projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Track feature pages in a single table
[deliverable/linux.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <asm/unaligned.h>
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
f0d6a0ea 31#include <net/bluetooth/mgmt.h>
8e2a0d92 32#include <net/bluetooth/a2mp.h>
903e4541 33#include <net/bluetooth/amp.h>
1da177e4 34
1da177e4
LT		 35/* Handle HCI Event packets */
36
a9de9248 37static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 38{
a9de9248 39 __u8 status = *((__u8 *) skb->data);
1da177e4 40
9f1db00c 41 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 42
e6d465cb
AG		 43 if (status) {
44 hci_dev_lock(hdev);
45 mgmt_stop_discovery_failed(hdev, status);
46 hci_dev_unlock(hdev);
a9de9248 47 return;
e6d465cb 48 }
1da177e4 49
89352e7d 50 clear_bit(HCI_INQUIRY, &hdev->flags);
3e13fa1e
AG		 51 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
52 wake_up_bit(&hdev->flags, HCI_INQUIRY);
89352e7d 53
56e5cb86 54 hci_dev_lock(hdev);
ff9ef578 55 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 56 hci_dev_unlock(hdev);
6bd57416 57
a9de9248
MH		 58 hci_conn_check_pending(hdev);
59}
6bd57416 60
4d93483b
AG		 61static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
62{
63 __u8 status = *((__u8 *) skb->data);
64
9f1db00c 65 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 66
67 if (status)
68 return;
69
70 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 71}
72
a9de9248
MH		 73static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
74{
75 __u8 status = *((__u8 *) skb->data);
6bd57416 76
9f1db00c 77 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 78
a9de9248
MH		 79 if (status)
80 return;
1da177e4 81
ae854a70
AG		 82 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
83
a9de9248
MH		 84 hci_conn_check_pending(hdev);
85}
86
807deac2
GP		 87static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
88 struct sk_buff *skb)
a9de9248
MH		 89{
90 BT_DBG("%s", hdev->name);
91}
92
93static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
94{
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
97
9f1db00c 98 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 99
100 if (rp->status)
101 return;
102
103 hci_dev_lock(hdev);
104
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
106 if (conn) {
107 if (rp->role)
108 conn->link_mode &= ~HCI_LM_MASTER;
109 else
110 conn->link_mode |= HCI_LM_MASTER;
1da177e4 111 }
a9de9248
MH		 112
113 hci_dev_unlock(hdev);
1da177e4
LT		 114}
115
e4e8e37c
MH		 116static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
117{
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
120
9f1db00c 121 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 122
123 if (rp->status)
124 return;
125
126 hci_dev_lock(hdev);
127
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
129 if (conn)
130 conn->link_policy = __le16_to_cpu(rp->policy);
131
132 hci_dev_unlock(hdev);
133}
134
a9de9248 135static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 136{
a9de9248 137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 138 struct hci_conn *conn;
04837f64 139 void *sent;
1da177e4 140
9f1db00c 141 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 142
a9de9248
MH		 143 if (rp->status)
144 return;
1da177e4 145
a9de9248
MH		 146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
147 if (!sent)
148 return;
1da177e4 149
a9de9248 150 hci_dev_lock(hdev);
1da177e4 151
a9de9248 152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 153 if (conn)
83985319 154 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 155
a9de9248
MH		 156 hci_dev_unlock(hdev);
157}
1da177e4 158
807deac2
GP		 159static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
160 struct sk_buff *skb)
e4e8e37c
MH		 161{
162 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
163
9f1db00c 164 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 165
166 if (rp->status)
167 return;
168
169 hdev->link_policy = __le16_to_cpu(rp->policy);
170}
171
807deac2
GP		 172static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
173 struct sk_buff *skb)
e4e8e37c
MH		 174{
175 __u8 status = *((__u8 *) skb->data);
176 void *sent;
177
9f1db00c 178 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 179
180 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
181 if (!sent)
182 return;
183
184 if (!status)
185 hdev->link_policy = get_unaligned_le16(sent);
e4e8e37c
MH		 186}
187
a9de9248
MH		 188static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
189{
190 __u8 status = *((__u8 *) skb->data);
04837f64 191
9f1db00c 192 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 193
10572132
GP		 194 clear_bit(HCI_RESET, &hdev->flags);
195
a297e97c 196 /* Reset all non-persistent flags */
2cc6fb00 197 hdev->dev_flags &= ~HCI_PERSISTENT_MASK;
69775ff6
AG		 198
199 hdev->discovery.state = DISCOVERY_STOPPED;
bbaf444a
JH		 200 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
201 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
3f0f524b
JH		 202
203 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
204 hdev->adv_data_len = 0;
a9de9248 205}
04837f64 206
a9de9248
MH		 207static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
208{
209 __u8 status = *((__u8 *) skb->data);
210 void *sent;
04837f64 211
9f1db00c 212 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 213
a9de9248
MH		 214 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
215 if (!sent)
216 return;
04837f64 217
56e5cb86
JH		 218 hci_dev_lock(hdev);
219
f51d5b24
JH		 220 if (test_bit(HCI_MGMT, &hdev->dev_flags))
221 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 222 else if (!status)
223 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 224
56e5cb86 225 hci_dev_unlock(hdev);
a9de9248
MH		 226}
227
228static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
229{
230 struct hci_rp_read_local_name *rp = (void *) skb->data;
231
9f1db00c 232 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 233
234 if (rp->status)
235 return;
236
db99b5fc
JH		 237 if (test_bit(HCI_SETUP, &hdev->dev_flags))
238 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 239}
240
241static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
242{
243 __u8 status = *((__u8 *) skb->data);
244 void *sent;
245
9f1db00c 246 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 247
248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
249 if (!sent)
250 return;
251
252 if (!status) {
253 __u8 param = *((__u8 *) sent);
254
255 if (param == AUTH_ENABLED)
256 set_bit(HCI_AUTH, &hdev->flags);
257 else
258 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 259 }
a9de9248 260
33ef95ed
JH		 261 if (test_bit(HCI_MGMT, &hdev->dev_flags))
262 mgmt_auth_enable_complete(hdev, status);
1da177e4
LT		 263}
264
a9de9248 265static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 266{
a9de9248 267 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 268 void *sent;
269
9f1db00c 270 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 271
a9de9248
MH		 272 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
273 if (!sent)
274 return;
1da177e4 275
a9de9248
MH		 276 if (!status) {
277 __u8 param = *((__u8 *) sent);
278
279 if (param)
280 set_bit(HCI_ENCRYPT, &hdev->flags);
281 else
282 clear_bit(HCI_ENCRYPT, &hdev->flags);
283 }
a9de9248 284}
1da177e4 285
a9de9248
MH		 286static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
287{
36f7fc7e
JH		 288 __u8 param, status = *((__u8 *) skb->data);
289 int old_pscan, old_iscan;
a9de9248 290 void *sent;
1da177e4 291
9f1db00c 292 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 293
a9de9248
MH		 294 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
295 if (!sent)
296 return;
1da177e4 297
36f7fc7e
JH		 298 param = *((__u8 *) sent);
299
56e5cb86
JH		 300 hci_dev_lock(hdev);
301
fa1bd918 302 if (status) {
744cf19e 303 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 304 hdev->discov_timeout = 0;
305 goto done;
306 }
307
36f7fc7e
JH		 308 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
309 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
310
311 if (param & SCAN_INQUIRY) {
312 set_bit(HCI_ISCAN, &hdev->flags);
313 if (!old_iscan)
744cf19e 314 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 315 if (hdev->discov_timeout > 0) {
316 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
317 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 318 to);
16ab91ab 319 }
36f7fc7e 320 } else if (old_iscan)
744cf19e 321 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 322
323 if (param & SCAN_PAGE) {
324 set_bit(HCI_PSCAN, &hdev->flags);
325 if (!old_pscan)
744cf19e 326 mgmt_connectable(hdev, 1);
36f7fc7e 327 } else if (old_pscan)
744cf19e 328 mgmt_connectable(hdev, 0);
1da177e4 329
36f7fc7e 330done:
56e5cb86 331 hci_dev_unlock(hdev);
a9de9248 332}
1da177e4 333
a9de9248
MH		 334static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
335{
336 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 337
9f1db00c 338 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 339
a9de9248
MH		 340 if (rp->status)
341 return;
1da177e4 342
a9de9248 343 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 344
a9de9248 345 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 346 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 347}
1da177e4 348
a9de9248
MH		 349static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
350{
351 __u8 status = *((__u8 *) skb->data);
352 void *sent;
1da177e4 353
9f1db00c 354 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 355
a9de9248
MH		 356 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
357 if (!sent)
358 return;
1da177e4 359
7f9a903c
MH		 360 hci_dev_lock(hdev);
361
362 if (status == 0)
363 memcpy(hdev->dev_class, sent, 3);
364
365 if (test_bit(HCI_MGMT, &hdev->dev_flags))
366 mgmt_set_class_of_dev_complete(hdev, sent, status);
367
368 hci_dev_unlock(hdev);
a9de9248 369}
1da177e4 370
a9de9248
MH		 371static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
372{
373 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
374 __u16 setting;
375
9f1db00c 376 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 377
378 if (rp->status)
379 return;
380
381 setting = __le16_to_cpu(rp->voice_setting);
382
f383f275 383 if (hdev->voice_setting == setting)
a9de9248
MH		 384 return;
385
386 hdev->voice_setting = setting;
387
9f1db00c 388 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 389
3c54711c 390 if (hdev->notify)
a9de9248 391 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 392}
393
8fc9ced3
GP		 394static void hci_cc_write_voice_setting(struct hci_dev *hdev,
395 struct sk_buff *skb)
a9de9248
MH		 396{
397 __u8 status = *((__u8 *) skb->data);
f383f275 398 __u16 setting;
a9de9248
MH		 399 void *sent;
400
9f1db00c 401 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 402
f383f275
MH		 403 if (status)
404 return;
405
a9de9248
MH		 406 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
407 if (!sent)
408 return;
1da177e4 409
f383f275 410 setting = get_unaligned_le16(sent);
1da177e4 411
f383f275
MH		 412 if (hdev->voice_setting == setting)
413 return;
414
415 hdev->voice_setting = setting;
1da177e4 416
9f1db00c 417 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 418
3c54711c 419 if (hdev->notify)
f383f275 420 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 421}
422
333140b5
MH		 423static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424{
425 __u8 status = *((__u8 *) skb->data);
5ed8eb2f 426 struct hci_cp_write_ssp_mode *sent;
333140b5 427
9f1db00c 428 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 429
333140b5
MH		 430 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
431 if (!sent)
432 return;
433
5ed8eb2f
JH		 434 if (!status) {
435 if (sent->mode)
cad718ed 436 hdev->features[1][0] |= LMP_HOST_SSP;
5ed8eb2f 437 else
cad718ed 438 hdev->features[1][0] &= ~LMP_HOST_SSP;
5ed8eb2f
JH		 439 }
440
ed2c4ee3 441 if (test_bit(HCI_MGMT, &hdev->dev_flags))
5ed8eb2f 442 mgmt_ssp_enable_complete(hdev, sent->mode, status);
c0ecddc2 443 else if (!status) {
5ed8eb2f 444 if (sent->mode)
c0ecddc2
JH		 445 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
446 else
447 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
448 }
333140b5
MH		 449}
450
a9de9248
MH		 451static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
452{
453 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 454
9f1db00c 455 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 456
a9de9248 457 if (rp->status)
42c6b129 458 return;
1143e5a6 459
a9de9248 460 hdev->hci_ver = rp->hci_ver;
e4e8e37c 461 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 462 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 463 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 464 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 465
9f1db00c 466 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 467 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 468}
469
8fc9ced3
GP		 470static void hci_cc_read_local_commands(struct hci_dev *hdev,
471 struct sk_buff *skb)
a9de9248
MH		 472{
473 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 474
9f1db00c 475 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 476
2177bab5
JH		 477 if (!rp->status)
478 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
a9de9248 479}
1da177e4 480
8fc9ced3
GP		 481static void hci_cc_read_local_features(struct hci_dev *hdev,
482 struct sk_buff *skb)
a9de9248
MH		 483{
484 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 485
9f1db00c 486 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 487
a9de9248
MH		 488 if (rp->status)
489 return;
5b7f9909 490
a9de9248 491 memcpy(hdev->features, rp->features, 8);
5b7f9909 492
a9de9248
MH		 493 /* Adjust default settings according to features
494 * supported by device. */
1da177e4 495
cad718ed 496 if (hdev->features[0][0] & LMP_3SLOT)
a9de9248 497 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 498
cad718ed 499 if (hdev->features[0][0] & LMP_5SLOT)
a9de9248 500 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 501
cad718ed 502 if (hdev->features[0][1] & LMP_HV2) {
a9de9248
MH		 503 hdev->pkt_type |= (HCI_HV2);
504 hdev->esco_type |= (ESCO_HV2);
505 }
1da177e4 506
cad718ed 507 if (hdev->features[0][1] & LMP_HV3) {
a9de9248
MH		 508 hdev->pkt_type |= (HCI_HV3);
509 hdev->esco_type |= (ESCO_HV3);
510 }
1da177e4 511
45db810f 512 if (lmp_esco_capable(hdev))
a9de9248 513 hdev->esco_type |= (ESCO_EV3);
da1f5198 514
cad718ed 515 if (hdev->features[0][4] & LMP_EV4)
a9de9248 516 hdev->esco_type |= (ESCO_EV4);
da1f5198 517
cad718ed 518 if (hdev->features[0][4] & LMP_EV5)
a9de9248 519 hdev->esco_type |= (ESCO_EV5);
1da177e4 520
cad718ed 521 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
efc7688b
MH		 522 hdev->esco_type |= (ESCO_2EV3);
523
cad718ed 524 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
efc7688b
MH		 525 hdev->esco_type |= (ESCO_3EV3);
526
cad718ed 527 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
efc7688b
MH		 528 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
529
a9de9248 530 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
cad718ed
JH		 531 hdev->features[0][0], hdev->features[0][1],
532 hdev->features[0][2], hdev->features[0][3],
533 hdev->features[0][4], hdev->features[0][5],
534 hdev->features[0][6], hdev->features[0][7]);
a9de9248 535}
1da177e4 536
971e3a4b 537static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 538 struct sk_buff *skb)
971e3a4b
AG		 539{
540 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
541
9f1db00c 542 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 543
544 if (rp->status)
42c6b129 545 return;
971e3a4b 546
cad718ed
JH		 547 if (rp->page < HCI_MAX_PAGES)
548 memcpy(hdev->features[rp->page], rp->features, 8);
971e3a4b
AG		 549}
550
1e89cffb 551static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 552 struct sk_buff *skb)
1e89cffb
AE		 553{
554 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
555
9f1db00c 556 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb 557
42c6b129
JH		 558 if (!rp->status)
559 hdev->flow_ctl_mode = rp->mode;
1e89cffb
AE		 560}
561
a9de9248
MH		 562static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
563{
564 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 565
9f1db00c 566 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 567
a9de9248
MH		 568 if (rp->status)
569 return;
1da177e4 570
a9de9248
MH		 571 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
572 hdev->sco_mtu = rp->sco_mtu;
573 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
574 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
575
576 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
577 hdev->sco_mtu = 64;
578 hdev->sco_pkts = 8;
1da177e4 579 }
a9de9248
MH		 580
581 hdev->acl_cnt = hdev->acl_pkts;
582 hdev->sco_cnt = hdev->sco_pkts;
583
807deac2
GP		 584 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
585 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 586}
587
588static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
589{
590 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
591
9f1db00c 592 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 593
594 if (!rp->status)
595 bacpy(&hdev->bdaddr, &rp->bdaddr);
23bb5763
JH		 596}
597
f332ec66
JH		 598static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
599 struct sk_buff *skb)
600{
601 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
602
603 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
604
605 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status) {
606 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
607 hdev->page_scan_window = __le16_to_cpu(rp->window);
608 }
609}
610
4a3ee763
JH		 611static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
612 struct sk_buff *skb)
613{
614 u8 status = *((u8 *) skb->data);
615 struct hci_cp_write_page_scan_activity *sent;
616
617 BT_DBG("%s status 0x%2.2x", hdev->name, status);
618
619 if (status)
620 return;
621
622 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
623 if (!sent)
624 return;
625
626 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
627 hdev->page_scan_window = __le16_to_cpu(sent->window);
628}
629
f332ec66
JH		 630static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
631 struct sk_buff *skb)
632{
633 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
634
635 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
636
637 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status)
638 hdev->page_scan_type = rp->type;
639}
640
4a3ee763
JH		 641static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
642 struct sk_buff *skb)
643{
644 u8 status = *((u8 *) skb->data);
645 u8 *type;
646
647 BT_DBG("%s status 0x%2.2x", hdev->name, status);
648
649 if (status)
650 return;
651
652 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
653 if (type)
654 hdev->page_scan_type = *type;
655}
656
350ee4cf 657static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 658 struct sk_buff *skb)
350ee4cf
AE		 659{
660 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
661
9f1db00c 662 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 663
664 if (rp->status)
665 return;
666
667 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
668 hdev->block_len = __le16_to_cpu(rp->block_len);
669 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
670
671 hdev->block_cnt = hdev->num_blocks;
672
673 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 674 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 675}
676
928abaa7 677static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 678 struct sk_buff *skb)
928abaa7
AE		 679{
680 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
681
9f1db00c 682 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 683
684 if (rp->status)
8e2a0d92 685 goto a2mp_rsp;
928abaa7
AE		 686
687 hdev->amp_status = rp->amp_status;
688 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
689 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
690 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
691 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
692 hdev->amp_type = rp->amp_type;
693 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
694 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
695 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
696 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
697
8e2a0d92
AE		 698a2mp_rsp:
699 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 700}
701
903e4541
AE		 702static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
703 struct sk_buff *skb)
704{
705 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
706 struct amp_assoc *assoc = &hdev->loc_assoc;
707 size_t rem_len, frag_len;
708
709 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
710
711 if (rp->status)
712 goto a2mp_rsp;
713
714 frag_len = skb->len - sizeof(*rp);
715 rem_len = __le16_to_cpu(rp->rem_len);
716
717 if (rem_len > frag_len) {
2e430be3 718 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 719
720 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
721 assoc->offset += frag_len;
722
723 /* Read other fragments */
724 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
725
726 return;
727 }
728
729 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
730 assoc->len = assoc->offset + rem_len;
731 assoc->offset = 0;
732
733a2mp_rsp:
734 /* Send A2MP Rsp when all fragments are received */
735 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 736 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 737}
738
d5859e22 739static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 740 struct sk_buff *skb)
d5859e22 741{
91c4e9b1 742 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 743
9f1db00c 744 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 745
746 if (!rp->status)
747 hdev->inq_tx_power = rp->tx_power;
d5859e22
JH		 748}
749
980e1a53
JH		 750static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
751{
752 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
753 struct hci_cp_pin_code_reply *cp;
754 struct hci_conn *conn;
755
9f1db00c 756 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 757
56e5cb86
JH		 758 hci_dev_lock(hdev);
759
a8b2d5c2 760 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 761 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 762
fa1bd918 763 if (rp->status)
56e5cb86 764 goto unlock;
980e1a53
JH		 765
766 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
767 if (!cp)
56e5cb86 768 goto unlock;
980e1a53
JH		 769
770 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
771 if (conn)
772 conn->pin_length = cp->pin_len;
56e5cb86
JH		 773
774unlock:
775 hci_dev_unlock(hdev);
980e1a53
JH		 776}
777
778static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
779{
780 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
781
9f1db00c 782 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 783
56e5cb86
JH		 784 hci_dev_lock(hdev);
785
a8b2d5c2 786 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 787 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 788 rp->status);
56e5cb86
JH		 789
790 hci_dev_unlock(hdev);
980e1a53 791}
56e5cb86 792
6ed58ec5
VT		 793static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
794 struct sk_buff *skb)
795{
796 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
797
9f1db00c 798 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 799
800 if (rp->status)
801 return;
802
803 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
804 hdev->le_pkts = rp->le_max_pkt;
805
806 hdev->le_cnt = hdev->le_pkts;
807
808 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
6ed58ec5 809}
980e1a53 810
60e77321
JH		 811static void hci_cc_le_read_local_features(struct hci_dev *hdev,
812 struct sk_buff *skb)
813{
814 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
815
816 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
817
818 if (!rp->status)
819 memcpy(hdev->le_features, rp->features, 8);
60e77321
JH		 820}
821
8fa19098
JH		 822static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
823 struct sk_buff *skb)
824{
825 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
826
827 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
828
04b4edcb 829 if (!rp->status)
8fa19098 830 hdev->adv_tx_power = rp->tx_power;
8fa19098
JH		 831}
832
a5c29683
JH		 833static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
834{
835 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
836
9f1db00c 837 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 838
56e5cb86
JH		 839 hci_dev_lock(hdev);
840
a8b2d5c2 841 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 842 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
843 rp->status);
56e5cb86
JH		 844
845 hci_dev_unlock(hdev);
a5c29683
JH		 846}
847
848static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 849 struct sk_buff *skb)
a5c29683
JH		 850{
851 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
852
9f1db00c 853 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 854
56e5cb86
JH		 855 hci_dev_lock(hdev);
856
a8b2d5c2 857 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 858 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 859 ACL_LINK, 0, rp->status);
56e5cb86
JH		 860
861 hci_dev_unlock(hdev);
a5c29683
JH		 862}
863
1143d458
BG		 864static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
865{
866 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
867
9f1db00c 868 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 869
870 hci_dev_lock(hdev);
871
a8b2d5c2 872 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 873 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 874 0, rp->status);
1143d458
BG		 875
876 hci_dev_unlock(hdev);
877}
878
879static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 880 struct sk_buff *skb)
1143d458
BG		 881{
882 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
883
9f1db00c 884 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 885
886 hci_dev_lock(hdev);
887
a8b2d5c2 888 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 889 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 890 ACL_LINK, 0, rp->status);
1143d458
BG		 891
892 hci_dev_unlock(hdev);
893}
894
c35938b2 895static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 896 struct sk_buff *skb)
c35938b2
SJ		 897{
898 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
899
9f1db00c 900 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 901
56e5cb86 902 hci_dev_lock(hdev);
744cf19e 903 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 904 rp->randomizer, rp->status);
56e5cb86 905 hci_dev_unlock(hdev);
c35938b2
SJ		 906}
907
c1d5dc4a
JH		 908static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
909{
910 __u8 *sent, status = *((__u8 *) skb->data);
911
912 BT_DBG("%s status 0x%2.2x", hdev->name, status);
913
914 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
915 if (!sent)
916 return;
917
918 hci_dev_lock(hdev);
919
920 if (!status) {
921 if (*sent)
922 set_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
923 else
924 clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
925 }
926
04b4edcb
JH		 927 if (!test_bit(HCI_INIT, &hdev->flags)) {
928 struct hci_request req;
c1d5dc4a 929
04b4edcb
JH		 930 hci_req_init(&req, hdev);
931 hci_update_ad(&req);
932 hci_req_run(&req, NULL);
933 }
934
935 hci_dev_unlock(hdev);
c1d5dc4a
JH		 936}
937
07f7fa5d
AG		 938static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
939{
940 __u8 status = *((__u8 *) skb->data);
941
9f1db00c 942 BT_DBG("%s status 0x%2.2x", hdev->name, status);
7ba8b4be 943
3fd24153
AG		 944 if (status) {
945 hci_dev_lock(hdev);
946 mgmt_start_discovery_failed(hdev, status);
947 hci_dev_unlock(hdev);
948 return;
949 }
07f7fa5d
AG		 950}
951
eb9d91f5 952static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 953 struct sk_buff *skb)
eb9d91f5
AG		 954{
955 struct hci_cp_le_set_scan_enable *cp;
956 __u8 status = *((__u8 *) skb->data);
957
9f1db00c 958 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 959
eb9d91f5
AG		 960 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
961 if (!cp)
962 return;
963
68a8aea4
AE		 964 switch (cp->enable) {
965 case LE_SCANNING_ENABLED:
3fd24153
AG		 966 if (status) {
967 hci_dev_lock(hdev);
968 mgmt_start_discovery_failed(hdev, status);
969 hci_dev_unlock(hdev);
7ba8b4be 970 return;
3fd24153 971 }
7ba8b4be 972
d23264a8
AG		 973 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
974
a8f13c8c 975 hci_dev_lock(hdev);
343f935b 976 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 977 hci_dev_unlock(hdev);
68a8aea4
AE		 978 break;
979
980 case LE_SCANNING_DISABLED:
c9ecc48e
AG		 981 if (status) {
982 hci_dev_lock(hdev);
983 mgmt_stop_discovery_failed(hdev, status);
984 hci_dev_unlock(hdev);
7ba8b4be 985 return;
c9ecc48e 986 }
7ba8b4be 987
d23264a8
AG		 988 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
989
bc3dd33c
AG		 990 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
991 hdev->discovery.state == DISCOVERY_FINDING) {
5e0452c0
AG		 992 mgmt_interleaved_discovery(hdev);
993 } else {
994 hci_dev_lock(hdev);
995 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
996 hci_dev_unlock(hdev);
997 }
998
68a8aea4
AE		 999 break;
1000
1001 default:
1002 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1003 break;
35815085 1004 }
eb9d91f5
AG		 1005}
1006
cf1d081f
JH		 1007static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
1008 struct sk_buff *skb)
1009{
1010 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
1011
1012 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
1013
1014 if (!rp->status)
1015 hdev->le_white_list_size = rp->size;
cf1d081f
JH		 1016}
1017
9b008c04
JH		 1018static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
1019 struct sk_buff *skb)
1020{
1021 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
1022
1023 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1024
1025 if (!rp->status)
1026 memcpy(hdev->le_states, rp->le_states, 8);
9b008c04
JH		 1027}
1028
6039aa73
GP		 1029static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1030 struct sk_buff *skb)
f9b49306 1031{
06199cf8 1032 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 1033 __u8 status = *((__u8 *) skb->data);
1034
9f1db00c 1035 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1036
06199cf8 1037 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1038 if (!sent)
f9b49306
AG		 1039 return;
1040
8f984dfa
JH		 1041 if (!status) {
1042 if (sent->le)
cad718ed 1043 hdev->features[1][0] |= LMP_HOST_LE;
8f984dfa 1044 else
cad718ed 1045 hdev->features[1][0] &= ~LMP_HOST_LE;
53b2caab
JH		 1046
1047 if (sent->simul)
cad718ed 1048 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
53b2caab 1049 else
cad718ed 1050 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
8f984dfa
JH		 1051 }
1052
1053 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
807deac2 1054 !test_bit(HCI_INIT, &hdev->flags))
8f984dfa 1055 mgmt_le_enable_complete(hdev, sent->le, status);
f9b49306
AG		 1056}
1057
93c284ee
AE		 1058static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1059 struct sk_buff *skb)
1060{
1061 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1062
1063 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1064 hdev->name, rp->status, rp->phy_handle);
1065
1066 if (rp->status)
1067 return;
1068
1069 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1070}
1071
6039aa73 1072static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1073{
9f1db00c 1074 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1075
1076 if (status) {
a9de9248 1077 hci_conn_check_pending(hdev);
56e5cb86 1078 hci_dev_lock(hdev);
a8b2d5c2 1079 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1080 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1081 hci_dev_unlock(hdev);
314b2381
JH		 1082 return;
1083 }
1084
89352e7d
AG		 1085 set_bit(HCI_INQUIRY, &hdev->flags);
1086
56e5cb86 1087 hci_dev_lock(hdev);
343f935b 1088 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1089 hci_dev_unlock(hdev);
1da177e4
LT		 1090}
1091
6039aa73 1092static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1093{
a9de9248 1094 struct hci_cp_create_conn *cp;
1da177e4 1095 struct hci_conn *conn;
1da177e4 1096
9f1db00c 1097 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1098
1099 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1100 if (!cp)
1101 return;
1102
1103 hci_dev_lock(hdev);
1104
1105 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1106
6ed93dc6 1107 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1108
1109 if (status) {
1110 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1111 if (status != 0x0c || conn->attempt > 2) {
1112 conn->state = BT_CLOSED;
1113 hci_proto_connect_cfm(conn, status);
1114 hci_conn_del(conn);
1115 } else
1116 conn->state = BT_CONNECT2;
1da177e4
LT		 1117 }
1118 } else {
1119 if (!conn) {
1120 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1121 if (conn) {
a0c808b3 1122 conn->out = true;
1da177e4
LT		 1123 conn->link_mode |= HCI_LM_MASTER;
1124 } else
893ef971 1125 BT_ERR("No memory for new connection");
1da177e4
LT		 1126 }
1127 }
1128
1129 hci_dev_unlock(hdev);
1130}
1131
a9de9248 1132static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1133{
a9de9248
MH		 1134 struct hci_cp_add_sco *cp;
1135 struct hci_conn *acl, *sco;
1136 __u16 handle;
1da177e4 1137
9f1db00c 1138 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1139
a9de9248
MH		 1140 if (!status)
1141 return;
1da177e4 1142
a9de9248
MH		 1143 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1144 if (!cp)
1145 return;
1da177e4 1146
a9de9248 1147 handle = __le16_to_cpu(cp->handle);
1da177e4 1148
9f1db00c 1149 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1150
a9de9248 1151 hci_dev_lock(hdev);
1da177e4 1152
a9de9248 1153 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1154 if (acl) {
1155 sco = acl->link;
1156 if (sco) {
1157 sco->state = BT_CLOSED;
1da177e4 1158
5a08ecce
AE		 1159 hci_proto_connect_cfm(sco, status);
1160 hci_conn_del(sco);
1161 }
a9de9248 1162 }
1da177e4 1163
a9de9248
MH		 1164 hci_dev_unlock(hdev);
1165}
1da177e4 1166
f8558555
MH		 1167static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1168{
1169 struct hci_cp_auth_requested *cp;
1170 struct hci_conn *conn;
1171
9f1db00c 1172 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1173
1174 if (!status)
1175 return;
1176
1177 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1178 if (!cp)
1179 return;
1180
1181 hci_dev_lock(hdev);
1182
1183 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1184 if (conn) {
1185 if (conn->state == BT_CONFIG) {
1186 hci_proto_connect_cfm(conn, status);
76a68ba0 1187 hci_conn_drop(conn);
f8558555
MH		 1188 }
1189 }
1190
1191 hci_dev_unlock(hdev);
1192}
1193
1194static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1195{
1196 struct hci_cp_set_conn_encrypt *cp;
1197 struct hci_conn *conn;
1198
9f1db00c 1199 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1200
1201 if (!status)
1202 return;
1203
1204 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1205 if (!cp)
1206 return;
1207
1208 hci_dev_lock(hdev);
1209
1210 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1211 if (conn) {
1212 if (conn->state == BT_CONFIG) {
1213 hci_proto_connect_cfm(conn, status);
76a68ba0 1214 hci_conn_drop(conn);
f8558555
MH		 1215 }
1216 }
1217
1218 hci_dev_unlock(hdev);
1219}
1220
127178d2 1221static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1222 struct hci_conn *conn)
392599b9 1223{
392599b9
JH		 1224 if (conn->state != BT_CONFIG || !conn->out)
1225 return 0;
1226
765c2a96 1227 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1228 return 0;
1229
1230 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1231 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1232 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1233 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1234 return 0;
1235
392599b9
JH		 1236 return 1;
1237}
1238
6039aa73 1239static int hci_resolve_name(struct hci_dev *hdev,
04124681 1240 struct inquiry_entry *e)
30dc78e1
JH		 1241{
1242 struct hci_cp_remote_name_req cp;
1243
1244 memset(&cp, 0, sizeof(cp));
1245
1246 bacpy(&cp.bdaddr, &e->data.bdaddr);
1247 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1248 cp.pscan_mode = e->data.pscan_mode;
1249 cp.clock_offset = e->data.clock_offset;
1250
1251 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1252}
1253
b644ba33 1254static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1255{
1256 struct discovery_state *discov = &hdev->discovery;
1257 struct inquiry_entry *e;
1258
b644ba33
JH		 1259 if (list_empty(&discov->resolve))
1260 return false;
1261
1262 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1263 if (!e)
1264 return false;
1265
b644ba33
JH		 1266 if (hci_resolve_name(hdev, e) == 0) {
1267 e->name_state = NAME_PENDING;
1268 return true;
1269 }
1270
1271 return false;
1272}
1273
1274static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1275 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1276{
1277 struct discovery_state *discov = &hdev->discovery;
1278 struct inquiry_entry *e;
1279
1280 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1281 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1282 name_len, conn->dev_class);
b644ba33
JH		 1283
1284 if (discov->state == DISCOVERY_STOPPED)
1285 return;
1286
30dc78e1
JH		 1287 if (discov->state == DISCOVERY_STOPPING)
1288 goto discov_complete;
1289
1290 if (discov->state != DISCOVERY_RESOLVING)
1291 return;
1292
1293 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1294 /* If the device was not found in a list of found devices names of which
1295 * are pending. there is no need to continue resolving a next name as it
1296 * will be done upon receiving another Remote Name Request Complete
1297 * Event */
1298 if (!e)
1299 return;
1300
1301 list_del(&e->list);
1302 if (name) {
30dc78e1 1303 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1304 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1305 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1306 } else {
1307 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1308 }
1309
b644ba33 1310 if (hci_resolve_next_name(hdev))
30dc78e1 1311 return;
30dc78e1
JH		 1312
1313discov_complete:
1314 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1315}
1316
a9de9248
MH		 1317static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1318{
127178d2
JH		 1319 struct hci_cp_remote_name_req *cp;
1320 struct hci_conn *conn;
1321
9f1db00c 1322 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1323
1324 /* If successful wait for the name req complete event before
1325 * checking for the need to do authentication */
1326 if (!status)
1327 return;
1328
1329 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1330 if (!cp)
1331 return;
1332
1333 hci_dev_lock(hdev);
1334
b644ba33
JH		 1335 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1336
a8b2d5c2 1337 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1338 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1339
79c6c70c
JH		 1340 if (!conn)
1341 goto unlock;
1342
1343 if (!hci_outgoing_auth_needed(hdev, conn))
1344 goto unlock;
1345
51a8efd7 1346 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1347 struct hci_cp_auth_requested cp;
1348 cp.handle = __cpu_to_le16(conn->handle);
1349 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1350 }
1351
79c6c70c 1352unlock:
127178d2 1353 hci_dev_unlock(hdev);
a9de9248 1354}
1da177e4 1355
769be974
MH		 1356static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1357{
1358 struct hci_cp_read_remote_features *cp;
1359 struct hci_conn *conn;
1360
9f1db00c 1361 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1362
1363 if (!status)
1364 return;
1365
1366 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1367 if (!cp)
1368 return;
1369
1370 hci_dev_lock(hdev);
1371
1372 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1373 if (conn) {
1374 if (conn->state == BT_CONFIG) {
769be974 1375 hci_proto_connect_cfm(conn, status);
76a68ba0 1376 hci_conn_drop(conn);
769be974
MH		 1377 }
1378 }
1379
1380 hci_dev_unlock(hdev);
1381}
1382
1383static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1384{
1385 struct hci_cp_read_remote_ext_features *cp;
1386 struct hci_conn *conn;
1387
9f1db00c 1388 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1389
1390 if (!status)
1391 return;
1392
1393 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1394 if (!cp)
1395 return;
1396
1397 hci_dev_lock(hdev);
1398
1399 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1400 if (conn) {
1401 if (conn->state == BT_CONFIG) {
769be974 1402 hci_proto_connect_cfm(conn, status);
76a68ba0 1403 hci_conn_drop(conn);
769be974
MH		 1404 }
1405 }
1406
1407 hci_dev_unlock(hdev);
1408}
1409
a9de9248
MH		 1410static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1411{
b6a0dc82
MH		 1412 struct hci_cp_setup_sync_conn *cp;
1413 struct hci_conn *acl, *sco;
1414 __u16 handle;
1415
9f1db00c 1416 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1417
1418 if (!status)
1419 return;
1420
1421 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1422 if (!cp)
1423 return;
1424
1425 handle = __le16_to_cpu(cp->handle);
1426
9f1db00c 1427 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1428
1429 hci_dev_lock(hdev);
1430
1431 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1432 if (acl) {
1433 sco = acl->link;
1434 if (sco) {
1435 sco->state = BT_CLOSED;
b6a0dc82 1436
5a08ecce
AE		 1437 hci_proto_connect_cfm(sco, status);
1438 hci_conn_del(sco);
1439 }
b6a0dc82
MH		 1440 }
1441
1442 hci_dev_unlock(hdev);
1da177e4
LT		 1443}
1444
a9de9248 1445static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1446{
a9de9248
MH		 1447 struct hci_cp_sniff_mode *cp;
1448 struct hci_conn *conn;
1da177e4 1449
9f1db00c 1450 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1451
a9de9248
MH		 1452 if (!status)
1453 return;
04837f64 1454
a9de9248
MH		 1455 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1456 if (!cp)
1457 return;
04837f64 1458
a9de9248 1459 hci_dev_lock(hdev);
04837f64 1460
a9de9248 1461 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1462 if (conn) {
51a8efd7 1463 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1464
51a8efd7 1465 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1466 hci_sco_setup(conn, status);
1467 }
1468
a9de9248
MH		 1469 hci_dev_unlock(hdev);
1470}
04837f64 1471
a9de9248
MH		 1472static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1473{
1474 struct hci_cp_exit_sniff_mode *cp;
1475 struct hci_conn *conn;
04837f64 1476
9f1db00c 1477 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1478
a9de9248
MH		 1479 if (!status)
1480 return;
04837f64 1481
a9de9248
MH		 1482 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1483 if (!cp)
1484 return;
04837f64 1485
a9de9248 1486 hci_dev_lock(hdev);
1da177e4 1487
a9de9248 1488 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1489 if (conn) {
51a8efd7 1490 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1491
51a8efd7 1492 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1493 hci_sco_setup(conn, status);
1494 }
1495
a9de9248 1496 hci_dev_unlock(hdev);
1da177e4
LT		 1497}
1498
88c3df13
JH		 1499static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1500{
1501 struct hci_cp_disconnect *cp;
1502 struct hci_conn *conn;
1503
1504 if (!status)
1505 return;
1506
1507 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1508 if (!cp)
1509 return;
1510
1511 hci_dev_lock(hdev);
1512
1513 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1514 if (conn)
1515 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1516 conn->dst_type, status);
88c3df13
JH		 1517
1518 hci_dev_unlock(hdev);
1519}
1520
fcd89c09
VT		 1521static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1522{
fcd89c09
VT		 1523 struct hci_conn *conn;
1524
9f1db00c 1525 BT_DBG("%s status 0x%2.2x", hdev->name, status);
fcd89c09 1526
f00a06ac
AG		 1527 if (status) {
1528 hci_dev_lock(hdev);
fcd89c09 1529
0c95ab78 1530 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
f00a06ac
AG		 1531 if (!conn) {
1532 hci_dev_unlock(hdev);
1533 return;
1534 }
fcd89c09 1535
6ed93dc6 1536 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
fcd89c09 1537
f00a06ac 1538 conn->state = BT_CLOSED;
0c95ab78 1539 mgmt_connect_failed(hdev, &conn->dst, conn->type,
f00a06ac
AG		 1540 conn->dst_type, status);
1541 hci_proto_connect_cfm(conn, status);
1542 hci_conn_del(conn);
fcd89c09 1543
f00a06ac
AG		 1544 hci_dev_unlock(hdev);
1545 }
fcd89c09
VT		 1546}
1547
a02226d6
AE		 1548static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1549{
93c284ee
AE		 1550 struct hci_cp_create_phy_link *cp;
1551
a02226d6 1552 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee 1553
93c284ee
AE		 1554 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1555 if (!cp)
1556 return;
1557
e58917b9
AE		 1558 hci_dev_lock(hdev);
1559
1560 if (status) {
1561 struct hci_conn *hcon;
1562
1563 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1564 if (hcon)
1565 hci_conn_del(hcon);
1566 } else {
1567 amp_write_remote_assoc(hdev, cp->phy_handle);
1568 }
1569
1570 hci_dev_unlock(hdev);
a02226d6
AE		 1571}
1572
0b26ab9d
AE		 1573static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1574{
1575 struct hci_cp_accept_phy_link *cp;
1576
1577 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1578
1579 if (status)
1580 return;
1581
1582 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1583 if (!cp)
1584 return;
1585
1586 amp_write_remote_assoc(hdev, cp->phy_handle);
1587}
1588
6039aa73 1589static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1590{
1591 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1592 struct discovery_state *discov = &hdev->discovery;
1593 struct inquiry_entry *e;
1da177e4 1594
9f1db00c 1595 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1596
a9de9248 1597 hci_conn_check_pending(hdev);
89352e7d
AG		 1598
1599 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1600 return;
1601
3e13fa1e
AG		 1602 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
1603 wake_up_bit(&hdev->flags, HCI_INQUIRY);
1604
a8b2d5c2 1605 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1606 return;
1607
56e5cb86 1608 hci_dev_lock(hdev);
30dc78e1 1609
343f935b 1610 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1611 goto unlock;
1612
1613 if (list_empty(&discov->resolve)) {
1614 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1615 goto unlock;
1616 }
1617
1618 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1619 if (e && hci_resolve_name(hdev, e) == 0) {
1620 e->name_state = NAME_PENDING;
1621 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1622 } else {
1623 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1624 }
1625
1626unlock:
56e5cb86 1627 hci_dev_unlock(hdev);
1da177e4
LT		 1628}
1629
6039aa73 1630static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1631{
45bb4bf0 1632 struct inquiry_data data;
a9de9248 1633 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1634 int num_rsp = *((__u8 *) skb->data);
1635
1636 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1637
45bb4bf0
MH		 1638 if (!num_rsp)
1639 return;
1640
1519cc17
AG		 1641 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1642 return;
1643
1da177e4 1644 hci_dev_lock(hdev);
45bb4bf0 1645
e17acd40 1646 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1647 bool name_known, ssp;
3175405b 1648
1da177e4
LT		 1649 bacpy(&data.bdaddr, &info->bdaddr);
1650 data.pscan_rep_mode = info->pscan_rep_mode;
1651 data.pscan_period_mode = info->pscan_period_mode;
1652 data.pscan_mode = info->pscan_mode;
1653 memcpy(data.dev_class, info->dev_class, 3);
1654 data.clock_offset = info->clock_offset;
1655 data.rssi = 0x00;
41a96212 1656 data.ssp_mode = 0x00;
3175405b 1657
388fc8fa 1658 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1659 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1660 info->dev_class, 0, !name_known, ssp, NULL,
1661 0);
1da177e4 1662 }
45bb4bf0 1663
1da177e4
LT		 1664 hci_dev_unlock(hdev);
1665}
1666
6039aa73 1667static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1668{
a9de9248
MH		 1669 struct hci_ev_conn_complete *ev = (void *) skb->data;
1670 struct hci_conn *conn;
1da177e4
LT		 1671
1672 BT_DBG("%s", hdev->name);
1673
1674 hci_dev_lock(hdev);
1675
1676 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1677 if (!conn) {
1678 if (ev->link_type != SCO_LINK)
1679 goto unlock;
1680
1681 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1682 if (!conn)
1683 goto unlock;
1684
1685 conn->type = SCO_LINK;
1686 }
1da177e4
LT		 1687
1688 if (!ev->status) {
1689 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1690
1691 if (conn->type == ACL_LINK) {
1692 conn->state = BT_CONFIG;
1693 hci_conn_hold(conn);
a9ea3ed9
SJ		 1694
1695 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1696 !hci_find_link_key(hdev, &ev->bdaddr))
1697 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1698 else
1699 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1700 } else
1701 conn->state = BT_CONNECTED;
1da177e4 1702
7d0db0a3
MH		 1703 hci_conn_add_sysfs(conn);
1704
1da177e4
LT		 1705 if (test_bit(HCI_AUTH, &hdev->flags))
1706 conn->link_mode |= HCI_LM_AUTH;
1707
1708 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1709 conn->link_mode |= HCI_LM_ENCRYPT;
1710
04837f64
MH		 1711 /* Get remote features */
1712 if (conn->type == ACL_LINK) {
1713 struct hci_cp_read_remote_features cp;
1714 cp.handle = ev->handle;
769be974 1715 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1716 sizeof(cp), &cp);
04837f64
MH		 1717 }
1718
1da177e4 1719 /* Set packet type for incoming connection */
d095c1eb 1720 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1721 struct hci_cp_change_conn_ptype cp;
1722 cp.handle = ev->handle;
a8746417 1723 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1724 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1725 &cp);
1da177e4 1726 }
17d5c04c 1727 } else {
1da177e4 1728 conn->state = BT_CLOSED;
17d5c04c 1729 if (conn->type == ACL_LINK)
744cf19e 1730 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1731 conn->dst_type, ev->status);
17d5c04c 1732 }
1da177e4 1733
e73439d8
MH		 1734 if (conn->type == ACL_LINK)
1735 hci_sco_setup(conn, ev->status);
1da177e4 1736
769be974
MH		 1737 if (ev->status) {
1738 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1739 hci_conn_del(conn);
c89b6e6b
MH		 1740 } else if (ev->link_type != ACL_LINK)
1741 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1742
a9de9248 1743unlock:
1da177e4 1744 hci_dev_unlock(hdev);
1da177e4 1745
a9de9248 1746 hci_conn_check_pending(hdev);
1da177e4
LT		 1747}
1748
6039aa73 1749static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1750{
a9de9248
MH		 1751 struct hci_ev_conn_request *ev = (void *) skb->data;
1752 int mask = hdev->link_mode;
20714bfe 1753 __u8 flags = 0;
1da177e4 1754
6ed93dc6 1755 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1756 ev->link_type);
1da177e4 1757
20714bfe
FD		 1758 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
1759 &flags);
1da177e4 1760
138d22ef 1761 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1762 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1763 /* Connection accepted */
c7bdd502 1764 struct inquiry_entry *ie;
1da177e4 1765 struct hci_conn *conn;
1da177e4 1766
a9de9248 1767 hci_dev_lock(hdev);
b6a0dc82 1768
cc11b9c1
AE		 1769 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1770 if (ie)
c7bdd502
MH		 1771 memcpy(ie->data.dev_class, ev->dev_class, 3);
1772
8fc9ced3
GP		 1773 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1774 &ev->bdaddr);
a9de9248 1775 if (!conn) {
cc11b9c1
AE		 1776 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1777 if (!conn) {
893ef971 1778 BT_ERR("No memory for new connection");
a9de9248
MH		 1779 hci_dev_unlock(hdev);
1780 return;
1da177e4
LT		 1781 }
1782 }
b6a0dc82 1783
a9de9248 1784 memcpy(conn->dev_class, ev->dev_class, 3);
b6a0dc82 1785
a9de9248 1786 hci_dev_unlock(hdev);
1da177e4 1787
20714bfe
FD		 1788 if (ev->link_type == ACL_LINK ||
1789 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
b6a0dc82 1790 struct hci_cp_accept_conn_req cp;
20714bfe 1791 conn->state = BT_CONNECT;
1da177e4 1792
b6a0dc82
MH		 1793 bacpy(&cp.bdaddr, &ev->bdaddr);
1794
1795 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1796 cp.role = 0x00; /* Become master */
1797 else
1798 cp.role = 0x01; /* Remain slave */
1799
04124681
GP		 1800 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1801 &cp);
20714bfe 1802 } else if (!(flags & HCI_PROTO_DEFER)) {
b6a0dc82 1803 struct hci_cp_accept_sync_conn_req cp;
20714bfe 1804 conn->state = BT_CONNECT;
b6a0dc82
MH		 1805
1806 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1807 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1808
82781e63
AE		 1809 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1810 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1811 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1812 cp.content_format = cpu_to_le16(hdev->voice_setting);
1813 cp.retrans_effort = 0xff;
1da177e4 1814
b6a0dc82 1815 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1816 sizeof(cp), &cp);
20714bfe
FD		 1817 } else {
1818 conn->state = BT_CONNECT2;
1819 hci_proto_connect_cfm(conn, 0);
b6a0dc82 1820 }
a9de9248
MH		 1821 } else {
1822 /* Connection rejected */
1823 struct hci_cp_reject_conn_req cp;
1da177e4 1824
a9de9248 1825 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1826 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1827 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1828 }
1da177e4
LT		 1829}
1830
f0d6a0ea
MA		 1831static u8 hci_to_mgmt_reason(u8 err)
1832{
1833 switch (err) {
1834 case HCI_ERROR_CONNECTION_TIMEOUT:
1835 return MGMT_DEV_DISCONN_TIMEOUT;
1836 case HCI_ERROR_REMOTE_USER_TERM:
1837 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1838 case HCI_ERROR_REMOTE_POWER_OFF:
1839 return MGMT_DEV_DISCONN_REMOTE;
1840 case HCI_ERROR_LOCAL_HOST_TERM:
1841 return MGMT_DEV_DISCONN_LOCAL_HOST;
1842 default:
1843 return MGMT_DEV_DISCONN_UNKNOWN;
1844 }
1845}
1846
6039aa73 1847static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1848{
a9de9248 1849 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1850 struct hci_conn *conn;
1851
9f1db00c 1852 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1853
1854 hci_dev_lock(hdev);
1855
1856 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1857 if (!conn)
1858 goto unlock;
7d0db0a3 1859
37d9ef76
JH		 1860 if (ev->status == 0)
1861 conn->state = BT_CLOSED;
04837f64 1862
b644ba33 1863 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 1864 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 1865 if (ev->status) {
88c3df13 1866 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 1867 conn->dst_type, ev->status);
f0d6a0ea
MA		 1868 } else {
1869 u8 reason = hci_to_mgmt_reason(ev->reason);
1870
afc747a6 1871 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 1872 conn->dst_type, reason);
1873 }
37d9ef76 1874 }
f7520543 1875
37d9ef76 1876 if (ev->status == 0) {
6ec5bcad
VA		 1877 if (conn->type == ACL_LINK && conn->flush_key)
1878 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 1879 hci_proto_disconn_cfm(conn, ev->reason);
1880 hci_conn_del(conn);
1881 }
f7520543
JH		 1882
1883unlock:
04837f64
MH		 1884 hci_dev_unlock(hdev);
1885}
1886
6039aa73 1887static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1888{
a9de9248 1889 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1890 struct hci_conn *conn;
1da177e4 1891
9f1db00c 1892 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1893
1894 hci_dev_lock(hdev);
1895
04837f64 1896 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1897 if (!conn)
1898 goto unlock;
1899
1900 if (!ev->status) {
aa64a8b5 1901 if (!hci_conn_ssp_enabled(conn) &&
807deac2 1902 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1903 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1904 } else {
d7556e20
WR		 1905 conn->link_mode |= HCI_LM_AUTH;
1906 conn->sec_level = conn->pending_sec_level;
2a611692 1907 }
d7556e20 1908 } else {
bab73cb6 1909 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 1910 ev->status);
d7556e20 1911 }
1da177e4 1912
51a8efd7
JH		 1913 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1914 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1915
d7556e20 1916 if (conn->state == BT_CONFIG) {
aa64a8b5 1917 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1918 struct hci_cp_set_conn_encrypt cp;
1919 cp.handle = ev->handle;
1920 cp.encrypt = 0x01;
1921 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1922 &cp);
052b30b0 1923 } else {
d7556e20
WR		 1924 conn->state = BT_CONNECTED;
1925 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1926 hci_conn_drop(conn);
052b30b0 1927 }
d7556e20
WR		 1928 } else {
1929 hci_auth_cfm(conn, ev->status);
052b30b0 1930
d7556e20
WR		 1931 hci_conn_hold(conn);
1932 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 1933 hci_conn_drop(conn);
d7556e20
WR		 1934 }
1935
51a8efd7 1936 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1937 if (!ev->status) {
1938 struct hci_cp_set_conn_encrypt cp;
1939 cp.handle = ev->handle;
1940 cp.encrypt = 0x01;
1941 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1942 &cp);
d7556e20 1943 } else {
51a8efd7 1944 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1945 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1946 }
1947 }
1948
d7556e20 1949unlock:
1da177e4
LT		 1950 hci_dev_unlock(hdev);
1951}
1952
6039aa73 1953static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1954{
127178d2
JH		 1955 struct hci_ev_remote_name *ev = (void *) skb->data;
1956 struct hci_conn *conn;
1957
a9de9248 1958 BT_DBG("%s", hdev->name);
1da177e4 1959
a9de9248 1960 hci_conn_check_pending(hdev);
127178d2
JH		 1961
1962 hci_dev_lock(hdev);
1963
b644ba33 1964 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1965
b644ba33
JH		 1966 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1967 goto check_auth;
a88a9652 1968
b644ba33
JH		 1969 if (ev->status == 0)
1970 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 1971 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 1972 else
1973 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1974
1975check_auth:
79c6c70c
JH		 1976 if (!conn)
1977 goto unlock;
1978
1979 if (!hci_outgoing_auth_needed(hdev, conn))
1980 goto unlock;
1981
51a8efd7 1982 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1983 struct hci_cp_auth_requested cp;
1984 cp.handle = __cpu_to_le16(conn->handle);
1985 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1986 }
1987
79c6c70c 1988unlock:
127178d2 1989 hci_dev_unlock(hdev);
a9de9248
MH		 1990}
1991
6039aa73 1992static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 1993{
1994 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1995 struct hci_conn *conn;
1996
9f1db00c 1997 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1998
1999 hci_dev_lock(hdev);
2000
04837f64 2001 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2002 if (conn) {
2003 if (!ev->status) {
ae293196
MH		 2004 if (ev->encrypt) {
2005 /* Encryption implies authentication */
2006 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2007 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2008 conn->sec_level = conn->pending_sec_level;
ae293196 2009 } else
1da177e4
LT		 2010 conn->link_mode &= ~HCI_LM_ENCRYPT;
2011 }
2012
51a8efd7 2013 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2014
a7d7723a 2015 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 2016 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 2017 hci_conn_drop(conn);
a7d7723a
GP		 2018 goto unlock;
2019 }
2020
f8558555
MH		 2021 if (conn->state == BT_CONFIG) {
2022 if (!ev->status)
2023 conn->state = BT_CONNECTED;
2024
2025 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2026 hci_conn_drop(conn);
f8558555
MH		 2027 } else
2028 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2029 }
2030
a7d7723a 2031unlock:
1da177e4
LT		 2032 hci_dev_unlock(hdev);
2033}
2034
6039aa73
GP		 2035static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2036 struct sk_buff *skb)
1da177e4 2037{
a9de9248 2038 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2039 struct hci_conn *conn;
1da177e4 2040
9f1db00c 2041 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2042
2043 hci_dev_lock(hdev);
2044
04837f64 2045 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2046 if (conn) {
2047 if (!ev->status)
2048 conn->link_mode |= HCI_LM_SECURE;
2049
51a8efd7 2050 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2051
2052 hci_key_change_cfm(conn, ev->status);
2053 }
2054
2055 hci_dev_unlock(hdev);
2056}
2057
6039aa73
GP		 2058static void hci_remote_features_evt(struct hci_dev *hdev,
2059 struct sk_buff *skb)
1da177e4 2060{
a9de9248
MH		 2061 struct hci_ev_remote_features *ev = (void *) skb->data;
2062 struct hci_conn *conn;
2063
9f1db00c 2064 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2065
a9de9248
MH		 2066 hci_dev_lock(hdev);
2067
2068 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2069 if (!conn)
2070 goto unlock;
769be974 2071
ccd556fe 2072 if (!ev->status)
cad718ed 2073 memcpy(conn->features[0], ev->features, 8);
ccd556fe
JH		 2074
2075 if (conn->state != BT_CONFIG)
2076 goto unlock;
2077
2078 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2079 struct hci_cp_read_remote_ext_features cp;
2080 cp.handle = ev->handle;
2081 cp.page = 0x01;
2082 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2083 sizeof(cp), &cp);
392599b9
JH		 2084 goto unlock;
2085 }
2086
671267bf 2087 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2088 struct hci_cp_remote_name_req cp;
2089 memset(&cp, 0, sizeof(cp));
2090 bacpy(&cp.bdaddr, &conn->dst);
2091 cp.pscan_rep_mode = 0x02;
2092 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2093 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2094 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2095 conn->dst_type, 0, NULL, 0,
2096 conn->dev_class);
392599b9 2097
127178d2 2098 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2099 conn->state = BT_CONNECTED;
2100 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2101 hci_conn_drop(conn);
769be974 2102 }
a9de9248 2103
ccd556fe 2104unlock:
a9de9248 2105 hci_dev_unlock(hdev);
1da177e4
LT		 2106}
2107
6039aa73 2108static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2109{
2110 struct hci_ev_cmd_complete *ev = (void *) skb->data;
9238f36a 2111 u8 status = skb->data[sizeof(*ev)];
a9de9248
MH		 2112 __u16 opcode;
2113
2114 skb_pull(skb, sizeof(*ev));
2115
2116 opcode = __le16_to_cpu(ev->opcode);
2117
2118 switch (opcode) {
2119 case HCI_OP_INQUIRY_CANCEL:
2120 hci_cc_inquiry_cancel(hdev, skb);
2121 break;
2122
4d93483b
AG		 2123 case HCI_OP_PERIODIC_INQ:
2124 hci_cc_periodic_inq(hdev, skb);
2125 break;
2126
a9de9248
MH		 2127 case HCI_OP_EXIT_PERIODIC_INQ:
2128 hci_cc_exit_periodic_inq(hdev, skb);
2129 break;
2130
2131 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2132 hci_cc_remote_name_req_cancel(hdev, skb);
2133 break;
2134
2135 case HCI_OP_ROLE_DISCOVERY:
2136 hci_cc_role_discovery(hdev, skb);
2137 break;
2138
e4e8e37c
MH		 2139 case HCI_OP_READ_LINK_POLICY:
2140 hci_cc_read_link_policy(hdev, skb);
2141 break;
2142
a9de9248
MH		 2143 case HCI_OP_WRITE_LINK_POLICY:
2144 hci_cc_write_link_policy(hdev, skb);
2145 break;
2146
e4e8e37c
MH		 2147 case HCI_OP_READ_DEF_LINK_POLICY:
2148 hci_cc_read_def_link_policy(hdev, skb);
2149 break;
2150
2151 case HCI_OP_WRITE_DEF_LINK_POLICY:
2152 hci_cc_write_def_link_policy(hdev, skb);
2153 break;
2154
a9de9248
MH		 2155 case HCI_OP_RESET:
2156 hci_cc_reset(hdev, skb);
2157 break;
2158
2159 case HCI_OP_WRITE_LOCAL_NAME:
2160 hci_cc_write_local_name(hdev, skb);
2161 break;
2162
2163 case HCI_OP_READ_LOCAL_NAME:
2164 hci_cc_read_local_name(hdev, skb);
2165 break;
2166
2167 case HCI_OP_WRITE_AUTH_ENABLE:
2168 hci_cc_write_auth_enable(hdev, skb);
2169 break;
2170
2171 case HCI_OP_WRITE_ENCRYPT_MODE:
2172 hci_cc_write_encrypt_mode(hdev, skb);
2173 break;
2174
2175 case HCI_OP_WRITE_SCAN_ENABLE:
2176 hci_cc_write_scan_enable(hdev, skb);
2177 break;
2178
2179 case HCI_OP_READ_CLASS_OF_DEV:
2180 hci_cc_read_class_of_dev(hdev, skb);
2181 break;
2182
2183 case HCI_OP_WRITE_CLASS_OF_DEV:
2184 hci_cc_write_class_of_dev(hdev, skb);
2185 break;
2186
2187 case HCI_OP_READ_VOICE_SETTING:
2188 hci_cc_read_voice_setting(hdev, skb);
2189 break;
2190
2191 case HCI_OP_WRITE_VOICE_SETTING:
2192 hci_cc_write_voice_setting(hdev, skb);
2193 break;
2194
333140b5
MH		 2195 case HCI_OP_WRITE_SSP_MODE:
2196 hci_cc_write_ssp_mode(hdev, skb);
2197 break;
2198
a9de9248
MH		 2199 case HCI_OP_READ_LOCAL_VERSION:
2200 hci_cc_read_local_version(hdev, skb);
2201 break;
2202
2203 case HCI_OP_READ_LOCAL_COMMANDS:
2204 hci_cc_read_local_commands(hdev, skb);
2205 break;
2206
2207 case HCI_OP_READ_LOCAL_FEATURES:
2208 hci_cc_read_local_features(hdev, skb);
2209 break;
2210
971e3a4b
AG		 2211 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2212 hci_cc_read_local_ext_features(hdev, skb);
2213 break;
2214
a9de9248
MH		 2215 case HCI_OP_READ_BUFFER_SIZE:
2216 hci_cc_read_buffer_size(hdev, skb);
2217 break;
2218
2219 case HCI_OP_READ_BD_ADDR:
2220 hci_cc_read_bd_addr(hdev, skb);
2221 break;
2222
f332ec66
JH		 2223 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
2224 hci_cc_read_page_scan_activity(hdev, skb);
2225 break;
2226
4a3ee763
JH		 2227 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
2228 hci_cc_write_page_scan_activity(hdev, skb);
2229 break;
2230
f332ec66
JH		 2231 case HCI_OP_READ_PAGE_SCAN_TYPE:
2232 hci_cc_read_page_scan_type(hdev, skb);
2233 break;
2234
4a3ee763
JH		 2235 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
2236 hci_cc_write_page_scan_type(hdev, skb);
2237 break;
2238
350ee4cf
AE		 2239 case HCI_OP_READ_DATA_BLOCK_SIZE:
2240 hci_cc_read_data_block_size(hdev, skb);
2241 break;
2242
1e89cffb
AE		 2243 case HCI_OP_READ_FLOW_CONTROL_MODE:
2244 hci_cc_read_flow_control_mode(hdev, skb);
2245 break;
2246
928abaa7
AE		 2247 case HCI_OP_READ_LOCAL_AMP_INFO:
2248 hci_cc_read_local_amp_info(hdev, skb);
2249 break;
2250
903e4541
AE		 2251 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2252 hci_cc_read_local_amp_assoc(hdev, skb);
2253 break;
2254
d5859e22
JH		 2255 case HCI_OP_READ_INQ_RSP_TX_POWER:
2256 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2257 break;
2258
980e1a53
JH		 2259 case HCI_OP_PIN_CODE_REPLY:
2260 hci_cc_pin_code_reply(hdev, skb);
2261 break;
2262
2263 case HCI_OP_PIN_CODE_NEG_REPLY:
2264 hci_cc_pin_code_neg_reply(hdev, skb);
2265 break;
2266
c35938b2
SJ		 2267 case HCI_OP_READ_LOCAL_OOB_DATA:
2268 hci_cc_read_local_oob_data_reply(hdev, skb);
2269 break;
2270
6ed58ec5
VT		 2271 case HCI_OP_LE_READ_BUFFER_SIZE:
2272 hci_cc_le_read_buffer_size(hdev, skb);
2273 break;
2274
60e77321
JH		 2275 case HCI_OP_LE_READ_LOCAL_FEATURES:
2276 hci_cc_le_read_local_features(hdev, skb);
2277 break;
2278
8fa19098
JH		 2279 case HCI_OP_LE_READ_ADV_TX_POWER:
2280 hci_cc_le_read_adv_tx_power(hdev, skb);
2281 break;
2282
a5c29683
JH		 2283 case HCI_OP_USER_CONFIRM_REPLY:
2284 hci_cc_user_confirm_reply(hdev, skb);
2285 break;
2286
2287 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2288 hci_cc_user_confirm_neg_reply(hdev, skb);
2289 break;
2290
1143d458
BG		 2291 case HCI_OP_USER_PASSKEY_REPLY:
2292 hci_cc_user_passkey_reply(hdev, skb);
2293 break;
2294
2295 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2296 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2297 break;
07f7fa5d
AG		 2298
2299 case HCI_OP_LE_SET_SCAN_PARAM:
2300 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2301 break;
2302
c1d5dc4a
JH		 2303 case HCI_OP_LE_SET_ADV_ENABLE:
2304 hci_cc_le_set_adv_enable(hdev, skb);
2305 break;
2306
eb9d91f5
AG		 2307 case HCI_OP_LE_SET_SCAN_ENABLE:
2308 hci_cc_le_set_scan_enable(hdev, skb);
2309 break;
2310
cf1d081f
JH		 2311 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
2312 hci_cc_le_read_white_list_size(hdev, skb);
2313 break;
2314
9b008c04
JH		 2315 case HCI_OP_LE_READ_SUPPORTED_STATES:
2316 hci_cc_le_read_supported_states(hdev, skb);
2317 break;
2318
f9b49306
AG		 2319 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2320 hci_cc_write_le_host_supported(hdev, skb);
2321 break;
2322
93c284ee
AE		 2323 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2324 hci_cc_write_remote_amp_assoc(hdev, skb);
2325 break;
2326
a9de9248 2327 default:
9f1db00c 2328 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2329 break;
2330 }
2331
ad82cdd1 2332 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2333 del_timer(&hdev->cmd_timer);
2334
ad82cdd1 2335 hci_req_cmd_complete(hdev, opcode, status);
9238f36a 2336
dbccd791 2337 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2338 atomic_set(&hdev->cmd_cnt, 1);
2339 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2340 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2341 }
2342}
2343
6039aa73 2344static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2345{
2346 struct hci_ev_cmd_status *ev = (void *) skb->data;
2347 __u16 opcode;
2348
2349 skb_pull(skb, sizeof(*ev));
2350
2351 opcode = __le16_to_cpu(ev->opcode);
2352
2353 switch (opcode) {
2354 case HCI_OP_INQUIRY:
2355 hci_cs_inquiry(hdev, ev->status);
2356 break;
2357
2358 case HCI_OP_CREATE_CONN:
2359 hci_cs_create_conn(hdev, ev->status);
2360 break;
2361
2362 case HCI_OP_ADD_SCO:
2363 hci_cs_add_sco(hdev, ev->status);
2364 break;
2365
f8558555
MH		 2366 case HCI_OP_AUTH_REQUESTED:
2367 hci_cs_auth_requested(hdev, ev->status);
2368 break;
2369
2370 case HCI_OP_SET_CONN_ENCRYPT:
2371 hci_cs_set_conn_encrypt(hdev, ev->status);
2372 break;
2373
a9de9248
MH		 2374 case HCI_OP_REMOTE_NAME_REQ:
2375 hci_cs_remote_name_req(hdev, ev->status);
2376 break;
2377
769be974
MH		 2378 case HCI_OP_READ_REMOTE_FEATURES:
2379 hci_cs_read_remote_features(hdev, ev->status);
2380 break;
2381
2382 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2383 hci_cs_read_remote_ext_features(hdev, ev->status);
2384 break;
2385
a9de9248
MH		 2386 case HCI_OP_SETUP_SYNC_CONN:
2387 hci_cs_setup_sync_conn(hdev, ev->status);
2388 break;
2389
2390 case HCI_OP_SNIFF_MODE:
2391 hci_cs_sniff_mode(hdev, ev->status);
2392 break;
2393
2394 case HCI_OP_EXIT_SNIFF_MODE:
2395 hci_cs_exit_sniff_mode(hdev, ev->status);
2396 break;
2397
8962ee74 2398 case HCI_OP_DISCONNECT:
88c3df13 2399 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2400 break;
2401
fcd89c09
VT		 2402 case HCI_OP_LE_CREATE_CONN:
2403 hci_cs_le_create_conn(hdev, ev->status);
2404 break;
2405
a02226d6
AE		 2406 case HCI_OP_CREATE_PHY_LINK:
2407 hci_cs_create_phylink(hdev, ev->status);
2408 break;
2409
0b26ab9d
AE		 2410 case HCI_OP_ACCEPT_PHY_LINK:
2411 hci_cs_accept_phylink(hdev, ev->status);
2412 break;
2413
a9de9248 2414 default:
9f1db00c 2415 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2416 break;
2417 }
2418
ad82cdd1 2419 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2420 del_timer(&hdev->cmd_timer);
2421
02350a72
JH		 2422 if (ev->status ||
2423 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->req.event))
2424 hci_req_cmd_complete(hdev, opcode, ev->status);
9238f36a 2425
10572132 2426 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2427 atomic_set(&hdev->cmd_cnt, 1);
2428 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2429 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2430 }
2431}
2432
6039aa73 2433static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2434{
2435 struct hci_ev_role_change *ev = (void *) skb->data;
2436 struct hci_conn *conn;
2437
9f1db00c 2438 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2439
2440 hci_dev_lock(hdev);
2441
2442 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2443 if (conn) {
2444 if (!ev->status) {
2445 if (ev->role)
2446 conn->link_mode &= ~HCI_LM_MASTER;
2447 else
2448 conn->link_mode |= HCI_LM_MASTER;
2449 }
2450
51a8efd7 2451 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2452
2453 hci_role_switch_cfm(conn, ev->status, ev->role);
2454 }
2455
2456 hci_dev_unlock(hdev);
2457}
2458
6039aa73 2459static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2460{
2461 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2462 int i;
2463
32ac5b9b
AE		 2464 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2465 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2466 return;
2467 }
2468
c5993de8 2469 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2470 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2471 BT_DBG("%s bad parameters", hdev->name);
2472 return;
2473 }
2474
c5993de8
AE		 2475 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2476
613a1c0c
AE		 2477 for (i = 0; i < ev->num_hndl; i++) {
2478 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2479 struct hci_conn *conn;
2480 __u16 handle, count;
2481
613a1c0c
AE		 2482 handle = __le16_to_cpu(info->handle);
2483 count = __le16_to_cpu(info->count);
a9de9248
MH		 2484
2485 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2486 if (!conn)
2487 continue;
2488
2489 conn->sent -= count;
2490
2491 switch (conn->type) {
2492 case ACL_LINK:
2493 hdev->acl_cnt += count;
2494 if (hdev->acl_cnt > hdev->acl_pkts)
2495 hdev->acl_cnt = hdev->acl_pkts;
2496 break;
2497
2498 case LE_LINK:
2499 if (hdev->le_pkts) {
2500 hdev->le_cnt += count;
2501 if (hdev->le_cnt > hdev->le_pkts)
2502 hdev->le_cnt = hdev->le_pkts;
2503 } else {
70f23020
AE		 2504 hdev->acl_cnt += count;
2505 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2506 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2507 }
f4280918
AE		 2508 break;
2509
2510 case SCO_LINK:
2511 hdev->sco_cnt += count;
2512 if (hdev->sco_cnt > hdev->sco_pkts)
2513 hdev->sco_cnt = hdev->sco_pkts;
2514 break;
2515
2516 default:
2517 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2518 break;
a9de9248
MH		 2519 }
2520 }
2521
3eff45ea 2522 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2523}
2524
76ef7cf7
AE		 2525static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2526 __u16 handle)
2527{
2528 struct hci_chan *chan;
2529
2530 switch (hdev->dev_type) {
2531 case HCI_BREDR:
2532 return hci_conn_hash_lookup_handle(hdev, handle);
2533 case HCI_AMP:
2534 chan = hci_chan_lookup_handle(hdev, handle);
2535 if (chan)
2536 return chan->conn;
2537 break;
2538 default:
2539 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2540 break;
2541 }
2542
2543 return NULL;
2544}
2545
6039aa73 2546static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2547{
2548 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2549 int i;
2550
2551 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2552 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2553 return;
2554 }
2555
2556 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2557 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2558 BT_DBG("%s bad parameters", hdev->name);
2559 return;
2560 }
2561
2562 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2563 ev->num_hndl);
25e89e99
AE		 2564
2565 for (i = 0; i < ev->num_hndl; i++) {
2566 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2567 struct hci_conn *conn = NULL;
25e89e99
AE		 2568 __u16 handle, block_count;
2569
2570 handle = __le16_to_cpu(info->handle);
2571 block_count = __le16_to_cpu(info->blocks);
2572
76ef7cf7 2573 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2574 if (!conn)
2575 continue;
2576
2577 conn->sent -= block_count;
2578
2579 switch (conn->type) {
2580 case ACL_LINK:
bd1eb66b 2581 case AMP_LINK:
25e89e99
AE		 2582 hdev->block_cnt += block_count;
2583 if (hdev->block_cnt > hdev->num_blocks)
2584 hdev->block_cnt = hdev->num_blocks;
2585 break;
2586
2587 default:
2588 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2589 break;
2590 }
2591 }
2592
2593 queue_work(hdev->workqueue, &hdev->tx_work);
2594}
2595
6039aa73 2596static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2597{
a9de9248 2598 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2599 struct hci_conn *conn;
2600
9f1db00c 2601 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2602
2603 hci_dev_lock(hdev);
2604
2605 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2606 if (conn) {
2607 conn->mode = ev->mode;
2608 conn->interval = __le16_to_cpu(ev->interval);
2609
8fc9ced3
GP		 2610 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2611 &conn->flags)) {
a9de9248 2612 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2613 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2614 else
58a681ef 2615 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2616 }
e73439d8 2617
51a8efd7 2618 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2619 hci_sco_setup(conn, ev->status);
04837f64
MH		 2620 }
2621
2622 hci_dev_unlock(hdev);
2623}
2624
6039aa73 2625static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2626{
052b30b0
MH		 2627 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2628 struct hci_conn *conn;
2629
a9de9248 2630 BT_DBG("%s", hdev->name);
052b30b0
MH		 2631
2632 hci_dev_lock(hdev);
2633
2634 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2635 if (!conn)
2636 goto unlock;
2637
2638 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2639 hci_conn_hold(conn);
2640 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
76a68ba0 2641 hci_conn_drop(conn);
052b30b0
MH		 2642 }
2643
a8b2d5c2 2644 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2645 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2646 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2647 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2648 u8 secure;
2649
2650 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2651 secure = 1;
2652 else
2653 secure = 0;
2654
744cf19e 2655 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2656 }
980e1a53 2657
b6f98044 2658unlock:
052b30b0 2659 hci_dev_unlock(hdev);
a9de9248
MH		 2660}
2661
6039aa73 2662static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2663{
55ed8ca1
JH		 2664 struct hci_ev_link_key_req *ev = (void *) skb->data;
2665 struct hci_cp_link_key_reply cp;
2666 struct hci_conn *conn;
2667 struct link_key *key;
2668
a9de9248 2669 BT_DBG("%s", hdev->name);
55ed8ca1 2670
a8b2d5c2 2671 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2672 return;
2673
2674 hci_dev_lock(hdev);
2675
2676 key = hci_find_link_key(hdev, &ev->bdaddr);
2677 if (!key) {
6ed93dc6
AE		 2678 BT_DBG("%s link key not found for %pMR", hdev->name,
2679 &ev->bdaddr);
55ed8ca1
JH		 2680 goto not_found;
2681 }
2682
6ed93dc6
AE		 2683 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2684 &ev->bdaddr);
55ed8ca1 2685
a8b2d5c2 2686 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2687 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2688 BT_DBG("%s ignoring debug key", hdev->name);
2689 goto not_found;
2690 }
2691
2692 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2693 if (conn) {
2694 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2695 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2696 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2697 goto not_found;
2698 }
55ed8ca1 2699
60b83f57 2700 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2701 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2702 BT_DBG("%s ignoring key unauthenticated for high security",
2703 hdev->name);
60b83f57
WR		 2704 goto not_found;
2705 }
2706
2707 conn->key_type = key->type;
2708 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2709 }
2710
2711 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2712 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2713
2714 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2715
2716 hci_dev_unlock(hdev);
2717
2718 return;
2719
2720not_found:
2721 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2722 hci_dev_unlock(hdev);
a9de9248
MH		 2723}
2724
6039aa73 2725static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2726{
052b30b0
MH		 2727 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2728 struct hci_conn *conn;
55ed8ca1 2729 u8 pin_len = 0;
052b30b0 2730
a9de9248 2731 BT_DBG("%s", hdev->name);
052b30b0
MH		 2732
2733 hci_dev_lock(hdev);
2734
2735 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2736 if (conn) {
2737 hci_conn_hold(conn);
2738 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2739 pin_len = conn->pin_length;
13d39315
WR		 2740
2741 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2742 conn->key_type = ev->key_type;
2743
76a68ba0 2744 hci_conn_drop(conn);
052b30b0
MH		 2745 }
2746
a8b2d5c2 2747 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2748 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2749 ev->key_type, pin_len);
55ed8ca1 2750
052b30b0 2751 hci_dev_unlock(hdev);
a9de9248
MH		 2752}
2753
6039aa73 2754static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2755{
a9de9248 2756 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2757 struct hci_conn *conn;
1da177e4 2758
9f1db00c 2759 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2760
2761 hci_dev_lock(hdev);
2762
04837f64 2763 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2764 if (conn && !ev->status) {
2765 struct inquiry_entry *ie;
2766
cc11b9c1
AE		 2767 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2768 if (ie) {
1da177e4
LT		 2769 ie->data.clock_offset = ev->clock_offset;
2770 ie->timestamp = jiffies;
2771 }
2772 }
2773
2774 hci_dev_unlock(hdev);
2775}
2776
6039aa73 2777static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2778{
2779 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2780 struct hci_conn *conn;
2781
9f1db00c 2782 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2783
2784 hci_dev_lock(hdev);
2785
2786 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2787 if (conn && !ev->status)
2788 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2789
2790 hci_dev_unlock(hdev);
2791}
2792
6039aa73 2793static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2794{
a9de9248 2795 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2796 struct inquiry_entry *ie;
2797
2798 BT_DBG("%s", hdev->name);
2799
2800 hci_dev_lock(hdev);
2801
cc11b9c1
AE		 2802 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2803 if (ie) {
85a1e930
MH		 2804 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2805 ie->timestamp = jiffies;
2806 }
2807
2808 hci_dev_unlock(hdev);
2809}
2810
6039aa73
GP		 2811static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2812 struct sk_buff *skb)
a9de9248
MH		 2813{
2814 struct inquiry_data data;
2815 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2816 bool name_known, ssp;
a9de9248
MH		 2817
2818 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2819
2820 if (!num_rsp)
2821 return;
2822
1519cc17
AG		 2823 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2824 return;
2825
a9de9248
MH		 2826 hci_dev_lock(hdev);
2827
2828 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2829 struct inquiry_info_with_rssi_and_pscan_mode *info;
2830 info = (void *) (skb->data + 1);
a9de9248 2831
e17acd40 2832 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2833 bacpy(&data.bdaddr, &info->bdaddr);
2834 data.pscan_rep_mode = info->pscan_rep_mode;
2835 data.pscan_period_mode = info->pscan_period_mode;
2836 data.pscan_mode = info->pscan_mode;
2837 memcpy(data.dev_class, info->dev_class, 3);
2838 data.clock_offset = info->clock_offset;
2839 data.rssi = info->rssi;
41a96212 2840 data.ssp_mode = 0x00;
3175405b
JH		 2841
2842 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2843 false, &ssp);
48264f06 2844 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2845 info->dev_class, info->rssi,
2846 !name_known, ssp, NULL, 0);
a9de9248
MH		 2847 }
2848 } else {
2849 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2850
e17acd40 2851 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2852 bacpy(&data.bdaddr, &info->bdaddr);
2853 data.pscan_rep_mode = info->pscan_rep_mode;
2854 data.pscan_period_mode = info->pscan_period_mode;
2855 data.pscan_mode = 0x00;
2856 memcpy(data.dev_class, info->dev_class, 3);
2857 data.clock_offset = info->clock_offset;
2858 data.rssi = info->rssi;
41a96212 2859 data.ssp_mode = 0x00;
3175405b 2860 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2861 false, &ssp);
48264f06 2862 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2863 info->dev_class, info->rssi,
2864 !name_known, ssp, NULL, 0);
a9de9248
MH		 2865 }
2866 }
2867
2868 hci_dev_unlock(hdev);
2869}
2870
6039aa73
GP		 2871static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2872 struct sk_buff *skb)
a9de9248 2873{
41a96212
MH		 2874 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2875 struct hci_conn *conn;
2876
a9de9248 2877 BT_DBG("%s", hdev->name);
41a96212 2878
41a96212
MH		 2879 hci_dev_lock(hdev);
2880
2881 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2882 if (!conn)
2883 goto unlock;
41a96212 2884
cad718ed
JH		 2885 if (ev->page < HCI_MAX_PAGES)
2886 memcpy(conn->features[ev->page], ev->features, 8);
2887
ccd556fe
JH		 2888 if (!ev->status && ev->page == 0x01) {
2889 struct inquiry_entry *ie;
41a96212 2890
cc11b9c1
AE		 2891 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2892 if (ie)
02b7cc62 2893 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 2894
bbb0eada 2895 if (ev->features[0] & LMP_HOST_SSP) {
58a681ef 2896 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
bbb0eada
JK		 2897 } else {
2898 /* It is mandatory by the Bluetooth specification that
2899 * Extended Inquiry Results are only used when Secure
2900 * Simple Pairing is enabled, but some devices violate
2901 * this.
2902 *
2903 * To make these devices work, the internal SSP
2904 * enabled flag needs to be cleared if the remote host
2905 * features do not indicate SSP support */
2906 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2907 }
ccd556fe
JH		 2908 }
2909
2910 if (conn->state != BT_CONFIG)
2911 goto unlock;
2912
671267bf 2913 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2914 struct hci_cp_remote_name_req cp;
2915 memset(&cp, 0, sizeof(cp));
2916 bacpy(&cp.bdaddr, &conn->dst);
2917 cp.pscan_rep_mode = 0x02;
2918 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2919 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2920 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2921 conn->dst_type, 0, NULL, 0,
2922 conn->dev_class);
392599b9 2923
127178d2 2924 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2925 conn->state = BT_CONNECTED;
2926 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2927 hci_conn_drop(conn);
41a96212
MH		 2928 }
2929
ccd556fe 2930unlock:
41a96212 2931 hci_dev_unlock(hdev);
a9de9248
MH		 2932}
2933
6039aa73
GP		 2934static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
2935 struct sk_buff *skb)
a9de9248 2936{
b6a0dc82
MH		 2937 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2938 struct hci_conn *conn;
2939
9f1db00c 2940 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 2941
2942 hci_dev_lock(hdev);
2943
2944 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2945 if (!conn) {
2946 if (ev->link_type == ESCO_LINK)
2947 goto unlock;
2948
2949 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2950 if (!conn)
2951 goto unlock;
2952
2953 conn->type = SCO_LINK;
2954 }
b6a0dc82 2955
732547f9
MH		 2956 switch (ev->status) {
2957 case 0x00:
b6a0dc82
MH		 2958 conn->handle = __le16_to_cpu(ev->handle);
2959 conn->state = BT_CONNECTED;
7d0db0a3
MH		 2960
2961 hci_conn_add_sysfs(conn);
732547f9
MH		 2962 break;
2963
705e5711 2964 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2965 case 0x1c: /* SCO interval rejected */
1038a00b 2966 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2967 case 0x1f: /* Unspecified error */
2968 if (conn->out && conn->attempt < 2) {
2969 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2970 (hdev->esco_type & EDR_ESCO_MASK);
2971 hci_setup_sync(conn, conn->link->handle);
2972 goto unlock;
2973 }
2974 /* fall through */
2975
2976 default:
b6a0dc82 2977 conn->state = BT_CLOSED;
732547f9
MH		 2978 break;
2979 }
b6a0dc82
MH		 2980
2981 hci_proto_connect_cfm(conn, ev->status);
2982 if (ev->status)
2983 hci_conn_del(conn);
2984
2985unlock:
2986 hci_dev_unlock(hdev);
a9de9248
MH		 2987}
2988
6039aa73
GP		 2989static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
2990 struct sk_buff *skb)
1da177e4 2991{
a9de9248
MH		 2992 struct inquiry_data data;
2993 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2994 int num_rsp = *((__u8 *) skb->data);
9d939d94 2995 size_t eir_len;
1da177e4 2996
a9de9248 2997 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2998
a9de9248
MH		 2999 if (!num_rsp)
3000 return;
1da177e4 3001
1519cc17
AG		 3002 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3003 return;
3004
a9de9248
MH		 3005 hci_dev_lock(hdev);
3006
e17acd40 3007 for (; num_rsp; num_rsp--, info++) {
388fc8fa 3008 bool name_known, ssp;
561aafbc 3009
a9de9248 3010 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 3011 data.pscan_rep_mode = info->pscan_rep_mode;
3012 data.pscan_period_mode = info->pscan_period_mode;
3013 data.pscan_mode = 0x00;
a9de9248 3014 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 3015 data.clock_offset = info->clock_offset;
3016 data.rssi = info->rssi;
41a96212 3017 data.ssp_mode = 0x01;
561aafbc 3018
a8b2d5c2 3019 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 3020 name_known = eir_has_data_type(info->data,
04124681
GP		 3021 sizeof(info->data),
3022 EIR_NAME_COMPLETE);
561aafbc
JH		 3023 else
3024 name_known = true;
3025
388fc8fa 3026 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 3027 &ssp);
9d939d94 3028 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 3029 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 3030 info->dev_class, info->rssi, !name_known,
9d939d94 3031 ssp, info->data, eir_len);
a9de9248
MH		 3032 }
3033
3034 hci_dev_unlock(hdev);
3035}
1da177e4 3036
1c2e0041
JH		 3037static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3038 struct sk_buff *skb)
3039{
3040 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3041 struct hci_conn *conn;
3042
9f1db00c 3043 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3044 __le16_to_cpu(ev->handle));
3045
3046 hci_dev_lock(hdev);
3047
3048 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3049 if (!conn)
3050 goto unlock;
3051
3052 if (!ev->status)
3053 conn->sec_level = conn->pending_sec_level;
3054
3055 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3056
3057 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 3058 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 3059 hci_conn_drop(conn);
1c2e0041
JH		 3060 goto unlock;
3061 }
3062
3063 if (conn->state == BT_CONFIG) {
3064 if (!ev->status)
3065 conn->state = BT_CONNECTED;
3066
3067 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 3068 hci_conn_drop(conn);
1c2e0041
JH		 3069 } else {
3070 hci_auth_cfm(conn, ev->status);
3071
3072 hci_conn_hold(conn);
3073 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3074 hci_conn_drop(conn);
1c2e0041
JH		 3075 }
3076
3077unlock:
3078 hci_dev_unlock(hdev);
3079}
3080
6039aa73 3081static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3082{
3083 /* If remote requests dedicated bonding follow that lead */
3084 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3085 /* If both remote and local IO capabilities allow MITM
3086 * protection then require it, otherwise don't */
3087 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3088 return 0x02;
3089 else
3090 return 0x03;
3091 }
3092
3093 /* If remote requests no-bonding follow that lead */
3094 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 3095 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3096
3097 return conn->auth_type;
3098}
3099
6039aa73 3100static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3101{
3102 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3103 struct hci_conn *conn;
3104
3105 BT_DBG("%s", hdev->name);
3106
3107 hci_dev_lock(hdev);
3108
3109 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3110 if (!conn)
3111 goto unlock;
3112
3113 hci_conn_hold(conn);
3114
a8b2d5c2 3115 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3116 goto unlock;
3117
a8b2d5c2 3118 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3119 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3120 struct hci_cp_io_capability_reply cp;
3121
3122 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3123 /* Change the IO capability from KeyboardDisplay
3124 * to DisplayYesNo as it is not supported by BT spec. */
3125 cp.capability = (conn->io_capability == 0x04) ?
3126 0x01 : conn->io_capability;
7cbc9bd9
JH		 3127 conn->auth_type = hci_get_auth_req(conn);
3128 cp.authentication = conn->auth_type;
17fa4b9d 3129
8fc9ced3
GP		 3130 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3131 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3132 cp.oob_data = 0x01;
3133 else
3134 cp.oob_data = 0x00;
3135
17fa4b9d 3136 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3137 sizeof(cp), &cp);
03b555e1
JH		 3138 } else {
3139 struct hci_cp_io_capability_neg_reply cp;
3140
3141 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3142 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3143
03b555e1 3144 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3145 sizeof(cp), &cp);
03b555e1
JH		 3146 }
3147
3148unlock:
3149 hci_dev_unlock(hdev);
3150}
3151
6039aa73 3152static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3153{
3154 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3155 struct hci_conn *conn;
3156
3157 BT_DBG("%s", hdev->name);
3158
3159 hci_dev_lock(hdev);
3160
3161 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3162 if (!conn)
3163 goto unlock;
3164
03b555e1 3165 conn->remote_cap = ev->capability;
03b555e1 3166 conn->remote_auth = ev->authentication;
58a681ef
JH		 3167 if (ev->oob_data)
3168 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3169
3170unlock:
0493684e
MH		 3171 hci_dev_unlock(hdev);
3172}
3173
6039aa73
GP		 3174static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3175 struct sk_buff *skb)
a5c29683
JH		 3176{
3177 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3178 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3179 struct hci_conn *conn;
a5c29683
JH		 3180
3181 BT_DBG("%s", hdev->name);
3182
3183 hci_dev_lock(hdev);
3184
a8b2d5c2 3185 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3186 goto unlock;
a5c29683 3187
7a828908
JH		 3188 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3189 if (!conn)
3190 goto unlock;
3191
3192 loc_mitm = (conn->auth_type & 0x01);
3193 rem_mitm = (conn->remote_auth & 0x01);
3194
3195 /* If we require MITM but the remote device can't provide that
3196 * (it has NoInputNoOutput) then reject the confirmation
3197 * request. The only exception is when we're dedicated bonding
3198 * initiators (connect_cfm_cb set) since then we always have the MITM
3199 * bit set. */
3200 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3201 BT_DBG("Rejecting request: remote device can't provide MITM");
3202 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3203 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3204 goto unlock;
3205 }
3206
3207 /* If no side requires MITM protection; auto-accept */
3208 if ((!loc_mitm || conn->remote_cap == 0x03) &&
807deac2 3209 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3210
3211 /* If we're not the initiators request authorization to
3212 * proceed from user space (mgmt_user_confirm with
3213 * confirm_hint set to 1). */
51a8efd7 3214 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3215 BT_DBG("Confirming auto-accept as acceptor");
3216 confirm_hint = 1;
3217 goto confirm;
3218 }
3219
9f61656a 3220 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3221 hdev->auto_accept_delay);
9f61656a
JH		 3222
3223 if (hdev->auto_accept_delay > 0) {
3224 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3225 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3226 goto unlock;
3227 }
3228
7a828908 3229 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3230 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3231 goto unlock;
3232 }
3233
55bc1a37 3234confirm:
272d90df 3235 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3236 confirm_hint);
7a828908
JH		 3237
3238unlock:
a5c29683
JH		 3239 hci_dev_unlock(hdev);
3240}
3241
6039aa73
GP		 3242static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3243 struct sk_buff *skb)
1143d458
BG		 3244{
3245 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3246
3247 BT_DBG("%s", hdev->name);
3248
a8b2d5c2 3249 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3250 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3251}
3252
92a25256
JH		 3253static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3254 struct sk_buff *skb)
3255{
3256 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3257 struct hci_conn *conn;
3258
3259 BT_DBG("%s", hdev->name);
3260
3261 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3262 if (!conn)
3263 return;
3264
3265 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3266 conn->passkey_entered = 0;
3267
3268 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3269 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3270 conn->dst_type, conn->passkey_notify,
3271 conn->passkey_entered);
3272}
3273
3274static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3275{
3276 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3277 struct hci_conn *conn;
3278
3279 BT_DBG("%s", hdev->name);
3280
3281 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3282 if (!conn)
3283 return;
3284
3285 switch (ev->type) {
3286 case HCI_KEYPRESS_STARTED:
3287 conn->passkey_entered = 0;
3288 return;
3289
3290 case HCI_KEYPRESS_ENTERED:
3291 conn->passkey_entered++;
3292 break;
3293
3294 case HCI_KEYPRESS_ERASED:
3295 conn->passkey_entered--;
3296 break;
3297
3298 case HCI_KEYPRESS_CLEARED:
3299 conn->passkey_entered = 0;
3300 break;
3301
3302 case HCI_KEYPRESS_COMPLETED:
3303 return;
3304 }
3305
3306 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3307 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3308 conn->dst_type, conn->passkey_notify,
3309 conn->passkey_entered);
3310}
3311
6039aa73
GP		 3312static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3313 struct sk_buff *skb)
0493684e
MH		 3314{
3315 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3316 struct hci_conn *conn;
3317
3318 BT_DBG("%s", hdev->name);
3319
3320 hci_dev_lock(hdev);
3321
3322 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3323 if (!conn)
3324 goto unlock;
3325
3326 /* To avoid duplicate auth_failed events to user space we check
3327 * the HCI_CONN_AUTH_PEND flag which will be set if we
3328 * initiated the authentication. A traditional auth_complete
3329 * event gets always produced as initiator and is also mapped to
3330 * the mgmt_auth_failed event */
fa1bd918 3331 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3332 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3333 ev->status);
0493684e 3334
76a68ba0 3335 hci_conn_drop(conn);
2a611692
JH		 3336
3337unlock:
0493684e
MH		 3338 hci_dev_unlock(hdev);
3339}
3340
6039aa73
GP		 3341static void hci_remote_host_features_evt(struct hci_dev *hdev,
3342 struct sk_buff *skb)
41a96212
MH		 3343{
3344 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3345 struct inquiry_entry *ie;
cad718ed 3346 struct hci_conn *conn;
41a96212
MH		 3347
3348 BT_DBG("%s", hdev->name);
3349
3350 hci_dev_lock(hdev);
3351
cad718ed
JH		 3352 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3353 if (conn)
3354 memcpy(conn->features[1], ev->features, 8);
3355
cc11b9c1
AE		 3356 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3357 if (ie)
02b7cc62 3358 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3359
3360 hci_dev_unlock(hdev);
3361}
3362
6039aa73
GP		 3363static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3364 struct sk_buff *skb)
2763eda6
SJ		 3365{
3366 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3367 struct oob_data *data;
3368
3369 BT_DBG("%s", hdev->name);
3370
3371 hci_dev_lock(hdev);
3372
a8b2d5c2 3373 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3374 goto unlock;
3375
2763eda6
SJ		 3376 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3377 if (data) {
3378 struct hci_cp_remote_oob_data_reply cp;
3379
3380 bacpy(&cp.bdaddr, &ev->bdaddr);
3381 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3382 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3383
3384 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3385 &cp);
2763eda6
SJ		 3386 } else {
3387 struct hci_cp_remote_oob_data_neg_reply cp;
3388
3389 bacpy(&cp.bdaddr, &ev->bdaddr);
3390 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3391 &cp);
2763eda6
SJ		 3392 }
3393
e1ba1f15 3394unlock:
2763eda6
SJ		 3395 hci_dev_unlock(hdev);
3396}
3397
d5e91192
AE		 3398static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3399 struct sk_buff *skb)
3400{
3401 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3402 struct hci_conn *hcon, *bredr_hcon;
3403
3404 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3405 ev->status);
3406
3407 hci_dev_lock(hdev);
3408
3409 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3410 if (!hcon) {
3411 hci_dev_unlock(hdev);
3412 return;
3413 }
3414
3415 if (ev->status) {
3416 hci_conn_del(hcon);
3417 hci_dev_unlock(hdev);
3418 return;
3419 }
3420
3421 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3422
3423 hcon->state = BT_CONNECTED;
3424 bacpy(&hcon->dst, &bredr_hcon->dst);
3425
3426 hci_conn_hold(hcon);
3427 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3428 hci_conn_drop(hcon);
d5e91192 3429
d5e91192
AE		 3430 hci_conn_add_sysfs(hcon);
3431
cf70ff22 3432 amp_physical_cfm(bredr_hcon, hcon);
d5e91192 3433
cf70ff22 3434 hci_dev_unlock(hdev);
d5e91192
AE		 3435}
3436
27695fb4
AE		 3437static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3438{
3439 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3440 struct hci_conn *hcon;
3441 struct hci_chan *hchan;
3442 struct amp_mgr *mgr;
3443
3444 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3445 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3446 ev->status);
3447
3448 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3449 if (!hcon)
3450 return;
3451
3452 /* Create AMP hchan */
3453 hchan = hci_chan_create(hcon);
3454 if (!hchan)
3455 return;
3456
3457 hchan->handle = le16_to_cpu(ev->handle);
3458
3459 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3460
3461 mgr = hcon->amp_mgr;
3462 if (mgr && mgr->bredr_chan) {
3463 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3464
3465 l2cap_chan_lock(bredr_chan);
3466
3467 bredr_chan->conn->mtu = hdev->block_mtu;
3468 l2cap_logical_cfm(bredr_chan, hchan, 0);
3469 hci_conn_hold(hcon);
3470
3471 l2cap_chan_unlock(bredr_chan);
3472 }
3473}
3474
606e2a10
AE		 3475static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3476 struct sk_buff *skb)
3477{
3478 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3479 struct hci_chan *hchan;
3480
3481 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3482 le16_to_cpu(ev->handle), ev->status);
3483
3484 if (ev->status)
3485 return;
3486
3487 hci_dev_lock(hdev);
3488
3489 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3490 if (!hchan)
3491 goto unlock;
3492
3493 amp_destroy_logical_link(hchan, ev->reason);
3494
3495unlock:
3496 hci_dev_unlock(hdev);
3497}
3498
9eef6b3a
AE		 3499static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3500 struct sk_buff *skb)
3501{
3502 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3503 struct hci_conn *hcon;
3504
3505 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3506
3507 if (ev->status)
3508 return;
3509
3510 hci_dev_lock(hdev);
3511
3512 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3513 if (hcon) {
3514 hcon->state = BT_CLOSED;
3515 hci_conn_del(hcon);
3516 }
3517
3518 hci_dev_unlock(hdev);
3519}
3520
6039aa73 3521static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3522{
3523 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3524 struct hci_conn *conn;
3525
9f1db00c 3526 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3527
3528 hci_dev_lock(hdev);
3529
b47a09b3 3530 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3531 if (!conn) {
3532 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3533 if (!conn) {
3534 BT_ERR("No memory for new connection");
230fd16a 3535 goto unlock;
b62f328b 3536 }
29b7988a
AG		 3537
3538 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3539
3540 if (ev->role == LE_CONN_ROLE_MASTER) {
3541 conn->out = true;
3542 conn->link_mode |= HCI_LM_MASTER;
3543 }
b62f328b 3544 }
fcd89c09 3545
cd17decb
AG		 3546 if (ev->status) {
3547 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3548 conn->dst_type, ev->status);
3549 hci_proto_connect_cfm(conn, ev->status);
3550 conn->state = BT_CLOSED;
3551 hci_conn_del(conn);
3552 goto unlock;
3553 }
3554
b644ba33
JH		 3555 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3556 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3557 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3558
7b5c0d52 3559 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3560 conn->handle = __le16_to_cpu(ev->handle);
3561 conn->state = BT_CONNECTED;
3562
fcd89c09
VT		 3563 hci_conn_add_sysfs(conn);
3564
3565 hci_proto_connect_cfm(conn, ev->status);
3566
3567unlock:
3568 hci_dev_unlock(hdev);
3569}
3570
6039aa73 3571static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3572{
e95beb41
AG		 3573 u8 num_reports = skb->data[0];
3574 void *ptr = &skb->data[1];
3c9e9195 3575 s8 rssi;
9aa04c91 3576
e95beb41
AG		 3577 while (num_reports--) {
3578 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3579
3c9e9195
AG		 3580 rssi = ev->data[ev->length];
3581 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3582 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3583
e95beb41 3584 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91 3585 }
9aa04c91
AG		 3586}
3587
6039aa73 3588static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3589{
3590 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3591 struct hci_cp_le_ltk_reply cp;
bea710fe 3592 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3593 struct hci_conn *conn;
c9839a11 3594 struct smp_ltk *ltk;
a7a595f6 3595
9f1db00c 3596 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3597
3598 hci_dev_lock(hdev);
3599
3600 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3601 if (conn == NULL)
3602 goto not_found;
a7a595f6 3603
bea710fe
VCG		 3604 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3605 if (ltk == NULL)
3606 goto not_found;
3607
3608 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3609 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3610
3611 if (ltk->authenticated)
3612 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3613
3614 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3615
c9839a11
VCG		 3616 if (ltk->type & HCI_SMP_STK) {
3617 list_del(&ltk->list);
3618 kfree(ltk);
3619 }
3620
a7a595f6 3621 hci_dev_unlock(hdev);
bea710fe
VCG		 3622
3623 return;
3624
3625not_found:
3626 neg.handle = ev->handle;
3627 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3628 hci_dev_unlock(hdev);
a7a595f6
VCG		 3629}
3630
6039aa73 3631static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3632{
3633 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3634
3635 skb_pull(skb, sizeof(*le_ev));
3636
3637 switch (le_ev->subevent) {
3638 case HCI_EV_LE_CONN_COMPLETE:
3639 hci_le_conn_complete_evt(hdev, skb);
3640 break;
3641
9aa04c91
AG		 3642 case HCI_EV_LE_ADVERTISING_REPORT:
3643 hci_le_adv_report_evt(hdev, skb);
3644 break;
3645
a7a595f6
VCG		 3646 case HCI_EV_LE_LTK_REQ:
3647 hci_le_ltk_request_evt(hdev, skb);
3648 break;
3649
fcd89c09
VT		 3650 default:
3651 break;
3652 }
3653}
3654
9495b2ee
AE		 3655static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3656{
3657 struct hci_ev_channel_selected *ev = (void *) skb->data;
3658 struct hci_conn *hcon;
3659
3660 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3661
3662 skb_pull(skb, sizeof(*ev));
3663
3664 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3665 if (!hcon)
3666 return;
3667
3668 amp_read_loc_assoc_final_data(hdev, hcon);
3669}
3670
a9de9248
MH		 3671void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3672{
3673 struct hci_event_hdr *hdr = (void *) skb->data;
3674 __u8 event = hdr->evt;
3675
b6ddb638
JH		 3676 hci_dev_lock(hdev);
3677
3678 /* Received events are (currently) only needed when a request is
3679 * ongoing so avoid unnecessary memory allocation.
3680 */
3681 if (hdev->req_status == HCI_REQ_PEND) {
3682 kfree_skb(hdev->recv_evt);
3683 hdev->recv_evt = skb_clone(skb, GFP_KERNEL);
3684 }
3685
3686 hci_dev_unlock(hdev);
3687
a9de9248
MH		 3688 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3689
02350a72
JH		 3690 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->req.event == event) {
3691 struct hci_command_hdr *hdr = (void *) hdev->sent_cmd->data;
3692 u16 opcode = __le16_to_cpu(hdr->opcode);
3693
3694 hci_req_cmd_complete(hdev, opcode, 0);
3695 }
3696
a9de9248 3697 switch (event) {
1da177e4
LT		 3698 case HCI_EV_INQUIRY_COMPLETE:
3699 hci_inquiry_complete_evt(hdev, skb);
3700 break;
3701
3702 case HCI_EV_INQUIRY_RESULT:
3703 hci_inquiry_result_evt(hdev, skb);
3704 break;
3705
a9de9248
MH		 3706 case HCI_EV_CONN_COMPLETE:
3707 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3708 break;
3709
1da177e4
LT		 3710 case HCI_EV_CONN_REQUEST:
3711 hci_conn_request_evt(hdev, skb);
3712 break;
3713
1da177e4
LT		 3714 case HCI_EV_DISCONN_COMPLETE:
3715 hci_disconn_complete_evt(hdev, skb);
3716 break;
3717
1da177e4
LT		 3718 case HCI_EV_AUTH_COMPLETE:
3719 hci_auth_complete_evt(hdev, skb);
3720 break;
3721
a9de9248
MH		 3722 case HCI_EV_REMOTE_NAME:
3723 hci_remote_name_evt(hdev, skb);
3724 break;
3725
1da177e4
LT		 3726 case HCI_EV_ENCRYPT_CHANGE:
3727 hci_encrypt_change_evt(hdev, skb);
3728 break;
3729
a9de9248
MH		 3730 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3731 hci_change_link_key_complete_evt(hdev, skb);
3732 break;
3733
3734 case HCI_EV_REMOTE_FEATURES:
3735 hci_remote_features_evt(hdev, skb);
3736 break;
3737
a9de9248
MH		 3738 case HCI_EV_CMD_COMPLETE:
3739 hci_cmd_complete_evt(hdev, skb);
3740 break;
3741
3742 case HCI_EV_CMD_STATUS:
3743 hci_cmd_status_evt(hdev, skb);
3744 break;
3745
3746 case HCI_EV_ROLE_CHANGE:
3747 hci_role_change_evt(hdev, skb);
3748 break;
3749
3750 case HCI_EV_NUM_COMP_PKTS:
3751 hci_num_comp_pkts_evt(hdev, skb);
3752 break;
3753
3754 case HCI_EV_MODE_CHANGE:
3755 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3756 break;
3757
3758 case HCI_EV_PIN_CODE_REQ:
3759 hci_pin_code_request_evt(hdev, skb);
3760 break;
3761
3762 case HCI_EV_LINK_KEY_REQ:
3763 hci_link_key_request_evt(hdev, skb);
3764 break;
3765
3766 case HCI_EV_LINK_KEY_NOTIFY:
3767 hci_link_key_notify_evt(hdev, skb);
3768 break;
3769
3770 case HCI_EV_CLOCK_OFFSET:
3771 hci_clock_offset_evt(hdev, skb);
3772 break;
3773
a8746417
MH		 3774 case HCI_EV_PKT_TYPE_CHANGE:
3775 hci_pkt_type_change_evt(hdev, skb);
3776 break;
3777
85a1e930
MH		 3778 case HCI_EV_PSCAN_REP_MODE:
3779 hci_pscan_rep_mode_evt(hdev, skb);
3780 break;
3781
a9de9248
MH		 3782 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3783 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3784 break;
3785
a9de9248
MH		 3786 case HCI_EV_REMOTE_EXT_FEATURES:
3787 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3788 break;
3789
a9de9248
MH		 3790 case HCI_EV_SYNC_CONN_COMPLETE:
3791 hci_sync_conn_complete_evt(hdev, skb);
3792 break;
1da177e4 3793
a9de9248
MH		 3794 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3795 hci_extended_inquiry_result_evt(hdev, skb);
3796 break;
1da177e4 3797
1c2e0041
JH		 3798 case HCI_EV_KEY_REFRESH_COMPLETE:
3799 hci_key_refresh_complete_evt(hdev, skb);
3800 break;
3801
0493684e
MH		 3802 case HCI_EV_IO_CAPA_REQUEST:
3803 hci_io_capa_request_evt(hdev, skb);
3804 break;
3805
03b555e1
JH		 3806 case HCI_EV_IO_CAPA_REPLY:
3807 hci_io_capa_reply_evt(hdev, skb);
3808 break;
3809
a5c29683
JH		 3810 case HCI_EV_USER_CONFIRM_REQUEST:
3811 hci_user_confirm_request_evt(hdev, skb);
3812 break;
3813
1143d458
BG		 3814 case HCI_EV_USER_PASSKEY_REQUEST:
3815 hci_user_passkey_request_evt(hdev, skb);
3816 break;
3817
92a25256
JH		 3818 case HCI_EV_USER_PASSKEY_NOTIFY:
3819 hci_user_passkey_notify_evt(hdev, skb);
3820 break;
3821
3822 case HCI_EV_KEYPRESS_NOTIFY:
3823 hci_keypress_notify_evt(hdev, skb);
3824 break;
3825
0493684e
MH		 3826 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3827 hci_simple_pair_complete_evt(hdev, skb);
3828 break;
3829
41a96212
MH		 3830 case HCI_EV_REMOTE_HOST_FEATURES:
3831 hci_remote_host_features_evt(hdev, skb);
3832 break;
3833
fcd89c09
VT		 3834 case HCI_EV_LE_META:
3835 hci_le_meta_evt(hdev, skb);
3836 break;
3837
9495b2ee
AE		 3838 case HCI_EV_CHANNEL_SELECTED:
3839 hci_chan_selected_evt(hdev, skb);
3840 break;
3841
2763eda6
SJ		 3842 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3843 hci_remote_oob_data_request_evt(hdev, skb);
3844 break;
3845
d5e91192
AE		 3846 case HCI_EV_PHY_LINK_COMPLETE:
3847 hci_phy_link_complete_evt(hdev, skb);
3848 break;
3849
27695fb4
AE		 3850 case HCI_EV_LOGICAL_LINK_COMPLETE:
3851 hci_loglink_complete_evt(hdev, skb);
3852 break;
3853
606e2a10
AE		 3854 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
3855 hci_disconn_loglink_complete_evt(hdev, skb);
3856 break;
3857
9eef6b3a
AE		 3858 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
3859 hci_disconn_phylink_complete_evt(hdev, skb);
3860 break;
3861
25e89e99
AE		 3862 case HCI_EV_NUM_COMP_BLOCKS:
3863 hci_num_comp_blocks_evt(hdev, skb);
3864 break;
3865
a9de9248 3866 default:
9f1db00c 3867 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3868 break;
3869 }
3870
3871 kfree_skb(skb);
3872 hdev->stat.evt_rx++;
3873}
Linux kernel - Deliverables
This page took 1.327979 seconds and 5 git commands to generate.