From: Marcel Holtmann <marcel@holtmann.org>
Date: Thu, 22 Jan 2015 19:15:21 +0000 (-0800)
Subject: Bluetooth: Limit BR/EDR switching for LE only with secure connections
X-Git-Tag: firefly_0821_release~176^2~2371^2~73^2~48
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=3a5486e1fdb0da7a18788f40b17d351af90d0ea7;p=firefly-linux-kernel-4.4.55.git

Bluetooth: Limit BR/EDR switching for LE only with secure connections

When a powered on dual-mode controller has been configured to operate
as LE only with secure connections, then the BR/EDR side of things can
not be switched back on. Do reconfigure the controller it first needs
to be powered down.

The secure connections feature is implemented in the BR/EDR controller
while for LE it is implemented in the host. So explicitly forbid such
a transaction to avoid inconsistent states.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
---

diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 3049a4815665..e86b8d9105e9 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -4691,9 +4691,16 @@ static int set_bredr(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
 		 * Dual-mode controllers shall operate with the public
 		 * address as its identity address for BR/EDR and LE. So
 		 * reject the attempt to create an invalid configuration.
+		 *
+		 * The same restrictions applies when secure connections
+		 * has been enabled. For BR/EDR this is a controller feature
+		 * while for LE it is a host stack feature. This means that
+		 * switching BR/EDR back on when secure connections has been
+		 * enabled is not a supported transaction.
 		 */
 		if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) &&
-		    bacmp(&hdev->static_addr, BDADDR_ANY)) {
+		    (bacmp(&hdev->static_addr, BDADDR_ANY) ||
+		     test_bit(HCI_SC_ENABLED, &hdev->dev_flags))) {
 			err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
 					 MGMT_STATUS_REJECTED);
 			goto unlock;