projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Move HCI device features into hci_core.c
[deliverable/linux.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <asm/unaligned.h>
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
f0d6a0ea 31#include <net/bluetooth/mgmt.h>
7ef9fbf0 32
7024728e 33#include "a2mp.h"
7ef9fbf0 34#include "amp.h"
1da177e4 35
1da177e4
LT		 36/* Handle HCI Event packets */
37
a9de9248 38static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 39{
a9de9248 40 __u8 status = *((__u8 *) skb->data);
1da177e4 41
9f1db00c 42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 43
82f4785c 44 if (status)
a9de9248 45 return;
1da177e4 46
89352e7d 47 clear_bit(HCI_INQUIRY, &hdev->flags);
3e13fa1e
AG		 48 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
49 wake_up_bit(&hdev->flags, HCI_INQUIRY);
89352e7d 50
a9de9248
MH		 51 hci_conn_check_pending(hdev);
52}
6bd57416 53
4d93483b
AG		 54static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
55{
56 __u8 status = *((__u8 *) skb->data);
57
9f1db00c 58 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 59
60 if (status)
61 return;
62
63 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 64}
65
a9de9248
MH		 66static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67{
68 __u8 status = *((__u8 *) skb->data);
6bd57416 69
9f1db00c 70 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 71
a9de9248
MH		 72 if (status)
73 return;
1da177e4 74
ae854a70
AG		 75 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
76
a9de9248
MH		 77 hci_conn_check_pending(hdev);
78}
79
807deac2
GP		 80static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
81 struct sk_buff *skb)
a9de9248
MH		 82{
83 BT_DBG("%s", hdev->name);
84}
85
86static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
87{
88 struct hci_rp_role_discovery *rp = (void *) skb->data;
89 struct hci_conn *conn;
90
9f1db00c 91 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 92
93 if (rp->status)
94 return;
95
96 hci_dev_lock(hdev);
97
98 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
99 if (conn) {
100 if (rp->role)
101 conn->link_mode &= ~HCI_LM_MASTER;
102 else
103 conn->link_mode |= HCI_LM_MASTER;
1da177e4 104 }
a9de9248
MH		 105
106 hci_dev_unlock(hdev);
1da177e4
LT		 107}
108
e4e8e37c
MH		 109static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
110{
111 struct hci_rp_read_link_policy *rp = (void *) skb->data;
112 struct hci_conn *conn;
113
9f1db00c 114 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 115
116 if (rp->status)
117 return;
118
119 hci_dev_lock(hdev);
120
121 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
122 if (conn)
123 conn->link_policy = __le16_to_cpu(rp->policy);
124
125 hci_dev_unlock(hdev);
126}
127
a9de9248 128static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 129{
a9de9248 130 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 131 struct hci_conn *conn;
04837f64 132 void *sent;
1da177e4 133
9f1db00c 134 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 135
a9de9248
MH		 136 if (rp->status)
137 return;
1da177e4 138
a9de9248
MH		 139 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
140 if (!sent)
141 return;
1da177e4 142
a9de9248 143 hci_dev_lock(hdev);
1da177e4 144
a9de9248 145 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 146 if (conn)
83985319 147 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 148
a9de9248
MH		 149 hci_dev_unlock(hdev);
150}
1da177e4 151
807deac2
GP		 152static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
153 struct sk_buff *skb)
e4e8e37c
MH		 154{
155 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
156
9f1db00c 157 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 158
159 if (rp->status)
160 return;
161
162 hdev->link_policy = __le16_to_cpu(rp->policy);
163}
164
807deac2
GP		 165static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
166 struct sk_buff *skb)
e4e8e37c
MH		 167{
168 __u8 status = *((__u8 *) skb->data);
169 void *sent;
170
9f1db00c 171 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 172
173 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
174 if (!sent)
175 return;
176
177 if (!status)
178 hdev->link_policy = get_unaligned_le16(sent);
e4e8e37c
MH		 179}
180
a9de9248
MH		 181static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
182{
183 __u8 status = *((__u8 *) skb->data);
04837f64 184
9f1db00c 185 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 186
10572132
GP		 187 clear_bit(HCI_RESET, &hdev->flags);
188
a297e97c 189 /* Reset all non-persistent flags */
2cc6fb00 190 hdev->dev_flags &= ~HCI_PERSISTENT_MASK;
69775ff6
AG		 191
192 hdev->discovery.state = DISCOVERY_STOPPED;
bbaf444a
JH		 193 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
194 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
3f0f524b
JH		 195
196 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
197 hdev->adv_data_len = 0;
f8e808bd
MH		 198
199 memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data));
200 hdev->scan_rsp_data_len = 0;
a9de9248 201}
04837f64 202
a9de9248
MH		 203static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
204{
205 __u8 status = *((__u8 *) skb->data);
206 void *sent;
04837f64 207
9f1db00c 208 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 209
a9de9248
MH		 210 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
211 if (!sent)
212 return;
04837f64 213
56e5cb86
JH		 214 hci_dev_lock(hdev);
215
f51d5b24
JH		 216 if (test_bit(HCI_MGMT, &hdev->dev_flags))
217 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 218 else if (!status)
219 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 220
56e5cb86 221 hci_dev_unlock(hdev);
a9de9248
MH		 222}
223
224static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225{
226 struct hci_rp_read_local_name *rp = (void *) skb->data;
227
9f1db00c 228 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 229
230 if (rp->status)
231 return;
232
db99b5fc
JH		 233 if (test_bit(HCI_SETUP, &hdev->dev_flags))
234 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 235}
236
237static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
238{
239 __u8 status = *((__u8 *) skb->data);
240 void *sent;
241
9f1db00c 242 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 243
244 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
245 if (!sent)
246 return;
247
248 if (!status) {
249 __u8 param = *((__u8 *) sent);
250
251 if (param == AUTH_ENABLED)
252 set_bit(HCI_AUTH, &hdev->flags);
253 else
254 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 255 }
a9de9248 256
33ef95ed
JH		 257 if (test_bit(HCI_MGMT, &hdev->dev_flags))
258 mgmt_auth_enable_complete(hdev, status);
1da177e4
LT		 259}
260
a9de9248 261static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 262{
a9de9248 263 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 264 void *sent;
265
9f1db00c 266 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 267
a9de9248
MH		 268 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
269 if (!sent)
270 return;
1da177e4 271
a9de9248
MH		 272 if (!status) {
273 __u8 param = *((__u8 *) sent);
274
275 if (param)
276 set_bit(HCI_ENCRYPT, &hdev->flags);
277 else
278 clear_bit(HCI_ENCRYPT, &hdev->flags);
279 }
a9de9248 280}
1da177e4 281
a9de9248
MH		 282static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283{
36f7fc7e
JH		 284 __u8 param, status = *((__u8 *) skb->data);
285 int old_pscan, old_iscan;
a9de9248 286 void *sent;
1da177e4 287
9f1db00c 288 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 289
a9de9248
MH		 290 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
291 if (!sent)
292 return;
1da177e4 293
36f7fc7e
JH		 294 param = *((__u8 *) sent);
295
56e5cb86
JH		 296 hci_dev_lock(hdev);
297
fa1bd918 298 if (status) {
744cf19e 299 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 300 hdev->discov_timeout = 0;
301 goto done;
302 }
303
0663ca2a
JH		 304 /* We need to ensure that we set this back on if someone changed
305 * the scan mode through a raw HCI socket.
306 */
307 set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
308
36f7fc7e
JH		 309 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
310 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
311
312 if (param & SCAN_INQUIRY) {
313 set_bit(HCI_ISCAN, &hdev->flags);
314 if (!old_iscan)
744cf19e 315 mgmt_discoverable(hdev, 1);
36f7fc7e 316 } else if (old_iscan)
744cf19e 317 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 318
319 if (param & SCAN_PAGE) {
320 set_bit(HCI_PSCAN, &hdev->flags);
321 if (!old_pscan)
744cf19e 322 mgmt_connectable(hdev, 1);
36f7fc7e 323 } else if (old_pscan)
744cf19e 324 mgmt_connectable(hdev, 0);
1da177e4 325
36f7fc7e 326done:
56e5cb86 327 hci_dev_unlock(hdev);
a9de9248 328}
1da177e4 329
a9de9248
MH		 330static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
331{
332 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 333
9f1db00c 334 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 335
a9de9248
MH		 336 if (rp->status)
337 return;
1da177e4 338
a9de9248 339 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 340
a9de9248 341 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 342 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 343}
1da177e4 344
a9de9248
MH		 345static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
346{
347 __u8 status = *((__u8 *) skb->data);
348 void *sent;
1da177e4 349
9f1db00c 350 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 351
a9de9248
MH		 352 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
353 if (!sent)
354 return;
1da177e4 355
7f9a903c
MH		 356 hci_dev_lock(hdev);
357
358 if (status == 0)
359 memcpy(hdev->dev_class, sent, 3);
360
361 if (test_bit(HCI_MGMT, &hdev->dev_flags))
362 mgmt_set_class_of_dev_complete(hdev, sent, status);
363
364 hci_dev_unlock(hdev);
a9de9248 365}
1da177e4 366
a9de9248
MH		 367static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
368{
369 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
370 __u16 setting;
371
9f1db00c 372 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 373
374 if (rp->status)
375 return;
376
377 setting = __le16_to_cpu(rp->voice_setting);
378
f383f275 379 if (hdev->voice_setting == setting)
a9de9248
MH		 380 return;
381
382 hdev->voice_setting = setting;
383
9f1db00c 384 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 385
3c54711c 386 if (hdev->notify)
a9de9248 387 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 388}
389
8fc9ced3
GP		 390static void hci_cc_write_voice_setting(struct hci_dev *hdev,
391 struct sk_buff *skb)
a9de9248
MH		 392{
393 __u8 status = *((__u8 *) skb->data);
f383f275 394 __u16 setting;
a9de9248
MH		 395 void *sent;
396
9f1db00c 397 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 398
f383f275
MH		 399 if (status)
400 return;
401
a9de9248
MH		 402 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
403 if (!sent)
404 return;
1da177e4 405
f383f275 406 setting = get_unaligned_le16(sent);
1da177e4 407
f383f275
MH		 408 if (hdev->voice_setting == setting)
409 return;
410
411 hdev->voice_setting = setting;
1da177e4 412
9f1db00c 413 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 414
3c54711c 415 if (hdev->notify)
f383f275 416 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 417}
418
b4cb9fb2
MH		 419static void hci_cc_read_num_supported_iac(struct hci_dev *hdev,
420 struct sk_buff *skb)
421{
422 struct hci_rp_read_num_supported_iac *rp = (void *) skb->data;
423
424 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
425
426 if (rp->status)
427 return;
428
429 hdev->num_iac = rp->num_iac;
430
431 BT_DBG("%s num iac %d", hdev->name, hdev->num_iac);
432}
433
333140b5
MH		 434static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
435{
436 __u8 status = *((__u8 *) skb->data);
5ed8eb2f 437 struct hci_cp_write_ssp_mode *sent;
333140b5 438
9f1db00c 439 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 440
333140b5
MH		 441 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
442 if (!sent)
443 return;
444
5ed8eb2f
JH		 445 if (!status) {
446 if (sent->mode)
cad718ed 447 hdev->features[1][0] |= LMP_HOST_SSP;
5ed8eb2f 448 else
cad718ed 449 hdev->features[1][0] &= ~LMP_HOST_SSP;
5ed8eb2f
JH		 450 }
451
ed2c4ee3 452 if (test_bit(HCI_MGMT, &hdev->dev_flags))
5ed8eb2f 453 mgmt_ssp_enable_complete(hdev, sent->mode, status);
c0ecddc2 454 else if (!status) {
5ed8eb2f 455 if (sent->mode)
c0ecddc2
JH		 456 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
457 else
458 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
459 }
333140b5
MH		 460}
461
a9de9248
MH		 462static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
463{
464 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 465
9f1db00c 466 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 467
a9de9248 468 if (rp->status)
42c6b129 469 return;
1143e5a6 470
a9de9248 471 hdev->hci_ver = rp->hci_ver;
e4e8e37c 472 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 473 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 474 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 475 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 476
9f1db00c 477 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 478 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 479}
480
8fc9ced3
GP		 481static void hci_cc_read_local_commands(struct hci_dev *hdev,
482 struct sk_buff *skb)
a9de9248
MH		 483{
484 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 485
9f1db00c 486 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 487
2177bab5
JH		 488 if (!rp->status)
489 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
a9de9248 490}
1da177e4 491
8fc9ced3
GP		 492static void hci_cc_read_local_features(struct hci_dev *hdev,
493 struct sk_buff *skb)
a9de9248
MH		 494{
495 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 496
9f1db00c 497 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 498
a9de9248
MH		 499 if (rp->status)
500 return;
5b7f9909 501
a9de9248 502 memcpy(hdev->features, rp->features, 8);
5b7f9909 503
a9de9248
MH		 504 /* Adjust default settings according to features
505 * supported by device. */
1da177e4 506
cad718ed 507 if (hdev->features[0][0] & LMP_3SLOT)
a9de9248 508 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 509
cad718ed 510 if (hdev->features[0][0] & LMP_5SLOT)
a9de9248 511 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 512
cad718ed 513 if (hdev->features[0][1] & LMP_HV2) {
a9de9248
MH		 514 hdev->pkt_type |= (HCI_HV2);
515 hdev->esco_type |= (ESCO_HV2);
516 }
1da177e4 517
cad718ed 518 if (hdev->features[0][1] & LMP_HV3) {
a9de9248
MH		 519 hdev->pkt_type |= (HCI_HV3);
520 hdev->esco_type |= (ESCO_HV3);
521 }
1da177e4 522
45db810f 523 if (lmp_esco_capable(hdev))
a9de9248 524 hdev->esco_type |= (ESCO_EV3);
da1f5198 525
cad718ed 526 if (hdev->features[0][4] & LMP_EV4)
a9de9248 527 hdev->esco_type |= (ESCO_EV4);
da1f5198 528
cad718ed 529 if (hdev->features[0][4] & LMP_EV5)
a9de9248 530 hdev->esco_type |= (ESCO_EV5);
1da177e4 531
cad718ed 532 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
efc7688b
MH		 533 hdev->esco_type |= (ESCO_2EV3);
534
cad718ed 535 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
efc7688b
MH		 536 hdev->esco_type |= (ESCO_3EV3);
537
cad718ed 538 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
efc7688b
MH		 539 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
540
a9de9248 541 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
cad718ed
JH		 542 hdev->features[0][0], hdev->features[0][1],
543 hdev->features[0][2], hdev->features[0][3],
544 hdev->features[0][4], hdev->features[0][5],
545 hdev->features[0][6], hdev->features[0][7]);
a9de9248 546}
1da177e4 547
971e3a4b 548static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 549 struct sk_buff *skb)
971e3a4b
AG		 550{
551 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
552
9f1db00c 553 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 554
555 if (rp->status)
42c6b129 556 return;
971e3a4b 557
d2c5d77f
JH		 558 hdev->max_page = rp->max_page;
559
cad718ed
JH		 560 if (rp->page < HCI_MAX_PAGES)
561 memcpy(hdev->features[rp->page], rp->features, 8);
971e3a4b
AG		 562}
563
1e89cffb 564static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 565 struct sk_buff *skb)
1e89cffb
AE		 566{
567 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
568
9f1db00c 569 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb 570
42c6b129
JH		 571 if (!rp->status)
572 hdev->flow_ctl_mode = rp->mode;
1e89cffb
AE		 573}
574
a9de9248
MH		 575static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
576{
577 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 578
9f1db00c 579 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 580
a9de9248
MH		 581 if (rp->status)
582 return;
1da177e4 583
a9de9248
MH		 584 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
585 hdev->sco_mtu = rp->sco_mtu;
586 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
587 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
588
589 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
590 hdev->sco_mtu = 64;
591 hdev->sco_pkts = 8;
1da177e4 592 }
a9de9248
MH		 593
594 hdev->acl_cnt = hdev->acl_pkts;
595 hdev->sco_cnt = hdev->sco_pkts;
596
807deac2
GP		 597 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
598 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 599}
600
601static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
602{
603 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
604
9f1db00c 605 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 606
607 if (!rp->status)
608 bacpy(&hdev->bdaddr, &rp->bdaddr);
23bb5763
JH		 609}
610
f332ec66
JH		 611static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
612 struct sk_buff *skb)
613{
614 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
615
616 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
617
618 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status) {
619 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
620 hdev->page_scan_window = __le16_to_cpu(rp->window);
621 }
622}
623
4a3ee763
JH		 624static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
625 struct sk_buff *skb)
626{
627 u8 status = *((u8 *) skb->data);
628 struct hci_cp_write_page_scan_activity *sent;
629
630 BT_DBG("%s status 0x%2.2x", hdev->name, status);
631
632 if (status)
633 return;
634
635 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
636 if (!sent)
637 return;
638
639 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
640 hdev->page_scan_window = __le16_to_cpu(sent->window);
641}
642
f332ec66
JH		 643static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
644 struct sk_buff *skb)
645{
646 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
647
648 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
649
650 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status)
651 hdev->page_scan_type = rp->type;
652}
653
4a3ee763
JH		 654static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
655 struct sk_buff *skb)
656{
657 u8 status = *((u8 *) skb->data);
658 u8 *type;
659
660 BT_DBG("%s status 0x%2.2x", hdev->name, status);
661
662 if (status)
663 return;
664
665 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
666 if (type)
667 hdev->page_scan_type = *type;
668}
669
350ee4cf 670static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 671 struct sk_buff *skb)
350ee4cf
AE		 672{
673 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
674
9f1db00c 675 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 676
677 if (rp->status)
678 return;
679
680 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
681 hdev->block_len = __le16_to_cpu(rp->block_len);
682 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
683
684 hdev->block_cnt = hdev->num_blocks;
685
686 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 687 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 688}
689
928abaa7 690static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 691 struct sk_buff *skb)
928abaa7
AE		 692{
693 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
694
9f1db00c 695 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 696
697 if (rp->status)
8e2a0d92 698 goto a2mp_rsp;
928abaa7
AE		 699
700 hdev->amp_status = rp->amp_status;
701 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
702 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
703 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
704 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
705 hdev->amp_type = rp->amp_type;
706 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
707 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
708 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
709 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
710
8e2a0d92
AE		 711a2mp_rsp:
712 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 713}
714
903e4541
AE		 715static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
716 struct sk_buff *skb)
717{
718 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
719 struct amp_assoc *assoc = &hdev->loc_assoc;
720 size_t rem_len, frag_len;
721
722 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
723
724 if (rp->status)
725 goto a2mp_rsp;
726
727 frag_len = skb->len - sizeof(*rp);
728 rem_len = __le16_to_cpu(rp->rem_len);
729
730 if (rem_len > frag_len) {
2e430be3 731 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 732
733 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
734 assoc->offset += frag_len;
735
736 /* Read other fragments */
737 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
738
739 return;
740 }
741
742 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
743 assoc->len = assoc->offset + rem_len;
744 assoc->offset = 0;
745
746a2mp_rsp:
747 /* Send A2MP Rsp when all fragments are received */
748 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 749 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 750}
751
d5859e22 752static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 753 struct sk_buff *skb)
d5859e22 754{
91c4e9b1 755 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 756
9f1db00c 757 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 758
759 if (!rp->status)
760 hdev->inq_tx_power = rp->tx_power;
d5859e22
JH		 761}
762
980e1a53
JH		 763static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
764{
765 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
766 struct hci_cp_pin_code_reply *cp;
767 struct hci_conn *conn;
768
9f1db00c 769 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 770
56e5cb86
JH		 771 hci_dev_lock(hdev);
772
a8b2d5c2 773 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 774 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 775
fa1bd918 776 if (rp->status)
56e5cb86 777 goto unlock;
980e1a53
JH		 778
779 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
780 if (!cp)
56e5cb86 781 goto unlock;
980e1a53
JH		 782
783 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
784 if (conn)
785 conn->pin_length = cp->pin_len;
56e5cb86
JH		 786
787unlock:
788 hci_dev_unlock(hdev);
980e1a53
JH		 789}
790
791static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
792{
793 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
794
9f1db00c 795 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 796
56e5cb86
JH		 797 hci_dev_lock(hdev);
798
a8b2d5c2 799 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 800 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 801 rp->status);
56e5cb86
JH		 802
803 hci_dev_unlock(hdev);
980e1a53 804}
56e5cb86 805
6ed58ec5
VT		 806static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
807 struct sk_buff *skb)
808{
809 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
810
9f1db00c 811 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 812
813 if (rp->status)
814 return;
815
816 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
817 hdev->le_pkts = rp->le_max_pkt;
818
819 hdev->le_cnt = hdev->le_pkts;
820
821 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
6ed58ec5 822}
980e1a53 823
60e77321
JH		 824static void hci_cc_le_read_local_features(struct hci_dev *hdev,
825 struct sk_buff *skb)
826{
827 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
828
829 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
830
831 if (!rp->status)
832 memcpy(hdev->le_features, rp->features, 8);
60e77321
JH		 833}
834
8fa19098
JH		 835static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
836 struct sk_buff *skb)
837{
838 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
839
840 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
841
04b4edcb 842 if (!rp->status)
8fa19098 843 hdev->adv_tx_power = rp->tx_power;
8fa19098
JH		 844}
845
a5c29683
JH		 846static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
847{
848 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
849
9f1db00c 850 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 851
56e5cb86
JH		 852 hci_dev_lock(hdev);
853
a8b2d5c2 854 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 855 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
856 rp->status);
56e5cb86
JH		 857
858 hci_dev_unlock(hdev);
a5c29683
JH		 859}
860
861static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 862 struct sk_buff *skb)
a5c29683
JH		 863{
864 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
865
9f1db00c 866 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 867
56e5cb86
JH		 868 hci_dev_lock(hdev);
869
a8b2d5c2 870 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 871 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 872 ACL_LINK, 0, rp->status);
56e5cb86
JH		 873
874 hci_dev_unlock(hdev);
a5c29683
JH		 875}
876
1143d458
BG		 877static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
878{
879 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
880
9f1db00c 881 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 882
883 hci_dev_lock(hdev);
884
a8b2d5c2 885 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 886 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 887 0, rp->status);
1143d458
BG		 888
889 hci_dev_unlock(hdev);
890}
891
892static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 893 struct sk_buff *skb)
1143d458
BG		 894{
895 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
896
9f1db00c 897 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 898
899 hci_dev_lock(hdev);
900
a8b2d5c2 901 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 902 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 903 ACL_LINK, 0, rp->status);
1143d458
BG		 904
905 hci_dev_unlock(hdev);
906}
907
c35938b2 908static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 909 struct sk_buff *skb)
c35938b2
SJ		 910{
911 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
912
9f1db00c 913 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 914
56e5cb86 915 hci_dev_lock(hdev);
744cf19e 916 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 917 rp->randomizer, rp->status);
56e5cb86 918 hci_dev_unlock(hdev);
c35938b2
SJ		 919}
920
c1d5dc4a
JH		 921static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
922{
923 __u8 *sent, status = *((__u8 *) skb->data);
924
925 BT_DBG("%s status 0x%2.2x", hdev->name, status);
926
927 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
928 if (!sent)
929 return;
930
931 hci_dev_lock(hdev);
932
933 if (!status) {
934 if (*sent)
f3d3444a 935 set_bit(HCI_ADVERTISING, &hdev->dev_flags);
c1d5dc4a 936 else
f3d3444a 937 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
c1d5dc4a
JH		 938 }
939
04b4edcb 940 hci_dev_unlock(hdev);
c1d5dc4a
JH		 941}
942
eb9d91f5 943static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 944 struct sk_buff *skb)
eb9d91f5
AG		 945{
946 struct hci_cp_le_set_scan_enable *cp;
947 __u8 status = *((__u8 *) skb->data);
948
9f1db00c 949 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 950
eb9d91f5
AG		 951 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
952 if (!cp)
953 return;
954
3fd319b8
AG		 955 if (status)
956 return;
957
68a8aea4 958 switch (cp->enable) {
76a388be 959 case LE_SCAN_ENABLE:
d23264a8 960 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 961 break;
962
76a388be 963 case LE_SCAN_DISABLE:
d23264a8 964 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 965 break;
966
967 default:
968 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
969 break;
35815085 970 }
eb9d91f5
AG		 971}
972
cf1d081f
JH		 973static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
974 struct sk_buff *skb)
975{
976 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
977
978 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
979
980 if (!rp->status)
981 hdev->le_white_list_size = rp->size;
cf1d081f
JH		 982}
983
9b008c04
JH		 984static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
985 struct sk_buff *skb)
986{
987 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
988
989 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
990
991 if (!rp->status)
992 memcpy(hdev->le_states, rp->le_states, 8);
9b008c04
JH		 993}
994
6039aa73
GP		 995static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
996 struct sk_buff *skb)
f9b49306 997{
06199cf8 998 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 999 __u8 status = *((__u8 *) skb->data);
1000
9f1db00c 1001 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1002
06199cf8 1003 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1004 if (!sent)
f9b49306
AG		 1005 return;
1006
8f984dfa 1007 if (!status) {
416a4ae5 1008 if (sent->le) {
cad718ed 1009 hdev->features[1][0] |= LMP_HOST_LE;
416a4ae5
JH		 1010 set_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1011 } else {
cad718ed 1012 hdev->features[1][0] &= ~LMP_HOST_LE;
416a4ae5 1013 clear_bit(HCI_LE_ENABLED, &hdev->dev_flags);
f3d3444a 1014 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
416a4ae5 1015 }
53b2caab
JH		 1016
1017 if (sent->simul)
cad718ed 1018 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
53b2caab 1019 else
cad718ed 1020 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
8f984dfa 1021 }
f9b49306
AG		 1022}
1023
93c284ee
AE		 1024static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1025 struct sk_buff *skb)
1026{
1027 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1028
1029 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1030 hdev->name, rp->status, rp->phy_handle);
1031
1032 if (rp->status)
1033 return;
1034
1035 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1036}
1037
6039aa73 1038static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1039{
9f1db00c 1040 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1041
1042 if (status) {
a9de9248 1043 hci_conn_check_pending(hdev);
314b2381
JH		 1044 return;
1045 }
1046
89352e7d 1047 set_bit(HCI_INQUIRY, &hdev->flags);
1da177e4
LT		 1048}
1049
6039aa73 1050static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1051{
a9de9248 1052 struct hci_cp_create_conn *cp;
1da177e4 1053 struct hci_conn *conn;
1da177e4 1054
9f1db00c 1055 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1056
1057 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1058 if (!cp)
1059 return;
1060
1061 hci_dev_lock(hdev);
1062
1063 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1064
6ed93dc6 1065 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1066
1067 if (status) {
1068 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1069 if (status != 0x0c || conn->attempt > 2) {
1070 conn->state = BT_CLOSED;
1071 hci_proto_connect_cfm(conn, status);
1072 hci_conn_del(conn);
1073 } else
1074 conn->state = BT_CONNECT2;
1da177e4
LT		 1075 }
1076 } else {
1077 if (!conn) {
1078 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1079 if (conn) {
a0c808b3 1080 conn->out = true;
1da177e4
LT		 1081 conn->link_mode |= HCI_LM_MASTER;
1082 } else
893ef971 1083 BT_ERR("No memory for new connection");
1da177e4
LT		 1084 }
1085 }
1086
1087 hci_dev_unlock(hdev);
1088}
1089
a9de9248 1090static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1091{
a9de9248
MH		 1092 struct hci_cp_add_sco *cp;
1093 struct hci_conn *acl, *sco;
1094 __u16 handle;
1da177e4 1095
9f1db00c 1096 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1097
a9de9248
MH		 1098 if (!status)
1099 return;
1da177e4 1100
a9de9248
MH		 1101 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1102 if (!cp)
1103 return;
1da177e4 1104
a9de9248 1105 handle = __le16_to_cpu(cp->handle);
1da177e4 1106
9f1db00c 1107 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1108
a9de9248 1109 hci_dev_lock(hdev);
1da177e4 1110
a9de9248 1111 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1112 if (acl) {
1113 sco = acl->link;
1114 if (sco) {
1115 sco->state = BT_CLOSED;
1da177e4 1116
5a08ecce
AE		 1117 hci_proto_connect_cfm(sco, status);
1118 hci_conn_del(sco);
1119 }
a9de9248 1120 }
1da177e4 1121
a9de9248
MH		 1122 hci_dev_unlock(hdev);
1123}
1da177e4 1124
f8558555
MH		 1125static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1126{
1127 struct hci_cp_auth_requested *cp;
1128 struct hci_conn *conn;
1129
9f1db00c 1130 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1131
1132 if (!status)
1133 return;
1134
1135 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1136 if (!cp)
1137 return;
1138
1139 hci_dev_lock(hdev);
1140
1141 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1142 if (conn) {
1143 if (conn->state == BT_CONFIG) {
1144 hci_proto_connect_cfm(conn, status);
76a68ba0 1145 hci_conn_drop(conn);
f8558555
MH		 1146 }
1147 }
1148
1149 hci_dev_unlock(hdev);
1150}
1151
1152static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1153{
1154 struct hci_cp_set_conn_encrypt *cp;
1155 struct hci_conn *conn;
1156
9f1db00c 1157 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1158
1159 if (!status)
1160 return;
1161
1162 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1163 if (!cp)
1164 return;
1165
1166 hci_dev_lock(hdev);
1167
1168 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1169 if (conn) {
1170 if (conn->state == BT_CONFIG) {
1171 hci_proto_connect_cfm(conn, status);
76a68ba0 1172 hci_conn_drop(conn);
f8558555
MH		 1173 }
1174 }
1175
1176 hci_dev_unlock(hdev);
1177}
1178
127178d2 1179static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1180 struct hci_conn *conn)
392599b9 1181{
392599b9
JH		 1182 if (conn->state != BT_CONFIG || !conn->out)
1183 return 0;
1184
765c2a96 1185 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1186 return 0;
1187
1188 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1189 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1190 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1191 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1192 return 0;
1193
392599b9
JH		 1194 return 1;
1195}
1196
6039aa73 1197static int hci_resolve_name(struct hci_dev *hdev,
04124681 1198 struct inquiry_entry *e)
30dc78e1
JH		 1199{
1200 struct hci_cp_remote_name_req cp;
1201
1202 memset(&cp, 0, sizeof(cp));
1203
1204 bacpy(&cp.bdaddr, &e->data.bdaddr);
1205 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1206 cp.pscan_mode = e->data.pscan_mode;
1207 cp.clock_offset = e->data.clock_offset;
1208
1209 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1210}
1211
b644ba33 1212static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1213{
1214 struct discovery_state *discov = &hdev->discovery;
1215 struct inquiry_entry *e;
1216
b644ba33
JH		 1217 if (list_empty(&discov->resolve))
1218 return false;
1219
1220 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1221 if (!e)
1222 return false;
1223
b644ba33
JH		 1224 if (hci_resolve_name(hdev, e) == 0) {
1225 e->name_state = NAME_PENDING;
1226 return true;
1227 }
1228
1229 return false;
1230}
1231
1232static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1233 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1234{
1235 struct discovery_state *discov = &hdev->discovery;
1236 struct inquiry_entry *e;
1237
1238 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1239 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1240 name_len, conn->dev_class);
b644ba33
JH		 1241
1242 if (discov->state == DISCOVERY_STOPPED)
1243 return;
1244
30dc78e1
JH		 1245 if (discov->state == DISCOVERY_STOPPING)
1246 goto discov_complete;
1247
1248 if (discov->state != DISCOVERY_RESOLVING)
1249 return;
1250
1251 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1252 /* If the device was not found in a list of found devices names of which
1253 * are pending. there is no need to continue resolving a next name as it
1254 * will be done upon receiving another Remote Name Request Complete
1255 * Event */
1256 if (!e)
1257 return;
1258
1259 list_del(&e->list);
1260 if (name) {
30dc78e1 1261 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1262 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1263 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1264 } else {
1265 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1266 }
1267
b644ba33 1268 if (hci_resolve_next_name(hdev))
30dc78e1 1269 return;
30dc78e1
JH		 1270
1271discov_complete:
1272 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1273}
1274
a9de9248
MH		 1275static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1276{
127178d2
JH		 1277 struct hci_cp_remote_name_req *cp;
1278 struct hci_conn *conn;
1279
9f1db00c 1280 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1281
1282 /* If successful wait for the name req complete event before
1283 * checking for the need to do authentication */
1284 if (!status)
1285 return;
1286
1287 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1288 if (!cp)
1289 return;
1290
1291 hci_dev_lock(hdev);
1292
b644ba33
JH		 1293 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1294
a8b2d5c2 1295 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1296 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1297
79c6c70c
JH		 1298 if (!conn)
1299 goto unlock;
1300
1301 if (!hci_outgoing_auth_needed(hdev, conn))
1302 goto unlock;
1303
51a8efd7 1304 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
c1f23a2b
JB		 1305 struct hci_cp_auth_requested auth_cp;
1306
1307 auth_cp.handle = __cpu_to_le16(conn->handle);
1308 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
1309 sizeof(auth_cp), &auth_cp);
127178d2
JH		 1310 }
1311
79c6c70c 1312unlock:
127178d2 1313 hci_dev_unlock(hdev);
a9de9248 1314}
1da177e4 1315
769be974
MH		 1316static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1317{
1318 struct hci_cp_read_remote_features *cp;
1319 struct hci_conn *conn;
1320
9f1db00c 1321 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1322
1323 if (!status)
1324 return;
1325
1326 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1327 if (!cp)
1328 return;
1329
1330 hci_dev_lock(hdev);
1331
1332 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1333 if (conn) {
1334 if (conn->state == BT_CONFIG) {
769be974 1335 hci_proto_connect_cfm(conn, status);
76a68ba0 1336 hci_conn_drop(conn);
769be974
MH		 1337 }
1338 }
1339
1340 hci_dev_unlock(hdev);
1341}
1342
1343static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1344{
1345 struct hci_cp_read_remote_ext_features *cp;
1346 struct hci_conn *conn;
1347
9f1db00c 1348 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1349
1350 if (!status)
1351 return;
1352
1353 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1354 if (!cp)
1355 return;
1356
1357 hci_dev_lock(hdev);
1358
1359 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1360 if (conn) {
1361 if (conn->state == BT_CONFIG) {
769be974 1362 hci_proto_connect_cfm(conn, status);
76a68ba0 1363 hci_conn_drop(conn);
769be974
MH		 1364 }
1365 }
1366
1367 hci_dev_unlock(hdev);
1368}
1369
a9de9248
MH		 1370static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1371{
b6a0dc82
MH		 1372 struct hci_cp_setup_sync_conn *cp;
1373 struct hci_conn *acl, *sco;
1374 __u16 handle;
1375
9f1db00c 1376 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1377
1378 if (!status)
1379 return;
1380
1381 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1382 if (!cp)
1383 return;
1384
1385 handle = __le16_to_cpu(cp->handle);
1386
9f1db00c 1387 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1388
1389 hci_dev_lock(hdev);
1390
1391 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1392 if (acl) {
1393 sco = acl->link;
1394 if (sco) {
1395 sco->state = BT_CLOSED;
b6a0dc82 1396
5a08ecce
AE		 1397 hci_proto_connect_cfm(sco, status);
1398 hci_conn_del(sco);
1399 }
b6a0dc82
MH		 1400 }
1401
1402 hci_dev_unlock(hdev);
1da177e4
LT		 1403}
1404
a9de9248 1405static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1406{
a9de9248
MH		 1407 struct hci_cp_sniff_mode *cp;
1408 struct hci_conn *conn;
1da177e4 1409
9f1db00c 1410 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1411
a9de9248
MH		 1412 if (!status)
1413 return;
04837f64 1414
a9de9248
MH		 1415 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1416 if (!cp)
1417 return;
04837f64 1418
a9de9248 1419 hci_dev_lock(hdev);
04837f64 1420
a9de9248 1421 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1422 if (conn) {
51a8efd7 1423 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1424
51a8efd7 1425 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1426 hci_sco_setup(conn, status);
1427 }
1428
a9de9248
MH		 1429 hci_dev_unlock(hdev);
1430}
04837f64 1431
a9de9248
MH		 1432static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1433{
1434 struct hci_cp_exit_sniff_mode *cp;
1435 struct hci_conn *conn;
04837f64 1436
9f1db00c 1437 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1438
a9de9248
MH		 1439 if (!status)
1440 return;
04837f64 1441
a9de9248
MH		 1442 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1443 if (!cp)
1444 return;
04837f64 1445
a9de9248 1446 hci_dev_lock(hdev);
1da177e4 1447
a9de9248 1448 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1449 if (conn) {
51a8efd7 1450 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1451
51a8efd7 1452 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1453 hci_sco_setup(conn, status);
1454 }
1455
a9de9248 1456 hci_dev_unlock(hdev);
1da177e4
LT		 1457}
1458
88c3df13
JH		 1459static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1460{
1461 struct hci_cp_disconnect *cp;
1462 struct hci_conn *conn;
1463
1464 if (!status)
1465 return;
1466
1467 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1468 if (!cp)
1469 return;
1470
1471 hci_dev_lock(hdev);
1472
1473 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1474 if (conn)
1475 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1476 conn->dst_type, status);
88c3df13
JH		 1477
1478 hci_dev_unlock(hdev);
1479}
1480
a02226d6
AE		 1481static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1482{
93c284ee
AE		 1483 struct hci_cp_create_phy_link *cp;
1484
a02226d6 1485 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee 1486
93c284ee
AE		 1487 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1488 if (!cp)
1489 return;
1490
e58917b9
AE		 1491 hci_dev_lock(hdev);
1492
1493 if (status) {
1494 struct hci_conn *hcon;
1495
1496 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1497 if (hcon)
1498 hci_conn_del(hcon);
1499 } else {
1500 amp_write_remote_assoc(hdev, cp->phy_handle);
1501 }
1502
1503 hci_dev_unlock(hdev);
a02226d6
AE		 1504}
1505
0b26ab9d
AE		 1506static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1507{
1508 struct hci_cp_accept_phy_link *cp;
1509
1510 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1511
1512 if (status)
1513 return;
1514
1515 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1516 if (!cp)
1517 return;
1518
1519 amp_write_remote_assoc(hdev, cp->phy_handle);
1520}
1521
6039aa73 1522static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1523{
1524 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1525 struct discovery_state *discov = &hdev->discovery;
1526 struct inquiry_entry *e;
1da177e4 1527
9f1db00c 1528 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1529
a9de9248 1530 hci_conn_check_pending(hdev);
89352e7d
AG		 1531
1532 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1533 return;
1534
3e13fa1e
AG		 1535 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
1536 wake_up_bit(&hdev->flags, HCI_INQUIRY);
1537
a8b2d5c2 1538 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1539 return;
1540
56e5cb86 1541 hci_dev_lock(hdev);
30dc78e1 1542
343f935b 1543 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1544 goto unlock;
1545
1546 if (list_empty(&discov->resolve)) {
1547 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1548 goto unlock;
1549 }
1550
1551 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1552 if (e && hci_resolve_name(hdev, e) == 0) {
1553 e->name_state = NAME_PENDING;
1554 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1555 } else {
1556 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1557 }
1558
1559unlock:
56e5cb86 1560 hci_dev_unlock(hdev);
1da177e4
LT		 1561}
1562
6039aa73 1563static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1564{
45bb4bf0 1565 struct inquiry_data data;
a9de9248 1566 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1567 int num_rsp = *((__u8 *) skb->data);
1568
1569 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1570
45bb4bf0
MH		 1571 if (!num_rsp)
1572 return;
1573
1519cc17
AG		 1574 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1575 return;
1576
1da177e4 1577 hci_dev_lock(hdev);
45bb4bf0 1578
e17acd40 1579 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1580 bool name_known, ssp;
3175405b 1581
1da177e4
LT		 1582 bacpy(&data.bdaddr, &info->bdaddr);
1583 data.pscan_rep_mode = info->pscan_rep_mode;
1584 data.pscan_period_mode = info->pscan_period_mode;
1585 data.pscan_mode = info->pscan_mode;
1586 memcpy(data.dev_class, info->dev_class, 3);
1587 data.clock_offset = info->clock_offset;
1588 data.rssi = 0x00;
41a96212 1589 data.ssp_mode = 0x00;
3175405b 1590
388fc8fa 1591 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1592 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1593 info->dev_class, 0, !name_known, ssp, NULL,
1594 0);
1da177e4 1595 }
45bb4bf0 1596
1da177e4
LT		 1597 hci_dev_unlock(hdev);
1598}
1599
6039aa73 1600static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1601{
a9de9248
MH		 1602 struct hci_ev_conn_complete *ev = (void *) skb->data;
1603 struct hci_conn *conn;
1da177e4
LT		 1604
1605 BT_DBG("%s", hdev->name);
1606
1607 hci_dev_lock(hdev);
1608
1609 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1610 if (!conn) {
1611 if (ev->link_type != SCO_LINK)
1612 goto unlock;
1613
1614 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1615 if (!conn)
1616 goto unlock;
1617
1618 conn->type = SCO_LINK;
1619 }
1da177e4
LT		 1620
1621 if (!ev->status) {
1622 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1623
1624 if (conn->type == ACL_LINK) {
1625 conn->state = BT_CONFIG;
1626 hci_conn_hold(conn);
a9ea3ed9
SJ		 1627
1628 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1629 !hci_find_link_key(hdev, &ev->bdaddr))
1630 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1631 else
1632 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1633 } else
1634 conn->state = BT_CONNECTED;
1da177e4 1635
7d0db0a3
MH		 1636 hci_conn_add_sysfs(conn);
1637
1da177e4
LT		 1638 if (test_bit(HCI_AUTH, &hdev->flags))
1639 conn->link_mode |= HCI_LM_AUTH;
1640
1641 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1642 conn->link_mode |= HCI_LM_ENCRYPT;
1643
04837f64
MH		 1644 /* Get remote features */
1645 if (conn->type == ACL_LINK) {
1646 struct hci_cp_read_remote_features cp;
1647 cp.handle = ev->handle;
769be974 1648 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1649 sizeof(cp), &cp);
04837f64
MH		 1650 }
1651
1da177e4 1652 /* Set packet type for incoming connection */
d095c1eb 1653 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1654 struct hci_cp_change_conn_ptype cp;
1655 cp.handle = ev->handle;
a8746417 1656 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1657 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1658 &cp);
1da177e4 1659 }
17d5c04c 1660 } else {
1da177e4 1661 conn->state = BT_CLOSED;
17d5c04c 1662 if (conn->type == ACL_LINK)
744cf19e 1663 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1664 conn->dst_type, ev->status);
17d5c04c 1665 }
1da177e4 1666
e73439d8
MH		 1667 if (conn->type == ACL_LINK)
1668 hci_sco_setup(conn, ev->status);
1da177e4 1669
769be974
MH		 1670 if (ev->status) {
1671 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1672 hci_conn_del(conn);
c89b6e6b
MH		 1673 } else if (ev->link_type != ACL_LINK)
1674 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1675
a9de9248 1676unlock:
1da177e4 1677 hci_dev_unlock(hdev);
1da177e4 1678
a9de9248 1679 hci_conn_check_pending(hdev);
1da177e4
LT		 1680}
1681
6039aa73 1682static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1683{
a9de9248
MH		 1684 struct hci_ev_conn_request *ev = (void *) skb->data;
1685 int mask = hdev->link_mode;
20714bfe 1686 __u8 flags = 0;
1da177e4 1687
6ed93dc6 1688 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1689 ev->link_type);
1da177e4 1690
20714bfe
FD		 1691 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
1692 &flags);
1da177e4 1693
138d22ef 1694 if ((mask & HCI_LM_ACCEPT) &&
b9ee0a78 1695 !hci_blacklist_lookup(hdev, &ev->bdaddr, BDADDR_BREDR)) {
a9de9248 1696 /* Connection accepted */
c7bdd502 1697 struct inquiry_entry *ie;
1da177e4 1698 struct hci_conn *conn;
1da177e4 1699
a9de9248 1700 hci_dev_lock(hdev);
b6a0dc82 1701
cc11b9c1
AE		 1702 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1703 if (ie)
c7bdd502
MH		 1704 memcpy(ie->data.dev_class, ev->dev_class, 3);
1705
8fc9ced3
GP		 1706 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1707 &ev->bdaddr);
a9de9248 1708 if (!conn) {
cc11b9c1
AE		 1709 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1710 if (!conn) {
893ef971 1711 BT_ERR("No memory for new connection");
a9de9248
MH		 1712 hci_dev_unlock(hdev);
1713 return;
1da177e4
LT		 1714 }
1715 }
b6a0dc82 1716
a9de9248 1717 memcpy(conn->dev_class, ev->dev_class, 3);
b6a0dc82 1718
a9de9248 1719 hci_dev_unlock(hdev);
1da177e4 1720
20714bfe
FD		 1721 if (ev->link_type == ACL_LINK ||
1722 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
b6a0dc82 1723 struct hci_cp_accept_conn_req cp;
20714bfe 1724 conn->state = BT_CONNECT;
1da177e4 1725
b6a0dc82
MH		 1726 bacpy(&cp.bdaddr, &ev->bdaddr);
1727
1728 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1729 cp.role = 0x00; /* Become master */
1730 else
1731 cp.role = 0x01; /* Remain slave */
1732
04124681
GP		 1733 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1734 &cp);
20714bfe 1735 } else if (!(flags & HCI_PROTO_DEFER)) {
b6a0dc82 1736 struct hci_cp_accept_sync_conn_req cp;
20714bfe 1737 conn->state = BT_CONNECT;
b6a0dc82
MH		 1738
1739 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1740 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1741
82781e63
AE		 1742 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1743 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1744 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1745 cp.content_format = cpu_to_le16(hdev->voice_setting);
1746 cp.retrans_effort = 0xff;
1da177e4 1747
b6a0dc82 1748 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1749 sizeof(cp), &cp);
20714bfe
FD		 1750 } else {
1751 conn->state = BT_CONNECT2;
1752 hci_proto_connect_cfm(conn, 0);
b6a0dc82 1753 }
a9de9248
MH		 1754 } else {
1755 /* Connection rejected */
1756 struct hci_cp_reject_conn_req cp;
1da177e4 1757
a9de9248 1758 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1759 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1760 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1761 }
1da177e4
LT		 1762}
1763
f0d6a0ea
MA		 1764static u8 hci_to_mgmt_reason(u8 err)
1765{
1766 switch (err) {
1767 case HCI_ERROR_CONNECTION_TIMEOUT:
1768 return MGMT_DEV_DISCONN_TIMEOUT;
1769 case HCI_ERROR_REMOTE_USER_TERM:
1770 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1771 case HCI_ERROR_REMOTE_POWER_OFF:
1772 return MGMT_DEV_DISCONN_REMOTE;
1773 case HCI_ERROR_LOCAL_HOST_TERM:
1774 return MGMT_DEV_DISCONN_LOCAL_HOST;
1775 default:
1776 return MGMT_DEV_DISCONN_UNKNOWN;
1777 }
1778}
1779
6039aa73 1780static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1781{
a9de9248 1782 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1783 struct hci_conn *conn;
1784
9f1db00c 1785 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1786
1787 hci_dev_lock(hdev);
1788
1789 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1790 if (!conn)
1791 goto unlock;
7d0db0a3 1792
37d9ef76
JH		 1793 if (ev->status == 0)
1794 conn->state = BT_CLOSED;
04837f64 1795
b644ba33 1796 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 1797 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 1798 if (ev->status) {
88c3df13 1799 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 1800 conn->dst_type, ev->status);
f0d6a0ea
MA		 1801 } else {
1802 u8 reason = hci_to_mgmt_reason(ev->reason);
1803
afc747a6 1804 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 1805 conn->dst_type, reason);
1806 }
37d9ef76 1807 }
f7520543 1808
37d9ef76 1809 if (ev->status == 0) {
2210246c
JH		 1810 u8 type = conn->type;
1811
1812 if (type == ACL_LINK && conn->flush_key)
6ec5bcad 1813 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 1814 hci_proto_disconn_cfm(conn, ev->reason);
1815 hci_conn_del(conn);
2210246c
JH		 1816
1817 /* Re-enable advertising if necessary, since it might
1818 * have been disabled by the connection. From the
1819 * HCI_LE_Set_Advertise_Enable command description in
1820 * the core specification (v4.0):
1821 * "The Controller shall continue advertising until the Host
1822 * issues an LE_Set_Advertise_Enable command with
1823 * Advertising_Enable set to 0x00 (Advertising is disabled)
1824 * or until a connection is created or until the Advertising
1825 * is timed out due to Directed Advertising."
1826 */
1827 if (type == LE_LINK)
5976e608 1828 mgmt_reenable_advertising(hdev);
37d9ef76 1829 }
f7520543
JH		 1830
1831unlock:
04837f64
MH		 1832 hci_dev_unlock(hdev);
1833}
1834
6039aa73 1835static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1836{
a9de9248 1837 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1838 struct hci_conn *conn;
1da177e4 1839
9f1db00c 1840 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1841
1842 hci_dev_lock(hdev);
1843
04837f64 1844 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1845 if (!conn)
1846 goto unlock;
1847
1848 if (!ev->status) {
aa64a8b5 1849 if (!hci_conn_ssp_enabled(conn) &&
807deac2 1850 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1851 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1852 } else {
d7556e20
WR		 1853 conn->link_mode |= HCI_LM_AUTH;
1854 conn->sec_level = conn->pending_sec_level;
2a611692 1855 }
d7556e20 1856 } else {
bab73cb6 1857 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 1858 ev->status);
d7556e20 1859 }
1da177e4 1860
51a8efd7
JH		 1861 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1862 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1863
d7556e20 1864 if (conn->state == BT_CONFIG) {
aa64a8b5 1865 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1866 struct hci_cp_set_conn_encrypt cp;
1867 cp.handle = ev->handle;
1868 cp.encrypt = 0x01;
1869 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1870 &cp);
052b30b0 1871 } else {
d7556e20
WR		 1872 conn->state = BT_CONNECTED;
1873 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1874 hci_conn_drop(conn);
052b30b0 1875 }
d7556e20
WR		 1876 } else {
1877 hci_auth_cfm(conn, ev->status);
052b30b0 1878
d7556e20
WR		 1879 hci_conn_hold(conn);
1880 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 1881 hci_conn_drop(conn);
d7556e20
WR		 1882 }
1883
51a8efd7 1884 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1885 if (!ev->status) {
1886 struct hci_cp_set_conn_encrypt cp;
1887 cp.handle = ev->handle;
1888 cp.encrypt = 0x01;
1889 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1890 &cp);
d7556e20 1891 } else {
51a8efd7 1892 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1893 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1894 }
1895 }
1896
d7556e20 1897unlock:
1da177e4
LT		 1898 hci_dev_unlock(hdev);
1899}
1900
6039aa73 1901static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1902{
127178d2
JH		 1903 struct hci_ev_remote_name *ev = (void *) skb->data;
1904 struct hci_conn *conn;
1905
a9de9248 1906 BT_DBG("%s", hdev->name);
1da177e4 1907
a9de9248 1908 hci_conn_check_pending(hdev);
127178d2
JH		 1909
1910 hci_dev_lock(hdev);
1911
b644ba33 1912 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1913
b644ba33
JH		 1914 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1915 goto check_auth;
a88a9652 1916
b644ba33
JH		 1917 if (ev->status == 0)
1918 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 1919 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 1920 else
1921 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1922
1923check_auth:
79c6c70c
JH		 1924 if (!conn)
1925 goto unlock;
1926
1927 if (!hci_outgoing_auth_needed(hdev, conn))
1928 goto unlock;
1929
51a8efd7 1930 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1931 struct hci_cp_auth_requested cp;
1932 cp.handle = __cpu_to_le16(conn->handle);
1933 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1934 }
1935
79c6c70c 1936unlock:
127178d2 1937 hci_dev_unlock(hdev);
a9de9248
MH		 1938}
1939
6039aa73 1940static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 1941{
1942 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1943 struct hci_conn *conn;
1944
9f1db00c 1945 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1946
1947 hci_dev_lock(hdev);
1948
04837f64 1949 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1950 if (conn) {
1951 if (!ev->status) {
ae293196
MH		 1952 if (ev->encrypt) {
1953 /* Encryption implies authentication */
1954 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1955 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 1956 conn->sec_level = conn->pending_sec_level;
ae293196 1957 } else
1da177e4
LT		 1958 conn->link_mode &= ~HCI_LM_ENCRYPT;
1959 }
1960
51a8efd7 1961 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 1962
a7d7723a 1963 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 1964 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 1965 hci_conn_drop(conn);
a7d7723a
GP		 1966 goto unlock;
1967 }
1968
f8558555
MH		 1969 if (conn->state == BT_CONFIG) {
1970 if (!ev->status)
1971 conn->state = BT_CONNECTED;
1972
1973 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1974 hci_conn_drop(conn);
f8558555
MH		 1975 } else
1976 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1977 }
1978
a7d7723a 1979unlock:
1da177e4
LT		 1980 hci_dev_unlock(hdev);
1981}
1982
6039aa73
GP		 1983static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
1984 struct sk_buff *skb)
1da177e4 1985{
a9de9248 1986 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1987 struct hci_conn *conn;
1da177e4 1988
9f1db00c 1989 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1990
1991 hci_dev_lock(hdev);
1992
04837f64 1993 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1994 if (conn) {
1995 if (!ev->status)
1996 conn->link_mode |= HCI_LM_SECURE;
1997
51a8efd7 1998 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 1999
2000 hci_key_change_cfm(conn, ev->status);
2001 }
2002
2003 hci_dev_unlock(hdev);
2004}
2005
6039aa73
GP		 2006static void hci_remote_features_evt(struct hci_dev *hdev,
2007 struct sk_buff *skb)
1da177e4 2008{
a9de9248
MH		 2009 struct hci_ev_remote_features *ev = (void *) skb->data;
2010 struct hci_conn *conn;
2011
9f1db00c 2012 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2013
a9de9248
MH		 2014 hci_dev_lock(hdev);
2015
2016 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2017 if (!conn)
2018 goto unlock;
769be974 2019
ccd556fe 2020 if (!ev->status)
cad718ed 2021 memcpy(conn->features[0], ev->features, 8);
ccd556fe
JH		 2022
2023 if (conn->state != BT_CONFIG)
2024 goto unlock;
2025
2026 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2027 struct hci_cp_read_remote_ext_features cp;
2028 cp.handle = ev->handle;
2029 cp.page = 0x01;
2030 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2031 sizeof(cp), &cp);
392599b9
JH		 2032 goto unlock;
2033 }
2034
671267bf 2035 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2036 struct hci_cp_remote_name_req cp;
2037 memset(&cp, 0, sizeof(cp));
2038 bacpy(&cp.bdaddr, &conn->dst);
2039 cp.pscan_rep_mode = 0x02;
2040 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2041 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2042 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2043 conn->dst_type, 0, NULL, 0,
2044 conn->dev_class);
392599b9 2045
127178d2 2046 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2047 conn->state = BT_CONNECTED;
2048 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2049 hci_conn_drop(conn);
769be974 2050 }
a9de9248 2051
ccd556fe 2052unlock:
a9de9248 2053 hci_dev_unlock(hdev);
1da177e4
LT		 2054}
2055
6039aa73 2056static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2057{
2058 struct hci_ev_cmd_complete *ev = (void *) skb->data;
9238f36a 2059 u8 status = skb->data[sizeof(*ev)];
a9de9248
MH		 2060 __u16 opcode;
2061
2062 skb_pull(skb, sizeof(*ev));
2063
2064 opcode = __le16_to_cpu(ev->opcode);
2065
2066 switch (opcode) {
2067 case HCI_OP_INQUIRY_CANCEL:
2068 hci_cc_inquiry_cancel(hdev, skb);
2069 break;
2070
4d93483b
AG		 2071 case HCI_OP_PERIODIC_INQ:
2072 hci_cc_periodic_inq(hdev, skb);
2073 break;
2074
a9de9248
MH		 2075 case HCI_OP_EXIT_PERIODIC_INQ:
2076 hci_cc_exit_periodic_inq(hdev, skb);
2077 break;
2078
2079 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2080 hci_cc_remote_name_req_cancel(hdev, skb);
2081 break;
2082
2083 case HCI_OP_ROLE_DISCOVERY:
2084 hci_cc_role_discovery(hdev, skb);
2085 break;
2086
e4e8e37c
MH		 2087 case HCI_OP_READ_LINK_POLICY:
2088 hci_cc_read_link_policy(hdev, skb);
2089 break;
2090
a9de9248
MH		 2091 case HCI_OP_WRITE_LINK_POLICY:
2092 hci_cc_write_link_policy(hdev, skb);
2093 break;
2094
e4e8e37c
MH		 2095 case HCI_OP_READ_DEF_LINK_POLICY:
2096 hci_cc_read_def_link_policy(hdev, skb);
2097 break;
2098
2099 case HCI_OP_WRITE_DEF_LINK_POLICY:
2100 hci_cc_write_def_link_policy(hdev, skb);
2101 break;
2102
a9de9248
MH		 2103 case HCI_OP_RESET:
2104 hci_cc_reset(hdev, skb);
2105 break;
2106
2107 case HCI_OP_WRITE_LOCAL_NAME:
2108 hci_cc_write_local_name(hdev, skb);
2109 break;
2110
2111 case HCI_OP_READ_LOCAL_NAME:
2112 hci_cc_read_local_name(hdev, skb);
2113 break;
2114
2115 case HCI_OP_WRITE_AUTH_ENABLE:
2116 hci_cc_write_auth_enable(hdev, skb);
2117 break;
2118
2119 case HCI_OP_WRITE_ENCRYPT_MODE:
2120 hci_cc_write_encrypt_mode(hdev, skb);
2121 break;
2122
2123 case HCI_OP_WRITE_SCAN_ENABLE:
2124 hci_cc_write_scan_enable(hdev, skb);
2125 break;
2126
2127 case HCI_OP_READ_CLASS_OF_DEV:
2128 hci_cc_read_class_of_dev(hdev, skb);
2129 break;
2130
2131 case HCI_OP_WRITE_CLASS_OF_DEV:
2132 hci_cc_write_class_of_dev(hdev, skb);
2133 break;
2134
2135 case HCI_OP_READ_VOICE_SETTING:
2136 hci_cc_read_voice_setting(hdev, skb);
2137 break;
2138
2139 case HCI_OP_WRITE_VOICE_SETTING:
2140 hci_cc_write_voice_setting(hdev, skb);
2141 break;
2142
b4cb9fb2
MH		 2143 case HCI_OP_READ_NUM_SUPPORTED_IAC:
2144 hci_cc_read_num_supported_iac(hdev, skb);
2145 break;
2146
333140b5
MH		 2147 case HCI_OP_WRITE_SSP_MODE:
2148 hci_cc_write_ssp_mode(hdev, skb);
2149 break;
2150
a9de9248
MH		 2151 case HCI_OP_READ_LOCAL_VERSION:
2152 hci_cc_read_local_version(hdev, skb);
2153 break;
2154
2155 case HCI_OP_READ_LOCAL_COMMANDS:
2156 hci_cc_read_local_commands(hdev, skb);
2157 break;
2158
2159 case HCI_OP_READ_LOCAL_FEATURES:
2160 hci_cc_read_local_features(hdev, skb);
2161 break;
2162
971e3a4b
AG		 2163 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2164 hci_cc_read_local_ext_features(hdev, skb);
2165 break;
2166
a9de9248
MH		 2167 case HCI_OP_READ_BUFFER_SIZE:
2168 hci_cc_read_buffer_size(hdev, skb);
2169 break;
2170
2171 case HCI_OP_READ_BD_ADDR:
2172 hci_cc_read_bd_addr(hdev, skb);
2173 break;
2174
f332ec66
JH		 2175 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
2176 hci_cc_read_page_scan_activity(hdev, skb);
2177 break;
2178
4a3ee763
JH		 2179 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
2180 hci_cc_write_page_scan_activity(hdev, skb);
2181 break;
2182
f332ec66
JH		 2183 case HCI_OP_READ_PAGE_SCAN_TYPE:
2184 hci_cc_read_page_scan_type(hdev, skb);
2185 break;
2186
4a3ee763
JH		 2187 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
2188 hci_cc_write_page_scan_type(hdev, skb);
2189 break;
2190
350ee4cf
AE		 2191 case HCI_OP_READ_DATA_BLOCK_SIZE:
2192 hci_cc_read_data_block_size(hdev, skb);
2193 break;
2194
1e89cffb
AE		 2195 case HCI_OP_READ_FLOW_CONTROL_MODE:
2196 hci_cc_read_flow_control_mode(hdev, skb);
2197 break;
2198
928abaa7
AE		 2199 case HCI_OP_READ_LOCAL_AMP_INFO:
2200 hci_cc_read_local_amp_info(hdev, skb);
2201 break;
2202
903e4541
AE		 2203 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2204 hci_cc_read_local_amp_assoc(hdev, skb);
2205 break;
2206
d5859e22
JH		 2207 case HCI_OP_READ_INQ_RSP_TX_POWER:
2208 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2209 break;
2210
980e1a53
JH		 2211 case HCI_OP_PIN_CODE_REPLY:
2212 hci_cc_pin_code_reply(hdev, skb);
2213 break;
2214
2215 case HCI_OP_PIN_CODE_NEG_REPLY:
2216 hci_cc_pin_code_neg_reply(hdev, skb);
2217 break;
2218
c35938b2
SJ		 2219 case HCI_OP_READ_LOCAL_OOB_DATA:
2220 hci_cc_read_local_oob_data_reply(hdev, skb);
2221 break;
2222
6ed58ec5
VT		 2223 case HCI_OP_LE_READ_BUFFER_SIZE:
2224 hci_cc_le_read_buffer_size(hdev, skb);
2225 break;
2226
60e77321
JH		 2227 case HCI_OP_LE_READ_LOCAL_FEATURES:
2228 hci_cc_le_read_local_features(hdev, skb);
2229 break;
2230
8fa19098
JH		 2231 case HCI_OP_LE_READ_ADV_TX_POWER:
2232 hci_cc_le_read_adv_tx_power(hdev, skb);
2233 break;
2234
a5c29683
JH		 2235 case HCI_OP_USER_CONFIRM_REPLY:
2236 hci_cc_user_confirm_reply(hdev, skb);
2237 break;
2238
2239 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2240 hci_cc_user_confirm_neg_reply(hdev, skb);
2241 break;
2242
1143d458
BG		 2243 case HCI_OP_USER_PASSKEY_REPLY:
2244 hci_cc_user_passkey_reply(hdev, skb);
2245 break;
2246
2247 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2248 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2249 break;
07f7fa5d 2250
c1d5dc4a
JH		 2251 case HCI_OP_LE_SET_ADV_ENABLE:
2252 hci_cc_le_set_adv_enable(hdev, skb);
2253 break;
2254
eb9d91f5
AG		 2255 case HCI_OP_LE_SET_SCAN_ENABLE:
2256 hci_cc_le_set_scan_enable(hdev, skb);
2257 break;
2258
cf1d081f
JH		 2259 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
2260 hci_cc_le_read_white_list_size(hdev, skb);
2261 break;
2262
9b008c04
JH		 2263 case HCI_OP_LE_READ_SUPPORTED_STATES:
2264 hci_cc_le_read_supported_states(hdev, skb);
2265 break;
2266
f9b49306
AG		 2267 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2268 hci_cc_write_le_host_supported(hdev, skb);
2269 break;
2270
93c284ee
AE		 2271 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2272 hci_cc_write_remote_amp_assoc(hdev, skb);
2273 break;
2274
a9de9248 2275 default:
9f1db00c 2276 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2277 break;
2278 }
2279
ad82cdd1 2280 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2281 del_timer(&hdev->cmd_timer);
2282
ad82cdd1 2283 hci_req_cmd_complete(hdev, opcode, status);
9238f36a 2284
dbccd791 2285 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2286 atomic_set(&hdev->cmd_cnt, 1);
2287 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2288 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2289 }
2290}
2291
6039aa73 2292static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2293{
2294 struct hci_ev_cmd_status *ev = (void *) skb->data;
2295 __u16 opcode;
2296
2297 skb_pull(skb, sizeof(*ev));
2298
2299 opcode = __le16_to_cpu(ev->opcode);
2300
2301 switch (opcode) {
2302 case HCI_OP_INQUIRY:
2303 hci_cs_inquiry(hdev, ev->status);
2304 break;
2305
2306 case HCI_OP_CREATE_CONN:
2307 hci_cs_create_conn(hdev, ev->status);
2308 break;
2309
2310 case HCI_OP_ADD_SCO:
2311 hci_cs_add_sco(hdev, ev->status);
2312 break;
2313
f8558555
MH		 2314 case HCI_OP_AUTH_REQUESTED:
2315 hci_cs_auth_requested(hdev, ev->status);
2316 break;
2317
2318 case HCI_OP_SET_CONN_ENCRYPT:
2319 hci_cs_set_conn_encrypt(hdev, ev->status);
2320 break;
2321
a9de9248
MH		 2322 case HCI_OP_REMOTE_NAME_REQ:
2323 hci_cs_remote_name_req(hdev, ev->status);
2324 break;
2325
769be974
MH		 2326 case HCI_OP_READ_REMOTE_FEATURES:
2327 hci_cs_read_remote_features(hdev, ev->status);
2328 break;
2329
2330 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2331 hci_cs_read_remote_ext_features(hdev, ev->status);
2332 break;
2333
a9de9248
MH		 2334 case HCI_OP_SETUP_SYNC_CONN:
2335 hci_cs_setup_sync_conn(hdev, ev->status);
2336 break;
2337
2338 case HCI_OP_SNIFF_MODE:
2339 hci_cs_sniff_mode(hdev, ev->status);
2340 break;
2341
2342 case HCI_OP_EXIT_SNIFF_MODE:
2343 hci_cs_exit_sniff_mode(hdev, ev->status);
2344 break;
2345
8962ee74 2346 case HCI_OP_DISCONNECT:
88c3df13 2347 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2348 break;
2349
a02226d6
AE		 2350 case HCI_OP_CREATE_PHY_LINK:
2351 hci_cs_create_phylink(hdev, ev->status);
2352 break;
2353
0b26ab9d
AE		 2354 case HCI_OP_ACCEPT_PHY_LINK:
2355 hci_cs_accept_phylink(hdev, ev->status);
2356 break;
2357
a9de9248 2358 default:
9f1db00c 2359 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2360 break;
2361 }
2362
ad82cdd1 2363 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2364 del_timer(&hdev->cmd_timer);
2365
02350a72
JH		 2366 if (ev->status ||
2367 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->req.event))
2368 hci_req_cmd_complete(hdev, opcode, ev->status);
9238f36a 2369
10572132 2370 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2371 atomic_set(&hdev->cmd_cnt, 1);
2372 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2373 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2374 }
2375}
2376
6039aa73 2377static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2378{
2379 struct hci_ev_role_change *ev = (void *) skb->data;
2380 struct hci_conn *conn;
2381
9f1db00c 2382 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2383
2384 hci_dev_lock(hdev);
2385
2386 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2387 if (conn) {
2388 if (!ev->status) {
2389 if (ev->role)
2390 conn->link_mode &= ~HCI_LM_MASTER;
2391 else
2392 conn->link_mode |= HCI_LM_MASTER;
2393 }
2394
51a8efd7 2395 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2396
2397 hci_role_switch_cfm(conn, ev->status, ev->role);
2398 }
2399
2400 hci_dev_unlock(hdev);
2401}
2402
6039aa73 2403static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2404{
2405 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2406 int i;
2407
32ac5b9b
AE		 2408 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2409 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2410 return;
2411 }
2412
c5993de8 2413 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2414 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2415 BT_DBG("%s bad parameters", hdev->name);
2416 return;
2417 }
2418
c5993de8
AE		 2419 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2420
613a1c0c
AE		 2421 for (i = 0; i < ev->num_hndl; i++) {
2422 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2423 struct hci_conn *conn;
2424 __u16 handle, count;
2425
613a1c0c
AE		 2426 handle = __le16_to_cpu(info->handle);
2427 count = __le16_to_cpu(info->count);
a9de9248
MH		 2428
2429 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2430 if (!conn)
2431 continue;
2432
2433 conn->sent -= count;
2434
2435 switch (conn->type) {
2436 case ACL_LINK:
2437 hdev->acl_cnt += count;
2438 if (hdev->acl_cnt > hdev->acl_pkts)
2439 hdev->acl_cnt = hdev->acl_pkts;
2440 break;
2441
2442 case LE_LINK:
2443 if (hdev->le_pkts) {
2444 hdev->le_cnt += count;
2445 if (hdev->le_cnt > hdev->le_pkts)
2446 hdev->le_cnt = hdev->le_pkts;
2447 } else {
70f23020
AE		 2448 hdev->acl_cnt += count;
2449 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2450 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2451 }
f4280918
AE		 2452 break;
2453
2454 case SCO_LINK:
2455 hdev->sco_cnt += count;
2456 if (hdev->sco_cnt > hdev->sco_pkts)
2457 hdev->sco_cnt = hdev->sco_pkts;
2458 break;
2459
2460 default:
2461 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2462 break;
a9de9248
MH		 2463 }
2464 }
2465
3eff45ea 2466 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2467}
2468
76ef7cf7
AE		 2469static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2470 __u16 handle)
2471{
2472 struct hci_chan *chan;
2473
2474 switch (hdev->dev_type) {
2475 case HCI_BREDR:
2476 return hci_conn_hash_lookup_handle(hdev, handle);
2477 case HCI_AMP:
2478 chan = hci_chan_lookup_handle(hdev, handle);
2479 if (chan)
2480 return chan->conn;
2481 break;
2482 default:
2483 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2484 break;
2485 }
2486
2487 return NULL;
2488}
2489
6039aa73 2490static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2491{
2492 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2493 int i;
2494
2495 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2496 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2497 return;
2498 }
2499
2500 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2501 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2502 BT_DBG("%s bad parameters", hdev->name);
2503 return;
2504 }
2505
2506 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2507 ev->num_hndl);
25e89e99
AE		 2508
2509 for (i = 0; i < ev->num_hndl; i++) {
2510 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2511 struct hci_conn *conn = NULL;
25e89e99
AE		 2512 __u16 handle, block_count;
2513
2514 handle = __le16_to_cpu(info->handle);
2515 block_count = __le16_to_cpu(info->blocks);
2516
76ef7cf7 2517 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2518 if (!conn)
2519 continue;
2520
2521 conn->sent -= block_count;
2522
2523 switch (conn->type) {
2524 case ACL_LINK:
bd1eb66b 2525 case AMP_LINK:
25e89e99
AE		 2526 hdev->block_cnt += block_count;
2527 if (hdev->block_cnt > hdev->num_blocks)
2528 hdev->block_cnt = hdev->num_blocks;
2529 break;
2530
2531 default:
2532 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2533 break;
2534 }
2535 }
2536
2537 queue_work(hdev->workqueue, &hdev->tx_work);
2538}
2539
6039aa73 2540static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2541{
a9de9248 2542 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2543 struct hci_conn *conn;
2544
9f1db00c 2545 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2546
2547 hci_dev_lock(hdev);
2548
2549 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2550 if (conn) {
2551 conn->mode = ev->mode;
2552 conn->interval = __le16_to_cpu(ev->interval);
2553
8fc9ced3
GP		 2554 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2555 &conn->flags)) {
a9de9248 2556 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2557 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2558 else
58a681ef 2559 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2560 }
e73439d8 2561
51a8efd7 2562 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2563 hci_sco_setup(conn, ev->status);
04837f64
MH		 2564 }
2565
2566 hci_dev_unlock(hdev);
2567}
2568
6039aa73 2569static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2570{
052b30b0
MH		 2571 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2572 struct hci_conn *conn;
2573
a9de9248 2574 BT_DBG("%s", hdev->name);
052b30b0
MH		 2575
2576 hci_dev_lock(hdev);
2577
2578 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2579 if (!conn)
2580 goto unlock;
2581
2582 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2583 hci_conn_hold(conn);
2584 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
76a68ba0 2585 hci_conn_drop(conn);
052b30b0
MH		 2586 }
2587
a8b2d5c2 2588 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2589 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2590 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2591 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2592 u8 secure;
2593
2594 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2595 secure = 1;
2596 else
2597 secure = 0;
2598
744cf19e 2599 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2600 }
980e1a53 2601
b6f98044 2602unlock:
052b30b0 2603 hci_dev_unlock(hdev);
a9de9248
MH		 2604}
2605
6039aa73 2606static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2607{
55ed8ca1
JH		 2608 struct hci_ev_link_key_req *ev = (void *) skb->data;
2609 struct hci_cp_link_key_reply cp;
2610 struct hci_conn *conn;
2611 struct link_key *key;
2612
a9de9248 2613 BT_DBG("%s", hdev->name);
55ed8ca1 2614
034cbea0 2615 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
55ed8ca1
JH		 2616 return;
2617
2618 hci_dev_lock(hdev);
2619
2620 key = hci_find_link_key(hdev, &ev->bdaddr);
2621 if (!key) {
6ed93dc6
AE		 2622 BT_DBG("%s link key not found for %pMR", hdev->name,
2623 &ev->bdaddr);
55ed8ca1
JH		 2624 goto not_found;
2625 }
2626
6ed93dc6
AE		 2627 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2628 &ev->bdaddr);
55ed8ca1 2629
a8b2d5c2 2630 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2631 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2632 BT_DBG("%s ignoring debug key", hdev->name);
2633 goto not_found;
2634 }
2635
2636 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2637 if (conn) {
2638 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2639 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2640 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2641 goto not_found;
2642 }
55ed8ca1 2643
60b83f57 2644 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2645 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2646 BT_DBG("%s ignoring key unauthenticated for high security",
2647 hdev->name);
60b83f57
WR		 2648 goto not_found;
2649 }
2650
2651 conn->key_type = key->type;
2652 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2653 }
2654
2655 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2656 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2657
2658 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2659
2660 hci_dev_unlock(hdev);
2661
2662 return;
2663
2664not_found:
2665 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2666 hci_dev_unlock(hdev);
a9de9248
MH		 2667}
2668
6039aa73 2669static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2670{
052b30b0
MH		 2671 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2672 struct hci_conn *conn;
55ed8ca1 2673 u8 pin_len = 0;
052b30b0 2674
a9de9248 2675 BT_DBG("%s", hdev->name);
052b30b0
MH		 2676
2677 hci_dev_lock(hdev);
2678
2679 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2680 if (conn) {
2681 hci_conn_hold(conn);
2682 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2683 pin_len = conn->pin_length;
13d39315
WR		 2684
2685 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2686 conn->key_type = ev->key_type;
2687
76a68ba0 2688 hci_conn_drop(conn);
052b30b0
MH		 2689 }
2690
034cbea0 2691 if (test_bit(HCI_MGMT, &hdev->dev_flags))
d25e28ab 2692 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2693 ev->key_type, pin_len);
55ed8ca1 2694
052b30b0 2695 hci_dev_unlock(hdev);
a9de9248
MH		 2696}
2697
6039aa73 2698static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2699{
a9de9248 2700 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2701 struct hci_conn *conn;
1da177e4 2702
9f1db00c 2703 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2704
2705 hci_dev_lock(hdev);
2706
04837f64 2707 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2708 if (conn && !ev->status) {
2709 struct inquiry_entry *ie;
2710
cc11b9c1
AE		 2711 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2712 if (ie) {
1da177e4
LT		 2713 ie->data.clock_offset = ev->clock_offset;
2714 ie->timestamp = jiffies;
2715 }
2716 }
2717
2718 hci_dev_unlock(hdev);
2719}
2720
6039aa73 2721static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2722{
2723 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2724 struct hci_conn *conn;
2725
9f1db00c 2726 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2727
2728 hci_dev_lock(hdev);
2729
2730 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2731 if (conn && !ev->status)
2732 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2733
2734 hci_dev_unlock(hdev);
2735}
2736
6039aa73 2737static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2738{
a9de9248 2739 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2740 struct inquiry_entry *ie;
2741
2742 BT_DBG("%s", hdev->name);
2743
2744 hci_dev_lock(hdev);
2745
cc11b9c1
AE		 2746 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2747 if (ie) {
85a1e930
MH		 2748 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2749 ie->timestamp = jiffies;
2750 }
2751
2752 hci_dev_unlock(hdev);
2753}
2754
6039aa73
GP		 2755static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2756 struct sk_buff *skb)
a9de9248
MH		 2757{
2758 struct inquiry_data data;
2759 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2760 bool name_known, ssp;
a9de9248
MH		 2761
2762 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2763
2764 if (!num_rsp)
2765 return;
2766
1519cc17
AG		 2767 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2768 return;
2769
a9de9248
MH		 2770 hci_dev_lock(hdev);
2771
2772 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2773 struct inquiry_info_with_rssi_and_pscan_mode *info;
2774 info = (void *) (skb->data + 1);
a9de9248 2775
e17acd40 2776 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2777 bacpy(&data.bdaddr, &info->bdaddr);
2778 data.pscan_rep_mode = info->pscan_rep_mode;
2779 data.pscan_period_mode = info->pscan_period_mode;
2780 data.pscan_mode = info->pscan_mode;
2781 memcpy(data.dev_class, info->dev_class, 3);
2782 data.clock_offset = info->clock_offset;
2783 data.rssi = info->rssi;
41a96212 2784 data.ssp_mode = 0x00;
3175405b
JH		 2785
2786 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2787 false, &ssp);
48264f06 2788 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2789 info->dev_class, info->rssi,
2790 !name_known, ssp, NULL, 0);
a9de9248
MH		 2791 }
2792 } else {
2793 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2794
e17acd40 2795 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2796 bacpy(&data.bdaddr, &info->bdaddr);
2797 data.pscan_rep_mode = info->pscan_rep_mode;
2798 data.pscan_period_mode = info->pscan_period_mode;
2799 data.pscan_mode = 0x00;
2800 memcpy(data.dev_class, info->dev_class, 3);
2801 data.clock_offset = info->clock_offset;
2802 data.rssi = info->rssi;
41a96212 2803 data.ssp_mode = 0x00;
3175405b 2804 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2805 false, &ssp);
48264f06 2806 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2807 info->dev_class, info->rssi,
2808 !name_known, ssp, NULL, 0);
a9de9248
MH		 2809 }
2810 }
2811
2812 hci_dev_unlock(hdev);
2813}
2814
6039aa73
GP		 2815static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2816 struct sk_buff *skb)
a9de9248 2817{
41a96212
MH		 2818 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2819 struct hci_conn *conn;
2820
a9de9248 2821 BT_DBG("%s", hdev->name);
41a96212 2822
41a96212
MH		 2823 hci_dev_lock(hdev);
2824
2825 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2826 if (!conn)
2827 goto unlock;
41a96212 2828
cad718ed
JH		 2829 if (ev->page < HCI_MAX_PAGES)
2830 memcpy(conn->features[ev->page], ev->features, 8);
2831
ccd556fe
JH		 2832 if (!ev->status && ev->page == 0x01) {
2833 struct inquiry_entry *ie;
41a96212 2834
cc11b9c1
AE		 2835 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2836 if (ie)
02b7cc62 2837 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 2838
bbb0eada 2839 if (ev->features[0] & LMP_HOST_SSP) {
58a681ef 2840 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
bbb0eada
JK		 2841 } else {
2842 /* It is mandatory by the Bluetooth specification that
2843 * Extended Inquiry Results are only used when Secure
2844 * Simple Pairing is enabled, but some devices violate
2845 * this.
2846 *
2847 * To make these devices work, the internal SSP
2848 * enabled flag needs to be cleared if the remote host
2849 * features do not indicate SSP support */
2850 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2851 }
ccd556fe
JH		 2852 }
2853
2854 if (conn->state != BT_CONFIG)
2855 goto unlock;
2856
671267bf 2857 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2858 struct hci_cp_remote_name_req cp;
2859 memset(&cp, 0, sizeof(cp));
2860 bacpy(&cp.bdaddr, &conn->dst);
2861 cp.pscan_rep_mode = 0x02;
2862 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2863 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2864 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2865 conn->dst_type, 0, NULL, 0,
2866 conn->dev_class);
392599b9 2867
127178d2 2868 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2869 conn->state = BT_CONNECTED;
2870 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2871 hci_conn_drop(conn);
41a96212
MH		 2872 }
2873
ccd556fe 2874unlock:
41a96212 2875 hci_dev_unlock(hdev);
a9de9248
MH		 2876}
2877
6039aa73
GP		 2878static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
2879 struct sk_buff *skb)
a9de9248 2880{
b6a0dc82
MH		 2881 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2882 struct hci_conn *conn;
2883
9f1db00c 2884 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 2885
2886 hci_dev_lock(hdev);
2887
2888 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2889 if (!conn) {
2890 if (ev->link_type == ESCO_LINK)
2891 goto unlock;
2892
2893 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2894 if (!conn)
2895 goto unlock;
2896
2897 conn->type = SCO_LINK;
2898 }
b6a0dc82 2899
732547f9
MH		 2900 switch (ev->status) {
2901 case 0x00:
b6a0dc82
MH		 2902 conn->handle = __le16_to_cpu(ev->handle);
2903 conn->state = BT_CONNECTED;
7d0db0a3
MH		 2904
2905 hci_conn_add_sysfs(conn);
732547f9
MH		 2906 break;
2907
1a4c958c 2908 case 0x0d: /* Connection Rejected due to Limited Resources */
705e5711 2909 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2910 case 0x1c: /* SCO interval rejected */
1038a00b 2911 case 0x1a: /* Unsupported Remote Feature */
732547f9 2912 case 0x1f: /* Unspecified error */
2dea632f 2913 if (conn->out) {
732547f9
MH		 2914 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2915 (hdev->esco_type & EDR_ESCO_MASK);
2dea632f
FD		 2916 if (hci_setup_sync(conn, conn->link->handle))
2917 goto unlock;
732547f9
MH		 2918 }
2919 /* fall through */
2920
2921 default:
b6a0dc82 2922 conn->state = BT_CLOSED;
732547f9
MH		 2923 break;
2924 }
b6a0dc82
MH		 2925
2926 hci_proto_connect_cfm(conn, ev->status);
2927 if (ev->status)
2928 hci_conn_del(conn);
2929
2930unlock:
2931 hci_dev_unlock(hdev);
a9de9248
MH		 2932}
2933
efdcf8e3
MH		 2934static inline size_t eir_get_length(u8 *eir, size_t eir_len)
2935{
2936 size_t parsed = 0;
2937
2938 while (parsed < eir_len) {
2939 u8 field_len = eir[0];
2940
2941 if (field_len == 0)
2942 return parsed;
2943
2944 parsed += field_len + 1;
2945 eir += field_len + 1;
2946 }
2947
2948 return eir_len;
2949}
2950
6039aa73
GP		 2951static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
2952 struct sk_buff *skb)
1da177e4 2953{
a9de9248
MH		 2954 struct inquiry_data data;
2955 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2956 int num_rsp = *((__u8 *) skb->data);
9d939d94 2957 size_t eir_len;
1da177e4 2958
a9de9248 2959 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2960
a9de9248
MH		 2961 if (!num_rsp)
2962 return;
1da177e4 2963
1519cc17
AG		 2964 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2965 return;
2966
a9de9248
MH		 2967 hci_dev_lock(hdev);
2968
e17acd40 2969 for (; num_rsp; num_rsp--, info++) {
388fc8fa 2970 bool name_known, ssp;
561aafbc 2971
a9de9248 2972 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2973 data.pscan_rep_mode = info->pscan_rep_mode;
2974 data.pscan_period_mode = info->pscan_period_mode;
2975 data.pscan_mode = 0x00;
a9de9248 2976 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2977 data.clock_offset = info->clock_offset;
2978 data.rssi = info->rssi;
41a96212 2979 data.ssp_mode = 0x01;
561aafbc 2980
a8b2d5c2 2981 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 2982 name_known = eir_has_data_type(info->data,
04124681
GP		 2983 sizeof(info->data),
2984 EIR_NAME_COMPLETE);
561aafbc
JH		 2985 else
2986 name_known = true;
2987
388fc8fa 2988 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 2989 &ssp);
9d939d94 2990 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 2991 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 2992 info->dev_class, info->rssi, !name_known,
9d939d94 2993 ssp, info->data, eir_len);
a9de9248
MH		 2994 }
2995
2996 hci_dev_unlock(hdev);
2997}
1da177e4 2998
1c2e0041
JH		 2999static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3000 struct sk_buff *skb)
3001{
3002 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3003 struct hci_conn *conn;
3004
9f1db00c 3005 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3006 __le16_to_cpu(ev->handle));
3007
3008 hci_dev_lock(hdev);
3009
3010 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3011 if (!conn)
3012 goto unlock;
3013
3014 if (!ev->status)
3015 conn->sec_level = conn->pending_sec_level;
3016
3017 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3018
3019 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 3020 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 3021 hci_conn_drop(conn);
1c2e0041
JH		 3022 goto unlock;
3023 }
3024
3025 if (conn->state == BT_CONFIG) {
3026 if (!ev->status)
3027 conn->state = BT_CONNECTED;
3028
3029 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 3030 hci_conn_drop(conn);
1c2e0041
JH		 3031 } else {
3032 hci_auth_cfm(conn, ev->status);
3033
3034 hci_conn_hold(conn);
3035 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3036 hci_conn_drop(conn);
1c2e0041
JH		 3037 }
3038
3039unlock:
3040 hci_dev_unlock(hdev);
3041}
3042
6039aa73 3043static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3044{
3045 /* If remote requests dedicated bonding follow that lead */
acabae96
MA		 3046 if (conn->remote_auth == HCI_AT_DEDICATED_BONDING ||
3047 conn->remote_auth == HCI_AT_DEDICATED_BONDING_MITM) {
17fa4b9d
JH		 3048 /* If both remote and local IO capabilities allow MITM
3049 * protection then require it, otherwise don't */
acabae96
MA		 3050 if (conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT ||
3051 conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)
3052 return HCI_AT_DEDICATED_BONDING;
17fa4b9d 3053 else
acabae96 3054 return HCI_AT_DEDICATED_BONDING_MITM;
17fa4b9d
JH		 3055 }
3056
3057 /* If remote requests no-bonding follow that lead */
acabae96
MA		 3058 if (conn->remote_auth == HCI_AT_NO_BONDING ||
3059 conn->remote_auth == HCI_AT_NO_BONDING_MITM)
58797bf7 3060 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3061
3062 return conn->auth_type;
3063}
3064
6039aa73 3065static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3066{
3067 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3068 struct hci_conn *conn;
3069
3070 BT_DBG("%s", hdev->name);
3071
3072 hci_dev_lock(hdev);
3073
3074 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3075 if (!conn)
3076 goto unlock;
3077
3078 hci_conn_hold(conn);
3079
a8b2d5c2 3080 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3081 goto unlock;
3082
a8b2d5c2 3083 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3084 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3085 struct hci_cp_io_capability_reply cp;
3086
3087 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3088 /* Change the IO capability from KeyboardDisplay
3089 * to DisplayYesNo as it is not supported by BT spec. */
3090 cp.capability = (conn->io_capability == 0x04) ?
a767631a 3091 HCI_IO_DISPLAY_YESNO : conn->io_capability;
7cbc9bd9
JH		 3092 conn->auth_type = hci_get_auth_req(conn);
3093 cp.authentication = conn->auth_type;
17fa4b9d 3094
8fc9ced3
GP		 3095 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3096 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3097 cp.oob_data = 0x01;
3098 else
3099 cp.oob_data = 0x00;
3100
17fa4b9d 3101 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3102 sizeof(cp), &cp);
03b555e1
JH		 3103 } else {
3104 struct hci_cp_io_capability_neg_reply cp;
3105
3106 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3107 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3108
03b555e1 3109 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3110 sizeof(cp), &cp);
03b555e1
JH		 3111 }
3112
3113unlock:
3114 hci_dev_unlock(hdev);
3115}
3116
6039aa73 3117static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3118{
3119 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3120 struct hci_conn *conn;
3121
3122 BT_DBG("%s", hdev->name);
3123
3124 hci_dev_lock(hdev);
3125
3126 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3127 if (!conn)
3128 goto unlock;
3129
03b555e1 3130 conn->remote_cap = ev->capability;
03b555e1 3131 conn->remote_auth = ev->authentication;
58a681ef
JH		 3132 if (ev->oob_data)
3133 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3134
3135unlock:
0493684e
MH		 3136 hci_dev_unlock(hdev);
3137}
3138
6039aa73
GP		 3139static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3140 struct sk_buff *skb)
a5c29683
JH		 3141{
3142 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3143 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3144 struct hci_conn *conn;
a5c29683
JH		 3145
3146 BT_DBG("%s", hdev->name);
3147
3148 hci_dev_lock(hdev);
3149
a8b2d5c2 3150 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3151 goto unlock;
a5c29683 3152
7a828908
JH		 3153 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3154 if (!conn)
3155 goto unlock;
3156
3157 loc_mitm = (conn->auth_type & 0x01);
3158 rem_mitm = (conn->remote_auth & 0x01);
3159
3160 /* If we require MITM but the remote device can't provide that
3161 * (it has NoInputNoOutput) then reject the confirmation
3162 * request. The only exception is when we're dedicated bonding
3163 * initiators (connect_cfm_cb set) since then we always have the MITM
3164 * bit set. */
a767631a
MA		 3165 if (!conn->connect_cfm_cb && loc_mitm &&
3166 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) {
7a828908
JH		 3167 BT_DBG("Rejecting request: remote device can't provide MITM");
3168 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3169 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3170 goto unlock;
3171 }
3172
3173 /* If no side requires MITM protection; auto-accept */
a767631a
MA		 3174 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) &&
3175 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) {
55bc1a37
JH		 3176
3177 /* If we're not the initiators request authorization to
3178 * proceed from user space (mgmt_user_confirm with
3179 * confirm_hint set to 1). */
51a8efd7 3180 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3181 BT_DBG("Confirming auto-accept as acceptor");
3182 confirm_hint = 1;
3183 goto confirm;
3184 }
3185
9f61656a 3186 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3187 hdev->auto_accept_delay);
9f61656a
JH		 3188
3189 if (hdev->auto_accept_delay > 0) {
3190 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
7bc18d9d
JH		 3191 queue_delayed_work(conn->hdev->workqueue,
3192 &conn->auto_accept_work, delay);
9f61656a
JH		 3193 goto unlock;
3194 }
3195
7a828908 3196 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3197 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3198 goto unlock;
3199 }
3200
55bc1a37 3201confirm:
272d90df 3202 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3203 confirm_hint);
7a828908
JH		 3204
3205unlock:
a5c29683
JH		 3206 hci_dev_unlock(hdev);
3207}
3208
6039aa73
GP		 3209static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3210 struct sk_buff *skb)
1143d458
BG		 3211{
3212 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3213
3214 BT_DBG("%s", hdev->name);
3215
a8b2d5c2 3216 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3217 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3218}
3219
92a25256
JH		 3220static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3221 struct sk_buff *skb)
3222{
3223 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3224 struct hci_conn *conn;
3225
3226 BT_DBG("%s", hdev->name);
3227
3228 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3229 if (!conn)
3230 return;
3231
3232 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3233 conn->passkey_entered = 0;
3234
3235 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3236 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3237 conn->dst_type, conn->passkey_notify,
3238 conn->passkey_entered);
3239}
3240
3241static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3242{
3243 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3244 struct hci_conn *conn;
3245
3246 BT_DBG("%s", hdev->name);
3247
3248 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3249 if (!conn)
3250 return;
3251
3252 switch (ev->type) {
3253 case HCI_KEYPRESS_STARTED:
3254 conn->passkey_entered = 0;
3255 return;
3256
3257 case HCI_KEYPRESS_ENTERED:
3258 conn->passkey_entered++;
3259 break;
3260
3261 case HCI_KEYPRESS_ERASED:
3262 conn->passkey_entered--;
3263 break;
3264
3265 case HCI_KEYPRESS_CLEARED:
3266 conn->passkey_entered = 0;
3267 break;
3268
3269 case HCI_KEYPRESS_COMPLETED:
3270 return;
3271 }
3272
3273 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3274 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3275 conn->dst_type, conn->passkey_notify,
3276 conn->passkey_entered);
3277}
3278
6039aa73
GP		 3279static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3280 struct sk_buff *skb)
0493684e
MH		 3281{
3282 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3283 struct hci_conn *conn;
3284
3285 BT_DBG("%s", hdev->name);
3286
3287 hci_dev_lock(hdev);
3288
3289 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3290 if (!conn)
3291 goto unlock;
3292
3293 /* To avoid duplicate auth_failed events to user space we check
3294 * the HCI_CONN_AUTH_PEND flag which will be set if we
3295 * initiated the authentication. A traditional auth_complete
3296 * event gets always produced as initiator and is also mapped to
3297 * the mgmt_auth_failed event */
fa1bd918 3298 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3299 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3300 ev->status);
0493684e 3301
76a68ba0 3302 hci_conn_drop(conn);
2a611692
JH		 3303
3304unlock:
0493684e
MH		 3305 hci_dev_unlock(hdev);
3306}
3307
6039aa73
GP		 3308static void hci_remote_host_features_evt(struct hci_dev *hdev,
3309 struct sk_buff *skb)
41a96212
MH		 3310{
3311 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3312 struct inquiry_entry *ie;
cad718ed 3313 struct hci_conn *conn;
41a96212
MH		 3314
3315 BT_DBG("%s", hdev->name);
3316
3317 hci_dev_lock(hdev);
3318
cad718ed
JH		 3319 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3320 if (conn)
3321 memcpy(conn->features[1], ev->features, 8);
3322
cc11b9c1
AE		 3323 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3324 if (ie)
02b7cc62 3325 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3326
3327 hci_dev_unlock(hdev);
3328}
3329
6039aa73
GP		 3330static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3331 struct sk_buff *skb)
2763eda6
SJ		 3332{
3333 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3334 struct oob_data *data;
3335
3336 BT_DBG("%s", hdev->name);
3337
3338 hci_dev_lock(hdev);
3339
a8b2d5c2 3340 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3341 goto unlock;
3342
2763eda6
SJ		 3343 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3344 if (data) {
3345 struct hci_cp_remote_oob_data_reply cp;
3346
3347 bacpy(&cp.bdaddr, &ev->bdaddr);
3348 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3349 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3350
3351 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3352 &cp);
2763eda6
SJ		 3353 } else {
3354 struct hci_cp_remote_oob_data_neg_reply cp;
3355
3356 bacpy(&cp.bdaddr, &ev->bdaddr);
3357 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3358 &cp);
2763eda6
SJ		 3359 }
3360
e1ba1f15 3361unlock:
2763eda6
SJ		 3362 hci_dev_unlock(hdev);
3363}
3364
d5e91192
AE		 3365static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3366 struct sk_buff *skb)
3367{
3368 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3369 struct hci_conn *hcon, *bredr_hcon;
3370
3371 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3372 ev->status);
3373
3374 hci_dev_lock(hdev);
3375
3376 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3377 if (!hcon) {
3378 hci_dev_unlock(hdev);
3379 return;
3380 }
3381
3382 if (ev->status) {
3383 hci_conn_del(hcon);
3384 hci_dev_unlock(hdev);
3385 return;
3386 }
3387
3388 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3389
3390 hcon->state = BT_CONNECTED;
3391 bacpy(&hcon->dst, &bredr_hcon->dst);
3392
3393 hci_conn_hold(hcon);
3394 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3395 hci_conn_drop(hcon);
d5e91192 3396
d5e91192
AE		 3397 hci_conn_add_sysfs(hcon);
3398
cf70ff22 3399 amp_physical_cfm(bredr_hcon, hcon);
d5e91192 3400
cf70ff22 3401 hci_dev_unlock(hdev);
d5e91192
AE		 3402}
3403
27695fb4
AE		 3404static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3405{
3406 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3407 struct hci_conn *hcon;
3408 struct hci_chan *hchan;
3409 struct amp_mgr *mgr;
3410
3411 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3412 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3413 ev->status);
3414
3415 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3416 if (!hcon)
3417 return;
3418
3419 /* Create AMP hchan */
3420 hchan = hci_chan_create(hcon);
3421 if (!hchan)
3422 return;
3423
3424 hchan->handle = le16_to_cpu(ev->handle);
3425
3426 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3427
3428 mgr = hcon->amp_mgr;
3429 if (mgr && mgr->bredr_chan) {
3430 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3431
3432 l2cap_chan_lock(bredr_chan);
3433
3434 bredr_chan->conn->mtu = hdev->block_mtu;
3435 l2cap_logical_cfm(bredr_chan, hchan, 0);
3436 hci_conn_hold(hcon);
3437
3438 l2cap_chan_unlock(bredr_chan);
3439 }
3440}
3441
606e2a10
AE		 3442static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3443 struct sk_buff *skb)
3444{
3445 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3446 struct hci_chan *hchan;
3447
3448 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3449 le16_to_cpu(ev->handle), ev->status);
3450
3451 if (ev->status)
3452 return;
3453
3454 hci_dev_lock(hdev);
3455
3456 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3457 if (!hchan)
3458 goto unlock;
3459
3460 amp_destroy_logical_link(hchan, ev->reason);
3461
3462unlock:
3463 hci_dev_unlock(hdev);
3464}
3465
9eef6b3a
AE		 3466static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3467 struct sk_buff *skb)
3468{
3469 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3470 struct hci_conn *hcon;
3471
3472 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3473
3474 if (ev->status)
3475 return;
3476
3477 hci_dev_lock(hdev);
3478
3479 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3480 if (hcon) {
3481 hcon->state = BT_CLOSED;
3482 hci_conn_del(hcon);
3483 }
3484
3485 hci_dev_unlock(hdev);
3486}
3487
6039aa73 3488static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3489{
3490 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3491 struct hci_conn *conn;
3492
9f1db00c 3493 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3494
3495 hci_dev_lock(hdev);
3496
b47a09b3 3497 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3498 if (!conn) {
3499 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3500 if (!conn) {
3501 BT_ERR("No memory for new connection");
230fd16a 3502 goto unlock;
b62f328b 3503 }
29b7988a
AG		 3504
3505 conn->dst_type = ev->bdaddr_type;
b9b343d2 3506
880be4e8
MH		 3507 /* The advertising parameters for own address type
3508 * define which source address and source address
3509 * type this connections has.
3510 */
3511 if (bacmp(&conn->src, BDADDR_ANY)) {
3512 conn->src_type = ADDR_LE_DEV_PUBLIC;
3513 } else {
3514 bacpy(&conn->src, &hdev->static_addr);
3515 conn->src_type = ADDR_LE_DEV_RANDOM;
3516 }
3517
b9b343d2
AG		 3518 if (ev->role == LE_CONN_ROLE_MASTER) {
3519 conn->out = true;
3520 conn->link_mode |= HCI_LM_MASTER;
3521 }
b62f328b 3522 }
fcd89c09 3523
cd17decb
AG		 3524 if (ev->status) {
3525 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3526 conn->dst_type, ev->status);
3527 hci_proto_connect_cfm(conn, ev->status);
3528 conn->state = BT_CLOSED;
3529 hci_conn_del(conn);
3530 goto unlock;
3531 }
3532
b644ba33
JH		 3533 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3534 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3535 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3536
7b5c0d52 3537 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3538 conn->handle = __le16_to_cpu(ev->handle);
3539 conn->state = BT_CONNECTED;
3540
fcd89c09
VT		 3541 hci_conn_add_sysfs(conn);
3542
3543 hci_proto_connect_cfm(conn, ev->status);
3544
3545unlock:
3546 hci_dev_unlock(hdev);
3547}
3548
6039aa73 3549static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3550{
e95beb41
AG		 3551 u8 num_reports = skb->data[0];
3552 void *ptr = &skb->data[1];
3c9e9195 3553 s8 rssi;
9aa04c91 3554
e95beb41
AG		 3555 while (num_reports--) {
3556 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3557
3c9e9195
AG		 3558 rssi = ev->data[ev->length];
3559 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3560 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3561
e95beb41 3562 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91 3563 }
9aa04c91
AG		 3564}
3565
6039aa73 3566static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3567{
3568 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3569 struct hci_cp_le_ltk_reply cp;
bea710fe 3570 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3571 struct hci_conn *conn;
c9839a11 3572 struct smp_ltk *ltk;
a7a595f6 3573
9f1db00c 3574 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3575
3576 hci_dev_lock(hdev);
3577
3578 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3579 if (conn == NULL)
3580 goto not_found;
a7a595f6 3581
bea710fe
VCG		 3582 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3583 if (ltk == NULL)
3584 goto not_found;
3585
3586 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3587 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3588
3589 if (ltk->authenticated)
f8776218
AG		 3590 conn->pending_sec_level = BT_SECURITY_HIGH;
3591 else
3592 conn->pending_sec_level = BT_SECURITY_MEDIUM;
a7a595f6 3593
89cbb4da 3594 conn->enc_key_size = ltk->enc_size;
a7a595f6
VCG		 3595
3596 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3597
c9839a11
VCG		 3598 if (ltk->type & HCI_SMP_STK) {
3599 list_del(&ltk->list);
3600 kfree(ltk);
3601 }
3602
a7a595f6 3603 hci_dev_unlock(hdev);
bea710fe
VCG		 3604
3605 return;
3606
3607not_found:
3608 neg.handle = ev->handle;
3609 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3610 hci_dev_unlock(hdev);
a7a595f6
VCG		 3611}
3612
6039aa73 3613static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3614{
3615 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3616
3617 skb_pull(skb, sizeof(*le_ev));
3618
3619 switch (le_ev->subevent) {
3620 case HCI_EV_LE_CONN_COMPLETE:
3621 hci_le_conn_complete_evt(hdev, skb);
3622 break;
3623
9aa04c91
AG		 3624 case HCI_EV_LE_ADVERTISING_REPORT:
3625 hci_le_adv_report_evt(hdev, skb);
3626 break;
3627
a7a595f6
VCG		 3628 case HCI_EV_LE_LTK_REQ:
3629 hci_le_ltk_request_evt(hdev, skb);
3630 break;
3631
fcd89c09
VT		 3632 default:
3633 break;
3634 }
3635}
3636
9495b2ee
AE		 3637static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3638{
3639 struct hci_ev_channel_selected *ev = (void *) skb->data;
3640 struct hci_conn *hcon;
3641
3642 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3643
3644 skb_pull(skb, sizeof(*ev));
3645
3646 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3647 if (!hcon)
3648 return;
3649
3650 amp_read_loc_assoc_final_data(hdev, hcon);
3651}
3652
a9de9248
MH		 3653void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3654{
3655 struct hci_event_hdr *hdr = (void *) skb->data;
3656 __u8 event = hdr->evt;
3657
b6ddb638
JH		 3658 hci_dev_lock(hdev);
3659
3660 /* Received events are (currently) only needed when a request is
3661 * ongoing so avoid unnecessary memory allocation.
3662 */
3663 if (hdev->req_status == HCI_REQ_PEND) {
3664 kfree_skb(hdev->recv_evt);
3665 hdev->recv_evt = skb_clone(skb, GFP_KERNEL);
3666 }
3667
3668 hci_dev_unlock(hdev);
3669
a9de9248
MH		 3670 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3671
02350a72 3672 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->req.event == event) {
c1f23a2b
JB		 3673 struct hci_command_hdr *cmd_hdr = (void *) hdev->sent_cmd->data;
3674 u16 opcode = __le16_to_cpu(cmd_hdr->opcode);
02350a72
JH		 3675
3676 hci_req_cmd_complete(hdev, opcode, 0);
3677 }
3678
a9de9248 3679 switch (event) {
1da177e4
LT		 3680 case HCI_EV_INQUIRY_COMPLETE:
3681 hci_inquiry_complete_evt(hdev, skb);
3682 break;
3683
3684 case HCI_EV_INQUIRY_RESULT:
3685 hci_inquiry_result_evt(hdev, skb);
3686 break;
3687
a9de9248
MH		 3688 case HCI_EV_CONN_COMPLETE:
3689 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3690 break;
3691
1da177e4
LT		 3692 case HCI_EV_CONN_REQUEST:
3693 hci_conn_request_evt(hdev, skb);
3694 break;
3695
1da177e4
LT		 3696 case HCI_EV_DISCONN_COMPLETE:
3697 hci_disconn_complete_evt(hdev, skb);
3698 break;
3699
1da177e4
LT		 3700 case HCI_EV_AUTH_COMPLETE:
3701 hci_auth_complete_evt(hdev, skb);
3702 break;
3703
a9de9248
MH		 3704 case HCI_EV_REMOTE_NAME:
3705 hci_remote_name_evt(hdev, skb);
3706 break;
3707
1da177e4
LT		 3708 case HCI_EV_ENCRYPT_CHANGE:
3709 hci_encrypt_change_evt(hdev, skb);
3710 break;
3711
a9de9248
MH		 3712 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3713 hci_change_link_key_complete_evt(hdev, skb);
3714 break;
3715
3716 case HCI_EV_REMOTE_FEATURES:
3717 hci_remote_features_evt(hdev, skb);
3718 break;
3719
a9de9248
MH		 3720 case HCI_EV_CMD_COMPLETE:
3721 hci_cmd_complete_evt(hdev, skb);
3722 break;
3723
3724 case HCI_EV_CMD_STATUS:
3725 hci_cmd_status_evt(hdev, skb);
3726 break;
3727
3728 case HCI_EV_ROLE_CHANGE:
3729 hci_role_change_evt(hdev, skb);
3730 break;
3731
3732 case HCI_EV_NUM_COMP_PKTS:
3733 hci_num_comp_pkts_evt(hdev, skb);
3734 break;
3735
3736 case HCI_EV_MODE_CHANGE:
3737 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3738 break;
3739
3740 case HCI_EV_PIN_CODE_REQ:
3741 hci_pin_code_request_evt(hdev, skb);
3742 break;
3743
3744 case HCI_EV_LINK_KEY_REQ:
3745 hci_link_key_request_evt(hdev, skb);
3746 break;
3747
3748 case HCI_EV_LINK_KEY_NOTIFY:
3749 hci_link_key_notify_evt(hdev, skb);
3750 break;
3751
3752 case HCI_EV_CLOCK_OFFSET:
3753 hci_clock_offset_evt(hdev, skb);
3754 break;
3755
a8746417
MH		 3756 case HCI_EV_PKT_TYPE_CHANGE:
3757 hci_pkt_type_change_evt(hdev, skb);
3758 break;
3759
85a1e930
MH		 3760 case HCI_EV_PSCAN_REP_MODE:
3761 hci_pscan_rep_mode_evt(hdev, skb);
3762 break;
3763
a9de9248
MH		 3764 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3765 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3766 break;
3767
a9de9248
MH		 3768 case HCI_EV_REMOTE_EXT_FEATURES:
3769 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3770 break;
3771
a9de9248
MH		 3772 case HCI_EV_SYNC_CONN_COMPLETE:
3773 hci_sync_conn_complete_evt(hdev, skb);
3774 break;
1da177e4 3775
a9de9248
MH		 3776 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3777 hci_extended_inquiry_result_evt(hdev, skb);
3778 break;
1da177e4 3779
1c2e0041
JH		 3780 case HCI_EV_KEY_REFRESH_COMPLETE:
3781 hci_key_refresh_complete_evt(hdev, skb);
3782 break;
3783
0493684e
MH		 3784 case HCI_EV_IO_CAPA_REQUEST:
3785 hci_io_capa_request_evt(hdev, skb);
3786 break;
3787
03b555e1
JH		 3788 case HCI_EV_IO_CAPA_REPLY:
3789 hci_io_capa_reply_evt(hdev, skb);
3790 break;
3791
a5c29683
JH		 3792 case HCI_EV_USER_CONFIRM_REQUEST:
3793 hci_user_confirm_request_evt(hdev, skb);
3794 break;
3795
1143d458
BG		 3796 case HCI_EV_USER_PASSKEY_REQUEST:
3797 hci_user_passkey_request_evt(hdev, skb);
3798 break;
3799
92a25256
JH		 3800 case HCI_EV_USER_PASSKEY_NOTIFY:
3801 hci_user_passkey_notify_evt(hdev, skb);
3802 break;
3803
3804 case HCI_EV_KEYPRESS_NOTIFY:
3805 hci_keypress_notify_evt(hdev, skb);
3806 break;
3807
0493684e
MH		 3808 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3809 hci_simple_pair_complete_evt(hdev, skb);
3810 break;
3811
41a96212
MH		 3812 case HCI_EV_REMOTE_HOST_FEATURES:
3813 hci_remote_host_features_evt(hdev, skb);
3814 break;
3815
fcd89c09
VT		 3816 case HCI_EV_LE_META:
3817 hci_le_meta_evt(hdev, skb);
3818 break;
3819
9495b2ee
AE		 3820 case HCI_EV_CHANNEL_SELECTED:
3821 hci_chan_selected_evt(hdev, skb);
3822 break;
3823
2763eda6
SJ		 3824 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3825 hci_remote_oob_data_request_evt(hdev, skb);
3826 break;
3827
d5e91192
AE		 3828 case HCI_EV_PHY_LINK_COMPLETE:
3829 hci_phy_link_complete_evt(hdev, skb);
3830 break;
3831
27695fb4
AE		 3832 case HCI_EV_LOGICAL_LINK_COMPLETE:
3833 hci_loglink_complete_evt(hdev, skb);
3834 break;
3835
606e2a10
AE		 3836 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
3837 hci_disconn_loglink_complete_evt(hdev, skb);
3838 break;
3839
9eef6b3a
AE		 3840 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
3841 hci_disconn_phylink_complete_evt(hdev, skb);
3842 break;
3843
25e89e99
AE		 3844 case HCI_EV_NUM_COMP_BLOCKS:
3845 hci_num_comp_blocks_evt(hdev, skb);
3846 break;
3847
a9de9248 3848 default:
9f1db00c 3849 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3850 break;
3851 }
3852
3853 kfree_skb(skb);
3854 hdev->stat.evt_rx++;
3855}
Linux kernel - Deliverables
This page took 0.946976 seconds and 5 git commands to generate.