net/bluetooth/hci_event.c | 35 ++++++++++++++++++++--------------- net/bluetooth/iso.c | 12 +++++++++--- 2 files changed, 29 insertions(+), 18 deletions(-)
From: Yang Li <yang.li@amlogic.com>
The iso_get_sock function adds dst address matching to
distinguish BIS and CIS sockets.
Link: https://github.com/bluez/bluez/issues/1224
Signed-off-by: Yang Li <yang.li@amlogic.com>
---
net/bluetooth/hci_event.c | 35 ++++++++++++++++++++---------------
net/bluetooth/iso.c | 12 +++++++++---
2 files changed, 29 insertions(+), 18 deletions(-)
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 66052d6aaa1d..c1f32e98ef8a 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -6413,6 +6413,8 @@ static void hci_le_pa_sync_estabilished_evt(struct hci_dev *hdev, void *data,
conn->sync_handle = le16_to_cpu(ev->handle);
conn->sid = HCI_SID_INVALID;
+ conn->dst = ev->bdaddr;
+ conn->dst_type = ev->bdaddr_type;
mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, BIS_LINK,
&flags);
@@ -6425,7 +6427,8 @@ static void hci_le_pa_sync_estabilished_evt(struct hci_dev *hdev, void *data,
goto unlock;
/* Add connection to indicate PA sync event */
- pa_sync = hci_conn_add_unset(hdev, BIS_LINK, BDADDR_ANY,
+
+ pa_sync = hci_conn_add_unset(hdev, BIS_LINK, &ev->bdaddr,
HCI_ROLE_SLAVE);
if (IS_ERR(pa_sync))
@@ -6456,13 +6459,6 @@ static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
hci_dev_lock(hdev);
- mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, BIS_LINK, &flags);
- if (!(mask & HCI_LM_ACCEPT))
- goto unlock;
-
- if (!(flags & HCI_PROTO_DEFER))
- goto unlock;
-
pa_sync = hci_conn_hash_lookup_pa_sync_handle
(hdev,
le16_to_cpu(ev->sync_handle));
@@ -6470,6 +6466,13 @@ static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
if (!pa_sync)
goto unlock;
+ mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
+ if (!(mask & HCI_LM_ACCEPT))
+ goto unlock;
+
+ if (!(flags & HCI_PROTO_DEFER))
+ goto unlock;
+
if (ev->data_status == LE_PA_DATA_COMPLETE &&
!test_and_set_bit(HCI_CONN_PA_SYNC, &pa_sync->flags)) {
/* Notify iso layer */
@@ -6993,6 +6996,8 @@ static void hci_le_big_sync_established_evt(struct hci_dev *hdev, void *data,
set_bit(HCI_CONN_PA_SYNC, &bis->flags);
bis->sync_handle = conn->sync_handle;
+ bis->dst = conn->dst;
+ bis->dst_type = conn->dst_type;
bis->iso_qos.bcast.big = ev->handle;
memset(&interval, 0, sizeof(interval));
memcpy(&interval, ev->latency, sizeof(ev->latency));
@@ -7038,13 +7043,6 @@ static void hci_le_big_info_adv_report_evt(struct hci_dev *hdev, void *data,
hci_dev_lock(hdev);
- mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, BIS_LINK, &flags);
- if (!(mask & HCI_LM_ACCEPT))
- goto unlock;
-
- if (!(flags & HCI_PROTO_DEFER))
- goto unlock;
-
pa_sync = hci_conn_hash_lookup_pa_sync_handle
(hdev,
le16_to_cpu(ev->sync_handle));
@@ -7054,6 +7052,13 @@ static void hci_le_big_info_adv_report_evt(struct hci_dev *hdev, void *data,
pa_sync->iso_qos.bcast.encryption = ev->encryption;
+ mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
+ if (!(mask & HCI_LM_ACCEPT))
+ goto unlock;
+
+ if (!(flags & HCI_PROTO_DEFER))
+ goto unlock;
+
/* Notify iso layer */
hci_connect_cfm(pa_sync, 0);
diff --git a/net/bluetooth/iso.c b/net/bluetooth/iso.c
index 6e2c752aaa8f..1dc233f04dbe 100644
--- a/net/bluetooth/iso.c
+++ b/net/bluetooth/iso.c
@@ -641,11 +641,12 @@ static struct sock *iso_get_sock(bdaddr_t *src, bdaddr_t *dst,
continue;
/* Exact match. */
- if (!bacmp(&iso_pi(sk)->src, src)) {
+ if (!bacmp(&iso_pi(sk)->src, src)
+ && !bacmp(&iso_pi(sk)->dst, dst)
+ ){
sock_hold(sk);
break;
}
-
/* Closest match */
if (!bacmp(&iso_pi(sk)->src, BDADDR_ANY)) {
if (sk1)
@@ -1962,7 +1963,7 @@ static void iso_conn_ready(struct iso_conn *conn)
}
if (!parent)
- parent = iso_get_sock(&hcon->src, BDADDR_ANY,
+ parent = iso_get_sock(&hcon->src, &hcon->dst,
BT_LISTEN, NULL, NULL);
if (!parent)
@@ -2203,6 +2204,11 @@ int iso_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
} else {
sk = iso_get_sock(&hdev->bdaddr, BDADDR_ANY,
BT_LISTEN, NULL, NULL);
+ if (!sk)
+ sk = iso_get_sock(&hdev->bdaddr, bdaddr,
+ BT_LISTEN, NULL, NULL);
+ else
+ iso_pi(sk)->dst = *bdaddr;
}
done:
---
base-commit: f3daca9b490154fbb0459848cc2ed61e8367bddc
change-id: 20250506-iso-6515893b5bb3
Best regards,
--
Yang Li <yang.li@amlogic.com>Hi Yang,
kernel test robot noticed the following build errors:
[auto build test ERROR on f3daca9b490154fbb0459848cc2ed61e8367bddc]
url: https://github.com/intel-lab-lkp/linux/commits/Yang-Li-via-B4-Relay/Bluetooth-fix-socket-matching-ambiguity-between-BIS-and-CIS/20250507-153347
base: f3daca9b490154fbb0459848cc2ed61e8367bddc
patch link: https://lore.kernel.org/r/20250507-iso-v1-1-6f60d243e037%40amlogic.com
patch subject: [PATCH] Bluetooth: fix socket matching ambiguity between BIS and CIS
config: i386-allmodconfig (https://download.01.org/0day-ci/archive/20250508/202505081427.1Y3wyo7v-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250508/202505081427.1Y3wyo7v-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202505081427.1Y3wyo7v-lkp@intel.com/
All errors (new ones prefixed by >>):
net/bluetooth/hci_event.c: In function 'hci_le_per_adv_report_evt':
>> net/bluetooth/hci_event.c:6469:60: error: 'ISO_LINK' undeclared (first use in this function); did you mean 'SCO_LINK'?
6469 | mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
| ^~~~~~~~
| SCO_LINK
net/bluetooth/hci_event.c:6469:60: note: each undeclared identifier is reported only once for each function it appears in
net/bluetooth/hci_event.c: In function 'hci_le_big_info_adv_report_evt':
net/bluetooth/hci_event.c:7055:60: error: 'ISO_LINK' undeclared (first use in this function); did you mean 'SCO_LINK'?
7055 | mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
| ^~~~~~~~
| SCO_LINK
vim +6469 net/bluetooth/hci_event.c
6449
6450 static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
6451 struct sk_buff *skb)
6452 {
6453 struct hci_ev_le_per_adv_report *ev = data;
6454 int mask = hdev->link_mode;
6455 __u8 flags = 0;
6456 struct hci_conn *pa_sync;
6457
6458 bt_dev_dbg(hdev, "sync_handle 0x%4.4x", le16_to_cpu(ev->sync_handle));
6459
6460 hci_dev_lock(hdev);
6461
6462 pa_sync = hci_conn_hash_lookup_pa_sync_handle
6463 (hdev,
6464 le16_to_cpu(ev->sync_handle));
6465
6466 if (!pa_sync)
6467 goto unlock;
6468
> 6469 mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
6470 if (!(mask & HCI_LM_ACCEPT))
6471 goto unlock;
6472
6473 if (!(flags & HCI_PROTO_DEFER))
6474 goto unlock;
6475
6476 if (ev->data_status == LE_PA_DATA_COMPLETE &&
6477 !test_and_set_bit(HCI_CONN_PA_SYNC, &pa_sync->flags)) {
6478 /* Notify iso layer */
6479 hci_connect_cfm(pa_sync, 0);
6480
6481 /* Notify MGMT layer */
6482 mgmt_device_connected(hdev, pa_sync, NULL, 0);
6483 }
6484
6485 unlock:
6486 hci_dev_unlock(hdev);
6487 }
6488
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Hi,
On Thu, May 8, 2025 at 2:54 AM kernel test robot <lkp@intel.com> wrote:
>
> Hi Yang,
>
> kernel test robot noticed the following build errors:
>
> [auto build test ERROR on f3daca9b490154fbb0459848cc2ed61e8367bddc]
>
> url: https://github.com/intel-lab-lkp/linux/commits/Yang-Li-via-B4-Relay/Bluetooth-fix-socket-matching-ambiguity-between-BIS-and-CIS/20250507-153347
> base: f3daca9b490154fbb0459848cc2ed61e8367bddc
> patch link: https://lore.kernel.org/r/20250507-iso-v1-1-6f60d243e037%40amlogic.com
> patch subject: [PATCH] Bluetooth: fix socket matching ambiguity between BIS and CIS
> config: i386-allmodconfig (https://download.01.org/0day-ci/archive/20250508/202505081427.1Y3wyo7v-lkp@intel.com/config)
> compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
> reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250508/202505081427.1Y3wyo7v-lkp@intel.com/reproduce)
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@intel.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202505081427.1Y3wyo7v-lkp@intel.com/
>
> All errors (new ones prefixed by >>):
>
> net/bluetooth/hci_event.c: In function 'hci_le_per_adv_report_evt':
> >> net/bluetooth/hci_event.c:6469:60: error: 'ISO_LINK' undeclared (first use in this function); did you mean 'SCO_LINK'?
> 6469 | mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
> | ^~~~~~~~
> | SCO_LINK
> net/bluetooth/hci_event.c:6469:60: note: each undeclared identifier is reported only once for each function it appears in
> net/bluetooth/hci_event.c: In function 'hci_le_big_info_adv_report_evt':
> net/bluetooth/hci_event.c:7055:60: error: 'ISO_LINK' undeclared (first use in this function); did you mean 'SCO_LINK'?
> 7055 | mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
> | ^~~~~~~~
> | SCO_LINK
>
>
> vim +6469 net/bluetooth/hci_event.c
>
> 6449
> 6450 static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
> 6451 struct sk_buff *skb)
> 6452 {
> 6453 struct hci_ev_le_per_adv_report *ev = data;
> 6454 int mask = hdev->link_mode;
> 6455 __u8 flags = 0;
> 6456 struct hci_conn *pa_sync;
> 6457
> 6458 bt_dev_dbg(hdev, "sync_handle 0x%4.4x", le16_to_cpu(ev->sync_handle));
> 6459
> 6460 hci_dev_lock(hdev);
> 6461
> 6462 pa_sync = hci_conn_hash_lookup_pa_sync_handle
> 6463 (hdev,
> 6464 le16_to_cpu(ev->sync_handle));
> 6465
> 6466 if (!pa_sync)
> 6467 goto unlock;
> 6468
> > 6469 mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
> 6470 if (!(mask & HCI_LM_ACCEPT))
> 6471 goto unlock;
> 6472
> 6473 if (!(flags & HCI_PROTO_DEFER))
> 6474 goto unlock;
> 6475
> 6476 if (ev->data_status == LE_PA_DATA_COMPLETE &&
> 6477 !test_and_set_bit(HCI_CONN_PA_SYNC, &pa_sync->flags)) {
> 6478 /* Notify iso layer */
> 6479 hci_connect_cfm(pa_sync, 0);
> 6480
> 6481 /* Notify MGMT layer */
> 6482 mgmt_device_connected(hdev, pa_sync, NULL, 0);
> 6483 }
> 6484
> 6485 unlock:
> 6486 hci_dev_unlock(hdev);
> 6487 }
> 6488
>
> --
> 0-DAY CI Kernel Test Service
> https://github.com/intel/lkp-tests/wiki
This is probably already solved by:
https://github.com/bluez/bluetooth-next/commit/f3daca9b490154fbb0459848cc2ed61e8367bddc
--
Luiz Augusto von Dentz
Hi Luzi,
> [ EXTERNAL EMAIL ]
>
> Hi,
>
> On Thu, May 8, 2025 at 2:54 AM kernel test robot <lkp@intel.com> wrote:
>> Hi Yang,
>>
>> kernel test robot noticed the following build errors:
>>
>> [auto build test ERROR on f3daca9b490154fbb0459848cc2ed61e8367bddc]
>>
>> url: https://github.com/intel-lab-lkp/linux/commits/Yang-Li-via-B4-Relay/Bluetooth-fix-socket-matching-ambiguity-between-BIS-and-CIS/20250507-153347
>> base: f3daca9b490154fbb0459848cc2ed61e8367bddc
>> patch link: https://lore.kernel.org/r/20250507-iso-v1-1-6f60d243e037%40amlogic.com
>> patch subject: [PATCH] Bluetooth: fix socket matching ambiguity between BIS and CIS
>> config: i386-allmodconfig (https://download.01.org/0day-ci/archive/20250508/202505081427.1Y3wyo7v-lkp@intel.com/config)
>> compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
>> reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250508/202505081427.1Y3wyo7v-lkp@intel.com/reproduce)
>>
>> If you fix the issue in a separate patch/commit (i.e. not just a new version of
>> the same patch/commit), kindly add following tags
>> | Reported-by: kernel test robot <lkp@intel.com>
>> | Closes: https://lore.kernel.org/oe-kbuild-all/202505081427.1Y3wyo7v-lkp@intel.com/
>>
>> All errors (new ones prefixed by >>):
>>
>> net/bluetooth/hci_event.c: In function 'hci_le_per_adv_report_evt':
>>>> net/bluetooth/hci_event.c:6469:60: error: 'ISO_LINK' undeclared (first use in this function); did you mean 'SCO_LINK'?
>> 6469 | mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
>> | ^~~~~~~~
>> | SCO_LINK
>> net/bluetooth/hci_event.c:6469:60: note: each undeclared identifier is reported only once for each function it appears in
>> net/bluetooth/hci_event.c: In function 'hci_le_big_info_adv_report_evt':
>> net/bluetooth/hci_event.c:7055:60: error: 'ISO_LINK' undeclared (first use in this function); did you mean 'SCO_LINK'?
>> 7055 | mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
>> | ^~~~~~~~
>> | SCO_LINK
>>
>>
>> vim +6469 net/bluetooth/hci_event.c
>>
>> 6449
>> 6450 static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
>> 6451 struct sk_buff *skb)
>> 6452 {
>> 6453 struct hci_ev_le_per_adv_report *ev = data;
>> 6454 int mask = hdev->link_mode;
>> 6455 __u8 flags = 0;
>> 6456 struct hci_conn *pa_sync;
>> 6457
>> 6458 bt_dev_dbg(hdev, "sync_handle 0x%4.4x", le16_to_cpu(ev->sync_handle));
>> 6459
>> 6460 hci_dev_lock(hdev);
>> 6461
>> 6462 pa_sync = hci_conn_hash_lookup_pa_sync_handle
>> 6463 (hdev,
>> 6464 le16_to_cpu(ev->sync_handle));
>> 6465
>> 6466 if (!pa_sync)
>> 6467 goto unlock;
>> 6468
>>> 6469 mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
>> 6470 if (!(mask & HCI_LM_ACCEPT))
>> 6471 goto unlock;
>> 6472
>> 6473 if (!(flags & HCI_PROTO_DEFER))
>> 6474 goto unlock;
>> 6475
>> 6476 if (ev->data_status == LE_PA_DATA_COMPLETE &&
>> 6477 !test_and_set_bit(HCI_CONN_PA_SYNC, &pa_sync->flags)) {
>> 6478 /* Notify iso layer */
>> 6479 hci_connect_cfm(pa_sync, 0);
>> 6480
>> 6481 /* Notify MGMT layer */
>> 6482 mgmt_device_connected(hdev, pa_sync, NULL, 0);
>> 6483 }
>> 6484
>> 6485 unlock:
>> 6486 hci_dev_unlock(hdev);
>> 6487 }
>> 6488
>>
>> --
>> 0-DAY CI Kernel Test Service
>> https://github.com/intel/lkp-tests/wiki
> This is probably already solved by:
>
> https://github.com/bluez/bluetooth-next/commit/f3daca9b490154fbb0459848cc2ed61e8367bddc
I'm currently working with kernel 6.12, but this patch seems to conflict
with it. Do you know if there's a plan to backport it to v6.12?
>
> --
> Luiz Augusto von Dentz
Dear Yang,
Thank you for your patch.
Am 07.05.25 um 09:30 schrieb Yang Li via B4 Relay:
> From: Yang Li <yang.li@amlogic.com>
It’d be great if you could start by describing the problem.
> The iso_get_sock function adds dst address matching to
> distinguish BIS and CIS sockets.
>
> Link: https://github.com/bluez/bluez/issues/1224
How can this patch be tested?
> Signed-off-by: Yang Li <yang.li@amlogic.com>
> ---
> net/bluetooth/hci_event.c | 35 ++++++++++++++++++++---------------
> net/bluetooth/iso.c | 12 +++++++++---
> 2 files changed, 29 insertions(+), 18 deletions(-)
>
> diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
> index 66052d6aaa1d..c1f32e98ef8a 100644
> --- a/net/bluetooth/hci_event.c
> +++ b/net/bluetooth/hci_event.c
> @@ -6413,6 +6413,8 @@ static void hci_le_pa_sync_estabilished_evt(struct hci_dev *hdev, void *data,
>
> conn->sync_handle = le16_to_cpu(ev->handle);
> conn->sid = HCI_SID_INVALID;
> + conn->dst = ev->bdaddr;
> + conn->dst_type = ev->bdaddr_type;
>
> mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, BIS_LINK,
> &flags);
> @@ -6425,7 +6427,8 @@ static void hci_le_pa_sync_estabilished_evt(struct hci_dev *hdev, void *data,
> goto unlock;
>
> /* Add connection to indicate PA sync event */
> - pa_sync = hci_conn_add_unset(hdev, BIS_LINK, BDADDR_ANY,
> +
Why the extra blank line?
> + pa_sync = hci_conn_add_unset(hdev, BIS_LINK, &ev->bdaddr,
> HCI_ROLE_SLAVE);
>
> if (IS_ERR(pa_sync))
Kind regards,
Paul
> @@ -6456,13 +6459,6 @@ static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
>
> hci_dev_lock(hdev);
>
> - mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, BIS_LINK, &flags);
> - if (!(mask & HCI_LM_ACCEPT))
> - goto unlock;
> -
> - if (!(flags & HCI_PROTO_DEFER))
> - goto unlock;
> -
> pa_sync = hci_conn_hash_lookup_pa_sync_handle
> (hdev,
> le16_to_cpu(ev->sync_handle));
> @@ -6470,6 +6466,13 @@ static void hci_le_per_adv_report_evt(struct hci_dev *hdev, void *data,
> if (!pa_sync)
> goto unlock;
>
> + mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
> + if (!(mask & HCI_LM_ACCEPT))
> + goto unlock;
> +
> + if (!(flags & HCI_PROTO_DEFER))
> + goto unlock;
> +
> if (ev->data_status == LE_PA_DATA_COMPLETE &&
> !test_and_set_bit(HCI_CONN_PA_SYNC, &pa_sync->flags)) {
> /* Notify iso layer */
> @@ -6993,6 +6996,8 @@ static void hci_le_big_sync_established_evt(struct hci_dev *hdev, void *data,
> set_bit(HCI_CONN_PA_SYNC, &bis->flags);
>
> bis->sync_handle = conn->sync_handle;
> + bis->dst = conn->dst;
> + bis->dst_type = conn->dst_type;
> bis->iso_qos.bcast.big = ev->handle;
> memset(&interval, 0, sizeof(interval));
> memcpy(&interval, ev->latency, sizeof(ev->latency));
> @@ -7038,13 +7043,6 @@ static void hci_le_big_info_adv_report_evt(struct hci_dev *hdev, void *data,
>
> hci_dev_lock(hdev);
>
> - mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, BIS_LINK, &flags);
> - if (!(mask & HCI_LM_ACCEPT))
> - goto unlock;
> -
> - if (!(flags & HCI_PROTO_DEFER))
> - goto unlock;
> -
> pa_sync = hci_conn_hash_lookup_pa_sync_handle
> (hdev,
> le16_to_cpu(ev->sync_handle));
> @@ -7054,6 +7052,13 @@ static void hci_le_big_info_adv_report_evt(struct hci_dev *hdev, void *data,
>
> pa_sync->iso_qos.bcast.encryption = ev->encryption;
>
> + mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK, &flags);
> + if (!(mask & HCI_LM_ACCEPT))
> + goto unlock;
> +
> + if (!(flags & HCI_PROTO_DEFER))
> + goto unlock;
> +
> /* Notify iso layer */
> hci_connect_cfm(pa_sync, 0);
>
> diff --git a/net/bluetooth/iso.c b/net/bluetooth/iso.c
> index 6e2c752aaa8f..1dc233f04dbe 100644
> --- a/net/bluetooth/iso.c
> +++ b/net/bluetooth/iso.c
> @@ -641,11 +641,12 @@ static struct sock *iso_get_sock(bdaddr_t *src, bdaddr_t *dst,
> continue;
>
> /* Exact match. */
> - if (!bacmp(&iso_pi(sk)->src, src)) {
> + if (!bacmp(&iso_pi(sk)->src, src)
> + && !bacmp(&iso_pi(sk)->dst, dst)
> + ){
> sock_hold(sk);
> break;
> }
> -
> /* Closest match */
> if (!bacmp(&iso_pi(sk)->src, BDADDR_ANY)) {
> if (sk1)
> @@ -1962,7 +1963,7 @@ static void iso_conn_ready(struct iso_conn *conn)
> }
>
> if (!parent)
> - parent = iso_get_sock(&hcon->src, BDADDR_ANY,
> + parent = iso_get_sock(&hcon->src, &hcon->dst,
> BT_LISTEN, NULL, NULL);
>
> if (!parent)
> @@ -2203,6 +2204,11 @@ int iso_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 *flags)
> } else {
> sk = iso_get_sock(&hdev->bdaddr, BDADDR_ANY,
> BT_LISTEN, NULL, NULL);
> + if (!sk)
> + sk = iso_get_sock(&hdev->bdaddr, bdaddr,
> + BT_LISTEN, NULL, NULL);
> + else
> + iso_pi(sk)->dst = *bdaddr;
> }
>
> done:
Hi Paul,
> [ EXTERNAL EMAIL ]
>
> Dear Yang,
>
>
> Thank you for your patch.
>
> Am 07.05.25 um 09:30 schrieb Yang Li via B4 Relay:
>> From: Yang Li <yang.li@amlogic.com>
>
> It’d be great if you could start by describing the problem.
Sorry for the confusion—I initially thought the linked BlueZ issue
provided enough detail.
To clarify: the problem occurs when the DUT is acting as a sink device.
If a BIS already exists, and a CIS connection is then created, the
kernel mistakenly references the BIS socket. This happens because the
socket selection only checks for |state == BT_LISTEN|, without further
distinguishing between BIS and CIS contexts.
To resolve this, I believe the destination address (|dst addr|) should
also be matched when retrieving the ISO socket, so BIS and CIS sockets
can be properly differentiated.
>
>> The iso_get_sock function adds dst address matching to
>> distinguish BIS and CIS sockets.
>>
>> Link: https://github.com/bluez/bluez/issues/1224
>
> How can this patch be tested?
DUT environment:BlueZ 5.82+pipewire 1.3.83+kernel 6.12
Assistant:Redmi K70 phone
BIS Source:1BIG 2BISes
Steps to reproduce:
1> Use K70 mobile phone to connect to DUT, and configure BIS source for
DUT as Assistant, and DUT audio plays normally;
2> Do not end listening, K70 mobile phone plays music, DUT still uses
BIS source audio, check HCI log, CIS link is disconnected;
After testing, the modification resolves the issue I encountered.
However, I'm not certain whether this approach might introduce new
issues elsewhere.
>
>> Signed-off-by: Yang Li <yang.li@amlogic.com>
>> ---
>> net/bluetooth/hci_event.c | 35 ++++++++++++++++++++---------------
>> net/bluetooth/iso.c | 12 +++++++++---
>> 2 files changed, 29 insertions(+), 18 deletions(-)
>>
>> diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
>> index 66052d6aaa1d..c1f32e98ef8a 100644
>> --- a/net/bluetooth/hci_event.c
>> +++ b/net/bluetooth/hci_event.c
>> @@ -6413,6 +6413,8 @@ static void
>> hci_le_pa_sync_estabilished_evt(struct hci_dev *hdev, void *data,
>>
>> conn->sync_handle = le16_to_cpu(ev->handle);
>> conn->sid = HCI_SID_INVALID;
>> + conn->dst = ev->bdaddr;
>> + conn->dst_type = ev->bdaddr_type;
>>
>> mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, BIS_LINK,
>> &flags);
>> @@ -6425,7 +6427,8 @@ static void
>> hci_le_pa_sync_estabilished_evt(struct hci_dev *hdev, void *data,
>> goto unlock;
>>
>> /* Add connection to indicate PA sync event */
>> - pa_sync = hci_conn_add_unset(hdev, BIS_LINK, BDADDR_ANY,
>> +
>
> Why the extra blank line?
Sorry, I will remove this modification in the next version.
>
>> + pa_sync = hci_conn_add_unset(hdev, BIS_LINK, &ev->bdaddr,
>> HCI_ROLE_SLAVE);
>>
>> if (IS_ERR(pa_sync))
>
>
> Kind regards,
>
> Paul
>
>
>> @@ -6456,13 +6459,6 @@ static void hci_le_per_adv_report_evt(struct
>> hci_dev *hdev, void *data,
>>
>> hci_dev_lock(hdev);
>>
>> - mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, BIS_LINK, &flags);
>> - if (!(mask & HCI_LM_ACCEPT))
>> - goto unlock;
>> -
>> - if (!(flags & HCI_PROTO_DEFER))
>> - goto unlock;
>> -
>> pa_sync = hci_conn_hash_lookup_pa_sync_handle
>> (hdev,
>> le16_to_cpu(ev->sync_handle));
>> @@ -6470,6 +6466,13 @@ static void hci_le_per_adv_report_evt(struct
>> hci_dev *hdev, void *data,
>> if (!pa_sync)
>> goto unlock;
>>
>> + mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK,
>> &flags);
>> + if (!(mask & HCI_LM_ACCEPT))
>> + goto unlock;
>> +
>> + if (!(flags & HCI_PROTO_DEFER))
>> + goto unlock;
>> +
>> if (ev->data_status == LE_PA_DATA_COMPLETE &&
>> !test_and_set_bit(HCI_CONN_PA_SYNC, &pa_sync->flags)) {
>> /* Notify iso layer */
>> @@ -6993,6 +6996,8 @@ static void
>> hci_le_big_sync_established_evt(struct hci_dev *hdev, void *data,
>> set_bit(HCI_CONN_PA_SYNC, &bis->flags);
>>
>> bis->sync_handle = conn->sync_handle;
>> + bis->dst = conn->dst;
>> + bis->dst_type = conn->dst_type;
>> bis->iso_qos.bcast.big = ev->handle;
>> memset(&interval, 0, sizeof(interval));
>> memcpy(&interval, ev->latency, sizeof(ev->latency));
>> @@ -7038,13 +7043,6 @@ static void
>> hci_le_big_info_adv_report_evt(struct hci_dev *hdev, void *data,
>>
>> hci_dev_lock(hdev);
>>
>> - mask |= hci_proto_connect_ind(hdev, BDADDR_ANY, BIS_LINK, &flags);
>> - if (!(mask & HCI_LM_ACCEPT))
>> - goto unlock;
>> -
>> - if (!(flags & HCI_PROTO_DEFER))
>> - goto unlock;
>> -
>> pa_sync = hci_conn_hash_lookup_pa_sync_handle
>> (hdev,
>> le16_to_cpu(ev->sync_handle));
>> @@ -7054,6 +7052,13 @@ static void
>> hci_le_big_info_adv_report_evt(struct hci_dev *hdev, void *data,
>>
>> pa_sync->iso_qos.bcast.encryption = ev->encryption;
>>
>> + mask |= hci_proto_connect_ind(hdev, &pa_sync->dst, ISO_LINK,
>> &flags);
>> + if (!(mask & HCI_LM_ACCEPT))
>> + goto unlock;
>> +
>> + if (!(flags & HCI_PROTO_DEFER))
>> + goto unlock;
>> +
>> /* Notify iso layer */
>> hci_connect_cfm(pa_sync, 0);
>>
>> diff --git a/net/bluetooth/iso.c b/net/bluetooth/iso.c
>> index 6e2c752aaa8f..1dc233f04dbe 100644
>> --- a/net/bluetooth/iso.c
>> +++ b/net/bluetooth/iso.c
>> @@ -641,11 +641,12 @@ static struct sock *iso_get_sock(bdaddr_t *src,
>> bdaddr_t *dst,
>> continue;
>>
>> /* Exact match. */
>> - if (!bacmp(&iso_pi(sk)->src, src)) {
>> + if (!bacmp(&iso_pi(sk)->src, src)
>> + && !bacmp(&iso_pi(sk)->dst, dst)
>> + ){
>> sock_hold(sk);
>> break;
>> }
>> -
>> /* Closest match */
>> if (!bacmp(&iso_pi(sk)->src, BDADDR_ANY)) {
>> if (sk1)
>> @@ -1962,7 +1963,7 @@ static void iso_conn_ready(struct iso_conn *conn)
>> }
>>
>> if (!parent)
>> - parent = iso_get_sock(&hcon->src, BDADDR_ANY,
>> + parent = iso_get_sock(&hcon->src, &hcon->dst,
>> BT_LISTEN, NULL, NULL);
>>
>> if (!parent)
>> @@ -2203,6 +2204,11 @@ int iso_connect_ind(struct hci_dev *hdev,
>> bdaddr_t *bdaddr, __u8 *flags)
>> } else {
>> sk = iso_get_sock(&hdev->bdaddr, BDADDR_ANY,
>> BT_LISTEN, NULL, NULL);
>> + if (!sk)
>> + sk = iso_get_sock(&hdev->bdaddr, bdaddr,
>> + BT_LISTEN, NULL, NULL);
>> + else
>> + iso_pi(sk)->dst = *bdaddr;
>> }
>>
>> done:
© 2016 - 2025 Red Hat, Inc.