Guiting Shen [Fri, 21 Apr 2023 02:47:31 +0000 (10:47 +0800)]
obexd: agent: Use if-elseif instead of multi-if to check error message
The obex agent will return only one error message at the same time.So
we should use if-elseif instead of multi-if to check error message which
maybe DEBUG_ERROR_NO_REPLY or OBEX_ERROR_REJECT in agent_reply().
Guiting Shen [Thu, 20 Apr 2023 09:55:57 +0000 (17:55 +0800)]
obexd: AuthorizePush: Support to return folder name for file storage
The obex agent usually returns the full path by getting the default
folder and filename from the Filename property of the transfer object
which is not convenient.
The patch helps that the obex agent can return the folder name suffixed
with '/' or new full path or even null which will use the default name
if new_name is NULL and the default folder if the new_folder is NULL in
opp_chkput().
Iulia Tanasescu [Wed, 19 Apr 2023 13:43:54 +0000 (16:43 +0300)]
tools/iso-tester: Add Broadcast tests for encrypted BIG
This adds the following tests for encrypted broadcast:
ISO Broadcaster Encrypted - Success
ISO Broadcaster Receiver Encrypted - Success
Iulia Tanasescu [Wed, 19 Apr 2023 13:43:53 +0000 (16:43 +0300)]
tools/isotest: Add BIG encryption options
Add command line options for BIG encryption and broadcast code.
Iulia Tanasescu [Wed, 19 Apr 2023 13:43:52 +0000 (16:43 +0300)]
monitor/packet: Fix BIG encryption decoding
Fix incorrect decoding of the encryption parameter when logging
the LE BIG Create Sync command.
Luiz Augusto von Dentz [Thu, 13 Apr 2023 00:43:51 +0000 (17:43 -0700)]
iso-tester: Add BAP Audio Configuration tests
This adds the following tests based on BAP Audio Configurations:
ISO AC 1 & 4 - Success
ISO AC 2 & 10 - Success
ISO AC 3 & 5 - Success
ISO AC 6(i) - Success
ISO AC 6(ii) - Success
ISO AC 7(i) - Success
ISO AC 7(ii) - Success
ISO AC 8(i) - Success
ISO AC 8(ii) - Success
ISO AC 9(i) - Success
ISO AC 9(ii) - Success
ISO AC 11(i) - Success
ISO AC 11(ii) - Success
Luiz Augusto von Dentz [Thu, 13 Apr 2023 00:39:03 +0000 (17:39 -0700)]
btdev: Fix not setting CIS parameters properly
The code was assuming only index 0 was to be used which doesn't work
when there are multiple CIS being programmed with different parameters.
Luiz Augusto von Dentz [Wed, 7 Sep 2022 23:49:00 +0000 (16:49 -0700)]
mgmt-tester: Fix Get/Set PHY tests
This fixes the following tests now that all supported PHYs are enabled
by default:
Start Discovery LE - (Ext Scan Param) Failed
Get PHY Success Failed
Set PHY 1m 2m coded Succcess Timed out
Luiz Augusto von Dentz [Wed, 5 Apr 2023 23:04:28 +0000 (16:04 -0700)]
client/advertising: Add support for advertise.rsi command
This adds support for advertise.rsi command which can be used to request
the generation of RSI and include it as part of advertising data:
[bluetooth]# advertise.rsi --help
Show/Enable/Disable RSI to be advertised
Usage:
rsi [on/off]
[bluetooth]# advertise.rsi
RSI: on
[bluetooth]# advertise on
...
Advertising object registered
Tx Power: off
Name: off
Appearance: off
Discoverable: on
RSI: on
[bluetooth]#
Luiz Augusto von Dentz [Wed, 5 Apr 2023 22:59:47 +0000 (15:59 -0700)]
advertising: Add support for rsi as Includes
This adds support for "rsi" when a SIRK has been set on main.conf, the
clients can then enable it via Includes property which will make the
daemon to automatically generate an RSI (hash+random) and include it as
part of the advertising data:
< HCI Command: LE Set Extended Advertising Data (0x08|0x0037) plen 15
Handle: 0x01
Operation: Complete extended advertising data (0x03)
Fragment preference: Minimize fragmentation (0x01)
Data length: 0x0b
Resolvable Set Identifier: E2-4E-AA-1B-2B-61
Hash: 0x1b2b61
Random: 0xe24eaa
Flags: 0x06
LE General Discoverable Mode
BR/EDR Not Supported
Luiz Augusto von Dentz [Wed, 5 Apr 2023 22:56:11 +0000 (15:56 -0700)]
advertising-api: Add rsi to SupportedIncludes
This adds "rsi" as possible value to SupportedIncludes so when it is
available it means client and set it on its Includes property so a
proper RSI is generated and included as part of the Advertising Data.
Luiz Augusto von Dentz [Wed, 5 Apr 2023 22:53:12 +0000 (15:53 -0700)]
shared/ad: Fix bt_ad_has_data not matching when only type is passed
bt_ad_has_data attempts to match the data portion even when not set
which is useful the user is only interested in actually mataching the
type alone.
Luiz Augusto von Dentz [Wed, 5 Apr 2023 22:51:37 +0000 (15:51 -0700)]
main.conf: Fix parsing of CSIS group
There was a typo in the group name using CSIP instead of CSIS.
Iulia Tanasescu [Wed, 5 Apr 2023 10:54:42 +0000 (13:54 +0300)]
monitor/att: Add decoding support for BASS
This adds decoding support for BASS attributes:
> ACL Data RX: Handle 0 flags 0x02 dlen 7
ATT: Read Request (0x0a) len 2
Handle: 0x003a Type: Broadcast Receive State (0x2bc8)
< ACL Data TX: Handle 0 flags 0x00 dlen 45
ATT: Read Response (0x0b) len 40
Handle: 0x003a Type: Broadcast Receive State (0x2bc8)
Value: 0100f2698be807c0013a6501020101000000000403020400
Source_ID: 1
Source_Address_Type: 0
Source_Address: C0:07:E8:8B:69:F2
Source_Adv_SID: 1
Broadcast_ID: 0x01653a
PA_Sync_State: Synchronized to PA
BIG_Encryption: Broadcast_Code required
Num_Subgroups: 1
Subgroup #0:
BIS_Sync State: 0x00000000
Metadata #0: len 0x03 type 0x02
Metadata: 0400
> ACL Data RX: Handle 0 flags 0x02 dlen 7
ATT: Read Request (0x0a) len 2
Handle: 0x003d Type: Broadcast Receive State (0x2bc8)
< ACL Data TX: Handle 0 flags 0x00 dlen 5
ATT: Read Response (0x0b) len 0
Handle: 0x003d Type: Broadcast Receive State (0x2bc8)
Value:
Empty characteristic
> ACL Data RX: Handle 0 flags 0x02 dlen 8
ATT: Write Request (0x12) len 3
Handle: 0x0040 Type: Broadcast Audio Scan Control Point (0x2bc7)
Data: 00
Opcode: Remote Scan Stopped (0x00)
< ACL Data TX: Handle 0 flags 0x00 dlen 9
ATT: Error Response (0x01) len 4
Write Request (0x12)
Handle: 0x0040
Error: Reserved (0x80)
> ACL Data RX: Handle 0 flags 0x02 dlen 8
ATT: Write Request (0x12) len 3
Handle: 0x0040 Type: Broadcast Audio Scan Control Point (0x2bc7)
Data: 01
Opcode: Remote Scan Started (0x01)
< ACL Data TX: Handle 0 flags 0x00 dlen 9
ATT: Error Response (0x01) len 4
Write Request (0x12)
Handle: 0x0040
Error: Reserved (0x80)
> ACL Data RX: Handle 0 flags 0x01 dlen 5
ATT: Write Request (0x12) len 27
Handle: 0x0040 Type: Broadcast Audio Scan Control Point (0x2bc7)
Data: 0200f2698be807c0013a650100ffff01000000000403020400
Opcode: Add Source (0x02)
Source_Address_Type: 0
Source_Address: C0:07:E8:8B:69:F2
Source_Adv_SID: 1
Broadcast_ID: 0x01653a
PA_Sync_State: Do not synchronize to PA
PA_Interval: 0xffff
Num_Subgroups: 1
Subgroup #0:
BIS_Sync State: 0x00000000
Metadata #0: len 0x03 type 0x02
Metadata: 0400
< ACL Data TX: Handle 0 flags 0x00 dlen 9
ATT: Error Response (0x01) len 4
Write Request (0x12)
Handle: 0x0040
Error: Reserved (0x80)
> ACL Data RX: Handle 0 flags 0x02 dlen 22
ATT: Write Request (0x12) len 17
Handle: 0x0040 Type: Broadcast Audio Scan Control Point (0x2bc7)
Data:
030102780001000000000403040400
Opcode: Modify Source (0x03)
Source_ID: 1
PA_Sync_State: Synchronize to PA - PAST not available
PA_Interval: 0x0078
Num_Subgroups: 1
Subgroup #0:
BIS_Sync State: 0x00000000
Metadata #0: len 0x03 type 0x04
Metadata: 0400
< ACL Data TX: Handle 0 flags 0x00 dlen 9
ATT: Error Response (0x01) len 4
Write Request (0x12)
Handle: 0x0040
Error: Reserved (0x80)
> ACL Data RX: Handle 0 flags 0x02 dlen 25
ATT: Write Request (0x12) len 20
Handle: 0x0040 Type: Broadcast Audio Scan Control Point (0x2bc7)
Data:
0401b803eac6afbb65a25a41f15305680201
Opcode: Set Broadcast_Code (0x04)
Source_ID: 1
Broadcast_Code:
b803eac6afbb65a25a41f15305680201
< ACL Data TX: Handle 0 flags 0x00 dlen 5
ATT: Write Response (0x13) len 0
< ACL Data TX: Handle 0 flags 0x00 dlen 33
ATT: Handle Multiple Value Notification (0x23) len 28
Length: 0x0018
Handle: 0x003a Type: Broadcast Receive State (0x2bc8)
Data: 0100f2698be807c0013a6501020201000000000403020400
Source_ID: 1
Source_Address_Type: 0
Source_Address: C0:07:E8:8B:69:F2
Source_Adv_SID: 1
Broadcast_ID: 0x01653a
PA_Sync_State: Synchronized to PA
BIG_Encryption: Decrypting
Num_Subgroups: 1
Subgroup #0:
BIS_Sync State: 0x00000000
Metadata #0: len 0x03 type 0x02
Metadata: 0400
> ACL Data RX: Handle 0 flags 0x02 dlen 9
ATT: Write Request (0x12) len 4
Handle: 0x0040 Type: Broadcast Audio Scan Control Point (0x2bc7)
Data: 0501
Opcode: Remove Source (0x05)
Source_ID: 1
< ACL Data TX: Handle 0 flags 0x00 dlen 9
ATT: Error Response (0x01) len 4
Write Request (0x12)
Handle: 0x0040
Error: Reserved (0x80)
Luiz Augusto von Dentz [Mon, 3 Apr 2023 18:50:36 +0000 (11:50 -0700)]
set: Fix not attempt to connect devices with RSI
If a device advertising with RSI is only found later after the set was
already create we shall still attempt to connect to it.
Inga Stotland [Sat, 1 Apr 2023 00:16:02 +0000 (17:16 -0700)]
mesh: Tighten IO and fix out-of-bounds array access
This fixes the out-of-bounds array access in mesh-io-mgmt.c caught
by address sanitizer. Similar fixes were applied earlier to
generic and unit IOs. With this patch, the common code is factored
into a centralized location.
Hans de Goede [Fri, 31 Mar 2023 20:03:29 +0000 (22:03 +0200)]
adapter: Use regular discovery for filters which only have discoverable set
discovery_filter_to_mgmt_cp() does not add discovery_filter.discoverable
to the created mgmt_cp_start_service_discovery struct.
Instead update_discovery_filter() separately checks
client->discovery_filter->discoverable for all clients.
This means that for discovery-filters which only have the discoverable
flag set, to put the adapter in discoverable mode while discovering,
the created mgmt_cp_start_service_discovery struct is empty.
This empty mgmt_cp_start_service_discovery struct then gets sent
to the kernel as part of a MGMT_OP_START_SERVICE_DISCOVERY msg
by start_discovery_timeout().
This use of an empty filter with MGMT_OP_START_SERVICE_DISCOVERY
causes some bluetooth devices to not get seen with some (most?)
Broadcom bluetooth adapters. This problem has been observed with
the following Broadcom models: BCM4343A0, BCM43430A1, BCM43341B0 .
On these models the following 2 devices were not being discovered
when starting a scan with a filter with just discoverable set
in the filter (as gnome-bluetooth does):
Device 09:02:01:03:0F:87 (public)
Name: Bluetooth 3.0 Keyboard
Alias: Bluetooth 3.0 Keyboard
Class: 0x00000540
Icon: input-keyboard
Paired: yes
Bonded: yes
Trusted: yes
Blocked: no
Connected: yes
WakeAllowed: yes
LegacyPairing: yes
UUID: Service Discovery Serve.. (
00001000-0000-1000-8000-
00805f9b34fb)
UUID: Human Interface Device... (
00001124-0000-1000-8000-
00805f9b34fb)
UUID: PnP Information (
00001200-0000-1000-8000-
00805f9b34fb)
Modalias: bluetooth:v05ACp022Cd011B
Device 00:60:D1:00:00:34 (public)
Name: Bluetooth Mouse
Alias: Bluetooth Mouse
Class: 0x00002580
Icon: input-mouse
Paired: yes
Bonded: yes
Trusted: yes
Blocked: no
Connected: yes
WakeAllowed: yes
LegacyPairing: no
UUID: Human Interface Device... (
00001124-0000-1000-8000-
00805f9b34fb)
UUID: PnP Information (
00001200-0000-1000-8000-
00805f9b34fb)
Modalias: usb:v0103p0204d001E
Since setting the discoverable flag on a filter only is a way to
automatically put the adapter in discoverable mode itself while
it is discovering; and since this does not any device filtering
at all; modify merge_discovery_filters() to treat discovery with
such filters as regular unfiltered discovery.
This results in start_discovery_timeout() starting regular
discovery through a MGMT_OP_START_DISCOVERY message and this
fixes these 2 example devices not getting discovered by the
mentioned Broadcom BT adapter models.
Link: https://gitlab.gnome.org/GNOME/gnome-bluetooth/-/merge_requests/163
Reviewed-by: Bastien Nocera <hadess@hadess.net>
Iulia Tanasescu [Fri, 31 Mar 2023 15:39:27 +0000 (18:39 +0300)]
Split bt_iso_qos into dedicated structures
Split bt_iso_qos into dedicated unicast and broadcast
structures and add additional broadcast parameters.
Luiz Augusto von Dentz [Wed, 22 Mar 2023 18:34:24 +0000 (11:34 -0700)]
avrcp: Fix crash while handling unsupported events
The following crash can be observed if the remote peer send and
unsupported event:
ERROR: AddressSanitizer: heap-use-after-free on address 0x60b000148f11
at pc 0x559644552088 bp 0x7ffe28b3c7b0 sp 0x7ffe28b3c7a0
WRITE of size 1 at 0x60b000148f11 thread T0
#0 0x559644552087 in avrcp_handle_event profiles/audio/avrcp.c:3907
#1 0x559644536c22 in control_response profiles/audio/avctp.c:939
#2 0x5596445379ab in session_cb profiles/audio/avctp.c:1108
#3 0x7fbcb3e51c43 in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x55c43)
#4 0x7fbcb3ea66c7 (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0xaa6c7)
#5 0x7fbcb3e512b2 in g_main_loop_run (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x552b2)
#6 0x559644754ab6 in mainloop_run src/shared/mainloop-glib.c:66
#7 0x559644755606 in mainloop_run_with_signal src/shared/mainloop-notify.c:188
#8 0x5596445bb963 in main src/main.c:1289
#9 0x7fbcb3bafd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#10 0x7fbcb3bafe3f in __libc_start_main_impl ../csu/libc-start.c:392
#11 0x5596444e8224 in _start (/usr/local/libexec/bluetooth/bluetoothd+0xf0224)
Manish Mandlik [Thu, 30 Mar 2023 06:08:03 +0000 (23:08 -0700)]
mgmt-tester: Add devcoredump tests
Add mgmt-tester tests for hci devcoredump. These testa trigger the
devcoredump with a test data and verifies the generated devcoredump
file for the test data and correct devcoredump header fields.
Manish Mandlik [Thu, 30 Mar 2023 06:08:02 +0000 (23:08 -0700)]
vhci: Add support to trigger devcoredump and read the dump file
Add vhci support to trigger the hci devcoredump by writing to
force_devcoredump debugfs entry and read the generated devcoredump
file.
Luiz Augusto von Dentz [Wed, 29 Mar 2023 20:27:05 +0000 (13:27 -0700)]
device: Fix not setting initiator flag when auto-connecting
If the device is marked as auto-connect the kernel may initiate the
connection spontaneously causing new connections to not have set the
state->initiator flag properly.
Luiz Augusto von Dentz [Wed, 29 Mar 2023 19:55:16 +0000 (12:55 -0700)]
bap: Mark devices to auto-connect
This makes devices with BAP support to auto-connect once they start
advertising.
Simon Mikuda [Tue, 28 Mar 2023 05:26:19 +0000 (07:26 +0200)]
l2test: Fix setting mode for BR/EDR l2cap socket
BT_MODE_* enums are used only for socket SOL_BLUETOOTH, option BT_MODE
Otherwise we should use L2CAP_MODE_* enums.
Simon Mikuda [Tue, 28 Mar 2023 05:26:18 +0000 (07:26 +0200)]
l2test: Enable hex input for PSM
Luiz Augusto von Dentz [Fri, 24 Mar 2023 23:38:56 +0000 (16:38 -0700)]
monitor: Cache IRK being parsed
This caches any IRK being parsed so they can be used to resolve
addresses later which fixes the problem of only being able to resolve
addresses if the monitor happens to be active while SMP exchange the
keys.
Luiz Augusto von Dentz [Fri, 24 Mar 2023 23:38:55 +0000 (16:38 -0700)]
monitor/att: Fix not loading gatt_db for devices using RPA
Device using RPA have its storage using its identity address so this
uses keys_resolve_identity to attempt to resolve the destination
address instead of always using the connection address.
Luiz Augusto von Dentz [Fri, 24 Mar 2023 23:38:54 +0000 (16:38 -0700)]
monitor/att: Print value when printing descriptors
This prints the value attribute information when print attribute
descriptors:
< ACL Data TX: Handle 3585 flags 0x00 dlen 9
ATT: Write Request (0x12) len 4
Handle: 0x002c Type: Client Characteristic Configuration (0x2902)
Value Handle: 0x002b Type: Battery Level (0x2a19)
Data: 0100
Notification (0x01)
Luiz Augusto von Dentz [Fri, 24 Mar 2023 23:38:53 +0000 (16:38 -0700)]
shared/gatt-db: Make gatt_db_attribute_get_value public
This makes gatt_db_attribute_get_value public so it can be used by the
likes of btmon.
Luiz Augusto von Dentz [Wed, 22 Mar 2023 01:13:49 +0000 (18:13 -0700)]
client: Add samples init scripts
This adds sample init scripts that can be passed to bluetoothctl for
testing.
Luiz Augusto von Dentz [Wed, 22 Mar 2023 01:13:48 +0000 (18:13 -0700)]
shared/shell: Add support for -i/--init-script
This adds support for -i/--init-script which can be used to provide a
file with commands to be initialized, the commands are then run in
sequence after completing:
client/bluetoothctl -i client/power-on-off.bt
Agent registered
Changing power on succeeded
[CHG] Controller A8:7E:EA:56:87:D5 Pairable: yes
[CHG] Controller 98:8D:46:EE:6D:16 Pairable: yes
[CHG] Controller 98:8D:46:EE:6D:16 PowerState: on-disabling
AdvertisementMonitor path registered
Luiz Augusto von Dentz [Fri, 17 Mar 2023 16:14:18 +0000 (09:14 -0700)]
bap: Fix not continue selecting if endpoint respond with an error
If the endpoint respond with an error we shall decrement selecting
counter and proceed to check if there is any stream that can be
configured.
Simon Mikuda [Thu, 23 Mar 2023 10:28:58 +0000 (11:28 +0100)]
monitor: Fix printing Signed Write Command
Data field were print twice (1 time incorrectly):
> ACL Data RX: Handle 64 flags 0x02 dlen 19
ATT: Signed Write Command (0xd2) len 14
Handle: 0x006f Type: Vendor specific (
f7debc9a-7856-3412-7856-
341278563412)
Data:
0800000087f303c224516133
Data:
Signature:
0800000087f303c224516133
Simon Mikuda [Thu, 23 Mar 2023 10:28:57 +0000 (11:28 +0100)]
monitor: Fix crash when there is no write handler
Aaron_shen [Wed, 15 Mar 2023 10:04:35 +0000 (18:04 +0800)]
obexd: reject to accept file when replying reject message
It will accept file when obex agent replied any message
event though the message is org.bluez.obex.Error.Rejected.
The patch helps to reject a Bluetooth object push request if
user replied "org.bluez.obex.Error.Rejected" message according
to the doc/obex-agent-api.txt.
Marijn Suijten [Sat, 11 Mar 2023 01:12:02 +0000 (02:12 +0100)]
audio/transport: Propagate errors from avrcp_set_volume to DBus
Any error while setting absolute volume on the peer, or notifying the
peer of changes was previously going completely unnoticed. Propagate it
to the logs and back to the DBus "Volume" property setter so that they
aren't misled into thinking that the AVRCP command succeeded.
Note that an error is mostly harmless when the setter of the property is
an audio sink and the peer the audio source: in this case we're only
_notifying_ the peer of the change when it has already been applied on
the sink.
Also improve the other two error messages to more closely describe what
was "invalid" about the argument.
Inga Stotland [Mon, 20 Mar 2023 05:06:18 +0000 (22:06 -0700)]
mesh: On exit free timer for filtering duplicates
This frees resources associated with duplicate filter timer
when destroying management IO.
Inga Stotland [Thu, 16 Mar 2023 21:33:12 +0000 (14:33 -0700)]
tools/mesh-cfgclient: Auto request own composition data
When attaching a local provisioner node, always request own
composition data to accommodate functional consolidation of
regular and remote provisioning mechanisms.
The knowledge of the own node composition is necessary for
provisioning initiation and self configuration.
Inga Stotland [Thu, 16 Mar 2023 21:33:11 +0000 (14:33 -0700)]
tools/mesh-cfgclient: Prevent storing duplicate models
This fixes the situation when subsequent requests to get a node
composition result in appending element's model list with duplicate models.
This adds a check for a presence of a model on an element when attempting
to add a new model ID to a model list on this element.
Pauli Virtanen [Wed, 15 Mar 2023 22:16:39 +0000 (22:16 +0000)]
doc: describe new ISO Transport properties
Document the currently undocumented transport QoS properties.
Pauli Virtanen [Wed, 15 Mar 2023 22:16:38 +0000 (22:16 +0000)]
transport: add CIG/CIS/PHY properties, don't show unset QoS properties
Add CIG, CIS, and PHY properties to BAP transport. The other QoS
properties are there, and these may also be useful to clients, e.g. to
manage CIG/CIS allocation as client.
Hide transport QoS properties when they are not configured.
Luiz Augusto von Dentz [Thu, 16 Mar 2023 19:32:58 +0000 (12:32 -0700)]
shared/gatt-client: Fix not creating a request for notifications
Notifications were using bt_att_send directly instead of
bt_gatt_client_write_value thus it wouldn't create a request which
causes the instance to not be able to track it which in turn may cause
the client to trigger its idle callback too early.
Fixes: https://github.com/bluez/bluez/issues/490
Brian Gix [Wed, 15 Mar 2023 20:56:37 +0000 (13:56 -0700)]
mesh: Don't send Prov Failed on non-existant links
If remote device does not respond to a Prov Link Open request, then the
callbacks do not get established, and attempting to send Failure
messages on the non-existent link rersult in seg fault.
Brian Gix [Wed, 15 Mar 2023 17:24:52 +0000 (10:24 -0700)]
mesh: Make MGMT mesh-io less noisy
Remove excessive logging traffic
Brian Gix [Wed, 15 Mar 2023 15:05:43 +0000 (08:05 -0700)]
mesh: Filter originated Provisioning Data packets
The mesh daemon can process incoming mesh packets on more than one
controller, but if a Provisioning data packet that originated from the
local daemon is received by a different controller, it must be filtered
and disregarded, or it will break the provisioning protocol.
Brian Gix [Thu, 9 Mar 2023 20:17:49 +0000 (12:17 -0800)]
mesh: Loopback unprovisioned beacons
Because the daemon explicitly supports multiple nodes, we need
local Config Clients to be able to see local unprovisioned devices.
This loops the unprovisioned beacon, so that local Provisioning servers
can see it.
Fixes Issue: https://github.com/bluez/bluez/issues/341
Brian Gix [Mon, 13 Mar 2023 18:48:42 +0000 (11:48 -0700)]
mesh: Fix uninitialized memory usage
When attempting to cancel an unknown Scan request structure must be
NULL initialized.
Luiz Augusto von Dentz [Tue, 14 Mar 2023 19:23:25 +0000 (12:23 -0700)]
shared/gatt-client: Fix crash on bt_gatt_client_idle_unregister
This fixes the following crash:
Invalid read of size 8
at 0x1E1E0B: bt_gatt_client_idle_unregister (gatt-client.c:3812)
by 0x1EB6BD: bt_bap_detach (bap.c:3821)
by 0x1EB6BD: bt_bap_detach (bap.c:3808)
by 0x1D5631: queue_foreach (queue.c:207)
by 0x1DCAA3: disconnect_cb (att.c:713)
by 0x1F4404: watch_callback (io-glib.c:157)
by 0x48BBC7E: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.7400.6)
by 0x4912117: ??? (in /usr/lib64/libglib-2.0.so.0.7400.6)
by 0x48BB24E: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.7400.6)
by 0x1F4A54: mainloop_run (mainloop-glib.c:66)
by 0x1F4E21: mainloop_run_with_signal (mainloop-notify.c:188)
by 0x1304B4: main (main.c:1428)
Address 0x28 is not stack'd, malloc'd or (recently) free'd
Łukasz Rymanowski [Sat, 11 Mar 2023 23:36:40 +0000 (00:36 +0100)]
btmon: Fix decoding truncated data
Some platforms use different filtering and for this purpose,
some of the ACL/SCO/ISO/SDP data is truncated.
In such a case, included length is smaller than the original size.
Without this fix, btmon stops working after first truncated packet.
Pauli Virtanen [Tue, 14 Mar 2023 18:04:27 +0000 (18:04 +0000)]
shared/bap: fix Locations, Context to be PACS not PAC properties
Audio Locations and Contexts are properties of the PACS service, not of
individual PAC, as these are device-wide bitmaps and a single
characteristic may exist on PACS server (PACS v1.0 Sec 3).
Move the attributes out from bt_bap_pac to bt_bap_pacs, and actually
keep track of the values.
Luiz Augusto von Dentz [Mon, 13 Mar 2023 18:31:21 +0000 (11:31 -0700)]
device: Fix crash attempting to read Sets property
The following set can be observed when a sirk is exists but it is
encrypted leading to info->set to not be set:
Invalid read of size 8
at 0x1ACDF0: append_set (device.c:1662)
by 0x1FFEFFF7DF: ???
by 0x1D4461: queue_foreach (queue.c:207)
by 0x1AC8DE: dev_property_get_set (device.c:1700)
by 0x1CF3E2: append_property (object.c:498)
by 0x1CFA91: append_properties (object.c:527)
by 0x1CFAFD: append_interface (object.c:542)
by 0x48D7CEF: g_slist_foreach (gslist.c:887)
by 0x1CF5A7: append_interfaces (object.c:1104)
by 0x1CF5A7: append_object (object.c:1119)
by 0x48D7CEF: g_slist_foreach (gslist.c:887)
by 0x1CF5D0: append_object (object.c:1122)
by 0x48D7CEF: g_slist_foreach (gslist.c:887)
Address 0x8 is not stack'd, malloc'd or (recently) free'd
Luiz Augusto von Dentz [Mon, 13 Mar 2023 22:51:50 +0000 (15:51 -0700)]
shared/csip: Fix crash on bt_csip_get_sirk
This fixes the following trace:
Invalid read of size 1
at 0x1F4282: bt_csip_get_sirk (csip.c:812)
by 0x176B21: csip_ready (csip.c:259)
by 0x1F3C74: csip_notify_ready (csip.c:578)
by 0x1F3C74: csip_idle (csip.c:659)
by 0x1DCDCC: idle_notify (gatt-client.c:171)
by 0x1D579A: queue_remove_if (queue.c:279)
by 0x1D584F: queue_remove_all (queue.c:321)
by 0x1E036F: notify_client_idle (gatt-client.c:180)
by 0x1E036F: request_unref (gatt-client.c:199)
by 0x1DC60D: destroy_att_send_op (att.c:211)
by 0x1DC60D: handle_rsp (att.c:874)
by 0x1DC60D: can_read_data (att.c:1064)
by 0x1F43F4: watch_callback (io-glib.c:157)
by 0x48BBC7E: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.7400.6)
by 0x4912117: ??? (in /usr/lib64/libglib-2.0.so.0.7400.6)
by 0x48BB24E: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.7400.6)
Address 0x0 is not stack'd, malloc'd or (recently) free'd
Luiz Augusto von Dentz [Mon, 13 Mar 2023 22:51:49 +0000 (15:51 -0700)]
shared/gatt-client: Introduce bt_gatt_client_ref_safe
This introduces bt_gatt_client_ref_save which ensures the instaces
which are being destroyed, e.g. ref_count = 0, do not attempt to reach
callbacks.
Luiz Augusto von Dentz [Mon, 13 Mar 2023 22:51:48 +0000 (15:51 -0700)]
shared/csip: Fix not unregistering idle callback on detach
This make sure idle callback is unregistered before bt_gatt_client is
unref.
Luiz Augusto von Dentz [Mon, 13 Mar 2023 22:51:47 +0000 (15:51 -0700)]
shared/bap: Fix not unregistering idle callback on detach
This make sure idle callback is unregistered before bt_gatt_client is
unref.
Inga Stotland [Fri, 10 Mar 2023 01:35:12 +0000 (17:35 -0800)]
mesh: Fix node when loading from storage
This fixes adding mandatory models (config server, remote provisioner)
to a node whose configuration is being loaded from storage:
mesh_model_add() was called with a wrong argument.
Was: mesh_model_add(..., PRIMARY_ELE_IDX, ...);
Correct: mesh_model_add(..., ele->models, ...);
Luiz Augusto von Dentz [Tue, 7 Mar 2023 00:48:43 +0000 (16:48 -0800)]
client: Use AdvertisingFlags when available
This prints devices not discoverable in grey so the user are able to
distict when for example set members are actually visible.
Luiz Augusto von Dentz [Fri, 3 Mar 2023 22:07:14 +0000 (14:07 -0800)]
client: Add support for DeviceSet proxy
Sathish Narasimman [Tue, 22 Nov 2022 10:12:32 +0000 (15:42 +0530)]
tools: Add support to generate RSI using SIRK
The patch helps to generate Resolvable set identifier adv data.
which can be used as ADV data during advertisement.
It will be used to identify the device as part of setmember for
Coordinated set identification profile.
Example:
$<path to advtest/>advtest -i "
761FAE703ED681F0C50B34155B6434FB"
SIRK:
761FAE703ED681F0C50B34155B6434FB
RSI: 0x71 0xcb 0xbc 0x7e 0x01 0x84
Random: bccb71
Hash: 84017e
Sathish Narasimman [Tue, 22 Nov 2022 10:12:30 +0000 (15:42 +0530)]
profiles: Add initial code for csip plugin
This adds initial code for csip plugin which handles Coordinated
set identification Profile and Coordinated Set Identification
Service.
Sathish Narasimman [Tue, 22 Nov 2022 10:12:29 +0000 (15:42 +0530)]
shared/csip: Add initial code for handling CSIP
This adds initial code for Coordinated Set Identification Profile.
Sathish Narasimman [Tue, 22 Nov 2022 10:12:28 +0000 (15:42 +0530)]
main.conf: Add CSIP profile configurable options
This introduces option to configure main.conf that can be used to
configure co-ordinated set identification profile.
Luiz Augusto von Dentz [Wed, 22 Feb 2023 22:06:05 +0000 (14:06 -0800)]
core: Check if device has RSI
This checks if device is advertising an RSI and if so disregards if it
is not discoverable since other members can be.
Luiz Augusto von Dentz [Fri, 3 Mar 2023 01:10:07 +0000 (17:10 -0800)]
core: Add initial implementation of DeviceSet interface
This adds the initial implementation of DeviceSet interface as
documented in doc/set-api.rst.
Luiz Augusto von Dentz [Sat, 4 Mar 2023 00:04:26 +0000 (16:04 -0800)]
device-api: Add Set property
This adds Set property so clients are able to identify when a device
belongs to a set.
Luiz Augusto von Dentz [Fri, 3 Mar 2023 01:03:26 +0000 (17:03 -0800)]
doc: Add set-api
This adds set-api.rst which documents DeviceSet interface.
Luiz Augusto von Dentz [Thu, 2 Mar 2023 22:16:07 +0000 (14:16 -0800)]
shared/ad: Add RSI data type
This adds BT_AD_CSIP_RSI advertising data type.
Luiz Augusto von Dentz [Thu, 2 Mar 2023 21:47:44 +0000 (13:47 -0800)]
shared/crypto: Add bt_crypto_sirk
This adds bt_crypto_sirk which attempts to generate a unique SIRK using
the following steps:
- Generate a hash (k) using the str as input
- Generate a hash (sirk) using vendor, product, version and source as input
- Encrypt sirk using k as LTK with sef function.
Luiz Augusto von Dentz [Fri, 10 Mar 2023 21:18:45 +0000 (13:18 -0800)]
client/player: Update High Reliability presets
This updates High Reliability presets as published in BAP 1.0.1:
https://www.bluetooth.com/specifications/bap-1-0-1/
Luiz Augusto von Dentz [Fri, 10 Mar 2023 21:17:22 +0000 (13:17 -0800)]
iso-tester: Update High Reliability presets
This updates High Reliability presets as published in BAP 1.0.1:
https://www.bluetooth.com/specifications/bap-1-0-1/
Luiz Augusto von Dentz [Wed, 8 Mar 2023 23:30:46 +0000 (15:30 -0800)]
l2cap-tester: Add server tests for Ext-Flowctl
This adds the following tests:
L2CAP Ext-Flowctl Server - Success
L2CAP Ext-Flowctl Server - Nval SCID
L2CAP LE EATT Client - Success
L2CAP LE EATT Server - Success
L2CAP LE EATT Server - Reject
Luiz Augusto von Dentz [Thu, 9 Mar 2023 22:20:17 +0000 (14:20 -0800)]
gatt: Use DEFER_SETUP for EATT channels
This makes use of DEFER_SETUP mechanism to do the following checks
before accepting the connection:
- Checks a valid device object exits
- Checks if initiator/central as if the peripheral start connecting it
may cause collisions.
- Checks if the limit of allowed connections has been reached.
Luiz Augusto von Dentz [Thu, 9 Mar 2023 18:51:46 +0000 (10:51 -0800)]
main: Disable EATT by default
EATT is causing some problem with some platforms as they also attempt to
configure it may cause a connection collision which needs to be handled
by the kernel.
Luiz Augusto von Dentz [Wed, 8 Mar 2023 00:49:38 +0000 (16:49 -0800)]
gatt: Fix creating duplicated objects
This checks cid before attempting to create device, if the device is
using an RPA it could be that the MGMT event has not been processed yet
which would lead to create a second copy of the same device using its
identity address.
Luiz Augusto von Dentz [Wed, 8 Mar 2023 00:47:33 +0000 (16:47 -0800)]
device: Fix not always storing device info
When updating the device address check if the device is marked as
temporary before attempting to call store_device_info otherwise it will
have no effect and instead btd_device_set_temporary must be called.
Luiz Augusto von Dentz [Tue, 7 Mar 2023 21:00:22 +0000 (13:00 -0800)]
shared/att: Always queue BT_ATT_OP_MTU_REQ on the fixed channel
BT_ATT_OP_MTU_REQ shall only be sent on the so called fixed channel
since EATT channels shall use L2CAP procedure to update its MTU.
Luiz Augusto von Dentz [Thu, 2 Mar 2023 19:56:36 +0000 (11:56 -0800)]
bap: Fix crash on unexpected disconnect
If an unexpected disconnect happens while bt_bap_config is pending the
following trace can be observed, to fix it bt_bap_config is reworked so
it no longer attempts to create and config the stream in place, instead
it just return the new stream and the function is renamed to
bt_bap_stream_new:
Invalid write of size 4
at 0x3980D8: config_cb (bap.c:395)
by 0x4DF5A3: bap_req_complete (bap.c:3471)
by 0x4E9D33: bap_req_detach (bap.c:3807)
by 0x4E9D33: bt_bap_detach (bap.c:3819)
by 0x4E9D33: bt_bap_detach (bap.c:3810)
by 0x397AA9: bap_disconnect (bap.c:1342)
by 0x4223E0: btd_service_disconnect (service.c:305)
by 0x4974D8F: g_slist_foreach (in /usr/lib64/libglib-2.0.so.0.7200.3)
by 0x438FC3: att_disconnected_cb (device.c:5160)
by 0x49A6C6: queue_foreach (queue.c:207)
by 0x4B463B: disconnect_cb (att.c:701)
by 0x5054DF: watch_callback (io-glib.c:157)
by 0x495BFAE: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.7200.3)
by 0x49B12C7: ??? (in /usr/lib64/libglib-2.0.so.0.7200.3)
Address 0x6576940 is 96 bytes inside a block of size 112 free'd
at 0x48480E4: free (vg_replace_malloc.c:872)
by 0x48F78D: remove_interface (object.c:660)
by 0x490489: g_dbus_unregister_interface (object.c:1394)
by 0x397BA8: ep_remove (bap.c:1330)
by 0x49ACF4: queue_remove_if (queue.c:279)
by 0x49B0AC: queue_remove_all (queue.c:321)
by 0x397A7C: bap_disconnect (bap.c:1339)
by 0x4223E0: btd_service_disconnect (service.c:305)
by 0x4974D8F: g_slist_foreach (in /usr/lib64/libglib-2.0.so.0.7200.3)
by 0x438FC3: att_disconnected_cb (device.c:5160)
by 0x49A6C6: queue_foreach (queue.c:207)
by 0x4B463B: disconnect_cb (att.c:701)
Block was alloc'd at
at 0x484586F: malloc (vg_replace_malloc.c:381)
by 0x49B432: util_malloc (util.c:43)
by 0x39A1D9: ep_register (bap.c:563)
by 0x39A1D9: pac_found (bap.c:664)
by 0x4E5FEA: bap_foreach_pac (bap.c:3980)
by 0x4EA437: bap_notify_ready (bap.c:2736)
by 0x4EA437: bap_idle (bap.c:3711)
by 0x4B52F0: idle_notify (gatt-client.c:171)
by 0x49ACF4: queue_remove_if (queue.c:279)
by 0x49B0AC: queue_remove_all (queue.c:321)
by 0x4C092C: notify_client_idle (gatt-client.c:180)
by 0x4C092C: request_unref (gatt-client.c:199)
by 0x4AACB5: destroy_att_send_op (att.c:209)
by 0x4B2B88: handle_rsp (att.c:862)
by 0x4B2B88: can_read_data (att.c:1052)
by 0x5054DF: watch_callback (io-glib.c:157)
Luiz Augusto von Dentz [Thu, 2 Mar 2023 00:23:15 +0000 (16:23 -0800)]
shared/bap: Make use of bt_gatt_client_idle_register
This uses bt_gatt_client_idle_register to track when instance is ready
instead of using a dedicated queue to track requests.
Fixes: https://github.com/bluez/bluez/issues/485
Luiz Augusto von Dentz [Wed, 1 Mar 2023 01:33:27 +0000 (17:33 -0800)]
media: Fix not checking BREDR support for A2DP
A2DP shall depend on MGMT_SETTING_BREDR setting so the likes of
bluetoothctl -e don't attempt to register A2DP with controller that
are on LE only mode.
Luiz Augusto von Dentz [Wed, 1 Mar 2023 00:05:47 +0000 (16:05 -0800)]
share/gatt-client: Introduce idle callback
This introduces the concept of idle callback which can be used to get
notified when there is no more pending requests by the client.
Luiz Augusto von Dentz [Tue, 28 Feb 2023 22:22:31 +0000 (14:22 -0800)]
shared/bap: Cleanup requests on detach
If session is being detached any ongoing/queue request shall be
cancelled as well otherwise when the session is attach again they would
be invalid.
Luiz Augusto von Dentz [Tue, 28 Feb 2023 01:07:43 +0000 (17:07 -0800)]
client: Allow transport.send command to work with multiple transports
This enables transport.send to work with multiple transports instead of
sending one by one which can create synchronization problems.
Luiz Augusto von Dentz [Fri, 24 Feb 2023 00:31:19 +0000 (16:31 -0800)]
device: Don't attempt to connect LE if ATT is already connected
This checks if an att instance already exists before attempting to
connect it once again.
Pauli Virtanen [Sat, 25 Feb 2023 21:42:51 +0000 (21:42 +0000)]
iso-tester: Add test for central receiving timestamped ISO packet
This attempts to receive a timestamped HCI ISO data packet on central.
With kernel 6.2 HCI ISO packet parsing this test fails with
Bluetooth: Frame malformed (len 40, expected len 0)
Link: https://lore.kernel.org/linux-bluetooth/1fd2d4523c139deda93aab2c31f1508d79c32472.1676921889.git.pav@iki.fi/
Pauli Virtanen [Sat, 25 Feb 2023 21:42:50 +0000 (21:42 +0000)]
bthost: Allow sending ISO packets with sequence number and timestamp
Change bthost_send_iso to take packet sequence number and timestamp, and
allow it to send timestamped HCI ISO data packets.
Currently, btdev passes through ISO packets, so this can also be used to
test RX timestamping.
Pauli Virtanen [Fri, 24 Feb 2023 18:09:46 +0000 (18:09 +0000)]
shared/bap: fix crash unregistering media endpoint while streaming
Always free BAP stream in bt_bap_stream_release if it is not attached to
a client session, simplifying the cleanup.
Fixes the following ASAN crash is observed when media endpoint is
unregistered (stopping sound server) while streaming from remote BAP
client:
ERROR: AddressSanitizer: heap-use-after-free on address 0x60b0000474d8
READ of size 8 at 0x60b0000474d8 thread T0
#0 0x7a27c6 in stream_set_state src/shared/bap.c:1227
#1 0x7aff61 in remove_streams src/shared/bap.c:2483
#2 0x71d2d0 in queue_foreach src/shared/queue.c:207
#3 0x7b0152 in bt_bap_remove_pac src/shared/bap.c:2501
#4 0x463cda in media_endpoint_destroy profiles/audio/media.c:179
...
0x60b0000474d8 is located 8 bytes inside of 112-byte region
freed by thread T0 here:
#0 0x7f93b12b9388 in __interceptor_free.part.0 (/lib64/libasan.so.8+0xb9388)
#1 0x7a0504 in bap_stream_free src/shared/bap.c:972
#2 0x7a0800 in bap_stream_detach src/shared/bap.c:989
#3 0x7a26d1 in bap_stream_state_changed src/shared/bap.c:1208
#4 0x7a2ab4 in stream_set_state src/shared/bap.c:1252
#5 0x7ab18a in stream_release src/shared/bap.c:1985
#6 0x7c6919 in bt_bap_stream_release src/shared/bap.c:4572
#7 0x7aff50 in remove_streams src/shared/bap.c:2482
...
previously allocated by thread T0 here:
#0 0x7f93b12ba6af in __interceptor_malloc (/lib64/libasan.so.8+0xba6af)
#1 0x71e9ae in util_malloc src/shared/util.c:43
#2 0x79c2f5 in bap_stream_new src/shared/bap.c:766
#3 0x7a4863 in ep_config src/shared/bap.c:1446
#4 0x7a4f22 in ascs_config src/shared/bap.c:1481
...
Pauli Virtanen [Thu, 23 Feb 2023 19:14:44 +0000 (19:14 +0000)]
device: wait GATT client ready before service accept() if no cache
On device ATT attach, do not immediately call accept() for profiles, if
there is no cached data in GATT database. Instead, wait for service
resolution to complete, as likely accept() cannot succeed before that.
Several profiles (bap, vcp, midi, deviceinfo) assume that GATT
attributes are available when their accept() is called, returning
success even if not. In this case, the services never find the remote
attributes and are not operable. Other profiles (hog, batt, ...) fail
their accept which prompts core to retry after discovery, and work
correctly also in this case.
Fix the failing services by waiting for service resolution as necessary,
so profiles can assume the GATT DB has some content.
Tedd Ho-Jeong An [Mon, 20 Feb 2023 18:12:05 +0000 (10:12 -0800)]
configure: Check ell path
If the 'enable-external-ell' is not specified in the configure parameter,
the build system assumes that the ELL source is located same level where
the bluez source is cloned. But the configure doens't check the folder
and user will get the build error while building the source.
This patch checks if the ELL source path if the 'enable-external-ell'
flag is not set and throws an error if the ELL doesn't exist.
Pauli Virtanen [Sun, 19 Feb 2023 18:02:03 +0000 (18:02 +0000)]
audio/transport: update BAP transport QOS values when changed
Currently, BAP transport publishes on DBus QOS values obtained at
transport creation time. For BAP server the transport creation usually
occurs before stream QOS is configured, and these values are then all
zero. bap->sdu is also never set.
Update transport QOS values in DBus when stream state changes. Since
nearly all QOS values are exposed in the transport, use bt_bap_qos to
store them there for simplicity.
Pauli Virtanen [Wed, 15 Feb 2023 22:26:02 +0000 (22:26 +0000)]
media: fix ASAN crash in pac_config_cb
Don't call configuration callback if stream's transport was cleared in
the meantime. The clear callback is called just before the stream is
freed.
Fixes ASAN crash on disconnect while waiting for SetConfiguration DBus
reply:
ERROR: AddressSanitizer: heap-use-after-free on address 0x60b00002eb90
READ of size 8 at 0x60b00002eb90 thread T0
#0 0x7a4892 in bap_stream_config_cfm_cb src/shared/bap.c:3201
#1 0x4688fb in pac_config_cb profiles/audio/media.c:1010
#2 0x462164 in media_endpoint_cancel profiles/audio/media.c:157
#3 0x462243 in media_endpoint_cancel_all profiles/audio/media.c:165
#4 0x46365b in clear_endpoint profiles/audio/media.c:297
#5 0x463a21 in endpoint_reply profiles/audio/media.c:325
...
freed by thread T0 here:
#0 0x7eff644b9388 in __interceptor_free.part.0 (/lib64/libasan.so.8+0xb9388)
#1 0x78d8cc in bap_stream_free src/shared/bap.c:974
#2 0x78dbc8 in bap_stream_detach src/shared/bap.c:991
#3 0x78fa43 in bap_stream_state_changed src/shared/bap.c:1210
#4 0x78fe26 in stream_set_state src/shared/bap.c:1254
#5 0x7ab5ce in stream_foreach_detach src/shared/bap.c:3820
#6 0x70ce06 in queue_foreach src/shared/queue.c:207
#7 0x7ab942 in bt_bap_detach src/shared/bap.c:3836
#8 0x51da7a in bap_disconnect profiles/audio/bap.c:1342
#9 0x626e57 in btd_service_disconnect src/service.c:305
Pauli Virtanen [Wed, 15 Feb 2023 22:26:01 +0000 (22:26 +0000)]
media: look up BAP transports by their associated stream
To look up transports, use BAP stream pointers associated with them, not
the path strings stored in the stream user data. This makes it clearer
that transports presented to the sound server correspond to the actual
streams. The Acquire/etc. of BAP transports are already tied to the
associated stream.
This fixes use-after-free crashes in pac_clear. They occur because the
lifetime of the path string was either that of media transport or media
endpoint, which may be shorter than that of the BAP stream. In such
case, pac_clear is entered with invalid pointer in stream user data,
leading to crash. There are a few code paths for this, e.g. making
sound server delay its SetConfiguration response (e.g. gdb breakpoint)
to get dbus timeout, then disconnecting:
ERROR: AddressSanitizer: heap-use-after-free on address XXXX
READ of size 3 at 0x606000031640 thread T0
...
#4 0x559891 in btd_debug src/log.c:117
#5 0x46abfd in pac_clear profiles/audio/media.c:1096
#6 0x79fcaf in bap_stream_clear_cfm src/shared/bap.c:914
#7 0x7a060d in bap_stream_detach src/shared/bap.c:987
#8 0x7a25ea in bap_stream_state_changed src/shared/bap.c:1210
#9 0x7a29cd in stream_set_state src/shared/bap.c:1254
#10 0x7be824 in stream_foreach_detach src/shared/bap.c:3820
#11 0x71d15d in queue_foreach src/shared/queue.c:207
#12 0x7beb98 in bt_bap_detach src/shared/bap.c:3836
#13 0x5228cb in bap_disconnect profiles/audio/bap.c:1342
#14 0x63247c in btd_service_disconnect src/service.c:305
freed by thread T0 here:
#0 0x7f16708b9388 in __interceptor_free.part.0 (/lib64/libasan.so.8+0xb9388)
#1 0x7f167071b8cc in g_free (/lib64/libglib-2.0.so.0+0x5b8cc)
#2 0x7047b7 in remove_interface gdbus/object.c:660
#3 0x70aef6 in g_dbus_unregister_interface gdbus/object.c:1394
#4 0x47be30 in media_transport_destroy profiles/audio/transport.c:217
#5 0x464ab9 in endpoint_remove_transport profiles/audio/media.c:270
#6 0x464d26 in clear_configuration profiles/audio/media.c:292
#7 0x464e69 in clear_endpoint profiles/audio/media.c:300
#8 0x46516e in endpoint_reply profiles/audio/media.c:325
...
Fixes:
7b1b1a499cf3 ("media: clear the right transport when clearing BAP endpoint")
Pauli Virtanen [Wed, 15 Feb 2023 22:26:00 +0000 (22:26 +0000)]
audio/transport: add media_transport_get_stream method for transports
Add a method for getting the audio stream associated with a media
transport.
Luiz Augusto von Dentz [Thu, 1 Dec 2022 22:10:16 +0000 (14:10 -0800)]
monitor/att: Fix ASE frequency values
This fixes the printed hex value of some of the frequencies.
Dave Nicolson [Sun, 12 Feb 2023 17:24:02 +0000 (18:24 +0100)]
gatttool: Use consistent spacing before brackets
Luiz Augusto von Dentz [Tue, 14 Feb 2023 02:15:31 +0000 (18:15 -0800)]
mgmt: Use BIT macro when defining bitfields
This makes use of BIT macro when defining bitfields which makes it
clearer what bit it is toggling.
Pauli Virtanen [Sat, 11 Feb 2023 10:53:51 +0000 (10:53 +0000)]
media: Check adapter CIS support to add BAP in SupportedUUIDs
Don't indicate BAP support in SupportedUUIDs, if adapter supports
neither CIS Central nor Peripheral.
Pauli Virtanen [Sat, 11 Feb 2023 10:53:50 +0000 (10:53 +0000)]
adapter: Add function for checking adapter settings
Add function for checking adapter current settings.
Pauli Virtanen [Sat, 11 Feb 2023 10:53:49 +0000 (10:53 +0000)]
tools/btmgmt: add MGMT setting bit names for CIS feature support
Add names for CIS Central/Peripheral MGMT setting bits:
[mgmt]# info
Index list with 1 item
hci0: Primary controller
addr XX:XX:XX:XX:XX:XX version 12 manufacturer 2 class 0x7c0104
supported settings: powered connectable fast-connectable discoverable bondable link-security ssp br/edr le advertising secure-conn debug-keys privacy configuration static-addr phy-configuration wide-band-speech cis-central cis-peripheral
current settings: powered bondable ssp br/edr le secure-conn cis-central cis-peripheral
name xxx
short name
hci0: Configuration options
supported options: public-address
missing options:
Pauli Virtanen [Sat, 11 Feb 2023 10:53:48 +0000 (10:53 +0000)]
monitor: add MGMT setting bit names for CIS feature support
Add names for CIS Central/Peripheral MGMT bits:
@ MGMT Event: Command Complete (0x0001) plen 283 {0x0002} [hci0] 3.745117
Read Controller Information (0x0004) plen 280
Status: Success (0x00)
Address: XX:XX:XX:XX:XX:XX (Intel Corporate)
Version: Bluetooth 5.3 (0x0c)
Manufacturer: Intel Corp. (2)
Supported settings: 0x000ffeff
Powered
Connectable
Fast Connectable
Discoverable
Bondable
Link Security
Secure Simple Pairing
BR/EDR
Low Energy
Advertising
Secure Connections
Debug Keys
Privacy
Controller Configuration
Static Address
PHY Configuration
Wideband Speech
CIS Central
CIS Peripheral
Current settings: 0x000c0ad1
Powered
Bondable
Secure Simple Pairing
BR/EDR
Low Energy
Secure Connections
CIS Central
CIS Peripheral
Class: 0x7c0104
Major class: Computer (desktop, notebook, PDA, organizers)
Minor class: Desktop workstation
Rendering (Printing, Speaker)
Capturing (Scanner, Microphone)
Object Transfer (v-Inbox, v-Folder)
Audio (Speaker, Microphone, Headset)
Telephony (Cordless telephony, Modem, Headset)
Name: xxx
Short name:
Pauli Virtanen [Sat, 11 Feb 2023 10:53:47 +0000 (10:53 +0000)]
lib: Add defines for MGMT setting bits for CIS feature support