From 0861c8c834dc01d796c50f2a7bf17554e228c46c Mon Sep 17 00:00:00 2001 From: Joakim Andersson Date: Wed, 15 Jan 2020 14:30:27 +0100 Subject: [PATCH] Bluetooth: host: Disconnect connection if no conn object is available When receiving a connection complete event but no connection object are available in the host something strange has happened. In this case the controller might have a connection that cannot be controlled by the application. It would then be sensible to disconnect this connection in the controller. Signed-off-by: Joakim Andersson --- subsys/bluetooth/host/conn.c | 17 +++-------------- subsys/bluetooth/host/hci_core.c | 18 ++++++++++++++++++ subsys/bluetooth/host/hci_core.h | 2 ++ 3 files changed, 23 insertions(+), 14 deletions(-) diff --git a/subsys/bluetooth/host/conn.c b/subsys/bluetooth/host/conn.c index 485130d97c3..8bdd73570a8 100644 --- a/subsys/bluetooth/host/conn.c +++ b/subsys/bluetooth/host/conn.c @@ -1978,22 +1978,11 @@ int bt_conn_get_remote_info(struct bt_conn *conn, } } -static int bt_hci_disconnect(struct bt_conn *conn, u8_t reason) +static int conn_disconnect(struct bt_conn *conn, u8_t reason) { - struct net_buf *buf; - struct bt_hci_cp_disconnect *disconn; int err; - buf = bt_hci_cmd_create(BT_HCI_OP_DISCONNECT, sizeof(*disconn)); - if (!buf) { - return -ENOBUFS; - } - - disconn = net_buf_add(buf, sizeof(*disconn)); - disconn->handle = sys_cpu_to_le16(conn->handle); - disconn->reason = reason; - - err = bt_hci_cmd_send(BT_HCI_OP_DISCONNECT, buf); + err = bt_hci_disconnect(conn->handle, reason); if (err) { return err; } @@ -2088,7 +2077,7 @@ int bt_conn_disconnect(struct bt_conn *conn, u8_t reason) return 0; case BT_CONN_CONNECTED: - return bt_hci_disconnect(conn, reason); + return conn_disconnect(conn, reason); case BT_CONN_DISCONNECT: return 0; case BT_CONN_DISCONNECTED: diff --git a/subsys/bluetooth/host/hci_core.c b/subsys/bluetooth/host/hci_core.c index 92bc96c45da..a792b19ebfd 100644 --- a/subsys/bluetooth/host/hci_core.c +++ b/subsys/bluetooth/host/hci_core.c @@ -888,6 +888,23 @@ int bt_le_direct_conn(const struct bt_conn *conn) } #endif /* CONFIG_BT_CENTRAL */ +int bt_hci_disconnect(u16_t handle, u8_t reason) +{ + struct net_buf *buf; + struct bt_hci_cp_disconnect *disconn; + + buf = bt_hci_cmd_create(BT_HCI_OP_DISCONNECT, sizeof(*disconn)); + if (!buf) { + return -ENOBUFS; + } + + disconn = net_buf_add(buf, sizeof(*disconn)); + disconn->handle = sys_cpu_to_le16(handle); + disconn->reason = reason; + + return bt_hci_cmd_send(BT_HCI_OP_DISCONNECT, buf); +} + static void hci_disconn_complete(struct net_buf *buf) { struct bt_hci_evt_disconn_complete *evt = (void *)buf->data; @@ -1283,6 +1300,7 @@ static void enh_conn_complete(struct bt_hci_evt_le_enh_conn_complete *evt) if (!conn) { BT_ERR("Unable to add new conn for handle %u", handle); + bt_hci_disconnect(handle, BT_HCI_ERR_MEM_CAPACITY_EXCEEDED); return; } diff --git a/subsys/bluetooth/host/hci_core.h b/subsys/bluetooth/host/hci_core.h index efd1f969c34..92df9da1947 100644 --- a/subsys/bluetooth/host/hci_core.h +++ b/subsys/bluetooth/host/hci_core.h @@ -181,6 +181,8 @@ extern struct bt_dev bt_dev; extern const struct bt_conn_auth_cb *bt_auth; #endif /* CONFIG_BT_SMP || CONFIG_BT_BREDR */ +int bt_hci_disconnect(u16_t handle, u8_t reason); + bool bt_le_conn_params_valid(const struct bt_le_conn_param *param); int bt_le_scan_update(bool fast_scan);