projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add a convenience function to check for SSP enabled
[deliverable/linux.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
eb939922 48static bool enable_le;
e6100a25 49
1da177e4
LT		 50/* Handle HCI Event packets */
51
a9de9248 52static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 53{
a9de9248 54 __u8 status = *((__u8 *) skb->data);
1da177e4 55
a9de9248 56 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 57
e6d465cb
AG		 58 if (status) {
59 hci_dev_lock(hdev);
60 mgmt_stop_discovery_failed(hdev, status);
61 hci_dev_unlock(hdev);
a9de9248 62 return;
e6d465cb 63 }
1da177e4 64
89352e7d
AG		 65 clear_bit(HCI_INQUIRY, &hdev->flags);
66
56e5cb86 67 hci_dev_lock(hdev);
ff9ef578 68 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 69 hci_dev_unlock(hdev);
6bd57416 70
23bb5763 71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 72
73 hci_conn_check_pending(hdev);
74}
6bd57416 75
a9de9248
MH		 76static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
77{
78 __u8 status = *((__u8 *) skb->data);
6bd57416 79
a9de9248 80 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 81
a9de9248
MH		 82 if (status)
83 return;
1da177e4 84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
89{
90 BT_DBG("%s", hdev->name);
91}
92
93static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
94{
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
97
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
99
100 if (rp->status)
101 return;
102
103 hci_dev_lock(hdev);
104
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
106 if (conn) {
107 if (rp->role)
108 conn->link_mode &= ~HCI_LM_MASTER;
109 else
110 conn->link_mode |= HCI_LM_MASTER;
1da177e4 111 }
a9de9248
MH		 112
113 hci_dev_unlock(hdev);
1da177e4
LT		 114}
115
e4e8e37c
MH		 116static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
117{
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
120
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
122
123 if (rp->status)
124 return;
125
126 hci_dev_lock(hdev);
127
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
129 if (conn)
130 conn->link_policy = __le16_to_cpu(rp->policy);
131
132 hci_dev_unlock(hdev);
133}
134
a9de9248 135static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 136{
a9de9248 137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 138 struct hci_conn *conn;
04837f64 139 void *sent;
1da177e4 140
a9de9248 141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 142
a9de9248
MH		 143 if (rp->status)
144 return;
1da177e4 145
a9de9248
MH		 146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
147 if (!sent)
148 return;
1da177e4 149
a9de9248 150 hci_dev_lock(hdev);
1da177e4 151
a9de9248 152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 153 if (conn)
83985319 154 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 155
a9de9248
MH		 156 hci_dev_unlock(hdev);
157}
1da177e4 158
e4e8e37c
MH		 159static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
160{
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
162
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
164
165 if (rp->status)
166 return;
167
168 hdev->link_policy = __le16_to_cpu(rp->policy);
169}
170
171static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
172{
173 __u8 status = *((__u8 *) skb->data);
174 void *sent;
175
176 BT_DBG("%s status 0x%x", hdev->name, status);
177
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
179 if (!sent)
180 return;
181
182 if (!status)
183 hdev->link_policy = get_unaligned_le16(sent);
184
23bb5763 185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 186}
187
a9de9248
MH		 188static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
189{
190 __u8 status = *((__u8 *) skb->data);
04837f64 191
a9de9248 192 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 193
10572132
GP		 194 clear_bit(HCI_RESET, &hdev->flags);
195
23bb5763 196 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 197
7005ff17
JH		 198 /* Reset all flags, except persistent ones */
199 hdev->dev_flags &= BIT(HCI_MGMT) | BIT(HCI_SETUP) | BIT(HCI_AUTO_OFF);
a9de9248 200}
04837f64 201
a9de9248
MH		 202static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
203{
204 __u8 status = *((__u8 *) skb->data);
205 void *sent;
04837f64 206
a9de9248 207 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 208
a9de9248
MH		 209 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
210 if (!sent)
211 return;
04837f64 212
56e5cb86
JH		 213 hci_dev_lock(hdev);
214
a8b2d5c2 215 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 216 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 217
56e5cb86
JH		 218 if (status == 0)
219 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 220
56e5cb86 221 hci_dev_unlock(hdev);
a9de9248
MH		 222}
223
224static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225{
226 struct hci_rp_read_local_name *rp = (void *) skb->data;
227
228 BT_DBG("%s status 0x%x", hdev->name, rp->status);
229
230 if (rp->status)
231 return;
232
1f6c6378 233 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 234}
235
236static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
237{
238 __u8 status = *((__u8 *) skb->data);
239 void *sent;
240
241 BT_DBG("%s status 0x%x", hdev->name, status);
242
243 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
244 if (!sent)
245 return;
246
247 if (!status) {
248 __u8 param = *((__u8 *) sent);
249
250 if (param == AUTH_ENABLED)
251 set_bit(HCI_AUTH, &hdev->flags);
252 else
253 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 254 }
a9de9248 255
23bb5763 256 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 257}
258
a9de9248 259static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 260{
a9de9248 261 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 262 void *sent;
263
a9de9248 264 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 265
a9de9248
MH		 266 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
267 if (!sent)
268 return;
1da177e4 269
a9de9248
MH		 270 if (!status) {
271 __u8 param = *((__u8 *) sent);
272
273 if (param)
274 set_bit(HCI_ENCRYPT, &hdev->flags);
275 else
276 clear_bit(HCI_ENCRYPT, &hdev->flags);
277 }
1da177e4 278
23bb5763 279 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 280}
1da177e4 281
a9de9248
MH		 282static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283{
36f7fc7e
JH		 284 __u8 param, status = *((__u8 *) skb->data);
285 int old_pscan, old_iscan;
a9de9248 286 void *sent;
1da177e4 287
a9de9248 288 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 289
a9de9248
MH		 290 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
291 if (!sent)
292 return;
1da177e4 293
36f7fc7e
JH		 294 param = *((__u8 *) sent);
295
56e5cb86
JH		 296 hci_dev_lock(hdev);
297
2d7cee58 298 if (status != 0) {
744cf19e 299 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 300 hdev->discov_timeout = 0;
301 goto done;
302 }
303
36f7fc7e
JH		 304 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
305 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306
307 if (param & SCAN_INQUIRY) {
308 set_bit(HCI_ISCAN, &hdev->flags);
309 if (!old_iscan)
744cf19e 310 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 311 if (hdev->discov_timeout > 0) {
312 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
313 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
314 to);
315 }
36f7fc7e 316 } else if (old_iscan)
744cf19e 317 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 318
319 if (param & SCAN_PAGE) {
320 set_bit(HCI_PSCAN, &hdev->flags);
321 if (!old_pscan)
744cf19e 322 mgmt_connectable(hdev, 1);
36f7fc7e 323 } else if (old_pscan)
744cf19e 324 mgmt_connectable(hdev, 0);
1da177e4 325
36f7fc7e 326done:
56e5cb86 327 hci_dev_unlock(hdev);
23bb5763 328 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 329}
1da177e4 330
a9de9248
MH		 331static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332{
333 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 334
a9de9248 335 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 336
a9de9248
MH		 337 if (rp->status)
338 return;
1da177e4 339
a9de9248 340 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 341
a9de9248
MH		 342 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
343 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
344}
1da177e4 345
a9de9248
MH		 346static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347{
348 __u8 status = *((__u8 *) skb->data);
349 void *sent;
1da177e4 350
a9de9248 351 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 352
f383f275
MH		 353 if (status)
354 return;
355
a9de9248
MH		 356 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
357 if (!sent)
358 return;
1da177e4 359
f383f275 360 memcpy(hdev->dev_class, sent, 3);
a9de9248 361}
1da177e4 362
a9de9248
MH		 363static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364{
365 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
366 __u16 setting;
367
368 BT_DBG("%s status 0x%x", hdev->name, rp->status);
369
370 if (rp->status)
371 return;
372
373 setting = __le16_to_cpu(rp->voice_setting);
374
f383f275 375 if (hdev->voice_setting == setting)
a9de9248
MH		 376 return;
377
378 hdev->voice_setting = setting;
379
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
381
3c54711c 382 if (hdev->notify)
a9de9248 383 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 384}
385
386static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387{
388 __u8 status = *((__u8 *) skb->data);
f383f275 389 __u16 setting;
a9de9248
MH		 390 void *sent;
391
392 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 393
f383f275
MH		 394 if (status)
395 return;
396
a9de9248
MH		 397 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
398 if (!sent)
399 return;
1da177e4 400
f383f275 401 setting = get_unaligned_le16(sent);
1da177e4 402
f383f275
MH		 403 if (hdev->voice_setting == setting)
404 return;
405
406 hdev->voice_setting = setting;
1da177e4 407
f383f275 408 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 409
3c54711c 410 if (hdev->notify)
f383f275 411 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 412}
413
a9de9248 414static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 415{
a9de9248 416 __u8 status = *((__u8 *) skb->data);
1da177e4 417
a9de9248 418 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 419
23bb5763 420 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 421}
1143e5a6 422
333140b5
MH		 423static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424{
425 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
426
427 BT_DBG("%s status 0x%x", hdev->name, rp->status);
428
429 if (rp->status)
430 return;
431
84bde9d6
JH		 432 if (rp->mode)
433 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
434 else
435 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 436}
437
438static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
439{
440 __u8 status = *((__u8 *) skb->data);
441 void *sent;
442
443 BT_DBG("%s status 0x%x", hdev->name, status);
444
445 if (status)
446 return;
447
448 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
449 if (!sent)
450 return;
451
84bde9d6
JH		 452 if (*((u8 *) sent))
453 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
454 else
455 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 456}
457
d5859e22
JH		 458static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
459{
460 if (hdev->features[6] & LMP_EXT_INQ)
461 return 2;
462
463 if (hdev->features[3] & LMP_RSSI_INQ)
464 return 1;
465
466 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
467 hdev->lmp_subver == 0x0757)
468 return 1;
469
470 if (hdev->manufacturer == 15) {
471 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
472 return 1;
473 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
474 return 1;
475 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
476 return 1;
477 }
478
479 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
480 hdev->lmp_subver == 0x1805)
481 return 1;
482
483 return 0;
484}
485
486static void hci_setup_inquiry_mode(struct hci_dev *hdev)
487{
488 u8 mode;
489
490 mode = hci_get_inquiry_mode(hdev);
491
492 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
493}
494
495static void hci_setup_event_mask(struct hci_dev *hdev)
496{
497 /* The second byte is 0xff instead of 0x9f (two reserved bits
498 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
499 * command otherwise */
500 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
501
6de6c18d
VT		 502 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
503 * any event mask for pre 1.2 devices */
5a13b095 504 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 505 return;
506
507 events[4] |= 0x01; /* Flow Specification Complete */
508 events[4] |= 0x02; /* Inquiry Result with RSSI */
509 events[4] |= 0x04; /* Read Remote Extended Features Complete */
510 events[5] |= 0x08; /* Synchronous Connection Complete */
511 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 512
513 if (hdev->features[3] & LMP_RSSI_INQ)
514 events[4] |= 0x04; /* Inquiry Result with RSSI */
515
516 if (hdev->features[5] & LMP_SNIFF_SUBR)
517 events[5] |= 0x20; /* Sniff Subrating */
518
519 if (hdev->features[5] & LMP_PAUSE_ENC)
520 events[5] |= 0x80; /* Encryption Key Refresh Complete */
521
522 if (hdev->features[6] & LMP_EXT_INQ)
523 events[5] |= 0x40; /* Extended Inquiry Result */
524
525 if (hdev->features[6] & LMP_NO_FLUSH)
526 events[7] |= 0x01; /* Enhanced Flush Complete */
527
528 if (hdev->features[7] & LMP_LSTO)
529 events[6] |= 0x80; /* Link Supervision Timeout Changed */
530
531 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
532 events[6] |= 0x01; /* IO Capability Request */
533 events[6] |= 0x02; /* IO Capability Response */
534 events[6] |= 0x04; /* User Confirmation Request */
535 events[6] |= 0x08; /* User Passkey Request */
536 events[6] |= 0x10; /* Remote OOB Data Request */
537 events[6] |= 0x20; /* Simple Pairing Complete */
538 events[7] |= 0x04; /* User Passkey Notification */
539 events[7] |= 0x08; /* Keypress Notification */
540 events[7] |= 0x10; /* Remote Host Supported
541 * Features Notification */
542 }
543
544 if (hdev->features[4] & LMP_LE)
545 events[7] |= 0x20; /* LE Meta-Event */
546
547 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
548}
549
e6100a25
AG		 550static void hci_set_le_support(struct hci_dev *hdev)
551{
552 struct hci_cp_write_le_host_supported cp;
553
554 memset(&cp, 0, sizeof(cp));
555
556 if (enable_le) {
557 cp.le = 1;
558 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
559 }
560
561 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
562}
563
d5859e22
JH		 564static void hci_setup(struct hci_dev *hdev)
565{
e61ef499
AE		 566 if (hdev->dev_type != HCI_BREDR)
567 return;
568
d5859e22
JH		 569 hci_setup_event_mask(hdev);
570
d095c1eb 571 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 572 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
573
574 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
575 u8 mode = 0x01;
576 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
577 }
578
579 if (hdev->features[3] & LMP_RSSI_INQ)
580 hci_setup_inquiry_mode(hdev);
581
582 if (hdev->features[7] & LMP_INQ_TX_PWR)
583 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 584
585 if (hdev->features[7] & LMP_EXTFEATURES) {
586 struct hci_cp_read_local_ext_features cp;
587
588 cp.page = 0x01;
589 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
590 sizeof(cp), &cp);
591 }
e6100a25
AG		 592
593 if (hdev->features[4] & LMP_LE)
594 hci_set_le_support(hdev);
d5859e22
JH		 595}
596
a9de9248
MH		 597static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
598{
599 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 600
a9de9248 601 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 602
a9de9248
MH		 603 if (rp->status)
604 return;
1143e5a6 605
a9de9248 606 hdev->hci_ver = rp->hci_ver;
e4e8e37c 607 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 608 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 609 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 610 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 611
a9de9248
MH		 612 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
613 hdev->manufacturer,
614 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 615
616 if (test_bit(HCI_INIT, &hdev->flags))
617 hci_setup(hdev);
618}
619
620static void hci_setup_link_policy(struct hci_dev *hdev)
621{
622 u16 link_policy = 0;
623
624 if (hdev->features[0] & LMP_RSWITCH)
625 link_policy |= HCI_LP_RSWITCH;
626 if (hdev->features[0] & LMP_HOLD)
627 link_policy |= HCI_LP_HOLD;
628 if (hdev->features[0] & LMP_SNIFF)
629 link_policy |= HCI_LP_SNIFF;
630 if (hdev->features[1] & LMP_PARK)
631 link_policy |= HCI_LP_PARK;
632
633 link_policy = cpu_to_le16(link_policy);
634 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
635 sizeof(link_policy), &link_policy);
a9de9248 636}
1da177e4 637
a9de9248
MH		 638static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
639{
640 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 641
a9de9248 642 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 643
a9de9248 644 if (rp->status)
d5859e22 645 goto done;
1da177e4 646
a9de9248 647 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 648
649 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
650 hci_setup_link_policy(hdev);
651
652done:
653 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 654}
1da177e4 655
a9de9248
MH		 656static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
657{
658 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 659
a9de9248 660 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 661
a9de9248
MH		 662 if (rp->status)
663 return;
5b7f9909 664
a9de9248 665 memcpy(hdev->features, rp->features, 8);
5b7f9909 666
a9de9248
MH		 667 /* Adjust default settings according to features
668 * supported by device. */
1da177e4 669
a9de9248
MH		 670 if (hdev->features[0] & LMP_3SLOT)
671 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 672
a9de9248
MH		 673 if (hdev->features[0] & LMP_5SLOT)
674 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 675
a9de9248
MH		 676 if (hdev->features[1] & LMP_HV2) {
677 hdev->pkt_type |= (HCI_HV2);
678 hdev->esco_type |= (ESCO_HV2);
679 }
1da177e4 680
a9de9248
MH		 681 if (hdev->features[1] & LMP_HV3) {
682 hdev->pkt_type |= (HCI_HV3);
683 hdev->esco_type |= (ESCO_HV3);
684 }
1da177e4 685
a9de9248
MH		 686 if (hdev->features[3] & LMP_ESCO)
687 hdev->esco_type |= (ESCO_EV3);
da1f5198 688
a9de9248
MH		 689 if (hdev->features[4] & LMP_EV4)
690 hdev->esco_type |= (ESCO_EV4);
da1f5198 691
a9de9248
MH		 692 if (hdev->features[4] & LMP_EV5)
693 hdev->esco_type |= (ESCO_EV5);
1da177e4 694
efc7688b
MH		 695 if (hdev->features[5] & LMP_EDR_ESCO_2M)
696 hdev->esco_type |= (ESCO_2EV3);
697
698 if (hdev->features[5] & LMP_EDR_ESCO_3M)
699 hdev->esco_type |= (ESCO_3EV3);
700
701 if (hdev->features[5] & LMP_EDR_3S_ESCO)
702 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
703
a9de9248
MH		 704 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
705 hdev->features[0], hdev->features[1],
706 hdev->features[2], hdev->features[3],
707 hdev->features[4], hdev->features[5],
708 hdev->features[6], hdev->features[7]);
709}
1da177e4 710
971e3a4b
AG		 711static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
712 struct sk_buff *skb)
713{
714 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
715
716 BT_DBG("%s status 0x%x", hdev->name, rp->status);
717
718 if (rp->status)
719 return;
720
b5b32b65
AG		 721 switch (rp->page) {
722 case 0:
723 memcpy(hdev->features, rp->features, 8);
724 break;
725 case 1:
726 memcpy(hdev->host_features, rp->features, 8);
727 break;
728 }
971e3a4b
AG		 729
730 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
731}
732
1e89cffb
AE		 733static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
734 struct sk_buff *skb)
735{
736 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
737
738 BT_DBG("%s status 0x%x", hdev->name, rp->status);
739
740 if (rp->status)
741 return;
742
743 hdev->flow_ctl_mode = rp->mode;
744
745 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
746}
747
a9de9248
MH		 748static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
749{
750 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 751
a9de9248 752 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 753
a9de9248
MH		 754 if (rp->status)
755 return;
1da177e4 756
a9de9248
MH		 757 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
758 hdev->sco_mtu = rp->sco_mtu;
759 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
760 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
761
762 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
763 hdev->sco_mtu = 64;
764 hdev->sco_pkts = 8;
1da177e4 765 }
a9de9248
MH		 766
767 hdev->acl_cnt = hdev->acl_pkts;
768 hdev->sco_cnt = hdev->sco_pkts;
769
770 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
771 hdev->acl_mtu, hdev->acl_pkts,
772 hdev->sco_mtu, hdev->sco_pkts);
773}
774
775static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
776{
777 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
778
779 BT_DBG("%s status 0x%x", hdev->name, rp->status);
780
781 if (!rp->status)
782 bacpy(&hdev->bdaddr, &rp->bdaddr);
783
23bb5763
JH		 784 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
785}
786
350ee4cf
AE		 787static void hci_cc_read_data_block_size(struct hci_dev *hdev,
788 struct sk_buff *skb)
789{
790 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
791
792 BT_DBG("%s status 0x%x", hdev->name, rp->status);
793
794 if (rp->status)
795 return;
796
797 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
798 hdev->block_len = __le16_to_cpu(rp->block_len);
799 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
800
801 hdev->block_cnt = hdev->num_blocks;
802
803 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
804 hdev->block_cnt, hdev->block_len);
805
806 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
807}
808
23bb5763
JH		 809static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
810{
811 __u8 status = *((__u8 *) skb->data);
812
813 BT_DBG("%s status 0x%x", hdev->name, status);
814
815 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 816}
817
928abaa7
AE		 818static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
819 struct sk_buff *skb)
820{
821 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
822
823 BT_DBG("%s status 0x%x", hdev->name, rp->status);
824
825 if (rp->status)
826 return;
827
828 hdev->amp_status = rp->amp_status;
829 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
830 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
831 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
832 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
833 hdev->amp_type = rp->amp_type;
834 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
835 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
836 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
837 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
838
839 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
840}
841
b0916ea0
JH		 842static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
843 struct sk_buff *skb)
844{
845 __u8 status = *((__u8 *) skb->data);
846
847 BT_DBG("%s status 0x%x", hdev->name, status);
848
849 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
850}
851
d5859e22
JH		 852static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
853{
854 __u8 status = *((__u8 *) skb->data);
855
856 BT_DBG("%s status 0x%x", hdev->name, status);
857
858 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
859}
860
861static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
862 struct sk_buff *skb)
863{
864 __u8 status = *((__u8 *) skb->data);
865
866 BT_DBG("%s status 0x%x", hdev->name, status);
867
868 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
869}
870
871static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
872 struct sk_buff *skb)
873{
874 __u8 status = *((__u8 *) skb->data);
875
876 BT_DBG("%s status 0x%x", hdev->name, status);
877
878 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
879}
880
881static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
882{
883 __u8 status = *((__u8 *) skb->data);
884
885 BT_DBG("%s status 0x%x", hdev->name, status);
886
887 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
888}
889
980e1a53
JH		 890static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
891{
892 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
893 struct hci_cp_pin_code_reply *cp;
894 struct hci_conn *conn;
895
896 BT_DBG("%s status 0x%x", hdev->name, rp->status);
897
56e5cb86
JH		 898 hci_dev_lock(hdev);
899
a8b2d5c2 900 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 901 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 902
903 if (rp->status != 0)
56e5cb86 904 goto unlock;
980e1a53
JH		 905
906 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
907 if (!cp)
56e5cb86 908 goto unlock;
980e1a53
JH		 909
910 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
911 if (conn)
912 conn->pin_length = cp->pin_len;
56e5cb86
JH		 913
914unlock:
915 hci_dev_unlock(hdev);
980e1a53
JH		 916}
917
918static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
919{
920 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
921
922 BT_DBG("%s status 0x%x", hdev->name, rp->status);
923
56e5cb86
JH		 924 hci_dev_lock(hdev);
925
a8b2d5c2 926 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 927 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 928 rp->status);
56e5cb86
JH		 929
930 hci_dev_unlock(hdev);
980e1a53 931}
56e5cb86 932
6ed58ec5
VT		 933static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
934 struct sk_buff *skb)
935{
936 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
937
938 BT_DBG("%s status 0x%x", hdev->name, rp->status);
939
940 if (rp->status)
941 return;
942
943 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
944 hdev->le_pkts = rp->le_max_pkt;
945
946 hdev->le_cnt = hdev->le_pkts;
947
948 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
949
950 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
951}
980e1a53 952
a5c29683
JH		 953static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
954{
955 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
956
957 BT_DBG("%s status 0x%x", hdev->name, rp->status);
958
56e5cb86
JH		 959 hci_dev_lock(hdev);
960
a8b2d5c2 961 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 962 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
a5c29683 963 rp->status);
56e5cb86
JH		 964
965 hci_dev_unlock(hdev);
a5c29683
JH		 966}
967
968static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
969 struct sk_buff *skb)
970{
971 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
972
973 BT_DBG("%s status 0x%x", hdev->name, rp->status);
974
56e5cb86
JH		 975 hci_dev_lock(hdev);
976
a8b2d5c2 977 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 978 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
a5c29683 979 rp->status);
56e5cb86
JH		 980
981 hci_dev_unlock(hdev);
a5c29683
JH		 982}
983
1143d458
BG		 984static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
985{
986 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
987
988 BT_DBG("%s status 0x%x", hdev->name, rp->status);
989
990 hci_dev_lock(hdev);
991
a8b2d5c2 992 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 993 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
994 rp->status);
995
996 hci_dev_unlock(hdev);
997}
998
999static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1000 struct sk_buff *skb)
1001{
1002 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1003
1004 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1005
1006 hci_dev_lock(hdev);
1007
a8b2d5c2 1008 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 1009 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1010 rp->status);
1011
1012 hci_dev_unlock(hdev);
1013}
1014
c35938b2
SJ		 1015static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1016 struct sk_buff *skb)
1017{
1018 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1019
1020 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1021
56e5cb86 1022 hci_dev_lock(hdev);
744cf19e 1023 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1024 rp->randomizer, rp->status);
56e5cb86 1025 hci_dev_unlock(hdev);
c35938b2
SJ		 1026}
1027
07f7fa5d
AG		 1028static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1029{
1030 __u8 status = *((__u8 *) skb->data);
1031
1032 BT_DBG("%s status 0x%x", hdev->name, status);
1033}
1034
eb9d91f5
AG		 1035static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1036 struct sk_buff *skb)
1037{
1038 struct hci_cp_le_set_scan_enable *cp;
1039 __u8 status = *((__u8 *) skb->data);
1040
1041 BT_DBG("%s status 0x%x", hdev->name, status);
1042
1043 if (status)
1044 return;
1045
1046 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1047 if (!cp)
1048 return;
1049
68a8aea4
AE		 1050 switch (cp->enable) {
1051 case LE_SCANNING_ENABLED:
d23264a8
AG		 1052 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1053
db323f2f 1054 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1055
1056 hci_dev_lock(hdev);
eb9d91f5 1057 hci_adv_entries_clear(hdev);
a8f13c8c 1058 hci_dev_unlock(hdev);
68a8aea4
AE		 1059 break;
1060
1061 case LE_SCANNING_DISABLED:
d23264a8
AG		 1062 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1063
d084329e 1064 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
68a8aea4
AE		 1065 break;
1066
1067 default:
1068 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1069 break;
35815085 1070 }
eb9d91f5
AG		 1071}
1072
a7a595f6
VCG		 1073static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1074{
1075 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1076
1077 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1078
1079 if (rp->status)
1080 return;
1081
1082 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1083}
1084
1085static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1086{
1087 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1088
1089 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1090
1091 if (rp->status)
1092 return;
1093
1094 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1095}
1096
f9b49306
AG		 1097static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1098 struct sk_buff *skb)
1099{
1100 struct hci_cp_read_local_ext_features cp;
1101 __u8 status = *((__u8 *) skb->data);
1102
1103 BT_DBG("%s status 0x%x", hdev->name, status);
1104
1105 if (status)
1106 return;
1107
1108 cp.page = 0x01;
1109 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1110}
1111
a9de9248
MH		 1112static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1113{
1114 BT_DBG("%s status 0x%x", hdev->name, status);
1115
1116 if (status) {
23bb5763 1117 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1118 hci_conn_check_pending(hdev);
56e5cb86 1119 hci_dev_lock(hdev);
a8b2d5c2 1120 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1121 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1122 hci_dev_unlock(hdev);
314b2381
JH		 1123 return;
1124 }
1125
89352e7d
AG		 1126 set_bit(HCI_INQUIRY, &hdev->flags);
1127
56e5cb86 1128 hci_dev_lock(hdev);
30dc78e1 1129 hci_discovery_set_state(hdev, DISCOVERY_INQUIRY);
56e5cb86 1130 hci_dev_unlock(hdev);
1da177e4
LT		 1131}
1132
1da177e4
LT		 1133static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1134{
a9de9248 1135 struct hci_cp_create_conn *cp;
1da177e4 1136 struct hci_conn *conn;
1da177e4 1137
a9de9248
MH		 1138 BT_DBG("%s status 0x%x", hdev->name, status);
1139
1140 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1141 if (!cp)
1142 return;
1143
1144 hci_dev_lock(hdev);
1145
1146 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1147
a9de9248 1148 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1149
1150 if (status) {
1151 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1152 if (status != 0x0c || conn->attempt > 2) {
1153 conn->state = BT_CLOSED;
1154 hci_proto_connect_cfm(conn, status);
1155 hci_conn_del(conn);
1156 } else
1157 conn->state = BT_CONNECT2;
1da177e4
LT		 1158 }
1159 } else {
1160 if (!conn) {
1161 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1162 if (conn) {
a0c808b3 1163 conn->out = true;
1da177e4
LT		 1164 conn->link_mode |= HCI_LM_MASTER;
1165 } else
893ef971 1166 BT_ERR("No memory for new connection");
1da177e4
LT		 1167 }
1168 }
1169
1170 hci_dev_unlock(hdev);
1171}
1172
a9de9248 1173static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1174{
a9de9248
MH		 1175 struct hci_cp_add_sco *cp;
1176 struct hci_conn *acl, *sco;
1177 __u16 handle;
1da177e4 1178
b6a0dc82
MH		 1179 BT_DBG("%s status 0x%x", hdev->name, status);
1180
a9de9248
MH		 1181 if (!status)
1182 return;
1da177e4 1183
a9de9248
MH		 1184 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1185 if (!cp)
1186 return;
1da177e4 1187
a9de9248 1188 handle = __le16_to_cpu(cp->handle);
1da177e4 1189
a9de9248 1190 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1191
a9de9248 1192 hci_dev_lock(hdev);
1da177e4 1193
a9de9248 1194 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1195 if (acl) {
1196 sco = acl->link;
1197 if (sco) {
1198 sco->state = BT_CLOSED;
1da177e4 1199
5a08ecce
AE		 1200 hci_proto_connect_cfm(sco, status);
1201 hci_conn_del(sco);
1202 }
a9de9248 1203 }
1da177e4 1204
a9de9248
MH		 1205 hci_dev_unlock(hdev);
1206}
1da177e4 1207
f8558555
MH		 1208static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1209{
1210 struct hci_cp_auth_requested *cp;
1211 struct hci_conn *conn;
1212
1213 BT_DBG("%s status 0x%x", hdev->name, status);
1214
1215 if (!status)
1216 return;
1217
1218 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1219 if (!cp)
1220 return;
1221
1222 hci_dev_lock(hdev);
1223
1224 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1225 if (conn) {
1226 if (conn->state == BT_CONFIG) {
1227 hci_proto_connect_cfm(conn, status);
1228 hci_conn_put(conn);
1229 }
1230 }
1231
1232 hci_dev_unlock(hdev);
1233}
1234
1235static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1236{
1237 struct hci_cp_set_conn_encrypt *cp;
1238 struct hci_conn *conn;
1239
1240 BT_DBG("%s status 0x%x", hdev->name, status);
1241
1242 if (!status)
1243 return;
1244
1245 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1246 if (!cp)
1247 return;
1248
1249 hci_dev_lock(hdev);
1250
1251 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1252 if (conn) {
1253 if (conn->state == BT_CONFIG) {
1254 hci_proto_connect_cfm(conn, status);
1255 hci_conn_put(conn);
1256 }
1257 }
1258
1259 hci_dev_unlock(hdev);
1260}
1261
127178d2 1262static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1263 struct hci_conn *conn)
392599b9 1264{
392599b9
JH		 1265 if (conn->state != BT_CONFIG || !conn->out)
1266 return 0;
1267
765c2a96 1268 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1269 return 0;
1270
1271 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1272 * devices with sec_level HIGH or if MITM protection is requested */
aa64a8b5 1273 if (!hci_conn_ssp_enabled(conn) &&
e9bf2bf0
VCG		 1274 conn->pending_sec_level != BT_SECURITY_HIGH &&
1275 !(conn->auth_type & 0x01))
392599b9
JH		 1276 return 0;
1277
392599b9
JH		 1278 return 1;
1279}
1280
30dc78e1
JH		 1281static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1282{
1283 struct hci_cp_remote_name_req cp;
1284
1285 memset(&cp, 0, sizeof(cp));
1286
1287 bacpy(&cp.bdaddr, &e->data.bdaddr);
1288 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1289 cp.pscan_mode = e->data.pscan_mode;
1290 cp.clock_offset = e->data.clock_offset;
1291
1292 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1293}
1294
b644ba33 1295static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1296{
1297 struct discovery_state *discov = &hdev->discovery;
1298 struct inquiry_entry *e;
1299
b644ba33
JH		 1300 if (list_empty(&discov->resolve))
1301 return false;
1302
1303 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1304 if (hci_resolve_name(hdev, e) == 0) {
1305 e->name_state = NAME_PENDING;
1306 return true;
1307 }
1308
1309 return false;
1310}
1311
1312static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1313 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1314{
1315 struct discovery_state *discov = &hdev->discovery;
1316 struct inquiry_entry *e;
1317
1318 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1319 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1320 name, name_len, conn->dev_class);
1321
1322 if (discov->state == DISCOVERY_STOPPED)
1323 return;
1324
30dc78e1
JH		 1325 if (discov->state == DISCOVERY_STOPPING)
1326 goto discov_complete;
1327
1328 if (discov->state != DISCOVERY_RESOLVING)
1329 return;
1330
1331 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1332 if (e) {
1333 e->name_state = NAME_KNOWN;
1334 list_del(&e->list);
b644ba33
JH		 1335 if (name)
1336 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1337 e->data.rssi, name, name_len);
30dc78e1
JH		 1338 }
1339
b644ba33 1340 if (hci_resolve_next_name(hdev))
30dc78e1 1341 return;
30dc78e1
JH		 1342
1343discov_complete:
1344 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1345}
1346
a9de9248
MH		 1347static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1348{
127178d2
JH		 1349 struct hci_cp_remote_name_req *cp;
1350 struct hci_conn *conn;
1351
a9de9248 1352 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1353
1354 /* If successful wait for the name req complete event before
1355 * checking for the need to do authentication */
1356 if (!status)
1357 return;
1358
1359 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1360 if (!cp)
1361 return;
1362
1363 hci_dev_lock(hdev);
1364
b644ba33
JH		 1365 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1366
a8b2d5c2 1367 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1368 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1369
79c6c70c
JH		 1370 if (!conn)
1371 goto unlock;
1372
1373 if (!hci_outgoing_auth_needed(hdev, conn))
1374 goto unlock;
1375
51a8efd7 1376 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1377 struct hci_cp_auth_requested cp;
1378 cp.handle = __cpu_to_le16(conn->handle);
1379 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1380 }
1381
79c6c70c 1382unlock:
127178d2 1383 hci_dev_unlock(hdev);
a9de9248 1384}
1da177e4 1385
769be974
MH		 1386static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1387{
1388 struct hci_cp_read_remote_features *cp;
1389 struct hci_conn *conn;
1390
1391 BT_DBG("%s status 0x%x", hdev->name, status);
1392
1393 if (!status)
1394 return;
1395
1396 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1397 if (!cp)
1398 return;
1399
1400 hci_dev_lock(hdev);
1401
1402 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1403 if (conn) {
1404 if (conn->state == BT_CONFIG) {
769be974
MH		 1405 hci_proto_connect_cfm(conn, status);
1406 hci_conn_put(conn);
1407 }
1408 }
1409
1410 hci_dev_unlock(hdev);
1411}
1412
1413static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1414{
1415 struct hci_cp_read_remote_ext_features *cp;
1416 struct hci_conn *conn;
1417
1418 BT_DBG("%s status 0x%x", hdev->name, status);
1419
1420 if (!status)
1421 return;
1422
1423 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1424 if (!cp)
1425 return;
1426
1427 hci_dev_lock(hdev);
1428
1429 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1430 if (conn) {
1431 if (conn->state == BT_CONFIG) {
769be974
MH		 1432 hci_proto_connect_cfm(conn, status);
1433 hci_conn_put(conn);
1434 }
1435 }
1436
1437 hci_dev_unlock(hdev);
1438}
1439
a9de9248
MH		 1440static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1441{
b6a0dc82
MH		 1442 struct hci_cp_setup_sync_conn *cp;
1443 struct hci_conn *acl, *sco;
1444 __u16 handle;
1445
a9de9248 1446 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1447
1448 if (!status)
1449 return;
1450
1451 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1452 if (!cp)
1453 return;
1454
1455 handle = __le16_to_cpu(cp->handle);
1456
1457 BT_DBG("%s handle %d", hdev->name, handle);
1458
1459 hci_dev_lock(hdev);
1460
1461 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1462 if (acl) {
1463 sco = acl->link;
1464 if (sco) {
1465 sco->state = BT_CLOSED;
b6a0dc82 1466
5a08ecce
AE		 1467 hci_proto_connect_cfm(sco, status);
1468 hci_conn_del(sco);
1469 }
b6a0dc82
MH		 1470 }
1471
1472 hci_dev_unlock(hdev);
1da177e4
LT		 1473}
1474
a9de9248 1475static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1476{
a9de9248
MH		 1477 struct hci_cp_sniff_mode *cp;
1478 struct hci_conn *conn;
1da177e4 1479
a9de9248 1480 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1481
a9de9248
MH		 1482 if (!status)
1483 return;
04837f64 1484
a9de9248
MH		 1485 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1486 if (!cp)
1487 return;
04837f64 1488
a9de9248 1489 hci_dev_lock(hdev);
04837f64 1490
a9de9248 1491 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1492 if (conn) {
51a8efd7 1493 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1494
51a8efd7 1495 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1496 hci_sco_setup(conn, status);
1497 }
1498
a9de9248
MH		 1499 hci_dev_unlock(hdev);
1500}
04837f64 1501
a9de9248
MH		 1502static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1503{
1504 struct hci_cp_exit_sniff_mode *cp;
1505 struct hci_conn *conn;
04837f64 1506
a9de9248 1507 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1508
a9de9248
MH		 1509 if (!status)
1510 return;
04837f64 1511
a9de9248
MH		 1512 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1513 if (!cp)
1514 return;
04837f64 1515
a9de9248 1516 hci_dev_lock(hdev);
1da177e4 1517
a9de9248 1518 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1519 if (conn) {
51a8efd7 1520 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1521
51a8efd7 1522 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1523 hci_sco_setup(conn, status);
1524 }
1525
a9de9248 1526 hci_dev_unlock(hdev);
1da177e4
LT		 1527}
1528
fcd89c09
VT		 1529static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1530{
1531 struct hci_cp_le_create_conn *cp;
1532 struct hci_conn *conn;
1533
1534 BT_DBG("%s status 0x%x", hdev->name, status);
1535
1536 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1537 if (!cp)
1538 return;
1539
1540 hci_dev_lock(hdev);
1541
1542 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1543
1544 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1545 conn);
1546
1547 if (status) {
1548 if (conn && conn->state == BT_CONNECT) {
1549 conn->state = BT_CLOSED;
1550 hci_proto_connect_cfm(conn, status);
1551 hci_conn_del(conn);
1552 }
1553 } else {
1554 if (!conn) {
1555 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1556 if (conn) {
1557 conn->dst_type = cp->peer_addr_type;
a0c808b3 1558 conn->out = true;
29b7988a 1559 } else {
fcd89c09 1560 BT_ERR("No memory for new connection");
29b7988a 1561 }
fcd89c09
VT		 1562 }
1563 }
1564
1565 hci_dev_unlock(hdev);
1566}
1567
a7a595f6
VCG		 1568static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1569{
1570 BT_DBG("%s status 0x%x", hdev->name, status);
1571}
1572
1da177e4
LT		 1573static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1574{
1575 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1576 struct discovery_state *discov = &hdev->discovery;
1577 struct inquiry_entry *e;
1da177e4
LT		 1578
1579 BT_DBG("%s status %d", hdev->name, status);
1580
23bb5763 1581 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1582
a9de9248 1583 hci_conn_check_pending(hdev);
89352e7d
AG		 1584
1585 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1586 return;
1587
a8b2d5c2 1588 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1589 return;
1590
56e5cb86 1591 hci_dev_lock(hdev);
30dc78e1
JH		 1592
1593 if (discov->state != DISCOVERY_INQUIRY)
1594 goto unlock;
1595
1596 if (list_empty(&discov->resolve)) {
1597 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1598 goto unlock;
1599 }
1600
1601 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1602 if (e && hci_resolve_name(hdev, e) == 0) {
1603 e->name_state = NAME_PENDING;
1604 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1605 } else {
1606 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1607 }
1608
1609unlock:
56e5cb86 1610 hci_dev_unlock(hdev);
1da177e4
LT		 1611}
1612
1da177e4
LT		 1613static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1614{
45bb4bf0 1615 struct inquiry_data data;
a9de9248 1616 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1617 int num_rsp = *((__u8 *) skb->data);
1618
1619 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1620
45bb4bf0
MH		 1621 if (!num_rsp)
1622 return;
1623
1da177e4 1624 hci_dev_lock(hdev);
45bb4bf0 1625
e17acd40 1626 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1627 bool name_known;
1628
1da177e4
LT		 1629 bacpy(&data.bdaddr, &info->bdaddr);
1630 data.pscan_rep_mode = info->pscan_rep_mode;
1631 data.pscan_period_mode = info->pscan_period_mode;
1632 data.pscan_mode = info->pscan_mode;
1633 memcpy(data.dev_class, info->dev_class, 3);
1634 data.clock_offset = info->clock_offset;
1635 data.rssi = 0x00;
41a96212 1636 data.ssp_mode = 0x00;
3175405b
JH		 1637
1638 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1639 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1640 info->dev_class, 0, !name_known,
1641 NULL, 0);
1da177e4 1642 }
45bb4bf0 1643
1da177e4
LT		 1644 hci_dev_unlock(hdev);
1645}
1646
1da177e4
LT		 1647static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1648{
a9de9248
MH		 1649 struct hci_ev_conn_complete *ev = (void *) skb->data;
1650 struct hci_conn *conn;
1da177e4
LT		 1651
1652 BT_DBG("%s", hdev->name);
1653
1654 hci_dev_lock(hdev);
1655
1656 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1657 if (!conn) {
1658 if (ev->link_type != SCO_LINK)
1659 goto unlock;
1660
1661 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1662 if (!conn)
1663 goto unlock;
1664
1665 conn->type = SCO_LINK;
1666 }
1da177e4
LT		 1667
1668 if (!ev->status) {
1669 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1670
1671 if (conn->type == ACL_LINK) {
1672 conn->state = BT_CONFIG;
1673 hci_conn_hold(conn);
052b30b0 1674 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1675 } else
1676 conn->state = BT_CONNECTED;
1da177e4 1677
9eba32b8 1678 hci_conn_hold_device(conn);
7d0db0a3
MH		 1679 hci_conn_add_sysfs(conn);
1680
1da177e4
LT		 1681 if (test_bit(HCI_AUTH, &hdev->flags))
1682 conn->link_mode |= HCI_LM_AUTH;
1683
1684 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1685 conn->link_mode |= HCI_LM_ENCRYPT;
1686
04837f64
MH		 1687 /* Get remote features */
1688 if (conn->type == ACL_LINK) {
1689 struct hci_cp_read_remote_features cp;
1690 cp.handle = ev->handle;
769be974
MH		 1691 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1692 sizeof(cp), &cp);
04837f64
MH		 1693 }
1694
1da177e4 1695 /* Set packet type for incoming connection */
d095c1eb 1696 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1697 struct hci_cp_change_conn_ptype cp;
1698 cp.handle = ev->handle;
a8746417
MH		 1699 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1700 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1701 sizeof(cp), &cp);
1da177e4 1702 }
17d5c04c 1703 } else {
1da177e4 1704 conn->state = BT_CLOSED;
17d5c04c 1705 if (conn->type == ACL_LINK)
744cf19e 1706 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1707 conn->dst_type, ev->status);
17d5c04c 1708 }
1da177e4 1709
e73439d8
MH		 1710 if (conn->type == ACL_LINK)
1711 hci_sco_setup(conn, ev->status);
1da177e4 1712
769be974
MH		 1713 if (ev->status) {
1714 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1715 hci_conn_del(conn);
c89b6e6b
MH		 1716 } else if (ev->link_type != ACL_LINK)
1717 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1718
a9de9248 1719unlock:
1da177e4 1720 hci_dev_unlock(hdev);
1da177e4 1721
a9de9248 1722 hci_conn_check_pending(hdev);
1da177e4
LT		 1723}
1724
a9de9248 1725static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1726{
a9de9248
MH		 1727 struct hci_ev_conn_request *ev = (void *) skb->data;
1728 int mask = hdev->link_mode;
1da177e4 1729
a9de9248
MH		 1730 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1731 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1732
a9de9248 1733 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1734
138d22ef
SJ		 1735 if ((mask & HCI_LM_ACCEPT) &&
1736 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1737 /* Connection accepted */
c7bdd502 1738 struct inquiry_entry *ie;
1da177e4 1739 struct hci_conn *conn;
1da177e4 1740
a9de9248 1741 hci_dev_lock(hdev);
b6a0dc82 1742
cc11b9c1
AE		 1743 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1744 if (ie)
c7bdd502
MH		 1745 memcpy(ie->data.dev_class, ev->dev_class, 3);
1746
a9de9248
MH		 1747 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1748 if (!conn) {
cc11b9c1
AE		 1749 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1750 if (!conn) {
893ef971 1751 BT_ERR("No memory for new connection");
a9de9248
MH		 1752 hci_dev_unlock(hdev);
1753 return;
1da177e4
LT		 1754 }
1755 }
b6a0dc82 1756
a9de9248
MH		 1757 memcpy(conn->dev_class, ev->dev_class, 3);
1758 conn->state = BT_CONNECT;
b6a0dc82 1759
a9de9248 1760 hci_dev_unlock(hdev);
1da177e4 1761
b6a0dc82
MH		 1762 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1763 struct hci_cp_accept_conn_req cp;
1da177e4 1764
b6a0dc82
MH		 1765 bacpy(&cp.bdaddr, &ev->bdaddr);
1766
1767 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1768 cp.role = 0x00; /* Become master */
1769 else
1770 cp.role = 0x01; /* Remain slave */
1771
1772 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1773 sizeof(cp), &cp);
1774 } else {
1775 struct hci_cp_accept_sync_conn_req cp;
1776
1777 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1778 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1779
1780 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1781 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1782 cp.max_latency = cpu_to_le16(0xffff);
1783 cp.content_format = cpu_to_le16(hdev->voice_setting);
1784 cp.retrans_effort = 0xff;
1da177e4 1785
b6a0dc82
MH		 1786 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1787 sizeof(cp), &cp);
1788 }
a9de9248
MH		 1789 } else {
1790 /* Connection rejected */
1791 struct hci_cp_reject_conn_req cp;
1da177e4 1792
a9de9248 1793 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1794 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1795 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1796 }
1da177e4
LT		 1797}
1798
a9de9248 1799static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1800{
a9de9248 1801 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1802 struct hci_conn *conn;
1803
1804 BT_DBG("%s status %d", hdev->name, ev->status);
1805
1806 hci_dev_lock(hdev);
1807
1808 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1809 if (!conn)
1810 goto unlock;
7d0db0a3 1811
37d9ef76
JH		 1812 if (ev->status == 0)
1813 conn->state = BT_CLOSED;
04837f64 1814
b644ba33
JH		 1815 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1816 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76
JH		 1817 if (ev->status != 0)
1818 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1819 else
afc747a6 1820 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1821 conn->dst_type);
37d9ef76 1822 }
f7520543 1823
37d9ef76
JH		 1824 if (ev->status == 0) {
1825 hci_proto_disconn_cfm(conn, ev->reason);
1826 hci_conn_del(conn);
1827 }
f7520543
JH		 1828
1829unlock:
04837f64
MH		 1830 hci_dev_unlock(hdev);
1831}
1832
1da177e4
LT		 1833static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1834{
a9de9248 1835 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1836 struct hci_conn *conn;
1da177e4
LT		 1837
1838 BT_DBG("%s status %d", hdev->name, ev->status);
1839
1840 hci_dev_lock(hdev);
1841
04837f64 1842 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1843 if (!conn)
1844 goto unlock;
1845
1846 if (!ev->status) {
aa64a8b5
JH		 1847 if (!hci_conn_ssp_enabled(conn) &&
1848 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1849 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1850 } else {
d7556e20
WR		 1851 conn->link_mode |= HCI_LM_AUTH;
1852 conn->sec_level = conn->pending_sec_level;
2a611692 1853 }
d7556e20 1854 } else {
744cf19e 1855 mgmt_auth_failed(hdev, &conn->dst, ev->status);
d7556e20 1856 }
1da177e4 1857
51a8efd7
JH		 1858 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1859 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1860
d7556e20 1861 if (conn->state == BT_CONFIG) {
aa64a8b5 1862 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1863 struct hci_cp_set_conn_encrypt cp;
1864 cp.handle = ev->handle;
1865 cp.encrypt = 0x01;
1866 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1867 &cp);
052b30b0 1868 } else {
d7556e20
WR		 1869 conn->state = BT_CONNECTED;
1870 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1871 hci_conn_put(conn);
1872 }
d7556e20
WR		 1873 } else {
1874 hci_auth_cfm(conn, ev->status);
052b30b0 1875
d7556e20
WR		 1876 hci_conn_hold(conn);
1877 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1878 hci_conn_put(conn);
1879 }
1880
51a8efd7 1881 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1882 if (!ev->status) {
1883 struct hci_cp_set_conn_encrypt cp;
1884 cp.handle = ev->handle;
1885 cp.encrypt = 0x01;
1886 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1887 &cp);
1888 } else {
51a8efd7 1889 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1890 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1891 }
1892 }
1893
d7556e20 1894unlock:
1da177e4
LT		 1895 hci_dev_unlock(hdev);
1896}
1897
a9de9248 1898static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1899{
127178d2
JH		 1900 struct hci_ev_remote_name *ev = (void *) skb->data;
1901 struct hci_conn *conn;
1902
a9de9248 1903 BT_DBG("%s", hdev->name);
1da177e4 1904
a9de9248 1905 hci_conn_check_pending(hdev);
127178d2
JH		 1906
1907 hci_dev_lock(hdev);
1908
b644ba33 1909 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1910
b644ba33
JH		 1911 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1912 goto check_auth;
a88a9652 1913
b644ba33
JH		 1914 if (ev->status == 0)
1915 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1916 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1917 else
1918 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1919
1920check_auth:
79c6c70c
JH		 1921 if (!conn)
1922 goto unlock;
1923
1924 if (!hci_outgoing_auth_needed(hdev, conn))
1925 goto unlock;
1926
51a8efd7 1927 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1928 struct hci_cp_auth_requested cp;
1929 cp.handle = __cpu_to_le16(conn->handle);
1930 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1931 }
1932
79c6c70c 1933unlock:
127178d2 1934 hci_dev_unlock(hdev);
a9de9248
MH		 1935}
1936
1937static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1938{
1939 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1940 struct hci_conn *conn;
1941
1942 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1943
1944 hci_dev_lock(hdev);
1945
04837f64 1946 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1947 if (conn) {
1948 if (!ev->status) {
ae293196
MH		 1949 if (ev->encrypt) {
1950 /* Encryption implies authentication */
1951 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1952 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 1953 conn->sec_level = conn->pending_sec_level;
ae293196 1954 } else
1da177e4
LT		 1955 conn->link_mode &= ~HCI_LM_ENCRYPT;
1956 }
1957
51a8efd7 1958 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 1959
f8558555
MH		 1960 if (conn->state == BT_CONFIG) {
1961 if (!ev->status)
1962 conn->state = BT_CONNECTED;
1963
1964 hci_proto_connect_cfm(conn, ev->status);
1965 hci_conn_put(conn);
1966 } else
1967 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1968 }
1969
1970 hci_dev_unlock(hdev);
1971}
1972
a9de9248 1973static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1974{
a9de9248 1975 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1976 struct hci_conn *conn;
1da177e4
LT		 1977
1978 BT_DBG("%s status %d", hdev->name, ev->status);
1979
1980 hci_dev_lock(hdev);
1981
04837f64 1982 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1983 if (conn) {
1984 if (!ev->status)
1985 conn->link_mode |= HCI_LM_SECURE;
1986
51a8efd7 1987 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 1988
1989 hci_key_change_cfm(conn, ev->status);
1990 }
1991
1992 hci_dev_unlock(hdev);
1993}
1994
a9de9248 1995static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1996{
a9de9248
MH		 1997 struct hci_ev_remote_features *ev = (void *) skb->data;
1998 struct hci_conn *conn;
1999
2000 BT_DBG("%s status %d", hdev->name, ev->status);
2001
a9de9248
MH		 2002 hci_dev_lock(hdev);
2003
2004 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2005 if (!conn)
2006 goto unlock;
769be974 2007
ccd556fe
JH		 2008 if (!ev->status)
2009 memcpy(conn->features, ev->features, 8);
2010
2011 if (conn->state != BT_CONFIG)
2012 goto unlock;
2013
2014 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2015 struct hci_cp_read_remote_ext_features cp;
2016 cp.handle = ev->handle;
2017 cp.page = 0x01;
2018 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2019 sizeof(cp), &cp);
392599b9
JH		 2020 goto unlock;
2021 }
2022
127178d2
JH		 2023 if (!ev->status) {
2024 struct hci_cp_remote_name_req cp;
2025 memset(&cp, 0, sizeof(cp));
2026 bacpy(&cp.bdaddr, &conn->dst);
2027 cp.pscan_rep_mode = 0x02;
2028 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2029 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2030 mgmt_device_connected(hdev, &conn->dst, conn->type,
2031 conn->dst_type, NULL, 0,
2032 conn->dev_class);
392599b9 2033
127178d2 2034 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2035 conn->state = BT_CONNECTED;
2036 hci_proto_connect_cfm(conn, ev->status);
2037 hci_conn_put(conn);
769be974 2038 }
a9de9248 2039
ccd556fe 2040unlock:
a9de9248 2041 hci_dev_unlock(hdev);
1da177e4
LT		 2042}
2043
a9de9248 2044static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2045{
a9de9248 2046 BT_DBG("%s", hdev->name);
1da177e4
LT		 2047}
2048
a9de9248 2049static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2050{
a9de9248 2051 BT_DBG("%s", hdev->name);
1da177e4
LT		 2052}
2053
a9de9248
MH		 2054static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2055{
2056 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2057 __u16 opcode;
2058
2059 skb_pull(skb, sizeof(*ev));
2060
2061 opcode = __le16_to_cpu(ev->opcode);
2062
2063 switch (opcode) {
2064 case HCI_OP_INQUIRY_CANCEL:
2065 hci_cc_inquiry_cancel(hdev, skb);
2066 break;
2067
2068 case HCI_OP_EXIT_PERIODIC_INQ:
2069 hci_cc_exit_periodic_inq(hdev, skb);
2070 break;
2071
2072 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2073 hci_cc_remote_name_req_cancel(hdev, skb);
2074 break;
2075
2076 case HCI_OP_ROLE_DISCOVERY:
2077 hci_cc_role_discovery(hdev, skb);
2078 break;
2079
e4e8e37c
MH		 2080 case HCI_OP_READ_LINK_POLICY:
2081 hci_cc_read_link_policy(hdev, skb);
2082 break;
2083
a9de9248
MH		 2084 case HCI_OP_WRITE_LINK_POLICY:
2085 hci_cc_write_link_policy(hdev, skb);
2086 break;
2087
e4e8e37c
MH		 2088 case HCI_OP_READ_DEF_LINK_POLICY:
2089 hci_cc_read_def_link_policy(hdev, skb);
2090 break;
2091
2092 case HCI_OP_WRITE_DEF_LINK_POLICY:
2093 hci_cc_write_def_link_policy(hdev, skb);
2094 break;
2095
a9de9248
MH		 2096 case HCI_OP_RESET:
2097 hci_cc_reset(hdev, skb);
2098 break;
2099
2100 case HCI_OP_WRITE_LOCAL_NAME:
2101 hci_cc_write_local_name(hdev, skb);
2102 break;
2103
2104 case HCI_OP_READ_LOCAL_NAME:
2105 hci_cc_read_local_name(hdev, skb);
2106 break;
2107
2108 case HCI_OP_WRITE_AUTH_ENABLE:
2109 hci_cc_write_auth_enable(hdev, skb);
2110 break;
2111
2112 case HCI_OP_WRITE_ENCRYPT_MODE:
2113 hci_cc_write_encrypt_mode(hdev, skb);
2114 break;
2115
2116 case HCI_OP_WRITE_SCAN_ENABLE:
2117 hci_cc_write_scan_enable(hdev, skb);
2118 break;
2119
2120 case HCI_OP_READ_CLASS_OF_DEV:
2121 hci_cc_read_class_of_dev(hdev, skb);
2122 break;
2123
2124 case HCI_OP_WRITE_CLASS_OF_DEV:
2125 hci_cc_write_class_of_dev(hdev, skb);
2126 break;
2127
2128 case HCI_OP_READ_VOICE_SETTING:
2129 hci_cc_read_voice_setting(hdev, skb);
2130 break;
2131
2132 case HCI_OP_WRITE_VOICE_SETTING:
2133 hci_cc_write_voice_setting(hdev, skb);
2134 break;
2135
2136 case HCI_OP_HOST_BUFFER_SIZE:
2137 hci_cc_host_buffer_size(hdev, skb);
2138 break;
2139
333140b5
MH		 2140 case HCI_OP_READ_SSP_MODE:
2141 hci_cc_read_ssp_mode(hdev, skb);
2142 break;
2143
2144 case HCI_OP_WRITE_SSP_MODE:
2145 hci_cc_write_ssp_mode(hdev, skb);
2146 break;
2147
a9de9248
MH		 2148 case HCI_OP_READ_LOCAL_VERSION:
2149 hci_cc_read_local_version(hdev, skb);
2150 break;
2151
2152 case HCI_OP_READ_LOCAL_COMMANDS:
2153 hci_cc_read_local_commands(hdev, skb);
2154 break;
2155
2156 case HCI_OP_READ_LOCAL_FEATURES:
2157 hci_cc_read_local_features(hdev, skb);
2158 break;
2159
971e3a4b
AG		 2160 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2161 hci_cc_read_local_ext_features(hdev, skb);
2162 break;
2163
a9de9248
MH		 2164 case HCI_OP_READ_BUFFER_SIZE:
2165 hci_cc_read_buffer_size(hdev, skb);
2166 break;
2167
2168 case HCI_OP_READ_BD_ADDR:
2169 hci_cc_read_bd_addr(hdev, skb);
2170 break;
2171
350ee4cf
AE		 2172 case HCI_OP_READ_DATA_BLOCK_SIZE:
2173 hci_cc_read_data_block_size(hdev, skb);
2174 break;
2175
23bb5763
JH		 2176 case HCI_OP_WRITE_CA_TIMEOUT:
2177 hci_cc_write_ca_timeout(hdev, skb);
2178 break;
2179
1e89cffb
AE		 2180 case HCI_OP_READ_FLOW_CONTROL_MODE:
2181 hci_cc_read_flow_control_mode(hdev, skb);
2182 break;
2183
928abaa7
AE		 2184 case HCI_OP_READ_LOCAL_AMP_INFO:
2185 hci_cc_read_local_amp_info(hdev, skb);
2186 break;
2187
b0916ea0
JH		 2188 case HCI_OP_DELETE_STORED_LINK_KEY:
2189 hci_cc_delete_stored_link_key(hdev, skb);
2190 break;
2191
d5859e22
JH		 2192 case HCI_OP_SET_EVENT_MASK:
2193 hci_cc_set_event_mask(hdev, skb);
2194 break;
2195
2196 case HCI_OP_WRITE_INQUIRY_MODE:
2197 hci_cc_write_inquiry_mode(hdev, skb);
2198 break;
2199
2200 case HCI_OP_READ_INQ_RSP_TX_POWER:
2201 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2202 break;
2203
2204 case HCI_OP_SET_EVENT_FLT:
2205 hci_cc_set_event_flt(hdev, skb);
2206 break;
2207
980e1a53
JH		 2208 case HCI_OP_PIN_CODE_REPLY:
2209 hci_cc_pin_code_reply(hdev, skb);
2210 break;
2211
2212 case HCI_OP_PIN_CODE_NEG_REPLY:
2213 hci_cc_pin_code_neg_reply(hdev, skb);
2214 break;
2215
c35938b2
SJ		 2216 case HCI_OP_READ_LOCAL_OOB_DATA:
2217 hci_cc_read_local_oob_data_reply(hdev, skb);
2218 break;
2219
6ed58ec5
VT		 2220 case HCI_OP_LE_READ_BUFFER_SIZE:
2221 hci_cc_le_read_buffer_size(hdev, skb);
2222 break;
2223
a5c29683
JH		 2224 case HCI_OP_USER_CONFIRM_REPLY:
2225 hci_cc_user_confirm_reply(hdev, skb);
2226 break;
2227
2228 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2229 hci_cc_user_confirm_neg_reply(hdev, skb);
2230 break;
2231
1143d458
BG		 2232 case HCI_OP_USER_PASSKEY_REPLY:
2233 hci_cc_user_passkey_reply(hdev, skb);
2234 break;
2235
2236 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2237 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2238
2239 case HCI_OP_LE_SET_SCAN_PARAM:
2240 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2241 break;
2242
eb9d91f5
AG		 2243 case HCI_OP_LE_SET_SCAN_ENABLE:
2244 hci_cc_le_set_scan_enable(hdev, skb);
2245 break;
2246
a7a595f6
VCG		 2247 case HCI_OP_LE_LTK_REPLY:
2248 hci_cc_le_ltk_reply(hdev, skb);
2249 break;
2250
2251 case HCI_OP_LE_LTK_NEG_REPLY:
2252 hci_cc_le_ltk_neg_reply(hdev, skb);
2253 break;
2254
f9b49306
AG		 2255 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2256 hci_cc_write_le_host_supported(hdev, skb);
2257 break;
2258
a9de9248
MH		 2259 default:
2260 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2261 break;
2262 }
2263
6bd32326
VT		 2264 if (ev->opcode != HCI_OP_NOP)
2265 del_timer(&hdev->cmd_timer);
2266
a9de9248
MH		 2267 if (ev->ncmd) {
2268 atomic_set(&hdev->cmd_cnt, 1);
2269 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2270 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2271 }
2272}
2273
2274static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2275{
2276 struct hci_ev_cmd_status *ev = (void *) skb->data;
2277 __u16 opcode;
2278
2279 skb_pull(skb, sizeof(*ev));
2280
2281 opcode = __le16_to_cpu(ev->opcode);
2282
2283 switch (opcode) {
2284 case HCI_OP_INQUIRY:
2285 hci_cs_inquiry(hdev, ev->status);
2286 break;
2287
2288 case HCI_OP_CREATE_CONN:
2289 hci_cs_create_conn(hdev, ev->status);
2290 break;
2291
2292 case HCI_OP_ADD_SCO:
2293 hci_cs_add_sco(hdev, ev->status);
2294 break;
2295
f8558555
MH		 2296 case HCI_OP_AUTH_REQUESTED:
2297 hci_cs_auth_requested(hdev, ev->status);
2298 break;
2299
2300 case HCI_OP_SET_CONN_ENCRYPT:
2301 hci_cs_set_conn_encrypt(hdev, ev->status);
2302 break;
2303
a9de9248
MH		 2304 case HCI_OP_REMOTE_NAME_REQ:
2305 hci_cs_remote_name_req(hdev, ev->status);
2306 break;
2307
769be974
MH		 2308 case HCI_OP_READ_REMOTE_FEATURES:
2309 hci_cs_read_remote_features(hdev, ev->status);
2310 break;
2311
2312 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2313 hci_cs_read_remote_ext_features(hdev, ev->status);
2314 break;
2315
a9de9248
MH		 2316 case HCI_OP_SETUP_SYNC_CONN:
2317 hci_cs_setup_sync_conn(hdev, ev->status);
2318 break;
2319
2320 case HCI_OP_SNIFF_MODE:
2321 hci_cs_sniff_mode(hdev, ev->status);
2322 break;
2323
2324 case HCI_OP_EXIT_SNIFF_MODE:
2325 hci_cs_exit_sniff_mode(hdev, ev->status);
2326 break;
2327
8962ee74
JH		 2328 case HCI_OP_DISCONNECT:
2329 if (ev->status != 0)
37d9ef76 2330 mgmt_disconnect_failed(hdev, NULL, ev->status);
8962ee74
JH		 2331 break;
2332
fcd89c09
VT		 2333 case HCI_OP_LE_CREATE_CONN:
2334 hci_cs_le_create_conn(hdev, ev->status);
2335 break;
2336
a7a595f6
VCG		 2337 case HCI_OP_LE_START_ENC:
2338 hci_cs_le_start_enc(hdev, ev->status);
2339 break;
2340
a9de9248
MH		 2341 default:
2342 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2343 break;
2344 }
2345
6bd32326
VT		 2346 if (ev->opcode != HCI_OP_NOP)
2347 del_timer(&hdev->cmd_timer);
2348
10572132 2349 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2350 atomic_set(&hdev->cmd_cnt, 1);
2351 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2352 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2353 }
2354}
2355
2356static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2357{
2358 struct hci_ev_role_change *ev = (void *) skb->data;
2359 struct hci_conn *conn;
2360
2361 BT_DBG("%s status %d", hdev->name, ev->status);
2362
2363 hci_dev_lock(hdev);
2364
2365 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2366 if (conn) {
2367 if (!ev->status) {
2368 if (ev->role)
2369 conn->link_mode &= ~HCI_LM_MASTER;
2370 else
2371 conn->link_mode |= HCI_LM_MASTER;
2372 }
2373
51a8efd7 2374 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2375
2376 hci_role_switch_cfm(conn, ev->status, ev->role);
2377 }
2378
2379 hci_dev_unlock(hdev);
2380}
2381
2382static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2383{
2384 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2385 int i;
2386
32ac5b9b
AE		 2387 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2388 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2389 return;
2390 }
2391
c5993de8
AE		 2392 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2393 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2394 BT_DBG("%s bad parameters", hdev->name);
2395 return;
2396 }
2397
c5993de8
AE		 2398 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2399
613a1c0c
AE		 2400 for (i = 0; i < ev->num_hndl; i++) {
2401 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2402 struct hci_conn *conn;
2403 __u16 handle, count;
2404
613a1c0c
AE		 2405 handle = __le16_to_cpu(info->handle);
2406 count = __le16_to_cpu(info->count);
a9de9248
MH		 2407
2408 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2409 if (!conn)
2410 continue;
2411
2412 conn->sent -= count;
2413
2414 switch (conn->type) {
2415 case ACL_LINK:
2416 hdev->acl_cnt += count;
2417 if (hdev->acl_cnt > hdev->acl_pkts)
2418 hdev->acl_cnt = hdev->acl_pkts;
2419 break;
2420
2421 case LE_LINK:
2422 if (hdev->le_pkts) {
2423 hdev->le_cnt += count;
2424 if (hdev->le_cnt > hdev->le_pkts)
2425 hdev->le_cnt = hdev->le_pkts;
2426 } else {
70f23020
AE		 2427 hdev->acl_cnt += count;
2428 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2429 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2430 }
f4280918
AE		 2431 break;
2432
2433 case SCO_LINK:
2434 hdev->sco_cnt += count;
2435 if (hdev->sco_cnt > hdev->sco_pkts)
2436 hdev->sco_cnt = hdev->sco_pkts;
2437 break;
2438
2439 default:
2440 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2441 break;
a9de9248
MH		 2442 }
2443 }
2444
3eff45ea 2445 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2446}
2447
25e89e99
AE		 2448static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2449 struct sk_buff *skb)
2450{
2451 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2452 int i;
2453
2454 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2455 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2456 return;
2457 }
2458
2459 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2460 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2461 BT_DBG("%s bad parameters", hdev->name);
2462 return;
2463 }
2464
2465 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2466 ev->num_hndl);
2467
2468 for (i = 0; i < ev->num_hndl; i++) {
2469 struct hci_comp_blocks_info *info = &ev->handles[i];
2470 struct hci_conn *conn;
2471 __u16 handle, block_count;
2472
2473 handle = __le16_to_cpu(info->handle);
2474 block_count = __le16_to_cpu(info->blocks);
2475
2476 conn = hci_conn_hash_lookup_handle(hdev, handle);
2477 if (!conn)
2478 continue;
2479
2480 conn->sent -= block_count;
2481
2482 switch (conn->type) {
2483 case ACL_LINK:
2484 hdev->block_cnt += block_count;
2485 if (hdev->block_cnt > hdev->num_blocks)
2486 hdev->block_cnt = hdev->num_blocks;
2487 break;
2488
2489 default:
2490 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2491 break;
2492 }
2493 }
2494
2495 queue_work(hdev->workqueue, &hdev->tx_work);
2496}
2497
a9de9248 2498static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2499{
a9de9248 2500 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2501 struct hci_conn *conn;
2502
2503 BT_DBG("%s status %d", hdev->name, ev->status);
2504
2505 hci_dev_lock(hdev);
2506
2507 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2508 if (conn) {
2509 conn->mode = ev->mode;
2510 conn->interval = __le16_to_cpu(ev->interval);
2511
51a8efd7 2512 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2513 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2514 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2515 else
58a681ef 2516 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2517 }
e73439d8 2518
51a8efd7 2519 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2520 hci_sco_setup(conn, ev->status);
04837f64
MH		 2521 }
2522
2523 hci_dev_unlock(hdev);
2524}
2525
a9de9248
MH		 2526static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2527{
052b30b0
MH		 2528 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2529 struct hci_conn *conn;
2530
a9de9248 2531 BT_DBG("%s", hdev->name);
052b30b0
MH		 2532
2533 hci_dev_lock(hdev);
2534
2535 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2536 if (!conn)
2537 goto unlock;
2538
2539 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2540 hci_conn_hold(conn);
2541 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2542 hci_conn_put(conn);
2543 }
2544
a8b2d5c2 2545 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2546 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2547 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2548 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2549 u8 secure;
2550
2551 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2552 secure = 1;
2553 else
2554 secure = 0;
2555
744cf19e 2556 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2557 }
980e1a53 2558
b6f98044 2559unlock:
052b30b0 2560 hci_dev_unlock(hdev);
a9de9248
MH		 2561}
2562
2563static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2564{
55ed8ca1
JH		 2565 struct hci_ev_link_key_req *ev = (void *) skb->data;
2566 struct hci_cp_link_key_reply cp;
2567 struct hci_conn *conn;
2568 struct link_key *key;
2569
a9de9248 2570 BT_DBG("%s", hdev->name);
55ed8ca1 2571
a8b2d5c2 2572 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2573 return;
2574
2575 hci_dev_lock(hdev);
2576
2577 key = hci_find_link_key(hdev, &ev->bdaddr);
2578 if (!key) {
2579 BT_DBG("%s link key not found for %s", hdev->name,
2580 batostr(&ev->bdaddr));
2581 goto not_found;
2582 }
2583
2584 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2585 batostr(&ev->bdaddr));
2586
a8b2d5c2 2587 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2588 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2589 BT_DBG("%s ignoring debug key", hdev->name);
2590 goto not_found;
2591 }
2592
2593 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2594 if (conn) {
2595 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2596 conn->auth_type != 0xff &&
2597 (conn->auth_type & 0x01)) {
2598 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2599 goto not_found;
2600 }
55ed8ca1 2601
60b83f57
WR		 2602 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2603 conn->pending_sec_level == BT_SECURITY_HIGH) {
2604 BT_DBG("%s ignoring key unauthenticated for high \
2605 security", hdev->name);
2606 goto not_found;
2607 }
2608
2609 conn->key_type = key->type;
2610 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2611 }
2612
2613 bacpy(&cp.bdaddr, &ev->bdaddr);
2614 memcpy(cp.link_key, key->val, 16);
2615
2616 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2617
2618 hci_dev_unlock(hdev);
2619
2620 return;
2621
2622not_found:
2623 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2624 hci_dev_unlock(hdev);
a9de9248
MH		 2625}
2626
2627static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2628{
052b30b0
MH		 2629 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2630 struct hci_conn *conn;
55ed8ca1 2631 u8 pin_len = 0;
052b30b0 2632
a9de9248 2633 BT_DBG("%s", hdev->name);
052b30b0
MH		 2634
2635 hci_dev_lock(hdev);
2636
2637 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2638 if (conn) {
2639 hci_conn_hold(conn);
2640 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2641 pin_len = conn->pin_length;
13d39315
WR		 2642
2643 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2644 conn->key_type = ev->key_type;
2645
052b30b0
MH		 2646 hci_conn_put(conn);
2647 }
2648
a8b2d5c2 2649 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2650 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2651 ev->key_type, pin_len);
2652
052b30b0 2653 hci_dev_unlock(hdev);
a9de9248
MH		 2654}
2655
1da177e4
LT		 2656static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2657{
a9de9248 2658 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2659 struct hci_conn *conn;
1da177e4
LT		 2660
2661 BT_DBG("%s status %d", hdev->name, ev->status);
2662
2663 hci_dev_lock(hdev);
2664
04837f64 2665 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2666 if (conn && !ev->status) {
2667 struct inquiry_entry *ie;
2668
cc11b9c1
AE		 2669 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2670 if (ie) {
1da177e4
LT		 2671 ie->data.clock_offset = ev->clock_offset;
2672 ie->timestamp = jiffies;
2673 }
2674 }
2675
2676 hci_dev_unlock(hdev);
2677}
2678
a8746417
MH		 2679static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2680{
2681 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2682 struct hci_conn *conn;
2683
2684 BT_DBG("%s status %d", hdev->name, ev->status);
2685
2686 hci_dev_lock(hdev);
2687
2688 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2689 if (conn && !ev->status)
2690 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2691
2692 hci_dev_unlock(hdev);
2693}
2694
85a1e930
MH		 2695static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2696{
a9de9248 2697 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2698 struct inquiry_entry *ie;
2699
2700 BT_DBG("%s", hdev->name);
2701
2702 hci_dev_lock(hdev);
2703
cc11b9c1
AE		 2704 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2705 if (ie) {
85a1e930
MH		 2706 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2707 ie->timestamp = jiffies;
2708 }
2709
2710 hci_dev_unlock(hdev);
2711}
2712
a9de9248
MH		 2713static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2714{
2715 struct inquiry_data data;
2716 int num_rsp = *((__u8 *) skb->data);
3175405b 2717 bool name_known;
a9de9248
MH		 2718
2719 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2720
2721 if (!num_rsp)
2722 return;
2723
2724 hci_dev_lock(hdev);
2725
2726 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2727 struct inquiry_info_with_rssi_and_pscan_mode *info;
2728 info = (void *) (skb->data + 1);
a9de9248 2729
e17acd40 2730 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2731 bacpy(&data.bdaddr, &info->bdaddr);
2732 data.pscan_rep_mode = info->pscan_rep_mode;
2733 data.pscan_period_mode = info->pscan_period_mode;
2734 data.pscan_mode = info->pscan_mode;
2735 memcpy(data.dev_class, info->dev_class, 3);
2736 data.clock_offset = info->clock_offset;
2737 data.rssi = info->rssi;
41a96212 2738 data.ssp_mode = 0x00;
3175405b
JH		 2739
2740 name_known = hci_inquiry_cache_update(hdev, &data,
2741 false);
48264f06 2742 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2743 info->dev_class, info->rssi,
7d262f86 2744 !name_known, NULL, 0);
a9de9248
MH		 2745 }
2746 } else {
2747 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2748
e17acd40 2749 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2750 bacpy(&data.bdaddr, &info->bdaddr);
2751 data.pscan_rep_mode = info->pscan_rep_mode;
2752 data.pscan_period_mode = info->pscan_period_mode;
2753 data.pscan_mode = 0x00;
2754 memcpy(data.dev_class, info->dev_class, 3);
2755 data.clock_offset = info->clock_offset;
2756 data.rssi = info->rssi;
41a96212 2757 data.ssp_mode = 0x00;
3175405b
JH		 2758 name_known = hci_inquiry_cache_update(hdev, &data,
2759 false);
48264f06 2760 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2761 info->dev_class, info->rssi,
7d262f86 2762 !name_known, NULL, 0);
a9de9248
MH		 2763 }
2764 }
2765
2766 hci_dev_unlock(hdev);
2767}
2768
2769static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2770{
41a96212
MH		 2771 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2772 struct hci_conn *conn;
2773
a9de9248 2774 BT_DBG("%s", hdev->name);
41a96212 2775
41a96212
MH		 2776 hci_dev_lock(hdev);
2777
2778 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2779 if (!conn)
2780 goto unlock;
41a96212 2781
ccd556fe
JH		 2782 if (!ev->status && ev->page == 0x01) {
2783 struct inquiry_entry *ie;
41a96212 2784
cc11b9c1
AE		 2785 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2786 if (ie)
ccd556fe 2787 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2788
58a681ef
JH		 2789 if (ev->features[0] & 0x01)
2790 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2791 }
2792
2793 if (conn->state != BT_CONFIG)
2794 goto unlock;
2795
127178d2
JH		 2796 if (!ev->status) {
2797 struct hci_cp_remote_name_req cp;
2798 memset(&cp, 0, sizeof(cp));
2799 bacpy(&cp.bdaddr, &conn->dst);
2800 cp.pscan_rep_mode = 0x02;
2801 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2802 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2803 mgmt_device_connected(hdev, &conn->dst, conn->type,
2804 conn->dst_type, NULL, 0,
2805 conn->dev_class);
392599b9 2806
127178d2 2807 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2808 conn->state = BT_CONNECTED;
2809 hci_proto_connect_cfm(conn, ev->status);
2810 hci_conn_put(conn);
41a96212
MH		 2811 }
2812
ccd556fe 2813unlock:
41a96212 2814 hci_dev_unlock(hdev);
a9de9248
MH		 2815}
2816
2817static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2818{
b6a0dc82
MH		 2819 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2820 struct hci_conn *conn;
2821
2822 BT_DBG("%s status %d", hdev->name, ev->status);
2823
2824 hci_dev_lock(hdev);
2825
2826 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2827 if (!conn) {
2828 if (ev->link_type == ESCO_LINK)
2829 goto unlock;
2830
2831 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2832 if (!conn)
2833 goto unlock;
2834
2835 conn->type = SCO_LINK;
2836 }
b6a0dc82 2837
732547f9
MH		 2838 switch (ev->status) {
2839 case 0x00:
b6a0dc82
MH		 2840 conn->handle = __le16_to_cpu(ev->handle);
2841 conn->state = BT_CONNECTED;
7d0db0a3 2842
9eba32b8 2843 hci_conn_hold_device(conn);
7d0db0a3 2844 hci_conn_add_sysfs(conn);
732547f9
MH		 2845 break;
2846
705e5711 2847 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2848 case 0x1c: /* SCO interval rejected */
1038a00b 2849 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2850 case 0x1f: /* Unspecified error */
2851 if (conn->out && conn->attempt < 2) {
2852 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2853 (hdev->esco_type & EDR_ESCO_MASK);
2854 hci_setup_sync(conn, conn->link->handle);
2855 goto unlock;
2856 }
2857 /* fall through */
2858
2859 default:
b6a0dc82 2860 conn->state = BT_CLOSED;
732547f9
MH		 2861 break;
2862 }
b6a0dc82
MH		 2863
2864 hci_proto_connect_cfm(conn, ev->status);
2865 if (ev->status)
2866 hci_conn_del(conn);
2867
2868unlock:
2869 hci_dev_unlock(hdev);
a9de9248
MH		 2870}
2871
2872static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2873{
2874 BT_DBG("%s", hdev->name);
2875}
2876
04837f64
MH		 2877static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2878{
a9de9248 2879 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2880
2881 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2882}
2883
a9de9248 2884static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2885{
a9de9248
MH		 2886 struct inquiry_data data;
2887 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2888 int num_rsp = *((__u8 *) skb->data);
1da177e4 2889
a9de9248 2890 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2891
a9de9248
MH		 2892 if (!num_rsp)
2893 return;
1da177e4 2894
a9de9248
MH		 2895 hci_dev_lock(hdev);
2896
e17acd40 2897 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2898 bool name_known;
2899
a9de9248 2900 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2901 data.pscan_rep_mode = info->pscan_rep_mode;
2902 data.pscan_period_mode = info->pscan_period_mode;
2903 data.pscan_mode = 0x00;
a9de9248 2904 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2905 data.clock_offset = info->clock_offset;
2906 data.rssi = info->rssi;
41a96212 2907 data.ssp_mode = 0x01;
561aafbc 2908
a8b2d5c2 2909 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2910 name_known = eir_has_data_type(info->data,
2911 sizeof(info->data),
2912 EIR_NAME_COMPLETE);
561aafbc
JH		 2913 else
2914 name_known = true;
2915
3175405b 2916 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2917 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2918 info->dev_class, info->rssi,
7d262f86
AG		 2919 !name_known, info->data,
2920 sizeof(info->data));
a9de9248
MH		 2921 }
2922
2923 hci_dev_unlock(hdev);
2924}
1da177e4 2925
17fa4b9d
JH		 2926static inline u8 hci_get_auth_req(struct hci_conn *conn)
2927{
2928 /* If remote requests dedicated bonding follow that lead */
2929 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2930 /* If both remote and local IO capabilities allow MITM
2931 * protection then require it, otherwise don't */
2932 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2933 return 0x02;
2934 else
2935 return 0x03;
2936 }
2937
2938 /* If remote requests no-bonding follow that lead */
2939 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2940 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2941
2942 return conn->auth_type;
2943}
2944
0493684e
MH		 2945static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2946{
2947 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2948 struct hci_conn *conn;
2949
2950 BT_DBG("%s", hdev->name);
2951
2952 hci_dev_lock(hdev);
2953
2954 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 2955 if (!conn)
2956 goto unlock;
2957
2958 hci_conn_hold(conn);
2959
a8b2d5c2 2960 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 2961 goto unlock;
2962
a8b2d5c2 2963 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 2964 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 2965 struct hci_cp_io_capability_reply cp;
2966
2967 bacpy(&cp.bdaddr, &ev->bdaddr);
2968 cp.capability = conn->io_capability;
7cbc9bd9
JH		 2969 conn->auth_type = hci_get_auth_req(conn);
2970 cp.authentication = conn->auth_type;
17fa4b9d 2971
58a681ef 2972 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 2973 hci_find_remote_oob_data(hdev, &conn->dst))
2974 cp.oob_data = 0x01;
2975 else
2976 cp.oob_data = 0x00;
2977
17fa4b9d
JH		 2978 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2979 sizeof(cp), &cp);
03b555e1
JH		 2980 } else {
2981 struct hci_cp_io_capability_neg_reply cp;
2982
2983 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 2984 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 2985
03b555e1
JH		 2986 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2987 sizeof(cp), &cp);
2988 }
2989
2990unlock:
2991 hci_dev_unlock(hdev);
2992}
2993
2994static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2995{
2996 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2997 struct hci_conn *conn;
2998
2999 BT_DBG("%s", hdev->name);
3000
3001 hci_dev_lock(hdev);
3002
3003 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3004 if (!conn)
3005 goto unlock;
3006
03b555e1 3007 conn->remote_cap = ev->capability;
03b555e1 3008 conn->remote_auth = ev->authentication;
58a681ef
JH		 3009 if (ev->oob_data)
3010 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3011
3012unlock:
0493684e
MH		 3013 hci_dev_unlock(hdev);
3014}
3015
a5c29683
JH		 3016static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3017 struct sk_buff *skb)
3018{
3019 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3020 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3021 struct hci_conn *conn;
a5c29683
JH		 3022
3023 BT_DBG("%s", hdev->name);
3024
3025 hci_dev_lock(hdev);
3026
a8b2d5c2 3027 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3028 goto unlock;
a5c29683 3029
7a828908
JH		 3030 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3031 if (!conn)
3032 goto unlock;
3033
3034 loc_mitm = (conn->auth_type & 0x01);
3035 rem_mitm = (conn->remote_auth & 0x01);
3036
3037 /* If we require MITM but the remote device can't provide that
3038 * (it has NoInputNoOutput) then reject the confirmation
3039 * request. The only exception is when we're dedicated bonding
3040 * initiators (connect_cfm_cb set) since then we always have the MITM
3041 * bit set. */
3042 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3043 BT_DBG("Rejecting request: remote device can't provide MITM");
3044 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3045 sizeof(ev->bdaddr), &ev->bdaddr);
3046 goto unlock;
3047 }
3048
3049 /* If no side requires MITM protection; auto-accept */
3050 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3051 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3052
3053 /* If we're not the initiators request authorization to
3054 * proceed from user space (mgmt_user_confirm with
3055 * confirm_hint set to 1). */
51a8efd7 3056 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3057 BT_DBG("Confirming auto-accept as acceptor");
3058 confirm_hint = 1;
3059 goto confirm;
3060 }
3061
9f61656a
JH		 3062 BT_DBG("Auto-accept of user confirmation with %ums delay",
3063 hdev->auto_accept_delay);
3064
3065 if (hdev->auto_accept_delay > 0) {
3066 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3067 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3068 goto unlock;
3069 }
3070
7a828908
JH		 3071 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3072 sizeof(ev->bdaddr), &ev->bdaddr);
3073 goto unlock;
3074 }
3075
55bc1a37 3076confirm:
744cf19e 3077 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
55bc1a37 3078 confirm_hint);
7a828908
JH		 3079
3080unlock:
a5c29683
JH		 3081 hci_dev_unlock(hdev);
3082}
3083
1143d458
BG		 3084static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3085 struct sk_buff *skb)
3086{
3087 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3088
3089 BT_DBG("%s", hdev->name);
3090
3091 hci_dev_lock(hdev);
3092
a8b2d5c2 3093 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 3094 mgmt_user_passkey_request(hdev, &ev->bdaddr);
3095
3096 hci_dev_unlock(hdev);
3097}
3098
0493684e
MH		 3099static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3100{
3101 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3102 struct hci_conn *conn;
3103
3104 BT_DBG("%s", hdev->name);
3105
3106 hci_dev_lock(hdev);
3107
3108 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3109 if (!conn)
3110 goto unlock;
3111
3112 /* To avoid duplicate auth_failed events to user space we check
3113 * the HCI_CONN_AUTH_PEND flag which will be set if we
3114 * initiated the authentication. A traditional auth_complete
3115 * event gets always produced as initiator and is also mapped to
3116 * the mgmt_auth_failed event */
51a8efd7 3117 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
744cf19e 3118 mgmt_auth_failed(hdev, &conn->dst, ev->status);
0493684e 3119
2a611692
JH		 3120 hci_conn_put(conn);
3121
3122unlock:
0493684e
MH		 3123 hci_dev_unlock(hdev);
3124}
3125
41a96212
MH		 3126static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3127{
3128 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3129 struct inquiry_entry *ie;
3130
3131 BT_DBG("%s", hdev->name);
3132
3133 hci_dev_lock(hdev);
3134
cc11b9c1
AE		 3135 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3136 if (ie)
41a96212
MH		 3137 ie->data.ssp_mode = (ev->features[0] & 0x01);
3138
3139 hci_dev_unlock(hdev);
3140}
3141
2763eda6
SJ		 3142static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3143 struct sk_buff *skb)
3144{
3145 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3146 struct oob_data *data;
3147
3148 BT_DBG("%s", hdev->name);
3149
3150 hci_dev_lock(hdev);
3151
a8b2d5c2 3152 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3153 goto unlock;
3154
2763eda6
SJ		 3155 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3156 if (data) {
3157 struct hci_cp_remote_oob_data_reply cp;
3158
3159 bacpy(&cp.bdaddr, &ev->bdaddr);
3160 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3161 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3162
3163 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3164 &cp);
3165 } else {
3166 struct hci_cp_remote_oob_data_neg_reply cp;
3167
3168 bacpy(&cp.bdaddr, &ev->bdaddr);
3169 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3170 &cp);
3171 }
3172
e1ba1f15 3173unlock:
2763eda6
SJ		 3174 hci_dev_unlock(hdev);
3175}
3176
fcd89c09
VT		 3177static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3178{
3179 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3180 struct hci_conn *conn;
3181
3182 BT_DBG("%s status %d", hdev->name, ev->status);
3183
3184 hci_dev_lock(hdev);
3185
3186 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3187 if (!conn) {
3188 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3189 if (!conn) {
3190 BT_ERR("No memory for new connection");
3191 hci_dev_unlock(hdev);
3192 return;
3193 }
29b7988a
AG		 3194
3195 conn->dst_type = ev->bdaddr_type;
b62f328b 3196 }
fcd89c09
VT		 3197
3198 if (ev->status) {
48264f06
JH		 3199 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3200 conn->dst_type, ev->status);
fcd89c09
VT		 3201 hci_proto_connect_cfm(conn, ev->status);
3202 conn->state = BT_CLOSED;
3203 hci_conn_del(conn);
3204 goto unlock;
3205 }
3206
b644ba33
JH		 3207 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3208 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3209 conn->dst_type, NULL, 0, 0);
83bc71b4 3210
7b5c0d52 3211 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3212 conn->handle = __le16_to_cpu(ev->handle);
3213 conn->state = BT_CONNECTED;
3214
3215 hci_conn_hold_device(conn);
3216 hci_conn_add_sysfs(conn);
3217
3218 hci_proto_connect_cfm(conn, ev->status);
3219
3220unlock:
3221 hci_dev_unlock(hdev);
3222}
3223
9aa04c91
AG		 3224static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3225 struct sk_buff *skb)
3226{
e95beb41
AG		 3227 u8 num_reports = skb->data[0];
3228 void *ptr = &skb->data[1];
3c9e9195 3229 s8 rssi;
9aa04c91
AG		 3230
3231 hci_dev_lock(hdev);
3232
e95beb41
AG		 3233 while (num_reports--) {
3234 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3235
9aa04c91 3236 hci_add_adv_entry(hdev, ev);
e95beb41 3237
3c9e9195
AG		 3238 rssi = ev->data[ev->length];
3239 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3240 NULL, rssi, 0, ev->data, ev->length);
3241
e95beb41 3242 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3243 }
3244
3245 hci_dev_unlock(hdev);
3246}
3247
a7a595f6
VCG		 3248static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3249 struct sk_buff *skb)
3250{
3251 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3252 struct hci_cp_le_ltk_reply cp;
bea710fe 3253 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3254 struct hci_conn *conn;
bea710fe 3255 struct link_key *ltk;
a7a595f6
VCG		 3256
3257 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3258
3259 hci_dev_lock(hdev);
3260
3261 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3262 if (conn == NULL)
3263 goto not_found;
a7a595f6 3264
bea710fe
VCG		 3265 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3266 if (ltk == NULL)
3267 goto not_found;
3268
3269 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3270 cp.handle = cpu_to_le16(conn->handle);
726b4ffc 3271 conn->pin_length = ltk->pin_len;
a7a595f6
VCG		 3272
3273 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3274
3275 hci_dev_unlock(hdev);
bea710fe
VCG		 3276
3277 return;
3278
3279not_found:
3280 neg.handle = ev->handle;
3281 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3282 hci_dev_unlock(hdev);
a7a595f6
VCG		 3283}
3284
fcd89c09
VT		 3285static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3286{
3287 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3288
3289 skb_pull(skb, sizeof(*le_ev));
3290
3291 switch (le_ev->subevent) {
3292 case HCI_EV_LE_CONN_COMPLETE:
3293 hci_le_conn_complete_evt(hdev, skb);
3294 break;
3295
9aa04c91
AG		 3296 case HCI_EV_LE_ADVERTISING_REPORT:
3297 hci_le_adv_report_evt(hdev, skb);
3298 break;
3299
a7a595f6
VCG		 3300 case HCI_EV_LE_LTK_REQ:
3301 hci_le_ltk_request_evt(hdev, skb);
3302 break;
3303
fcd89c09
VT		 3304 default:
3305 break;
3306 }
3307}
3308
a9de9248
MH		 3309void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3310{
3311 struct hci_event_hdr *hdr = (void *) skb->data;
3312 __u8 event = hdr->evt;
3313
3314 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3315
3316 switch (event) {
1da177e4
LT		 3317 case HCI_EV_INQUIRY_COMPLETE:
3318 hci_inquiry_complete_evt(hdev, skb);
3319 break;
3320
3321 case HCI_EV_INQUIRY_RESULT:
3322 hci_inquiry_result_evt(hdev, skb);
3323 break;
3324
a9de9248
MH		 3325 case HCI_EV_CONN_COMPLETE:
3326 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3327 break;
3328
1da177e4
LT		 3329 case HCI_EV_CONN_REQUEST:
3330 hci_conn_request_evt(hdev, skb);
3331 break;
3332
1da177e4
LT		 3333 case HCI_EV_DISCONN_COMPLETE:
3334 hci_disconn_complete_evt(hdev, skb);
3335 break;
3336
1da177e4
LT		 3337 case HCI_EV_AUTH_COMPLETE:
3338 hci_auth_complete_evt(hdev, skb);
3339 break;
3340
a9de9248
MH		 3341 case HCI_EV_REMOTE_NAME:
3342 hci_remote_name_evt(hdev, skb);
3343 break;
3344
1da177e4
LT		 3345 case HCI_EV_ENCRYPT_CHANGE:
3346 hci_encrypt_change_evt(hdev, skb);
3347 break;
3348
a9de9248
MH		 3349 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3350 hci_change_link_key_complete_evt(hdev, skb);
3351 break;
3352
3353 case HCI_EV_REMOTE_FEATURES:
3354 hci_remote_features_evt(hdev, skb);
3355 break;
3356
3357 case HCI_EV_REMOTE_VERSION:
3358 hci_remote_version_evt(hdev, skb);
3359 break;
3360
3361 case HCI_EV_QOS_SETUP_COMPLETE:
3362 hci_qos_setup_complete_evt(hdev, skb);
3363 break;
3364
3365 case HCI_EV_CMD_COMPLETE:
3366 hci_cmd_complete_evt(hdev, skb);
3367 break;
3368
3369 case HCI_EV_CMD_STATUS:
3370 hci_cmd_status_evt(hdev, skb);
3371 break;
3372
3373 case HCI_EV_ROLE_CHANGE:
3374 hci_role_change_evt(hdev, skb);
3375 break;
3376
3377 case HCI_EV_NUM_COMP_PKTS:
3378 hci_num_comp_pkts_evt(hdev, skb);
3379 break;
3380
3381 case HCI_EV_MODE_CHANGE:
3382 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3383 break;
3384
3385 case HCI_EV_PIN_CODE_REQ:
3386 hci_pin_code_request_evt(hdev, skb);
3387 break;
3388
3389 case HCI_EV_LINK_KEY_REQ:
3390 hci_link_key_request_evt(hdev, skb);
3391 break;
3392
3393 case HCI_EV_LINK_KEY_NOTIFY:
3394 hci_link_key_notify_evt(hdev, skb);
3395 break;
3396
3397 case HCI_EV_CLOCK_OFFSET:
3398 hci_clock_offset_evt(hdev, skb);
3399 break;
3400
a8746417
MH		 3401 case HCI_EV_PKT_TYPE_CHANGE:
3402 hci_pkt_type_change_evt(hdev, skb);
3403 break;
3404
85a1e930
MH		 3405 case HCI_EV_PSCAN_REP_MODE:
3406 hci_pscan_rep_mode_evt(hdev, skb);
3407 break;
3408
a9de9248
MH		 3409 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3410 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3411 break;
3412
a9de9248
MH		 3413 case HCI_EV_REMOTE_EXT_FEATURES:
3414 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3415 break;
3416
a9de9248
MH		 3417 case HCI_EV_SYNC_CONN_COMPLETE:
3418 hci_sync_conn_complete_evt(hdev, skb);
3419 break;
1da177e4 3420
a9de9248
MH		 3421 case HCI_EV_SYNC_CONN_CHANGED:
3422 hci_sync_conn_changed_evt(hdev, skb);
3423 break;
1da177e4 3424
a9de9248
MH		 3425 case HCI_EV_SNIFF_SUBRATE:
3426 hci_sniff_subrate_evt(hdev, skb);
3427 break;
1da177e4 3428
a9de9248
MH		 3429 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3430 hci_extended_inquiry_result_evt(hdev, skb);
3431 break;
1da177e4 3432
0493684e
MH		 3433 case HCI_EV_IO_CAPA_REQUEST:
3434 hci_io_capa_request_evt(hdev, skb);
3435 break;
3436
03b555e1
JH		 3437 case HCI_EV_IO_CAPA_REPLY:
3438 hci_io_capa_reply_evt(hdev, skb);
3439 break;
3440
a5c29683
JH		 3441 case HCI_EV_USER_CONFIRM_REQUEST:
3442 hci_user_confirm_request_evt(hdev, skb);
3443 break;
3444
1143d458
BG		 3445 case HCI_EV_USER_PASSKEY_REQUEST:
3446 hci_user_passkey_request_evt(hdev, skb);
3447 break;
3448
0493684e
MH		 3449 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3450 hci_simple_pair_complete_evt(hdev, skb);
3451 break;
3452
41a96212
MH		 3453 case HCI_EV_REMOTE_HOST_FEATURES:
3454 hci_remote_host_features_evt(hdev, skb);
3455 break;
3456
fcd89c09
VT		 3457 case HCI_EV_LE_META:
3458 hci_le_meta_evt(hdev, skb);
3459 break;
3460
2763eda6
SJ		 3461 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3462 hci_remote_oob_data_request_evt(hdev, skb);
3463 break;
3464
25e89e99
AE		 3465 case HCI_EV_NUM_COMP_BLOCKS:
3466 hci_num_comp_blocks_evt(hdev, skb);
3467 break;
3468
a9de9248
MH		 3469 default:
3470 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3471 break;
3472 }
3473
3474 kfree_skb(skb);
3475 hdev->stat.evt_rx++;
3476}
3477
3478/* Generate internal stack event */
3479void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3480{
3481 struct hci_event_hdr *hdr;
3482 struct hci_ev_stack_internal *ev;
3483 struct sk_buff *skb;
3484
3485 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3486 if (!skb)
3487 return;
3488
3489 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3490 hdr->evt = HCI_EV_STACK_INTERNAL;
3491 hdr->plen = sizeof(*ev) + dlen;
3492
3493 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3494 ev->type = type;
3495 memcpy(ev->data, data, dlen);
3496
576c7d85 3497 bt_cb(skb)->incoming = 1;
a61bbcf2 3498 __net_timestamp(skb);
576c7d85 3499
0d48d939 3500 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 3501 skb->dev = (void *) hdev;
eec8d2bc 3502 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 3503 kfree_skb(skb);
3504}
e6100a25 3505
669bb396 3506module_param(enable_le, bool, 0644);
e6100a25 3507MODULE_PARM_DESC(enable_le, "Enable LE support");
Linux kernel - Deliverables
This page took 0.768724 seconds and 5 git commands to generate.