projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Clear advertising cache before scanning
[deliverable/linux.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
1da177e4
LT		 48/* Handle HCI Event packets */
49
a9de9248 50static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 51{
a9de9248 52 __u8 status = *((__u8 *) skb->data);
1da177e4 53
a9de9248 54 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 55
a9de9248
MH		 56 if (status)
57 return;
1da177e4 58
314b2381
JH		 59 if (test_bit(HCI_MGMT, &hdev->flags) &&
60 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
61 mgmt_discovering(hdev->id, 0);
6bd57416 62
23bb5763 63 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 64
65 hci_conn_check_pending(hdev);
66}
6bd57416 67
a9de9248
MH		 68static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
69{
70 __u8 status = *((__u8 *) skb->data);
6bd57416 71
a9de9248 72 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 73
a9de9248
MH		 74 if (status)
75 return;
1da177e4 76
314b2381
JH		 77 if (test_bit(HCI_MGMT, &hdev->flags) &&
78 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
79 mgmt_discovering(hdev->id, 0);
a9de9248
MH		 80
81 hci_conn_check_pending(hdev);
82}
83
84static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
85{
86 BT_DBG("%s", hdev->name);
87}
88
89static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
90{
91 struct hci_rp_role_discovery *rp = (void *) skb->data;
92 struct hci_conn *conn;
93
94 BT_DBG("%s status 0x%x", hdev->name, rp->status);
95
96 if (rp->status)
97 return;
98
99 hci_dev_lock(hdev);
100
101 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
102 if (conn) {
103 if (rp->role)
104 conn->link_mode &= ~HCI_LM_MASTER;
105 else
106 conn->link_mode |= HCI_LM_MASTER;
1da177e4 107 }
a9de9248
MH		 108
109 hci_dev_unlock(hdev);
1da177e4
LT		 110}
111
e4e8e37c
MH		 112static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
113{
114 struct hci_rp_read_link_policy *rp = (void *) skb->data;
115 struct hci_conn *conn;
116
117 BT_DBG("%s status 0x%x", hdev->name, rp->status);
118
119 if (rp->status)
120 return;
121
122 hci_dev_lock(hdev);
123
124 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
125 if (conn)
126 conn->link_policy = __le16_to_cpu(rp->policy);
127
128 hci_dev_unlock(hdev);
129}
130
a9de9248 131static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 132{
a9de9248 133 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 134 struct hci_conn *conn;
04837f64 135 void *sent;
1da177e4 136
a9de9248 137 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 138
a9de9248
MH		 139 if (rp->status)
140 return;
1da177e4 141
a9de9248
MH		 142 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
143 if (!sent)
144 return;
1da177e4 145
a9de9248 146 hci_dev_lock(hdev);
1da177e4 147
a9de9248 148 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 149 if (conn)
83985319 150 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 151
a9de9248
MH		 152 hci_dev_unlock(hdev);
153}
1da177e4 154
e4e8e37c
MH		 155static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
156{
157 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
158
159 BT_DBG("%s status 0x%x", hdev->name, rp->status);
160
161 if (rp->status)
162 return;
163
164 hdev->link_policy = __le16_to_cpu(rp->policy);
165}
166
167static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
168{
169 __u8 status = *((__u8 *) skb->data);
170 void *sent;
171
172 BT_DBG("%s status 0x%x", hdev->name, status);
173
174 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
175 if (!sent)
176 return;
177
178 if (!status)
179 hdev->link_policy = get_unaligned_le16(sent);
180
23bb5763 181 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 182}
183
a9de9248
MH		 184static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
185{
186 __u8 status = *((__u8 *) skb->data);
04837f64 187
a9de9248 188 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 189
10572132
GP		 190 clear_bit(HCI_RESET, &hdev->flags);
191
23bb5763 192 hci_req_complete(hdev, HCI_OP_RESET, status);
a9de9248 193}
04837f64 194
a9de9248
MH		 195static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
196{
197 __u8 status = *((__u8 *) skb->data);
198 void *sent;
04837f64 199
a9de9248 200 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 201
a9de9248
MH		 202 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
203 if (!sent)
204 return;
04837f64 205
b312b161
JH		 206 if (test_bit(HCI_MGMT, &hdev->flags))
207 mgmt_set_local_name_complete(hdev->id, sent, status);
208
209 if (status)
210 return;
211
1f6c6378 212 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 213}
214
215static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
216{
217 struct hci_rp_read_local_name *rp = (void *) skb->data;
218
219 BT_DBG("%s status 0x%x", hdev->name, rp->status);
220
221 if (rp->status)
222 return;
223
1f6c6378 224 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 225}
226
227static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
228{
229 __u8 status = *((__u8 *) skb->data);
230 void *sent;
231
232 BT_DBG("%s status 0x%x", hdev->name, status);
233
234 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
235 if (!sent)
236 return;
237
238 if (!status) {
239 __u8 param = *((__u8 *) sent);
240
241 if (param == AUTH_ENABLED)
242 set_bit(HCI_AUTH, &hdev->flags);
243 else
244 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 245 }
a9de9248 246
23bb5763 247 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 248}
249
a9de9248 250static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 251{
a9de9248 252 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 253 void *sent;
254
a9de9248 255 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 256
a9de9248
MH		 257 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
258 if (!sent)
259 return;
1da177e4 260
a9de9248
MH		 261 if (!status) {
262 __u8 param = *((__u8 *) sent);
263
264 if (param)
265 set_bit(HCI_ENCRYPT, &hdev->flags);
266 else
267 clear_bit(HCI_ENCRYPT, &hdev->flags);
268 }
1da177e4 269
23bb5763 270 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 271}
1da177e4 272
a9de9248
MH		 273static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
274{
275 __u8 status = *((__u8 *) skb->data);
276 void *sent;
1da177e4 277
a9de9248 278 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 279
a9de9248
MH		 280 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
281 if (!sent)
282 return;
1da177e4 283
a9de9248
MH		 284 if (!status) {
285 __u8 param = *((__u8 *) sent);
9fbcbb45 286 int old_pscan, old_iscan;
1da177e4 287
9fbcbb45
JH		 288 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
289 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
1da177e4 290
73f22f62 291 if (param & SCAN_INQUIRY) {
a9de9248 292 set_bit(HCI_ISCAN, &hdev->flags);
9fbcbb45
JH		 293 if (!old_iscan)
294 mgmt_discoverable(hdev->id, 1);
295 } else if (old_iscan)
73f22f62 296 mgmt_discoverable(hdev->id, 0);
1da177e4 297
9fbcbb45 298 if (param & SCAN_PAGE) {
a9de9248 299 set_bit(HCI_PSCAN, &hdev->flags);
9fbcbb45
JH		 300 if (!old_pscan)
301 mgmt_connectable(hdev->id, 1);
302 } else if (old_pscan)
303 mgmt_connectable(hdev->id, 0);
a9de9248 304 }
1da177e4 305
23bb5763 306 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 307}
1da177e4 308
a9de9248
MH		 309static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
310{
311 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 312
a9de9248 313 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 314
a9de9248
MH		 315 if (rp->status)
316 return;
1da177e4 317
a9de9248 318 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 319
a9de9248
MH		 320 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
321 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
322}
1da177e4 323
a9de9248
MH		 324static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
325{
326 __u8 status = *((__u8 *) skb->data);
327 void *sent;
1da177e4 328
a9de9248 329 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 330
f383f275
MH		 331 if (status)
332 return;
333
a9de9248
MH		 334 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
335 if (!sent)
336 return;
1da177e4 337
f383f275 338 memcpy(hdev->dev_class, sent, 3);
a9de9248 339}
1da177e4 340
a9de9248
MH		 341static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
342{
343 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
344 __u16 setting;
345
346 BT_DBG("%s status 0x%x", hdev->name, rp->status);
347
348 if (rp->status)
349 return;
350
351 setting = __le16_to_cpu(rp->voice_setting);
352
f383f275 353 if (hdev->voice_setting == setting)
a9de9248
MH		 354 return;
355
356 hdev->voice_setting = setting;
357
358 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
359
360 if (hdev->notify) {
361 tasklet_disable(&hdev->tx_task);
362 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
363 tasklet_enable(&hdev->tx_task);
364 }
365}
366
367static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
368{
369 __u8 status = *((__u8 *) skb->data);
f383f275 370 __u16 setting;
a9de9248
MH		 371 void *sent;
372
373 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 374
f383f275
MH		 375 if (status)
376 return;
377
a9de9248
MH		 378 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
379 if (!sent)
380 return;
1da177e4 381
f383f275 382 setting = get_unaligned_le16(sent);
1da177e4 383
f383f275
MH		 384 if (hdev->voice_setting == setting)
385 return;
386
387 hdev->voice_setting = setting;
1da177e4 388
f383f275 389 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 390
f383f275
MH		 391 if (hdev->notify) {
392 tasklet_disable(&hdev->tx_task);
393 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
394 tasklet_enable(&hdev->tx_task);
1da177e4
LT		 395 }
396}
397
a9de9248 398static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 399{
a9de9248 400 __u8 status = *((__u8 *) skb->data);
1da177e4 401
a9de9248 402 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 403
23bb5763 404 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 405}
1143e5a6 406
333140b5
MH		 407static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
408{
409 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
410
411 BT_DBG("%s status 0x%x", hdev->name, rp->status);
412
413 if (rp->status)
414 return;
415
416 hdev->ssp_mode = rp->mode;
417}
418
419static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
420{
421 __u8 status = *((__u8 *) skb->data);
422 void *sent;
423
424 BT_DBG("%s status 0x%x", hdev->name, status);
425
426 if (status)
427 return;
428
429 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
430 if (!sent)
431 return;
432
433 hdev->ssp_mode = *((__u8 *) sent);
434}
435
d5859e22
JH		 436static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
437{
438 if (hdev->features[6] & LMP_EXT_INQ)
439 return 2;
440
441 if (hdev->features[3] & LMP_RSSI_INQ)
442 return 1;
443
444 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
445 hdev->lmp_subver == 0x0757)
446 return 1;
447
448 if (hdev->manufacturer == 15) {
449 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
450 return 1;
451 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
452 return 1;
453 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
454 return 1;
455 }
456
457 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
458 hdev->lmp_subver == 0x1805)
459 return 1;
460
461 return 0;
462}
463
464static void hci_setup_inquiry_mode(struct hci_dev *hdev)
465{
466 u8 mode;
467
468 mode = hci_get_inquiry_mode(hdev);
469
470 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
471}
472
473static void hci_setup_event_mask(struct hci_dev *hdev)
474{
475 /* The second byte is 0xff instead of 0x9f (two reserved bits
476 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
477 * command otherwise */
478 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
479
480 /* Events for 1.2 and newer controllers */
481 if (hdev->lmp_ver > 1) {
482 events[4] |= 0x01; /* Flow Specification Complete */
483 events[4] |= 0x02; /* Inquiry Result with RSSI */
484 events[4] |= 0x04; /* Read Remote Extended Features Complete */
485 events[5] |= 0x08; /* Synchronous Connection Complete */
486 events[5] |= 0x10; /* Synchronous Connection Changed */
487 }
488
489 if (hdev->features[3] & LMP_RSSI_INQ)
490 events[4] |= 0x04; /* Inquiry Result with RSSI */
491
492 if (hdev->features[5] & LMP_SNIFF_SUBR)
493 events[5] |= 0x20; /* Sniff Subrating */
494
495 if (hdev->features[5] & LMP_PAUSE_ENC)
496 events[5] |= 0x80; /* Encryption Key Refresh Complete */
497
498 if (hdev->features[6] & LMP_EXT_INQ)
499 events[5] |= 0x40; /* Extended Inquiry Result */
500
501 if (hdev->features[6] & LMP_NO_FLUSH)
502 events[7] |= 0x01; /* Enhanced Flush Complete */
503
504 if (hdev->features[7] & LMP_LSTO)
505 events[6] |= 0x80; /* Link Supervision Timeout Changed */
506
507 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
508 events[6] |= 0x01; /* IO Capability Request */
509 events[6] |= 0x02; /* IO Capability Response */
510 events[6] |= 0x04; /* User Confirmation Request */
511 events[6] |= 0x08; /* User Passkey Request */
512 events[6] |= 0x10; /* Remote OOB Data Request */
513 events[6] |= 0x20; /* Simple Pairing Complete */
514 events[7] |= 0x04; /* User Passkey Notification */
515 events[7] |= 0x08; /* Keypress Notification */
516 events[7] |= 0x10; /* Remote Host Supported
517 * Features Notification */
518 }
519
520 if (hdev->features[4] & LMP_LE)
521 events[7] |= 0x20; /* LE Meta-Event */
522
523 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
524}
525
526static void hci_setup(struct hci_dev *hdev)
527{
528 hci_setup_event_mask(hdev);
529
530 if (hdev->lmp_ver > 1)
531 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
532
533 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
534 u8 mode = 0x01;
535 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
536 }
537
538 if (hdev->features[3] & LMP_RSSI_INQ)
539 hci_setup_inquiry_mode(hdev);
540
541 if (hdev->features[7] & LMP_INQ_TX_PWR)
542 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
543}
544
a9de9248
MH		 545static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
546{
547 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 548
a9de9248 549 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 550
a9de9248
MH		 551 if (rp->status)
552 return;
1143e5a6 553
a9de9248 554 hdev->hci_ver = rp->hci_ver;
e4e8e37c 555 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 556 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 557 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 558 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 559
a9de9248
MH		 560 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
561 hdev->manufacturer,
562 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 563
564 if (test_bit(HCI_INIT, &hdev->flags))
565 hci_setup(hdev);
566}
567
568static void hci_setup_link_policy(struct hci_dev *hdev)
569{
570 u16 link_policy = 0;
571
572 if (hdev->features[0] & LMP_RSWITCH)
573 link_policy |= HCI_LP_RSWITCH;
574 if (hdev->features[0] & LMP_HOLD)
575 link_policy |= HCI_LP_HOLD;
576 if (hdev->features[0] & LMP_SNIFF)
577 link_policy |= HCI_LP_SNIFF;
578 if (hdev->features[1] & LMP_PARK)
579 link_policy |= HCI_LP_PARK;
580
581 link_policy = cpu_to_le16(link_policy);
582 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
583 sizeof(link_policy), &link_policy);
a9de9248 584}
1da177e4 585
a9de9248
MH		 586static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
587{
588 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 589
a9de9248 590 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 591
a9de9248 592 if (rp->status)
d5859e22 593 goto done;
1da177e4 594
a9de9248 595 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 596
597 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
598 hci_setup_link_policy(hdev);
599
600done:
601 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 602}
1da177e4 603
a9de9248
MH		 604static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
605{
606 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 607
a9de9248 608 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 609
a9de9248
MH		 610 if (rp->status)
611 return;
5b7f9909 612
a9de9248 613 memcpy(hdev->features, rp->features, 8);
5b7f9909 614
a9de9248
MH		 615 /* Adjust default settings according to features
616 * supported by device. */
1da177e4 617
a9de9248
MH		 618 if (hdev->features[0] & LMP_3SLOT)
619 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 620
a9de9248
MH		 621 if (hdev->features[0] & LMP_5SLOT)
622 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 623
a9de9248
MH		 624 if (hdev->features[1] & LMP_HV2) {
625 hdev->pkt_type |= (HCI_HV2);
626 hdev->esco_type |= (ESCO_HV2);
627 }
1da177e4 628
a9de9248
MH		 629 if (hdev->features[1] & LMP_HV3) {
630 hdev->pkt_type |= (HCI_HV3);
631 hdev->esco_type |= (ESCO_HV3);
632 }
1da177e4 633
a9de9248
MH		 634 if (hdev->features[3] & LMP_ESCO)
635 hdev->esco_type |= (ESCO_EV3);
da1f5198 636
a9de9248
MH		 637 if (hdev->features[4] & LMP_EV4)
638 hdev->esco_type |= (ESCO_EV4);
da1f5198 639
a9de9248
MH		 640 if (hdev->features[4] & LMP_EV5)
641 hdev->esco_type |= (ESCO_EV5);
1da177e4 642
efc7688b
MH		 643 if (hdev->features[5] & LMP_EDR_ESCO_2M)
644 hdev->esco_type |= (ESCO_2EV3);
645
646 if (hdev->features[5] & LMP_EDR_ESCO_3M)
647 hdev->esco_type |= (ESCO_3EV3);
648
649 if (hdev->features[5] & LMP_EDR_3S_ESCO)
650 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
651
a9de9248
MH		 652 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
653 hdev->features[0], hdev->features[1],
654 hdev->features[2], hdev->features[3],
655 hdev->features[4], hdev->features[5],
656 hdev->features[6], hdev->features[7]);
657}
1da177e4 658
a9de9248
MH		 659static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
660{
661 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 662
a9de9248 663 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 664
a9de9248
MH		 665 if (rp->status)
666 return;
1da177e4 667
a9de9248
MH		 668 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
669 hdev->sco_mtu = rp->sco_mtu;
670 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
671 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
672
673 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
674 hdev->sco_mtu = 64;
675 hdev->sco_pkts = 8;
1da177e4 676 }
a9de9248
MH		 677
678 hdev->acl_cnt = hdev->acl_pkts;
679 hdev->sco_cnt = hdev->sco_pkts;
680
681 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
682 hdev->acl_mtu, hdev->acl_pkts,
683 hdev->sco_mtu, hdev->sco_pkts);
684}
685
686static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
687{
688 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
689
690 BT_DBG("%s status 0x%x", hdev->name, rp->status);
691
692 if (!rp->status)
693 bacpy(&hdev->bdaddr, &rp->bdaddr);
694
23bb5763
JH		 695 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
696}
697
698static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
699{
700 __u8 status = *((__u8 *) skb->data);
701
702 BT_DBG("%s status 0x%x", hdev->name, status);
703
704 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 705}
706
b0916ea0
JH		 707static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
708 struct sk_buff *skb)
709{
710 __u8 status = *((__u8 *) skb->data);
711
712 BT_DBG("%s status 0x%x", hdev->name, status);
713
714 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
715}
716
d5859e22
JH		 717static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
718{
719 __u8 status = *((__u8 *) skb->data);
720
721 BT_DBG("%s status 0x%x", hdev->name, status);
722
723 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
724}
725
726static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
727 struct sk_buff *skb)
728{
729 __u8 status = *((__u8 *) skb->data);
730
731 BT_DBG("%s status 0x%x", hdev->name, status);
732
733 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
734}
735
736static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
737 struct sk_buff *skb)
738{
739 __u8 status = *((__u8 *) skb->data);
740
741 BT_DBG("%s status 0x%x", hdev->name, status);
742
743 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
744}
745
746static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
747{
748 __u8 status = *((__u8 *) skb->data);
749
750 BT_DBG("%s status 0x%x", hdev->name, status);
751
752 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
753}
754
980e1a53
JH		 755static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
756{
757 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
758 struct hci_cp_pin_code_reply *cp;
759 struct hci_conn *conn;
760
761 BT_DBG("%s status 0x%x", hdev->name, rp->status);
762
763 if (test_bit(HCI_MGMT, &hdev->flags))
764 mgmt_pin_code_reply_complete(hdev->id, &rp->bdaddr, rp->status);
765
766 if (rp->status != 0)
767 return;
768
769 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
770 if (!cp)
771 return;
772
773 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
774 if (conn)
775 conn->pin_length = cp->pin_len;
776}
777
778static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
779{
780 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
781
782 BT_DBG("%s status 0x%x", hdev->name, rp->status);
783
784 if (test_bit(HCI_MGMT, &hdev->flags))
785 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
786 rp->status);
787}
6ed58ec5
VT		 788static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
789 struct sk_buff *skb)
790{
791 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
792
793 BT_DBG("%s status 0x%x", hdev->name, rp->status);
794
795 if (rp->status)
796 return;
797
798 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
799 hdev->le_pkts = rp->le_max_pkt;
800
801 hdev->le_cnt = hdev->le_pkts;
802
803 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
804
805 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
806}
980e1a53 807
a5c29683
JH		 808static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
809{
810 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
811
812 BT_DBG("%s status 0x%x", hdev->name, rp->status);
813
814 if (test_bit(HCI_MGMT, &hdev->flags))
815 mgmt_user_confirm_reply_complete(hdev->id, &rp->bdaddr,
816 rp->status);
817}
818
819static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
820 struct sk_buff *skb)
821{
822 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
823
824 BT_DBG("%s status 0x%x", hdev->name, rp->status);
825
826 if (test_bit(HCI_MGMT, &hdev->flags))
827 mgmt_user_confirm_neg_reply_complete(hdev->id, &rp->bdaddr,
828 rp->status);
829}
830
c35938b2
SJ		 831static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
832 struct sk_buff *skb)
833{
834 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
835
836 BT_DBG("%s status 0x%x", hdev->name, rp->status);
837
838 mgmt_read_local_oob_data_reply_complete(hdev->id, rp->hash,
839 rp->randomizer, rp->status);
840}
841
eb9d91f5
AG		 842static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
843 struct sk_buff *skb)
844{
845 struct hci_cp_le_set_scan_enable *cp;
846 __u8 status = *((__u8 *) skb->data);
847
848 BT_DBG("%s status 0x%x", hdev->name, status);
849
850 if (status)
851 return;
852
853 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
854 if (!cp)
855 return;
856
857 hci_dev_lock(hdev);
858
859 if (cp->enable == 0x01)
860 hci_adv_entries_clear(hdev);
861
862 hci_dev_unlock(hdev);
863}
864
a9de9248
MH		 865static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
866{
867 BT_DBG("%s status 0x%x", hdev->name, status);
868
869 if (status) {
23bb5763 870 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 871 hci_conn_check_pending(hdev);
314b2381
JH		 872 return;
873 }
874
875 if (test_bit(HCI_MGMT, &hdev->flags) &&
876 !test_and_set_bit(HCI_INQUIRY,
877 &hdev->flags))
878 mgmt_discovering(hdev->id, 1);
1da177e4
LT		 879}
880
1da177e4
LT		 881static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
882{
a9de9248 883 struct hci_cp_create_conn *cp;
1da177e4 884 struct hci_conn *conn;
1da177e4 885
a9de9248
MH		 886 BT_DBG("%s status 0x%x", hdev->name, status);
887
888 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 889 if (!cp)
890 return;
891
892 hci_dev_lock(hdev);
893
894 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
895
a9de9248 896 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 897
898 if (status) {
899 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 900 if (status != 0x0c || conn->attempt > 2) {
901 conn->state = BT_CLOSED;
902 hci_proto_connect_cfm(conn, status);
903 hci_conn_del(conn);
904 } else
905 conn->state = BT_CONNECT2;
1da177e4
LT		 906 }
907 } else {
908 if (!conn) {
909 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
910 if (conn) {
911 conn->out = 1;
912 conn->link_mode |= HCI_LM_MASTER;
913 } else
893ef971 914 BT_ERR("No memory for new connection");
1da177e4
LT		 915 }
916 }
917
918 hci_dev_unlock(hdev);
919}
920
a9de9248 921static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 922{
a9de9248
MH		 923 struct hci_cp_add_sco *cp;
924 struct hci_conn *acl, *sco;
925 __u16 handle;
1da177e4 926
b6a0dc82
MH		 927 BT_DBG("%s status 0x%x", hdev->name, status);
928
a9de9248
MH		 929 if (!status)
930 return;
1da177e4 931
a9de9248
MH		 932 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
933 if (!cp)
934 return;
1da177e4 935
a9de9248 936 handle = __le16_to_cpu(cp->handle);
1da177e4 937
a9de9248 938 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 939
a9de9248 940 hci_dev_lock(hdev);
1da177e4 941
a9de9248 942 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 943 if (acl) {
944 sco = acl->link;
945 if (sco) {
946 sco->state = BT_CLOSED;
1da177e4 947
5a08ecce
AE		 948 hci_proto_connect_cfm(sco, status);
949 hci_conn_del(sco);
950 }
a9de9248 951 }
1da177e4 952
a9de9248
MH		 953 hci_dev_unlock(hdev);
954}
1da177e4 955
f8558555
MH		 956static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
957{
958 struct hci_cp_auth_requested *cp;
959 struct hci_conn *conn;
960
961 BT_DBG("%s status 0x%x", hdev->name, status);
962
963 if (!status)
964 return;
965
966 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
967 if (!cp)
968 return;
969
970 hci_dev_lock(hdev);
971
972 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
973 if (conn) {
974 if (conn->state == BT_CONFIG) {
975 hci_proto_connect_cfm(conn, status);
976 hci_conn_put(conn);
977 }
978 }
979
980 hci_dev_unlock(hdev);
981}
982
983static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
984{
985 struct hci_cp_set_conn_encrypt *cp;
986 struct hci_conn *conn;
987
988 BT_DBG("%s status 0x%x", hdev->name, status);
989
990 if (!status)
991 return;
992
993 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
994 if (!cp)
995 return;
996
997 hci_dev_lock(hdev);
998
999 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1000 if (conn) {
1001 if (conn->state == BT_CONFIG) {
1002 hci_proto_connect_cfm(conn, status);
1003 hci_conn_put(conn);
1004 }
1005 }
1006
1007 hci_dev_unlock(hdev);
1008}
1009
127178d2 1010static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1011 struct hci_conn *conn)
392599b9 1012{
392599b9
JH		 1013 if (conn->state != BT_CONFIG || !conn->out)
1014 return 0;
1015
765c2a96 1016 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1017 return 0;
1018
1019 /* Only request authentication for SSP connections or non-SSP
1020 * devices with sec_level HIGH */
1021 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
765c2a96 1022 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1023 return 0;
1024
392599b9
JH		 1025 return 1;
1026}
1027
a9de9248
MH		 1028static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1029{
127178d2
JH		 1030 struct hci_cp_remote_name_req *cp;
1031 struct hci_conn *conn;
1032
a9de9248 1033 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1034
1035 /* If successful wait for the name req complete event before
1036 * checking for the need to do authentication */
1037 if (!status)
1038 return;
1039
1040 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1041 if (!cp)
1042 return;
1043
1044 hci_dev_lock(hdev);
1045
1046 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
79c6c70c
JH		 1047 if (!conn)
1048 goto unlock;
1049
1050 if (!hci_outgoing_auth_needed(hdev, conn))
1051 goto unlock;
1052
1053 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
127178d2
JH		 1054 struct hci_cp_auth_requested cp;
1055 cp.handle = __cpu_to_le16(conn->handle);
1056 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1057 }
1058
79c6c70c 1059unlock:
127178d2 1060 hci_dev_unlock(hdev);
a9de9248 1061}
1da177e4 1062
769be974
MH		 1063static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1064{
1065 struct hci_cp_read_remote_features *cp;
1066 struct hci_conn *conn;
1067
1068 BT_DBG("%s status 0x%x", hdev->name, status);
1069
1070 if (!status)
1071 return;
1072
1073 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1074 if (!cp)
1075 return;
1076
1077 hci_dev_lock(hdev);
1078
1079 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1080 if (conn) {
1081 if (conn->state == BT_CONFIG) {
769be974
MH		 1082 hci_proto_connect_cfm(conn, status);
1083 hci_conn_put(conn);
1084 }
1085 }
1086
1087 hci_dev_unlock(hdev);
1088}
1089
1090static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1091{
1092 struct hci_cp_read_remote_ext_features *cp;
1093 struct hci_conn *conn;
1094
1095 BT_DBG("%s status 0x%x", hdev->name, status);
1096
1097 if (!status)
1098 return;
1099
1100 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1101 if (!cp)
1102 return;
1103
1104 hci_dev_lock(hdev);
1105
1106 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1107 if (conn) {
1108 if (conn->state == BT_CONFIG) {
769be974
MH		 1109 hci_proto_connect_cfm(conn, status);
1110 hci_conn_put(conn);
1111 }
1112 }
1113
1114 hci_dev_unlock(hdev);
1115}
1116
a9de9248
MH		 1117static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1118{
b6a0dc82
MH		 1119 struct hci_cp_setup_sync_conn *cp;
1120 struct hci_conn *acl, *sco;
1121 __u16 handle;
1122
a9de9248 1123 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1124
1125 if (!status)
1126 return;
1127
1128 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1129 if (!cp)
1130 return;
1131
1132 handle = __le16_to_cpu(cp->handle);
1133
1134 BT_DBG("%s handle %d", hdev->name, handle);
1135
1136 hci_dev_lock(hdev);
1137
1138 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1139 if (acl) {
1140 sco = acl->link;
1141 if (sco) {
1142 sco->state = BT_CLOSED;
b6a0dc82 1143
5a08ecce
AE		 1144 hci_proto_connect_cfm(sco, status);
1145 hci_conn_del(sco);
1146 }
b6a0dc82
MH		 1147 }
1148
1149 hci_dev_unlock(hdev);
1da177e4
LT		 1150}
1151
a9de9248 1152static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1153{
a9de9248
MH		 1154 struct hci_cp_sniff_mode *cp;
1155 struct hci_conn *conn;
1da177e4 1156
a9de9248 1157 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1158
a9de9248
MH		 1159 if (!status)
1160 return;
04837f64 1161
a9de9248
MH		 1162 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1163 if (!cp)
1164 return;
04837f64 1165
a9de9248 1166 hci_dev_lock(hdev);
04837f64 1167
a9de9248 1168 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1169 if (conn) {
a9de9248 1170 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
04837f64 1171
e73439d8
MH		 1172 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1173 hci_sco_setup(conn, status);
1174 }
1175
a9de9248
MH		 1176 hci_dev_unlock(hdev);
1177}
04837f64 1178
a9de9248
MH		 1179static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1180{
1181 struct hci_cp_exit_sniff_mode *cp;
1182 struct hci_conn *conn;
04837f64 1183
a9de9248 1184 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1185
a9de9248
MH		 1186 if (!status)
1187 return;
04837f64 1188
a9de9248
MH		 1189 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1190 if (!cp)
1191 return;
04837f64 1192
a9de9248 1193 hci_dev_lock(hdev);
1da177e4 1194
a9de9248 1195 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1196 if (conn) {
a9de9248 1197 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1da177e4 1198
e73439d8
MH		 1199 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1200 hci_sco_setup(conn, status);
1201 }
1202
a9de9248 1203 hci_dev_unlock(hdev);
1da177e4
LT		 1204}
1205
fcd89c09
VT		 1206static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1207{
1208 struct hci_cp_le_create_conn *cp;
1209 struct hci_conn *conn;
1210
1211 BT_DBG("%s status 0x%x", hdev->name, status);
1212
1213 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1214 if (!cp)
1215 return;
1216
1217 hci_dev_lock(hdev);
1218
1219 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1220
1221 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1222 conn);
1223
1224 if (status) {
1225 if (conn && conn->state == BT_CONNECT) {
1226 conn->state = BT_CLOSED;
1227 hci_proto_connect_cfm(conn, status);
1228 hci_conn_del(conn);
1229 }
1230 } else {
1231 if (!conn) {
1232 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1233 if (conn)
1234 conn->out = 1;
1235 else
1236 BT_ERR("No memory for new connection");
1237 }
1238 }
1239
1240 hci_dev_unlock(hdev);
1241}
1242
1da177e4
LT		 1243static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1244{
1245 __u8 status = *((__u8 *) skb->data);
1246
1247 BT_DBG("%s status %d", hdev->name, status);
1248
314b2381
JH		 1249 if (test_bit(HCI_MGMT, &hdev->flags) &&
1250 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1251 mgmt_discovering(hdev->id, 0);
6bd57416 1252
23bb5763 1253 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1254
a9de9248 1255 hci_conn_check_pending(hdev);
1da177e4
LT		 1256}
1257
1da177e4
LT		 1258static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1259{
45bb4bf0 1260 struct inquiry_data data;
a9de9248 1261 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1262 int num_rsp = *((__u8 *) skb->data);
1263
1264 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1265
45bb4bf0
MH		 1266 if (!num_rsp)
1267 return;
1268
1da177e4 1269 hci_dev_lock(hdev);
45bb4bf0 1270
314b2381
JH		 1271 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
1272
1273 if (test_bit(HCI_MGMT, &hdev->flags))
1274 mgmt_discovering(hdev->id, 1);
1275 }
1276
e17acd40 1277 for (; num_rsp; num_rsp--, info++) {
1da177e4
LT		 1278 bacpy(&data.bdaddr, &info->bdaddr);
1279 data.pscan_rep_mode = info->pscan_rep_mode;
1280 data.pscan_period_mode = info->pscan_period_mode;
1281 data.pscan_mode = info->pscan_mode;
1282 memcpy(data.dev_class, info->dev_class, 3);
1283 data.clock_offset = info->clock_offset;
1284 data.rssi = 0x00;
41a96212 1285 data.ssp_mode = 0x00;
1da177e4 1286 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 1287 mgmt_device_found(hdev->id, &info->bdaddr, info->dev_class, 0,
1288 NULL);
1da177e4 1289 }
45bb4bf0 1290
1da177e4
LT		 1291 hci_dev_unlock(hdev);
1292}
1293
1da177e4
LT		 1294static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1295{
a9de9248
MH		 1296 struct hci_ev_conn_complete *ev = (void *) skb->data;
1297 struct hci_conn *conn;
1da177e4
LT		 1298
1299 BT_DBG("%s", hdev->name);
1300
1301 hci_dev_lock(hdev);
1302
1303 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1304 if (!conn) {
1305 if (ev->link_type != SCO_LINK)
1306 goto unlock;
1307
1308 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1309 if (!conn)
1310 goto unlock;
1311
1312 conn->type = SCO_LINK;
1313 }
1da177e4
LT		 1314
1315 if (!ev->status) {
1316 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1317
1318 if (conn->type == ACL_LINK) {
1319 conn->state = BT_CONFIG;
1320 hci_conn_hold(conn);
052b30b0 1321 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
f7520543 1322 mgmt_connected(hdev->id, &ev->bdaddr);
769be974
MH		 1323 } else
1324 conn->state = BT_CONNECTED;
1da177e4 1325
9eba32b8 1326 hci_conn_hold_device(conn);
7d0db0a3
MH		 1327 hci_conn_add_sysfs(conn);
1328
1da177e4
LT		 1329 if (test_bit(HCI_AUTH, &hdev->flags))
1330 conn->link_mode |= HCI_LM_AUTH;
1331
1332 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1333 conn->link_mode |= HCI_LM_ENCRYPT;
1334
04837f64
MH		 1335 /* Get remote features */
1336 if (conn->type == ACL_LINK) {
1337 struct hci_cp_read_remote_features cp;
1338 cp.handle = ev->handle;
769be974
MH		 1339 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1340 sizeof(cp), &cp);
04837f64
MH		 1341 }
1342
1da177e4 1343 /* Set packet type for incoming connection */
a8746417 1344 if (!conn->out && hdev->hci_ver < 3) {
1da177e4
LT		 1345 struct hci_cp_change_conn_ptype cp;
1346 cp.handle = ev->handle;
a8746417
MH		 1347 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1348 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1349 sizeof(cp), &cp);
1da177e4 1350 }
17d5c04c 1351 } else {
1da177e4 1352 conn->state = BT_CLOSED;
17d5c04c
JH		 1353 if (conn->type == ACL_LINK)
1354 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1355 }
1da177e4 1356
e73439d8
MH		 1357 if (conn->type == ACL_LINK)
1358 hci_sco_setup(conn, ev->status);
1da177e4 1359
769be974
MH		 1360 if (ev->status) {
1361 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1362 hci_conn_del(conn);
c89b6e6b
MH		 1363 } else if (ev->link_type != ACL_LINK)
1364 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1365
a9de9248 1366unlock:
1da177e4 1367 hci_dev_unlock(hdev);
1da177e4 1368
a9de9248 1369 hci_conn_check_pending(hdev);
1da177e4
LT		 1370}
1371
a9de9248 1372static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1373{
a9de9248
MH		 1374 struct hci_ev_conn_request *ev = (void *) skb->data;
1375 int mask = hdev->link_mode;
1da177e4 1376
a9de9248
MH		 1377 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1378 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1379
a9de9248 1380 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1381
138d22ef
SJ		 1382 if ((mask & HCI_LM_ACCEPT) &&
1383 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1384 /* Connection accepted */
c7bdd502 1385 struct inquiry_entry *ie;
1da177e4 1386 struct hci_conn *conn;
1da177e4 1387
a9de9248 1388 hci_dev_lock(hdev);
b6a0dc82 1389
cc11b9c1
AE		 1390 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1391 if (ie)
c7bdd502
MH		 1392 memcpy(ie->data.dev_class, ev->dev_class, 3);
1393
a9de9248
MH		 1394 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1395 if (!conn) {
cc11b9c1
AE		 1396 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1397 if (!conn) {
893ef971 1398 BT_ERR("No memory for new connection");
a9de9248
MH		 1399 hci_dev_unlock(hdev);
1400 return;
1da177e4
LT		 1401 }
1402 }
b6a0dc82 1403
a9de9248
MH		 1404 memcpy(conn->dev_class, ev->dev_class, 3);
1405 conn->state = BT_CONNECT;
b6a0dc82 1406
a9de9248 1407 hci_dev_unlock(hdev);
1da177e4 1408
b6a0dc82
MH		 1409 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1410 struct hci_cp_accept_conn_req cp;
1da177e4 1411
b6a0dc82
MH		 1412 bacpy(&cp.bdaddr, &ev->bdaddr);
1413
1414 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1415 cp.role = 0x00; /* Become master */
1416 else
1417 cp.role = 0x01; /* Remain slave */
1418
1419 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1420 sizeof(cp), &cp);
1421 } else {
1422 struct hci_cp_accept_sync_conn_req cp;
1423
1424 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1425 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1426
1427 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1428 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1429 cp.max_latency = cpu_to_le16(0xffff);
1430 cp.content_format = cpu_to_le16(hdev->voice_setting);
1431 cp.retrans_effort = 0xff;
1da177e4 1432
b6a0dc82
MH		 1433 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1434 sizeof(cp), &cp);
1435 }
a9de9248
MH		 1436 } else {
1437 /* Connection rejected */
1438 struct hci_cp_reject_conn_req cp;
1da177e4 1439
a9de9248
MH		 1440 bacpy(&cp.bdaddr, &ev->bdaddr);
1441 cp.reason = 0x0f;
1442 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1443 }
1da177e4
LT		 1444}
1445
a9de9248 1446static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1447{
a9de9248 1448 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1449 struct hci_conn *conn;
1450
1451 BT_DBG("%s status %d", hdev->name, ev->status);
1452
8962ee74
JH		 1453 if (ev->status) {
1454 mgmt_disconnect_failed(hdev->id);
a9de9248 1455 return;
8962ee74 1456 }
a9de9248 1457
04837f64
MH		 1458 hci_dev_lock(hdev);
1459
1460 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1461 if (!conn)
1462 goto unlock;
7d0db0a3 1463
f7520543 1464 conn->state = BT_CLOSED;
04837f64 1465
83bc71b4 1466 if (conn->type == ACL_LINK || conn->type == LE_LINK)
f7520543
JH		 1467 mgmt_disconnected(hdev->id, &conn->dst);
1468
1469 hci_proto_disconn_cfm(conn, ev->reason);
1470 hci_conn_del(conn);
1471
1472unlock:
04837f64
MH		 1473 hci_dev_unlock(hdev);
1474}
1475
1da177e4
LT		 1476static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1477{
a9de9248 1478 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1479 struct hci_conn *conn;
1da177e4
LT		 1480
1481 BT_DBG("%s status %d", hdev->name, ev->status);
1482
1483 hci_dev_lock(hdev);
1484
04837f64 1485 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4 1486 if (conn) {
765c2a96 1487 if (!ev->status) {
1da177e4 1488 conn->link_mode |= HCI_LM_AUTH;
765c2a96 1489 conn->sec_level = conn->pending_sec_level;
2a611692
JH		 1490 } else {
1491 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
2a611692 1492 }
1da177e4
LT		 1493
1494 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1495
f8558555
MH		 1496 if (conn->state == BT_CONFIG) {
1497 if (!ev->status && hdev->ssp_mode > 0 &&
1498 conn->ssp_mode > 0) {
1499 struct hci_cp_set_conn_encrypt cp;
1500 cp.handle = ev->handle;
1501 cp.encrypt = 0x01;
1502 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1503 sizeof(cp), &cp);
1504 } else {
1505 conn->state = BT_CONNECTED;
1506 hci_proto_connect_cfm(conn, ev->status);
1507 hci_conn_put(conn);
1508 }
052b30b0 1509 } else {
f8558555 1510 hci_auth_cfm(conn, ev->status);
1da177e4 1511
052b30b0
MH		 1512 hci_conn_hold(conn);
1513 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1514 hci_conn_put(conn);
1515 }
1516
1da177e4
LT		 1517 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1518 if (!ev->status) {
1519 struct hci_cp_set_conn_encrypt cp;
f8558555
MH		 1520 cp.handle = ev->handle;
1521 cp.encrypt = 0x01;
1522 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1523 sizeof(cp), &cp);
1da177e4
LT		 1524 } else {
1525 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1526 hci_encrypt_cfm(conn, ev->status, 0x00);
1527 }
1528 }
1529 }
1530
1531 hci_dev_unlock(hdev);
1532}
1533
a9de9248 1534static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1535{
127178d2
JH		 1536 struct hci_ev_remote_name *ev = (void *) skb->data;
1537 struct hci_conn *conn;
1538
a9de9248 1539 BT_DBG("%s", hdev->name);
1da177e4 1540
a9de9248 1541 hci_conn_check_pending(hdev);
127178d2
JH		 1542
1543 hci_dev_lock(hdev);
1544
a88a9652
JH		 1545 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1546 mgmt_remote_name(hdev->id, &ev->bdaddr, ev->name);
1547
127178d2 1548 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
79c6c70c
JH		 1549 if (!conn)
1550 goto unlock;
1551
1552 if (!hci_outgoing_auth_needed(hdev, conn))
1553 goto unlock;
1554
1555 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
127178d2
JH		 1556 struct hci_cp_auth_requested cp;
1557 cp.handle = __cpu_to_le16(conn->handle);
1558 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1559 }
1560
79c6c70c 1561unlock:
127178d2 1562 hci_dev_unlock(hdev);
a9de9248
MH		 1563}
1564
1565static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1566{
1567 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1568 struct hci_conn *conn;
1569
1570 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1571
1572 hci_dev_lock(hdev);
1573
04837f64 1574 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1575 if (conn) {
1576 if (!ev->status) {
ae293196
MH		 1577 if (ev->encrypt) {
1578 /* Encryption implies authentication */
1579 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1580 conn->link_mode |= HCI_LM_ENCRYPT;
ae293196 1581 } else
1da177e4
LT		 1582 conn->link_mode &= ~HCI_LM_ENCRYPT;
1583 }
1584
1585 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1586
f8558555
MH		 1587 if (conn->state == BT_CONFIG) {
1588 if (!ev->status)
1589 conn->state = BT_CONNECTED;
1590
1591 hci_proto_connect_cfm(conn, ev->status);
1592 hci_conn_put(conn);
1593 } else
1594 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1595 }
1596
1597 hci_dev_unlock(hdev);
1598}
1599
a9de9248 1600static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1601{
a9de9248 1602 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1603 struct hci_conn *conn;
1da177e4
LT		 1604
1605 BT_DBG("%s status %d", hdev->name, ev->status);
1606
1607 hci_dev_lock(hdev);
1608
04837f64 1609 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1610 if (conn) {
1611 if (!ev->status)
1612 conn->link_mode |= HCI_LM_SECURE;
1613
1614 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1615
1616 hci_key_change_cfm(conn, ev->status);
1617 }
1618
1619 hci_dev_unlock(hdev);
1620}
1621
a9de9248 1622static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1623{
a9de9248
MH		 1624 struct hci_ev_remote_features *ev = (void *) skb->data;
1625 struct hci_conn *conn;
1626
1627 BT_DBG("%s status %d", hdev->name, ev->status);
1628
a9de9248
MH		 1629 hci_dev_lock(hdev);
1630
1631 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 1632 if (!conn)
1633 goto unlock;
769be974 1634
ccd556fe
JH		 1635 if (!ev->status)
1636 memcpy(conn->features, ev->features, 8);
1637
1638 if (conn->state != BT_CONFIG)
1639 goto unlock;
1640
1641 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1642 struct hci_cp_read_remote_ext_features cp;
1643 cp.handle = ev->handle;
1644 cp.page = 0x01;
1645 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 1646 sizeof(cp), &cp);
392599b9
JH		 1647 goto unlock;
1648 }
1649
127178d2
JH		 1650 if (!ev->status) {
1651 struct hci_cp_remote_name_req cp;
1652 memset(&cp, 0, sizeof(cp));
1653 bacpy(&cp.bdaddr, &conn->dst);
1654 cp.pscan_rep_mode = 0x02;
1655 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1656 }
392599b9 1657
127178d2 1658 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 1659 conn->state = BT_CONNECTED;
1660 hci_proto_connect_cfm(conn, ev->status);
1661 hci_conn_put(conn);
769be974 1662 }
a9de9248 1663
ccd556fe 1664unlock:
a9de9248 1665 hci_dev_unlock(hdev);
1da177e4
LT		 1666}
1667
a9de9248 1668static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1669{
a9de9248 1670 BT_DBG("%s", hdev->name);
1da177e4
LT		 1671}
1672
a9de9248 1673static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1674{
a9de9248 1675 BT_DBG("%s", hdev->name);
1da177e4
LT		 1676}
1677
a9de9248
MH		 1678static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1679{
1680 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1681 __u16 opcode;
1682
1683 skb_pull(skb, sizeof(*ev));
1684
1685 opcode = __le16_to_cpu(ev->opcode);
1686
1687 switch (opcode) {
1688 case HCI_OP_INQUIRY_CANCEL:
1689 hci_cc_inquiry_cancel(hdev, skb);
1690 break;
1691
1692 case HCI_OP_EXIT_PERIODIC_INQ:
1693 hci_cc_exit_periodic_inq(hdev, skb);
1694 break;
1695
1696 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1697 hci_cc_remote_name_req_cancel(hdev, skb);
1698 break;
1699
1700 case HCI_OP_ROLE_DISCOVERY:
1701 hci_cc_role_discovery(hdev, skb);
1702 break;
1703
e4e8e37c
MH		 1704 case HCI_OP_READ_LINK_POLICY:
1705 hci_cc_read_link_policy(hdev, skb);
1706 break;
1707
a9de9248
MH		 1708 case HCI_OP_WRITE_LINK_POLICY:
1709 hci_cc_write_link_policy(hdev, skb);
1710 break;
1711
e4e8e37c
MH		 1712 case HCI_OP_READ_DEF_LINK_POLICY:
1713 hci_cc_read_def_link_policy(hdev, skb);
1714 break;
1715
1716 case HCI_OP_WRITE_DEF_LINK_POLICY:
1717 hci_cc_write_def_link_policy(hdev, skb);
1718 break;
1719
a9de9248
MH		 1720 case HCI_OP_RESET:
1721 hci_cc_reset(hdev, skb);
1722 break;
1723
1724 case HCI_OP_WRITE_LOCAL_NAME:
1725 hci_cc_write_local_name(hdev, skb);
1726 break;
1727
1728 case HCI_OP_READ_LOCAL_NAME:
1729 hci_cc_read_local_name(hdev, skb);
1730 break;
1731
1732 case HCI_OP_WRITE_AUTH_ENABLE:
1733 hci_cc_write_auth_enable(hdev, skb);
1734 break;
1735
1736 case HCI_OP_WRITE_ENCRYPT_MODE:
1737 hci_cc_write_encrypt_mode(hdev, skb);
1738 break;
1739
1740 case HCI_OP_WRITE_SCAN_ENABLE:
1741 hci_cc_write_scan_enable(hdev, skb);
1742 break;
1743
1744 case HCI_OP_READ_CLASS_OF_DEV:
1745 hci_cc_read_class_of_dev(hdev, skb);
1746 break;
1747
1748 case HCI_OP_WRITE_CLASS_OF_DEV:
1749 hci_cc_write_class_of_dev(hdev, skb);
1750 break;
1751
1752 case HCI_OP_READ_VOICE_SETTING:
1753 hci_cc_read_voice_setting(hdev, skb);
1754 break;
1755
1756 case HCI_OP_WRITE_VOICE_SETTING:
1757 hci_cc_write_voice_setting(hdev, skb);
1758 break;
1759
1760 case HCI_OP_HOST_BUFFER_SIZE:
1761 hci_cc_host_buffer_size(hdev, skb);
1762 break;
1763
333140b5
MH		 1764 case HCI_OP_READ_SSP_MODE:
1765 hci_cc_read_ssp_mode(hdev, skb);
1766 break;
1767
1768 case HCI_OP_WRITE_SSP_MODE:
1769 hci_cc_write_ssp_mode(hdev, skb);
1770 break;
1771
a9de9248
MH		 1772 case HCI_OP_READ_LOCAL_VERSION:
1773 hci_cc_read_local_version(hdev, skb);
1774 break;
1775
1776 case HCI_OP_READ_LOCAL_COMMANDS:
1777 hci_cc_read_local_commands(hdev, skb);
1778 break;
1779
1780 case HCI_OP_READ_LOCAL_FEATURES:
1781 hci_cc_read_local_features(hdev, skb);
1782 break;
1783
1784 case HCI_OP_READ_BUFFER_SIZE:
1785 hci_cc_read_buffer_size(hdev, skb);
1786 break;
1787
1788 case HCI_OP_READ_BD_ADDR:
1789 hci_cc_read_bd_addr(hdev, skb);
1790 break;
1791
23bb5763
JH		 1792 case HCI_OP_WRITE_CA_TIMEOUT:
1793 hci_cc_write_ca_timeout(hdev, skb);
1794 break;
1795
b0916ea0
JH		 1796 case HCI_OP_DELETE_STORED_LINK_KEY:
1797 hci_cc_delete_stored_link_key(hdev, skb);
1798 break;
1799
d5859e22
JH		 1800 case HCI_OP_SET_EVENT_MASK:
1801 hci_cc_set_event_mask(hdev, skb);
1802 break;
1803
1804 case HCI_OP_WRITE_INQUIRY_MODE:
1805 hci_cc_write_inquiry_mode(hdev, skb);
1806 break;
1807
1808 case HCI_OP_READ_INQ_RSP_TX_POWER:
1809 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1810 break;
1811
1812 case HCI_OP_SET_EVENT_FLT:
1813 hci_cc_set_event_flt(hdev, skb);
1814 break;
1815
980e1a53
JH		 1816 case HCI_OP_PIN_CODE_REPLY:
1817 hci_cc_pin_code_reply(hdev, skb);
1818 break;
1819
1820 case HCI_OP_PIN_CODE_NEG_REPLY:
1821 hci_cc_pin_code_neg_reply(hdev, skb);
1822 break;
1823
c35938b2
SJ		 1824 case HCI_OP_READ_LOCAL_OOB_DATA:
1825 hci_cc_read_local_oob_data_reply(hdev, skb);
1826 break;
1827
6ed58ec5
VT		 1828 case HCI_OP_LE_READ_BUFFER_SIZE:
1829 hci_cc_le_read_buffer_size(hdev, skb);
1830 break;
1831
a5c29683
JH		 1832 case HCI_OP_USER_CONFIRM_REPLY:
1833 hci_cc_user_confirm_reply(hdev, skb);
1834 break;
1835
1836 case HCI_OP_USER_CONFIRM_NEG_REPLY:
1837 hci_cc_user_confirm_neg_reply(hdev, skb);
1838 break;
1839
eb9d91f5
AG		 1840 case HCI_OP_LE_SET_SCAN_ENABLE:
1841 hci_cc_le_set_scan_enable(hdev, skb);
1842 break;
1843
a9de9248
MH		 1844 default:
1845 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1846 break;
1847 }
1848
6bd32326
VT		 1849 if (ev->opcode != HCI_OP_NOP)
1850 del_timer(&hdev->cmd_timer);
1851
a9de9248
MH		 1852 if (ev->ncmd) {
1853 atomic_set(&hdev->cmd_cnt, 1);
1854 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1855 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1856 }
1857}
1858
1859static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1860{
1861 struct hci_ev_cmd_status *ev = (void *) skb->data;
1862 __u16 opcode;
1863
1864 skb_pull(skb, sizeof(*ev));
1865
1866 opcode = __le16_to_cpu(ev->opcode);
1867
1868 switch (opcode) {
1869 case HCI_OP_INQUIRY:
1870 hci_cs_inquiry(hdev, ev->status);
1871 break;
1872
1873 case HCI_OP_CREATE_CONN:
1874 hci_cs_create_conn(hdev, ev->status);
1875 break;
1876
1877 case HCI_OP_ADD_SCO:
1878 hci_cs_add_sco(hdev, ev->status);
1879 break;
1880
f8558555
MH		 1881 case HCI_OP_AUTH_REQUESTED:
1882 hci_cs_auth_requested(hdev, ev->status);
1883 break;
1884
1885 case HCI_OP_SET_CONN_ENCRYPT:
1886 hci_cs_set_conn_encrypt(hdev, ev->status);
1887 break;
1888
a9de9248
MH		 1889 case HCI_OP_REMOTE_NAME_REQ:
1890 hci_cs_remote_name_req(hdev, ev->status);
1891 break;
1892
769be974
MH		 1893 case HCI_OP_READ_REMOTE_FEATURES:
1894 hci_cs_read_remote_features(hdev, ev->status);
1895 break;
1896
1897 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1898 hci_cs_read_remote_ext_features(hdev, ev->status);
1899 break;
1900
a9de9248
MH		 1901 case HCI_OP_SETUP_SYNC_CONN:
1902 hci_cs_setup_sync_conn(hdev, ev->status);
1903 break;
1904
1905 case HCI_OP_SNIFF_MODE:
1906 hci_cs_sniff_mode(hdev, ev->status);
1907 break;
1908
1909 case HCI_OP_EXIT_SNIFF_MODE:
1910 hci_cs_exit_sniff_mode(hdev, ev->status);
1911 break;
1912
8962ee74
JH		 1913 case HCI_OP_DISCONNECT:
1914 if (ev->status != 0)
1915 mgmt_disconnect_failed(hdev->id);
1916 break;
1917
fcd89c09
VT		 1918 case HCI_OP_LE_CREATE_CONN:
1919 hci_cs_le_create_conn(hdev, ev->status);
1920 break;
1921
a9de9248
MH		 1922 default:
1923 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1924 break;
1925 }
1926
6bd32326
VT		 1927 if (ev->opcode != HCI_OP_NOP)
1928 del_timer(&hdev->cmd_timer);
1929
10572132 1930 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 1931 atomic_set(&hdev->cmd_cnt, 1);
1932 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1933 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1934 }
1935}
1936
1937static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1938{
1939 struct hci_ev_role_change *ev = (void *) skb->data;
1940 struct hci_conn *conn;
1941
1942 BT_DBG("%s status %d", hdev->name, ev->status);
1943
1944 hci_dev_lock(hdev);
1945
1946 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1947 if (conn) {
1948 if (!ev->status) {
1949 if (ev->role)
1950 conn->link_mode &= ~HCI_LM_MASTER;
1951 else
1952 conn->link_mode |= HCI_LM_MASTER;
1953 }
1954
1955 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1956
1957 hci_role_switch_cfm(conn, ev->status, ev->role);
1958 }
1959
1960 hci_dev_unlock(hdev);
1961}
1962
1963static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1964{
1965 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1966 __le16 *ptr;
1967 int i;
1968
1969 skb_pull(skb, sizeof(*ev));
1970
1971 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1972
1973 if (skb->len < ev->num_hndl * 4) {
1974 BT_DBG("%s bad parameters", hdev->name);
1975 return;
1976 }
1977
1978 tasklet_disable(&hdev->tx_task);
1979
1980 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1981 struct hci_conn *conn;
1982 __u16 handle, count;
1983
83985319
HH		 1984 handle = get_unaligned_le16(ptr++);
1985 count = get_unaligned_le16(ptr++);
a9de9248
MH		 1986
1987 conn = hci_conn_hash_lookup_handle(hdev, handle);
1988 if (conn) {
1989 conn->sent -= count;
1990
1991 if (conn->type == ACL_LINK) {
70f23020
AE		 1992 hdev->acl_cnt += count;
1993 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 1994 hdev->acl_cnt = hdev->acl_pkts;
6ed58ec5
VT		 1995 } else if (conn->type == LE_LINK) {
1996 if (hdev->le_pkts) {
1997 hdev->le_cnt += count;
1998 if (hdev->le_cnt > hdev->le_pkts)
1999 hdev->le_cnt = hdev->le_pkts;
2000 } else {
2001 hdev->acl_cnt += count;
2002 if (hdev->acl_cnt > hdev->acl_pkts)
2003 hdev->acl_cnt = hdev->acl_pkts;
2004 }
a9de9248 2005 } else {
70f23020
AE		 2006 hdev->sco_cnt += count;
2007 if (hdev->sco_cnt > hdev->sco_pkts)
a9de9248
MH		 2008 hdev->sco_cnt = hdev->sco_pkts;
2009 }
2010 }
2011 }
2012
c78ae283 2013 tasklet_schedule(&hdev->tx_task);
a9de9248
MH		 2014
2015 tasklet_enable(&hdev->tx_task);
2016}
2017
2018static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2019{
a9de9248 2020 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2021 struct hci_conn *conn;
2022
2023 BT_DBG("%s status %d", hdev->name, ev->status);
2024
2025 hci_dev_lock(hdev);
2026
2027 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2028 if (conn) {
2029 conn->mode = ev->mode;
2030 conn->interval = __le16_to_cpu(ev->interval);
2031
2032 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2033 if (conn->mode == HCI_CM_ACTIVE)
2034 conn->power_save = 1;
2035 else
2036 conn->power_save = 0;
2037 }
e73439d8
MH		 2038
2039 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2040 hci_sco_setup(conn, ev->status);
04837f64
MH		 2041 }
2042
2043 hci_dev_unlock(hdev);
2044}
2045
a9de9248
MH		 2046static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2047{
052b30b0
MH		 2048 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2049 struct hci_conn *conn;
2050
a9de9248 2051 BT_DBG("%s", hdev->name);
052b30b0
MH		 2052
2053 hci_dev_lock(hdev);
2054
2055 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3d7a9d1c 2056 if (conn && conn->state == BT_CONNECTED) {
052b30b0
MH		 2057 hci_conn_hold(conn);
2058 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2059 hci_conn_put(conn);
2060 }
2061
03b555e1
JH		 2062 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2063 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2064 sizeof(ev->bdaddr), &ev->bdaddr);
582fbe9e 2065 else if (test_bit(HCI_MGMT, &hdev->flags)) {
a770bb5a
WR		 2066 u8 secure;
2067
2068 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2069 secure = 1;
2070 else
2071 secure = 0;
2072
2073 mgmt_pin_code_request(hdev->id, &ev->bdaddr, secure);
2074 }
980e1a53 2075
052b30b0 2076 hci_dev_unlock(hdev);
a9de9248
MH		 2077}
2078
2079static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2080{
55ed8ca1
JH		 2081 struct hci_ev_link_key_req *ev = (void *) skb->data;
2082 struct hci_cp_link_key_reply cp;
2083 struct hci_conn *conn;
2084 struct link_key *key;
2085
a9de9248 2086 BT_DBG("%s", hdev->name);
55ed8ca1
JH		 2087
2088 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2089 return;
2090
2091 hci_dev_lock(hdev);
2092
2093 key = hci_find_link_key(hdev, &ev->bdaddr);
2094 if (!key) {
2095 BT_DBG("%s link key not found for %s", hdev->name,
2096 batostr(&ev->bdaddr));
2097 goto not_found;
2098 }
2099
2100 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2101 batostr(&ev->bdaddr));
2102
b6020ba0
WR		 2103 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2104 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2105 BT_DBG("%s ignoring debug key", hdev->name);
2106 goto not_found;
2107 }
2108
2109 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2110 if (conn) {
2111 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2112 conn->auth_type != 0xff &&
2113 (conn->auth_type & 0x01)) {
2114 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2115 goto not_found;
2116 }
55ed8ca1 2117
60b83f57
WR		 2118 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2119 conn->pending_sec_level == BT_SECURITY_HIGH) {
2120 BT_DBG("%s ignoring key unauthenticated for high \
2121 security", hdev->name);
2122 goto not_found;
2123 }
2124
2125 conn->key_type = key->type;
2126 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2127 }
2128
2129 bacpy(&cp.bdaddr, &ev->bdaddr);
2130 memcpy(cp.link_key, key->val, 16);
2131
2132 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2133
2134 hci_dev_unlock(hdev);
2135
2136 return;
2137
2138not_found:
2139 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2140 hci_dev_unlock(hdev);
a9de9248
MH		 2141}
2142
2143static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2144{
052b30b0
MH		 2145 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2146 struct hci_conn *conn;
55ed8ca1 2147 u8 pin_len = 0;
052b30b0 2148
a9de9248 2149 BT_DBG("%s", hdev->name);
052b30b0
MH		 2150
2151 hci_dev_lock(hdev);
2152
2153 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2154 if (conn) {
2155 hci_conn_hold(conn);
2156 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2157 pin_len = conn->pin_length;
13d39315
WR		 2158
2159 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2160 conn->key_type = ev->key_type;
2161
052b30b0
MH		 2162 hci_conn_put(conn);
2163 }
2164
55ed8ca1 2165 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
d25e28ab 2166 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2167 ev->key_type, pin_len);
2168
052b30b0 2169 hci_dev_unlock(hdev);
a9de9248
MH		 2170}
2171
1da177e4
LT		 2172static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2173{
a9de9248 2174 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2175 struct hci_conn *conn;
1da177e4
LT		 2176
2177 BT_DBG("%s status %d", hdev->name, ev->status);
2178
2179 hci_dev_lock(hdev);
2180
04837f64 2181 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2182 if (conn && !ev->status) {
2183 struct inquiry_entry *ie;
2184
cc11b9c1
AE		 2185 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2186 if (ie) {
1da177e4
LT		 2187 ie->data.clock_offset = ev->clock_offset;
2188 ie->timestamp = jiffies;
2189 }
2190 }
2191
2192 hci_dev_unlock(hdev);
2193}
2194
a8746417
MH		 2195static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2196{
2197 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2198 struct hci_conn *conn;
2199
2200 BT_DBG("%s status %d", hdev->name, ev->status);
2201
2202 hci_dev_lock(hdev);
2203
2204 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2205 if (conn && !ev->status)
2206 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2207
2208 hci_dev_unlock(hdev);
2209}
2210
85a1e930
MH		 2211static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2212{
a9de9248 2213 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2214 struct inquiry_entry *ie;
2215
2216 BT_DBG("%s", hdev->name);
2217
2218 hci_dev_lock(hdev);
2219
cc11b9c1
AE		 2220 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2221 if (ie) {
85a1e930
MH		 2222 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2223 ie->timestamp = jiffies;
2224 }
2225
2226 hci_dev_unlock(hdev);
2227}
2228
a9de9248
MH		 2229static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2230{
2231 struct inquiry_data data;
2232 int num_rsp = *((__u8 *) skb->data);
2233
2234 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2235
2236 if (!num_rsp)
2237 return;
2238
2239 hci_dev_lock(hdev);
2240
314b2381
JH		 2241 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
2242
2243 if (test_bit(HCI_MGMT, &hdev->flags))
2244 mgmt_discovering(hdev->id, 1);
2245 }
2246
a9de9248 2247 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2248 struct inquiry_info_with_rssi_and_pscan_mode *info;
2249 info = (void *) (skb->data + 1);
a9de9248 2250
e17acd40 2251 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2252 bacpy(&data.bdaddr, &info->bdaddr);
2253 data.pscan_rep_mode = info->pscan_rep_mode;
2254 data.pscan_period_mode = info->pscan_period_mode;
2255 data.pscan_mode = info->pscan_mode;
2256 memcpy(data.dev_class, info->dev_class, 3);
2257 data.clock_offset = info->clock_offset;
2258 data.rssi = info->rssi;
41a96212 2259 data.ssp_mode = 0x00;
a9de9248 2260 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 2261 mgmt_device_found(hdev->id, &info->bdaddr,
2262 info->dev_class, info->rssi,
2263 NULL);
a9de9248
MH		 2264 }
2265 } else {
2266 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2267
e17acd40 2268 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2269 bacpy(&data.bdaddr, &info->bdaddr);
2270 data.pscan_rep_mode = info->pscan_rep_mode;
2271 data.pscan_period_mode = info->pscan_period_mode;
2272 data.pscan_mode = 0x00;
2273 memcpy(data.dev_class, info->dev_class, 3);
2274 data.clock_offset = info->clock_offset;
2275 data.rssi = info->rssi;
41a96212 2276 data.ssp_mode = 0x00;
a9de9248 2277 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 2278 mgmt_device_found(hdev->id, &info->bdaddr,
2279 info->dev_class, info->rssi,
2280 NULL);
a9de9248
MH		 2281 }
2282 }
2283
2284 hci_dev_unlock(hdev);
2285}
2286
2287static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2288{
41a96212
MH		 2289 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2290 struct hci_conn *conn;
2291
a9de9248 2292 BT_DBG("%s", hdev->name);
41a96212 2293
41a96212
MH		 2294 hci_dev_lock(hdev);
2295
2296 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2297 if (!conn)
2298 goto unlock;
41a96212 2299
ccd556fe
JH		 2300 if (!ev->status && ev->page == 0x01) {
2301 struct inquiry_entry *ie;
41a96212 2302
cc11b9c1
AE		 2303 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2304 if (ie)
ccd556fe 2305 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2306
ccd556fe
JH		 2307 conn->ssp_mode = (ev->features[0] & 0x01);
2308 }
2309
2310 if (conn->state != BT_CONFIG)
2311 goto unlock;
2312
127178d2
JH		 2313 if (!ev->status) {
2314 struct hci_cp_remote_name_req cp;
2315 memset(&cp, 0, sizeof(cp));
2316 bacpy(&cp.bdaddr, &conn->dst);
2317 cp.pscan_rep_mode = 0x02;
2318 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2319 }
392599b9 2320
127178d2 2321 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2322 conn->state = BT_CONNECTED;
2323 hci_proto_connect_cfm(conn, ev->status);
2324 hci_conn_put(conn);
41a96212
MH		 2325 }
2326
ccd556fe 2327unlock:
41a96212 2328 hci_dev_unlock(hdev);
a9de9248
MH		 2329}
2330
2331static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2332{
b6a0dc82
MH		 2333 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2334 struct hci_conn *conn;
2335
2336 BT_DBG("%s status %d", hdev->name, ev->status);
2337
2338 hci_dev_lock(hdev);
2339
2340 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2341 if (!conn) {
2342 if (ev->link_type == ESCO_LINK)
2343 goto unlock;
2344
2345 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2346 if (!conn)
2347 goto unlock;
2348
2349 conn->type = SCO_LINK;
2350 }
b6a0dc82 2351
732547f9
MH		 2352 switch (ev->status) {
2353 case 0x00:
b6a0dc82
MH		 2354 conn->handle = __le16_to_cpu(ev->handle);
2355 conn->state = BT_CONNECTED;
7d0db0a3 2356
9eba32b8 2357 hci_conn_hold_device(conn);
7d0db0a3 2358 hci_conn_add_sysfs(conn);
732547f9
MH		 2359 break;
2360
705e5711 2361 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2362 case 0x1c: /* SCO interval rejected */
1038a00b 2363 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2364 case 0x1f: /* Unspecified error */
2365 if (conn->out && conn->attempt < 2) {
2366 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2367 (hdev->esco_type & EDR_ESCO_MASK);
2368 hci_setup_sync(conn, conn->link->handle);
2369 goto unlock;
2370 }
2371 /* fall through */
2372
2373 default:
b6a0dc82 2374 conn->state = BT_CLOSED;
732547f9
MH		 2375 break;
2376 }
b6a0dc82
MH		 2377
2378 hci_proto_connect_cfm(conn, ev->status);
2379 if (ev->status)
2380 hci_conn_del(conn);
2381
2382unlock:
2383 hci_dev_unlock(hdev);
a9de9248
MH		 2384}
2385
2386static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2387{
2388 BT_DBG("%s", hdev->name);
2389}
2390
04837f64
MH		 2391static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2392{
a9de9248 2393 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2394
2395 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2396}
2397
a9de9248 2398static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2399{
a9de9248
MH		 2400 struct inquiry_data data;
2401 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2402 int num_rsp = *((__u8 *) skb->data);
1da177e4 2403
a9de9248 2404 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2405
a9de9248
MH		 2406 if (!num_rsp)
2407 return;
1da177e4 2408
314b2381
JH		 2409 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
2410
2411 if (test_bit(HCI_MGMT, &hdev->flags))
2412 mgmt_discovering(hdev->id, 1);
2413 }
2414
a9de9248
MH		 2415 hci_dev_lock(hdev);
2416
e17acd40 2417 for (; num_rsp; num_rsp--, info++) {
a9de9248 2418 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2419 data.pscan_rep_mode = info->pscan_rep_mode;
2420 data.pscan_period_mode = info->pscan_period_mode;
2421 data.pscan_mode = 0x00;
a9de9248 2422 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2423 data.clock_offset = info->clock_offset;
2424 data.rssi = info->rssi;
41a96212 2425 data.ssp_mode = 0x01;
a9de9248 2426 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 2427 mgmt_device_found(hdev->id, &info->bdaddr, info->dev_class,
2428 info->rssi, info->data);
a9de9248
MH		 2429 }
2430
2431 hci_dev_unlock(hdev);
2432}
1da177e4 2433
17fa4b9d
JH		 2434static inline u8 hci_get_auth_req(struct hci_conn *conn)
2435{
2436 /* If remote requests dedicated bonding follow that lead */
2437 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2438 /* If both remote and local IO capabilities allow MITM
2439 * protection then require it, otherwise don't */
2440 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2441 return 0x02;
2442 else
2443 return 0x03;
2444 }
2445
2446 /* If remote requests no-bonding follow that lead */
2447 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2448 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2449
2450 return conn->auth_type;
2451}
2452
0493684e
MH		 2453static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2454{
2455 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2456 struct hci_conn *conn;
2457
2458 BT_DBG("%s", hdev->name);
2459
2460 hci_dev_lock(hdev);
2461
2462 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 2463 if (!conn)
2464 goto unlock;
2465
2466 hci_conn_hold(conn);
2467
2468 if (!test_bit(HCI_MGMT, &hdev->flags))
2469 goto unlock;
2470
2471 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2472 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 2473 struct hci_cp_io_capability_reply cp;
2474
2475 bacpy(&cp.bdaddr, &ev->bdaddr);
2476 cp.capability = conn->io_capability;
7cbc9bd9
JH		 2477 conn->auth_type = hci_get_auth_req(conn);
2478 cp.authentication = conn->auth_type;
17fa4b9d 2479
ce85ee13
SJ		 2480 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2481 hci_find_remote_oob_data(hdev, &conn->dst))
2482 cp.oob_data = 0x01;
2483 else
2484 cp.oob_data = 0x00;
2485
17fa4b9d
JH		 2486 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2487 sizeof(cp), &cp);
03b555e1
JH		 2488 } else {
2489 struct hci_cp_io_capability_neg_reply cp;
2490
2491 bacpy(&cp.bdaddr, &ev->bdaddr);
be77159c 2492 cp.reason = 0x18; /* Pairing not allowed */
0493684e 2493
03b555e1
JH		 2494 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2495 sizeof(cp), &cp);
2496 }
2497
2498unlock:
2499 hci_dev_unlock(hdev);
2500}
2501
2502static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2503{
2504 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2505 struct hci_conn *conn;
2506
2507 BT_DBG("%s", hdev->name);
2508
2509 hci_dev_lock(hdev);
2510
2511 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2512 if (!conn)
2513 goto unlock;
2514
03b555e1
JH		 2515 conn->remote_cap = ev->capability;
2516 conn->remote_oob = ev->oob_data;
2517 conn->remote_auth = ev->authentication;
2518
2519unlock:
0493684e
MH		 2520 hci_dev_unlock(hdev);
2521}
2522
a5c29683
JH		 2523static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2524 struct sk_buff *skb)
2525{
2526 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 2527 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 2528 struct hci_conn *conn;
a5c29683
JH		 2529
2530 BT_DBG("%s", hdev->name);
2531
2532 hci_dev_lock(hdev);
2533
7a828908
JH		 2534 if (!test_bit(HCI_MGMT, &hdev->flags))
2535 goto unlock;
a5c29683 2536
7a828908
JH		 2537 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2538 if (!conn)
2539 goto unlock;
2540
2541 loc_mitm = (conn->auth_type & 0x01);
2542 rem_mitm = (conn->remote_auth & 0x01);
2543
2544 /* If we require MITM but the remote device can't provide that
2545 * (it has NoInputNoOutput) then reject the confirmation
2546 * request. The only exception is when we're dedicated bonding
2547 * initiators (connect_cfm_cb set) since then we always have the MITM
2548 * bit set. */
2549 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2550 BT_DBG("Rejecting request: remote device can't provide MITM");
2551 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2552 sizeof(ev->bdaddr), &ev->bdaddr);
2553 goto unlock;
2554 }
2555
2556 /* If no side requires MITM protection; auto-accept */
2557 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2558 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 2559
2560 /* If we're not the initiators request authorization to
2561 * proceed from user space (mgmt_user_confirm with
2562 * confirm_hint set to 1). */
2563 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2564 BT_DBG("Confirming auto-accept as acceptor");
2565 confirm_hint = 1;
2566 goto confirm;
2567 }
2568
9f61656a
JH		 2569 BT_DBG("Auto-accept of user confirmation with %ums delay",
2570 hdev->auto_accept_delay);
2571
2572 if (hdev->auto_accept_delay > 0) {
2573 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2574 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2575 goto unlock;
2576 }
2577
7a828908
JH		 2578 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2579 sizeof(ev->bdaddr), &ev->bdaddr);
2580 goto unlock;
2581 }
2582
55bc1a37
JH		 2583confirm:
2584 mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey,
2585 confirm_hint);
7a828908
JH		 2586
2587unlock:
a5c29683
JH		 2588 hci_dev_unlock(hdev);
2589}
2590
0493684e
MH		 2591static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2592{
2593 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2594 struct hci_conn *conn;
2595
2596 BT_DBG("%s", hdev->name);
2597
2598 hci_dev_lock(hdev);
2599
2600 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 2601 if (!conn)
2602 goto unlock;
2603
2604 /* To avoid duplicate auth_failed events to user space we check
2605 * the HCI_CONN_AUTH_PEND flag which will be set if we
2606 * initiated the authentication. A traditional auth_complete
2607 * event gets always produced as initiator and is also mapped to
2608 * the mgmt_auth_failed event */
2609 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2610 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
0493684e 2611
2a611692
JH		 2612 hci_conn_put(conn);
2613
2614unlock:
0493684e
MH		 2615 hci_dev_unlock(hdev);
2616}
2617
41a96212
MH		 2618static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2619{
2620 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2621 struct inquiry_entry *ie;
2622
2623 BT_DBG("%s", hdev->name);
2624
2625 hci_dev_lock(hdev);
2626
cc11b9c1
AE		 2627 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2628 if (ie)
41a96212
MH		 2629 ie->data.ssp_mode = (ev->features[0] & 0x01);
2630
2631 hci_dev_unlock(hdev);
2632}
2633
2763eda6
SJ		 2634static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2635 struct sk_buff *skb)
2636{
2637 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2638 struct oob_data *data;
2639
2640 BT_DBG("%s", hdev->name);
2641
2642 hci_dev_lock(hdev);
2643
e1ba1f15
SJ		 2644 if (!test_bit(HCI_MGMT, &hdev->flags))
2645 goto unlock;
2646
2763eda6
SJ		 2647 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2648 if (data) {
2649 struct hci_cp_remote_oob_data_reply cp;
2650
2651 bacpy(&cp.bdaddr, &ev->bdaddr);
2652 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2653 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2654
2655 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2656 &cp);
2657 } else {
2658 struct hci_cp_remote_oob_data_neg_reply cp;
2659
2660 bacpy(&cp.bdaddr, &ev->bdaddr);
2661 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2662 &cp);
2663 }
2664
e1ba1f15 2665unlock:
2763eda6
SJ		 2666 hci_dev_unlock(hdev);
2667}
2668
fcd89c09
VT		 2669static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2670{
2671 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2672 struct hci_conn *conn;
2673
2674 BT_DBG("%s status %d", hdev->name, ev->status);
2675
2676 hci_dev_lock(hdev);
2677
2678 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 2679 if (!conn) {
2680 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2681 if (!conn) {
2682 BT_ERR("No memory for new connection");
2683 hci_dev_unlock(hdev);
2684 return;
2685 }
2686 }
fcd89c09
VT		 2687
2688 if (ev->status) {
83bc71b4 2689 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
fcd89c09
VT		 2690 hci_proto_connect_cfm(conn, ev->status);
2691 conn->state = BT_CLOSED;
2692 hci_conn_del(conn);
2693 goto unlock;
2694 }
2695
83bc71b4
VCG		 2696 mgmt_connected(hdev->id, &ev->bdaddr);
2697
fcd89c09
VT		 2698 conn->handle = __le16_to_cpu(ev->handle);
2699 conn->state = BT_CONNECTED;
2700
2701 hci_conn_hold_device(conn);
2702 hci_conn_add_sysfs(conn);
2703
2704 hci_proto_connect_cfm(conn, ev->status);
2705
2706unlock:
2707 hci_dev_unlock(hdev);
2708}
2709
9aa04c91
AG		 2710static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
2711 struct sk_buff *skb)
2712{
2713 struct hci_ev_le_advertising_info *ev;
2714 u8 num_reports;
2715
2716 num_reports = skb->data[0];
2717 ev = (void *) &skb->data[1];
2718
2719 hci_dev_lock(hdev);
2720
2721 hci_add_adv_entry(hdev, ev);
2722
2723 while (--num_reports) {
2724 ev = (void *) (ev->data + ev->length + 1);
2725 hci_add_adv_entry(hdev, ev);
2726 }
2727
2728 hci_dev_unlock(hdev);
2729}
2730
fcd89c09
VT		 2731static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2732{
2733 struct hci_ev_le_meta *le_ev = (void *) skb->data;
2734
2735 skb_pull(skb, sizeof(*le_ev));
2736
2737 switch (le_ev->subevent) {
2738 case HCI_EV_LE_CONN_COMPLETE:
2739 hci_le_conn_complete_evt(hdev, skb);
2740 break;
2741
9aa04c91
AG		 2742 case HCI_EV_LE_ADVERTISING_REPORT:
2743 hci_le_adv_report_evt(hdev, skb);
2744 break;
2745
fcd89c09
VT		 2746 default:
2747 break;
2748 }
2749}
2750
a9de9248
MH		 2751void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2752{
2753 struct hci_event_hdr *hdr = (void *) skb->data;
2754 __u8 event = hdr->evt;
2755
2756 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2757
2758 switch (event) {
1da177e4
LT		 2759 case HCI_EV_INQUIRY_COMPLETE:
2760 hci_inquiry_complete_evt(hdev, skb);
2761 break;
2762
2763 case HCI_EV_INQUIRY_RESULT:
2764 hci_inquiry_result_evt(hdev, skb);
2765 break;
2766
a9de9248
MH		 2767 case HCI_EV_CONN_COMPLETE:
2768 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 2769 break;
2770
1da177e4
LT		 2771 case HCI_EV_CONN_REQUEST:
2772 hci_conn_request_evt(hdev, skb);
2773 break;
2774
1da177e4
LT		 2775 case HCI_EV_DISCONN_COMPLETE:
2776 hci_disconn_complete_evt(hdev, skb);
2777 break;
2778
1da177e4
LT		 2779 case HCI_EV_AUTH_COMPLETE:
2780 hci_auth_complete_evt(hdev, skb);
2781 break;
2782
a9de9248
MH		 2783 case HCI_EV_REMOTE_NAME:
2784 hci_remote_name_evt(hdev, skb);
2785 break;
2786
1da177e4
LT		 2787 case HCI_EV_ENCRYPT_CHANGE:
2788 hci_encrypt_change_evt(hdev, skb);
2789 break;
2790
a9de9248
MH		 2791 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2792 hci_change_link_key_complete_evt(hdev, skb);
2793 break;
2794
2795 case HCI_EV_REMOTE_FEATURES:
2796 hci_remote_features_evt(hdev, skb);
2797 break;
2798
2799 case HCI_EV_REMOTE_VERSION:
2800 hci_remote_version_evt(hdev, skb);
2801 break;
2802
2803 case HCI_EV_QOS_SETUP_COMPLETE:
2804 hci_qos_setup_complete_evt(hdev, skb);
2805 break;
2806
2807 case HCI_EV_CMD_COMPLETE:
2808 hci_cmd_complete_evt(hdev, skb);
2809 break;
2810
2811 case HCI_EV_CMD_STATUS:
2812 hci_cmd_status_evt(hdev, skb);
2813 break;
2814
2815 case HCI_EV_ROLE_CHANGE:
2816 hci_role_change_evt(hdev, skb);
2817 break;
2818
2819 case HCI_EV_NUM_COMP_PKTS:
2820 hci_num_comp_pkts_evt(hdev, skb);
2821 break;
2822
2823 case HCI_EV_MODE_CHANGE:
2824 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 2825 break;
2826
2827 case HCI_EV_PIN_CODE_REQ:
2828 hci_pin_code_request_evt(hdev, skb);
2829 break;
2830
2831 case HCI_EV_LINK_KEY_REQ:
2832 hci_link_key_request_evt(hdev, skb);
2833 break;
2834
2835 case HCI_EV_LINK_KEY_NOTIFY:
2836 hci_link_key_notify_evt(hdev, skb);
2837 break;
2838
2839 case HCI_EV_CLOCK_OFFSET:
2840 hci_clock_offset_evt(hdev, skb);
2841 break;
2842
a8746417
MH		 2843 case HCI_EV_PKT_TYPE_CHANGE:
2844 hci_pkt_type_change_evt(hdev, skb);
2845 break;
2846
85a1e930
MH		 2847 case HCI_EV_PSCAN_REP_MODE:
2848 hci_pscan_rep_mode_evt(hdev, skb);
2849 break;
2850
a9de9248
MH		 2851 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2852 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 2853 break;
2854
a9de9248
MH		 2855 case HCI_EV_REMOTE_EXT_FEATURES:
2856 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 2857 break;
2858
a9de9248
MH		 2859 case HCI_EV_SYNC_CONN_COMPLETE:
2860 hci_sync_conn_complete_evt(hdev, skb);
2861 break;
1da177e4 2862
a9de9248
MH		 2863 case HCI_EV_SYNC_CONN_CHANGED:
2864 hci_sync_conn_changed_evt(hdev, skb);
2865 break;
1da177e4 2866
a9de9248
MH		 2867 case HCI_EV_SNIFF_SUBRATE:
2868 hci_sniff_subrate_evt(hdev, skb);
2869 break;
1da177e4 2870
a9de9248
MH		 2871 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2872 hci_extended_inquiry_result_evt(hdev, skb);
2873 break;
1da177e4 2874
0493684e
MH		 2875 case HCI_EV_IO_CAPA_REQUEST:
2876 hci_io_capa_request_evt(hdev, skb);
2877 break;
2878
03b555e1
JH		 2879 case HCI_EV_IO_CAPA_REPLY:
2880 hci_io_capa_reply_evt(hdev, skb);
2881 break;
2882
a5c29683
JH		 2883 case HCI_EV_USER_CONFIRM_REQUEST:
2884 hci_user_confirm_request_evt(hdev, skb);
2885 break;
2886
0493684e
MH		 2887 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2888 hci_simple_pair_complete_evt(hdev, skb);
2889 break;
2890
41a96212
MH		 2891 case HCI_EV_REMOTE_HOST_FEATURES:
2892 hci_remote_host_features_evt(hdev, skb);
2893 break;
2894
fcd89c09
VT		 2895 case HCI_EV_LE_META:
2896 hci_le_meta_evt(hdev, skb);
2897 break;
2898
2763eda6
SJ		 2899 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
2900 hci_remote_oob_data_request_evt(hdev, skb);
2901 break;
2902
a9de9248
MH		 2903 default:
2904 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 2905 break;
2906 }
2907
2908 kfree_skb(skb);
2909 hdev->stat.evt_rx++;
2910}
2911
2912/* Generate internal stack event */
2913void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2914{
2915 struct hci_event_hdr *hdr;
2916 struct hci_ev_stack_internal *ev;
2917 struct sk_buff *skb;
2918
2919 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2920 if (!skb)
2921 return;
2922
2923 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2924 hdr->evt = HCI_EV_STACK_INTERNAL;
2925 hdr->plen = sizeof(*ev) + dlen;
2926
2927 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2928 ev->type = type;
2929 memcpy(ev->data, data, dlen);
2930
576c7d85 2931 bt_cb(skb)->incoming = 1;
a61bbcf2 2932 __net_timestamp(skb);
576c7d85 2933
0d48d939 2934 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 2935 skb->dev = (void *) hdev;
eec8d2bc 2936 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 2937 kfree_skb(skb);
2938}
Linux kernel - Deliverables
This page took 0.763524 seconds and 5 git commands to generate.