projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Rename hdev->inq_cache to hdev->discovery
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23/* Bluetooth HCI Management interface */
24
ca69b795 25#include <linux/kernel.h>
72359753 26#include <linux/uaccess.h>
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
02d98129
JH		 35#define MGMT_VERSION 0
36#define MGMT_REVISION 1
37
2519a1fc
AG		 38#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
39
7d78525d
JH		 40#define SERVICE_CACHE_TIMEOUT (5 * 1000)
41
eec8d2bc
JH		 42struct pending_cmd {
43 struct list_head list;
fc2f4b13 44 u16 opcode;
eec8d2bc 45 int index;
c68fb7ff 46 void *param;
eec8d2bc 47 struct sock *sk;
e9a416b5 48 void *user_data;
eec8d2bc
JH		 49};
50
ca69b795
JH		 51/* HCI to MGMT error code conversion table */
52static u8 mgmt_status_table[] = {
53 MGMT_STATUS_SUCCESS,
54 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
55 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
56 MGMT_STATUS_FAILED, /* Hardware Failure */
57 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
58 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
59 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
60 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
61 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
62 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
63 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
64 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
65 MGMT_STATUS_BUSY, /* Command Disallowed */
66 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
67 MGMT_STATUS_REJECTED, /* Rejected Security */
68 MGMT_STATUS_REJECTED, /* Rejected Personal */
69 MGMT_STATUS_TIMEOUT, /* Host Timeout */
70 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
71 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
72 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
73 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
74 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
75 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
76 MGMT_STATUS_BUSY, /* Repeated Attempts */
77 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
78 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
79 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
80 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
81 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
82 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
83 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
84 MGMT_STATUS_FAILED, /* Unspecified Error */
85 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
86 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
87 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
88 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
89 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
90 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
91 MGMT_STATUS_FAILED, /* Unit Link Key Used */
92 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
93 MGMT_STATUS_TIMEOUT, /* Instant Passed */
94 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
95 MGMT_STATUS_FAILED, /* Transaction Collision */
96 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
97 MGMT_STATUS_REJECTED, /* QoS Rejected */
98 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
99 MGMT_STATUS_REJECTED, /* Insufficient Security */
100 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
101 MGMT_STATUS_BUSY, /* Role Switch Pending */
102 MGMT_STATUS_FAILED, /* Slot Violation */
103 MGMT_STATUS_FAILED, /* Role Switch Failed */
104 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
105 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
106 MGMT_STATUS_BUSY, /* Host Busy Pairing */
107 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
108 MGMT_STATUS_BUSY, /* Controller Busy */
109 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
110 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
111 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
112 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
113 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
114};
115
116static u8 mgmt_status(u8 hci_status)
117{
118 if (hci_status < ARRAY_SIZE(mgmt_status_table))
119 return mgmt_status_table[hci_status];
120
121 return MGMT_STATUS_FAILED;
122}
123
4e51eae9 124static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 125{
126 struct sk_buff *skb;
127 struct mgmt_hdr *hdr;
128 struct mgmt_ev_cmd_status *ev;
56b7d137 129 int err;
f7b64e69 130
34eb525c 131 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 132
133 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
134 if (!skb)
135 return -ENOMEM;
136
137 hdr = (void *) skb_put(skb, sizeof(*hdr));
138
139 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 140 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 141 hdr->len = cpu_to_le16(sizeof(*ev));
142
143 ev = (void *) skb_put(skb, sizeof(*ev));
144 ev->status = status;
145 put_unaligned_le16(cmd, &ev->opcode);
146
56b7d137
GP		 147 err = sock_queue_rcv_skb(sk, skb);
148 if (err < 0)
f7b64e69
JH		 149 kfree_skb(skb);
150
56b7d137 151 return err;
f7b64e69
JH		 152}
153
4e51eae9
SJ		 154static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
155 size_t rp_len)
02d98129
JH		 156{
157 struct sk_buff *skb;
158 struct mgmt_hdr *hdr;
159 struct mgmt_ev_cmd_complete *ev;
56b7d137 160 int err;
02d98129
JH		 161
162 BT_DBG("sock %p", sk);
163
a38528f1 164 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 165 if (!skb)
166 return -ENOMEM;
167
168 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 169
a38528f1 170 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 171 hdr->index = cpu_to_le16(index);
a38528f1 172 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 173
a38528f1
JH		 174 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
175 put_unaligned_le16(cmd, &ev->opcode);
8020c16a
SJ		 176
177 if (rp)
178 memcpy(ev->data, rp, rp_len);
02d98129 179
56b7d137
GP		 180 err = sock_queue_rcv_skb(sk, skb);
181 if (err < 0)
02d98129
JH		 182 kfree_skb(skb);
183
56b7d137 184 return err;;
02d98129
JH		 185}
186
a38528f1
JH		 187static int read_version(struct sock *sk)
188{
189 struct mgmt_rp_read_version rp;
190
191 BT_DBG("sock %p", sk);
192
193 rp.version = MGMT_VERSION;
194 put_unaligned_le16(MGMT_REVISION, &rp.revision);
195
4e51eae9
SJ		 196 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
197 sizeof(rp));
a38528f1
JH		 198}
199
faba42eb
JH		 200static int read_index_list(struct sock *sk)
201{
faba42eb
JH		 202 struct mgmt_rp_read_index_list *rp;
203 struct list_head *p;
8035ded4 204 struct hci_dev *d;
a38528f1 205 size_t rp_len;
faba42eb 206 u16 count;
a38528f1 207 int i, err;
faba42eb
JH		 208
209 BT_DBG("sock %p", sk);
210
211 read_lock(&hci_dev_list_lock);
212
213 count = 0;
214 list_for_each(p, &hci_dev_list) {
215 count++;
216 }
217
a38528f1
JH		 218 rp_len = sizeof(*rp) + (2 * count);
219 rp = kmalloc(rp_len, GFP_ATOMIC);
220 if (!rp) {
b2c60d42 221 read_unlock(&hci_dev_list_lock);
faba42eb 222 return -ENOMEM;
b2c60d42 223 }
faba42eb 224
faba42eb
JH		 225 put_unaligned_le16(count, &rp->num_controllers);
226
227 i = 0;
8035ded4 228 list_for_each_entry(d, &hci_dev_list, list) {
3243553f 229 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
e0f9309f 230 cancel_delayed_work(&d->power_off);
ab81cbf9
JH		 231
232 if (test_bit(HCI_SETUP, &d->flags))
233 continue;
234
faba42eb
JH		 235 put_unaligned_le16(d->id, &rp->index[i++]);
236 BT_DBG("Added hci%u", d->id);
237 }
238
239 read_unlock(&hci_dev_list_lock);
240
4e51eae9
SJ		 241 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
242 rp_len);
faba42eb 243
a38528f1
JH		 244 kfree(rp);
245
246 return err;
faba42eb
JH		 247}
248
69ab39ea
JH		 249static u32 get_supported_settings(struct hci_dev *hdev)
250{
251 u32 settings = 0;
252
253 settings |= MGMT_SETTING_POWERED;
254 settings |= MGMT_SETTING_CONNECTABLE;
255 settings |= MGMT_SETTING_FAST_CONNECTABLE;
256 settings |= MGMT_SETTING_DISCOVERABLE;
257 settings |= MGMT_SETTING_PAIRABLE;
258
259 if (hdev->features[6] & LMP_SIMPLE_PAIR)
260 settings |= MGMT_SETTING_SSP;
261
262 if (!(hdev->features[4] & LMP_NO_BREDR)) {
263 settings |= MGMT_SETTING_BREDR;
264 settings |= MGMT_SETTING_LINK_SECURITY;
265 }
266
267 if (hdev->features[4] & LMP_LE)
268 settings |= MGMT_SETTING_LE;
269
270 return settings;
271}
272
273static u32 get_current_settings(struct hci_dev *hdev)
274{
275 u32 settings = 0;
276
277 if (test_bit(HCI_UP, &hdev->flags))
278 settings |= MGMT_SETTING_POWERED;
279 else
280 return settings;
281
282 if (test_bit(HCI_PSCAN, &hdev->flags))
283 settings |= MGMT_SETTING_CONNECTABLE;
284
285 if (test_bit(HCI_ISCAN, &hdev->flags))
286 settings |= MGMT_SETTING_DISCOVERABLE;
287
288 if (test_bit(HCI_PAIRABLE, &hdev->flags))
289 settings |= MGMT_SETTING_PAIRABLE;
290
291 if (!(hdev->features[4] & LMP_NO_BREDR))
292 settings |= MGMT_SETTING_BREDR;
293
59e29406 294 if (hdev->host_features[0] & LMP_HOST_LE)
69ab39ea
JH		 295 settings |= MGMT_SETTING_LE;
296
297 if (test_bit(HCI_AUTH, &hdev->flags))
298 settings |= MGMT_SETTING_LINK_SECURITY;
299
300 if (hdev->ssp_mode > 0)
301 settings |= MGMT_SETTING_SSP;
302
303 return settings;
304}
305
ef580372
JH		 306#define PNP_INFO_SVCLASS_ID 0x1200
307
308static u8 bluetooth_base_uuid[] = {
309 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
310 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
311};
312
313static u16 get_uuid16(u8 *uuid128)
314{
315 u32 val;
316 int i;
317
318 for (i = 0; i < 12; i++) {
319 if (bluetooth_base_uuid[i] != uuid128[i])
320 return 0;
321 }
322
323 memcpy(&val, &uuid128[12], 4);
324
325 val = le32_to_cpu(val);
326 if (val > 0xffff)
327 return 0;
328
329 return (u16) val;
330}
331
332static void create_eir(struct hci_dev *hdev, u8 *data)
333{
334 u8 *ptr = data;
335 u16 eir_len = 0;
336 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
337 int i, truncated = 0;
338 struct bt_uuid *uuid;
339 size_t name_len;
340
341 name_len = strlen(hdev->dev_name);
342
343 if (name_len > 0) {
344 /* EIR Data type */
345 if (name_len > 48) {
346 name_len = 48;
347 ptr[1] = EIR_NAME_SHORT;
348 } else
349 ptr[1] = EIR_NAME_COMPLETE;
350
351 /* EIR Data length */
352 ptr[0] = name_len + 1;
353
354 memcpy(ptr + 2, hdev->dev_name, name_len);
355
356 eir_len += (name_len + 2);
357 ptr += (name_len + 2);
358 }
359
360 memset(uuid16_list, 0, sizeof(uuid16_list));
361
362 /* Group all UUID16 types */
363 list_for_each_entry(uuid, &hdev->uuids, list) {
364 u16 uuid16;
365
366 uuid16 = get_uuid16(uuid->uuid);
367 if (uuid16 == 0)
368 return;
369
370 if (uuid16 < 0x1100)
371 continue;
372
373 if (uuid16 == PNP_INFO_SVCLASS_ID)
374 continue;
375
376 /* Stop if not enough space to put next UUID */
377 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
378 truncated = 1;
379 break;
380 }
381
382 /* Check for duplicates */
383 for (i = 0; uuid16_list[i] != 0; i++)
384 if (uuid16_list[i] == uuid16)
385 break;
386
387 if (uuid16_list[i] == 0) {
388 uuid16_list[i] = uuid16;
389 eir_len += sizeof(u16);
390 }
391 }
392
393 if (uuid16_list[0] != 0) {
394 u8 *length = ptr;
395
396 /* EIR Data type */
397 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
398
399 ptr += 2;
400 eir_len += 2;
401
402 for (i = 0; uuid16_list[i] != 0; i++) {
403 *ptr++ = (uuid16_list[i] & 0x00ff);
404 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
405 }
406
407 /* EIR Data length */
408 *length = (i * sizeof(u16)) + 1;
409 }
410}
411
412static int update_eir(struct hci_dev *hdev)
413{
414 struct hci_cp_write_eir cp;
415
416 if (!(hdev->features[6] & LMP_EXT_INQ))
417 return 0;
418
419 if (hdev->ssp_mode == 0)
420 return 0;
421
422 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
423 return 0;
424
425 memset(&cp, 0, sizeof(cp));
426
427 create_eir(hdev, cp.data);
428
429 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
430 return 0;
431
432 memcpy(hdev->eir, cp.data, sizeof(cp.data));
433
434 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
435}
436
437static u8 get_service_classes(struct hci_dev *hdev)
438{
439 struct bt_uuid *uuid;
440 u8 val = 0;
441
442 list_for_each_entry(uuid, &hdev->uuids, list)
443 val |= uuid->svc_hint;
444
445 return val;
446}
447
448static int update_class(struct hci_dev *hdev)
449{
450 u8 cod[3];
451
452 BT_DBG("%s", hdev->name);
453
454 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
455 return 0;
456
457 cod[0] = hdev->minor_class;
458 cod[1] = hdev->major_class;
459 cod[2] = get_service_classes(hdev);
460
461 if (memcmp(cod, hdev->dev_class, 3) == 0)
462 return 0;
463
464 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
465}
466
7d78525d
JH		 467static void service_cache_off(struct work_struct *work)
468{
469 struct hci_dev *hdev = container_of(work, struct hci_dev,
470 service_cache.work);
471
472 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->flags))
473 return;
474
475 hci_dev_lock(hdev);
476
477 update_eir(hdev);
478 update_class(hdev);
479
480 hci_dev_unlock(hdev);
481}
482
483static void mgmt_init_hdev(struct hci_dev *hdev)
484{
485 if (!test_and_set_bit(HCI_MGMT, &hdev->flags))
486 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
487
488 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->flags))
489 schedule_delayed_work(&hdev->service_cache,
490 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
491}
492
4e51eae9 493static int read_controller_info(struct sock *sk, u16 index)
0381101f 494{
a38528f1 495 struct mgmt_rp_read_info rp;
f7b64e69 496 struct hci_dev *hdev;
0381101f 497
4e51eae9 498 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 499
4e51eae9 500 hdev = hci_dev_get(index);
a38528f1 501 if (!hdev)
ca69b795
JH		 502 return cmd_status(sk, index, MGMT_OP_READ_INFO,
503 MGMT_STATUS_INVALID_PARAMS);
f7b64e69 504
3243553f
JH		 505 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
506 cancel_delayed_work_sync(&hdev->power_off);
ab81cbf9 507
09fd0de5 508 hci_dev_lock(hdev);
f7b64e69 509
7d78525d
JH		 510 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
511 mgmt_init_hdev(hdev);
ebc99feb 512
dc4fe30b
JH		 513 memset(&rp, 0, sizeof(rp));
514
69ab39ea 515 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 516
69ab39ea 517 rp.version = hdev->hci_ver;
f7b64e69 518
69ab39ea
JH		 519 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
520
521 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
522 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 523
a38528f1 524 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 525
dc4fe30b
JH		 526 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
527
09fd0de5 528 hci_dev_unlock(hdev);
f7b64e69 529 hci_dev_put(hdev);
0381101f 530
4e51eae9 531 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
0381101f
JH		 532}
533
eec8d2bc
JH		 534static void mgmt_pending_free(struct pending_cmd *cmd)
535{
536 sock_put(cmd->sk);
c68fb7ff 537 kfree(cmd->param);
eec8d2bc
JH		 538 kfree(cmd);
539}
540
366a0336 541static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
2e58ef3e
JH		 542 struct hci_dev *hdev,
543 void *data, u16 len)
eec8d2bc
JH		 544{
545 struct pending_cmd *cmd;
546
547 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
548 if (!cmd)
366a0336 549 return NULL;
eec8d2bc
JH		 550
551 cmd->opcode = opcode;
2e58ef3e 552 cmd->index = hdev->id;
eec8d2bc 553
c68fb7ff
SJ		 554 cmd->param = kmalloc(len, GFP_ATOMIC);
555 if (!cmd->param) {
eec8d2bc 556 kfree(cmd);
366a0336 557 return NULL;
eec8d2bc
JH		 558 }
559
8fce6357
SJ		 560 if (data)
561 memcpy(cmd->param, data, len);
eec8d2bc
JH		 562
563 cmd->sk = sk;
564 sock_hold(sk);
565
2e58ef3e 566 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 567
366a0336 568 return cmd;
eec8d2bc
JH		 569}
570
744cf19e 571static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
eec8d2bc
JH		 572 void (*cb)(struct pending_cmd *cmd, void *data),
573 void *data)
574{
575 struct list_head *p, *n;
576
2e58ef3e 577 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 578 struct pending_cmd *cmd;
579
580 cmd = list_entry(p, struct pending_cmd, list);
581
b24752fe 582 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 583 continue;
584
eec8d2bc
JH		 585 cb(cmd, data);
586 }
587}
588
2e58ef3e 589static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 590{
8035ded4 591 struct pending_cmd *cmd;
eec8d2bc 592
2e58ef3e 593 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 594 if (cmd->opcode == opcode)
595 return cmd;
eec8d2bc
JH		 596 }
597
598 return NULL;
599}
600
a664b5bc 601static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 602{
73f22f62
JH		 603 list_del(&cmd->list);
604 mgmt_pending_free(cmd);
605}
606
69ab39ea 607static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 608{
69ab39ea 609 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 610
69ab39ea 611 return cmd_complete(sk, hdev->id, opcode, &settings, sizeof(settings));
8680570b
JH		 612}
613
4e51eae9 614static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
eec8d2bc 615{
72a734ec 616 struct mgmt_mode *cp;
eec8d2bc 617 struct hci_dev *hdev;
366a0336 618 struct pending_cmd *cmd;
366a0336 619 int err, up;
eec8d2bc
JH		 620
621 cp = (void *) data;
eec8d2bc 622
4e51eae9 623 BT_DBG("request for hci%u", index);
eec8d2bc 624
bdce7baf 625 if (len != sizeof(*cp))
ca69b795
JH		 626 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
627 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 628
4e51eae9 629 hdev = hci_dev_get(index);
eec8d2bc 630 if (!hdev)
ca69b795
JH		 631 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
632 MGMT_STATUS_INVALID_PARAMS);
eec8d2bc 633
09fd0de5 634 hci_dev_lock(hdev);
eec8d2bc
JH		 635
636 up = test_bit(HCI_UP, &hdev->flags);
72a734ec 637 if ((cp->val && up) || (!cp->val && !up)) {
69ab39ea 638 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 639 goto failed;
640 }
641
2e58ef3e 642 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
ca69b795
JH		 643 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
644 MGMT_STATUS_BUSY);
eec8d2bc
JH		 645 goto failed;
646 }
647
2e58ef3e 648 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 649 if (!cmd) {
650 err = -ENOMEM;
eec8d2bc 651 goto failed;
366a0336 652 }
eec8d2bc 653
72a734ec 654 if (cp->val)
7f971041 655 schedule_work(&hdev->power_on);
eec8d2bc 656 else
80b7ab33 657 schedule_work(&hdev->power_off.work);
eec8d2bc 658
366a0336 659 err = 0;
eec8d2bc
JH		 660
661failed:
09fd0de5 662 hci_dev_unlock(hdev);
eec8d2bc 663 hci_dev_put(hdev);
366a0336 664 return err;
eec8d2bc
JH		 665}
666
4e51eae9
SJ		 667static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
668 u16 len)
73f22f62 669{
16ab91ab 670 struct mgmt_cp_set_discoverable *cp;
73f22f62 671 struct hci_dev *hdev;
366a0336 672 struct pending_cmd *cmd;
73f22f62
JH		 673 u8 scan;
674 int err;
675
676 cp = (void *) data;
73f22f62 677
4e51eae9 678 BT_DBG("request for hci%u", index);
73f22f62 679
bdce7baf 680 if (len != sizeof(*cp))
ca69b795
JH		 681 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
682 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 683
4e51eae9 684 hdev = hci_dev_get(index);
73f22f62 685 if (!hdev)
ca69b795
JH		 686 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
687 MGMT_STATUS_INVALID_PARAMS);
73f22f62 688
09fd0de5 689 hci_dev_lock(hdev);
73f22f62
JH		 690
691 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 692 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
693 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 694 goto failed;
695 }
696
2e58ef3e
JH		 697 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
698 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 699 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
700 MGMT_STATUS_BUSY);
73f22f62
JH		 701 goto failed;
702 }
703
72a734ec 704 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
73f22f62 705 test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 706 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 707 goto failed;
708 }
709
2e58ef3e 710 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 711 if (!cmd) {
712 err = -ENOMEM;
73f22f62 713 goto failed;
366a0336 714 }
73f22f62
JH		 715
716 scan = SCAN_PAGE;
717
72a734ec 718 if (cp->val)
73f22f62 719 scan |= SCAN_INQUIRY;
16ab91ab 720 else
e0f9309f 721 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 722
723 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
724 if (err < 0)
a664b5bc 725 mgmt_pending_remove(cmd);
73f22f62 726
16ab91ab
JH		 727 if (cp->val)
728 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
729
73f22f62 730failed:
09fd0de5 731 hci_dev_unlock(hdev);
73f22f62
JH		 732 hci_dev_put(hdev);
733
734 return err;
735}
736
4e51eae9
SJ		 737static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
738 u16 len)
9fbcbb45 739{
72a734ec 740 struct mgmt_mode *cp;
9fbcbb45 741 struct hci_dev *hdev;
366a0336 742 struct pending_cmd *cmd;
9fbcbb45
JH		 743 u8 scan;
744 int err;
745
746 cp = (void *) data;
9fbcbb45 747
4e51eae9 748 BT_DBG("request for hci%u", index);
9fbcbb45 749
bdce7baf 750 if (len != sizeof(*cp))
ca69b795
JH		 751 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
752 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 753
4e51eae9 754 hdev = hci_dev_get(index);
9fbcbb45 755 if (!hdev)
ca69b795
JH		 756 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
757 MGMT_STATUS_INVALID_PARAMS);
9fbcbb45 758
09fd0de5 759 hci_dev_lock(hdev);
9fbcbb45
JH		 760
761 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 762 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
763 MGMT_STATUS_NOT_POWERED);
9fbcbb45
JH		 764 goto failed;
765 }
766
2e58ef3e
JH		 767 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
768 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 769 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
770 MGMT_STATUS_BUSY);
9fbcbb45
JH		 771 goto failed;
772 }
773
72a734ec 774 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 775 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 776 goto failed;
777 }
778
2e58ef3e 779 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 780 if (!cmd) {
781 err = -ENOMEM;
9fbcbb45 782 goto failed;
366a0336 783 }
9fbcbb45 784
72a734ec 785 if (cp->val)
9fbcbb45
JH		 786 scan = SCAN_PAGE;
787 else
788 scan = 0;
789
790 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
791 if (err < 0)
a664b5bc 792 mgmt_pending_remove(cmd);
9fbcbb45
JH		 793
794failed:
09fd0de5 795 hci_dev_unlock(hdev);
9fbcbb45
JH		 796 hci_dev_put(hdev);
797
798 return err;
799}
800
744cf19e
JH		 801static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
802 u16 data_len, struct sock *skip_sk)
c542a06c
JH		 803{
804 struct sk_buff *skb;
805 struct mgmt_hdr *hdr;
806
807 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
808 if (!skb)
809 return -ENOMEM;
810
811 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
812
813 hdr = (void *) skb_put(skb, sizeof(*hdr));
814 hdr->opcode = cpu_to_le16(event);
744cf19e
JH		 815 if (hdev)
816 hdr->index = cpu_to_le16(hdev->id);
817 else
818 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
c542a06c
JH		 819 hdr->len = cpu_to_le16(data_len);
820
4e51eae9
SJ		 821 if (data)
822 memcpy(skb_put(skb, data_len), data, data_len);
c542a06c
JH		 823
824 hci_send_to_sock(NULL, skb, skip_sk);
825 kfree_skb(skb);
826
827 return 0;
828}
829
4e51eae9
SJ		 830static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
831 u16 len)
c542a06c 832{
69ab39ea 833 struct mgmt_mode *cp;
c542a06c 834 struct hci_dev *hdev;
69ab39ea 835 __le32 ev;
c542a06c
JH		 836 int err;
837
838 cp = (void *) data;
c542a06c 839
4e51eae9 840 BT_DBG("request for hci%u", index);
c542a06c 841
bdce7baf 842 if (len != sizeof(*cp))
ca69b795
JH		 843 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
844 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 845
4e51eae9 846 hdev = hci_dev_get(index);
c542a06c 847 if (!hdev)
ca69b795
JH		 848 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
849 MGMT_STATUS_INVALID_PARAMS);
c542a06c 850
09fd0de5 851 hci_dev_lock(hdev);
c542a06c
JH		 852
853 if (cp->val)
854 set_bit(HCI_PAIRABLE, &hdev->flags);
855 else
856 clear_bit(HCI_PAIRABLE, &hdev->flags);
857
69ab39ea 858 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 859 if (err < 0)
860 goto failed;
861
69ab39ea 862 ev = cpu_to_le32(get_current_settings(hdev));
c542a06c 863
69ab39ea 864 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
c542a06c
JH		 865
866failed:
09fd0de5 867 hci_dev_unlock(hdev);
c542a06c
JH		 868 hci_dev_put(hdev);
869
870 return err;
871}
872
4e51eae9 873static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 874{
875 struct mgmt_cp_add_uuid *cp;
876 struct hci_dev *hdev;
877 struct bt_uuid *uuid;
2aeb9a1a
JH		 878 int err;
879
880 cp = (void *) data;
2aeb9a1a 881
4e51eae9 882 BT_DBG("request for hci%u", index);
2aeb9a1a 883
bdce7baf 884 if (len != sizeof(*cp))
ca69b795
JH		 885 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
886 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 887
4e51eae9 888 hdev = hci_dev_get(index);
2aeb9a1a 889 if (!hdev)
ca69b795
JH		 890 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
891 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 892
09fd0de5 893 hci_dev_lock(hdev);
2aeb9a1a
JH		 894
895 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
896 if (!uuid) {
897 err = -ENOMEM;
898 goto failed;
899 }
900
901 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 902 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 903
904 list_add(&uuid->list, &hdev->uuids);
905
1aff6f09
JH		 906 err = update_class(hdev);
907 if (err < 0)
908 goto failed;
909
80a1e1db
JH		 910 err = update_eir(hdev);
911 if (err < 0)
912 goto failed;
913
4e51eae9 914 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
2aeb9a1a
JH		 915
916failed:
09fd0de5 917 hci_dev_unlock(hdev);
2aeb9a1a
JH		 918 hci_dev_put(hdev);
919
920 return err;
921}
922
4e51eae9 923static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 924{
925 struct list_head *p, *n;
779cb850 926 struct mgmt_cp_remove_uuid *cp;
2aeb9a1a
JH		 927 struct hci_dev *hdev;
928 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 929 int err, found;
930
931 cp = (void *) data;
2aeb9a1a 932
4e51eae9 933 BT_DBG("request for hci%u", index);
2aeb9a1a 934
bdce7baf 935 if (len != sizeof(*cp))
ca69b795
JH		 936 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
937 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 938
4e51eae9 939 hdev = hci_dev_get(index);
2aeb9a1a 940 if (!hdev)
ca69b795
JH		 941 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
942 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 943
09fd0de5 944 hci_dev_lock(hdev);
2aeb9a1a
JH		 945
946 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
947 err = hci_uuids_clear(hdev);
948 goto unlock;
949 }
950
951 found = 0;
952
953 list_for_each_safe(p, n, &hdev->uuids) {
954 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
955
956 if (memcmp(match->uuid, cp->uuid, 16) != 0)
957 continue;
958
959 list_del(&match->list);
960 found++;
961 }
962
963 if (found == 0) {
ca69b795
JH		 964 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
965 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 966 goto unlock;
967 }
968
1aff6f09
JH		 969 err = update_class(hdev);
970 if (err < 0)
971 goto unlock;
972
80a1e1db
JH		 973 err = update_eir(hdev);
974 if (err < 0)
975 goto unlock;
976
4e51eae9 977 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
2aeb9a1a
JH		 978
979unlock:
09fd0de5 980 hci_dev_unlock(hdev);
2aeb9a1a
JH		 981 hci_dev_put(hdev);
982
983 return err;
984}
985
4e51eae9
SJ		 986static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
987 u16 len)
1aff6f09
JH		 988{
989 struct hci_dev *hdev;
990 struct mgmt_cp_set_dev_class *cp;
1aff6f09
JH		 991 int err;
992
993 cp = (void *) data;
1aff6f09 994
4e51eae9 995 BT_DBG("request for hci%u", index);
1aff6f09 996
bdce7baf 997 if (len != sizeof(*cp))
ca69b795
JH		 998 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
999 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1000
4e51eae9 1001 hdev = hci_dev_get(index);
1aff6f09 1002 if (!hdev)
ca69b795
JH		 1003 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1004 MGMT_STATUS_INVALID_PARAMS);
1aff6f09 1005
09fd0de5 1006 hci_dev_lock(hdev);
1aff6f09
JH		 1007
1008 hdev->major_class = cp->major;
1009 hdev->minor_class = cp->minor;
1010
7d78525d
JH		 1011 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->flags)) {
1012 hci_dev_unlock(hdev);
1013 cancel_delayed_work_sync(&hdev->service_cache);
1014 hci_dev_lock(hdev);
14c0b608 1015 update_eir(hdev);
7d78525d 1016 }
14c0b608 1017
1aff6f09
JH		 1018 err = update_class(hdev);
1019
1020 if (err == 0)
4e51eae9 1021 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1aff6f09 1022
09fd0de5 1023 hci_dev_unlock(hdev);
1aff6f09
JH		 1024 hci_dev_put(hdev);
1025
1026 return err;
1027}
1028
86742e1e
JH		 1029static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
1030 u16 len)
55ed8ca1
JH		 1031{
1032 struct hci_dev *hdev;
86742e1e 1033 struct mgmt_cp_load_link_keys *cp;
4e51eae9 1034 u16 key_count, expected_len;
a492cd52 1035 int i;
55ed8ca1
JH		 1036
1037 cp = (void *) data;
bdce7baf
SJ		 1038
1039 if (len < sizeof(*cp))
ca69b795
JH		 1040 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1041 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1042
55ed8ca1
JH		 1043 key_count = get_unaligned_le16(&cp->key_count);
1044
86742e1e
JH		 1045 expected_len = sizeof(*cp) + key_count *
1046 sizeof(struct mgmt_link_key_info);
a492cd52 1047 if (expected_len != len) {
86742e1e 1048 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 1049 len, expected_len);
ca69b795
JH		 1050 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1051 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1052 }
1053
4e51eae9 1054 hdev = hci_dev_get(index);
55ed8ca1 1055 if (!hdev)
ca69b795
JH		 1056 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1057 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1058
4e51eae9 1059 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 1060 key_count);
1061
09fd0de5 1062 hci_dev_lock(hdev);
55ed8ca1
JH		 1063
1064 hci_link_keys_clear(hdev);
1065
1066 set_bit(HCI_LINK_KEYS, &hdev->flags);
1067
1068 if (cp->debug_keys)
1069 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
1070 else
1071 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
1072
a492cd52 1073 for (i = 0; i < key_count; i++) {
86742e1e 1074 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1075
d25e28ab 1076 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
55ed8ca1
JH		 1077 key->pin_len);
1078 }
1079
0e5f875a
JH		 1080 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, NULL, 0);
1081
09fd0de5 1082 hci_dev_unlock(hdev);
55ed8ca1
JH		 1083 hci_dev_put(hdev);
1084
a492cd52 1085 return 0;
55ed8ca1
JH		 1086}
1087
86742e1e
JH		 1088static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
1089 u16 len)
55ed8ca1
JH		 1090{
1091 struct hci_dev *hdev;
86742e1e 1092 struct mgmt_cp_remove_keys *cp;
a8a1d19e
JH		 1093 struct mgmt_rp_remove_keys rp;
1094 struct hci_cp_disconnect dc;
1095 struct pending_cmd *cmd;
55ed8ca1 1096 struct hci_conn *conn;
55ed8ca1
JH		 1097 int err;
1098
1099 cp = (void *) data;
55ed8ca1 1100
bdce7baf 1101 if (len != sizeof(*cp))
ca69b795
JH		 1102 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1103 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1104
4e51eae9 1105 hdev = hci_dev_get(index);
55ed8ca1 1106 if (!hdev)
ca69b795
JH		 1107 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1108 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1109
09fd0de5 1110 hci_dev_lock(hdev);
55ed8ca1 1111
a8a1d19e
JH		 1112 memset(&rp, 0, sizeof(rp));
1113 bacpy(&rp.bdaddr, &cp->bdaddr);
ca69b795 1114 rp.status = MGMT_STATUS_FAILED;
a8a1d19e 1115
55ed8ca1
JH		 1116 err = hci_remove_link_key(hdev, &cp->bdaddr);
1117 if (err < 0) {
ca69b795 1118 rp.status = MGMT_STATUS_NOT_PAIRED;
55ed8ca1
JH		 1119 goto unlock;
1120 }
1121
a8a1d19e
JH		 1122 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
1123 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1124 sizeof(rp));
55ed8ca1 1125 goto unlock;
a8a1d19e 1126 }
55ed8ca1
JH		 1127
1128 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
a8a1d19e
JH		 1129 if (!conn) {
1130 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1131 sizeof(rp));
1132 goto unlock;
1133 }
55ed8ca1 1134
a8a1d19e
JH		 1135 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_KEYS, hdev, cp, sizeof(*cp));
1136 if (!cmd) {
1137 err = -ENOMEM;
1138 goto unlock;
55ed8ca1
JH		 1139 }
1140
a8a1d19e
JH		 1141 put_unaligned_le16(conn->handle, &dc.handle);
1142 dc.reason = 0x13; /* Remote User Terminated Connection */
1143 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1144 if (err < 0)
1145 mgmt_pending_remove(cmd);
1146
55ed8ca1 1147unlock:
ca69b795 1148 if (err < 0)
a8a1d19e
JH		 1149 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1150 sizeof(rp));
09fd0de5 1151 hci_dev_unlock(hdev);
55ed8ca1
JH		 1152 hci_dev_put(hdev);
1153
1154 return err;
1155}
1156
4e51eae9 1157static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
8962ee74
JH		 1158{
1159 struct hci_dev *hdev;
1160 struct mgmt_cp_disconnect *cp;
1161 struct hci_cp_disconnect dc;
366a0336 1162 struct pending_cmd *cmd;
8962ee74 1163 struct hci_conn *conn;
8962ee74
JH		 1164 int err;
1165
1166 BT_DBG("");
1167
1168 cp = (void *) data;
8962ee74 1169
bdce7baf 1170 if (len != sizeof(*cp))
ca69b795
JH		 1171 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1172 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1173
4e51eae9 1174 hdev = hci_dev_get(index);
8962ee74 1175 if (!hdev)
ca69b795
JH		 1176 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1177 MGMT_STATUS_INVALID_PARAMS);
8962ee74 1178
09fd0de5 1179 hci_dev_lock(hdev);
8962ee74
JH		 1180
1181 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1182 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1183 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1184 goto failed;
1185 }
1186
2e58ef3e 1187 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
ca69b795
JH		 1188 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1189 MGMT_STATUS_BUSY);
8962ee74
JH		 1190 goto failed;
1191 }
1192
1193 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
365227e5
VCG		 1194 if (!conn)
1195 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1196
8962ee74 1197 if (!conn) {
ca69b795
JH		 1198 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1199 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1200 goto failed;
1201 }
1202
2e58ef3e 1203 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1204 if (!cmd) {
1205 err = -ENOMEM;
8962ee74 1206 goto failed;
366a0336 1207 }
8962ee74
JH		 1208
1209 put_unaligned_le16(conn->handle, &dc.handle);
1210 dc.reason = 0x13; /* Remote User Terminated Connection */
1211
1212 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1213 if (err < 0)
a664b5bc 1214 mgmt_pending_remove(cmd);
8962ee74
JH		 1215
1216failed:
09fd0de5 1217 hci_dev_unlock(hdev);
8962ee74
JH		 1218 hci_dev_put(hdev);
1219
1220 return err;
1221}
1222
48264f06 1223static u8 link_to_mgmt(u8 link_type, u8 addr_type)
4c659c39
JH		 1224{
1225 switch (link_type) {
1226 case LE_LINK:
48264f06
JH		 1227 switch (addr_type) {
1228 case ADDR_LE_DEV_PUBLIC:
1229 return MGMT_ADDR_LE_PUBLIC;
1230 case ADDR_LE_DEV_RANDOM:
1231 return MGMT_ADDR_LE_RANDOM;
1232 default:
1233 return MGMT_ADDR_INVALID;
1234 }
4c659c39
JH		 1235 case ACL_LINK:
1236 return MGMT_ADDR_BREDR;
1237 default:
1238 return MGMT_ADDR_INVALID;
1239 }
1240}
1241
8ce6284e 1242static int get_connections(struct sock *sk, u16 index)
2784eb41 1243{
2784eb41
JH		 1244 struct mgmt_rp_get_connections *rp;
1245 struct hci_dev *hdev;
8035ded4 1246 struct hci_conn *c;
2784eb41 1247 struct list_head *p;
a38528f1 1248 size_t rp_len;
4e51eae9 1249 u16 count;
2784eb41
JH		 1250 int i, err;
1251
1252 BT_DBG("");
1253
4e51eae9 1254 hdev = hci_dev_get(index);
2784eb41 1255 if (!hdev)
ca69b795
JH		 1256 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1257 MGMT_STATUS_INVALID_PARAMS);
2784eb41 1258
09fd0de5 1259 hci_dev_lock(hdev);
2784eb41
JH		 1260
1261 count = 0;
1262 list_for_each(p, &hdev->conn_hash.list) {
1263 count++;
1264 }
1265
4c659c39 1266 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1267 rp = kmalloc(rp_len, GFP_ATOMIC);
1268 if (!rp) {
2784eb41
JH		 1269 err = -ENOMEM;
1270 goto unlock;
1271 }
1272
2784eb41
JH		 1273 put_unaligned_le16(count, &rp->conn_count);
1274
2784eb41 1275 i = 0;
4c659c39
JH		 1276 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1277 bacpy(&rp->addr[i].bdaddr, &c->dst);
48264f06 1278 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
4c659c39
JH		 1279 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1280 continue;
1281 i++;
1282 }
1283
1284 /* Recalculate length in case of filtered SCO connections, etc */
1285 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1286
4e51eae9 1287 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
2784eb41
JH		 1288
1289unlock:
a38528f1 1290 kfree(rp);
09fd0de5 1291 hci_dev_unlock(hdev);
2784eb41
JH		 1292 hci_dev_put(hdev);
1293 return err;
1294}
1295
96d97a67
WR		 1296static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1297 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1298{
1299 struct pending_cmd *cmd;
1300 int err;
1301
2e58ef3e 1302 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
96d97a67
WR		 1303 sizeof(*cp));
1304 if (!cmd)
1305 return -ENOMEM;
1306
1307 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1308 &cp->bdaddr);
1309 if (err < 0)
1310 mgmt_pending_remove(cmd);
1311
1312 return err;
1313}
1314
4e51eae9
SJ		 1315static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1316 u16 len)
980e1a53
JH		 1317{
1318 struct hci_dev *hdev;
96d97a67 1319 struct hci_conn *conn;
980e1a53 1320 struct mgmt_cp_pin_code_reply *cp;
96d97a67 1321 struct mgmt_cp_pin_code_neg_reply ncp;
980e1a53 1322 struct hci_cp_pin_code_reply reply;
366a0336 1323 struct pending_cmd *cmd;
980e1a53
JH		 1324 int err;
1325
1326 BT_DBG("");
1327
1328 cp = (void *) data;
980e1a53 1329
bdce7baf 1330 if (len != sizeof(*cp))
ca69b795
JH		 1331 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1332 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1333
4e51eae9 1334 hdev = hci_dev_get(index);
980e1a53 1335 if (!hdev)
ca69b795
JH		 1336 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1337 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1338
09fd0de5 1339 hci_dev_lock(hdev);
980e1a53
JH		 1340
1341 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1342 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1343 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1344 goto failed;
1345 }
1346
96d97a67
WR		 1347 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1348 if (!conn) {
ca69b795
JH		 1349 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1350 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1351 goto failed;
1352 }
1353
1354 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1355 bacpy(&ncp.bdaddr, &cp->bdaddr);
1356
1357 BT_ERR("PIN code is not 16 bytes long");
1358
1359 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1360 if (err >= 0)
1361 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
ca69b795 1362 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1363
1364 goto failed;
1365 }
1366
2e58ef3e 1367 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1368 if (!cmd) {
1369 err = -ENOMEM;
980e1a53 1370 goto failed;
366a0336 1371 }
980e1a53
JH		 1372
1373 bacpy(&reply.bdaddr, &cp->bdaddr);
1374 reply.pin_len = cp->pin_len;
24718ca5 1375 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1376
1377 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1378 if (err < 0)
a664b5bc 1379 mgmt_pending_remove(cmd);
980e1a53
JH		 1380
1381failed:
09fd0de5 1382 hci_dev_unlock(hdev);
980e1a53
JH		 1383 hci_dev_put(hdev);
1384
1385 return err;
1386}
1387
4e51eae9
SJ		 1388static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1389 u16 len)
980e1a53
JH		 1390{
1391 struct hci_dev *hdev;
1392 struct mgmt_cp_pin_code_neg_reply *cp;
980e1a53
JH		 1393 int err;
1394
1395 BT_DBG("");
1396
1397 cp = (void *) data;
980e1a53 1398
bdce7baf
SJ		 1399 if (len != sizeof(*cp))
1400 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1401 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1402
4e51eae9 1403 hdev = hci_dev_get(index);
980e1a53 1404 if (!hdev)
4e51eae9 1405 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1406 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1407
09fd0de5 1408 hci_dev_lock(hdev);
980e1a53
JH		 1409
1410 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1411 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1412 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1413 goto failed;
1414 }
1415
96d97a67 1416 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1417
1418failed:
09fd0de5 1419 hci_dev_unlock(hdev);
980e1a53
JH		 1420 hci_dev_put(hdev);
1421
1422 return err;
1423}
1424
4e51eae9
SJ		 1425static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1426 u16 len)
17fa4b9d
JH		 1427{
1428 struct hci_dev *hdev;
1429 struct mgmt_cp_set_io_capability *cp;
17fa4b9d
JH		 1430
1431 BT_DBG("");
1432
1433 cp = (void *) data;
17fa4b9d 1434
bdce7baf 1435 if (len != sizeof(*cp))
ca69b795
JH		 1436 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1437 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1438
4e51eae9 1439 hdev = hci_dev_get(index);
17fa4b9d 1440 if (!hdev)
ca69b795
JH		 1441 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1442 MGMT_STATUS_INVALID_PARAMS);
17fa4b9d 1443
09fd0de5 1444 hci_dev_lock(hdev);
17fa4b9d
JH		 1445
1446 hdev->io_capability = cp->io_capability;
1447
1448 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1449 hdev->io_capability);
17fa4b9d 1450
09fd0de5 1451 hci_dev_unlock(hdev);
17fa4b9d
JH		 1452 hci_dev_put(hdev);
1453
4e51eae9 1454 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
17fa4b9d
JH		 1455}
1456
e9a416b5
JH		 1457static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1458{
1459 struct hci_dev *hdev = conn->hdev;
8035ded4 1460 struct pending_cmd *cmd;
e9a416b5 1461
2e58ef3e 1462 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1463 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1464 continue;
1465
e9a416b5
JH		 1466 if (cmd->user_data != conn)
1467 continue;
1468
1469 return cmd;
1470 }
1471
1472 return NULL;
1473}
1474
1475static void pairing_complete(struct pending_cmd *cmd, u8 status)
1476{
1477 struct mgmt_rp_pair_device rp;
1478 struct hci_conn *conn = cmd->user_data;
1479
ba4e564f
JH		 1480 bacpy(&rp.addr.bdaddr, &conn->dst);
1481 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
e9a416b5
JH		 1482 rp.status = status;
1483
4e51eae9 1484 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
e9a416b5
JH		 1485
1486 /* So we don't get further callbacks for this connection */
1487 conn->connect_cfm_cb = NULL;
1488 conn->security_cfm_cb = NULL;
1489 conn->disconn_cfm_cb = NULL;
1490
1491 hci_conn_put(conn);
1492
a664b5bc 1493 mgmt_pending_remove(cmd);
e9a416b5
JH		 1494}
1495
1496static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1497{
1498 struct pending_cmd *cmd;
1499
1500 BT_DBG("status %u", status);
1501
1502 cmd = find_pairing(conn);
56e5cb86 1503 if (!cmd)
e9a416b5 1504 BT_DBG("Unable to find a pending command");
56e5cb86
JH		 1505 else
1506 pairing_complete(cmd, status);
e9a416b5
JH		 1507}
1508
4e51eae9 1509static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
e9a416b5
JH		 1510{
1511 struct hci_dev *hdev;
1512 struct mgmt_cp_pair_device *cp;
1425acb7 1513 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1514 struct pending_cmd *cmd;
1515 u8 sec_level, auth_type;
1516 struct hci_conn *conn;
e9a416b5
JH		 1517 int err;
1518
1519 BT_DBG("");
1520
1521 cp = (void *) data;
e9a416b5 1522
bdce7baf 1523 if (len != sizeof(*cp))
ca69b795
JH		 1524 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1525 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1526
4e51eae9 1527 hdev = hci_dev_get(index);
e9a416b5 1528 if (!hdev)
ca69b795
JH		 1529 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1530 MGMT_STATUS_INVALID_PARAMS);
e9a416b5 1531
09fd0de5 1532 hci_dev_lock(hdev);
e9a416b5 1533
c908df36
VCG		 1534 sec_level = BT_SECURITY_MEDIUM;
1535 if (cp->io_cap == 0x03)
e9a416b5 1536 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1537 else
e9a416b5 1538 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1539
ba4e564f
JH		 1540 if (cp->addr.type == MGMT_ADDR_BREDR)
1541 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1542 auth_type);
1543 else
ba4e564f 1544 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1545 auth_type);
1546
1425acb7
JH		 1547 memset(&rp, 0, sizeof(rp));
1548 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1549 rp.addr.type = cp->addr.type;
1550
30e76272 1551 if (IS_ERR(conn)) {
1425acb7
JH		 1552 rp.status = -PTR_ERR(conn);
1553 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1554 &rp, sizeof(rp));
e9a416b5
JH		 1555 goto unlock;
1556 }
1557
1558 if (conn->connect_cfm_cb) {
1559 hci_conn_put(conn);
1425acb7
JH		 1560 rp.status = EBUSY;
1561 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1562 &rp, sizeof(rp));
e9a416b5
JH		 1563 goto unlock;
1564 }
1565
2e58ef3e 1566 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1567 if (!cmd) {
1568 err = -ENOMEM;
1569 hci_conn_put(conn);
1570 goto unlock;
1571 }
1572
7a512d01 1573 /* For LE, just connecting isn't a proof that the pairing finished */
ba4e564f 1574 if (cp->addr.type == MGMT_ADDR_BREDR)
7a512d01
VCG		 1575 conn->connect_cfm_cb = pairing_complete_cb;
1576
e9a416b5
JH		 1577 conn->security_cfm_cb = pairing_complete_cb;
1578 conn->disconn_cfm_cb = pairing_complete_cb;
1579 conn->io_capability = cp->io_cap;
1580 cmd->user_data = conn;
1581
1582 if (conn->state == BT_CONNECTED &&
1583 hci_conn_security(conn, sec_level, auth_type))
1584 pairing_complete(cmd, 0);
1585
1586 err = 0;
1587
1588unlock:
09fd0de5 1589 hci_dev_unlock(hdev);
e9a416b5
JH		 1590 hci_dev_put(hdev);
1591
1592 return err;
1593}
1594
0df4c185
BG		 1595static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
1596 u16 mgmt_op, u16 hci_op, __le32 passkey)
a5c29683 1597{
a5c29683
JH		 1598 struct pending_cmd *cmd;
1599 struct hci_dev *hdev;
0df4c185 1600 struct hci_conn *conn;
a5c29683
JH		 1601 int err;
1602
4e51eae9 1603 hdev = hci_dev_get(index);
a5c29683 1604 if (!hdev)
ca69b795
JH		 1605 return cmd_status(sk, index, mgmt_op,
1606 MGMT_STATUS_INVALID_PARAMS);
a5c29683 1607
09fd0de5 1608 hci_dev_lock(hdev);
08ba5382 1609
a5c29683 1610 if (!test_bit(HCI_UP, &hdev->flags)) {
0df4c185
BG		 1611 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1612 goto done;
a5c29683
JH		 1613 }
1614
47c15e2b
BG		 1615 /*
1616 * Check for an existing ACL link, if present pair via
1617 * HCI commands.
1618 *
1619 * If no ACL link is present, check for an LE link and if
1620 * present, pair via the SMP engine.
1621 *
1622 * If neither ACL nor LE links are present, fail with error.
1623 */
1624 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1625 if (!conn) {
1626 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
1627 if (!conn) {
1628 err = cmd_status(sk, index, mgmt_op,
1629 MGMT_STATUS_NOT_CONNECTED);
1630 goto done;
1631 }
1632
1633 /* Continue with pairing via SMP */
5fe57d9e
BG		 1634 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
1635
1636 if (!err)
1637 err = cmd_status(sk, index, mgmt_op,
1638 MGMT_STATUS_SUCCESS);
1639 else
1640 err = cmd_status(sk, index, mgmt_op,
1641 MGMT_STATUS_FAILED);
47c15e2b 1642
47c15e2b
BG		 1643 goto done;
1644 }
1645
0df4c185 1646 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 1647 if (!cmd) {
1648 err = -ENOMEM;
0df4c185 1649 goto done;
a5c29683
JH		 1650 }
1651
0df4c185 1652 /* Continue with pairing via HCI */
604086b7
BG		 1653 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1654 struct hci_cp_user_passkey_reply cp;
1655
1656 bacpy(&cp.bdaddr, bdaddr);
1657 cp.passkey = passkey;
1658 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1659 } else
1660 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1661
a664b5bc
JH		 1662 if (err < 0)
1663 mgmt_pending_remove(cmd);
a5c29683 1664
0df4c185 1665done:
09fd0de5 1666 hci_dev_unlock(hdev);
a5c29683
JH		 1667 hci_dev_put(hdev);
1668
1669 return err;
1670}
1671
0df4c185
BG		 1672static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1673{
1674 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1675
1676 BT_DBG("");
1677
1678 if (len != sizeof(*cp))
1679 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
1680 MGMT_STATUS_INVALID_PARAMS);
1681
1682 return user_pairing_resp(sk, index, &cp->bdaddr,
1683 MGMT_OP_USER_CONFIRM_REPLY,
1684 HCI_OP_USER_CONFIRM_REPLY, 0);
1685}
1686
1687static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
1688 u16 len)
1689{
c9c2659f 1690 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 1691
1692 BT_DBG("");
1693
1694 if (len != sizeof(*cp))
1695 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
1696 MGMT_STATUS_INVALID_PARAMS);
1697
1698 return user_pairing_resp(sk, index, &cp->bdaddr,
1699 MGMT_OP_USER_CONFIRM_NEG_REPLY,
1700 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
1701}
1702
604086b7
BG		 1703static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
1704{
1705 struct mgmt_cp_user_passkey_reply *cp = (void *) data;
1706
1707 BT_DBG("");
1708
1709 if (len != sizeof(*cp))
1710 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
1711 EINVAL);
1712
1713 return user_pairing_resp(sk, index, &cp->bdaddr,
1714 MGMT_OP_USER_PASSKEY_REPLY,
1715 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
1716}
1717
1718static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
1719 u16 len)
1720{
1721 struct mgmt_cp_user_passkey_neg_reply *cp = (void *) data;
1722
1723 BT_DBG("");
1724
1725 if (len != sizeof(*cp))
1726 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
1727 EINVAL);
1728
1729 return user_pairing_resp(sk, index, &cp->bdaddr,
1730 MGMT_OP_USER_PASSKEY_NEG_REPLY,
1731 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
1732}
1733
b312b161
JH		 1734static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1735 u16 len)
1736{
1737 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1738 struct hci_cp_write_local_name hci_cp;
1739 struct hci_dev *hdev;
1740 struct pending_cmd *cmd;
1741 int err;
1742
1743 BT_DBG("");
1744
1745 if (len != sizeof(*mgmt_cp))
ca69b795
JH		 1746 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1747 MGMT_STATUS_INVALID_PARAMS);
b312b161
JH		 1748
1749 hdev = hci_dev_get(index);
1750 if (!hdev)
ca69b795
JH		 1751 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1752 MGMT_STATUS_INVALID_PARAMS);
b312b161 1753
09fd0de5 1754 hci_dev_lock(hdev);
b312b161 1755
2e58ef3e 1756 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 1757 if (!cmd) {
1758 err = -ENOMEM;
1759 goto failed;
1760 }
1761
1762 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1763 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1764 &hci_cp);
1765 if (err < 0)
1766 mgmt_pending_remove(cmd);
1767
1768failed:
09fd0de5 1769 hci_dev_unlock(hdev);
b312b161
JH		 1770 hci_dev_put(hdev);
1771
1772 return err;
1773}
1774
c35938b2
SJ		 1775static int read_local_oob_data(struct sock *sk, u16 index)
1776{
1777 struct hci_dev *hdev;
1778 struct pending_cmd *cmd;
1779 int err;
1780
1781 BT_DBG("hci%u", index);
1782
1783 hdev = hci_dev_get(index);
1784 if (!hdev)
1785 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 1786 MGMT_STATUS_INVALID_PARAMS);
c35938b2 1787
09fd0de5 1788 hci_dev_lock(hdev);
c35938b2
SJ		 1789
1790 if (!test_bit(HCI_UP, &hdev->flags)) {
1791 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 1792 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 1793 goto unlock;
1794 }
1795
1796 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1797 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 1798 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 1799 goto unlock;
1800 }
1801
2e58ef3e 1802 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
ca69b795
JH		 1803 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1804 MGMT_STATUS_BUSY);
c35938b2
SJ		 1805 goto unlock;
1806 }
1807
2e58ef3e 1808 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 1809 if (!cmd) {
1810 err = -ENOMEM;
1811 goto unlock;
1812 }
1813
1814 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1815 if (err < 0)
1816 mgmt_pending_remove(cmd);
1817
1818unlock:
09fd0de5 1819 hci_dev_unlock(hdev);
c35938b2
SJ		 1820 hci_dev_put(hdev);
1821
1822 return err;
1823}
1824
2763eda6
SJ		 1825static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1826 u16 len)
1827{
1828 struct hci_dev *hdev;
1829 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1830 int err;
1831
1832 BT_DBG("hci%u ", index);
1833
1834 if (len != sizeof(*cp))
1835 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
ca69b795 1836 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 1837
1838 hdev = hci_dev_get(index);
1839 if (!hdev)
1840 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
ca69b795 1841 MGMT_STATUS_INVALID_PARAMS);
2763eda6 1842
09fd0de5 1843 hci_dev_lock(hdev);
2763eda6
SJ		 1844
1845 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1846 cp->randomizer);
1847 if (err < 0)
ca69b795
JH		 1848 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1849 MGMT_STATUS_FAILED);
2763eda6
SJ		 1850 else
1851 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1852 0);
1853
09fd0de5 1854 hci_dev_unlock(hdev);
2763eda6
SJ		 1855 hci_dev_put(hdev);
1856
1857 return err;
1858}
1859
1860static int remove_remote_oob_data(struct sock *sk, u16 index,
1861 unsigned char *data, u16 len)
1862{
1863 struct hci_dev *hdev;
1864 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1865 int err;
1866
1867 BT_DBG("hci%u ", index);
1868
1869 if (len != sizeof(*cp))
1870 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 1871 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 1872
1873 hdev = hci_dev_get(index);
1874 if (!hdev)
1875 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 1876 MGMT_STATUS_INVALID_PARAMS);
2763eda6 1877
09fd0de5 1878 hci_dev_lock(hdev);
2763eda6
SJ		 1879
1880 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1881 if (err < 0)
1882 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 1883 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 1884 else
1885 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1886 NULL, 0);
1887
09fd0de5 1888 hci_dev_unlock(hdev);
2763eda6
SJ		 1889 hci_dev_put(hdev);
1890
1891 return err;
1892}
1893
450dfdaf
JH		 1894static int start_discovery(struct sock *sk, u16 index,
1895 unsigned char *data, u16 len)
14a53664 1896{
450dfdaf 1897 struct mgmt_cp_start_discovery *cp = (void *) data;
14a53664
JH		 1898 struct pending_cmd *cmd;
1899 struct hci_dev *hdev;
1900 int err;
1901
1902 BT_DBG("hci%u", index);
1903
450dfdaf
JH		 1904 if (len != sizeof(*cp))
1905 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1906 MGMT_STATUS_INVALID_PARAMS);
1907
14a53664
JH		 1908 hdev = hci_dev_get(index);
1909 if (!hdev)
ca69b795
JH		 1910 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1911 MGMT_STATUS_INVALID_PARAMS);
14a53664 1912
09fd0de5 1913 hci_dev_lock(hdev);
14a53664 1914
bd2d1334 1915 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1916 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1917 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 1918 goto failed;
1919 }
1920
2e58ef3e 1921 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 1922 if (!cmd) {
1923 err = -ENOMEM;
1924 goto failed;
1925 }
1926
2519a1fc 1927 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
14a53664
JH		 1928 if (err < 0)
1929 mgmt_pending_remove(cmd);
1930
1931failed:
09fd0de5 1932 hci_dev_unlock(hdev);
14a53664
JH		 1933 hci_dev_put(hdev);
1934
1935 return err;
1936}
1937
1938static int stop_discovery(struct sock *sk, u16 index)
1939{
1940 struct hci_dev *hdev;
1941 struct pending_cmd *cmd;
1942 int err;
1943
1944 BT_DBG("hci%u", index);
1945
1946 hdev = hci_dev_get(index);
1947 if (!hdev)
ca69b795
JH		 1948 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
1949 MGMT_STATUS_INVALID_PARAMS);
14a53664 1950
09fd0de5 1951 hci_dev_lock(hdev);
14a53664 1952
2e58ef3e 1953 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 1954 if (!cmd) {
1955 err = -ENOMEM;
1956 goto failed;
1957 }
1958
023d5049 1959 err = hci_cancel_inquiry(hdev);
14a53664
JH		 1960 if (err < 0)
1961 mgmt_pending_remove(cmd);
1962
1963failed:
09fd0de5 1964 hci_dev_unlock(hdev);
14a53664
JH		 1965 hci_dev_put(hdev);
1966
1967 return err;
1968}
1969
561aafbc
JH		 1970static int confirm_name(struct sock *sk, u16 index, unsigned char *data,
1971 u16 len)
1972{
1973 struct mgmt_cp_confirm_name *cp = (void *) data;
1974 struct inquiry_entry *e;
1975 struct hci_dev *hdev;
1976 int err;
1977
1978 BT_DBG("hci%u", index);
1979
1980 if (len != sizeof(*cp))
1981 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
1982 MGMT_STATUS_INVALID_PARAMS);
1983
1984 hdev = hci_dev_get(index);
1985 if (!hdev)
1986 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
1987 MGMT_STATUS_INVALID_PARAMS);
1988
1989 hci_dev_lock(hdev);
1990
1991 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->bdaddr);
1992 if (!e) {
1993 err = cmd_status (sk, index, MGMT_OP_CONFIRM_NAME,
1994 MGMT_STATUS_INVALID_PARAMS);
1995 goto failed;
1996 }
1997
1998 if (cp->name_known) {
1999 e->name_state = NAME_KNOWN;
2000 list_del(&e->list);
2001 } else {
2002 e->name_state = NAME_NEEDED;
30883512 2003 list_move(&e->list, &hdev->discovery.resolve);
561aafbc
JH		 2004 }
2005
2006 err = 0;
2007
2008failed:
2009 hci_dev_unlock(hdev);
2010
2011 return err;
2012}
2013
7fbec224
AJ		 2014static int block_device(struct sock *sk, u16 index, unsigned char *data,
2015 u16 len)
2016{
2017 struct hci_dev *hdev;
5e762444 2018 struct mgmt_cp_block_device *cp = (void *) data;
7fbec224
AJ		 2019 int err;
2020
2021 BT_DBG("hci%u", index);
2022
7fbec224
AJ		 2023 if (len != sizeof(*cp))
2024 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
ca69b795 2025 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2026
2027 hdev = hci_dev_get(index);
2028 if (!hdev)
2029 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
ca69b795 2030 MGMT_STATUS_INVALID_PARAMS);
7fbec224 2031
09fd0de5 2032 hci_dev_lock(hdev);
5e762444 2033
7fbec224 2034 err = hci_blacklist_add(hdev, &cp->bdaddr);
7fbec224 2035 if (err < 0)
ca69b795
JH		 2036 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2037 MGMT_STATUS_FAILED);
7fbec224
AJ		 2038 else
2039 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2040 NULL, 0);
5e762444 2041
09fd0de5 2042 hci_dev_unlock(hdev);
7fbec224
AJ		 2043 hci_dev_put(hdev);
2044
2045 return err;
2046}
2047
2048static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
2049 u16 len)
2050{
2051 struct hci_dev *hdev;
5e762444 2052 struct mgmt_cp_unblock_device *cp = (void *) data;
7fbec224
AJ		 2053 int err;
2054
2055 BT_DBG("hci%u", index);
2056
7fbec224
AJ		 2057 if (len != sizeof(*cp))
2058 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
ca69b795 2059 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2060
2061 hdev = hci_dev_get(index);
2062 if (!hdev)
2063 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
ca69b795 2064 MGMT_STATUS_INVALID_PARAMS);
7fbec224 2065
09fd0de5 2066 hci_dev_lock(hdev);
5e762444 2067
7fbec224
AJ		 2068 err = hci_blacklist_del(hdev, &cp->bdaddr);
2069
2070 if (err < 0)
ca69b795
JH		 2071 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2072 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2073 else
2074 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2075 NULL, 0);
5e762444 2076
09fd0de5 2077 hci_dev_unlock(hdev);
7fbec224
AJ		 2078 hci_dev_put(hdev);
2079
2080 return err;
2081}
2082
f6422ec6
AJ		 2083static int set_fast_connectable(struct sock *sk, u16 index,
2084 unsigned char *data, u16 len)
2085{
2086 struct hci_dev *hdev;
f7c6869c 2087 struct mgmt_mode *cp = (void *) data;
f6422ec6
AJ		 2088 struct hci_cp_write_page_scan_activity acp;
2089 u8 type;
2090 int err;
2091
2092 BT_DBG("hci%u", index);
2093
2094 if (len != sizeof(*cp))
2095 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2096 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2097
2098 hdev = hci_dev_get(index);
2099 if (!hdev)
2100 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2101 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2102
2103 hci_dev_lock(hdev);
2104
f7c6869c 2105 if (cp->val) {
f6422ec6
AJ		 2106 type = PAGE_SCAN_TYPE_INTERLACED;
2107 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2108 } else {
2109 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2110 acp.interval = 0x0800; /* default 1.28 sec page scan */
2111 }
2112
2113 acp.window = 0x0012; /* default 11.25 msec page scan window */
2114
2115 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2116 sizeof(acp), &acp);
2117 if (err < 0) {
2118 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2119 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2120 goto done;
2121 }
2122
2123 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2124 if (err < 0) {
2125 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2126 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2127 goto done;
2128 }
2129
2130 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2131 NULL, 0);
2132done:
2133 hci_dev_unlock(hdev);
2134 hci_dev_put(hdev);
2135
2136 return err;
2137}
2138
0381101f
JH		 2139int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2140{
2141 unsigned char *buf;
2142 struct mgmt_hdr *hdr;
4e51eae9 2143 u16 opcode, index, len;
0381101f
JH		 2144 int err;
2145
2146 BT_DBG("got %zu bytes", msglen);
2147
2148 if (msglen < sizeof(*hdr))
2149 return -EINVAL;
2150
e63a15ec 2151 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2152 if (!buf)
2153 return -ENOMEM;
2154
2155 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2156 err = -EFAULT;
2157 goto done;
2158 }
2159
2160 hdr = (struct mgmt_hdr *) buf;
2161 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 2162 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 2163 len = get_unaligned_le16(&hdr->len);
2164
2165 if (len != msglen - sizeof(*hdr)) {
2166 err = -EINVAL;
2167 goto done;
2168 }
2169
2170 switch (opcode) {
02d98129
JH		 2171 case MGMT_OP_READ_VERSION:
2172 err = read_version(sk);
2173 break;
faba42eb
JH		 2174 case MGMT_OP_READ_INDEX_LIST:
2175 err = read_index_list(sk);
2176 break;
f7b64e69 2177 case MGMT_OP_READ_INFO:
4e51eae9 2178 err = read_controller_info(sk, index);
f7b64e69 2179 break;
eec8d2bc 2180 case MGMT_OP_SET_POWERED:
4e51eae9 2181 err = set_powered(sk, index, buf + sizeof(*hdr), len);
eec8d2bc 2182 break;
73f22f62 2183 case MGMT_OP_SET_DISCOVERABLE:
4e51eae9 2184 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
73f22f62 2185 break;
9fbcbb45 2186 case MGMT_OP_SET_CONNECTABLE:
4e51eae9 2187 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
9fbcbb45 2188 break;
f7c6869c
JH		 2189 case MGMT_OP_SET_FAST_CONNECTABLE:
2190 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
2191 len);
2192 break;
c542a06c 2193 case MGMT_OP_SET_PAIRABLE:
4e51eae9 2194 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
c542a06c 2195 break;
2aeb9a1a 2196 case MGMT_OP_ADD_UUID:
4e51eae9 2197 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a
JH		 2198 break;
2199 case MGMT_OP_REMOVE_UUID:
4e51eae9 2200 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a 2201 break;
1aff6f09 2202 case MGMT_OP_SET_DEV_CLASS:
4e51eae9 2203 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1aff6f09 2204 break;
86742e1e
JH		 2205 case MGMT_OP_LOAD_LINK_KEYS:
2206 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
55ed8ca1 2207 break;
86742e1e
JH		 2208 case MGMT_OP_REMOVE_KEYS:
2209 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
55ed8ca1 2210 break;
8962ee74 2211 case MGMT_OP_DISCONNECT:
4e51eae9 2212 err = disconnect(sk, index, buf + sizeof(*hdr), len);
8962ee74 2213 break;
2784eb41 2214 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 2215 err = get_connections(sk, index);
2784eb41 2216 break;
980e1a53 2217 case MGMT_OP_PIN_CODE_REPLY:
4e51eae9 2218 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53
JH		 2219 break;
2220 case MGMT_OP_PIN_CODE_NEG_REPLY:
4e51eae9 2221 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53 2222 break;
17fa4b9d 2223 case MGMT_OP_SET_IO_CAPABILITY:
4e51eae9 2224 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
17fa4b9d 2225 break;
e9a416b5 2226 case MGMT_OP_PAIR_DEVICE:
4e51eae9 2227 err = pair_device(sk, index, buf + sizeof(*hdr), len);
e9a416b5 2228 break;
a5c29683 2229 case MGMT_OP_USER_CONFIRM_REPLY:
0df4c185 2230 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len);
a5c29683
JH		 2231 break;
2232 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
0df4c185
BG		 2233 err = user_confirm_neg_reply(sk, index, buf + sizeof(*hdr),
2234 len);
a5c29683 2235 break;
604086b7
BG		 2236 case MGMT_OP_USER_PASSKEY_REPLY:
2237 err = user_passkey_reply(sk, index, buf + sizeof(*hdr), len);
2238 break;
2239 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
2240 err = user_passkey_neg_reply(sk, index, buf + sizeof(*hdr),
2241 len);
a5c29683 2242 break;
b312b161
JH		 2243 case MGMT_OP_SET_LOCAL_NAME:
2244 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
2245 break;
c35938b2
SJ		 2246 case MGMT_OP_READ_LOCAL_OOB_DATA:
2247 err = read_local_oob_data(sk, index);
2248 break;
2763eda6
SJ		 2249 case MGMT_OP_ADD_REMOTE_OOB_DATA:
2250 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
2251 break;
2252 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
2253 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
2254 len);
2255 break;
14a53664 2256 case MGMT_OP_START_DISCOVERY:
450dfdaf 2257 err = start_discovery(sk, index, buf + sizeof(*hdr), len);
14a53664
JH		 2258 break;
2259 case MGMT_OP_STOP_DISCOVERY:
2260 err = stop_discovery(sk, index);
2261 break;
561aafbc
JH		 2262 case MGMT_OP_CONFIRM_NAME:
2263 err = confirm_name(sk, index, buf + sizeof(*hdr), len);
2264 break;
7fbec224
AJ		 2265 case MGMT_OP_BLOCK_DEVICE:
2266 err = block_device(sk, index, buf + sizeof(*hdr), len);
2267 break;
2268 case MGMT_OP_UNBLOCK_DEVICE:
2269 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
2270 break;
0381101f
JH		 2271 default:
2272 BT_DBG("Unknown op %u", opcode);
ca69b795
JH		 2273 err = cmd_status(sk, index, opcode,
2274 MGMT_STATUS_UNKNOWN_COMMAND);
0381101f
JH		 2275 break;
2276 }
2277
e41d8b4e
JH		 2278 if (err < 0)
2279 goto done;
2280
0381101f
JH		 2281 err = msglen;
2282
2283done:
2284 kfree(buf);
2285 return err;
2286}
c71e97bf 2287
b24752fe
JH		 2288static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2289{
2290 u8 *status = data;
2291
2292 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2293 mgmt_pending_remove(cmd);
2294}
2295
744cf19e 2296int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2297{
744cf19e 2298 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2299}
2300
744cf19e 2301int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2302{
b24752fe
JH		 2303 u8 status = ENODEV;
2304
744cf19e 2305 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2306
744cf19e 2307 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2308}
2309
73f22f62 2310struct cmd_lookup {
72a734ec 2311 u8 val;
eec8d2bc 2312 struct sock *sk;
69ab39ea 2313 struct hci_dev *hdev;
eec8d2bc
JH		 2314};
2315
69ab39ea 2316static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2317{
73f22f62 2318 struct cmd_lookup *match = data;
eec8d2bc 2319
69ab39ea 2320 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2321
2322 list_del(&cmd->list);
2323
2324 if (match->sk == NULL) {
2325 match->sk = cmd->sk;
2326 sock_hold(match->sk);
2327 }
2328
2329 mgmt_pending_free(cmd);
c71e97bf 2330}
5add6af8 2331
744cf19e 2332int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2333{
69ab39ea
JH		 2334 struct cmd_lookup match = { powered, NULL, hdev };
2335 __le32 ev;
eec8d2bc 2336 int ret;
5add6af8 2337
69ab39ea 2338 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2339
b24752fe
JH		 2340 if (!powered) {
2341 u8 status = ENETDOWN;
744cf19e 2342 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2343 }
2344
69ab39ea 2345 ev = cpu_to_le32(get_current_settings(hdev));
eec8d2bc 2346
69ab39ea
JH		 2347 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2348 match.sk);
eec8d2bc
JH		 2349
2350 if (match.sk)
2351 sock_put(match.sk);
2352
2353 return ret;
5add6af8 2354}
73f22f62 2355
744cf19e 2356int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2357{
69ab39ea
JH		 2358 struct cmd_lookup match = { discoverable, NULL, hdev };
2359 __le32 ev;
73f22f62
JH		 2360 int ret;
2361
69ab39ea 2362 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
72a734ec 2363
69ab39ea 2364 ev = cpu_to_le32(get_current_settings(hdev));
73f22f62 2365
69ab39ea 2366 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
4e51eae9 2367 match.sk);
73f22f62
JH		 2368 if (match.sk)
2369 sock_put(match.sk);
2370
2371 return ret;
2372}
9fbcbb45 2373
744cf19e 2374int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2375{
69ab39ea
JH		 2376 __le32 ev;
2377 struct cmd_lookup match = { connectable, NULL, hdev };
9fbcbb45
JH		 2378 int ret;
2379
69ab39ea
JH		 2380 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2381 &match);
9fbcbb45 2382
69ab39ea 2383 ev = cpu_to_le32(get_current_settings(hdev));
9fbcbb45 2384
69ab39ea 2385 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
9fbcbb45
JH		 2386
2387 if (match.sk)
2388 sock_put(match.sk);
2389
2390 return ret;
2391}
55ed8ca1 2392
744cf19e 2393int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2394{
ca69b795
JH		 2395 u8 mgmt_err = mgmt_status(status);
2396
2d7cee58 2397 if (scan & SCAN_PAGE)
744cf19e 2398 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
ca69b795 2399 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2400
2401 if (scan & SCAN_INQUIRY)
744cf19e 2402 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
ca69b795 2403 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2404
2405 return 0;
2406}
2407
744cf19e
JH		 2408int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2409 u8 persistent)
55ed8ca1 2410{
86742e1e 2411 struct mgmt_ev_new_link_key ev;
55ed8ca1 2412
a492cd52 2413 memset(&ev, 0, sizeof(ev));
55ed8ca1 2414
a492cd52
VCG		 2415 ev.store_hint = persistent;
2416 bacpy(&ev.key.bdaddr, &key->bdaddr);
2417 ev.key.type = key->type;
2418 memcpy(ev.key.val, key->val, 16);
2419 ev.key.pin_len = key->pin_len;
55ed8ca1 2420
744cf19e 2421 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 2422}
f7520543 2423
48264f06
JH		 2424int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2425 u8 addr_type)
f7520543 2426{
4c659c39 2427 struct mgmt_addr_info ev;
f7520543 2428
f7520543 2429 bacpy(&ev.bdaddr, bdaddr);
48264f06 2430 ev.type = link_to_mgmt(link_type, addr_type);
f7520543 2431
744cf19e 2432 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
f7520543
JH		 2433}
2434
8962ee74
JH		 2435static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2436{
c68fb7ff 2437 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 2438 struct sock **sk = data;
a38528f1 2439 struct mgmt_rp_disconnect rp;
8962ee74 2440
a38528f1 2441 bacpy(&rp.bdaddr, &cp->bdaddr);
37d9ef76 2442 rp.status = 0;
8962ee74 2443
4e51eae9 2444 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
8962ee74
JH		 2445
2446 *sk = cmd->sk;
2447 sock_hold(*sk);
2448
a664b5bc 2449 mgmt_pending_remove(cmd);
8962ee74
JH		 2450}
2451
a8a1d19e
JH		 2452static void remove_keys_rsp(struct pending_cmd *cmd, void *data)
2453{
2454 u8 *status = data;
2455 struct mgmt_cp_remove_keys *cp = cmd->param;
2456 struct mgmt_rp_remove_keys rp;
2457
2458 memset(&rp, 0, sizeof(rp));
2459 bacpy(&rp.bdaddr, &cp->bdaddr);
2460 if (status != NULL)
2461 rp.status = *status;
2462
2463 cmd_complete(cmd->sk, cmd->index, MGMT_OP_REMOVE_KEYS, &rp,
2464 sizeof(rp));
2465
2466 mgmt_pending_remove(cmd);
2467}
2468
48264f06
JH		 2469int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2470 u8 addr_type)
f7520543 2471{
4c659c39 2472 struct mgmt_addr_info ev;
8962ee74
JH		 2473 struct sock *sk = NULL;
2474 int err;
2475
744cf19e 2476 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 2477
f7520543 2478 bacpy(&ev.bdaddr, bdaddr);
48264f06 2479 ev.type = link_to_mgmt(link_type, addr_type);
f7520543 2480
744cf19e 2481 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
8962ee74
JH		 2482
2483 if (sk)
2484 sock_put(sk);
2485
a8a1d19e
JH		 2486 mgmt_pending_foreach(MGMT_OP_REMOVE_KEYS, hdev, remove_keys_rsp, NULL);
2487
8962ee74
JH		 2488 return err;
2489}
2490
37d9ef76 2491int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
8962ee74
JH		 2492{
2493 struct pending_cmd *cmd;
ca69b795 2494 u8 mgmt_err = mgmt_status(status);
8962ee74
JH		 2495 int err;
2496
2e58ef3e 2497 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 2498 if (!cmd)
2499 return -ENOENT;
2500
37d9ef76
JH		 2501 if (bdaddr) {
2502 struct mgmt_rp_disconnect rp;
2503
2504 bacpy(&rp.bdaddr, bdaddr);
2505 rp.status = status;
2506
2507 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
2508 &rp, sizeof(rp));
2509 } else
2510 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT,
ca69b795 2511 mgmt_err);
8962ee74 2512
a664b5bc 2513 mgmt_pending_remove(cmd);
8962ee74
JH		 2514
2515 return err;
f7520543 2516}
17d5c04c 2517
48264f06
JH		 2518int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2519 u8 addr_type, u8 status)
17d5c04c
JH		 2520{
2521 struct mgmt_ev_connect_failed ev;
2522
4c659c39 2523 bacpy(&ev.addr.bdaddr, bdaddr);
48264f06 2524 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 2525 ev.status = mgmt_status(status);
17d5c04c 2526
744cf19e 2527 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 2528}
980e1a53 2529
744cf19e 2530int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 2531{
2532 struct mgmt_ev_pin_code_request ev;
2533
980e1a53 2534 bacpy(&ev.bdaddr, bdaddr);
a770bb5a 2535 ev.secure = secure;
980e1a53 2536
744cf19e 2537 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 2538 NULL);
980e1a53
JH		 2539}
2540
744cf19e
JH		 2541int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2542 u8 status)
980e1a53
JH		 2543{
2544 struct pending_cmd *cmd;
ac56fb13 2545 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2546 int err;
2547
2e58ef3e 2548 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 2549 if (!cmd)
2550 return -ENOENT;
2551
ac56fb13 2552 bacpy(&rp.bdaddr, bdaddr);
ca69b795 2553 rp.status = mgmt_status(status);
ac56fb13 2554
744cf19e 2555 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
4e51eae9 2556 sizeof(rp));
980e1a53 2557
a664b5bc 2558 mgmt_pending_remove(cmd);
980e1a53
JH		 2559
2560 return err;
2561}
2562
744cf19e
JH		 2563int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2564 u8 status)
980e1a53
JH		 2565{
2566 struct pending_cmd *cmd;
ac56fb13 2567 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2568 int err;
2569
2e58ef3e 2570 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 2571 if (!cmd)
2572 return -ENOENT;
2573
ac56fb13 2574 bacpy(&rp.bdaddr, bdaddr);
ca69b795 2575 rp.status = mgmt_status(status);
ac56fb13 2576
744cf19e 2577 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
4e51eae9 2578 sizeof(rp));
980e1a53 2579
a664b5bc 2580 mgmt_pending_remove(cmd);
980e1a53
JH		 2581
2582 return err;
2583}
a5c29683 2584
744cf19e
JH		 2585int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2586 __le32 value, u8 confirm_hint)
a5c29683
JH		 2587{
2588 struct mgmt_ev_user_confirm_request ev;
2589
744cf19e 2590 BT_DBG("%s", hdev->name);
a5c29683 2591
a5c29683 2592 bacpy(&ev.bdaddr, bdaddr);
55bc1a37 2593 ev.confirm_hint = confirm_hint;
a5c29683
JH		 2594 put_unaligned_le32(value, &ev.value);
2595
744cf19e 2596 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 2597 NULL);
a5c29683
JH		 2598}
2599
604086b7
BG		 2600int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr)
2601{
2602 struct mgmt_ev_user_passkey_request ev;
2603
2604 BT_DBG("%s", hdev->name);
2605
2606 bacpy(&ev.bdaddr, bdaddr);
2607
2608 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
2609 NULL);
2610}
2611
0df4c185 2612static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
744cf19e 2613 u8 status, u8 opcode)
a5c29683
JH		 2614{
2615 struct pending_cmd *cmd;
2616 struct mgmt_rp_user_confirm_reply rp;
2617 int err;
2618
2e58ef3e 2619 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 2620 if (!cmd)
2621 return -ENOENT;
2622
a5c29683 2623 bacpy(&rp.bdaddr, bdaddr);
ca69b795 2624 rp.status = mgmt_status(status);
744cf19e 2625 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
a5c29683 2626
a664b5bc 2627 mgmt_pending_remove(cmd);
a5c29683
JH		 2628
2629 return err;
2630}
2631
744cf19e
JH		 2632int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2633 u8 status)
a5c29683 2634{
0df4c185 2635 return user_pairing_resp_complete(hdev, bdaddr, status,
a5c29683
JH		 2636 MGMT_OP_USER_CONFIRM_REPLY);
2637}
2638
744cf19e
JH		 2639int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2640 bdaddr_t *bdaddr, u8 status)
a5c29683 2641{
0df4c185 2642 return user_pairing_resp_complete(hdev, bdaddr, status,
a5c29683
JH		 2643 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2644}
2a611692 2645
604086b7
BG		 2646int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2647 u8 status)
2648{
2649 return user_pairing_resp_complete(hdev, bdaddr, status,
2650 MGMT_OP_USER_PASSKEY_REPLY);
2651}
2652
2653int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev,
2654 bdaddr_t *bdaddr, u8 status)
2655{
2656 return user_pairing_resp_complete(hdev, bdaddr, status,
2657 MGMT_OP_USER_PASSKEY_NEG_REPLY);
2658}
2659
744cf19e 2660int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2a611692
JH		 2661{
2662 struct mgmt_ev_auth_failed ev;
2663
2a611692 2664 bacpy(&ev.bdaddr, bdaddr);
ca69b795 2665 ev.status = mgmt_status(status);
2a611692 2666
744cf19e 2667 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 2668}
b312b161 2669
744cf19e 2670int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 2671{
2672 struct pending_cmd *cmd;
2673 struct mgmt_cp_set_local_name ev;
2674 int err;
2675
2676 memset(&ev, 0, sizeof(ev));
2677 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2678
2e58ef3e 2679 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 2680 if (!cmd)
2681 goto send_event;
2682
2683 if (status) {
744cf19e 2684 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
ca69b795 2685 mgmt_status(status));
b312b161
JH		 2686 goto failed;
2687 }
2688
744cf19e 2689 update_eir(hdev);
80a1e1db 2690
744cf19e 2691 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
b312b161
JH		 2692 sizeof(ev));
2693 if (err < 0)
2694 goto failed;
2695
2696send_event:
744cf19e 2697 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
b312b161
JH		 2698 cmd ? cmd->sk : NULL);
2699
2700failed:
2701 if (cmd)
2702 mgmt_pending_remove(cmd);
2703 return err;
2704}
c35938b2 2705
744cf19e
JH		 2706int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2707 u8 *randomizer, u8 status)
c35938b2
SJ		 2708{
2709 struct pending_cmd *cmd;
2710 int err;
2711
744cf19e 2712 BT_DBG("%s status %u", hdev->name, status);
c35938b2 2713
2e58ef3e 2714 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 2715 if (!cmd)
2716 return -ENOENT;
2717
2718 if (status) {
744cf19e 2719 err = cmd_status(cmd->sk, hdev->id,
ca69b795
JH		 2720 MGMT_OP_READ_LOCAL_OOB_DATA,
2721 mgmt_status(status));
c35938b2
SJ		 2722 } else {
2723 struct mgmt_rp_read_local_oob_data rp;
2724
2725 memcpy(rp.hash, hash, sizeof(rp.hash));
2726 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2727
744cf19e
JH		 2728 err = cmd_complete(cmd->sk, hdev->id,
2729 MGMT_OP_READ_LOCAL_OOB_DATA,
2730 &rp, sizeof(rp));
c35938b2
SJ		 2731 }
2732
2733 mgmt_pending_remove(cmd);
2734
2735 return err;
2736}
e17acd40 2737
48264f06 2738int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
561aafbc
JH		 2739 u8 addr_type, u8 *dev_class, s8 rssi,
2740 u8 cfm_name, u8 *eir)
e17acd40
JH		 2741{
2742 struct mgmt_ev_device_found ev;
2743
2744 memset(&ev, 0, sizeof(ev));
2745
4c659c39 2746 bacpy(&ev.addr.bdaddr, bdaddr);
48264f06 2747 ev.addr.type = link_to_mgmt(link_type, addr_type);
e17acd40 2748 ev.rssi = rssi;
561aafbc 2749 ev.confirm_name = cfm_name;
e17acd40
JH		 2750
2751 if (eir)
2752 memcpy(ev.eir, eir, sizeof(ev.eir));
2753
f8523598
AG		 2754 if (dev_class)
2755 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2756
744cf19e 2757 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
e17acd40 2758}
a88a9652 2759
744cf19e 2760int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
a88a9652
JH		 2761{
2762 struct mgmt_ev_remote_name ev;
2763
2764 memset(&ev, 0, sizeof(ev));
2765
2766 bacpy(&ev.bdaddr, bdaddr);
2767 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2768
744cf19e 2769 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
a88a9652 2770}
314b2381 2771
7a135109 2772int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 2773{
2774 struct pending_cmd *cmd;
2775 int err;
2776
2e58ef3e 2777 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 2778 if (!cmd)
2779 return -ENOENT;
2780
ca69b795 2781 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
164a6e78
JH		 2782 mgmt_pending_remove(cmd);
2783
2784 return err;
2785}
2786
e6d465cb
AG		 2787int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
2788{
2789 struct pending_cmd *cmd;
2790 int err;
2791
2792 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2793 if (!cmd)
2794 return -ENOENT;
2795
e75a8b0c 2796 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
164a6e78
JH		 2797 mgmt_pending_remove(cmd);
2798
2799 return err;
2800}
2801
744cf19e 2802int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 2803{
164a6e78
JH		 2804 struct pending_cmd *cmd;
2805
2806 if (discovering)
2e58ef3e 2807 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 2808 else
2e58ef3e 2809 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 2810
2811 if (cmd != NULL) {
744cf19e 2812 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
164a6e78
JH		 2813 mgmt_pending_remove(cmd);
2814 }
2815
744cf19e 2816 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
314b2381
JH		 2817 sizeof(discovering), NULL);
2818}
5e762444 2819
744cf19e 2820int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
5e762444
AJ		 2821{
2822 struct pending_cmd *cmd;
2823 struct mgmt_ev_device_blocked ev;
2824
2e58ef3e 2825 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444
AJ		 2826
2827 bacpy(&ev.bdaddr, bdaddr);
2828
744cf19e
JH		 2829 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2830 cmd ? cmd->sk : NULL);
5e762444
AJ		 2831}
2832
744cf19e 2833int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
5e762444
AJ		 2834{
2835 struct pending_cmd *cmd;
2836 struct mgmt_ev_device_unblocked ev;
2837
2e58ef3e 2838 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444
AJ		 2839
2840 bacpy(&ev.bdaddr, bdaddr);
2841
744cf19e
JH		 2842 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2843 cmd ? cmd->sk : NULL);
5e762444 2844}
Linux kernel - Deliverables
This page took 0.239134 seconds and 5 git commands to generate.