.bluez.metadata

@@ -1 +1 @@
-c5137186e7cc60652eed44cff0067ef749e49eff SOURCES/bluez-5.63.tar.xz
+4d8fb1328e15df4021329d3eb6329b64777badaa SOURCES/bluez-5.64.tar.xz

.gitignore

@@ -1 +1 @@
-SOURCES/bluez-5.63.tar.xz
+SOURCES/bluez-5.64.tar.xz

SOURCES/0001-build-Always-define-confdir-and-statedir.patch

@@ -1,35 +0,0 @@
-From 5744f79d84ecee3929a682166034c5bbc36c0ef5 Mon Sep 17 00:00:00 2001
-From: Bastien Nocera <hadess@hadess.net>
-Date: Wed, 20 Sep 2017 12:49:10 +0200
-Subject: [PATCH 1/4] build: Always define confdir and statedir
-
-As we will need those paths to lock down on them.
----
- Makefile.am | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index 9d25a815b..ac88c12e0 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -28,14 +28,14 @@
- 				$(LIBEDATASERVER_CFLAGS) $(ell_cflags)
- AM_LDFLAGS = $(MISC_LDFLAGS)
- 
-+confdir = $(sysconfdir)/bluetooth
-+statedir = $(localstatedir)/lib/bluetooth
-+
- if DATAFILES
- dbusdir = $(DBUS_CONFDIR)/dbus-1/system.d
- dbus_DATA = src/bluetooth.conf
- 
--confdir = $(sysconfdir)/bluetooth
- conf_DATA =
--
--statedir = $(localstatedir)/lib/bluetooth
- state_DATA =
- endif
- 
--- 
-2.21.0
-

SOURCES/0001-client-gatt-Fix-memory-leak-issues.patch

@@ -0,0 +1,66 @@
+From b4233bca181580800b483a228ca5377efcfeb844 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:05 +0530
+Subject: [PATCH BlueZ 01/12] client/gatt: Fix memory leak issues
+
+While performing the static tool analysis using coverity tool
+found following reports
+
+Error: RESOURCE_LEAK (CWE-772):
+bluez-5.64/client/gatt.c:1531: leaked_storage: Variable "service"
+going out of scope leaks the storage it points to.
+
+Error: RESOURCE_LEAK (CWE-772):
+bluez-5.64/client/gatt.c:2626: leaked_storage: Variable "chrc"
+going out of scope leaks the storage it points to.
+
+Error: RESOURCE_LEAK (CWE-772):
+bluez-5.64/client/gatt.c:2906: leaked_storage: Variable "desc"
+going out of scope leaks the storage it points to.
+---
+ client/gatt.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/client/gatt.c b/client/gatt.c
+index 13872c794..4c1efaf75 100644
+--- a/client/gatt.c
++++ b/client/gatt.c
+@@ -1527,8 +1527,10 @@ void gatt_register_service(DBusConnection *conn, GDBusProxy *proxy,
+ 
+ 	if (argc > 2) {
+ 		service->handle = parse_handle(argv[2]);
+-		if (!service->handle)
++		if (!service->handle) {
++			service_free(service);
+ 			return bt_shell_noninteractive_quit(EXIT_FAILURE);
++		}
+ 	}
+ 
+ 	if (g_dbus_register_interface(conn, service->path,
+@@ -2622,8 +2624,10 @@ void gatt_register_chrc(DBusConnection *conn, GDBusProxy *proxy,
+ 
+ 	if (argc > 3) {
+ 		chrc->handle = parse_handle(argv[3]);
+-		if (!chrc->handle)
++		if (!chrc->handle) {
++			chrc_free(chrc);
+ 			return bt_shell_noninteractive_quit(EXIT_FAILURE);
++		}
+ 	}
+ 
+ 	if (g_dbus_register_interface(conn, chrc->path, CHRC_INTERFACE,
+@@ -2902,8 +2906,10 @@ void gatt_register_desc(DBusConnection *conn, GDBusProxy *proxy,
+ 
+ 	if (argc > 3) {
+ 		desc->handle = parse_handle(argv[3]);
+-		if (!desc->handle)
++		if (!desc->handle) {
++			desc_free(desc);
+ 			return bt_shell_noninteractive_quit(EXIT_FAILURE);
++		}
+ 	}
+ 
+ 	if (g_dbus_register_interface(conn, desc->path, DESC_INTERFACE,
+-- 
+2.26.2
+

SOURCES/0001-gatt-Fix-double-free-and-freed-memory-dereference.patch

@@ -0,0 +1,41 @@
+From f853012bc0142ab6056f3d9ef4abf621b1e8a756 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 24 May 2022 16:45:56 +0530
+Subject: [PATCH BlueZ] gatt: Fix double free and freed memory dereference
+
+commit 3627eddea13042ffc0848ae37356f30335ce2e4b
+Author: Ildar Kamaletdinov <i.kamaletdinov@omp.ru>
+Date:   Fri Apr 1 15:16:47 2022 +0300
+
+    gatt: Fix double free and freed memory dereference
+
+    If device is no longer exists or not paired when notifications send it
+    is possible to get double free and dereference of already freed memory.
+
+    To avoid this we need to recheck the state of device after sending
+    notification.
+
+    Found by Linux Verification Center (linuxtesting.org) with the SVACE
+    static analysis tool.
+---
+ src/gatt-database.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/gatt-database.c b/src/gatt-database.c
+index d6c94058c..d32f616a9 100644
+--- a/src/gatt-database.c
++++ b/src/gatt-database.c
+@@ -3877,6 +3877,10 @@ void btd_gatt_database_server_connected(struct btd_gatt_database *database,
+ 
+ 	send_notification_to_device(state, state->pending);
+ 
++	state = find_device_state(database, &bdaddr, bdaddr_type);
++	if (!state || !state->pending)
++		return;
++
+ 	free(state->pending->value);
+ 	free(state->pending);
+ 	state->pending = NULL;
+-- 
+2.26.2
+

SOURCES/0001-gdbus-Emit-InterfacesAdded-of-parents-objects-first.patch

@@ -1,36 +0,0 @@
-From 4c3eedcb96bd4795dd5c25c688005fc12f364aeb Mon Sep 17 00:00:00 2001
-From: Gopal Tiwari <gtiwari@redhat.com>
-Date: Wed, 20 Apr 2022 12:19:05 +0530
-Subject: [PATCH BlueZ] gdbus: Emit InterfacesAdded of parents objects first
-
-This makes InterfacesAdded respect the object hierarchy in case its
-parent has pending interfaces to be added.
-
-Fixes: #272
-Fixes: #284
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1534857
-Fixes: https://bugs.archlinux.org/task/57464
----
- gdbus/object.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/gdbus/object.c b/gdbus/object.c
-index 50a8b4ff1..f7c8c2be5 100644
---- a/gdbus/object.c
-+++ b/gdbus/object.c
-@@ -551,6 +551,12 @@ static void emit_interfaces_added(struct generic_data *data)
- 	if (root == NULL || data == root)
- 		return;
- 
-+	/* Emit InterfacesAdded on the parent first so it appears first on the
-+	 * bus as child objects may point to it.
-+	 */
-+	if (data->parent && data->parent->added)
-+		emit_interfaces_added(data->parent);
-+
- 	signal = dbus_message_new_signal(root->path,
- 					DBUS_INTERFACE_OBJECT_MANAGER,
- 					"InterfacesAdded");
--- 
-2.26.2
-

SOURCES/0001-hostname-Fix-BlueZ-5.XX-adapter-name-on-startup.patch

@@ -1,38 +0,0 @@
-From cba55944f76ad0f01bb7c8976fd6699f058c68cd Mon Sep 17 00:00:00 2001
-From: Bastien Nocera <hadess@hadess.net>
-Date: Wed, 20 Sep 2017 14:42:14 +0200
-Subject: [PATCH] hostname: Fix "BlueZ 5.XX" adapter name on startup
-
-The hostname plugin listens to property changes from systemd-hostnamed
-but doesn't fetch initial values. This means that unless the
-PrettyHostname or StaticHostname changes, the default adapter will be
-called "BlueZ 5.XX" matching the version number.
-
-This is the case since the hostname plugin replaced the adaptername
-plugin in 2012.
-
-Fetch the initial values for PrettyHostname, StaticHostname and
-Chassis when the plugin is initiated, so as to make the values
-available for adapter setup.
----
- plugins/hostname.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/plugins/hostname.c b/plugins/hostname.c
-index f876d0afb..db9187378 100644
---- a/plugins/hostname.c
-+++ b/plugins/hostname.c
-@@ -307,6 +307,10 @@ static int hostname_init(void)
- 		hostname_proxy = NULL;
- 		g_dbus_client_unref(hostname_client);
- 		hostname_client = NULL;
-+	} else {
-+		g_dbus_proxy_refresh_property(hostname_proxy, "PrettyHostname");
-+		g_dbus_proxy_refresh_property(hostname_proxy, "StaticHostname");
-+		g_dbus_proxy_refresh_property(hostname_proxy, "Chassis");
- 	}
- 
- 	return err;
--- 
-2.14.1
-

SOURCES/0002-mesh-appkey-Fix-memory-leaks.patch

@@ -0,0 +1,43 @@
+From 5eb96b3ec8545047a74d7204664267c7aa749070 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:06 +0530
+Subject: [PATCH BlueZ 02/12] mesh/appkey: Fix memory leaks
+
+While performing the static analysis using the coverity tool found
+following memory leak reports
+
+bluez-5.64/mesh/appkey.c:143: leaked_storage: Variable "key" going
+out of scope leaks the storage it points to.
+
+Error: RESOURCE_LEAK (CWE-772):
+bluez-5.64/mesh/appkey.c:146: leaked_storage: Variable "key" going
+out of scope leaks the storage it points to.
+---
+ mesh/appkey.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/mesh/appkey.c b/mesh/appkey.c
+index 5088a1812..52fed8c31 100644
+--- a/mesh/appkey.c
++++ b/mesh/appkey.c
+@@ -139,11 +139,15 @@ bool appkey_key_init(struct mesh_net *net, uint16_t net_idx, uint16_t app_idx,
+ 	key->net_idx = net_idx;
+ 	key->app_idx = app_idx;
+ 
+-	if (key_value && !set_key(key, app_idx, key_value, false))
++	if (key_value && !set_key(key, app_idx, key_value, false)) {
++		appkey_key_free(key);
+ 		return false;
++	}
+ 
+-	if (new_key_value && !set_key(key, app_idx, new_key_value, true))
++	if (new_key_value && !set_key(key, app_idx, new_key_value, true)) {
++		appkey_key_free(key);
+ 		return false;
++	}
+ 
+ 	l_queue_push_tail(app_keys, key);
+ 
+-- 
+2.26.2
+

SOURCES/0002-systemd-Add-PrivateTmp-and-NoNewPrivileges-options.patch

@@ -1,44 +0,0 @@
-From 98826d0717fe831265256f996c9e90d15262bef1 Mon Sep 17 00:00:00 2001
-From: Gopal Tiwari <gtiwari@redhat.com>
-Date: Mon, 8 Jun 2020 19:54:24 +0530
-Subject: [PATCH BlueZ 2/4] systemd: Add PrivateTmp and NoNewPrivileges options
-
-From 4570164f0c90603bd07eb9e7c07e17bbafb5b5da Mon Sep 17 00:00:00 2001
-From: Craig Andrews <candrews@integralblue.com>
-Date: Wed, 13 Sep 2017 15:23:09 +0200
-
-systemd: Add PrivateTmp and NoNewPrivileges options
-
-PrivateTmp makes bluetoothd's /tmp and /var/tmp be inside a different
-namespace. This is useful to secure access to temporary files of the
-process.
-
-NoNewPrivileges ensures that service process and all its children
-can never gain new privileges through execve(), lowering the risk of
-possible privilege escalations.
----
- src/bluetooth.service.in | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/bluetooth.service.in b/src/bluetooth.service.in
-index f9faaa452..7c2f60bb4 100644
---- a/src/bluetooth.service.in
-+++ b/src/bluetooth.service.in
-@@ -12,8 +12,14 @@ NotifyAccess=main
- #Restart=on-failure
- CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
- LimitNPROC=1
-+
-+# Filesystem lockdown
- ProtectHome=true
- ProtectSystem=full
-+PrivateTmp=true
-+
-+# Privilege escalation
-+NoNewPrivileges=true
- 
- [Install]
- WantedBy=bluetooth.target
--- 
-2.21.1
-

SOURCES/0003-monitor-Fix-memory-leaks.patch

@@ -0,0 +1,38 @@
+From 6f02010ce0043ec2e17eb15f2a1dd42f6c64e223 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:07 +0530
+Subject: [PATCH BlueZ 03/12] monitor: Fix memory leaks
+
+While performing static tool analysis using coverity
+found following reports for resouse leak
+
+bluez-5.64/monitor/jlink.c:111: leaked_storage: Variable "so"
+going out of scope leaks the storage it points to.
+
+bluez-5.64/monitor/jlink.c:113: leaked_storage: Variable "so"
+going out of scope leaks the storage it points to.
+---
+ monitor/jlink.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/monitor/jlink.c b/monitor/jlink.c
+index 9aaa4ebd8..f1d8ce660 100644
+--- a/monitor/jlink.c
++++ b/monitor/jlink.c
+@@ -107,9 +107,12 @@ int jlink_init(void)
+ 			!jlink.tif_select || !jlink.setspeed ||
+ 			!jlink.connect || !jlink.getsn ||
+ 			!jlink.emu_getproductname ||
+-			!jlink.rtterminal_control || !jlink.rtterminal_read)
++			!jlink.rtterminal_control || !jlink.rtterminal_read) {
++		dlclose(so);
+ 		return -EIO;
++	}
+ 
++	dlclose(so);
+ 	return 0;
+ }
+ 
+-- 
+2.26.2
+

SOURCES/0003-systemd-Add-more-filesystem-lockdown.patch

@@ -1,44 +0,0 @@
-From 13a348670fef0047555395ce6977e86e0005f8bd Mon Sep 17 00:00:00 2001
-From: Bastien Nocera <hadess@hadess.net>
-Date: Wed, 13 Sep 2017 15:37:11 +0200
-Subject: [PATCH 3/4] systemd: Add more filesystem lockdown
-
-We can only access the configuration file as read-only and read-write
-to the Bluetooth cache directory and sub-directories.
----
- Makefile.am              | 3 +++
- src/bluetooth.service.in | 4 ++++
- 2 files changed, 7 insertions(+)
-
-diff --git a/Makefile.am b/Makefile.am
-index ac88c12e0..0a6d09847 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -617,6 +617,9 @@
- 
- SED_PROCESS = $(AM_V_GEN)$(MKDIR_P) $(dir $@) && \
- 		$(SED) -e 's,@pkglibexecdir\@,$(pkglibexecdir),g' \
-+		       -e 's,@libexecdir\@,$(libexecdir),g' \
-+		       -e 's,@statedir\@,$(statedir),g' \
-+		       -e 's,@confdir\@,$(confdir),g' \
- 		< $< > $@
- 
- if RUN_RST2MAN
-diff --git a/src/bluetooth.service.in b/src/bluetooth.service.in
-index 7c2f60bb4..4daedef2a 100644
---- a/src/bluetooth.service.in
-+++ b/src/bluetooth.service.in
-@@ -17,6 +17,10 @@ LimitNPROC=1
- ProtectHome=true
- ProtectSystem=full
- PrivateTmp=true
-+ProtectKernelTunables=true
-+ProtectControlGroups=true
-+ReadWritePaths=@statedir@
-+ReadOnlyPaths=@confdir@
- 
- # Privilege escalation
- NoNewPrivileges=true
--- 
-2.21.0
-

SOURCES/0004-sixaxis-Fix-memory-leaks.patch

@@ -0,0 +1,43 @@
+From fc57aa92a4f32f7c0f38198e6d26b529b537a047 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:08 +0530
+Subject: [PATCH BlueZ 04/12] sixaxis: Fix memory leaks
+
+While performing static tool analysis using coverity
+found following reports for resouse leak
+
+bluez-5.64/plugins/sixaxis.c:425: alloc_arg:
+"get_pairing_type_for_device" allocates memory that is
+stored into "sysfs_path".
+
+bluez-5.64/plugins/sixaxis.c:428: leaked_storage: Variable "sysfs_path"
+going out of scope leaks the storage it points to.
+---
+ plugins/sixaxis.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/plugins/sixaxis.c b/plugins/sixaxis.c
+index ddecbcccb..10cf15948 100644
+--- a/plugins/sixaxis.c
++++ b/plugins/sixaxis.c
+@@ -424,10 +424,15 @@ static void device_added(struct udev_device *udevice)
+ 
+ 	cp = get_pairing_type_for_device(udevice, &bus, &sysfs_path);
+ 	if (!cp || (cp->type != CABLE_PAIRING_SIXAXIS &&
+-				cp->type != CABLE_PAIRING_DS4))
++				cp->type != CABLE_PAIRING_DS4)) {
++		g_free(sysfs_path);
+ 		return;
+-	if (bus != BUS_USB)
++	}
++
++	if (bus != BUS_USB) {
++		g_free(sysfs_path);
+ 		return;
++	}
+ 
+ 	info("sixaxis: compatible device connected: %s (%04X:%04X %s)",
+ 				cp->name, cp->vid, cp->pid, sysfs_path);
+-- 
+2.26.2
+

SOURCES/0004-systemd-More-lockdown.patch

@@ -1,40 +0,0 @@
-From 9a7872f04cb748e8de743d9136ecd91539d13cb7 Mon Sep 17 00:00:00 2001
-From: Gopal Tiwari <gtiwari@redhat.com>
-Date: Mon, 8 Jun 2020 19:56:42 +0530
-Subject: [PATCH BlueZ 4/4] systemd: More lockdown
-
-From 171d812218883281fed57b57fafd5c18eac441ac Mon Sep 17 00:00:00 2001
-From: Bastien Nocera <hadess@hadess.net>
-Date: Wed, 13 Sep 2017 15:38:26 +0200
-
-systemd: More lockdown
-
-bluetoothd does not need to execute mapped memory, or real-time
-access, so block those.
----
- src/bluetooth.service.in | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/bluetooth.service.in b/src/bluetooth.service.in
-index 4daedef2a..f18801866 100644
---- a/src/bluetooth.service.in
-+++ b/src/bluetooth.service.in
-@@ -22,9 +22,15 @@ ProtectControlGroups=true
- ReadWritePaths=@statedir@
- ReadOnlyPaths=@confdir@
- 
-+# Execute Mappings
-+MemoryDenyWriteExecute=true
-+
- # Privilege escalation
- NoNewPrivileges=true
- 
-+# Real-time
-+RestrictRealtime=true
-+
- [Install]
- WantedBy=bluetooth.target
- Alias=dbus-org.bluez.service
--- 
-2.21.1
-

SOURCES/0005-cltest-Fix-leaked_handle.patch

@@ -0,0 +1,29 @@
+From f4743109f381a4d53b476c5b77c7c68a6aa40b59 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:09 +0530
+Subject: [PATCH BlueZ 05/12] cltest: Fix leaked_handle
+
+While performing static tool analysis using coverity found
+following reports for resouse leak
+
+bluez-5.64/tools/cltest.c:75: leaked_handle: Handle variable "fd"
+going out of scope leaks the handle.
+---
+ tools/cltest.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tools/cltest.c b/tools/cltest.c
+index 2766fcd23..250c93cc7 100644
+--- a/tools/cltest.c
++++ b/tools/cltest.c
+@@ -72,6 +72,7 @@ static bool send_message(const bdaddr_t *src, const bdaddr_t *dst,
+ 		return false;
+ 	}
+ 
++	close(fd);
+ 	return true;
+ }
+ 
+-- 
+2.26.2
+

SOURCES/0006-create-image-Fix-leaked_handle.patch

@@ -0,0 +1,47 @@
+From 4ae130455b173650f564d92f7908a7ca4f7b1ee6 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:10 +0530
+Subject: [PATCH BlueZ 06/12] create-image: Fix leaked_handle
+
+While performing static tool analysis using coverity found following
+reports for resouse leak
+
+bluez-5.64/tools/create-image.c:124: leaked_storage: Variable "map"
+going out of scope leaks the storage it points to.
+---
+ tools/create-image.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/tools/create-image.c b/tools/create-image.c
+index aba940da7..90cd87315 100644
+--- a/tools/create-image.c
++++ b/tools/create-image.c
+@@ -97,12 +97,13 @@ static void write_block(FILE *fp, const char *pathname, unsigned int ino,
+ 
+ 	map = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
+ 	if (!map || map == MAP_FAILED) {
+-		close(fd);
+-		fd = -1;
+ 		map = NULL;
+ 		st.st_size = 0;
+         }
+ 
++	close(fd);
++	fd = -1;
++
+ done:
+ 	fprintf(fp, HDR_FMT, HDR_MAGIC, ino, mode, 0, 0, 1, 0,
+ 		(uintmax_t) st.st_size, 0, 0, 0, 0, namelen + 1, 0, name);
+@@ -117,9 +118,7 @@ done:
+ 		pad = 3 - ((st.st_size + 3) % 4);
+ 		for (i = 0; i < pad; i++)
+ 			fputc(0, fp);
+-
+ 		munmap(map, st.st_size);
+-		close(fd);
+ 	}
+ }
+ 
+-- 
+2.26.2
+

SOURCES/0007-l2cap-tester-Fix-leaked_handle.patch

@@ -0,0 +1,29 @@
+From 4334be027ae1ad50193025c90e77a76b64464b53 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:11 +0530
+Subject: [PATCH BlueZ 07/12] l2cap-tester: Fix leaked_handle
+
+While performing static tool analysis using coverity found following
+reports for resouse leak
+
+bluez-5.64/tools/l2cap-tester.c:1712: leaked_handle: Handle variable
+"new_sk" going out of scope leaks the handle.
+---
+ tools/l2cap-tester.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tools/l2cap-tester.c b/tools/l2cap-tester.c
+index d78b1e29c..3f0464013 100644
+--- a/tools/l2cap-tester.c
++++ b/tools/l2cap-tester.c
+@@ -1709,6 +1709,7 @@ static gboolean l2cap_listen_cb(GIOChannel *io, GIOCondition cond,
+ 
+ 	if (!check_mtu(data, new_sk)) {
+ 		tester_test_failed();
++		close(new_sk);
+ 		return FALSE;
+ 	}
+ 
+-- 
+2.26.2
+

SOURCES/0008-mesh-mesh-db-Fix-resource-leaks.patch

@@ -0,0 +1,33 @@
+From 35cbfd9660949fca23418bfa32fd51d81ed91208 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:12 +0530
+Subject: [PATCH BlueZ 08/12] mesh/mesh-db: Fix resource leaks
+
+While performing static tool analysis using coverity found following
+reports for resouse leak
+
+bluez-5.64/tools/mesh/mesh-db.c:2388: leaked_handle: Handle variable
+"fd" going out of scope leaks the handle.
+
+bluez-5.64/tools/mesh/mesh-db.c:2388: leaked_storage: Variable "str"
+going out of scope leaks the storage it points to.
+---
+ tools/mesh/mesh-db.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/tools/mesh/mesh-db.c b/tools/mesh/mesh-db.c
+index fa11837df..896ff722c 100644
+--- a/tools/mesh/mesh-db.c
++++ b/tools/mesh/mesh-db.c
+@@ -2384,6 +2384,8 @@ bool mesh_db_load(const char *fname)
+ 
+ 	sz = read(fd, str, st.st_size);
+ 	if (sz != st.st_size) {
++		close(fd);
++		l_free(str);
+ 		l_error("Failed to read configuration file %s", fname);
+ 		return false;
+ 	}
+-- 
+2.26.2
+

SOURCES/0009-obex-client-Fix-leaked_handle.patch

@@ -0,0 +1,29 @@
+From 39b638526d9a45d54d2d6e3f175fd7eb057ef8f0 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:13 +0530
+Subject: [PATCH BlueZ 09/12] obex-client: Fix leaked_handle
+
+While performing static tool analysis using coverity found following
+reports for resouse leak
+
+bluez-5.64/tools/obex-client-tool.c:315: leaked_handle: Handle variable
+"sk" going out of scope leaks the handle.
+---
+ tools/obex-client-tool.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tools/obex-client-tool.c b/tools/obex-client-tool.c
+index ab9332896..cb0e41247 100644
+--- a/tools/obex-client-tool.c
++++ b/tools/obex-client-tool.c
+@@ -312,6 +312,7 @@ static GIOChannel *unix_connect(GObexTransportType transport)
+ 	if (connect(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
+ 		err = errno;
+ 		g_printerr("connect: %s (%d)\n", strerror(err), err);
++		close(sk);
+ 		return NULL;
+ 	}
+ 
+-- 
+2.26.2
+

SOURCES/0010-pbap-Fix-memory-leak.patch

@@ -0,0 +1,34 @@
+From 06d3c7429ad6bdf6eef1bcedee327e74a33c40bf Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:15 +0530
+Subject: [PATCH BlueZ 10/12] pbap: Fix memory leak
+
+Reported by coverity tool as follows:
+
+bluez-5.64/obexd/client/pbap.c:929: leaked_storage: Variable "apparam"
+going out of scope leaks the storage it points to.
+---
+ obexd/client/pbap.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/obexd/client/pbap.c b/obexd/client/pbap.c
+index 1a2bacc9f..1ed8c68ec 100644
+--- a/obexd/client/pbap.c
++++ b/obexd/client/pbap.c
+@@ -925,10 +925,11 @@ static DBusMessage *pbap_search(DBusConnection *connection,
+ 		return g_dbus_create_error(message,
+ 				ERROR_INTERFACE ".InvalidArguments", NULL);
+ 
+-	if (dbus_message_iter_get_arg_type(&args) != DBUS_TYPE_STRING)
++	if (dbus_message_iter_get_arg_type(&args) != DBUS_TYPE_STRING) {
++		g_obex_apparam_free(apparam);
+ 		return g_dbus_create_error(message,
+ 				ERROR_INTERFACE ".InvalidArguments", NULL);
+-
++	}
+ 	dbus_message_iter_get_basic(&args, &value);
+ 	dbus_message_iter_next(&args);
+ 
+-- 
+2.26.2
+

SOURCES/0011-meshctl-Fix-possible-use_after_free.patch

@@ -0,0 +1,30 @@
+From 56bda20ce9e3e5c4684b37cffd4527264c2b4c1e Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:16 +0530
+Subject: [PATCH BlueZ 11/12] meshctl: Fix possible use_after_free
+
+Reported by coverity tool as follows :
+
+bluez-5.64/tools/meshctl.c:1968: freed_arg: "g_free" frees "mesh_dir".
+
+bluez-5.64/tools/meshctl.c:2018: double_free: Calling "g_free" frees
+pointer "mesh_dir" which has already been freed.
+---
+ tools/meshctl.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/tools/meshctl.c b/tools/meshctl.c
+index 18e20c40d..38ffd35f3 100644
+--- a/tools/meshctl.c
++++ b/tools/meshctl.c
+@@ -2015,7 +2015,6 @@ int main(int argc, char *argv[])
+ 
+ fail:
+ 	bt_shell_cleanup();
+-	g_free(mesh_dir);
+ 
+ 	return EXIT_FAILURE;
+ }
+-- 
+2.26.2
+

SOURCES/0012-mesh-gatt-Fix-use_after_free.patch

@@ -0,0 +1,34 @@
+From 5cdaeaefc350ea3c42719284b88406579d032fb6 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Tue, 31 May 2022 13:11:17 +0530
+Subject: [PATCH BlueZ 12/12] mesh-gatt: Fix use_after_free
+
+Following scenario happens when prov is false and we have double free as
+mentioned in the below
+
+bluez-5.64/tools/mesh-gatt/prov-db.c:847: freed_arg: "g_free" frees
+"in_str".
+
+bluez-5.64/tools/mesh-gatt/prov-db.c:867: double_free: Calling "g_free"
+frees pointer "in_str" which has already been freed.
+---
+ tools/mesh-gatt/prov-db.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/tools/mesh-gatt/prov-db.c b/tools/mesh-gatt/prov-db.c
+index 2fb08f799..a5b6997e0 100644
+--- a/tools/mesh-gatt/prov-db.c
++++ b/tools/mesh-gatt/prov-db.c
+@@ -859,7 +859,8 @@ bool prov_db_local_set_iv_index(uint32_t iv_index, bool update, bool prov)
+ 
+ 		set_local_iv_index(jmain, iv_index, update);
+ 		prov_file_write(jmain, false);
+-	}
++	} else
++		return true;
+ 
+ 	res = true;
+ done:
+-- 
+2.26.2
+

SOURCES/69-btattach-bcm.rules

@@ -1,33 +0,0 @@
-# Some devices have a bluetooth HCI connected to an uart, these needs to be
-# setup by calling btattach. The systemd btattach-bcm.service takes care of
-# this. These udev rules hardware-activate that service when necessary.
-#
-# For now this only suports ACPI enumerated Broadcom BT HCIs.
-# This has been tested on Bay and Cherry Trail devices with both ACPI and
-# PCI enumerated UARTs.
-
-# Note we check for the platform device not for the acpi device, because
-# some DSDTs list multiple bluetooth adapters, but only some (or none)
-# are enabled. Only enabled adapters get a platform device created.
-ACTION!="add", GOTO="btattach_bcm_rules_end"
-SUBSYSTEM!="platform", GOTO="btattach_bcm_rules_end"
-
-KERNEL=="BCM2E1A:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E39:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E3A:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E3D:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E3F:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E40:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E54:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E55:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E64:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E65:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E67:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E71:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E7B:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E7C:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E7E:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E95:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-KERNEL=="BCM2E96:00", TAG+="systemd", ENV{SYSTEMD_WANTS}="btattach-bcm@%k.service"
-
-LABEL="btattach_bcm_rules_end"

SOURCES/btattach-bcm-service.sh

@@ -1,30 +0,0 @@
-#!/bin/bash
-
-# Simple shell script to wait for the tty for an uart using BT HCI to show up
-# and then invoke btattach with the right parameters, this is intended to be
-# invoked from a hardware-activated systemd service
-#
-# For now this only suports ACPI enumerated Broadcom BT HCIs.
-# This has been tested on Bay and Cherry Trail devices with both ACPI and
-# PCI enumerated UARTs.
-#
-# Note the kernel bt developers are working on solving this entirely in the
-# kernel, so it is not worth the trouble to write something better then this.
-
-BT_DEV="/sys/bus/platform/devices/$1"
-BT_DEV="$(readlink -f $BT_DEV)"
-UART_DEV="$(dirname $BT_DEV)"
-
-# Stupid GPD-pocket has USB BT with id 0000:0000, but still claims to have
-# an uart attached bt
-if [ "$1" = "BCM2E7E:00" ] && lsusb | grep -q "ID 0000:0000"; then
-	exit 0
-fi
-
-while [ ! -d "$UART_DEV/tty" ]; do
-	sleep .2
-done
-
-TTY="$(ls $UART_DEV/tty)"
-
-exec btattach --bredr "/dev/$TTY" -P bcm

SOURCES/btattach-bcm@.service

@@ -1,6 +0,0 @@
-[Unit]
-Description=btattach for Broadcom devices
-
-[Service]
-Type=simple
-ExecStart=/usr/libexec/bluetooth/btattach-bcm-service.sh %I

SPECS/bluez.spec

@@ -1,58 +1,47 @@
+%if 0%{?fedora} || 0%{?rhel} <= 8
+%bcond_without deprecated
+%else
+%bcond_with deprecated
+%endif
+
 Name:    bluez
+Version: 5.64
+Release: 2%{?dist}
 Summary: Bluetooth utilities
-Version: 5.63
-Release: 1%{?dist}
 License: GPLv2+
 URL:     http://www.bluez.org/
 
-Source0: http://www.kernel.org/pub/linux/bluetooth/bluez-%{version}.tar.xz
+Source0: http://www.kernel.org/pub/linux/bluetooth/%{name}-%{version}.tar.xz
 Source1: bluez.gitignore
 
-# Scripts for automatically btattach-ing serial ports connected to Broadcom HCIs
-# as found on some Atom based x86 hardware
-Source2: 69-btattach-bcm.rules
-Source3: btattach-bcm@.service
-Source4: btattach-bcm-service.sh
-
-# https://github.com/hadess/bluez/commits/build-fixes-5.46
-#Patch1: 0001-build-Enable-BIND_NOW.patch
-#Patch2: 0003-tools-csr_usb-Fix-compilation-failure.patch
-
 # https://github.com/hadess/bluez/commits/obex-5.46
-Patch3: 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch
-
-# https://github.com/hadess/bluez/commits/hostname-plugin-5.47
-Patch4: 0001-hostname-Fix-BlueZ-5.XX-adapter-name-on-startup.patch
-
+Patch1: 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch
 # https://github.com/hadess/bluez/commits/systemd-hardening
-Patch20: 0001-build-Always-define-confdir-and-statedir.patch
-Patch21: 0002-systemd-Add-PrivateTmp-and-NoNewPrivileges-options.patch
-Patch22: 0003-systemd-Add-more-filesystem-lockdown.patch
-Patch23: 0004-systemd-More-lockdown.patch
-Patch25: 0001-gdbus-Emit-InterfacesAdded-of-parents-objects-first.patch 
+#Patch10: 0001-build-Always-define-confdir-and-statedir.patch
+#Patch11: 0002-systemd-Add-PrivateTmp-and-NoNewPrivileges-options.patch
+#Patch12: 0003-systemd-Add-more-filesystem-lockdown.patch
+#Patch13: 0004-systemd-More-lockdown.patch
+#Patch14: 0005-media-rename-local-function-conflicting-with-pause-2.patch
+#Patch15: bluez-avdtp-fix-removing-all-seps-when-loading-from-cache.patch
+Patch2: 0001-client-gatt-Fix-memory-leak-issues.patch
+Patch3: 0002-mesh-appkey-Fix-memory-leaks.patch
+Patch4: 0003-monitor-Fix-memory-leaks.patch
+Patch5: 0004-sixaxis-Fix-memory-leaks.patch
+Patch6: 0005-cltest-Fix-leaked_handle.patch
+Patch7: 0006-create-image-Fix-leaked_handle.patch
+Patch8: 0007-l2cap-tester-Fix-leaked_handle.patch
+Patch9: 0008-mesh-mesh-db-Fix-resource-leaks.patch
+Patch10: 0009-obex-client-Fix-leaked_handle.patch
+Patch11: 0010-pbap-Fix-memory-leak.patch
+Patch12: 0011-meshctl-Fix-possible-use_after_free.patch
+Patch13: 0012-mesh-gatt-Fix-use_after_free.patch
+Patch14: 0001-gatt-Fix-double-free-and-freed-memory-dereference.patch 
 
-# https://bugzilla.redhat.com/show_bug.cgi?id=1567622
-#Patch24: 0001-adapter-Don-t-refresh-adv_manager-for-non-LE-devices.patch
-
-#Patch25: 0001-core-Add-AlwaysPairable-to-main.conf.patch 
-#Patch26: 0002-agent-Make-the-first-agent-to-register-the-default.patch 
-
-#Patch27: 0001-HOGP-must-only-accept-data-from-bonded-devices.patch
-#Patch28: 0002-HID-accepts-bonded-device-connections-only.patch
-#Patch29: 0001-shared-att-Fix-possible-crash-on-disconnect.patch
-
-#https://bugzilla.redhat.com/show_bug.cgi?id=1961511
-#Patch30: 0001-input-hog-Attempt-to-set-security-level-if-not-bonde.patch
-
-# fixing https://bugzilla.redhat.com/show_bug.cgi?id=1965057
-#Patch31: 0001-shared-gatt-server-Fix-not-properly-checking-for-sec.patch
-
-#Patch32: 0001-sdpd-Fix-leaking-buffers-stored-in-cstates-cache.patch
-
-BuildRequires: git-core
 BuildRequires: dbus-devel >= 1.6
 BuildRequires: glib2-devel
+BuildRequires: libell-devel >= 0.37
 BuildRequires: libical-devel
+BuildRequires: make
 BuildRequires: readline-devel
 # For bluetooth mesh
 BuildRequires: json-c-devel
@@ -62,65 +51,76 @@ BuildRequires: systemd-devel
 BuildRequires: cups-devel
 # For autoreconf
 BuildRequires: libtool automake autoconf
+# For man pages
 BuildRequires: python3-docutils
 
 Requires: dbus >= 1.6
-
 Requires(post): systemd
 Requires(preun): systemd
 Requires(postun): systemd
 
 %description
 Utilities for use in Bluetooth applications:
-	- hcitool
-	- hciattach
-	- hciconfig
-	- bluetoothd
-	- l2ping
-	- rfcomm
-	- sdptool
+	- avinfo
+	- bluemoon
 	- bluetoothctl
+	- bluetoothd
+	- btattach
 	- btmon
-	- hcidump
+	- hex2hcd
+	- l2ping
 	- l2test
+	- mpris-proxy
 	- rctest
-	- gatttool
-	- start scripts (Red Hat)
-	- pcmcia configuration files
 
 The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A.
 
-%package libs
-Summary: Libraries for use in Bluetooth applications
-
-%package libs-devel
-Summary: Development libraries for Bluetooth applications
-Requires: bluez-libs%{?_isa} = %{version}-%{release}
-
 %package cups
 Summary: CUPS printer backend for Bluetooth printers
 Requires: bluez%{?_isa} = %{version}-%{release}
 Requires: cups
 
-%package hid2hci
-Summary: Put HID proxying bluetooth HCI's into HCI mode
-Requires: bluez%{?_isa} = %{version}-%{release}
-
-%package obexd
-Summary: Object Exchange daemon for sharing content
-Requires: bluez%{?_isa} = %{version}-%{release}
-Requires: bluez-libs%{?_isa} = %{version}-%{release}
-
 %description cups
 This package contains the CUPS backend
 
+%if %{with deprecated}
+%package deprecated
+Summary: Deprecated Bluetooth applications
+Requires: bluez%{?_isa} = %{version}-%{release}
+Obsoletes: bluez < 5.55-2
+
+%description deprecated
+Bluetooth applications that have bee deprecated by upstream. They have been
+replaced by funcationality in the core bluetoothctl and will eventually
+be dropped by upstream. Utilities include:
+	- ciptool
+	- gatttool
+	- hciattach
+	- hciconfig
+	- hcidump
+	- hcitool
+	- rfcomm
+	- sdptool
+%endif
+
+%package libs
+Summary: Libraries for use in Bluetooth applications
+
 %description libs
 Libraries for use in Bluetooth applications.
 
+%package libs-devel
+Summary: Development libraries for Bluetooth applications
+Requires: bluez-libs%{?_isa} = %{version}-%{release}
+
 %description libs-devel
 bluez-libs-devel contains development libraries and headers for
 use in Bluetooth applications.
 
+%package hid2hci
+Summary: Put HID proxying bluetooth HCI's into HCI mode
+Requires: bluez%{?_isa} = %{version}-%{release}
+
 %description hid2hci
 Most allinone PC's and bluetooth keyboard / mouse sets which include a
 bluetooth dongle, ship with a so called HID proxying bluetooth HCI.
@@ -140,31 +140,57 @@ them again. Since you cannot use your bluetooth keyboard and mouse until
 they are paired, this will require the use of a regular (wired) USB keyboard
 and mouse.
 
+%package mesh
+Summary: Bluetooth mesh
+Requires: bluez%{?_isa} = %{version}-%{release}
+Requires: bluez-libs%{?_isa} = %{version}-%{release}
+
+%description mesh
+Services for bluetooth mesh
+
+%package obexd
+Summary: Object Exchange daemon for sharing content
+Requires: bluez%{?_isa} = %{version}-%{release}
+Requires: bluez-libs%{?_isa} = %{version}-%{release}
+
 %description obexd
 Object Exchange daemon for sharing files, contacts etc over bluetooth
 
 %prep
-%autosetup -S git
+%autosetup -p1
 
 %build
-libtoolize -f
-autoreconf -f -i
-%configure --enable-tools --enable-library --enable-deprecated \
-           --enable-sixaxis --enable-cups --enable-nfc --enable-hid2hci \
+autoreconf -vif
+%configure --enable-tools --enable-library --disable-optimization \
+%if %{with deprecated}
+           --enable-deprecated \
+%endif
+           --enable-sixaxis --enable-cups --enable-nfc --enable-mesh \
+           --enable-hid2hci --enable-testing \
            --with-systemdsystemunitdir=%{_unitdir} \
            --with-systemduserunitdir=%{_userunitdir}
 
-make %{?_smp_mflags} V=1
+%{make_build}
 
 %install
-make install DESTDIR=$RPM_BUILD_ROOT
+%{make_install}
 
+%if %{with deprecated}
 # "make install" fails to install gatttool, necessary for Bluetooth Low Energy
-# Red Hat Bugzilla bug #1141909
-# Debian bug #720486
+# Red Hat Bugzilla bug #1141909, Debian bug #720486
 install -m0755 attrib/gatttool $RPM_BUILD_ROOT%{_bindir}
+%endif
 
-# Remove autocrap and libtool droppings
+# "make install" fails to install avinfo
+# Red Hat Bugzilla bug #1699680
+install -m0755 tools/avinfo $RPM_BUILD_ROOT%{_bindir}
+
+# btmgmt is not installed by "make install", but it is useful for debugging
+# some issues and to set the MAC address on HCIs which don't have their
+# MAC address configured 
+install -m0755 tools/btmgmt $RPM_BUILD_ROOT%{_bindir}
+
+# Remove libtool archive
 find $RPM_BUILD_ROOT -name '*.la' -delete
 
 # Remove the cups backend from libdir, and install it in /usr/lib whatever the install
@@ -177,20 +203,20 @@ rm -f ${RPM_BUILD_ROOT}/%{_sysconfdir}/udev/*.rules ${RPM_BUILD_ROOT}/usr/lib/ud
 install -D -p -m0644 tools/hid2hci.rules ${RPM_BUILD_ROOT}/%{_udevrulesdir}/97-hid2hci.rules
 
 install -d -m0755 $RPM_BUILD_ROOT/%{_localstatedir}/lib/bluetooth
+install -d -m0755 $RPM_BUILD_ROOT/%{_localstatedir}/lib/bluetooth/mesh
 
 mkdir -p $RPM_BUILD_ROOT/%{_libdir}/bluetooth/
 
 #copy bluetooth config file and setup auto enable
 install -D -p -m0644 src/main.conf ${RPM_BUILD_ROOT}/etc/bluetooth/main.conf
+install -D -p -m0644 mesh/mesh-main.conf ${RPM_BUILD_ROOT}/etc/bluetooth/mesh-main.conf
 sed -i 's/#\[Policy\]$/\[Policy\]/; s/#AutoEnable=false/AutoEnable=true/' ${RPM_BUILD_ROOT}/%{_sysconfdir}/bluetooth/main.conf
 
-#serial port connected Broadcom HCIs scripts
-install -D -p -m0644 %{SOURCE2} ${RPM_BUILD_ROOT}/%{_udevrulesdir}/
-install -D -p -m0644 %{SOURCE3} ${RPM_BUILD_ROOT}/%{_unitdir}/
-install -D -p -m0755 %{SOURCE4} ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/
+# Install the HCI emulator, useful for testing
+install emulator/btvirt ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/
 
-%check
-make check
+#check
+#make check
 
 %ldconfig_scriptlets libs
 
@@ -206,6 +232,12 @@ make check
 %post hid2hci
 /sbin/udevadm trigger --subsystem-match=usb
 
+%post mesh
+%systemd_user_post bluetooth-mesh.service
+
+%preun mesh
+%systemd_user_preun bluetooth-mesh.service
+
 %post obexd
 %systemd_user_post obex.service
 
@@ -213,50 +245,53 @@ make check
 %systemd_user_preun obex.service
 
 %files
-%{!?_licensedir:%global license %%doc}
 %license COPYING
 %doc AUTHORS ChangeLog
-%config %{_sysconfdir}/dbus-1/system.d/bluetooth.conf
+%dir %{_sysconfdir}/bluetooth
 %config %{_sysconfdir}/bluetooth/main.conf
-%{_bindir}/btattach
-%{_bindir}/ciptool
-%{_bindir}/hcitool
-%{_bindir}/l2ping
-%{_bindir}/rfcomm
-%{_bindir}/sdptool
-%{_bindir}/bluetoothctl
+%config %{_sysconfdir}/dbus-1/system.d/bluetooth.conf
+%{_bindir}/avinfo
 %{_bindir}/bluemoon
+%{_bindir}/bluetoothctl
+%{_bindir}/btattach
+%{_bindir}/btmgmt
 %{_bindir}/btmon
-%{_bindir}/hciattach
-%{_bindir}/hciconfig
-%{_bindir}/hcidump
-%{_bindir}/l2test
 %{_bindir}/hex2hcd
+%{_bindir}/l2ping
+%{_bindir}/l2test
 %{_bindir}/mpris-proxy
-%{_bindir}/gatttool
 %{_bindir}/rctest
-%{_datadir}/zsh/site-functions/_bluetoothctl
-%{_mandir}/man1/btattach.1.gz
+%{_mandir}/man1/btattach.1.*
 %{_mandir}/man1/btmon.1.*
-%{_mandir}/man1/ciptool.1.gz
-%{_mandir}/man1/hcitool.1.gz
-%{_mandir}/man1/rfcomm.1.gz
-%{_mandir}/man1/sdptool.1.gz
-%{_mandir}/man1/hciattach.1.*
-%{_mandir}/man1/hciconfig.1.*
-%{_mandir}/man1/hcidump.1.*
 %{_mandir}/man1/l2ping.1.*
 %{_mandir}/man1/rctest.1.*
-%{_mandir}/man8/*
+%{_mandir}/man8/bluetoothd.8.*
+%dir %{_libexecdir}/bluetooth
 %{_libexecdir}/bluetooth/bluetoothd
-%{_libexecdir}/bluetooth/btattach-bcm-service.sh
 %{_libdir}/bluetooth/
 %{_localstatedir}/lib/bluetooth
 %{_datadir}/dbus-1/system-services/org.bluez.service
 %{_unitdir}/bluetooth.service
-%{_unitdir}/btattach-bcm@.service
-%{_udevrulesdir}/69-btattach-bcm.rules
+%{_datadir}/zsh/site-functions/_bluetoothctl
 
+%if %{with deprecated}
+%files deprecated
+%{_bindir}/ciptool
+%{_bindir}/gatttool
+%{_bindir}/hciattach
+%{_bindir}/hciconfig
+%{_bindir}/hcidump
+%{_bindir}/hcitool
+%{_bindir}/rfcomm
+%{_bindir}/sdptool
+%{_mandir}/man1/ciptool.1.*
+%{_mandir}/man1/hciattach.1.*
+%{_mandir}/man1/hciconfig.1.*
+%{_mandir}/man1/hcidump.1.*
+%{_mandir}/man1/hcitool.1.*
+%{_mandir}/man1/rfcomm.1.*
+%{_mandir}/man1/sdptool.1.*
+%endif
 
 %files libs
 %{!?_licensedir:%global license %%doc}
@@ -268,6 +303,8 @@ make check
 %{_libdir}/libbluetooth.so
 %{_includedir}/bluetooth
 %{_libdir}/pkgconfig/bluez.pc
+%dir %{_libexecdir}/bluetooth
+%{_libexecdir}/bluetooth/btvirt
 
 %files cups
 %_cups_serverbin/backend/bluetooth
@@ -277,74 +314,137 @@ make check
 %{_mandir}/man1/hid2hci.1*
 %{_udevrulesdir}/97-hid2hci.rules
 
+%files mesh
+%doc tools/mesh-gatt/*.json
+%config %{_sysconfdir}/bluetooth/mesh-main.conf
+%config %{_sysconfdir}/dbus-1/system.d/bluetooth-mesh.conf
+%{_bindir}/meshctl
+%{_bindir}/mesh-cfgclient
+%{_bindir}/mesh-cfgtest
+%{_datadir}/dbus-1/system-services/org.bluez.mesh.service
+%{_libexecdir}/bluetooth/bluetooth-meshd
+%{_unitdir}/bluetooth-mesh.service
+%{_localstatedir}/lib/bluetooth/mesh
+%{_mandir}/man8/bluetooth-meshd.8*
+
 %files obexd
 %{_libexecdir}/bluetooth/obexd
 %{_datadir}/dbus-1/services/org.bluez.obex.service
 %{_userunitdir}/obex.service
 
 %changelog
-* Tue May 17 2022 Gopal Tiwari <gtiwari@redhat.com> - 5.63-1
-+ bluez-5.63-1
-- Fixing (#)
+* Thu Jun 9 2022 Gopal Tiwari <gtiwari@redhat.com> - 5.64-2
+- Coverity fixes for bluez.
 
-* Mon Dec 13 2021 Gopal Tiwari <gtiwari@redhat.com> - 5.56-3
-+ bluez-5.56-3
-- Fixing (#2027434)
+* Thu May 5 2022 Gopal Tiwari <gtiwari@redhat.com> - 5.64-1
+- Update to 5.64
+
+* Fri Dec 16 2021 Gopal Tiwari <gtiwari@redhat.com> - 5.56-8
+- Fixing Gating and version
+  Related: rhbz#2027435
+
+* Tue Dec 14 2021 Gopal Tiwari <gtiwari@redhat.com> - 5.56-7
 - Fixing CVE-2021-41229
+  Related: rhbz#2027435
 
-* Mon Jun 7 2021 Gopal Tiwari <gtiwari@redhat.com> - 5.56-2
-+ bluez-5.56-2
-- Fixing (#1968392)
-- Removing bccmd check from tests
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 5.56-6
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
 
-* Wed Jun 2 2021 Gopal Tiwari <gtiwari@redhat.com> - 5.56-1
-+ bluez-5.56-1
-- Fixing (#1965057)
-- Removing bccmd, enabling hid2hci as upstream removed the support in bluez-5.56 
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 5.56-5
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 
-* Wed May 26 2021 Gopal Tiwari <gtiwari@redhat.com> - 5.52-5
-+ bluez-5.52-5
-- Fixing (#1961511)
+* Sun Mar 14 2021 Peter Robinson <pbrobinson@fedoraproject.org> - 5.56-4
+- Fix for avdtp audio disconnexts
 
-* Thu Oct 22 2020 Gopal Tiwari <gtiwari@redhat.com> - 5.52-4
-+ bluez-5.52-4
-- Fixing (#1885378)
+* Sun Mar 14 2021 Hans de Goede <hdegoede@redhat.com> - 5.56-3
+- Drop obsolete udev rule + systemd service to call btattach on BT-HCIs
+  connected via UART from userspace, this is all handled in the kernel now
+- Add the btmgmt util to the packaged files
 
-* Thu Oct 22 2020 Gopal Tiwari <gtiwari@redhat.com> - 5.52-3
-+ bluez-5.52-3
-- Revering the 5.52-2 patch due some mismatch with upsream patch. 
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 5.56-2
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
 
-* Tue Oct 20 2020 Gopal Tiwari <gtiwari@redhat.com> - 5.52-2
-+ bluez-5.52-2
-- Fixing (#1885378)
+* Sat Feb 27 2021 Peter Robinson <pbrobinson@fedoraproject.org> - 5.56-1
+- Update to 5.56
 
-* Tue Jun 9 2020 Gopal Tiwari <gtiwari@redhat.com> - 5.52-1
-+ bluez-5.52-1
-- Fixing (#1830397)
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.55-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 
-* Fri Apr 24 2020 Gopal Tiwari <gtiwari@redhat.com> - 5.50-4
-+ bluez-5.50-4
-- Fixing CVE-2020-0556
+* Sun Sep 13 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 5.55-2
+- Split tools marked as deprecated to separate sub package (rhbz #1887569)
 
-* Mon Jan 13 2020 Gopal Tiwari <gtiwari@redhat.com> - 5.50-3
-+ bluez-5.50-3
-- Bump the version 
+* Sun Sep 06 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 5.55-1
+- Update to 5.55
 
-* Mon Jan 13 2020 Gopal Tiwari <gtiwari@redhat.com> - 5.50-2
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.54-4
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.54-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Apr 21 2020 Björn Esser <besser82@fedoraproject.org> - 5.54-2
+- Rebuild (json-c)
+
+* Sun Mar 15 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 5.54-1
+- bluez 5.54
+
+* Sun Feb 16 2020 Peter Robinson <pbrobinson@fedoraproject.org> 5.53-2
+- Minor mesh updates
+
+* Sun Feb 16 2020 Peter Robinson <pbrobinson@fedoraproject.org> 5.53-1
+- bluez 5.53
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.52-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Dec 12 2019 Peter Robinson <pbrobinson@fedoraproject.org> 5.52-3
+- Minor bluetooth mesh improvements
+
+* Mon Dec 02 2019 Lubomir Rintel <lkundrak@v3.sk> - 5.52-2
+- Package the btvirt binary
+
+* Sun Nov  3 2019 Peter Robinson <pbrobinson@fedoraproject.org> 5.52-1
+- bluez 5.52
+
+* Fri Sep 20 2019 Peter Robinson <pbrobinson@fedoraproject.org> 5.51-1
+- bluez 5.51
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5.50-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jun 06 2019 Bastien Nocera <bnocera@redhat.com> - 5.50-8
++ bluez-5.50-8
+- Backport loads of fixes from upstream, including:
+  - dbus-broker support (#1711594)
+  - a2dp codecs discovery
+  - discoverability filter support (used in gnome-bluetooth, #1583442)
+  - sixaxis pairing fixes
+
+* Tue Apr 16 2019 Eduardo Minguez <edu@linux.com> - 5.50-7
+- Added avinfo
+
+* Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 5.50-6
+- Disable tests temporarily
+
+* Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 5.50-5
+- Rebuild for readline 8.0
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5.50-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 5.50-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Wed Jun 27 2018 Bastien Nocera <bnocera@redhat.com> - 5.50-2
 + bluez-5.50-2
-- Fixing CVE-2018-10910 (#1606373)
+- Fix A2DP disconnections with some headsets
 
-* Fri Sep 7 2018 Gopal Tiwari <gtiwari@redhat.com> - 5.50-1
+* Mon Jun 04 2018 Bastien Nocera <bnocera@redhat.com> - 5.50-1
 + bluez-5.50-1
-- Update to 5.50 (#1504689)
-
-* Fri Aug 24 2018 Gopal Tiwari <gtiwari@redhat.com> - 5.49-6
-+ bluez-5.49-6
-- Disabling Mesh Networking for crypto issue while code reviewing. 
-
-* Tue Aug 14 2018 Gopal Tiwari <gtiwari@redhat.com> - 5.49-5
-+ bluez-5.49-5
-- Fix accessing NULL adv_manager (#1602779)
+- Update to 5.50
 
 * Fri Apr 20 2018 Bastien Nocera <bnocera@redhat.com> - 5.49-3
 + bluez-5.49-3