and that any data supposedly copied out is valid before use.
prompted by maxv@, I have checked every usage of m_copydata() and made
the following corrections
hci_event.c:
hci_event_command_compl()
check that the packet does contain enough data for there to
be a status code before noting possible failures.
hci_event_num_compl_pkts()
check that the packet does contain data to cover the
stated number of handle/num pairs
l2cap_signal.c:
l2cap_recv_signal()
just ignore packets with not enough data rather than
trying to reject them (may not have cmd.ident)
l2cap_recv_command_rej()
check we have a valid reason and/or data before use
- remove #ifdef DIAGNOSTIC, so that we won't act
differently
- handle the cases where a Bluetooth adapter
sends invalid packet data (I've not seen this,
but it is not impossible)
- use KASSERT for actual impossible situations
(to catch bad future development)
and cache the maximum ACL/SCO packet buffers.
provide an additional SIOCGBTFEAT ioctl to retrieve the cached
features, and add the max values to the SIOC?BTINFO results.
(btreq does not change size)
- Socket layer becomes MP safe.
- Unix protocols become MP safe.
- Allows protocol processing interrupts to safely block on locks.
- Fixes a number of race conditions.
With much feedback from matt@ and plunky@.
reason and the command_status event returns failure but we get no
indication of which connection failed (for instance in the case where
we tried to open too many connections all at once)
So, keep a flag on the link to indicate pending status until the
command_status event is returned to help us decide which should
be failed.
to remove the frobbing that drivers must do in the hci_unit structure.
- driver provides a static const interface descriptor
- hci_unit is allocated by hci_attach() rather than part of softc
- statistics are compiled by driver and provided on request
- driver provides output methods and is responsible for output queue
- stack provides input methods and is responsible for input queue
- mutex is used to arbitrate device queue access
make bluetooth stack keep device_t instead of softc pointer as
device is not necessarily part of softc, and pass device_t to
driver callbacks. hci_devname is no longer required.
- centralise creation of new memo into function
hci_memo_new(), when a memo exists for that address,
just update the timestamp.
- all results of inquiry/rssi result are processed; even
if no memo can be allocated, we may update a timestamp.
- for new connections, query the clock offset of the remote
device, in order that we can use it to facilitate future
reconnections
- as a connection is removed, make a memo of the clock offset
the Linux (BlueZ) API.
- L2CAP or RFCOMM connections can require the baseband radio link
mode be any of:
authenticated (devices are paired)
encrypted (implies authentication)
secured (encryption, plus generate new link key)
- for sockets, the mode is set using setsockopt(2) and the socket
connection will be aborted if the mode change fails.
- mode settings will be applied during connection establishment, and
for safety, we enter a wait state and will only proceed when the mode
settings are successfuly set.
- It is possible to change the mode on already open connections, but
not possible to guarantee that data already queued (from either end)
will not be delivered. (this is a feature, not a bug)
- bthidev(4) and rfcomm_sppd(1) support "auth", "encrypt" and
"secure" options
- btdevctl(8) by default enables "auth" for HIDs, and "encrypt" for
keyboards (which are required to support it)
hci_event.c:
- Convert memo->response.clock_offset to host-endian.
hci_ioctl.c:
- printf format tweak (size_t)
hci_link.c:
- Convert memo->response.clock_offset from host-endian.
- Tweak a DIAGNOSTIC message.
l2cap_signal.c:
- In l2cap_recv_config_req(), rp->scid is little-endian so make sure
we convert from host-endian.
from scw@
NetBSD Foundation Membership still pending.) This stack was written by
Iain under sponsorship from Itronix Inc.
The stack includes support for rfcomm networking (networking via your
bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets.
Drivers for both PCMCIA and USB bluetooth controllers are included.
