Bluetooth: ISO: use hci_sync for setting CIG parameters

[ Upstream commit 6b9545dc9f8ff01d8bc1229103960d9cd265343f ]

When reconfiguring CIG after disconnection of the last CIS, LE Remove
CIG shall be sent before LE Set CIG Parameters.  Otherwise, it fails
because CIG is in the inactive state and not configurable (Core v5.3
Vol 6 Part B Sec. 4.5.14.3). This ordering is currently wrong under
suitable timing conditions, because LE Remove CIG is sent via the
hci_sync queue and may be delayed, but Set CIG Parameters is via
hci_send_cmd.

Make the ordering well-defined by sending also Set CIG Parameters via
hci_sync.

Fixes: 26afbd826ee3 ("Bluetooth: Add initial implementation of CIS connections")
Signed-off-by: Pauli Virtanen <pav@iki.fi>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index ab9f002..fef09d2 100644 (file)
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -770,6 +770,11 @@ static void le_conn_timeout(struct work_struct *work)
        hci_abort_conn(conn, HCI_ERROR_REMOTE_USER_TERM);
 }
 
+struct iso_cig_params {
+       struct hci_cp_le_set_cig_params cp;
+       struct hci_cis_params cis[0x1f];
+};
+
 struct iso_list_data {
        union {
                u8  cig;
@@ -781,10 +786,7 @@ struct iso_list_data {
                u16 sync_handle;
        };
        int count;
-       struct {
-               struct hci_cp_le_set_cig_params cp;
-               struct hci_cis_params cis[0x11];
-       } pdu;
+       struct iso_cig_params pdu;
 };
 
 static void bis_list(struct hci_conn *conn, void *data)
@@ -1705,10 +1707,33 @@ static int hci_le_create_big(struct hci_conn *conn, struct bt_iso_qos *qos)
        return hci_send_cmd(hdev, HCI_OP_LE_CREATE_BIG, sizeof(cp), &cp);
 }
 
+static void set_cig_params_complete(struct hci_dev *hdev, void *data, int err)
+{
+       struct iso_cig_params *pdu = data;
+
+       bt_dev_dbg(hdev, "");
+
+       if (err)
+               bt_dev_err(hdev, "Unable to set CIG parameters: %d", err);
+
+       kfree(pdu);
+}
+
+static int set_cig_params_sync(struct hci_dev *hdev, void *data)
+{
+       struct iso_cig_params *pdu = data;
+       u32 plen;
+
+       plen = sizeof(pdu->cp) + pdu->cp.num_cis * sizeof(pdu->cis[0]);
+       return __hci_cmd_sync_status(hdev, HCI_OP_LE_SET_CIG_PARAMS, plen, pdu,
+                                    HCI_CMD_TIMEOUT);
+}
+
 static bool hci_le_set_cig_params(struct hci_conn *conn, struct bt_iso_qos *qos)
 {
        struct hci_dev *hdev = conn->hdev;
        struct iso_list_data data;
+       struct iso_cig_params *pdu;
 
        memset(&data, 0, sizeof(data));
 
@@ -1779,12 +1804,18 @@ static bool hci_le_set_cig_params(struct hci_conn *conn, struct bt_iso_qos *qos)
        if (qos->cis == BT_ISO_QOS_CIS_UNSET || !data.pdu.cp.num_cis)
                return false;
 
-       if (hci_send_cmd(hdev, HCI_OP_LE_SET_CIG_PARAMS,
-                        sizeof(data.pdu.cp) +
-                        (data.pdu.cp.num_cis * sizeof(*data.pdu.cis)),
-                        &data.pdu) < 0)
+       pdu = kzalloc(sizeof(*pdu), GFP_KERNEL);
+       if (!pdu)
                return false;
 
+       memcpy(pdu, &data.pdu, sizeof(*pdu));
+
+       if (hci_cmd_sync_queue(hdev, set_cig_params_sync, pdu,
+                              set_cig_params_complete) < 0) {
+               kfree(pdu);
+               return false;
+       }
+
        return true;
 }