Commit 3a7fdfb7 authored by Luiz Augusto von Dentz's avatar Luiz Augusto von Dentz
Browse files

Bluetooth: hci_event: Fix handling of HCI_EV_LE_DIRECT_ADV_REPORT 

Some controllers seems to generate HCI_EV_LE_DIRECT_ADV_REPORT even when
scan_filter is not set to 0x02 or 0x03, which indicates that local
privacy is enabled, causing them to be ignored thus breaking
auto-connect logic:

< HCI Command: LE Set Scan Parameters (0x08|0x000b) plen 7
        Type: Passive (0x00)
        Interval: 60.000 msec (0x0060)
        Window: 30.000 msec (0x0030)
        Own address type: Public (0x00)
        Filter policy: Ignore not in accept list (0x01)
...
> HCI Event: LE Meta Event (0x3e) plen 18
      LE Direct Advertising Report (0x0b)
        Num reports: 1
        Event type: Connectable directed - ADV_DIRECT_IND (0x01)
        Address type: Random (0x01)
        Address: XX:XX:XX:XX:XX:XX (Static)
        Direct address type: Random (0x01)
        Direct address: XX:XX:XX:XX:XX:XX (Non-Resolvable)
        RSSI: -54 dBm (0xca)

So this attempts to mitigate the above problem by skipping checking of
direct_addr if local privacy is not enabled.

Link: https://github.com/bluez/bluez/issues/1138


Fixes: e209e5cc ("Bluetooth: MGMT: Mark LL Privacy as stable")
Signed-off-by: default avatarLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
parent 1f77c054

net/bluetooth/hci_event.c

+10 −7
Original line number Diff line number Diff line
@@ -6060,8 +6060,17 @@ static void process_adv_report(struct hci_dev *hdev, u8 type, bdaddr_t *bdaddr, 
	 * a LE Direct Advertising Report event. In that case it is

	 * important to see if the address is matching the local

	 * controller address.

	 *

	 * If local privacy is not enable the controller shall not be

	 * generating such event since according to its documentation it is only

	 * valid for filter_policy 0x02 and 0x03, but the fact that it did

	 * generate LE Direct Advertising Report means it is probably broken and

	 * won't generate any other event which can potentially break

	 * auto-connect logic so in case local privacy is not enable this

	 * ignores the direct_addr so it works as a regular report.

	 */

	if (!hci_dev_test_flag(hdev, HCI_MESH) && direct_addr) {

	if (!hci_dev_test_flag(hdev, HCI_MESH) && direct_addr &&

	    hci_dev_test_flag(hdev, HCI_PRIVACY)) {

		direct_addr_type = ev_bdaddr_type(hdev, direct_addr_type,

						  &bdaddr_resolved);
@@ -6071,12 +6080,6 @@ static void process_adv_report(struct hci_dev *hdev, u8 type, bdaddr_t *bdaddr, 
		if (!hci_bdaddr_is_rpa(direct_addr, direct_addr_type))

			return;



		/* If the controller is not using resolvable random

		 * addresses, then this report can be ignored.

		 */

		if (!hci_dev_test_flag(hdev, HCI_PRIVACY))

			return;



		/* If the local IRK of the controller does not match

		 * with the resolvable random address provided, then

		 * this report can be ignored.