Re: [PATCH] net: bluetooth: fix consistent connection failure caused by the loss of HCI_Connection_Complete event

From: Luiz Augusto von Dentz
Date: Wed Aug 23 2023 - 17:27:10 EST

Next message: Rob Herring: "Re: [PATCH] MAINTAINERS: pps: Update pps-gpio bindings location"
Previous message: John Stultz: "Re: [PATCH v5 13/19] sched: Split out __sched() deactivate task logic into a helper"
In reply to: Xin-Yu Liu: "[PATCH] net: bluetooth: fix consistent connection failure caused by the loss of HCI_Connection_Complete event"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Wed, Aug 23, 2023 at 5:52 AM Xin-Yu Liu <by2239112@xxxxxxxxxxx> wrote:
>
> During a connection attempt, if the HCI_Connection_Complete event
> is lost and not received by the Host, it will result in
> a connection failure.
>
> In that process, the hci_conn, the handle of which is still
> HCI_CONN_HANDLE_UNSET, will not be removed from the conn_hash
> as it would during a regular disconnection opration.
> Consequently, when an ACL connection is initiated for the same device,
> the hci_conn is found in hash_conn based on "ba", with its state remaining
> BT_CONNECT. Then the Host will send an HCI_Create_Connection_Cancel
> command, which will result in subsequent Bluetooth connections
> for the same device consistently failing.
>
> In order to solve the potential bug, if the hci_conn's state is
> BT_CONNECT and handle is HCI_CONN_HANDLE_UNSET, remove this hci_conn
> from conn_hash. This adjustment could potentially help ensure that the
> specific conn is cleaned up at the appropriate times, then the subsequent
> connection for the same device will no longer experience failures.
>
> Signed-off-by: Xin-Yu Liu <by2239112@xxxxxxxxxxx>
> ---
> net/bluetooth/hci_conn.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
> index 76222565e..219c62579 100644
> --- a/net/bluetooth/hci_conn.c
> +++ b/net/bluetooth/hci_conn.c
> @@ -2886,6 +2886,10 @@ int hci_abort_conn(struct hci_conn *conn, u8 reason)
> } else if (conn->type == ACL_LINK) {
> if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
> break;
> + if (conn->state == HCI_CONN_HANDLE_UNSET) {
> + hci_conn_cleanup(conn);
> + break;
> + }

This won't apply upstream if you are wondering why CI hasn't managed
to pick it up, this should be fixed by the following line if
connection cannot be aborted:

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/tree/net/bluetooth/hci_sync.c?id=c452805643ff9762626f2c87c2640ab7c7099eb8#n5432

> r = hci_send_cmd(conn->hdev,
> HCI_OP_CREATE_CONN_CANCEL,
> 6, &conn->dst);
> --
> 2.25.1
>

--
Luiz Augusto von Dentz

Next message: Rob Herring: "Re: [PATCH] MAINTAINERS: pps: Update pps-gpio bindings location"
Previous message: John Stultz: "Re: [PATCH v5 13/19] sched: Split out __sched() deactivate task logic into a helper"
In reply to: Xin-Yu Liu: "[PATCH] net: bluetooth: fix consistent connection failure caused by the loss of HCI_Connection_Complete event"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]