projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix fast connectable state when enabling page scan
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
3810285c 38#define MGMT_REVISION 3
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
612dfce9 225 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
612dfce9 256 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
476e44cb 329 int err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
476e44cb 350 count = 0;
8035ded4 351 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 352 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 353 continue;
354
bb4b2a9a
AE		 355 if (!mgmt_valid_hdev(d))
356 continue;
357
476e44cb 358 rp->index[count++] = cpu_to_le16(d->id);
faba42eb
JH		 359 BT_DBG("Added hci%u", d->id);
360 }
361
476e44cb
JH		 362 rp->num_controllers = cpu_to_le16(count);
363 rp_len = sizeof(*rp) + (2 * count);
364
faba42eb
JH		 365 read_unlock(&hci_dev_list_lock);
366
aee9b218 367 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 368 rp_len);
faba42eb 369
a38528f1
JH		 370 kfree(rp);
371
372 return err;
faba42eb
JH		 373}
374
69ab39ea
JH		 375static u32 get_supported_settings(struct hci_dev *hdev)
376{
377 u32 settings = 0;
378
379 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 380 settings |= MGMT_SETTING_PAIRABLE;
381
9a1a1996 382 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 383 settings |= MGMT_SETTING_SSP;
384
ed3fa31f 385 if (lmp_bredr_capable(hdev)) {
33c525c0 386 settings |= MGMT_SETTING_CONNECTABLE;
1a47aee8
JH		 387 if (hdev->hci_ver >= BLUETOOTH_VER_1_2)
388 settings |= MGMT_SETTING_FAST_CONNECTABLE;
33c525c0 389 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 390 settings |= MGMT_SETTING_BREDR;
391 settings |= MGMT_SETTING_LINK_SECURITY;
392 }
393
d7b7e796
MH		 394 if (enable_hs)
395 settings |= MGMT_SETTING_HS;
396
c383ddc4 397 if (lmp_le_capable(hdev))
9d42820f 398 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 399
400 return settings;
401}
402
403static u32 get_current_settings(struct hci_dev *hdev)
404{
405 u32 settings = 0;
406
f1f0eb02 407 if (hdev_is_powered(hdev))
f0d4b78a
MH		 408 settings |= MGMT_SETTING_POWERED;
409
5e5282bb 410 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 411 settings |= MGMT_SETTING_CONNECTABLE;
412
1a4d3c4b
JH		 413 if (test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
414 settings |= MGMT_SETTING_FAST_CONNECTABLE;
415
5e5282bb 416 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 417 settings |= MGMT_SETTING_DISCOVERABLE;
418
a8b2d5c2 419 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 420 settings |= MGMT_SETTING_PAIRABLE;
421
ed3fa31f 422 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 423 settings |= MGMT_SETTING_BREDR;
424
06199cf8 425 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 426 settings |= MGMT_SETTING_LE;
427
47990ea0 428 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 429 settings |= MGMT_SETTING_LINK_SECURITY;
430
84bde9d6 431 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 432 settings |= MGMT_SETTING_SSP;
433
6d80dfd0
JH		 434 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
435 settings |= MGMT_SETTING_HS;
436
69ab39ea
JH		 437 return settings;
438}
439
ef580372
JH		 440#define PNP_INFO_SVCLASS_ID 0x1200
441
213202ed
JH		 442static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
443{
444 u8 *ptr = data, *uuids_start = NULL;
445 struct bt_uuid *uuid;
446
447 if (len < 4)
448 return ptr;
449
450 list_for_each_entry(uuid, &hdev->uuids, list) {
451 u16 uuid16;
452
453 if (uuid->size != 16)
454 continue;
455
456 uuid16 = get_unaligned_le16(&uuid->uuid[12]);
457 if (uuid16 < 0x1100)
458 continue;
459
460 if (uuid16 == PNP_INFO_SVCLASS_ID)
461 continue;
462
463 if (!uuids_start) {
464 uuids_start = ptr;
465 uuids_start[0] = 1;
466 uuids_start[1] = EIR_UUID16_ALL;
467 ptr += 2;
468 }
469
470 /* Stop if not enough space to put next UUID */
471 if ((ptr - data) + sizeof(u16) > len) {
472 uuids_start[1] = EIR_UUID16_SOME;
473 break;
474 }
475
476 *ptr++ = (uuid16 & 0x00ff);
477 *ptr++ = (uuid16 & 0xff00) >> 8;
478 uuids_start[0] += sizeof(uuid16);
479 }
480
481 return ptr;
482}
483
cdf1963f
JH		 484static u8 *create_uuid32_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
485{
486 u8 *ptr = data, *uuids_start = NULL;
487 struct bt_uuid *uuid;
488
489 if (len < 6)
490 return ptr;
491
492 list_for_each_entry(uuid, &hdev->uuids, list) {
493 if (uuid->size != 32)
494 continue;
495
496 if (!uuids_start) {
497 uuids_start = ptr;
498 uuids_start[0] = 1;
499 uuids_start[1] = EIR_UUID32_ALL;
500 ptr += 2;
501 }
502
503 /* Stop if not enough space to put next UUID */
504 if ((ptr - data) + sizeof(u32) > len) {
505 uuids_start[1] = EIR_UUID32_SOME;
506 break;
507 }
508
509 memcpy(ptr, &uuid->uuid[12], sizeof(u32));
510 ptr += sizeof(u32);
511 uuids_start[0] += sizeof(u32);
512 }
513
514 return ptr;
515}
516
c00d575b
JH		 517static u8 *create_uuid128_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
518{
519 u8 *ptr = data, *uuids_start = NULL;
520 struct bt_uuid *uuid;
521
522 if (len < 18)
523 return ptr;
524
525 list_for_each_entry(uuid, &hdev->uuids, list) {
526 if (uuid->size != 128)
527 continue;
528
529 if (!uuids_start) {
530 uuids_start = ptr;
531 uuids_start[0] = 1;
532 uuids_start[1] = EIR_UUID128_ALL;
533 ptr += 2;
534 }
535
536 /* Stop if not enough space to put next UUID */
537 if ((ptr - data) + 16 > len) {
538 uuids_start[1] = EIR_UUID128_SOME;
539 break;
540 }
541
542 memcpy(ptr, uuid->uuid, 16);
543 ptr += 16;
544 uuids_start[0] += 16;
545 }
546
547 return ptr;
548}
549
ef580372
JH		 550static void create_eir(struct hci_dev *hdev, u8 *data)
551{
552 u8 *ptr = data;
ef580372
JH		 553 size_t name_len;
554
555 name_len = strlen(hdev->dev_name);
556
557 if (name_len > 0) {
558 /* EIR Data type */
559 if (name_len > 48) {
560 name_len = 48;
561 ptr[1] = EIR_NAME_SHORT;
562 } else
563 ptr[1] = EIR_NAME_COMPLETE;
564
565 /* EIR Data length */
566 ptr[0] = name_len + 1;
567
568 memcpy(ptr + 2, hdev->dev_name, name_len);
569
ef580372
JH		 570 ptr += (name_len + 2);
571 }
572
bbaf444a 573 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 574 ptr[0] = 2;
575 ptr[1] = EIR_TX_POWER;
576 ptr[2] = (u8) hdev->inq_tx_power;
577
91c4e9b1
MH		 578 ptr += 3;
579 }
580
2b9be137
MH		 581 if (hdev->devid_source > 0) {
582 ptr[0] = 9;
583 ptr[1] = EIR_DEVICE_ID;
584
585 put_unaligned_le16(hdev->devid_source, ptr + 2);
586 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
587 put_unaligned_le16(hdev->devid_product, ptr + 6);
588 put_unaligned_le16(hdev->devid_version, ptr + 8);
589
2b9be137
MH		 590 ptr += 10;
591 }
592
213202ed 593 ptr = create_uuid16_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
cdf1963f 594 ptr = create_uuid32_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
c00d575b 595 ptr = create_uuid128_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
ef580372
JH		 596}
597
890ea898 598static void update_eir(struct hci_request *req)
ef580372 599{
890ea898 600 struct hci_dev *hdev = req->hdev;
ef580372
JH		 601 struct hci_cp_write_eir cp;
602
504c8dcd 603 if (!hdev_is_powered(hdev))
890ea898 604 return;
7770c4aa 605
976eb20e 606 if (!lmp_ext_inq_capable(hdev))
890ea898 607 return;
ef580372 608
84bde9d6 609 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 610 return;
ef580372 611
a8b2d5c2 612 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 613 return;
ef580372
JH		 614
615 memset(&cp, 0, sizeof(cp));
616
617 create_eir(hdev, cp.data);
618
619 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
890ea898 620 return;
ef580372
JH		 621
622 memcpy(hdev->eir, cp.data, sizeof(cp.data));
623
890ea898 624 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
ef580372
JH		 625}
626
627static u8 get_service_classes(struct hci_dev *hdev)
628{
629 struct bt_uuid *uuid;
630 u8 val = 0;
631
632 list_for_each_entry(uuid, &hdev->uuids, list)
633 val |= uuid->svc_hint;
634
635 return val;
636}
637
890ea898 638static void update_class(struct hci_request *req)
ef580372 639{
890ea898 640 struct hci_dev *hdev = req->hdev;
ef580372
JH		 641 u8 cod[3];
642
643 BT_DBG("%s", hdev->name);
644
504c8dcd 645 if (!hdev_is_powered(hdev))
890ea898 646 return;
7770c4aa 647
a8b2d5c2 648 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 649 return;
ef580372
JH		 650
651 cod[0] = hdev->minor_class;
652 cod[1] = hdev->major_class;
653 cod[2] = get_service_classes(hdev);
654
655 if (memcmp(cod, hdev->dev_class, 3) == 0)
890ea898 656 return;
ef580372 657
890ea898 658 hci_req_add(req, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
ef580372
JH		 659}
660
7d78525d
JH		 661static void service_cache_off(struct work_struct *work)
662{
663 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 664 service_cache.work);
890ea898 665 struct hci_request req;
7d78525d 666
a8b2d5c2 667 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 668 return;
669
890ea898
JH		 670 hci_req_init(&req, hdev);
671
7d78525d
JH		 672 hci_dev_lock(hdev);
673
890ea898
JH		 674 update_eir(&req);
675 update_class(&req);
7d78525d
JH		 676
677 hci_dev_unlock(hdev);
890ea898
JH		 678
679 hci_req_run(&req, NULL);
7d78525d
JH		 680}
681
6a919082 682static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 683{
4f87da80 684 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 685 return;
686
4f87da80 687 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 688
4f87da80
JH		 689 /* Non-mgmt controlled devices get this bit set
690 * implicitly so that pairing works for them, however
691 * for mgmt we require user-space to explicitly enable
692 * it
693 */
694 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 695}
696
0f4e68cf 697static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 698 void *data, u16 data_len)
0381101f 699{
a38528f1 700 struct mgmt_rp_read_info rp;
f7b64e69 701
bdb6d971 702 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 703
09fd0de5 704 hci_dev_lock(hdev);
f7b64e69 705
dc4fe30b
JH		 706 memset(&rp, 0, sizeof(rp));
707
69ab39ea 708 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 709
69ab39ea 710 rp.version = hdev->hci_ver;
eb55ef07 711 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 712
713 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
714 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 715
a38528f1 716 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 717
dc4fe30b 718 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 719 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 720
09fd0de5 721 hci_dev_unlock(hdev);
0381101f 722
bdb6d971 723 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 724 sizeof(rp));
0381101f
JH		 725}
726
eec8d2bc
JH		 727static void mgmt_pending_free(struct pending_cmd *cmd)
728{
729 sock_put(cmd->sk);
c68fb7ff 730 kfree(cmd->param);
eec8d2bc
JH		 731 kfree(cmd);
732}
733
366a0336 734static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 735 struct hci_dev *hdev, void *data,
736 u16 len)
eec8d2bc
JH		 737{
738 struct pending_cmd *cmd;
739
12b94565 740 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 741 if (!cmd)
366a0336 742 return NULL;
eec8d2bc
JH		 743
744 cmd->opcode = opcode;
2e58ef3e 745 cmd->index = hdev->id;
eec8d2bc 746
12b94565 747 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 748 if (!cmd->param) {
eec8d2bc 749 kfree(cmd);
366a0336 750 return NULL;
eec8d2bc
JH		 751 }
752
8fce6357
SJ		 753 if (data)
754 memcpy(cmd->param, data, len);
eec8d2bc
JH		 755
756 cmd->sk = sk;
757 sock_hold(sk);
758
2e58ef3e 759 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 760
366a0336 761 return cmd;
eec8d2bc
JH		 762}
763
744cf19e 764static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 765 void (*cb)(struct pending_cmd *cmd,
766 void *data),
04124681 767 void *data)
eec8d2bc 768{
a3d09356 769 struct pending_cmd *cmd, *tmp;
eec8d2bc 770
a3d09356 771 list_for_each_entry_safe(cmd, tmp, &hdev->mgmt_pending, list) {
b24752fe 772 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 773 continue;
774
eec8d2bc
JH		 775 cb(cmd, data);
776 }
777}
778
2e58ef3e 779static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 780{
8035ded4 781 struct pending_cmd *cmd;
eec8d2bc 782
2e58ef3e 783 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 784 if (cmd->opcode == opcode)
785 return cmd;
eec8d2bc
JH		 786 }
787
788 return NULL;
789}
790
a664b5bc 791static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 792{
73f22f62
JH		 793 list_del(&cmd->list);
794 mgmt_pending_free(cmd);
795}
796
69ab39ea 797static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 798{
69ab39ea 799 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 800
aee9b218 801 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 802 sizeof(settings));
8680570b
JH		 803}
804
bdb6d971 805static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 806 u16 len)
eec8d2bc 807{
650f726d 808 struct mgmt_mode *cp = data;
366a0336 809 struct pending_cmd *cmd;
4b34ee78 810 int err;
eec8d2bc 811
bdb6d971 812 BT_DBG("request for %s", hdev->name);
eec8d2bc 813
a7e80f25
JH		 814 if (cp->val != 0x00 && cp->val != 0x01)
815 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
816 MGMT_STATUS_INVALID_PARAMS);
817
09fd0de5 818 hci_dev_lock(hdev);
eec8d2bc 819
f0d4b78a
MH		 820 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
821 cancel_delayed_work(&hdev->power_off);
822
823 if (cp->val) {
a1d70450
JH		 824 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
825 data, len);
826 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 827 goto failed;
828 }
829 }
830
4b34ee78 831 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 832 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 833 goto failed;
834 }
835
2e58ef3e 836 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 837 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 838 MGMT_STATUS_BUSY);
eec8d2bc
JH		 839 goto failed;
840 }
841
2e58ef3e 842 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 843 if (!cmd) {
844 err = -ENOMEM;
eec8d2bc 845 goto failed;
366a0336 846 }
eec8d2bc 847
72a734ec 848 if (cp->val)
19202573 849 queue_work(hdev->req_workqueue, &hdev->power_on);
eec8d2bc 850 else
19202573 851 queue_work(hdev->req_workqueue, &hdev->power_off.work);
eec8d2bc 852
366a0336 853 err = 0;
eec8d2bc
JH		 854
855failed:
09fd0de5 856 hci_dev_unlock(hdev);
366a0336 857 return err;
eec8d2bc
JH		 858}
859
04124681
GP		 860static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
861 struct sock *skip_sk)
beadb2bd
JH		 862{
863 struct sk_buff *skb;
864 struct mgmt_hdr *hdr;
865
790eff44 866 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 867 if (!skb)
868 return -ENOMEM;
869
870 hdr = (void *) skb_put(skb, sizeof(*hdr));
871 hdr->opcode = cpu_to_le16(event);
872 if (hdev)
873 hdr->index = cpu_to_le16(hdev->id);
874 else
612dfce9 875 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 876 hdr->len = cpu_to_le16(data_len);
877
878 if (data)
879 memcpy(skb_put(skb, data_len), data, data_len);
880
97e0bdeb
MH		 881 /* Time stamp */
882 __net_timestamp(skb);
883
beadb2bd
JH		 884 hci_send_to_control(skb, skip_sk);
885 kfree_skb(skb);
886
887 return 0;
888}
889
890static int new_settings(struct hci_dev *hdev, struct sock *skip)
891{
892 __le32 ev;
893
894 ev = cpu_to_le32(get_current_settings(hdev));
895
896 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
897}
898
bdb6d971 899static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 900 u16 len)
73f22f62 901{
650f726d 902 struct mgmt_cp_set_discoverable *cp = data;
366a0336 903 struct pending_cmd *cmd;
5e5282bb 904 u16 timeout;
73f22f62
JH		 905 u8 scan;
906 int err;
907
bdb6d971 908 BT_DBG("request for %s", hdev->name);
73f22f62 909
33c525c0
JH		 910 if (!lmp_bredr_capable(hdev))
911 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
912 MGMT_STATUS_NOT_SUPPORTED);
913
a7e80f25
JH		 914 if (cp->val != 0x00 && cp->val != 0x01)
915 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
916 MGMT_STATUS_INVALID_PARAMS);
917
1f350c87 918 timeout = __le16_to_cpu(cp->timeout);
24c54a90 919 if (!cp->val && timeout > 0)
bdb6d971 920 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 921 MGMT_STATUS_INVALID_PARAMS);
73f22f62 922
09fd0de5 923 hci_dev_lock(hdev);
73f22f62 924
5e5282bb 925 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 926 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 927 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 928 goto failed;
929 }
930
2e58ef3e 931 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 932 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 933 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 934 MGMT_STATUS_BUSY);
73f22f62
JH		 935 goto failed;
936 }
937
5e5282bb 938 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 939 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 940 MGMT_STATUS_REJECTED);
5e5282bb
JH		 941 goto failed;
942 }
943
944 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 945 bool changed = false;
946
947 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
948 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
949 changed = true;
950 }
951
5e5282bb 952 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 953 if (err < 0)
954 goto failed;
955
956 if (changed)
957 err = new_settings(hdev, sk);
958
5e5282bb
JH		 959 goto failed;
960 }
961
962 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 963 if (hdev->discov_timeout > 0) {
964 cancel_delayed_work(&hdev->discov_off);
965 hdev->discov_timeout = 0;
966 }
967
968 if (cp->val && timeout > 0) {
969 hdev->discov_timeout = timeout;
970 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
971 msecs_to_jiffies(hdev->discov_timeout * 1000));
972 }
973
69ab39ea 974 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 975 goto failed;
976 }
977
2e58ef3e 978 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 979 if (!cmd) {
980 err = -ENOMEM;
73f22f62 981 goto failed;
366a0336 982 }
73f22f62
JH		 983
984 scan = SCAN_PAGE;
985
72a734ec 986 if (cp->val)
73f22f62 987 scan |= SCAN_INQUIRY;
16ab91ab 988 else
e0f9309f 989 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 990
991 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
992 if (err < 0)
a664b5bc 993 mgmt_pending_remove(cmd);
73f22f62 994
16ab91ab 995 if (cp->val)
5e5282bb 996 hdev->discov_timeout = timeout;
16ab91ab 997
73f22f62 998failed:
09fd0de5 999 hci_dev_unlock(hdev);
73f22f62
JH		 1000 return err;
1001}
1002
406d7804
JH		 1003static void write_fast_connectable(struct hci_request *req, bool enable)
1004{
bd98b996 1005 struct hci_dev *hdev = req->hdev;
406d7804
JH		 1006 struct hci_cp_write_page_scan_activity acp;
1007 u8 type;
1008
4c01f8b8
JH		 1009 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
1010 return;
1011
406d7804
JH		 1012 if (enable) {
1013 type = PAGE_SCAN_TYPE_INTERLACED;
1014
1015 /* 160 msec page scan interval */
1016 acp.interval = __constant_cpu_to_le16(0x0100);
1017 } else {
1018 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1019
1020 /* default 1.28 sec page scan */
1021 acp.interval = __constant_cpu_to_le16(0x0800);
1022 }
1023
1024 acp.window = __constant_cpu_to_le16(0x0012);
1025
bd98b996
JH		 1026 if (__cpu_to_le16(hdev->page_scan_interval) != acp.interval ||
1027 __cpu_to_le16(hdev->page_scan_window) != acp.window)
1028 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1029 sizeof(acp), &acp);
1030
1031 if (hdev->page_scan_type != type)
1032 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
406d7804
JH		 1033}
1034
2b76f453
JH		 1035static void set_connectable_complete(struct hci_dev *hdev, u8 status)
1036{
1037 struct pending_cmd *cmd;
1038
1039 BT_DBG("status 0x%02x", status);
1040
1041 hci_dev_lock(hdev);
1042
1043 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
1044 if (!cmd)
1045 goto unlock;
1046
1047 send_settings_rsp(cmd->sk, MGMT_OP_SET_CONNECTABLE, hdev);
1048
1049 mgmt_pending_remove(cmd);
1050
1051unlock:
1052 hci_dev_unlock(hdev);
1053}
1054
bdb6d971 1055static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1056 u16 len)
9fbcbb45 1057{
650f726d 1058 struct mgmt_mode *cp = data;
366a0336 1059 struct pending_cmd *cmd;
2b76f453 1060 struct hci_request req;
9fbcbb45
JH		 1061 u8 scan;
1062 int err;
1063
bdb6d971 1064 BT_DBG("request for %s", hdev->name);
9fbcbb45 1065
33c525c0
JH		 1066 if (!lmp_bredr_capable(hdev))
1067 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1068 MGMT_STATUS_NOT_SUPPORTED);
1069
a7e80f25
JH		 1070 if (cp->val != 0x00 && cp->val != 0x01)
1071 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1072 MGMT_STATUS_INVALID_PARAMS);
1073
09fd0de5 1074 hci_dev_lock(hdev);
9fbcbb45 1075
4b34ee78 1076 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 1077 bool changed = false;
1078
1079 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
1080 changed = true;
1081
6bf0e469 1082 if (cp->val) {
5e5282bb 1083 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 1084 } else {
5e5282bb
JH		 1085 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1086 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1087 }
0224d2fa 1088
5e5282bb 1089 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1090 if (err < 0)
1091 goto failed;
1092
1093 if (changed)
1094 err = new_settings(hdev, sk);
1095
9fbcbb45
JH		 1096 goto failed;
1097 }
1098
2e58ef3e 1099 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1100 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1101 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1102 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1103 goto failed;
1104 }
1105
5e5282bb 1106 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1107 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1108 goto failed;
1109 }
1110
2e58ef3e 1111 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1112 if (!cmd) {
1113 err = -ENOMEM;
9fbcbb45 1114 goto failed;
366a0336 1115 }
9fbcbb45 1116
6bf0e469 1117 if (cp->val) {
9fbcbb45 1118 scan = SCAN_PAGE;
6bf0e469 1119 } else {
9fbcbb45
JH		 1120 scan = 0;
1121
df2c6c5e 1122 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1123 hdev->discov_timeout > 0)
df2c6c5e
JH		 1124 cancel_delayed_work(&hdev->discov_off);
1125 }
1126
2b76f453
JH		 1127 hci_req_init(&req, hdev);
1128
1129 hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1130
4c01f8b8
JH		 1131 /* If we're going from non-connectable to connectable or
1132 * vice-versa when fast connectable is enabled ensure that fast
1133 * connectable gets disabled. write_fast_connectable won't do
1134 * anything if the page scan parameters are already what they
1135 * should be.
1136 */
1137 if (cp->val || test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
e36a3769
JH		 1138 write_fast_connectable(&req, false);
1139
2b76f453 1140 err = hci_req_run(&req, set_connectable_complete);
9fbcbb45 1141 if (err < 0)
a664b5bc 1142 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1143
1144failed:
09fd0de5 1145 hci_dev_unlock(hdev);
9fbcbb45
JH		 1146 return err;
1147}
1148
bdb6d971 1149static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1150 u16 len)
c542a06c 1151{
650f726d 1152 struct mgmt_mode *cp = data;
c542a06c
JH		 1153 int err;
1154
bdb6d971 1155 BT_DBG("request for %s", hdev->name);
c542a06c 1156
a7e80f25
JH		 1157 if (cp->val != 0x00 && cp->val != 0x01)
1158 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1159 MGMT_STATUS_INVALID_PARAMS);
1160
09fd0de5 1161 hci_dev_lock(hdev);
c542a06c
JH		 1162
1163 if (cp->val)
a8b2d5c2 1164 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1165 else
a8b2d5c2 1166 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1167
69ab39ea 1168 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1169 if (err < 0)
1170 goto failed;
1171
beadb2bd 1172 err = new_settings(hdev, sk);
c542a06c
JH		 1173
1174failed:
09fd0de5 1175 hci_dev_unlock(hdev);
c542a06c
JH		 1176 return err;
1177}
1178
04124681
GP		 1179static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1180 u16 len)
33ef95ed
JH		 1181{
1182 struct mgmt_mode *cp = data;
1183 struct pending_cmd *cmd;
816a11d5 1184 u8 val;
33ef95ed
JH		 1185 int err;
1186
bdb6d971 1187 BT_DBG("request for %s", hdev->name);
33ef95ed 1188
33c525c0
JH		 1189 if (!lmp_bredr_capable(hdev))
1190 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1191 MGMT_STATUS_NOT_SUPPORTED);
1192
a7e80f25
JH		 1193 if (cp->val != 0x00 && cp->val != 0x01)
1194 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1195 MGMT_STATUS_INVALID_PARAMS);
1196
33ef95ed
JH		 1197 hci_dev_lock(hdev);
1198
4b34ee78 1199 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1200 bool changed = false;
1201
1202 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1203 &hdev->dev_flags)) {
47990ea0
JH		 1204 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1205 changed = true;
1206 }
1207
1208 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1209 if (err < 0)
1210 goto failed;
1211
1212 if (changed)
1213 err = new_settings(hdev, sk);
1214
33ef95ed
JH		 1215 goto failed;
1216 }
1217
1218 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1219 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1220 MGMT_STATUS_BUSY);
33ef95ed
JH		 1221 goto failed;
1222 }
1223
1224 val = !!cp->val;
1225
1226 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1227 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1228 goto failed;
1229 }
1230
1231 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1232 if (!cmd) {
1233 err = -ENOMEM;
1234 goto failed;
1235 }
1236
1237 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1238 if (err < 0) {
1239 mgmt_pending_remove(cmd);
1240 goto failed;
1241 }
1242
1243failed:
1244 hci_dev_unlock(hdev);
33ef95ed
JH		 1245 return err;
1246}
1247
bdb6d971 1248static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1249{
1250 struct mgmt_mode *cp = data;
1251 struct pending_cmd *cmd;
816a11d5 1252 u8 val;
ed2c4ee3
JH		 1253 int err;
1254
bdb6d971 1255 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1256
13ecd8b6
JH		 1257 if (!lmp_ssp_capable(hdev))
1258 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1259 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1260
a7e80f25
JH		 1261 if (cp->val != 0x00 && cp->val != 0x01)
1262 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1263 MGMT_STATUS_INVALID_PARAMS);
1264
13ecd8b6 1265 hci_dev_lock(hdev);
6c8f12c1 1266
c0ecddc2
JH		 1267 val = !!cp->val;
1268
4b34ee78 1269 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1270 bool changed = false;
1271
1272 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1273 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1274 changed = true;
1275 }
1276
1277 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1278 if (err < 0)
1279 goto failed;
1280
1281 if (changed)
1282 err = new_settings(hdev, sk);
1283
ed2c4ee3
JH		 1284 goto failed;
1285 }
1286
1287 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1288 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1289 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1290 goto failed;
1291 }
1292
ed2c4ee3
JH		 1293 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1294 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1295 goto failed;
1296 }
1297
1298 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1299 if (!cmd) {
1300 err = -ENOMEM;
1301 goto failed;
1302 }
1303
1304 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1305 if (err < 0) {
1306 mgmt_pending_remove(cmd);
1307 goto failed;
1308 }
1309
1310failed:
1311 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1312 return err;
1313}
1314
bdb6d971 1315static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1316{
1317 struct mgmt_mode *cp = data;
6d80dfd0 1318
bdb6d971 1319 BT_DBG("request for %s", hdev->name);
6d80dfd0 1320
bdb6d971
JH		 1321 if (!enable_hs)
1322 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1323 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0 1324
a7e80f25
JH		 1325 if (cp->val != 0x00 && cp->val != 0x01)
1326 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1327 MGMT_STATUS_INVALID_PARAMS);
1328
6d80dfd0
JH		 1329 if (cp->val)
1330 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1331 else
1332 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1333
bdb6d971 1334 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1335}
1336
bdb6d971 1337static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1338{
1339 struct mgmt_mode *cp = data;
1340 struct hci_cp_write_le_host_supported hci_cp;
1341 struct pending_cmd *cmd;
06199cf8 1342 int err;
0b60eba1 1343 u8 val, enabled;
06199cf8 1344
bdb6d971 1345 BT_DBG("request for %s", hdev->name);
06199cf8 1346
13ecd8b6
JH		 1347 if (!lmp_le_capable(hdev))
1348 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1349 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1350
a7e80f25
JH		 1351 if (cp->val != 0x00 && cp->val != 0x01)
1352 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1353 MGMT_STATUS_INVALID_PARAMS);
1354
13ecd8b6 1355 hci_dev_lock(hdev);
06199cf8
JH		 1356
1357 val = !!cp->val;
ffa88e02 1358 enabled = lmp_host_le_capable(hdev);
06199cf8 1359
0b60eba1 1360 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1361 bool changed = false;
1362
1363 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1364 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1365 changed = true;
1366 }
1367
1368 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1369 if (err < 0)
1de028ce 1370 goto unlock;
06199cf8
JH		 1371
1372 if (changed)
1373 err = new_settings(hdev, sk);
1374
1de028ce 1375 goto unlock;
06199cf8
JH		 1376 }
1377
1378 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1379 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1380 MGMT_STATUS_BUSY);
1de028ce 1381 goto unlock;
06199cf8
JH		 1382 }
1383
1384 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1385 if (!cmd) {
1386 err = -ENOMEM;
1de028ce 1387 goto unlock;
06199cf8
JH		 1388 }
1389
1390 memset(&hci_cp, 0, sizeof(hci_cp));
1391
1392 if (val) {
1393 hci_cp.le = val;
ffa88e02 1394 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1395 }
1396
04124681
GP		 1397 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1398 &hci_cp);
0c01bc48 1399 if (err < 0)
06199cf8 1400 mgmt_pending_remove(cmd);
06199cf8 1401
1de028ce
JH		 1402unlock:
1403 hci_dev_unlock(hdev);
06199cf8
JH		 1404 return err;
1405}
1406
0cab9c80
JH		 1407/* This is a helper function to test for pending mgmt commands that can
1408 * cause CoD or EIR HCI commands. We can only allow one such pending
1409 * mgmt command at a time since otherwise we cannot easily track what
1410 * the current values are, will be, and based on that calculate if a new
1411 * HCI command needs to be sent and if yes with what value.
1412 */
1413static bool pending_eir_or_class(struct hci_dev *hdev)
1414{
1415 struct pending_cmd *cmd;
1416
1417 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1418 switch (cmd->opcode) {
1419 case MGMT_OP_ADD_UUID:
1420 case MGMT_OP_REMOVE_UUID:
1421 case MGMT_OP_SET_DEV_CLASS:
1422 case MGMT_OP_SET_POWERED:
1423 return true;
1424 }
1425 }
1426
1427 return false;
1428}
1429
83be8eca
JH		 1430static const u8 bluetooth_base_uuid[] = {
1431 0xfb, 0x34, 0x9b, 0x5f, 0x80, 0x00, 0x00, 0x80,
1432 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1433};
1434
1435static u8 get_uuid_size(const u8 *uuid)
1436{
1437 u32 val;
1438
1439 if (memcmp(uuid, bluetooth_base_uuid, 12))
1440 return 128;
1441
1442 val = get_unaligned_le32(&uuid[12]);
1443 if (val > 0xffff)
1444 return 32;
1445
1446 return 16;
1447}
1448
92da6097
JH		 1449static void mgmt_class_complete(struct hci_dev *hdev, u16 mgmt_op, u8 status)
1450{
1451 struct pending_cmd *cmd;
1452
1453 hci_dev_lock(hdev);
1454
1455 cmd = mgmt_pending_find(mgmt_op, hdev);
1456 if (!cmd)
1457 goto unlock;
1458
1459 cmd_complete(cmd->sk, cmd->index, cmd->opcode, mgmt_status(status),
1460 hdev->dev_class, 3);
1461
1462 mgmt_pending_remove(cmd);
1463
1464unlock:
1465 hci_dev_unlock(hdev);
1466}
1467
1468static void add_uuid_complete(struct hci_dev *hdev, u8 status)
1469{
1470 BT_DBG("status 0x%02x", status);
1471
1472 mgmt_class_complete(hdev, MGMT_OP_ADD_UUID, status);
1473}
1474
bdb6d971 1475static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1476{
650f726d 1477 struct mgmt_cp_add_uuid *cp = data;
90e70454 1478 struct pending_cmd *cmd;
890ea898 1479 struct hci_request req;
2aeb9a1a 1480 struct bt_uuid *uuid;
2aeb9a1a
JH		 1481 int err;
1482
bdb6d971 1483 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1484
09fd0de5 1485 hci_dev_lock(hdev);
2aeb9a1a 1486
0cab9c80 1487 if (pending_eir_or_class(hdev)) {
bdb6d971 1488 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1489 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1490 goto failed;
1491 }
1492
92c4c204 1493 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1494 if (!uuid) {
1495 err = -ENOMEM;
1496 goto failed;
1497 }
1498
1499 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1500 uuid->svc_hint = cp->svc_hint;
83be8eca 1501 uuid->size = get_uuid_size(cp->uuid);
2aeb9a1a 1502
de66aa63 1503 list_add_tail(&uuid->list, &hdev->uuids);
2aeb9a1a 1504
890ea898 1505 hci_req_init(&req, hdev);
1aff6f09 1506
890ea898
JH		 1507 update_class(&req);
1508 update_eir(&req);
1509
92da6097
JH		 1510 err = hci_req_run(&req, add_uuid_complete);
1511 if (err < 0) {
1512 if (err != -ENODATA)
1513 goto failed;
80a1e1db 1514
bdb6d971 1515 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1516 hdev->dev_class, 3);
90e70454
JH		 1517 goto failed;
1518 }
1519
1520 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
890ea898 1521 if (!cmd) {
90e70454 1522 err = -ENOMEM;
890ea898
JH		 1523 goto failed;
1524 }
1525
1526 err = 0;
2aeb9a1a
JH		 1527
1528failed:
09fd0de5 1529 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1530 return err;
1531}
1532
24b78d0f
JH		 1533static bool enable_service_cache(struct hci_dev *hdev)
1534{
1535 if (!hdev_is_powered(hdev))
1536 return false;
1537
1538 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
46818ed5
JH		 1539 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1540 CACHE_TIMEOUT);
24b78d0f
JH		 1541 return true;
1542 }
1543
1544 return false;
1545}
1546
92da6097
JH		 1547static void remove_uuid_complete(struct hci_dev *hdev, u8 status)
1548{
1549 BT_DBG("status 0x%02x", status);
1550
1551 mgmt_class_complete(hdev, MGMT_OP_REMOVE_UUID, status);
1552}
1553
bdb6d971 1554static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1555 u16 len)
2aeb9a1a 1556{
650f726d 1557 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1558 struct pending_cmd *cmd;
056341c8 1559 struct bt_uuid *match, *tmp;
2aeb9a1a 1560 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
890ea898 1561 struct hci_request req;
2aeb9a1a
JH		 1562 int err, found;
1563
bdb6d971 1564 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1565
09fd0de5 1566 hci_dev_lock(hdev);
2aeb9a1a 1567
0cab9c80 1568 if (pending_eir_or_class(hdev)) {
bdb6d971 1569 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1570 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1571 goto unlock;
1572 }
1573
2aeb9a1a
JH		 1574 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1575 err = hci_uuids_clear(hdev);
4004b6d9 1576
24b78d0f 1577 if (enable_service_cache(hdev)) {
bdb6d971 1578 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1579 0, hdev->dev_class, 3);
24b78d0f
JH		 1580 goto unlock;
1581 }
4004b6d9 1582
9246a869 1583 goto update_class;
2aeb9a1a
JH		 1584 }
1585
1586 found = 0;
1587
056341c8 1588 list_for_each_entry_safe(match, tmp, &hdev->uuids, list) {
2aeb9a1a
JH		 1589 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1590 continue;
1591
1592 list_del(&match->list);
482049f7 1593 kfree(match);
2aeb9a1a
JH		 1594 found++;
1595 }
1596
1597 if (found == 0) {
bdb6d971 1598 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1599 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1600 goto unlock;
1601 }
1602
9246a869 1603update_class:
890ea898 1604 hci_req_init(&req, hdev);
1aff6f09 1605
890ea898
JH		 1606 update_class(&req);
1607 update_eir(&req);
1608
92da6097
JH		 1609 err = hci_req_run(&req, remove_uuid_complete);
1610 if (err < 0) {
1611 if (err != -ENODATA)
1612 goto unlock;
80a1e1db 1613
bdb6d971 1614 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1615 hdev->dev_class, 3);
90e70454
JH		 1616 goto unlock;
1617 }
1618
1619 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
890ea898 1620 if (!cmd) {
90e70454 1621 err = -ENOMEM;
890ea898
JH		 1622 goto unlock;
1623 }
1624
1625 err = 0;
2aeb9a1a
JH		 1626
1627unlock:
09fd0de5 1628 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1629 return err;
1630}
1631
92da6097
JH		 1632static void set_class_complete(struct hci_dev *hdev, u8 status)
1633{
1634 BT_DBG("status 0x%02x", status);
1635
1636 mgmt_class_complete(hdev, MGMT_OP_SET_DEV_CLASS, status);
1637}
1638
bdb6d971 1639static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1640 u16 len)
1aff6f09 1641{
650f726d 1642 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1643 struct pending_cmd *cmd;
890ea898 1644 struct hci_request req;
1aff6f09
JH		 1645 int err;
1646
bdb6d971 1647 BT_DBG("request for %s", hdev->name);
1aff6f09 1648
13ecd8b6
JH		 1649 if (!lmp_bredr_capable(hdev))
1650 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1651 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1652
0cab9c80 1653 hci_dev_lock(hdev);
ee98f473 1654
0cab9c80
JH		 1655 if (pending_eir_or_class(hdev)) {
1656 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1657 MGMT_STATUS_BUSY);
1658 goto unlock;
1659 }
c95f0ba7 1660
0cab9c80
JH		 1661 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0) {
1662 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1663 MGMT_STATUS_INVALID_PARAMS);
1664 goto unlock;
1665 }
575b3a02 1666
932f5ff5
JH		 1667 hdev->major_class = cp->major;
1668 hdev->minor_class = cp->minor;
1669
b5235a65 1670 if (!hdev_is_powered(hdev)) {
bdb6d971 1671 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1672 hdev->dev_class, 3);
b5235a65
JH		 1673 goto unlock;
1674 }
1675
890ea898
JH		 1676 hci_req_init(&req, hdev);
1677
a8b2d5c2 1678 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1679 hci_dev_unlock(hdev);
1680 cancel_delayed_work_sync(&hdev->service_cache);
1681 hci_dev_lock(hdev);
890ea898 1682 update_eir(&req);
7d78525d 1683 }
14c0b608 1684
890ea898
JH		 1685 update_class(&req);
1686
92da6097
JH		 1687 err = hci_req_run(&req, set_class_complete);
1688 if (err < 0) {
1689 if (err != -ENODATA)
1690 goto unlock;
1aff6f09 1691
bdb6d971 1692 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1693 hdev->dev_class, 3);
90e70454
JH		 1694 goto unlock;
1695 }
1696
1697 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
890ea898 1698 if (!cmd) {
90e70454 1699 err = -ENOMEM;
890ea898
JH		 1700 goto unlock;
1701 }
1702
1703 err = 0;
1aff6f09 1704
b5235a65 1705unlock:
09fd0de5 1706 hci_dev_unlock(hdev);
1aff6f09
JH		 1707 return err;
1708}
1709
bdb6d971 1710static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1711 u16 len)
55ed8ca1 1712{
650f726d 1713 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1714 u16 key_count, expected_len;
a492cd52 1715 int i;
55ed8ca1 1716
1f350c87 1717 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1718
86742e1e
JH		 1719 expected_len = sizeof(*cp) + key_count *
1720 sizeof(struct mgmt_link_key_info);
a492cd52 1721 if (expected_len != len) {
86742e1e 1722 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1723 len, expected_len);
bdb6d971 1724 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1725 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1726 }
1727
4ae14301
JH		 1728 if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01)
1729 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1730 MGMT_STATUS_INVALID_PARAMS);
1731
bdb6d971 1732 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1733 key_count);
55ed8ca1 1734
4ee71b20
JH		 1735 for (i = 0; i < key_count; i++) {
1736 struct mgmt_link_key_info *key = &cp->keys[i];
1737
1738 if (key->addr.type != BDADDR_BREDR)
1739 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1740 MGMT_STATUS_INVALID_PARAMS);
1741 }
1742
09fd0de5 1743 hci_dev_lock(hdev);
55ed8ca1
JH		 1744
1745 hci_link_keys_clear(hdev);
1746
a8b2d5c2 1747 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1748
1749 if (cp->debug_keys)
a8b2d5c2 1750 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1751 else
a8b2d5c2 1752 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1753
a492cd52 1754 for (i = 0; i < key_count; i++) {
86742e1e 1755 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1756
d753fdc4 1757 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1758 key->type, key->pin_len);
55ed8ca1
JH		 1759 }
1760
bdb6d971 1761 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1762
09fd0de5 1763 hci_dev_unlock(hdev);
55ed8ca1 1764
a492cd52 1765 return 0;
55ed8ca1
JH		 1766}
1767
b1078ad0 1768static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1769 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1770{
1771 struct mgmt_ev_device_unpaired ev;
1772
1773 bacpy(&ev.addr.bdaddr, bdaddr);
1774 ev.addr.type = addr_type;
1775
1776 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1777 skip_sk);
b1078ad0
JH		 1778}
1779
bdb6d971 1780static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1781 u16 len)
55ed8ca1 1782{
124f6e35
JH		 1783 struct mgmt_cp_unpair_device *cp = data;
1784 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1785 struct hci_cp_disconnect dc;
1786 struct pending_cmd *cmd;
55ed8ca1 1787 struct hci_conn *conn;
55ed8ca1
JH		 1788 int err;
1789
a8a1d19e 1790 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1791 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1792 rp.addr.type = cp->addr.type;
a8a1d19e 1793
4ee71b20
JH		 1794 if (!bdaddr_type_is_valid(cp->addr.type))
1795 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1796 MGMT_STATUS_INVALID_PARAMS,
1797 &rp, sizeof(rp));
1798
118da70b
JH		 1799 if (cp->disconnect != 0x00 && cp->disconnect != 0x01)
1800 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1801 MGMT_STATUS_INVALID_PARAMS,
1802 &rp, sizeof(rp));
1803
4ee71b20
JH		 1804 hci_dev_lock(hdev);
1805
86a8cfc6 1806 if (!hdev_is_powered(hdev)) {
bdb6d971 1807 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1808 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1809 goto unlock;
1810 }
1811
591f47f3 1812 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1813 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1814 else
1815 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1816
55ed8ca1 1817 if (err < 0) {
bdb6d971 1818 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1819 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1820 goto unlock;
1821 }
1822
86a8cfc6 1823 if (cp->disconnect) {
591f47f3 1824 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1825 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1826 &cp->addr.bdaddr);
86a8cfc6
JH		 1827 else
1828 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1829 &cp->addr.bdaddr);
86a8cfc6
JH		 1830 } else {
1831 conn = NULL;
1832 }
124f6e35 1833
a8a1d19e 1834 if (!conn) {
bdb6d971 1835 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1836 &rp, sizeof(rp));
b1078ad0 1837 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1838 goto unlock;
1839 }
55ed8ca1 1840
124f6e35 1841 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1842 sizeof(*cp));
a8a1d19e
JH		 1843 if (!cmd) {
1844 err = -ENOMEM;
1845 goto unlock;
55ed8ca1
JH		 1846 }
1847
eb55ef07 1848 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1849 dc.reason = 0x13; /* Remote User Terminated Connection */
1850 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1851 if (err < 0)
1852 mgmt_pending_remove(cmd);
1853
55ed8ca1 1854unlock:
09fd0de5 1855 hci_dev_unlock(hdev);
55ed8ca1
JH		 1856 return err;
1857}
1858
bdb6d971 1859static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1860 u16 len)
8962ee74 1861{
650f726d 1862 struct mgmt_cp_disconnect *cp = data;
06a63b19 1863 struct mgmt_rp_disconnect rp;
8962ee74 1864 struct hci_cp_disconnect dc;
366a0336 1865 struct pending_cmd *cmd;
8962ee74 1866 struct hci_conn *conn;
8962ee74
JH		 1867 int err;
1868
1869 BT_DBG("");
1870
06a63b19
JH		 1871 memset(&rp, 0, sizeof(rp));
1872 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1873 rp.addr.type = cp->addr.type;
1874
4ee71b20 1875 if (!bdaddr_type_is_valid(cp->addr.type))
06a63b19
JH		 1876 return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1877 MGMT_STATUS_INVALID_PARAMS,
1878 &rp, sizeof(rp));
4ee71b20 1879
09fd0de5 1880 hci_dev_lock(hdev);
8962ee74
JH		 1881
1882 if (!test_bit(HCI_UP, &hdev->flags)) {
06a63b19
JH		 1883 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1884 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
8962ee74
JH		 1885 goto failed;
1886 }
1887
2e58ef3e 1888 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
06a63b19
JH		 1889 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1890 MGMT_STATUS_BUSY, &rp, sizeof(rp));
8962ee74
JH		 1891 goto failed;
1892 }
1893
591f47f3 1894 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1895 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1896 &cp->addr.bdaddr);
88c3df13
JH		 1897 else
1898 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1899
f960727e 1900 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
06a63b19
JH		 1901 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1902 MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp));
8962ee74
JH		 1903 goto failed;
1904 }
1905
2e58ef3e 1906 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1907 if (!cmd) {
1908 err = -ENOMEM;
8962ee74 1909 goto failed;
366a0336 1910 }
8962ee74 1911
eb55ef07 1912 dc.handle = cpu_to_le16(conn->handle);
3701f944 1913 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1914
1915 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1916 if (err < 0)
a664b5bc 1917 mgmt_pending_remove(cmd);
8962ee74
JH		 1918
1919failed:
09fd0de5 1920 hci_dev_unlock(hdev);
8962ee74
JH		 1921 return err;
1922}
1923
57c1477c 1924static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1925{
1926 switch (link_type) {
1927 case LE_LINK:
48264f06
JH		 1928 switch (addr_type) {
1929 case ADDR_LE_DEV_PUBLIC:
591f47f3 1930 return BDADDR_LE_PUBLIC;
0ed09148 1931
48264f06 1932 default:
0ed09148 1933 /* Fallback to LE Random address type */
591f47f3 1934 return BDADDR_LE_RANDOM;
48264f06 1935 }
0ed09148 1936
4c659c39 1937 default:
0ed09148 1938 /* Fallback to BR/EDR type */
591f47f3 1939 return BDADDR_BREDR;
4c659c39
JH		 1940 }
1941}
1942
04124681
GP		 1943static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1944 u16 data_len)
2784eb41 1945{
2784eb41 1946 struct mgmt_rp_get_connections *rp;
8035ded4 1947 struct hci_conn *c;
a38528f1 1948 size_t rp_len;
60fc5fb6
JH		 1949 int err;
1950 u16 i;
2784eb41
JH		 1951
1952 BT_DBG("");
1953
09fd0de5 1954 hci_dev_lock(hdev);
2784eb41 1955
5f97c1df 1956 if (!hdev_is_powered(hdev)) {
bdb6d971 1957 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1958 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1959 goto unlock;
1960 }
1961
60fc5fb6 1962 i = 0;
b644ba33
JH		 1963 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1964 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1965 i++;
2784eb41
JH		 1966 }
1967
60fc5fb6 1968 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1969 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1970 if (!rp) {
2784eb41
JH		 1971 err = -ENOMEM;
1972 goto unlock;
1973 }
1974
2784eb41 1975 i = 0;
4c659c39 1976 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1977 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1978 continue;
4c659c39 1979 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1980 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1981 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1982 continue;
1983 i++;
1984 }
1985
eb55ef07 1986 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1987
4c659c39
JH		 1988 /* Recalculate length in case of filtered SCO connections, etc */
1989 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1990
bdb6d971 1991 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1992 rp_len);
2784eb41 1993
a38528f1 1994 kfree(rp);
5f97c1df
JH		 1995
1996unlock:
09fd0de5 1997 hci_dev_unlock(hdev);
2784eb41
JH		 1998 return err;
1999}
2000
bdb6d971 2001static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2002 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 2003{
2004 struct pending_cmd *cmd;
2005 int err;
2006
2e58ef3e 2007 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 2008 sizeof(*cp));
96d97a67
WR		 2009 if (!cmd)
2010 return -ENOMEM;
2011
d8457698 2012 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 2013 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 2014 if (err < 0)
2015 mgmt_pending_remove(cmd);
2016
2017 return err;
2018}
2019
bdb6d971 2020static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2021 u16 len)
980e1a53 2022{
96d97a67 2023 struct hci_conn *conn;
650f726d 2024 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 2025 struct hci_cp_pin_code_reply reply;
366a0336 2026 struct pending_cmd *cmd;
980e1a53
JH		 2027 int err;
2028
2029 BT_DBG("");
2030
09fd0de5 2031 hci_dev_lock(hdev);
980e1a53 2032
4b34ee78 2033 if (!hdev_is_powered(hdev)) {
bdb6d971 2034 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2035 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 2036 goto failed;
2037 }
2038
d8457698 2039 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 2040 if (!conn) {
bdb6d971 2041 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2042 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 2043 goto failed;
2044 }
2045
2046 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 2047 struct mgmt_cp_pin_code_neg_reply ncp;
2048
2049 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 2050
2051 BT_ERR("PIN code is not 16 bytes long");
2052
bdb6d971 2053 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 2054 if (err >= 0)
bdb6d971 2055 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2056 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 2057
2058 goto failed;
2059 }
2060
00abfe44 2061 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 2062 if (!cmd) {
2063 err = -ENOMEM;
980e1a53 2064 goto failed;
366a0336 2065 }
980e1a53 2066
d8457698 2067 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 2068 reply.pin_len = cp->pin_len;
24718ca5 2069 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 2070
2071 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
2072 if (err < 0)
a664b5bc 2073 mgmt_pending_remove(cmd);
980e1a53
JH		 2074
2075failed:
09fd0de5 2076 hci_dev_unlock(hdev);
980e1a53
JH		 2077 return err;
2078}
2079
04124681
GP		 2080static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
2081 u16 len)
17fa4b9d 2082{
650f726d 2083 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 2084
2085 BT_DBG("");
2086
09fd0de5 2087 hci_dev_lock(hdev);
17fa4b9d
JH		 2088
2089 hdev->io_capability = cp->io_capability;
2090
2091 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 2092 hdev->io_capability);
17fa4b9d 2093
09fd0de5 2094 hci_dev_unlock(hdev);
17fa4b9d 2095
04124681
GP		 2096 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
2097 0);
17fa4b9d
JH		 2098}
2099
6039aa73 2100static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 2101{
2102 struct hci_dev *hdev = conn->hdev;
8035ded4 2103 struct pending_cmd *cmd;
e9a416b5 2104
2e58ef3e 2105 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 2106 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
2107 continue;
2108
e9a416b5
JH		 2109 if (cmd->user_data != conn)
2110 continue;
2111
2112 return cmd;
2113 }
2114
2115 return NULL;
2116}
2117
2118static void pairing_complete(struct pending_cmd *cmd, u8 status)
2119{
2120 struct mgmt_rp_pair_device rp;
2121 struct hci_conn *conn = cmd->user_data;
2122
ba4e564f 2123 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 2124 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 2125
aee9b218 2126 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 2127 &rp, sizeof(rp));
e9a416b5
JH		 2128
2129 /* So we don't get further callbacks for this connection */
2130 conn->connect_cfm_cb = NULL;
2131 conn->security_cfm_cb = NULL;
2132 conn->disconn_cfm_cb = NULL;
2133
2134 hci_conn_put(conn);
2135
a664b5bc 2136 mgmt_pending_remove(cmd);
e9a416b5
JH		 2137}
2138
2139static void pairing_complete_cb(struct hci_conn *conn, u8 status)
2140{
2141 struct pending_cmd *cmd;
2142
2143 BT_DBG("status %u", status);
2144
2145 cmd = find_pairing(conn);
56e5cb86 2146 if (!cmd)
e9a416b5 2147 BT_DBG("Unable to find a pending command");
56e5cb86 2148 else
e211326c 2149 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 2150}
2151
4c47d739
VA		 2152static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
2153{
2154 struct pending_cmd *cmd;
2155
2156 BT_DBG("status %u", status);
2157
2158 if (!status)
2159 return;
2160
2161 cmd = find_pairing(conn);
2162 if (!cmd)
2163 BT_DBG("Unable to find a pending command");
2164 else
2165 pairing_complete(cmd, mgmt_status(status));
2166}
2167
bdb6d971 2168static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2169 u16 len)
e9a416b5 2170{
650f726d 2171 struct mgmt_cp_pair_device *cp = data;
1425acb7 2172 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 2173 struct pending_cmd *cmd;
2174 u8 sec_level, auth_type;
2175 struct hci_conn *conn;
e9a416b5
JH		 2176 int err;
2177
2178 BT_DBG("");
2179
f950a30e
SJ		 2180 memset(&rp, 0, sizeof(rp));
2181 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2182 rp.addr.type = cp->addr.type;
2183
4ee71b20
JH		 2184 if (!bdaddr_type_is_valid(cp->addr.type))
2185 return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2186 MGMT_STATUS_INVALID_PARAMS,
2187 &rp, sizeof(rp));
2188
09fd0de5 2189 hci_dev_lock(hdev);
e9a416b5 2190
5f97c1df 2191 if (!hdev_is_powered(hdev)) {
f950a30e
SJ		 2192 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2193 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
5f97c1df
JH		 2194 goto unlock;
2195 }
2196
c908df36
VCG		 2197 sec_level = BT_SECURITY_MEDIUM;
2198 if (cp->io_cap == 0x03)
e9a416b5 2199 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 2200 else
e9a416b5 2201 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 2202
591f47f3 2203 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 2204 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
2205 cp->addr.type, sec_level, auth_type);
7a512d01 2206 else
b12f62cf
AG		 2207 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
2208 cp->addr.type, sec_level, auth_type);
7a512d01 2209
30e76272 2210 if (IS_ERR(conn)) {
489dc48e
AK		 2211 int status;
2212
2213 if (PTR_ERR(conn) == -EBUSY)
2214 status = MGMT_STATUS_BUSY;
2215 else
2216 status = MGMT_STATUS_CONNECT_FAILED;
2217
bdb6d971 2218 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 2219 status, &rp,
04124681 2220 sizeof(rp));
e9a416b5
JH		 2221 goto unlock;
2222 }
2223
2224 if (conn->connect_cfm_cb) {
2225 hci_conn_put(conn);
bdb6d971 2226 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 2227 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 2228 goto unlock;
2229 }
2230
2e58ef3e 2231 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 2232 if (!cmd) {
2233 err = -ENOMEM;
2234 hci_conn_put(conn);
2235 goto unlock;
2236 }
2237
7a512d01 2238 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 2239 if (cp->addr.type == BDADDR_BREDR)
7a512d01 2240 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 2241 else
2242 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 2243
e9a416b5
JH		 2244 conn->security_cfm_cb = pairing_complete_cb;
2245 conn->disconn_cfm_cb = pairing_complete_cb;
2246 conn->io_capability = cp->io_cap;
2247 cmd->user_data = conn;
2248
2249 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2250 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2251 pairing_complete(cmd, 0);
2252
2253 err = 0;
2254
2255unlock:
09fd0de5 2256 hci_dev_unlock(hdev);
e9a416b5
JH		 2257 return err;
2258}
2259
04124681
GP		 2260static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2261 u16 len)
28424707 2262{
0f4e68cf 2263 struct mgmt_addr_info *addr = data;
28424707
JH		 2264 struct pending_cmd *cmd;
2265 struct hci_conn *conn;
2266 int err;
2267
2268 BT_DBG("");
2269
28424707
JH		 2270 hci_dev_lock(hdev);
2271
5f97c1df 2272 if (!hdev_is_powered(hdev)) {
bdb6d971 2273 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2274 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2275 goto unlock;
2276 }
2277
28424707
JH		 2278 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2279 if (!cmd) {
bdb6d971 2280 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2281 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2282 goto unlock;
2283 }
2284
2285 conn = cmd->user_data;
2286
2287 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2288 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2289 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2290 goto unlock;
2291 }
2292
2293 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2294
bdb6d971 2295 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2296 addr, sizeof(*addr));
28424707
JH		 2297unlock:
2298 hci_dev_unlock(hdev);
28424707
JH		 2299 return err;
2300}
2301
bdb6d971 2302static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2303 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2304 u16 hci_op, __le32 passkey)
a5c29683 2305{
a5c29683 2306 struct pending_cmd *cmd;
0df4c185 2307 struct hci_conn *conn;
a5c29683
JH		 2308 int err;
2309
09fd0de5 2310 hci_dev_lock(hdev);
08ba5382 2311
4b34ee78 2312 if (!hdev_is_powered(hdev)) {
bdb6d971 2313 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2314 MGMT_STATUS_NOT_POWERED);
0df4c185 2315 goto done;
a5c29683
JH		 2316 }
2317
591f47f3 2318 if (type == BDADDR_BREDR)
272d90df
JH		 2319 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2320 else
47c15e2b 2321 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2322
2323 if (!conn) {
bdb6d971 2324 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2325 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2326 goto done;
2327 }
47c15e2b 2328
591f47f3 2329 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2330 /* Continue with pairing via SMP */
5fe57d9e
BG		 2331 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2332
2333 if (!err)
bdb6d971 2334 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2335 MGMT_STATUS_SUCCESS);
5fe57d9e 2336 else
bdb6d971 2337 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2338 MGMT_STATUS_FAILED);
47c15e2b 2339
47c15e2b
BG		 2340 goto done;
2341 }
2342
0df4c185 2343 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2344 if (!cmd) {
2345 err = -ENOMEM;
0df4c185 2346 goto done;
a5c29683
JH		 2347 }
2348
0df4c185 2349 /* Continue with pairing via HCI */
604086b7
BG		 2350 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2351 struct hci_cp_user_passkey_reply cp;
2352
2353 bacpy(&cp.bdaddr, bdaddr);
2354 cp.passkey = passkey;
2355 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2356 } else
2357 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2358
a664b5bc
JH		 2359 if (err < 0)
2360 mgmt_pending_remove(cmd);
a5c29683 2361
0df4c185 2362done:
09fd0de5 2363 hci_dev_unlock(hdev);
a5c29683
JH		 2364 return err;
2365}
2366
afeb019d
JK		 2367static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2368 void *data, u16 len)
2369{
2370 struct mgmt_cp_pin_code_neg_reply *cp = data;
2371
2372 BT_DBG("");
2373
2374 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2375 MGMT_OP_PIN_CODE_NEG_REPLY,
2376 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2377}
2378
04124681
GP		 2379static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2380 u16 len)
0df4c185 2381{
650f726d 2382 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2383
2384 BT_DBG("");
2385
2386 if (len != sizeof(*cp))
bdb6d971 2387 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2388 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2389
bdb6d971 2390 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2391 MGMT_OP_USER_CONFIRM_REPLY,
2392 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2393}
2394
bdb6d971 2395static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2396 void *data, u16 len)
0df4c185 2397{
c9c2659f 2398 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2399
2400 BT_DBG("");
2401
bdb6d971 2402 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2403 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2404 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2405}
2406
04124681
GP		 2407static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2408 u16 len)
604086b7 2409{
650f726d 2410 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2411
2412 BT_DBG("");
2413
bdb6d971 2414 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2415 MGMT_OP_USER_PASSKEY_REPLY,
2416 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2417}
2418
bdb6d971 2419static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2420 void *data, u16 len)
604086b7 2421{
650f726d 2422 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2423
2424 BT_DBG("");
2425
bdb6d971 2426 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2427 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2428 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2429}
2430
13928971 2431static void update_name(struct hci_request *req)
2b4bf397 2432{
13928971 2433 struct hci_dev *hdev = req->hdev;
2b4bf397
JH		 2434 struct hci_cp_write_local_name cp;
2435
13928971 2436 memcpy(cp.name, hdev->dev_name, sizeof(cp.name));
2b4bf397 2437
890ea898 2438 hci_req_add(req, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2b4bf397
JH		 2439}
2440
13928971
JH		 2441static void set_name_complete(struct hci_dev *hdev, u8 status)
2442{
2443 struct mgmt_cp_set_local_name *cp;
2444 struct pending_cmd *cmd;
2445
2446 BT_DBG("status 0x%02x", status);
2447
2448 hci_dev_lock(hdev);
2449
2450 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2451 if (!cmd)
2452 goto unlock;
2453
2454 cp = cmd->param;
2455
2456 if (status)
2457 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2458 mgmt_status(status));
2459 else
2460 cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2461 cp, sizeof(*cp));
2462
2463 mgmt_pending_remove(cmd);
2464
2465unlock:
2466 hci_dev_unlock(hdev);
2467}
2468
bdb6d971 2469static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2470 u16 len)
b312b161 2471{
2b4bf397 2472 struct mgmt_cp_set_local_name *cp = data;
b312b161 2473 struct pending_cmd *cmd;
890ea898 2474 struct hci_request req;
b312b161
JH		 2475 int err;
2476
2477 BT_DBG("");
2478
09fd0de5 2479 hci_dev_lock(hdev);
b312b161 2480
b3f2ca94
JH		 2481 /* If the old values are the same as the new ones just return a
2482 * direct command complete event.
2483 */
2484 if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) &&
2485 !memcmp(hdev->short_name, cp->short_name,
2486 sizeof(hdev->short_name))) {
2487 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2488 data, len);
2489 goto failed;
2490 }
2491
2b4bf397 2492 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2493
b5235a65 2494 if (!hdev_is_powered(hdev)) {
2b4bf397 2495 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2496
2497 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2498 data, len);
28cc7bde
JH		 2499 if (err < 0)
2500 goto failed;
2501
2502 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2503 sk);
28cc7bde 2504
b5235a65
JH		 2505 goto failed;
2506 }
2507
28cc7bde 2508 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2509 if (!cmd) {
2510 err = -ENOMEM;
2511 goto failed;
2512 }
2513
13928971
JH		 2514 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
2515
890ea898 2516 hci_req_init(&req, hdev);
3f985050
JH		 2517
2518 if (lmp_bredr_capable(hdev)) {
2519 update_name(&req);
2520 update_eir(&req);
2521 }
2522
2523 if (lmp_le_capable(hdev))
2524 hci_update_ad(&req);
2525
13928971 2526 err = hci_req_run(&req, set_name_complete);
b312b161
JH		 2527 if (err < 0)
2528 mgmt_pending_remove(cmd);
2529
2530failed:
09fd0de5 2531 hci_dev_unlock(hdev);
b312b161
JH		 2532 return err;
2533}
2534
0f4e68cf 2535static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2536 void *data, u16 data_len)
c35938b2 2537{
c35938b2
SJ		 2538 struct pending_cmd *cmd;
2539 int err;
2540
bdb6d971 2541 BT_DBG("%s", hdev->name);
c35938b2 2542
09fd0de5 2543 hci_dev_lock(hdev);
c35938b2 2544
4b34ee78 2545 if (!hdev_is_powered(hdev)) {
bdb6d971 2546 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2547 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2548 goto unlock;
2549 }
2550
9a1a1996 2551 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2552 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2553 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2554 goto unlock;
2555 }
2556
2e58ef3e 2557 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2558 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2559 MGMT_STATUS_BUSY);
c35938b2
SJ		 2560 goto unlock;
2561 }
2562
2e58ef3e 2563 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2564 if (!cmd) {
2565 err = -ENOMEM;
2566 goto unlock;
2567 }
2568
2569 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2570 if (err < 0)
2571 mgmt_pending_remove(cmd);
2572
2573unlock:
09fd0de5 2574 hci_dev_unlock(hdev);
c35938b2
SJ		 2575 return err;
2576}
2577
bdb6d971 2578static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2579 void *data, u16 len)
2763eda6 2580{
650f726d 2581 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2582 u8 status;
2763eda6
SJ		 2583 int err;
2584
bdb6d971 2585 BT_DBG("%s ", hdev->name);
2763eda6 2586
09fd0de5 2587 hci_dev_lock(hdev);
2763eda6 2588
664ce4cc 2589 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2590 cp->randomizer);
2763eda6 2591 if (err < 0)
bf1e3541 2592 status = MGMT_STATUS_FAILED;
2763eda6 2593 else
a6785be2 2594 status = MGMT_STATUS_SUCCESS;
bf1e3541 2595
bdb6d971 2596 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2597 &cp->addr, sizeof(cp->addr));
2763eda6 2598
09fd0de5 2599 hci_dev_unlock(hdev);
2763eda6
SJ		 2600 return err;
2601}
2602
bdb6d971 2603static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2604 void *data, u16 len)
2763eda6 2605{
650f726d 2606 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2607 u8 status;
2763eda6
SJ		 2608 int err;
2609
bdb6d971 2610 BT_DBG("%s", hdev->name);
2763eda6 2611
09fd0de5 2612 hci_dev_lock(hdev);
2763eda6 2613
664ce4cc 2614 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2615 if (err < 0)
bf1e3541 2616 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2617 else
a6785be2 2618 status = MGMT_STATUS_SUCCESS;
bf1e3541 2619
bdb6d971 2620 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2621 status, &cp->addr, sizeof(cp->addr));
2763eda6 2622
09fd0de5 2623 hci_dev_unlock(hdev);
2763eda6
SJ		 2624 return err;
2625}
2626
5e0452c0
AG		 2627int mgmt_interleaved_discovery(struct hci_dev *hdev)
2628{
2629 int err;
2630
2631 BT_DBG("%s", hdev->name);
2632
2633 hci_dev_lock(hdev);
2634
2635 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2636 if (err < 0)
2637 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2638
2639 hci_dev_unlock(hdev);
2640
2641 return err;
2642}
2643
bdb6d971 2644static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2645 void *data, u16 len)
14a53664 2646{
650f726d 2647 struct mgmt_cp_start_discovery *cp = data;
14a53664 2648 struct pending_cmd *cmd;
14a53664
JH		 2649 int err;
2650
bdb6d971 2651 BT_DBG("%s", hdev->name);
14a53664 2652
09fd0de5 2653 hci_dev_lock(hdev);
14a53664 2654
4b34ee78 2655 if (!hdev_is_powered(hdev)) {
bdb6d971 2656 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2657 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2658 goto failed;
2659 }
2660
642be6c7
AG		 2661 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2662 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2663 MGMT_STATUS_BUSY);
2664 goto failed;
2665 }
2666
ff9ef578 2667 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2668 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2669 MGMT_STATUS_BUSY);
ff9ef578
JH		 2670 goto failed;
2671 }
2672
2e58ef3e 2673 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2674 if (!cmd) {
2675 err = -ENOMEM;
2676 goto failed;
2677 }
2678
4aab14e5
AG		 2679 hdev->discovery.type = cp->type;
2680
2681 switch (hdev->discovery.type) {
f39799f5 2682 case DISCOV_TYPE_BREDR:
04106755
JH		 2683 if (!lmp_bredr_capable(hdev)) {
2684 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2685 MGMT_STATUS_NOT_SUPPORTED);
2686 mgmt_pending_remove(cmd);
2687 goto failed;
2688 }
2689
2690 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2691 break;
2692
2693 case DISCOV_TYPE_LE:
04106755
JH		 2694 if (!lmp_host_le_capable(hdev)) {
2695 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2696 MGMT_STATUS_NOT_SUPPORTED);
2697 mgmt_pending_remove(cmd);
2698 goto failed;
2699 }
2700
2701 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2702 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2703 break;
2704
5e0452c0 2705 case DISCOV_TYPE_INTERLEAVED:
04106755
JH		 2706 if (!lmp_host_le_capable(hdev) || !lmp_bredr_capable(hdev)) {
2707 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2708 MGMT_STATUS_NOT_SUPPORTED);
2709 mgmt_pending_remove(cmd);
2710 goto failed;
2711 }
2712
2713 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, LE_SCAN_WIN,
2714 LE_SCAN_TIMEOUT_BREDR_LE);
5e0452c0
AG		 2715 break;
2716
f39799f5 2717 default:
04106755
JH		 2718 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2719 MGMT_STATUS_INVALID_PARAMS);
2720 mgmt_pending_remove(cmd);
2721 goto failed;
f39799f5 2722 }
3fd24153 2723
14a53664
JH		 2724 if (err < 0)
2725 mgmt_pending_remove(cmd);
ff9ef578
JH		 2726 else
2727 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2728
2729failed:
09fd0de5 2730 hci_dev_unlock(hdev);
14a53664
JH		 2731 return err;
2732}
2733
bdb6d971 2734static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2735 u16 len)
14a53664 2736{
d930650b 2737 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2738 struct pending_cmd *cmd;
30dc78e1
JH		 2739 struct hci_cp_remote_name_req_cancel cp;
2740 struct inquiry_entry *e;
14a53664
JH		 2741 int err;
2742
bdb6d971 2743 BT_DBG("%s", hdev->name);
14a53664 2744
09fd0de5 2745 hci_dev_lock(hdev);
14a53664 2746
30dc78e1 2747 if (!hci_discovery_active(hdev)) {
bdb6d971 2748 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2749 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2750 sizeof(mgmt_cp->type));
d930650b
JH		 2751 goto unlock;
2752 }
2753
2754 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2755 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2756 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2757 sizeof(mgmt_cp->type));
30dc78e1 2758 goto unlock;
ff9ef578
JH		 2759 }
2760
2e58ef3e 2761 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2762 if (!cmd) {
2763 err = -ENOMEM;
30dc78e1
JH		 2764 goto unlock;
2765 }
2766
e0d9727e
AG		 2767 switch (hdev->discovery.state) {
2768 case DISCOVERY_FINDING:
c9ecc48e
AG		 2769 if (test_bit(HCI_INQUIRY, &hdev->flags))
2770 err = hci_cancel_inquiry(hdev);
2771 else
2772 err = hci_cancel_le_scan(hdev);
2773
e0d9727e
AG		 2774 break;
2775
2776 case DISCOVERY_RESOLVING:
2777 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2778 NAME_PENDING);
e0d9727e 2779 if (!e) {
30dc78e1 2780 mgmt_pending_remove(cmd);
e0d9727e
AG		 2781 err = cmd_complete(sk, hdev->id,
2782 MGMT_OP_STOP_DISCOVERY, 0,
2783 &mgmt_cp->type,
2784 sizeof(mgmt_cp->type));
2785 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2786 goto unlock;
2787 }
30dc78e1 2788
e0d9727e
AG		 2789 bacpy(&cp.bdaddr, &e->data.bdaddr);
2790 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2791 sizeof(cp), &cp);
2792
2793 break;
2794
2795 default:
2796 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2797 err = -EFAULT;
14a53664
JH		 2798 }
2799
14a53664
JH		 2800 if (err < 0)
2801 mgmt_pending_remove(cmd);
ff9ef578
JH		 2802 else
2803 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2804
30dc78e1 2805unlock:
09fd0de5 2806 hci_dev_unlock(hdev);
14a53664
JH		 2807 return err;
2808}
2809
bdb6d971 2810static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2811 u16 len)
561aafbc 2812{
650f726d 2813 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2814 struct inquiry_entry *e;
561aafbc
JH		 2815 int err;
2816
bdb6d971 2817 BT_DBG("%s", hdev->name);
561aafbc 2818
561aafbc
JH		 2819 hci_dev_lock(hdev);
2820
30dc78e1 2821 if (!hci_discovery_active(hdev)) {
bdb6d971 2822 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2823 MGMT_STATUS_FAILED);
30dc78e1
JH		 2824 goto failed;
2825 }
2826
a198e7b1 2827 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2828 if (!e) {
bdb6d971 2829 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2830 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2831 goto failed;
2832 }
2833
2834 if (cp->name_known) {
2835 e->name_state = NAME_KNOWN;
2836 list_del(&e->list);
2837 } else {
2838 e->name_state = NAME_NEEDED;
a3d4e20a 2839 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2840 }
2841
e384662b
JH		 2842 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
2843 sizeof(cp->addr));
561aafbc
JH		 2844
2845failed:
2846 hci_dev_unlock(hdev);
561aafbc
JH		 2847 return err;
2848}
2849
bdb6d971 2850static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2851 u16 len)
7fbec224 2852{
650f726d 2853 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2854 u8 status;
7fbec224
AJ		 2855 int err;
2856
bdb6d971 2857 BT_DBG("%s", hdev->name);
7fbec224 2858
4ee71b20 2859 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 2860 return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE,
2861 MGMT_STATUS_INVALID_PARAMS,
2862 &cp->addr, sizeof(cp->addr));
4ee71b20 2863
09fd0de5 2864 hci_dev_lock(hdev);
5e762444 2865
88c1fe4b 2866 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2867 if (err < 0)
f0eeea8b 2868 status = MGMT_STATUS_FAILED;
7fbec224 2869 else
a6785be2 2870 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2871
bdb6d971 2872 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2873 &cp->addr, sizeof(cp->addr));
5e762444 2874
09fd0de5 2875 hci_dev_unlock(hdev);
7fbec224
AJ		 2876
2877 return err;
2878}
2879
bdb6d971 2880static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2881 u16 len)
7fbec224 2882{
650f726d 2883 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2884 u8 status;
7fbec224
AJ		 2885 int err;
2886
bdb6d971 2887 BT_DBG("%s", hdev->name);
7fbec224 2888
4ee71b20 2889 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 2890 return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE,
2891 MGMT_STATUS_INVALID_PARAMS,
2892 &cp->addr, sizeof(cp->addr));
4ee71b20 2893
09fd0de5 2894 hci_dev_lock(hdev);
5e762444 2895
88c1fe4b 2896 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2897 if (err < 0)
f0eeea8b 2898 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2899 else
a6785be2 2900 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2901
bdb6d971 2902 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2903 &cp->addr, sizeof(cp->addr));
5e762444 2904
09fd0de5 2905 hci_dev_unlock(hdev);
7fbec224
AJ		 2906
2907 return err;
2908}
2909
cdbaccca
MH		 2910static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2911 u16 len)
2912{
2913 struct mgmt_cp_set_device_id *cp = data;
890ea898 2914 struct hci_request req;
cdbaccca 2915 int err;
c72d4b8a 2916 __u16 source;
cdbaccca
MH		 2917
2918 BT_DBG("%s", hdev->name);
2919
c72d4b8a
SJ		 2920 source = __le16_to_cpu(cp->source);
2921
2922 if (source > 0x0002)
2923 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2924 MGMT_STATUS_INVALID_PARAMS);
2925
cdbaccca
MH		 2926 hci_dev_lock(hdev);
2927
c72d4b8a 2928 hdev->devid_source = source;
cdbaccca
MH		 2929 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2930 hdev->devid_product = __le16_to_cpu(cp->product);
2931 hdev->devid_version = __le16_to_cpu(cp->version);
2932
2933 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2934
890ea898
JH		 2935 hci_req_init(&req, hdev);
2936 update_eir(&req);
2937 hci_req_run(&req, NULL);
cdbaccca
MH		 2938
2939 hci_dev_unlock(hdev);
2940
2941 return err;
2942}
2943
33e38b3e
JH		 2944static void fast_connectable_complete(struct hci_dev *hdev, u8 status)
2945{
2946 struct pending_cmd *cmd;
2947
2948 BT_DBG("status 0x%02x", status);
2949
2950 hci_dev_lock(hdev);
2951
2952 cmd = mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev);
2953 if (!cmd)
2954 goto unlock;
2955
2956 if (status) {
2957 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2958 mgmt_status(status));
2959 } else {
1a4d3c4b
JH		 2960 struct mgmt_mode *cp = cmd->param;
2961
2962 if (cp->val)
2963 set_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
2964 else
2965 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
2966
33e38b3e
JH		 2967 send_settings_rsp(cmd->sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev);
2968 new_settings(hdev, cmd->sk);
2969 }
2970
2971 mgmt_pending_remove(cmd);
2972
2973unlock:
2974 hci_dev_unlock(hdev);
2975}
2976
bdb6d971 2977static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2978 void *data, u16 len)
f6422ec6 2979{
650f726d 2980 struct mgmt_mode *cp = data;
33e38b3e
JH		 2981 struct pending_cmd *cmd;
2982 struct hci_request req;
f6422ec6
AJ		 2983 int err;
2984
bdb6d971 2985 BT_DBG("%s", hdev->name);
f6422ec6 2986
1a47aee8 2987 if (!lmp_bredr_capable(hdev) || hdev->hci_ver < BLUETOOTH_VER_1_2)
33c525c0
JH		 2988 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2989 MGMT_STATUS_NOT_SUPPORTED);
2990
a7e80f25
JH		 2991 if (cp->val != 0x00 && cp->val != 0x01)
2992 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2993 MGMT_STATUS_INVALID_PARAMS);
2994
5400c044 2995 if (!hdev_is_powered(hdev))
bdb6d971 2996 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2997 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2998
2999 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 3000 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3001 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 3002
3003 hci_dev_lock(hdev);
3004
05cbf29f
JH		 3005 if (mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev)) {
3006 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3007 MGMT_STATUS_BUSY);
3008 goto unlock;
3009 }
3010
1a4d3c4b
JH		 3011 if (!!cp->val == test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) {
3012 err = send_settings_rsp(sk, MGMT_OP_SET_FAST_CONNECTABLE,
3013 hdev);
3014 goto unlock;
3015 }
3016
33e38b3e
JH		 3017 cmd = mgmt_pending_add(sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev,
3018 data, len);
3019 if (!cmd) {
3020 err = -ENOMEM;
3021 goto unlock;
f6422ec6
AJ		 3022 }
3023
33e38b3e
JH		 3024 hci_req_init(&req, hdev);
3025
406d7804 3026 write_fast_connectable(&req, cp->val);
33e38b3e
JH		 3027
3028 err = hci_req_run(&req, fast_connectable_complete);
f6422ec6 3029 if (err < 0) {
bdb6d971 3030 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3031 MGMT_STATUS_FAILED);
33e38b3e 3032 mgmt_pending_remove(cmd);
f6422ec6
AJ		 3033 }
3034
33e38b3e 3035unlock:
f6422ec6 3036 hci_dev_unlock(hdev);
33e38b3e 3037
f6422ec6
AJ		 3038 return err;
3039}
3040
3f706b72
JH		 3041static bool ltk_is_valid(struct mgmt_ltk_info *key)
3042{
44b20d33
JH		 3043 if (key->authenticated != 0x00 && key->authenticated != 0x01)
3044 return false;
3f706b72
JH		 3045 if (key->master != 0x00 && key->master != 0x01)
3046 return false;
4ee71b20
JH		 3047 if (!bdaddr_type_is_le(key->addr.type))
3048 return false;
3f706b72
JH		 3049 return true;
3050}
3051
bdb6d971 3052static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 3053 void *cp_data, u16 len)
346af67b 3054{
346af67b
VCG		 3055 struct mgmt_cp_load_long_term_keys *cp = cp_data;
3056 u16 key_count, expected_len;
715a5bf2 3057 int i, err;
346af67b 3058
1f350c87 3059 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 3060
3061 expected_len = sizeof(*cp) + key_count *
3062 sizeof(struct mgmt_ltk_info);
3063 if (expected_len != len) {
3064 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 3065 len, expected_len);
bdb6d971 3066 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
e57e619f 3067 MGMT_STATUS_INVALID_PARAMS);
346af67b
VCG		 3068 }
3069
bdb6d971 3070 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b 3071
54ad6d8a
JH		 3072 for (i = 0; i < key_count; i++) {
3073 struct mgmt_ltk_info *key = &cp->keys[i];
3074
3f706b72 3075 if (!ltk_is_valid(key))
54ad6d8a
JH		 3076 return cmd_status(sk, hdev->id,
3077 MGMT_OP_LOAD_LONG_TERM_KEYS,
3078 MGMT_STATUS_INVALID_PARAMS);
3079 }
3080
346af67b
VCG		 3081 hci_dev_lock(hdev);
3082
3083 hci_smp_ltks_clear(hdev);
3084
3085 for (i = 0; i < key_count; i++) {
3086 struct mgmt_ltk_info *key = &cp->keys[i];
3087 u8 type;
3088
3089 if (key->master)
3090 type = HCI_SMP_LTK;
3091 else
3092 type = HCI_SMP_LTK_SLAVE;
3093
4596fde5 3094 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 3095 bdaddr_to_le(key->addr.type),
04124681
GP		 3096 type, 0, key->authenticated, key->val,
3097 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 3098 }
3099
715a5bf2
JH		 3100 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
3101 NULL, 0);
3102
346af67b 3103 hci_dev_unlock(hdev);
346af67b 3104
715a5bf2 3105 return err;
346af67b
VCG		 3106}
3107
2e3c35ea 3108static const struct mgmt_handler {
04124681
GP		 3109 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
3110 u16 data_len);
be22b54e
JH		 3111 bool var_len;
3112 size_t data_len;
0f4e68cf
JH		 3113} mgmt_handlers[] = {
3114 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 3115 { read_version, false, MGMT_READ_VERSION_SIZE },
3116 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
3117 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
3118 { read_controller_info, false, MGMT_READ_INFO_SIZE },
3119 { set_powered, false, MGMT_SETTING_SIZE },
3120 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
3121 { set_connectable, false, MGMT_SETTING_SIZE },
3122 { set_fast_connectable, false, MGMT_SETTING_SIZE },
3123 { set_pairable, false, MGMT_SETTING_SIZE },
3124 { set_link_security, false, MGMT_SETTING_SIZE },
3125 { set_ssp, false, MGMT_SETTING_SIZE },
3126 { set_hs, false, MGMT_SETTING_SIZE },
3127 { set_le, false, MGMT_SETTING_SIZE },
3128 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
3129 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
3130 { add_uuid, false, MGMT_ADD_UUID_SIZE },
3131 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
3132 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
3133 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
3134 { disconnect, false, MGMT_DISCONNECT_SIZE },
3135 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
3136 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
3137 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
3138 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
3139 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
3140 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
3141 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
3142 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
3143 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
3144 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
3145 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
3146 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
3147 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
3148 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
3149 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
3150 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
3151 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
3152 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
3153 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 3154 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 3155};
3156
3157
0381101f
JH		 3158int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
3159{
650f726d
VCG		 3160 void *buf;
3161 u8 *cp;
0381101f 3162 struct mgmt_hdr *hdr;
4e51eae9 3163 u16 opcode, index, len;
bdb6d971 3164 struct hci_dev *hdev = NULL;
2e3c35ea 3165 const struct mgmt_handler *handler;
0381101f
JH		 3166 int err;
3167
3168 BT_DBG("got %zu bytes", msglen);
3169
3170 if (msglen < sizeof(*hdr))
3171 return -EINVAL;
3172
e63a15ec 3173 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 3174 if (!buf)
3175 return -ENOMEM;
3176
3177 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
3178 err = -EFAULT;
3179 goto done;
3180 }
3181
650f726d 3182 hdr = buf;
1f350c87
MH		 3183 opcode = __le16_to_cpu(hdr->opcode);
3184 index = __le16_to_cpu(hdr->index);
3185 len = __le16_to_cpu(hdr->len);
0381101f
JH		 3186
3187 if (len != msglen - sizeof(*hdr)) {
3188 err = -EINVAL;
3189 goto done;
3190 }
3191
0f4e68cf 3192 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 3193 hdev = hci_dev_get(index);
3194 if (!hdev) {
3195 err = cmd_status(sk, index, opcode,
04124681 3196 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 3197 goto done;
3198 }
3199 }
3200
0f4e68cf 3201 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 3202 mgmt_handlers[opcode].func == NULL) {
0381101f 3203 BT_DBG("Unknown op %u", opcode);
ca69b795 3204 err = cmd_status(sk, index, opcode,
04124681 3205 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 3206 goto done;
3207 }
3208
3209 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 3210 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 3211 err = cmd_status(sk, index, opcode,
04124681 3212 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 3213 goto done;
0381101f
JH		 3214 }
3215
be22b54e
JH		 3216 handler = &mgmt_handlers[opcode];
3217
3218 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 3219 (!handler->var_len && len != handler->data_len)) {
be22b54e 3220 err = cmd_status(sk, index, opcode,
04124681 3221 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 3222 goto done;
3223 }
3224
0f4e68cf
JH		 3225 if (hdev)
3226 mgmt_init_hdev(sk, hdev);
3227
3228 cp = buf + sizeof(*hdr);
3229
be22b54e 3230 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 3231 if (err < 0)
3232 goto done;
3233
0381101f
JH		 3234 err = msglen;
3235
3236done:
bdb6d971
JH		 3237 if (hdev)
3238 hci_dev_put(hdev);
3239
0381101f
JH		 3240 kfree(buf);
3241 return err;
3242}
c71e97bf 3243
b24752fe
JH		 3244static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
3245{
3246 u8 *status = data;
3247
3248 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
3249 mgmt_pending_remove(cmd);
3250}
3251
744cf19e 3252int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 3253{
bb4b2a9a
AE		 3254 if (!mgmt_valid_hdev(hdev))
3255 return -ENOTSUPP;
3256
744cf19e 3257 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 3258}
3259
744cf19e 3260int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 3261{
5f159032 3262 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 3263
bb4b2a9a
AE		 3264 if (!mgmt_valid_hdev(hdev))
3265 return -ENOTSUPP;
3266
744cf19e 3267 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 3268
744cf19e 3269 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 3270}
3271
73f22f62 3272struct cmd_lookup {
eec8d2bc 3273 struct sock *sk;
69ab39ea 3274 struct hci_dev *hdev;
90e70454 3275 u8 mgmt_status;
eec8d2bc
JH		 3276};
3277
69ab39ea 3278static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 3279{
73f22f62 3280 struct cmd_lookup *match = data;
eec8d2bc 3281
69ab39ea 3282 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 3283
3284 list_del(&cmd->list);
3285
3286 if (match->sk == NULL) {
3287 match->sk = cmd->sk;
3288 sock_hold(match->sk);
3289 }
3290
3291 mgmt_pending_free(cmd);
c71e97bf 3292}
5add6af8 3293
890ea898 3294static void set_bredr_scan(struct hci_request *req)
7f0ae647 3295{
890ea898 3296 struct hci_dev *hdev = req->hdev;
7f0ae647
JH		 3297 u8 scan = 0;
3298
4c01f8b8
JH		 3299 /* Ensure that fast connectable is disabled. This function will
3300 * not do anything if the page scan parameters are already what
3301 * they should be.
3302 */
3303 write_fast_connectable(req, false);
3304
7f0ae647
JH		 3305 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3306 scan |= SCAN_PAGE;
3307 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3308 scan |= SCAN_INQUIRY;
3309
890ea898
JH		 3310 if (scan)
3311 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
7f0ae647
JH		 3312}
3313
229ab39c
JH		 3314static void powered_complete(struct hci_dev *hdev, u8 status)
3315{
3316 struct cmd_lookup match = { NULL, hdev };
3317
3318 BT_DBG("status 0x%02x", status);
3319
3320 hci_dev_lock(hdev);
3321
3322 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
3323
3324 new_settings(hdev, match.sk);
3325
3326 hci_dev_unlock(hdev);
3327
3328 if (match.sk)
3329 sock_put(match.sk);
3330}
3331
70da6243 3332static int powered_update_hci(struct hci_dev *hdev)
5add6af8 3333{
890ea898 3334 struct hci_request req;
70da6243 3335 u8 link_sec;
5add6af8 3336
890ea898
JH		 3337 hci_req_init(&req, hdev);
3338
70da6243
JH		 3339 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
3340 !lmp_host_ssp_capable(hdev)) {
3341 u8 ssp = 1;
5e5282bb 3342
890ea898 3343 hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
70da6243 3344 }
5add6af8 3345
70da6243
JH		 3346 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
3347 struct hci_cp_write_le_host_supported cp;
f0ff92fb 3348
70da6243
JH		 3349 cp.le = 1;
3350 cp.simul = lmp_le_br_capable(hdev);
3d1cbdd6 3351
70da6243
JH		 3352 /* Check first if we already have the right
3353 * host state (host features set)
3354 */
3355 if (cp.le != lmp_host_le_capable(hdev) ||
3356 cp.simul != lmp_host_le_br_capable(hdev))
890ea898
JH		 3357 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED,
3358 sizeof(cp), &cp);
70da6243 3359 }
3d1cbdd6 3360
70da6243
JH		 3361 link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
3362 if (link_sec != test_bit(HCI_AUTH, &hdev->flags))
890ea898
JH		 3363 hci_req_add(&req, HCI_OP_WRITE_AUTH_ENABLE,
3364 sizeof(link_sec), &link_sec);
562fcc24 3365
70da6243 3366 if (lmp_bredr_capable(hdev)) {
890ea898
JH		 3367 set_bredr_scan(&req);
3368 update_class(&req);
13928971 3369 update_name(&req);
890ea898 3370 update_eir(&req);
70da6243 3371 }
562fcc24 3372
229ab39c 3373 return hci_req_run(&req, powered_complete);
70da6243 3374}
562fcc24 3375
70da6243
JH		 3376int mgmt_powered(struct hci_dev *hdev, u8 powered)
3377{
3378 struct cmd_lookup match = { NULL, hdev };
229ab39c
JH		 3379 u8 status_not_powered = MGMT_STATUS_NOT_POWERED;
3380 u8 zero_cod[] = { 0, 0, 0 };
70da6243 3381 int err;
f0ff92fb 3382
70da6243
JH		 3383 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3384 return 0;
3385
70da6243 3386 if (powered) {
229ab39c
JH		 3387 if (powered_update_hci(hdev) == 0)
3388 return 0;
fe038884 3389
229ab39c
JH		 3390 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp,
3391 &match);
3392 goto new_settings;
b24752fe
JH		 3393 }
3394
229ab39c
JH		 3395 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
3396 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status_not_powered);
3397
3398 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
3399 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
3400 zero_cod, sizeof(zero_cod), NULL);
3401
3402new_settings:
beadb2bd 3403 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 3404
3405 if (match.sk)
3406 sock_put(match.sk);
3407
7bb895d6 3408 return err;
5add6af8 3409}
73f22f62 3410
744cf19e 3411int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 3412{
76a7f3a4 3413 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3414 bool changed = false;
3415 int err = 0;
73f22f62 3416
5e5282bb
JH		 3417 if (discoverable) {
3418 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3419 changed = true;
3420 } else {
3421 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3422 changed = true;
3423 }
73f22f62 3424
ed9b5f2f 3425 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 3426 &match);
ed9b5f2f 3427
beadb2bd
JH		 3428 if (changed)
3429 err = new_settings(hdev, match.sk);
5e5282bb 3430
73f22f62
JH		 3431 if (match.sk)
3432 sock_put(match.sk);
3433
7bb895d6 3434 return err;
73f22f62 3435}
9fbcbb45 3436
744cf19e 3437int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 3438{
2b76f453 3439 struct pending_cmd *cmd;
5e5282bb
JH		 3440 bool changed = false;
3441 int err = 0;
9fbcbb45 3442
5e5282bb
JH		 3443 if (connectable) {
3444 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3445 changed = true;
3446 } else {
3447 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3448 changed = true;
3449 }
9fbcbb45 3450
2b76f453 3451 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
ed9b5f2f 3452
beadb2bd 3453 if (changed)
2b76f453 3454 err = new_settings(hdev, cmd ? cmd->sk : NULL);
9fbcbb45 3455
7bb895d6 3456 return err;
9fbcbb45 3457}
55ed8ca1 3458
744cf19e 3459int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3460{
ca69b795
JH		 3461 u8 mgmt_err = mgmt_status(status);
3462
2d7cee58 3463 if (scan & SCAN_PAGE)
744cf19e 3464 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 3465 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3466
3467 if (scan & SCAN_INQUIRY)
744cf19e 3468 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 3469 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3470
3471 return 0;
3472}
3473
53168e5b
CC		 3474int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3475 bool persistent)
55ed8ca1 3476{
86742e1e 3477 struct mgmt_ev_new_link_key ev;
55ed8ca1 3478
a492cd52 3479 memset(&ev, 0, sizeof(ev));
55ed8ca1 3480
a492cd52 3481 ev.store_hint = persistent;
d753fdc4 3482 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3483 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3484 ev.key.type = key->type;
9b3b4460 3485 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3486 ev.key.pin_len = key->pin_len;
55ed8ca1 3487
744cf19e 3488 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3489}
f7520543 3490
346af67b
VCG		 3491int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3492{
3493 struct mgmt_ev_new_long_term_key ev;
3494
3495 memset(&ev, 0, sizeof(ev));
3496
3497 ev.store_hint = persistent;
3498 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3499 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3500 ev.key.authenticated = key->authenticated;
3501 ev.key.enc_size = key->enc_size;
3502 ev.key.ediv = key->ediv;
3503
3504 if (key->type == HCI_SMP_LTK)
3505 ev.key.master = 1;
3506
3507 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3508 memcpy(ev.key.val, key->val, sizeof(key->val));
3509
04124681
GP		 3510 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3511 NULL);
346af67b
VCG		 3512}
3513
afc747a6 3514int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3515 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3516 u8 *dev_class)
f7520543 3517{
b644ba33
JH		 3518 char buf[512];
3519 struct mgmt_ev_device_connected *ev = (void *) buf;
3520 u16 eir_len = 0;
f7520543 3521
b644ba33 3522 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3523 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3524
c95f0ba7 3525 ev->flags = __cpu_to_le32(flags);
08c79b61 3526
b644ba33
JH		 3527 if (name_len > 0)
3528 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3529 name, name_len);
b644ba33
JH		 3530
3531 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3532 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3533 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3534
eb55ef07 3535 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3536
3537 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3538 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3539}
3540
8962ee74
JH		 3541static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3542{
c68fb7ff 3543 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3544 struct sock **sk = data;
a38528f1 3545 struct mgmt_rp_disconnect rp;
8962ee74 3546
88c3df13
JH		 3547 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3548 rp.addr.type = cp->addr.type;
8962ee74 3549
aee9b218 3550 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3551 sizeof(rp));
8962ee74
JH		 3552
3553 *sk = cmd->sk;
3554 sock_hold(*sk);
3555
a664b5bc 3556 mgmt_pending_remove(cmd);
8962ee74
JH		 3557}
3558
124f6e35 3559static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3560{
b1078ad0 3561 struct hci_dev *hdev = data;
124f6e35
JH		 3562 struct mgmt_cp_unpair_device *cp = cmd->param;
3563 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3564
3565 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3566 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3567 rp.addr.type = cp->addr.type;
a8a1d19e 3568
b1078ad0
JH		 3569 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3570
aee9b218 3571 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3572
3573 mgmt_pending_remove(cmd);
3574}
3575
afc747a6 3576int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3577 u8 link_type, u8 addr_type, u8 reason)
f7520543 3578{
f0d6a0ea 3579 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3580 struct sock *sk = NULL;
3581 int err;
3582
744cf19e 3583 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3584
f0d6a0ea
MA		 3585 bacpy(&ev.addr.bdaddr, bdaddr);
3586 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3587 ev.reason = reason;
f7520543 3588
afc747a6 3589 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3590 sk);
8962ee74
JH		 3591
3592 if (sk)
d97dcb66 3593 sock_put(sk);
8962ee74 3594
124f6e35 3595 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3596 hdev);
a8a1d19e 3597
8962ee74
JH		 3598 return err;
3599}
3600
88c3df13 3601int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3602 u8 link_type, u8 addr_type, u8 status)
8962ee74 3603{
88c3df13 3604 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3605 struct pending_cmd *cmd;
3606 int err;
3607
36a75f1b
JD		 3608 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3609 hdev);
3610
2e58ef3e 3611 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3612 if (!cmd)
3613 return -ENOENT;
3614
88c3df13 3615 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3616 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3617
88c3df13 3618 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3619 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3620
a664b5bc 3621 mgmt_pending_remove(cmd);
8962ee74
JH		 3622
3623 return err;
f7520543 3624}
17d5c04c 3625
48264f06 3626int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3627 u8 addr_type, u8 status)
17d5c04c
JH		 3628{
3629 struct mgmt_ev_connect_failed ev;
3630
4c659c39 3631 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3632 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3633 ev.status = mgmt_status(status);
17d5c04c 3634
744cf19e 3635 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3636}
980e1a53 3637
744cf19e 3638int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3639{
3640 struct mgmt_ev_pin_code_request ev;
3641
d8457698 3642 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3643 ev.addr.type = BDADDR_BREDR;
a770bb5a 3644 ev.secure = secure;
980e1a53 3645
744cf19e 3646 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3647 NULL);
980e1a53
JH		 3648}
3649
744cf19e 3650int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3651 u8 status)
980e1a53
JH		 3652{
3653 struct pending_cmd *cmd;
ac56fb13 3654 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3655 int err;
3656
2e58ef3e 3657 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3658 if (!cmd)
3659 return -ENOENT;
3660
d8457698 3661 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3662 rp.addr.type = BDADDR_BREDR;
ac56fb13 3663
aee9b218 3664 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3665 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3666
a664b5bc 3667 mgmt_pending_remove(cmd);
980e1a53
JH		 3668
3669 return err;
3670}
3671
744cf19e 3672int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3673 u8 status)
980e1a53
JH		 3674{
3675 struct pending_cmd *cmd;
ac56fb13 3676 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3677 int err;
3678
2e58ef3e 3679 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3680 if (!cmd)
3681 return -ENOENT;
3682
d8457698 3683 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3684 rp.addr.type = BDADDR_BREDR;
ac56fb13 3685
aee9b218 3686 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3687 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3688
a664b5bc 3689 mgmt_pending_remove(cmd);
980e1a53
JH		 3690
3691 return err;
3692}
a5c29683 3693
744cf19e 3694int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3695 u8 link_type, u8 addr_type, __le32 value,
3696 u8 confirm_hint)
a5c29683
JH		 3697{
3698 struct mgmt_ev_user_confirm_request ev;
3699
744cf19e 3700 BT_DBG("%s", hdev->name);
a5c29683 3701
272d90df 3702 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3703 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3704 ev.confirm_hint = confirm_hint;
78e8098e 3705 ev.value = value;
a5c29683 3706
744cf19e 3707 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3708 NULL);
a5c29683
JH		 3709}
3710
272d90df 3711int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3712 u8 link_type, u8 addr_type)
604086b7
BG		 3713{
3714 struct mgmt_ev_user_passkey_request ev;
3715
3716 BT_DBG("%s", hdev->name);
3717
272d90df 3718 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3719 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3720
3721 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3722 NULL);
604086b7
BG		 3723}
3724
0df4c185 3725static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3726 u8 link_type, u8 addr_type, u8 status,
3727 u8 opcode)
a5c29683
JH		 3728{
3729 struct pending_cmd *cmd;
3730 struct mgmt_rp_user_confirm_reply rp;
3731 int err;
3732
2e58ef3e 3733 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3734 if (!cmd)
3735 return -ENOENT;
3736
272d90df 3737 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3738 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3739 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3740 &rp, sizeof(rp));
a5c29683 3741
a664b5bc 3742 mgmt_pending_remove(cmd);
a5c29683
JH		 3743
3744 return err;
3745}
3746
744cf19e 3747int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3748 u8 link_type, u8 addr_type, u8 status)
a5c29683 3749{
272d90df 3750 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3751 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3752}
3753
272d90df 3754int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3755 u8 link_type, u8 addr_type, u8 status)
a5c29683 3756{
272d90df 3757 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3758 status,
3759 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3760}
2a611692 3761
604086b7 3762int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3763 u8 link_type, u8 addr_type, u8 status)
604086b7 3764{
272d90df 3765 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3766 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3767}
3768
272d90df 3769int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3770 u8 link_type, u8 addr_type, u8 status)
604086b7 3771{
272d90df 3772 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3773 status,
3774 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3775}
3776
92a25256
JH		 3777int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3778 u8 link_type, u8 addr_type, u32 passkey,
3779 u8 entered)
3780{
3781 struct mgmt_ev_passkey_notify ev;
3782
3783 BT_DBG("%s", hdev->name);
3784
3785 bacpy(&ev.addr.bdaddr, bdaddr);
3786 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3787 ev.passkey = __cpu_to_le32(passkey);
3788 ev.entered = entered;
3789
3790 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3791}
3792
bab73cb6 3793int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3794 u8 addr_type, u8 status)
2a611692
JH		 3795{
3796 struct mgmt_ev_auth_failed ev;
3797
bab73cb6 3798 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3799 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3800 ev.status = mgmt_status(status);
2a611692 3801
744cf19e 3802 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3803}
b312b161 3804
33ef95ed
JH		 3805int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3806{
3807 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3808 bool changed = false;
3809 int err = 0;
33ef95ed
JH		 3810
3811 if (status) {
3812 u8 mgmt_err = mgmt_status(status);
3813 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3814 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3815 return 0;
3816 }
3817
47990ea0
JH		 3818 if (test_bit(HCI_AUTH, &hdev->flags)) {
3819 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3820 changed = true;
3821 } else {
3822 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3823 changed = true;
3824 }
3825
33ef95ed 3826 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3827 &match);
33ef95ed 3828
47990ea0
JH		 3829 if (changed)
3830 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3831
3832 if (match.sk)
3833 sock_put(match.sk);
3834
3835 return err;
3836}
3837
890ea898 3838static void clear_eir(struct hci_request *req)
cacaf52f 3839{
890ea898 3840 struct hci_dev *hdev = req->hdev;
cacaf52f
JH		 3841 struct hci_cp_write_eir cp;
3842
976eb20e 3843 if (!lmp_ext_inq_capable(hdev))
890ea898 3844 return;
cacaf52f 3845
c80da27e
JH		 3846 memset(hdev->eir, 0, sizeof(hdev->eir));
3847
cacaf52f
JH		 3848 memset(&cp, 0, sizeof(cp));
3849
890ea898 3850 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
cacaf52f
JH		 3851}
3852
c0ecddc2 3853int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3854{
3855 struct cmd_lookup match = { NULL, hdev };
890ea898 3856 struct hci_request req;
c0ecddc2
JH		 3857 bool changed = false;
3858 int err = 0;
ed2c4ee3
JH		 3859
3860 if (status) {
3861 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3862
3863 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3864 &hdev->dev_flags))
c0ecddc2
JH		 3865 err = new_settings(hdev, NULL);
3866
04124681
GP		 3867 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3868 &mgmt_err);
c0ecddc2
JH		 3869
3870 return err;
3871 }
3872
3873 if (enable) {
3874 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3875 changed = true;
3876 } else {
3877 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3878 changed = true;
ed2c4ee3
JH		 3879 }
3880
3881 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3882
c0ecddc2
JH		 3883 if (changed)
3884 err = new_settings(hdev, match.sk);
ed2c4ee3 3885
5fc6ebb1 3886 if (match.sk)
ed2c4ee3
JH		 3887 sock_put(match.sk);
3888
890ea898
JH		 3889 hci_req_init(&req, hdev);
3890
5fc6ebb1 3891 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 3892 update_eir(&req);
5fc6ebb1 3893 else
890ea898
JH		 3894 clear_eir(&req);
3895
3896 hci_req_run(&req, NULL);
cacaf52f 3897
ed2c4ee3
JH		 3898 return err;
3899}
3900
92da6097 3901static void sk_lookup(struct pending_cmd *cmd, void *data)
90e70454
JH		 3902{
3903 struct cmd_lookup *match = data;
3904
90e70454
JH		 3905 if (match->sk == NULL) {
3906 match->sk = cmd->sk;
3907 sock_hold(match->sk);
3908 }
90e70454
JH		 3909}
3910
7f9a903c 3911int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3912 u8 status)
7f9a903c 3913{
90e70454
JH		 3914 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3915 int err = 0;
7f9a903c 3916
92da6097
JH		 3917 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, sk_lookup, &match);
3918 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, sk_lookup, &match);
3919 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, sk_lookup, &match);
90e70454
JH		 3920
3921 if (!status)
04124681
GP		 3922 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3923 3, NULL);
90e70454
JH		 3924
3925 if (match.sk)
3926 sock_put(match.sk);
7f9a903c
MH		 3927
3928 return err;
3929}
3930
744cf19e 3931int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161 3932{
b312b161 3933 struct mgmt_cp_set_local_name ev;
13928971 3934 struct pending_cmd *cmd;
28cc7bde 3935
13928971
JH		 3936 if (status)
3937 return 0;
b312b161
JH		 3938
3939 memset(&ev, 0, sizeof(ev));
3940 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3941 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3942
2e58ef3e 3943 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
13928971
JH		 3944 if (!cmd) {
3945 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
28cc7bde 3946
13928971
JH		 3947 /* If this is a HCI command related to powering on the
3948 * HCI dev don't send any mgmt signals.
3949 */
3950 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev))
3951 return 0;
890ea898 3952 }
b312b161 3953
13928971
JH		 3954 return mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
3955 cmd ? cmd->sk : NULL);
b312b161 3956}
c35938b2 3957
744cf19e 3958int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3959 u8 *randomizer, u8 status)
c35938b2
SJ		 3960{
3961 struct pending_cmd *cmd;
3962 int err;
3963
744cf19e 3964 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3965
2e58ef3e 3966 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3967 if (!cmd)
3968 return -ENOENT;
3969
3970 if (status) {
04124681
GP		 3971 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3972 mgmt_status(status));
c35938b2
SJ		 3973 } else {
3974 struct mgmt_rp_read_local_oob_data rp;
3975
3976 memcpy(rp.hash, hash, sizeof(rp.hash));
3977 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3978
744cf19e 3979 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3980 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3981 sizeof(rp));
c35938b2
SJ		 3982 }
3983
3984 mgmt_pending_remove(cmd);
3985
3986 return err;
3987}
e17acd40 3988
06199cf8
JH		 3989int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3990{
3991 struct cmd_lookup match = { NULL, hdev };
3992 bool changed = false;
3993 int err = 0;
3994
3995 if (status) {
3996 u8 mgmt_err = mgmt_status(status);
3997
3998 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3999 &hdev->dev_flags))
d97dcb66 4000 err = new_settings(hdev, NULL);
06199cf8 4001
d97dcb66
SJ		 4002 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
4003 &mgmt_err);
06199cf8
JH		 4004
4005 return err;
4006 }
4007
4008 if (enable) {
4009 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
4010 changed = true;
4011 } else {
4012 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
4013 changed = true;
4014 }
4015
4016 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
4017
4018 if (changed)
4019 err = new_settings(hdev, match.sk);
4020
4021 if (match.sk)
4022 sock_put(match.sk);
4023
4024 return err;
4025}
4026
48264f06 4027int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 4028 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
4029 ssp, u8 *eir, u16 eir_len)
e17acd40 4030{
e319d2e7
JH		 4031 char buf[512];
4032 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 4033 size_t ev_size;
e17acd40 4034
1dc06093
JH		 4035 /* Leave 5 bytes for a potential CoD field */
4036 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 4037 return -EINVAL;
4038
1dc06093
JH		 4039 memset(buf, 0, sizeof(buf));
4040
e319d2e7 4041 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4042 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 4043 ev->rssi = rssi;
9a395a80 4044 if (cfm_name)
612dfce9 4045 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 4046 if (!ssp)
612dfce9 4047 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 4048
1dc06093 4049 if (eir_len > 0)
e319d2e7 4050 memcpy(ev->eir, eir, eir_len);
e17acd40 4051
1dc06093
JH		 4052 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
4053 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 4054 dev_class, 3);
1dc06093 4055
eb55ef07 4056 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 4057 ev_size = sizeof(*ev) + eir_len;
f8523598 4058
e319d2e7 4059 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 4060}
a88a9652 4061
b644ba33 4062int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 4063 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 4064{
b644ba33
JH		 4065 struct mgmt_ev_device_found *ev;
4066 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
4067 u16 eir_len;
a88a9652 4068
b644ba33 4069 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 4070
b644ba33
JH		 4071 memset(buf, 0, sizeof(buf));
4072
4073 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4074 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 4075 ev->rssi = rssi;
4076
4077 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 4078 name_len);
b644ba33 4079
eb55ef07 4080 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 4081
053c7e0c 4082 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 4083 sizeof(*ev) + eir_len, NULL);
a88a9652 4084}
314b2381 4085
7a135109 4086int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 4087{
4088 struct pending_cmd *cmd;
f808e166 4089 u8 type;
164a6e78
JH		 4090 int err;
4091
203159d4
AG		 4092 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
4093
2e58ef3e 4094 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 4095 if (!cmd)
4096 return -ENOENT;
4097
f808e166
JH		 4098 type = hdev->discovery.type;
4099
4100 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 4101 &type, sizeof(type));
164a6e78
JH		 4102 mgmt_pending_remove(cmd);
4103
4104 return err;
4105}
4106
e6d465cb
AG		 4107int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
4108{
4109 struct pending_cmd *cmd;
4110 int err;
4111
4112 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
4113 if (!cmd)
4114 return -ENOENT;
4115
d930650b 4116 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 4117 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 4118 mgmt_pending_remove(cmd);
4119
4120 return err;
4121}
4122
744cf19e 4123int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 4124{
f963e8e9 4125 struct mgmt_ev_discovering ev;
164a6e78
JH		 4126 struct pending_cmd *cmd;
4127
343fb145
AG		 4128 BT_DBG("%s discovering %u", hdev->name, discovering);
4129
164a6e78 4130 if (discovering)
2e58ef3e 4131 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 4132 else
2e58ef3e 4133 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 4134
4135 if (cmd != NULL) {
f808e166
JH		 4136 u8 type = hdev->discovery.type;
4137
04124681
GP		 4138 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
4139 sizeof(type));
164a6e78
JH		 4140 mgmt_pending_remove(cmd);
4141 }
4142
f963e8e9
JH		 4143 memset(&ev, 0, sizeof(ev));
4144 ev.type = hdev->discovery.type;
4145 ev.discovering = discovering;
4146
4147 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 4148}
5e762444 4149
88c1fe4b 4150int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4151{
4152 struct pending_cmd *cmd;
4153 struct mgmt_ev_device_blocked ev;
4154
2e58ef3e 4155 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 4156
88c1fe4b
JH		 4157 bacpy(&ev.addr.bdaddr, bdaddr);
4158 ev.addr.type = type;
5e762444 4159
744cf19e 4160 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 4161 cmd ? cmd->sk : NULL);
5e762444
AJ		 4162}
4163
88c1fe4b 4164int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4165{
4166 struct pending_cmd *cmd;
4167 struct mgmt_ev_device_unblocked ev;
4168
2e58ef3e 4169 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 4170
88c1fe4b
JH		 4171 bacpy(&ev.addr.bdaddr, bdaddr);
4172 ev.addr.type = type;
5e762444 4173
744cf19e 4174 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 4175 cmd ? cmd->sk : NULL);
5e762444 4176}
d7b7e796
MH		 4177
4178module_param(enable_hs, bool, 0644);
4179MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux kernel - Deliverables
This page took 0.486111 seconds and 5 git commands to generate.