kernel/drivers/bluetooth/btwilink.c, branch linux-4.16.y

Bluetooth: Style fix - align block comments

2017-07-22T06:39:39Z

Fixed alignment of all block comments. Found using checkpatch Signed-off-by: Derek Robson Signed-off-by: Marcel Holtmann

Bluetooth: btwilink: remove unnecessary static in bt_ti_probe()

2017-07-20T09:18:45Z

Remove unnecessary static on local variable hst. Such variable is initialized before being used, on every execution path throughout the function. The static has no benefit and, removing it reduces the object file size. This issue was detected using Coccinelle and the following semantic patch: @bad exists@ position p; identifier x; type T; @@ static T x@p; ... x = <+...x...+> @@ identifier x; expression e; type T; position p != bad.p; @@ -static T x@p; ... when != x when strict ?x = e; In the following log you can see the difference in the object file size. This log is the output of the size command, before and after the code change: before: text data bss dec hex filename 4029 2528 128 6685 1a1d drivers/bluetooth/btwilink.o after: text data bss dec hex filename 4007 2472 64 6543 198f drivers/bluetooth/btwilink.o Signed-off-by: Gustavo A. R. Silva Signed-off-by: Marcel Holtmann

Bluetooth: btwilink: Fix unexpected skb free

2017-05-23T14:19:38Z

The caller (hci_core) still owns the skb in case of error, releasing it inside the send function can lead to use-after-free errors. Reported-by: Dan Carpenter Signed-off-by: Loic Poulain Signed-off-by: Marcel Holtmann

Bluetooth: btwilink: Fix probe return value

2016-10-20T08:14:49Z

Probe functions should return 0 on success. This driver's probe returns the value returned by hci_register_dev(), which is the hci index. This works for systems with only one hci device (id = 0) but for systems where the btwilink device ends up with an id larger than 0, things will start to fall apart. Make the probe function return 0 on success. Signed-off-by: Jacob Siverskog Signed-off-by: Marcel Holtmann

Bluetooth: btwilink: Save the packet type before sending

2016-09-22T20:18:59Z

Running with KASAN produces some messages: BUG: KASAN: use-after-free in ti_st_send_frame+0x9c/0x16c at addr ffffffc064868fe8 Read of size 1 by task kworker/u17:1/1266 Hardware name: HiKey Development Board (DT) Workqueue: hci0 hci_cmd_work Call trace: [] dump_backtrace+0x0/0x178 [] show_stack+0x20/0x28 [] dump_stack+0xa8/0xe0 [] print_trailer+0x110/0x174 [] object_err+0x4c/0x5c [] kasan_report_error+0x254/0x54c [] kasan_report+0x64/0x70 [] __asan_load1+0x4c/0x54 [] ti_st_send_frame+0x9c/0x16c [] hci_send_frame+0xb4/0x118 [] hci_cmd_work+0xcc/0x154 [] process_one_work+0x26c/0x7a4 [] worker_thread+0x9c/0x73c [] kthread+0x138/0x154 [] ret_from_fork+0x10/0x40 The packet is being accessed for statistics after it has been freed. Save the packet type before sending for statistics afterwards. Signed-off-by: Laura Abbott Signed-off-by: Marcel Holtmann

drivers: misc: ti-st: Use int instead of fuzzy char for callback status

2016-07-17T17:59:26Z

On mips and parisc: drivers/bluetooth/btwilink.c: In function 'ti_st_open': drivers/bluetooth/btwilink.c:174:21: warning: overflow in implicit constant conversion [-Woverflow] hst->reg_status = -EINPROGRESS; drivers/nfc/nfcwilink.c: In function 'nfcwilink_open': drivers/nfc/nfcwilink.c:396:31: warning: overflow in implicit constant conversion [-Woverflow] drv->st_register_cb_status = -EINPROGRESS; There are actually two issues: 1. Whether "char" is signed or unsigned depends on the architecture. As the completion callback data is used to pass a (negative) error code, it should always be signed. 2. EINPROGRESS is 150 on mips, 245 on parisc. Hence -EINPROGRESS doesn't fit in a signed 8-bit number. Change the callback status from "char" to "int" to fix these. Signed-off-by: Geert Uytterhoeven Acked-by: Mauro Carvalho Chehab Acked-by: Samuel Ortiz Signed-off-by: Marcel Holtmann

Bluetooth: Use new hci_skb_pkt_* wrappers for drivers

2015-11-19T16:50:27Z

The new hci_skb_pkt_* wrappers are mainly intented for drivers to require less knowledge about bt_cb(sbk) handling. So after converting the core packet handling, convert all drivers. Signed-off-by: Marcel Holtmann Signed-off-by: Johan Hedberg

Bluetooth: Move handling of HCI_RUNNING flag into core

2015-10-05T07:30:25Z

Setting and clearing of HCI_RUNNING flag in each and every driver is just duplicating the same code all over the place. So instead of having the driver do it in their hdev->open and hdev->close callbacks, set it globally in the core transport handling. Signed-off-by: Marcel Holtmann Signed-off-by: Johan Hedberg

Bluetooth: Move HCI_RUNNING check into hci_send_frame

2015-10-05T07:30:10Z

In all callbacks for hdev->send the status of HCI_RUNNING is checked. So instead of repeating that code in every driver, move the check into the hci_send_frame function before calling hdev->send. Signed-off-by: Marcel Holtmann Signed-off-by: Johan Hedberg

Bluetooth: btwilink: remove DEBUG define

2015-05-13T21:00:51Z

Remove the DEBUG define as the debug code; so can remove mass debug info from log buffer when using dmesg. Signed-off-by: Leo Yan Signed-off-by: Marcel Holtmann