }

+12 -12

net/bluetooth/a2mp.c

··· 120 120 if (le16_to_cpu(hdr->len) < sizeof(*rej)) 121 121 return -EINVAL; 122 122 123 - BT_DBG("ident %d reason %d", hdr->ident, le16_to_cpu(rej->reason)); 123 + BT_DBG("ident %u reason %d", hdr->ident, le16_to_cpu(rej->reason)); 124 124 125 125 skb_pull(skb, sizeof(*rej)); 126 126 ··· 219 219 220 220 cl = (void *) skb->data; 221 221 while (len >= sizeof(*cl)) { 222 - BT_DBG("Remote AMP id %d type %d status %d", cl->id, cl->type, 222 + BT_DBG("Remote AMP id %u type %u status %u", cl->id, cl->type, 223 223 cl->status); 224 224 225 225 if (cl->id != AMP_ID_BREDR && cl->type != AMP_TYPE_BREDR) { ··· 273 273 struct a2mp_cl *cl = (void *) skb->data; 274 274 275 275 while (skb->len >= sizeof(*cl)) { 276 - BT_DBG("Controller id %d type %d status %d", cl->id, cl->type, 276 + BT_DBG("Controller id %u type %u status %u", cl->id, cl->type, 277 277 cl->status); 278 278 cl = skb_pull(skb, sizeof(*cl)); 279 279 } ··· 302 302 if (le16_to_cpu(hdr->len) < sizeof(*req)) 303 303 return -EINVAL; 304 304 305 - BT_DBG("id %d", req->id); 305 + BT_DBG("id %u", req->id); 306 306 307 307 hdev = hci_dev_get(req->id); 308 308 if (!hdev || hdev->dev_type != HCI_AMP) { ··· 344 344 if (le16_to_cpu(hdr->len) < sizeof(*rsp)) 345 345 return -EINVAL; 346 346 347 - BT_DBG("id %d status 0x%2.2x", rsp->id, rsp->status); 347 + BT_DBG("id %u status 0x%2.2x", rsp->id, rsp->status); 348 348 349 349 if (rsp->status) 350 350 return -EINVAL; ··· 373 373 if (le16_to_cpu(hdr->len) < sizeof(*req)) 374 374 return -EINVAL; 375 375 376 - BT_DBG("id %d", req->id); 376 + BT_DBG("id %u", req->id); 377 377 378 378 /* Make sure that other request is not processed */ 379 379 tmp = amp_mgr_lookup_by_state(READ_LOC_AMP_ASSOC); ··· 423 423 424 424 assoc_len = len - sizeof(*rsp); 425 425 426 - BT_DBG("id %d status 0x%2.2x assoc len %zu", rsp->id, rsp->status, 426 + BT_DBG("id %u status 0x%2.2x assoc len %zu", rsp->id, rsp->status, 427 427 assoc_len); 428 428 429 429 if (rsp->status) ··· 457 457 if (!hcon) 458 458 goto done; 459 459 460 - BT_DBG("Created hcon %p: loc:%d -> rem:%d", hcon, hdev->id, rsp->id); 460 + BT_DBG("Created hcon %p: loc:%u -> rem:%u", hcon, hdev->id, rsp->id); 461 461 462 462 mgr->bredr_chan->remote_amp_id = rsp->id; 463 463 ··· 481 481 if (le16_to_cpu(hdr->len) < sizeof(*req)) 482 482 return -EINVAL; 483 483 484 - BT_DBG("local_id %d, remote_id %d", req->local_id, req->remote_id); 484 + BT_DBG("local_id %u, remote_id %u", req->local_id, req->remote_id); 485 485 486 486 memset(&rsp, 0, sizeof(rsp)); 487 487 ··· 562 562 if (le16_to_cpu(hdr->len) < sizeof(*req)) 563 563 return -EINVAL; 564 564 565 - BT_DBG("local_id %d remote_id %d", req->local_id, req->remote_id); 565 + BT_DBG("local_id %u remote_id %u", req->local_id, req->remote_id); 566 566 567 567 memset(&rsp, 0, sizeof(rsp)); 568 568 ··· 599 599 static inline int a2mp_cmd_rsp(struct amp_mgr *mgr, struct sk_buff *skb, 600 600 struct a2mp_cmd *hdr) 601 601 { 602 - BT_DBG("ident %d code 0x%2.2x", hdr->ident, hdr->code); 602 + BT_DBG("ident %u code 0x%2.2x", hdr->ident, hdr->code); 603 603 604 604 skb_pull(skb, le16_to_cpu(hdr->len)); 605 605 return 0; ··· 620 620 hdr = (void *) skb->data; 621 621 len = le16_to_cpu(hdr->len); 622 622 623 - BT_DBG("code 0x%2.2x id %d len %u", hdr->code, hdr->ident, len); 623 + BT_DBG("code 0x%2.2x id %u len %u", hdr->code, hdr->ident, len); 624 624 625 625 skb_pull(skb, sizeof(*hdr)); 626 626

+3 -3

net/bluetooth/amp.c

··· 78 78 { 79 79 struct amp_ctrl *ctrl; 80 80 81 - BT_DBG("mgr %p id %d", mgr, id); 81 + BT_DBG("mgr %p id %u", mgr, id); 82 82 83 83 mutex_lock(&mgr->amp_ctrls_lock); 84 84 list_for_each_entry(ctrl, &mgr->amp_ctrls, list) { ··· 179 179 180 180 /* Legacy key */ 181 181 if (conn->key_type < 3) { 182 - bt_dev_err(hdev, "legacy key type %d", conn->key_type); 182 + bt_dev_err(hdev, "legacy key type %u", conn->key_type); 183 183 return -EACCES; 184 184 } 185 185 ··· 257 257 struct hci_request req; 258 258 int err; 259 259 260 - BT_DBG("%s handle %d", hdev->name, phy_handle); 260 + BT_DBG("%s handle %u", hdev->name, phy_handle); 261 261 262 262 cp.phy_handle = phy_handle; 263 263 cp.max_len = cpu_to_le16(hdev->amp_assoc_size);

+4 -4

net/bluetooth/bnep/core.c

··· 126 126 f[i].start = get_unaligned_be16(data++); 127 127 f[i].end = get_unaligned_be16(data++); 128 128 129 - BT_DBG("proto filter start %d end %d", 130 - f[i].start, f[i].end); 129 + BT_DBG("proto filter start %u end %u", 130 + f[i].start, f[i].end); 131 131 } 132 132 133 133 if (i < BNEP_MAX_PROTO_FILTERS) ··· 266 266 break; 267 267 } 268 268 269 - BT_DBG("type 0x%x len %d", h->type, h->len); 269 + BT_DBG("type 0x%x len %u", h->type, h->len); 270 270 271 271 switch (h->type & BNEP_TYPE_MASK) { 272 272 case BNEP_EXT_CONTROL: ··· 424 424 int len = 0, il = 0; 425 425 u8 type = 0; 426 426 427 - BT_DBG("skb %p dev %p type %d", skb, skb->dev, skb->pkt_type); 427 + BT_DBG("skb %p dev %p type %u", skb, skb->dev, skb->pkt_type); 428 428 429 429 if (!skb->dev) { 430 430 /* Control frame sent by us */

+11 -11

net/bluetooth/cmtp/capi.c

··· 74 74 { 75 75 struct cmtp_application *app = kzalloc(sizeof(*app), GFP_KERNEL); 76 76 77 - BT_DBG("session %p application %p appl %d", session, app, appl); 77 + BT_DBG("session %p application %p appl %u", session, app, appl); 78 78 79 79 if (!app) 80 80 return NULL; ··· 135 135 { 136 136 struct cmtp_scb *scb = (void *) skb->cb; 137 137 138 - BT_DBG("session %p skb %p len %d", session, skb, skb->len); 138 + BT_DBG("session %p skb %p len %u", session, skb, skb->len); 139 139 140 140 scb->id = -1; 141 141 scb->data = (CAPIMSG_COMMAND(skb->data) == CAPI_DATA_B3); ··· 152 152 struct sk_buff *skb; 153 153 unsigned char *s; 154 154 155 - BT_DBG("session %p subcmd 0x%02x appl %d msgnum %d", session, subcmd, appl, msgnum); 155 + BT_DBG("session %p subcmd 0x%02x appl %u msgnum %u", session, subcmd, appl, msgnum); 156 156 157 157 skb = alloc_skb(CAPI_MSG_BASELEN + 6 + len, GFP_ATOMIC); 158 158 if (!skb) { ··· 188 188 __u16 appl, msgnum, func, info; 189 189 __u32 controller; 190 190 191 - BT_DBG("session %p skb %p len %d", session, skb, skb->len); 191 + BT_DBG("session %p skb %p len %u", session, skb, skb->len); 192 192 193 193 switch (CAPIMSG_SUBCOMMAND(skb->data)) { 194 194 case CAPI_CONF: ··· 321 321 __u16 appl; 322 322 __u32 contr; 323 323 324 - BT_DBG("session %p skb %p len %d", session, skb, skb->len); 324 + BT_DBG("session %p skb %p len %u", session, skb, skb->len); 325 325 326 326 if (skb->len < CAPI_MSG_BASELEN) 327 327 return; ··· 344 344 appl = application->appl; 345 345 CAPIMSG_SETAPPID(skb->data, appl); 346 346 } else { 347 - BT_ERR("Can't find application with id %d", appl); 347 + BT_ERR("Can't find application with id %u", appl); 348 348 kfree_skb(skb); 349 349 return; 350 350 } ··· 385 385 unsigned char buf[8]; 386 386 int err = 0, nconn, want = rp->level3cnt; 387 387 388 - BT_DBG("ctrl %p appl %d level3cnt %d datablkcnt %d datablklen %d", 389 - ctrl, appl, rp->level3cnt, rp->datablkcnt, rp->datablklen); 388 + BT_DBG("ctrl %p appl %u level3cnt %u datablkcnt %u datablklen %u", 389 + ctrl, appl, rp->level3cnt, rp->datablkcnt, rp->datablklen); 390 390 391 391 application = cmtp_application_add(session, appl); 392 392 if (!application) { ··· 450 450 struct cmtp_session *session = ctrl->driverdata; 451 451 struct cmtp_application *application; 452 452 453 - BT_DBG("ctrl %p appl %d", ctrl, appl); 453 + BT_DBG("ctrl %p appl %u", ctrl, appl); 454 454 455 455 application = cmtp_application_get(session, CMTP_APPLID, appl); 456 456 if (!application) { ··· 483 483 484 484 application = cmtp_application_get(session, CMTP_APPLID, appl); 485 485 if ((!application) || (application->state != BT_CONNECTED)) { 486 - BT_ERR("Can't find application with id %d", appl); 486 + BT_ERR("Can't find application with id %u", appl); 487 487 return CAPI_ILLAPPNR; 488 488 } 489 489 ··· 515 515 seq_printf(m, "ctrl %d\n", session->num); 516 516 517 517 list_for_each_entry(app, &session->applications, list) { 518 - seq_printf(m, "appl %d -> %d\n", app->appl, app->mapping); 518 + seq_printf(m, "appl %u -> %u\n", app->appl, app->mapping); 519 519 } 520 520 521 521 return 0;

+5

net/bluetooth/cmtp/core.c

··· 392 392 if (!(session->flags & BIT(CMTP_LOOPBACK))) { 393 393 err = cmtp_attach_device(session); 394 394 if (err < 0) { 395 + /* Caller will call fput in case of failure, and so 396 + * will cmtp_session kthread. 397 + */ 398 + get_file(session->sock->file); 399 + 395 400 atomic_inc(&session->terminate); 396 401 wake_up_interruptible(sk_sleep(session->sock->sk)); 397 402 up_write(&cmtp_session_sem);

+5 -5

net/bluetooth/hci_conn.c

··· 257 257 { 258 258 BT_DBG("hcon %p", conn); 259 259 260 - /* When we are master of an established connection and it enters 260 + /* When we are central of an established connection and it enters 261 261 * the disconnect timeout, then go ahead and try to read the 262 262 * current clock offset. Processing of the result is done 263 263 * within the event handling and hci_clock_offset_evt function. ··· 1109 1109 1110 1110 hci_req_init(&req, hdev); 1111 1111 1112 - /* Disable advertising if we're active. For master role 1112 + /* Disable advertising if we're active. For central role 1113 1113 * connections most controllers will refuse to connect if 1114 - * advertising is enabled, and for slave role connections we 1114 + * advertising is enabled, and for peripheral role connections we 1115 1115 * anyway have to disable it in order to start directed 1116 1116 * advertising. Any registered advertisements will be 1117 1117 * re-enabled after the connection attempt is finished. ··· 1119 1119 if (hci_dev_test_flag(hdev, HCI_LE_ADV)) 1120 1120 __hci_req_pause_adv_instances(&req); 1121 1121 1122 - /* If requested to connect as slave use directed advertising */ 1122 + /* If requested to connect as peripheral use directed advertising */ 1123 1123 if (conn->role == HCI_ROLE_SLAVE) { 1124 1124 /* If we're active scanning most controllers are unable 1125 1125 * to initiate advertising. Simply reject the attempt. ··· 1842 1842 1843 1843 /* BLUETOOTH CORE SPECIFICATION Version 5.2 | Vol 2, Part B page 471: 1844 1844 * Table 6.2: Packets defined for synchronous, asynchronous, and 1845 - * CSB logical transport types. 1845 + * CPB logical transport types. 1846 1846 */ 1847 1847 switch (conn->type) { 1848 1848 case SCO_LINK:

+50 -28

net/bluetooth/hci_core.c

··· 545 545 u8 events[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 546 546 bool changed = false; 547 547 548 - /* If Connectionless Slave Broadcast master role is supported 548 + /* If Connectionless Peripheral Broadcast central role is supported 549 549 * enable all necessary events for it. 550 550 */ 551 - if (lmp_csb_master_capable(hdev)) { 551 + if (lmp_cpb_central_capable(hdev)) { 552 552 events[1] |= 0x40; /* Triggered Clock Capture */ 553 553 events[1] |= 0x80; /* Synchronization Train Complete */ 554 - events[2] |= 0x10; /* Slave Page Response Timeout */ 555 - events[2] |= 0x20; /* CSB Channel Map Change */ 554 + events[2] |= 0x10; /* Peripheral Page Response Timeout */ 555 + events[2] |= 0x20; /* CPB Channel Map Change */ 556 556 changed = true; 557 557 } 558 558 559 - /* If Connectionless Slave Broadcast slave role is supported 559 + /* If Connectionless Peripheral Broadcast peripheral role is supported 560 560 * enable all necessary events for it. 561 561 */ 562 - if (lmp_csb_slave_capable(hdev)) { 562 + if (lmp_cpb_peripheral_capable(hdev)) { 563 563 events[2] |= 0x01; /* Synchronization Train Received */ 564 - events[2] |= 0x02; /* CSB Receive */ 565 - events[2] |= 0x04; /* CSB Timeout */ 564 + events[2] |= 0x02; /* CPB Receive */ 565 + events[2] |= 0x04; /* CPB Timeout */ 566 566 events[2] |= 0x08; /* Truncated Page Complete */ 567 567 changed = true; 568 568 } ··· 749 749 } 750 750 751 751 if (hdev->commands[26] & 0x40) { 752 - /* Read LE White List Size */ 753 - hci_req_add(req, HCI_OP_LE_READ_WHITE_LIST_SIZE, 752 + /* Read LE Accept List Size */ 753 + hci_req_add(req, HCI_OP_LE_READ_ACCEPT_LIST_SIZE, 754 754 0, NULL); 755 755 } 756 756 757 757 if (hdev->commands[26] & 0x80) { 758 - /* Clear LE White List */ 759 - hci_req_add(req, HCI_OP_LE_CLEAR_WHITE_LIST, 0, NULL); 758 + /* Clear LE Accept List */ 759 + hci_req_add(req, HCI_OP_LE_CLEAR_ACCEPT_LIST, 0, NULL); 760 760 } 761 761 762 762 if (hdev->commands[34] & 0x40) { ··· 1721 1721 1722 1722 BT_DBG("%s %p", hdev->name, hdev); 1723 1723 1724 - if (!hci_dev_test_flag(hdev, HCI_UNREGISTER) && 1725 - !hci_dev_test_flag(hdev, HCI_USER_CHANNEL) && 1726 - test_bit(HCI_UP, &hdev->flags)) { 1727 - /* Execute vendor specific shutdown routine */ 1728 - if (hdev->shutdown) 1729 - hdev->shutdown(hdev); 1730 - } 1731 - 1732 1724 cancel_delayed_work(&hdev->power_off); 1725 + cancel_delayed_work(&hdev->ncmd_timer); 1733 1726 1734 1727 hci_request_cancel_all(hdev); 1735 1728 hci_req_sync_lock(hdev); ··· 1796 1803 set_bit(HCI_INIT, &hdev->flags); 1797 1804 __hci_req_sync(hdev, hci_reset_req, 0, HCI_CMD_TIMEOUT, NULL); 1798 1805 clear_bit(HCI_INIT, &hdev->flags); 1806 + } 1807 + 1808 + if (!hci_dev_test_flag(hdev, HCI_UNREGISTER) && 1809 + !hci_dev_test_flag(hdev, HCI_USER_CHANNEL) && 1810 + test_bit(HCI_UP, &hdev->flags)) { 1811 + /* Execute vendor specific shutdown routine */ 1812 + if (hdev->shutdown) 1813 + hdev->shutdown(hdev); 1799 1814 } 1800 1815 1801 1816 /* flush cmd work */ ··· 2778 2777 queue_work(hdev->workqueue, &hdev->cmd_work); 2779 2778 } 2780 2779 2780 + /* HCI ncmd timer function */ 2781 + static void hci_ncmd_timeout(struct work_struct *work) 2782 + { 2783 + struct hci_dev *hdev = container_of(work, struct hci_dev, 2784 + ncmd_timer.work); 2785 + 2786 + bt_dev_err(hdev, "Controller not accepting commands anymore: ncmd = 0"); 2787 + 2788 + /* During HCI_INIT phase no events can be injected if the ncmd timer 2789 + * triggers since the procedure has its own timeout handling. 2790 + */ 2791 + if (test_bit(HCI_INIT, &hdev->flags)) 2792 + return; 2793 + 2794 + /* This is an irrecoverable state, inject hardware error event */ 2795 + hci_reset_dev(hdev); 2796 + } 2797 + 2781 2798 struct oob_data *hci_find_remote_oob_data(struct hci_dev *hdev, 2782 2799 bdaddr_t *bdaddr, u8 bdaddr_type) 2783 2800 { ··· 3713 3694 /* Suspend consists of two actions: 3714 3695 * - First, disconnect everything and make the controller not 3715 3696 * connectable (disabling scanning) 3716 - * - Second, program event filter/whitelist and enable scan 3697 + * - Second, program event filter/accept list and enable scan 3717 3698 */ 3718 3699 ret = hci_change_suspend_state(hdev, BT_SUSPEND_DISCONNECT); 3719 3700 if (!ret) 3720 3701 state = BT_SUSPEND_DISCONNECT; 3721 3702 3722 - /* Only configure whitelist if disconnect succeeded and wake 3703 + /* Only configure accept list if disconnect succeeded and wake 3723 3704 * isn't being prevented. 3724 3705 */ 3725 3706 if (!ret && !(hdev->prevent_wake && hdev->prevent_wake(hdev))) { ··· 3827 3808 mutex_init(&hdev->req_lock); 3828 3809 3829 3810 INIT_LIST_HEAD(&hdev->mgmt_pending); 3830 - INIT_LIST_HEAD(&hdev->blacklist); 3831 - INIT_LIST_HEAD(&hdev->whitelist); 3811 + INIT_LIST_HEAD(&hdev->reject_list); 3812 + INIT_LIST_HEAD(&hdev->accept_list); 3832 3813 INIT_LIST_HEAD(&hdev->uuids); 3833 3814 INIT_LIST_HEAD(&hdev->link_keys); 3834 3815 INIT_LIST_HEAD(&hdev->long_term_keys); 3835 3816 INIT_LIST_HEAD(&hdev->identity_resolving_keys); 3836 3817 INIT_LIST_HEAD(&hdev->remote_oob_data); 3837 - INIT_LIST_HEAD(&hdev->le_white_list); 3818 + INIT_LIST_HEAD(&hdev->le_accept_list); 3838 3819 INIT_LIST_HEAD(&hdev->le_resolv_list); 3839 3820 INIT_LIST_HEAD(&hdev->le_conn_params); 3840 3821 INIT_LIST_HEAD(&hdev->pend_le_conns); ··· 3860 3841 init_waitqueue_head(&hdev->suspend_wait_q); 3861 3842 3862 3843 INIT_DELAYED_WORK(&hdev->cmd_timer, hci_cmd_timeout); 3844 + INIT_DELAYED_WORK(&hdev->ncmd_timer, hci_ncmd_timeout); 3863 3845 3864 3846 hci_request_setup(hdev); 3865 3847 ··· 4047 4027 destroy_workqueue(hdev->req_workqueue); 4048 4028 4049 4029 hci_dev_lock(hdev); 4050 - hci_bdaddr_list_clear(&hdev->blacklist); 4051 - hci_bdaddr_list_clear(&hdev->whitelist); 4030 + hci_bdaddr_list_clear(&hdev->reject_list); 4031 + hci_bdaddr_list_clear(&hdev->accept_list); 4052 4032 hci_uuids_clear(hdev); 4053 4033 hci_link_keys_clear(hdev); 4054 4034 hci_smp_ltks_clear(hdev); ··· 4056 4036 hci_remote_oob_data_clear(hdev); 4057 4037 hci_adv_instances_clear(hdev); 4058 4038 hci_adv_monitors_clear(hdev); 4059 - hci_bdaddr_list_clear(&hdev->le_white_list); 4039 + hci_bdaddr_list_clear(&hdev->le_accept_list); 4060 4040 hci_bdaddr_list_clear(&hdev->le_resolv_list); 4061 4041 hci_conn_params_clear_all(hdev); 4062 4042 hci_discovery_filter_clear(hdev); ··· 4097 4077 4098 4078 hci_skb_pkt_type(skb) = HCI_EVENT_PKT; 4099 4079 skb_put_data(skb, hw_err, 3); 4080 + 4081 + bt_dev_err(hdev, "Injecting HCI hardware error event"); 4100 4082 4101 4083 /* Send Hardware Error to upper stack */ 4102 4084 return hci_recv_frame(hdev, skb);

+4 -4

net/bluetooth/hci_debugfs.c

··· 125 125 struct bdaddr_list *b; 126 126 127 127 hci_dev_lock(hdev); 128 - list_for_each_entry(b, &hdev->whitelist, list) 128 + list_for_each_entry(b, &hdev->accept_list, list) 129 129 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type); 130 130 list_for_each_entry(p, &hdev->le_conn_params, list) { 131 131 seq_printf(f, "%pMR (type %u) %u\n", &p->addr, p->addr_type, ··· 144 144 struct bdaddr_list *b; 145 145 146 146 hci_dev_lock(hdev); 147 - list_for_each_entry(b, &hdev->blacklist, list) 147 + list_for_each_entry(b, &hdev->reject_list, list) 148 148 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type); 149 149 hci_dev_unlock(hdev); 150 150 ··· 784 784 struct bdaddr_list *b; 785 785 786 786 hci_dev_lock(hdev); 787 - list_for_each_entry(b, &hdev->le_white_list, list) 787 + list_for_each_entry(b, &hdev->le_accept_list, list) 788 788 seq_printf(f, "%pMR (type %u)\n", &b->bdaddr, b->bdaddr_type); 789 789 hci_dev_unlock(hdev); 790 790 ··· 1195 1195 &force_static_address_fops); 1196 1196 1197 1197 debugfs_create_u8("white_list_size", 0444, hdev->debugfs, 1198 - &hdev->le_white_list_size); 1198 + &hdev->le_accept_list_size); 1199 1199 debugfs_create_file("white_list", 0444, hdev->debugfs, hdev, 1200 1200 &white_list_fops); 1201 1201 debugfs_create_u8("resolv_list_size", 0444, hdev->debugfs,

+122 -89

net/bluetooth/hci_event.c

··· 236 236 237 237 hdev->ssp_debug_mode = 0; 238 238 239 - hci_bdaddr_list_clear(&hdev->le_white_list); 239 + hci_bdaddr_list_clear(&hdev->le_accept_list); 240 240 hci_bdaddr_list_clear(&hdev->le_resolv_list); 241 241 } 242 242 ··· 1492 1492 hdev->le_num_of_adv_sets = rp->num_of_sets; 1493 1493 } 1494 1494 1495 - static void hci_cc_le_read_white_list_size(struct hci_dev *hdev, 1496 - struct sk_buff *skb) 1495 + static void hci_cc_le_read_accept_list_size(struct hci_dev *hdev, 1496 + struct sk_buff *skb) 1497 1497 { 1498 - struct hci_rp_le_read_white_list_size *rp = (void *) skb->data; 1498 + struct hci_rp_le_read_accept_list_size *rp = (void *)skb->data; 1499 1499 1500 1500 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size); 1501 1501 1502 1502 if (rp->status) 1503 1503 return; 1504 1504 1505 - hdev->le_white_list_size = rp->size; 1505 + hdev->le_accept_list_size = rp->size; 1506 1506 } 1507 1507 1508 - static void hci_cc_le_clear_white_list(struct hci_dev *hdev, 1509 - struct sk_buff *skb) 1510 - { 1511 - __u8 status = *((__u8 *) skb->data); 1512 - 1513 - BT_DBG("%s status 0x%2.2x", hdev->name, status); 1514 - 1515 - if (status) 1516 - return; 1517 - 1518 - hci_bdaddr_list_clear(&hdev->le_white_list); 1519 - } 1520 - 1521 - static void hci_cc_le_add_to_white_list(struct hci_dev *hdev, 1508 + static void hci_cc_le_clear_accept_list(struct hci_dev *hdev, 1522 1509 struct sk_buff *skb) 1523 1510 { 1524 - struct hci_cp_le_add_to_white_list *sent; 1525 1511 __u8 status = *((__u8 *) skb->data); 1526 1512 1527 1513 BT_DBG("%s status 0x%2.2x", hdev->name, status); ··· 1515 1529 if (status) 1516 1530 return; 1517 1531 1518 - sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_WHITE_LIST); 1519 - if (!sent) 1520 - return; 1521 - 1522 - hci_bdaddr_list_add(&hdev->le_white_list, &sent->bdaddr, 1523 - sent->bdaddr_type); 1532 + hci_bdaddr_list_clear(&hdev->le_accept_list); 1524 1533 } 1525 1534 1526 - static void hci_cc_le_del_from_white_list(struct hci_dev *hdev, 1527 - struct sk_buff *skb) 1535 + static void hci_cc_le_add_to_accept_list(struct hci_dev *hdev, 1536 + struct sk_buff *skb) 1528 1537 { 1529 - struct hci_cp_le_del_from_white_list *sent; 1538 + struct hci_cp_le_add_to_accept_list *sent; 1530 1539 __u8 status = *((__u8 *) skb->data); 1531 1540 1532 1541 BT_DBG("%s status 0x%2.2x", hdev->name, status); ··· 1529 1548 if (status) 1530 1549 return; 1531 1550 1532 - sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_WHITE_LIST); 1551 + sent = hci_sent_cmd_data(hdev, HCI_OP_LE_ADD_TO_ACCEPT_LIST); 1533 1552 if (!sent) 1534 1553 return; 1535 1554 1536 - hci_bdaddr_list_del(&hdev->le_white_list, &sent->bdaddr, 1555 + hci_bdaddr_list_add(&hdev->le_accept_list, &sent->bdaddr, 1556 + sent->bdaddr_type); 1557 + } 1558 + 1559 + static void hci_cc_le_del_from_accept_list(struct hci_dev *hdev, 1560 + struct sk_buff *skb) 1561 + { 1562 + struct hci_cp_le_del_from_accept_list *sent; 1563 + __u8 status = *((__u8 *) skb->data); 1564 + 1565 + BT_DBG("%s status 0x%2.2x", hdev->name, status); 1566 + 1567 + if (status) 1568 + return; 1569 + 1570 + sent = hci_sent_cmd_data(hdev, HCI_OP_LE_DEL_FROM_ACCEPT_LIST); 1571 + if (!sent) 1572 + return; 1573 + 1574 + hci_bdaddr_list_del(&hdev->le_accept_list, &sent->bdaddr, 1537 1575 sent->bdaddr_type); 1538 1576 } 1539 1577 ··· 2069 2069 if (conn && 2070 2070 (conn->state == BT_CONFIG || conn->state == BT_CONNECTED) && 2071 2071 !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 2072 - mgmt_device_connected(hdev, conn, 0, name, name_len); 2072 + mgmt_device_connected(hdev, conn, name, name_len); 2073 2073 2074 2074 if (discov->state == DISCOVERY_STOPPED) 2075 2075 return; ··· 2367 2367 /* We don't want the connection attempt to stick around 2368 2368 * indefinitely since LE doesn't have a page timeout concept 2369 2369 * like BR/EDR. Set a timer for any connection that doesn't use 2370 - * the white list for connecting. 2370 + * the accept list for connecting. 2371 2371 */ 2372 2372 if (filter_policy == HCI_LE_USE_PEER_ADDR) 2373 2373 queue_delayed_work(conn->hdev->workqueue, ··· 2623 2623 * only used during suspend. 2624 2624 */ 2625 2625 if (ev->link_type == ACL_LINK && 2626 - hci_bdaddr_list_lookup_with_flags(&hdev->whitelist, 2626 + hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, 2627 2627 &ev->bdaddr, 2628 2628 BDADDR_BREDR)) { 2629 2629 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr, ··· 2745 2745 return; 2746 2746 } 2747 2747 2748 - if (hci_bdaddr_list_lookup(&hdev->blacklist, &ev->bdaddr, 2748 + if (hci_bdaddr_list_lookup(&hdev->reject_list, &ev->bdaddr, 2749 2749 BDADDR_BREDR)) { 2750 2750 hci_reject_conn(hdev, &ev->bdaddr); 2751 2751 return; 2752 2752 } 2753 2753 2754 - /* Require HCI_CONNECTABLE or a whitelist entry to accept the 2754 + /* Require HCI_CONNECTABLE or an accept list entry to accept the 2755 2755 * connection. These features are only touched through mgmt so 2756 2756 * only do the checks if HCI_MGMT is set. 2757 2757 */ 2758 2758 if (hci_dev_test_flag(hdev, HCI_MGMT) && 2759 2759 !hci_dev_test_flag(hdev, HCI_CONNECTABLE) && 2760 - !hci_bdaddr_list_lookup_with_flags(&hdev->whitelist, &ev->bdaddr, 2760 + !hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, &ev->bdaddr, 2761 2761 BDADDR_BREDR)) { 2762 2762 hci_reject_conn(hdev, &ev->bdaddr); 2763 2763 return; ··· 2795 2795 bacpy(&cp.bdaddr, &ev->bdaddr); 2796 2796 2797 2797 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER)) 2798 - cp.role = 0x00; /* Become master */ 2798 + cp.role = 0x00; /* Become central */ 2799 2799 else 2800 - cp.role = 0x01; /* Remain slave */ 2800 + cp.role = 0x01; /* Remain peripheral */ 2801 2801 2802 2802 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp); 2803 2803 } else if (!(flags & HCI_PROTO_DEFER)) { ··· 3256 3256 cp.pscan_rep_mode = 0x02; 3257 3257 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 3258 3258 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 3259 - mgmt_device_connected(hdev, conn, 0, NULL, 0); 3259 + mgmt_device_connected(hdev, conn, NULL, 0); 3260 3260 3261 3261 if (!hci_outgoing_auth_needed(hdev, conn)) { 3262 3262 conn->state = BT_CONNECTED; ··· 3266 3266 3267 3267 unlock: 3268 3268 hci_dev_unlock(hdev); 3269 + } 3270 + 3271 + static inline void handle_cmd_cnt_and_timer(struct hci_dev *hdev, 3272 + u16 opcode, u8 ncmd) 3273 + { 3274 + if (opcode != HCI_OP_NOP) 3275 + cancel_delayed_work(&hdev->cmd_timer); 3276 + 3277 + if (!test_bit(HCI_RESET, &hdev->flags)) { 3278 + if (ncmd) { 3279 + cancel_delayed_work(&hdev->ncmd_timer); 3280 + atomic_set(&hdev->cmd_cnt, 1); 3281 + } else { 3282 + schedule_delayed_work(&hdev->ncmd_timer, 3283 + HCI_NCMD_TIMEOUT); 3284 + } 3285 + } 3269 3286 } 3270 3287 3271 3288 static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb, ··· 3538 3521 hci_cc_le_set_scan_enable(hdev, skb); 3539 3522 break; 3540 3523 3541 - case HCI_OP_LE_READ_WHITE_LIST_SIZE: 3542 - hci_cc_le_read_white_list_size(hdev, skb); 3524 + case HCI_OP_LE_READ_ACCEPT_LIST_SIZE: 3525 + hci_cc_le_read_accept_list_size(hdev, skb); 3543 3526 break; 3544 3527 3545 - case HCI_OP_LE_CLEAR_WHITE_LIST: 3546 - hci_cc_le_clear_white_list(hdev, skb); 3528 + case HCI_OP_LE_CLEAR_ACCEPT_LIST: 3529 + hci_cc_le_clear_accept_list(hdev, skb); 3547 3530 break; 3548 3531 3549 - case HCI_OP_LE_ADD_TO_WHITE_LIST: 3550 - hci_cc_le_add_to_white_list(hdev, skb); 3532 + case HCI_OP_LE_ADD_TO_ACCEPT_LIST: 3533 + hci_cc_le_add_to_accept_list(hdev, skb); 3551 3534 break; 3552 3535 3553 - case HCI_OP_LE_DEL_FROM_WHITE_LIST: 3554 - hci_cc_le_del_from_white_list(hdev, skb); 3536 + case HCI_OP_LE_DEL_FROM_ACCEPT_LIST: 3537 + hci_cc_le_del_from_accept_list(hdev, skb); 3555 3538 break; 3556 3539 3557 3540 case HCI_OP_LE_READ_SUPPORTED_STATES: ··· 3647 3630 break; 3648 3631 } 3649 3632 3650 - if (*opcode != HCI_OP_NOP) 3651 - cancel_delayed_work(&hdev->cmd_timer); 3652 - 3653 - if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) 3654 - atomic_set(&hdev->cmd_cnt, 1); 3633 + handle_cmd_cnt_and_timer(hdev, *opcode, ev->ncmd); 3655 3634 3656 3635 hci_req_cmd_complete(hdev, *opcode, *status, req_complete, 3657 3636 req_complete_skb); ··· 3748 3735 break; 3749 3736 } 3750 3737 3751 - if (*opcode != HCI_OP_NOP) 3752 - cancel_delayed_work(&hdev->cmd_timer); 3753 - 3754 - if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) 3755 - atomic_set(&hdev->cmd_cnt, 1); 3738 + handle_cmd_cnt_and_timer(hdev, *opcode, ev->ncmd); 3756 3739 3757 3740 /* Indicate request completion if the command failed. Also, if 3758 3741 * we're not waiting for a special event and we get a success ··· 4339 4330 cp.pscan_rep_mode = 0x02; 4340 4331 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp); 4341 4332 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 4342 - mgmt_device_connected(hdev, conn, 0, NULL, 0); 4333 + mgmt_device_connected(hdev, conn, NULL, 0); 4343 4334 4344 4335 if (!hci_outgoing_auth_needed(hdev, conn)) { 4345 4336 conn->state = BT_CONNECTED; ··· 4413 4404 4414 4405 bt_dev_dbg(hdev, "SCO connected with air mode: %02x", ev->air_mode); 4415 4406 4416 - switch (conn->setting & SCO_AIRMODE_MASK) { 4417 - case SCO_AIRMODE_CVSD: 4407 + switch (ev->air_mode) { 4408 + case 0x02: 4418 4409 if (hdev->notify) 4419 4410 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_CVSD); 4420 4411 break; 4421 - case SCO_AIRMODE_TRANSP: 4412 + case 0x03: 4422 4413 if (hdev->notify) 4423 4414 hdev->notify(hdev, HCI_NOTIFY_ENABLE_SCO_TRANSP); 4424 4415 break; ··· 5131 5122 conn->dst_type = bdaddr_type; 5132 5123 5133 5124 /* If we didn't have a hci_conn object previously 5134 - * but we're in master role this must be something 5135 - * initiated using a white list. Since white list based 5125 + * but we're in central role this must be something 5126 + * initiated using an accept list. Since accept list based 5136 5127 * connections are not "first class citizens" we don't 5137 5128 * have full tracking of them. Therefore, we go ahead 5138 5129 * with a "best effort" approach of determining the ··· 5196 5187 conn->dst_type = irk->addr_type; 5197 5188 } 5198 5189 5190 + /* When using controller based address resolution, then the new 5191 + * address types 0x02 and 0x03 are used. These types need to be 5192 + * converted back into either public address or random address type 5193 + */ 5194 + if (use_ll_privacy(hdev) && 5195 + hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY) && 5196 + hci_dev_test_flag(hdev, HCI_LL_RPA_RESOLUTION)) { 5197 + switch (conn->dst_type) { 5198 + case ADDR_LE_DEV_PUBLIC_RESOLVED: 5199 + conn->dst_type = ADDR_LE_DEV_PUBLIC; 5200 + break; 5201 + case ADDR_LE_DEV_RANDOM_RESOLVED: 5202 + conn->dst_type = ADDR_LE_DEV_RANDOM; 5203 + break; 5204 + } 5205 + } 5206 + 5199 5207 if (status) { 5200 5208 hci_le_conn_failed(conn, status); 5201 5209 goto unlock; ··· 5224 5198 addr_type = BDADDR_LE_RANDOM; 5225 5199 5226 5200 /* Drop the connection if the device is blocked */ 5227 - if (hci_bdaddr_list_lookup(&hdev->blacklist, &conn->dst, addr_type)) { 5201 + if (hci_bdaddr_list_lookup(&hdev->reject_list, &conn->dst, addr_type)) { 5228 5202 hci_conn_drop(conn); 5229 5203 goto unlock; 5230 5204 } 5231 5205 5232 5206 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 5233 - mgmt_device_connected(hdev, conn, 0, NULL, 0); 5207 + mgmt_device_connected(hdev, conn, NULL, 0); 5234 5208 5235 5209 conn->sec_level = BT_SECURITY_LOW; 5236 5210 conn->handle = handle; ··· 5243 5217 hci_debugfs_create_conn(conn); 5244 5218 hci_conn_add_sysfs(conn); 5245 5219 5246 - /* The remote features procedure is defined for master 5220 + /* The remote features procedure is defined for central 5247 5221 * role only. So only in case of an initiated connection 5248 5222 * request the remote features. 5249 5223 * 5250 - * If the local controller supports slave-initiated features 5251 - * exchange, then requesting the remote features in slave 5224 + * If the local controller supports peripheral-initiated features 5225 + * exchange, then requesting the remote features in peripheral 5252 5226 * role is possible. Otherwise just transition into the 5253 5227 * connected state without requesting the remote features. 5254 5228 */ 5255 5229 if (conn->out || 5256 - (hdev->le_features[0] & HCI_LE_SLAVE_FEATURES)) { 5230 + (hdev->le_features[0] & HCI_LE_PERIPHERAL_FEATURES)) { 5257 5231 struct hci_cp_le_read_remote_features cp; 5258 5232 5259 5233 cp.handle = __cpu_to_le16(conn->handle); ··· 5322 5296 5323 5297 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status); 5324 5298 5325 - if (ev->status) 5299 + if (ev->status) { 5300 + struct adv_info *adv; 5301 + 5302 + adv = hci_find_adv_instance(hdev, ev->handle); 5303 + if (!adv) 5304 + return; 5305 + 5306 + /* Remove advertising as it has been terminated */ 5307 + hci_remove_adv_instance(hdev, ev->handle); 5308 + mgmt_advertising_removed(NULL, hdev, ev->handle); 5309 + 5326 5310 return; 5311 + } 5327 5312 5328 5313 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->conn_handle)); 5329 5314 if (conn) { ··· 5391 5354 return NULL; 5392 5355 5393 5356 /* Ignore if the device is blocked */ 5394 - if (hci_bdaddr_list_lookup(&hdev->blacklist, addr, addr_type)) 5357 + if (hci_bdaddr_list_lookup(&hdev->reject_list, addr, addr_type)) 5395 5358 return NULL; 5396 5359 5397 5360 /* Most controller will fail if we try to create new connections 5398 - * while we have an existing one in slave role. 5361 + * while we have an existing one in peripheral role. 5399 5362 */ 5400 - if (hdev->conn_hash.le_num_slave > 0 && 5363 + if (hdev->conn_hash.le_num_peripheral > 0 && 5401 5364 (!test_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks) || 5402 5365 !(hdev->le_states[3] & 0x10))) 5403 5366 return NULL; ··· 5415 5378 case HCI_AUTO_CONN_DIRECT: 5416 5379 /* Only devices advertising with ADV_DIRECT_IND are 5417 5380 * triggering a connection attempt. This is allowing 5418 - * incoming connections from slave devices. 5381 + * incoming connections from peripheral devices. 5419 5382 */ 5420 5383 if (adv_type != LE_ADV_DIRECT_IND) 5421 5384 return NULL; ··· 5423 5386 case HCI_AUTO_CONN_ALWAYS: 5424 5387 /* Devices advertising with ADV_IND or ADV_DIRECT_IND 5425 5388 * are triggering a connection attempt. This means 5426 - * that incoming connections from slave device are 5427 - * accepted and also outgoing connections to slave 5389 + * that incoming connections from peripheral device are 5390 + * accepted and also outgoing connections to peripheral 5428 5391 * devices are established when found. 5429 5392 */ 5430 5393 break; ··· 5478 5441 struct hci_conn *conn; 5479 5442 bool match; 5480 5443 u32 flags; 5481 - u8 *ptr, real_len; 5444 + u8 *ptr; 5482 5445 5483 5446 switch (type) { 5484 5447 case LE_ADV_IND: ··· 5509 5472 break; 5510 5473 } 5511 5474 5512 - real_len = ptr - data; 5513 - 5514 - /* Adjust for actual length */ 5515 - if (len != real_len) { 5516 - bt_dev_err_ratelimited(hdev, "advertising data len corrected %u -> %u", 5517 - len, real_len); 5518 - len = real_len; 5519 - } 5475 + /* Adjust for actual length. This handles the case when remote 5476 + * device is advertising with incorrect data length. 5477 + */ 5478 + len = ptr - data; 5520 5479 5521 5480 /* If the direct address is present, then this report is from 5522 5481 * a LE Direct Advertising Report event. In that case it is ··· 5785 5752 if (conn->state == BT_CONFIG) { 5786 5753 __u8 status; 5787 5754 5788 - /* If the local controller supports slave-initiated 5755 + /* If the local controller supports peripheral-initiated 5789 5756 * features exchange, but the remote controller does 5790 5757 * not, then it is possible that the error code 0x1a 5791 5758 * for unsupported remote feature gets returned. ··· 5794 5761 * transition into connected state and mark it as 5795 5762 * successful. 5796 5763 */ 5797 - if ((hdev->le_features[0] & HCI_LE_SLAVE_FEATURES) && 5798 - !conn->out && ev->status == 0x1a) 5764 + if (!conn->out && ev->status == 0x1a && 5765 + (hdev->le_features[0] & HCI_LE_PERIPHERAL_FEATURES)) 5799 5766 status = 0x00; 5800 5767 else 5801 5768 status = ev->status;

+124 -79

net/bluetooth/hci_request.c

··· 745 745 } 746 746 } 747 747 748 - static void del_from_white_list(struct hci_request *req, bdaddr_t *bdaddr, 749 - u8 bdaddr_type) 748 + static void del_from_accept_list(struct hci_request *req, bdaddr_t *bdaddr, 749 + u8 bdaddr_type) 750 750 { 751 - struct hci_cp_le_del_from_white_list cp; 751 + struct hci_cp_le_del_from_accept_list cp; 752 752 753 753 cp.bdaddr_type = bdaddr_type; 754 754 bacpy(&cp.bdaddr, bdaddr); 755 755 756 - bt_dev_dbg(req->hdev, "Remove %pMR (0x%x) from whitelist", &cp.bdaddr, 756 + bt_dev_dbg(req->hdev, "Remove %pMR (0x%x) from accept list", &cp.bdaddr, 757 757 cp.bdaddr_type); 758 - hci_req_add(req, HCI_OP_LE_DEL_FROM_WHITE_LIST, sizeof(cp), &cp); 758 + hci_req_add(req, HCI_OP_LE_DEL_FROM_ACCEPT_LIST, sizeof(cp), &cp); 759 759 760 760 if (use_ll_privacy(req->hdev) && 761 761 hci_dev_test_flag(req->hdev, HCI_ENABLE_LL_PRIVACY)) { ··· 774 774 } 775 775 } 776 776 777 - /* Adds connection to white list if needed. On error, returns -1. */ 778 - static int add_to_white_list(struct hci_request *req, 779 - struct hci_conn_params *params, u8 *num_entries, 780 - bool allow_rpa) 777 + /* Adds connection to accept list if needed. On error, returns -1. */ 778 + static int add_to_accept_list(struct hci_request *req, 779 + struct hci_conn_params *params, u8 *num_entries, 780 + bool allow_rpa) 781 781 { 782 - struct hci_cp_le_add_to_white_list cp; 782 + struct hci_cp_le_add_to_accept_list cp; 783 783 struct hci_dev *hdev = req->hdev; 784 784 785 - /* Already in white list */ 786 - if (hci_bdaddr_list_lookup(&hdev->le_white_list, &params->addr, 785 + /* Already in accept list */ 786 + if (hci_bdaddr_list_lookup(&hdev->le_accept_list, &params->addr, 787 787 params->addr_type)) 788 788 return 0; 789 789 790 790 /* Select filter policy to accept all advertising */ 791 - if (*num_entries >= hdev->le_white_list_size) 791 + if (*num_entries >= hdev->le_accept_list_size) 792 792 return -1; 793 793 794 - /* White list can not be used with RPAs */ 794 + /* Accept list can not be used with RPAs */ 795 795 if (!allow_rpa && 796 796 !hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY) && 797 797 hci_find_irk_by_addr(hdev, &params->addr, params->addr_type)) { 798 798 return -1; 799 799 } 800 800 801 - /* During suspend, only wakeable devices can be in whitelist */ 801 + /* During suspend, only wakeable devices can be in accept list */ 802 802 if (hdev->suspended && !hci_conn_test_flag(HCI_CONN_FLAG_REMOTE_WAKEUP, 803 803 params->current_flags)) 804 804 return 0; ··· 807 807 cp.bdaddr_type = params->addr_type; 808 808 bacpy(&cp.bdaddr, &params->addr); 809 809 810 - bt_dev_dbg(hdev, "Add %pMR (0x%x) to whitelist", &cp.bdaddr, 810 + bt_dev_dbg(hdev, "Add %pMR (0x%x) to accept list", &cp.bdaddr, 811 811 cp.bdaddr_type); 812 - hci_req_add(req, HCI_OP_LE_ADD_TO_WHITE_LIST, sizeof(cp), &cp); 812 + hci_req_add(req, HCI_OP_LE_ADD_TO_ACCEPT_LIST, sizeof(cp), &cp); 813 813 814 814 if (use_ll_privacy(hdev) && 815 815 hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY)) { ··· 837 837 return 0; 838 838 } 839 839 840 - static u8 update_white_list(struct hci_request *req) 840 + static u8 update_accept_list(struct hci_request *req) 841 841 { 842 842 struct hci_dev *hdev = req->hdev; 843 843 struct hci_conn_params *params; 844 844 struct bdaddr_list *b; 845 845 u8 num_entries = 0; 846 846 bool pend_conn, pend_report; 847 - /* We allow whitelisting even with RPAs in suspend. In the worst case, 848 - * we won't be able to wake from devices that use the privacy1.2 847 + /* We allow usage of accept list even with RPAs in suspend. In the worst 848 + * case, we won't be able to wake from devices that use the privacy1.2 849 849 * features. Additionally, once we support privacy1.2 and IRK 850 850 * offloading, we can update this to also check for those conditions. 851 851 */ ··· 855 855 hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY)) 856 856 allow_rpa = true; 857 857 858 - /* Go through the current white list programmed into the 858 + /* Go through the current accept list programmed into the 859 859 * controller one by one and check if that address is still 860 860 * in the list of pending connections or list of devices to 861 861 * report. If not present in either list, then queue the 862 862 * command to remove it from the controller. 863 863 */ 864 - list_for_each_entry(b, &hdev->le_white_list, list) { 864 + list_for_each_entry(b, &hdev->le_accept_list, list) { 865 865 pend_conn = hci_pend_le_action_lookup(&hdev->pend_le_conns, 866 866 &b->bdaddr, 867 867 b->bdaddr_type); ··· 870 870 b->bdaddr_type); 871 871 872 872 /* If the device is not likely to connect or report, 873 - * remove it from the whitelist. 873 + * remove it from the accept list. 874 874 */ 875 875 if (!pend_conn && !pend_report) { 876 - del_from_white_list(req, &b->bdaddr, b->bdaddr_type); 876 + del_from_accept_list(req, &b->bdaddr, b->bdaddr_type); 877 877 continue; 878 878 } 879 879 880 - /* White list can not be used with RPAs */ 880 + /* Accept list can not be used with RPAs */ 881 881 if (!allow_rpa && 882 882 !hci_dev_test_flag(hdev, HCI_ENABLE_LL_PRIVACY) && 883 883 hci_find_irk_by_addr(hdev, &b->bdaddr, b->bdaddr_type)) { ··· 887 887 num_entries++; 888 888 } 889 889 890 - /* Since all no longer valid white list entries have been 890 + /* Since all no longer valid accept list entries have been 891 891 * removed, walk through the list of pending connections 892 892 * and ensure that any new device gets programmed into 893 893 * the controller. 894 894 * 895 895 * If the list of the devices is larger than the list of 896 - * available white list entries in the controller, then 896 + * available accept list entries in the controller, then 897 897 * just abort and return filer policy value to not use the 898 - * white list. 898 + * accept list. 899 899 */ 900 900 list_for_each_entry(params, &hdev->pend_le_conns, action) { 901 - if (add_to_white_list(req, params, &num_entries, allow_rpa)) 901 + if (add_to_accept_list(req, params, &num_entries, allow_rpa)) 902 902 return 0x00; 903 903 } 904 904 905 905 /* After adding all new pending connections, walk through 906 906 * the list of pending reports and also add these to the 907 - * white list if there is still space. Abort if space runs out. 907 + * accept list if there is still space. Abort if space runs out. 908 908 */ 909 909 list_for_each_entry(params, &hdev->pend_le_reports, action) { 910 - if (add_to_white_list(req, params, &num_entries, allow_rpa)) 910 + if (add_to_accept_list(req, params, &num_entries, allow_rpa)) 911 911 return 0x00; 912 912 } 913 913 ··· 921 921 hdev->interleave_scan_state != INTERLEAVE_SCAN_ALLOWLIST) 922 922 return 0x00; 923 923 924 - /* Select filter policy to use white list */ 924 + /* Select filter policy to use accept list */ 925 925 return 0x01; 926 926 } 927 927 ··· 932 932 933 933 static void hci_req_start_scan(struct hci_request *req, u8 type, u16 interval, 934 934 u16 window, u8 own_addr_type, u8 filter_policy, 935 - bool addr_resolv) 935 + bool filter_dup, bool addr_resolv) 936 936 { 937 937 struct hci_dev *hdev = req->hdev; 938 938 ··· 997 997 998 998 memset(&ext_enable_cp, 0, sizeof(ext_enable_cp)); 999 999 ext_enable_cp.enable = LE_SCAN_ENABLE; 1000 - ext_enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE; 1000 + ext_enable_cp.filter_dup = filter_dup; 1001 1001 1002 1002 hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_ENABLE, 1003 1003 sizeof(ext_enable_cp), &ext_enable_cp); ··· 1016 1016 1017 1017 memset(&enable_cp, 0, sizeof(enable_cp)); 1018 1018 enable_cp.enable = LE_SCAN_ENABLE; 1019 - enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE; 1019 + enable_cp.filter_dup = filter_dup; 1020 1020 hci_req_add(req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp), 1021 1021 &enable_cp); 1022 1022 } ··· 1053 1053 u8 own_addr_type; 1054 1054 u8 filter_policy; 1055 1055 u16 window, interval; 1056 + /* Default is to enable duplicates filter */ 1057 + u8 filter_dup = LE_SCAN_FILTER_DUP_ENABLE; 1056 1058 /* Background scanning should run with address resolution */ 1057 1059 bool addr_resolv = true; 1058 1060 ··· 1078 1076 return; 1079 1077 1080 1078 bt_dev_dbg(hdev, "interleave state %d", hdev->interleave_scan_state); 1081 - /* Adding or removing entries from the white list must 1079 + /* Adding or removing entries from the accept list must 1082 1080 * happen before enabling scanning. The controller does 1083 - * not allow white list modification while scanning. 1081 + * not allow accept list modification while scanning. 1084 1082 */ 1085 - filter_policy = update_white_list(req); 1083 + filter_policy = update_accept_list(req); 1086 1084 1087 1085 /* When the controller is using random resolvable addresses and 1088 1086 * with that having LE privacy enabled, then controllers with 1089 1087 * Extended Scanner Filter Policies support can now enable support 1090 1088 * for handling directed advertising. 1091 1089 * 1092 - * So instead of using filter polices 0x00 (no whitelist) 1093 - * and 0x01 (whitelist enabled) use the new filter policies 1094 - * 0x02 (no whitelist) and 0x03 (whitelist enabled). 1090 + * So instead of using filter polices 0x00 (no accept list) 1091 + * and 0x01 (accept list enabled) use the new filter policies 1092 + * 0x02 (no accept list) and 0x03 (accept list enabled). 1095 1093 */ 1096 1094 if (hci_dev_test_flag(hdev, HCI_PRIVACY) && 1097 1095 (hdev->le_features[0] & HCI_LE_EXT_SCAN_POLICY)) ··· 1108 1106 } else if (hci_is_adv_monitoring(hdev)) { 1109 1107 window = hdev->le_scan_window_adv_monitor; 1110 1108 interval = hdev->le_scan_int_adv_monitor; 1109 + 1110 + /* Disable duplicates filter when scanning for advertisement 1111 + * monitor for the following reasons. 1112 + * 1113 + * For HW pattern filtering (ex. MSFT), Realtek and Qualcomm 1114 + * controllers ignore RSSI_Sampling_Period when the duplicates 1115 + * filter is enabled. 1116 + * 1117 + * For SW pattern filtering, when we're not doing interleaved 1118 + * scanning, it is necessary to disable duplicates filter, 1119 + * otherwise hosts can only receive one advertisement and it's 1120 + * impossible to know if a peer is still in range. 1121 + */ 1122 + filter_dup = LE_SCAN_FILTER_DUP_DISABLE; 1111 1123 } else { 1112 1124 window = hdev->le_scan_window; 1113 1125 interval = hdev->le_scan_interval; 1114 1126 } 1115 1127 1116 - bt_dev_dbg(hdev, "LE passive scan with whitelist = %d", filter_policy); 1128 + bt_dev_dbg(hdev, "LE passive scan with accept list = %d", 1129 + filter_policy); 1117 1130 hci_req_start_scan(req, LE_SCAN_PASSIVE, interval, window, 1118 - own_addr_type, filter_policy, addr_resolv); 1131 + own_addr_type, filter_policy, filter_dup, 1132 + addr_resolv); 1119 1133 } 1120 1134 1121 1135 static bool adv_instance_is_scannable(struct hci_dev *hdev, u8 instance) ··· 1181 1163 /* Always clear event filter when starting */ 1182 1164 hci_req_clear_event_filter(req); 1183 1165 1184 - list_for_each_entry(b, &hdev->whitelist, list) { 1166 + list_for_each_entry(b, &hdev->accept_list, list) { 1185 1167 if (!hci_conn_test_flag(HCI_CONN_FLAG_REMOTE_WAKEUP, 1186 1168 b->current_flags)) 1187 1169 continue; ··· 1520 1502 if (hci_conn_num(hdev, LE_LINK) == 0) 1521 1503 return true; 1522 1504 1523 - /* Check le_states if there is any connection in slave role. */ 1524 - if (hdev->conn_hash.le_num_slave > 0) { 1525 - /* Slave connection state and non connectable mode bit 20. */ 1505 + /* Check le_states if there is any connection in peripheral role. */ 1506 + if (hdev->conn_hash.le_num_peripheral > 0) { 1507 + /* Peripheral connection state and non connectable mode bit 20. 1508 + */ 1526 1509 if (!connectable && !(hdev->le_states[2] & 0x10)) 1527 1510 return false; 1528 1511 1529 - /* Slave connection state and connectable mode bit 38 1512 + /* Peripheral connection state and connectable mode bit 38 1530 1513 * and scannable bit 21. 1531 1514 */ 1532 1515 if (connectable && (!(hdev->le_states[4] & 0x40) || ··· 1535 1516 return false; 1536 1517 } 1537 1518 1538 - /* Check le_states if there is any connection in master role. */ 1539 - if (hci_conn_num(hdev, LE_LINK) != hdev->conn_hash.le_num_slave) { 1540 - /* Master connection state and non connectable mode bit 18. */ 1519 + /* Check le_states if there is any connection in central role. */ 1520 + if (hci_conn_num(hdev, LE_LINK) != hdev->conn_hash.le_num_peripheral) { 1521 + /* Central connection state and non connectable mode bit 18. */ 1541 1522 if (!connectable && !(hdev->le_states[2] & 0x02)) 1542 1523 return false; 1543 1524 1544 - /* Master connection state and connectable mode bit 35 and 1525 + /* Central connection state and connectable mode bit 35 and 1545 1526 * scannable 19. 1546 1527 */ 1547 1528 if (connectable && (!(hdev->le_states[4] & 0x08) || ··· 1716 1697 return; 1717 1698 1718 1699 if (ext_adv_capable(hdev)) { 1719 - struct hci_cp_le_set_ext_scan_rsp_data cp; 1700 + struct { 1701 + struct hci_cp_le_set_ext_scan_rsp_data cp; 1702 + u8 data[HCI_MAX_EXT_AD_LENGTH]; 1703 + } pdu; 1720 1704 1721 - memset(&cp, 0, sizeof(cp)); 1705 + memset(&pdu, 0, sizeof(pdu)); 1722 1706 1723 1707 if (instance) 1724 1708 len = create_instance_scan_rsp_data(hdev, instance, 1725 - cp.data); 1709 + pdu.data); 1726 1710 else 1727 - len = create_default_scan_rsp_data(hdev, cp.data); 1711 + len = create_default_scan_rsp_data(hdev, pdu.data); 1728 1712 1729 1713 if (hdev->scan_rsp_data_len == len && 1730 - !memcmp(cp.data, hdev->scan_rsp_data, len)) 1714 + !memcmp(pdu.data, hdev->scan_rsp_data, len)) 1731 1715 return; 1732 1716 1733 - memcpy(hdev->scan_rsp_data, cp.data, sizeof(cp.data)); 1717 + memcpy(hdev->scan_rsp_data, pdu.data, len); 1734 1718 hdev->scan_rsp_data_len = len; 1735 1719 1736 - cp.handle = instance; 1737 - cp.length = len; 1738 - cp.operation = LE_SET_ADV_DATA_OP_COMPLETE; 1739 - cp.frag_pref = LE_SET_ADV_DATA_NO_FRAG; 1720 + pdu.cp.handle = instance; 1721 + pdu.cp.length = len; 1722 + pdu.cp.operation = LE_SET_ADV_DATA_OP_COMPLETE; 1723 + pdu.cp.frag_pref = LE_SET_ADV_DATA_NO_FRAG; 1740 1724 1741 - hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_RSP_DATA, sizeof(cp), 1742 - &cp); 1725 + hci_req_add(req, HCI_OP_LE_SET_EXT_SCAN_RSP_DATA, 1726 + sizeof(pdu.cp) + len, &pdu.cp); 1743 1727 } else { 1744 1728 struct hci_cp_le_set_scan_rsp_data cp; 1745 1729 ··· 1865 1843 return; 1866 1844 1867 1845 if (ext_adv_capable(hdev)) { 1868 - struct hci_cp_le_set_ext_adv_data cp; 1846 + struct { 1847 + struct hci_cp_le_set_ext_adv_data cp; 1848 + u8 data[HCI_MAX_EXT_AD_LENGTH]; 1849 + } pdu; 1869 1850 1870 - memset(&cp, 0, sizeof(cp)); 1851 + memset(&pdu, 0, sizeof(pdu)); 1871 1852 1872 - len = create_instance_adv_data(hdev, instance, cp.data); 1853 + len = create_instance_adv_data(hdev, instance, pdu.data); 1873 1854 1874 1855 /* There's nothing to do if the data hasn't changed */ 1875 1856 if (hdev->adv_data_len == len && 1876 - memcmp(cp.data, hdev->adv_data, len) == 0) 1857 + memcmp(pdu.data, hdev->adv_data, len) == 0) 1877 1858 return; 1878 1859 1879 - memcpy(hdev->adv_data, cp.data, sizeof(cp.data)); 1860 + memcpy(hdev->adv_data, pdu.data, len); 1880 1861 hdev->adv_data_len = len; 1881 1862 1882 - cp.length = len; 1883 - cp.handle = instance; 1884 - cp.operation = LE_SET_ADV_DATA_OP_COMPLETE; 1885 - cp.frag_pref = LE_SET_ADV_DATA_NO_FRAG; 1863 + pdu.cp.length = len; 1864 + pdu.cp.handle = instance; 1865 + pdu.cp.operation = LE_SET_ADV_DATA_OP_COMPLETE; 1866 + pdu.cp.frag_pref = LE_SET_ADV_DATA_NO_FRAG; 1886 1867 1887 - hci_req_add(req, HCI_OP_LE_SET_EXT_ADV_DATA, sizeof(cp), &cp); 1868 + hci_req_add(req, HCI_OP_LE_SET_EXT_ADV_DATA, 1869 + sizeof(pdu.cp) + len, &pdu.cp); 1888 1870 } else { 1889 1871 struct hci_cp_le_set_adv_data cp; 1890 1872 ··· 2631 2605 return 0; 2632 2606 } 2633 2607 2634 - static bool disconnected_whitelist_entries(struct hci_dev *hdev) 2608 + static bool disconnected_accept_list_entries(struct hci_dev *hdev) 2635 2609 { 2636 2610 struct bdaddr_list *b; 2637 2611 2638 - list_for_each_entry(b, &hdev->whitelist, list) { 2612 + list_for_each_entry(b, &hdev->accept_list, list) { 2639 2613 struct hci_conn *conn; 2640 2614 2641 2615 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &b->bdaddr); ··· 2667 2641 return; 2668 2642 2669 2643 if (hci_dev_test_flag(hdev, HCI_CONNECTABLE) || 2670 - disconnected_whitelist_entries(hdev)) 2644 + disconnected_accept_list_entries(hdev)) 2671 2645 scan = SCAN_PAGE; 2672 2646 else 2673 2647 scan = SCAN_DISABLED; ··· 3159 3133 uint16_t interval = opt; 3160 3134 struct hci_dev *hdev = req->hdev; 3161 3135 u8 own_addr_type; 3162 - /* White list is not used for discovery */ 3136 + /* Accept list is not used for discovery */ 3163 3137 u8 filter_policy = 0x00; 3138 + /* Default is to enable duplicates filter */ 3139 + u8 filter_dup = LE_SCAN_FILTER_DUP_ENABLE; 3164 3140 /* Discovery doesn't require controller address resolution */ 3165 3141 bool addr_resolv = false; 3166 3142 int err; ··· 3187 3159 if (err < 0) 3188 3160 own_addr_type = ADDR_LE_DEV_PUBLIC; 3189 3161 3162 + if (hci_is_adv_monitoring(hdev)) { 3163 + /* Duplicate filter should be disabled when some advertisement 3164 + * monitor is activated, otherwise AdvMon can only receive one 3165 + * advertisement for one peer(*) during active scanning, and 3166 + * might report loss to these peers. 3167 + * 3168 + * Note that different controllers have different meanings of 3169 + * |duplicate|. Some of them consider packets with the same 3170 + * address as duplicate, and others consider packets with the 3171 + * same address and the same RSSI as duplicate. Although in the 3172 + * latter case we don't need to disable duplicate filter, but 3173 + * it is common to have active scanning for a short period of 3174 + * time, the power impact should be neglectable. 3175 + */ 3176 + filter_dup = LE_SCAN_FILTER_DUP_DISABLE; 3177 + } 3178 + 3190 3179 hci_req_start_scan(req, LE_SCAN_ACTIVE, interval, 3191 3180 hdev->le_scan_window_discovery, own_addr_type, 3192 - filter_policy, addr_resolv); 3181 + filter_policy, filter_dup, addr_resolv); 3193 3182 return 0; 3194 3183 } 3195 3184

+6 -6

net/bluetooth/hci_sock.c

··· 892 892 return 0; 893 893 } 894 894 895 - static int hci_sock_blacklist_add(struct hci_dev *hdev, void __user *arg) 895 + static int hci_sock_reject_list_add(struct hci_dev *hdev, void __user *arg) 896 896 { 897 897 bdaddr_t bdaddr; 898 898 int err; ··· 902 902 903 903 hci_dev_lock(hdev); 904 904 905 - err = hci_bdaddr_list_add(&hdev->blacklist, &bdaddr, BDADDR_BREDR); 905 + err = hci_bdaddr_list_add(&hdev->reject_list, &bdaddr, BDADDR_BREDR); 906 906 907 907 hci_dev_unlock(hdev); 908 908 909 909 return err; 910 910 } 911 911 912 - static int hci_sock_blacklist_del(struct hci_dev *hdev, void __user *arg) 912 + static int hci_sock_reject_list_del(struct hci_dev *hdev, void __user *arg) 913 913 { 914 914 bdaddr_t bdaddr; 915 915 int err; ··· 919 919 920 920 hci_dev_lock(hdev); 921 921 922 - err = hci_bdaddr_list_del(&hdev->blacklist, &bdaddr, BDADDR_BREDR); 922 + err = hci_bdaddr_list_del(&hdev->reject_list, &bdaddr, BDADDR_BREDR); 923 923 924 924 hci_dev_unlock(hdev); 925 925 ··· 959 959 case HCIBLOCKADDR: 960 960 if (!capable(CAP_NET_ADMIN)) 961 961 return -EPERM; 962 - return hci_sock_blacklist_add(hdev, (void __user *)arg); 962 + return hci_sock_reject_list_add(hdev, (void __user *)arg); 963 963 964 964 case HCIUNBLOCKADDR: 965 965 if (!capable(CAP_NET_ADMIN)) 966 966 return -EPERM; 967 - return hci_sock_blacklist_del(hdev, (void __user *)arg); 967 + return hci_sock_reject_list_del(hdev, (void __user *)arg); 968 968 } 969 969 970 970 return -ENOIOCTLCMD;

+4 -4

net/bluetooth/hidp/core.c

··· 508 508 unsigned char param) 509 509 { 510 510 int done_with_skb = 1; 511 - BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param); 511 + BT_DBG("session %p skb %p len %u param 0x%02x", session, skb, skb->len, param); 512 512 513 513 switch (param) { 514 514 case HIDP_DATA_RTYPE_INPUT: ··· 553 553 unsigned char hdr, type, param; 554 554 int free_skb = 1; 555 555 556 - BT_DBG("session %p skb %p len %d", session, skb, skb->len); 556 + BT_DBG("session %p skb %p len %u", session, skb, skb->len); 557 557 558 558 hdr = skb->data[0]; 559 559 skb_pull(skb, 1); ··· 589 589 { 590 590 unsigned char hdr; 591 591 592 - BT_DBG("session %p skb %p len %d", session, skb, skb->len); 592 + BT_DBG("session %p skb %p len %u", session, skb, skb->len); 593 593 594 594 hdr = skb->data[0]; 595 595 skb_pull(skb, 1); ··· 794 794 hid->dev.parent = &session->conn->hcon->dev; 795 795 hid->ll_driver = &hidp_hid_driver; 796 796 797 - /* True if device is blacklisted in drivers/hid/hid-quirks.c */ 797 + /* True if device is blocked in drivers/hid/hid-quirks.c */ 798 798 if (hid_ignore(hid)) { 799 799 hid_destroy_device(session->hid); 800 800 session->hid = NULL;

+8 -8

net/bluetooth/l2cap_core.c

··· 1691 1691 if (hcon->out) 1692 1692 smp_conn_security(hcon, hcon->pending_sec_level); 1693 1693 1694 - /* For LE slave connections, make sure the connection interval 1694 + /* For LE peripheral connections, make sure the connection interval 1695 1695 * is in the range of the minimum and maximum interval that has 1696 1696 * been configured for this connection. If not, then trigger 1697 1697 * the connection update procedure. ··· 4237 4237 hci_dev_lock(hdev); 4238 4238 if (hci_dev_test_flag(hdev, HCI_MGMT) && 4239 4239 !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &hcon->flags)) 4240 - mgmt_device_connected(hdev, hcon, 0, NULL, 0); 4240 + mgmt_device_connected(hdev, hcon, NULL, 0); 4241 4241 hci_dev_unlock(hdev); 4242 4242 4243 4243 l2cap_connect(conn, cmd, data, L2CAP_CONN_RSP, 0); ··· 6066 6066 struct l2cap_ecred_conn_rsp *rsp = (void *) data; 6067 6067 struct hci_conn *hcon = conn->hcon; 6068 6068 u16 mtu, mps, credits, result; 6069 - struct l2cap_chan *chan; 6069 + struct l2cap_chan *chan, *tmp; 6070 6070 int err = 0, sec_level; 6071 6071 int i = 0; 6072 6072 ··· 6085 6085 6086 6086 cmd_len -= sizeof(*rsp); 6087 6087 6088 - list_for_each_entry(chan, &conn->chan_l, list) { 6088 + list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { 6089 6089 u16 dcid; 6090 6090 6091 6091 if (chan->ident != cmd->ident || ··· 6248 6248 struct l2cap_cmd_hdr *cmd, u16 cmd_len, 6249 6249 u8 *data) 6250 6250 { 6251 - struct l2cap_chan *chan; 6251 + struct l2cap_chan *chan, *tmp; 6252 6252 struct l2cap_ecred_conn_rsp *rsp = (void *) data; 6253 6253 u16 result; 6254 6254 ··· 6262 6262 if (!result) 6263 6263 return 0; 6264 6264 6265 - list_for_each_entry(chan, &conn->chan_l, list) { 6265 + list_for_each_entry_safe(chan, tmp, &conn->chan_l, list) { 6266 6266 if (chan->ident != cmd->ident) 6267 6267 continue; 6268 6268 ··· 7662 7662 * at least ensure that we ignore incoming data from them. 7663 7663 */ 7664 7664 if (hcon->type == LE_LINK && 7665 - hci_bdaddr_list_lookup(&hcon->hdev->blacklist, &hcon->dst, 7665 + hci_bdaddr_list_lookup(&hcon->hdev->reject_list, &hcon->dst, 7666 7666 bdaddr_dst_type(hcon))) { 7667 7667 kfree_skb(skb); 7668 7668 return; ··· 8119 8119 dst_type = bdaddr_dst_type(hcon); 8120 8120 8121 8121 /* If device is blocked, do not create channels for it */ 8122 - if (hci_bdaddr_list_lookup(&hdev->blacklist, &hcon->dst, dst_type)) 8122 + if (hci_bdaddr_list_lookup(&hdev->reject_list, &hcon->dst, dst_type)) 8123 8123 return; 8124 8124 8125 8125 /* Find fixed channels and notify them of the new connection. We

+35 -23

net/bluetooth/mgmt.c

··· 40 40 #include "msft.h" 41 41 42 42 #define MGMT_VERSION 1 43 - #define MGMT_REVISION 20 43 + #define MGMT_REVISION 21 44 44 45 45 static const u16 mgmt_commands[] = { 46 46 MGMT_OP_READ_INDEX_LIST, ··· 252 252 MGMT_STATUS_TIMEOUT, /* Instant Passed */ 253 253 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */ 254 254 MGMT_STATUS_FAILED, /* Transaction Collision */ 255 + MGMT_STATUS_FAILED, /* Reserved for future use */ 255 256 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */ 256 257 MGMT_STATUS_REJECTED, /* QoS Rejected */ 257 258 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */ 258 259 MGMT_STATUS_REJECTED, /* Insufficient Security */ 259 260 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */ 261 + MGMT_STATUS_FAILED, /* Reserved for future use */ 260 262 MGMT_STATUS_BUSY, /* Role Switch Pending */ 263 + MGMT_STATUS_FAILED, /* Reserved for future use */ 261 264 MGMT_STATUS_FAILED, /* Slot Violation */ 262 265 MGMT_STATUS_FAILED, /* Role Switch Failed */ 263 266 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */ ··· 2959 2956 /* When pairing a new device, it is expected to remember 2960 2957 * this device for future connections. Adding the connection 2961 2958 * parameter information ahead of time allows tracking 2962 - * of the slave preferred values and will speed up any 2959 + * of the peripheral preferred values and will speed up any 2963 2960 * further connection establishment. 2964 2961 * 2965 2962 * If connection parameters already exist, then they ··· 4061 4058 4062 4059 hci_dev_lock(hdev); 4063 4060 4061 + memset(&rp, 0, sizeof(rp)); 4062 + 4064 4063 if (cp->addr.type == BDADDR_BREDR) { 4065 - br_params = hci_bdaddr_list_lookup_with_flags(&hdev->whitelist, 4064 + br_params = hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, 4066 4065 &cp->addr.bdaddr, 4067 4066 cp->addr.type); 4068 4067 if (!br_params) ··· 4132 4127 hci_dev_lock(hdev); 4133 4128 4134 4129 if (cp->addr.type == BDADDR_BREDR) { 4135 - br_params = hci_bdaddr_list_lookup_with_flags(&hdev->whitelist, 4130 + br_params = hci_bdaddr_list_lookup_with_flags(&hdev->accept_list, 4136 4131 &cp->addr.bdaddr, 4137 4132 cp->addr.type); 4138 4133 ··· 4279 4274 4280 4275 done: 4281 4276 hci_dev_unlock(hdev); 4282 - bt_dev_dbg(hdev, "add monitor %d complete, status %d", 4277 + bt_dev_dbg(hdev, "add monitor %d complete, status %u", 4283 4278 rp.monitor_handle, status); 4284 4279 4285 4280 return err; ··· 4504 4499 4505 4500 done: 4506 4501 hci_dev_unlock(hdev); 4507 - bt_dev_dbg(hdev, "remove monitor %d complete, status %d", 4502 + bt_dev_dbg(hdev, "remove monitor %d complete, status %u", 4508 4503 rp.monitor_handle, status); 4509 4504 4510 4505 return err; ··· 4834 4829 { 4835 4830 struct mgmt_pending_cmd *cmd; 4836 4831 4837 - bt_dev_dbg(hdev, "status %d", status); 4832 + bt_dev_dbg(hdev, "status %u", status); 4838 4833 4839 4834 hci_dev_lock(hdev); 4840 4835 ··· 5090 5085 { 5091 5086 struct mgmt_pending_cmd *cmd; 5092 5087 5093 - bt_dev_dbg(hdev, "status %d", status); 5088 + bt_dev_dbg(hdev, "status %u", status); 5094 5089 5095 5090 hci_dev_lock(hdev); 5096 5091 ··· 5209 5204 5210 5205 hci_dev_lock(hdev); 5211 5206 5212 - err = hci_bdaddr_list_add(&hdev->blacklist, &cp->addr.bdaddr, 5207 + err = hci_bdaddr_list_add(&hdev->reject_list, &cp->addr.bdaddr, 5213 5208 cp->addr.type); 5214 5209 if (err < 0) { 5215 5210 status = MGMT_STATUS_FAILED; ··· 5245 5240 5246 5241 hci_dev_lock(hdev); 5247 5242 5248 - err = hci_bdaddr_list_del(&hdev->blacklist, &cp->addr.bdaddr, 5243 + err = hci_bdaddr_list_del(&hdev->reject_list, &cp->addr.bdaddr, 5249 5244 cp->addr.type); 5250 5245 if (err < 0) { 5251 5246 status = MGMT_STATUS_INVALID_PARAMS; ··· 5303 5298 static void enable_advertising_instance(struct hci_dev *hdev, u8 status, 5304 5299 u16 opcode) 5305 5300 { 5306 - bt_dev_dbg(hdev, "status %d", status); 5301 + bt_dev_dbg(hdev, "status %u", status); 5307 5302 } 5308 5303 5309 5304 static void set_advertising_complete(struct hci_dev *hdev, u8 status, ··· 6169 6164 6170 6165 static bool ltk_is_valid(struct mgmt_ltk_info *key) 6171 6166 { 6172 - if (key->master != 0x00 && key->master != 0x01) 6167 + if (key->initiator != 0x00 && key->initiator != 0x01) 6173 6168 return false; 6174 6169 6175 6170 switch (key->addr.type) { ··· 6247 6242 switch (key->type) { 6248 6243 case MGMT_LTK_UNAUTHENTICATED: 6249 6244 authenticated = 0x00; 6250 - type = key->master ? SMP_LTK : SMP_LTK_SLAVE; 6245 + type = key->initiator ? SMP_LTK : SMP_LTK_RESPONDER; 6251 6246 break; 6252 6247 case MGMT_LTK_AUTHENTICATED: 6253 6248 authenticated = 0x01; 6254 - type = key->master ? SMP_LTK : SMP_LTK_SLAVE; 6249 + type = key->initiator ? SMP_LTK : SMP_LTK_RESPONDER; 6255 6250 break; 6256 6251 case MGMT_LTK_P256_UNAUTH: 6257 6252 authenticated = 0x00; ··· 6347 6342 handle = __le16_to_cpu(cp->handle); 6348 6343 conn = hci_conn_hash_lookup_handle(hdev, handle); 6349 6344 if (!conn) { 6350 - bt_dev_err(hdev, "unknown handle (%d) in conn_info response", 6345 + bt_dev_err(hdev, "unknown handle (%u) in conn_info response", 6351 6346 handle); 6352 6347 goto unlock; 6353 6348 } ··· 6736 6731 goto unlock; 6737 6732 } 6738 6733 6739 - err = hci_bdaddr_list_add_with_flags(&hdev->whitelist, 6734 + err = hci_bdaddr_list_add_with_flags(&hdev->accept_list, 6740 6735 &cp->addr.bdaddr, 6741 6736 cp->addr.type, 0); 6742 6737 if (err) ··· 6834 6829 } 6835 6830 6836 6831 if (cp->addr.type == BDADDR_BREDR) { 6837 - err = hci_bdaddr_list_del(&hdev->whitelist, 6832 + err = hci_bdaddr_list_del(&hdev->accept_list, 6838 6833 &cp->addr.bdaddr, 6839 6834 cp->addr.type); 6840 6835 if (err) { ··· 6905 6900 goto unlock; 6906 6901 } 6907 6902 6908 - list_for_each_entry_safe(b, btmp, &hdev->whitelist, list) { 6903 + list_for_each_entry_safe(b, btmp, &hdev->accept_list, list) { 6909 6904 device_removed(sk, hdev, &b->bdaddr, b->bdaddr_type); 6910 6905 list_del(&b->list); 6911 6906 kfree(b); ··· 7590 7585 for (i = 0, cur_len = 0; i < len; i += (cur_len + 1)) { 7591 7586 cur_len = data[i]; 7592 7587 7588 + if (!cur_len) 7589 + continue; 7590 + 7593 7591 if (data[i + 1] == EIR_FLAGS && 7594 7592 (!is_adv_data || flags_managed(adv_flags))) 7595 7593 return false; ··· 7654 7646 struct adv_info *adv_instance, *n; 7655 7647 u8 instance; 7656 7648 7657 - bt_dev_dbg(hdev, "status %d", status); 7649 + bt_dev_dbg(hdev, "status %u", status); 7658 7650 7659 7651 hci_dev_lock(hdev); 7660 7652 ··· 8184 8176 struct mgmt_cp_remove_advertising *cp; 8185 8177 struct mgmt_rp_remove_advertising rp; 8186 8178 8187 - bt_dev_dbg(hdev, "status %d", status); 8179 + bt_dev_dbg(hdev, "status %u", status); 8188 8180 8189 8181 hci_dev_lock(hdev); 8190 8182 ··· 8649 8641 { 8650 8642 switch (ltk->type) { 8651 8643 case SMP_LTK: 8652 - case SMP_LTK_SLAVE: 8644 + case SMP_LTK_RESPONDER: 8653 8645 if (ltk->authenticated) 8654 8646 return MGMT_LTK_AUTHENTICATED; 8655 8647 return MGMT_LTK_UNAUTHENTICATED; ··· 8695 8687 ev.key.rand = key->rand; 8696 8688 8697 8689 if (key->type == SMP_LTK) 8698 - ev.key.master = 1; 8690 + ev.key.initiator = 1; 8699 8691 8700 8692 /* Make sure we copy only the significant bytes based on the 8701 8693 * encryption key size, and set the rest of the value to zeroes. ··· 8775 8767 } 8776 8768 8777 8769 void mgmt_device_connected(struct hci_dev *hdev, struct hci_conn *conn, 8778 - u32 flags, u8 *name, u8 name_len) 8770 + u8 *name, u8 name_len) 8779 8771 { 8780 8772 char buf[512]; 8781 8773 struct mgmt_ev_device_connected *ev = (void *) buf; 8782 8774 u16 eir_len = 0; 8775 + u32 flags = 0; 8783 8776 8784 8777 bacpy(&ev->addr.bdaddr, &conn->dst); 8785 8778 ev->addr.type = link_to_bdaddr(conn->type, conn->dst_type); 8779 + 8780 + if (conn->out) 8781 + flags |= MGMT_DEV_FOUND_INITIATED_CONN; 8786 8782 8787 8783 ev->flags = __cpu_to_le32(flags); 8788 8784

+2 -2

net/bluetooth/mgmt_config.c

··· 146 146 const u16 type = le16_to_cpu(TO_TLV(buffer)->type); 147 147 148 148 if (buffer_left < exp_len) { 149 - bt_dev_warn(hdev, "invalid len left %d, exp >= %d", 149 + bt_dev_warn(hdev, "invalid len left %u, exp >= %u", 150 150 buffer_left, exp_len); 151 151 152 152 return mgmt_cmd_status(sk, hdev->id, ··· 198 198 } 199 199 200 200 if (exp_type_len && len != exp_type_len) { 201 - bt_dev_warn(hdev, "invalid length %d, exp %zu for type %d", 201 + bt_dev_warn(hdev, "invalid length %d, exp %zu for type %u", 202 202 len, exp_type_len, type); 203 203 204 204 return mgmt_cmd_status(sk, hdev->id,

+4 -4

net/bluetooth/msft.c

··· 34 34 __u8 length; 35 35 __u8 data_type; 36 36 __u8 start_byte; 37 - __u8 pattern[0]; 37 + __u8 pattern[]; 38 38 }; 39 39 40 40 struct msft_le_monitor_advertisement_pattern_data { 41 41 __u8 count; 42 - __u8 data[0]; 42 + __u8 data[]; 43 43 }; 44 44 45 45 struct msft_cp_le_monitor_advertisement { ··· 49 49 __u8 rssi_low_interval; 50 50 __u8 rssi_sampling_period; 51 51 __u8 cond_type; 52 - __u8 data[0]; 52 + __u8 data[]; 53 53 } __packed; 54 54 55 55 struct msft_rp_le_monitor_advertisement { ··· 311 311 312 312 monitor = idr_find(&hdev->adv_monitors_idr, msft->pending_add_handle); 313 313 if (!monitor) { 314 - bt_dev_err(hdev, "msft add advmon: monitor %d is not found!", 314 + bt_dev_err(hdev, "msft add advmon: monitor %u is not found!", 315 315 msft->pending_add_handle); 316 316 status = HCI_ERROR_UNSPECIFIED; 317 317 goto unlock;

+6 -4

net/bluetooth/rfcomm/tty.c

··· 198 198 hci_dev_put(hdev); 199 199 } 200 200 201 - static ssize_t show_address(struct device *tty_dev, struct device_attribute *attr, char *buf) 201 + static ssize_t address_show(struct device *tty_dev, 202 + struct device_attribute *attr, char *buf) 202 203 { 203 204 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); 204 205 return sprintf(buf, "%pMR\n", &dev->dst); 205 206 } 206 207 207 - static ssize_t show_channel(struct device *tty_dev, struct device_attribute *attr, char *buf) 208 + static ssize_t channel_show(struct device *tty_dev, 209 + struct device_attribute *attr, char *buf) 208 210 { 209 211 struct rfcomm_dev *dev = dev_get_drvdata(tty_dev); 210 212 return sprintf(buf, "%d\n", dev->channel); 211 213 } 212 214 213 - static DEVICE_ATTR(address, 0444, show_address, NULL); 214 - static DEVICE_ATTR(channel, 0444, show_channel, NULL); 215 + static DEVICE_ATTR_RO(address); 216 + static DEVICE_ATTR_RO(channel); 215 217 216 218 static struct rfcomm_dev *__rfcomm_dev_add(struct rfcomm_dev_req *req, 217 219 struct rfcomm_dlc *dlc)

+4 -4

net/bluetooth/sco.c

··· 310 310 if (!sk) 311 311 goto drop; 312 312 313 - BT_DBG("sk %p len %d", sk, skb->len); 313 + BT_DBG("sk %p len %u", sk, skb->len); 314 314 315 315 if (sk->sk_state != BT_CONNECTED) 316 316 goto drop; ··· 905 905 906 906 opts.mtu = sco_pi(sk)->conn->mtu; 907 907 908 - BT_DBG("mtu %d", opts.mtu); 908 + BT_DBG("mtu %u", opts.mtu); 909 909 910 910 len = min_t(unsigned int, len, sizeof(opts)); 911 911 if (copy_to_user(optval, (char *)&opts, len)) ··· 1167 1167 if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK) 1168 1168 return; 1169 1169 1170 - BT_DBG("hcon %p bdaddr %pMR status %d", hcon, &hcon->dst, status); 1170 + BT_DBG("hcon %p bdaddr %pMR status %u", hcon, &hcon->dst, status); 1171 1171 1172 1172 if (!status) { 1173 1173 struct sco_conn *conn; ··· 1196 1196 if (!conn) 1197 1197 goto drop; 1198 1198 1199 - BT_DBG("conn %p len %d", conn, skb->len); 1199 + BT_DBG("conn %p len %u", conn, skb->len); 1200 1200 1201 1201 if (skb->len) { 1202 1202 sco_recv_frame(conn, skb);

+40 -38

net/bluetooth/smp.c

··· 111 111 u8 id_addr_type; 112 112 u8 irk[16]; 113 113 struct smp_csrk *csrk; 114 - struct smp_csrk *slave_csrk; 114 + struct smp_csrk *responder_csrk; 115 115 struct smp_ltk *ltk; 116 - struct smp_ltk *slave_ltk; 116 + struct smp_ltk *responder_ltk; 117 117 struct smp_irk *remote_irk; 118 118 u8 *link_key; 119 119 unsigned long flags; ··· 753 753 mgmt_smp_complete(hcon, complete); 754 754 755 755 kfree_sensitive(smp->csrk); 756 - kfree_sensitive(smp->slave_csrk); 756 + kfree_sensitive(smp->responder_csrk); 757 757 kfree_sensitive(smp->link_key); 758 758 759 759 crypto_free_shash(smp->tfm_cmac); ··· 776 776 kfree_rcu(smp->ltk, rcu); 777 777 } 778 778 779 - if (smp->slave_ltk) { 780 - list_del_rcu(&smp->slave_ltk->list); 781 - kfree_rcu(smp->slave_ltk, rcu); 779 + if (smp->responder_ltk) { 780 + list_del_rcu(&smp->responder_ltk->list); 781 + kfree_rcu(smp->responder_ltk, rcu); 782 782 } 783 783 784 784 if (smp->remote_irk) { ··· 859 859 memset(smp->tk, 0, sizeof(smp->tk)); 860 860 clear_bit(SMP_FLAG_TK_VALID, &smp->flags); 861 861 862 - bt_dev_dbg(hcon->hdev, "auth:%d lcl:%d rem:%d", auth, local_io, 862 + bt_dev_dbg(hcon->hdev, "auth:%u lcl:%u rem:%u", auth, local_io, 863 863 remote_io); 864 864 865 865 /* If neither side wants MITM, either "just" confirm an incoming ··· 909 909 hcon->pending_sec_level = BT_SECURITY_HIGH; 910 910 } 911 911 912 - /* If both devices have Keyoard-Display I/O, the master 913 - * Confirms and the slave Enters the passkey. 912 + /* If both devices have Keyboard-Display I/O, the initiator 913 + * Confirms and the responder Enters the passkey. 914 914 */ 915 915 if (smp->method == OVERLAP) { 916 916 if (hcon->role == HCI_ROLE_MASTER) ··· 925 925 get_random_bytes(&passkey, sizeof(passkey)); 926 926 passkey %= 1000000; 927 927 put_unaligned_le32(passkey, smp->tk); 928 - bt_dev_dbg(hcon->hdev, "PassKey: %d", passkey); 928 + bt_dev_dbg(hcon->hdev, "PassKey: %u", passkey); 929 929 set_bit(SMP_FLAG_TK_VALID, &smp->flags); 930 930 } 931 931 ··· 979 979 int ret; 980 980 981 981 bt_dev_dbg(conn->hcon->hdev, "conn %p %s", conn, 982 - conn->hcon->out ? "master" : "slave"); 982 + conn->hcon->out ? "initiator" : "responder"); 983 983 984 984 ret = smp_c1(smp->tk, smp->rrnd, smp->preq, smp->prsp, 985 985 hcon->init_addr_type, &hcon->init_addr, ··· 1021 1021 else 1022 1022 auth = 0; 1023 1023 1024 - /* Even though there's no _SLAVE suffix this is the 1025 - * slave STK we're adding for later lookup (the master 1024 + /* Even though there's no _RESPONDER suffix this is the 1025 + * responder STK we're adding for later lookup (the initiator 1026 1026 * STK never needs to be stored). 1027 1027 */ 1028 1028 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, ··· 1077 1077 mgmt_new_csrk(hdev, smp->csrk, persistent); 1078 1078 } 1079 1079 1080 - if (smp->slave_csrk) { 1081 - smp->slave_csrk->bdaddr_type = hcon->dst_type; 1082 - bacpy(&smp->slave_csrk->bdaddr, &hcon->dst); 1083 - mgmt_new_csrk(hdev, smp->slave_csrk, persistent); 1080 + if (smp->responder_csrk) { 1081 + smp->responder_csrk->bdaddr_type = hcon->dst_type; 1082 + bacpy(&smp->responder_csrk->bdaddr, &hcon->dst); 1083 + mgmt_new_csrk(hdev, smp->responder_csrk, persistent); 1084 1084 } 1085 1085 1086 1086 if (smp->ltk) { ··· 1089 1089 mgmt_new_ltk(hdev, smp->ltk, persistent); 1090 1090 } 1091 1091 1092 - if (smp->slave_ltk) { 1093 - smp->slave_ltk->bdaddr_type = hcon->dst_type; 1094 - bacpy(&smp->slave_ltk->bdaddr, &hcon->dst); 1095 - mgmt_new_ltk(hdev, smp->slave_ltk, persistent); 1092 + if (smp->responder_ltk) { 1093 + smp->responder_ltk->bdaddr_type = hcon->dst_type; 1094 + bacpy(&smp->responder_ltk->bdaddr, &hcon->dst); 1095 + mgmt_new_ltk(hdev, smp->responder_ltk, persistent); 1096 1096 } 1097 1097 1098 1098 if (smp->link_key) { ··· 1272 1272 1273 1273 if (*keydist & SMP_DIST_ENC_KEY) { 1274 1274 struct smp_cmd_encrypt_info enc; 1275 - struct smp_cmd_master_ident ident; 1275 + struct smp_cmd_initiator_ident ident; 1276 1276 struct smp_ltk *ltk; 1277 1277 u8 authenticated; 1278 1278 __le16 ediv; ··· 1293 1293 1294 1294 authenticated = hcon->sec_level == BT_SECURITY_HIGH; 1295 1295 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, 1296 - SMP_LTK_SLAVE, authenticated, enc.ltk, 1296 + SMP_LTK_RESPONDER, authenticated, enc.ltk, 1297 1297 smp->enc_key_size, ediv, rand); 1298 - smp->slave_ltk = ltk; 1298 + smp->responder_ltk = ltk; 1299 1299 1300 1300 ident.ediv = ediv; 1301 1301 ident.rand = rand; 1302 1302 1303 - smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident); 1303 + smp_send_cmd(conn, SMP_CMD_INITIATOR_IDENT, sizeof(ident), 1304 + &ident); 1304 1305 1305 1306 *keydist &= ~SMP_DIST_ENC_KEY; 1306 1307 } ··· 1344 1343 csrk->type = MGMT_CSRK_LOCAL_UNAUTHENTICATED; 1345 1344 memcpy(csrk->val, sign.csrk, sizeof(csrk->val)); 1346 1345 } 1347 - smp->slave_csrk = csrk; 1346 + smp->responder_csrk = csrk; 1348 1347 1349 1348 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign); 1350 1349 ··· 1655 1654 case MGMT_OP_USER_PASSKEY_REPLY: 1656 1655 value = le32_to_cpu(passkey); 1657 1656 memset(smp->tk, 0, sizeof(smp->tk)); 1658 - bt_dev_dbg(conn->hcon->hdev, "PassKey: %d", value); 1657 + bt_dev_dbg(conn->hcon->hdev, "PassKey: %u", value); 1659 1658 put_unaligned_le32(value, smp->tk); 1660 1659 fallthrough; 1661 1660 case MGMT_OP_USER_CONFIRM_REPLY: ··· 2049 2048 struct smp_cmd_pairing *req, *rsp; 2050 2049 u8 auth; 2051 2050 2052 - /* The issue is only observed when we're in slave role */ 2051 + /* The issue is only observed when we're in responder role */ 2053 2052 if (hcon->out) 2054 2053 return SMP_UNSPECIFIED; 2055 2054 ··· 2085 2084 struct hci_conn *hcon = conn->hcon; 2086 2085 struct hci_dev *hdev = hcon->hdev; 2087 2086 2088 - bt_dev_dbg(hdev, "conn %p %s", conn, hcon->out ? "master" : "slave"); 2087 + bt_dev_dbg(hdev, "conn %p %s", conn, 2088 + hcon->out ? "initiator" : "responder"); 2089 2089 2090 2090 if (skb->len < sizeof(smp->pcnf)) 2091 2091 return SMP_INVALID_PARAMS; ··· 2253 2251 hci_le_start_enc(hcon, key->ediv, key->rand, key->val, key->enc_size); 2254 2252 hcon->enc_key_size = key->enc_size; 2255 2253 2256 - /* We never store STKs for master role, so clear this flag */ 2254 + /* We never store STKs for initiator role, so clear this flag */ 2257 2255 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags); 2258 2256 2259 2257 return true; ··· 2469 2467 /* Set keys to NULL to make sure smp_failure() does not try to 2470 2468 * remove and free already invalidated rcu list entries. */ 2471 2469 smp->ltk = NULL; 2472 - smp->slave_ltk = NULL; 2470 + smp->responder_ltk = NULL; 2473 2471 smp->remote_irk = NULL; 2474 2472 2475 2473 if (test_bit(SMP_FLAG_COMPLETE, &smp->flags)) ··· 2505 2503 return SMP_INVALID_PARAMS; 2506 2504 } 2507 2505 2508 - SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT); 2506 + SMP_ALLOW_CMD(smp, SMP_CMD_INITIATOR_IDENT); 2509 2507 2510 2508 skb_pull(skb, sizeof(*rp)); 2511 2509 ··· 2514 2512 return 0; 2515 2513 } 2516 2514 2517 - static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb) 2515 + static int smp_cmd_initiator_ident(struct l2cap_conn *conn, struct sk_buff *skb) 2518 2516 { 2519 - struct smp_cmd_master_ident *rp = (void *) skb->data; 2517 + struct smp_cmd_initiator_ident *rp = (void *)skb->data; 2520 2518 struct l2cap_chan *chan = conn->smp; 2521 2519 struct smp_chan *smp = chan->data; 2522 2520 struct hci_dev *hdev = conn->hcon->hdev; ··· 2915 2913 return 0; 2916 2914 } 2917 2915 2918 - /* Slave sends DHKey check as response to master */ 2916 + /* Responder sends DHKey check as response to initiator */ 2919 2917 sc_dhkey_check(smp); 2920 2918 } 2921 2919 ··· 3002 3000 reason = smp_cmd_encrypt_info(conn, skb); 3003 3001 break; 3004 3002 3005 - case SMP_CMD_MASTER_IDENT: 3006 - reason = smp_cmd_master_ident(conn, skb); 3003 + case SMP_CMD_INITIATOR_IDENT: 3004 + reason = smp_cmd_initiator_ident(conn, skb); 3007 3005 break; 3008 3006 3009 3007 case SMP_CMD_IDENT_INFO: ··· 3083 3081 if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags)) 3084 3082 return; 3085 3083 3086 - /* Only master may initiate SMP over BR/EDR */ 3084 + /* Only initiator may initiate SMP over BR/EDR */ 3087 3085 if (hcon->role != HCI_ROLE_MASTER) 3088 3086 return; 3089 3087

+3 -3

net/bluetooth/smp.h

··· 79 79 __u8 ltk[16]; 80 80 } __packed; 81 81 82 - #define SMP_CMD_MASTER_IDENT 0x07 83 - struct smp_cmd_master_ident { 82 + #define SMP_CMD_INITIATOR_IDENT 0x07 83 + struct smp_cmd_initiator_ident { 84 84 __le16 ediv; 85 85 __le64 rand; 86 86 } __packed; ··· 146 146 enum { 147 147 SMP_STK, 148 148 SMP_LTK, 149 - SMP_LTK_SLAVE, 149 + SMP_LTK_RESPONDER, 150 150 SMP_LTK_P256, 151 151 SMP_LTK_P256_DEBUG, 152 152 };