projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add LE connect support
[deliverable/linux.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
1da177e4
LT		 48/* Handle HCI Event packets */
49
a9de9248 50static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 51{
a9de9248 52 __u8 status = *((__u8 *) skb->data);
1da177e4 53
a9de9248 54 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 55
a9de9248
MH		 56 if (status)
57 return;
1da177e4 58
a9de9248 59 clear_bit(HCI_INQUIRY, &hdev->flags);
6bd57416 60
23bb5763 61 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 62
63 hci_conn_check_pending(hdev);
64}
6bd57416 65
a9de9248
MH		 66static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67{
68 __u8 status = *((__u8 *) skb->data);
6bd57416 69
a9de9248 70 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 71
a9de9248
MH		 72 if (status)
73 return;
1da177e4 74
a9de9248
MH		 75 clear_bit(HCI_INQUIRY, &hdev->flags);
76
77 hci_conn_check_pending(hdev);
78}
79
80static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
81{
82 BT_DBG("%s", hdev->name);
83}
84
85static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
89
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
91
92 if (rp->status)
93 return;
94
95 hci_dev_lock(hdev);
96
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
98 if (conn) {
99 if (rp->role)
100 conn->link_mode &= ~HCI_LM_MASTER;
101 else
102 conn->link_mode |= HCI_LM_MASTER;
1da177e4 103 }
a9de9248
MH		 104
105 hci_dev_unlock(hdev);
1da177e4
LT		 106}
107
e4e8e37c
MH		 108static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
109{
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
112
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
114
115 if (rp->status)
116 return;
117
118 hci_dev_lock(hdev);
119
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
121 if (conn)
122 conn->link_policy = __le16_to_cpu(rp->policy);
123
124 hci_dev_unlock(hdev);
125}
126
a9de9248 127static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 128{
a9de9248 129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 130 struct hci_conn *conn;
04837f64 131 void *sent;
1da177e4 132
a9de9248 133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 134
a9de9248
MH		 135 if (rp->status)
136 return;
1da177e4 137
a9de9248
MH		 138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
139 if (!sent)
140 return;
1da177e4 141
a9de9248 142 hci_dev_lock(hdev);
1da177e4 143
a9de9248 144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 145 if (conn)
83985319 146 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 147
a9de9248
MH		 148 hci_dev_unlock(hdev);
149}
1da177e4 150
e4e8e37c
MH		 151static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
152{
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
154
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
156
157 if (rp->status)
158 return;
159
160 hdev->link_policy = __le16_to_cpu(rp->policy);
161}
162
163static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
164{
165 __u8 status = *((__u8 *) skb->data);
166 void *sent;
167
168 BT_DBG("%s status 0x%x", hdev->name, status);
169
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
171 if (!sent)
172 return;
173
174 if (!status)
175 hdev->link_policy = get_unaligned_le16(sent);
176
23bb5763 177 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 178}
179
a9de9248
MH		 180static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
181{
182 __u8 status = *((__u8 *) skb->data);
04837f64 183
a9de9248 184 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 185
23bb5763 186 hci_req_complete(hdev, HCI_OP_RESET, status);
a9de9248 187}
04837f64 188
a9de9248
MH		 189static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
190{
191 __u8 status = *((__u8 *) skb->data);
192 void *sent;
04837f64 193
a9de9248 194 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 195
f383f275
MH		 196 if (status)
197 return;
198
a9de9248
MH		 199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
200 if (!sent)
201 return;
04837f64 202
f383f275 203 memcpy(hdev->dev_name, sent, 248);
a9de9248
MH		 204}
205
206static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
207{
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
209
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
211
212 if (rp->status)
213 return;
214
215 memcpy(hdev->dev_name, rp->name, 248);
216}
217
218static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
219{
220 __u8 status = *((__u8 *) skb->data);
221 void *sent;
222
223 BT_DBG("%s status 0x%x", hdev->name, status);
224
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
226 if (!sent)
227 return;
228
229 if (!status) {
230 __u8 param = *((__u8 *) sent);
231
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
234 else
235 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 236 }
a9de9248 237
23bb5763 238 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 239}
240
a9de9248 241static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 242{
a9de9248 243 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 244 void *sent;
245
a9de9248 246 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 247
a9de9248
MH		 248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
249 if (!sent)
250 return;
1da177e4 251
a9de9248
MH		 252 if (!status) {
253 __u8 param = *((__u8 *) sent);
254
255 if (param)
256 set_bit(HCI_ENCRYPT, &hdev->flags);
257 else
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
259 }
1da177e4 260
23bb5763 261 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 262}
1da177e4 263
a9de9248
MH		 264static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
265{
266 __u8 status = *((__u8 *) skb->data);
267 void *sent;
1da177e4 268
a9de9248 269 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 270
a9de9248
MH		 271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
272 if (!sent)
273 return;
1da177e4 274
a9de9248
MH		 275 if (!status) {
276 __u8 param = *((__u8 *) sent);
9fbcbb45 277 int old_pscan, old_iscan;
1da177e4 278
9fbcbb45
JH		 279 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
280 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
1da177e4 281
73f22f62 282 if (param & SCAN_INQUIRY) {
a9de9248 283 set_bit(HCI_ISCAN, &hdev->flags);
9fbcbb45
JH		 284 if (!old_iscan)
285 mgmt_discoverable(hdev->id, 1);
286 } else if (old_iscan)
73f22f62 287 mgmt_discoverable(hdev->id, 0);
1da177e4 288
9fbcbb45 289 if (param & SCAN_PAGE) {
a9de9248 290 set_bit(HCI_PSCAN, &hdev->flags);
9fbcbb45
JH		 291 if (!old_pscan)
292 mgmt_connectable(hdev->id, 1);
293 } else if (old_pscan)
294 mgmt_connectable(hdev->id, 0);
a9de9248 295 }
1da177e4 296
23bb5763 297 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 298}
1da177e4 299
a9de9248
MH		 300static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
301{
302 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 303
a9de9248 304 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 305
a9de9248
MH		 306 if (rp->status)
307 return;
1da177e4 308
a9de9248 309 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 310
a9de9248
MH		 311 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
312 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
313}
1da177e4 314
a9de9248
MH		 315static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
316{
317 __u8 status = *((__u8 *) skb->data);
318 void *sent;
1da177e4 319
a9de9248 320 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 321
f383f275
MH		 322 if (status)
323 return;
324
a9de9248
MH		 325 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
326 if (!sent)
327 return;
1da177e4 328
f383f275 329 memcpy(hdev->dev_class, sent, 3);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
335 __u16 setting;
336
337 BT_DBG("%s status 0x%x", hdev->name, rp->status);
338
339 if (rp->status)
340 return;
341
342 setting = __le16_to_cpu(rp->voice_setting);
343
f383f275 344 if (hdev->voice_setting == setting)
a9de9248
MH		 345 return;
346
347 hdev->voice_setting = setting;
348
349 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
350
351 if (hdev->notify) {
352 tasklet_disable(&hdev->tx_task);
353 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
354 tasklet_enable(&hdev->tx_task);
355 }
356}
357
358static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
359{
360 __u8 status = *((__u8 *) skb->data);
f383f275 361 __u16 setting;
a9de9248
MH		 362 void *sent;
363
364 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 365
f383f275
MH		 366 if (status)
367 return;
368
a9de9248
MH		 369 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
370 if (!sent)
371 return;
1da177e4 372
f383f275 373 setting = get_unaligned_le16(sent);
1da177e4 374
f383f275
MH		 375 if (hdev->voice_setting == setting)
376 return;
377
378 hdev->voice_setting = setting;
1da177e4 379
f383f275 380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 381
f383f275
MH		 382 if (hdev->notify) {
383 tasklet_disable(&hdev->tx_task);
384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 tasklet_enable(&hdev->tx_task);
1da177e4
LT		 386 }
387}
388
a9de9248 389static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 390{
a9de9248 391 __u8 status = *((__u8 *) skb->data);
1da177e4 392
a9de9248 393 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 394
23bb5763 395 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 396}
1143e5a6 397
333140b5
MH		 398static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
399{
400 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
401
402 BT_DBG("%s status 0x%x", hdev->name, rp->status);
403
404 if (rp->status)
405 return;
406
407 hdev->ssp_mode = rp->mode;
408}
409
410static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
411{
412 __u8 status = *((__u8 *) skb->data);
413 void *sent;
414
415 BT_DBG("%s status 0x%x", hdev->name, status);
416
417 if (status)
418 return;
419
420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
421 if (!sent)
422 return;
423
424 hdev->ssp_mode = *((__u8 *) sent);
425}
426
d5859e22
JH		 427static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
428{
429 if (hdev->features[6] & LMP_EXT_INQ)
430 return 2;
431
432 if (hdev->features[3] & LMP_RSSI_INQ)
433 return 1;
434
435 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
436 hdev->lmp_subver == 0x0757)
437 return 1;
438
439 if (hdev->manufacturer == 15) {
440 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
441 return 1;
442 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
443 return 1;
444 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
445 return 1;
446 }
447
448 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
449 hdev->lmp_subver == 0x1805)
450 return 1;
451
452 return 0;
453}
454
455static void hci_setup_inquiry_mode(struct hci_dev *hdev)
456{
457 u8 mode;
458
459 mode = hci_get_inquiry_mode(hdev);
460
461 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
462}
463
464static void hci_setup_event_mask(struct hci_dev *hdev)
465{
466 /* The second byte is 0xff instead of 0x9f (two reserved bits
467 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
468 * command otherwise */
469 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
470
471 /* Events for 1.2 and newer controllers */
472 if (hdev->lmp_ver > 1) {
473 events[4] |= 0x01; /* Flow Specification Complete */
474 events[4] |= 0x02; /* Inquiry Result with RSSI */
475 events[4] |= 0x04; /* Read Remote Extended Features Complete */
476 events[5] |= 0x08; /* Synchronous Connection Complete */
477 events[5] |= 0x10; /* Synchronous Connection Changed */
478 }
479
480 if (hdev->features[3] & LMP_RSSI_INQ)
481 events[4] |= 0x04; /* Inquiry Result with RSSI */
482
483 if (hdev->features[5] & LMP_SNIFF_SUBR)
484 events[5] |= 0x20; /* Sniff Subrating */
485
486 if (hdev->features[5] & LMP_PAUSE_ENC)
487 events[5] |= 0x80; /* Encryption Key Refresh Complete */
488
489 if (hdev->features[6] & LMP_EXT_INQ)
490 events[5] |= 0x40; /* Extended Inquiry Result */
491
492 if (hdev->features[6] & LMP_NO_FLUSH)
493 events[7] |= 0x01; /* Enhanced Flush Complete */
494
495 if (hdev->features[7] & LMP_LSTO)
496 events[6] |= 0x80; /* Link Supervision Timeout Changed */
497
498 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
499 events[6] |= 0x01; /* IO Capability Request */
500 events[6] |= 0x02; /* IO Capability Response */
501 events[6] |= 0x04; /* User Confirmation Request */
502 events[6] |= 0x08; /* User Passkey Request */
503 events[6] |= 0x10; /* Remote OOB Data Request */
504 events[6] |= 0x20; /* Simple Pairing Complete */
505 events[7] |= 0x04; /* User Passkey Notification */
506 events[7] |= 0x08; /* Keypress Notification */
507 events[7] |= 0x10; /* Remote Host Supported
508 * Features Notification */
509 }
510
511 if (hdev->features[4] & LMP_LE)
512 events[7] |= 0x20; /* LE Meta-Event */
513
514 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
515}
516
517static void hci_setup(struct hci_dev *hdev)
518{
519 hci_setup_event_mask(hdev);
520
521 if (hdev->lmp_ver > 1)
522 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
523
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
525 u8 mode = 0x01;
526 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
527 }
528
529 if (hdev->features[3] & LMP_RSSI_INQ)
530 hci_setup_inquiry_mode(hdev);
531
532 if (hdev->features[7] & LMP_INQ_TX_PWR)
533 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
534}
535
a9de9248
MH		 536static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
537{
538 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 539
a9de9248 540 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 541
a9de9248
MH		 542 if (rp->status)
543 return;
1143e5a6 544
a9de9248 545 hdev->hci_ver = rp->hci_ver;
e4e8e37c 546 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 547 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 548 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 549 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 550
a9de9248
MH		 551 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
552 hdev->manufacturer,
553 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 554
555 if (test_bit(HCI_INIT, &hdev->flags))
556 hci_setup(hdev);
557}
558
559static void hci_setup_link_policy(struct hci_dev *hdev)
560{
561 u16 link_policy = 0;
562
563 if (hdev->features[0] & LMP_RSWITCH)
564 link_policy |= HCI_LP_RSWITCH;
565 if (hdev->features[0] & LMP_HOLD)
566 link_policy |= HCI_LP_HOLD;
567 if (hdev->features[0] & LMP_SNIFF)
568 link_policy |= HCI_LP_SNIFF;
569 if (hdev->features[1] & LMP_PARK)
570 link_policy |= HCI_LP_PARK;
571
572 link_policy = cpu_to_le16(link_policy);
573 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
574 sizeof(link_policy), &link_policy);
a9de9248 575}
1da177e4 576
a9de9248
MH		 577static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
578{
579 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 580
a9de9248 581 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 582
a9de9248 583 if (rp->status)
d5859e22 584 goto done;
1da177e4 585
a9de9248 586 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 587
588 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
589 hci_setup_link_policy(hdev);
590
591done:
592 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 593}
1da177e4 594
a9de9248
MH		 595static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
596{
597 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 598
a9de9248 599 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 600
a9de9248
MH		 601 if (rp->status)
602 return;
5b7f9909 603
a9de9248 604 memcpy(hdev->features, rp->features, 8);
5b7f9909 605
a9de9248
MH		 606 /* Adjust default settings according to features
607 * supported by device. */
1da177e4 608
a9de9248
MH		 609 if (hdev->features[0] & LMP_3SLOT)
610 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 611
a9de9248
MH		 612 if (hdev->features[0] & LMP_5SLOT)
613 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 614
a9de9248
MH		 615 if (hdev->features[1] & LMP_HV2) {
616 hdev->pkt_type |= (HCI_HV2);
617 hdev->esco_type |= (ESCO_HV2);
618 }
1da177e4 619
a9de9248
MH		 620 if (hdev->features[1] & LMP_HV3) {
621 hdev->pkt_type |= (HCI_HV3);
622 hdev->esco_type |= (ESCO_HV3);
623 }
1da177e4 624
a9de9248
MH		 625 if (hdev->features[3] & LMP_ESCO)
626 hdev->esco_type |= (ESCO_EV3);
da1f5198 627
a9de9248
MH		 628 if (hdev->features[4] & LMP_EV4)
629 hdev->esco_type |= (ESCO_EV4);
da1f5198 630
a9de9248
MH		 631 if (hdev->features[4] & LMP_EV5)
632 hdev->esco_type |= (ESCO_EV5);
1da177e4 633
efc7688b
MH		 634 if (hdev->features[5] & LMP_EDR_ESCO_2M)
635 hdev->esco_type |= (ESCO_2EV3);
636
637 if (hdev->features[5] & LMP_EDR_ESCO_3M)
638 hdev->esco_type |= (ESCO_3EV3);
639
640 if (hdev->features[5] & LMP_EDR_3S_ESCO)
641 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
642
a9de9248
MH		 643 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
644 hdev->features[0], hdev->features[1],
645 hdev->features[2], hdev->features[3],
646 hdev->features[4], hdev->features[5],
647 hdev->features[6], hdev->features[7]);
648}
1da177e4 649
a9de9248
MH		 650static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
651{
652 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 653
a9de9248 654 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 655
a9de9248
MH		 656 if (rp->status)
657 return;
1da177e4 658
a9de9248
MH		 659 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
660 hdev->sco_mtu = rp->sco_mtu;
661 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
662 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
663
664 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
665 hdev->sco_mtu = 64;
666 hdev->sco_pkts = 8;
1da177e4 667 }
a9de9248
MH		 668
669 hdev->acl_cnt = hdev->acl_pkts;
670 hdev->sco_cnt = hdev->sco_pkts;
671
672 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
673 hdev->acl_mtu, hdev->acl_pkts,
674 hdev->sco_mtu, hdev->sco_pkts);
675}
676
677static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
678{
679 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
680
681 BT_DBG("%s status 0x%x", hdev->name, rp->status);
682
683 if (!rp->status)
684 bacpy(&hdev->bdaddr, &rp->bdaddr);
685
23bb5763
JH		 686 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
687}
688
689static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
690{
691 __u8 status = *((__u8 *) skb->data);
692
693 BT_DBG("%s status 0x%x", hdev->name, status);
694
695 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 696}
697
b0916ea0
JH		 698static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
699 struct sk_buff *skb)
700{
701 __u8 status = *((__u8 *) skb->data);
702
703 BT_DBG("%s status 0x%x", hdev->name, status);
704
705 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
706}
707
d5859e22
JH		 708static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
709{
710 __u8 status = *((__u8 *) skb->data);
711
712 BT_DBG("%s status 0x%x", hdev->name, status);
713
714 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
715}
716
717static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
718 struct sk_buff *skb)
719{
720 __u8 status = *((__u8 *) skb->data);
721
722 BT_DBG("%s status 0x%x", hdev->name, status);
723
724 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
725}
726
727static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
728 struct sk_buff *skb)
729{
730 __u8 status = *((__u8 *) skb->data);
731
732 BT_DBG("%s status 0x%x", hdev->name, status);
733
734 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
735}
736
737static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
738{
739 __u8 status = *((__u8 *) skb->data);
740
741 BT_DBG("%s status 0x%x", hdev->name, status);
742
743 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
744}
745
980e1a53
JH		 746static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
747{
748 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
749 struct hci_cp_pin_code_reply *cp;
750 struct hci_conn *conn;
751
752 BT_DBG("%s status 0x%x", hdev->name, rp->status);
753
754 if (test_bit(HCI_MGMT, &hdev->flags))
755 mgmt_pin_code_reply_complete(hdev->id, &rp->bdaddr, rp->status);
756
757 if (rp->status != 0)
758 return;
759
760 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
761 if (!cp)
762 return;
763
764 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
765 if (conn)
766 conn->pin_length = cp->pin_len;
767}
768
769static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
770{
771 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
772
773 BT_DBG("%s status 0x%x", hdev->name, rp->status);
774
775 if (test_bit(HCI_MGMT, &hdev->flags))
776 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
777 rp->status);
778}
779
a9de9248
MH		 780static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
781{
782 BT_DBG("%s status 0x%x", hdev->name, status);
783
784 if (status) {
23bb5763 785 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248
MH		 786
787 hci_conn_check_pending(hdev);
788 } else
789 set_bit(HCI_INQUIRY, &hdev->flags);
1da177e4
LT		 790}
791
1da177e4
LT		 792static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
793{
a9de9248 794 struct hci_cp_create_conn *cp;
1da177e4 795 struct hci_conn *conn;
1da177e4 796
a9de9248
MH		 797 BT_DBG("%s status 0x%x", hdev->name, status);
798
799 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 800 if (!cp)
801 return;
802
803 hci_dev_lock(hdev);
804
805 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
806
a9de9248 807 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 808
809 if (status) {
810 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 811 if (status != 0x0c || conn->attempt > 2) {
812 conn->state = BT_CLOSED;
813 hci_proto_connect_cfm(conn, status);
814 hci_conn_del(conn);
815 } else
816 conn->state = BT_CONNECT2;
1da177e4
LT		 817 }
818 } else {
819 if (!conn) {
820 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
821 if (conn) {
822 conn->out = 1;
823 conn->link_mode |= HCI_LM_MASTER;
824 } else
893ef971 825 BT_ERR("No memory for new connection");
1da177e4
LT		 826 }
827 }
828
829 hci_dev_unlock(hdev);
830}
831
a9de9248 832static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 833{
a9de9248
MH		 834 struct hci_cp_add_sco *cp;
835 struct hci_conn *acl, *sco;
836 __u16 handle;
1da177e4 837
b6a0dc82
MH		 838 BT_DBG("%s status 0x%x", hdev->name, status);
839
a9de9248
MH		 840 if (!status)
841 return;
1da177e4 842
a9de9248
MH		 843 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
844 if (!cp)
845 return;
1da177e4 846
a9de9248 847 handle = __le16_to_cpu(cp->handle);
1da177e4 848
a9de9248 849 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 850
a9de9248 851 hci_dev_lock(hdev);
1da177e4 852
a9de9248 853 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 854 if (acl) {
855 sco = acl->link;
856 if (sco) {
857 sco->state = BT_CLOSED;
1da177e4 858
5a08ecce
AE		 859 hci_proto_connect_cfm(sco, status);
860 hci_conn_del(sco);
861 }
a9de9248 862 }
1da177e4 863
a9de9248
MH		 864 hci_dev_unlock(hdev);
865}
1da177e4 866
f8558555
MH		 867static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
868{
869 struct hci_cp_auth_requested *cp;
870 struct hci_conn *conn;
871
872 BT_DBG("%s status 0x%x", hdev->name, status);
873
874 if (!status)
875 return;
876
877 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
878 if (!cp)
879 return;
880
881 hci_dev_lock(hdev);
882
883 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
884 if (conn) {
885 if (conn->state == BT_CONFIG) {
886 hci_proto_connect_cfm(conn, status);
887 hci_conn_put(conn);
888 }
889 }
890
891 hci_dev_unlock(hdev);
892}
893
894static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
895{
896 struct hci_cp_set_conn_encrypt *cp;
897 struct hci_conn *conn;
898
899 BT_DBG("%s status 0x%x", hdev->name, status);
900
901 if (!status)
902 return;
903
904 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
905 if (!cp)
906 return;
907
908 hci_dev_lock(hdev);
909
910 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
911 if (conn) {
912 if (conn->state == BT_CONFIG) {
913 hci_proto_connect_cfm(conn, status);
914 hci_conn_put(conn);
915 }
916 }
917
918 hci_dev_unlock(hdev);
919}
920
127178d2 921static int hci_outgoing_auth_needed(struct hci_dev *hdev,
392599b9
JH		 922 struct hci_conn *conn)
923{
392599b9
JH		 924 if (conn->state != BT_CONFIG || !conn->out)
925 return 0;
926
765c2a96 927 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 928 return 0;
929
930 /* Only request authentication for SSP connections or non-SSP
931 * devices with sec_level HIGH */
932 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
765c2a96 933 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 934 return 0;
935
392599b9
JH		 936 return 1;
937}
938
a9de9248
MH		 939static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
940{
127178d2
JH		 941 struct hci_cp_remote_name_req *cp;
942 struct hci_conn *conn;
943
a9de9248 944 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 945
946 /* If successful wait for the name req complete event before
947 * checking for the need to do authentication */
948 if (!status)
949 return;
950
951 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
952 if (!cp)
953 return;
954
955 hci_dev_lock(hdev);
956
957 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
958 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
959 struct hci_cp_auth_requested cp;
960 cp.handle = __cpu_to_le16(conn->handle);
961 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
962 }
963
964 hci_dev_unlock(hdev);
a9de9248 965}
1da177e4 966
769be974
MH		 967static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
968{
969 struct hci_cp_read_remote_features *cp;
970 struct hci_conn *conn;
971
972 BT_DBG("%s status 0x%x", hdev->name, status);
973
974 if (!status)
975 return;
976
977 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
978 if (!cp)
979 return;
980
981 hci_dev_lock(hdev);
982
983 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
984 if (conn) {
985 if (conn->state == BT_CONFIG) {
769be974
MH		 986 hci_proto_connect_cfm(conn, status);
987 hci_conn_put(conn);
988 }
989 }
990
991 hci_dev_unlock(hdev);
992}
993
994static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
995{
996 struct hci_cp_read_remote_ext_features *cp;
997 struct hci_conn *conn;
998
999 BT_DBG("%s status 0x%x", hdev->name, status);
1000
1001 if (!status)
1002 return;
1003
1004 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1005 if (!cp)
1006 return;
1007
1008 hci_dev_lock(hdev);
1009
1010 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1011 if (conn) {
1012 if (conn->state == BT_CONFIG) {
769be974
MH		 1013 hci_proto_connect_cfm(conn, status);
1014 hci_conn_put(conn);
1015 }
1016 }
1017
1018 hci_dev_unlock(hdev);
1019}
1020
a9de9248
MH		 1021static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1022{
b6a0dc82
MH		 1023 struct hci_cp_setup_sync_conn *cp;
1024 struct hci_conn *acl, *sco;
1025 __u16 handle;
1026
a9de9248 1027 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1028
1029 if (!status)
1030 return;
1031
1032 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1033 if (!cp)
1034 return;
1035
1036 handle = __le16_to_cpu(cp->handle);
1037
1038 BT_DBG("%s handle %d", hdev->name, handle);
1039
1040 hci_dev_lock(hdev);
1041
1042 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1043 if (acl) {
1044 sco = acl->link;
1045 if (sco) {
1046 sco->state = BT_CLOSED;
b6a0dc82 1047
5a08ecce
AE		 1048 hci_proto_connect_cfm(sco, status);
1049 hci_conn_del(sco);
1050 }
b6a0dc82
MH		 1051 }
1052
1053 hci_dev_unlock(hdev);
1da177e4
LT		 1054}
1055
a9de9248 1056static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1057{
a9de9248
MH		 1058 struct hci_cp_sniff_mode *cp;
1059 struct hci_conn *conn;
1da177e4 1060
a9de9248 1061 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1062
a9de9248
MH		 1063 if (!status)
1064 return;
04837f64 1065
a9de9248
MH		 1066 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1067 if (!cp)
1068 return;
04837f64 1069
a9de9248 1070 hci_dev_lock(hdev);
04837f64 1071
a9de9248 1072 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1073 if (conn) {
a9de9248 1074 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
04837f64 1075
e73439d8
MH		 1076 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1077 hci_sco_setup(conn, status);
1078 }
1079
a9de9248
MH		 1080 hci_dev_unlock(hdev);
1081}
04837f64 1082
a9de9248
MH		 1083static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1084{
1085 struct hci_cp_exit_sniff_mode *cp;
1086 struct hci_conn *conn;
04837f64 1087
a9de9248 1088 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1089
a9de9248
MH		 1090 if (!status)
1091 return;
04837f64 1092
a9de9248
MH		 1093 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1094 if (!cp)
1095 return;
04837f64 1096
a9de9248 1097 hci_dev_lock(hdev);
1da177e4 1098
a9de9248 1099 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1100 if (conn) {
a9de9248 1101 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1da177e4 1102
e73439d8
MH		 1103 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1104 hci_sco_setup(conn, status);
1105 }
1106
a9de9248 1107 hci_dev_unlock(hdev);
1da177e4
LT		 1108}
1109
fcd89c09
VT		 1110static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1111{
1112 struct hci_cp_le_create_conn *cp;
1113 struct hci_conn *conn;
1114
1115 BT_DBG("%s status 0x%x", hdev->name, status);
1116
1117 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1118 if (!cp)
1119 return;
1120
1121 hci_dev_lock(hdev);
1122
1123 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1124
1125 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1126 conn);
1127
1128 if (status) {
1129 if (conn && conn->state == BT_CONNECT) {
1130 conn->state = BT_CLOSED;
1131 hci_proto_connect_cfm(conn, status);
1132 hci_conn_del(conn);
1133 }
1134 } else {
1135 if (!conn) {
1136 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1137 if (conn)
1138 conn->out = 1;
1139 else
1140 BT_ERR("No memory for new connection");
1141 }
1142 }
1143
1144 hci_dev_unlock(hdev);
1145}
1146
1da177e4
LT		 1147static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1148{
1149 __u8 status = *((__u8 *) skb->data);
1150
1151 BT_DBG("%s status %d", hdev->name, status);
1152
1153 clear_bit(HCI_INQUIRY, &hdev->flags);
6bd57416 1154
23bb5763 1155 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1156
a9de9248 1157 hci_conn_check_pending(hdev);
1da177e4
LT		 1158}
1159
1da177e4
LT		 1160static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1161{
45bb4bf0 1162 struct inquiry_data data;
a9de9248 1163 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1164 int num_rsp = *((__u8 *) skb->data);
1165
1166 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1167
45bb4bf0
MH		 1168 if (!num_rsp)
1169 return;
1170
1da177e4 1171 hci_dev_lock(hdev);
45bb4bf0 1172
1da177e4 1173 for (; num_rsp; num_rsp--) {
1da177e4
LT		 1174 bacpy(&data.bdaddr, &info->bdaddr);
1175 data.pscan_rep_mode = info->pscan_rep_mode;
1176 data.pscan_period_mode = info->pscan_period_mode;
1177 data.pscan_mode = info->pscan_mode;
1178 memcpy(data.dev_class, info->dev_class, 3);
1179 data.clock_offset = info->clock_offset;
1180 data.rssi = 0x00;
41a96212 1181 data.ssp_mode = 0x00;
1da177e4
LT		 1182 info++;
1183 hci_inquiry_cache_update(hdev, &data);
1184 }
45bb4bf0 1185
1da177e4
LT		 1186 hci_dev_unlock(hdev);
1187}
1188
1da177e4
LT		 1189static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1190{
a9de9248
MH		 1191 struct hci_ev_conn_complete *ev = (void *) skb->data;
1192 struct hci_conn *conn;
1da177e4
LT		 1193
1194 BT_DBG("%s", hdev->name);
1195
1196 hci_dev_lock(hdev);
1197
1198 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1199 if (!conn) {
1200 if (ev->link_type != SCO_LINK)
1201 goto unlock;
1202
1203 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1204 if (!conn)
1205 goto unlock;
1206
1207 conn->type = SCO_LINK;
1208 }
1da177e4
LT		 1209
1210 if (!ev->status) {
1211 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1212
1213 if (conn->type == ACL_LINK) {
1214 conn->state = BT_CONFIG;
1215 hci_conn_hold(conn);
052b30b0 1216 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
f7520543 1217 mgmt_connected(hdev->id, &ev->bdaddr);
769be974
MH		 1218 } else
1219 conn->state = BT_CONNECTED;
1da177e4 1220
9eba32b8 1221 hci_conn_hold_device(conn);
7d0db0a3
MH		 1222 hci_conn_add_sysfs(conn);
1223
1da177e4
LT		 1224 if (test_bit(HCI_AUTH, &hdev->flags))
1225 conn->link_mode |= HCI_LM_AUTH;
1226
1227 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1228 conn->link_mode |= HCI_LM_ENCRYPT;
1229
04837f64
MH		 1230 /* Get remote features */
1231 if (conn->type == ACL_LINK) {
1232 struct hci_cp_read_remote_features cp;
1233 cp.handle = ev->handle;
769be974
MH		 1234 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1235 sizeof(cp), &cp);
04837f64
MH		 1236 }
1237
1da177e4 1238 /* Set packet type for incoming connection */
a8746417 1239 if (!conn->out && hdev->hci_ver < 3) {
1da177e4
LT		 1240 struct hci_cp_change_conn_ptype cp;
1241 cp.handle = ev->handle;
a8746417
MH		 1242 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1243 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1244 sizeof(cp), &cp);
1da177e4 1245 }
17d5c04c 1246 } else {
1da177e4 1247 conn->state = BT_CLOSED;
17d5c04c
JH		 1248 if (conn->type == ACL_LINK)
1249 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1250 }
1da177e4 1251
e73439d8
MH		 1252 if (conn->type == ACL_LINK)
1253 hci_sco_setup(conn, ev->status);
1da177e4 1254
769be974
MH		 1255 if (ev->status) {
1256 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1257 hci_conn_del(conn);
c89b6e6b
MH		 1258 } else if (ev->link_type != ACL_LINK)
1259 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1260
a9de9248 1261unlock:
1da177e4 1262 hci_dev_unlock(hdev);
1da177e4 1263
a9de9248 1264 hci_conn_check_pending(hdev);
1da177e4
LT		 1265}
1266
a9de9248 1267static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1268{
a9de9248
MH		 1269 struct hci_ev_conn_request *ev = (void *) skb->data;
1270 int mask = hdev->link_mode;
1da177e4 1271
a9de9248
MH		 1272 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1273 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1274
a9de9248 1275 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1276
f0358568 1277 if ((mask & HCI_LM_ACCEPT) && !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1278 /* Connection accepted */
c7bdd502 1279 struct inquiry_entry *ie;
1da177e4 1280 struct hci_conn *conn;
1da177e4 1281
a9de9248 1282 hci_dev_lock(hdev);
b6a0dc82 1283
cc11b9c1
AE		 1284 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1285 if (ie)
c7bdd502
MH		 1286 memcpy(ie->data.dev_class, ev->dev_class, 3);
1287
a9de9248
MH		 1288 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1289 if (!conn) {
cc11b9c1
AE		 1290 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1291 if (!conn) {
893ef971 1292 BT_ERR("No memory for new connection");
a9de9248
MH		 1293 hci_dev_unlock(hdev);
1294 return;
1da177e4
LT		 1295 }
1296 }
b6a0dc82 1297
a9de9248
MH		 1298 memcpy(conn->dev_class, ev->dev_class, 3);
1299 conn->state = BT_CONNECT;
b6a0dc82 1300
a9de9248 1301 hci_dev_unlock(hdev);
1da177e4 1302
b6a0dc82
MH		 1303 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1304 struct hci_cp_accept_conn_req cp;
1da177e4 1305
b6a0dc82
MH		 1306 bacpy(&cp.bdaddr, &ev->bdaddr);
1307
1308 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1309 cp.role = 0x00; /* Become master */
1310 else
1311 cp.role = 0x01; /* Remain slave */
1312
1313 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1314 sizeof(cp), &cp);
1315 } else {
1316 struct hci_cp_accept_sync_conn_req cp;
1317
1318 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1319 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1320
1321 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1322 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1323 cp.max_latency = cpu_to_le16(0xffff);
1324 cp.content_format = cpu_to_le16(hdev->voice_setting);
1325 cp.retrans_effort = 0xff;
1da177e4 1326
b6a0dc82
MH		 1327 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1328 sizeof(cp), &cp);
1329 }
a9de9248
MH		 1330 } else {
1331 /* Connection rejected */
1332 struct hci_cp_reject_conn_req cp;
1da177e4 1333
a9de9248
MH		 1334 bacpy(&cp.bdaddr, &ev->bdaddr);
1335 cp.reason = 0x0f;
1336 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1337 }
1da177e4
LT		 1338}
1339
a9de9248 1340static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1341{
a9de9248 1342 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1343 struct hci_conn *conn;
1344
1345 BT_DBG("%s status %d", hdev->name, ev->status);
1346
8962ee74
JH		 1347 if (ev->status) {
1348 mgmt_disconnect_failed(hdev->id);
a9de9248 1349 return;
8962ee74 1350 }
a9de9248 1351
04837f64
MH		 1352 hci_dev_lock(hdev);
1353
1354 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1355 if (!conn)
1356 goto unlock;
7d0db0a3 1357
f7520543 1358 conn->state = BT_CLOSED;
04837f64 1359
f7520543
JH		 1360 if (conn->type == ACL_LINK)
1361 mgmt_disconnected(hdev->id, &conn->dst);
1362
1363 hci_proto_disconn_cfm(conn, ev->reason);
1364 hci_conn_del(conn);
1365
1366unlock:
04837f64
MH		 1367 hci_dev_unlock(hdev);
1368}
1369
1da177e4
LT		 1370static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1371{
a9de9248 1372 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1373 struct hci_conn *conn;
1da177e4
LT		 1374
1375 BT_DBG("%s status %d", hdev->name, ev->status);
1376
1377 hci_dev_lock(hdev);
1378
04837f64 1379 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4 1380 if (conn) {
765c2a96 1381 if (!ev->status) {
1da177e4 1382 conn->link_mode |= HCI_LM_AUTH;
765c2a96
JH		 1383 conn->sec_level = conn->pending_sec_level;
1384 } else
da213f41 1385 conn->sec_level = BT_SECURITY_LOW;
1da177e4
LT		 1386
1387 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1388
f8558555
MH		 1389 if (conn->state == BT_CONFIG) {
1390 if (!ev->status && hdev->ssp_mode > 0 &&
1391 conn->ssp_mode > 0) {
1392 struct hci_cp_set_conn_encrypt cp;
1393 cp.handle = ev->handle;
1394 cp.encrypt = 0x01;
1395 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1396 sizeof(cp), &cp);
1397 } else {
1398 conn->state = BT_CONNECTED;
1399 hci_proto_connect_cfm(conn, ev->status);
1400 hci_conn_put(conn);
1401 }
052b30b0 1402 } else {
f8558555 1403 hci_auth_cfm(conn, ev->status);
1da177e4 1404
052b30b0
MH		 1405 hci_conn_hold(conn);
1406 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1407 hci_conn_put(conn);
1408 }
1409
1da177e4
LT		 1410 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1411 if (!ev->status) {
1412 struct hci_cp_set_conn_encrypt cp;
f8558555
MH		 1413 cp.handle = ev->handle;
1414 cp.encrypt = 0x01;
1415 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1416 sizeof(cp), &cp);
1da177e4
LT		 1417 } else {
1418 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1419 hci_encrypt_cfm(conn, ev->status, 0x00);
1420 }
1421 }
1422 }
1423
1424 hci_dev_unlock(hdev);
1425}
1426
a9de9248 1427static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1428{
127178d2
JH		 1429 struct hci_ev_remote_name *ev = (void *) skb->data;
1430 struct hci_conn *conn;
1431
a9de9248 1432 BT_DBG("%s", hdev->name);
1da177e4 1433
a9de9248 1434 hci_conn_check_pending(hdev);
127178d2
JH		 1435
1436 hci_dev_lock(hdev);
1437
1438 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1439 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1440 struct hci_cp_auth_requested cp;
1441 cp.handle = __cpu_to_le16(conn->handle);
1442 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1443 }
1444
1445 hci_dev_unlock(hdev);
a9de9248
MH		 1446}
1447
1448static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1449{
1450 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1451 struct hci_conn *conn;
1452
1453 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1454
1455 hci_dev_lock(hdev);
1456
04837f64 1457 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1458 if (conn) {
1459 if (!ev->status) {
ae293196
MH		 1460 if (ev->encrypt) {
1461 /* Encryption implies authentication */
1462 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1463 conn->link_mode |= HCI_LM_ENCRYPT;
ae293196 1464 } else
1da177e4
LT		 1465 conn->link_mode &= ~HCI_LM_ENCRYPT;
1466 }
1467
1468 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1469
f8558555
MH		 1470 if (conn->state == BT_CONFIG) {
1471 if (!ev->status)
1472 conn->state = BT_CONNECTED;
1473
1474 hci_proto_connect_cfm(conn, ev->status);
1475 hci_conn_put(conn);
1476 } else
1477 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1478 }
1479
1480 hci_dev_unlock(hdev);
1481}
1482
a9de9248 1483static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1484{
a9de9248 1485 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1486 struct hci_conn *conn;
1da177e4
LT		 1487
1488 BT_DBG("%s status %d", hdev->name, ev->status);
1489
1490 hci_dev_lock(hdev);
1491
04837f64 1492 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1493 if (conn) {
1494 if (!ev->status)
1495 conn->link_mode |= HCI_LM_SECURE;
1496
1497 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1498
1499 hci_key_change_cfm(conn, ev->status);
1500 }
1501
1502 hci_dev_unlock(hdev);
1503}
1504
a9de9248 1505static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1506{
a9de9248
MH		 1507 struct hci_ev_remote_features *ev = (void *) skb->data;
1508 struct hci_conn *conn;
1509
1510 BT_DBG("%s status %d", hdev->name, ev->status);
1511
a9de9248
MH		 1512 hci_dev_lock(hdev);
1513
1514 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 1515 if (!conn)
1516 goto unlock;
769be974 1517
ccd556fe
JH		 1518 if (!ev->status)
1519 memcpy(conn->features, ev->features, 8);
1520
1521 if (conn->state != BT_CONFIG)
1522 goto unlock;
1523
1524 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1525 struct hci_cp_read_remote_ext_features cp;
1526 cp.handle = ev->handle;
1527 cp.page = 0x01;
1528 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 1529 sizeof(cp), &cp);
392599b9
JH		 1530 goto unlock;
1531 }
1532
127178d2
JH		 1533 if (!ev->status) {
1534 struct hci_cp_remote_name_req cp;
1535 memset(&cp, 0, sizeof(cp));
1536 bacpy(&cp.bdaddr, &conn->dst);
1537 cp.pscan_rep_mode = 0x02;
1538 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1539 }
392599b9 1540
127178d2 1541 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 1542 conn->state = BT_CONNECTED;
1543 hci_proto_connect_cfm(conn, ev->status);
1544 hci_conn_put(conn);
769be974 1545 }
a9de9248 1546
ccd556fe 1547unlock:
a9de9248 1548 hci_dev_unlock(hdev);
1da177e4
LT		 1549}
1550
a9de9248 1551static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1552{
a9de9248 1553 BT_DBG("%s", hdev->name);
1da177e4
LT		 1554}
1555
a9de9248 1556static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1557{
a9de9248 1558 BT_DBG("%s", hdev->name);
1da177e4
LT		 1559}
1560
a9de9248
MH		 1561static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1562{
1563 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1564 __u16 opcode;
1565
1566 skb_pull(skb, sizeof(*ev));
1567
1568 opcode = __le16_to_cpu(ev->opcode);
1569
1570 switch (opcode) {
1571 case HCI_OP_INQUIRY_CANCEL:
1572 hci_cc_inquiry_cancel(hdev, skb);
1573 break;
1574
1575 case HCI_OP_EXIT_PERIODIC_INQ:
1576 hci_cc_exit_periodic_inq(hdev, skb);
1577 break;
1578
1579 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1580 hci_cc_remote_name_req_cancel(hdev, skb);
1581 break;
1582
1583 case HCI_OP_ROLE_DISCOVERY:
1584 hci_cc_role_discovery(hdev, skb);
1585 break;
1586
e4e8e37c
MH		 1587 case HCI_OP_READ_LINK_POLICY:
1588 hci_cc_read_link_policy(hdev, skb);
1589 break;
1590
a9de9248
MH		 1591 case HCI_OP_WRITE_LINK_POLICY:
1592 hci_cc_write_link_policy(hdev, skb);
1593 break;
1594
e4e8e37c
MH		 1595 case HCI_OP_READ_DEF_LINK_POLICY:
1596 hci_cc_read_def_link_policy(hdev, skb);
1597 break;
1598
1599 case HCI_OP_WRITE_DEF_LINK_POLICY:
1600 hci_cc_write_def_link_policy(hdev, skb);
1601 break;
1602
a9de9248
MH		 1603 case HCI_OP_RESET:
1604 hci_cc_reset(hdev, skb);
1605 break;
1606
1607 case HCI_OP_WRITE_LOCAL_NAME:
1608 hci_cc_write_local_name(hdev, skb);
1609 break;
1610
1611 case HCI_OP_READ_LOCAL_NAME:
1612 hci_cc_read_local_name(hdev, skb);
1613 break;
1614
1615 case HCI_OP_WRITE_AUTH_ENABLE:
1616 hci_cc_write_auth_enable(hdev, skb);
1617 break;
1618
1619 case HCI_OP_WRITE_ENCRYPT_MODE:
1620 hci_cc_write_encrypt_mode(hdev, skb);
1621 break;
1622
1623 case HCI_OP_WRITE_SCAN_ENABLE:
1624 hci_cc_write_scan_enable(hdev, skb);
1625 break;
1626
1627 case HCI_OP_READ_CLASS_OF_DEV:
1628 hci_cc_read_class_of_dev(hdev, skb);
1629 break;
1630
1631 case HCI_OP_WRITE_CLASS_OF_DEV:
1632 hci_cc_write_class_of_dev(hdev, skb);
1633 break;
1634
1635 case HCI_OP_READ_VOICE_SETTING:
1636 hci_cc_read_voice_setting(hdev, skb);
1637 break;
1638
1639 case HCI_OP_WRITE_VOICE_SETTING:
1640 hci_cc_write_voice_setting(hdev, skb);
1641 break;
1642
1643 case HCI_OP_HOST_BUFFER_SIZE:
1644 hci_cc_host_buffer_size(hdev, skb);
1645 break;
1646
333140b5
MH		 1647 case HCI_OP_READ_SSP_MODE:
1648 hci_cc_read_ssp_mode(hdev, skb);
1649 break;
1650
1651 case HCI_OP_WRITE_SSP_MODE:
1652 hci_cc_write_ssp_mode(hdev, skb);
1653 break;
1654
a9de9248
MH		 1655 case HCI_OP_READ_LOCAL_VERSION:
1656 hci_cc_read_local_version(hdev, skb);
1657 break;
1658
1659 case HCI_OP_READ_LOCAL_COMMANDS:
1660 hci_cc_read_local_commands(hdev, skb);
1661 break;
1662
1663 case HCI_OP_READ_LOCAL_FEATURES:
1664 hci_cc_read_local_features(hdev, skb);
1665 break;
1666
1667 case HCI_OP_READ_BUFFER_SIZE:
1668 hci_cc_read_buffer_size(hdev, skb);
1669 break;
1670
1671 case HCI_OP_READ_BD_ADDR:
1672 hci_cc_read_bd_addr(hdev, skb);
1673 break;
1674
23bb5763
JH		 1675 case HCI_OP_WRITE_CA_TIMEOUT:
1676 hci_cc_write_ca_timeout(hdev, skb);
1677 break;
1678
b0916ea0
JH		 1679 case HCI_OP_DELETE_STORED_LINK_KEY:
1680 hci_cc_delete_stored_link_key(hdev, skb);
1681 break;
1682
d5859e22
JH		 1683 case HCI_OP_SET_EVENT_MASK:
1684 hci_cc_set_event_mask(hdev, skb);
1685 break;
1686
1687 case HCI_OP_WRITE_INQUIRY_MODE:
1688 hci_cc_write_inquiry_mode(hdev, skb);
1689 break;
1690
1691 case HCI_OP_READ_INQ_RSP_TX_POWER:
1692 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1693 break;
1694
1695 case HCI_OP_SET_EVENT_FLT:
1696 hci_cc_set_event_flt(hdev, skb);
1697 break;
1698
980e1a53
JH		 1699 case HCI_OP_PIN_CODE_REPLY:
1700 hci_cc_pin_code_reply(hdev, skb);
1701 break;
1702
1703 case HCI_OP_PIN_CODE_NEG_REPLY:
1704 hci_cc_pin_code_neg_reply(hdev, skb);
1705 break;
1706
a9de9248
MH		 1707 default:
1708 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1709 break;
1710 }
1711
1712 if (ev->ncmd) {
1713 atomic_set(&hdev->cmd_cnt, 1);
1714 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1715 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1716 }
1717}
1718
1719static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1720{
1721 struct hci_ev_cmd_status *ev = (void *) skb->data;
1722 __u16 opcode;
1723
1724 skb_pull(skb, sizeof(*ev));
1725
1726 opcode = __le16_to_cpu(ev->opcode);
1727
1728 switch (opcode) {
1729 case HCI_OP_INQUIRY:
1730 hci_cs_inquiry(hdev, ev->status);
1731 break;
1732
1733 case HCI_OP_CREATE_CONN:
1734 hci_cs_create_conn(hdev, ev->status);
1735 break;
1736
1737 case HCI_OP_ADD_SCO:
1738 hci_cs_add_sco(hdev, ev->status);
1739 break;
1740
f8558555
MH		 1741 case HCI_OP_AUTH_REQUESTED:
1742 hci_cs_auth_requested(hdev, ev->status);
1743 break;
1744
1745 case HCI_OP_SET_CONN_ENCRYPT:
1746 hci_cs_set_conn_encrypt(hdev, ev->status);
1747 break;
1748
a9de9248
MH		 1749 case HCI_OP_REMOTE_NAME_REQ:
1750 hci_cs_remote_name_req(hdev, ev->status);
1751 break;
1752
769be974
MH		 1753 case HCI_OP_READ_REMOTE_FEATURES:
1754 hci_cs_read_remote_features(hdev, ev->status);
1755 break;
1756
1757 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1758 hci_cs_read_remote_ext_features(hdev, ev->status);
1759 break;
1760
a9de9248
MH		 1761 case HCI_OP_SETUP_SYNC_CONN:
1762 hci_cs_setup_sync_conn(hdev, ev->status);
1763 break;
1764
1765 case HCI_OP_SNIFF_MODE:
1766 hci_cs_sniff_mode(hdev, ev->status);
1767 break;
1768
1769 case HCI_OP_EXIT_SNIFF_MODE:
1770 hci_cs_exit_sniff_mode(hdev, ev->status);
1771 break;
1772
8962ee74
JH		 1773 case HCI_OP_DISCONNECT:
1774 if (ev->status != 0)
1775 mgmt_disconnect_failed(hdev->id);
1776 break;
1777
fcd89c09
VT		 1778 case HCI_OP_LE_CREATE_CONN:
1779 hci_cs_le_create_conn(hdev, ev->status);
1780 break;
1781
a9de9248
MH		 1782 default:
1783 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1784 break;
1785 }
1786
1787 if (ev->ncmd) {
1788 atomic_set(&hdev->cmd_cnt, 1);
1789 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1790 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1791 }
1792}
1793
1794static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1795{
1796 struct hci_ev_role_change *ev = (void *) skb->data;
1797 struct hci_conn *conn;
1798
1799 BT_DBG("%s status %d", hdev->name, ev->status);
1800
1801 hci_dev_lock(hdev);
1802
1803 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1804 if (conn) {
1805 if (!ev->status) {
1806 if (ev->role)
1807 conn->link_mode &= ~HCI_LM_MASTER;
1808 else
1809 conn->link_mode |= HCI_LM_MASTER;
1810 }
1811
1812 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1813
1814 hci_role_switch_cfm(conn, ev->status, ev->role);
1815 }
1816
1817 hci_dev_unlock(hdev);
1818}
1819
1820static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1821{
1822 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1823 __le16 *ptr;
1824 int i;
1825
1826 skb_pull(skb, sizeof(*ev));
1827
1828 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1829
1830 if (skb->len < ev->num_hndl * 4) {
1831 BT_DBG("%s bad parameters", hdev->name);
1832 return;
1833 }
1834
1835 tasklet_disable(&hdev->tx_task);
1836
1837 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1838 struct hci_conn *conn;
1839 __u16 handle, count;
1840
83985319
HH		 1841 handle = get_unaligned_le16(ptr++);
1842 count = get_unaligned_le16(ptr++);
a9de9248
MH		 1843
1844 conn = hci_conn_hash_lookup_handle(hdev, handle);
1845 if (conn) {
1846 conn->sent -= count;
1847
1848 if (conn->type == ACL_LINK) {
70f23020
AE		 1849 hdev->acl_cnt += count;
1850 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248
MH		 1851 hdev->acl_cnt = hdev->acl_pkts;
1852 } else {
70f23020
AE		 1853 hdev->sco_cnt += count;
1854 if (hdev->sco_cnt > hdev->sco_pkts)
a9de9248
MH		 1855 hdev->sco_cnt = hdev->sco_pkts;
1856 }
1857 }
1858 }
1859
c78ae283 1860 tasklet_schedule(&hdev->tx_task);
a9de9248
MH		 1861
1862 tasklet_enable(&hdev->tx_task);
1863}
1864
1865static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1866{
a9de9248 1867 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 1868 struct hci_conn *conn;
1869
1870 BT_DBG("%s status %d", hdev->name, ev->status);
1871
1872 hci_dev_lock(hdev);
1873
1874 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 1875 if (conn) {
1876 conn->mode = ev->mode;
1877 conn->interval = __le16_to_cpu(ev->interval);
1878
1879 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1880 if (conn->mode == HCI_CM_ACTIVE)
1881 conn->power_save = 1;
1882 else
1883 conn->power_save = 0;
1884 }
e73439d8
MH		 1885
1886 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1887 hci_sco_setup(conn, ev->status);
04837f64
MH		 1888 }
1889
1890 hci_dev_unlock(hdev);
1891}
1892
a9de9248
MH		 1893static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1894{
052b30b0
MH		 1895 struct hci_ev_pin_code_req *ev = (void *) skb->data;
1896 struct hci_conn *conn;
1897
a9de9248 1898 BT_DBG("%s", hdev->name);
052b30b0
MH		 1899
1900 hci_dev_lock(hdev);
1901
1902 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3d7a9d1c 1903 if (conn && conn->state == BT_CONNECTED) {
052b30b0
MH		 1904 hci_conn_hold(conn);
1905 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1906 hci_conn_put(conn);
1907 }
1908
03b555e1
JH		 1909 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
1910 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1911 sizeof(ev->bdaddr), &ev->bdaddr);
1912
980e1a53
JH		 1913 if (test_bit(HCI_MGMT, &hdev->flags))
1914 mgmt_pin_code_request(hdev->id, &ev->bdaddr);
1915
052b30b0 1916 hci_dev_unlock(hdev);
a9de9248
MH		 1917}
1918
1919static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1920{
55ed8ca1
JH		 1921 struct hci_ev_link_key_req *ev = (void *) skb->data;
1922 struct hci_cp_link_key_reply cp;
1923 struct hci_conn *conn;
1924 struct link_key *key;
1925
a9de9248 1926 BT_DBG("%s", hdev->name);
55ed8ca1
JH		 1927
1928 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
1929 return;
1930
1931 hci_dev_lock(hdev);
1932
1933 key = hci_find_link_key(hdev, &ev->bdaddr);
1934 if (!key) {
1935 BT_DBG("%s link key not found for %s", hdev->name,
1936 batostr(&ev->bdaddr));
1937 goto not_found;
1938 }
1939
1940 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
1941 batostr(&ev->bdaddr));
1942
1943 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) && key->type == 0x03) {
1944 BT_DBG("%s ignoring debug key", hdev->name);
1945 goto not_found;
1946 }
1947
1948 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1949
1950 if (key->type == 0x04 && conn && conn->auth_type != 0xff &&
1951 (conn->auth_type & 0x01)) {
1952 BT_DBG("%s ignoring unauthenticated key", hdev->name);
1953 goto not_found;
1954 }
1955
1956 bacpy(&cp.bdaddr, &ev->bdaddr);
1957 memcpy(cp.link_key, key->val, 16);
1958
1959 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
1960
1961 hci_dev_unlock(hdev);
1962
1963 return;
1964
1965not_found:
1966 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
1967 hci_dev_unlock(hdev);
a9de9248
MH		 1968}
1969
1970static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1971{
052b30b0
MH		 1972 struct hci_ev_link_key_notify *ev = (void *) skb->data;
1973 struct hci_conn *conn;
55ed8ca1 1974 u8 pin_len = 0;
052b30b0 1975
a9de9248 1976 BT_DBG("%s", hdev->name);
052b30b0
MH		 1977
1978 hci_dev_lock(hdev);
1979
1980 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1981 if (conn) {
1982 hci_conn_hold(conn);
1983 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 1984 pin_len = conn->pin_length;
052b30b0
MH		 1985 hci_conn_put(conn);
1986 }
1987
55ed8ca1
JH		 1988 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
1989 hci_add_link_key(hdev, 1, &ev->bdaddr, ev->link_key,
1990 ev->key_type, pin_len);
1991
052b30b0 1992 hci_dev_unlock(hdev);
a9de9248
MH		 1993}
1994
1da177e4
LT		 1995static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1996{
a9de9248 1997 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 1998 struct hci_conn *conn;
1da177e4
LT		 1999
2000 BT_DBG("%s status %d", hdev->name, ev->status);
2001
2002 hci_dev_lock(hdev);
2003
04837f64 2004 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2005 if (conn && !ev->status) {
2006 struct inquiry_entry *ie;
2007
cc11b9c1
AE		 2008 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2009 if (ie) {
1da177e4
LT		 2010 ie->data.clock_offset = ev->clock_offset;
2011 ie->timestamp = jiffies;
2012 }
2013 }
2014
2015 hci_dev_unlock(hdev);
2016}
2017
a8746417
MH		 2018static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2019{
2020 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2021 struct hci_conn *conn;
2022
2023 BT_DBG("%s status %d", hdev->name, ev->status);
2024
2025 hci_dev_lock(hdev);
2026
2027 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2028 if (conn && !ev->status)
2029 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2030
2031 hci_dev_unlock(hdev);
2032}
2033
85a1e930
MH		 2034static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2035{
a9de9248 2036 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2037 struct inquiry_entry *ie;
2038
2039 BT_DBG("%s", hdev->name);
2040
2041 hci_dev_lock(hdev);
2042
cc11b9c1
AE		 2043 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2044 if (ie) {
85a1e930
MH		 2045 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2046 ie->timestamp = jiffies;
2047 }
2048
2049 hci_dev_unlock(hdev);
2050}
2051
a9de9248
MH		 2052static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2053{
2054 struct inquiry_data data;
2055 int num_rsp = *((__u8 *) skb->data);
2056
2057 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2058
2059 if (!num_rsp)
2060 return;
2061
2062 hci_dev_lock(hdev);
2063
2064 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2065 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
2066
2067 for (; num_rsp; num_rsp--) {
2068 bacpy(&data.bdaddr, &info->bdaddr);
2069 data.pscan_rep_mode = info->pscan_rep_mode;
2070 data.pscan_period_mode = info->pscan_period_mode;
2071 data.pscan_mode = info->pscan_mode;
2072 memcpy(data.dev_class, info->dev_class, 3);
2073 data.clock_offset = info->clock_offset;
2074 data.rssi = info->rssi;
41a96212 2075 data.ssp_mode = 0x00;
a9de9248
MH		 2076 info++;
2077 hci_inquiry_cache_update(hdev, &data);
2078 }
2079 } else {
2080 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2081
2082 for (; num_rsp; num_rsp--) {
2083 bacpy(&data.bdaddr, &info->bdaddr);
2084 data.pscan_rep_mode = info->pscan_rep_mode;
2085 data.pscan_period_mode = info->pscan_period_mode;
2086 data.pscan_mode = 0x00;
2087 memcpy(data.dev_class, info->dev_class, 3);
2088 data.clock_offset = info->clock_offset;
2089 data.rssi = info->rssi;
41a96212 2090 data.ssp_mode = 0x00;
a9de9248
MH		 2091 info++;
2092 hci_inquiry_cache_update(hdev, &data);
2093 }
2094 }
2095
2096 hci_dev_unlock(hdev);
2097}
2098
2099static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2100{
41a96212
MH		 2101 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2102 struct hci_conn *conn;
2103
a9de9248 2104 BT_DBG("%s", hdev->name);
41a96212 2105
41a96212
MH		 2106 hci_dev_lock(hdev);
2107
2108 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2109 if (!conn)
2110 goto unlock;
41a96212 2111
ccd556fe
JH		 2112 if (!ev->status && ev->page == 0x01) {
2113 struct inquiry_entry *ie;
41a96212 2114
cc11b9c1
AE		 2115 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2116 if (ie)
ccd556fe 2117 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2118
ccd556fe
JH		 2119 conn->ssp_mode = (ev->features[0] & 0x01);
2120 }
2121
2122 if (conn->state != BT_CONFIG)
2123 goto unlock;
2124
127178d2
JH		 2125 if (!ev->status) {
2126 struct hci_cp_remote_name_req cp;
2127 memset(&cp, 0, sizeof(cp));
2128 bacpy(&cp.bdaddr, &conn->dst);
2129 cp.pscan_rep_mode = 0x02;
2130 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2131 }
392599b9 2132
127178d2 2133 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2134 conn->state = BT_CONNECTED;
2135 hci_proto_connect_cfm(conn, ev->status);
2136 hci_conn_put(conn);
41a96212
MH		 2137 }
2138
ccd556fe 2139unlock:
41a96212 2140 hci_dev_unlock(hdev);
a9de9248
MH		 2141}
2142
2143static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2144{
b6a0dc82
MH		 2145 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2146 struct hci_conn *conn;
2147
2148 BT_DBG("%s status %d", hdev->name, ev->status);
2149
2150 hci_dev_lock(hdev);
2151
2152 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2153 if (!conn) {
2154 if (ev->link_type == ESCO_LINK)
2155 goto unlock;
2156
2157 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2158 if (!conn)
2159 goto unlock;
2160
2161 conn->type = SCO_LINK;
2162 }
b6a0dc82 2163
732547f9
MH		 2164 switch (ev->status) {
2165 case 0x00:
b6a0dc82
MH		 2166 conn->handle = __le16_to_cpu(ev->handle);
2167 conn->state = BT_CONNECTED;
7d0db0a3 2168
9eba32b8 2169 hci_conn_hold_device(conn);
7d0db0a3 2170 hci_conn_add_sysfs(conn);
732547f9
MH		 2171 break;
2172
705e5711 2173 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2174 case 0x1c: /* SCO interval rejected */
1038a00b 2175 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2176 case 0x1f: /* Unspecified error */
2177 if (conn->out && conn->attempt < 2) {
2178 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2179 (hdev->esco_type & EDR_ESCO_MASK);
2180 hci_setup_sync(conn, conn->link->handle);
2181 goto unlock;
2182 }
2183 /* fall through */
2184
2185 default:
b6a0dc82 2186 conn->state = BT_CLOSED;
732547f9
MH		 2187 break;
2188 }
b6a0dc82
MH		 2189
2190 hci_proto_connect_cfm(conn, ev->status);
2191 if (ev->status)
2192 hci_conn_del(conn);
2193
2194unlock:
2195 hci_dev_unlock(hdev);
a9de9248
MH		 2196}
2197
2198static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2199{
2200 BT_DBG("%s", hdev->name);
2201}
2202
04837f64
MH		 2203static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2204{
a9de9248 2205 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2206 struct hci_conn *conn;
2207
2208 BT_DBG("%s status %d", hdev->name, ev->status);
2209
2210 hci_dev_lock(hdev);
2211
2212 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2213 if (conn) {
2214 }
2215
2216 hci_dev_unlock(hdev);
2217}
2218
a9de9248 2219static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2220{
a9de9248
MH		 2221 struct inquiry_data data;
2222 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2223 int num_rsp = *((__u8 *) skb->data);
1da177e4 2224
a9de9248 2225 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2226
a9de9248
MH		 2227 if (!num_rsp)
2228 return;
1da177e4 2229
a9de9248
MH		 2230 hci_dev_lock(hdev);
2231
2232 for (; num_rsp; num_rsp--) {
2233 bacpy(&data.bdaddr, &info->bdaddr);
2234 data.pscan_rep_mode = info->pscan_rep_mode;
2235 data.pscan_period_mode = info->pscan_period_mode;
2236 data.pscan_mode = 0x00;
2237 memcpy(data.dev_class, info->dev_class, 3);
2238 data.clock_offset = info->clock_offset;
2239 data.rssi = info->rssi;
41a96212 2240 data.ssp_mode = 0x01;
a9de9248
MH		 2241 info++;
2242 hci_inquiry_cache_update(hdev, &data);
2243 }
2244
2245 hci_dev_unlock(hdev);
2246}
1da177e4 2247
17fa4b9d
JH		 2248static inline u8 hci_get_auth_req(struct hci_conn *conn)
2249{
2250 /* If remote requests dedicated bonding follow that lead */
2251 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2252 /* If both remote and local IO capabilities allow MITM
2253 * protection then require it, otherwise don't */
2254 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2255 return 0x02;
2256 else
2257 return 0x03;
2258 }
2259
2260 /* If remote requests no-bonding follow that lead */
2261 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2262 return 0x00;
2263
2264 return conn->auth_type;
2265}
2266
0493684e
MH		 2267static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2268{
2269 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2270 struct hci_conn *conn;
2271
2272 BT_DBG("%s", hdev->name);
2273
2274 hci_dev_lock(hdev);
2275
2276 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 2277 if (!conn)
2278 goto unlock;
2279
2280 hci_conn_hold(conn);
2281
2282 if (!test_bit(HCI_MGMT, &hdev->flags))
2283 goto unlock;
2284
2285 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2286 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 2287 struct hci_cp_io_capability_reply cp;
2288
2289 bacpy(&cp.bdaddr, &ev->bdaddr);
2290 cp.capability = conn->io_capability;
2291 cp.oob_data = 0;
2292 cp.authentication = hci_get_auth_req(conn);
2293
2294 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2295 sizeof(cp), &cp);
03b555e1
JH		 2296 } else {
2297 struct hci_cp_io_capability_neg_reply cp;
2298
2299 bacpy(&cp.bdaddr, &ev->bdaddr);
2300 cp.reason = 0x16; /* Pairing not allowed */
0493684e 2301
03b555e1
JH		 2302 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2303 sizeof(cp), &cp);
2304 }
2305
2306unlock:
2307 hci_dev_unlock(hdev);
2308}
2309
2310static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2311{
2312 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2313 struct hci_conn *conn;
2314
2315 BT_DBG("%s", hdev->name);
2316
2317 hci_dev_lock(hdev);
2318
2319 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2320 if (!conn)
2321 goto unlock;
2322
2323 hci_conn_hold(conn);
2324
2325 conn->remote_cap = ev->capability;
2326 conn->remote_oob = ev->oob_data;
2327 conn->remote_auth = ev->authentication;
2328
2329unlock:
0493684e
MH		 2330 hci_dev_unlock(hdev);
2331}
2332
2333static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2334{
2335 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2336 struct hci_conn *conn;
2337
2338 BT_DBG("%s", hdev->name);
2339
2340 hci_dev_lock(hdev);
2341
2342 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2343 if (conn)
2344 hci_conn_put(conn);
2345
2346 hci_dev_unlock(hdev);
2347}
2348
41a96212
MH		 2349static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2350{
2351 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2352 struct inquiry_entry *ie;
2353
2354 BT_DBG("%s", hdev->name);
2355
2356 hci_dev_lock(hdev);
2357
cc11b9c1
AE		 2358 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2359 if (ie)
41a96212
MH		 2360 ie->data.ssp_mode = (ev->features[0] & 0x01);
2361
2362 hci_dev_unlock(hdev);
2363}
2364
fcd89c09
VT		 2365static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2366{
2367 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2368 struct hci_conn *conn;
2369
2370 BT_DBG("%s status %d", hdev->name, ev->status);
2371
2372 hci_dev_lock(hdev);
2373
2374 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2375 if (!conn)
2376 goto unlock;
2377
2378 if (ev->status) {
2379 hci_proto_connect_cfm(conn, ev->status);
2380 conn->state = BT_CLOSED;
2381 hci_conn_del(conn);
2382 goto unlock;
2383 }
2384
2385 conn->handle = __le16_to_cpu(ev->handle);
2386 conn->state = BT_CONNECTED;
2387
2388 hci_conn_hold_device(conn);
2389 hci_conn_add_sysfs(conn);
2390
2391 hci_proto_connect_cfm(conn, ev->status);
2392
2393unlock:
2394 hci_dev_unlock(hdev);
2395}
2396
2397static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2398{
2399 struct hci_ev_le_meta *le_ev = (void *) skb->data;
2400
2401 skb_pull(skb, sizeof(*le_ev));
2402
2403 switch (le_ev->subevent) {
2404 case HCI_EV_LE_CONN_COMPLETE:
2405 hci_le_conn_complete_evt(hdev, skb);
2406 break;
2407
2408 default:
2409 break;
2410 }
2411}
2412
a9de9248
MH		 2413void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2414{
2415 struct hci_event_hdr *hdr = (void *) skb->data;
2416 __u8 event = hdr->evt;
2417
2418 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2419
2420 switch (event) {
1da177e4
LT		 2421 case HCI_EV_INQUIRY_COMPLETE:
2422 hci_inquiry_complete_evt(hdev, skb);
2423 break;
2424
2425 case HCI_EV_INQUIRY_RESULT:
2426 hci_inquiry_result_evt(hdev, skb);
2427 break;
2428
a9de9248
MH		 2429 case HCI_EV_CONN_COMPLETE:
2430 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 2431 break;
2432
1da177e4
LT		 2433 case HCI_EV_CONN_REQUEST:
2434 hci_conn_request_evt(hdev, skb);
2435 break;
2436
1da177e4
LT		 2437 case HCI_EV_DISCONN_COMPLETE:
2438 hci_disconn_complete_evt(hdev, skb);
2439 break;
2440
1da177e4
LT		 2441 case HCI_EV_AUTH_COMPLETE:
2442 hci_auth_complete_evt(hdev, skb);
2443 break;
2444
a9de9248
MH		 2445 case HCI_EV_REMOTE_NAME:
2446 hci_remote_name_evt(hdev, skb);
2447 break;
2448
1da177e4
LT		 2449 case HCI_EV_ENCRYPT_CHANGE:
2450 hci_encrypt_change_evt(hdev, skb);
2451 break;
2452
a9de9248
MH		 2453 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2454 hci_change_link_key_complete_evt(hdev, skb);
2455 break;
2456
2457 case HCI_EV_REMOTE_FEATURES:
2458 hci_remote_features_evt(hdev, skb);
2459 break;
2460
2461 case HCI_EV_REMOTE_VERSION:
2462 hci_remote_version_evt(hdev, skb);
2463 break;
2464
2465 case HCI_EV_QOS_SETUP_COMPLETE:
2466 hci_qos_setup_complete_evt(hdev, skb);
2467 break;
2468
2469 case HCI_EV_CMD_COMPLETE:
2470 hci_cmd_complete_evt(hdev, skb);
2471 break;
2472
2473 case HCI_EV_CMD_STATUS:
2474 hci_cmd_status_evt(hdev, skb);
2475 break;
2476
2477 case HCI_EV_ROLE_CHANGE:
2478 hci_role_change_evt(hdev, skb);
2479 break;
2480
2481 case HCI_EV_NUM_COMP_PKTS:
2482 hci_num_comp_pkts_evt(hdev, skb);
2483 break;
2484
2485 case HCI_EV_MODE_CHANGE:
2486 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 2487 break;
2488
2489 case HCI_EV_PIN_CODE_REQ:
2490 hci_pin_code_request_evt(hdev, skb);
2491 break;
2492
2493 case HCI_EV_LINK_KEY_REQ:
2494 hci_link_key_request_evt(hdev, skb);
2495 break;
2496
2497 case HCI_EV_LINK_KEY_NOTIFY:
2498 hci_link_key_notify_evt(hdev, skb);
2499 break;
2500
2501 case HCI_EV_CLOCK_OFFSET:
2502 hci_clock_offset_evt(hdev, skb);
2503 break;
2504
a8746417
MH		 2505 case HCI_EV_PKT_TYPE_CHANGE:
2506 hci_pkt_type_change_evt(hdev, skb);
2507 break;
2508
85a1e930
MH		 2509 case HCI_EV_PSCAN_REP_MODE:
2510 hci_pscan_rep_mode_evt(hdev, skb);
2511 break;
2512
a9de9248
MH		 2513 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2514 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 2515 break;
2516
a9de9248
MH		 2517 case HCI_EV_REMOTE_EXT_FEATURES:
2518 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 2519 break;
2520
a9de9248
MH		 2521 case HCI_EV_SYNC_CONN_COMPLETE:
2522 hci_sync_conn_complete_evt(hdev, skb);
2523 break;
1da177e4 2524
a9de9248
MH		 2525 case HCI_EV_SYNC_CONN_CHANGED:
2526 hci_sync_conn_changed_evt(hdev, skb);
2527 break;
1da177e4 2528
a9de9248
MH		 2529 case HCI_EV_SNIFF_SUBRATE:
2530 hci_sniff_subrate_evt(hdev, skb);
2531 break;
1da177e4 2532
a9de9248
MH		 2533 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2534 hci_extended_inquiry_result_evt(hdev, skb);
2535 break;
1da177e4 2536
0493684e
MH		 2537 case HCI_EV_IO_CAPA_REQUEST:
2538 hci_io_capa_request_evt(hdev, skb);
2539 break;
2540
03b555e1
JH		 2541 case HCI_EV_IO_CAPA_REPLY:
2542 hci_io_capa_reply_evt(hdev, skb);
2543 break;
2544
0493684e
MH		 2545 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2546 hci_simple_pair_complete_evt(hdev, skb);
2547 break;
2548
41a96212
MH		 2549 case HCI_EV_REMOTE_HOST_FEATURES:
2550 hci_remote_host_features_evt(hdev, skb);
2551 break;
2552
fcd89c09
VT		 2553 case HCI_EV_LE_META:
2554 hci_le_meta_evt(hdev, skb);
2555 break;
2556
a9de9248
MH		 2557 default:
2558 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 2559 break;
2560 }
2561
2562 kfree_skb(skb);
2563 hdev->stat.evt_rx++;
2564}
2565
2566/* Generate internal stack event */
2567void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2568{
2569 struct hci_event_hdr *hdr;
2570 struct hci_ev_stack_internal *ev;
2571 struct sk_buff *skb;
2572
2573 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2574 if (!skb)
2575 return;
2576
2577 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2578 hdr->evt = HCI_EV_STACK_INTERNAL;
2579 hdr->plen = sizeof(*ev) + dlen;
2580
2581 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2582 ev->type = type;
2583 memcpy(ev->data, data, dlen);
2584
576c7d85 2585 bt_cb(skb)->incoming = 1;
a61bbcf2 2586 __net_timestamp(skb);
576c7d85 2587
0d48d939 2588 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 2589 skb->dev = (void *) hdev;
eec8d2bc 2590 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 2591 kfree_skb(skb);
2592}
Linux kernel - Deliverables
This page took 0.647762 seconds and 5 git commands to generate.