Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags

Device flags could be updated in the meantime while MGMT_OP_ADD_DEVICE
is pending on hci_update_passive_scan_sync so instead of setting the
current_flags as cmd->user_data just do a lookup using
hci_conn_params_lookup and use the latest stored flags.

Fixes: a182d9c84f9c ("Bluetooth: MGMT: Fix Add Device to responding before completing")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index c1e1e529e26cc2061e218fd9f292a6e25629b362..46b22708dfbd2d5c54a9aad5d7072c33b3e33c41 100644 (file)
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -7506,11 +7506,16 @@ static void add_device_complete(struct hci_dev *hdev, void *data, int err)
        struct mgmt_cp_add_device *cp = cmd->param;
 
        if (!err) {
+               struct hci_conn_params *params;
+
+               params = hci_conn_params_lookup(hdev, &cp->addr.bdaddr,
+                                               le_addr_type(cp->addr.type));
+
                device_added(cmd->sk, hdev, &cp->addr.bdaddr, cp->addr.type,
                             cp->action);
                device_flags_changed(NULL, hdev, &cp->addr.bdaddr,
                                     cp->addr.type, hdev->conn_flags,
-                                    PTR_UINT(cmd->user_data));
+                                    params ? params->flags : 0);
        }
 
        mgmt_cmd_complete(cmd->sk, hdev->id, MGMT_OP_ADD_DEVICE,
@@ -7613,8 +7618,6 @@ static int add_device(struct sock *sk, struct hci_dev *hdev,
                goto unlock;
        }
 
-       cmd->user_data = UINT_PTR(current_flags);
-
        err = hci_cmd_sync_queue(hdev, add_device_sync, cmd,
                                 add_device_complete);
        if (err < 0) {