Home | History | Annotate | Download | only in netbt
History log of /src/sys/netbt/hci.h
RevisionDateAuthorComments
 1.47  19-Aug-2025  plunky fix copy-paste error. Sniff Subrating command should be 0x000811
 1.46  28-Sep-2019  plunky When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506

https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
 1.45  25-Jul-2018  kamil branches: 1.45.4;
Appease GCC in hci_filter_test()

Cast the returned value from hci_filter_test explicitly to int, as
requested by GCC when building with Undefined Behavior Sanitizer.
 1.44  21-Dec-2017  plunky branches: 1.44.2; 1.44.4;
add HCI_SPEC_50
 1.43  28-Jan-2017  jakllsch branches: 1.43.6;
avoid -Werror=sign-conversion
 1.42  28-Jan-2017  christos factor out common subexpressions.
 1.41  28-Nov-2015  plunky branches: 1.41.2; 1.41.4;
add version and extended feature flags defined in 4.2 specification,
add cache for page 2 of extended features and return this in
the SIOCGBTFEAT ioctl (no change in size)
 1.40  06-Sep-2015  dholland More on PR 41200: headers that declare ioctls should include sys/ioccom.h.
This covers (I think) all the MI headers outside of external/ (and dist/).
 1.39  01-Jul-2014  rtr branches: 1.39.2; 1.39.4; 1.39.6; 1.39.10;
fix parameter types in pr_ioctl, called xx_control() functions and remove
abuse of pointer to struct mbuf type.

param2 changed to u_long type and uses parameter name 'cmd' (ioctl command)
param3 changed to void * type and uses parameter name 'data'
param4 changed to struct ifnet * and uses parameter name 'ifp'
param5 has been removed (formerly struct lwp *) and uses of 'l' have been
replaced with curlwp from curproc(9).

callers have had (now unnecessary) casts to struct mbuf * removed, called
code has had (now unnecessary) casts to u_long, void * and struct ifnet *
respectively removed.

reviewed by rmind@
 1.38  22-Jun-2014  rtr * split PRU_CONTROL functionality out of xxx_userreq() switches and place
into separate xxx_ioctl() functions.
* place KASSERT(req != PRU_CONTROL) inside xxx_userreq() as it is now
inappropriate for req = PRU_CONTROL in xxx_userreq().
* replace calls to pr_generic() with req = PRU_CONTROL with pr_ioctl().
* remove & fixup references to PRU_CONTROL xxx_userreq() function comments.
* fix various comments references for xxx_userreq() that mentioned
PRU_CONTROL as xxx_userreq() no longer handles the request.

a further change will follow to fix parameter and naming inconsistencies
retained from original code.

Reviewed by rmind@
 1.37  20-May-2014  rmind netbt: rename some attach/detach functions to have _pcb suffix, so
we could use standard attach/detach naming for pr_usrreq functions.
No functional change.
 1.36  18-May-2014  rmind Add struct pr_usrreqs with a pr_generic function and prepare for the
dismantling of pr_usrreq in the protocols; no functional change intended.
PRU_ATTACH/PRU_DETACH changes will follow soon.

Bump for struct protosw. Welcome to 6.99.62!
 1.35  17-Sep-2011  plunky branches: 1.35.12; 1.35.16; 1.35.26;
const lookup argument
 1.34  22-Nov-2010  plunky upon device initialisation, query and cache the device features,
and cache the maximum ACL/SCO packet buffers.

provide an additional SIOCGBTFEAT ioctl to retrieve the cached
features, and add the max values to the SIOC?BTINFO results.

(btreq does not change size)
 1.33  11-Sep-2009  plunky branches: 1.33.4;
add feature bits from 3.0 specification
 1.32  01-Sep-2009  plunky update/correct specification IDs according to recently published
Assigned Numbers documents at www.bluetooth.com
 1.31  20-Aug-2009  plunky add a per-unit master setting, to control requesting the master role
when accepting connections.
 1.30  10-Aug-2009  plunky remove last usage of KAUTH_ISSUSER in bluetooth code by adding
some requests to the device scope:

KAUTH_DEVICE_BLUETOOTH_SEND_COMMAND
KAUTH_DEVICE_BLUETOOTH_RECV_COMMAND
KAUTH_DEVICE_BLUETOOTH_RECV_EVENT
KAUTH_DEVICE_BLUETOOTH_RECV_DATA

and a listener tied to the HCI protocol that will approve the basic
minimum to be sent and received.

handle the requests in the bsd44_suser listener by approving all
when the credential is root.
 1.29  14-May-2009  plunky add const to unchanged argument
 1.28  08-Sep-2008  gmcgarry branches: 1.28.8;
Replace most gcc-specific __attribute__ uses with BSD-style sys/cdef.h
preprocessor macros.
 1.27  06-Aug-2008  plunky Convert socket options code to use a sockopt structure
instead of laying everything into an mbuf.

approved by core
 1.26  24-Apr-2008  ad branches: 1.26.2; 1.26.4; 1.26.8;
Merge the socket locking patch:

- Socket layer becomes MP safe.
- Unix protocols become MP safe.
- Allows protocol processing interrupts to safely block on locks.
- Fixes a number of race conditions.

With much feedback from matt@ and plunky@.
 1.25  17-Mar-2008  plunky branches: 1.25.2;
move the updating of num_cmd_pkts to its own function, mostly so that
pending commands will be output on the device in the order that they
were queued.
 1.24  16-Mar-2008  plunky we always know the bdaddr and type of a link when creating it, so
pass them to the _alloc() function and let it set them.
 1.23  06-Mar-2008  plunky a "Create Connection" command can sometimes fail to start for whatever
reason and the command_status event returns failure but we get no
indication of which connection failed (for instance in the case where
we tried to open too many connections all at once)

So, keep a flag on the link to indicate pending status until the
command_status event is returned to help us decide which should
be failed.
 1.22  10-Feb-2008  plunky branches: 1.22.2; 1.22.6;
add HCI definitions from the Bluetooth 2.1 spec
 1.21  30-Dec-2007  plunky request and keep a mask of supported commands per unit in order
to block unsupported HCI commands sent by unprivileged users
reaching the device.
 1.20  29-Dec-2007  plunky remove unused def for btr_uclass
 1.19  28-Nov-2007  plunky branches: 1.19.6;
Clean up the way that bluetooth drivers attach to the bluetooth stack,
to remove the frobbing that drivers must do in the hci_unit structure.

- driver provides a static const interface descriptor
- hci_unit is allocated by hci_attach() rather than part of softc
- statistics are compiled by driver and provided on request
- driver provides output methods and is responsible for output queue
- stack provides input methods and is responsible for input queue
- mutex is used to arbitrate device queue access
 1.18  12-Nov-2007  plunky include <sys/device.h> for device_t
 1.17  10-Nov-2007  plunky use more device_t and device_xxx() accessors

make bluetooth stack keep device_t instead of softc pointer as
device is not necessarily part of softc, and pass device_t to
driver callbacks. hci_devname is no longer required.
 1.16  10-Nov-2007  plunky 'struct device *' -> 'device-t'
 1.15  03-Nov-2007  plunky branches: 1.15.2;
"struct callout" -> callout_t
don't use callout_reset()
do use callout_destroy()
 1.14  02-Nov-2007  plunky constify hci_devname
 1.13  16-Sep-2007  plunky branches: 1.13.4;
improve memo taking of known bluetooth devices

- centralise creation of new memo into function
hci_memo_new(), when a memo exists for that address,
just update the timestamp.

- all results of inquiry/rssi result are processed; even
if no memo can be allocated, we may update a timestamp.

- for new connections, query the clock offset of the remote
device, in order that we can use it to facilitate future
reconnections

- as a connection is removed, make a memo of the clock offset
 1.12  07-Sep-2007  plunky add event processing for "Inquiry result with RSSI", and modify the memo
contents so that this will fit.
 1.11  07-Sep-2007  plunky adjust typedef name for consistency with other parts, since hci_rssi_response
is only a packet segment it should not be in _ep namespace.
 1.10  21-Apr-2007  plunky branches: 1.10.2; 1.10.6; 1.10.8;
Add 'service level' security for L2CAP and RFCOMM connections, following
the Linux (BlueZ) API.

- L2CAP or RFCOMM connections can require the baseband radio link
mode be any of:
authenticated (devices are paired)
encrypted (implies authentication)
secured (encryption, plus generate new link key)

- for sockets, the mode is set using setsockopt(2) and the socket
connection will be aborted if the mode change fails.

- mode settings will be applied during connection establishment, and
for safety, we enter a wait state and will only proceed when the mode
settings are successfuly set.

- It is possible to change the mode on already open connections, but
not possible to guarantee that data already queued (from either end)
will not be delivered. (this is a feature, not a bug)

- bthidev(4) and rfcomm_sppd(1) support "auth", "encrypt" and
"secure" options

- btdevctl(8) by default enables "auth" for HIDs, and "encrypt" for
keyboards (which are required to support it)
 1.9  20-Feb-2007  kiyohara branches: 1.9.4; 1.9.6;
Supprot Bluetooth HCI UART (H4) driver and daemon.
 1.8  21-Dec-2006  yamt branches: 1.8.2;
merge yamt-splraiseipl branch.

- finish implementing splraiseipl (and makeiplcookie).
http://mail-index.NetBSD.org/tech-kern/2006/07/01/0000.html
- complete workqueue(9) and fix its ipl problem, which is reported
to cause audio skipping.
- fix netbt (at least compilation problems) for some ports.
- fix PR/33218.
 1.7  16-Nov-2006  christos branches: 1.7.2; 1.7.4;
__unused removal on arguments; approved by core.
 1.6  01-Oct-2006  plunky Reduce memory usage by not allocating a chunk for a bitmask.
 1.5  10-Sep-2006  plunky branches: 1.5.2;
update to bluetooth device attachment:

remove pseudo-device btdev(4) and inherent limitations

add bthub(4) which autoconfigures at bluetooth controllers as they
are enabled. bluetooth devices now attach here.

btdevctl(8) and its cache is updated to handle new semantics

etc/rc.d/btdevctl is updated to configure devices from a list
in /etc/bluetooth/btdevctl.conf
 1.4  27-Aug-2006  plunky branches: 1.4.2; 1.4.4;
BluetootH SCO Audio update.

Provide an ioctl to set the SCO mtu value in the controller and
place limits in the SCO code such that only packets of this size
may be sent.

Move the mtu option from btsco(4) and btdevctl(8), to the
btconfig(8) program.

Remove temporary BLUETOOTH_SCO kernel option, and enable SCO
socket access.

Fix incoming connection handling for btsco(4) and SCO sockets.

Fix documentation to reflect the new world order.
 1.3  26-Jul-2006  tron branches: 1.3.2;
Bluetooth fixes by Iain Hibbert:
- Clarify some deprecated commands from the 2.0 spec.
 1.2  23-Jul-2006  ad Use the LWP cached credentials where sane.
 1.1  19-Jun-2006  gdamore branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8;
Initial import of bluetooth stack on behalf of Iain Hibbert. (plunky@,
NetBSD Foundation Membership still pending.) This stack was written by
Iain under sponsorship from Itronix Inc.

The stack includes support for rfcomm networking (networking via your
bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets.

Drivers for both PCMCIA and USB bluetooth controllers are included.
 1.1.8.2  13-Jul-2006  gdamore Merge from HEAD.
 1.1.8.1  19-Jun-2006  gdamore file hci.h was added on branch gdamore-uart on 2006-07-13 17:49:58 +0000
 1.1.6.5  14-Sep-2006  yamt sync with head.
 1.1.6.4  03-Sep-2006  yamt sync with head.
 1.1.6.3  11-Aug-2006  yamt sync with head
 1.1.6.2  26-Jun-2006  yamt sync with head.
 1.1.6.1  19-Jun-2006  yamt file hci.h was added on branch yamt-pdpolicy on 2006-06-26 12:53:57 +0000
 1.1.4.2  22-Jun-2006  chap Complete a sync sys/ with head.
 1.1.4.1  19-Jun-2006  chap file hci.h was added on branch chap-midi on 2006-06-22 03:39:50 +0000
 1.1.2.12  24-Mar-2008  yamt sync with head.
 1.1.2.11  17-Mar-2008  yamt sync with head.
 1.1.2.10  11-Feb-2008  yamt sync with head.
 1.1.2.9  21-Jan-2008  yamt sync with head
 1.1.2.8  07-Dec-2007  yamt sync with head
 1.1.2.7  15-Nov-2007  yamt sync with head.
 1.1.2.6  27-Oct-2007  yamt sync with head.
 1.1.2.5  03-Sep-2007  yamt sync with head.
 1.1.2.4  26-Feb-2007  yamt sync with head.
 1.1.2.3  30-Dec-2006  yamt sync with head.
 1.1.2.2  21-Jun-2006  yamt sync with head.
 1.1.2.1  19-Jun-2006  yamt file hci.h was added on branch yamt-lazymbuf on 2006-06-21 15:10:51 +0000
 1.3.2.2  14-Sep-2006  riz Pull up following revision(s) (requested by plunky in ticket #161):
sys/dev/bluetooth/btdev.h: revision 1.4
distrib/sets/lists/comp/mi: revision 1.922
usr.sbin/postinstall/postinstall: revision 1.25
sys/netbt/hci_unit.c: revision 1.3
sys/netbt/hci_ioctl.c: revision 1.4
usr.sbin/sdpd/profile.c: revision 1.2
usr.sbin/btdevctl/btdevctl.c: revision 1.2
share/man/man4/Makefile: revision 1.405
distrib/sets/lists/man/mi: revision 1.930
distrib/sets/lists/etc/mi: revision 1.176
usr.sbin/sdpd/profile.c: revision 1.3
usr.sbin/btdevctl/btdevctl.c: revision 1.3
etc/MAKEDEV.tmpl: revision 1.62
distrib/sets/lists/base/mi: revision 1.650
usr.sbin/btdevctl/btdevctl.h: revision 1.2
usr.bin/sdpquery/sdpquery.1: revision 1.4
sys/netbt/rfcomm_session.c: revision 1.2
usr.sbin/btdevctl/btdevctl.8: revision 1.3
usr.bin/sdpquery/search.c: revision 1.2
usr.sbin/sdpd/Makefile: revision 1.2
sys/dev/bluetooth/Makefile: revision 1.3
usr.sbin/btdevctl/cfg.c: file removal
sys/netbt/files.netbt: revision 1.4
usr.sbin/btdevctl/sdp.c: revision 1.1
sys/dev/bluetooth/bthidev.c: revision 1.3
etc/bluetooth/Makefile: revision 1.3
sys/dev/pcmcia/files.pcmcia: revision 1.51
sys/dev/bluetooth/bthidev.c: revision 1.4
sys/dev/bluetooth/bthidev.h: revision 1.3
usr.sbin/btdevctl/dev.c: file removal
sys/dev/bluetooth/files.bluetooth: revision 1.10
sys/arch/i386/conf/GENERIC: revision 1.777
share/man/man4/ubt.4: revision 1.6
share/man/man4/bthub.4: revision 1.3
sys/netbt/hci.h: revision 1.5
sys/arch/i386/conf/GENERIC_LAPTOP: revision 1.202
lib/libsdp/sdp.h: revision 1.2
usr.sbin/btdevctl/print.c: revision 1.1
share/man/man4/bthidev.4: revision 1.5
share/man/man4/btdev.4: file removal
usr.sbin/btdevctl/print.c: revision 1.2
sys/arch/i386/conf/GENERIC_LAPTOP: revision 1.205
usr.sbin/btdevctl/Makefile: revision 1.2
sys/dev/usb/files.usb: revision 1.70
sys/netbt/l2cap_signal.c: revision 1.2
sys/netbt/hci_link.c: revision 1.4
sys/dev/bluetooth/bthub.c: revision 1.3
share/man/man4/btsco.4: revision 1.5
sys/netbt/hci_link.c: revision 1.5
share/man/man4/btdev.4: revision 1.4
sys/dev/bluetooth/btkbd.c: revision 1.3
sys/dev/bluetooth/btdev.c: file removal
sys/netbt/hci_event.c: revision 1.2
sys/dev/bluetooth/btsco.h: revision 1.2
etc/mtree/special: revision 1.101
sys/dev/bluetooth/btsco.c: revision 1.3
sys/conf/majors: revision 1.27
usr.sbin/sdpd/hf.c: revision 1.1
sys/dev/bluetooth/btsco.c: revision 1.4
share/man/man5/rc.conf.5: revision 1.107
sys/dev/bluetooth/btdev.c: revision 1.2
etc/rc.d/btdevctl: revision 1.2
usr.sbin/btdevctl/db.c: revision 1.1
etc/rc.d/btdevctl: revision 1.3
etc/bluetooth/btdevctl.conf: revision 1.1
usr.sbin/btdevctl/hid.c: file removal
sys/arch/i386/conf/GENERIC: revision 1.781
sys/dev/bluetooth/btdev.h: revision 1.3
Make btdev default count explicit
Fix typo in variable name
update to bluetooth device attachment:
remove pseudo-device btdev(4) and inherent limitations
add bthub(4) which autoconfigures at bluetooth controllers as they
are enabled. bluetooth devices now attach here.
btdevctl(8) and its cache is updated to handle new semantics
etc/rc.d/btdevctl is updated to configure devices from a list
in /etc/bluetooth/btdevctl.conf
also include service name in dictionary being sent to kernel.
(this is not used just yet, but it might be in the future and it will
be easier if we dont have to provide code to handle its absence)
clarify the CAVEAT section somewhat
Add service discovery support for the Handsfree profile
Replace static 'FreeBSD' string with operating system name gleaned
from uname(3)
Halt the callout on detach
btsco.c:
- sco_getopt(..., SO_SCO_MTU, ...) expects the address of a uint16_t,
not an int. So change sc_mtu's type to uint16_t.
- Try a little harder to ensure btsco_round_blocksize() does not
return zero. Prevents a subsequent panic in audio_init_ringbuffer().
from scw@
Endian issues:
hci_event.c:
- Convert memo->response.clock_offset to host-endian.
hci_ioctl.c:
- printf format tweak (size_t)
hci_link.c:
- Convert memo->response.clock_offset from host-endian.
- Tweak a DIAGNOSTIC message.
l2cap_signal.c:
- In l2cap_recv_config_req(), rp->scid is little-endian so make sure
we convert from host-endian.
from scw@
hci_link.c:
- In hci_link_free(), do not unlink items from a LIST queue within
a LIST_FOREACH() iterator.
rfcomm_session.c:
- In rfcomm_session_recv_mcc_nsc(), do not unlink items from a LIST
queue within a LIST_FOREACH() iterator.
from scw@
guard against a possible situation where the list of l2cap channels is changed
when the bluetooth code is not expecting it to be. During a disconnect, we can
detach the channel that is being disconnected, but its not really safe to detach
any others.
Print explicit 64-bit types using the format macros from int_fmtio.h.
Unbreaks the build for our LP64 ports, where "long long" typically is
not 64 bits.
 1.3.2.1  07-Sep-2006  tron Pull up following revision(s) (requested by plunky in ticket #81):
sys/netbt/sco_upper.c: revision 1.2
usr.sbin/btconfig/btconfig.c: revision 1.3
sys/netbt/hci_ioctl.c: revision 1.3
usr.sbin/btconfig/btconfig.8: revision 1.4
usr.sbin/btdevctl/btdevctl.8: revision 1.2
sys/netbt/files.netbt: revision 1.3
sys/netbt/bt_proto.c: revision 1.2
share/man/man4/ubt.4: revision 1.4
usr.sbin/btdevctl/cfg.c: revision 1.3
sys/netbt/hci.h: revision 1.4
share/man/man4/bluetooth.4: revision 1.2
share/man/man4/btsco.4: revision 1.4
sys/dev/bluetooth/btsco.c: revision 1.2
sys/netbt/bt_sysctl.c: revision 1.2
BluetootH SCO Audio update.
Provide an ioctl to set the SCO mtu value in the controller and
place limits in the SCO code such that only packets of this size
may be sent.
Move the mtu option from btsco(4) and btdevctl(8), to the
btconfig(8) program.
Remove temporary BLUETOOTH_SCO kernel option, and enable SCO
socket access.
Fix incoming connection handling for btsco(4) and SCO sockets.
Fix documentation to reflect the new world order.
 1.4.4.2  09-Sep-2006  rpaulo sync with head
 1.4.4.1  27-Aug-2006  rpaulo file hci.h was added on branch rpaulo-netinet-merge-pcb on 2006-09-09 02:58:38 +0000
 1.4.2.2  12-Jan-2007  ad Sync with head.
 1.4.2.1  18-Nov-2006  ad Sync with head.
 1.5.2.3  10-Dec-2006  yamt sync with head.
 1.5.2.2  22-Oct-2006  yamt sync with head
 1.5.2.1  18-Sep-2006  yamt adapt to new api.
 1.7.4.2  23-Sep-2007  wrstuden Sync with somewhat-recent netbsd-4.
 1.7.4.1  03-Sep-2007  wrstuden Sync w/ NetBSD-4-RC_1
 1.7.2.2  11-Sep-2007  msaitoh Pull up rev. 1.11 (requested by plunky in ticket #871):

adjust typedef name for consistency with other parts, since hci_rssi_response
is only a packet segment it should not be in _ep namespace.
 1.7.2.1  19-Jul-2007  liamjfoy Pull up following revision(s) (requested by plunky in ticket #744):
sys/netbt/l2cap_lower.c: revision 1.6
sys/dev/bluetooth/btdev.h: revision 1.6
sys/netbt/sco_socket.c: revision 1.9
sys/netbt/rfcomm_upper.c: revision 1.3
sys/netbt/l2cap_socket.c: revision 1.7
sys/netbt/rfcomm_upper.c: revision 1.5
lib/libusbhid/usbhid.h: revision 1.5
sys/netbt/rfcomm_upper.c: revision 1.6
usr.sbin/btdevctl/btdevctl.c: revision 1.4
usr.sbin/btdevctl/btdevctl.h: revision 1.3
usr.sbin/btdevctl/btdevctl.8: revision 1.4
sys/netbt/rfcomm_session.c: revision 1.5
sys/netbt/hci.h: revision 1.10
usr.bin/rfcomm_sppd/rfcomm_sppd.c: revision 1.6
sys/netbt/hci_link.c: revision 1.11
usr.bin/rfcomm_sppd/rfcomm_sppd.c: revision 1.7
usr.bin/rfcomm_sppd/rfcomm_sppd.c: revision 1.8
sys/dev/bluetooth/btsco.c: revision 1.14
sys/netbt/rfcomm_session.c: revision 1.9
usr.sbin/btdevctl/sdp.c: revision 1.2
share/man/man9/bluetooth.9: revision 1.2
usr.sbin/btdevctl/sdp.c: revision 1.3
sys/dev/bluetooth/bthidev.c: revision 1.8
sys/netbt/l2cap.h: revision 1.4
sys/netbt/rfcomm.h: revision 1.3
sys/netbt/l2cap.h: revision 1.5
sys/netbt/l2cap_misc.c: revision 1.3
share/man/man4/bluetooth.4: revision 1.5
lib/libusbhid/usbhid.3: revision 1.11
sys/netbt/bluetooth.h: revision 1.5
share/man/man4/bthidev.4: revision 1.8
sys/netbt/rfcomm_dlc.c: revision 1.3
usr.sbin/btdevctl/print.c: revision 1.8
sys/netbt/rfcomm_socket.c: revision 1.7
sys/netbt/l2cap_signal.c: revision 1.4
sys/netbt/l2cap_signal.c: revision 1.5
sys/netbt/l2cap_signal.c: revision 1.7
sys/netbt/hci_event.c: revision 1.6
usr.bin/rfcomm_sppd/rfcomm_sppd.1: revision 1.5
sys/netbt/l2cap_upper.c: revision 1.3
sys/netbt/l2cap_lower.c: revision 1.2
usr.sbin/btdevctl/db.c: revision 1.3
sys/netbt/l2cap_upper.c: revision 1.6
lib/libusbhid/descr.c: revision 1.5
sys/netbt/l2cap_upper.c: revision 1.7
sys/netbt/l2cap_lower.c: revision 1.4
Add 'service level' security for L2CAP and RFCOMM connections, following
the Linux (BlueZ) API.
- L2CAP or RFCOMM connections can require the baseband radio link
mode be any of:
authenticated (devices are paired)
encrypted (implies authentication)
secured (encryption, plus generate new link key)
- for sockets, the mode is set using setsockopt(2) and the socket
connection will be aborted if the mode change fails.
- mode settings will be applied during connection establishment, and
for safety, we enter a wait state and will only proceed when the mode
settings are successfuly set.
- It is possible to change the mode on already open connections, but
not possible to guarantee that data already queued (from either end)
will not be delivered. (this is a feature, not a bug)
- bthidev(4) and rfcomm_sppd(1) support "auth", "encrypt" and
"secure" options
- btdevctl(8) by default enables "auth" for HIDs, and "encrypt" for
keyboards (which are required to support it)
- ALSO INCLUDES OTHER MINOR FIXES
 1.8.2.2  07-May-2007  yamt sync with head.
 1.8.2.1  27-Feb-2007  yamt - sync with head.
- move sched_changepri back to kern_synch.c as it doesn't know PPQ anymore.
 1.9.6.1  11-Jul-2007  mjf Sync with head.
 1.9.4.2  09-Oct-2007  ad Sync with head.
 1.9.4.1  08-Jun-2007  ad Sync with head.
 1.10.8.3  23-Mar-2008  matt sync with HEAD
 1.10.8.2  09-Jan-2008  matt sync with HEAD
 1.10.8.1  06-Nov-2007  matt sync with HEAD
 1.10.6.5  03-Dec-2007  joerg Sync with HEAD.
 1.10.6.4  14-Nov-2007  joerg Sync with HEAD.
 1.10.6.3  11-Nov-2007  joerg Sync with HEAD.
 1.10.6.2  04-Nov-2007  jmcneill Sync with HEAD.
 1.10.6.1  02-Oct-2007  joerg Sync with HEAD.
 1.10.2.1  10-Sep-2007  skrll Sync with HEAD.
 1.13.4.1  13-Nov-2007  bouyer Sync with HEAD
 1.15.2.3  18-Feb-2008  mjf Sync with HEAD.
 1.15.2.2  08-Dec-2007  mjf Sync with HEAD.
 1.15.2.1  19-Nov-2007  mjf Sync with HEAD.
 1.19.6.1  02-Jan-2008  bouyer Sync with HEAD
 1.22.6.3  28-Sep-2008  mjf Sync with HEAD.
 1.22.6.2  02-Jun-2008  mjf Sync with HEAD.
 1.22.6.1  03-Apr-2008  mjf Sync with HEAD.
 1.22.2.1  24-Mar-2008  keiichi sync with head.
 1.25.2.1  18-May-2008  yamt sync with head.
 1.26.8.1  19-Oct-2008  haad Sync with HEAD.
 1.26.4.2  24-Sep-2008  wrstuden Merge in changes between wrstuden-revivesa-base-2 and
wrstuden-revivesa-base-3.
 1.26.4.1  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.26.2.4  16-Sep-2009  yamt sync with head
 1.26.2.3  19-Aug-2009  yamt sync with head.
 1.26.2.2  16-May-2009  yamt sync with head
 1.26.2.1  04-May-2009  yamt sync with head.
 1.28.8.1  23-Jul-2009  jym Sync with HEAD.
 1.33.4.1  05-Mar-2011  rmind sync with head
 1.35.26.1  10-Aug-2014  tls Rebase.
 1.35.16.1  28-Aug-2013  rmind Checkpoint work in progress:
- Initial split of the protocol user-request method into the following
methods: pr_attach, pr_detach and pr_generic for old the pr_usrreq.
- Adjust socreate(9) and sonewconn(9) to call pr_attach without the
socket lock held (as a preparation for the locking scheme adjustment).
- Adjust all pr_attach routines to assert that PCB is not set.
- Sprinkle various comments, document some routines and their locking.
- Remove M_PCB, replace with kmem(9).
- Fix few bugs spotted on the way.
 1.35.12.2  03-Dec-2017  jdolecek update from HEAD
 1.35.12.1  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.39.10.1  28-Sep-2019  martin Pull up following revision(s) (requested by plunky in ticket #1709):

sys/netbt/hci_event.c: revision 1.26
sys/netbt/hci.h: revision 1.46

When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
 1.39.6.1  28-Sep-2019  martin Pull up following revision(s) (requested by plunky in ticket #1709):

sys/netbt/hci_event.c: revision 1.26
sys/netbt/hci.h: revision 1.46

When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
 1.39.4.3  05-Feb-2017  skrll Sync with HEAD
 1.39.4.2  27-Dec-2015  skrll Sync with HEAD (as of 26th Dec)
 1.39.4.1  22-Sep-2015  skrll Sync with HEAD
 1.39.2.1  28-Sep-2019  martin Pull up following revision(s) (requested by plunky in ticket #1709):

sys/netbt/hci_event.c: revision 1.26
sys/netbt/hci.h: revision 1.46

When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
 1.41.4.1  21-Apr-2017  bouyer Sync with HEAD
 1.41.2.1  20-Mar-2017  pgoyette Sync with HEAD
 1.43.6.1  28-Sep-2019  martin Pull up following revision(s) (requested by plunky in ticket #1395):

sys/netbt/hci_event.c: revision 1.26
sys/netbt/hci.h: revision 1.46

When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
 1.44.4.2  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411
 1.44.4.1  10-Jun-2019  christos Sync with HEAD
 1.44.2.1  28-Jul-2018  pgoyette Sync with HEAD
 1.45.4.1  28-Sep-2019  martin Pull up following revision(s) (requested by plunky in ticket #260):

sys/netbt/hci_event.c: revision 1.26
sys/netbt/hci.h: revision 1.46

When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/

RSS XML Feed