projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Initialize hci_conn fields in hci_connect_le
[deliverable/linux.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <asm/unaligned.h>
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
f0d6a0ea 31#include <net/bluetooth/mgmt.h>
8e2a0d92 32#include <net/bluetooth/a2mp.h>
903e4541 33#include <net/bluetooth/amp.h>
1da177e4 34
1da177e4
LT		 35/* Handle HCI Event packets */
36
a9de9248 37static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 38{
a9de9248 39 __u8 status = *((__u8 *) skb->data);
1da177e4 40
9f1db00c 41 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 42
82f4785c 43 if (status)
a9de9248 44 return;
1da177e4 45
89352e7d 46 clear_bit(HCI_INQUIRY, &hdev->flags);
3e13fa1e
AG		 47 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
48 wake_up_bit(&hdev->flags, HCI_INQUIRY);
89352e7d 49
a9de9248
MH		 50 hci_conn_check_pending(hdev);
51}
6bd57416 52
4d93483b
AG		 53static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
54{
55 __u8 status = *((__u8 *) skb->data);
56
9f1db00c 57 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 58
59 if (status)
60 return;
61
62 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 63}
64
a9de9248
MH		 65static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
66{
67 __u8 status = *((__u8 *) skb->data);
6bd57416 68
9f1db00c 69 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 70
a9de9248
MH		 71 if (status)
72 return;
1da177e4 73
ae854a70
AG		 74 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
75
a9de9248
MH		 76 hci_conn_check_pending(hdev);
77}
78
807deac2
GP		 79static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
80 struct sk_buff *skb)
a9de9248
MH		 81{
82 BT_DBG("%s", hdev->name);
83}
84
85static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
89
9f1db00c 90 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 91
92 if (rp->status)
93 return;
94
95 hci_dev_lock(hdev);
96
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
98 if (conn) {
99 if (rp->role)
100 conn->link_mode &= ~HCI_LM_MASTER;
101 else
102 conn->link_mode |= HCI_LM_MASTER;
1da177e4 103 }
a9de9248
MH		 104
105 hci_dev_unlock(hdev);
1da177e4
LT		 106}
107
e4e8e37c
MH		 108static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
109{
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
112
9f1db00c 113 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 114
115 if (rp->status)
116 return;
117
118 hci_dev_lock(hdev);
119
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
121 if (conn)
122 conn->link_policy = __le16_to_cpu(rp->policy);
123
124 hci_dev_unlock(hdev);
125}
126
a9de9248 127static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 128{
a9de9248 129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 130 struct hci_conn *conn;
04837f64 131 void *sent;
1da177e4 132
9f1db00c 133 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 134
a9de9248
MH		 135 if (rp->status)
136 return;
1da177e4 137
a9de9248
MH		 138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
139 if (!sent)
140 return;
1da177e4 141
a9de9248 142 hci_dev_lock(hdev);
1da177e4 143
a9de9248 144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 145 if (conn)
83985319 146 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 147
a9de9248
MH		 148 hci_dev_unlock(hdev);
149}
1da177e4 150
807deac2
GP		 151static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
152 struct sk_buff *skb)
e4e8e37c
MH		 153{
154 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
155
9f1db00c 156 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 157
158 if (rp->status)
159 return;
160
161 hdev->link_policy = __le16_to_cpu(rp->policy);
162}
163
807deac2
GP		 164static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
165 struct sk_buff *skb)
e4e8e37c
MH		 166{
167 __u8 status = *((__u8 *) skb->data);
168 void *sent;
169
9f1db00c 170 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 171
172 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
173 if (!sent)
174 return;
175
176 if (!status)
177 hdev->link_policy = get_unaligned_le16(sent);
e4e8e37c
MH		 178}
179
a9de9248
MH		 180static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
181{
182 __u8 status = *((__u8 *) skb->data);
04837f64 183
9f1db00c 184 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 185
10572132
GP		 186 clear_bit(HCI_RESET, &hdev->flags);
187
a297e97c 188 /* Reset all non-persistent flags */
2cc6fb00 189 hdev->dev_flags &= ~HCI_PERSISTENT_MASK;
69775ff6
AG		 190
191 hdev->discovery.state = DISCOVERY_STOPPED;
bbaf444a
JH		 192 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
193 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
3f0f524b
JH		 194
195 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
196 hdev->adv_data_len = 0;
a9de9248 197}
04837f64 198
a9de9248
MH		 199static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
200{
201 __u8 status = *((__u8 *) skb->data);
202 void *sent;
04837f64 203
9f1db00c 204 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 205
a9de9248
MH		 206 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
207 if (!sent)
208 return;
04837f64 209
56e5cb86
JH		 210 hci_dev_lock(hdev);
211
f51d5b24
JH		 212 if (test_bit(HCI_MGMT, &hdev->dev_flags))
213 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 214 else if (!status)
215 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 216
56e5cb86 217 hci_dev_unlock(hdev);
a9de9248
MH		 218}
219
220static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
221{
222 struct hci_rp_read_local_name *rp = (void *) skb->data;
223
9f1db00c 224 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 225
226 if (rp->status)
227 return;
228
db99b5fc
JH		 229 if (test_bit(HCI_SETUP, &hdev->dev_flags))
230 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 231}
232
233static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
234{
235 __u8 status = *((__u8 *) skb->data);
236 void *sent;
237
9f1db00c 238 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 239
240 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
241 if (!sent)
242 return;
243
244 if (!status) {
245 __u8 param = *((__u8 *) sent);
246
247 if (param == AUTH_ENABLED)
248 set_bit(HCI_AUTH, &hdev->flags);
249 else
250 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 251 }
a9de9248 252
33ef95ed
JH		 253 if (test_bit(HCI_MGMT, &hdev->dev_flags))
254 mgmt_auth_enable_complete(hdev, status);
1da177e4
LT		 255}
256
a9de9248 257static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 258{
a9de9248 259 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 260 void *sent;
261
9f1db00c 262 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 263
a9de9248
MH		 264 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
265 if (!sent)
266 return;
1da177e4 267
a9de9248
MH		 268 if (!status) {
269 __u8 param = *((__u8 *) sent);
270
271 if (param)
272 set_bit(HCI_ENCRYPT, &hdev->flags);
273 else
274 clear_bit(HCI_ENCRYPT, &hdev->flags);
275 }
a9de9248 276}
1da177e4 277
a9de9248
MH		 278static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
279{
36f7fc7e
JH		 280 __u8 param, status = *((__u8 *) skb->data);
281 int old_pscan, old_iscan;
a9de9248 282 void *sent;
1da177e4 283
9f1db00c 284 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 285
a9de9248
MH		 286 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
287 if (!sent)
288 return;
1da177e4 289
36f7fc7e
JH		 290 param = *((__u8 *) sent);
291
56e5cb86
JH		 292 hci_dev_lock(hdev);
293
fa1bd918 294 if (status) {
744cf19e 295 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 296 hdev->discov_timeout = 0;
297 goto done;
298 }
299
0663ca2a
JH		 300 /* We need to ensure that we set this back on if someone changed
301 * the scan mode through a raw HCI socket.
302 */
303 set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
304
36f7fc7e
JH		 305 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
306 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
307
308 if (param & SCAN_INQUIRY) {
309 set_bit(HCI_ISCAN, &hdev->flags);
310 if (!old_iscan)
744cf19e 311 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 312 if (hdev->discov_timeout > 0) {
313 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
314 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 315 to);
16ab91ab 316 }
36f7fc7e 317 } else if (old_iscan)
744cf19e 318 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 319
320 if (param & SCAN_PAGE) {
321 set_bit(HCI_PSCAN, &hdev->flags);
322 if (!old_pscan)
744cf19e 323 mgmt_connectable(hdev, 1);
36f7fc7e 324 } else if (old_pscan)
744cf19e 325 mgmt_connectable(hdev, 0);
1da177e4 326
36f7fc7e 327done:
56e5cb86 328 hci_dev_unlock(hdev);
a9de9248 329}
1da177e4 330
a9de9248
MH		 331static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332{
333 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 334
9f1db00c 335 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 336
a9de9248
MH		 337 if (rp->status)
338 return;
1da177e4 339
a9de9248 340 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 341
a9de9248 342 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 343 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 344}
1da177e4 345
a9de9248
MH		 346static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347{
348 __u8 status = *((__u8 *) skb->data);
349 void *sent;
1da177e4 350
9f1db00c 351 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 352
a9de9248
MH		 353 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
354 if (!sent)
355 return;
1da177e4 356
7f9a903c
MH		 357 hci_dev_lock(hdev);
358
359 if (status == 0)
360 memcpy(hdev->dev_class, sent, 3);
361
362 if (test_bit(HCI_MGMT, &hdev->dev_flags))
363 mgmt_set_class_of_dev_complete(hdev, sent, status);
364
365 hci_dev_unlock(hdev);
a9de9248 366}
1da177e4 367
a9de9248
MH		 368static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
369{
370 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
371 __u16 setting;
372
9f1db00c 373 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 374
375 if (rp->status)
376 return;
377
378 setting = __le16_to_cpu(rp->voice_setting);
379
f383f275 380 if (hdev->voice_setting == setting)
a9de9248
MH		 381 return;
382
383 hdev->voice_setting = setting;
384
9f1db00c 385 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 386
3c54711c 387 if (hdev->notify)
a9de9248 388 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 389}
390
8fc9ced3
GP		 391static void hci_cc_write_voice_setting(struct hci_dev *hdev,
392 struct sk_buff *skb)
a9de9248
MH		 393{
394 __u8 status = *((__u8 *) skb->data);
f383f275 395 __u16 setting;
a9de9248
MH		 396 void *sent;
397
9f1db00c 398 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 399
f383f275
MH		 400 if (status)
401 return;
402
a9de9248
MH		 403 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
404 if (!sent)
405 return;
1da177e4 406
f383f275 407 setting = get_unaligned_le16(sent);
1da177e4 408
f383f275
MH		 409 if (hdev->voice_setting == setting)
410 return;
411
412 hdev->voice_setting = setting;
1da177e4 413
9f1db00c 414 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 415
3c54711c 416 if (hdev->notify)
f383f275 417 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 418}
419
333140b5
MH		 420static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
421{
422 __u8 status = *((__u8 *) skb->data);
5ed8eb2f 423 struct hci_cp_write_ssp_mode *sent;
333140b5 424
9f1db00c 425 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 426
333140b5
MH		 427 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
428 if (!sent)
429 return;
430
5ed8eb2f
JH		 431 if (!status) {
432 if (sent->mode)
cad718ed 433 hdev->features[1][0] |= LMP_HOST_SSP;
5ed8eb2f 434 else
cad718ed 435 hdev->features[1][0] &= ~LMP_HOST_SSP;
5ed8eb2f
JH		 436 }
437
ed2c4ee3 438 if (test_bit(HCI_MGMT, &hdev->dev_flags))
5ed8eb2f 439 mgmt_ssp_enable_complete(hdev, sent->mode, status);
c0ecddc2 440 else if (!status) {
5ed8eb2f 441 if (sent->mode)
c0ecddc2
JH		 442 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
443 else
444 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
445 }
333140b5
MH		 446}
447
a9de9248
MH		 448static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
449{
450 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 451
9f1db00c 452 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 453
a9de9248 454 if (rp->status)
42c6b129 455 return;
1143e5a6 456
a9de9248 457 hdev->hci_ver = rp->hci_ver;
e4e8e37c 458 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 459 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 460 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 461 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 462
9f1db00c 463 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 464 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 465}
466
8fc9ced3
GP		 467static void hci_cc_read_local_commands(struct hci_dev *hdev,
468 struct sk_buff *skb)
a9de9248
MH		 469{
470 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 471
9f1db00c 472 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 473
2177bab5
JH		 474 if (!rp->status)
475 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
a9de9248 476}
1da177e4 477
8fc9ced3
GP		 478static void hci_cc_read_local_features(struct hci_dev *hdev,
479 struct sk_buff *skb)
a9de9248
MH		 480{
481 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 482
9f1db00c 483 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 484
a9de9248
MH		 485 if (rp->status)
486 return;
5b7f9909 487
a9de9248 488 memcpy(hdev->features, rp->features, 8);
5b7f9909 489
a9de9248
MH		 490 /* Adjust default settings according to features
491 * supported by device. */
1da177e4 492
cad718ed 493 if (hdev->features[0][0] & LMP_3SLOT)
a9de9248 494 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 495
cad718ed 496 if (hdev->features[0][0] & LMP_5SLOT)
a9de9248 497 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 498
cad718ed 499 if (hdev->features[0][1] & LMP_HV2) {
a9de9248
MH		 500 hdev->pkt_type |= (HCI_HV2);
501 hdev->esco_type |= (ESCO_HV2);
502 }
1da177e4 503
cad718ed 504 if (hdev->features[0][1] & LMP_HV3) {
a9de9248
MH		 505 hdev->pkt_type |= (HCI_HV3);
506 hdev->esco_type |= (ESCO_HV3);
507 }
1da177e4 508
45db810f 509 if (lmp_esco_capable(hdev))
a9de9248 510 hdev->esco_type |= (ESCO_EV3);
da1f5198 511
cad718ed 512 if (hdev->features[0][4] & LMP_EV4)
a9de9248 513 hdev->esco_type |= (ESCO_EV4);
da1f5198 514
cad718ed 515 if (hdev->features[0][4] & LMP_EV5)
a9de9248 516 hdev->esco_type |= (ESCO_EV5);
1da177e4 517
cad718ed 518 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
efc7688b
MH		 519 hdev->esco_type |= (ESCO_2EV3);
520
cad718ed 521 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
efc7688b
MH		 522 hdev->esco_type |= (ESCO_3EV3);
523
cad718ed 524 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
efc7688b
MH		 525 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
526
a9de9248 527 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
cad718ed
JH		 528 hdev->features[0][0], hdev->features[0][1],
529 hdev->features[0][2], hdev->features[0][3],
530 hdev->features[0][4], hdev->features[0][5],
531 hdev->features[0][6], hdev->features[0][7]);
a9de9248 532}
1da177e4 533
971e3a4b 534static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 535 struct sk_buff *skb)
971e3a4b
AG		 536{
537 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
538
9f1db00c 539 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 540
541 if (rp->status)
42c6b129 542 return;
971e3a4b 543
d2c5d77f
JH		 544 hdev->max_page = rp->max_page;
545
cad718ed
JH		 546 if (rp->page < HCI_MAX_PAGES)
547 memcpy(hdev->features[rp->page], rp->features, 8);
971e3a4b
AG		 548}
549
1e89cffb 550static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 551 struct sk_buff *skb)
1e89cffb
AE		 552{
553 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
554
9f1db00c 555 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb 556
42c6b129
JH		 557 if (!rp->status)
558 hdev->flow_ctl_mode = rp->mode;
1e89cffb
AE		 559}
560
a9de9248
MH		 561static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
562{
563 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 564
9f1db00c 565 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 566
a9de9248
MH		 567 if (rp->status)
568 return;
1da177e4 569
a9de9248
MH		 570 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
571 hdev->sco_mtu = rp->sco_mtu;
572 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
573 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
574
575 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
576 hdev->sco_mtu = 64;
577 hdev->sco_pkts = 8;
1da177e4 578 }
a9de9248
MH		 579
580 hdev->acl_cnt = hdev->acl_pkts;
581 hdev->sco_cnt = hdev->sco_pkts;
582
807deac2
GP		 583 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
584 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 585}
586
587static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
588{
589 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
590
9f1db00c 591 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 592
593 if (!rp->status)
594 bacpy(&hdev->bdaddr, &rp->bdaddr);
23bb5763
JH		 595}
596
f332ec66
JH		 597static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
598 struct sk_buff *skb)
599{
600 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
601
602 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
603
604 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status) {
605 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
606 hdev->page_scan_window = __le16_to_cpu(rp->window);
607 }
608}
609
4a3ee763
JH		 610static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
611 struct sk_buff *skb)
612{
613 u8 status = *((u8 *) skb->data);
614 struct hci_cp_write_page_scan_activity *sent;
615
616 BT_DBG("%s status 0x%2.2x", hdev->name, status);
617
618 if (status)
619 return;
620
621 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
622 if (!sent)
623 return;
624
625 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
626 hdev->page_scan_window = __le16_to_cpu(sent->window);
627}
628
f332ec66
JH		 629static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
630 struct sk_buff *skb)
631{
632 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
633
634 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
635
636 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status)
637 hdev->page_scan_type = rp->type;
638}
639
4a3ee763
JH		 640static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
641 struct sk_buff *skb)
642{
643 u8 status = *((u8 *) skb->data);
644 u8 *type;
645
646 BT_DBG("%s status 0x%2.2x", hdev->name, status);
647
648 if (status)
649 return;
650
651 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
652 if (type)
653 hdev->page_scan_type = *type;
654}
655
350ee4cf 656static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 657 struct sk_buff *skb)
350ee4cf
AE		 658{
659 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
660
9f1db00c 661 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 662
663 if (rp->status)
664 return;
665
666 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
667 hdev->block_len = __le16_to_cpu(rp->block_len);
668 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
669
670 hdev->block_cnt = hdev->num_blocks;
671
672 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 673 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 674}
675
928abaa7 676static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 677 struct sk_buff *skb)
928abaa7
AE		 678{
679 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
680
9f1db00c 681 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 682
683 if (rp->status)
8e2a0d92 684 goto a2mp_rsp;
928abaa7
AE		 685
686 hdev->amp_status = rp->amp_status;
687 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
688 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
689 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
690 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
691 hdev->amp_type = rp->amp_type;
692 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
693 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
694 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
695 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
696
8e2a0d92
AE		 697a2mp_rsp:
698 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 699}
700
903e4541
AE		 701static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
702 struct sk_buff *skb)
703{
704 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
705 struct amp_assoc *assoc = &hdev->loc_assoc;
706 size_t rem_len, frag_len;
707
708 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
709
710 if (rp->status)
711 goto a2mp_rsp;
712
713 frag_len = skb->len - sizeof(*rp);
714 rem_len = __le16_to_cpu(rp->rem_len);
715
716 if (rem_len > frag_len) {
2e430be3 717 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 718
719 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
720 assoc->offset += frag_len;
721
722 /* Read other fragments */
723 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
724
725 return;
726 }
727
728 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
729 assoc->len = assoc->offset + rem_len;
730 assoc->offset = 0;
731
732a2mp_rsp:
733 /* Send A2MP Rsp when all fragments are received */
734 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 735 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 736}
737
d5859e22 738static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 739 struct sk_buff *skb)
d5859e22 740{
91c4e9b1 741 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 742
9f1db00c 743 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 744
745 if (!rp->status)
746 hdev->inq_tx_power = rp->tx_power;
d5859e22
JH		 747}
748
980e1a53
JH		 749static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
750{
751 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
752 struct hci_cp_pin_code_reply *cp;
753 struct hci_conn *conn;
754
9f1db00c 755 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 756
56e5cb86
JH		 757 hci_dev_lock(hdev);
758
a8b2d5c2 759 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 760 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 761
fa1bd918 762 if (rp->status)
56e5cb86 763 goto unlock;
980e1a53
JH		 764
765 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
766 if (!cp)
56e5cb86 767 goto unlock;
980e1a53
JH		 768
769 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
770 if (conn)
771 conn->pin_length = cp->pin_len;
56e5cb86
JH		 772
773unlock:
774 hci_dev_unlock(hdev);
980e1a53
JH		 775}
776
777static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
778{
779 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
780
9f1db00c 781 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 782
56e5cb86
JH		 783 hci_dev_lock(hdev);
784
a8b2d5c2 785 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 786 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 787 rp->status);
56e5cb86
JH		 788
789 hci_dev_unlock(hdev);
980e1a53 790}
56e5cb86 791
6ed58ec5
VT		 792static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
793 struct sk_buff *skb)
794{
795 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
796
9f1db00c 797 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 798
799 if (rp->status)
800 return;
801
802 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
803 hdev->le_pkts = rp->le_max_pkt;
804
805 hdev->le_cnt = hdev->le_pkts;
806
807 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
6ed58ec5 808}
980e1a53 809
60e77321
JH		 810static void hci_cc_le_read_local_features(struct hci_dev *hdev,
811 struct sk_buff *skb)
812{
813 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
814
815 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
816
817 if (!rp->status)
818 memcpy(hdev->le_features, rp->features, 8);
60e77321
JH		 819}
820
8fa19098
JH		 821static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
822 struct sk_buff *skb)
823{
824 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
825
826 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
827
04b4edcb 828 if (!rp->status)
8fa19098 829 hdev->adv_tx_power = rp->tx_power;
8fa19098
JH		 830}
831
a5c29683
JH		 832static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
833{
834 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
835
9f1db00c 836 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 837
56e5cb86
JH		 838 hci_dev_lock(hdev);
839
a8b2d5c2 840 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 841 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
842 rp->status);
56e5cb86
JH		 843
844 hci_dev_unlock(hdev);
a5c29683
JH		 845}
846
847static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 848 struct sk_buff *skb)
a5c29683
JH		 849{
850 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
851
9f1db00c 852 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 853
56e5cb86
JH		 854 hci_dev_lock(hdev);
855
a8b2d5c2 856 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 857 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 858 ACL_LINK, 0, rp->status);
56e5cb86
JH		 859
860 hci_dev_unlock(hdev);
a5c29683
JH		 861}
862
1143d458
BG		 863static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
864{
865 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
866
9f1db00c 867 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 868
869 hci_dev_lock(hdev);
870
a8b2d5c2 871 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 872 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 873 0, rp->status);
1143d458
BG		 874
875 hci_dev_unlock(hdev);
876}
877
878static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 879 struct sk_buff *skb)
1143d458
BG		 880{
881 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
882
9f1db00c 883 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 884
885 hci_dev_lock(hdev);
886
a8b2d5c2 887 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 888 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 889 ACL_LINK, 0, rp->status);
1143d458
BG		 890
891 hci_dev_unlock(hdev);
892}
893
c35938b2 894static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 895 struct sk_buff *skb)
c35938b2
SJ		 896{
897 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
898
9f1db00c 899 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 900
56e5cb86 901 hci_dev_lock(hdev);
744cf19e 902 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 903 rp->randomizer, rp->status);
56e5cb86 904 hci_dev_unlock(hdev);
c35938b2
SJ		 905}
906
c1d5dc4a
JH		 907static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
908{
909 __u8 *sent, status = *((__u8 *) skb->data);
910
911 BT_DBG("%s status 0x%2.2x", hdev->name, status);
912
913 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
914 if (!sent)
915 return;
916
917 hci_dev_lock(hdev);
918
919 if (!status) {
920 if (*sent)
921 set_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
922 else
923 clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
924 }
925
04b4edcb
JH		 926 if (!test_bit(HCI_INIT, &hdev->flags)) {
927 struct hci_request req;
c1d5dc4a 928
04b4edcb
JH		 929 hci_req_init(&req, hdev);
930 hci_update_ad(&req);
931 hci_req_run(&req, NULL);
932 }
933
934 hci_dev_unlock(hdev);
c1d5dc4a
JH		 935}
936
eb9d91f5 937static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 938 struct sk_buff *skb)
eb9d91f5
AG		 939{
940 struct hci_cp_le_set_scan_enable *cp;
941 __u8 status = *((__u8 *) skb->data);
942
9f1db00c 943 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 944
eb9d91f5
AG		 945 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
946 if (!cp)
947 return;
948
3fd319b8
AG		 949 if (status)
950 return;
951
68a8aea4 952 switch (cp->enable) {
76a388be 953 case LE_SCAN_ENABLE:
d23264a8 954 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 955 break;
956
76a388be 957 case LE_SCAN_DISABLE:
d23264a8 958 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 959 break;
960
961 default:
962 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
963 break;
35815085 964 }
eb9d91f5
AG		 965}
966
cf1d081f
JH		 967static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
968 struct sk_buff *skb)
969{
970 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
971
972 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
973
974 if (!rp->status)
975 hdev->le_white_list_size = rp->size;
cf1d081f
JH		 976}
977
9b008c04
JH		 978static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
979 struct sk_buff *skb)
980{
981 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
982
983 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
984
985 if (!rp->status)
986 memcpy(hdev->le_states, rp->le_states, 8);
9b008c04
JH		 987}
988
6039aa73
GP		 989static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
990 struct sk_buff *skb)
f9b49306 991{
06199cf8 992 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 993 __u8 status = *((__u8 *) skb->data);
994
9f1db00c 995 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 996
06199cf8 997 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 998 if (!sent)
f9b49306
AG		 999 return;
1000
8f984dfa 1001 if (!status) {
416a4ae5 1002 if (sent->le) {
cad718ed 1003 hdev->features[1][0] |= LMP_HOST_LE;
416a4ae5
JH		 1004 set_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1005 } else {
cad718ed 1006 hdev->features[1][0] &= ~LMP_HOST_LE;
416a4ae5 1007 clear_bit(HCI_LE_ENABLED, &hdev->dev_flags);
eeca6f89 1008 clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
416a4ae5 1009 }
53b2caab
JH		 1010
1011 if (sent->simul)
cad718ed 1012 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
53b2caab 1013 else
cad718ed 1014 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
8f984dfa 1015 }
f9b49306
AG		 1016}
1017
93c284ee
AE		 1018static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1019 struct sk_buff *skb)
1020{
1021 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1022
1023 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1024 hdev->name, rp->status, rp->phy_handle);
1025
1026 if (rp->status)
1027 return;
1028
1029 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1030}
1031
6039aa73 1032static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1033{
9f1db00c 1034 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1035
1036 if (status) {
a9de9248 1037 hci_conn_check_pending(hdev);
314b2381
JH		 1038 return;
1039 }
1040
89352e7d 1041 set_bit(HCI_INQUIRY, &hdev->flags);
1da177e4
LT		 1042}
1043
6039aa73 1044static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1045{
a9de9248 1046 struct hci_cp_create_conn *cp;
1da177e4 1047 struct hci_conn *conn;
1da177e4 1048
9f1db00c 1049 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1050
1051 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1052 if (!cp)
1053 return;
1054
1055 hci_dev_lock(hdev);
1056
1057 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1058
6ed93dc6 1059 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1060
1061 if (status) {
1062 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1063 if (status != 0x0c || conn->attempt > 2) {
1064 conn->state = BT_CLOSED;
1065 hci_proto_connect_cfm(conn, status);
1066 hci_conn_del(conn);
1067 } else
1068 conn->state = BT_CONNECT2;
1da177e4
LT		 1069 }
1070 } else {
1071 if (!conn) {
1072 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1073 if (conn) {
a0c808b3 1074 conn->out = true;
1da177e4
LT		 1075 conn->link_mode |= HCI_LM_MASTER;
1076 } else
893ef971 1077 BT_ERR("No memory for new connection");
1da177e4
LT		 1078 }
1079 }
1080
1081 hci_dev_unlock(hdev);
1082}
1083
a9de9248 1084static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1085{
a9de9248
MH		 1086 struct hci_cp_add_sco *cp;
1087 struct hci_conn *acl, *sco;
1088 __u16 handle;
1da177e4 1089
9f1db00c 1090 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1091
a9de9248
MH		 1092 if (!status)
1093 return;
1da177e4 1094
a9de9248
MH		 1095 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1096 if (!cp)
1097 return;
1da177e4 1098
a9de9248 1099 handle = __le16_to_cpu(cp->handle);
1da177e4 1100
9f1db00c 1101 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1102
a9de9248 1103 hci_dev_lock(hdev);
1da177e4 1104
a9de9248 1105 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1106 if (acl) {
1107 sco = acl->link;
1108 if (sco) {
1109 sco->state = BT_CLOSED;
1da177e4 1110
5a08ecce
AE		 1111 hci_proto_connect_cfm(sco, status);
1112 hci_conn_del(sco);
1113 }
a9de9248 1114 }
1da177e4 1115
a9de9248
MH		 1116 hci_dev_unlock(hdev);
1117}
1da177e4 1118
f8558555
MH		 1119static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1120{
1121 struct hci_cp_auth_requested *cp;
1122 struct hci_conn *conn;
1123
9f1db00c 1124 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1125
1126 if (!status)
1127 return;
1128
1129 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1130 if (!cp)
1131 return;
1132
1133 hci_dev_lock(hdev);
1134
1135 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1136 if (conn) {
1137 if (conn->state == BT_CONFIG) {
1138 hci_proto_connect_cfm(conn, status);
76a68ba0 1139 hci_conn_drop(conn);
f8558555
MH		 1140 }
1141 }
1142
1143 hci_dev_unlock(hdev);
1144}
1145
1146static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1147{
1148 struct hci_cp_set_conn_encrypt *cp;
1149 struct hci_conn *conn;
1150
9f1db00c 1151 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1152
1153 if (!status)
1154 return;
1155
1156 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1157 if (!cp)
1158 return;
1159
1160 hci_dev_lock(hdev);
1161
1162 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1163 if (conn) {
1164 if (conn->state == BT_CONFIG) {
1165 hci_proto_connect_cfm(conn, status);
76a68ba0 1166 hci_conn_drop(conn);
f8558555
MH		 1167 }
1168 }
1169
1170 hci_dev_unlock(hdev);
1171}
1172
127178d2 1173static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1174 struct hci_conn *conn)
392599b9 1175{
392599b9
JH		 1176 if (conn->state != BT_CONFIG || !conn->out)
1177 return 0;
1178
765c2a96 1179 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1180 return 0;
1181
1182 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1183 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1184 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1185 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1186 return 0;
1187
392599b9
JH		 1188 return 1;
1189}
1190
6039aa73 1191static int hci_resolve_name(struct hci_dev *hdev,
04124681 1192 struct inquiry_entry *e)
30dc78e1
JH		 1193{
1194 struct hci_cp_remote_name_req cp;
1195
1196 memset(&cp, 0, sizeof(cp));
1197
1198 bacpy(&cp.bdaddr, &e->data.bdaddr);
1199 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1200 cp.pscan_mode = e->data.pscan_mode;
1201 cp.clock_offset = e->data.clock_offset;
1202
1203 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1204}
1205
b644ba33 1206static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1207{
1208 struct discovery_state *discov = &hdev->discovery;
1209 struct inquiry_entry *e;
1210
b644ba33
JH		 1211 if (list_empty(&discov->resolve))
1212 return false;
1213
1214 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1215 if (!e)
1216 return false;
1217
b644ba33
JH		 1218 if (hci_resolve_name(hdev, e) == 0) {
1219 e->name_state = NAME_PENDING;
1220 return true;
1221 }
1222
1223 return false;
1224}
1225
1226static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1227 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1228{
1229 struct discovery_state *discov = &hdev->discovery;
1230 struct inquiry_entry *e;
1231
1232 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1233 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1234 name_len, conn->dev_class);
b644ba33
JH		 1235
1236 if (discov->state == DISCOVERY_STOPPED)
1237 return;
1238
30dc78e1
JH		 1239 if (discov->state == DISCOVERY_STOPPING)
1240 goto discov_complete;
1241
1242 if (discov->state != DISCOVERY_RESOLVING)
1243 return;
1244
1245 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1246 /* If the device was not found in a list of found devices names of which
1247 * are pending. there is no need to continue resolving a next name as it
1248 * will be done upon receiving another Remote Name Request Complete
1249 * Event */
1250 if (!e)
1251 return;
1252
1253 list_del(&e->list);
1254 if (name) {
30dc78e1 1255 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1256 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1257 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1258 } else {
1259 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1260 }
1261
b644ba33 1262 if (hci_resolve_next_name(hdev))
30dc78e1 1263 return;
30dc78e1
JH		 1264
1265discov_complete:
1266 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1267}
1268
a9de9248
MH		 1269static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1270{
127178d2
JH		 1271 struct hci_cp_remote_name_req *cp;
1272 struct hci_conn *conn;
1273
9f1db00c 1274 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1275
1276 /* If successful wait for the name req complete event before
1277 * checking for the need to do authentication */
1278 if (!status)
1279 return;
1280
1281 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1282 if (!cp)
1283 return;
1284
1285 hci_dev_lock(hdev);
1286
b644ba33
JH		 1287 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1288
a8b2d5c2 1289 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1290 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1291
79c6c70c
JH		 1292 if (!conn)
1293 goto unlock;
1294
1295 if (!hci_outgoing_auth_needed(hdev, conn))
1296 goto unlock;
1297
51a8efd7 1298 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1299 struct hci_cp_auth_requested cp;
1300 cp.handle = __cpu_to_le16(conn->handle);
1301 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1302 }
1303
79c6c70c 1304unlock:
127178d2 1305 hci_dev_unlock(hdev);
a9de9248 1306}
1da177e4 1307
769be974
MH		 1308static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1309{
1310 struct hci_cp_read_remote_features *cp;
1311 struct hci_conn *conn;
1312
9f1db00c 1313 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1314
1315 if (!status)
1316 return;
1317
1318 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1319 if (!cp)
1320 return;
1321
1322 hci_dev_lock(hdev);
1323
1324 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1325 if (conn) {
1326 if (conn->state == BT_CONFIG) {
769be974 1327 hci_proto_connect_cfm(conn, status);
76a68ba0 1328 hci_conn_drop(conn);
769be974
MH		 1329 }
1330 }
1331
1332 hci_dev_unlock(hdev);
1333}
1334
1335static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1336{
1337 struct hci_cp_read_remote_ext_features *cp;
1338 struct hci_conn *conn;
1339
9f1db00c 1340 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1341
1342 if (!status)
1343 return;
1344
1345 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1346 if (!cp)
1347 return;
1348
1349 hci_dev_lock(hdev);
1350
1351 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1352 if (conn) {
1353 if (conn->state == BT_CONFIG) {
769be974 1354 hci_proto_connect_cfm(conn, status);
76a68ba0 1355 hci_conn_drop(conn);
769be974
MH		 1356 }
1357 }
1358
1359 hci_dev_unlock(hdev);
1360}
1361
a9de9248
MH		 1362static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1363{
b6a0dc82
MH		 1364 struct hci_cp_setup_sync_conn *cp;
1365 struct hci_conn *acl, *sco;
1366 __u16 handle;
1367
9f1db00c 1368 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1369
1370 if (!status)
1371 return;
1372
1373 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1374 if (!cp)
1375 return;
1376
1377 handle = __le16_to_cpu(cp->handle);
1378
9f1db00c 1379 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1380
1381 hci_dev_lock(hdev);
1382
1383 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1384 if (acl) {
1385 sco = acl->link;
1386 if (sco) {
1387 sco->state = BT_CLOSED;
b6a0dc82 1388
5a08ecce
AE		 1389 hci_proto_connect_cfm(sco, status);
1390 hci_conn_del(sco);
1391 }
b6a0dc82
MH		 1392 }
1393
1394 hci_dev_unlock(hdev);
1da177e4
LT		 1395}
1396
a9de9248 1397static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1398{
a9de9248
MH		 1399 struct hci_cp_sniff_mode *cp;
1400 struct hci_conn *conn;
1da177e4 1401
9f1db00c 1402 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1403
a9de9248
MH		 1404 if (!status)
1405 return;
04837f64 1406
a9de9248
MH		 1407 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1408 if (!cp)
1409 return;
04837f64 1410
a9de9248 1411 hci_dev_lock(hdev);
04837f64 1412
a9de9248 1413 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1414 if (conn) {
51a8efd7 1415 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1416
51a8efd7 1417 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1418 hci_sco_setup(conn, status);
1419 }
1420
a9de9248
MH		 1421 hci_dev_unlock(hdev);
1422}
04837f64 1423
a9de9248
MH		 1424static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1425{
1426 struct hci_cp_exit_sniff_mode *cp;
1427 struct hci_conn *conn;
04837f64 1428
9f1db00c 1429 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1430
a9de9248
MH		 1431 if (!status)
1432 return;
04837f64 1433
a9de9248
MH		 1434 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1435 if (!cp)
1436 return;
04837f64 1437
a9de9248 1438 hci_dev_lock(hdev);
1da177e4 1439
a9de9248 1440 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1441 if (conn) {
51a8efd7 1442 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1443
51a8efd7 1444 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1445 hci_sco_setup(conn, status);
1446 }
1447
a9de9248 1448 hci_dev_unlock(hdev);
1da177e4
LT		 1449}
1450
88c3df13
JH		 1451static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1452{
1453 struct hci_cp_disconnect *cp;
1454 struct hci_conn *conn;
1455
1456 if (!status)
1457 return;
1458
1459 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1460 if (!cp)
1461 return;
1462
1463 hci_dev_lock(hdev);
1464
1465 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1466 if (conn)
1467 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1468 conn->dst_type, status);
88c3df13
JH		 1469
1470 hci_dev_unlock(hdev);
1471}
1472
fcd89c09
VT		 1473static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1474{
fcd89c09
VT		 1475 struct hci_conn *conn;
1476
9f1db00c 1477 BT_DBG("%s status 0x%2.2x", hdev->name, status);
fcd89c09 1478
f00a06ac
AG		 1479 if (status) {
1480 hci_dev_lock(hdev);
fcd89c09 1481
0c95ab78 1482 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
f00a06ac
AG		 1483 if (!conn) {
1484 hci_dev_unlock(hdev);
1485 return;
1486 }
fcd89c09 1487
6ed93dc6 1488 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
fcd89c09 1489
f00a06ac 1490 conn->state = BT_CLOSED;
0c95ab78 1491 mgmt_connect_failed(hdev, &conn->dst, conn->type,
f00a06ac
AG		 1492 conn->dst_type, status);
1493 hci_proto_connect_cfm(conn, status);
1494 hci_conn_del(conn);
fcd89c09 1495
f00a06ac
AG		 1496 hci_dev_unlock(hdev);
1497 }
fcd89c09
VT		 1498}
1499
a02226d6
AE		 1500static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1501{
93c284ee
AE		 1502 struct hci_cp_create_phy_link *cp;
1503
a02226d6 1504 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee 1505
93c284ee
AE		 1506 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1507 if (!cp)
1508 return;
1509
e58917b9
AE		 1510 hci_dev_lock(hdev);
1511
1512 if (status) {
1513 struct hci_conn *hcon;
1514
1515 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1516 if (hcon)
1517 hci_conn_del(hcon);
1518 } else {
1519 amp_write_remote_assoc(hdev, cp->phy_handle);
1520 }
1521
1522 hci_dev_unlock(hdev);
a02226d6
AE		 1523}
1524
0b26ab9d
AE		 1525static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1526{
1527 struct hci_cp_accept_phy_link *cp;
1528
1529 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1530
1531 if (status)
1532 return;
1533
1534 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1535 if (!cp)
1536 return;
1537
1538 amp_write_remote_assoc(hdev, cp->phy_handle);
1539}
1540
6039aa73 1541static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1542{
1543 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1544 struct discovery_state *discov = &hdev->discovery;
1545 struct inquiry_entry *e;
1da177e4 1546
9f1db00c 1547 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1548
a9de9248 1549 hci_conn_check_pending(hdev);
89352e7d
AG		 1550
1551 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1552 return;
1553
3e13fa1e
AG		 1554 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
1555 wake_up_bit(&hdev->flags, HCI_INQUIRY);
1556
a8b2d5c2 1557 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1558 return;
1559
56e5cb86 1560 hci_dev_lock(hdev);
30dc78e1 1561
343f935b 1562 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1563 goto unlock;
1564
1565 if (list_empty(&discov->resolve)) {
1566 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1567 goto unlock;
1568 }
1569
1570 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1571 if (e && hci_resolve_name(hdev, e) == 0) {
1572 e->name_state = NAME_PENDING;
1573 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1574 } else {
1575 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1576 }
1577
1578unlock:
56e5cb86 1579 hci_dev_unlock(hdev);
1da177e4
LT		 1580}
1581
6039aa73 1582static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1583{
45bb4bf0 1584 struct inquiry_data data;
a9de9248 1585 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1586 int num_rsp = *((__u8 *) skb->data);
1587
1588 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1589
45bb4bf0
MH		 1590 if (!num_rsp)
1591 return;
1592
1519cc17
AG		 1593 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1594 return;
1595
1da177e4 1596 hci_dev_lock(hdev);
45bb4bf0 1597
e17acd40 1598 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1599 bool name_known, ssp;
3175405b 1600
1da177e4
LT		 1601 bacpy(&data.bdaddr, &info->bdaddr);
1602 data.pscan_rep_mode = info->pscan_rep_mode;
1603 data.pscan_period_mode = info->pscan_period_mode;
1604 data.pscan_mode = info->pscan_mode;
1605 memcpy(data.dev_class, info->dev_class, 3);
1606 data.clock_offset = info->clock_offset;
1607 data.rssi = 0x00;
41a96212 1608 data.ssp_mode = 0x00;
3175405b 1609
388fc8fa 1610 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1611 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1612 info->dev_class, 0, !name_known, ssp, NULL,
1613 0);
1da177e4 1614 }
45bb4bf0 1615
1da177e4
LT		 1616 hci_dev_unlock(hdev);
1617}
1618
6039aa73 1619static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1620{
a9de9248
MH		 1621 struct hci_ev_conn_complete *ev = (void *) skb->data;
1622 struct hci_conn *conn;
1da177e4
LT		 1623
1624 BT_DBG("%s", hdev->name);
1625
1626 hci_dev_lock(hdev);
1627
1628 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1629 if (!conn) {
1630 if (ev->link_type != SCO_LINK)
1631 goto unlock;
1632
1633 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1634 if (!conn)
1635 goto unlock;
1636
1637 conn->type = SCO_LINK;
1638 }
1da177e4
LT		 1639
1640 if (!ev->status) {
1641 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1642
1643 if (conn->type == ACL_LINK) {
1644 conn->state = BT_CONFIG;
1645 hci_conn_hold(conn);
a9ea3ed9
SJ		 1646
1647 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1648 !hci_find_link_key(hdev, &ev->bdaddr))
1649 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1650 else
1651 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1652 } else
1653 conn->state = BT_CONNECTED;
1da177e4 1654
7d0db0a3
MH		 1655 hci_conn_add_sysfs(conn);
1656
1da177e4
LT		 1657 if (test_bit(HCI_AUTH, &hdev->flags))
1658 conn->link_mode |= HCI_LM_AUTH;
1659
1660 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1661 conn->link_mode |= HCI_LM_ENCRYPT;
1662
04837f64
MH		 1663 /* Get remote features */
1664 if (conn->type == ACL_LINK) {
1665 struct hci_cp_read_remote_features cp;
1666 cp.handle = ev->handle;
769be974 1667 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1668 sizeof(cp), &cp);
04837f64
MH		 1669 }
1670
1da177e4 1671 /* Set packet type for incoming connection */
d095c1eb 1672 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1673 struct hci_cp_change_conn_ptype cp;
1674 cp.handle = ev->handle;
a8746417 1675 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1676 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1677 &cp);
1da177e4 1678 }
17d5c04c 1679 } else {
1da177e4 1680 conn->state = BT_CLOSED;
17d5c04c 1681 if (conn->type == ACL_LINK)
744cf19e 1682 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1683 conn->dst_type, ev->status);
17d5c04c 1684 }
1da177e4 1685
e73439d8
MH		 1686 if (conn->type == ACL_LINK)
1687 hci_sco_setup(conn, ev->status);
1da177e4 1688
769be974
MH		 1689 if (ev->status) {
1690 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1691 hci_conn_del(conn);
c89b6e6b
MH		 1692 } else if (ev->link_type != ACL_LINK)
1693 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1694
a9de9248 1695unlock:
1da177e4 1696 hci_dev_unlock(hdev);
1da177e4 1697
a9de9248 1698 hci_conn_check_pending(hdev);
1da177e4
LT		 1699}
1700
6039aa73 1701static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1702{
a9de9248
MH		 1703 struct hci_ev_conn_request *ev = (void *) skb->data;
1704 int mask = hdev->link_mode;
20714bfe 1705 __u8 flags = 0;
1da177e4 1706
6ed93dc6 1707 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1708 ev->link_type);
1da177e4 1709
20714bfe
FD		 1710 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
1711 &flags);
1da177e4 1712
138d22ef 1713 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1714 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1715 /* Connection accepted */
c7bdd502 1716 struct inquiry_entry *ie;
1da177e4 1717 struct hci_conn *conn;
1da177e4 1718
a9de9248 1719 hci_dev_lock(hdev);
b6a0dc82 1720
cc11b9c1
AE		 1721 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1722 if (ie)
c7bdd502
MH		 1723 memcpy(ie->data.dev_class, ev->dev_class, 3);
1724
8fc9ced3
GP		 1725 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1726 &ev->bdaddr);
a9de9248 1727 if (!conn) {
cc11b9c1
AE		 1728 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1729 if (!conn) {
893ef971 1730 BT_ERR("No memory for new connection");
a9de9248
MH		 1731 hci_dev_unlock(hdev);
1732 return;
1da177e4
LT		 1733 }
1734 }
b6a0dc82 1735
a9de9248 1736 memcpy(conn->dev_class, ev->dev_class, 3);
b6a0dc82 1737
a9de9248 1738 hci_dev_unlock(hdev);
1da177e4 1739
20714bfe
FD		 1740 if (ev->link_type == ACL_LINK ||
1741 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
b6a0dc82 1742 struct hci_cp_accept_conn_req cp;
20714bfe 1743 conn->state = BT_CONNECT;
1da177e4 1744
b6a0dc82
MH		 1745 bacpy(&cp.bdaddr, &ev->bdaddr);
1746
1747 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1748 cp.role = 0x00; /* Become master */
1749 else
1750 cp.role = 0x01; /* Remain slave */
1751
04124681
GP		 1752 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1753 &cp);
20714bfe 1754 } else if (!(flags & HCI_PROTO_DEFER)) {
b6a0dc82 1755 struct hci_cp_accept_sync_conn_req cp;
20714bfe 1756 conn->state = BT_CONNECT;
b6a0dc82
MH		 1757
1758 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1759 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1760
82781e63
AE		 1761 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1762 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1763 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1764 cp.content_format = cpu_to_le16(hdev->voice_setting);
1765 cp.retrans_effort = 0xff;
1da177e4 1766
b6a0dc82 1767 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1768 sizeof(cp), &cp);
20714bfe
FD		 1769 } else {
1770 conn->state = BT_CONNECT2;
1771 hci_proto_connect_cfm(conn, 0);
b6a0dc82 1772 }
a9de9248
MH		 1773 } else {
1774 /* Connection rejected */
1775 struct hci_cp_reject_conn_req cp;
1da177e4 1776
a9de9248 1777 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1778 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1779 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1780 }
1da177e4
LT		 1781}
1782
f0d6a0ea
MA		 1783static u8 hci_to_mgmt_reason(u8 err)
1784{
1785 switch (err) {
1786 case HCI_ERROR_CONNECTION_TIMEOUT:
1787 return MGMT_DEV_DISCONN_TIMEOUT;
1788 case HCI_ERROR_REMOTE_USER_TERM:
1789 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1790 case HCI_ERROR_REMOTE_POWER_OFF:
1791 return MGMT_DEV_DISCONN_REMOTE;
1792 case HCI_ERROR_LOCAL_HOST_TERM:
1793 return MGMT_DEV_DISCONN_LOCAL_HOST;
1794 default:
1795 return MGMT_DEV_DISCONN_UNKNOWN;
1796 }
1797}
1798
6039aa73 1799static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1800{
a9de9248 1801 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1802 struct hci_conn *conn;
1803
9f1db00c 1804 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1805
1806 hci_dev_lock(hdev);
1807
1808 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1809 if (!conn)
1810 goto unlock;
7d0db0a3 1811
37d9ef76
JH		 1812 if (ev->status == 0)
1813 conn->state = BT_CLOSED;
04837f64 1814
b644ba33 1815 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 1816 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 1817 if (ev->status) {
88c3df13 1818 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 1819 conn->dst_type, ev->status);
f0d6a0ea
MA		 1820 } else {
1821 u8 reason = hci_to_mgmt_reason(ev->reason);
1822
afc747a6 1823 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 1824 conn->dst_type, reason);
1825 }
37d9ef76 1826 }
f7520543 1827
37d9ef76 1828 if (ev->status == 0) {
6ec5bcad
VA		 1829 if (conn->type == ACL_LINK && conn->flush_key)
1830 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 1831 hci_proto_disconn_cfm(conn, ev->reason);
1832 hci_conn_del(conn);
1833 }
f7520543
JH		 1834
1835unlock:
04837f64
MH		 1836 hci_dev_unlock(hdev);
1837}
1838
6039aa73 1839static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1840{
a9de9248 1841 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1842 struct hci_conn *conn;
1da177e4 1843
9f1db00c 1844 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1845
1846 hci_dev_lock(hdev);
1847
04837f64 1848 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1849 if (!conn)
1850 goto unlock;
1851
1852 if (!ev->status) {
aa64a8b5 1853 if (!hci_conn_ssp_enabled(conn) &&
807deac2 1854 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1855 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1856 } else {
d7556e20
WR		 1857 conn->link_mode |= HCI_LM_AUTH;
1858 conn->sec_level = conn->pending_sec_level;
2a611692 1859 }
d7556e20 1860 } else {
bab73cb6 1861 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 1862 ev->status);
d7556e20 1863 }
1da177e4 1864
51a8efd7
JH		 1865 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1866 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1867
d7556e20 1868 if (conn->state == BT_CONFIG) {
aa64a8b5 1869 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1870 struct hci_cp_set_conn_encrypt cp;
1871 cp.handle = ev->handle;
1872 cp.encrypt = 0x01;
1873 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1874 &cp);
052b30b0 1875 } else {
d7556e20
WR		 1876 conn->state = BT_CONNECTED;
1877 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1878 hci_conn_drop(conn);
052b30b0 1879 }
d7556e20
WR		 1880 } else {
1881 hci_auth_cfm(conn, ev->status);
052b30b0 1882
d7556e20
WR		 1883 hci_conn_hold(conn);
1884 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 1885 hci_conn_drop(conn);
d7556e20
WR		 1886 }
1887
51a8efd7 1888 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1889 if (!ev->status) {
1890 struct hci_cp_set_conn_encrypt cp;
1891 cp.handle = ev->handle;
1892 cp.encrypt = 0x01;
1893 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1894 &cp);
d7556e20 1895 } else {
51a8efd7 1896 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1897 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1898 }
1899 }
1900
d7556e20 1901unlock:
1da177e4
LT		 1902 hci_dev_unlock(hdev);
1903}
1904
6039aa73 1905static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1906{
127178d2
JH		 1907 struct hci_ev_remote_name *ev = (void *) skb->data;
1908 struct hci_conn *conn;
1909
a9de9248 1910 BT_DBG("%s", hdev->name);
1da177e4 1911
a9de9248 1912 hci_conn_check_pending(hdev);
127178d2
JH		 1913
1914 hci_dev_lock(hdev);
1915
b644ba33 1916 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1917
b644ba33
JH		 1918 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1919 goto check_auth;
a88a9652 1920
b644ba33
JH		 1921 if (ev->status == 0)
1922 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 1923 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 1924 else
1925 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1926
1927check_auth:
79c6c70c
JH		 1928 if (!conn)
1929 goto unlock;
1930
1931 if (!hci_outgoing_auth_needed(hdev, conn))
1932 goto unlock;
1933
51a8efd7 1934 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1935 struct hci_cp_auth_requested cp;
1936 cp.handle = __cpu_to_le16(conn->handle);
1937 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1938 }
1939
79c6c70c 1940unlock:
127178d2 1941 hci_dev_unlock(hdev);
a9de9248
MH		 1942}
1943
6039aa73 1944static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 1945{
1946 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1947 struct hci_conn *conn;
1948
9f1db00c 1949 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1950
1951 hci_dev_lock(hdev);
1952
04837f64 1953 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1954 if (conn) {
1955 if (!ev->status) {
ae293196
MH		 1956 if (ev->encrypt) {
1957 /* Encryption implies authentication */
1958 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1959 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 1960 conn->sec_level = conn->pending_sec_level;
ae293196 1961 } else
1da177e4
LT		 1962 conn->link_mode &= ~HCI_LM_ENCRYPT;
1963 }
1964
51a8efd7 1965 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 1966
a7d7723a 1967 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 1968 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 1969 hci_conn_drop(conn);
a7d7723a
GP		 1970 goto unlock;
1971 }
1972
f8558555
MH		 1973 if (conn->state == BT_CONFIG) {
1974 if (!ev->status)
1975 conn->state = BT_CONNECTED;
1976
1977 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1978 hci_conn_drop(conn);
f8558555
MH		 1979 } else
1980 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1981 }
1982
a7d7723a 1983unlock:
1da177e4
LT		 1984 hci_dev_unlock(hdev);
1985}
1986
6039aa73
GP		 1987static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
1988 struct sk_buff *skb)
1da177e4 1989{
a9de9248 1990 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1991 struct hci_conn *conn;
1da177e4 1992
9f1db00c 1993 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1994
1995 hci_dev_lock(hdev);
1996
04837f64 1997 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1998 if (conn) {
1999 if (!ev->status)
2000 conn->link_mode |= HCI_LM_SECURE;
2001
51a8efd7 2002 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2003
2004 hci_key_change_cfm(conn, ev->status);
2005 }
2006
2007 hci_dev_unlock(hdev);
2008}
2009
6039aa73
GP		 2010static void hci_remote_features_evt(struct hci_dev *hdev,
2011 struct sk_buff *skb)
1da177e4 2012{
a9de9248
MH		 2013 struct hci_ev_remote_features *ev = (void *) skb->data;
2014 struct hci_conn *conn;
2015
9f1db00c 2016 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2017
a9de9248
MH		 2018 hci_dev_lock(hdev);
2019
2020 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2021 if (!conn)
2022 goto unlock;
769be974 2023
ccd556fe 2024 if (!ev->status)
cad718ed 2025 memcpy(conn->features[0], ev->features, 8);
ccd556fe
JH		 2026
2027 if (conn->state != BT_CONFIG)
2028 goto unlock;
2029
2030 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2031 struct hci_cp_read_remote_ext_features cp;
2032 cp.handle = ev->handle;
2033 cp.page = 0x01;
2034 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2035 sizeof(cp), &cp);
392599b9
JH		 2036 goto unlock;
2037 }
2038
671267bf 2039 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2040 struct hci_cp_remote_name_req cp;
2041 memset(&cp, 0, sizeof(cp));
2042 bacpy(&cp.bdaddr, &conn->dst);
2043 cp.pscan_rep_mode = 0x02;
2044 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2045 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2046 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2047 conn->dst_type, 0, NULL, 0,
2048 conn->dev_class);
392599b9 2049
127178d2 2050 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2051 conn->state = BT_CONNECTED;
2052 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2053 hci_conn_drop(conn);
769be974 2054 }
a9de9248 2055
ccd556fe 2056unlock:
a9de9248 2057 hci_dev_unlock(hdev);
1da177e4
LT		 2058}
2059
6039aa73 2060static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2061{
2062 struct hci_ev_cmd_complete *ev = (void *) skb->data;
9238f36a 2063 u8 status = skb->data[sizeof(*ev)];
a9de9248
MH		 2064 __u16 opcode;
2065
2066 skb_pull(skb, sizeof(*ev));
2067
2068 opcode = __le16_to_cpu(ev->opcode);
2069
2070 switch (opcode) {
2071 case HCI_OP_INQUIRY_CANCEL:
2072 hci_cc_inquiry_cancel(hdev, skb);
2073 break;
2074
4d93483b
AG		 2075 case HCI_OP_PERIODIC_INQ:
2076 hci_cc_periodic_inq(hdev, skb);
2077 break;
2078
a9de9248
MH		 2079 case HCI_OP_EXIT_PERIODIC_INQ:
2080 hci_cc_exit_periodic_inq(hdev, skb);
2081 break;
2082
2083 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2084 hci_cc_remote_name_req_cancel(hdev, skb);
2085 break;
2086
2087 case HCI_OP_ROLE_DISCOVERY:
2088 hci_cc_role_discovery(hdev, skb);
2089 break;
2090
e4e8e37c
MH		 2091 case HCI_OP_READ_LINK_POLICY:
2092 hci_cc_read_link_policy(hdev, skb);
2093 break;
2094
a9de9248
MH		 2095 case HCI_OP_WRITE_LINK_POLICY:
2096 hci_cc_write_link_policy(hdev, skb);
2097 break;
2098
e4e8e37c
MH		 2099 case HCI_OP_READ_DEF_LINK_POLICY:
2100 hci_cc_read_def_link_policy(hdev, skb);
2101 break;
2102
2103 case HCI_OP_WRITE_DEF_LINK_POLICY:
2104 hci_cc_write_def_link_policy(hdev, skb);
2105 break;
2106
a9de9248
MH		 2107 case HCI_OP_RESET:
2108 hci_cc_reset(hdev, skb);
2109 break;
2110
2111 case HCI_OP_WRITE_LOCAL_NAME:
2112 hci_cc_write_local_name(hdev, skb);
2113 break;
2114
2115 case HCI_OP_READ_LOCAL_NAME:
2116 hci_cc_read_local_name(hdev, skb);
2117 break;
2118
2119 case HCI_OP_WRITE_AUTH_ENABLE:
2120 hci_cc_write_auth_enable(hdev, skb);
2121 break;
2122
2123 case HCI_OP_WRITE_ENCRYPT_MODE:
2124 hci_cc_write_encrypt_mode(hdev, skb);
2125 break;
2126
2127 case HCI_OP_WRITE_SCAN_ENABLE:
2128 hci_cc_write_scan_enable(hdev, skb);
2129 break;
2130
2131 case HCI_OP_READ_CLASS_OF_DEV:
2132 hci_cc_read_class_of_dev(hdev, skb);
2133 break;
2134
2135 case HCI_OP_WRITE_CLASS_OF_DEV:
2136 hci_cc_write_class_of_dev(hdev, skb);
2137 break;
2138
2139 case HCI_OP_READ_VOICE_SETTING:
2140 hci_cc_read_voice_setting(hdev, skb);
2141 break;
2142
2143 case HCI_OP_WRITE_VOICE_SETTING:
2144 hci_cc_write_voice_setting(hdev, skb);
2145 break;
2146
333140b5
MH		 2147 case HCI_OP_WRITE_SSP_MODE:
2148 hci_cc_write_ssp_mode(hdev, skb);
2149 break;
2150
a9de9248
MH		 2151 case HCI_OP_READ_LOCAL_VERSION:
2152 hci_cc_read_local_version(hdev, skb);
2153 break;
2154
2155 case HCI_OP_READ_LOCAL_COMMANDS:
2156 hci_cc_read_local_commands(hdev, skb);
2157 break;
2158
2159 case HCI_OP_READ_LOCAL_FEATURES:
2160 hci_cc_read_local_features(hdev, skb);
2161 break;
2162
971e3a4b
AG		 2163 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2164 hci_cc_read_local_ext_features(hdev, skb);
2165 break;
2166
a9de9248
MH		 2167 case HCI_OP_READ_BUFFER_SIZE:
2168 hci_cc_read_buffer_size(hdev, skb);
2169 break;
2170
2171 case HCI_OP_READ_BD_ADDR:
2172 hci_cc_read_bd_addr(hdev, skb);
2173 break;
2174
f332ec66
JH		 2175 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
2176 hci_cc_read_page_scan_activity(hdev, skb);
2177 break;
2178
4a3ee763
JH		 2179 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
2180 hci_cc_write_page_scan_activity(hdev, skb);
2181 break;
2182
f332ec66
JH		 2183 case HCI_OP_READ_PAGE_SCAN_TYPE:
2184 hci_cc_read_page_scan_type(hdev, skb);
2185 break;
2186
4a3ee763
JH		 2187 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
2188 hci_cc_write_page_scan_type(hdev, skb);
2189 break;
2190
350ee4cf
AE		 2191 case HCI_OP_READ_DATA_BLOCK_SIZE:
2192 hci_cc_read_data_block_size(hdev, skb);
2193 break;
2194
1e89cffb
AE		 2195 case HCI_OP_READ_FLOW_CONTROL_MODE:
2196 hci_cc_read_flow_control_mode(hdev, skb);
2197 break;
2198
928abaa7
AE		 2199 case HCI_OP_READ_LOCAL_AMP_INFO:
2200 hci_cc_read_local_amp_info(hdev, skb);
2201 break;
2202
903e4541
AE		 2203 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2204 hci_cc_read_local_amp_assoc(hdev, skb);
2205 break;
2206
d5859e22
JH		 2207 case HCI_OP_READ_INQ_RSP_TX_POWER:
2208 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2209 break;
2210
980e1a53
JH		 2211 case HCI_OP_PIN_CODE_REPLY:
2212 hci_cc_pin_code_reply(hdev, skb);
2213 break;
2214
2215 case HCI_OP_PIN_CODE_NEG_REPLY:
2216 hci_cc_pin_code_neg_reply(hdev, skb);
2217 break;
2218
c35938b2
SJ		 2219 case HCI_OP_READ_LOCAL_OOB_DATA:
2220 hci_cc_read_local_oob_data_reply(hdev, skb);
2221 break;
2222
6ed58ec5
VT		 2223 case HCI_OP_LE_READ_BUFFER_SIZE:
2224 hci_cc_le_read_buffer_size(hdev, skb);
2225 break;
2226
60e77321
JH		 2227 case HCI_OP_LE_READ_LOCAL_FEATURES:
2228 hci_cc_le_read_local_features(hdev, skb);
2229 break;
2230
8fa19098
JH		 2231 case HCI_OP_LE_READ_ADV_TX_POWER:
2232 hci_cc_le_read_adv_tx_power(hdev, skb);
2233 break;
2234
a5c29683
JH		 2235 case HCI_OP_USER_CONFIRM_REPLY:
2236 hci_cc_user_confirm_reply(hdev, skb);
2237 break;
2238
2239 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2240 hci_cc_user_confirm_neg_reply(hdev, skb);
2241 break;
2242
1143d458
BG		 2243 case HCI_OP_USER_PASSKEY_REPLY:
2244 hci_cc_user_passkey_reply(hdev, skb);
2245 break;
2246
2247 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2248 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2249 break;
07f7fa5d 2250
c1d5dc4a
JH		 2251 case HCI_OP_LE_SET_ADV_ENABLE:
2252 hci_cc_le_set_adv_enable(hdev, skb);
2253 break;
2254
eb9d91f5
AG		 2255 case HCI_OP_LE_SET_SCAN_ENABLE:
2256 hci_cc_le_set_scan_enable(hdev, skb);
2257 break;
2258
cf1d081f
JH		 2259 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
2260 hci_cc_le_read_white_list_size(hdev, skb);
2261 break;
2262
9b008c04
JH		 2263 case HCI_OP_LE_READ_SUPPORTED_STATES:
2264 hci_cc_le_read_supported_states(hdev, skb);
2265 break;
2266
f9b49306
AG		 2267 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2268 hci_cc_write_le_host_supported(hdev, skb);
2269 break;
2270
93c284ee
AE		 2271 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2272 hci_cc_write_remote_amp_assoc(hdev, skb);
2273 break;
2274
a9de9248 2275 default:
9f1db00c 2276 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2277 break;
2278 }
2279
ad82cdd1 2280 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2281 del_timer(&hdev->cmd_timer);
2282
ad82cdd1 2283 hci_req_cmd_complete(hdev, opcode, status);
9238f36a 2284
dbccd791 2285 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2286 atomic_set(&hdev->cmd_cnt, 1);
2287 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2288 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2289 }
2290}
2291
6039aa73 2292static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2293{
2294 struct hci_ev_cmd_status *ev = (void *) skb->data;
2295 __u16 opcode;
2296
2297 skb_pull(skb, sizeof(*ev));
2298
2299 opcode = __le16_to_cpu(ev->opcode);
2300
2301 switch (opcode) {
2302 case HCI_OP_INQUIRY:
2303 hci_cs_inquiry(hdev, ev->status);
2304 break;
2305
2306 case HCI_OP_CREATE_CONN:
2307 hci_cs_create_conn(hdev, ev->status);
2308 break;
2309
2310 case HCI_OP_ADD_SCO:
2311 hci_cs_add_sco(hdev, ev->status);
2312 break;
2313
f8558555
MH		 2314 case HCI_OP_AUTH_REQUESTED:
2315 hci_cs_auth_requested(hdev, ev->status);
2316 break;
2317
2318 case HCI_OP_SET_CONN_ENCRYPT:
2319 hci_cs_set_conn_encrypt(hdev, ev->status);
2320 break;
2321
a9de9248
MH		 2322 case HCI_OP_REMOTE_NAME_REQ:
2323 hci_cs_remote_name_req(hdev, ev->status);
2324 break;
2325
769be974
MH		 2326 case HCI_OP_READ_REMOTE_FEATURES:
2327 hci_cs_read_remote_features(hdev, ev->status);
2328 break;
2329
2330 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2331 hci_cs_read_remote_ext_features(hdev, ev->status);
2332 break;
2333
a9de9248
MH		 2334 case HCI_OP_SETUP_SYNC_CONN:
2335 hci_cs_setup_sync_conn(hdev, ev->status);
2336 break;
2337
2338 case HCI_OP_SNIFF_MODE:
2339 hci_cs_sniff_mode(hdev, ev->status);
2340 break;
2341
2342 case HCI_OP_EXIT_SNIFF_MODE:
2343 hci_cs_exit_sniff_mode(hdev, ev->status);
2344 break;
2345
8962ee74 2346 case HCI_OP_DISCONNECT:
88c3df13 2347 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2348 break;
2349
fcd89c09
VT		 2350 case HCI_OP_LE_CREATE_CONN:
2351 hci_cs_le_create_conn(hdev, ev->status);
2352 break;
2353
a02226d6
AE		 2354 case HCI_OP_CREATE_PHY_LINK:
2355 hci_cs_create_phylink(hdev, ev->status);
2356 break;
2357
0b26ab9d
AE		 2358 case HCI_OP_ACCEPT_PHY_LINK:
2359 hci_cs_accept_phylink(hdev, ev->status);
2360 break;
2361
a9de9248 2362 default:
9f1db00c 2363 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2364 break;
2365 }
2366
ad82cdd1 2367 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2368 del_timer(&hdev->cmd_timer);
2369
02350a72
JH		 2370 if (ev->status ||
2371 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->req.event))
2372 hci_req_cmd_complete(hdev, opcode, ev->status);
9238f36a 2373
10572132 2374 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2375 atomic_set(&hdev->cmd_cnt, 1);
2376 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2377 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2378 }
2379}
2380
6039aa73 2381static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2382{
2383 struct hci_ev_role_change *ev = (void *) skb->data;
2384 struct hci_conn *conn;
2385
9f1db00c 2386 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2387
2388 hci_dev_lock(hdev);
2389
2390 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2391 if (conn) {
2392 if (!ev->status) {
2393 if (ev->role)
2394 conn->link_mode &= ~HCI_LM_MASTER;
2395 else
2396 conn->link_mode |= HCI_LM_MASTER;
2397 }
2398
51a8efd7 2399 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2400
2401 hci_role_switch_cfm(conn, ev->status, ev->role);
2402 }
2403
2404 hci_dev_unlock(hdev);
2405}
2406
6039aa73 2407static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2408{
2409 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2410 int i;
2411
32ac5b9b
AE		 2412 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2413 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2414 return;
2415 }
2416
c5993de8 2417 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2418 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2419 BT_DBG("%s bad parameters", hdev->name);
2420 return;
2421 }
2422
c5993de8
AE		 2423 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2424
613a1c0c
AE		 2425 for (i = 0; i < ev->num_hndl; i++) {
2426 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2427 struct hci_conn *conn;
2428 __u16 handle, count;
2429
613a1c0c
AE		 2430 handle = __le16_to_cpu(info->handle);
2431 count = __le16_to_cpu(info->count);
a9de9248
MH		 2432
2433 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2434 if (!conn)
2435 continue;
2436
2437 conn->sent -= count;
2438
2439 switch (conn->type) {
2440 case ACL_LINK:
2441 hdev->acl_cnt += count;
2442 if (hdev->acl_cnt > hdev->acl_pkts)
2443 hdev->acl_cnt = hdev->acl_pkts;
2444 break;
2445
2446 case LE_LINK:
2447 if (hdev->le_pkts) {
2448 hdev->le_cnt += count;
2449 if (hdev->le_cnt > hdev->le_pkts)
2450 hdev->le_cnt = hdev->le_pkts;
2451 } else {
70f23020
AE		 2452 hdev->acl_cnt += count;
2453 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2454 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2455 }
f4280918
AE		 2456 break;
2457
2458 case SCO_LINK:
2459 hdev->sco_cnt += count;
2460 if (hdev->sco_cnt > hdev->sco_pkts)
2461 hdev->sco_cnt = hdev->sco_pkts;
2462 break;
2463
2464 default:
2465 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2466 break;
a9de9248
MH		 2467 }
2468 }
2469
3eff45ea 2470 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2471}
2472
76ef7cf7
AE		 2473static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2474 __u16 handle)
2475{
2476 struct hci_chan *chan;
2477
2478 switch (hdev->dev_type) {
2479 case HCI_BREDR:
2480 return hci_conn_hash_lookup_handle(hdev, handle);
2481 case HCI_AMP:
2482 chan = hci_chan_lookup_handle(hdev, handle);
2483 if (chan)
2484 return chan->conn;
2485 break;
2486 default:
2487 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2488 break;
2489 }
2490
2491 return NULL;
2492}
2493
6039aa73 2494static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2495{
2496 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2497 int i;
2498
2499 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2500 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2501 return;
2502 }
2503
2504 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2505 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2506 BT_DBG("%s bad parameters", hdev->name);
2507 return;
2508 }
2509
2510 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2511 ev->num_hndl);
25e89e99
AE		 2512
2513 for (i = 0; i < ev->num_hndl; i++) {
2514 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2515 struct hci_conn *conn = NULL;
25e89e99
AE		 2516 __u16 handle, block_count;
2517
2518 handle = __le16_to_cpu(info->handle);
2519 block_count = __le16_to_cpu(info->blocks);
2520
76ef7cf7 2521 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2522 if (!conn)
2523 continue;
2524
2525 conn->sent -= block_count;
2526
2527 switch (conn->type) {
2528 case ACL_LINK:
bd1eb66b 2529 case AMP_LINK:
25e89e99
AE		 2530 hdev->block_cnt += block_count;
2531 if (hdev->block_cnt > hdev->num_blocks)
2532 hdev->block_cnt = hdev->num_blocks;
2533 break;
2534
2535 default:
2536 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2537 break;
2538 }
2539 }
2540
2541 queue_work(hdev->workqueue, &hdev->tx_work);
2542}
2543
6039aa73 2544static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2545{
a9de9248 2546 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2547 struct hci_conn *conn;
2548
9f1db00c 2549 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2550
2551 hci_dev_lock(hdev);
2552
2553 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2554 if (conn) {
2555 conn->mode = ev->mode;
2556 conn->interval = __le16_to_cpu(ev->interval);
2557
8fc9ced3
GP		 2558 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2559 &conn->flags)) {
a9de9248 2560 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2561 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2562 else
58a681ef 2563 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2564 }
e73439d8 2565
51a8efd7 2566 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2567 hci_sco_setup(conn, ev->status);
04837f64
MH		 2568 }
2569
2570 hci_dev_unlock(hdev);
2571}
2572
6039aa73 2573static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2574{
052b30b0
MH		 2575 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2576 struct hci_conn *conn;
2577
a9de9248 2578 BT_DBG("%s", hdev->name);
052b30b0
MH		 2579
2580 hci_dev_lock(hdev);
2581
2582 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2583 if (!conn)
2584 goto unlock;
2585
2586 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2587 hci_conn_hold(conn);
2588 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
76a68ba0 2589 hci_conn_drop(conn);
052b30b0
MH		 2590 }
2591
a8b2d5c2 2592 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2593 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2594 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2595 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2596 u8 secure;
2597
2598 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2599 secure = 1;
2600 else
2601 secure = 0;
2602
744cf19e 2603 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2604 }
980e1a53 2605
b6f98044 2606unlock:
052b30b0 2607 hci_dev_unlock(hdev);
a9de9248
MH		 2608}
2609
6039aa73 2610static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2611{
55ed8ca1
JH		 2612 struct hci_ev_link_key_req *ev = (void *) skb->data;
2613 struct hci_cp_link_key_reply cp;
2614 struct hci_conn *conn;
2615 struct link_key *key;
2616
a9de9248 2617 BT_DBG("%s", hdev->name);
55ed8ca1 2618
034cbea0 2619 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
55ed8ca1
JH		 2620 return;
2621
2622 hci_dev_lock(hdev);
2623
2624 key = hci_find_link_key(hdev, &ev->bdaddr);
2625 if (!key) {
6ed93dc6
AE		 2626 BT_DBG("%s link key not found for %pMR", hdev->name,
2627 &ev->bdaddr);
55ed8ca1
JH		 2628 goto not_found;
2629 }
2630
6ed93dc6
AE		 2631 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2632 &ev->bdaddr);
55ed8ca1 2633
a8b2d5c2 2634 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2635 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2636 BT_DBG("%s ignoring debug key", hdev->name);
2637 goto not_found;
2638 }
2639
2640 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2641 if (conn) {
2642 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2643 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2644 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2645 goto not_found;
2646 }
55ed8ca1 2647
60b83f57 2648 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2649 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2650 BT_DBG("%s ignoring key unauthenticated for high security",
2651 hdev->name);
60b83f57
WR		 2652 goto not_found;
2653 }
2654
2655 conn->key_type = key->type;
2656 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2657 }
2658
2659 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2660 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2661
2662 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2663
2664 hci_dev_unlock(hdev);
2665
2666 return;
2667
2668not_found:
2669 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2670 hci_dev_unlock(hdev);
a9de9248
MH		 2671}
2672
6039aa73 2673static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2674{
052b30b0
MH		 2675 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2676 struct hci_conn *conn;
55ed8ca1 2677 u8 pin_len = 0;
052b30b0 2678
a9de9248 2679 BT_DBG("%s", hdev->name);
052b30b0
MH		 2680
2681 hci_dev_lock(hdev);
2682
2683 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2684 if (conn) {
2685 hci_conn_hold(conn);
2686 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2687 pin_len = conn->pin_length;
13d39315
WR		 2688
2689 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2690 conn->key_type = ev->key_type;
2691
76a68ba0 2692 hci_conn_drop(conn);
052b30b0
MH		 2693 }
2694
034cbea0 2695 if (test_bit(HCI_MGMT, &hdev->dev_flags))
d25e28ab 2696 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2697 ev->key_type, pin_len);
55ed8ca1 2698
052b30b0 2699 hci_dev_unlock(hdev);
a9de9248
MH		 2700}
2701
6039aa73 2702static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2703{
a9de9248 2704 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2705 struct hci_conn *conn;
1da177e4 2706
9f1db00c 2707 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2708
2709 hci_dev_lock(hdev);
2710
04837f64 2711 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2712 if (conn && !ev->status) {
2713 struct inquiry_entry *ie;
2714
cc11b9c1
AE		 2715 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2716 if (ie) {
1da177e4
LT		 2717 ie->data.clock_offset = ev->clock_offset;
2718 ie->timestamp = jiffies;
2719 }
2720 }
2721
2722 hci_dev_unlock(hdev);
2723}
2724
6039aa73 2725static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2726{
2727 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2728 struct hci_conn *conn;
2729
9f1db00c 2730 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2731
2732 hci_dev_lock(hdev);
2733
2734 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2735 if (conn && !ev->status)
2736 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2737
2738 hci_dev_unlock(hdev);
2739}
2740
6039aa73 2741static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2742{
a9de9248 2743 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2744 struct inquiry_entry *ie;
2745
2746 BT_DBG("%s", hdev->name);
2747
2748 hci_dev_lock(hdev);
2749
cc11b9c1
AE		 2750 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2751 if (ie) {
85a1e930
MH		 2752 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2753 ie->timestamp = jiffies;
2754 }
2755
2756 hci_dev_unlock(hdev);
2757}
2758
6039aa73
GP		 2759static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2760 struct sk_buff *skb)
a9de9248
MH		 2761{
2762 struct inquiry_data data;
2763 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2764 bool name_known, ssp;
a9de9248
MH		 2765
2766 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2767
2768 if (!num_rsp)
2769 return;
2770
1519cc17
AG		 2771 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2772 return;
2773
a9de9248
MH		 2774 hci_dev_lock(hdev);
2775
2776 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2777 struct inquiry_info_with_rssi_and_pscan_mode *info;
2778 info = (void *) (skb->data + 1);
a9de9248 2779
e17acd40 2780 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2781 bacpy(&data.bdaddr, &info->bdaddr);
2782 data.pscan_rep_mode = info->pscan_rep_mode;
2783 data.pscan_period_mode = info->pscan_period_mode;
2784 data.pscan_mode = info->pscan_mode;
2785 memcpy(data.dev_class, info->dev_class, 3);
2786 data.clock_offset = info->clock_offset;
2787 data.rssi = info->rssi;
41a96212 2788 data.ssp_mode = 0x00;
3175405b
JH		 2789
2790 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2791 false, &ssp);
48264f06 2792 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2793 info->dev_class, info->rssi,
2794 !name_known, ssp, NULL, 0);
a9de9248
MH		 2795 }
2796 } else {
2797 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2798
e17acd40 2799 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2800 bacpy(&data.bdaddr, &info->bdaddr);
2801 data.pscan_rep_mode = info->pscan_rep_mode;
2802 data.pscan_period_mode = info->pscan_period_mode;
2803 data.pscan_mode = 0x00;
2804 memcpy(data.dev_class, info->dev_class, 3);
2805 data.clock_offset = info->clock_offset;
2806 data.rssi = info->rssi;
41a96212 2807 data.ssp_mode = 0x00;
3175405b 2808 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2809 false, &ssp);
48264f06 2810 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2811 info->dev_class, info->rssi,
2812 !name_known, ssp, NULL, 0);
a9de9248
MH		 2813 }
2814 }
2815
2816 hci_dev_unlock(hdev);
2817}
2818
6039aa73
GP		 2819static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2820 struct sk_buff *skb)
a9de9248 2821{
41a96212
MH		 2822 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2823 struct hci_conn *conn;
2824
a9de9248 2825 BT_DBG("%s", hdev->name);
41a96212 2826
41a96212
MH		 2827 hci_dev_lock(hdev);
2828
2829 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2830 if (!conn)
2831 goto unlock;
41a96212 2832
cad718ed
JH		 2833 if (ev->page < HCI_MAX_PAGES)
2834 memcpy(conn->features[ev->page], ev->features, 8);
2835
ccd556fe
JH		 2836 if (!ev->status && ev->page == 0x01) {
2837 struct inquiry_entry *ie;
41a96212 2838
cc11b9c1
AE		 2839 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2840 if (ie)
02b7cc62 2841 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 2842
bbb0eada 2843 if (ev->features[0] & LMP_HOST_SSP) {
58a681ef 2844 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
bbb0eada
JK		 2845 } else {
2846 /* It is mandatory by the Bluetooth specification that
2847 * Extended Inquiry Results are only used when Secure
2848 * Simple Pairing is enabled, but some devices violate
2849 * this.
2850 *
2851 * To make these devices work, the internal SSP
2852 * enabled flag needs to be cleared if the remote host
2853 * features do not indicate SSP support */
2854 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2855 }
ccd556fe
JH		 2856 }
2857
2858 if (conn->state != BT_CONFIG)
2859 goto unlock;
2860
671267bf 2861 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2862 struct hci_cp_remote_name_req cp;
2863 memset(&cp, 0, sizeof(cp));
2864 bacpy(&cp.bdaddr, &conn->dst);
2865 cp.pscan_rep_mode = 0x02;
2866 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2867 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2868 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2869 conn->dst_type, 0, NULL, 0,
2870 conn->dev_class);
392599b9 2871
127178d2 2872 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2873 conn->state = BT_CONNECTED;
2874 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2875 hci_conn_drop(conn);
41a96212
MH		 2876 }
2877
ccd556fe 2878unlock:
41a96212 2879 hci_dev_unlock(hdev);
a9de9248
MH		 2880}
2881
6039aa73
GP		 2882static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
2883 struct sk_buff *skb)
a9de9248 2884{
b6a0dc82
MH		 2885 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2886 struct hci_conn *conn;
2887
9f1db00c 2888 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 2889
2890 hci_dev_lock(hdev);
2891
2892 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2893 if (!conn) {
2894 if (ev->link_type == ESCO_LINK)
2895 goto unlock;
2896
2897 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2898 if (!conn)
2899 goto unlock;
2900
2901 conn->type = SCO_LINK;
2902 }
b6a0dc82 2903
732547f9
MH		 2904 switch (ev->status) {
2905 case 0x00:
b6a0dc82
MH		 2906 conn->handle = __le16_to_cpu(ev->handle);
2907 conn->state = BT_CONNECTED;
7d0db0a3
MH		 2908
2909 hci_conn_add_sysfs(conn);
732547f9
MH		 2910 break;
2911
1a4c958c 2912 case 0x0d: /* Connection Rejected due to Limited Resources */
705e5711 2913 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2914 case 0x1c: /* SCO interval rejected */
1038a00b 2915 case 0x1a: /* Unsupported Remote Feature */
732547f9 2916 case 0x1f: /* Unspecified error */
2dea632f 2917 if (conn->out) {
732547f9
MH		 2918 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2919 (hdev->esco_type & EDR_ESCO_MASK);
2dea632f
FD		 2920 if (hci_setup_sync(conn, conn->link->handle))
2921 goto unlock;
732547f9
MH		 2922 }
2923 /* fall through */
2924
2925 default:
b6a0dc82 2926 conn->state = BT_CLOSED;
732547f9
MH		 2927 break;
2928 }
b6a0dc82
MH		 2929
2930 hci_proto_connect_cfm(conn, ev->status);
2931 if (ev->status)
2932 hci_conn_del(conn);
2933
2934unlock:
2935 hci_dev_unlock(hdev);
a9de9248
MH		 2936}
2937
6039aa73
GP		 2938static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
2939 struct sk_buff *skb)
1da177e4 2940{
a9de9248
MH		 2941 struct inquiry_data data;
2942 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2943 int num_rsp = *((__u8 *) skb->data);
9d939d94 2944 size_t eir_len;
1da177e4 2945
a9de9248 2946 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2947
a9de9248
MH		 2948 if (!num_rsp)
2949 return;
1da177e4 2950
1519cc17
AG		 2951 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2952 return;
2953
a9de9248
MH		 2954 hci_dev_lock(hdev);
2955
e17acd40 2956 for (; num_rsp; num_rsp--, info++) {
388fc8fa 2957 bool name_known, ssp;
561aafbc 2958
a9de9248 2959 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2960 data.pscan_rep_mode = info->pscan_rep_mode;
2961 data.pscan_period_mode = info->pscan_period_mode;
2962 data.pscan_mode = 0x00;
a9de9248 2963 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2964 data.clock_offset = info->clock_offset;
2965 data.rssi = info->rssi;
41a96212 2966 data.ssp_mode = 0x01;
561aafbc 2967
a8b2d5c2 2968 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 2969 name_known = eir_has_data_type(info->data,
04124681
GP		 2970 sizeof(info->data),
2971 EIR_NAME_COMPLETE);
561aafbc
JH		 2972 else
2973 name_known = true;
2974
388fc8fa 2975 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 2976 &ssp);
9d939d94 2977 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 2978 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 2979 info->dev_class, info->rssi, !name_known,
9d939d94 2980 ssp, info->data, eir_len);
a9de9248
MH		 2981 }
2982
2983 hci_dev_unlock(hdev);
2984}
1da177e4 2985
1c2e0041
JH		 2986static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
2987 struct sk_buff *skb)
2988{
2989 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
2990 struct hci_conn *conn;
2991
9f1db00c 2992 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 2993 __le16_to_cpu(ev->handle));
2994
2995 hci_dev_lock(hdev);
2996
2997 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2998 if (!conn)
2999 goto unlock;
3000
3001 if (!ev->status)
3002 conn->sec_level = conn->pending_sec_level;
3003
3004 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3005
3006 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 3007 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 3008 hci_conn_drop(conn);
1c2e0041
JH		 3009 goto unlock;
3010 }
3011
3012 if (conn->state == BT_CONFIG) {
3013 if (!ev->status)
3014 conn->state = BT_CONNECTED;
3015
3016 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 3017 hci_conn_drop(conn);
1c2e0041
JH		 3018 } else {
3019 hci_auth_cfm(conn, ev->status);
3020
3021 hci_conn_hold(conn);
3022 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3023 hci_conn_drop(conn);
1c2e0041
JH		 3024 }
3025
3026unlock:
3027 hci_dev_unlock(hdev);
3028}
3029
6039aa73 3030static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3031{
3032 /* If remote requests dedicated bonding follow that lead */
acabae96
MA		 3033 if (conn->remote_auth == HCI_AT_DEDICATED_BONDING ||
3034 conn->remote_auth == HCI_AT_DEDICATED_BONDING_MITM) {
17fa4b9d
JH		 3035 /* If both remote and local IO capabilities allow MITM
3036 * protection then require it, otherwise don't */
acabae96
MA		 3037 if (conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT ||
3038 conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)
3039 return HCI_AT_DEDICATED_BONDING;
17fa4b9d 3040 else
acabae96 3041 return HCI_AT_DEDICATED_BONDING_MITM;
17fa4b9d
JH		 3042 }
3043
3044 /* If remote requests no-bonding follow that lead */
acabae96
MA		 3045 if (conn->remote_auth == HCI_AT_NO_BONDING ||
3046 conn->remote_auth == HCI_AT_NO_BONDING_MITM)
58797bf7 3047 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3048
3049 return conn->auth_type;
3050}
3051
6039aa73 3052static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3053{
3054 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3055 struct hci_conn *conn;
3056
3057 BT_DBG("%s", hdev->name);
3058
3059 hci_dev_lock(hdev);
3060
3061 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3062 if (!conn)
3063 goto unlock;
3064
3065 hci_conn_hold(conn);
3066
a8b2d5c2 3067 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3068 goto unlock;
3069
a8b2d5c2 3070 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3071 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3072 struct hci_cp_io_capability_reply cp;
3073
3074 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3075 /* Change the IO capability from KeyboardDisplay
3076 * to DisplayYesNo as it is not supported by BT spec. */
3077 cp.capability = (conn->io_capability == 0x04) ?
a767631a 3078 HCI_IO_DISPLAY_YESNO : conn->io_capability;
7cbc9bd9
JH		 3079 conn->auth_type = hci_get_auth_req(conn);
3080 cp.authentication = conn->auth_type;
17fa4b9d 3081
8fc9ced3
GP		 3082 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3083 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3084 cp.oob_data = 0x01;
3085 else
3086 cp.oob_data = 0x00;
3087
17fa4b9d 3088 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3089 sizeof(cp), &cp);
03b555e1
JH		 3090 } else {
3091 struct hci_cp_io_capability_neg_reply cp;
3092
3093 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3094 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3095
03b555e1 3096 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3097 sizeof(cp), &cp);
03b555e1
JH		 3098 }
3099
3100unlock:
3101 hci_dev_unlock(hdev);
3102}
3103
6039aa73 3104static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3105{
3106 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3107 struct hci_conn *conn;
3108
3109 BT_DBG("%s", hdev->name);
3110
3111 hci_dev_lock(hdev);
3112
3113 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3114 if (!conn)
3115 goto unlock;
3116
03b555e1 3117 conn->remote_cap = ev->capability;
03b555e1 3118 conn->remote_auth = ev->authentication;
58a681ef
JH		 3119 if (ev->oob_data)
3120 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3121
3122unlock:
0493684e
MH		 3123 hci_dev_unlock(hdev);
3124}
3125
6039aa73
GP		 3126static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3127 struct sk_buff *skb)
a5c29683
JH		 3128{
3129 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3130 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3131 struct hci_conn *conn;
a5c29683
JH		 3132
3133 BT_DBG("%s", hdev->name);
3134
3135 hci_dev_lock(hdev);
3136
a8b2d5c2 3137 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3138 goto unlock;
a5c29683 3139
7a828908
JH		 3140 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3141 if (!conn)
3142 goto unlock;
3143
3144 loc_mitm = (conn->auth_type & 0x01);
3145 rem_mitm = (conn->remote_auth & 0x01);
3146
3147 /* If we require MITM but the remote device can't provide that
3148 * (it has NoInputNoOutput) then reject the confirmation
3149 * request. The only exception is when we're dedicated bonding
3150 * initiators (connect_cfm_cb set) since then we always have the MITM
3151 * bit set. */
a767631a
MA		 3152 if (!conn->connect_cfm_cb && loc_mitm &&
3153 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) {
7a828908
JH		 3154 BT_DBG("Rejecting request: remote device can't provide MITM");
3155 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3156 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3157 goto unlock;
3158 }
3159
3160 /* If no side requires MITM protection; auto-accept */
a767631a
MA		 3161 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) &&
3162 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) {
55bc1a37
JH		 3163
3164 /* If we're not the initiators request authorization to
3165 * proceed from user space (mgmt_user_confirm with
3166 * confirm_hint set to 1). */
51a8efd7 3167 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3168 BT_DBG("Confirming auto-accept as acceptor");
3169 confirm_hint = 1;
3170 goto confirm;
3171 }
3172
9f61656a 3173 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3174 hdev->auto_accept_delay);
9f61656a
JH		 3175
3176 if (hdev->auto_accept_delay > 0) {
3177 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3178 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3179 goto unlock;
3180 }
3181
7a828908 3182 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3183 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3184 goto unlock;
3185 }
3186
55bc1a37 3187confirm:
272d90df 3188 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3189 confirm_hint);
7a828908
JH		 3190
3191unlock:
a5c29683
JH		 3192 hci_dev_unlock(hdev);
3193}
3194
6039aa73
GP		 3195static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3196 struct sk_buff *skb)
1143d458
BG		 3197{
3198 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3199
3200 BT_DBG("%s", hdev->name);
3201
a8b2d5c2 3202 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3203 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3204}
3205
92a25256
JH		 3206static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3207 struct sk_buff *skb)
3208{
3209 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3210 struct hci_conn *conn;
3211
3212 BT_DBG("%s", hdev->name);
3213
3214 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3215 if (!conn)
3216 return;
3217
3218 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3219 conn->passkey_entered = 0;
3220
3221 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3222 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3223 conn->dst_type, conn->passkey_notify,
3224 conn->passkey_entered);
3225}
3226
3227static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3228{
3229 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3230 struct hci_conn *conn;
3231
3232 BT_DBG("%s", hdev->name);
3233
3234 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3235 if (!conn)
3236 return;
3237
3238 switch (ev->type) {
3239 case HCI_KEYPRESS_STARTED:
3240 conn->passkey_entered = 0;
3241 return;
3242
3243 case HCI_KEYPRESS_ENTERED:
3244 conn->passkey_entered++;
3245 break;
3246
3247 case HCI_KEYPRESS_ERASED:
3248 conn->passkey_entered--;
3249 break;
3250
3251 case HCI_KEYPRESS_CLEARED:
3252 conn->passkey_entered = 0;
3253 break;
3254
3255 case HCI_KEYPRESS_COMPLETED:
3256 return;
3257 }
3258
3259 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3260 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3261 conn->dst_type, conn->passkey_notify,
3262 conn->passkey_entered);
3263}
3264
6039aa73
GP		 3265static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3266 struct sk_buff *skb)
0493684e
MH		 3267{
3268 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3269 struct hci_conn *conn;
3270
3271 BT_DBG("%s", hdev->name);
3272
3273 hci_dev_lock(hdev);
3274
3275 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3276 if (!conn)
3277 goto unlock;
3278
3279 /* To avoid duplicate auth_failed events to user space we check
3280 * the HCI_CONN_AUTH_PEND flag which will be set if we
3281 * initiated the authentication. A traditional auth_complete
3282 * event gets always produced as initiator and is also mapped to
3283 * the mgmt_auth_failed event */
fa1bd918 3284 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3285 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3286 ev->status);
0493684e 3287
76a68ba0 3288 hci_conn_drop(conn);
2a611692
JH		 3289
3290unlock:
0493684e
MH		 3291 hci_dev_unlock(hdev);
3292}
3293
6039aa73
GP		 3294static void hci_remote_host_features_evt(struct hci_dev *hdev,
3295 struct sk_buff *skb)
41a96212
MH		 3296{
3297 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3298 struct inquiry_entry *ie;
cad718ed 3299 struct hci_conn *conn;
41a96212
MH		 3300
3301 BT_DBG("%s", hdev->name);
3302
3303 hci_dev_lock(hdev);
3304
cad718ed
JH		 3305 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3306 if (conn)
3307 memcpy(conn->features[1], ev->features, 8);
3308
cc11b9c1
AE		 3309 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3310 if (ie)
02b7cc62 3311 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3312
3313 hci_dev_unlock(hdev);
3314}
3315
6039aa73
GP		 3316static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3317 struct sk_buff *skb)
2763eda6
SJ		 3318{
3319 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3320 struct oob_data *data;
3321
3322 BT_DBG("%s", hdev->name);
3323
3324 hci_dev_lock(hdev);
3325
a8b2d5c2 3326 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3327 goto unlock;
3328
2763eda6
SJ		 3329 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3330 if (data) {
3331 struct hci_cp_remote_oob_data_reply cp;
3332
3333 bacpy(&cp.bdaddr, &ev->bdaddr);
3334 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3335 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3336
3337 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3338 &cp);
2763eda6
SJ		 3339 } else {
3340 struct hci_cp_remote_oob_data_neg_reply cp;
3341
3342 bacpy(&cp.bdaddr, &ev->bdaddr);
3343 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3344 &cp);
2763eda6
SJ		 3345 }
3346
e1ba1f15 3347unlock:
2763eda6
SJ		 3348 hci_dev_unlock(hdev);
3349}
3350
d5e91192
AE		 3351static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3352 struct sk_buff *skb)
3353{
3354 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3355 struct hci_conn *hcon, *bredr_hcon;
3356
3357 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3358 ev->status);
3359
3360 hci_dev_lock(hdev);
3361
3362 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3363 if (!hcon) {
3364 hci_dev_unlock(hdev);
3365 return;
3366 }
3367
3368 if (ev->status) {
3369 hci_conn_del(hcon);
3370 hci_dev_unlock(hdev);
3371 return;
3372 }
3373
3374 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3375
3376 hcon->state = BT_CONNECTED;
3377 bacpy(&hcon->dst, &bredr_hcon->dst);
3378
3379 hci_conn_hold(hcon);
3380 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3381 hci_conn_drop(hcon);
d5e91192 3382
d5e91192
AE		 3383 hci_conn_add_sysfs(hcon);
3384
cf70ff22 3385 amp_physical_cfm(bredr_hcon, hcon);
d5e91192 3386
cf70ff22 3387 hci_dev_unlock(hdev);
d5e91192
AE		 3388}
3389
27695fb4
AE		 3390static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3391{
3392 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3393 struct hci_conn *hcon;
3394 struct hci_chan *hchan;
3395 struct amp_mgr *mgr;
3396
3397 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3398 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3399 ev->status);
3400
3401 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3402 if (!hcon)
3403 return;
3404
3405 /* Create AMP hchan */
3406 hchan = hci_chan_create(hcon);
3407 if (!hchan)
3408 return;
3409
3410 hchan->handle = le16_to_cpu(ev->handle);
3411
3412 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3413
3414 mgr = hcon->amp_mgr;
3415 if (mgr && mgr->bredr_chan) {
3416 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3417
3418 l2cap_chan_lock(bredr_chan);
3419
3420 bredr_chan->conn->mtu = hdev->block_mtu;
3421 l2cap_logical_cfm(bredr_chan, hchan, 0);
3422 hci_conn_hold(hcon);
3423
3424 l2cap_chan_unlock(bredr_chan);
3425 }
3426}
3427
606e2a10
AE		 3428static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3429 struct sk_buff *skb)
3430{
3431 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3432 struct hci_chan *hchan;
3433
3434 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3435 le16_to_cpu(ev->handle), ev->status);
3436
3437 if (ev->status)
3438 return;
3439
3440 hci_dev_lock(hdev);
3441
3442 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3443 if (!hchan)
3444 goto unlock;
3445
3446 amp_destroy_logical_link(hchan, ev->reason);
3447
3448unlock:
3449 hci_dev_unlock(hdev);
3450}
3451
9eef6b3a
AE		 3452static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3453 struct sk_buff *skb)
3454{
3455 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3456 struct hci_conn *hcon;
3457
3458 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3459
3460 if (ev->status)
3461 return;
3462
3463 hci_dev_lock(hdev);
3464
3465 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3466 if (hcon) {
3467 hcon->state = BT_CLOSED;
3468 hci_conn_del(hcon);
3469 }
3470
3471 hci_dev_unlock(hdev);
3472}
3473
6039aa73 3474static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3475{
3476 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3477 struct hci_conn *conn;
3478
9f1db00c 3479 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3480
3481 hci_dev_lock(hdev);
3482
b47a09b3 3483 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3484 if (!conn) {
3485 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3486 if (!conn) {
3487 BT_ERR("No memory for new connection");
230fd16a 3488 goto unlock;
b62f328b 3489 }
29b7988a
AG		 3490
3491 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3492
3493 if (ev->role == LE_CONN_ROLE_MASTER) {
3494 conn->out = true;
3495 conn->link_mode |= HCI_LM_MASTER;
3496 }
b62f328b 3497 }
fcd89c09 3498
cd17decb
AG		 3499 if (ev->status) {
3500 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3501 conn->dst_type, ev->status);
3502 hci_proto_connect_cfm(conn, ev->status);
3503 conn->state = BT_CLOSED;
3504 hci_conn_del(conn);
3505 goto unlock;
3506 }
3507
b644ba33
JH		 3508 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3509 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3510 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3511
7b5c0d52 3512 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3513 conn->handle = __le16_to_cpu(ev->handle);
3514 conn->state = BT_CONNECTED;
3515
fcd89c09
VT		 3516 hci_conn_add_sysfs(conn);
3517
3518 hci_proto_connect_cfm(conn, ev->status);
3519
3520unlock:
3521 hci_dev_unlock(hdev);
3522}
3523
6039aa73 3524static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3525{
e95beb41
AG		 3526 u8 num_reports = skb->data[0];
3527 void *ptr = &skb->data[1];
3c9e9195 3528 s8 rssi;
9aa04c91 3529
e95beb41
AG		 3530 while (num_reports--) {
3531 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3532
3c9e9195
AG		 3533 rssi = ev->data[ev->length];
3534 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3535 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3536
e95beb41 3537 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91 3538 }
9aa04c91
AG		 3539}
3540
6039aa73 3541static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3542{
3543 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3544 struct hci_cp_le_ltk_reply cp;
bea710fe 3545 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3546 struct hci_conn *conn;
c9839a11 3547 struct smp_ltk *ltk;
a7a595f6 3548
9f1db00c 3549 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3550
3551 hci_dev_lock(hdev);
3552
3553 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3554 if (conn == NULL)
3555 goto not_found;
a7a595f6 3556
bea710fe
VCG		 3557 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3558 if (ltk == NULL)
3559 goto not_found;
3560
3561 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3562 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3563
3564 if (ltk->authenticated)
f8776218
AG		 3565 conn->pending_sec_level = BT_SECURITY_HIGH;
3566 else
3567 conn->pending_sec_level = BT_SECURITY_MEDIUM;
a7a595f6 3568
89cbb4da 3569 conn->enc_key_size = ltk->enc_size;
a7a595f6
VCG		 3570
3571 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3572
c9839a11
VCG		 3573 if (ltk->type & HCI_SMP_STK) {
3574 list_del(&ltk->list);
3575 kfree(ltk);
3576 }
3577
a7a595f6 3578 hci_dev_unlock(hdev);
bea710fe
VCG		 3579
3580 return;
3581
3582not_found:
3583 neg.handle = ev->handle;
3584 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3585 hci_dev_unlock(hdev);
a7a595f6
VCG		 3586}
3587
6039aa73 3588static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3589{
3590 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3591
3592 skb_pull(skb, sizeof(*le_ev));
3593
3594 switch (le_ev->subevent) {
3595 case HCI_EV_LE_CONN_COMPLETE:
3596 hci_le_conn_complete_evt(hdev, skb);
3597 break;
3598
9aa04c91
AG		 3599 case HCI_EV_LE_ADVERTISING_REPORT:
3600 hci_le_adv_report_evt(hdev, skb);
3601 break;
3602
a7a595f6
VCG		 3603 case HCI_EV_LE_LTK_REQ:
3604 hci_le_ltk_request_evt(hdev, skb);
3605 break;
3606
fcd89c09
VT		 3607 default:
3608 break;
3609 }
3610}
3611
9495b2ee
AE		 3612static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3613{
3614 struct hci_ev_channel_selected *ev = (void *) skb->data;
3615 struct hci_conn *hcon;
3616
3617 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3618
3619 skb_pull(skb, sizeof(*ev));
3620
3621 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3622 if (!hcon)
3623 return;
3624
3625 amp_read_loc_assoc_final_data(hdev, hcon);
3626}
3627
a9de9248
MH		 3628void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3629{
3630 struct hci_event_hdr *hdr = (void *) skb->data;
3631 __u8 event = hdr->evt;
3632
b6ddb638
JH		 3633 hci_dev_lock(hdev);
3634
3635 /* Received events are (currently) only needed when a request is
3636 * ongoing so avoid unnecessary memory allocation.
3637 */
3638 if (hdev->req_status == HCI_REQ_PEND) {
3639 kfree_skb(hdev->recv_evt);
3640 hdev->recv_evt = skb_clone(skb, GFP_KERNEL);
3641 }
3642
3643 hci_dev_unlock(hdev);
3644
a9de9248
MH		 3645 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3646
02350a72
JH		 3647 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->req.event == event) {
3648 struct hci_command_hdr *hdr = (void *) hdev->sent_cmd->data;
3649 u16 opcode = __le16_to_cpu(hdr->opcode);
3650
3651 hci_req_cmd_complete(hdev, opcode, 0);
3652 }
3653
a9de9248 3654 switch (event) {
1da177e4
LT		 3655 case HCI_EV_INQUIRY_COMPLETE:
3656 hci_inquiry_complete_evt(hdev, skb);
3657 break;
3658
3659 case HCI_EV_INQUIRY_RESULT:
3660 hci_inquiry_result_evt(hdev, skb);
3661 break;
3662
a9de9248
MH		 3663 case HCI_EV_CONN_COMPLETE:
3664 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3665 break;
3666
1da177e4
LT		 3667 case HCI_EV_CONN_REQUEST:
3668 hci_conn_request_evt(hdev, skb);
3669 break;
3670
1da177e4
LT		 3671 case HCI_EV_DISCONN_COMPLETE:
3672 hci_disconn_complete_evt(hdev, skb);
3673 break;
3674
1da177e4
LT		 3675 case HCI_EV_AUTH_COMPLETE:
3676 hci_auth_complete_evt(hdev, skb);
3677 break;
3678
a9de9248
MH		 3679 case HCI_EV_REMOTE_NAME:
3680 hci_remote_name_evt(hdev, skb);
3681 break;
3682
1da177e4
LT		 3683 case HCI_EV_ENCRYPT_CHANGE:
3684 hci_encrypt_change_evt(hdev, skb);
3685 break;
3686
a9de9248
MH		 3687 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3688 hci_change_link_key_complete_evt(hdev, skb);
3689 break;
3690
3691 case HCI_EV_REMOTE_FEATURES:
3692 hci_remote_features_evt(hdev, skb);
3693 break;
3694
a9de9248
MH		 3695 case HCI_EV_CMD_COMPLETE:
3696 hci_cmd_complete_evt(hdev, skb);
3697 break;
3698
3699 case HCI_EV_CMD_STATUS:
3700 hci_cmd_status_evt(hdev, skb);
3701 break;
3702
3703 case HCI_EV_ROLE_CHANGE:
3704 hci_role_change_evt(hdev, skb);
3705 break;
3706
3707 case HCI_EV_NUM_COMP_PKTS:
3708 hci_num_comp_pkts_evt(hdev, skb);
3709 break;
3710
3711 case HCI_EV_MODE_CHANGE:
3712 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3713 break;
3714
3715 case HCI_EV_PIN_CODE_REQ:
3716 hci_pin_code_request_evt(hdev, skb);
3717 break;
3718
3719 case HCI_EV_LINK_KEY_REQ:
3720 hci_link_key_request_evt(hdev, skb);
3721 break;
3722
3723 case HCI_EV_LINK_KEY_NOTIFY:
3724 hci_link_key_notify_evt(hdev, skb);
3725 break;
3726
3727 case HCI_EV_CLOCK_OFFSET:
3728 hci_clock_offset_evt(hdev, skb);
3729 break;
3730
a8746417
MH		 3731 case HCI_EV_PKT_TYPE_CHANGE:
3732 hci_pkt_type_change_evt(hdev, skb);
3733 break;
3734
85a1e930
MH		 3735 case HCI_EV_PSCAN_REP_MODE:
3736 hci_pscan_rep_mode_evt(hdev, skb);
3737 break;
3738
a9de9248
MH		 3739 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3740 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3741 break;
3742
a9de9248
MH		 3743 case HCI_EV_REMOTE_EXT_FEATURES:
3744 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3745 break;
3746
a9de9248
MH		 3747 case HCI_EV_SYNC_CONN_COMPLETE:
3748 hci_sync_conn_complete_evt(hdev, skb);
3749 break;
1da177e4 3750
a9de9248
MH		 3751 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3752 hci_extended_inquiry_result_evt(hdev, skb);
3753 break;
1da177e4 3754
1c2e0041
JH		 3755 case HCI_EV_KEY_REFRESH_COMPLETE:
3756 hci_key_refresh_complete_evt(hdev, skb);
3757 break;
3758
0493684e
MH		 3759 case HCI_EV_IO_CAPA_REQUEST:
3760 hci_io_capa_request_evt(hdev, skb);
3761 break;
3762
03b555e1
JH		 3763 case HCI_EV_IO_CAPA_REPLY:
3764 hci_io_capa_reply_evt(hdev, skb);
3765 break;
3766
a5c29683
JH		 3767 case HCI_EV_USER_CONFIRM_REQUEST:
3768 hci_user_confirm_request_evt(hdev, skb);
3769 break;
3770
1143d458
BG		 3771 case HCI_EV_USER_PASSKEY_REQUEST:
3772 hci_user_passkey_request_evt(hdev, skb);
3773 break;
3774
92a25256
JH		 3775 case HCI_EV_USER_PASSKEY_NOTIFY:
3776 hci_user_passkey_notify_evt(hdev, skb);
3777 break;
3778
3779 case HCI_EV_KEYPRESS_NOTIFY:
3780 hci_keypress_notify_evt(hdev, skb);
3781 break;
3782
0493684e
MH		 3783 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3784 hci_simple_pair_complete_evt(hdev, skb);
3785 break;
3786
41a96212
MH		 3787 case HCI_EV_REMOTE_HOST_FEATURES:
3788 hci_remote_host_features_evt(hdev, skb);
3789 break;
3790
fcd89c09
VT		 3791 case HCI_EV_LE_META:
3792 hci_le_meta_evt(hdev, skb);
3793 break;
3794
9495b2ee
AE		 3795 case HCI_EV_CHANNEL_SELECTED:
3796 hci_chan_selected_evt(hdev, skb);
3797 break;
3798
2763eda6
SJ		 3799 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3800 hci_remote_oob_data_request_evt(hdev, skb);
3801 break;
3802
d5e91192
AE		 3803 case HCI_EV_PHY_LINK_COMPLETE:
3804 hci_phy_link_complete_evt(hdev, skb);
3805 break;
3806
27695fb4
AE		 3807 case HCI_EV_LOGICAL_LINK_COMPLETE:
3808 hci_loglink_complete_evt(hdev, skb);
3809 break;
3810
606e2a10
AE		 3811 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
3812 hci_disconn_loglink_complete_evt(hdev, skb);
3813 break;
3814
9eef6b3a
AE		 3815 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
3816 hci_disconn_phylink_complete_evt(hdev, skb);
3817 break;
3818
25e89e99
AE		 3819 case HCI_EV_NUM_COMP_BLOCKS:
3820 hci_num_comp_blocks_evt(hdev, skb);
3821 break;
3822
a9de9248 3823 default:
9f1db00c 3824 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3825 break;
3826 }
3827
3828 kfree_skb(skb);
3829 hdev->stat.evt_rx++;
3830}
Linux kernel - Deliverables
This page took 1.218581 seconds and 5 git commands to generate.