| 32a006f9 |
test-hog: Add monitor support
This adds monitor support so data can properly be decoded by the likes
of btmon:
= test-hog: /TP/HGRF/RH/BV-01-I - init
= test-hog: /TP/HGRF/RH/BV-01-I - setup
= test-hog: /TP/HGRF/RH/BV-01-I - setup complete
= test-hog: /TP/HGRF/RH/BV-01-I - run
> test-hog: User Data RX
ATT: Read By Group Type Request (0x10) len 6
Handle range: 0x0001-0xffff
Attribute group type: Primary Service (0x2800) |
Luiz Augusto von Dentz |
4 years ago |
1 file, +2, -9 |
| b6061ea5 |
device: Fix bogus errors on load_att_info
load_att_info would attempt to load attributes file from the storage but
in case it doesn't exists it would print an error instead of just
bailing out as attributes file is created on demand when there are
something to be stored. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +9, -3 |
| d36c45c5 |
advertising: Fix reporting advertising properties
InterfacesAdded signal for LEAdvertisingManager1 might be emitted
containing initial/default properties values and property changed is
not emitted after reading advertising features. This patch registers
the interface (LEAdvertisingManager1) after reading advertising features
from kernel. |
Claudio Takahasi |
4 years ago |
1 file, +7, -8 |
| 860af44b |
shared/gatt-client: Skip included service if it cannot be resolved
Instead of failing if the included service cannot be resolved just
skip it so doesn't fail and the discovery is stop due to a possible
application error. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +3, -2 |
| 58d1f5ae |
btdev: Add support for BT_HCI_CMD_LE_CREATE_CONN_CANCEL
This adds support for BT_HCI_CMD_LE_CREATE_CONN_CANCEL so it is able to
generate proper command complete. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +14, -0 |
| 9320da5b |
profiles/health: Replace random number generation function
This patch replaces the rand() function to the getrandom() syscall.
It was reported by the Coverity scan
rand() should not be used for security-related applications, because
linear congruential algorithms are too easy to break |
Tedd Ho-Jeong An |
4 years ago |
2 files, +22, -6 |
| 6efadbcd |
plugins: Replace random number generation function
This patch replaces the rand() function to the getrandom() syscall.
It was reported by the Coverity scan
rand() should not be used for security-related applications, because
linear congruential algorithms are too easy to break |
Tedd Ho-Jeong An |
4 years ago |
1 file, +7, -1 |
| 9968b0b6 |
tools/btgatt-server: Replace random number generation function
This patch replaces the rand() function to the getrandom() syscall.
It was reported by the Coverity scan
rand() should not be used for security-related applications, because
linear congruential algorithms are too easy to break |
Tedd Ho-Jeong An |
4 years ago |
1 file, +6, -1 |
| a11eea92 |
peripheral: Replace random number generation function
This patch replaces the rand() function to the getrandom() syscall.
It was reported by the Coverity scan
rand() should not be used for security-related applications, because
linear congruential algorithms are too easy to break |
Tedd Ho-Jeong An |
4 years ago |
1 file, +6, -5 |
| df64c870 |
emulator: Replace random number generation function
This patch replaces the rand() function to the getrandom() syscall.
It was reported by the Coverity scan
rand() should not be used for security-related applications, because
linear congruential algorithms are too easy to break |
Tedd Ho-Jeong An |
4 years ago |
2 files, +17, -4 |
| 433f7cce |
client/gatt: Fix property_change in WriteValue for desc
g_dbus_emit_property_changed was not working properly in the WriteValue
for the descriptor because the Characteristic interface was being used. |
Ulisses Costa |
4 years ago |
1 file, +1, -1 |
| 1f380468 |
mesh: Don't log error for false positive mkdir failure
When invoking mkdir() for mesh configuration storage, do not
report an error if a target directory already exists. |
Inga Stotland |
4 years ago |
3 files, +5, -5 |
| aa361e22 |
gatt: Omit MTU if not connected
If not connected there is no reason to expose the MTU as that only
valid while connected. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +9, -1 |
| ebf2d793 |
gatt-client: Fix disconnecting due to GattCharacteristic1.MTU
After the MTU dbus property patches in 5.62 we are seeing bluetoothd
terminate frequently with "Disconnected from D-Bus. Exiting." msgs.
Apparently this is because bluetoothd sent an invalid reply to a D-Bus
Property Get (for GattCharacteristic1's MTU).
Multiple issues in bluez Github.com project reported similar behavior;
at least #235 (see Fixes:), #219, and likely #238.
When the Characteristic1 object is still cached/alive, but the
underlying att connection is not (e.g. someone just called Disconnect),
the property getter (characteristic_get_mtu) right now returns false.
However, gdbus seems to ignore the return value and sends the empty reply
message anyway (rather than a dbus error?), and this seems to cause
the dbus connection to be terminated (due to the ill-formed reply?).
bluetoothd then aborts.
This patch makes the property value BT_ATT_DEFAULT_LE_MTU if the
underlying att object does not exist, rather than returning an invalid
message. This is consistent with the existing PropertyChanged signal
behavior (we will emit a PropertyChange only if a larger MTU is
exchanged), and fixes the issue on my machines.
An alternative could be to change gdbus behavior, but I'm not sure if we
are allowed to return an error here anyway without causing problems in
other dbus libraries/wrappers.
Fixes: aaa0c4996ae9 ("gatt: Add implementation of GattCharacteristic1.MTU")
Fixes: https://github.com/bluez/bluez/issues/235 |
Javier de San Pedro |
4 years ago |
1 file, +1, -4 |
| bdf36141 |
doc: Add Name Request Fail flag in device found event
Userspace should use this new flag to decide whether to do the remote
name resolving or not. |
Archie Pusaka |
4 years ago |
2 files, +17, -1 |
| 68e1c426 |
main: add configurable RemoteNameRequestRetryDelay parameter
This specifies how long will the userspace ignore a peer with an
unknown name after a failed remote name resolving procedure.
The peer device can still be connected, this only prevents the remote
name resolving procedure retry.
Reviewed-by: Miao-chen Chou <mcchou@chromium.org> |
Archie Pusaka |
4 years ago |
4 files, +23, -6 |
| ee004ee7 |
device: Save remote name request attempts into cache file
Since a peer device is potentially removed if not discovered for more
than 30 seconds, we would lost the remote name request activity when
the device is rediscovered. This could end up with a remote name
request much sooner than we intend it to be.
Therefore, put the RNR record into a cache file, so we can recover it
when the peer device is rediscovered.
Reviewed-by: Miao-chen Chou <mcchou@chromium.org> |
Archie Pusaka |
4 years ago |
1 file, +91, -3 |
| 69c7d347 |
Listen and process remote name resolving failure
When Remote Name Resolve ends with failure, record this occurrence and
prevent remote name resolving for the same device for some time.
Reviewed-by: Miao-chen Chou <mcchou@chromium.org> |
Archie Pusaka |
4 years ago |
5 files, +48, -5 |
| db31aeca |
mgmt: Add NAME_REQUEST_FAILED flag for device_found event
Report failure when resolving remote name to userspace. This is useful
so the userspace can make an informed decision when to retry name
resolving procedure.
Reviewed-by: Miao-chen Chou <mcchou@chromium.org> |
Archie Pusaka |
4 years ago |
1 file, +4, -3 |
| aa699cb7 |
build: Check for linux/uinput.h and linux/uhid.h
This makes configure to check the presence of linux/uinput.h and
linux/uhid.h kernel uapi headers since the code no longer contain copies
of them and otherwise the code cannot be build without them:
checking linux/uinput.h usability... yes
checking linux/uinput.h presence... yes
checking for linux/uinput.h... yes
checking linux/uhid.h usability... yes
checking linux/uhid.h presence... yes
checking for linux/uhid.h... yes |
Luiz Augusto von Dentz |
4 years ago |
1 file, +1, -1 |
| 270c8d07 |
emulator: fix potential resource leak
This patch releases the allocated fd to prevent the potential resource
leak. This was reported by the Coverity scan. |
Tedd Ho-Jeong An |
4 years ago |
1 file, +3, -1 |
| f59a6d4a |
core: Update default advmon Sampling_Period to 0xFF
Update default Advertisemet Monitor Sampling_Period to 0xFF. It
indicates that controller will report only one advertisement per
monitoring period for a device. This will help reduce the power
consumption drastically.
Reviewed-by: Miao-chen Chou <mcchou@google.com> |
Manish Mandlik |
4 years ago |
2 files, +7, -3 |
| 85397c4a |
adv_monitor: Change sampling period to uint16_t
In the Advertisement Monitor API, RSSISamplingPeriod is an unsigned
value. Change sampling_period variable to uint16_t in the code.
More info: doc/advertisement-monitor-api.txt
Reviewed-by: Archie Pusaka <apusaka@google.com>
Reviewed-by: Miao-chen Chou <mcchou@google.com> |
Manish Mandlik |
4 years ago |
1 file, +1, -1 |
| f6180840 |
adv_monitor: Invoke DeviceFound/Lost on tracked monitors
This patch delivers DeviceFound/DeviceLost events to apps over D-Bus
whenever controller starts/stops tracking a device.
Tests performed:
- Add a monitor and verify that DeviceFound/DeviceLost events are
received whenever controller starts/stops monitoring.
- Verify from logs that only one Adv Report is received from the
controller when Sampling_Period is set to 0xFF and the
DeviceFound/DeviceLost functionality still works as intended.
- Verify that DeviceFound/DeviceLost is reported appropriately even
when the Active Scanning is in progress.
- Verify that the reconnection also works properly with and without
any active Advertisement Monitor.
Reviewed-by: Miao-chen Chou <mcchou@google.com> |
Manish Mandlik |
4 years ago |
1 file, +96, -8 |
| da253c54 |
adv_monitor: Receive the Device Found/Lost events
This patch registers callback functions to receive the Advertisement
Monitor Device Found and Device Lost events. It also disables software
based filtering whenever controller offloading support is available.
Test performed:
- Verified by logs that the MSFT Monitor Device is received from the
controller and the bluetoothd is notified whenever the controller
starts/stops monitoring a device.
Reviewed-by: Miao-chen Chou <mcchou@google.com> |
Manish Mandlik |
4 years ago |
4 files, +127, -20 |
| 37caf622 |
lib: Add definitions of the Adv Monitor Device Found/Lost events
This patch adds definitions of the new Advertisement Monitor Device
Found and Device Lost events to indicate that the controller has
started/stopped tracking a particular device.
Reviewed-by: Miao-chen Chou <mcchou@google.com> |
Manish Mandlik |
4 years ago |
1 file, +18, -0 |
| 415ae773 |
doc: Introduce the Adv Monitor Device Found/Lost events
This patch introduces two new MGMT events
MGMT_EV_ADV_MONITOR_DEVICE_FOUND and MGMT_EV_ADV_MONITOR_DEVICE_LOST to
indicate that the controller has started/stopped tracking a particular
device matching one of the already added Advertisement Monitor.
If the controller offloading support is not available,
MGMT_EV_ADV_MONITOR_DEVICE_FOUND event is also used to report all
advertisements to perform software based filtering whenever we are not
active scanning.
Reviewed-by: Miao-chen Chou <mcchou@google.com> |
Manish Mandlik |
4 years ago |
1 file, +60, -0 |
| b312fa0c |
uhid: Remove local copy of uhid header
uhid.h is part of kernel uapi nowadays so it can be included
directly from linux/uhid.h so this removes the local copy to use it
instead. |
Luiz Augusto von Dentz |
4 years ago |
3 files, +2, -202 |
| 87310959 |
uinput: Remove local copy of uinput.h
uinput.h is part of kernel uapi nowadays so it can be included directly
from linux/uinput.h which has a compatible definition with 32 bits
systems:
https://github.com/bluez/bluez/issues/84#issuecomment-942155841
Fixes: https://github.com/bluez/bluez/issues/84 |
Luiz Augusto von Dentz |
4 years ago |
4 files, +6, -720 |
| 6ea642f6 |
client: Fix uninitiailzed scalar variable
This patch fixes the uninitiailzed varialble(CWE-457) reported by
the Coverity scan. |
Tedd Ho-Jeong An |
4 years ago |
1 file, +3, -0 |
| 9a79c9b7 |
monitor: Fix uninitiailzed scalar variable
This patch fixes the uninitiailzed varialble(CWE-457) reported by
the Coverity scan. |
Tedd Ho-Jeong An |
4 years ago |
1 file, +1, -0 |
| 1722bf12 |
emulator: Fix uninitiailzed scalar variable
This patch fixes the uninitiailzed varialble(CWE-457) reported by
the Coverity scan. |
Tedd Ho-Jeong An |
4 years ago |
1 file, +3, -0 |
| 927059ba |
admin: fix devices not reset
When |admin_policy_remove| is called, we set |devices| to NULL but never
set it back until |admin_init|. This makes admin lost track of current
registered device interface, so the next |admin_policy_removed| will not
be able to unregister those interfaces.
Reviewed-by: Archie Pusaka <apusaka@chromium.org> |
Yun-Hao Chung |
4 years ago |
1 file, +3, -1 |
| 591c546c |
shared/gatt-server: Fix heap overflow when appending prepare writes
The code shall check if the prepare writes would append more the
allowed maximum attribute length.
Fixes https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q |
Luiz Augusto von Dentz |
4 years ago |
1 file, +22, -0 |
| e79417ed |
sdpd: Fix leaking buffers stored in cstates cache
These buffer shall only be keep in cache for as long as they are
needed so this would cleanup any client cstates in the following
conditions:
- There is no cstate on the response
- No continuation can be found for cstate
- Different request opcode
- Respond with an error
- Client disconnect
Fixes: https://github.com/bluez/bluez/security/advisories/GHSA-3fqg-r8j5-f5xq |
Luiz Augusto von Dentz |
4 years ago |
4 files, +135, -60 |
| 44789fb8 |
tools/mesh: Add <Vendor ID> option to sub-add cmd
If the Subscription being added is a Vendor Model, there needs to be a
4th parameter. Fixes oversight of not supporting vendor model in Meshctl. |
Jefferson Zhai |
4 years ago |
1 file, +11, -5 |
| 0d501351 |
mgmt-tester: Add test for Device Privacy Mode flag
This tests the use of Set Device Flags to set Device Privacy Mode which
results in the following sequence:
@ MGMT Event: Command Compl.. (0x0001) plen 10 {0x0001}
Set Device Flags (0x0050) plen 7
Status: Success (0x00)
LE Address: BC:9A:78:56:34:12 (OUI BC-9A-78)
< HCI Command: LE Set Exten.. (0x08|0x0042) plen 6
Extended scan: Disabled (0x00)
Filter duplicates: Disabled (0x00)
Duration: 0 msec (0x0000)
Period: 0.00 sec (0x0000)
= mgmt-tester: Set Device Flags (0x0050): Success (0x00)
= mgmt-tester: Test condition complete, 4 left
= mgmt-tester: New Device Flags Changed event received
= mgmt-tester: Test condition complete, 3 left
> HCI Event: Command Complete (0x0e) plen 4
LE Set Extended Scan Enable (0x08|0x0042) ncmd 1
Status: Success (0x00)
< HCI Command: LE Set Addre.. (0x08|0x002d) plen 1
Address resolution: Disabled (0x00)
= mgmt-tester: HCI Command 0x2042 length 6
> HCI Event: Command Complete (0x0e) plen 4
LE Set Address Resolution Enable (0x08|0x002d) ncmd 1
Status: Success (0x00)
< HCI Command: LE Set Priva.. (0x08|0x004e) plen 8
Peer Identity address type: Public (0x00)
Peer Identity address: BC:9A:78:56:34:12 (OUI BC-9A-78)
Privacy Mode: Use Device Privacy (0x01)
= mgmt-tester: HCI Command 0x202d length 1
= mgmt-tester: Test condition complete, 2 left
> HCI Event: Command Complete (0x0e) plen 4
LE Set Privacy Mode (0x08|0x004e) ncmd 1
Status: Success (0x00)
< HCI Command: LE Set Addre.. (0x08|0x002d) plen 1
Address resolution: Enabled (0x01)
= mgmt-tester: HCI Command 0x204e length 8
= mgmt-tester: Test condition complete, 1 left
> HCI Event: Command Complete (0x0e) plen 4
LE Set Address Resolution Enable (0x08|0x002d) ncmd 1
Status: Success (0x00)
< HCI Command: LE Set Exten.. (0x08|0x0041) plen 8
Own address type: Random (0x03)
Filter policy: Ignore not in accept list (0x01)
PHYs: 0x01
Entry 0: LE 1M
Type: Passive (0x00)
Interval: 60.000 msec (0x0060)
Window: 30.000 msec (0x0030)
= mgmt-tester: HCI Command 0x202d length 1
= mgmt-tester: Test condition complete, 0 left |
Luiz Augusto von Dentz |
4 years ago |
1 file, +88, -0 |
| 72c562e4 |
monitor: Add support for Device Privacy Mode flag
This adds proper decoding for Device Privacy Mode flag:
@ MGMT Command: Set Device... (0x0050) plen 11 {0x0001}
LE Address: BC:9A:78:56:34:12 (OUI BC-9A-78)
Current Flags: 0x00000002
Device Privacy Mode
@ MGMT Event: Device Flags... (0x002a) plen 15 {0x0002}
LE Address: BC:9A:78:56:34:12 (OUI BC-9A-78)
Supported Flags: 0x00000003
Remote Wakeup
Device Privacy Mode
Current Flags: 0x00000002
Device Privacy Mode |
Luiz Augusto von Dentz |
4 years ago |
1 file, +2, -1 |
| 37be50d6 |
adapter: Set Device Privacy Mode
This adds support for setting Device Privacy flag when enabled in
main.conf via Privacy = device,limited-device. |
Luiz Augusto von Dentz |
4 years ago |
5 files, +86, -61 |
| 20adf232 |
main.conf: Rework privacy options
This reworks privacy options so the limited discoverable is only
available when controller mode is set to dual. |
Luiz Augusto von Dentz |
4 years ago |
3 files, +39, -9 |
| 12cf7617 |
mgmt-api: Add new Device Flag to use Device Privacy Mode
This adds a new flag to Get/Set Device Flag commands so it is possible
to set the Device Privacy Mode which allows to connect when the
remote device uses either identity or random address. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +1, -0 |
| 63cb7df1 |
btdev: Add support for LE Set Privacy mode
This adds support for LE Set Privacy mode which is required when using
Device Privacy mode:
< HCI Command: LE Set Priva.. (0x08|0x004e) plen 8
Peer Identity address type: Public (0x00)
Peer Identity address: BC:9A:78:56:34:12 (OUI BC-9A-78)
Privacy Mode: Use Device Privacy (0x01)
> HCI Event: Command Complete (0x0e) plen 4
LE Set Privacy Mode (0x08|0x004e) ncmd 1 |
Luiz Augusto von Dentz |
4 years ago |
1 file, +46, -1 |
| 081ba296 |
media: Fix memory leak
This fixes the following memory leak as a result of not freeing
app->proxies:
160 (32 direct, 128 indirect) bytes in 1 blocks are definitely lost in
loss record 218 of 261
at 0x484086F: malloc (vg_replace_malloc.c:381)
by 0x1CF80E: btd_malloc (util.c:33)
by 0x1CF24D: queue_new (queue.c:47)
by 0x144DB9: create_app (media.c:2262)
by 0x144DB9: register_app (media.c:2322)
by 0x1CC148: process_message (object.c:246) |
Luiz Augusto von Dentz |
4 years ago |
1 file, +1, -0 |
| 8d2b847b |
client/gatt: Fix using atoi
atoi doesn't support values entered in hexadecimal (0x...) which is
likely the prefered format for the likes of handles, etc, so this
replaces the uses of atoi with strtol. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +60, -11 |
| ee88dd21 |
midi: Free ALSA seq resources in midi_device_remove()
Sometimes, on connection error, this gets called and frees the device
when midi_disconnect() was not called which would leave ALSA sequencer
objects leaking. |
Jacek Konieczny |
4 years ago |
1 file, +9, -0 |
| 8d502bb4 |
adapter: Remove "Master" entry from LTK storage
The entry has been deprecated since 2014 and it's time to remove them
altogether. |
Archie Pusaka |
4 years ago |
1 file, +0, -12 |
| 7b5a4abe |
doc: Add PeripheralLongTermKey for storing LTK
Update doc to reflect update in adapter.c.
Reviewed-by: Sonny Sasaka <sonnysasaka@chromium.org> |
Archie Pusaka |
4 years ago |
1 file, +2, -2 |
| 1a04dc35 |
adapter: Use PeripheralLongTermKey to store LTK
Introducing PeripheralLongTermKey group for storing LTK info to
replace the less inclusive term. Currently we still need to write/read
from both to ensure smooth transition, but later we should deprecate
the old term.
Reviewed-by: Sonny Sasaka <sonnysasaka@chromium.org> |
Archie Pusaka |
4 years ago |
1 file, +38, -9 |
| 726058e3 |
device: Fix not updating the auto-connect/accept list
When receiving a new IRK the device address is updated but the old
address is not removed from the auto-connect/accept list. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +11, -0 |
| 06c8b174 |
advertising-api: Clarify Duration property
Duration property refers to the rotation duration not the actual
lifetime of the advertising which is controlled by the Timeout
property. |
Luiz Augusto von Dentz |
4 years ago |
1 file, +3, -3 |