Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp5939549rwb; Tue, 1 Aug 2023 09:55:42 -0700 (PDT) X-Google-Smtp-Source: APBJJlFgmyl/F4DcD3KnGmgBU36gKq64AN5lu8aK+CCncqQ28mkTdtFciPG+dcjoaiMIrnQ5ajju X-Received: by 2002:aa7:d702:0:b0:51d:9ddf:f0f6 with SMTP id t2-20020aa7d702000000b0051d9ddff0f6mr3191677edq.36.1690908942355; Tue, 01 Aug 2023 09:55:42 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1690908942; cv=pass; d=google.com; s=arc-20160816; b=lisHPx4qJzJkheM4OTM8Uydbvac9itn18B/XMkFpffpyOWoIVWF+OPSXCZ7NLSd0f/ flci0M2jnP+nb5jO0ZAWxpOkQSI94xwvSqrAoou3rmWCCgf+5Ate/xiBK6xA0IE1muTA iNjA1SAfDftPeqPraJQOVdCX6NAQEpMAxAXRg04yR+kh/JahTgZ1BLBydSzOAJ6juWik 5UFVCIO8f+0OiLd7LAxVw3bij++sgyGCafWFkFTJlVsq5XIYbuNkhKSpvuAuFcmKV5ul xrA8tNBgd4wh2elmFVdHtXDsur7c17H5i0By6nIqpaxfVNuLbKLJEXpJDNx7Af81VwbR 8AjA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=cWDF6NzBpd2qffF2qX/Q4yfm5FctR7l8DJawxZV+a3E=; fh=raBgKoRsHCwQLc6ReOhmOoEQ+DtSaNc74fugaHBwryI=; b=KCtNT31M5XOv+dmZ6/XhWWbJ5rmJ8iMhx63yRZBwcv0HAA0VbmWLrMQQcTdLCtyftS DLA8piwnu2ZtMVsSqPaYdlivkE0Z3j8MesM67t1UUB+Xy1/z5dSr9AmPZEwedno5Wnar CuVdDkP2czfrdsz5pcBaRXadeamD6WwSQ3Xtp7SYuSNpk6MyX/g0XNoiftq0urFqskdt fj3lfzKiQFuBeVjq2dGw5TU9gX9VrjsXuxQplkRjY+69h/bmtsplG6pXba0gz973vBjV oxvYRsh8gLZRYljrErUv7cXXLqQDIBpe5t6APhT1SyQASHuJvxs9jes0U8ZTNC/fSM7V XA4A== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@iki.fi header.s=lahtoruutu header.b=tj0542y2; arc=pass (i=1); spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e21-20020a056402149500b0052228f1f784si8183567edv.148.2023.08.01.09.55.03; Tue, 01 Aug 2023 09:55:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@iki.fi header.s=lahtoruutu header.b=tj0542y2; arc=pass (i=1); spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231377AbjHAQix (ORCPT + 99 others); Tue, 1 Aug 2023 12:38:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60834 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231396AbjHAQiu (ORCPT ); Tue, 1 Aug 2023 12:38:50 -0400 Received: from lahtoruutu.iki.fi (lahtoruutu.iki.fi [185.185.170.37]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4E9281FFA for ; Tue, 1 Aug 2023 09:38:48 -0700 (PDT) Received: from monolith.lan (unknown [193.138.7.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: pav) by lahtoruutu.iki.fi (Postfix) with ESMTPSA id 4RFgm62r5Zz49Q80; Tue, 1 Aug 2023 19:38:46 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1690907926; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cWDF6NzBpd2qffF2qX/Q4yfm5FctR7l8DJawxZV+a3E=; b=tj0542y2DIUUdYwHUgWtMte6Q9jDLoUTmT7kECOB3ia1vI92E2UqmigHjNPL3sBYSYlPp3 Pff5j/XhNbRGYEbhYPY9u1nPUeONncjo647POoP/yJnrd8whRAMx5QDkizcqjCNV+Uh5oE rKZ76N+jtBpe6kE+55a1a+aYVbwX85TPVKhvTFmK7Ie3kyxqYJyLw3SZUPm/alvJkmsUlt Niwra6+fy1zRm4LZOH+bAL/P6hDpbJpayRdPJNKV/1Z0GRobJtpuSIU24+F7qX+04uZ8dP xbOBgFhQOrcKwz6G4+6vhZvFy9Din3C/dfrN7hJCphvA4lpPaJ2VqeqT9XMk5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1690907926; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cWDF6NzBpd2qffF2qX/Q4yfm5FctR7l8DJawxZV+a3E=; b=t14LqmqQ6a8TXLVtc53H4luh98C0oHdO0ogNAFyY7gneWFXIQvmRvHngXHtVuf6aXUUsJl NOA+kJTuQiAsWUVDvWBOukjw3siz9k5+UOVAHM5kxFuquBVibihUCMicnaxm4+nxBT+EaR h4RSx9J1yl+KrwhTS1dINcGFK8nOEDOFcXJd7ZFbmzjJXvDBdAySMxfNG9KQ/o7mZIoINc woSCuiSpn9Y/h9wFWkjIGX2IO0laBmFiG11x7laxrsW3qHXWZEqTh7mZYvq/h2MVzEroUf UiD+5ZdJvJK/09036RLj9uu0Dci2Qgpy0N2Gbglaj2M3jRI7sL8o38JTE1Gmfg== ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=pav smtp.mailfrom=pav@iki.fi ARC-Seal: i=1; s=lahtoruutu; d=iki.fi; t=1690907926; a=rsa-sha256; cv=none; b=SfjuVWgBklRgxGBieApexnNXGZzeIEs/cFB/P2PqFX8qwHtJKn6a18MYbCwCMvU23D+Ax9 Cw5qPp7V9nT3X0Gxo6D4ma/TeB76V/gjDHndj96qGhfb9ERzOF2EOnVPtvCQ3qyXA5gHMr PSDPN+lrevukymJhuqLGPDzsgWhW3Z5ewovnqVyP3bTSElyIPhEF+hejZfs708INIluWLq znoUCZVEjYyLSnGMf/yrYyl62NGlihrgB9TcYQhTHmOUeA+4shYjMCvNOhzgm6Y6dUsh80 ONooK8K+lCrOS0v2jNGe5Rp5JmjDqbWCb2QO1OpQvoCHNVxmce+yWckCezBodQ== From: Pauli Virtanen To: linux-bluetooth@vger.kernel.org Cc: Pauli Virtanen Subject: [PATCH BlueZ v2 1/5] btdev: check error conditions for HCI_Create_Connection_Cancel Date: Tue, 1 Aug 2023 19:38:38 +0300 Message-ID: <5eca51146b08a512052261b88ae5c8a7437af5fc.1690907478.git.pav@iki.fi> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Create Connection Cancel shall return Command Complete with error status when there is no Create Connection that can be canceled. In these cases, we should not send a (spurious) Connection Complete event. Fix by keeping a list of pending Create Connection commands, and returning command errors if there is none pending at the moment. --- Notes: v2: emit Command_Complete (not Status) + fix compile emulator/btdev.c | 86 +++++++++++++++++++++++++++++++++++++++++------- monitor/bt.h | 4 +++ 2 files changed, 79 insertions(+), 11 deletions(-) diff --git a/emulator/btdev.c b/emulator/btdev.c index 637f0bb98..8658b4121 100644 --- a/emulator/btdev.c +++ b/emulator/btdev.c @@ -62,6 +62,7 @@ struct hook { #define MAX_HOOK_ENTRIES 16 #define MAX_EXT_ADV_SETS 3 +#define MAX_PENDING_CONN 16 struct btdev_conn { uint16_t handle; @@ -223,6 +224,8 @@ struct btdev { uint8_t le_rl_enable; uint16_t le_rl_timeout; + struct btdev *pending_conn[MAX_PENDING_CONN]; + uint8_t le_local_sk256[32]; uint16_t sync_train_interval; @@ -1211,10 +1214,36 @@ static struct btdev_conn *conn_link_bis(struct btdev *dev, struct btdev *remote, return conn; } +static void pending_conn_add(struct btdev *btdev, struct btdev *remote) +{ + unsigned int i; + + for (i = 0; i < ARRAY_SIZE(btdev->pending_conn); ++i) { + if (!btdev->pending_conn[i]) { + btdev->pending_conn[i] = remote; + return; + } + } +} + +static bool pending_conn_del(struct btdev *btdev, struct btdev *remote) +{ + unsigned int i; + + for (i = 0; i < ARRAY_SIZE(btdev->pending_conn); ++i) { + if (btdev->pending_conn[i] == remote) { + btdev->pending_conn[i] = NULL; + return true; + } + } + return false; +} + static void conn_complete(struct btdev *btdev, const uint8_t *bdaddr, uint8_t status) { struct bt_hci_evt_conn_complete cc; + struct btdev *remote = find_btdev_by_bdaddr(bdaddr); if (!status) { struct btdev_conn *conn; @@ -1223,6 +1252,8 @@ static void conn_complete(struct btdev *btdev, if (!conn) return; + pending_conn_del(conn->link->dev, btdev); + cc.status = status; memcpy(cc.bdaddr, btdev->bdaddr, 6); cc.encr_mode = 0x00; @@ -1240,6 +1271,8 @@ static void conn_complete(struct btdev *btdev, cc.link_type = 0x01; } + pending_conn_del(btdev, remote); + cc.status = status; memcpy(cc.bdaddr, bdaddr, 6); cc.encr_mode = 0x00; @@ -1260,6 +1293,8 @@ static int cmd_create_conn_complete(struct btdev *dev, const void *data, memcpy(cr.dev_class, dev->dev_class, 3); cr.link_type = 0x01; + pending_conn_add(dev, remote); + send_event(remote, BT_HCI_EVT_CONN_REQUEST, &cr, sizeof(cr)); } else { conn_complete(dev, cmd->bdaddr, BT_HCI_ERR_PAGE_TIMEOUT); @@ -1296,16 +1331,24 @@ static int cmd_add_sco_conn(struct btdev *dev, const void *data, uint8_t len) cc.encr_mode = 0x00; done: + pending_conn_del(dev, conn->link->dev); + send_event(dev, BT_HCI_EVT_CONN_COMPLETE, &cc, sizeof(cc)); return 0; } +static bool match_bdaddr(const void *data, const void *match_data) +{ + const struct btdev_conn *conn = data; + const uint8_t *bdaddr = match_data; + + return !memcmp(conn->link->dev->bdaddr, bdaddr, 6); +} + static int cmd_create_conn_cancel(struct btdev *dev, const void *data, uint8_t len) { - cmd_status(dev, BT_HCI_ERR_SUCCESS, BT_HCI_CMD_CREATE_CONN_CANCEL); - return 0; } @@ -1313,8 +1356,37 @@ static int cmd_create_conn_cancel_complete(struct btdev *dev, const void *data, uint8_t len) { const struct bt_hci_cmd_create_conn_cancel *cmd = data; + struct bt_hci_rsp_create_conn_cancel rp; + struct btdev *remote = find_btdev_by_bdaddr(cmd->bdaddr); + struct btdev_conn *conn; - conn_complete(dev, cmd->bdaddr, BT_HCI_ERR_UNKNOWN_CONN_ID); + /* BLUETOOTH CORE SPECIFICATION Version 5.4 | Vol 4, Part E page 1848 + * + * If the connection is already established, and the + * HCI_Connection_Complete event has been sent, then the Controller + * shall return an HCI_Command_Complete event with the error code + * Connection Already Exists (0x0B). If the HCI_Create_Connection_Cancel + * command is sent to the Controller without a preceding + * HCI_Create_Connection command to the same device, the BR/EDR + * Controller shall return an HCI_Command_Complete event with the error + * code Unknown Connection Identifier (0x02). + */ + if (pending_conn_del(dev, remote)) { + rp.status = BT_HCI_ERR_SUCCESS; + } else { + conn = queue_find(dev->conns, match_bdaddr, cmd->bdaddr); + if (conn) + rp.status = BT_HCI_ERR_CONN_ALREADY_EXISTS; + else + rp.status = BT_HCI_ERR_UNKNOWN_CONN_ID; + } + + memcpy(rp.bdaddr, cmd->bdaddr, sizeof(rp.bdaddr)); + + cmd_complete(dev, BT_HCI_CMD_CREATE_CONN_CANCEL, &rp, sizeof(rp)); + + if (!rp.status) + conn_complete(dev, cmd->bdaddr, BT_HCI_ERR_UNKNOWN_CONN_ID); return 0; } @@ -1372,14 +1444,6 @@ static int cmd_link_key_reply(struct btdev *dev, const void *data, uint8_t len) return 0; } -static bool match_bdaddr(const void *data, const void *match_data) -{ - const struct btdev_conn *conn = data; - const uint8_t *bdaddr = match_data; - - return !memcmp(conn->link->dev->bdaddr, bdaddr, 6); -} - static void auth_complete(struct btdev_conn *conn, uint8_t status) { struct bt_hci_evt_auth_complete ev; diff --git a/monitor/bt.h b/monitor/bt.h index dca2dc8b8..6fb81abfe 100644 --- a/monitor/bt.h +++ b/monitor/bt.h @@ -590,6 +590,10 @@ struct bt_hci_cmd_add_sco_conn { struct bt_hci_cmd_create_conn_cancel { uint8_t bdaddr[6]; } __attribute__ ((packed)); +struct bt_hci_rsp_create_conn_cancel { + uint8_t status; + uint8_t bdaddr[6]; +} __attribute__ ((packed)); #define BT_HCI_CMD_ACCEPT_CONN_REQUEST 0x0409 struct bt_hci_cmd_accept_conn_request { -- 2.41.0