Bluetooth: Fix mgmt response status when removing adapter

When an adapter is removed (hci_unregister_dev) any pending mgmt
commands for that adapter should get the appropriate INVALID_INDEX
response. Since hci_unregister_dev() calls hci_dev_do_close() first
that'd so far have caused "not powered" responses to be sent.

Skipping the HCI_UNREGISTER case in mgmt_powered() is also not a
solution since before reaching the mgmt_index_removed() stage any
hci_conn callbacks (e.g. used by pairing) will get called, thereby
causing "disconnected" status responses to be sent.

The fix that covers all scenarios is to handle both INVALID_INDEX and
NOT_POWERED responses through the mgmt_powered() function. The
INVALID_INDEX response sending from mgmt_index_removed() is left
untouched since there are a couple of places not related to powering off
or removing an adapter that call it (e.g. configuring a new bdaddr).

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 1e33880..23a0ca5 100644 (file)
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -6151,8 +6151,7 @@ static int powered_update_hci(struct hci_dev *hdev)
 int mgmt_powered(struct hci_dev *hdev, u8 powered)
 {
        struct cmd_lookup match = { NULL, hdev };
-       u8 status_not_powered = MGMT_STATUS_NOT_POWERED;
-       u8 zero_cod[] = { 0, 0, 0 };
+       u8 status, zero_cod[] = { 0, 0, 0 };
        int err;
 
        if (!test_bit(HCI_MGMT, &hdev->dev_flags))
@@ -6168,7 +6167,20 @@ int mgmt_powered(struct hci_dev *hdev, u8 powered)
        }
 
        mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
-       mgmt_pending_foreach(0, hdev, cmd_complete_rsp, &status_not_powered);
+
+       /* If the power off is because of hdev unregistration let
+        * use the appropriate INVALID_INDEX status. Otherwise use
+        * NOT_POWERED. We cover both scenarios here since later in
+        * mgmt_index_removed() any hci_conn callbacks will have already
+        * been triggered, potentially causing misleading DISCONNECTED
+        * status responses.
+        */
+       if (test_bit(HCI_UNREGISTER, &hdev->dev_flags))
+               status = MGMT_STATUS_INVALID_INDEX;
+       else
+               status = MGMT_STATUS_NOT_POWERED;
+
+       mgmt_pending_foreach(0, hdev, cmd_complete_rsp, &status);
 
        if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
                mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,