OSDN Git Service
Nitin Arora [Tue, 25 Aug 2015 23:22:48 +0000 (23:22 +0000)]
am
ee8592f4: am
b7460434: Fix memory corruption of BLE whitelist hashmap
* commit '
ee8592f44738ca438df9256e3e057250d014c740':
Fix memory corruption of BLE whitelist hashmap
Nitin Arora [Tue, 25 Aug 2015 23:18:06 +0000 (23:18 +0000)]
am
b7460434: Fix memory corruption of BLE whitelist hashmap
* commit '
b74604341c60628dc7bc8e8e69e3ce2acb4a5373':
Fix memory corruption of BLE whitelist hashmap
Nitin Arora [Fri, 21 Aug 2015 19:34:14 +0000 (12:34 -0700)]
Fix memory corruption of BLE whitelist hashmap
When adding devices to the whitelist for LE background connections, a
local variable is used as the hashmap key, preventing any successful
lookups going forward. Thus the device will repeatedly add the same
device to the whitelist and preventing successful connections going
forward.
Bug:
23423602
Change-Id: I3d2590c0a1dd66c6e1864ea53f875a713660b645
Pavlin Radoslavov [Mon, 24 Aug 2015 05:05:15 +0000 (05:05 +0000)]
am
5c572ffb: am
aa41fec0: Check the return value when reading HCI type byte
* commit '
5c572ffb5b61e5c7f7fe1080bdb27098c9bc5511':
Check the return value when reading HCI type byte
Pavlin Radoslavov [Mon, 24 Aug 2015 05:00:20 +0000 (05:00 +0000)]
am
aa41fec0: Check the return value when reading HCI type byte
* commit '
aa41fec0e36653e828bfc2a54fca11447ed56cc5':
Check the return value when reading HCI type byte
Pavlin Radoslavov [Thu, 20 Aug 2015 23:53:16 +0000 (16:53 -0700)]
Check the return value when reading HCI type byte
Add missing return value check when reading the HCI type byte.
This check is needed as a safeguard. For example, function
event_uart_has_bytes() could be called (indirectly)
within the run_reactor() loop not only when there are bytes to read,
but also if there is an error (e.g., EPOLLHUP | EPOLLRDHUP | EPOLLERR).
Bug:
23105107
Change-Id: Ic3b6e4d656406949e384c8106b0c607f7c221759
Sharvil Nanavati [Thu, 20 Aug 2015 18:33:37 +0000 (18:33 +0000)]
Merge "Send current RPA instead of pseudo-address on connect." into cw-e-dev
Sharvil Nanavati [Mon, 10 Aug 2015 20:00:06 +0000 (13:00 -0700)]
Send current RPA instead of pseudo-address on connect.
Bug:
23079777
Change-Id: If6da80392748cdaad2a4833dd31fe299b62c28e3
Pavlin Radoslavov [Wed, 19 Aug 2015 01:55:34 +0000 (01:55 +0000)]
am
28dd2209: am
d2199cbb: Disable remote TCP connections
* commit '
28dd2209e46711d08d77439f09d7b0ea55473038':
Disable remote TCP connections
Pavlin Radoslavov [Wed, 19 Aug 2015 01:48:29 +0000 (01:48 +0000)]
am
d2199cbb: Disable remote TCP connections
* commit '
d2199cbb8f361772819402b56e6fa46587a31c56':
Disable remote TCP connections
Pavlin Radoslavov [Tue, 18 Aug 2015 01:54:22 +0000 (18:54 -0700)]
Disable remote TCP connections
For security reasons, TCP sockets now listen on the loopback
IPv4 address 127.0.0.1 for incoming TCP connections.
Bug:
23272146
Change-Id: I88523f643f305f2281740575d7011b6077bf0843
Iliyan Malchev [Fri, 14 Aug 2015 05:49:48 +0000 (05:49 +0000)]
am
66405510: am
1e1f1598: Merge "[DS] BTM_VSC_CHIP_CAPABILITY_M_VERSION doesn\'t match" into mnc-dev
* commit '
66405510b976c7a0507cee34a3573ad8148352a2':
[DS] BTM_VSC_CHIP_CAPABILITY_M_VERSION doesn't match
Iliyan Malchev [Fri, 14 Aug 2015 05:43:55 +0000 (05:43 +0000)]
am
1e1f1598: Merge "[DS] BTM_VSC_CHIP_CAPABILITY_M_VERSION doesn\'t match" into mnc-dev
* commit '
1e1f1598c0574ccda0978bc31bf759708c33a0c9':
[DS] BTM_VSC_CHIP_CAPABILITY_M_VERSION doesn't match
Iliyan Malchev [Fri, 14 Aug 2015 05:38:26 +0000 (05:38 +0000)]
Merge "[DS] BTM_VSC_CHIP_CAPABILITY_M_VERSION doesn't match" into mnc-dev
Satya Calloji [Sat, 8 Aug 2015 01:12:28 +0000 (01:12 +0000)]
am
1f7be749: am
8d88b1b7: Allocate large enough buffers when copying AVRC packets
* commit '
1f7be749df8f501c7683ced3afe90c361674844c':
Allocate large enough buffers when copying AVRC packets
Satya Calloji [Sat, 8 Aug 2015 01:06:46 +0000 (01:06 +0000)]
am
8d88b1b7: Allocate large enough buffers when copying AVRC packets
* commit '
8d88b1b75c665772f714643a71e5974c7f6dd02c':
Allocate large enough buffers when copying AVRC packets
Satya Calloji [Fri, 7 Aug 2015 17:56:12 +0000 (10:56 -0700)]
Allocate large enough buffers when copying AVRC packets
AVRC response is created by copying the original received packet.
When allocating a buffer for the response, the buffer length
should be large enough to contain the response.
Bug:
22437809
Change-Id: I862d633e76d3c5221582459f19935a45e53577c7
Jacob Lee [Fri, 7 Aug 2015 03:17:28 +0000 (11:17 +0800)]
[DS] BTM_VSC_CHIP_CAPABILITY_M_VERSION doesn't match
In the document, the supported version is 96.
But, the defined supported version is 95 in the code.
The callback function btm_ble_vendor_capability_vsc_cmpl_cback
can not read number of track entries when it compare with 95
and supported version from firmware.
Bug:
22906552
Change-Id: I64e6f14f34ef3ed0ddc3fee2fad05eb03e5938f1
Signed-off-by: Jacob Lee <jacob.lee@mediatek.com>
Ajay Panicker [Thu, 6 Aug 2015 23:15:39 +0000 (23:15 +0000)]
am
c1553d3c: Load factory Bluetooth address from system property
* commit '
c1553d3cab1a17cad8713ee61e1833903c0a6d89':
Load factory Bluetooth address from system property
Ajay Panicker [Mon, 3 Aug 2015 23:29:31 +0000 (16:29 -0700)]
Load factory Bluetooth address from system property
Implemented a check to grab the ro.boot.btmacaddr property in case the
device fails to receive an address beforehand.
Bug:
22618015
Change-Id: Ie322888e114a732f8e85c81793e3e5e5eacffc7a
Ajay Panicker [Wed, 5 Aug 2015 18:03:32 +0000 (18:03 +0000)]
am
145348f4: am
aa3be1a6: Implement Bluetooth settings factory reset (3/5)
* commit '
145348f4ab9aa14bdfb87b9329783c3cb59c455e':
Implement Bluetooth settings factory reset (3/5)
Ajay Panicker [Wed, 5 Aug 2015 17:55:36 +0000 (17:55 +0000)]
am
aa3be1a6: Implement Bluetooth settings factory reset (3/5)
* commit '
aa3be1a696b9ae1142fe9f358ad5f97e99da7892':
Implement Bluetooth settings factory reset (3/5)
Ajay Panicker [Tue, 28 Jul 2015 23:54:53 +0000 (16:54 -0700)]
Implement Bluetooth settings factory reset (3/5)
Implemented the factory reset function to be used to reset all bluetooth
settings on device to factory default
Bug:
16161518
Nitin Arora [Tue, 4 Aug 2015 16:47:40 +0000 (16:47 +0000)]
am
68a34519: am
d63f7c0b: Add Dialog mouse & KB to blacklist for LE secure connections
* commit '
68a345192d4722677d868a6c296b8d5dcb712778':
Add Dialog mouse & KB to blacklist for LE secure connections
Pavlin Radoslavov [Tue, 4 Aug 2015 16:47:40 +0000 (16:47 +0000)]
am
02796552: am
84d13eda: Add an explicit check for AVRCP vendor data
* commit '
02796552c480e62cd321b248f2b7b5f71b9389db':
Add an explicit check for AVRCP vendor data
Nitin Arora [Tue, 4 Aug 2015 16:39:38 +0000 (16:39 +0000)]
am
d63f7c0b: Add Dialog mouse & KB to blacklist for LE secure connections
* commit '
d63f7c0b26057f650fd30526758cd259c0b3480a':
Add Dialog mouse & KB to blacklist for LE secure connections
Pavlin Radoslavov [Tue, 4 Aug 2015 16:39:36 +0000 (16:39 +0000)]
am
84d13eda: Add an explicit check for AVRCP vendor data
* commit '
84d13edac39c51290e858a71fea58925db3844bc':
Add an explicit check for AVRCP vendor data
Nitin Arora [Tue, 28 Jul 2015 23:00:55 +0000 (16:00 -0700)]
Add Dialog mouse & KB to blacklist for LE secure connections
This change allows the host to mask the Cross key bit in
the key distribution fields of the pairing request and
response while pairing with the Dialog keyboard and mouse
to prevent the remote from rejecting the DUT's pairing request.
Bug:
22799966
Change-Id: I89420e77875957c78e915c508de311d779fd03df
Pavlin Radoslavov [Tue, 4 Aug 2015 16:05:39 +0000 (09:05 -0700)]
Add an explicit check for AVRCP vendor data
Add an explicit check for AVRCP vendor data when parsing received vendor
commands or responses.
Bug:
21768387
Change-Id: I715de6fc7348d063c448971a8dae6dd1b00c7062
Pavlin Radoslavov [Tue, 4 Aug 2015 05:37:45 +0000 (05:37 +0000)]
am
856fa1bc: am
caaa00f5: Fix a crash for a race condition during Bluetooth shutdown
* commit '
856fa1bcef4a5f28c310294c187e9d54b66f2e1e':
Fix a crash for a race condition during Bluetooth shutdown
Pavlin Radoslavov [Tue, 4 Aug 2015 05:31:09 +0000 (05:31 +0000)]
am
caaa00f5: Fix a crash for a race condition during Bluetooth shutdown
* commit '
caaa00f5ede96461e11de866ac15f5224442d1eb':
Fix a crash for a race condition during Bluetooth shutdown
Pavlin Radoslavov [Tue, 4 Aug 2015 04:58:45 +0000 (21:58 -0700)]
Fix a crash for a race condition during Bluetooth shutdown
This is same race condition observed in btif_media_task_aa_tx_flush_req()
because btif_media_task_aa_tx_flush_req() and btif_media_task_stop_aa_req()
are called back-to-bach.
This race condition is triggered when A2DP audio is streaming on shutdown:
"btif_a2dp_on_stopped() -> btif_media_task_stop_aa_req()" is called
to stop the particular audio stream, and this happens right after
the "cleanup() -> btif_a2dp_stop_media_task()" processing during
the shutdown of the Bluetooth stack.
Bug:
22700411
Change-Id: Ia0c98d44a108cf0f57731ac8129e4d76c9934542
Sharvil Nanavati [Sat, 1 Aug 2015 16:37:52 +0000 (16:37 +0000)]
am
cf92ded8: am
9de273d9: Fix CTS Verifier test for insecure RFCOMM connection.
* commit '
cf92ded8275c25f63ac4d85a3720972dcdac0675':
Fix CTS Verifier test for insecure RFCOMM connection.
Sharvil Nanavati [Fri, 31 Jul 2015 23:42:06 +0000 (23:42 +0000)]
am
9de273d9: Fix CTS Verifier test for insecure RFCOMM connection.
* commit '
9de273d9fb99b9f612b8acd50e09225f60444363':
Fix CTS Verifier test for insecure RFCOMM connection.
Sharvil Nanavati [Fri, 31 Jul 2015 21:22:08 +0000 (14:22 -0700)]
Fix CTS Verifier test for insecure RFCOMM connection.
Closing an RFCOMM server socket does not remove the corresponding
service record from the security database. However, the RFCOMM
channel becomes free for reuse. The next RFCOMM server socket will
therefore "inherit" the service record for the closed one if it
happens to reuse the same channel.
Bug:
22880207
Change-Id: Ida3fee49e5f40667d9992dc4c4442f9289adae9e
Pavlin Radoslavov [Thu, 30 Jul 2015 00:53:09 +0000 (00:53 +0000)]
am
8bcdbb96: am
efa5991f: Fix a NULL-pointer crash
* commit '
8bcdbb96e6b07ca0fc0b88b0cf847922f3090452':
Fix a NULL-pointer crash
Pavlin Radoslavov [Thu, 30 Jul 2015 00:36:30 +0000 (00:36 +0000)]
am
efa5991f: Fix a NULL-pointer crash
* commit '
efa5991fc7dc3b9b74b73966a4bf5cd5aad9f06a':
Fix a NULL-pointer crash
Pavlin Radoslavov [Wed, 29 Jul 2015 23:52:47 +0000 (16:52 -0700)]
Fix a NULL-pointer crash
It seems that the current implementation of btm_sec_encrypt_change()
does not handle the case when it is called with an invalid handle,
such as inside file btu_hcif.c :
case HCI_SET_CONN_ENCRYPTION:
/* Device refused to start encryption. ... */
btm_sec_encrypt_change(BTM_INVALID_HCI_HANDLE, ...)
Bug:
22791224
Change-Id: Ide9404d0c82819399cf258ae3f90c25b352f1e20
Andre Eisenbach [Wed, 29 Jul 2015 22:21:15 +0000 (22:21 +0000)]
am
8214399e: am
48a4b9cd: Assign pseudo address for host-based RPA resolution matches
* commit '
8214399e7f31d218eeb36b2880150de891b23b1c':
Assign pseudo address for host-based RPA resolution matches
Andre Eisenbach [Wed, 29 Jul 2015 22:08:16 +0000 (22:08 +0000)]
am
48a4b9cd: Assign pseudo address for host-based RPA resolution matches
* commit '
48a4b9cd18a306a45249898008c73f80fb3b9d48':
Assign pseudo address for host-based RPA resolution matches
Andre Eisenbach [Wed, 29 Jul 2015 19:36:06 +0000 (12:36 -0700)]
Assign pseudo address for host-based RPA resolution matches
Bug:
21963935
Change-Id: Id72001ce17996ea04c3eba32cebcac4dbbe317bc
Andre Eisenbach [Wed, 29 Jul 2015 19:48:17 +0000 (19:48 +0000)]
am
e1fe0e08: am
b61d25c5: Fix memory leak in A2DP event handler
* commit '
e1fe0e08d6385529b88192827ee4b9d76d462e94':
Fix memory leak in A2DP event handler
Andre Eisenbach [Wed, 29 Jul 2015 19:37:57 +0000 (19:37 +0000)]
am
b61d25c5: Fix memory leak in A2DP event handler
* commit '
b61d25c52fcfa1853c7555acda61d848ef6be3e9':
Fix memory leak in A2DP event handler
Andre Eisenbach [Wed, 29 Jul 2015 18:57:50 +0000 (11:57 -0700)]
Fix memory leak in A2DP event handler
btif_av_event_free_data() was not called in all states (idle state only)
leading to potential memory leaks.
Bug:
22822688
Change-Id: I40520c605c9a806e6cd5ee6e36c101d0aa8d4355
Nitin Arora [Wed, 29 Jul 2015 10:06:19 +0000 (10:06 +0000)]
am
dbb1ad17: am
82c8b927: Reset LE encryption key size at LE disconnection only
* commit '
dbb1ad17bae0fa3d0dc12795a73ea4a705e220ba':
Reset LE encryption key size at LE disconnection only
Nitin Arora [Wed, 29 Jul 2015 08:15:32 +0000 (08:15 +0000)]
am
82c8b927: Reset LE encryption key size at LE disconnection only
* commit '
82c8b9270ba962d5f271a833a3454baddbc063aa':
Reset LE encryption key size at LE disconnection only
Nitin Arora [Thu, 2 Jul 2015 21:08:39 +0000 (14:08 -0700)]
Reset LE encryption key size at LE disconnection only
This change checks the transport type on receiving the disconnection
and resets the encryption key size only if the LE disconnection
has taken place.
This fixes the issue where read request to characteristics that
require encryption, fails after cross key derivation due to
disconnection of BR/EDR transport.
Bug:
22515016
Change-Id: If6aad91a628eabbb5a4b7f5c22812fe94d4c5db2
Anubhav Gupta [Wed, 29 Jul 2015 07:31:43 +0000 (07:31 +0000)]
am
c3f8ba8a: am
dab356e3: Promote AVCTP version to 1.4
* commit '
c3f8ba8a309a4b967e17c6398213e2b6aedbfc80':
Promote AVCTP version to 1.4
Anubhav Gupta [Wed, 29 Jul 2015 07:12:35 +0000 (07:12 +0000)]
am
dab356e3: Promote AVCTP version to 1.4
* commit '
dab356e3b0573303840e63cbafb1065d57a11e2c':
Promote AVCTP version to 1.4
Anubhav Gupta [Tue, 28 Jul 2015 06:32:57 +0000 (12:02 +0530)]
Promote AVCTP version to 1.4
Promoting AVCTP version to 1.4 from 1.2 as Bluedroid stack
already has got support for the same.
Below changes are incorporated as part of this:
- AVCTP version in SDP entry is upgraded to 1.4 for both AVRCP
Target and controller role.
- Service class #1 is added in extra for AVRCP Controller SDP
entry to be in sync with AVCTP version change.
- Browsing support is not enabled as that needs corresponding
profile level implementation, which is currently unavailable.
Change-Id: I72f7f67eb0a789fd321e9468f2a51bb5e9385a89
Anubhav Gupta [Tue, 28 Jul 2015 18:31:38 +0000 (18:31 +0000)]
am
92339316: am
2ac9ae06: Fix a bug allocating buffers for fragmented AVRC packets
* commit '
92339316ba8c56354f0b22aa966bfd60772caa23':
Fix a bug allocating buffers for fragmented AVRC packets
Anubhav Gupta [Tue, 28 Jul 2015 18:08:54 +0000 (18:08 +0000)]
am
2ac9ae06: Fix a bug allocating buffers for fragmented AVRC packets
* commit '
2ac9ae06be5091f6f2eef0022a3810752f127d04':
Fix a bug allocating buffers for fragmented AVRC packets
Anubhav Gupta [Fri, 24 Jul 2015 17:14:00 +0000 (10:14 -0700)]
Fix a bug allocating buffers for fragmented AVRC packets
Use the correct offset_len when allocating buffers for AVRC
packets that need to be fragmented.
Bug:
22156175
Change-Id: I7db12474c84edacb4f0739d50a43e8cebdcca676
Amirhossein Simjour [Mon, 27 Jul 2015 23:33:52 +0000 (23:33 +0000)]
am
aeef91cb: am
1500b8d9: Fix for uhid_event size check
* commit '
aeef91cb76eaa66199c005e548be6787be762d00':
Fix for uhid_event size check
Amirhossein Simjour [Mon, 27 Jul 2015 23:21:16 +0000 (23:21 +0000)]
am
1500b8d9: Fix for uhid_event size check
* commit '
1500b8d9b301d8d68b2910692ec47d0e5b42c129':
Fix for uhid_event size check
Amirhossein Simjour [Mon, 20 Jul 2015 18:29:19 +0000 (14:29 -0400)]
Fix for uhid_event size check
The uhid_event function used to expect that the return value of each
read function call to match with the size of the struct uhid_event.
Since the header file doesn't match the kernel driver, these two size
don't always match. The exact size check is replaced with expecting
the minimum required size.
Bug:
20108348
Change-Id: Ib61537092b109296f8290d802b68fc2efe78888c
Casper Bonde [Mon, 27 Jul 2015 18:18:50 +0000 (18:18 +0000)]
am
62cfbb3a: am
760aa99b: Unpair HID device cleanup
* commit '
62cfbb3a13ad30b4043583a6bff901fb4599b19a':
Unpair HID device cleanup
Pavlin Radoslavov [Mon, 27 Jul 2015 18:18:48 +0000 (18:18 +0000)]
am
191e588b: am
c6137426: Fix the logic for stopping the Power Management timers.
* commit '
191e588b5fcd026066049fdda65a4ae49c3d685c':
Fix the logic for stopping the Power Management timers.
Casper Bonde [Mon, 27 Jul 2015 18:05:45 +0000 (18:05 +0000)]
am
760aa99b: Unpair HID device cleanup
* commit '
760aa99b0f1fb7830dd5ff23ec8f5c5630b15989':
Unpair HID device cleanup
Pavlin Radoslavov [Mon, 27 Jul 2015 18:05:44 +0000 (18:05 +0000)]
am
c6137426: Fix the logic for stopping the Power Management timers.
* commit '
c6137426081fc55d8c94cd0e6b55cd0d0a52f12d':
Fix the logic for stopping the Power Management timers.
Casper Bonde [Fri, 3 Oct 2014 08:01:36 +0000 (10:01 +0200)]
Unpair HID device cleanup
When unparing HID devices, the attr_mask was not cleared.
By not clearing this data, some HID device will never be able
to connect again. (E.g. the Apple Magic Mouse)
Bug:
15566403
Change-Id: Ic80909dcecdf48d967c1a936b31554653761fa42
Signed-off-by: Casper Bonde <c.bonde@samsung.com>
Pavlin Radoslavov [Sat, 25 Jul 2015 06:41:55 +0000 (23:41 -0700)]
Fix the logic for stopping the Power Management timers.
Previously, the logic for stopping the timers didn't take
into account whether each timer was already running.
Bug:
22666419
Change-Id: Ia99bf8be917e9ea69f478a954085336fc899040a
Andre Eisenbach [Fri, 24 Jul 2015 19:54:23 +0000 (19:54 +0000)]
am
fd726554: am
196413f5: Fix TX queue overflow detection
* commit '
fd726554d65013f6e68daf263630018de9ca15ed':
Fix TX queue overflow detection
Andre Eisenbach [Fri, 24 Jul 2015 19:37:52 +0000 (19:37 +0000)]
am
196413f5: Fix TX queue overflow detection
* commit '
196413f5ca088ef97866092f02bb7571d2a44390':
Fix TX queue overflow detection
Andre Eisenbach [Wed, 22 Jul 2015 20:47:28 +0000 (13:47 -0700)]
Fix TX queue overflow detection
- Prevent possible endless loop if |nb_frame| is too high
- Remove off-by-one calculation before sending frames
- Remove log spam and add better debug info
Bug:
22658329
Change-Id: I374ee980aec48763beb49b4f6f8b076124cadf40
Pavlin Radoslavov [Fri, 24 Jul 2015 03:09:28 +0000 (03:09 +0000)]
am
09d39288: am
1076b7b0: Customize Bluetooth sniff interval
* commit '
09d3928877e746c0e9dd3b8fe294a55432ec8d46':
Customize Bluetooth sniff interval
Pavlin Radoslavov [Thu, 23 Jul 2015 19:22:18 +0000 (19:22 +0000)]
am
4e291106: am
197ee685: Fix a crash for a race condition during Bluetooth shutdown
* commit '
4e29110681953c45bbf43799d38b69cd5b447806':
Fix a crash for a race condition during Bluetooth shutdown
Nitin Arora [Thu, 23 Jul 2015 19:22:17 +0000 (19:22 +0000)]
am
8cc6e42e: am
ac72840a: Update device type correctly in the NVRAM at inquiry result
* commit '
8cc6e42efaac326520e8f9e28bd9e4e5e113fa6d':
Update device type correctly in the NVRAM at inquiry result
Pavlin Radoslavov [Thu, 23 Jul 2015 19:21:32 +0000 (19:21 +0000)]
am
1076b7b0: Customize Bluetooth sniff interval
* commit '
1076b7b0a642d0f5c5948819bcd07e4bc0fb2738':
Customize Bluetooth sniff interval
Pavlin Radoslavov [Thu, 23 Jul 2015 05:49:26 +0000 (22:49 -0700)]
Customize Bluetooth sniff interval
Fix an earlier commit that prevents from customizing some of
the Bluetooth sniff parameters - those cannot be overwritten
anymore in the bdroid_buildcfg.h file.
Also, fixed the indexing in tables bta_dm_pm_cfg[]
and bta_dm_pm_spec[]
Bug:
22676670
Change-Id: I3a7074b9a9c91d312dc5d4314b7c304baf4ae20d
Pavlin Radoslavov [Wed, 22 Jul 2015 20:24:37 +0000 (20:24 +0000)]
am
197ee685: Fix a crash for a race condition during Bluetooth shutdown
* commit '
197ee6856b43d8eea137a7f37798ee2a012ce518':
Fix a crash for a race condition during Bluetooth shutdown
Nitin Arora [Wed, 22 Jul 2015 20:23:42 +0000 (20:23 +0000)]
am
ac72840a: Update device type correctly in the NVRAM at inquiry result
* commit '
ac72840a3d7409adbb3ee4904ab1ed5de2d66586':
Update device type correctly in the NVRAM at inquiry result
Pavlin Radoslavov [Wed, 22 Jul 2015 01:09:19 +0000 (18:09 -0700)]
Fix a crash for a race condition during Bluetooth shutdown
This race condition is triggered when A2DP audio is streaming on shutdown:
"btif_a2dp_on_stopped() -> btif_media_task_aa_tx_flush_req()" is called
to stop the particular audio stream, and this happens right after
the "cleanup() -> btif_a2dp_stop_media_task()" processing during
the shutdown of the Bluetooth stack.
Bug:
22602117
Change-Id: I5de6a8f15b6a2771dde2e299a5b60554063696a2
Amirhossein Simjour [Wed, 22 Jul 2015 14:31:20 +0000 (14:31 +0000)]
am
04e684f8: Merge "Fix for uhid_event size check" into mnc-dr-dev
* commit '
04e684f8737d71c15bd1f7720333cce8e891a04e':
Fix for uhid_event size check
Amirhossein Simjour [Wed, 22 Jul 2015 14:20:25 +0000 (14:20 +0000)]
Merge "Fix for uhid_event size check" into mnc-dr-dev
Nitin Arora [Sat, 27 Jun 2015 01:09:37 +0000 (18:09 -0700)]
Update device type correctly in the NVRAM at inquiry result
This patch checks for the NVRAM data when inquiry result
is received from the remote device. In case the device is
marked as LE only or BR/EDR only, and inquiry result is
received from the alternate transport, the device type is
marked as Dual mode in the NVRAM
Bug:
22604450
Change-Id: Id925e8bad152a33c2bd3c371ca42a6f9c694e3b0
Nitin Arora [Tue, 21 Jul 2015 21:24:32 +0000 (21:24 +0000)]
am
1da48a36: Use pseudo address while re-pairing peripheral
* commit '
1da48a3600c980fe4ba825d287ff0ac5038be3ff':
Use pseudo address while re-pairing peripheral
Nitin Arora [Tue, 21 Jul 2015 21:24:31 +0000 (21:24 +0000)]
am
b4365c55: Adding transport type while initiating remote discovery
* commit '
b4365c55ccb2e985d00619c30dc14d5c156771b7':
Adding transport type while initiating remote discovery
Andre Eisenbach [Tue, 21 Jul 2015 21:09:57 +0000 (21:09 +0000)]
am
280368c7: Fix potential crash when transcoding legacy config files
* commit '
280368c7aa3b3e1dc5236a824f1f6c765967e253':
Fix potential crash when transcoding legacy config files
Nitin Arora [Tue, 21 Jul 2015 21:09:57 +0000 (21:09 +0000)]
am
ccd37fa0: Enable enhanced connection complete event
* commit '
ccd37fa0fed142dae2491212ec72e20d74560b59':
Enable enhanced connection complete event
Nitin Arora [Sat, 18 Jul 2015 01:38:01 +0000 (18:38 -0700)]
Use pseudo address while re-pairing peripheral
In case of pairing to an already paired device (in an instance
where the central remote has removed the keys), the change
makes sure that the correct address is used when LTK key
request occurs at the peripheral.
Bug:
22605510
Change-Id: I959003f39f70281ff1e6af8d4c4549138bc1682c
Nitin Arora [Fri, 26 Jun 2015 01:30:09 +0000 (18:30 -0700)]
Adding transport type while initiating remote discovery
This change ensures that the completion of SMP pairing for LE
devices specifically requests remote device discovery based on
transport type set to LE to prevent initiation of BR/EDR
connection due to incorrect transport type info
Bug:
22515456
Change-Id: Id1e5603d3cc53ca3dff427b93059a00f8d9150a7
Andre Eisenbach [Tue, 21 Jul 2015 20:02:57 +0000 (13:02 -0700)]
Fix potential crash when transcoding legacy config files
Bug:
22634292
Change-Id: I64745671f3b69fc7e6913213aeec55267e9bc49b
Nitin Arora [Thu, 2 Jul 2015 21:13:45 +0000 (14:13 -0700)]
Enable enhanced connection complete event
This change enables the enhanced connection complete event in order
to receive the local rpa address while connection is completed
with a paired peripheral. This is required if central tries to
repair or key upgrade an already paired device so that the confirm
or the DHKey Check values match during the pairing process
Bug:
22515703
Change-Id: If27f3b22bc568df6f081f8ad13dfc6783a83ae47
Amirhossein Simjour [Mon, 20 Jul 2015 18:29:19 +0000 (14:29 -0400)]
Fix for uhid_event size check
The uhid_event function used to expect that the return value of each
read function call to match with the size of the struct uhid_event.
Since the header file doesn't match the kernel driver, these two size
don't always match. The exact size check is replaced with expecting
the minimum required size.
Bug:
20108348
Change-Id: Ib61537092b109296f8290d802b68fc2efe78888c
Pavlin Radoslavov [Tue, 21 Jul 2015 03:53:20 +0000 (03:53 +0000)]
am
65f9c04a: Fix the logic for removing bonded devices
* commit '
65f9c04aa36af5379ba3a28dba36a5de16686024':
Fix the logic for removing bonded devices
tturney [Tue, 21 Jul 2015 03:53:20 +0000 (03:53 +0000)]
am
fb229d8b: Exclude Polar HR Monitor from secure conn
* commit '
fb229d8bb57070f708b0018578ca2cf94b33b2a1':
Exclude Polar HR Monitor from secure conn
Pavlin Radoslavov [Fri, 17 Jul 2015 00:40:28 +0000 (17:40 -0700)]
Fix the logic for removing bonded devices
* Removed btif_storage_is_device_bonded(), because it is not needed,
and it was giving the wrong answer in use cases like Smart Setup
with BR/EDR connections.
* Added a call to btif_storage_remove_ble_bonding_keys()
within btif_storage_remove_bonded_device() so the bonded device
state is properly removed.
* Don't save the BLE bonding keys if it is temporary bonding
Bug:
22233299
Change-Id: I33d9f76a124acc60173f0acaa517bc29ee6603e8
tturney [Tue, 21 Jul 2015 02:28:40 +0000 (19:28 -0700)]
Exclude Polar HR Monitor from secure conn
Bug:
22473630
Change-Id: I1168444a6969532377e1bbcb2b1058d768099c20
Arman Uguray [Mon, 20 Jul 2015 21:23:53 +0000 (21:23 +0000)]
am
6670e315: Fix multi-advertising when LE Privacy is not available
* commit '
6670e3157c8510bc4b944c6a16d92db56adbb76c':
Fix multi-advertising when LE Privacy is not available
Arman Uguray [Sat, 18 Jul 2015 07:00:50 +0000 (00:00 -0700)]
Fix multi-advertising when LE Privacy is not available
This patch fixes a bug that caused all multi-advertising instances to be
initialized with Instance ID 0 (which is not allowed by the stack), if LE
privacy is not available. The problem was that the internal data structures that
represent advertising instances were not getting their |inst_id| field
initialized where it's supposed to.
Although far from clean, this code worked before. The culprit for the regression
is "
f9fdf890 Random address does not get written properly", which moved the
initialization of instance IDs from the loop in BTM_BleEnableAdvInstance to
btm_ble_multi_adv_enb_privacy. The latter never gets called if privacy is not
available, which leads to partially initialized structures.
Obviously both of these places were wrong to begin with. I saw the word
"init" in a function called btm_ble_multi_adv_init. I figured this might have
something to do with initializing, so I moved the logic there.
Bug:
21267281
Change-Id: I38b9a2a71cd3f45feb267a13bf29f93564ee6075
Nitin Arora [Fri, 17 Jul 2015 00:50:01 +0000 (00:50 +0000)]
am
f0e9c466: Add Moto Key Link to blacklist for LE secure connections
* commit '
f0e9c46646bf49db05a1dcbecdc0bd64d086f623':
Add Moto Key Link to blacklist for LE secure connections
Nitin Arora [Fri, 10 Jul 2015 18:24:47 +0000 (11:24 -0700)]
Add Moto Key Link to blacklist for LE secure connections
This change allows the host to mask the Cross key bit in
the key distribution fields of the pairing request and
response while pairing with the Moto key link. This is
needed since this specific remote device performs
calculations of the pairing confirm after masking the
cross key bit in the key distribtuin field which results
in a mismatch of the pairing confirm calcualted by the host
DUT and the remote.
Bug:
22539807
Change-Id: I7d758b05023cf346c97939883edda9d3adb08e1a
Arman Uguray [Thu, 16 Jul 2015 18:38:11 +0000 (18:38 +0000)]
am
50333a25: Properly disconnect GATT connection during noisy scans
* commit '
50333a25ba3dac54033738d1e2a2688e2977ff2e':
Properly disconnect GATT connection during noisy scans
Sharvil Nanavati [Thu, 16 Jul 2015 09:55:27 +0000 (02:55 -0700)]
Add a SCO routing command to net_hci.
This allows us to change the SCO routing parameters at runtime while
debugging / doing device bringup.
Change-Id: I8bafb7c7fb7ad7470d378cd14a7ee4aad63f3b9b
Arman Uguray [Wed, 15 Jul 2015 23:05:32 +0000 (16:05 -0700)]
Properly disconnect GATT connection during noisy scans
This patch fixes an issue that is reproducible in highly noisy environments
(massive deployment of BLE beacons), through repeated connect/disconnect
attempts on a remote peripheral while scanning for beacons in the background.
The state machine in bta/gatt has a special control flow for handling disconnect
requests during discovery, which in this case failed to resolve the original
request by issuing an HCI_Disconnect command. This is now fixed by always
explicitly triggering the connection close sequence once the discovery state has
been cleaned up.
This patch also includes a fix for a crash that occurred as a side-effect of the
scenario described above.
Bug:
22350508
Change-Id: Ie9cbd3c8f54239b142bfb8dde80d9581ae70ed43
Andre Eisenbach [Wed, 15 Jul 2015 19:35:15 +0000 (12:35 -0700)]
Cleanup alarm_get_remaining_ms
This function is used for PM sniff mode timers - at least until we can
re-factor those not to rely on this function.
Bug:
22040710
Change-Id: Ibe6f49440228732b2bd8242db4a44e481b00b62e
Nitin Arora [Fri, 19 Jun 2015 02:09:01 +0000 (19:09 -0700)]
Use correct own address type for batch scan
This patch ignores the input parameter and used the own
address type from address management block while setting
the batch scan parameters.
Bug:
22227689
Change-Id: I23fc80b68cfbd91d718c1094ef2483eaccda3ae1
VenkatRaghavan VijayaRaghavan [Tue, 21 Apr 2015 18:32:29 +0000 (11:32 -0700)]
Bug fix PM changes and LE connectivity mode fixes
Allow PM to support multiple delay timer for different profiles and
power mode requests. And set correct connectivity mode.
Bug:
22040710
Change-Id: Idabd9ea944f0c5a89ce542d85db9f103fa7d1816
Srinu Jella [Tue, 16 Jun 2015 14:08:45 +0000 (19:38 +0530)]
Store the link key derived from cross tranport link key
Use case: PTS test case for cross transport link key
derivation
Steps to reproduce:
1. Start Test case GAP TP/LEP/DM/BV-15 in PTSv6.0
Failure: PTS test case TP/LEP/DM/BV-15 fails as the link
key is not stored when the key is derived from other
transport key. So it will again go for pairing even though
it has link key but not stored.
Root cause: Link key is stored only when bond type is
presistent, but it sets the bond type to persistent only
when it receives SSP request but not link key is derived.
Fix: So making the solution generic to store always when the
link key type is authenticated combination key with P-256.
Bug:
22486860
Change-Id: I3eb201262f72c86a9438351cad14a6698065fa90