projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Move set_bredr_scan() to avoid forward declaration
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
ac4b7236
MH		 33
34#include "smp.h"
0381101f 35
2da9c55c 36#define MGMT_VERSION 1
9ab8cf37 37#define MGMT_REVISION 4
02d98129 38
e70bb2e8
JH		 39static const u16 mgmt_commands[] = {
40 MGMT_OP_READ_INDEX_LIST,
41 MGMT_OP_READ_INFO,
42 MGMT_OP_SET_POWERED,
43 MGMT_OP_SET_DISCOVERABLE,
44 MGMT_OP_SET_CONNECTABLE,
45 MGMT_OP_SET_FAST_CONNECTABLE,
46 MGMT_OP_SET_PAIRABLE,
47 MGMT_OP_SET_LINK_SECURITY,
48 MGMT_OP_SET_SSP,
49 MGMT_OP_SET_HS,
50 MGMT_OP_SET_LE,
51 MGMT_OP_SET_DEV_CLASS,
52 MGMT_OP_SET_LOCAL_NAME,
53 MGMT_OP_ADD_UUID,
54 MGMT_OP_REMOVE_UUID,
55 MGMT_OP_LOAD_LINK_KEYS,
56 MGMT_OP_LOAD_LONG_TERM_KEYS,
57 MGMT_OP_DISCONNECT,
58 MGMT_OP_GET_CONNECTIONS,
59 MGMT_OP_PIN_CODE_REPLY,
60 MGMT_OP_PIN_CODE_NEG_REPLY,
61 MGMT_OP_SET_IO_CAPABILITY,
62 MGMT_OP_PAIR_DEVICE,
63 MGMT_OP_CANCEL_PAIR_DEVICE,
64 MGMT_OP_UNPAIR_DEVICE,
65 MGMT_OP_USER_CONFIRM_REPLY,
66 MGMT_OP_USER_CONFIRM_NEG_REPLY,
67 MGMT_OP_USER_PASSKEY_REPLY,
68 MGMT_OP_USER_PASSKEY_NEG_REPLY,
69 MGMT_OP_READ_LOCAL_OOB_DATA,
70 MGMT_OP_ADD_REMOTE_OOB_DATA,
71 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
72 MGMT_OP_START_DISCOVERY,
73 MGMT_OP_STOP_DISCOVERY,
74 MGMT_OP_CONFIRM_NAME,
75 MGMT_OP_BLOCK_DEVICE,
76 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 77 MGMT_OP_SET_DEVICE_ID,
4375f103 78 MGMT_OP_SET_ADVERTISING,
0663ca2a 79 MGMT_OP_SET_BREDR,
d13eafce 80 MGMT_OP_SET_STATIC_ADDRESS,
7f72134e 81 MGMT_OP_SET_SCAN_PARAMS,
e70bb2e8
JH		 82};
83
84static const u16 mgmt_events[] = {
85 MGMT_EV_CONTROLLER_ERROR,
86 MGMT_EV_INDEX_ADDED,
87 MGMT_EV_INDEX_REMOVED,
88 MGMT_EV_NEW_SETTINGS,
89 MGMT_EV_CLASS_OF_DEV_CHANGED,
90 MGMT_EV_LOCAL_NAME_CHANGED,
91 MGMT_EV_NEW_LINK_KEY,
92 MGMT_EV_NEW_LONG_TERM_KEY,
93 MGMT_EV_DEVICE_CONNECTED,
94 MGMT_EV_DEVICE_DISCONNECTED,
95 MGMT_EV_CONNECT_FAILED,
96 MGMT_EV_PIN_CODE_REQUEST,
97 MGMT_EV_USER_CONFIRM_REQUEST,
98 MGMT_EV_USER_PASSKEY_REQUEST,
99 MGMT_EV_AUTH_FAILED,
100 MGMT_EV_DEVICE_FOUND,
101 MGMT_EV_DISCOVERING,
102 MGMT_EV_DEVICE_BLOCKED,
103 MGMT_EV_DEVICE_UNBLOCKED,
104 MGMT_EV_DEVICE_UNPAIRED,
92a25256 105 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 106};
107
17b02e62 108#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 109
4b34ee78
JH		 110#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
111 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
112
eec8d2bc
JH		 113struct pending_cmd {
114 struct list_head list;
fc2f4b13 115 u16 opcode;
eec8d2bc 116 int index;
c68fb7ff 117 void *param;
eec8d2bc 118 struct sock *sk;
e9a416b5 119 void *user_data;
eec8d2bc
JH		 120};
121
ca69b795
JH		 122/* HCI to MGMT error code conversion table */
123static u8 mgmt_status_table[] = {
124 MGMT_STATUS_SUCCESS,
125 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
126 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
127 MGMT_STATUS_FAILED, /* Hardware Failure */
128 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
129 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
130 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
131 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
132 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
133 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
134 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
135 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
136 MGMT_STATUS_BUSY, /* Command Disallowed */
137 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
138 MGMT_STATUS_REJECTED, /* Rejected Security */
139 MGMT_STATUS_REJECTED, /* Rejected Personal */
140 MGMT_STATUS_TIMEOUT, /* Host Timeout */
141 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
142 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
143 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
144 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
145 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
146 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
147 MGMT_STATUS_BUSY, /* Repeated Attempts */
148 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
149 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
150 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
151 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
152 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
153 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
154 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
155 MGMT_STATUS_FAILED, /* Unspecified Error */
156 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
157 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
158 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
159 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
160 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
161 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
162 MGMT_STATUS_FAILED, /* Unit Link Key Used */
163 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
164 MGMT_STATUS_TIMEOUT, /* Instant Passed */
165 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
166 MGMT_STATUS_FAILED, /* Transaction Collision */
167 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
168 MGMT_STATUS_REJECTED, /* QoS Rejected */
169 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
170 MGMT_STATUS_REJECTED, /* Insufficient Security */
171 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
172 MGMT_STATUS_BUSY, /* Role Switch Pending */
173 MGMT_STATUS_FAILED, /* Slot Violation */
174 MGMT_STATUS_FAILED, /* Role Switch Failed */
175 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
176 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
177 MGMT_STATUS_BUSY, /* Host Busy Pairing */
178 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
179 MGMT_STATUS_BUSY, /* Controller Busy */
180 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
181 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
182 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
183 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
184 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
185};
186
187static u8 mgmt_status(u8 hci_status)
188{
189 if (hci_status < ARRAY_SIZE(mgmt_status_table))
190 return mgmt_status_table[hci_status];
191
192 return MGMT_STATUS_FAILED;
193}
194
4e51eae9 195static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 196{
197 struct sk_buff *skb;
198 struct mgmt_hdr *hdr;
199 struct mgmt_ev_cmd_status *ev;
56b7d137 200 int err;
f7b64e69 201
34eb525c 202 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 203
790eff44 204 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 205 if (!skb)
206 return -ENOMEM;
207
208 hdr = (void *) skb_put(skb, sizeof(*hdr));
209
612dfce9 210 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 211 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 212 hdr->len = cpu_to_le16(sizeof(*ev));
213
214 ev = (void *) skb_put(skb, sizeof(*ev));
215 ev->status = status;
eb55ef07 216 ev->opcode = cpu_to_le16(cmd);
f7b64e69 217
56b7d137
GP		 218 err = sock_queue_rcv_skb(sk, skb);
219 if (err < 0)
f7b64e69
JH		 220 kfree_skb(skb);
221
56b7d137 222 return err;
f7b64e69
JH		 223}
224
aee9b218 225static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 226 void *rp, size_t rp_len)
02d98129
JH		 227{
228 struct sk_buff *skb;
229 struct mgmt_hdr *hdr;
230 struct mgmt_ev_cmd_complete *ev;
56b7d137 231 int err;
02d98129
JH		 232
233 BT_DBG("sock %p", sk);
234
790eff44 235 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 236 if (!skb)
237 return -ENOMEM;
238
239 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 240
612dfce9 241 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 242 hdr->index = cpu_to_le16(index);
a38528f1 243 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 244
a38528f1 245 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 246 ev->opcode = cpu_to_le16(cmd);
aee9b218 247 ev->status = status;
8020c16a
SJ		 248
249 if (rp)
250 memcpy(ev->data, rp, rp_len);
02d98129 251
56b7d137
GP		 252 err = sock_queue_rcv_skb(sk, skb);
253 if (err < 0)
02d98129
JH		 254 kfree_skb(skb);
255
e5f0e151 256 return err;
02d98129
JH		 257}
258
04124681
GP		 259static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
260 u16 data_len)
a38528f1
JH		 261{
262 struct mgmt_rp_read_version rp;
263
264 BT_DBG("sock %p", sk);
265
266 rp.version = MGMT_VERSION;
eb55ef07 267 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 268
aee9b218 269 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 270 sizeof(rp));
a38528f1
JH		 271}
272
04124681
GP		 273static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
274 u16 data_len)
e70bb2e8
JH		 275{
276 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 277 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
278 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 279 __le16 *opcode;
e70bb2e8
JH		 280 size_t rp_size;
281 int i, err;
282
283 BT_DBG("sock %p", sk);
284
285 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
286
287 rp = kmalloc(rp_size, GFP_KERNEL);
288 if (!rp)
289 return -ENOMEM;
290
eb55ef07
MH		 291 rp->num_commands = __constant_cpu_to_le16(num_commands);
292 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 293
294 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
295 put_unaligned_le16(mgmt_commands[i], opcode);
296
297 for (i = 0; i < num_events; i++, opcode++)
298 put_unaligned_le16(mgmt_events[i], opcode);
299
aee9b218 300 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 301 rp_size);
e70bb2e8
JH		 302 kfree(rp);
303
304 return err;
305}
306
04124681
GP		 307static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
308 u16 data_len)
faba42eb 309{
faba42eb 310 struct mgmt_rp_read_index_list *rp;
8035ded4 311 struct hci_dev *d;
a38528f1 312 size_t rp_len;
faba42eb 313 u16 count;
476e44cb 314 int err;
faba42eb
JH		 315
316 BT_DBG("sock %p", sk);
317
318 read_lock(&hci_dev_list_lock);
319
320 count = 0;
bb4b2a9a 321 list_for_each_entry(d, &hci_dev_list, list) {
1514b892
MH		 322 if (d->dev_type == HCI_BREDR)
323 count++;
faba42eb
JH		 324 }
325
a38528f1
JH		 326 rp_len = sizeof(*rp) + (2 * count);
327 rp = kmalloc(rp_len, GFP_ATOMIC);
328 if (!rp) {
b2c60d42 329 read_unlock(&hci_dev_list_lock);
faba42eb 330 return -ENOMEM;
b2c60d42 331 }
faba42eb 332
476e44cb 333 count = 0;
8035ded4 334 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 335 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 336 continue;
337
0736cfa8
MH		 338 if (test_bit(HCI_USER_CHANNEL, &d->dev_flags))
339 continue;
340
1514b892
MH		 341 if (d->dev_type == HCI_BREDR) {
342 rp->index[count++] = cpu_to_le16(d->id);
343 BT_DBG("Added hci%u", d->id);
344 }
faba42eb
JH		 345 }
346
476e44cb
JH		 347 rp->num_controllers = cpu_to_le16(count);
348 rp_len = sizeof(*rp) + (2 * count);
349
faba42eb
JH		 350 read_unlock(&hci_dev_list_lock);
351
aee9b218 352 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 353 rp_len);
faba42eb 354
a38528f1
JH		 355 kfree(rp);
356
357 return err;
faba42eb
JH		 358}
359
69ab39ea
JH		 360static u32 get_supported_settings(struct hci_dev *hdev)
361{
362 u32 settings = 0;
363
364 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 365 settings |= MGMT_SETTING_PAIRABLE;
366
ed3fa31f 367 if (lmp_bredr_capable(hdev)) {
33c525c0 368 settings |= MGMT_SETTING_CONNECTABLE;
1a47aee8
JH		 369 if (hdev->hci_ver >= BLUETOOTH_VER_1_2)
370 settings |= MGMT_SETTING_FAST_CONNECTABLE;
33c525c0 371 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 372 settings |= MGMT_SETTING_BREDR;
373 settings |= MGMT_SETTING_LINK_SECURITY;
a82974c9
MH		 374
375 if (lmp_ssp_capable(hdev)) {
376 settings |= MGMT_SETTING_SSP;
377 settings |= MGMT_SETTING_HS;
378 }
848566b3 379 }
d7b7e796 380
eeca6f89 381 if (lmp_le_capable(hdev)) {
9d42820f 382 settings |= MGMT_SETTING_LE;
eeca6f89
JH		 383 settings |= MGMT_SETTING_ADVERTISING;
384 }
69ab39ea
JH		 385
386 return settings;
387}
388
389static u32 get_current_settings(struct hci_dev *hdev)
390{
391 u32 settings = 0;
392
f1f0eb02 393 if (hdev_is_powered(hdev))
f0d4b78a
MH		 394 settings |= MGMT_SETTING_POWERED;
395
5e5282bb 396 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 397 settings |= MGMT_SETTING_CONNECTABLE;
398
1a4d3c4b
JH		 399 if (test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
400 settings |= MGMT_SETTING_FAST_CONNECTABLE;
401
5e5282bb 402 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 403 settings |= MGMT_SETTING_DISCOVERABLE;
404
a8b2d5c2 405 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 406 settings |= MGMT_SETTING_PAIRABLE;
407
56f87901 408 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 409 settings |= MGMT_SETTING_BREDR;
410
06199cf8 411 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 412 settings |= MGMT_SETTING_LE;
413
47990ea0 414 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 415 settings |= MGMT_SETTING_LINK_SECURITY;
416
84bde9d6 417 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 418 settings |= MGMT_SETTING_SSP;
419
6d80dfd0
JH		 420 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
421 settings |= MGMT_SETTING_HS;
422
f3d3444a 423 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags))
eeca6f89
JH		 424 settings |= MGMT_SETTING_ADVERTISING;
425
69ab39ea
JH		 426 return settings;
427}
428
ef580372
JH		 429#define PNP_INFO_SVCLASS_ID 0x1200
430
213202ed
JH		 431static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
432{
433 u8 *ptr = data, *uuids_start = NULL;
434 struct bt_uuid *uuid;
435
436 if (len < 4)
437 return ptr;
438
439 list_for_each_entry(uuid, &hdev->uuids, list) {
440 u16 uuid16;
441
442 if (uuid->size != 16)
443 continue;
444
445 uuid16 = get_unaligned_le16(&uuid->uuid[12]);
446 if (uuid16 < 0x1100)
447 continue;
448
449 if (uuid16 == PNP_INFO_SVCLASS_ID)
450 continue;
451
452 if (!uuids_start) {
453 uuids_start = ptr;
454 uuids_start[0] = 1;
455 uuids_start[1] = EIR_UUID16_ALL;
456 ptr += 2;
457 }
458
459 /* Stop if not enough space to put next UUID */
460 if ((ptr - data) + sizeof(u16) > len) {
461 uuids_start[1] = EIR_UUID16_SOME;
462 break;
463 }
464
465 *ptr++ = (uuid16 & 0x00ff);
466 *ptr++ = (uuid16 & 0xff00) >> 8;
467 uuids_start[0] += sizeof(uuid16);
468 }
469
470 return ptr;
471}
472
cdf1963f
JH		 473static u8 *create_uuid32_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
474{
475 u8 *ptr = data, *uuids_start = NULL;
476 struct bt_uuid *uuid;
477
478 if (len < 6)
479 return ptr;
480
481 list_for_each_entry(uuid, &hdev->uuids, list) {
482 if (uuid->size != 32)
483 continue;
484
485 if (!uuids_start) {
486 uuids_start = ptr;
487 uuids_start[0] = 1;
488 uuids_start[1] = EIR_UUID32_ALL;
489 ptr += 2;
490 }
491
492 /* Stop if not enough space to put next UUID */
493 if ((ptr - data) + sizeof(u32) > len) {
494 uuids_start[1] = EIR_UUID32_SOME;
495 break;
496 }
497
498 memcpy(ptr, &uuid->uuid[12], sizeof(u32));
499 ptr += sizeof(u32);
500 uuids_start[0] += sizeof(u32);
501 }
502
503 return ptr;
504}
505
c00d575b
JH		 506static u8 *create_uuid128_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
507{
508 u8 *ptr = data, *uuids_start = NULL;
509 struct bt_uuid *uuid;
510
511 if (len < 18)
512 return ptr;
513
514 list_for_each_entry(uuid, &hdev->uuids, list) {
515 if (uuid->size != 128)
516 continue;
517
518 if (!uuids_start) {
519 uuids_start = ptr;
520 uuids_start[0] = 1;
521 uuids_start[1] = EIR_UUID128_ALL;
522 ptr += 2;
523 }
524
525 /* Stop if not enough space to put next UUID */
526 if ((ptr - data) + 16 > len) {
527 uuids_start[1] = EIR_UUID128_SOME;
528 break;
529 }
530
531 memcpy(ptr, uuid->uuid, 16);
532 ptr += 16;
533 uuids_start[0] += 16;
534 }
535
536 return ptr;
537}
538
ef580372
JH		 539static void create_eir(struct hci_dev *hdev, u8 *data)
540{
541 u8 *ptr = data;
ef580372
JH		 542 size_t name_len;
543
544 name_len = strlen(hdev->dev_name);
545
546 if (name_len > 0) {
547 /* EIR Data type */
548 if (name_len > 48) {
549 name_len = 48;
550 ptr[1] = EIR_NAME_SHORT;
551 } else
552 ptr[1] = EIR_NAME_COMPLETE;
553
554 /* EIR Data length */
555 ptr[0] = name_len + 1;
556
557 memcpy(ptr + 2, hdev->dev_name, name_len);
558
ef580372
JH		 559 ptr += (name_len + 2);
560 }
561
bbaf444a 562 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 563 ptr[0] = 2;
564 ptr[1] = EIR_TX_POWER;
565 ptr[2] = (u8) hdev->inq_tx_power;
566
91c4e9b1
MH		 567 ptr += 3;
568 }
569
2b9be137
MH		 570 if (hdev->devid_source > 0) {
571 ptr[0] = 9;
572 ptr[1] = EIR_DEVICE_ID;
573
574 put_unaligned_le16(hdev->devid_source, ptr + 2);
575 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
576 put_unaligned_le16(hdev->devid_product, ptr + 6);
577 put_unaligned_le16(hdev->devid_version, ptr + 8);
578
2b9be137
MH		 579 ptr += 10;
580 }
581
213202ed 582 ptr = create_uuid16_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
cdf1963f 583 ptr = create_uuid32_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
c00d575b 584 ptr = create_uuid128_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
ef580372
JH		 585}
586
890ea898 587static void update_eir(struct hci_request *req)
ef580372 588{
890ea898 589 struct hci_dev *hdev = req->hdev;
ef580372
JH		 590 struct hci_cp_write_eir cp;
591
504c8dcd 592 if (!hdev_is_powered(hdev))
890ea898 593 return;
7770c4aa 594
976eb20e 595 if (!lmp_ext_inq_capable(hdev))
890ea898 596 return;
ef580372 597
84bde9d6 598 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 599 return;
ef580372 600
a8b2d5c2 601 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 602 return;
ef580372
JH		 603
604 memset(&cp, 0, sizeof(cp));
605
606 create_eir(hdev, cp.data);
607
608 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
890ea898 609 return;
ef580372
JH		 610
611 memcpy(hdev->eir, cp.data, sizeof(cp.data));
612
890ea898 613 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
ef580372
JH		 614}
615
616static u8 get_service_classes(struct hci_dev *hdev)
617{
618 struct bt_uuid *uuid;
619 u8 val = 0;
620
621 list_for_each_entry(uuid, &hdev->uuids, list)
622 val |= uuid->svc_hint;
623
624 return val;
625}
626
890ea898 627static void update_class(struct hci_request *req)
ef580372 628{
890ea898 629 struct hci_dev *hdev = req->hdev;
ef580372
JH		 630 u8 cod[3];
631
632 BT_DBG("%s", hdev->name);
633
504c8dcd 634 if (!hdev_is_powered(hdev))
890ea898 635 return;
7770c4aa 636
a8b2d5c2 637 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 638 return;
ef580372
JH		 639
640 cod[0] = hdev->minor_class;
641 cod[1] = hdev->major_class;
642 cod[2] = get_service_classes(hdev);
643
644 if (memcmp(cod, hdev->dev_class, 3) == 0)
890ea898 645 return;
ef580372 646
890ea898 647 hci_req_add(req, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
ef580372
JH		 648}
649
7d78525d
JH		 650static void service_cache_off(struct work_struct *work)
651{
652 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 653 service_cache.work);
890ea898 654 struct hci_request req;
7d78525d 655
a8b2d5c2 656 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 657 return;
658
890ea898
JH		 659 hci_req_init(&req, hdev);
660
7d78525d
JH		 661 hci_dev_lock(hdev);
662
890ea898
JH		 663 update_eir(&req);
664 update_class(&req);
7d78525d
JH		 665
666 hci_dev_unlock(hdev);
890ea898
JH		 667
668 hci_req_run(&req, NULL);
7d78525d
JH		 669}
670
6a919082 671static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 672{
4f87da80 673 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 674 return;
675
4f87da80 676 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 677
4f87da80
JH		 678 /* Non-mgmt controlled devices get this bit set
679 * implicitly so that pairing works for them, however
680 * for mgmt we require user-space to explicitly enable
681 * it
682 */
683 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 684}
685
0f4e68cf 686static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 687 void *data, u16 data_len)
0381101f 688{
a38528f1 689 struct mgmt_rp_read_info rp;
f7b64e69 690
bdb6d971 691 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 692
09fd0de5 693 hci_dev_lock(hdev);
f7b64e69 694
dc4fe30b
JH		 695 memset(&rp, 0, sizeof(rp));
696
69ab39ea 697 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 698
69ab39ea 699 rp.version = hdev->hci_ver;
eb55ef07 700 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 701
702 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
703 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 704
a38528f1 705 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 706
dc4fe30b 707 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 708 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 709
09fd0de5 710 hci_dev_unlock(hdev);
0381101f 711
bdb6d971 712 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 713 sizeof(rp));
0381101f
JH		 714}
715
eec8d2bc
JH		 716static void mgmt_pending_free(struct pending_cmd *cmd)
717{
718 sock_put(cmd->sk);
c68fb7ff 719 kfree(cmd->param);
eec8d2bc
JH		 720 kfree(cmd);
721}
722
366a0336 723static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 724 struct hci_dev *hdev, void *data,
725 u16 len)
eec8d2bc
JH		 726{
727 struct pending_cmd *cmd;
728
12b94565 729 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 730 if (!cmd)
366a0336 731 return NULL;
eec8d2bc
JH		 732
733 cmd->opcode = opcode;
2e58ef3e 734 cmd->index = hdev->id;
eec8d2bc 735
12b94565 736 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 737 if (!cmd->param) {
eec8d2bc 738 kfree(cmd);
366a0336 739 return NULL;
eec8d2bc
JH		 740 }
741
8fce6357
SJ		 742 if (data)
743 memcpy(cmd->param, data, len);
eec8d2bc
JH		 744
745 cmd->sk = sk;
746 sock_hold(sk);
747
2e58ef3e 748 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 749
366a0336 750 return cmd;
eec8d2bc
JH		 751}
752
744cf19e 753static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 754 void (*cb)(struct pending_cmd *cmd,
755 void *data),
04124681 756 void *data)
eec8d2bc 757{
a3d09356 758 struct pending_cmd *cmd, *tmp;
eec8d2bc 759
a3d09356 760 list_for_each_entry_safe(cmd, tmp, &hdev->mgmt_pending, list) {
b24752fe 761 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 762 continue;
763
eec8d2bc
JH		 764 cb(cmd, data);
765 }
766}
767
2e58ef3e 768static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 769{
8035ded4 770 struct pending_cmd *cmd;
eec8d2bc 771
2e58ef3e 772 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 773 if (cmd->opcode == opcode)
774 return cmd;
eec8d2bc
JH		 775 }
776
777 return NULL;
778}
779
a664b5bc 780static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 781{
73f22f62
JH		 782 list_del(&cmd->list);
783 mgmt_pending_free(cmd);
784}
785
69ab39ea 786static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 787{
69ab39ea 788 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 789
aee9b218 790 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 791 sizeof(settings));
8680570b
JH		 792}
793
bdb6d971 794static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 795 u16 len)
eec8d2bc 796{
650f726d 797 struct mgmt_mode *cp = data;
366a0336 798 struct pending_cmd *cmd;
4b34ee78 799 int err;
eec8d2bc 800
bdb6d971 801 BT_DBG("request for %s", hdev->name);
eec8d2bc 802
a7e80f25
JH		 803 if (cp->val != 0x00 && cp->val != 0x01)
804 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
805 MGMT_STATUS_INVALID_PARAMS);
806
09fd0de5 807 hci_dev_lock(hdev);
eec8d2bc 808
87b95ba6
JH		 809 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
810 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
811 MGMT_STATUS_BUSY);
812 goto failed;
813 }
814
f0d4b78a
MH		 815 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
816 cancel_delayed_work(&hdev->power_off);
817
818 if (cp->val) {
a1d70450
JH		 819 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
820 data, len);
821 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 822 goto failed;
823 }
824 }
825
4b34ee78 826 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 827 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 828 goto failed;
829 }
830
2e58ef3e 831 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 832 if (!cmd) {
833 err = -ENOMEM;
eec8d2bc 834 goto failed;
366a0336 835 }
eec8d2bc 836
72a734ec 837 if (cp->val)
19202573 838 queue_work(hdev->req_workqueue, &hdev->power_on);
eec8d2bc 839 else
19202573 840 queue_work(hdev->req_workqueue, &hdev->power_off.work);
eec8d2bc 841
366a0336 842 err = 0;
eec8d2bc
JH		 843
844failed:
09fd0de5 845 hci_dev_unlock(hdev);
366a0336 846 return err;
eec8d2bc
JH		 847}
848
04124681
GP		 849static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
850 struct sock *skip_sk)
beadb2bd
JH		 851{
852 struct sk_buff *skb;
853 struct mgmt_hdr *hdr;
854
790eff44 855 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 856 if (!skb)
857 return -ENOMEM;
858
859 hdr = (void *) skb_put(skb, sizeof(*hdr));
860 hdr->opcode = cpu_to_le16(event);
861 if (hdev)
862 hdr->index = cpu_to_le16(hdev->id);
863 else
612dfce9 864 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 865 hdr->len = cpu_to_le16(data_len);
866
867 if (data)
868 memcpy(skb_put(skb, data_len), data, data_len);
869
97e0bdeb
MH		 870 /* Time stamp */
871 __net_timestamp(skb);
872
beadb2bd
JH		 873 hci_send_to_control(skb, skip_sk);
874 kfree_skb(skb);
875
876 return 0;
877}
878
879static int new_settings(struct hci_dev *hdev, struct sock *skip)
880{
881 __le32 ev;
882
883 ev = cpu_to_le32(get_current_settings(hdev));
884
885 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
886}
887
bd99abdd
JH		 888struct cmd_lookup {
889 struct sock *sk;
890 struct hci_dev *hdev;
891 u8 mgmt_status;
892};
893
894static void settings_rsp(struct pending_cmd *cmd, void *data)
895{
896 struct cmd_lookup *match = data;
897
898 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
899
900 list_del(&cmd->list);
901
902 if (match->sk == NULL) {
903 match->sk = cmd->sk;
904 sock_hold(match->sk);
905 }
906
907 mgmt_pending_free(cmd);
908}
909
910static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
911{
912 u8 *status = data;
913
914 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
915 mgmt_pending_remove(cmd);
916}
917
e6fe7986
JH		 918static u8 mgmt_bredr_support(struct hci_dev *hdev)
919{
920 if (!lmp_bredr_capable(hdev))
921 return MGMT_STATUS_NOT_SUPPORTED;
922 else if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
923 return MGMT_STATUS_REJECTED;
924 else
925 return MGMT_STATUS_SUCCESS;
926}
927
928static u8 mgmt_le_support(struct hci_dev *hdev)
929{
930 if (!lmp_le_capable(hdev))
931 return MGMT_STATUS_NOT_SUPPORTED;
932 else if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
933 return MGMT_STATUS_REJECTED;
934 else
935 return MGMT_STATUS_SUCCESS;
936}
937
bdb6d971 938static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 939 u16 len)
73f22f62 940{
650f726d 941 struct mgmt_cp_set_discoverable *cp = data;
366a0336 942 struct pending_cmd *cmd;
5e5282bb 943 u16 timeout;
e6fe7986 944 u8 scan, status;
73f22f62
JH		 945 int err;
946
bdb6d971 947 BT_DBG("request for %s", hdev->name);
73f22f62 948
e6fe7986
JH		 949 status = mgmt_bredr_support(hdev);
950 if (status)
33c525c0 951 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
e6fe7986 952 status);
33c525c0 953
a7e80f25
JH		 954 if (cp->val != 0x00 && cp->val != 0x01)
955 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
956 MGMT_STATUS_INVALID_PARAMS);
957
1f350c87 958 timeout = __le16_to_cpu(cp->timeout);
24c54a90 959 if (!cp->val && timeout > 0)
bdb6d971 960 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 961 MGMT_STATUS_INVALID_PARAMS);
73f22f62 962
09fd0de5 963 hci_dev_lock(hdev);
73f22f62 964
5e5282bb 965 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 966 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 967 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 968 goto failed;
969 }
970
2e58ef3e 971 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 972 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 973 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 974 MGMT_STATUS_BUSY);
73f22f62
JH		 975 goto failed;
976 }
977
5e5282bb 978 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 979 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 980 MGMT_STATUS_REJECTED);
5e5282bb
JH		 981 goto failed;
982 }
983
984 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 985 bool changed = false;
986
987 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
988 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
989 changed = true;
990 }
991
5e5282bb 992 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 993 if (err < 0)
994 goto failed;
995
996 if (changed)
997 err = new_settings(hdev, sk);
998
5e5282bb
JH		 999 goto failed;
1000 }
1001
1002 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 1003 if (hdev->discov_timeout > 0) {
1004 cancel_delayed_work(&hdev->discov_off);
1005 hdev->discov_timeout = 0;
1006 }
1007
1008 if (cp->val && timeout > 0) {
1009 hdev->discov_timeout = timeout;
1010 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
1011 msecs_to_jiffies(hdev->discov_timeout * 1000));
1012 }
1013
69ab39ea 1014 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 1015 goto failed;
1016 }
1017
2e58ef3e 1018 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 1019 if (!cmd) {
1020 err = -ENOMEM;
73f22f62 1021 goto failed;
366a0336 1022 }
73f22f62
JH		 1023
1024 scan = SCAN_PAGE;
1025
72a734ec 1026 if (cp->val)
73f22f62 1027 scan |= SCAN_INQUIRY;
16ab91ab 1028 else
e0f9309f 1029 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 1030
1031 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1032 if (err < 0)
a664b5bc 1033 mgmt_pending_remove(cmd);
73f22f62 1034
16ab91ab 1035 if (cp->val)
5e5282bb 1036 hdev->discov_timeout = timeout;
16ab91ab 1037
73f22f62 1038failed:
09fd0de5 1039 hci_dev_unlock(hdev);
73f22f62
JH		 1040 return err;
1041}
1042
406d7804
JH		 1043static void write_fast_connectable(struct hci_request *req, bool enable)
1044{
bd98b996 1045 struct hci_dev *hdev = req->hdev;
406d7804
JH		 1046 struct hci_cp_write_page_scan_activity acp;
1047 u8 type;
1048
4c01f8b8
JH		 1049 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
1050 return;
1051
406d7804
JH		 1052 if (enable) {
1053 type = PAGE_SCAN_TYPE_INTERLACED;
1054
1055 /* 160 msec page scan interval */
1056 acp.interval = __constant_cpu_to_le16(0x0100);
1057 } else {
1058 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1059
1060 /* default 1.28 sec page scan */
1061 acp.interval = __constant_cpu_to_le16(0x0800);
1062 }
1063
1064 acp.window = __constant_cpu_to_le16(0x0012);
1065
bd98b996
JH		 1066 if (__cpu_to_le16(hdev->page_scan_interval) != acp.interval ||
1067 __cpu_to_le16(hdev->page_scan_window) != acp.window)
1068 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1069 sizeof(acp), &acp);
1070
1071 if (hdev->page_scan_type != type)
1072 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
406d7804
JH		 1073}
1074
1987fdc7
JH		 1075static u8 get_adv_type(struct hci_dev *hdev)
1076{
1077 struct pending_cmd *cmd;
1078 bool connectable;
1079
1080 /* If there's a pending mgmt command the flag will not yet have
1081 * it's final value, so check for this first.
1082 */
1083 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
1084 if (cmd) {
1085 struct mgmt_mode *cp = cmd->param;
1086 connectable = !!cp->val;
1087 } else {
1088 connectable = test_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1089 }
1090
1091 return connectable ? LE_ADV_IND : LE_ADV_NONCONN_IND;
1092}
1093
95c66e75
JH		 1094static void enable_advertising(struct hci_request *req)
1095{
1096 struct hci_dev *hdev = req->hdev;
1097 struct hci_cp_le_set_adv_param cp;
1098 u8 enable = 0x01;
1099
1100 memset(&cp, 0, sizeof(cp));
1101 cp.min_interval = __constant_cpu_to_le16(0x0800);
1102 cp.max_interval = __constant_cpu_to_le16(0x0800);
1987fdc7 1103 cp.type = get_adv_type(hdev);
95c66e75
JH		 1104 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
1105 cp.own_address_type = ADDR_LE_DEV_PUBLIC;
1106 else
1107 cp.own_address_type = ADDR_LE_DEV_RANDOM;
1108 cp.channel_map = 0x07;
1109
1110 hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp);
1111
1112 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
1113}
1114
1115static void disable_advertising(struct hci_request *req)
1116{
1117 u8 enable = 0x00;
1118
1119 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
1120}
1121
2b76f453
JH		 1122static void set_connectable_complete(struct hci_dev *hdev, u8 status)
1123{
1124 struct pending_cmd *cmd;
d7b856f9
JH		 1125 struct mgmt_mode *cp;
1126 bool changed;
2b76f453
JH		 1127
1128 BT_DBG("status 0x%02x", status);
1129
1130 hci_dev_lock(hdev);
1131
1132 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
1133 if (!cmd)
1134 goto unlock;
1135
37438c1f
JH		 1136 if (status) {
1137 u8 mgmt_err = mgmt_status(status);
1138 cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err);
1139 goto remove_cmd;
1140 }
1141
d7b856f9
JH		 1142 cp = cmd->param;
1143 if (cp->val)
1144 changed = !test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1145 else
1146 changed = test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1147
2b76f453
JH		 1148 send_settings_rsp(cmd->sk, MGMT_OP_SET_CONNECTABLE, hdev);
1149
d7b856f9
JH		 1150 if (changed)
1151 new_settings(hdev, cmd->sk);
1152
37438c1f 1153remove_cmd:
2b76f453
JH		 1154 mgmt_pending_remove(cmd);
1155
1156unlock:
1157 hci_dev_unlock(hdev);
1158}
1159
bdb6d971 1160static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1161 u16 len)
9fbcbb45 1162{
650f726d 1163 struct mgmt_mode *cp = data;
366a0336 1164 struct pending_cmd *cmd;
2b76f453 1165 struct hci_request req;
1987fdc7 1166 u8 scan;
9fbcbb45
JH		 1167 int err;
1168
bdb6d971 1169 BT_DBG("request for %s", hdev->name);
9fbcbb45 1170
1987fdc7
JH		 1171 if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags) &&
1172 !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
33c525c0 1173 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1987fdc7 1174 MGMT_STATUS_REJECTED);
33c525c0 1175
a7e80f25
JH		 1176 if (cp->val != 0x00 && cp->val != 0x01)
1177 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1178 MGMT_STATUS_INVALID_PARAMS);
1179
09fd0de5 1180 hci_dev_lock(hdev);
9fbcbb45 1181
4b34ee78 1182 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 1183 bool changed = false;
1184
1185 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
1186 changed = true;
1187
6bf0e469 1188 if (cp->val) {
5e5282bb 1189 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 1190 } else {
5e5282bb
JH		 1191 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1192 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1193 }
0224d2fa 1194
5e5282bb 1195 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1196 if (err < 0)
1197 goto failed;
1198
1199 if (changed)
1200 err = new_settings(hdev, sk);
1201
9fbcbb45
JH		 1202 goto failed;
1203 }
1204
2e58ef3e 1205 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1206 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1207 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1208 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1209 goto failed;
1210 }
1211
2e58ef3e 1212 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1213 if (!cmd) {
1214 err = -ENOMEM;
9fbcbb45 1215 goto failed;
366a0336 1216 }
9fbcbb45 1217
9b74246f 1218 hci_req_init(&req, hdev);
9fbcbb45 1219
9b74246f
JH		 1220 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) &&
1221 cp->val != test_bit(HCI_PSCAN, &hdev->flags)) {
df2c6c5e 1222
9b74246f
JH		 1223 if (cp->val) {
1224 scan = SCAN_PAGE;
1225 } else {
1226 scan = 0;
1227
1228 if (test_bit(HCI_ISCAN, &hdev->flags) &&
1229 hdev->discov_timeout > 0)
1230 cancel_delayed_work(&hdev->discov_off);
1231 }
2b76f453 1232
9b74246f
JH		 1233 hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1234 }
2b76f453 1235
4c01f8b8
JH		 1236 /* If we're going from non-connectable to connectable or
1237 * vice-versa when fast connectable is enabled ensure that fast
1238 * connectable gets disabled. write_fast_connectable won't do
1239 * anything if the page scan parameters are already what they
1240 * should be.
1241 */
1242 if (cp->val || test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
e36a3769
JH		 1243 write_fast_connectable(&req, false);
1244
1987fdc7
JH		 1245 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags) &&
1246 hci_conn_num(hdev, LE_LINK) == 0) {
1247 disable_advertising(&req);
1248 enable_advertising(&req);
1249 }
1250
2b76f453 1251 err = hci_req_run(&req, set_connectable_complete);
9b74246f 1252 if (err < 0) {
a664b5bc 1253 mgmt_pending_remove(cmd);
9b74246f
JH		 1254 if (err == -ENODATA)
1255 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE,
1256 hdev);
1257 goto failed;
1258 }
9fbcbb45
JH		 1259
1260failed:
09fd0de5 1261 hci_dev_unlock(hdev);
9fbcbb45
JH		 1262 return err;
1263}
1264
bdb6d971 1265static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1266 u16 len)
c542a06c 1267{
650f726d 1268 struct mgmt_mode *cp = data;
55594356 1269 bool changed;
c542a06c
JH		 1270 int err;
1271
bdb6d971 1272 BT_DBG("request for %s", hdev->name);
c542a06c 1273
a7e80f25
JH		 1274 if (cp->val != 0x00 && cp->val != 0x01)
1275 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1276 MGMT_STATUS_INVALID_PARAMS);
1277
09fd0de5 1278 hci_dev_lock(hdev);
c542a06c
JH		 1279
1280 if (cp->val)
55594356 1281 changed = !test_and_set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1282 else
55594356 1283 changed = test_and_clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1284
69ab39ea 1285 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c 1286 if (err < 0)
55594356 1287 goto unlock;
c542a06c 1288
55594356
MH		 1289 if (changed)
1290 err = new_settings(hdev, sk);
c542a06c 1291
55594356 1292unlock:
09fd0de5 1293 hci_dev_unlock(hdev);
c542a06c
JH		 1294 return err;
1295}
1296
04124681
GP		 1297static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1298 u16 len)
33ef95ed
JH		 1299{
1300 struct mgmt_mode *cp = data;
1301 struct pending_cmd *cmd;
e6fe7986 1302 u8 val, status;
33ef95ed
JH		 1303 int err;
1304
bdb6d971 1305 BT_DBG("request for %s", hdev->name);
33ef95ed 1306
e6fe7986
JH		 1307 status = mgmt_bredr_support(hdev);
1308 if (status)
33c525c0 1309 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
e6fe7986 1310 status);
33c525c0 1311
a7e80f25
JH		 1312 if (cp->val != 0x00 && cp->val != 0x01)
1313 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1314 MGMT_STATUS_INVALID_PARAMS);
1315
33ef95ed
JH		 1316 hci_dev_lock(hdev);
1317
4b34ee78 1318 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1319 bool changed = false;
1320
1321 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1322 &hdev->dev_flags)) {
47990ea0
JH		 1323 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1324 changed = true;
1325 }
1326
1327 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1328 if (err < 0)
1329 goto failed;
1330
1331 if (changed)
1332 err = new_settings(hdev, sk);
1333
33ef95ed
JH		 1334 goto failed;
1335 }
1336
1337 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1338 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1339 MGMT_STATUS_BUSY);
33ef95ed
JH		 1340 goto failed;
1341 }
1342
1343 val = !!cp->val;
1344
1345 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1346 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1347 goto failed;
1348 }
1349
1350 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1351 if (!cmd) {
1352 err = -ENOMEM;
1353 goto failed;
1354 }
1355
1356 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1357 if (err < 0) {
1358 mgmt_pending_remove(cmd);
1359 goto failed;
1360 }
1361
1362failed:
1363 hci_dev_unlock(hdev);
33ef95ed
JH		 1364 return err;
1365}
1366
bdb6d971 1367static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1368{
1369 struct mgmt_mode *cp = data;
1370 struct pending_cmd *cmd;
72ef0c1a 1371 u8 status;
ed2c4ee3
JH		 1372 int err;
1373
bdb6d971 1374 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1375
cdba5281
MH		 1376 status = mgmt_bredr_support(hdev);
1377 if (status)
1378 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, status);
1379
13ecd8b6
JH		 1380 if (!lmp_ssp_capable(hdev))
1381 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1382 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1383
a7e80f25
JH		 1384 if (cp->val != 0x00 && cp->val != 0x01)
1385 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1386 MGMT_STATUS_INVALID_PARAMS);
1387
13ecd8b6 1388 hci_dev_lock(hdev);
6c8f12c1 1389
4b34ee78 1390 if (!hdev_is_powered(hdev)) {
9ecb3e24 1391 bool changed;
c0ecddc2 1392
9ecb3e24
MH		 1393 if (cp->val) {
1394 changed = !test_and_set_bit(HCI_SSP_ENABLED,
1395 &hdev->dev_flags);
1396 } else {
1397 changed = test_and_clear_bit(HCI_SSP_ENABLED,
1398 &hdev->dev_flags);
1399 if (!changed)
1400 changed = test_and_clear_bit(HCI_HS_ENABLED,
1401 &hdev->dev_flags);
1402 else
1403 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
c0ecddc2
JH		 1404 }
1405
1406 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1407 if (err < 0)
1408 goto failed;
1409
1410 if (changed)
1411 err = new_settings(hdev, sk);
1412
ed2c4ee3
JH		 1413 goto failed;
1414 }
1415
9ecb3e24
MH		 1416 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev) ||
1417 mgmt_pending_find(MGMT_OP_SET_HS, hdev)) {
d97dcb66
SJ		 1418 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1419 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1420 goto failed;
1421 }
1422
72ef0c1a 1423 if (!!cp->val == test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
ed2c4ee3
JH		 1424 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1425 goto failed;
1426 }
1427
1428 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1429 if (!cmd) {
1430 err = -ENOMEM;
1431 goto failed;
1432 }
1433
72ef0c1a 1434 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &cp->val);
ed2c4ee3
JH		 1435 if (err < 0) {
1436 mgmt_pending_remove(cmd);
1437 goto failed;
1438 }
1439
1440failed:
1441 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1442 return err;
1443}
1444
bdb6d971 1445static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1446{
1447 struct mgmt_mode *cp = data;
ee392693 1448 bool changed;
e6fe7986 1449 u8 status;
ee392693 1450 int err;
6d80dfd0 1451
bdb6d971 1452 BT_DBG("request for %s", hdev->name);
6d80dfd0 1453
e6fe7986
JH		 1454 status = mgmt_bredr_support(hdev);
1455 if (status)
1456 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, status);
6d80dfd0 1457
9ecb3e24
MH		 1458 if (!lmp_ssp_capable(hdev))
1459 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1460 MGMT_STATUS_NOT_SUPPORTED);
1461
1462 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
1463 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1464 MGMT_STATUS_REJECTED);
1465
a7e80f25
JH		 1466 if (cp->val != 0x00 && cp->val != 0x01)
1467 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1468 MGMT_STATUS_INVALID_PARAMS);
1469
ee392693
MH		 1470 hci_dev_lock(hdev);
1471
a0cdf960 1472 if (cp->val) {
ee392693 1473 changed = !test_and_set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
a0cdf960
MH		 1474 } else {
1475 if (hdev_is_powered(hdev)) {
1476 err = cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1477 MGMT_STATUS_REJECTED);
1478 goto unlock;
1479 }
1480
ee392693 1481 changed = test_and_clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
a0cdf960 1482 }
ee392693
MH		 1483
1484 err = send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
1485 if (err < 0)
1486 goto unlock;
1487
1488 if (changed)
1489 err = new_settings(hdev, sk);
6d80dfd0 1490
ee392693
MH		 1491unlock:
1492 hci_dev_unlock(hdev);
1493 return err;
6d80dfd0
JH		 1494}
1495
416a4ae5
JH		 1496static void le_enable_complete(struct hci_dev *hdev, u8 status)
1497{
1498 struct cmd_lookup match = { NULL, hdev };
1499
1500 if (status) {
1501 u8 mgmt_err = mgmt_status(status);
1502
1503 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
1504 &mgmt_err);
1505 return;
1506 }
1507
1508 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
1509
1510 new_settings(hdev, match.sk);
1511
1512 if (match.sk)
1513 sock_put(match.sk);
1514}
1515
bdb6d971 1516static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1517{
1518 struct mgmt_mode *cp = data;
1519 struct hci_cp_write_le_host_supported hci_cp;
1520 struct pending_cmd *cmd;
416a4ae5 1521 struct hci_request req;
06199cf8 1522 int err;
0b60eba1 1523 u8 val, enabled;
06199cf8 1524
bdb6d971 1525 BT_DBG("request for %s", hdev->name);
06199cf8 1526
13ecd8b6
JH		 1527 if (!lmp_le_capable(hdev))
1528 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1529 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1530
a7e80f25
JH		 1531 if (cp->val != 0x00 && cp->val != 0x01)
1532 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1533 MGMT_STATUS_INVALID_PARAMS);
1534
c73eee91 1535 /* LE-only devices do not allow toggling LE on/off */
56f87901 1536 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
c73eee91
JH		 1537 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1538 MGMT_STATUS_REJECTED);
1539
13ecd8b6 1540 hci_dev_lock(hdev);
06199cf8
JH		 1541
1542 val = !!cp->val;
ffa88e02 1543 enabled = lmp_host_le_capable(hdev);
06199cf8 1544
0b60eba1 1545 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1546 bool changed = false;
1547
1548 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1549 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1550 changed = true;
1551 }
1552
f3d3444a
JH		 1553 if (!val && test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
1554 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
eeca6f89
JH		 1555 changed = true;
1556 }
1557
06199cf8
JH		 1558 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1559 if (err < 0)
1de028ce 1560 goto unlock;
06199cf8
JH		 1561
1562 if (changed)
1563 err = new_settings(hdev, sk);
1564
1de028ce 1565 goto unlock;
06199cf8
JH		 1566 }
1567
4375f103
JH		 1568 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev) ||
1569 mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev)) {
bdb6d971 1570 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1571 MGMT_STATUS_BUSY);
1de028ce 1572 goto unlock;
06199cf8
JH		 1573 }
1574
1575 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1576 if (!cmd) {
1577 err = -ENOMEM;
1de028ce 1578 goto unlock;
06199cf8
JH		 1579 }
1580
1581 memset(&hci_cp, 0, sizeof(hci_cp));
1582
1583 if (val) {
1584 hci_cp.le = val;
ffa88e02 1585 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1586 }
1587
416a4ae5
JH		 1588 hci_req_init(&req, hdev);
1589
bba3aa55
MH		 1590 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags) && !val)
1591 disable_advertising(&req);
eeca6f89 1592
416a4ae5
JH		 1593 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1594 &hci_cp);
1595
1596 err = hci_req_run(&req, le_enable_complete);
0c01bc48 1597 if (err < 0)
06199cf8 1598 mgmt_pending_remove(cmd);
06199cf8 1599
1de028ce
JH		 1600unlock:
1601 hci_dev_unlock(hdev);
06199cf8
JH		 1602 return err;
1603}
1604
0cab9c80
JH		 1605/* This is a helper function to test for pending mgmt commands that can
1606 * cause CoD or EIR HCI commands. We can only allow one such pending
1607 * mgmt command at a time since otherwise we cannot easily track what
1608 * the current values are, will be, and based on that calculate if a new
1609 * HCI command needs to be sent and if yes with what value.
1610 */
1611static bool pending_eir_or_class(struct hci_dev *hdev)
1612{
1613 struct pending_cmd *cmd;
1614
1615 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1616 switch (cmd->opcode) {
1617 case MGMT_OP_ADD_UUID:
1618 case MGMT_OP_REMOVE_UUID:
1619 case MGMT_OP_SET_DEV_CLASS:
1620 case MGMT_OP_SET_POWERED:
1621 return true;
1622 }
1623 }
1624
1625 return false;
1626}
1627
83be8eca
JH		 1628static const u8 bluetooth_base_uuid[] = {
1629 0xfb, 0x34, 0x9b, 0x5f, 0x80, 0x00, 0x00, 0x80,
1630 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1631};
1632
1633static u8 get_uuid_size(const u8 *uuid)
1634{
1635 u32 val;
1636
1637 if (memcmp(uuid, bluetooth_base_uuid, 12))
1638 return 128;
1639
1640 val = get_unaligned_le32(&uuid[12]);
1641 if (val > 0xffff)
1642 return 32;
1643
1644 return 16;
1645}
1646
92da6097
JH		 1647static void mgmt_class_complete(struct hci_dev *hdev, u16 mgmt_op, u8 status)
1648{
1649 struct pending_cmd *cmd;
1650
1651 hci_dev_lock(hdev);
1652
1653 cmd = mgmt_pending_find(mgmt_op, hdev);
1654 if (!cmd)
1655 goto unlock;
1656
1657 cmd_complete(cmd->sk, cmd->index, cmd->opcode, mgmt_status(status),
1658 hdev->dev_class, 3);
1659
1660 mgmt_pending_remove(cmd);
1661
1662unlock:
1663 hci_dev_unlock(hdev);
1664}
1665
1666static void add_uuid_complete(struct hci_dev *hdev, u8 status)
1667{
1668 BT_DBG("status 0x%02x", status);
1669
1670 mgmt_class_complete(hdev, MGMT_OP_ADD_UUID, status);
1671}
1672
bdb6d971 1673static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1674{
650f726d 1675 struct mgmt_cp_add_uuid *cp = data;
90e70454 1676 struct pending_cmd *cmd;
890ea898 1677 struct hci_request req;
2aeb9a1a 1678 struct bt_uuid *uuid;
2aeb9a1a
JH		 1679 int err;
1680
bdb6d971 1681 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1682
09fd0de5 1683 hci_dev_lock(hdev);
2aeb9a1a 1684
0cab9c80 1685 if (pending_eir_or_class(hdev)) {
bdb6d971 1686 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1687 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1688 goto failed;
1689 }
1690
92c4c204 1691 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1692 if (!uuid) {
1693 err = -ENOMEM;
1694 goto failed;
1695 }
1696
1697 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1698 uuid->svc_hint = cp->svc_hint;
83be8eca 1699 uuid->size = get_uuid_size(cp->uuid);
2aeb9a1a 1700
de66aa63 1701 list_add_tail(&uuid->list, &hdev->uuids);
2aeb9a1a 1702
890ea898 1703 hci_req_init(&req, hdev);
1aff6f09 1704
890ea898
JH		 1705 update_class(&req);
1706 update_eir(&req);
1707
92da6097
JH		 1708 err = hci_req_run(&req, add_uuid_complete);
1709 if (err < 0) {
1710 if (err != -ENODATA)
1711 goto failed;
80a1e1db 1712
bdb6d971 1713 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1714 hdev->dev_class, 3);
90e70454
JH		 1715 goto failed;
1716 }
1717
1718 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
890ea898 1719 if (!cmd) {
90e70454 1720 err = -ENOMEM;
890ea898
JH		 1721 goto failed;
1722 }
1723
1724 err = 0;
2aeb9a1a
JH		 1725
1726failed:
09fd0de5 1727 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1728 return err;
1729}
1730
24b78d0f
JH		 1731static bool enable_service_cache(struct hci_dev *hdev)
1732{
1733 if (!hdev_is_powered(hdev))
1734 return false;
1735
1736 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
46818ed5
JH		 1737 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1738 CACHE_TIMEOUT);
24b78d0f
JH		 1739 return true;
1740 }
1741
1742 return false;
1743}
1744
92da6097
JH		 1745static void remove_uuid_complete(struct hci_dev *hdev, u8 status)
1746{
1747 BT_DBG("status 0x%02x", status);
1748
1749 mgmt_class_complete(hdev, MGMT_OP_REMOVE_UUID, status);
1750}
1751
bdb6d971 1752static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1753 u16 len)
2aeb9a1a 1754{
650f726d 1755 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1756 struct pending_cmd *cmd;
056341c8 1757 struct bt_uuid *match, *tmp;
2aeb9a1a 1758 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
890ea898 1759 struct hci_request req;
2aeb9a1a
JH		 1760 int err, found;
1761
bdb6d971 1762 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1763
09fd0de5 1764 hci_dev_lock(hdev);
2aeb9a1a 1765
0cab9c80 1766 if (pending_eir_or_class(hdev)) {
bdb6d971 1767 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1768 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1769 goto unlock;
1770 }
1771
2aeb9a1a
JH		 1772 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1773 err = hci_uuids_clear(hdev);
4004b6d9 1774
24b78d0f 1775 if (enable_service_cache(hdev)) {
bdb6d971 1776 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1777 0, hdev->dev_class, 3);
24b78d0f
JH		 1778 goto unlock;
1779 }
4004b6d9 1780
9246a869 1781 goto update_class;
2aeb9a1a
JH		 1782 }
1783
1784 found = 0;
1785
056341c8 1786 list_for_each_entry_safe(match, tmp, &hdev->uuids, list) {
2aeb9a1a
JH		 1787 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1788 continue;
1789
1790 list_del(&match->list);
482049f7 1791 kfree(match);
2aeb9a1a
JH		 1792 found++;
1793 }
1794
1795 if (found == 0) {
bdb6d971 1796 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1797 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1798 goto unlock;
1799 }
1800
9246a869 1801update_class:
890ea898 1802 hci_req_init(&req, hdev);
1aff6f09 1803
890ea898
JH		 1804 update_class(&req);
1805 update_eir(&req);
1806
92da6097
JH		 1807 err = hci_req_run(&req, remove_uuid_complete);
1808 if (err < 0) {
1809 if (err != -ENODATA)
1810 goto unlock;
80a1e1db 1811
bdb6d971 1812 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1813 hdev->dev_class, 3);
90e70454
JH		 1814 goto unlock;
1815 }
1816
1817 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
890ea898 1818 if (!cmd) {
90e70454 1819 err = -ENOMEM;
890ea898
JH		 1820 goto unlock;
1821 }
1822
1823 err = 0;
2aeb9a1a
JH		 1824
1825unlock:
09fd0de5 1826 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1827 return err;
1828}
1829
92da6097
JH		 1830static void set_class_complete(struct hci_dev *hdev, u8 status)
1831{
1832 BT_DBG("status 0x%02x", status);
1833
1834 mgmt_class_complete(hdev, MGMT_OP_SET_DEV_CLASS, status);
1835}
1836
bdb6d971 1837static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1838 u16 len)
1aff6f09 1839{
650f726d 1840 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1841 struct pending_cmd *cmd;
890ea898 1842 struct hci_request req;
1aff6f09
JH		 1843 int err;
1844
bdb6d971 1845 BT_DBG("request for %s", hdev->name);
1aff6f09 1846
6203fc98 1847 if (!lmp_bredr_capable(hdev))
13ecd8b6
JH		 1848 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1849 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1850
0cab9c80 1851 hci_dev_lock(hdev);
ee98f473 1852
0cab9c80
JH		 1853 if (pending_eir_or_class(hdev)) {
1854 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1855 MGMT_STATUS_BUSY);
1856 goto unlock;
1857 }
c95f0ba7 1858
0cab9c80
JH		 1859 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0) {
1860 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1861 MGMT_STATUS_INVALID_PARAMS);
1862 goto unlock;
1863 }
575b3a02 1864
932f5ff5
JH		 1865 hdev->major_class = cp->major;
1866 hdev->minor_class = cp->minor;
1867
b5235a65 1868 if (!hdev_is_powered(hdev)) {
bdb6d971 1869 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1870 hdev->dev_class, 3);
b5235a65
JH		 1871 goto unlock;
1872 }
1873
890ea898
JH		 1874 hci_req_init(&req, hdev);
1875
a8b2d5c2 1876 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1877 hci_dev_unlock(hdev);
1878 cancel_delayed_work_sync(&hdev->service_cache);
1879 hci_dev_lock(hdev);
890ea898 1880 update_eir(&req);
7d78525d 1881 }
14c0b608 1882
890ea898
JH		 1883 update_class(&req);
1884
92da6097
JH		 1885 err = hci_req_run(&req, set_class_complete);
1886 if (err < 0) {
1887 if (err != -ENODATA)
1888 goto unlock;
1aff6f09 1889
bdb6d971 1890 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1891 hdev->dev_class, 3);
90e70454
JH		 1892 goto unlock;
1893 }
1894
1895 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
890ea898 1896 if (!cmd) {
90e70454 1897 err = -ENOMEM;
890ea898
JH		 1898 goto unlock;
1899 }
1900
1901 err = 0;
1aff6f09 1902
b5235a65 1903unlock:
09fd0de5 1904 hci_dev_unlock(hdev);
1aff6f09
JH		 1905 return err;
1906}
1907
bdb6d971 1908static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1909 u16 len)
55ed8ca1 1910{
650f726d 1911 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1912 u16 key_count, expected_len;
a492cd52 1913 int i;
55ed8ca1 1914
9060d5cf
MH		 1915 BT_DBG("request for %s", hdev->name);
1916
1917 if (!lmp_bredr_capable(hdev))
1918 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1919 MGMT_STATUS_NOT_SUPPORTED);
1920
1f350c87 1921 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1922
86742e1e
JH		 1923 expected_len = sizeof(*cp) + key_count *
1924 sizeof(struct mgmt_link_key_info);
a492cd52 1925 if (expected_len != len) {
86742e1e 1926 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1927 len, expected_len);
bdb6d971 1928 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1929 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1930 }
1931
4ae14301
JH		 1932 if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01)
1933 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1934 MGMT_STATUS_INVALID_PARAMS);
1935
bdb6d971 1936 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1937 key_count);
55ed8ca1 1938
4ee71b20
JH		 1939 for (i = 0; i < key_count; i++) {
1940 struct mgmt_link_key_info *key = &cp->keys[i];
1941
1942 if (key->addr.type != BDADDR_BREDR)
1943 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1944 MGMT_STATUS_INVALID_PARAMS);
1945 }
1946
09fd0de5 1947 hci_dev_lock(hdev);
55ed8ca1
JH		 1948
1949 hci_link_keys_clear(hdev);
1950
55ed8ca1 1951 if (cp->debug_keys)
a8b2d5c2 1952 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1953 else
a8b2d5c2 1954 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1955
a492cd52 1956 for (i = 0; i < key_count; i++) {
86742e1e 1957 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1958
d753fdc4 1959 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1960 key->type, key->pin_len);
55ed8ca1
JH		 1961 }
1962
bdb6d971 1963 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1964
09fd0de5 1965 hci_dev_unlock(hdev);
55ed8ca1 1966
a492cd52 1967 return 0;
55ed8ca1
JH		 1968}
1969
b1078ad0 1970static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1971 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1972{
1973 struct mgmt_ev_device_unpaired ev;
1974
1975 bacpy(&ev.addr.bdaddr, bdaddr);
1976 ev.addr.type = addr_type;
1977
1978 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1979 skip_sk);
b1078ad0
JH		 1980}
1981
bdb6d971 1982static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1983 u16 len)
55ed8ca1 1984{
124f6e35
JH		 1985 struct mgmt_cp_unpair_device *cp = data;
1986 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1987 struct hci_cp_disconnect dc;
1988 struct pending_cmd *cmd;
55ed8ca1 1989 struct hci_conn *conn;
55ed8ca1
JH		 1990 int err;
1991
a8a1d19e 1992 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1993 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1994 rp.addr.type = cp->addr.type;
a8a1d19e 1995
4ee71b20
JH		 1996 if (!bdaddr_type_is_valid(cp->addr.type))
1997 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1998 MGMT_STATUS_INVALID_PARAMS,
1999 &rp, sizeof(rp));
2000
118da70b
JH		 2001 if (cp->disconnect != 0x00 && cp->disconnect != 0x01)
2002 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
2003 MGMT_STATUS_INVALID_PARAMS,
2004 &rp, sizeof(rp));
2005
4ee71b20
JH		 2006 hci_dev_lock(hdev);
2007
86a8cfc6 2008 if (!hdev_is_powered(hdev)) {
bdb6d971 2009 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 2010 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 2011 goto unlock;
2012 }
2013
591f47f3 2014 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 2015 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
2016 else
2017 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 2018
55ed8ca1 2019 if (err < 0) {
bdb6d971 2020 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 2021 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 2022 goto unlock;
2023 }
2024
86a8cfc6 2025 if (cp->disconnect) {
591f47f3 2026 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 2027 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 2028 &cp->addr.bdaddr);
86a8cfc6
JH		 2029 else
2030 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 2031 &cp->addr.bdaddr);
86a8cfc6
JH		 2032 } else {
2033 conn = NULL;
2034 }
124f6e35 2035
a8a1d19e 2036 if (!conn) {
bdb6d971 2037 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 2038 &rp, sizeof(rp));
b1078ad0 2039 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 2040 goto unlock;
2041 }
55ed8ca1 2042
124f6e35 2043 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 2044 sizeof(*cp));
a8a1d19e
JH		 2045 if (!cmd) {
2046 err = -ENOMEM;
2047 goto unlock;
55ed8ca1
JH		 2048 }
2049
eb55ef07 2050 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 2051 dc.reason = 0x13; /* Remote User Terminated Connection */
2052 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
2053 if (err < 0)
2054 mgmt_pending_remove(cmd);
2055
55ed8ca1 2056unlock:
09fd0de5 2057 hci_dev_unlock(hdev);
55ed8ca1
JH		 2058 return err;
2059}
2060
bdb6d971 2061static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2062 u16 len)
8962ee74 2063{
650f726d 2064 struct mgmt_cp_disconnect *cp = data;
06a63b19 2065 struct mgmt_rp_disconnect rp;
8962ee74 2066 struct hci_cp_disconnect dc;
366a0336 2067 struct pending_cmd *cmd;
8962ee74 2068 struct hci_conn *conn;
8962ee74
JH		 2069 int err;
2070
2071 BT_DBG("");
2072
06a63b19
JH		 2073 memset(&rp, 0, sizeof(rp));
2074 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2075 rp.addr.type = cp->addr.type;
2076
4ee71b20 2077 if (!bdaddr_type_is_valid(cp->addr.type))
06a63b19
JH		 2078 return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2079 MGMT_STATUS_INVALID_PARAMS,
2080 &rp, sizeof(rp));
4ee71b20 2081
09fd0de5 2082 hci_dev_lock(hdev);
8962ee74
JH		 2083
2084 if (!test_bit(HCI_UP, &hdev->flags)) {
06a63b19
JH		 2085 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2086 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
8962ee74
JH		 2087 goto failed;
2088 }
2089
2e58ef3e 2090 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
06a63b19
JH		 2091 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2092 MGMT_STATUS_BUSY, &rp, sizeof(rp));
8962ee74
JH		 2093 goto failed;
2094 }
2095
591f47f3 2096 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 2097 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
2098 &cp->addr.bdaddr);
88c3df13
JH		 2099 else
2100 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 2101
f960727e 2102 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
06a63b19
JH		 2103 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2104 MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp));
8962ee74
JH		 2105 goto failed;
2106 }
2107
2e58ef3e 2108 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 2109 if (!cmd) {
2110 err = -ENOMEM;
8962ee74 2111 goto failed;
366a0336 2112 }
8962ee74 2113
eb55ef07 2114 dc.handle = cpu_to_le16(conn->handle);
3701f944 2115 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 2116
2117 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
2118 if (err < 0)
a664b5bc 2119 mgmt_pending_remove(cmd);
8962ee74
JH		 2120
2121failed:
09fd0de5 2122 hci_dev_unlock(hdev);
8962ee74
JH		 2123 return err;
2124}
2125
57c1477c 2126static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 2127{
2128 switch (link_type) {
2129 case LE_LINK:
48264f06
JH		 2130 switch (addr_type) {
2131 case ADDR_LE_DEV_PUBLIC:
591f47f3 2132 return BDADDR_LE_PUBLIC;
0ed09148 2133
48264f06 2134 default:
0ed09148 2135 /* Fallback to LE Random address type */
591f47f3 2136 return BDADDR_LE_RANDOM;
48264f06 2137 }
0ed09148 2138
4c659c39 2139 default:
0ed09148 2140 /* Fallback to BR/EDR type */
591f47f3 2141 return BDADDR_BREDR;
4c659c39
JH		 2142 }
2143}
2144
04124681
GP		 2145static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
2146 u16 data_len)
2784eb41 2147{
2784eb41 2148 struct mgmt_rp_get_connections *rp;
8035ded4 2149 struct hci_conn *c;
a38528f1 2150 size_t rp_len;
60fc5fb6
JH		 2151 int err;
2152 u16 i;
2784eb41
JH		 2153
2154 BT_DBG("");
2155
09fd0de5 2156 hci_dev_lock(hdev);
2784eb41 2157
5f97c1df 2158 if (!hdev_is_powered(hdev)) {
bdb6d971 2159 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 2160 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2161 goto unlock;
2162 }
2163
60fc5fb6 2164 i = 0;
b644ba33
JH		 2165 list_for_each_entry(c, &hdev->conn_hash.list, list) {
2166 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 2167 i++;
2784eb41
JH		 2168 }
2169
60fc5fb6 2170 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 2171 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 2172 if (!rp) {
2784eb41
JH		 2173 err = -ENOMEM;
2174 goto unlock;
2175 }
2176
2784eb41 2177 i = 0;
4c659c39 2178 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 2179 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
2180 continue;
4c659c39 2181 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 2182 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 2183 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 2184 continue;
2185 i++;
2186 }
2187
eb55ef07 2188 rp->conn_count = cpu_to_le16(i);
60fc5fb6 2189
4c659c39
JH		 2190 /* Recalculate length in case of filtered SCO connections, etc */
2191 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 2192
bdb6d971 2193 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 2194 rp_len);
2784eb41 2195
a38528f1 2196 kfree(rp);
5f97c1df
JH		 2197
2198unlock:
09fd0de5 2199 hci_dev_unlock(hdev);
2784eb41
JH		 2200 return err;
2201}
2202
bdb6d971 2203static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2204 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 2205{
2206 struct pending_cmd *cmd;
2207 int err;
2208
2e58ef3e 2209 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 2210 sizeof(*cp));
96d97a67
WR		 2211 if (!cmd)
2212 return -ENOMEM;
2213
d8457698 2214 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 2215 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 2216 if (err < 0)
2217 mgmt_pending_remove(cmd);
2218
2219 return err;
2220}
2221
bdb6d971 2222static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2223 u16 len)
980e1a53 2224{
96d97a67 2225 struct hci_conn *conn;
650f726d 2226 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 2227 struct hci_cp_pin_code_reply reply;
366a0336 2228 struct pending_cmd *cmd;
980e1a53
JH		 2229 int err;
2230
2231 BT_DBG("");
2232
09fd0de5 2233 hci_dev_lock(hdev);
980e1a53 2234
4b34ee78 2235 if (!hdev_is_powered(hdev)) {
bdb6d971 2236 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2237 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 2238 goto failed;
2239 }
2240
d8457698 2241 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 2242 if (!conn) {
bdb6d971 2243 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2244 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 2245 goto failed;
2246 }
2247
2248 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 2249 struct mgmt_cp_pin_code_neg_reply ncp;
2250
2251 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 2252
2253 BT_ERR("PIN code is not 16 bytes long");
2254
bdb6d971 2255 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 2256 if (err >= 0)
bdb6d971 2257 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2258 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 2259
2260 goto failed;
2261 }
2262
00abfe44 2263 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 2264 if (!cmd) {
2265 err = -ENOMEM;
980e1a53 2266 goto failed;
366a0336 2267 }
980e1a53 2268
d8457698 2269 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 2270 reply.pin_len = cp->pin_len;
24718ca5 2271 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 2272
2273 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
2274 if (err < 0)
a664b5bc 2275 mgmt_pending_remove(cmd);
980e1a53
JH		 2276
2277failed:
09fd0de5 2278 hci_dev_unlock(hdev);
980e1a53
JH		 2279 return err;
2280}
2281
04124681
GP		 2282static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
2283 u16 len)
17fa4b9d 2284{
650f726d 2285 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 2286
2287 BT_DBG("");
2288
09fd0de5 2289 hci_dev_lock(hdev);
17fa4b9d
JH		 2290
2291 hdev->io_capability = cp->io_capability;
2292
2293 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 2294 hdev->io_capability);
17fa4b9d 2295
09fd0de5 2296 hci_dev_unlock(hdev);
17fa4b9d 2297
04124681
GP		 2298 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
2299 0);
17fa4b9d
JH		 2300}
2301
6039aa73 2302static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 2303{
2304 struct hci_dev *hdev = conn->hdev;
8035ded4 2305 struct pending_cmd *cmd;
e9a416b5 2306
2e58ef3e 2307 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 2308 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
2309 continue;
2310
e9a416b5
JH		 2311 if (cmd->user_data != conn)
2312 continue;
2313
2314 return cmd;
2315 }
2316
2317 return NULL;
2318}
2319
2320static void pairing_complete(struct pending_cmd *cmd, u8 status)
2321{
2322 struct mgmt_rp_pair_device rp;
2323 struct hci_conn *conn = cmd->user_data;
2324
ba4e564f 2325 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 2326 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 2327
aee9b218 2328 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 2329 &rp, sizeof(rp));
e9a416b5
JH		 2330
2331 /* So we don't get further callbacks for this connection */
2332 conn->connect_cfm_cb = NULL;
2333 conn->security_cfm_cb = NULL;
2334 conn->disconn_cfm_cb = NULL;
2335
76a68ba0 2336 hci_conn_drop(conn);
e9a416b5 2337
a664b5bc 2338 mgmt_pending_remove(cmd);
e9a416b5
JH		 2339}
2340
2341static void pairing_complete_cb(struct hci_conn *conn, u8 status)
2342{
2343 struct pending_cmd *cmd;
2344
2345 BT_DBG("status %u", status);
2346
2347 cmd = find_pairing(conn);
56e5cb86 2348 if (!cmd)
e9a416b5 2349 BT_DBG("Unable to find a pending command");
56e5cb86 2350 else
e211326c 2351 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 2352}
2353
4c47d739
VA		 2354static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
2355{
2356 struct pending_cmd *cmd;
2357
2358 BT_DBG("status %u", status);
2359
2360 if (!status)
2361 return;
2362
2363 cmd = find_pairing(conn);
2364 if (!cmd)
2365 BT_DBG("Unable to find a pending command");
2366 else
2367 pairing_complete(cmd, mgmt_status(status));
2368}
2369
bdb6d971 2370static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2371 u16 len)
e9a416b5 2372{
650f726d 2373 struct mgmt_cp_pair_device *cp = data;
1425acb7 2374 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 2375 struct pending_cmd *cmd;
2376 u8 sec_level, auth_type;
2377 struct hci_conn *conn;
e9a416b5
JH		 2378 int err;
2379
2380 BT_DBG("");
2381
f950a30e
SJ		 2382 memset(&rp, 0, sizeof(rp));
2383 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2384 rp.addr.type = cp->addr.type;
2385
4ee71b20
JH		 2386 if (!bdaddr_type_is_valid(cp->addr.type))
2387 return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2388 MGMT_STATUS_INVALID_PARAMS,
2389 &rp, sizeof(rp));
2390
09fd0de5 2391 hci_dev_lock(hdev);
e9a416b5 2392
5f97c1df 2393 if (!hdev_is_powered(hdev)) {
f950a30e
SJ		 2394 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2395 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
5f97c1df
JH		 2396 goto unlock;
2397 }
2398
c908df36
VCG		 2399 sec_level = BT_SECURITY_MEDIUM;
2400 if (cp->io_cap == 0x03)
e9a416b5 2401 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 2402 else
e9a416b5 2403 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 2404
591f47f3 2405 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 2406 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
2407 cp->addr.type, sec_level, auth_type);
7a512d01 2408 else
b12f62cf
AG		 2409 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
2410 cp->addr.type, sec_level, auth_type);
7a512d01 2411
30e76272 2412 if (IS_ERR(conn)) {
489dc48e
AK		 2413 int status;
2414
2415 if (PTR_ERR(conn) == -EBUSY)
2416 status = MGMT_STATUS_BUSY;
2417 else
2418 status = MGMT_STATUS_CONNECT_FAILED;
2419
bdb6d971 2420 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 2421 status, &rp,
04124681 2422 sizeof(rp));
e9a416b5
JH		 2423 goto unlock;
2424 }
2425
2426 if (conn->connect_cfm_cb) {
76a68ba0 2427 hci_conn_drop(conn);
bdb6d971 2428 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 2429 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 2430 goto unlock;
2431 }
2432
2e58ef3e 2433 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 2434 if (!cmd) {
2435 err = -ENOMEM;
76a68ba0 2436 hci_conn_drop(conn);
e9a416b5
JH		 2437 goto unlock;
2438 }
2439
7a512d01 2440 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 2441 if (cp->addr.type == BDADDR_BREDR)
7a512d01 2442 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 2443 else
2444 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 2445
e9a416b5
JH		 2446 conn->security_cfm_cb = pairing_complete_cb;
2447 conn->disconn_cfm_cb = pairing_complete_cb;
2448 conn->io_capability = cp->io_cap;
2449 cmd->user_data = conn;
2450
2451 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2452 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2453 pairing_complete(cmd, 0);
2454
2455 err = 0;
2456
2457unlock:
09fd0de5 2458 hci_dev_unlock(hdev);
e9a416b5
JH		 2459 return err;
2460}
2461
04124681
GP		 2462static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2463 u16 len)
28424707 2464{
0f4e68cf 2465 struct mgmt_addr_info *addr = data;
28424707
JH		 2466 struct pending_cmd *cmd;
2467 struct hci_conn *conn;
2468 int err;
2469
2470 BT_DBG("");
2471
28424707
JH		 2472 hci_dev_lock(hdev);
2473
5f97c1df 2474 if (!hdev_is_powered(hdev)) {
bdb6d971 2475 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2476 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2477 goto unlock;
2478 }
2479
28424707
JH		 2480 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2481 if (!cmd) {
bdb6d971 2482 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2483 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2484 goto unlock;
2485 }
2486
2487 conn = cmd->user_data;
2488
2489 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2490 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2491 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2492 goto unlock;
2493 }
2494
2495 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2496
bdb6d971 2497 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2498 addr, sizeof(*addr));
28424707
JH		 2499unlock:
2500 hci_dev_unlock(hdev);
28424707
JH		 2501 return err;
2502}
2503
bdb6d971 2504static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
1707c60e 2505 struct mgmt_addr_info *addr, u16 mgmt_op,
04124681 2506 u16 hci_op, __le32 passkey)
a5c29683 2507{
a5c29683 2508 struct pending_cmd *cmd;
0df4c185 2509 struct hci_conn *conn;
a5c29683
JH		 2510 int err;
2511
09fd0de5 2512 hci_dev_lock(hdev);
08ba5382 2513
4b34ee78 2514 if (!hdev_is_powered(hdev)) {
feb94d3d
JH		 2515 err = cmd_complete(sk, hdev->id, mgmt_op,
2516 MGMT_STATUS_NOT_POWERED, addr,
2517 sizeof(*addr));
0df4c185 2518 goto done;
a5c29683
JH		 2519 }
2520
1707c60e
JH		 2521 if (addr->type == BDADDR_BREDR)
2522 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &addr->bdaddr);
272d90df 2523 else
1707c60e 2524 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &addr->bdaddr);
272d90df
JH		 2525
2526 if (!conn) {
feb94d3d
JH		 2527 err = cmd_complete(sk, hdev->id, mgmt_op,
2528 MGMT_STATUS_NOT_CONNECTED, addr,
2529 sizeof(*addr));
272d90df
JH		 2530 goto done;
2531 }
47c15e2b 2532
1707c60e 2533 if (addr->type == BDADDR_LE_PUBLIC || addr->type == BDADDR_LE_RANDOM) {
47c15e2b 2534 /* Continue with pairing via SMP */
5fe57d9e
BG		 2535 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2536
2537 if (!err)
feb94d3d
JH		 2538 err = cmd_complete(sk, hdev->id, mgmt_op,
2539 MGMT_STATUS_SUCCESS, addr,
2540 sizeof(*addr));
5fe57d9e 2541 else
feb94d3d
JH		 2542 err = cmd_complete(sk, hdev->id, mgmt_op,
2543 MGMT_STATUS_FAILED, addr,
2544 sizeof(*addr));
47c15e2b 2545
47c15e2b
BG		 2546 goto done;
2547 }
2548
1707c60e 2549 cmd = mgmt_pending_add(sk, mgmt_op, hdev, addr, sizeof(*addr));
a5c29683
JH		 2550 if (!cmd) {
2551 err = -ENOMEM;
0df4c185 2552 goto done;
a5c29683
JH		 2553 }
2554
0df4c185 2555 /* Continue with pairing via HCI */
604086b7
BG		 2556 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2557 struct hci_cp_user_passkey_reply cp;
2558
1707c60e 2559 bacpy(&cp.bdaddr, &addr->bdaddr);
604086b7
BG		 2560 cp.passkey = passkey;
2561 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2562 } else
1707c60e
JH		 2563 err = hci_send_cmd(hdev, hci_op, sizeof(addr->bdaddr),
2564 &addr->bdaddr);
604086b7 2565
a664b5bc
JH		 2566 if (err < 0)
2567 mgmt_pending_remove(cmd);
a5c29683 2568
0df4c185 2569done:
09fd0de5 2570 hci_dev_unlock(hdev);
a5c29683
JH		 2571 return err;
2572}
2573
afeb019d
JK		 2574static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2575 void *data, u16 len)
2576{
2577 struct mgmt_cp_pin_code_neg_reply *cp = data;
2578
2579 BT_DBG("");
2580
1707c60e 2581 return user_pairing_resp(sk, hdev, &cp->addr,
afeb019d
JK		 2582 MGMT_OP_PIN_CODE_NEG_REPLY,
2583 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2584}
2585
04124681
GP		 2586static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2587 u16 len)
0df4c185 2588{
650f726d 2589 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2590
2591 BT_DBG("");
2592
2593 if (len != sizeof(*cp))
bdb6d971 2594 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2595 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2596
1707c60e 2597 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2598 MGMT_OP_USER_CONFIRM_REPLY,
2599 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2600}
2601
bdb6d971 2602static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2603 void *data, u16 len)
0df4c185 2604{
c9c2659f 2605 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2606
2607 BT_DBG("");
2608
1707c60e 2609 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2610 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2611 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2612}
2613
04124681
GP		 2614static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2615 u16 len)
604086b7 2616{
650f726d 2617 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2618
2619 BT_DBG("");
2620
1707c60e 2621 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2622 MGMT_OP_USER_PASSKEY_REPLY,
2623 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2624}
2625
bdb6d971 2626static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2627 void *data, u16 len)
604086b7 2628{
650f726d 2629 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2630
2631 BT_DBG("");
2632
1707c60e 2633 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2634 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2635 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2636}
2637
13928971 2638static void update_name(struct hci_request *req)
2b4bf397 2639{
13928971 2640 struct hci_dev *hdev = req->hdev;
2b4bf397
JH		 2641 struct hci_cp_write_local_name cp;
2642
13928971 2643 memcpy(cp.name, hdev->dev_name, sizeof(cp.name));
2b4bf397 2644
890ea898 2645 hci_req_add(req, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2b4bf397
JH		 2646}
2647
13928971
JH		 2648static void set_name_complete(struct hci_dev *hdev, u8 status)
2649{
2650 struct mgmt_cp_set_local_name *cp;
2651 struct pending_cmd *cmd;
2652
2653 BT_DBG("status 0x%02x", status);
2654
2655 hci_dev_lock(hdev);
2656
2657 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2658 if (!cmd)
2659 goto unlock;
2660
2661 cp = cmd->param;
2662
2663 if (status)
2664 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2665 mgmt_status(status));
2666 else
2667 cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2668 cp, sizeof(*cp));
2669
2670 mgmt_pending_remove(cmd);
2671
2672unlock:
2673 hci_dev_unlock(hdev);
2674}
2675
bdb6d971 2676static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2677 u16 len)
b312b161 2678{
2b4bf397 2679 struct mgmt_cp_set_local_name *cp = data;
b312b161 2680 struct pending_cmd *cmd;
890ea898 2681 struct hci_request req;
b312b161
JH		 2682 int err;
2683
2684 BT_DBG("");
2685
09fd0de5 2686 hci_dev_lock(hdev);
b312b161 2687
b3f2ca94
JH		 2688 /* If the old values are the same as the new ones just return a
2689 * direct command complete event.
2690 */
2691 if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) &&
2692 !memcmp(hdev->short_name, cp->short_name,
2693 sizeof(hdev->short_name))) {
2694 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2695 data, len);
2696 goto failed;
2697 }
2698
2b4bf397 2699 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2700
b5235a65 2701 if (!hdev_is_powered(hdev)) {
2b4bf397 2702 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2703
2704 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2705 data, len);
28cc7bde
JH		 2706 if (err < 0)
2707 goto failed;
2708
2709 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2710 sk);
28cc7bde 2711
b5235a65
JH		 2712 goto failed;
2713 }
2714
28cc7bde 2715 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2716 if (!cmd) {
2717 err = -ENOMEM;
2718 goto failed;
2719 }
2720
13928971
JH		 2721 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
2722
890ea898 2723 hci_req_init(&req, hdev);
3f985050
JH		 2724
2725 if (lmp_bredr_capable(hdev)) {
2726 update_name(&req);
2727 update_eir(&req);
2728 }
2729
2730 if (lmp_le_capable(hdev))
2731 hci_update_ad(&req);
2732
13928971 2733 err = hci_req_run(&req, set_name_complete);
b312b161
JH		 2734 if (err < 0)
2735 mgmt_pending_remove(cmd);
2736
2737failed:
09fd0de5 2738 hci_dev_unlock(hdev);
b312b161
JH		 2739 return err;
2740}
2741
0f4e68cf 2742static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2743 void *data, u16 data_len)
c35938b2 2744{
c35938b2
SJ		 2745 struct pending_cmd *cmd;
2746 int err;
2747
bdb6d971 2748 BT_DBG("%s", hdev->name);
c35938b2 2749
09fd0de5 2750 hci_dev_lock(hdev);
c35938b2 2751
4b34ee78 2752 if (!hdev_is_powered(hdev)) {
bdb6d971 2753 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2754 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2755 goto unlock;
2756 }
2757
9a1a1996 2758 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2759 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2760 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2761 goto unlock;
2762 }
2763
2e58ef3e 2764 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2765 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2766 MGMT_STATUS_BUSY);
c35938b2
SJ		 2767 goto unlock;
2768 }
2769
2e58ef3e 2770 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2771 if (!cmd) {
2772 err = -ENOMEM;
2773 goto unlock;
2774 }
2775
2776 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2777 if (err < 0)
2778 mgmt_pending_remove(cmd);
2779
2780unlock:
09fd0de5 2781 hci_dev_unlock(hdev);
c35938b2
SJ		 2782 return err;
2783}
2784
bdb6d971 2785static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2786 void *data, u16 len)
2763eda6 2787{
650f726d 2788 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2789 u8 status;
2763eda6
SJ		 2790 int err;
2791
bdb6d971 2792 BT_DBG("%s ", hdev->name);
2763eda6 2793
09fd0de5 2794 hci_dev_lock(hdev);
2763eda6 2795
664ce4cc 2796 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2797 cp->randomizer);
2763eda6 2798 if (err < 0)
bf1e3541 2799 status = MGMT_STATUS_FAILED;
2763eda6 2800 else
a6785be2 2801 status = MGMT_STATUS_SUCCESS;
bf1e3541 2802
bdb6d971 2803 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2804 &cp->addr, sizeof(cp->addr));
2763eda6 2805
09fd0de5 2806 hci_dev_unlock(hdev);
2763eda6
SJ		 2807 return err;
2808}
2809
bdb6d971 2810static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2811 void *data, u16 len)
2763eda6 2812{
650f726d 2813 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2814 u8 status;
2763eda6
SJ		 2815 int err;
2816
bdb6d971 2817 BT_DBG("%s", hdev->name);
2763eda6 2818
09fd0de5 2819 hci_dev_lock(hdev);
2763eda6 2820
664ce4cc 2821 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2822 if (err < 0)
bf1e3541 2823 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2824 else
a6785be2 2825 status = MGMT_STATUS_SUCCESS;
bf1e3541 2826
bdb6d971 2827 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2828 status, &cp->addr, sizeof(cp->addr));
2763eda6 2829
09fd0de5 2830 hci_dev_unlock(hdev);
2763eda6
SJ		 2831 return err;
2832}
2833
41dc2bd6
AG		 2834static int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2835{
2836 struct pending_cmd *cmd;
2837 u8 type;
2838 int err;
2839
2840 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2841
2842 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2843 if (!cmd)
2844 return -ENOENT;
2845
2846 type = hdev->discovery.type;
2847
2848 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
2849 &type, sizeof(type));
2850 mgmt_pending_remove(cmd);
2851
2852 return err;
2853}
2854
7c307720
AG		 2855static void start_discovery_complete(struct hci_dev *hdev, u8 status)
2856{
2857 BT_DBG("status %d", status);
2858
2859 if (status) {
2860 hci_dev_lock(hdev);
2861 mgmt_start_discovery_failed(hdev, status);
2862 hci_dev_unlock(hdev);
2863 return;
2864 }
2865
2866 hci_dev_lock(hdev);
2867 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
2868 hci_dev_unlock(hdev);
2869
2870 switch (hdev->discovery.type) {
2871 case DISCOV_TYPE_LE:
2872 queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable,
0d8cc935 2873 DISCOV_LE_TIMEOUT);
7c307720
AG		 2874 break;
2875
2876 case DISCOV_TYPE_INTERLEAVED:
2877 queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable,
0d8cc935 2878 DISCOV_INTERLEAVED_TIMEOUT);
7c307720
AG		 2879 break;
2880
2881 case DISCOV_TYPE_BREDR:
2882 break;
2883
2884 default:
2885 BT_ERR("Invalid discovery type %d", hdev->discovery.type);
2886 }
2887}
2888
bdb6d971 2889static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2890 void *data, u16 len)
14a53664 2891{
650f726d 2892 struct mgmt_cp_start_discovery *cp = data;
14a53664 2893 struct pending_cmd *cmd;
7c307720
AG		 2894 struct hci_cp_le_set_scan_param param_cp;
2895 struct hci_cp_le_set_scan_enable enable_cp;
2896 struct hci_cp_inquiry inq_cp;
2897 struct hci_request req;
2898 /* General inquiry access code (GIAC) */
2899 u8 lap[3] = { 0x33, 0x8b, 0x9e };
e6fe7986 2900 u8 status;
14a53664
JH		 2901 int err;
2902
bdb6d971 2903 BT_DBG("%s", hdev->name);
14a53664 2904
09fd0de5 2905 hci_dev_lock(hdev);
14a53664 2906
4b34ee78 2907 if (!hdev_is_powered(hdev)) {
bdb6d971 2908 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2909 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2910 goto failed;
2911 }
2912
642be6c7
AG		 2913 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2914 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2915 MGMT_STATUS_BUSY);
2916 goto failed;
2917 }
2918
ff9ef578 2919 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2920 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2921 MGMT_STATUS_BUSY);
ff9ef578
JH		 2922 goto failed;
2923 }
2924
2e58ef3e 2925 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2926 if (!cmd) {
2927 err = -ENOMEM;
2928 goto failed;
2929 }
2930
4aab14e5
AG		 2931 hdev->discovery.type = cp->type;
2932
7c307720
AG		 2933 hci_req_init(&req, hdev);
2934
4aab14e5 2935 switch (hdev->discovery.type) {
f39799f5 2936 case DISCOV_TYPE_BREDR:
e6fe7986
JH		 2937 status = mgmt_bredr_support(hdev);
2938 if (status) {
04106755 2939 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
e6fe7986 2940 status);
04106755
JH		 2941 mgmt_pending_remove(cmd);
2942 goto failed;
2943 }
2944
7c307720
AG		 2945 if (test_bit(HCI_INQUIRY, &hdev->flags)) {
2946 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2947 MGMT_STATUS_BUSY);
2948 mgmt_pending_remove(cmd);
2949 goto failed;
2950 }
2951
2952 hci_inquiry_cache_flush(hdev);
2953
2954 memset(&inq_cp, 0, sizeof(inq_cp));
2955 memcpy(&inq_cp.lap, lap, sizeof(inq_cp.lap));
0d8cc935 2956 inq_cp.length = DISCOV_BREDR_INQUIRY_LEN;
7c307720 2957 hci_req_add(&req, HCI_OP_INQUIRY, sizeof(inq_cp), &inq_cp);
f39799f5
AG		 2958 break;
2959
2960 case DISCOV_TYPE_LE:
7c307720 2961 case DISCOV_TYPE_INTERLEAVED:
e6fe7986
JH		 2962 status = mgmt_le_support(hdev);
2963 if (status) {
04106755 2964 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
e6fe7986 2965 status);
04106755
JH		 2966 mgmt_pending_remove(cmd);
2967 goto failed;
2968 }
2969
7c307720 2970 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
56f87901 2971 !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) {
04106755
JH		 2972 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2973 MGMT_STATUS_NOT_SUPPORTED);
2974 mgmt_pending_remove(cmd);
2975 goto failed;
2976 }
2977
f3d3444a 2978 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
7c307720
AG		 2979 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2980 MGMT_STATUS_REJECTED);
2981 mgmt_pending_remove(cmd);
2982 goto failed;
2983 }
2984
2985 if (test_bit(HCI_LE_SCAN, &hdev->dev_flags)) {
2986 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2987 MGMT_STATUS_BUSY);
2988 mgmt_pending_remove(cmd);
2989 goto failed;
2990 }
2991
2992 memset(&param_cp, 0, sizeof(param_cp));
2993 param_cp.type = LE_SCAN_ACTIVE;
0d8cc935
AG		 2994 param_cp.interval = cpu_to_le16(DISCOV_LE_SCAN_INT);
2995 param_cp.window = cpu_to_le16(DISCOV_LE_SCAN_WIN);
c25dfc61
MH		 2996 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
2997 param_cp.own_address_type = ADDR_LE_DEV_PUBLIC;
2998 else
2999 param_cp.own_address_type = ADDR_LE_DEV_RANDOM;
7c307720
AG		 3000 hci_req_add(&req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
3001 &param_cp);
3002
3003 memset(&enable_cp, 0, sizeof(enable_cp));
3004 enable_cp.enable = LE_SCAN_ENABLE;
3005 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
3006 hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
3007 &enable_cp);
5e0452c0
AG		 3008 break;
3009
f39799f5 3010 default:
04106755
JH		 3011 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
3012 MGMT_STATUS_INVALID_PARAMS);
3013 mgmt_pending_remove(cmd);
3014 goto failed;
f39799f5 3015 }
3fd24153 3016
7c307720 3017 err = hci_req_run(&req, start_discovery_complete);
14a53664
JH		 3018 if (err < 0)
3019 mgmt_pending_remove(cmd);
ff9ef578
JH		 3020 else
3021 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 3022
3023failed:
09fd0de5 3024 hci_dev_unlock(hdev);
14a53664
JH		 3025 return err;
3026}
3027
1183fdca
AG		 3028static int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3029{
3030 struct pending_cmd *cmd;
3031 int err;
3032
3033 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3034 if (!cmd)
3035 return -ENOENT;
3036
3037 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3038 &hdev->discovery.type, sizeof(hdev->discovery.type));
3039 mgmt_pending_remove(cmd);
3040
3041 return err;
3042}
3043
0e05bba6
AG		 3044static void stop_discovery_complete(struct hci_dev *hdev, u8 status)
3045{
3046 BT_DBG("status %d", status);
3047
3048 hci_dev_lock(hdev);
3049
3050 if (status) {
3051 mgmt_stop_discovery_failed(hdev, status);
3052 goto unlock;
3053 }
3054
3055 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3056
3057unlock:
3058 hci_dev_unlock(hdev);
3059}
3060
bdb6d971 3061static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3062 u16 len)
14a53664 3063{
d930650b 3064 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 3065 struct pending_cmd *cmd;
30dc78e1
JH		 3066 struct hci_cp_remote_name_req_cancel cp;
3067 struct inquiry_entry *e;
0e05bba6
AG		 3068 struct hci_request req;
3069 struct hci_cp_le_set_scan_enable enable_cp;
14a53664
JH		 3070 int err;
3071
bdb6d971 3072 BT_DBG("%s", hdev->name);
14a53664 3073
09fd0de5 3074 hci_dev_lock(hdev);
14a53664 3075
30dc78e1 3076 if (!hci_discovery_active(hdev)) {
bdb6d971 3077 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 3078 MGMT_STATUS_REJECTED, &mgmt_cp->type,
3079 sizeof(mgmt_cp->type));
d930650b
JH		 3080 goto unlock;
3081 }
3082
3083 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 3084 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 3085 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
3086 sizeof(mgmt_cp->type));
30dc78e1 3087 goto unlock;
ff9ef578
JH		 3088 }
3089
2e58ef3e 3090 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 3091 if (!cmd) {
3092 err = -ENOMEM;
30dc78e1
JH		 3093 goto unlock;
3094 }
3095
0e05bba6
AG		 3096 hci_req_init(&req, hdev);
3097
e0d9727e
AG		 3098 switch (hdev->discovery.state) {
3099 case DISCOVERY_FINDING:
0e05bba6
AG		 3100 if (test_bit(HCI_INQUIRY, &hdev->flags)) {
3101 hci_req_add(&req, HCI_OP_INQUIRY_CANCEL, 0, NULL);
3102 } else {
3103 cancel_delayed_work(&hdev->le_scan_disable);
3104
3105 memset(&enable_cp, 0, sizeof(enable_cp));
3106 enable_cp.enable = LE_SCAN_DISABLE;
3107 hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE,
3108 sizeof(enable_cp), &enable_cp);
3109 }
c9ecc48e 3110
e0d9727e
AG		 3111 break;
3112
3113 case DISCOVERY_RESOLVING:
3114 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 3115 NAME_PENDING);
e0d9727e 3116 if (!e) {
30dc78e1 3117 mgmt_pending_remove(cmd);
e0d9727e
AG		 3118 err = cmd_complete(sk, hdev->id,
3119 MGMT_OP_STOP_DISCOVERY, 0,
3120 &mgmt_cp->type,
3121 sizeof(mgmt_cp->type));
3122 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3123 goto unlock;
3124 }
30dc78e1 3125
e0d9727e 3126 bacpy(&cp.bdaddr, &e->data.bdaddr);
0e05bba6
AG		 3127 hci_req_add(&req, HCI_OP_REMOTE_NAME_REQ_CANCEL, sizeof(cp),
3128 &cp);
e0d9727e
AG		 3129
3130 break;
3131
3132 default:
3133 BT_DBG("unknown discovery state %u", hdev->discovery.state);
0e05bba6
AG		 3134
3135 mgmt_pending_remove(cmd);
3136 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
3137 MGMT_STATUS_FAILED, &mgmt_cp->type,
3138 sizeof(mgmt_cp->type));
3139 goto unlock;
14a53664
JH		 3140 }
3141
0e05bba6 3142 err = hci_req_run(&req, stop_discovery_complete);
14a53664
JH		 3143 if (err < 0)
3144 mgmt_pending_remove(cmd);
ff9ef578
JH		 3145 else
3146 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 3147
30dc78e1 3148unlock:
09fd0de5 3149 hci_dev_unlock(hdev);
14a53664
JH		 3150 return err;
3151}
3152
bdb6d971 3153static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3154 u16 len)
561aafbc 3155{
650f726d 3156 struct mgmt_cp_confirm_name *cp = data;
561aafbc 3157 struct inquiry_entry *e;
561aafbc
JH		 3158 int err;
3159
bdb6d971 3160 BT_DBG("%s", hdev->name);
561aafbc 3161
561aafbc
JH		 3162 hci_dev_lock(hdev);
3163
30dc78e1 3164 if (!hci_discovery_active(hdev)) {
bdb6d971 3165 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 3166 MGMT_STATUS_FAILED);
30dc78e1
JH		 3167 goto failed;
3168 }
3169
a198e7b1 3170 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 3171 if (!e) {
bdb6d971 3172 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 3173 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 3174 goto failed;
3175 }
3176
3177 if (cp->name_known) {
3178 e->name_state = NAME_KNOWN;
3179 list_del(&e->list);
3180 } else {
3181 e->name_state = NAME_NEEDED;
a3d4e20a 3182 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 3183 }
3184
e384662b
JH		 3185 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
3186 sizeof(cp->addr));
561aafbc
JH		 3187
3188failed:
3189 hci_dev_unlock(hdev);
561aafbc
JH		 3190 return err;
3191}
3192
bdb6d971 3193static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3194 u16 len)
7fbec224 3195{
650f726d 3196 struct mgmt_cp_block_device *cp = data;
f0eeea8b 3197 u8 status;
7fbec224
AJ		 3198 int err;
3199
bdb6d971 3200 BT_DBG("%s", hdev->name);
7fbec224 3201
4ee71b20 3202 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 3203 return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE,
3204 MGMT_STATUS_INVALID_PARAMS,
3205 &cp->addr, sizeof(cp->addr));
4ee71b20 3206
09fd0de5 3207 hci_dev_lock(hdev);
5e762444 3208
88c1fe4b 3209 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 3210 if (err < 0)
f0eeea8b 3211 status = MGMT_STATUS_FAILED;
7fbec224 3212 else
a6785be2 3213 status = MGMT_STATUS_SUCCESS;
f0eeea8b 3214
bdb6d971 3215 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 3216 &cp->addr, sizeof(cp->addr));
5e762444 3217
09fd0de5 3218 hci_dev_unlock(hdev);
7fbec224
AJ		 3219
3220 return err;
3221}
3222
bdb6d971 3223static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3224 u16 len)
7fbec224 3225{
650f726d 3226 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 3227 u8 status;
7fbec224
AJ		 3228 int err;
3229
bdb6d971 3230 BT_DBG("%s", hdev->name);
7fbec224 3231
4ee71b20 3232 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 3233 return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE,
3234 MGMT_STATUS_INVALID_PARAMS,
3235 &cp->addr, sizeof(cp->addr));
4ee71b20 3236
09fd0de5 3237 hci_dev_lock(hdev);
5e762444 3238
88c1fe4b 3239 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 3240 if (err < 0)
f0eeea8b 3241 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 3242 else
a6785be2 3243 status = MGMT_STATUS_SUCCESS;
f0eeea8b 3244
bdb6d971 3245 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 3246 &cp->addr, sizeof(cp->addr));
5e762444 3247
09fd0de5 3248 hci_dev_unlock(hdev);
7fbec224
AJ		 3249
3250 return err;
3251}
3252
cdbaccca
MH		 3253static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
3254 u16 len)
3255{
3256 struct mgmt_cp_set_device_id *cp = data;
890ea898 3257 struct hci_request req;
cdbaccca 3258 int err;
c72d4b8a 3259 __u16 source;
cdbaccca
MH		 3260
3261 BT_DBG("%s", hdev->name);
3262
c72d4b8a
SJ		 3263 source = __le16_to_cpu(cp->source);
3264
3265 if (source > 0x0002)
3266 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
3267 MGMT_STATUS_INVALID_PARAMS);
3268
cdbaccca
MH		 3269 hci_dev_lock(hdev);
3270
c72d4b8a 3271 hdev->devid_source = source;
cdbaccca
MH		 3272 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
3273 hdev->devid_product = __le16_to_cpu(cp->product);
3274 hdev->devid_version = __le16_to_cpu(cp->version);
3275
3276 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
3277
890ea898
JH		 3278 hci_req_init(&req, hdev);
3279 update_eir(&req);
3280 hci_req_run(&req, NULL);
cdbaccca
MH		 3281
3282 hci_dev_unlock(hdev);
3283
3284 return err;
3285}
3286
4375f103
JH		 3287static void set_advertising_complete(struct hci_dev *hdev, u8 status)
3288{
3289 struct cmd_lookup match = { NULL, hdev };
3290
3291 if (status) {
3292 u8 mgmt_err = mgmt_status(status);
3293
3294 mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev,
3295 cmd_status_rsp, &mgmt_err);
3296 return;
3297 }
3298
3299 mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, settings_rsp,
3300 &match);
3301
3302 new_settings(hdev, match.sk);
3303
3304 if (match.sk)
3305 sock_put(match.sk);
3306}
3307
21b5187f
MH		 3308static int set_advertising(struct sock *sk, struct hci_dev *hdev, void *data,
3309 u16 len)
4375f103
JH		 3310{
3311 struct mgmt_mode *cp = data;
3312 struct pending_cmd *cmd;
3313 struct hci_request req;
e6fe7986 3314 u8 val, enabled, status;
4375f103
JH		 3315 int err;
3316
3317 BT_DBG("request for %s", hdev->name);
3318
e6fe7986
JH		 3319 status = mgmt_le_support(hdev);
3320 if (status)
4375f103 3321 return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
e6fe7986 3322 status);
4375f103
JH		 3323
3324 if (cp->val != 0x00 && cp->val != 0x01)
3325 return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
3326 MGMT_STATUS_INVALID_PARAMS);
3327
3328 hci_dev_lock(hdev);
3329
3330 val = !!cp->val;
f3d3444a 3331 enabled = test_bit(HCI_ADVERTISING, &hdev->dev_flags);
4375f103 3332
f74ca9b8
JH		 3333 /* The following conditions are ones which mean that we should
3334 * not do any HCI communication but directly send a mgmt
3335 * response to user space (after toggling the flag if
3336 * necessary).
3337 */
3338 if (!hdev_is_powered(hdev) || val == enabled ||
b145edcd 3339 hci_conn_num(hdev, LE_LINK) > 0) {
4375f103
JH		 3340 bool changed = false;
3341
f3d3444a
JH		 3342 if (val != test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
3343 change_bit(HCI_ADVERTISING, &hdev->dev_flags);
4375f103
JH		 3344 changed = true;
3345 }
3346
3347 err = send_settings_rsp(sk, MGMT_OP_SET_ADVERTISING, hdev);
3348 if (err < 0)
3349 goto unlock;
3350
3351 if (changed)
3352 err = new_settings(hdev, sk);
3353
3354 goto unlock;
3355 }
3356
3357 if (mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev) ||
3358 mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
3359 err = cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
3360 MGMT_STATUS_BUSY);
3361 goto unlock;
3362 }
3363
3364 cmd = mgmt_pending_add(sk, MGMT_OP_SET_ADVERTISING, hdev, data, len);
3365 if (!cmd) {
3366 err = -ENOMEM;
3367 goto unlock;
3368 }
3369
3370 hci_req_init(&req, hdev);
3371
bba3aa55
MH		 3372 if (val)
3373 enable_advertising(&req);
3374 else
3375 disable_advertising(&req);
4375f103
JH		 3376
3377 err = hci_req_run(&req, set_advertising_complete);
3378 if (err < 0)
3379 mgmt_pending_remove(cmd);
3380
3381unlock:
3382 hci_dev_unlock(hdev);
3383 return err;
3384}
3385
d13eafce
MH		 3386static int set_static_address(struct sock *sk, struct hci_dev *hdev,
3387 void *data, u16 len)
3388{
3389 struct mgmt_cp_set_static_address *cp = data;
3390 int err;
3391
3392 BT_DBG("%s", hdev->name);
3393
62af4443 3394 if (!lmp_le_capable(hdev))
d13eafce 3395 return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS,
62af4443 3396 MGMT_STATUS_NOT_SUPPORTED);
d13eafce
MH		 3397
3398 if (hdev_is_powered(hdev))
3399 return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS,
3400 MGMT_STATUS_REJECTED);
3401
3402 if (bacmp(&cp->bdaddr, BDADDR_ANY)) {
3403 if (!bacmp(&cp->bdaddr, BDADDR_NONE))
3404 return cmd_status(sk, hdev->id,
3405 MGMT_OP_SET_STATIC_ADDRESS,
3406 MGMT_STATUS_INVALID_PARAMS);
3407
3408 /* Two most significant bits shall be set */
3409 if ((cp->bdaddr.b[5] & 0xc0) != 0xc0)
3410 return cmd_status(sk, hdev->id,
3411 MGMT_OP_SET_STATIC_ADDRESS,
3412 MGMT_STATUS_INVALID_PARAMS);
3413 }
3414
3415 hci_dev_lock(hdev);
3416
3417 bacpy(&hdev->static_addr, &cp->bdaddr);
3418
3419 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS, 0, NULL, 0);
3420
3421 hci_dev_unlock(hdev);
3422
3423 return err;
3424}
3425
14b49b9a
MH		 3426static int set_scan_params(struct sock *sk, struct hci_dev *hdev,
3427 void *data, u16 len)
3428{
3429 struct mgmt_cp_set_scan_params *cp = data;
3430 __u16 interval, window;
3431 int err;
3432
3433 BT_DBG("%s", hdev->name);
3434
3435 if (!lmp_le_capable(hdev))
3436 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3437 MGMT_STATUS_NOT_SUPPORTED);
3438
3439 interval = __le16_to_cpu(cp->interval);
3440
3441 if (interval < 0x0004 || interval > 0x4000)
3442 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3443 MGMT_STATUS_INVALID_PARAMS);
3444
3445 window = __le16_to_cpu(cp->window);
3446
3447 if (window < 0x0004 || window > 0x4000)
3448 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3449 MGMT_STATUS_INVALID_PARAMS);
3450
3451 hci_dev_lock(hdev);
3452
3453 hdev->le_scan_interval = interval;
3454 hdev->le_scan_window = window;
3455
3456 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, 0, NULL, 0);
3457
3458 hci_dev_unlock(hdev);
3459
3460 return err;
3461}
3462
33e38b3e
JH		 3463static void fast_connectable_complete(struct hci_dev *hdev, u8 status)
3464{
3465 struct pending_cmd *cmd;
3466
3467 BT_DBG("status 0x%02x", status);
3468
3469 hci_dev_lock(hdev);
3470
3471 cmd = mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev);
3472 if (!cmd)
3473 goto unlock;
3474
3475 if (status) {
3476 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3477 mgmt_status(status));
3478 } else {
1a4d3c4b
JH		 3479 struct mgmt_mode *cp = cmd->param;
3480
3481 if (cp->val)
3482 set_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3483 else
3484 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3485
33e38b3e
JH		 3486 send_settings_rsp(cmd->sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev);
3487 new_settings(hdev, cmd->sk);
3488 }
3489
3490 mgmt_pending_remove(cmd);
3491
3492unlock:
3493 hci_dev_unlock(hdev);
3494}
3495
bdb6d971 3496static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 3497 void *data, u16 len)
f6422ec6 3498{
650f726d 3499 struct mgmt_mode *cp = data;
33e38b3e
JH		 3500 struct pending_cmd *cmd;
3501 struct hci_request req;
f6422ec6
AJ		 3502 int err;
3503
bdb6d971 3504 BT_DBG("%s", hdev->name);
f6422ec6 3505
56f87901
JH		 3506 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) ||
3507 hdev->hci_ver < BLUETOOTH_VER_1_2)
33c525c0
JH		 3508 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3509 MGMT_STATUS_NOT_SUPPORTED);
3510
a7e80f25
JH		 3511 if (cp->val != 0x00 && cp->val != 0x01)
3512 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3513 MGMT_STATUS_INVALID_PARAMS);
3514
5400c044 3515 if (!hdev_is_powered(hdev))
bdb6d971 3516 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3517 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 3518
3519 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 3520 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3521 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 3522
3523 hci_dev_lock(hdev);
3524
05cbf29f
JH		 3525 if (mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev)) {
3526 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3527 MGMT_STATUS_BUSY);
3528 goto unlock;
3529 }
3530
1a4d3c4b
JH		 3531 if (!!cp->val == test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) {
3532 err = send_settings_rsp(sk, MGMT_OP_SET_FAST_CONNECTABLE,
3533 hdev);
3534 goto unlock;
3535 }
3536
33e38b3e
JH		 3537 cmd = mgmt_pending_add(sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev,
3538 data, len);
3539 if (!cmd) {
3540 err = -ENOMEM;
3541 goto unlock;
f6422ec6
AJ		 3542 }
3543
33e38b3e
JH		 3544 hci_req_init(&req, hdev);
3545
406d7804 3546 write_fast_connectable(&req, cp->val);
33e38b3e
JH		 3547
3548 err = hci_req_run(&req, fast_connectable_complete);
f6422ec6 3549 if (err < 0) {
bdb6d971 3550 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3551 MGMT_STATUS_FAILED);
33e38b3e 3552 mgmt_pending_remove(cmd);
f6422ec6
AJ		 3553 }
3554
33e38b3e 3555unlock:
f6422ec6 3556 hci_dev_unlock(hdev);
33e38b3e 3557
f6422ec6
AJ		 3558 return err;
3559}
3560
67e5a7a3
JH		 3561static void set_bredr_scan(struct hci_request *req)
3562{
3563 struct hci_dev *hdev = req->hdev;
3564 u8 scan = 0;
3565
3566 /* Ensure that fast connectable is disabled. This function will
3567 * not do anything if the page scan parameters are already what
3568 * they should be.
3569 */
3570 write_fast_connectable(req, false);
3571
3572 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3573 scan |= SCAN_PAGE;
3574 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3575 scan |= SCAN_INQUIRY;
3576
3577 if (scan)
3578 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
3579}
3580
0663ca2a
JH		 3581static void set_bredr_complete(struct hci_dev *hdev, u8 status)
3582{
3583 struct pending_cmd *cmd;
3584
3585 BT_DBG("status 0x%02x", status);
3586
3587 hci_dev_lock(hdev);
3588
3589 cmd = mgmt_pending_find(MGMT_OP_SET_BREDR, hdev);
3590 if (!cmd)
3591 goto unlock;
3592
3593 if (status) {
3594 u8 mgmt_err = mgmt_status(status);
3595
3596 /* We need to restore the flag if related HCI commands
3597 * failed.
3598 */
3599 clear_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3600
3601 cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err);
3602 } else {
3603 send_settings_rsp(cmd->sk, MGMT_OP_SET_BREDR, hdev);
3604 new_settings(hdev, cmd->sk);
3605 }
3606
3607 mgmt_pending_remove(cmd);
3608
3609unlock:
3610 hci_dev_unlock(hdev);
3611}
3612
3613static int set_bredr(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
3614{
3615 struct mgmt_mode *cp = data;
3616 struct pending_cmd *cmd;
3617 struct hci_request req;
3618 int err;
3619
3620 BT_DBG("request for %s", hdev->name);
3621
3622 if (!lmp_bredr_capable(hdev) || !lmp_le_capable(hdev))
3623 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3624 MGMT_STATUS_NOT_SUPPORTED);
3625
3626 if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3627 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3628 MGMT_STATUS_REJECTED);
3629
3630 if (cp->val != 0x00 && cp->val != 0x01)
3631 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3632 MGMT_STATUS_INVALID_PARAMS);
3633
3634 hci_dev_lock(hdev);
3635
3636 if (cp->val == test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) {
3637 err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev);
3638 goto unlock;
3639 }
3640
3641 if (!hdev_is_powered(hdev)) {
3642 if (!cp->val) {
3643 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
3644 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
3645 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
3646 clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
3647 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3648 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
3649 }
3650
3651 change_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3652
3653 err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev);
3654 if (err < 0)
3655 goto unlock;
3656
3657 err = new_settings(hdev, sk);
3658 goto unlock;
3659 }
3660
3661 /* Reject disabling when powered on */
3662 if (!cp->val) {
3663 err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3664 MGMT_STATUS_REJECTED);
3665 goto unlock;
3666 }
3667
3668 if (mgmt_pending_find(MGMT_OP_SET_BREDR, hdev)) {
3669 err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3670 MGMT_STATUS_BUSY);
3671 goto unlock;
3672 }
3673
3674 cmd = mgmt_pending_add(sk, MGMT_OP_SET_BREDR, hdev, data, len);
3675 if (!cmd) {
3676 err = -ENOMEM;
3677 goto unlock;
3678 }
3679
3680 /* We need to flip the bit already here so that hci_update_ad
3681 * generates the correct flags.
3682 */
3683 set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3684
3685 hci_req_init(&req, hdev);
3686 hci_update_ad(&req);
3687 err = hci_req_run(&req, set_bredr_complete);
3688 if (err < 0)
3689 mgmt_pending_remove(cmd);
3690
3691unlock:
3692 hci_dev_unlock(hdev);
3693 return err;
3694}
3695
3f706b72
JH		 3696static bool ltk_is_valid(struct mgmt_ltk_info *key)
3697{
44b20d33
JH		 3698 if (key->authenticated != 0x00 && key->authenticated != 0x01)
3699 return false;
3f706b72
JH		 3700 if (key->master != 0x00 && key->master != 0x01)
3701 return false;
4ee71b20
JH		 3702 if (!bdaddr_type_is_le(key->addr.type))
3703 return false;
3f706b72
JH		 3704 return true;
3705}
3706
bdb6d971 3707static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 3708 void *cp_data, u16 len)
346af67b 3709{
346af67b
VCG		 3710 struct mgmt_cp_load_long_term_keys *cp = cp_data;
3711 u16 key_count, expected_len;
715a5bf2 3712 int i, err;
346af67b 3713
cf99ba13
MH		 3714 BT_DBG("request for %s", hdev->name);
3715
3716 if (!lmp_le_capable(hdev))
3717 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
3718 MGMT_STATUS_NOT_SUPPORTED);
3719
1f350c87 3720 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 3721
3722 expected_len = sizeof(*cp) + key_count *
3723 sizeof(struct mgmt_ltk_info);
3724 if (expected_len != len) {
3725 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 3726 len, expected_len);
bdb6d971 3727 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
e57e619f 3728 MGMT_STATUS_INVALID_PARAMS);
346af67b
VCG		 3729 }
3730
bdb6d971 3731 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b 3732
54ad6d8a
JH		 3733 for (i = 0; i < key_count; i++) {
3734 struct mgmt_ltk_info *key = &cp->keys[i];
3735
3f706b72 3736 if (!ltk_is_valid(key))
54ad6d8a
JH		 3737 return cmd_status(sk, hdev->id,
3738 MGMT_OP_LOAD_LONG_TERM_KEYS,
3739 MGMT_STATUS_INVALID_PARAMS);
3740 }
3741
346af67b
VCG		 3742 hci_dev_lock(hdev);
3743
3744 hci_smp_ltks_clear(hdev);
3745
3746 for (i = 0; i < key_count; i++) {
3747 struct mgmt_ltk_info *key = &cp->keys[i];
79d95a19
MH		 3748 u8 type, addr_type;
3749
3750 if (key->addr.type == BDADDR_LE_PUBLIC)
3751 addr_type = ADDR_LE_DEV_PUBLIC;
3752 else
3753 addr_type = ADDR_LE_DEV_RANDOM;
346af67b
VCG		 3754
3755 if (key->master)
3756 type = HCI_SMP_LTK;
3757 else
3758 type = HCI_SMP_LTK_SLAVE;
3759
79d95a19 3760 hci_add_ltk(hdev, &key->addr.bdaddr, addr_type,
04124681
GP		 3761 type, 0, key->authenticated, key->val,
3762 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 3763 }
3764
715a5bf2
JH		 3765 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
3766 NULL, 0);
3767
346af67b 3768 hci_dev_unlock(hdev);
346af67b 3769
715a5bf2 3770 return err;
346af67b
VCG		 3771}
3772
2e3c35ea 3773static const struct mgmt_handler {
04124681
GP		 3774 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
3775 u16 data_len);
be22b54e
JH		 3776 bool var_len;
3777 size_t data_len;
0f4e68cf
JH		 3778} mgmt_handlers[] = {
3779 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 3780 { read_version, false, MGMT_READ_VERSION_SIZE },
3781 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
3782 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
3783 { read_controller_info, false, MGMT_READ_INFO_SIZE },
3784 { set_powered, false, MGMT_SETTING_SIZE },
3785 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
3786 { set_connectable, false, MGMT_SETTING_SIZE },
3787 { set_fast_connectable, false, MGMT_SETTING_SIZE },
3788 { set_pairable, false, MGMT_SETTING_SIZE },
3789 { set_link_security, false, MGMT_SETTING_SIZE },
3790 { set_ssp, false, MGMT_SETTING_SIZE },
3791 { set_hs, false, MGMT_SETTING_SIZE },
3792 { set_le, false, MGMT_SETTING_SIZE },
3793 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
3794 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
3795 { add_uuid, false, MGMT_ADD_UUID_SIZE },
3796 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
3797 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
3798 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
3799 { disconnect, false, MGMT_DISCONNECT_SIZE },
3800 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
3801 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
3802 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
3803 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
3804 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
3805 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
3806 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
3807 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
3808 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
3809 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
3810 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
3811 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
3812 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
3813 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
3814 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
3815 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
3816 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
3817 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
3818 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 3819 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
4375f103 3820 { set_advertising, false, MGMT_SETTING_SIZE },
0663ca2a 3821 { set_bredr, false, MGMT_SETTING_SIZE },
d13eafce 3822 { set_static_address, false, MGMT_SET_STATIC_ADDRESS_SIZE },
14b49b9a 3823 { set_scan_params, false, MGMT_SET_SCAN_PARAMS_SIZE },
0f4e68cf
JH		 3824};
3825
3826
0381101f
JH		 3827int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
3828{
650f726d
VCG		 3829 void *buf;
3830 u8 *cp;
0381101f 3831 struct mgmt_hdr *hdr;
4e51eae9 3832 u16 opcode, index, len;
bdb6d971 3833 struct hci_dev *hdev = NULL;
2e3c35ea 3834 const struct mgmt_handler *handler;
0381101f
JH		 3835 int err;
3836
3837 BT_DBG("got %zu bytes", msglen);
3838
3839 if (msglen < sizeof(*hdr))
3840 return -EINVAL;
3841
e63a15ec 3842 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 3843 if (!buf)
3844 return -ENOMEM;
3845
3846 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
3847 err = -EFAULT;
3848 goto done;
3849 }
3850
650f726d 3851 hdr = buf;
1f350c87
MH		 3852 opcode = __le16_to_cpu(hdr->opcode);
3853 index = __le16_to_cpu(hdr->index);
3854 len = __le16_to_cpu(hdr->len);
0381101f
JH		 3855
3856 if (len != msglen - sizeof(*hdr)) {
3857 err = -EINVAL;
3858 goto done;
3859 }
3860
0f4e68cf 3861 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 3862 hdev = hci_dev_get(index);
3863 if (!hdev) {
3864 err = cmd_status(sk, index, opcode,
04124681 3865 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 3866 goto done;
3867 }
0736cfa8 3868
cebf4cfd
JH		 3869 if (test_bit(HCI_SETUP, &hdev->dev_flags) ||
3870 test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
0736cfa8
MH		 3871 err = cmd_status(sk, index, opcode,
3872 MGMT_STATUS_INVALID_INDEX);
3873 goto done;
3874 }
bdb6d971
JH		 3875 }
3876
0f4e68cf 3877 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 3878 mgmt_handlers[opcode].func == NULL) {
0381101f 3879 BT_DBG("Unknown op %u", opcode);
ca69b795 3880 err = cmd_status(sk, index, opcode,
04124681 3881 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 3882 goto done;
3883 }
3884
3885 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 3886 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 3887 err = cmd_status(sk, index, opcode,
04124681 3888 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 3889 goto done;
0381101f
JH		 3890 }
3891
be22b54e
JH		 3892 handler = &mgmt_handlers[opcode];
3893
3894 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 3895 (!handler->var_len && len != handler->data_len)) {
be22b54e 3896 err = cmd_status(sk, index, opcode,
04124681 3897 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 3898 goto done;
3899 }
3900
0f4e68cf
JH		 3901 if (hdev)
3902 mgmt_init_hdev(sk, hdev);
3903
3904 cp = buf + sizeof(*hdr);
3905
be22b54e 3906 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 3907 if (err < 0)
3908 goto done;
3909
0381101f
JH		 3910 err = msglen;
3911
3912done:
bdb6d971
JH		 3913 if (hdev)
3914 hci_dev_put(hdev);
3915
0381101f
JH		 3916 kfree(buf);
3917 return err;
3918}
c71e97bf 3919
bf6b56db 3920void mgmt_index_added(struct hci_dev *hdev)
c71e97bf 3921{
1514b892 3922 if (hdev->dev_type != HCI_BREDR)
bf6b56db 3923 return;
bb4b2a9a 3924
bf6b56db 3925 mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 3926}
3927
bf6b56db 3928void mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 3929{
5f159032 3930 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 3931
1514b892 3932 if (hdev->dev_type != HCI_BREDR)
bf6b56db 3933 return;
bb4b2a9a 3934
744cf19e 3935 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 3936
bf6b56db 3937 mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 3938}
3939
229ab39c
JH		 3940static void powered_complete(struct hci_dev *hdev, u8 status)
3941{
3942 struct cmd_lookup match = { NULL, hdev };
3943
3944 BT_DBG("status 0x%02x", status);
3945
3946 hci_dev_lock(hdev);
3947
3948 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
3949
3950 new_settings(hdev, match.sk);
3951
3952 hci_dev_unlock(hdev);
3953
3954 if (match.sk)
3955 sock_put(match.sk);
3956}
3957
70da6243 3958static int powered_update_hci(struct hci_dev *hdev)
5add6af8 3959{
890ea898 3960 struct hci_request req;
70da6243 3961 u8 link_sec;
5add6af8 3962
890ea898
JH		 3963 hci_req_init(&req, hdev);
3964
70da6243
JH		 3965 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
3966 !lmp_host_ssp_capable(hdev)) {
3967 u8 ssp = 1;
5e5282bb 3968
890ea898 3969 hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
70da6243 3970 }
5add6af8 3971
c73eee91
JH		 3972 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags) &&
3973 lmp_bredr_capable(hdev)) {
70da6243 3974 struct hci_cp_write_le_host_supported cp;
f0ff92fb 3975
70da6243
JH		 3976 cp.le = 1;
3977 cp.simul = lmp_le_br_capable(hdev);
3d1cbdd6 3978
70da6243
JH		 3979 /* Check first if we already have the right
3980 * host state (host features set)
3981 */
3982 if (cp.le != lmp_host_le_capable(hdev) ||
3983 cp.simul != lmp_host_le_br_capable(hdev))
890ea898
JH		 3984 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED,
3985 sizeof(cp), &cp);
0663ca2a
JH		 3986
3987 /* In case BR/EDR was toggled during the AUTO_OFF phase */
3988 hci_update_ad(&req);
70da6243 3989 }
3d1cbdd6 3990
d13eafce
MH		 3991 if (lmp_le_capable(hdev)) {
3992 /* Set random address to static address if configured */
3993 if (bacmp(&hdev->static_addr, BDADDR_ANY))
3994 hci_req_add(&req, HCI_OP_LE_SET_RANDOM_ADDR, 6,
3995 &hdev->static_addr);
eeca6f89 3996
bba3aa55
MH		 3997 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags))
3998 enable_advertising(&req);
eeca6f89
JH		 3999 }
4000
70da6243
JH		 4001 link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
4002 if (link_sec != test_bit(HCI_AUTH, &hdev->flags))
890ea898
JH		 4003 hci_req_add(&req, HCI_OP_WRITE_AUTH_ENABLE,
4004 sizeof(link_sec), &link_sec);
562fcc24 4005
70da6243 4006 if (lmp_bredr_capable(hdev)) {
56f87901
JH		 4007 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
4008 set_bredr_scan(&req);
890ea898 4009 update_class(&req);
13928971 4010 update_name(&req);
890ea898 4011 update_eir(&req);
70da6243 4012 }
562fcc24 4013
229ab39c 4014 return hci_req_run(&req, powered_complete);
70da6243 4015}
562fcc24 4016
70da6243
JH		 4017int mgmt_powered(struct hci_dev *hdev, u8 powered)
4018{
4019 struct cmd_lookup match = { NULL, hdev };
229ab39c
JH		 4020 u8 status_not_powered = MGMT_STATUS_NOT_POWERED;
4021 u8 zero_cod[] = { 0, 0, 0 };
70da6243 4022 int err;
f0ff92fb 4023
70da6243
JH		 4024 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
4025 return 0;
4026
70da6243 4027 if (powered) {
229ab39c
JH		 4028 if (powered_update_hci(hdev) == 0)
4029 return 0;
fe038884 4030
229ab39c
JH		 4031 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp,
4032 &match);
4033 goto new_settings;
b24752fe
JH		 4034 }
4035
229ab39c
JH		 4036 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
4037 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status_not_powered);
4038
4039 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
4040 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
4041 zero_cod, sizeof(zero_cod), NULL);
4042
4043new_settings:
beadb2bd 4044 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 4045
4046 if (match.sk)
4047 sock_put(match.sk);
4048
7bb895d6 4049 return err;
5add6af8 4050}
73f22f62 4051
3eec705e 4052void mgmt_set_powered_failed(struct hci_dev *hdev, int err)
96570ffc
JH		 4053{
4054 struct pending_cmd *cmd;
4055 u8 status;
4056
4057 cmd = mgmt_pending_find(MGMT_OP_SET_POWERED, hdev);
4058 if (!cmd)
3eec705e 4059 return;
96570ffc
JH		 4060
4061 if (err == -ERFKILL)
4062 status = MGMT_STATUS_RFKILLED;
4063 else
4064 status = MGMT_STATUS_FAILED;
4065
3eec705e 4066 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_POWERED, status);
96570ffc
JH		 4067
4068 mgmt_pending_remove(cmd);
96570ffc
JH		 4069}
4070
744cf19e 4071int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 4072{
76a7f3a4 4073 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 4074 bool changed = false;
4075 int err = 0;
73f22f62 4076
5e5282bb
JH		 4077 if (discoverable) {
4078 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
4079 changed = true;
4080 } else {
4081 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
4082 changed = true;
4083 }
73f22f62 4084
ed9b5f2f 4085 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 4086 &match);
ed9b5f2f 4087
beadb2bd
JH		 4088 if (changed)
4089 err = new_settings(hdev, match.sk);
5e5282bb 4090
73f22f62
JH		 4091 if (match.sk)
4092 sock_put(match.sk);
4093
7bb895d6 4094 return err;
73f22f62 4095}
9fbcbb45 4096
744cf19e 4097int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 4098{
5e5282bb
JH		 4099 bool changed = false;
4100 int err = 0;
9fbcbb45 4101
d7b856f9
JH		 4102 /* Nothing needed here if there's a pending command since that
4103 * commands request completion callback takes care of everything
4104 * necessary.
4105 */
4106 if (mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev))
4107 return 0;
4108
5e5282bb
JH		 4109 if (connectable) {
4110 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
4111 changed = true;
4112 } else {
4113 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
4114 changed = true;
4115 }
9fbcbb45 4116
beadb2bd 4117 if (changed)
d7b856f9 4118 err = new_settings(hdev, NULL);
9fbcbb45 4119
7bb895d6 4120 return err;
9fbcbb45 4121}
55ed8ca1 4122
744cf19e 4123int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 4124{
ca69b795
JH		 4125 u8 mgmt_err = mgmt_status(status);
4126
2d7cee58 4127 if (scan & SCAN_PAGE)
744cf19e 4128 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 4129 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 4130
4131 if (scan & SCAN_INQUIRY)
744cf19e 4132 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 4133 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 4134
4135 return 0;
4136}
4137
53168e5b
CC		 4138int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
4139 bool persistent)
55ed8ca1 4140{
86742e1e 4141 struct mgmt_ev_new_link_key ev;
55ed8ca1 4142
a492cd52 4143 memset(&ev, 0, sizeof(ev));
55ed8ca1 4144
a492cd52 4145 ev.store_hint = persistent;
d753fdc4 4146 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 4147 ev.key.addr.type = BDADDR_BREDR;
a492cd52 4148 ev.key.type = key->type;
9b3b4460 4149 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 4150 ev.key.pin_len = key->pin_len;
55ed8ca1 4151
744cf19e 4152 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 4153}
f7520543 4154
346af67b
VCG		 4155int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
4156{
4157 struct mgmt_ev_new_long_term_key ev;
4158
4159 memset(&ev, 0, sizeof(ev));
4160
4161 ev.store_hint = persistent;
4162 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 4163 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 4164 ev.key.authenticated = key->authenticated;
4165 ev.key.enc_size = key->enc_size;
4166 ev.key.ediv = key->ediv;
4167
4168 if (key->type == HCI_SMP_LTK)
4169 ev.key.master = 1;
4170
4171 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
4172 memcpy(ev.key.val, key->val, sizeof(key->val));
4173
04124681
GP		 4174 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
4175 NULL);
346af67b
VCG		 4176}
4177
ecd90ae7
MH		 4178void mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4179 u8 addr_type, u32 flags, u8 *name, u8 name_len,
4180 u8 *dev_class)
f7520543 4181{
b644ba33
JH		 4182 char buf[512];
4183 struct mgmt_ev_device_connected *ev = (void *) buf;
4184 u16 eir_len = 0;
f7520543 4185
b644ba33 4186 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4187 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 4188
c95f0ba7 4189 ev->flags = __cpu_to_le32(flags);
08c79b61 4190
b644ba33
JH		 4191 if (name_len > 0)
4192 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 4193 name, name_len);
b644ba33
JH		 4194
4195 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 4196 eir_len = eir_append_data(ev->eir, eir_len,
04124681 4197 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 4198
eb55ef07 4199 ev->eir_len = cpu_to_le16(eir_len);
b644ba33 4200
ecd90ae7
MH		 4201 mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
4202 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 4203}
4204
8962ee74
JH		 4205static void disconnect_rsp(struct pending_cmd *cmd, void *data)
4206{
c68fb7ff 4207 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 4208 struct sock **sk = data;
a38528f1 4209 struct mgmt_rp_disconnect rp;
8962ee74 4210
88c3df13
JH		 4211 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
4212 rp.addr.type = cp->addr.type;
8962ee74 4213
aee9b218 4214 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 4215 sizeof(rp));
8962ee74
JH		 4216
4217 *sk = cmd->sk;
4218 sock_hold(*sk);
4219
a664b5bc 4220 mgmt_pending_remove(cmd);
8962ee74
JH		 4221}
4222
124f6e35 4223static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 4224{
b1078ad0 4225 struct hci_dev *hdev = data;
124f6e35
JH		 4226 struct mgmt_cp_unpair_device *cp = cmd->param;
4227 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 4228
4229 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 4230 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
4231 rp.addr.type = cp->addr.type;
a8a1d19e 4232
b1078ad0
JH		 4233 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
4234
aee9b218 4235 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 4236
4237 mgmt_pending_remove(cmd);
4238}
4239
9b80ec5e
MH		 4240void mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
4241 u8 link_type, u8 addr_type, u8 reason)
f7520543 4242{
f0d6a0ea 4243 struct mgmt_ev_device_disconnected ev;
8962ee74 4244 struct sock *sk = NULL;
8962ee74 4245
744cf19e 4246 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 4247
f0d6a0ea
MA		 4248 bacpy(&ev.addr.bdaddr, bdaddr);
4249 ev.addr.type = link_to_bdaddr(link_type, addr_type);
4250 ev.reason = reason;
f7520543 4251
9b80ec5e 4252 mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
8962ee74
JH		 4253
4254 if (sk)
d97dcb66 4255 sock_put(sk);
8962ee74 4256
124f6e35 4257 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 4258 hdev);
8962ee74
JH		 4259}
4260
7892924c
MH		 4261void mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
4262 u8 link_type, u8 addr_type, u8 status)
8962ee74 4263{
88c3df13 4264 struct mgmt_rp_disconnect rp;
8962ee74 4265 struct pending_cmd *cmd;
8962ee74 4266
36a75f1b
JD		 4267 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
4268 hdev);
4269
2e58ef3e 4270 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74 4271 if (!cmd)
7892924c 4272 return;
8962ee74 4273
88c3df13 4274 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 4275 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 4276
7892924c
MH		 4277 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
4278 mgmt_status(status), &rp, sizeof(rp));
8962ee74 4279
a664b5bc 4280 mgmt_pending_remove(cmd);
f7520543 4281}
17d5c04c 4282
445608d0
MH		 4283void mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4284 u8 addr_type, u8 status)
17d5c04c
JH		 4285{
4286 struct mgmt_ev_connect_failed ev;
4287
4c659c39 4288 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4289 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 4290 ev.status = mgmt_status(status);
17d5c04c 4291
445608d0 4292 mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 4293}
980e1a53 4294
744cf19e 4295int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 4296{
4297 struct mgmt_ev_pin_code_request ev;
4298
d8457698 4299 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 4300 ev.addr.type = BDADDR_BREDR;
a770bb5a 4301 ev.secure = secure;
980e1a53 4302
744cf19e 4303 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 4304 NULL);
980e1a53
JH		 4305}
4306
744cf19e 4307int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4308 u8 status)
980e1a53
JH		 4309{
4310 struct pending_cmd *cmd;
ac56fb13 4311 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 4312 int err;
4313
2e58ef3e 4314 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 4315 if (!cmd)
4316 return -ENOENT;
4317
d8457698 4318 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 4319 rp.addr.type = BDADDR_BREDR;
ac56fb13 4320
aee9b218 4321 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 4322 mgmt_status(status), &rp, sizeof(rp));
980e1a53 4323
a664b5bc 4324 mgmt_pending_remove(cmd);
980e1a53
JH		 4325
4326 return err;
4327}
4328
744cf19e 4329int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4330 u8 status)
980e1a53
JH		 4331{
4332 struct pending_cmd *cmd;
ac56fb13 4333 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 4334 int err;
4335
2e58ef3e 4336 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 4337 if (!cmd)
4338 return -ENOENT;
4339
d8457698 4340 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 4341 rp.addr.type = BDADDR_BREDR;
ac56fb13 4342
aee9b218 4343 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 4344 mgmt_status(status), &rp, sizeof(rp));
980e1a53 4345
a664b5bc 4346 mgmt_pending_remove(cmd);
980e1a53
JH		 4347
4348 return err;
4349}
a5c29683 4350
744cf19e 4351int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 4352 u8 link_type, u8 addr_type, __le32 value,
4353 u8 confirm_hint)
a5c29683
JH		 4354{
4355 struct mgmt_ev_user_confirm_request ev;
4356
744cf19e 4357 BT_DBG("%s", hdev->name);
a5c29683 4358
272d90df 4359 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4360 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 4361 ev.confirm_hint = confirm_hint;
78e8098e 4362 ev.value = value;
a5c29683 4363
744cf19e 4364 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 4365 NULL);
a5c29683
JH		 4366}
4367
272d90df 4368int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 4369 u8 link_type, u8 addr_type)
604086b7
BG		 4370{
4371 struct mgmt_ev_user_passkey_request ev;
4372
4373 BT_DBG("%s", hdev->name);
4374
272d90df 4375 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4376 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 4377
4378 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 4379 NULL);
604086b7
BG		 4380}
4381
0df4c185 4382static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 4383 u8 link_type, u8 addr_type, u8 status,
4384 u8 opcode)
a5c29683
JH		 4385{
4386 struct pending_cmd *cmd;
4387 struct mgmt_rp_user_confirm_reply rp;
4388 int err;
4389
2e58ef3e 4390 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 4391 if (!cmd)
4392 return -ENOENT;
4393
272d90df 4394 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 4395 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 4396 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 4397 &rp, sizeof(rp));
a5c29683 4398
a664b5bc 4399 mgmt_pending_remove(cmd);
a5c29683
JH		 4400
4401 return err;
4402}
4403
744cf19e 4404int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4405 u8 link_type, u8 addr_type, u8 status)
a5c29683 4406{
272d90df 4407 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 4408 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 4409}
4410
272d90df 4411int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4412 u8 link_type, u8 addr_type, u8 status)
a5c29683 4413{
272d90df 4414 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 4415 status,
4416 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 4417}
2a611692 4418
604086b7 4419int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4420 u8 link_type, u8 addr_type, u8 status)
604086b7 4421{
272d90df 4422 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 4423 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 4424}
4425
272d90df 4426int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4427 u8 link_type, u8 addr_type, u8 status)
604086b7 4428{
272d90df 4429 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 4430 status,
4431 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 4432}
4433
92a25256
JH		 4434int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
4435 u8 link_type, u8 addr_type, u32 passkey,
4436 u8 entered)
4437{
4438 struct mgmt_ev_passkey_notify ev;
4439
4440 BT_DBG("%s", hdev->name);
4441
4442 bacpy(&ev.addr.bdaddr, bdaddr);
4443 ev.addr.type = link_to_bdaddr(link_type, addr_type);
4444 ev.passkey = __cpu_to_le32(passkey);
4445 ev.entered = entered;
4446
4447 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
4448}
4449
bab73cb6 4450int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 4451 u8 addr_type, u8 status)
2a611692
JH		 4452{
4453 struct mgmt_ev_auth_failed ev;
4454
bab73cb6 4455 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4456 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 4457 ev.status = mgmt_status(status);
2a611692 4458
744cf19e 4459 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 4460}
b312b161 4461
33ef95ed
JH		 4462int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
4463{
4464 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 4465 bool changed = false;
4466 int err = 0;
33ef95ed
JH		 4467
4468 if (status) {
4469 u8 mgmt_err = mgmt_status(status);
4470 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 4471 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 4472 return 0;
4473 }
4474
47990ea0
JH		 4475 if (test_bit(HCI_AUTH, &hdev->flags)) {
4476 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
4477 changed = true;
4478 } else {
4479 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
4480 changed = true;
4481 }
4482
33ef95ed 4483 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 4484 &match);
33ef95ed 4485
47990ea0
JH		 4486 if (changed)
4487 err = new_settings(hdev, match.sk);
33ef95ed
JH		 4488
4489 if (match.sk)
4490 sock_put(match.sk);
4491
4492 return err;
4493}
4494
890ea898 4495static void clear_eir(struct hci_request *req)
cacaf52f 4496{
890ea898 4497 struct hci_dev *hdev = req->hdev;
cacaf52f
JH		 4498 struct hci_cp_write_eir cp;
4499
976eb20e 4500 if (!lmp_ext_inq_capable(hdev))
890ea898 4501 return;
cacaf52f 4502
c80da27e
JH		 4503 memset(hdev->eir, 0, sizeof(hdev->eir));
4504
cacaf52f
JH		 4505 memset(&cp, 0, sizeof(cp));
4506
890ea898 4507 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
cacaf52f
JH		 4508}
4509
c0ecddc2 4510int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 4511{
4512 struct cmd_lookup match = { NULL, hdev };
890ea898 4513 struct hci_request req;
c0ecddc2
JH		 4514 bool changed = false;
4515 int err = 0;
ed2c4ee3
JH		 4516
4517 if (status) {
4518 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 4519
4520 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
9ecb3e24
MH		 4521 &hdev->dev_flags)) {
4522 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
c0ecddc2 4523 err = new_settings(hdev, NULL);
9ecb3e24 4524 }
c0ecddc2 4525
04124681
GP		 4526 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
4527 &mgmt_err);
c0ecddc2
JH		 4528
4529 return err;
4530 }
4531
4532 if (enable) {
9ecb3e24 4533 changed = !test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
c0ecddc2 4534 } else {
9ecb3e24
MH		 4535 changed = test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
4536 if (!changed)
4537 changed = test_and_clear_bit(HCI_HS_ENABLED,
4538 &hdev->dev_flags);
4539 else
4540 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
ed2c4ee3
JH		 4541 }
4542
4543 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
4544
c0ecddc2
JH		 4545 if (changed)
4546 err = new_settings(hdev, match.sk);
ed2c4ee3 4547
5fc6ebb1 4548 if (match.sk)
ed2c4ee3
JH		 4549 sock_put(match.sk);
4550
890ea898
JH		 4551 hci_req_init(&req, hdev);
4552
5fc6ebb1 4553 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 4554 update_eir(&req);
5fc6ebb1 4555 else
890ea898
JH		 4556 clear_eir(&req);
4557
4558 hci_req_run(&req, NULL);
cacaf52f 4559
ed2c4ee3
JH		 4560 return err;
4561}
4562
92da6097 4563static void sk_lookup(struct pending_cmd *cmd, void *data)
90e70454
JH		 4564{
4565 struct cmd_lookup *match = data;
4566
90e70454
JH		 4567 if (match->sk == NULL) {
4568 match->sk = cmd->sk;
4569 sock_hold(match->sk);
4570 }
90e70454
JH		 4571}
4572
7f9a903c 4573int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 4574 u8 status)
7f9a903c 4575{
90e70454
JH		 4576 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
4577 int err = 0;
7f9a903c 4578
92da6097
JH		 4579 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, sk_lookup, &match);
4580 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, sk_lookup, &match);
4581 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, sk_lookup, &match);
90e70454
JH		 4582
4583 if (!status)
04124681
GP		 4584 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
4585 3, NULL);
90e70454
JH		 4586
4587 if (match.sk)
4588 sock_put(match.sk);
7f9a903c
MH		 4589
4590 return err;
4591}
4592
744cf19e 4593int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161 4594{
b312b161 4595 struct mgmt_cp_set_local_name ev;
13928971 4596 struct pending_cmd *cmd;
28cc7bde 4597
13928971
JH		 4598 if (status)
4599 return 0;
b312b161
JH		 4600
4601 memset(&ev, 0, sizeof(ev));
4602 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 4603 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 4604
2e58ef3e 4605 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
13928971
JH		 4606 if (!cmd) {
4607 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
28cc7bde 4608
13928971
JH		 4609 /* If this is a HCI command related to powering on the
4610 * HCI dev don't send any mgmt signals.
4611 */
4612 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev))
4613 return 0;
890ea898 4614 }
b312b161 4615
13928971
JH		 4616 return mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
4617 cmd ? cmd->sk : NULL);
b312b161 4618}
c35938b2 4619
744cf19e 4620int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 4621 u8 *randomizer, u8 status)
c35938b2
SJ		 4622{
4623 struct pending_cmd *cmd;
4624 int err;
4625
744cf19e 4626 BT_DBG("%s status %u", hdev->name, status);
c35938b2 4627
2e58ef3e 4628 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 4629 if (!cmd)
4630 return -ENOENT;
4631
4632 if (status) {
04124681
GP		 4633 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
4634 mgmt_status(status));
c35938b2
SJ		 4635 } else {
4636 struct mgmt_rp_read_local_oob_data rp;
4637
4638 memcpy(rp.hash, hash, sizeof(rp.hash));
4639 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
4640
744cf19e 4641 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 4642 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
4643 sizeof(rp));
c35938b2
SJ		 4644 }
4645
4646 mgmt_pending_remove(cmd);
4647
4648 return err;
4649}
e17acd40 4650
901801b9
MH		 4651void mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4652 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
4653 ssp, u8 *eir, u16 eir_len)
e17acd40 4654{
e319d2e7
JH		 4655 char buf[512];
4656 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 4657 size_t ev_size;
e17acd40 4658
12602d0c 4659 if (!hci_discovery_active(hdev))
901801b9 4660 return;
12602d0c 4661
1dc06093
JH		 4662 /* Leave 5 bytes for a potential CoD field */
4663 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
901801b9 4664 return;
7d262f86 4665
1dc06093
JH		 4666 memset(buf, 0, sizeof(buf));
4667
e319d2e7 4668 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4669 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 4670 ev->rssi = rssi;
9a395a80 4671 if (cfm_name)
612dfce9 4672 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 4673 if (!ssp)
612dfce9 4674 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 4675
1dc06093 4676 if (eir_len > 0)
e319d2e7 4677 memcpy(ev->eir, eir, eir_len);
e17acd40 4678
1dc06093
JH		 4679 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
4680 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 4681 dev_class, 3);
1dc06093 4682
eb55ef07 4683 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 4684 ev_size = sizeof(*ev) + eir_len;
f8523598 4685
901801b9 4686 mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 4687}
a88a9652 4688
9cf12aee
MH		 4689void mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4690 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 4691{
b644ba33
JH		 4692 struct mgmt_ev_device_found *ev;
4693 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
4694 u16 eir_len;
a88a9652 4695
b644ba33 4696 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 4697
b644ba33
JH		 4698 memset(buf, 0, sizeof(buf));
4699
4700 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4701 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 4702 ev->rssi = rssi;
4703
4704 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 4705 name_len);
b644ba33 4706
eb55ef07 4707 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 4708
9cf12aee 4709 mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, sizeof(*ev) + eir_len, NULL);
a88a9652 4710}
314b2381 4711
2f1e063b 4712void mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 4713{
f963e8e9 4714 struct mgmt_ev_discovering ev;
164a6e78
JH		 4715 struct pending_cmd *cmd;
4716
343fb145
AG		 4717 BT_DBG("%s discovering %u", hdev->name, discovering);
4718
164a6e78 4719 if (discovering)
2e58ef3e 4720 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 4721 else
2e58ef3e 4722 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 4723
4724 if (cmd != NULL) {
f808e166
JH		 4725 u8 type = hdev->discovery.type;
4726
04124681
GP		 4727 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
4728 sizeof(type));
164a6e78
JH		 4729 mgmt_pending_remove(cmd);
4730 }
4731
f963e8e9
JH		 4732 memset(&ev, 0, sizeof(ev));
4733 ev.type = hdev->discovery.type;
4734 ev.discovering = discovering;
4735
2f1e063b 4736 mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 4737}
5e762444 4738
88c1fe4b 4739int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4740{
4741 struct pending_cmd *cmd;
4742 struct mgmt_ev_device_blocked ev;
4743
2e58ef3e 4744 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 4745
88c1fe4b
JH		 4746 bacpy(&ev.addr.bdaddr, bdaddr);
4747 ev.addr.type = type;
5e762444 4748
744cf19e 4749 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 4750 cmd ? cmd->sk : NULL);
5e762444
AJ		 4751}
4752
88c1fe4b 4753int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4754{
4755 struct pending_cmd *cmd;
4756 struct mgmt_ev_device_unblocked ev;
4757
2e58ef3e 4758 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 4759
88c1fe4b
JH		 4760 bacpy(&ev.addr.bdaddr, bdaddr);
4761 ev.addr.type = type;
5e762444 4762
744cf19e 4763 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 4764 cmd ? cmd->sk : NULL);
5e762444 4765}
5976e608
MH		 4766
4767static void adv_enable_complete(struct hci_dev *hdev, u8 status)
4768{
4769 BT_DBG("%s status %u", hdev->name, status);
4770
4771 /* Clear the advertising mgmt setting if we failed to re-enable it */
4772 if (status) {
4773 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
a6d811ed 4774 new_settings(hdev, NULL);
5976e608
MH		 4775 }
4776}
4777
4778void mgmt_reenable_advertising(struct hci_dev *hdev)
4779{
4780 struct hci_request req;
4781
b145edcd 4782 if (hci_conn_num(hdev, LE_LINK) > 0)
5976e608
MH		 4783 return;
4784
4785 if (!test_bit(HCI_ADVERTISING, &hdev->dev_flags))
4786 return;
4787
4788 hci_req_init(&req, hdev);
4789 enable_advertising(&req);
4790
4791 /* If this fails we have no option but to let user space know
4792 * that we've disabled advertising.
4793 */
4794 if (hci_req_run(&req, adv_enable_complete) < 0) {
4795 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
a6d811ed 4796 new_settings(hdev, NULL);
5976e608
MH		 4797 }
4798}
Linux kernel - Deliverables
This page took 0.497725 seconds and 5 git commands to generate.