projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Move amp.h header file into net/bluetooth/
[deliverable/linux.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <asm/unaligned.h>
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
f0d6a0ea 31#include <net/bluetooth/mgmt.h>
8e2a0d92 32#include <net/bluetooth/a2mp.h>
7ef9fbf0
MH		 33
34#include "amp.h"
1da177e4 35
1da177e4
LT		 36/* Handle HCI Event packets */
37
a9de9248 38static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 39{
a9de9248 40 __u8 status = *((__u8 *) skb->data);
1da177e4 41
9f1db00c 42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 43
82f4785c 44 if (status)
a9de9248 45 return;
1da177e4 46
89352e7d 47 clear_bit(HCI_INQUIRY, &hdev->flags);
3e13fa1e
AG		 48 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
49 wake_up_bit(&hdev->flags, HCI_INQUIRY);
89352e7d 50
a9de9248
MH		 51 hci_conn_check_pending(hdev);
52}
6bd57416 53
4d93483b
AG		 54static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
55{
56 __u8 status = *((__u8 *) skb->data);
57
9f1db00c 58 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 59
60 if (status)
61 return;
62
63 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 64}
65
a9de9248
MH		 66static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67{
68 __u8 status = *((__u8 *) skb->data);
6bd57416 69
9f1db00c 70 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 71
a9de9248
MH		 72 if (status)
73 return;
1da177e4 74
ae854a70
AG		 75 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
76
a9de9248
MH		 77 hci_conn_check_pending(hdev);
78}
79
807deac2
GP		 80static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
81 struct sk_buff *skb)
a9de9248
MH		 82{
83 BT_DBG("%s", hdev->name);
84}
85
86static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
87{
88 struct hci_rp_role_discovery *rp = (void *) skb->data;
89 struct hci_conn *conn;
90
9f1db00c 91 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 92
93 if (rp->status)
94 return;
95
96 hci_dev_lock(hdev);
97
98 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
99 if (conn) {
100 if (rp->role)
101 conn->link_mode &= ~HCI_LM_MASTER;
102 else
103 conn->link_mode |= HCI_LM_MASTER;
1da177e4 104 }
a9de9248
MH		 105
106 hci_dev_unlock(hdev);
1da177e4
LT		 107}
108
e4e8e37c
MH		 109static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
110{
111 struct hci_rp_read_link_policy *rp = (void *) skb->data;
112 struct hci_conn *conn;
113
9f1db00c 114 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 115
116 if (rp->status)
117 return;
118
119 hci_dev_lock(hdev);
120
121 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
122 if (conn)
123 conn->link_policy = __le16_to_cpu(rp->policy);
124
125 hci_dev_unlock(hdev);
126}
127
a9de9248 128static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 129{
a9de9248 130 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 131 struct hci_conn *conn;
04837f64 132 void *sent;
1da177e4 133
9f1db00c 134 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 135
a9de9248
MH		 136 if (rp->status)
137 return;
1da177e4 138
a9de9248
MH		 139 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
140 if (!sent)
141 return;
1da177e4 142
a9de9248 143 hci_dev_lock(hdev);
1da177e4 144
a9de9248 145 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 146 if (conn)
83985319 147 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 148
a9de9248
MH		 149 hci_dev_unlock(hdev);
150}
1da177e4 151
807deac2
GP		 152static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
153 struct sk_buff *skb)
e4e8e37c
MH		 154{
155 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
156
9f1db00c 157 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 158
159 if (rp->status)
160 return;
161
162 hdev->link_policy = __le16_to_cpu(rp->policy);
163}
164
807deac2
GP		 165static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
166 struct sk_buff *skb)
e4e8e37c
MH		 167{
168 __u8 status = *((__u8 *) skb->data);
169 void *sent;
170
9f1db00c 171 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 172
173 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
174 if (!sent)
175 return;
176
177 if (!status)
178 hdev->link_policy = get_unaligned_le16(sent);
e4e8e37c
MH		 179}
180
a9de9248
MH		 181static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
182{
183 __u8 status = *((__u8 *) skb->data);
04837f64 184
9f1db00c 185 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 186
10572132
GP		 187 clear_bit(HCI_RESET, &hdev->flags);
188
a297e97c 189 /* Reset all non-persistent flags */
2cc6fb00 190 hdev->dev_flags &= ~HCI_PERSISTENT_MASK;
69775ff6
AG		 191
192 hdev->discovery.state = DISCOVERY_STOPPED;
bbaf444a
JH		 193 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
194 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
3f0f524b
JH		 195
196 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
197 hdev->adv_data_len = 0;
a9de9248 198}
04837f64 199
a9de9248
MH		 200static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
201{
202 __u8 status = *((__u8 *) skb->data);
203 void *sent;
04837f64 204
9f1db00c 205 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 206
a9de9248
MH		 207 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
208 if (!sent)
209 return;
04837f64 210
56e5cb86
JH		 211 hci_dev_lock(hdev);
212
f51d5b24
JH		 213 if (test_bit(HCI_MGMT, &hdev->dev_flags))
214 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 215 else if (!status)
216 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 217
56e5cb86 218 hci_dev_unlock(hdev);
a9de9248
MH		 219}
220
221static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
222{
223 struct hci_rp_read_local_name *rp = (void *) skb->data;
224
9f1db00c 225 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 226
227 if (rp->status)
228 return;
229
db99b5fc
JH		 230 if (test_bit(HCI_SETUP, &hdev->dev_flags))
231 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 232}
233
234static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
235{
236 __u8 status = *((__u8 *) skb->data);
237 void *sent;
238
9f1db00c 239 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 240
241 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
242 if (!sent)
243 return;
244
245 if (!status) {
246 __u8 param = *((__u8 *) sent);
247
248 if (param == AUTH_ENABLED)
249 set_bit(HCI_AUTH, &hdev->flags);
250 else
251 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 252 }
a9de9248 253
33ef95ed
JH		 254 if (test_bit(HCI_MGMT, &hdev->dev_flags))
255 mgmt_auth_enable_complete(hdev, status);
1da177e4
LT		 256}
257
a9de9248 258static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 259{
a9de9248 260 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 261 void *sent;
262
9f1db00c 263 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 264
a9de9248
MH		 265 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
266 if (!sent)
267 return;
1da177e4 268
a9de9248
MH		 269 if (!status) {
270 __u8 param = *((__u8 *) sent);
271
272 if (param)
273 set_bit(HCI_ENCRYPT, &hdev->flags);
274 else
275 clear_bit(HCI_ENCRYPT, &hdev->flags);
276 }
a9de9248 277}
1da177e4 278
a9de9248
MH		 279static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
280{
36f7fc7e
JH		 281 __u8 param, status = *((__u8 *) skb->data);
282 int old_pscan, old_iscan;
a9de9248 283 void *sent;
1da177e4 284
9f1db00c 285 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 286
a9de9248
MH		 287 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
288 if (!sent)
289 return;
1da177e4 290
36f7fc7e
JH		 291 param = *((__u8 *) sent);
292
56e5cb86
JH		 293 hci_dev_lock(hdev);
294
fa1bd918 295 if (status) {
744cf19e 296 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 297 hdev->discov_timeout = 0;
298 goto done;
299 }
300
0663ca2a
JH		 301 /* We need to ensure that we set this back on if someone changed
302 * the scan mode through a raw HCI socket.
303 */
304 set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
305
36f7fc7e
JH		 306 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
307 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
308
309 if (param & SCAN_INQUIRY) {
310 set_bit(HCI_ISCAN, &hdev->flags);
311 if (!old_iscan)
744cf19e 312 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 313 if (hdev->discov_timeout > 0) {
314 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
315 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 316 to);
16ab91ab 317 }
36f7fc7e 318 } else if (old_iscan)
744cf19e 319 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 320
321 if (param & SCAN_PAGE) {
322 set_bit(HCI_PSCAN, &hdev->flags);
323 if (!old_pscan)
744cf19e 324 mgmt_connectable(hdev, 1);
36f7fc7e 325 } else if (old_pscan)
744cf19e 326 mgmt_connectable(hdev, 0);
1da177e4 327
36f7fc7e 328done:
56e5cb86 329 hci_dev_unlock(hdev);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 335
9f1db00c 336 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 337
a9de9248
MH		 338 if (rp->status)
339 return;
1da177e4 340
a9de9248 341 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 342
a9de9248 343 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 344 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 345}
1da177e4 346
a9de9248
MH		 347static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
348{
349 __u8 status = *((__u8 *) skb->data);
350 void *sent;
1da177e4 351
9f1db00c 352 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 353
a9de9248
MH		 354 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
355 if (!sent)
356 return;
1da177e4 357
7f9a903c
MH		 358 hci_dev_lock(hdev);
359
360 if (status == 0)
361 memcpy(hdev->dev_class, sent, 3);
362
363 if (test_bit(HCI_MGMT, &hdev->dev_flags))
364 mgmt_set_class_of_dev_complete(hdev, sent, status);
365
366 hci_dev_unlock(hdev);
a9de9248 367}
1da177e4 368
a9de9248
MH		 369static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
370{
371 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
372 __u16 setting;
373
9f1db00c 374 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 375
376 if (rp->status)
377 return;
378
379 setting = __le16_to_cpu(rp->voice_setting);
380
f383f275 381 if (hdev->voice_setting == setting)
a9de9248
MH		 382 return;
383
384 hdev->voice_setting = setting;
385
9f1db00c 386 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 387
3c54711c 388 if (hdev->notify)
a9de9248 389 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 390}
391
8fc9ced3
GP		 392static void hci_cc_write_voice_setting(struct hci_dev *hdev,
393 struct sk_buff *skb)
a9de9248
MH		 394{
395 __u8 status = *((__u8 *) skb->data);
f383f275 396 __u16 setting;
a9de9248
MH		 397 void *sent;
398
9f1db00c 399 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 400
f383f275
MH		 401 if (status)
402 return;
403
a9de9248
MH		 404 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
405 if (!sent)
406 return;
1da177e4 407
f383f275 408 setting = get_unaligned_le16(sent);
1da177e4 409
f383f275
MH		 410 if (hdev->voice_setting == setting)
411 return;
412
413 hdev->voice_setting = setting;
1da177e4 414
9f1db00c 415 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 416
3c54711c 417 if (hdev->notify)
f383f275 418 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 419}
420
333140b5
MH		 421static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
422{
423 __u8 status = *((__u8 *) skb->data);
5ed8eb2f 424 struct hci_cp_write_ssp_mode *sent;
333140b5 425
9f1db00c 426 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 427
333140b5
MH		 428 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
429 if (!sent)
430 return;
431
5ed8eb2f
JH		 432 if (!status) {
433 if (sent->mode)
cad718ed 434 hdev->features[1][0] |= LMP_HOST_SSP;
5ed8eb2f 435 else
cad718ed 436 hdev->features[1][0] &= ~LMP_HOST_SSP;
5ed8eb2f
JH		 437 }
438
ed2c4ee3 439 if (test_bit(HCI_MGMT, &hdev->dev_flags))
5ed8eb2f 440 mgmt_ssp_enable_complete(hdev, sent->mode, status);
c0ecddc2 441 else if (!status) {
5ed8eb2f 442 if (sent->mode)
c0ecddc2
JH		 443 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
444 else
445 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
446 }
333140b5
MH		 447}
448
a9de9248
MH		 449static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
450{
451 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 452
9f1db00c 453 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 454
a9de9248 455 if (rp->status)
42c6b129 456 return;
1143e5a6 457
a9de9248 458 hdev->hci_ver = rp->hci_ver;
e4e8e37c 459 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 460 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 461 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 462 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 463
9f1db00c 464 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 465 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 466}
467
8fc9ced3
GP		 468static void hci_cc_read_local_commands(struct hci_dev *hdev,
469 struct sk_buff *skb)
a9de9248
MH		 470{
471 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 472
9f1db00c 473 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 474
2177bab5
JH		 475 if (!rp->status)
476 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
a9de9248 477}
1da177e4 478
8fc9ced3
GP		 479static void hci_cc_read_local_features(struct hci_dev *hdev,
480 struct sk_buff *skb)
a9de9248
MH		 481{
482 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 483
9f1db00c 484 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 485
a9de9248
MH		 486 if (rp->status)
487 return;
5b7f9909 488
a9de9248 489 memcpy(hdev->features, rp->features, 8);
5b7f9909 490
a9de9248
MH		 491 /* Adjust default settings according to features
492 * supported by device. */
1da177e4 493
cad718ed 494 if (hdev->features[0][0] & LMP_3SLOT)
a9de9248 495 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 496
cad718ed 497 if (hdev->features[0][0] & LMP_5SLOT)
a9de9248 498 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 499
cad718ed 500 if (hdev->features[0][1] & LMP_HV2) {
a9de9248
MH		 501 hdev->pkt_type |= (HCI_HV2);
502 hdev->esco_type |= (ESCO_HV2);
503 }
1da177e4 504
cad718ed 505 if (hdev->features[0][1] & LMP_HV3) {
a9de9248
MH		 506 hdev->pkt_type |= (HCI_HV3);
507 hdev->esco_type |= (ESCO_HV3);
508 }
1da177e4 509
45db810f 510 if (lmp_esco_capable(hdev))
a9de9248 511 hdev->esco_type |= (ESCO_EV3);
da1f5198 512
cad718ed 513 if (hdev->features[0][4] & LMP_EV4)
a9de9248 514 hdev->esco_type |= (ESCO_EV4);
da1f5198 515
cad718ed 516 if (hdev->features[0][4] & LMP_EV5)
a9de9248 517 hdev->esco_type |= (ESCO_EV5);
1da177e4 518
cad718ed 519 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
efc7688b
MH		 520 hdev->esco_type |= (ESCO_2EV3);
521
cad718ed 522 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
efc7688b
MH		 523 hdev->esco_type |= (ESCO_3EV3);
524
cad718ed 525 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
efc7688b
MH		 526 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
527
a9de9248 528 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
cad718ed
JH		 529 hdev->features[0][0], hdev->features[0][1],
530 hdev->features[0][2], hdev->features[0][3],
531 hdev->features[0][4], hdev->features[0][5],
532 hdev->features[0][6], hdev->features[0][7]);
a9de9248 533}
1da177e4 534
971e3a4b 535static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 536 struct sk_buff *skb)
971e3a4b
AG		 537{
538 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
539
9f1db00c 540 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 541
542 if (rp->status)
42c6b129 543 return;
971e3a4b 544
d2c5d77f
JH		 545 hdev->max_page = rp->max_page;
546
cad718ed
JH		 547 if (rp->page < HCI_MAX_PAGES)
548 memcpy(hdev->features[rp->page], rp->features, 8);
971e3a4b
AG		 549}
550
1e89cffb 551static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 552 struct sk_buff *skb)
1e89cffb
AE		 553{
554 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
555
9f1db00c 556 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb 557
42c6b129
JH		 558 if (!rp->status)
559 hdev->flow_ctl_mode = rp->mode;
1e89cffb
AE		 560}
561
a9de9248
MH		 562static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
563{
564 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 565
9f1db00c 566 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 567
a9de9248
MH		 568 if (rp->status)
569 return;
1da177e4 570
a9de9248
MH		 571 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
572 hdev->sco_mtu = rp->sco_mtu;
573 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
574 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
575
576 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
577 hdev->sco_mtu = 64;
578 hdev->sco_pkts = 8;
1da177e4 579 }
a9de9248
MH		 580
581 hdev->acl_cnt = hdev->acl_pkts;
582 hdev->sco_cnt = hdev->sco_pkts;
583
807deac2
GP		 584 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
585 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 586}
587
588static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
589{
590 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
591
9f1db00c 592 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 593
594 if (!rp->status)
595 bacpy(&hdev->bdaddr, &rp->bdaddr);
23bb5763
JH		 596}
597
f332ec66
JH		 598static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
599 struct sk_buff *skb)
600{
601 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
602
603 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
604
605 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status) {
606 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
607 hdev->page_scan_window = __le16_to_cpu(rp->window);
608 }
609}
610
4a3ee763
JH		 611static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
612 struct sk_buff *skb)
613{
614 u8 status = *((u8 *) skb->data);
615 struct hci_cp_write_page_scan_activity *sent;
616
617 BT_DBG("%s status 0x%2.2x", hdev->name, status);
618
619 if (status)
620 return;
621
622 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
623 if (!sent)
624 return;
625
626 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
627 hdev->page_scan_window = __le16_to_cpu(sent->window);
628}
629
f332ec66
JH		 630static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
631 struct sk_buff *skb)
632{
633 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
634
635 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
636
637 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status)
638 hdev->page_scan_type = rp->type;
639}
640
4a3ee763
JH		 641static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
642 struct sk_buff *skb)
643{
644 u8 status = *((u8 *) skb->data);
645 u8 *type;
646
647 BT_DBG("%s status 0x%2.2x", hdev->name, status);
648
649 if (status)
650 return;
651
652 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
653 if (type)
654 hdev->page_scan_type = *type;
655}
656
350ee4cf 657static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 658 struct sk_buff *skb)
350ee4cf
AE		 659{
660 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
661
9f1db00c 662 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 663
664 if (rp->status)
665 return;
666
667 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
668 hdev->block_len = __le16_to_cpu(rp->block_len);
669 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
670
671 hdev->block_cnt = hdev->num_blocks;
672
673 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 674 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 675}
676
928abaa7 677static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 678 struct sk_buff *skb)
928abaa7
AE		 679{
680 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
681
9f1db00c 682 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 683
684 if (rp->status)
8e2a0d92 685 goto a2mp_rsp;
928abaa7
AE		 686
687 hdev->amp_status = rp->amp_status;
688 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
689 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
690 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
691 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
692 hdev->amp_type = rp->amp_type;
693 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
694 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
695 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
696 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
697
8e2a0d92
AE		 698a2mp_rsp:
699 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 700}
701
903e4541
AE		 702static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
703 struct sk_buff *skb)
704{
705 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
706 struct amp_assoc *assoc = &hdev->loc_assoc;
707 size_t rem_len, frag_len;
708
709 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
710
711 if (rp->status)
712 goto a2mp_rsp;
713
714 frag_len = skb->len - sizeof(*rp);
715 rem_len = __le16_to_cpu(rp->rem_len);
716
717 if (rem_len > frag_len) {
2e430be3 718 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 719
720 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
721 assoc->offset += frag_len;
722
723 /* Read other fragments */
724 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
725
726 return;
727 }
728
729 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
730 assoc->len = assoc->offset + rem_len;
731 assoc->offset = 0;
732
733a2mp_rsp:
734 /* Send A2MP Rsp when all fragments are received */
735 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 736 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 737}
738
d5859e22 739static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 740 struct sk_buff *skb)
d5859e22 741{
91c4e9b1 742 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 743
9f1db00c 744 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 745
746 if (!rp->status)
747 hdev->inq_tx_power = rp->tx_power;
d5859e22
JH		 748}
749
980e1a53
JH		 750static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
751{
752 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
753 struct hci_cp_pin_code_reply *cp;
754 struct hci_conn *conn;
755
9f1db00c 756 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 757
56e5cb86
JH		 758 hci_dev_lock(hdev);
759
a8b2d5c2 760 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 761 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 762
fa1bd918 763 if (rp->status)
56e5cb86 764 goto unlock;
980e1a53
JH		 765
766 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
767 if (!cp)
56e5cb86 768 goto unlock;
980e1a53
JH		 769
770 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
771 if (conn)
772 conn->pin_length = cp->pin_len;
56e5cb86
JH		 773
774unlock:
775 hci_dev_unlock(hdev);
980e1a53
JH		 776}
777
778static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
779{
780 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
781
9f1db00c 782 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 783
56e5cb86
JH		 784 hci_dev_lock(hdev);
785
a8b2d5c2 786 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 787 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 788 rp->status);
56e5cb86
JH		 789
790 hci_dev_unlock(hdev);
980e1a53 791}
56e5cb86 792
6ed58ec5
VT		 793static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
794 struct sk_buff *skb)
795{
796 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
797
9f1db00c 798 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 799
800 if (rp->status)
801 return;
802
803 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
804 hdev->le_pkts = rp->le_max_pkt;
805
806 hdev->le_cnt = hdev->le_pkts;
807
808 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
6ed58ec5 809}
980e1a53 810
60e77321
JH		 811static void hci_cc_le_read_local_features(struct hci_dev *hdev,
812 struct sk_buff *skb)
813{
814 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
815
816 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
817
818 if (!rp->status)
819 memcpy(hdev->le_features, rp->features, 8);
60e77321
JH		 820}
821
8fa19098
JH		 822static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
823 struct sk_buff *skb)
824{
825 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
826
827 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
828
04b4edcb 829 if (!rp->status)
8fa19098 830 hdev->adv_tx_power = rp->tx_power;
8fa19098
JH		 831}
832
a5c29683
JH		 833static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
834{
835 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
836
9f1db00c 837 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 838
56e5cb86
JH		 839 hci_dev_lock(hdev);
840
a8b2d5c2 841 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 842 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
843 rp->status);
56e5cb86
JH		 844
845 hci_dev_unlock(hdev);
a5c29683
JH		 846}
847
848static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 849 struct sk_buff *skb)
a5c29683
JH		 850{
851 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
852
9f1db00c 853 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 854
56e5cb86
JH		 855 hci_dev_lock(hdev);
856
a8b2d5c2 857 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 858 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 859 ACL_LINK, 0, rp->status);
56e5cb86
JH		 860
861 hci_dev_unlock(hdev);
a5c29683
JH		 862}
863
1143d458
BG		 864static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
865{
866 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
867
9f1db00c 868 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 869
870 hci_dev_lock(hdev);
871
a8b2d5c2 872 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 873 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 874 0, rp->status);
1143d458
BG		 875
876 hci_dev_unlock(hdev);
877}
878
879static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 880 struct sk_buff *skb)
1143d458
BG		 881{
882 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
883
9f1db00c 884 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 885
886 hci_dev_lock(hdev);
887
a8b2d5c2 888 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 889 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 890 ACL_LINK, 0, rp->status);
1143d458
BG		 891
892 hci_dev_unlock(hdev);
893}
894
c35938b2 895static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 896 struct sk_buff *skb)
c35938b2
SJ		 897{
898 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
899
9f1db00c 900 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 901
56e5cb86 902 hci_dev_lock(hdev);
744cf19e 903 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 904 rp->randomizer, rp->status);
56e5cb86 905 hci_dev_unlock(hdev);
c35938b2
SJ		 906}
907
c1d5dc4a
JH		 908static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
909{
910 __u8 *sent, status = *((__u8 *) skb->data);
911
912 BT_DBG("%s status 0x%2.2x", hdev->name, status);
913
914 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
915 if (!sent)
916 return;
917
918 hci_dev_lock(hdev);
919
920 if (!status) {
921 if (*sent)
f3d3444a 922 set_bit(HCI_ADVERTISING, &hdev->dev_flags);
c1d5dc4a 923 else
f3d3444a 924 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
c1d5dc4a
JH		 925 }
926
04b4edcb
JH		 927 if (!test_bit(HCI_INIT, &hdev->flags)) {
928 struct hci_request req;
c1d5dc4a 929
04b4edcb
JH		 930 hci_req_init(&req, hdev);
931 hci_update_ad(&req);
932 hci_req_run(&req, NULL);
933 }
934
935 hci_dev_unlock(hdev);
c1d5dc4a
JH		 936}
937
eb9d91f5 938static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 939 struct sk_buff *skb)
eb9d91f5
AG		 940{
941 struct hci_cp_le_set_scan_enable *cp;
942 __u8 status = *((__u8 *) skb->data);
943
9f1db00c 944 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 945
eb9d91f5
AG		 946 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
947 if (!cp)
948 return;
949
3fd319b8
AG		 950 if (status)
951 return;
952
68a8aea4 953 switch (cp->enable) {
76a388be 954 case LE_SCAN_ENABLE:
d23264a8 955 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 956 break;
957
76a388be 958 case LE_SCAN_DISABLE:
d23264a8 959 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 960 break;
961
962 default:
963 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
964 break;
35815085 965 }
eb9d91f5
AG		 966}
967
cf1d081f
JH		 968static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
969 struct sk_buff *skb)
970{
971 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
972
973 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
974
975 if (!rp->status)
976 hdev->le_white_list_size = rp->size;
cf1d081f
JH		 977}
978
9b008c04
JH		 979static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
980 struct sk_buff *skb)
981{
982 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
983
984 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
985
986 if (!rp->status)
987 memcpy(hdev->le_states, rp->le_states, 8);
9b008c04
JH		 988}
989
6039aa73
GP		 990static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
991 struct sk_buff *skb)
f9b49306 992{
06199cf8 993 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 994 __u8 status = *((__u8 *) skb->data);
995
9f1db00c 996 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 997
06199cf8 998 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 999 if (!sent)
f9b49306
AG		 1000 return;
1001
8f984dfa 1002 if (!status) {
416a4ae5 1003 if (sent->le) {
cad718ed 1004 hdev->features[1][0] |= LMP_HOST_LE;
416a4ae5
JH		 1005 set_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1006 } else {
cad718ed 1007 hdev->features[1][0] &= ~LMP_HOST_LE;
416a4ae5 1008 clear_bit(HCI_LE_ENABLED, &hdev->dev_flags);
f3d3444a 1009 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
416a4ae5 1010 }
53b2caab
JH		 1011
1012 if (sent->simul)
cad718ed 1013 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
53b2caab 1014 else
cad718ed 1015 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
8f984dfa 1016 }
f9b49306
AG		 1017}
1018
93c284ee
AE		 1019static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1020 struct sk_buff *skb)
1021{
1022 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1023
1024 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1025 hdev->name, rp->status, rp->phy_handle);
1026
1027 if (rp->status)
1028 return;
1029
1030 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1031}
1032
6039aa73 1033static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1034{
9f1db00c 1035 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1036
1037 if (status) {
a9de9248 1038 hci_conn_check_pending(hdev);
314b2381
JH		 1039 return;
1040 }
1041
89352e7d 1042 set_bit(HCI_INQUIRY, &hdev->flags);
1da177e4
LT		 1043}
1044
6039aa73 1045static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1046{
a9de9248 1047 struct hci_cp_create_conn *cp;
1da177e4 1048 struct hci_conn *conn;
1da177e4 1049
9f1db00c 1050 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1051
1052 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1053 if (!cp)
1054 return;
1055
1056 hci_dev_lock(hdev);
1057
1058 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1059
6ed93dc6 1060 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1061
1062 if (status) {
1063 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1064 if (status != 0x0c || conn->attempt > 2) {
1065 conn->state = BT_CLOSED;
1066 hci_proto_connect_cfm(conn, status);
1067 hci_conn_del(conn);
1068 } else
1069 conn->state = BT_CONNECT2;
1da177e4
LT		 1070 }
1071 } else {
1072 if (!conn) {
1073 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1074 if (conn) {
a0c808b3 1075 conn->out = true;
1da177e4
LT		 1076 conn->link_mode |= HCI_LM_MASTER;
1077 } else
893ef971 1078 BT_ERR("No memory for new connection");
1da177e4
LT		 1079 }
1080 }
1081
1082 hci_dev_unlock(hdev);
1083}
1084
a9de9248 1085static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1086{
a9de9248
MH		 1087 struct hci_cp_add_sco *cp;
1088 struct hci_conn *acl, *sco;
1089 __u16 handle;
1da177e4 1090
9f1db00c 1091 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1092
a9de9248
MH		 1093 if (!status)
1094 return;
1da177e4 1095
a9de9248
MH		 1096 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1097 if (!cp)
1098 return;
1da177e4 1099
a9de9248 1100 handle = __le16_to_cpu(cp->handle);
1da177e4 1101
9f1db00c 1102 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1103
a9de9248 1104 hci_dev_lock(hdev);
1da177e4 1105
a9de9248 1106 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1107 if (acl) {
1108 sco = acl->link;
1109 if (sco) {
1110 sco->state = BT_CLOSED;
1da177e4 1111
5a08ecce
AE		 1112 hci_proto_connect_cfm(sco, status);
1113 hci_conn_del(sco);
1114 }
a9de9248 1115 }
1da177e4 1116
a9de9248
MH		 1117 hci_dev_unlock(hdev);
1118}
1da177e4 1119
f8558555
MH		 1120static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1121{
1122 struct hci_cp_auth_requested *cp;
1123 struct hci_conn *conn;
1124
9f1db00c 1125 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1126
1127 if (!status)
1128 return;
1129
1130 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1131 if (!cp)
1132 return;
1133
1134 hci_dev_lock(hdev);
1135
1136 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1137 if (conn) {
1138 if (conn->state == BT_CONFIG) {
1139 hci_proto_connect_cfm(conn, status);
76a68ba0 1140 hci_conn_drop(conn);
f8558555
MH		 1141 }
1142 }
1143
1144 hci_dev_unlock(hdev);
1145}
1146
1147static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1148{
1149 struct hci_cp_set_conn_encrypt *cp;
1150 struct hci_conn *conn;
1151
9f1db00c 1152 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1153
1154 if (!status)
1155 return;
1156
1157 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1158 if (!cp)
1159 return;
1160
1161 hci_dev_lock(hdev);
1162
1163 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1164 if (conn) {
1165 if (conn->state == BT_CONFIG) {
1166 hci_proto_connect_cfm(conn, status);
76a68ba0 1167 hci_conn_drop(conn);
f8558555
MH		 1168 }
1169 }
1170
1171 hci_dev_unlock(hdev);
1172}
1173
127178d2 1174static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1175 struct hci_conn *conn)
392599b9 1176{
392599b9
JH		 1177 if (conn->state != BT_CONFIG || !conn->out)
1178 return 0;
1179
765c2a96 1180 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1181 return 0;
1182
1183 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1184 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1185 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1186 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1187 return 0;
1188
392599b9
JH		 1189 return 1;
1190}
1191
6039aa73 1192static int hci_resolve_name(struct hci_dev *hdev,
04124681 1193 struct inquiry_entry *e)
30dc78e1
JH		 1194{
1195 struct hci_cp_remote_name_req cp;
1196
1197 memset(&cp, 0, sizeof(cp));
1198
1199 bacpy(&cp.bdaddr, &e->data.bdaddr);
1200 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1201 cp.pscan_mode = e->data.pscan_mode;
1202 cp.clock_offset = e->data.clock_offset;
1203
1204 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1205}
1206
b644ba33 1207static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1208{
1209 struct discovery_state *discov = &hdev->discovery;
1210 struct inquiry_entry *e;
1211
b644ba33
JH		 1212 if (list_empty(&discov->resolve))
1213 return false;
1214
1215 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1216 if (!e)
1217 return false;
1218
b644ba33
JH		 1219 if (hci_resolve_name(hdev, e) == 0) {
1220 e->name_state = NAME_PENDING;
1221 return true;
1222 }
1223
1224 return false;
1225}
1226
1227static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1228 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1229{
1230 struct discovery_state *discov = &hdev->discovery;
1231 struct inquiry_entry *e;
1232
1233 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1234 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1235 name_len, conn->dev_class);
b644ba33
JH		 1236
1237 if (discov->state == DISCOVERY_STOPPED)
1238 return;
1239
30dc78e1
JH		 1240 if (discov->state == DISCOVERY_STOPPING)
1241 goto discov_complete;
1242
1243 if (discov->state != DISCOVERY_RESOLVING)
1244 return;
1245
1246 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1247 /* If the device was not found in a list of found devices names of which
1248 * are pending. there is no need to continue resolving a next name as it
1249 * will be done upon receiving another Remote Name Request Complete
1250 * Event */
1251 if (!e)
1252 return;
1253
1254 list_del(&e->list);
1255 if (name) {
30dc78e1 1256 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1257 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1258 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1259 } else {
1260 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1261 }
1262
b644ba33 1263 if (hci_resolve_next_name(hdev))
30dc78e1 1264 return;
30dc78e1
JH		 1265
1266discov_complete:
1267 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1268}
1269
a9de9248
MH		 1270static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1271{
127178d2
JH		 1272 struct hci_cp_remote_name_req *cp;
1273 struct hci_conn *conn;
1274
9f1db00c 1275 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1276
1277 /* If successful wait for the name req complete event before
1278 * checking for the need to do authentication */
1279 if (!status)
1280 return;
1281
1282 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1283 if (!cp)
1284 return;
1285
1286 hci_dev_lock(hdev);
1287
b644ba33
JH		 1288 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1289
a8b2d5c2 1290 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1291 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1292
79c6c70c
JH		 1293 if (!conn)
1294 goto unlock;
1295
1296 if (!hci_outgoing_auth_needed(hdev, conn))
1297 goto unlock;
1298
51a8efd7 1299 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
c1f23a2b
JB		 1300 struct hci_cp_auth_requested auth_cp;
1301
1302 auth_cp.handle = __cpu_to_le16(conn->handle);
1303 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
1304 sizeof(auth_cp), &auth_cp);
127178d2
JH		 1305 }
1306
79c6c70c 1307unlock:
127178d2 1308 hci_dev_unlock(hdev);
a9de9248 1309}
1da177e4 1310
769be974
MH		 1311static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1312{
1313 struct hci_cp_read_remote_features *cp;
1314 struct hci_conn *conn;
1315
9f1db00c 1316 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1317
1318 if (!status)
1319 return;
1320
1321 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1322 if (!cp)
1323 return;
1324
1325 hci_dev_lock(hdev);
1326
1327 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1328 if (conn) {
1329 if (conn->state == BT_CONFIG) {
769be974 1330 hci_proto_connect_cfm(conn, status);
76a68ba0 1331 hci_conn_drop(conn);
769be974
MH		 1332 }
1333 }
1334
1335 hci_dev_unlock(hdev);
1336}
1337
1338static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1339{
1340 struct hci_cp_read_remote_ext_features *cp;
1341 struct hci_conn *conn;
1342
9f1db00c 1343 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1344
1345 if (!status)
1346 return;
1347
1348 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1349 if (!cp)
1350 return;
1351
1352 hci_dev_lock(hdev);
1353
1354 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1355 if (conn) {
1356 if (conn->state == BT_CONFIG) {
769be974 1357 hci_proto_connect_cfm(conn, status);
76a68ba0 1358 hci_conn_drop(conn);
769be974
MH		 1359 }
1360 }
1361
1362 hci_dev_unlock(hdev);
1363}
1364
a9de9248
MH		 1365static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1366{
b6a0dc82
MH		 1367 struct hci_cp_setup_sync_conn *cp;
1368 struct hci_conn *acl, *sco;
1369 __u16 handle;
1370
9f1db00c 1371 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1372
1373 if (!status)
1374 return;
1375
1376 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1377 if (!cp)
1378 return;
1379
1380 handle = __le16_to_cpu(cp->handle);
1381
9f1db00c 1382 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1383
1384 hci_dev_lock(hdev);
1385
1386 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1387 if (acl) {
1388 sco = acl->link;
1389 if (sco) {
1390 sco->state = BT_CLOSED;
b6a0dc82 1391
5a08ecce
AE		 1392 hci_proto_connect_cfm(sco, status);
1393 hci_conn_del(sco);
1394 }
b6a0dc82
MH		 1395 }
1396
1397 hci_dev_unlock(hdev);
1da177e4
LT		 1398}
1399
a9de9248 1400static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1401{
a9de9248
MH		 1402 struct hci_cp_sniff_mode *cp;
1403 struct hci_conn *conn;
1da177e4 1404
9f1db00c 1405 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1406
a9de9248
MH		 1407 if (!status)
1408 return;
04837f64 1409
a9de9248
MH		 1410 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1411 if (!cp)
1412 return;
04837f64 1413
a9de9248 1414 hci_dev_lock(hdev);
04837f64 1415
a9de9248 1416 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1417 if (conn) {
51a8efd7 1418 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1419
51a8efd7 1420 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1421 hci_sco_setup(conn, status);
1422 }
1423
a9de9248
MH		 1424 hci_dev_unlock(hdev);
1425}
04837f64 1426
a9de9248
MH		 1427static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1428{
1429 struct hci_cp_exit_sniff_mode *cp;
1430 struct hci_conn *conn;
04837f64 1431
9f1db00c 1432 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1433
a9de9248
MH		 1434 if (!status)
1435 return;
04837f64 1436
a9de9248
MH		 1437 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1438 if (!cp)
1439 return;
04837f64 1440
a9de9248 1441 hci_dev_lock(hdev);
1da177e4 1442
a9de9248 1443 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1444 if (conn) {
51a8efd7 1445 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1446
51a8efd7 1447 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1448 hci_sco_setup(conn, status);
1449 }
1450
a9de9248 1451 hci_dev_unlock(hdev);
1da177e4
LT		 1452}
1453
88c3df13
JH		 1454static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1455{
1456 struct hci_cp_disconnect *cp;
1457 struct hci_conn *conn;
1458
1459 if (!status)
1460 return;
1461
1462 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1463 if (!cp)
1464 return;
1465
1466 hci_dev_lock(hdev);
1467
1468 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1469 if (conn)
1470 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1471 conn->dst_type, status);
88c3df13
JH		 1472
1473 hci_dev_unlock(hdev);
1474}
1475
a02226d6
AE		 1476static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1477{
93c284ee
AE		 1478 struct hci_cp_create_phy_link *cp;
1479
a02226d6 1480 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee 1481
93c284ee
AE		 1482 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1483 if (!cp)
1484 return;
1485
e58917b9
AE		 1486 hci_dev_lock(hdev);
1487
1488 if (status) {
1489 struct hci_conn *hcon;
1490
1491 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1492 if (hcon)
1493 hci_conn_del(hcon);
1494 } else {
1495 amp_write_remote_assoc(hdev, cp->phy_handle);
1496 }
1497
1498 hci_dev_unlock(hdev);
a02226d6
AE		 1499}
1500
0b26ab9d
AE		 1501static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1502{
1503 struct hci_cp_accept_phy_link *cp;
1504
1505 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1506
1507 if (status)
1508 return;
1509
1510 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1511 if (!cp)
1512 return;
1513
1514 amp_write_remote_assoc(hdev, cp->phy_handle);
1515}
1516
6039aa73 1517static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1518{
1519 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1520 struct discovery_state *discov = &hdev->discovery;
1521 struct inquiry_entry *e;
1da177e4 1522
9f1db00c 1523 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1524
a9de9248 1525 hci_conn_check_pending(hdev);
89352e7d
AG		 1526
1527 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1528 return;
1529
3e13fa1e
AG		 1530 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
1531 wake_up_bit(&hdev->flags, HCI_INQUIRY);
1532
a8b2d5c2 1533 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1534 return;
1535
56e5cb86 1536 hci_dev_lock(hdev);
30dc78e1 1537
343f935b 1538 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1539 goto unlock;
1540
1541 if (list_empty(&discov->resolve)) {
1542 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1543 goto unlock;
1544 }
1545
1546 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1547 if (e && hci_resolve_name(hdev, e) == 0) {
1548 e->name_state = NAME_PENDING;
1549 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1550 } else {
1551 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1552 }
1553
1554unlock:
56e5cb86 1555 hci_dev_unlock(hdev);
1da177e4
LT		 1556}
1557
6039aa73 1558static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1559{
45bb4bf0 1560 struct inquiry_data data;
a9de9248 1561 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1562 int num_rsp = *((__u8 *) skb->data);
1563
1564 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1565
45bb4bf0
MH		 1566 if (!num_rsp)
1567 return;
1568
1519cc17
AG		 1569 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1570 return;
1571
1da177e4 1572 hci_dev_lock(hdev);
45bb4bf0 1573
e17acd40 1574 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1575 bool name_known, ssp;
3175405b 1576
1da177e4
LT		 1577 bacpy(&data.bdaddr, &info->bdaddr);
1578 data.pscan_rep_mode = info->pscan_rep_mode;
1579 data.pscan_period_mode = info->pscan_period_mode;
1580 data.pscan_mode = info->pscan_mode;
1581 memcpy(data.dev_class, info->dev_class, 3);
1582 data.clock_offset = info->clock_offset;
1583 data.rssi = 0x00;
41a96212 1584 data.ssp_mode = 0x00;
3175405b 1585
388fc8fa 1586 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1587 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1588 info->dev_class, 0, !name_known, ssp, NULL,
1589 0);
1da177e4 1590 }
45bb4bf0 1591
1da177e4
LT		 1592 hci_dev_unlock(hdev);
1593}
1594
6039aa73 1595static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1596{
a9de9248
MH		 1597 struct hci_ev_conn_complete *ev = (void *) skb->data;
1598 struct hci_conn *conn;
1da177e4
LT		 1599
1600 BT_DBG("%s", hdev->name);
1601
1602 hci_dev_lock(hdev);
1603
1604 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1605 if (!conn) {
1606 if (ev->link_type != SCO_LINK)
1607 goto unlock;
1608
1609 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1610 if (!conn)
1611 goto unlock;
1612
1613 conn->type = SCO_LINK;
1614 }
1da177e4
LT		 1615
1616 if (!ev->status) {
1617 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1618
1619 if (conn->type == ACL_LINK) {
1620 conn->state = BT_CONFIG;
1621 hci_conn_hold(conn);
a9ea3ed9
SJ		 1622
1623 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1624 !hci_find_link_key(hdev, &ev->bdaddr))
1625 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1626 else
1627 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1628 } else
1629 conn->state = BT_CONNECTED;
1da177e4 1630
7d0db0a3
MH		 1631 hci_conn_add_sysfs(conn);
1632
1da177e4
LT		 1633 if (test_bit(HCI_AUTH, &hdev->flags))
1634 conn->link_mode |= HCI_LM_AUTH;
1635
1636 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1637 conn->link_mode |= HCI_LM_ENCRYPT;
1638
04837f64
MH		 1639 /* Get remote features */
1640 if (conn->type == ACL_LINK) {
1641 struct hci_cp_read_remote_features cp;
1642 cp.handle = ev->handle;
769be974 1643 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1644 sizeof(cp), &cp);
04837f64
MH		 1645 }
1646
1da177e4 1647 /* Set packet type for incoming connection */
d095c1eb 1648 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1649 struct hci_cp_change_conn_ptype cp;
1650 cp.handle = ev->handle;
a8746417 1651 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1652 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1653 &cp);
1da177e4 1654 }
17d5c04c 1655 } else {
1da177e4 1656 conn->state = BT_CLOSED;
17d5c04c 1657 if (conn->type == ACL_LINK)
744cf19e 1658 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1659 conn->dst_type, ev->status);
17d5c04c 1660 }
1da177e4 1661
e73439d8
MH		 1662 if (conn->type == ACL_LINK)
1663 hci_sco_setup(conn, ev->status);
1da177e4 1664
769be974
MH		 1665 if (ev->status) {
1666 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1667 hci_conn_del(conn);
c89b6e6b
MH		 1668 } else if (ev->link_type != ACL_LINK)
1669 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1670
a9de9248 1671unlock:
1da177e4 1672 hci_dev_unlock(hdev);
1da177e4 1673
a9de9248 1674 hci_conn_check_pending(hdev);
1da177e4
LT		 1675}
1676
6039aa73 1677static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1678{
a9de9248
MH		 1679 struct hci_ev_conn_request *ev = (void *) skb->data;
1680 int mask = hdev->link_mode;
20714bfe 1681 __u8 flags = 0;
1da177e4 1682
6ed93dc6 1683 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1684 ev->link_type);
1da177e4 1685
20714bfe
FD		 1686 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
1687 &flags);
1da177e4 1688
138d22ef 1689 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1690 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1691 /* Connection accepted */
c7bdd502 1692 struct inquiry_entry *ie;
1da177e4 1693 struct hci_conn *conn;
1da177e4 1694
a9de9248 1695 hci_dev_lock(hdev);
b6a0dc82 1696
cc11b9c1
AE		 1697 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1698 if (ie)
c7bdd502
MH		 1699 memcpy(ie->data.dev_class, ev->dev_class, 3);
1700
8fc9ced3
GP		 1701 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1702 &ev->bdaddr);
a9de9248 1703 if (!conn) {
cc11b9c1
AE		 1704 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1705 if (!conn) {
893ef971 1706 BT_ERR("No memory for new connection");
a9de9248
MH		 1707 hci_dev_unlock(hdev);
1708 return;
1da177e4
LT		 1709 }
1710 }
b6a0dc82 1711
a9de9248 1712 memcpy(conn->dev_class, ev->dev_class, 3);
b6a0dc82 1713
a9de9248 1714 hci_dev_unlock(hdev);
1da177e4 1715
20714bfe
FD		 1716 if (ev->link_type == ACL_LINK ||
1717 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
b6a0dc82 1718 struct hci_cp_accept_conn_req cp;
20714bfe 1719 conn->state = BT_CONNECT;
1da177e4 1720
b6a0dc82
MH		 1721 bacpy(&cp.bdaddr, &ev->bdaddr);
1722
1723 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1724 cp.role = 0x00; /* Become master */
1725 else
1726 cp.role = 0x01; /* Remain slave */
1727
04124681
GP		 1728 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1729 &cp);
20714bfe 1730 } else if (!(flags & HCI_PROTO_DEFER)) {
b6a0dc82 1731 struct hci_cp_accept_sync_conn_req cp;
20714bfe 1732 conn->state = BT_CONNECT;
b6a0dc82
MH		 1733
1734 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1735 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1736
82781e63
AE		 1737 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1738 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1739 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1740 cp.content_format = cpu_to_le16(hdev->voice_setting);
1741 cp.retrans_effort = 0xff;
1da177e4 1742
b6a0dc82 1743 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1744 sizeof(cp), &cp);
20714bfe
FD		 1745 } else {
1746 conn->state = BT_CONNECT2;
1747 hci_proto_connect_cfm(conn, 0);
b6a0dc82 1748 }
a9de9248
MH		 1749 } else {
1750 /* Connection rejected */
1751 struct hci_cp_reject_conn_req cp;
1da177e4 1752
a9de9248 1753 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1754 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1755 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1756 }
1da177e4
LT		 1757}
1758
f0d6a0ea
MA		 1759static u8 hci_to_mgmt_reason(u8 err)
1760{
1761 switch (err) {
1762 case HCI_ERROR_CONNECTION_TIMEOUT:
1763 return MGMT_DEV_DISCONN_TIMEOUT;
1764 case HCI_ERROR_REMOTE_USER_TERM:
1765 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1766 case HCI_ERROR_REMOTE_POWER_OFF:
1767 return MGMT_DEV_DISCONN_REMOTE;
1768 case HCI_ERROR_LOCAL_HOST_TERM:
1769 return MGMT_DEV_DISCONN_LOCAL_HOST;
1770 default:
1771 return MGMT_DEV_DISCONN_UNKNOWN;
1772 }
1773}
1774
6039aa73 1775static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1776{
a9de9248 1777 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1778 struct hci_conn *conn;
1779
9f1db00c 1780 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1781
1782 hci_dev_lock(hdev);
1783
1784 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1785 if (!conn)
1786 goto unlock;
7d0db0a3 1787
37d9ef76
JH		 1788 if (ev->status == 0)
1789 conn->state = BT_CLOSED;
04837f64 1790
b644ba33 1791 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 1792 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 1793 if (ev->status) {
88c3df13 1794 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 1795 conn->dst_type, ev->status);
f0d6a0ea
MA		 1796 } else {
1797 u8 reason = hci_to_mgmt_reason(ev->reason);
1798
afc747a6 1799 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 1800 conn->dst_type, reason);
1801 }
37d9ef76 1802 }
f7520543 1803
37d9ef76 1804 if (ev->status == 0) {
2210246c
JH		 1805 u8 type = conn->type;
1806
1807 if (type == ACL_LINK && conn->flush_key)
6ec5bcad 1808 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 1809 hci_proto_disconn_cfm(conn, ev->reason);
1810 hci_conn_del(conn);
2210246c
JH		 1811
1812 /* Re-enable advertising if necessary, since it might
1813 * have been disabled by the connection. From the
1814 * HCI_LE_Set_Advertise_Enable command description in
1815 * the core specification (v4.0):
1816 * "The Controller shall continue advertising until the Host
1817 * issues an LE_Set_Advertise_Enable command with
1818 * Advertising_Enable set to 0x00 (Advertising is disabled)
1819 * or until a connection is created or until the Advertising
1820 * is timed out due to Directed Advertising."
1821 */
1822 if (type == LE_LINK)
5976e608 1823 mgmt_reenable_advertising(hdev);
37d9ef76 1824 }
f7520543
JH		 1825
1826unlock:
04837f64
MH		 1827 hci_dev_unlock(hdev);
1828}
1829
6039aa73 1830static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1831{
a9de9248 1832 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1833 struct hci_conn *conn;
1da177e4 1834
9f1db00c 1835 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1836
1837 hci_dev_lock(hdev);
1838
04837f64 1839 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1840 if (!conn)
1841 goto unlock;
1842
1843 if (!ev->status) {
aa64a8b5 1844 if (!hci_conn_ssp_enabled(conn) &&
807deac2 1845 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1846 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1847 } else {
d7556e20
WR		 1848 conn->link_mode |= HCI_LM_AUTH;
1849 conn->sec_level = conn->pending_sec_level;
2a611692 1850 }
d7556e20 1851 } else {
bab73cb6 1852 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 1853 ev->status);
d7556e20 1854 }
1da177e4 1855
51a8efd7
JH		 1856 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1857 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1858
d7556e20 1859 if (conn->state == BT_CONFIG) {
aa64a8b5 1860 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1861 struct hci_cp_set_conn_encrypt cp;
1862 cp.handle = ev->handle;
1863 cp.encrypt = 0x01;
1864 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1865 &cp);
052b30b0 1866 } else {
d7556e20
WR		 1867 conn->state = BT_CONNECTED;
1868 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1869 hci_conn_drop(conn);
052b30b0 1870 }
d7556e20
WR		 1871 } else {
1872 hci_auth_cfm(conn, ev->status);
052b30b0 1873
d7556e20
WR		 1874 hci_conn_hold(conn);
1875 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 1876 hci_conn_drop(conn);
d7556e20
WR		 1877 }
1878
51a8efd7 1879 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1880 if (!ev->status) {
1881 struct hci_cp_set_conn_encrypt cp;
1882 cp.handle = ev->handle;
1883 cp.encrypt = 0x01;
1884 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1885 &cp);
d7556e20 1886 } else {
51a8efd7 1887 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1888 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1889 }
1890 }
1891
d7556e20 1892unlock:
1da177e4
LT		 1893 hci_dev_unlock(hdev);
1894}
1895
6039aa73 1896static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1897{
127178d2
JH		 1898 struct hci_ev_remote_name *ev = (void *) skb->data;
1899 struct hci_conn *conn;
1900
a9de9248 1901 BT_DBG("%s", hdev->name);
1da177e4 1902
a9de9248 1903 hci_conn_check_pending(hdev);
127178d2
JH		 1904
1905 hci_dev_lock(hdev);
1906
b644ba33 1907 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1908
b644ba33
JH		 1909 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1910 goto check_auth;
a88a9652 1911
b644ba33
JH		 1912 if (ev->status == 0)
1913 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 1914 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 1915 else
1916 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1917
1918check_auth:
79c6c70c
JH		 1919 if (!conn)
1920 goto unlock;
1921
1922 if (!hci_outgoing_auth_needed(hdev, conn))
1923 goto unlock;
1924
51a8efd7 1925 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1926 struct hci_cp_auth_requested cp;
1927 cp.handle = __cpu_to_le16(conn->handle);
1928 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1929 }
1930
79c6c70c 1931unlock:
127178d2 1932 hci_dev_unlock(hdev);
a9de9248
MH		 1933}
1934
6039aa73 1935static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 1936{
1937 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1938 struct hci_conn *conn;
1939
9f1db00c 1940 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1941
1942 hci_dev_lock(hdev);
1943
04837f64 1944 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1945 if (conn) {
1946 if (!ev->status) {
ae293196
MH		 1947 if (ev->encrypt) {
1948 /* Encryption implies authentication */
1949 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1950 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 1951 conn->sec_level = conn->pending_sec_level;
ae293196 1952 } else
1da177e4
LT		 1953 conn->link_mode &= ~HCI_LM_ENCRYPT;
1954 }
1955
51a8efd7 1956 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 1957
a7d7723a 1958 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 1959 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 1960 hci_conn_drop(conn);
a7d7723a
GP		 1961 goto unlock;
1962 }
1963
f8558555
MH		 1964 if (conn->state == BT_CONFIG) {
1965 if (!ev->status)
1966 conn->state = BT_CONNECTED;
1967
1968 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1969 hci_conn_drop(conn);
f8558555
MH		 1970 } else
1971 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1972 }
1973
a7d7723a 1974unlock:
1da177e4
LT		 1975 hci_dev_unlock(hdev);
1976}
1977
6039aa73
GP		 1978static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
1979 struct sk_buff *skb)
1da177e4 1980{
a9de9248 1981 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1982 struct hci_conn *conn;
1da177e4 1983
9f1db00c 1984 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1985
1986 hci_dev_lock(hdev);
1987
04837f64 1988 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1989 if (conn) {
1990 if (!ev->status)
1991 conn->link_mode |= HCI_LM_SECURE;
1992
51a8efd7 1993 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 1994
1995 hci_key_change_cfm(conn, ev->status);
1996 }
1997
1998 hci_dev_unlock(hdev);
1999}
2000
6039aa73
GP		 2001static void hci_remote_features_evt(struct hci_dev *hdev,
2002 struct sk_buff *skb)
1da177e4 2003{
a9de9248
MH		 2004 struct hci_ev_remote_features *ev = (void *) skb->data;
2005 struct hci_conn *conn;
2006
9f1db00c 2007 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2008
a9de9248
MH		 2009 hci_dev_lock(hdev);
2010
2011 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2012 if (!conn)
2013 goto unlock;
769be974 2014
ccd556fe 2015 if (!ev->status)
cad718ed 2016 memcpy(conn->features[0], ev->features, 8);
ccd556fe
JH		 2017
2018 if (conn->state != BT_CONFIG)
2019 goto unlock;
2020
2021 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2022 struct hci_cp_read_remote_ext_features cp;
2023 cp.handle = ev->handle;
2024 cp.page = 0x01;
2025 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2026 sizeof(cp), &cp);
392599b9
JH		 2027 goto unlock;
2028 }
2029
671267bf 2030 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2031 struct hci_cp_remote_name_req cp;
2032 memset(&cp, 0, sizeof(cp));
2033 bacpy(&cp.bdaddr, &conn->dst);
2034 cp.pscan_rep_mode = 0x02;
2035 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2036 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2037 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2038 conn->dst_type, 0, NULL, 0,
2039 conn->dev_class);
392599b9 2040
127178d2 2041 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2042 conn->state = BT_CONNECTED;
2043 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2044 hci_conn_drop(conn);
769be974 2045 }
a9de9248 2046
ccd556fe 2047unlock:
a9de9248 2048 hci_dev_unlock(hdev);
1da177e4
LT		 2049}
2050
6039aa73 2051static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2052{
2053 struct hci_ev_cmd_complete *ev = (void *) skb->data;
9238f36a 2054 u8 status = skb->data[sizeof(*ev)];
a9de9248
MH		 2055 __u16 opcode;
2056
2057 skb_pull(skb, sizeof(*ev));
2058
2059 opcode = __le16_to_cpu(ev->opcode);
2060
2061 switch (opcode) {
2062 case HCI_OP_INQUIRY_CANCEL:
2063 hci_cc_inquiry_cancel(hdev, skb);
2064 break;
2065
4d93483b
AG		 2066 case HCI_OP_PERIODIC_INQ:
2067 hci_cc_periodic_inq(hdev, skb);
2068 break;
2069
a9de9248
MH		 2070 case HCI_OP_EXIT_PERIODIC_INQ:
2071 hci_cc_exit_periodic_inq(hdev, skb);
2072 break;
2073
2074 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2075 hci_cc_remote_name_req_cancel(hdev, skb);
2076 break;
2077
2078 case HCI_OP_ROLE_DISCOVERY:
2079 hci_cc_role_discovery(hdev, skb);
2080 break;
2081
e4e8e37c
MH		 2082 case HCI_OP_READ_LINK_POLICY:
2083 hci_cc_read_link_policy(hdev, skb);
2084 break;
2085
a9de9248
MH		 2086 case HCI_OP_WRITE_LINK_POLICY:
2087 hci_cc_write_link_policy(hdev, skb);
2088 break;
2089
e4e8e37c
MH		 2090 case HCI_OP_READ_DEF_LINK_POLICY:
2091 hci_cc_read_def_link_policy(hdev, skb);
2092 break;
2093
2094 case HCI_OP_WRITE_DEF_LINK_POLICY:
2095 hci_cc_write_def_link_policy(hdev, skb);
2096 break;
2097
a9de9248
MH		 2098 case HCI_OP_RESET:
2099 hci_cc_reset(hdev, skb);
2100 break;
2101
2102 case HCI_OP_WRITE_LOCAL_NAME:
2103 hci_cc_write_local_name(hdev, skb);
2104 break;
2105
2106 case HCI_OP_READ_LOCAL_NAME:
2107 hci_cc_read_local_name(hdev, skb);
2108 break;
2109
2110 case HCI_OP_WRITE_AUTH_ENABLE:
2111 hci_cc_write_auth_enable(hdev, skb);
2112 break;
2113
2114 case HCI_OP_WRITE_ENCRYPT_MODE:
2115 hci_cc_write_encrypt_mode(hdev, skb);
2116 break;
2117
2118 case HCI_OP_WRITE_SCAN_ENABLE:
2119 hci_cc_write_scan_enable(hdev, skb);
2120 break;
2121
2122 case HCI_OP_READ_CLASS_OF_DEV:
2123 hci_cc_read_class_of_dev(hdev, skb);
2124 break;
2125
2126 case HCI_OP_WRITE_CLASS_OF_DEV:
2127 hci_cc_write_class_of_dev(hdev, skb);
2128 break;
2129
2130 case HCI_OP_READ_VOICE_SETTING:
2131 hci_cc_read_voice_setting(hdev, skb);
2132 break;
2133
2134 case HCI_OP_WRITE_VOICE_SETTING:
2135 hci_cc_write_voice_setting(hdev, skb);
2136 break;
2137
333140b5
MH		 2138 case HCI_OP_WRITE_SSP_MODE:
2139 hci_cc_write_ssp_mode(hdev, skb);
2140 break;
2141
a9de9248
MH		 2142 case HCI_OP_READ_LOCAL_VERSION:
2143 hci_cc_read_local_version(hdev, skb);
2144 break;
2145
2146 case HCI_OP_READ_LOCAL_COMMANDS:
2147 hci_cc_read_local_commands(hdev, skb);
2148 break;
2149
2150 case HCI_OP_READ_LOCAL_FEATURES:
2151 hci_cc_read_local_features(hdev, skb);
2152 break;
2153
971e3a4b
AG		 2154 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2155 hci_cc_read_local_ext_features(hdev, skb);
2156 break;
2157
a9de9248
MH		 2158 case HCI_OP_READ_BUFFER_SIZE:
2159 hci_cc_read_buffer_size(hdev, skb);
2160 break;
2161
2162 case HCI_OP_READ_BD_ADDR:
2163 hci_cc_read_bd_addr(hdev, skb);
2164 break;
2165
f332ec66
JH		 2166 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
2167 hci_cc_read_page_scan_activity(hdev, skb);
2168 break;
2169
4a3ee763
JH		 2170 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
2171 hci_cc_write_page_scan_activity(hdev, skb);
2172 break;
2173
f332ec66
JH		 2174 case HCI_OP_READ_PAGE_SCAN_TYPE:
2175 hci_cc_read_page_scan_type(hdev, skb);
2176 break;
2177
4a3ee763
JH		 2178 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
2179 hci_cc_write_page_scan_type(hdev, skb);
2180 break;
2181
350ee4cf
AE		 2182 case HCI_OP_READ_DATA_BLOCK_SIZE:
2183 hci_cc_read_data_block_size(hdev, skb);
2184 break;
2185
1e89cffb
AE		 2186 case HCI_OP_READ_FLOW_CONTROL_MODE:
2187 hci_cc_read_flow_control_mode(hdev, skb);
2188 break;
2189
928abaa7
AE		 2190 case HCI_OP_READ_LOCAL_AMP_INFO:
2191 hci_cc_read_local_amp_info(hdev, skb);
2192 break;
2193
903e4541
AE		 2194 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2195 hci_cc_read_local_amp_assoc(hdev, skb);
2196 break;
2197
d5859e22
JH		 2198 case HCI_OP_READ_INQ_RSP_TX_POWER:
2199 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2200 break;
2201
980e1a53
JH		 2202 case HCI_OP_PIN_CODE_REPLY:
2203 hci_cc_pin_code_reply(hdev, skb);
2204 break;
2205
2206 case HCI_OP_PIN_CODE_NEG_REPLY:
2207 hci_cc_pin_code_neg_reply(hdev, skb);
2208 break;
2209
c35938b2
SJ		 2210 case HCI_OP_READ_LOCAL_OOB_DATA:
2211 hci_cc_read_local_oob_data_reply(hdev, skb);
2212 break;
2213
6ed58ec5
VT		 2214 case HCI_OP_LE_READ_BUFFER_SIZE:
2215 hci_cc_le_read_buffer_size(hdev, skb);
2216 break;
2217
60e77321
JH		 2218 case HCI_OP_LE_READ_LOCAL_FEATURES:
2219 hci_cc_le_read_local_features(hdev, skb);
2220 break;
2221
8fa19098
JH		 2222 case HCI_OP_LE_READ_ADV_TX_POWER:
2223 hci_cc_le_read_adv_tx_power(hdev, skb);
2224 break;
2225
a5c29683
JH		 2226 case HCI_OP_USER_CONFIRM_REPLY:
2227 hci_cc_user_confirm_reply(hdev, skb);
2228 break;
2229
2230 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2231 hci_cc_user_confirm_neg_reply(hdev, skb);
2232 break;
2233
1143d458
BG		 2234 case HCI_OP_USER_PASSKEY_REPLY:
2235 hci_cc_user_passkey_reply(hdev, skb);
2236 break;
2237
2238 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2239 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2240 break;
07f7fa5d 2241
c1d5dc4a
JH		 2242 case HCI_OP_LE_SET_ADV_ENABLE:
2243 hci_cc_le_set_adv_enable(hdev, skb);
2244 break;
2245
eb9d91f5
AG		 2246 case HCI_OP_LE_SET_SCAN_ENABLE:
2247 hci_cc_le_set_scan_enable(hdev, skb);
2248 break;
2249
cf1d081f
JH		 2250 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
2251 hci_cc_le_read_white_list_size(hdev, skb);
2252 break;
2253
9b008c04
JH		 2254 case HCI_OP_LE_READ_SUPPORTED_STATES:
2255 hci_cc_le_read_supported_states(hdev, skb);
2256 break;
2257
f9b49306
AG		 2258 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2259 hci_cc_write_le_host_supported(hdev, skb);
2260 break;
2261
93c284ee
AE		 2262 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2263 hci_cc_write_remote_amp_assoc(hdev, skb);
2264 break;
2265
a9de9248 2266 default:
9f1db00c 2267 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2268 break;
2269 }
2270
ad82cdd1 2271 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2272 del_timer(&hdev->cmd_timer);
2273
ad82cdd1 2274 hci_req_cmd_complete(hdev, opcode, status);
9238f36a 2275
dbccd791 2276 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2277 atomic_set(&hdev->cmd_cnt, 1);
2278 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2279 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2280 }
2281}
2282
6039aa73 2283static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2284{
2285 struct hci_ev_cmd_status *ev = (void *) skb->data;
2286 __u16 opcode;
2287
2288 skb_pull(skb, sizeof(*ev));
2289
2290 opcode = __le16_to_cpu(ev->opcode);
2291
2292 switch (opcode) {
2293 case HCI_OP_INQUIRY:
2294 hci_cs_inquiry(hdev, ev->status);
2295 break;
2296
2297 case HCI_OP_CREATE_CONN:
2298 hci_cs_create_conn(hdev, ev->status);
2299 break;
2300
2301 case HCI_OP_ADD_SCO:
2302 hci_cs_add_sco(hdev, ev->status);
2303 break;
2304
f8558555
MH		 2305 case HCI_OP_AUTH_REQUESTED:
2306 hci_cs_auth_requested(hdev, ev->status);
2307 break;
2308
2309 case HCI_OP_SET_CONN_ENCRYPT:
2310 hci_cs_set_conn_encrypt(hdev, ev->status);
2311 break;
2312
a9de9248
MH		 2313 case HCI_OP_REMOTE_NAME_REQ:
2314 hci_cs_remote_name_req(hdev, ev->status);
2315 break;
2316
769be974
MH		 2317 case HCI_OP_READ_REMOTE_FEATURES:
2318 hci_cs_read_remote_features(hdev, ev->status);
2319 break;
2320
2321 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2322 hci_cs_read_remote_ext_features(hdev, ev->status);
2323 break;
2324
a9de9248
MH		 2325 case HCI_OP_SETUP_SYNC_CONN:
2326 hci_cs_setup_sync_conn(hdev, ev->status);
2327 break;
2328
2329 case HCI_OP_SNIFF_MODE:
2330 hci_cs_sniff_mode(hdev, ev->status);
2331 break;
2332
2333 case HCI_OP_EXIT_SNIFF_MODE:
2334 hci_cs_exit_sniff_mode(hdev, ev->status);
2335 break;
2336
8962ee74 2337 case HCI_OP_DISCONNECT:
88c3df13 2338 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2339 break;
2340
a02226d6
AE		 2341 case HCI_OP_CREATE_PHY_LINK:
2342 hci_cs_create_phylink(hdev, ev->status);
2343 break;
2344
0b26ab9d
AE		 2345 case HCI_OP_ACCEPT_PHY_LINK:
2346 hci_cs_accept_phylink(hdev, ev->status);
2347 break;
2348
a9de9248 2349 default:
9f1db00c 2350 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2351 break;
2352 }
2353
ad82cdd1 2354 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2355 del_timer(&hdev->cmd_timer);
2356
02350a72
JH		 2357 if (ev->status ||
2358 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->req.event))
2359 hci_req_cmd_complete(hdev, opcode, ev->status);
9238f36a 2360
10572132 2361 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2362 atomic_set(&hdev->cmd_cnt, 1);
2363 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2364 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2365 }
2366}
2367
6039aa73 2368static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2369{
2370 struct hci_ev_role_change *ev = (void *) skb->data;
2371 struct hci_conn *conn;
2372
9f1db00c 2373 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2374
2375 hci_dev_lock(hdev);
2376
2377 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2378 if (conn) {
2379 if (!ev->status) {
2380 if (ev->role)
2381 conn->link_mode &= ~HCI_LM_MASTER;
2382 else
2383 conn->link_mode |= HCI_LM_MASTER;
2384 }
2385
51a8efd7 2386 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2387
2388 hci_role_switch_cfm(conn, ev->status, ev->role);
2389 }
2390
2391 hci_dev_unlock(hdev);
2392}
2393
6039aa73 2394static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2395{
2396 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2397 int i;
2398
32ac5b9b
AE		 2399 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2400 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2401 return;
2402 }
2403
c5993de8 2404 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2405 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2406 BT_DBG("%s bad parameters", hdev->name);
2407 return;
2408 }
2409
c5993de8
AE		 2410 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2411
613a1c0c
AE		 2412 for (i = 0; i < ev->num_hndl; i++) {
2413 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2414 struct hci_conn *conn;
2415 __u16 handle, count;
2416
613a1c0c
AE		 2417 handle = __le16_to_cpu(info->handle);
2418 count = __le16_to_cpu(info->count);
a9de9248
MH		 2419
2420 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2421 if (!conn)
2422 continue;
2423
2424 conn->sent -= count;
2425
2426 switch (conn->type) {
2427 case ACL_LINK:
2428 hdev->acl_cnt += count;
2429 if (hdev->acl_cnt > hdev->acl_pkts)
2430 hdev->acl_cnt = hdev->acl_pkts;
2431 break;
2432
2433 case LE_LINK:
2434 if (hdev->le_pkts) {
2435 hdev->le_cnt += count;
2436 if (hdev->le_cnt > hdev->le_pkts)
2437 hdev->le_cnt = hdev->le_pkts;
2438 } else {
70f23020
AE		 2439 hdev->acl_cnt += count;
2440 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2441 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2442 }
f4280918
AE		 2443 break;
2444
2445 case SCO_LINK:
2446 hdev->sco_cnt += count;
2447 if (hdev->sco_cnt > hdev->sco_pkts)
2448 hdev->sco_cnt = hdev->sco_pkts;
2449 break;
2450
2451 default:
2452 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2453 break;
a9de9248
MH		 2454 }
2455 }
2456
3eff45ea 2457 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2458}
2459
76ef7cf7
AE		 2460static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2461 __u16 handle)
2462{
2463 struct hci_chan *chan;
2464
2465 switch (hdev->dev_type) {
2466 case HCI_BREDR:
2467 return hci_conn_hash_lookup_handle(hdev, handle);
2468 case HCI_AMP:
2469 chan = hci_chan_lookup_handle(hdev, handle);
2470 if (chan)
2471 return chan->conn;
2472 break;
2473 default:
2474 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2475 break;
2476 }
2477
2478 return NULL;
2479}
2480
6039aa73 2481static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2482{
2483 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2484 int i;
2485
2486 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2487 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2488 return;
2489 }
2490
2491 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2492 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2493 BT_DBG("%s bad parameters", hdev->name);
2494 return;
2495 }
2496
2497 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2498 ev->num_hndl);
25e89e99
AE		 2499
2500 for (i = 0; i < ev->num_hndl; i++) {
2501 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2502 struct hci_conn *conn = NULL;
25e89e99
AE		 2503 __u16 handle, block_count;
2504
2505 handle = __le16_to_cpu(info->handle);
2506 block_count = __le16_to_cpu(info->blocks);
2507
76ef7cf7 2508 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2509 if (!conn)
2510 continue;
2511
2512 conn->sent -= block_count;
2513
2514 switch (conn->type) {
2515 case ACL_LINK:
bd1eb66b 2516 case AMP_LINK:
25e89e99
AE		 2517 hdev->block_cnt += block_count;
2518 if (hdev->block_cnt > hdev->num_blocks)
2519 hdev->block_cnt = hdev->num_blocks;
2520 break;
2521
2522 default:
2523 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2524 break;
2525 }
2526 }
2527
2528 queue_work(hdev->workqueue, &hdev->tx_work);
2529}
2530
6039aa73 2531static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2532{
a9de9248 2533 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2534 struct hci_conn *conn;
2535
9f1db00c 2536 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2537
2538 hci_dev_lock(hdev);
2539
2540 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2541 if (conn) {
2542 conn->mode = ev->mode;
2543 conn->interval = __le16_to_cpu(ev->interval);
2544
8fc9ced3
GP		 2545 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2546 &conn->flags)) {
a9de9248 2547 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2548 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2549 else
58a681ef 2550 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2551 }
e73439d8 2552
51a8efd7 2553 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2554 hci_sco_setup(conn, ev->status);
04837f64
MH		 2555 }
2556
2557 hci_dev_unlock(hdev);
2558}
2559
6039aa73 2560static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2561{
052b30b0
MH		 2562 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2563 struct hci_conn *conn;
2564
a9de9248 2565 BT_DBG("%s", hdev->name);
052b30b0
MH		 2566
2567 hci_dev_lock(hdev);
2568
2569 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2570 if (!conn)
2571 goto unlock;
2572
2573 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2574 hci_conn_hold(conn);
2575 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
76a68ba0 2576 hci_conn_drop(conn);
052b30b0
MH		 2577 }
2578
a8b2d5c2 2579 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2580 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2581 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2582 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2583 u8 secure;
2584
2585 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2586 secure = 1;
2587 else
2588 secure = 0;
2589
744cf19e 2590 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2591 }
980e1a53 2592
b6f98044 2593unlock:
052b30b0 2594 hci_dev_unlock(hdev);
a9de9248
MH		 2595}
2596
6039aa73 2597static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2598{
55ed8ca1
JH		 2599 struct hci_ev_link_key_req *ev = (void *) skb->data;
2600 struct hci_cp_link_key_reply cp;
2601 struct hci_conn *conn;
2602 struct link_key *key;
2603
a9de9248 2604 BT_DBG("%s", hdev->name);
55ed8ca1 2605
034cbea0 2606 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
55ed8ca1
JH		 2607 return;
2608
2609 hci_dev_lock(hdev);
2610
2611 key = hci_find_link_key(hdev, &ev->bdaddr);
2612 if (!key) {
6ed93dc6
AE		 2613 BT_DBG("%s link key not found for %pMR", hdev->name,
2614 &ev->bdaddr);
55ed8ca1
JH		 2615 goto not_found;
2616 }
2617
6ed93dc6
AE		 2618 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2619 &ev->bdaddr);
55ed8ca1 2620
a8b2d5c2 2621 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2622 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2623 BT_DBG("%s ignoring debug key", hdev->name);
2624 goto not_found;
2625 }
2626
2627 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2628 if (conn) {
2629 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2630 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2631 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2632 goto not_found;
2633 }
55ed8ca1 2634
60b83f57 2635 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2636 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2637 BT_DBG("%s ignoring key unauthenticated for high security",
2638 hdev->name);
60b83f57
WR		 2639 goto not_found;
2640 }
2641
2642 conn->key_type = key->type;
2643 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2644 }
2645
2646 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2647 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2648
2649 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2650
2651 hci_dev_unlock(hdev);
2652
2653 return;
2654
2655not_found:
2656 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2657 hci_dev_unlock(hdev);
a9de9248
MH		 2658}
2659
6039aa73 2660static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2661{
052b30b0
MH		 2662 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2663 struct hci_conn *conn;
55ed8ca1 2664 u8 pin_len = 0;
052b30b0 2665
a9de9248 2666 BT_DBG("%s", hdev->name);
052b30b0
MH		 2667
2668 hci_dev_lock(hdev);
2669
2670 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2671 if (conn) {
2672 hci_conn_hold(conn);
2673 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2674 pin_len = conn->pin_length;
13d39315
WR		 2675
2676 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2677 conn->key_type = ev->key_type;
2678
76a68ba0 2679 hci_conn_drop(conn);
052b30b0
MH		 2680 }
2681
034cbea0 2682 if (test_bit(HCI_MGMT, &hdev->dev_flags))
d25e28ab 2683 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2684 ev->key_type, pin_len);
55ed8ca1 2685
052b30b0 2686 hci_dev_unlock(hdev);
a9de9248
MH		 2687}
2688
6039aa73 2689static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2690{
a9de9248 2691 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2692 struct hci_conn *conn;
1da177e4 2693
9f1db00c 2694 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2695
2696 hci_dev_lock(hdev);
2697
04837f64 2698 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2699 if (conn && !ev->status) {
2700 struct inquiry_entry *ie;
2701
cc11b9c1
AE		 2702 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2703 if (ie) {
1da177e4
LT		 2704 ie->data.clock_offset = ev->clock_offset;
2705 ie->timestamp = jiffies;
2706 }
2707 }
2708
2709 hci_dev_unlock(hdev);
2710}
2711
6039aa73 2712static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2713{
2714 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2715 struct hci_conn *conn;
2716
9f1db00c 2717 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2718
2719 hci_dev_lock(hdev);
2720
2721 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2722 if (conn && !ev->status)
2723 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2724
2725 hci_dev_unlock(hdev);
2726}
2727
6039aa73 2728static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2729{
a9de9248 2730 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2731 struct inquiry_entry *ie;
2732
2733 BT_DBG("%s", hdev->name);
2734
2735 hci_dev_lock(hdev);
2736
cc11b9c1
AE		 2737 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2738 if (ie) {
85a1e930
MH		 2739 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2740 ie->timestamp = jiffies;
2741 }
2742
2743 hci_dev_unlock(hdev);
2744}
2745
6039aa73
GP		 2746static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2747 struct sk_buff *skb)
a9de9248
MH		 2748{
2749 struct inquiry_data data;
2750 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2751 bool name_known, ssp;
a9de9248
MH		 2752
2753 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2754
2755 if (!num_rsp)
2756 return;
2757
1519cc17
AG		 2758 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2759 return;
2760
a9de9248
MH		 2761 hci_dev_lock(hdev);
2762
2763 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2764 struct inquiry_info_with_rssi_and_pscan_mode *info;
2765 info = (void *) (skb->data + 1);
a9de9248 2766
e17acd40 2767 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2768 bacpy(&data.bdaddr, &info->bdaddr);
2769 data.pscan_rep_mode = info->pscan_rep_mode;
2770 data.pscan_period_mode = info->pscan_period_mode;
2771 data.pscan_mode = info->pscan_mode;
2772 memcpy(data.dev_class, info->dev_class, 3);
2773 data.clock_offset = info->clock_offset;
2774 data.rssi = info->rssi;
41a96212 2775 data.ssp_mode = 0x00;
3175405b
JH		 2776
2777 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2778 false, &ssp);
48264f06 2779 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2780 info->dev_class, info->rssi,
2781 !name_known, ssp, NULL, 0);
a9de9248
MH		 2782 }
2783 } else {
2784 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2785
e17acd40 2786 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2787 bacpy(&data.bdaddr, &info->bdaddr);
2788 data.pscan_rep_mode = info->pscan_rep_mode;
2789 data.pscan_period_mode = info->pscan_period_mode;
2790 data.pscan_mode = 0x00;
2791 memcpy(data.dev_class, info->dev_class, 3);
2792 data.clock_offset = info->clock_offset;
2793 data.rssi = info->rssi;
41a96212 2794 data.ssp_mode = 0x00;
3175405b 2795 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2796 false, &ssp);
48264f06 2797 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2798 info->dev_class, info->rssi,
2799 !name_known, ssp, NULL, 0);
a9de9248
MH		 2800 }
2801 }
2802
2803 hci_dev_unlock(hdev);
2804}
2805
6039aa73
GP		 2806static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2807 struct sk_buff *skb)
a9de9248 2808{
41a96212
MH		 2809 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2810 struct hci_conn *conn;
2811
a9de9248 2812 BT_DBG("%s", hdev->name);
41a96212 2813
41a96212
MH		 2814 hci_dev_lock(hdev);
2815
2816 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2817 if (!conn)
2818 goto unlock;
41a96212 2819
cad718ed
JH		 2820 if (ev->page < HCI_MAX_PAGES)
2821 memcpy(conn->features[ev->page], ev->features, 8);
2822
ccd556fe
JH		 2823 if (!ev->status && ev->page == 0x01) {
2824 struct inquiry_entry *ie;
41a96212 2825
cc11b9c1
AE		 2826 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2827 if (ie)
02b7cc62 2828 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 2829
bbb0eada 2830 if (ev->features[0] & LMP_HOST_SSP) {
58a681ef 2831 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
bbb0eada
JK		 2832 } else {
2833 /* It is mandatory by the Bluetooth specification that
2834 * Extended Inquiry Results are only used when Secure
2835 * Simple Pairing is enabled, but some devices violate
2836 * this.
2837 *
2838 * To make these devices work, the internal SSP
2839 * enabled flag needs to be cleared if the remote host
2840 * features do not indicate SSP support */
2841 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2842 }
ccd556fe
JH		 2843 }
2844
2845 if (conn->state != BT_CONFIG)
2846 goto unlock;
2847
671267bf 2848 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2849 struct hci_cp_remote_name_req cp;
2850 memset(&cp, 0, sizeof(cp));
2851 bacpy(&cp.bdaddr, &conn->dst);
2852 cp.pscan_rep_mode = 0x02;
2853 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2854 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2855 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2856 conn->dst_type, 0, NULL, 0,
2857 conn->dev_class);
392599b9 2858
127178d2 2859 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2860 conn->state = BT_CONNECTED;
2861 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2862 hci_conn_drop(conn);
41a96212
MH		 2863 }
2864
ccd556fe 2865unlock:
41a96212 2866 hci_dev_unlock(hdev);
a9de9248
MH		 2867}
2868
6039aa73
GP		 2869static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
2870 struct sk_buff *skb)
a9de9248 2871{
b6a0dc82
MH		 2872 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2873 struct hci_conn *conn;
2874
9f1db00c 2875 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 2876
2877 hci_dev_lock(hdev);
2878
2879 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2880 if (!conn) {
2881 if (ev->link_type == ESCO_LINK)
2882 goto unlock;
2883
2884 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2885 if (!conn)
2886 goto unlock;
2887
2888 conn->type = SCO_LINK;
2889 }
b6a0dc82 2890
732547f9
MH		 2891 switch (ev->status) {
2892 case 0x00:
b6a0dc82
MH		 2893 conn->handle = __le16_to_cpu(ev->handle);
2894 conn->state = BT_CONNECTED;
7d0db0a3
MH		 2895
2896 hci_conn_add_sysfs(conn);
732547f9
MH		 2897 break;
2898
1a4c958c 2899 case 0x0d: /* Connection Rejected due to Limited Resources */
705e5711 2900 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2901 case 0x1c: /* SCO interval rejected */
1038a00b 2902 case 0x1a: /* Unsupported Remote Feature */
732547f9 2903 case 0x1f: /* Unspecified error */
2dea632f 2904 if (conn->out) {
732547f9
MH		 2905 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2906 (hdev->esco_type & EDR_ESCO_MASK);
2dea632f
FD		 2907 if (hci_setup_sync(conn, conn->link->handle))
2908 goto unlock;
732547f9
MH		 2909 }
2910 /* fall through */
2911
2912 default:
b6a0dc82 2913 conn->state = BT_CLOSED;
732547f9
MH		 2914 break;
2915 }
b6a0dc82
MH		 2916
2917 hci_proto_connect_cfm(conn, ev->status);
2918 if (ev->status)
2919 hci_conn_del(conn);
2920
2921unlock:
2922 hci_dev_unlock(hdev);
a9de9248
MH		 2923}
2924
6039aa73
GP		 2925static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
2926 struct sk_buff *skb)
1da177e4 2927{
a9de9248
MH		 2928 struct inquiry_data data;
2929 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2930 int num_rsp = *((__u8 *) skb->data);
9d939d94 2931 size_t eir_len;
1da177e4 2932
a9de9248 2933 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2934
a9de9248
MH		 2935 if (!num_rsp)
2936 return;
1da177e4 2937
1519cc17
AG		 2938 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2939 return;
2940
a9de9248
MH		 2941 hci_dev_lock(hdev);
2942
e17acd40 2943 for (; num_rsp; num_rsp--, info++) {
388fc8fa 2944 bool name_known, ssp;
561aafbc 2945
a9de9248 2946 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2947 data.pscan_rep_mode = info->pscan_rep_mode;
2948 data.pscan_period_mode = info->pscan_period_mode;
2949 data.pscan_mode = 0x00;
a9de9248 2950 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2951 data.clock_offset = info->clock_offset;
2952 data.rssi = info->rssi;
41a96212 2953 data.ssp_mode = 0x01;
561aafbc 2954
a8b2d5c2 2955 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 2956 name_known = eir_has_data_type(info->data,
04124681
GP		 2957 sizeof(info->data),
2958 EIR_NAME_COMPLETE);
561aafbc
JH		 2959 else
2960 name_known = true;
2961
388fc8fa 2962 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 2963 &ssp);
9d939d94 2964 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 2965 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 2966 info->dev_class, info->rssi, !name_known,
9d939d94 2967 ssp, info->data, eir_len);
a9de9248
MH		 2968 }
2969
2970 hci_dev_unlock(hdev);
2971}
1da177e4 2972
1c2e0041
JH		 2973static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
2974 struct sk_buff *skb)
2975{
2976 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
2977 struct hci_conn *conn;
2978
9f1db00c 2979 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 2980 __le16_to_cpu(ev->handle));
2981
2982 hci_dev_lock(hdev);
2983
2984 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2985 if (!conn)
2986 goto unlock;
2987
2988 if (!ev->status)
2989 conn->sec_level = conn->pending_sec_level;
2990
2991 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
2992
2993 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 2994 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 2995 hci_conn_drop(conn);
1c2e0041
JH		 2996 goto unlock;
2997 }
2998
2999 if (conn->state == BT_CONFIG) {
3000 if (!ev->status)
3001 conn->state = BT_CONNECTED;
3002
3003 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 3004 hci_conn_drop(conn);
1c2e0041
JH		 3005 } else {
3006 hci_auth_cfm(conn, ev->status);
3007
3008 hci_conn_hold(conn);
3009 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3010 hci_conn_drop(conn);
1c2e0041
JH		 3011 }
3012
3013unlock:
3014 hci_dev_unlock(hdev);
3015}
3016
6039aa73 3017static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3018{
3019 /* If remote requests dedicated bonding follow that lead */
acabae96
MA		 3020 if (conn->remote_auth == HCI_AT_DEDICATED_BONDING ||
3021 conn->remote_auth == HCI_AT_DEDICATED_BONDING_MITM) {
17fa4b9d
JH		 3022 /* If both remote and local IO capabilities allow MITM
3023 * protection then require it, otherwise don't */
acabae96
MA		 3024 if (conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT ||
3025 conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)
3026 return HCI_AT_DEDICATED_BONDING;
17fa4b9d 3027 else
acabae96 3028 return HCI_AT_DEDICATED_BONDING_MITM;
17fa4b9d
JH		 3029 }
3030
3031 /* If remote requests no-bonding follow that lead */
acabae96
MA		 3032 if (conn->remote_auth == HCI_AT_NO_BONDING ||
3033 conn->remote_auth == HCI_AT_NO_BONDING_MITM)
58797bf7 3034 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3035
3036 return conn->auth_type;
3037}
3038
6039aa73 3039static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3040{
3041 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3042 struct hci_conn *conn;
3043
3044 BT_DBG("%s", hdev->name);
3045
3046 hci_dev_lock(hdev);
3047
3048 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3049 if (!conn)
3050 goto unlock;
3051
3052 hci_conn_hold(conn);
3053
a8b2d5c2 3054 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3055 goto unlock;
3056
a8b2d5c2 3057 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3058 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3059 struct hci_cp_io_capability_reply cp;
3060
3061 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3062 /* Change the IO capability from KeyboardDisplay
3063 * to DisplayYesNo as it is not supported by BT spec. */
3064 cp.capability = (conn->io_capability == 0x04) ?
a767631a 3065 HCI_IO_DISPLAY_YESNO : conn->io_capability;
7cbc9bd9
JH		 3066 conn->auth_type = hci_get_auth_req(conn);
3067 cp.authentication = conn->auth_type;
17fa4b9d 3068
8fc9ced3
GP		 3069 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3070 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3071 cp.oob_data = 0x01;
3072 else
3073 cp.oob_data = 0x00;
3074
17fa4b9d 3075 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3076 sizeof(cp), &cp);
03b555e1
JH		 3077 } else {
3078 struct hci_cp_io_capability_neg_reply cp;
3079
3080 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3081 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3082
03b555e1 3083 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3084 sizeof(cp), &cp);
03b555e1
JH		 3085 }
3086
3087unlock:
3088 hci_dev_unlock(hdev);
3089}
3090
6039aa73 3091static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3092{
3093 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3094 struct hci_conn *conn;
3095
3096 BT_DBG("%s", hdev->name);
3097
3098 hci_dev_lock(hdev);
3099
3100 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3101 if (!conn)
3102 goto unlock;
3103
03b555e1 3104 conn->remote_cap = ev->capability;
03b555e1 3105 conn->remote_auth = ev->authentication;
58a681ef
JH		 3106 if (ev->oob_data)
3107 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3108
3109unlock:
0493684e
MH		 3110 hci_dev_unlock(hdev);
3111}
3112
6039aa73
GP		 3113static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3114 struct sk_buff *skb)
a5c29683
JH		 3115{
3116 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3117 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3118 struct hci_conn *conn;
a5c29683
JH		 3119
3120 BT_DBG("%s", hdev->name);
3121
3122 hci_dev_lock(hdev);
3123
a8b2d5c2 3124 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3125 goto unlock;
a5c29683 3126
7a828908
JH		 3127 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3128 if (!conn)
3129 goto unlock;
3130
3131 loc_mitm = (conn->auth_type & 0x01);
3132 rem_mitm = (conn->remote_auth & 0x01);
3133
3134 /* If we require MITM but the remote device can't provide that
3135 * (it has NoInputNoOutput) then reject the confirmation
3136 * request. The only exception is when we're dedicated bonding
3137 * initiators (connect_cfm_cb set) since then we always have the MITM
3138 * bit set. */
a767631a
MA		 3139 if (!conn->connect_cfm_cb && loc_mitm &&
3140 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) {
7a828908
JH		 3141 BT_DBG("Rejecting request: remote device can't provide MITM");
3142 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3143 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3144 goto unlock;
3145 }
3146
3147 /* If no side requires MITM protection; auto-accept */
a767631a
MA		 3148 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) &&
3149 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) {
55bc1a37
JH		 3150
3151 /* If we're not the initiators request authorization to
3152 * proceed from user space (mgmt_user_confirm with
3153 * confirm_hint set to 1). */
51a8efd7 3154 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3155 BT_DBG("Confirming auto-accept as acceptor");
3156 confirm_hint = 1;
3157 goto confirm;
3158 }
3159
9f61656a 3160 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3161 hdev->auto_accept_delay);
9f61656a
JH		 3162
3163 if (hdev->auto_accept_delay > 0) {
3164 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3165 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3166 goto unlock;
3167 }
3168
7a828908 3169 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3170 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3171 goto unlock;
3172 }
3173
55bc1a37 3174confirm:
272d90df 3175 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3176 confirm_hint);
7a828908
JH		 3177
3178unlock:
a5c29683
JH		 3179 hci_dev_unlock(hdev);
3180}
3181
6039aa73
GP		 3182static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3183 struct sk_buff *skb)
1143d458
BG		 3184{
3185 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3186
3187 BT_DBG("%s", hdev->name);
3188
a8b2d5c2 3189 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3190 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3191}
3192
92a25256
JH		 3193static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3194 struct sk_buff *skb)
3195{
3196 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3197 struct hci_conn *conn;
3198
3199 BT_DBG("%s", hdev->name);
3200
3201 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3202 if (!conn)
3203 return;
3204
3205 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3206 conn->passkey_entered = 0;
3207
3208 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3209 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3210 conn->dst_type, conn->passkey_notify,
3211 conn->passkey_entered);
3212}
3213
3214static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3215{
3216 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3217 struct hci_conn *conn;
3218
3219 BT_DBG("%s", hdev->name);
3220
3221 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3222 if (!conn)
3223 return;
3224
3225 switch (ev->type) {
3226 case HCI_KEYPRESS_STARTED:
3227 conn->passkey_entered = 0;
3228 return;
3229
3230 case HCI_KEYPRESS_ENTERED:
3231 conn->passkey_entered++;
3232 break;
3233
3234 case HCI_KEYPRESS_ERASED:
3235 conn->passkey_entered--;
3236 break;
3237
3238 case HCI_KEYPRESS_CLEARED:
3239 conn->passkey_entered = 0;
3240 break;
3241
3242 case HCI_KEYPRESS_COMPLETED:
3243 return;
3244 }
3245
3246 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3247 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3248 conn->dst_type, conn->passkey_notify,
3249 conn->passkey_entered);
3250}
3251
6039aa73
GP		 3252static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3253 struct sk_buff *skb)
0493684e
MH		 3254{
3255 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3256 struct hci_conn *conn;
3257
3258 BT_DBG("%s", hdev->name);
3259
3260 hci_dev_lock(hdev);
3261
3262 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3263 if (!conn)
3264 goto unlock;
3265
3266 /* To avoid duplicate auth_failed events to user space we check
3267 * the HCI_CONN_AUTH_PEND flag which will be set if we
3268 * initiated the authentication. A traditional auth_complete
3269 * event gets always produced as initiator and is also mapped to
3270 * the mgmt_auth_failed event */
fa1bd918 3271 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3272 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3273 ev->status);
0493684e 3274
76a68ba0 3275 hci_conn_drop(conn);
2a611692
JH		 3276
3277unlock:
0493684e
MH		 3278 hci_dev_unlock(hdev);
3279}
3280
6039aa73
GP		 3281static void hci_remote_host_features_evt(struct hci_dev *hdev,
3282 struct sk_buff *skb)
41a96212
MH		 3283{
3284 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3285 struct inquiry_entry *ie;
cad718ed 3286 struct hci_conn *conn;
41a96212
MH		 3287
3288 BT_DBG("%s", hdev->name);
3289
3290 hci_dev_lock(hdev);
3291
cad718ed
JH		 3292 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3293 if (conn)
3294 memcpy(conn->features[1], ev->features, 8);
3295
cc11b9c1
AE		 3296 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3297 if (ie)
02b7cc62 3298 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3299
3300 hci_dev_unlock(hdev);
3301}
3302
6039aa73
GP		 3303static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3304 struct sk_buff *skb)
2763eda6
SJ		 3305{
3306 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3307 struct oob_data *data;
3308
3309 BT_DBG("%s", hdev->name);
3310
3311 hci_dev_lock(hdev);
3312
a8b2d5c2 3313 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3314 goto unlock;
3315
2763eda6
SJ		 3316 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3317 if (data) {
3318 struct hci_cp_remote_oob_data_reply cp;
3319
3320 bacpy(&cp.bdaddr, &ev->bdaddr);
3321 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3322 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3323
3324 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3325 &cp);
2763eda6
SJ		 3326 } else {
3327 struct hci_cp_remote_oob_data_neg_reply cp;
3328
3329 bacpy(&cp.bdaddr, &ev->bdaddr);
3330 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3331 &cp);
2763eda6
SJ		 3332 }
3333
e1ba1f15 3334unlock:
2763eda6
SJ		 3335 hci_dev_unlock(hdev);
3336}
3337
d5e91192
AE		 3338static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3339 struct sk_buff *skb)
3340{
3341 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3342 struct hci_conn *hcon, *bredr_hcon;
3343
3344 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3345 ev->status);
3346
3347 hci_dev_lock(hdev);
3348
3349 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3350 if (!hcon) {
3351 hci_dev_unlock(hdev);
3352 return;
3353 }
3354
3355 if (ev->status) {
3356 hci_conn_del(hcon);
3357 hci_dev_unlock(hdev);
3358 return;
3359 }
3360
3361 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3362
3363 hcon->state = BT_CONNECTED;
3364 bacpy(&hcon->dst, &bredr_hcon->dst);
3365
3366 hci_conn_hold(hcon);
3367 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3368 hci_conn_drop(hcon);
d5e91192 3369
d5e91192
AE		 3370 hci_conn_add_sysfs(hcon);
3371
cf70ff22 3372 amp_physical_cfm(bredr_hcon, hcon);
d5e91192 3373
cf70ff22 3374 hci_dev_unlock(hdev);
d5e91192
AE		 3375}
3376
27695fb4
AE		 3377static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3378{
3379 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3380 struct hci_conn *hcon;
3381 struct hci_chan *hchan;
3382 struct amp_mgr *mgr;
3383
3384 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3385 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3386 ev->status);
3387
3388 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3389 if (!hcon)
3390 return;
3391
3392 /* Create AMP hchan */
3393 hchan = hci_chan_create(hcon);
3394 if (!hchan)
3395 return;
3396
3397 hchan->handle = le16_to_cpu(ev->handle);
3398
3399 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3400
3401 mgr = hcon->amp_mgr;
3402 if (mgr && mgr->bredr_chan) {
3403 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3404
3405 l2cap_chan_lock(bredr_chan);
3406
3407 bredr_chan->conn->mtu = hdev->block_mtu;
3408 l2cap_logical_cfm(bredr_chan, hchan, 0);
3409 hci_conn_hold(hcon);
3410
3411 l2cap_chan_unlock(bredr_chan);
3412 }
3413}
3414
606e2a10
AE		 3415static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3416 struct sk_buff *skb)
3417{
3418 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3419 struct hci_chan *hchan;
3420
3421 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3422 le16_to_cpu(ev->handle), ev->status);
3423
3424 if (ev->status)
3425 return;
3426
3427 hci_dev_lock(hdev);
3428
3429 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3430 if (!hchan)
3431 goto unlock;
3432
3433 amp_destroy_logical_link(hchan, ev->reason);
3434
3435unlock:
3436 hci_dev_unlock(hdev);
3437}
3438
9eef6b3a
AE		 3439static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3440 struct sk_buff *skb)
3441{
3442 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3443 struct hci_conn *hcon;
3444
3445 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3446
3447 if (ev->status)
3448 return;
3449
3450 hci_dev_lock(hdev);
3451
3452 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3453 if (hcon) {
3454 hcon->state = BT_CLOSED;
3455 hci_conn_del(hcon);
3456 }
3457
3458 hci_dev_unlock(hdev);
3459}
3460
6039aa73 3461static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3462{
3463 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3464 struct hci_conn *conn;
3465
9f1db00c 3466 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3467
3468 hci_dev_lock(hdev);
3469
b47a09b3 3470 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3471 if (!conn) {
3472 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3473 if (!conn) {
3474 BT_ERR("No memory for new connection");
230fd16a 3475 goto unlock;
b62f328b 3476 }
29b7988a
AG		 3477
3478 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3479
3480 if (ev->role == LE_CONN_ROLE_MASTER) {
3481 conn->out = true;
3482 conn->link_mode |= HCI_LM_MASTER;
3483 }
b62f328b 3484 }
fcd89c09 3485
cd17decb
AG		 3486 if (ev->status) {
3487 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3488 conn->dst_type, ev->status);
3489 hci_proto_connect_cfm(conn, ev->status);
3490 conn->state = BT_CLOSED;
3491 hci_conn_del(conn);
3492 goto unlock;
3493 }
3494
b644ba33
JH		 3495 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3496 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3497 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3498
7b5c0d52 3499 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3500 conn->handle = __le16_to_cpu(ev->handle);
3501 conn->state = BT_CONNECTED;
3502
fcd89c09
VT		 3503 hci_conn_add_sysfs(conn);
3504
3505 hci_proto_connect_cfm(conn, ev->status);
3506
3507unlock:
3508 hci_dev_unlock(hdev);
3509}
3510
6039aa73 3511static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3512{
e95beb41
AG		 3513 u8 num_reports = skb->data[0];
3514 void *ptr = &skb->data[1];
3c9e9195 3515 s8 rssi;
9aa04c91 3516
e95beb41
AG		 3517 while (num_reports--) {
3518 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3519
3c9e9195
AG		 3520 rssi = ev->data[ev->length];
3521 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3522 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3523
e95beb41 3524 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91 3525 }
9aa04c91
AG		 3526}
3527
6039aa73 3528static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3529{
3530 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3531 struct hci_cp_le_ltk_reply cp;
bea710fe 3532 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3533 struct hci_conn *conn;
c9839a11 3534 struct smp_ltk *ltk;
a7a595f6 3535
9f1db00c 3536 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3537
3538 hci_dev_lock(hdev);
3539
3540 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3541 if (conn == NULL)
3542 goto not_found;
a7a595f6 3543
bea710fe
VCG		 3544 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3545 if (ltk == NULL)
3546 goto not_found;
3547
3548 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3549 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3550
3551 if (ltk->authenticated)
f8776218
AG		 3552 conn->pending_sec_level = BT_SECURITY_HIGH;
3553 else
3554 conn->pending_sec_level = BT_SECURITY_MEDIUM;
a7a595f6 3555
89cbb4da 3556 conn->enc_key_size = ltk->enc_size;
a7a595f6
VCG		 3557
3558 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3559
c9839a11
VCG		 3560 if (ltk->type & HCI_SMP_STK) {
3561 list_del(&ltk->list);
3562 kfree(ltk);
3563 }
3564
a7a595f6 3565 hci_dev_unlock(hdev);
bea710fe
VCG		 3566
3567 return;
3568
3569not_found:
3570 neg.handle = ev->handle;
3571 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3572 hci_dev_unlock(hdev);
a7a595f6
VCG		 3573}
3574
6039aa73 3575static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3576{
3577 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3578
3579 skb_pull(skb, sizeof(*le_ev));
3580
3581 switch (le_ev->subevent) {
3582 case HCI_EV_LE_CONN_COMPLETE:
3583 hci_le_conn_complete_evt(hdev, skb);
3584 break;
3585
9aa04c91
AG		 3586 case HCI_EV_LE_ADVERTISING_REPORT:
3587 hci_le_adv_report_evt(hdev, skb);
3588 break;
3589
a7a595f6
VCG		 3590 case HCI_EV_LE_LTK_REQ:
3591 hci_le_ltk_request_evt(hdev, skb);
3592 break;
3593
fcd89c09
VT		 3594 default:
3595 break;
3596 }
3597}
3598
9495b2ee
AE		 3599static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3600{
3601 struct hci_ev_channel_selected *ev = (void *) skb->data;
3602 struct hci_conn *hcon;
3603
3604 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3605
3606 skb_pull(skb, sizeof(*ev));
3607
3608 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3609 if (!hcon)
3610 return;
3611
3612 amp_read_loc_assoc_final_data(hdev, hcon);
3613}
3614
a9de9248
MH		 3615void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3616{
3617 struct hci_event_hdr *hdr = (void *) skb->data;
3618 __u8 event = hdr->evt;
3619
b6ddb638
JH		 3620 hci_dev_lock(hdev);
3621
3622 /* Received events are (currently) only needed when a request is
3623 * ongoing so avoid unnecessary memory allocation.
3624 */
3625 if (hdev->req_status == HCI_REQ_PEND) {
3626 kfree_skb(hdev->recv_evt);
3627 hdev->recv_evt = skb_clone(skb, GFP_KERNEL);
3628 }
3629
3630 hci_dev_unlock(hdev);
3631
a9de9248
MH		 3632 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3633
02350a72 3634 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->req.event == event) {
c1f23a2b
JB		 3635 struct hci_command_hdr *cmd_hdr = (void *) hdev->sent_cmd->data;
3636 u16 opcode = __le16_to_cpu(cmd_hdr->opcode);
02350a72
JH		 3637
3638 hci_req_cmd_complete(hdev, opcode, 0);
3639 }
3640
a9de9248 3641 switch (event) {
1da177e4
LT		 3642 case HCI_EV_INQUIRY_COMPLETE:
3643 hci_inquiry_complete_evt(hdev, skb);
3644 break;
3645
3646 case HCI_EV_INQUIRY_RESULT:
3647 hci_inquiry_result_evt(hdev, skb);
3648 break;
3649
a9de9248
MH		 3650 case HCI_EV_CONN_COMPLETE:
3651 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3652 break;
3653
1da177e4
LT		 3654 case HCI_EV_CONN_REQUEST:
3655 hci_conn_request_evt(hdev, skb);
3656 break;
3657
1da177e4
LT		 3658 case HCI_EV_DISCONN_COMPLETE:
3659 hci_disconn_complete_evt(hdev, skb);
3660 break;
3661
1da177e4
LT		 3662 case HCI_EV_AUTH_COMPLETE:
3663 hci_auth_complete_evt(hdev, skb);
3664 break;
3665
a9de9248
MH		 3666 case HCI_EV_REMOTE_NAME:
3667 hci_remote_name_evt(hdev, skb);
3668 break;
3669
1da177e4
LT		 3670 case HCI_EV_ENCRYPT_CHANGE:
3671 hci_encrypt_change_evt(hdev, skb);
3672 break;
3673
a9de9248
MH		 3674 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3675 hci_change_link_key_complete_evt(hdev, skb);
3676 break;
3677
3678 case HCI_EV_REMOTE_FEATURES:
3679 hci_remote_features_evt(hdev, skb);
3680 break;
3681
a9de9248
MH		 3682 case HCI_EV_CMD_COMPLETE:
3683 hci_cmd_complete_evt(hdev, skb);
3684 break;
3685
3686 case HCI_EV_CMD_STATUS:
3687 hci_cmd_status_evt(hdev, skb);
3688 break;
3689
3690 case HCI_EV_ROLE_CHANGE:
3691 hci_role_change_evt(hdev, skb);
3692 break;
3693
3694 case HCI_EV_NUM_COMP_PKTS:
3695 hci_num_comp_pkts_evt(hdev, skb);
3696 break;
3697
3698 case HCI_EV_MODE_CHANGE:
3699 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3700 break;
3701
3702 case HCI_EV_PIN_CODE_REQ:
3703 hci_pin_code_request_evt(hdev, skb);
3704 break;
3705
3706 case HCI_EV_LINK_KEY_REQ:
3707 hci_link_key_request_evt(hdev, skb);
3708 break;
3709
3710 case HCI_EV_LINK_KEY_NOTIFY:
3711 hci_link_key_notify_evt(hdev, skb);
3712 break;
3713
3714 case HCI_EV_CLOCK_OFFSET:
3715 hci_clock_offset_evt(hdev, skb);
3716 break;
3717
a8746417
MH		 3718 case HCI_EV_PKT_TYPE_CHANGE:
3719 hci_pkt_type_change_evt(hdev, skb);
3720 break;
3721
85a1e930
MH		 3722 case HCI_EV_PSCAN_REP_MODE:
3723 hci_pscan_rep_mode_evt(hdev, skb);
3724 break;
3725
a9de9248
MH		 3726 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3727 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3728 break;
3729
a9de9248
MH		 3730 case HCI_EV_REMOTE_EXT_FEATURES:
3731 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3732 break;
3733
a9de9248
MH		 3734 case HCI_EV_SYNC_CONN_COMPLETE:
3735 hci_sync_conn_complete_evt(hdev, skb);
3736 break;
1da177e4 3737
a9de9248
MH		 3738 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3739 hci_extended_inquiry_result_evt(hdev, skb);
3740 break;
1da177e4 3741
1c2e0041
JH		 3742 case HCI_EV_KEY_REFRESH_COMPLETE:
3743 hci_key_refresh_complete_evt(hdev, skb);
3744 break;
3745
0493684e
MH		 3746 case HCI_EV_IO_CAPA_REQUEST:
3747 hci_io_capa_request_evt(hdev, skb);
3748 break;
3749
03b555e1
JH		 3750 case HCI_EV_IO_CAPA_REPLY:
3751 hci_io_capa_reply_evt(hdev, skb);
3752 break;
3753
a5c29683
JH		 3754 case HCI_EV_USER_CONFIRM_REQUEST:
3755 hci_user_confirm_request_evt(hdev, skb);
3756 break;
3757
1143d458
BG		 3758 case HCI_EV_USER_PASSKEY_REQUEST:
3759 hci_user_passkey_request_evt(hdev, skb);
3760 break;
3761
92a25256
JH		 3762 case HCI_EV_USER_PASSKEY_NOTIFY:
3763 hci_user_passkey_notify_evt(hdev, skb);
3764 break;
3765
3766 case HCI_EV_KEYPRESS_NOTIFY:
3767 hci_keypress_notify_evt(hdev, skb);
3768 break;
3769
0493684e
MH		 3770 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3771 hci_simple_pair_complete_evt(hdev, skb);
3772 break;
3773
41a96212
MH		 3774 case HCI_EV_REMOTE_HOST_FEATURES:
3775 hci_remote_host_features_evt(hdev, skb);
3776 break;
3777
fcd89c09
VT		 3778 case HCI_EV_LE_META:
3779 hci_le_meta_evt(hdev, skb);
3780 break;
3781
9495b2ee
AE		 3782 case HCI_EV_CHANNEL_SELECTED:
3783 hci_chan_selected_evt(hdev, skb);
3784 break;
3785
2763eda6
SJ		 3786 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3787 hci_remote_oob_data_request_evt(hdev, skb);
3788 break;
3789
d5e91192
AE		 3790 case HCI_EV_PHY_LINK_COMPLETE:
3791 hci_phy_link_complete_evt(hdev, skb);
3792 break;
3793
27695fb4
AE		 3794 case HCI_EV_LOGICAL_LINK_COMPLETE:
3795 hci_loglink_complete_evt(hdev, skb);
3796 break;
3797
606e2a10
AE		 3798 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
3799 hci_disconn_loglink_complete_evt(hdev, skb);
3800 break;
3801
9eef6b3a
AE		 3802 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
3803 hci_disconn_phylink_complete_evt(hdev, skb);
3804 break;
3805
25e89e99
AE		 3806 case HCI_EV_NUM_COMP_BLOCKS:
3807 hci_num_comp_blocks_evt(hdev, skb);
3808 break;
3809
a9de9248 3810 default:
9f1db00c 3811 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3812 break;
3813 }
3814
3815 kfree_skb(skb);
3816 hdev->stat.evt_rx++;
3817}
Linux kernel - Deliverables
This page took 0.917973 seconds and 5 git commands to generate.