projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add a new workqueue for hci_request operations
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
23b3b133 38#define MGMT_REVISION 2
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
612dfce9 225 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
612dfce9 256 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
476e44cb 329 int err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
476e44cb 350 count = 0;
8035ded4 351 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 352 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 353 continue;
354
bb4b2a9a
AE		 355 if (!mgmt_valid_hdev(d))
356 continue;
357
476e44cb 358 rp->index[count++] = cpu_to_le16(d->id);
faba42eb
JH		 359 BT_DBG("Added hci%u", d->id);
360 }
361
476e44cb
JH		 362 rp->num_controllers = cpu_to_le16(count);
363 rp_len = sizeof(*rp) + (2 * count);
364
faba42eb
JH		 365 read_unlock(&hci_dev_list_lock);
366
aee9b218 367 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 368 rp_len);
faba42eb 369
a38528f1
JH		 370 kfree(rp);
371
372 return err;
faba42eb
JH		 373}
374
69ab39ea
JH		 375static u32 get_supported_settings(struct hci_dev *hdev)
376{
377 u32 settings = 0;
378
379 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 380 settings |= MGMT_SETTING_PAIRABLE;
381
9a1a1996 382 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 383 settings |= MGMT_SETTING_SSP;
384
ed3fa31f 385 if (lmp_bredr_capable(hdev)) {
33c525c0
JH		 386 settings |= MGMT_SETTING_CONNECTABLE;
387 settings |= MGMT_SETTING_FAST_CONNECTABLE;
388 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 389 settings |= MGMT_SETTING_BREDR;
390 settings |= MGMT_SETTING_LINK_SECURITY;
391 }
392
d7b7e796
MH		 393 if (enable_hs)
394 settings |= MGMT_SETTING_HS;
395
c383ddc4 396 if (lmp_le_capable(hdev))
9d42820f 397 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 398
399 return settings;
400}
401
402static u32 get_current_settings(struct hci_dev *hdev)
403{
404 u32 settings = 0;
405
f1f0eb02 406 if (hdev_is_powered(hdev))
f0d4b78a
MH		 407 settings |= MGMT_SETTING_POWERED;
408
5e5282bb 409 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 410 settings |= MGMT_SETTING_CONNECTABLE;
411
5e5282bb 412 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 413 settings |= MGMT_SETTING_DISCOVERABLE;
414
a8b2d5c2 415 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 416 settings |= MGMT_SETTING_PAIRABLE;
417
ed3fa31f 418 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 419 settings |= MGMT_SETTING_BREDR;
420
06199cf8 421 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 422 settings |= MGMT_SETTING_LE;
423
47990ea0 424 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 425 settings |= MGMT_SETTING_LINK_SECURITY;
426
84bde9d6 427 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 428 settings |= MGMT_SETTING_SSP;
429
6d80dfd0
JH		 430 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
431 settings |= MGMT_SETTING_HS;
432
69ab39ea
JH		 433 return settings;
434}
435
ef580372
JH		 436#define PNP_INFO_SVCLASS_ID 0x1200
437
438static u8 bluetooth_base_uuid[] = {
439 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
440 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
441};
442
443static u16 get_uuid16(u8 *uuid128)
444{
445 u32 val;
446 int i;
447
448 for (i = 0; i < 12; i++) {
449 if (bluetooth_base_uuid[i] != uuid128[i])
450 return 0;
451 }
452
3e9fb6d8 453 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 454 if (val > 0xffff)
455 return 0;
456
457 return (u16) val;
458}
459
460static void create_eir(struct hci_dev *hdev, u8 *data)
461{
462 u8 *ptr = data;
463 u16 eir_len = 0;
464 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
465 int i, truncated = 0;
466 struct bt_uuid *uuid;
467 size_t name_len;
468
469 name_len = strlen(hdev->dev_name);
470
471 if (name_len > 0) {
472 /* EIR Data type */
473 if (name_len > 48) {
474 name_len = 48;
475 ptr[1] = EIR_NAME_SHORT;
476 } else
477 ptr[1] = EIR_NAME_COMPLETE;
478
479 /* EIR Data length */
480 ptr[0] = name_len + 1;
481
482 memcpy(ptr + 2, hdev->dev_name, name_len);
483
484 eir_len += (name_len + 2);
485 ptr += (name_len + 2);
486 }
487
bbaf444a 488 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 489 ptr[0] = 2;
490 ptr[1] = EIR_TX_POWER;
491 ptr[2] = (u8) hdev->inq_tx_power;
492
493 eir_len += 3;
494 ptr += 3;
495 }
496
2b9be137
MH		 497 if (hdev->devid_source > 0) {
498 ptr[0] = 9;
499 ptr[1] = EIR_DEVICE_ID;
500
501 put_unaligned_le16(hdev->devid_source, ptr + 2);
502 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
503 put_unaligned_le16(hdev->devid_product, ptr + 6);
504 put_unaligned_le16(hdev->devid_version, ptr + 8);
505
506 eir_len += 10;
507 ptr += 10;
508 }
509
ef580372
JH		 510 memset(uuid16_list, 0, sizeof(uuid16_list));
511
512 /* Group all UUID16 types */
513 list_for_each_entry(uuid, &hdev->uuids, list) {
514 u16 uuid16;
515
516 uuid16 = get_uuid16(uuid->uuid);
517 if (uuid16 == 0)
518 return;
519
520 if (uuid16 < 0x1100)
521 continue;
522
523 if (uuid16 == PNP_INFO_SVCLASS_ID)
524 continue;
525
526 /* Stop if not enough space to put next UUID */
527 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
528 truncated = 1;
529 break;
530 }
531
532 /* Check for duplicates */
533 for (i = 0; uuid16_list[i] != 0; i++)
534 if (uuid16_list[i] == uuid16)
535 break;
536
537 if (uuid16_list[i] == 0) {
538 uuid16_list[i] = uuid16;
539 eir_len += sizeof(u16);
540 }
541 }
542
543 if (uuid16_list[0] != 0) {
544 u8 *length = ptr;
545
546 /* EIR Data type */
547 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
548
549 ptr += 2;
550 eir_len += 2;
551
552 for (i = 0; uuid16_list[i] != 0; i++) {
553 *ptr++ = (uuid16_list[i] & 0x00ff);
554 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
555 }
556
557 /* EIR Data length */
558 *length = (i * sizeof(u16)) + 1;
559 }
560}
561
562static int update_eir(struct hci_dev *hdev)
563{
564 struct hci_cp_write_eir cp;
565
504c8dcd 566 if (!hdev_is_powered(hdev))
7770c4aa
JH		 567 return 0;
568
976eb20e 569 if (!lmp_ext_inq_capable(hdev))
ef580372
JH		 570 return 0;
571
84bde9d6 572 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 573 return 0;
574
a8b2d5c2 575 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 576 return 0;
577
578 memset(&cp, 0, sizeof(cp));
579
580 create_eir(hdev, cp.data);
581
582 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
583 return 0;
584
585 memcpy(hdev->eir, cp.data, sizeof(cp.data));
586
587 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
588}
589
590static u8 get_service_classes(struct hci_dev *hdev)
591{
592 struct bt_uuid *uuid;
593 u8 val = 0;
594
595 list_for_each_entry(uuid, &hdev->uuids, list)
596 val |= uuid->svc_hint;
597
598 return val;
599}
600
601static int update_class(struct hci_dev *hdev)
602{
603 u8 cod[3];
c95f0ba7 604 int err;
ef580372
JH		 605
606 BT_DBG("%s", hdev->name);
607
504c8dcd 608 if (!hdev_is_powered(hdev))
7770c4aa
JH		 609 return 0;
610
a8b2d5c2 611 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 612 return 0;
613
614 cod[0] = hdev->minor_class;
615 cod[1] = hdev->major_class;
616 cod[2] = get_service_classes(hdev);
617
618 if (memcmp(cod, hdev->dev_class, 3) == 0)
619 return 0;
620
c95f0ba7
JH		 621 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
622 if (err == 0)
623 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
624
625 return err;
ef580372
JH		 626}
627
7d78525d
JH		 628static void service_cache_off(struct work_struct *work)
629{
630 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 631 service_cache.work);
7d78525d 632
a8b2d5c2 633 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 634 return;
635
636 hci_dev_lock(hdev);
637
638 update_eir(hdev);
639 update_class(hdev);
640
641 hci_dev_unlock(hdev);
642}
643
6a919082 644static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 645{
4f87da80 646 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 647 return;
648
4f87da80 649 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 650
4f87da80
JH		 651 /* Non-mgmt controlled devices get this bit set
652 * implicitly so that pairing works for them, however
653 * for mgmt we require user-space to explicitly enable
654 * it
655 */
656 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 657}
658
0f4e68cf 659static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 660 void *data, u16 data_len)
0381101f 661{
a38528f1 662 struct mgmt_rp_read_info rp;
f7b64e69 663
bdb6d971 664 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 665
09fd0de5 666 hci_dev_lock(hdev);
f7b64e69 667
dc4fe30b
JH		 668 memset(&rp, 0, sizeof(rp));
669
69ab39ea 670 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 671
69ab39ea 672 rp.version = hdev->hci_ver;
eb55ef07 673 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 674
675 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
676 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 677
a38528f1 678 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 679
dc4fe30b 680 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 681 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 682
09fd0de5 683 hci_dev_unlock(hdev);
0381101f 684
bdb6d971 685 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 686 sizeof(rp));
0381101f
JH		 687}
688
eec8d2bc
JH		 689static void mgmt_pending_free(struct pending_cmd *cmd)
690{
691 sock_put(cmd->sk);
c68fb7ff 692 kfree(cmd->param);
eec8d2bc
JH		 693 kfree(cmd);
694}
695
366a0336 696static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 697 struct hci_dev *hdev, void *data,
698 u16 len)
eec8d2bc
JH		 699{
700 struct pending_cmd *cmd;
701
12b94565 702 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 703 if (!cmd)
366a0336 704 return NULL;
eec8d2bc
JH		 705
706 cmd->opcode = opcode;
2e58ef3e 707 cmd->index = hdev->id;
eec8d2bc 708
12b94565 709 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 710 if (!cmd->param) {
eec8d2bc 711 kfree(cmd);
366a0336 712 return NULL;
eec8d2bc
JH		 713 }
714
8fce6357
SJ		 715 if (data)
716 memcpy(cmd->param, data, len);
eec8d2bc
JH		 717
718 cmd->sk = sk;
719 sock_hold(sk);
720
2e58ef3e 721 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 722
366a0336 723 return cmd;
eec8d2bc
JH		 724}
725
744cf19e 726static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 727 void (*cb)(struct pending_cmd *cmd,
728 void *data),
04124681 729 void *data)
eec8d2bc
JH		 730{
731 struct list_head *p, *n;
732
2e58ef3e 733 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 734 struct pending_cmd *cmd;
735
736 cmd = list_entry(p, struct pending_cmd, list);
737
b24752fe 738 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 739 continue;
740
eec8d2bc
JH		 741 cb(cmd, data);
742 }
743}
744
2e58ef3e 745static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 746{
8035ded4 747 struct pending_cmd *cmd;
eec8d2bc 748
2e58ef3e 749 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 750 if (cmd->opcode == opcode)
751 return cmd;
eec8d2bc
JH		 752 }
753
754 return NULL;
755}
756
a664b5bc 757static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 758{
73f22f62
JH		 759 list_del(&cmd->list);
760 mgmt_pending_free(cmd);
761}
762
69ab39ea 763static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 764{
69ab39ea 765 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 766
aee9b218 767 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 768 sizeof(settings));
8680570b
JH		 769}
770
bdb6d971 771static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 772 u16 len)
eec8d2bc 773{
650f726d 774 struct mgmt_mode *cp = data;
366a0336 775 struct pending_cmd *cmd;
4b34ee78 776 int err;
eec8d2bc 777
bdb6d971 778 BT_DBG("request for %s", hdev->name);
eec8d2bc 779
a7e80f25
JH		 780 if (cp->val != 0x00 && cp->val != 0x01)
781 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
782 MGMT_STATUS_INVALID_PARAMS);
783
09fd0de5 784 hci_dev_lock(hdev);
eec8d2bc 785
f0d4b78a
MH		 786 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
787 cancel_delayed_work(&hdev->power_off);
788
789 if (cp->val) {
a1d70450
JH		 790 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
791 data, len);
792 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 793 goto failed;
794 }
795 }
796
4b34ee78 797 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 798 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 799 goto failed;
800 }
801
2e58ef3e 802 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 803 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 804 MGMT_STATUS_BUSY);
eec8d2bc
JH		 805 goto failed;
806 }
807
2e58ef3e 808 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 809 if (!cmd) {
810 err = -ENOMEM;
eec8d2bc 811 goto failed;
366a0336 812 }
eec8d2bc 813
72a734ec 814 if (cp->val)
7f971041 815 schedule_work(&hdev->power_on);
eec8d2bc 816 else
80b7ab33 817 schedule_work(&hdev->power_off.work);
eec8d2bc 818
366a0336 819 err = 0;
eec8d2bc
JH		 820
821failed:
09fd0de5 822 hci_dev_unlock(hdev);
366a0336 823 return err;
eec8d2bc
JH		 824}
825
04124681
GP		 826static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
827 struct sock *skip_sk)
beadb2bd
JH		 828{
829 struct sk_buff *skb;
830 struct mgmt_hdr *hdr;
831
790eff44 832 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 833 if (!skb)
834 return -ENOMEM;
835
836 hdr = (void *) skb_put(skb, sizeof(*hdr));
837 hdr->opcode = cpu_to_le16(event);
838 if (hdev)
839 hdr->index = cpu_to_le16(hdev->id);
840 else
612dfce9 841 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 842 hdr->len = cpu_to_le16(data_len);
843
844 if (data)
845 memcpy(skb_put(skb, data_len), data, data_len);
846
97e0bdeb
MH		 847 /* Time stamp */
848 __net_timestamp(skb);
849
beadb2bd
JH		 850 hci_send_to_control(skb, skip_sk);
851 kfree_skb(skb);
852
853 return 0;
854}
855
856static int new_settings(struct hci_dev *hdev, struct sock *skip)
857{
858 __le32 ev;
859
860 ev = cpu_to_le32(get_current_settings(hdev));
861
862 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
863}
864
bdb6d971 865static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 866 u16 len)
73f22f62 867{
650f726d 868 struct mgmt_cp_set_discoverable *cp = data;
366a0336 869 struct pending_cmd *cmd;
5e5282bb 870 u16 timeout;
73f22f62
JH		 871 u8 scan;
872 int err;
873
bdb6d971 874 BT_DBG("request for %s", hdev->name);
73f22f62 875
33c525c0
JH		 876 if (!lmp_bredr_capable(hdev))
877 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
878 MGMT_STATUS_NOT_SUPPORTED);
879
a7e80f25
JH		 880 if (cp->val != 0x00 && cp->val != 0x01)
881 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
882 MGMT_STATUS_INVALID_PARAMS);
883
1f350c87 884 timeout = __le16_to_cpu(cp->timeout);
24c54a90 885 if (!cp->val && timeout > 0)
bdb6d971 886 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 887 MGMT_STATUS_INVALID_PARAMS);
73f22f62 888
09fd0de5 889 hci_dev_lock(hdev);
73f22f62 890
5e5282bb 891 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 892 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 893 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 894 goto failed;
895 }
896
2e58ef3e 897 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 898 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 899 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 900 MGMT_STATUS_BUSY);
73f22f62
JH		 901 goto failed;
902 }
903
5e5282bb 904 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 905 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 906 MGMT_STATUS_REJECTED);
5e5282bb
JH		 907 goto failed;
908 }
909
910 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 911 bool changed = false;
912
913 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
914 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
915 changed = true;
916 }
917
5e5282bb 918 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 919 if (err < 0)
920 goto failed;
921
922 if (changed)
923 err = new_settings(hdev, sk);
924
5e5282bb
JH		 925 goto failed;
926 }
927
928 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 929 if (hdev->discov_timeout > 0) {
930 cancel_delayed_work(&hdev->discov_off);
931 hdev->discov_timeout = 0;
932 }
933
934 if (cp->val && timeout > 0) {
935 hdev->discov_timeout = timeout;
936 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
937 msecs_to_jiffies(hdev->discov_timeout * 1000));
938 }
939
69ab39ea 940 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 941 goto failed;
942 }
943
2e58ef3e 944 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 945 if (!cmd) {
946 err = -ENOMEM;
73f22f62 947 goto failed;
366a0336 948 }
73f22f62
JH		 949
950 scan = SCAN_PAGE;
951
72a734ec 952 if (cp->val)
73f22f62 953 scan |= SCAN_INQUIRY;
16ab91ab 954 else
e0f9309f 955 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 956
957 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
958 if (err < 0)
a664b5bc 959 mgmt_pending_remove(cmd);
73f22f62 960
16ab91ab 961 if (cp->val)
5e5282bb 962 hdev->discov_timeout = timeout;
16ab91ab 963
73f22f62 964failed:
09fd0de5 965 hci_dev_unlock(hdev);
73f22f62
JH		 966 return err;
967}
968
bdb6d971 969static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 970 u16 len)
9fbcbb45 971{
650f726d 972 struct mgmt_mode *cp = data;
366a0336 973 struct pending_cmd *cmd;
9fbcbb45
JH		 974 u8 scan;
975 int err;
976
bdb6d971 977 BT_DBG("request for %s", hdev->name);
9fbcbb45 978
33c525c0
JH		 979 if (!lmp_bredr_capable(hdev))
980 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
981 MGMT_STATUS_NOT_SUPPORTED);
982
a7e80f25
JH		 983 if (cp->val != 0x00 && cp->val != 0x01)
984 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
985 MGMT_STATUS_INVALID_PARAMS);
986
09fd0de5 987 hci_dev_lock(hdev);
9fbcbb45 988
4b34ee78 989 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 990 bool changed = false;
991
992 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
993 changed = true;
994
6bf0e469 995 if (cp->val) {
5e5282bb 996 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 997 } else {
5e5282bb
JH		 998 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
999 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1000 }
0224d2fa 1001
5e5282bb 1002 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1003 if (err < 0)
1004 goto failed;
1005
1006 if (changed)
1007 err = new_settings(hdev, sk);
1008
9fbcbb45
JH		 1009 goto failed;
1010 }
1011
2e58ef3e 1012 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1013 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1014 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1015 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1016 goto failed;
1017 }
1018
5e5282bb 1019 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1020 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1021 goto failed;
1022 }
1023
2e58ef3e 1024 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1025 if (!cmd) {
1026 err = -ENOMEM;
9fbcbb45 1027 goto failed;
366a0336 1028 }
9fbcbb45 1029
6bf0e469 1030 if (cp->val) {
9fbcbb45 1031 scan = SCAN_PAGE;
6bf0e469 1032 } else {
9fbcbb45
JH		 1033 scan = 0;
1034
df2c6c5e 1035 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1036 hdev->discov_timeout > 0)
df2c6c5e
JH		 1037 cancel_delayed_work(&hdev->discov_off);
1038 }
1039
9fbcbb45
JH		 1040 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1041 if (err < 0)
a664b5bc 1042 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1043
1044failed:
09fd0de5 1045 hci_dev_unlock(hdev);
9fbcbb45
JH		 1046 return err;
1047}
1048
bdb6d971 1049static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1050 u16 len)
c542a06c 1051{
650f726d 1052 struct mgmt_mode *cp = data;
c542a06c
JH		 1053 int err;
1054
bdb6d971 1055 BT_DBG("request for %s", hdev->name);
c542a06c 1056
a7e80f25
JH		 1057 if (cp->val != 0x00 && cp->val != 0x01)
1058 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1059 MGMT_STATUS_INVALID_PARAMS);
1060
09fd0de5 1061 hci_dev_lock(hdev);
c542a06c
JH		 1062
1063 if (cp->val)
a8b2d5c2 1064 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1065 else
a8b2d5c2 1066 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1067
69ab39ea 1068 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1069 if (err < 0)
1070 goto failed;
1071
beadb2bd 1072 err = new_settings(hdev, sk);
c542a06c
JH		 1073
1074failed:
09fd0de5 1075 hci_dev_unlock(hdev);
c542a06c
JH		 1076 return err;
1077}
1078
04124681
GP		 1079static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1080 u16 len)
33ef95ed
JH		 1081{
1082 struct mgmt_mode *cp = data;
1083 struct pending_cmd *cmd;
816a11d5 1084 u8 val;
33ef95ed
JH		 1085 int err;
1086
bdb6d971 1087 BT_DBG("request for %s", hdev->name);
33ef95ed 1088
33c525c0
JH		 1089 if (!lmp_bredr_capable(hdev))
1090 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1091 MGMT_STATUS_NOT_SUPPORTED);
1092
a7e80f25
JH		 1093 if (cp->val != 0x00 && cp->val != 0x01)
1094 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1095 MGMT_STATUS_INVALID_PARAMS);
1096
33ef95ed
JH		 1097 hci_dev_lock(hdev);
1098
4b34ee78 1099 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1100 bool changed = false;
1101
1102 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1103 &hdev->dev_flags)) {
47990ea0
JH		 1104 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1105 changed = true;
1106 }
1107
1108 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1109 if (err < 0)
1110 goto failed;
1111
1112 if (changed)
1113 err = new_settings(hdev, sk);
1114
33ef95ed
JH		 1115 goto failed;
1116 }
1117
1118 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1119 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1120 MGMT_STATUS_BUSY);
33ef95ed
JH		 1121 goto failed;
1122 }
1123
1124 val = !!cp->val;
1125
1126 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1127 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1128 goto failed;
1129 }
1130
1131 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1132 if (!cmd) {
1133 err = -ENOMEM;
1134 goto failed;
1135 }
1136
1137 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1138 if (err < 0) {
1139 mgmt_pending_remove(cmd);
1140 goto failed;
1141 }
1142
1143failed:
1144 hci_dev_unlock(hdev);
33ef95ed
JH		 1145 return err;
1146}
1147
bdb6d971 1148static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1149{
1150 struct mgmt_mode *cp = data;
1151 struct pending_cmd *cmd;
816a11d5 1152 u8 val;
ed2c4ee3
JH		 1153 int err;
1154
bdb6d971 1155 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1156
13ecd8b6
JH		 1157 if (!lmp_ssp_capable(hdev))
1158 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1159 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1160
a7e80f25
JH		 1161 if (cp->val != 0x00 && cp->val != 0x01)
1162 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1163 MGMT_STATUS_INVALID_PARAMS);
1164
13ecd8b6 1165 hci_dev_lock(hdev);
6c8f12c1 1166
c0ecddc2
JH		 1167 val = !!cp->val;
1168
4b34ee78 1169 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1170 bool changed = false;
1171
1172 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1173 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1174 changed = true;
1175 }
1176
1177 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1178 if (err < 0)
1179 goto failed;
1180
1181 if (changed)
1182 err = new_settings(hdev, sk);
1183
ed2c4ee3
JH		 1184 goto failed;
1185 }
1186
1187 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1188 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1189 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1190 goto failed;
1191 }
1192
ed2c4ee3
JH		 1193 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1194 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1195 goto failed;
1196 }
1197
1198 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1199 if (!cmd) {
1200 err = -ENOMEM;
1201 goto failed;
1202 }
1203
1204 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1205 if (err < 0) {
1206 mgmt_pending_remove(cmd);
1207 goto failed;
1208 }
1209
1210failed:
1211 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1212 return err;
1213}
1214
bdb6d971 1215static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1216{
1217 struct mgmt_mode *cp = data;
6d80dfd0 1218
bdb6d971 1219 BT_DBG("request for %s", hdev->name);
6d80dfd0 1220
bdb6d971
JH		 1221 if (!enable_hs)
1222 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1223 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0 1224
a7e80f25
JH		 1225 if (cp->val != 0x00 && cp->val != 0x01)
1226 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1227 MGMT_STATUS_INVALID_PARAMS);
1228
6d80dfd0
JH		 1229 if (cp->val)
1230 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1231 else
1232 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1233
bdb6d971 1234 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1235}
1236
bdb6d971 1237static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1238{
1239 struct mgmt_mode *cp = data;
1240 struct hci_cp_write_le_host_supported hci_cp;
1241 struct pending_cmd *cmd;
06199cf8 1242 int err;
0b60eba1 1243 u8 val, enabled;
06199cf8 1244
bdb6d971 1245 BT_DBG("request for %s", hdev->name);
06199cf8 1246
13ecd8b6
JH		 1247 if (!lmp_le_capable(hdev))
1248 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1249 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1250
a7e80f25
JH		 1251 if (cp->val != 0x00 && cp->val != 0x01)
1252 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1253 MGMT_STATUS_INVALID_PARAMS);
1254
13ecd8b6 1255 hci_dev_lock(hdev);
06199cf8
JH		 1256
1257 val = !!cp->val;
ffa88e02 1258 enabled = lmp_host_le_capable(hdev);
06199cf8 1259
0b60eba1 1260 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1261 bool changed = false;
1262
1263 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1264 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1265 changed = true;
1266 }
1267
1268 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1269 if (err < 0)
1de028ce 1270 goto unlock;
06199cf8
JH		 1271
1272 if (changed)
1273 err = new_settings(hdev, sk);
1274
1de028ce 1275 goto unlock;
06199cf8
JH		 1276 }
1277
1278 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1279 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1280 MGMT_STATUS_BUSY);
1de028ce 1281 goto unlock;
06199cf8
JH		 1282 }
1283
1284 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1285 if (!cmd) {
1286 err = -ENOMEM;
1de028ce 1287 goto unlock;
06199cf8
JH		 1288 }
1289
1290 memset(&hci_cp, 0, sizeof(hci_cp));
1291
1292 if (val) {
1293 hci_cp.le = val;
ffa88e02 1294 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1295 }
1296
04124681
GP		 1297 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1298 &hci_cp);
0c01bc48 1299 if (err < 0)
06199cf8 1300 mgmt_pending_remove(cmd);
06199cf8 1301
1de028ce
JH		 1302unlock:
1303 hci_dev_unlock(hdev);
06199cf8
JH		 1304 return err;
1305}
1306
bdb6d971 1307static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1308{
650f726d 1309 struct mgmt_cp_add_uuid *cp = data;
90e70454 1310 struct pending_cmd *cmd;
2aeb9a1a 1311 struct bt_uuid *uuid;
2aeb9a1a
JH		 1312 int err;
1313
bdb6d971 1314 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1315
09fd0de5 1316 hci_dev_lock(hdev);
2aeb9a1a 1317
c95f0ba7 1318 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1319 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1320 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1321 goto failed;
1322 }
1323
92c4c204 1324 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1325 if (!uuid) {
1326 err = -ENOMEM;
1327 goto failed;
1328 }
1329
1330 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1331 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1332
1333 list_add(&uuid->list, &hdev->uuids);
1334
1aff6f09
JH		 1335 err = update_class(hdev);
1336 if (err < 0)
1337 goto failed;
1338
80a1e1db
JH		 1339 err = update_eir(hdev);
1340 if (err < 0)
1341 goto failed;
1342
90e70454 1343 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1344 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1345 hdev->dev_class, 3);
90e70454
JH		 1346 goto failed;
1347 }
1348
1349 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1350 if (!cmd)
90e70454 1351 err = -ENOMEM;
2aeb9a1a
JH		 1352
1353failed:
09fd0de5 1354 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1355 return err;
1356}
1357
24b78d0f
JH		 1358static bool enable_service_cache(struct hci_dev *hdev)
1359{
1360 if (!hdev_is_powered(hdev))
1361 return false;
1362
1363 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
17b02e62 1364 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT);
24b78d0f
JH		 1365 return true;
1366 }
1367
1368 return false;
1369}
1370
bdb6d971 1371static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1372 u16 len)
2aeb9a1a 1373{
650f726d 1374 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1375 struct pending_cmd *cmd;
2aeb9a1a 1376 struct list_head *p, *n;
2aeb9a1a 1377 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1378 int err, found;
1379
bdb6d971 1380 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1381
09fd0de5 1382 hci_dev_lock(hdev);
2aeb9a1a 1383
c95f0ba7 1384 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1385 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1386 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1387 goto unlock;
1388 }
1389
2aeb9a1a
JH		 1390 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1391 err = hci_uuids_clear(hdev);
4004b6d9 1392
24b78d0f 1393 if (enable_service_cache(hdev)) {
bdb6d971 1394 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1395 0, hdev->dev_class, 3);
24b78d0f
JH		 1396 goto unlock;
1397 }
4004b6d9 1398
9246a869 1399 goto update_class;
2aeb9a1a
JH		 1400 }
1401
1402 found = 0;
1403
1404 list_for_each_safe(p, n, &hdev->uuids) {
1405 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1406
1407 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1408 continue;
1409
1410 list_del(&match->list);
482049f7 1411 kfree(match);
2aeb9a1a
JH		 1412 found++;
1413 }
1414
1415 if (found == 0) {
bdb6d971 1416 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1417 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1418 goto unlock;
1419 }
1420
9246a869 1421update_class:
1aff6f09
JH		 1422 err = update_class(hdev);
1423 if (err < 0)
1424 goto unlock;
1425
80a1e1db
JH		 1426 err = update_eir(hdev);
1427 if (err < 0)
1428 goto unlock;
1429
90e70454 1430 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1431 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1432 hdev->dev_class, 3);
90e70454
JH		 1433 goto unlock;
1434 }
1435
1436 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1437 if (!cmd)
90e70454 1438 err = -ENOMEM;
2aeb9a1a
JH		 1439
1440unlock:
09fd0de5 1441 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1442 return err;
1443}
1444
bdb6d971 1445static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1446 u16 len)
1aff6f09 1447{
650f726d 1448 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1449 struct pending_cmd *cmd;
1aff6f09
JH		 1450 int err;
1451
bdb6d971 1452 BT_DBG("request for %s", hdev->name);
1aff6f09 1453
13ecd8b6
JH		 1454 if (!lmp_bredr_capable(hdev))
1455 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1456 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1457
13ecd8b6
JH		 1458 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags))
1459 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1460 MGMT_STATUS_BUSY);
ee98f473 1461
13ecd8b6
JH		 1462 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0)
1463 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1464 MGMT_STATUS_INVALID_PARAMS);
c95f0ba7 1465
13ecd8b6 1466 hci_dev_lock(hdev);
575b3a02 1467
932f5ff5
JH		 1468 hdev->major_class = cp->major;
1469 hdev->minor_class = cp->minor;
1470
b5235a65 1471 if (!hdev_is_powered(hdev)) {
bdb6d971 1472 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1473 hdev->dev_class, 3);
b5235a65
JH		 1474 goto unlock;
1475 }
1476
a8b2d5c2 1477 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1478 hci_dev_unlock(hdev);
1479 cancel_delayed_work_sync(&hdev->service_cache);
1480 hci_dev_lock(hdev);
14c0b608 1481 update_eir(hdev);
7d78525d 1482 }
14c0b608 1483
1aff6f09 1484 err = update_class(hdev);
90e70454
JH		 1485 if (err < 0)
1486 goto unlock;
1aff6f09 1487
90e70454 1488 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1489 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1490 hdev->dev_class, 3);
90e70454
JH		 1491 goto unlock;
1492 }
1493
1494 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1495 if (!cmd)
90e70454 1496 err = -ENOMEM;
1aff6f09 1497
b5235a65 1498unlock:
09fd0de5 1499 hci_dev_unlock(hdev);
1aff6f09
JH		 1500 return err;
1501}
1502
bdb6d971 1503static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1504 u16 len)
55ed8ca1 1505{
650f726d 1506 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1507 u16 key_count, expected_len;
a492cd52 1508 int i;
55ed8ca1 1509
1f350c87 1510 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1511
86742e1e
JH		 1512 expected_len = sizeof(*cp) + key_count *
1513 sizeof(struct mgmt_link_key_info);
a492cd52 1514 if (expected_len != len) {
86742e1e 1515 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1516 len, expected_len);
bdb6d971 1517 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1518 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1519 }
1520
bdb6d971 1521 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1522 key_count);
55ed8ca1 1523
09fd0de5 1524 hci_dev_lock(hdev);
55ed8ca1
JH		 1525
1526 hci_link_keys_clear(hdev);
1527
a8b2d5c2 1528 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1529
1530 if (cp->debug_keys)
a8b2d5c2 1531 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1532 else
a8b2d5c2 1533 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1534
a492cd52 1535 for (i = 0; i < key_count; i++) {
86742e1e 1536 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1537
d753fdc4 1538 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1539 key->type, key->pin_len);
55ed8ca1
JH		 1540 }
1541
bdb6d971 1542 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1543
09fd0de5 1544 hci_dev_unlock(hdev);
55ed8ca1 1545
a492cd52 1546 return 0;
55ed8ca1
JH		 1547}
1548
b1078ad0 1549static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1550 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1551{
1552 struct mgmt_ev_device_unpaired ev;
1553
1554 bacpy(&ev.addr.bdaddr, bdaddr);
1555 ev.addr.type = addr_type;
1556
1557 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1558 skip_sk);
b1078ad0
JH		 1559}
1560
bdb6d971 1561static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1562 u16 len)
55ed8ca1 1563{
124f6e35
JH		 1564 struct mgmt_cp_unpair_device *cp = data;
1565 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1566 struct hci_cp_disconnect dc;
1567 struct pending_cmd *cmd;
55ed8ca1 1568 struct hci_conn *conn;
55ed8ca1
JH		 1569 int err;
1570
09fd0de5 1571 hci_dev_lock(hdev);
55ed8ca1 1572
a8a1d19e 1573 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1574 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1575 rp.addr.type = cp->addr.type;
a8a1d19e 1576
86a8cfc6 1577 if (!hdev_is_powered(hdev)) {
bdb6d971 1578 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1579 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1580 goto unlock;
1581 }
1582
591f47f3 1583 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1584 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1585 else
1586 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1587
55ed8ca1 1588 if (err < 0) {
bdb6d971 1589 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1590 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1591 goto unlock;
1592 }
1593
86a8cfc6 1594 if (cp->disconnect) {
591f47f3 1595 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1596 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1597 &cp->addr.bdaddr);
86a8cfc6
JH		 1598 else
1599 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1600 &cp->addr.bdaddr);
86a8cfc6
JH		 1601 } else {
1602 conn = NULL;
1603 }
124f6e35 1604
a8a1d19e 1605 if (!conn) {
bdb6d971 1606 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1607 &rp, sizeof(rp));
b1078ad0 1608 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1609 goto unlock;
1610 }
55ed8ca1 1611
124f6e35 1612 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1613 sizeof(*cp));
a8a1d19e
JH		 1614 if (!cmd) {
1615 err = -ENOMEM;
1616 goto unlock;
55ed8ca1
JH		 1617 }
1618
eb55ef07 1619 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1620 dc.reason = 0x13; /* Remote User Terminated Connection */
1621 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1622 if (err < 0)
1623 mgmt_pending_remove(cmd);
1624
55ed8ca1 1625unlock:
09fd0de5 1626 hci_dev_unlock(hdev);
55ed8ca1
JH		 1627 return err;
1628}
1629
bdb6d971 1630static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1631 u16 len)
8962ee74 1632{
650f726d 1633 struct mgmt_cp_disconnect *cp = data;
8962ee74 1634 struct hci_cp_disconnect dc;
366a0336 1635 struct pending_cmd *cmd;
8962ee74 1636 struct hci_conn *conn;
8962ee74
JH		 1637 int err;
1638
1639 BT_DBG("");
1640
09fd0de5 1641 hci_dev_lock(hdev);
8962ee74
JH		 1642
1643 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1644 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1645 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1646 goto failed;
1647 }
1648
2e58ef3e 1649 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1650 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1651 MGMT_STATUS_BUSY);
8962ee74
JH		 1652 goto failed;
1653 }
1654
591f47f3 1655 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1656 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1657 &cp->addr.bdaddr);
88c3df13
JH		 1658 else
1659 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1660
f960727e 1661 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
bdb6d971 1662 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1663 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1664 goto failed;
1665 }
1666
2e58ef3e 1667 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1668 if (!cmd) {
1669 err = -ENOMEM;
8962ee74 1670 goto failed;
366a0336 1671 }
8962ee74 1672
eb55ef07 1673 dc.handle = cpu_to_le16(conn->handle);
3701f944 1674 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1675
1676 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1677 if (err < 0)
a664b5bc 1678 mgmt_pending_remove(cmd);
8962ee74
JH		 1679
1680failed:
09fd0de5 1681 hci_dev_unlock(hdev);
8962ee74
JH		 1682 return err;
1683}
1684
57c1477c 1685static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1686{
1687 switch (link_type) {
1688 case LE_LINK:
48264f06
JH		 1689 switch (addr_type) {
1690 case ADDR_LE_DEV_PUBLIC:
591f47f3 1691 return BDADDR_LE_PUBLIC;
0ed09148 1692
48264f06 1693 default:
0ed09148 1694 /* Fallback to LE Random address type */
591f47f3 1695 return BDADDR_LE_RANDOM;
48264f06 1696 }
0ed09148 1697
4c659c39 1698 default:
0ed09148 1699 /* Fallback to BR/EDR type */
591f47f3 1700 return BDADDR_BREDR;
4c659c39
JH		 1701 }
1702}
1703
04124681
GP		 1704static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1705 u16 data_len)
2784eb41 1706{
2784eb41 1707 struct mgmt_rp_get_connections *rp;
8035ded4 1708 struct hci_conn *c;
a38528f1 1709 size_t rp_len;
60fc5fb6
JH		 1710 int err;
1711 u16 i;
2784eb41
JH		 1712
1713 BT_DBG("");
1714
09fd0de5 1715 hci_dev_lock(hdev);
2784eb41 1716
5f97c1df 1717 if (!hdev_is_powered(hdev)) {
bdb6d971 1718 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1719 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1720 goto unlock;
1721 }
1722
60fc5fb6 1723 i = 0;
b644ba33
JH		 1724 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1725 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1726 i++;
2784eb41
JH		 1727 }
1728
60fc5fb6 1729 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1730 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1731 if (!rp) {
2784eb41
JH		 1732 err = -ENOMEM;
1733 goto unlock;
1734 }
1735
2784eb41 1736 i = 0;
4c659c39 1737 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1738 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1739 continue;
4c659c39 1740 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1741 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1742 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1743 continue;
1744 i++;
1745 }
1746
eb55ef07 1747 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1748
4c659c39
JH		 1749 /* Recalculate length in case of filtered SCO connections, etc */
1750 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1751
bdb6d971 1752 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1753 rp_len);
2784eb41 1754
a38528f1 1755 kfree(rp);
5f97c1df
JH		 1756
1757unlock:
09fd0de5 1758 hci_dev_unlock(hdev);
2784eb41
JH		 1759 return err;
1760}
1761
bdb6d971 1762static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1763 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1764{
1765 struct pending_cmd *cmd;
1766 int err;
1767
2e58ef3e 1768 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1769 sizeof(*cp));
96d97a67
WR		 1770 if (!cmd)
1771 return -ENOMEM;
1772
d8457698 1773 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1774 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1775 if (err < 0)
1776 mgmt_pending_remove(cmd);
1777
1778 return err;
1779}
1780
bdb6d971 1781static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1782 u16 len)
980e1a53 1783{
96d97a67 1784 struct hci_conn *conn;
650f726d 1785 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1786 struct hci_cp_pin_code_reply reply;
366a0336 1787 struct pending_cmd *cmd;
980e1a53
JH		 1788 int err;
1789
1790 BT_DBG("");
1791
09fd0de5 1792 hci_dev_lock(hdev);
980e1a53 1793
4b34ee78 1794 if (!hdev_is_powered(hdev)) {
bdb6d971 1795 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1796 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1797 goto failed;
1798 }
1799
d8457698 1800 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1801 if (!conn) {
bdb6d971 1802 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1803 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1804 goto failed;
1805 }
1806
1807 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1808 struct mgmt_cp_pin_code_neg_reply ncp;
1809
1810 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1811
1812 BT_ERR("PIN code is not 16 bytes long");
1813
bdb6d971 1814 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1815 if (err >= 0)
bdb6d971 1816 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1817 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1818
1819 goto failed;
1820 }
1821
00abfe44 1822 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1823 if (!cmd) {
1824 err = -ENOMEM;
980e1a53 1825 goto failed;
366a0336 1826 }
980e1a53 1827
d8457698 1828 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1829 reply.pin_len = cp->pin_len;
24718ca5 1830 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1831
1832 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1833 if (err < 0)
a664b5bc 1834 mgmt_pending_remove(cmd);
980e1a53
JH		 1835
1836failed:
09fd0de5 1837 hci_dev_unlock(hdev);
980e1a53
JH		 1838 return err;
1839}
1840
04124681
GP		 1841static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1842 u16 len)
17fa4b9d 1843{
650f726d 1844 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1845
1846 BT_DBG("");
1847
09fd0de5 1848 hci_dev_lock(hdev);
17fa4b9d
JH		 1849
1850 hdev->io_capability = cp->io_capability;
1851
1852 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1853 hdev->io_capability);
17fa4b9d 1854
09fd0de5 1855 hci_dev_unlock(hdev);
17fa4b9d 1856
04124681
GP		 1857 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1858 0);
17fa4b9d
JH		 1859}
1860
6039aa73 1861static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1862{
1863 struct hci_dev *hdev = conn->hdev;
8035ded4 1864 struct pending_cmd *cmd;
e9a416b5 1865
2e58ef3e 1866 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1867 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1868 continue;
1869
e9a416b5
JH		 1870 if (cmd->user_data != conn)
1871 continue;
1872
1873 return cmd;
1874 }
1875
1876 return NULL;
1877}
1878
1879static void pairing_complete(struct pending_cmd *cmd, u8 status)
1880{
1881 struct mgmt_rp_pair_device rp;
1882 struct hci_conn *conn = cmd->user_data;
1883
ba4e564f 1884 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1885 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1886
aee9b218 1887 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1888 &rp, sizeof(rp));
e9a416b5
JH		 1889
1890 /* So we don't get further callbacks for this connection */
1891 conn->connect_cfm_cb = NULL;
1892 conn->security_cfm_cb = NULL;
1893 conn->disconn_cfm_cb = NULL;
1894
1895 hci_conn_put(conn);
1896
a664b5bc 1897 mgmt_pending_remove(cmd);
e9a416b5
JH		 1898}
1899
1900static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1901{
1902 struct pending_cmd *cmd;
1903
1904 BT_DBG("status %u", status);
1905
1906 cmd = find_pairing(conn);
56e5cb86 1907 if (!cmd)
e9a416b5 1908 BT_DBG("Unable to find a pending command");
56e5cb86 1909 else
e211326c 1910 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1911}
1912
4c47d739
VA		 1913static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1914{
1915 struct pending_cmd *cmd;
1916
1917 BT_DBG("status %u", status);
1918
1919 if (!status)
1920 return;
1921
1922 cmd = find_pairing(conn);
1923 if (!cmd)
1924 BT_DBG("Unable to find a pending command");
1925 else
1926 pairing_complete(cmd, mgmt_status(status));
1927}
1928
bdb6d971 1929static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1930 u16 len)
e9a416b5 1931{
650f726d 1932 struct mgmt_cp_pair_device *cp = data;
1425acb7 1933 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1934 struct pending_cmd *cmd;
1935 u8 sec_level, auth_type;
1936 struct hci_conn *conn;
e9a416b5
JH		 1937 int err;
1938
1939 BT_DBG("");
1940
09fd0de5 1941 hci_dev_lock(hdev);
e9a416b5 1942
5f97c1df 1943 if (!hdev_is_powered(hdev)) {
bdb6d971 1944 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1945 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1946 goto unlock;
1947 }
1948
c908df36
VCG		 1949 sec_level = BT_SECURITY_MEDIUM;
1950 if (cp->io_cap == 0x03)
e9a416b5 1951 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1952 else
e9a416b5 1953 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1954
591f47f3 1955 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1956 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1957 cp->addr.type, sec_level, auth_type);
7a512d01 1958 else
b12f62cf
AG		 1959 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1960 cp->addr.type, sec_level, auth_type);
7a512d01 1961
1425acb7
JH		 1962 memset(&rp, 0, sizeof(rp));
1963 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1964 rp.addr.type = cp->addr.type;
1965
30e76272 1966 if (IS_ERR(conn)) {
489dc48e
AK		 1967 int status;
1968
1969 if (PTR_ERR(conn) == -EBUSY)
1970 status = MGMT_STATUS_BUSY;
1971 else
1972 status = MGMT_STATUS_CONNECT_FAILED;
1973
bdb6d971 1974 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 1975 status, &rp,
04124681 1976 sizeof(rp));
e9a416b5
JH		 1977 goto unlock;
1978 }
1979
1980 if (conn->connect_cfm_cb) {
1981 hci_conn_put(conn);
bdb6d971 1982 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1983 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1984 goto unlock;
1985 }
1986
2e58ef3e 1987 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1988 if (!cmd) {
1989 err = -ENOMEM;
1990 hci_conn_put(conn);
1991 goto unlock;
1992 }
1993
7a512d01 1994 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 1995 if (cp->addr.type == BDADDR_BREDR)
7a512d01 1996 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 1997 else
1998 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 1999
e9a416b5
JH		 2000 conn->security_cfm_cb = pairing_complete_cb;
2001 conn->disconn_cfm_cb = pairing_complete_cb;
2002 conn->io_capability = cp->io_cap;
2003 cmd->user_data = conn;
2004
2005 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2006 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2007 pairing_complete(cmd, 0);
2008
2009 err = 0;
2010
2011unlock:
09fd0de5 2012 hci_dev_unlock(hdev);
e9a416b5
JH		 2013 return err;
2014}
2015
04124681
GP		 2016static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2017 u16 len)
28424707 2018{
0f4e68cf 2019 struct mgmt_addr_info *addr = data;
28424707
JH		 2020 struct pending_cmd *cmd;
2021 struct hci_conn *conn;
2022 int err;
2023
2024 BT_DBG("");
2025
28424707
JH		 2026 hci_dev_lock(hdev);
2027
5f97c1df 2028 if (!hdev_is_powered(hdev)) {
bdb6d971 2029 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2030 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2031 goto unlock;
2032 }
2033
28424707
JH		 2034 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2035 if (!cmd) {
bdb6d971 2036 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2037 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2038 goto unlock;
2039 }
2040
2041 conn = cmd->user_data;
2042
2043 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2044 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2045 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2046 goto unlock;
2047 }
2048
2049 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2050
bdb6d971 2051 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2052 addr, sizeof(*addr));
28424707
JH		 2053unlock:
2054 hci_dev_unlock(hdev);
28424707
JH		 2055 return err;
2056}
2057
bdb6d971 2058static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2059 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2060 u16 hci_op, __le32 passkey)
a5c29683 2061{
a5c29683 2062 struct pending_cmd *cmd;
0df4c185 2063 struct hci_conn *conn;
a5c29683
JH		 2064 int err;
2065
09fd0de5 2066 hci_dev_lock(hdev);
08ba5382 2067
4b34ee78 2068 if (!hdev_is_powered(hdev)) {
bdb6d971 2069 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2070 MGMT_STATUS_NOT_POWERED);
0df4c185 2071 goto done;
a5c29683
JH		 2072 }
2073
591f47f3 2074 if (type == BDADDR_BREDR)
272d90df
JH		 2075 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2076 else
47c15e2b 2077 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2078
2079 if (!conn) {
bdb6d971 2080 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2081 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2082 goto done;
2083 }
47c15e2b 2084
591f47f3 2085 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2086 /* Continue with pairing via SMP */
5fe57d9e
BG		 2087 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2088
2089 if (!err)
bdb6d971 2090 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2091 MGMT_STATUS_SUCCESS);
5fe57d9e 2092 else
bdb6d971 2093 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2094 MGMT_STATUS_FAILED);
47c15e2b 2095
47c15e2b
BG		 2096 goto done;
2097 }
2098
0df4c185 2099 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2100 if (!cmd) {
2101 err = -ENOMEM;
0df4c185 2102 goto done;
a5c29683
JH		 2103 }
2104
0df4c185 2105 /* Continue with pairing via HCI */
604086b7
BG		 2106 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2107 struct hci_cp_user_passkey_reply cp;
2108
2109 bacpy(&cp.bdaddr, bdaddr);
2110 cp.passkey = passkey;
2111 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2112 } else
2113 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2114
a664b5bc
JH		 2115 if (err < 0)
2116 mgmt_pending_remove(cmd);
a5c29683 2117
0df4c185 2118done:
09fd0de5 2119 hci_dev_unlock(hdev);
a5c29683
JH		 2120 return err;
2121}
2122
afeb019d
JK		 2123static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2124 void *data, u16 len)
2125{
2126 struct mgmt_cp_pin_code_neg_reply *cp = data;
2127
2128 BT_DBG("");
2129
2130 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2131 MGMT_OP_PIN_CODE_NEG_REPLY,
2132 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2133}
2134
04124681
GP		 2135static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2136 u16 len)
0df4c185 2137{
650f726d 2138 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2139
2140 BT_DBG("");
2141
2142 if (len != sizeof(*cp))
bdb6d971 2143 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2144 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2145
bdb6d971 2146 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2147 MGMT_OP_USER_CONFIRM_REPLY,
2148 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2149}
2150
bdb6d971 2151static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2152 void *data, u16 len)
0df4c185 2153{
c9c2659f 2154 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2155
2156 BT_DBG("");
2157
bdb6d971 2158 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2159 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2160 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2161}
2162
04124681
GP		 2163static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2164 u16 len)
604086b7 2165{
650f726d 2166 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2167
2168 BT_DBG("");
2169
bdb6d971 2170 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2171 MGMT_OP_USER_PASSKEY_REPLY,
2172 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2173}
2174
bdb6d971 2175static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2176 void *data, u16 len)
604086b7 2177{
650f726d 2178 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2179
2180 BT_DBG("");
2181
bdb6d971 2182 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2183 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2184 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2185}
2186
2b4bf397
JH		 2187static int update_name(struct hci_dev *hdev, const char *name)
2188{
2189 struct hci_cp_write_local_name cp;
2190
2191 memcpy(cp.name, name, sizeof(cp.name));
2192
2193 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2194}
2195
bdb6d971 2196static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2197 u16 len)
b312b161 2198{
2b4bf397 2199 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2200 struct pending_cmd *cmd;
2201 int err;
2202
2203 BT_DBG("");
2204
09fd0de5 2205 hci_dev_lock(hdev);
b312b161 2206
2b4bf397 2207 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2208
b5235a65 2209 if (!hdev_is_powered(hdev)) {
2b4bf397 2210 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2211
2212 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2213 data, len);
28cc7bde
JH		 2214 if (err < 0)
2215 goto failed;
2216
2217 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2218 sk);
28cc7bde 2219
b5235a65
JH		 2220 goto failed;
2221 }
2222
28cc7bde 2223 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2224 if (!cmd) {
2225 err = -ENOMEM;
2226 goto failed;
2227 }
2228
2b4bf397 2229 err = update_name(hdev, cp->name);
b312b161
JH		 2230 if (err < 0)
2231 mgmt_pending_remove(cmd);
2232
2233failed:
09fd0de5 2234 hci_dev_unlock(hdev);
b312b161
JH		 2235 return err;
2236}
2237
0f4e68cf 2238static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2239 void *data, u16 data_len)
c35938b2 2240{
c35938b2
SJ		 2241 struct pending_cmd *cmd;
2242 int err;
2243
bdb6d971 2244 BT_DBG("%s", hdev->name);
c35938b2 2245
09fd0de5 2246 hci_dev_lock(hdev);
c35938b2 2247
4b34ee78 2248 if (!hdev_is_powered(hdev)) {
bdb6d971 2249 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2250 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2251 goto unlock;
2252 }
2253
9a1a1996 2254 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2255 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2256 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2257 goto unlock;
2258 }
2259
2e58ef3e 2260 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2261 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2262 MGMT_STATUS_BUSY);
c35938b2
SJ		 2263 goto unlock;
2264 }
2265
2e58ef3e 2266 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2267 if (!cmd) {
2268 err = -ENOMEM;
2269 goto unlock;
2270 }
2271
2272 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2273 if (err < 0)
2274 mgmt_pending_remove(cmd);
2275
2276unlock:
09fd0de5 2277 hci_dev_unlock(hdev);
c35938b2
SJ		 2278 return err;
2279}
2280
bdb6d971 2281static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2282 void *data, u16 len)
2763eda6 2283{
650f726d 2284 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2285 u8 status;
2763eda6
SJ		 2286 int err;
2287
bdb6d971 2288 BT_DBG("%s ", hdev->name);
2763eda6 2289
09fd0de5 2290 hci_dev_lock(hdev);
2763eda6 2291
664ce4cc 2292 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2293 cp->randomizer);
2763eda6 2294 if (err < 0)
bf1e3541 2295 status = MGMT_STATUS_FAILED;
2763eda6 2296 else
a6785be2 2297 status = MGMT_STATUS_SUCCESS;
bf1e3541 2298
bdb6d971 2299 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2300 &cp->addr, sizeof(cp->addr));
2763eda6 2301
09fd0de5 2302 hci_dev_unlock(hdev);
2763eda6
SJ		 2303 return err;
2304}
2305
bdb6d971 2306static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2307 void *data, u16 len)
2763eda6 2308{
650f726d 2309 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2310 u8 status;
2763eda6
SJ		 2311 int err;
2312
bdb6d971 2313 BT_DBG("%s", hdev->name);
2763eda6 2314
09fd0de5 2315 hci_dev_lock(hdev);
2763eda6 2316
664ce4cc 2317 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2318 if (err < 0)
bf1e3541 2319 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2320 else
a6785be2 2321 status = MGMT_STATUS_SUCCESS;
bf1e3541 2322
bdb6d971 2323 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2324 status, &cp->addr, sizeof(cp->addr));
2763eda6 2325
09fd0de5 2326 hci_dev_unlock(hdev);
2763eda6
SJ		 2327 return err;
2328}
2329
5e0452c0
AG		 2330int mgmt_interleaved_discovery(struct hci_dev *hdev)
2331{
2332 int err;
2333
2334 BT_DBG("%s", hdev->name);
2335
2336 hci_dev_lock(hdev);
2337
2338 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2339 if (err < 0)
2340 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2341
2342 hci_dev_unlock(hdev);
2343
2344 return err;
2345}
2346
bdb6d971 2347static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2348 void *data, u16 len)
14a53664 2349{
650f726d 2350 struct mgmt_cp_start_discovery *cp = data;
14a53664 2351 struct pending_cmd *cmd;
14a53664
JH		 2352 int err;
2353
bdb6d971 2354 BT_DBG("%s", hdev->name);
14a53664 2355
09fd0de5 2356 hci_dev_lock(hdev);
14a53664 2357
4b34ee78 2358 if (!hdev_is_powered(hdev)) {
bdb6d971 2359 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2360 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2361 goto failed;
2362 }
2363
642be6c7
AG		 2364 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2365 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2366 MGMT_STATUS_BUSY);
2367 goto failed;
2368 }
2369
ff9ef578 2370 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2371 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2372 MGMT_STATUS_BUSY);
ff9ef578
JH		 2373 goto failed;
2374 }
2375
2e58ef3e 2376 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2377 if (!cmd) {
2378 err = -ENOMEM;
2379 goto failed;
2380 }
2381
4aab14e5
AG		 2382 hdev->discovery.type = cp->type;
2383
2384 switch (hdev->discovery.type) {
f39799f5 2385 case DISCOV_TYPE_BREDR:
04106755
JH		 2386 if (!lmp_bredr_capable(hdev)) {
2387 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2388 MGMT_STATUS_NOT_SUPPORTED);
2389 mgmt_pending_remove(cmd);
2390 goto failed;
2391 }
2392
2393 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2394 break;
2395
2396 case DISCOV_TYPE_LE:
04106755
JH		 2397 if (!lmp_host_le_capable(hdev)) {
2398 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2399 MGMT_STATUS_NOT_SUPPORTED);
2400 mgmt_pending_remove(cmd);
2401 goto failed;
2402 }
2403
2404 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2405 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2406 break;
2407
5e0452c0 2408 case DISCOV_TYPE_INTERLEAVED:
04106755
JH		 2409 if (!lmp_host_le_capable(hdev) || !lmp_bredr_capable(hdev)) {
2410 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2411 MGMT_STATUS_NOT_SUPPORTED);
2412 mgmt_pending_remove(cmd);
2413 goto failed;
2414 }
2415
2416 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, LE_SCAN_WIN,
2417 LE_SCAN_TIMEOUT_BREDR_LE);
5e0452c0
AG		 2418 break;
2419
f39799f5 2420 default:
04106755
JH		 2421 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2422 MGMT_STATUS_INVALID_PARAMS);
2423 mgmt_pending_remove(cmd);
2424 goto failed;
f39799f5 2425 }
3fd24153 2426
14a53664
JH		 2427 if (err < 0)
2428 mgmt_pending_remove(cmd);
ff9ef578
JH		 2429 else
2430 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2431
2432failed:
09fd0de5 2433 hci_dev_unlock(hdev);
14a53664
JH		 2434 return err;
2435}
2436
bdb6d971 2437static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2438 u16 len)
14a53664 2439{
d930650b 2440 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2441 struct pending_cmd *cmd;
30dc78e1
JH		 2442 struct hci_cp_remote_name_req_cancel cp;
2443 struct inquiry_entry *e;
14a53664
JH		 2444 int err;
2445
bdb6d971 2446 BT_DBG("%s", hdev->name);
14a53664 2447
09fd0de5 2448 hci_dev_lock(hdev);
14a53664 2449
30dc78e1 2450 if (!hci_discovery_active(hdev)) {
bdb6d971 2451 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2452 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2453 sizeof(mgmt_cp->type));
d930650b
JH		 2454 goto unlock;
2455 }
2456
2457 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2458 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2459 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2460 sizeof(mgmt_cp->type));
30dc78e1 2461 goto unlock;
ff9ef578
JH		 2462 }
2463
2e58ef3e 2464 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2465 if (!cmd) {
2466 err = -ENOMEM;
30dc78e1
JH		 2467 goto unlock;
2468 }
2469
e0d9727e
AG		 2470 switch (hdev->discovery.state) {
2471 case DISCOVERY_FINDING:
c9ecc48e
AG		 2472 if (test_bit(HCI_INQUIRY, &hdev->flags))
2473 err = hci_cancel_inquiry(hdev);
2474 else
2475 err = hci_cancel_le_scan(hdev);
2476
e0d9727e
AG		 2477 break;
2478
2479 case DISCOVERY_RESOLVING:
2480 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2481 NAME_PENDING);
e0d9727e 2482 if (!e) {
30dc78e1 2483 mgmt_pending_remove(cmd);
e0d9727e
AG		 2484 err = cmd_complete(sk, hdev->id,
2485 MGMT_OP_STOP_DISCOVERY, 0,
2486 &mgmt_cp->type,
2487 sizeof(mgmt_cp->type));
2488 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2489 goto unlock;
2490 }
30dc78e1 2491
e0d9727e
AG		 2492 bacpy(&cp.bdaddr, &e->data.bdaddr);
2493 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2494 sizeof(cp), &cp);
2495
2496 break;
2497
2498 default:
2499 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2500 err = -EFAULT;
14a53664
JH		 2501 }
2502
14a53664
JH		 2503 if (err < 0)
2504 mgmt_pending_remove(cmd);
ff9ef578
JH		 2505 else
2506 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2507
30dc78e1 2508unlock:
09fd0de5 2509 hci_dev_unlock(hdev);
14a53664
JH		 2510 return err;
2511}
2512
bdb6d971 2513static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2514 u16 len)
561aafbc 2515{
650f726d 2516 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2517 struct inquiry_entry *e;
561aafbc
JH		 2518 int err;
2519
bdb6d971 2520 BT_DBG("%s", hdev->name);
561aafbc 2521
561aafbc
JH		 2522 hci_dev_lock(hdev);
2523
30dc78e1 2524 if (!hci_discovery_active(hdev)) {
bdb6d971 2525 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2526 MGMT_STATUS_FAILED);
30dc78e1
JH		 2527 goto failed;
2528 }
2529
a198e7b1 2530 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2531 if (!e) {
bdb6d971 2532 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2533 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2534 goto failed;
2535 }
2536
2537 if (cp->name_known) {
2538 e->name_state = NAME_KNOWN;
2539 list_del(&e->list);
2540 } else {
2541 e->name_state = NAME_NEEDED;
a3d4e20a 2542 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2543 }
2544
e384662b
JH		 2545 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
2546 sizeof(cp->addr));
561aafbc
JH		 2547
2548failed:
2549 hci_dev_unlock(hdev);
561aafbc
JH		 2550 return err;
2551}
2552
bdb6d971 2553static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2554 u16 len)
7fbec224 2555{
650f726d 2556 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2557 u8 status;
7fbec224
AJ		 2558 int err;
2559
bdb6d971 2560 BT_DBG("%s", hdev->name);
7fbec224 2561
09fd0de5 2562 hci_dev_lock(hdev);
5e762444 2563
88c1fe4b 2564 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2565 if (err < 0)
f0eeea8b 2566 status = MGMT_STATUS_FAILED;
7fbec224 2567 else
a6785be2 2568 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2569
bdb6d971 2570 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2571 &cp->addr, sizeof(cp->addr));
5e762444 2572
09fd0de5 2573 hci_dev_unlock(hdev);
7fbec224
AJ		 2574
2575 return err;
2576}
2577
bdb6d971 2578static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2579 u16 len)
7fbec224 2580{
650f726d 2581 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2582 u8 status;
7fbec224
AJ		 2583 int err;
2584
bdb6d971 2585 BT_DBG("%s", hdev->name);
7fbec224 2586
09fd0de5 2587 hci_dev_lock(hdev);
5e762444 2588
88c1fe4b 2589 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2590 if (err < 0)
f0eeea8b 2591 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2592 else
a6785be2 2593 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2594
bdb6d971 2595 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2596 &cp->addr, sizeof(cp->addr));
5e762444 2597
09fd0de5 2598 hci_dev_unlock(hdev);
7fbec224
AJ		 2599
2600 return err;
2601}
2602
cdbaccca
MH		 2603static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2604 u16 len)
2605{
2606 struct mgmt_cp_set_device_id *cp = data;
2607 int err;
c72d4b8a 2608 __u16 source;
cdbaccca
MH		 2609
2610 BT_DBG("%s", hdev->name);
2611
c72d4b8a
SJ		 2612 source = __le16_to_cpu(cp->source);
2613
2614 if (source > 0x0002)
2615 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2616 MGMT_STATUS_INVALID_PARAMS);
2617
cdbaccca
MH		 2618 hci_dev_lock(hdev);
2619
c72d4b8a 2620 hdev->devid_source = source;
cdbaccca
MH		 2621 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2622 hdev->devid_product = __le16_to_cpu(cp->product);
2623 hdev->devid_version = __le16_to_cpu(cp->version);
2624
2625 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2626
2627 update_eir(hdev);
2628
2629 hci_dev_unlock(hdev);
2630
2631 return err;
2632}
2633
bdb6d971 2634static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2635 void *data, u16 len)
f6422ec6 2636{
650f726d 2637 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2638 struct hci_cp_write_page_scan_activity acp;
2639 u8 type;
2640 int err;
2641
bdb6d971 2642 BT_DBG("%s", hdev->name);
f6422ec6 2643
33c525c0
JH		 2644 if (!lmp_bredr_capable(hdev))
2645 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2646 MGMT_STATUS_NOT_SUPPORTED);
2647
a7e80f25
JH		 2648 if (cp->val != 0x00 && cp->val != 0x01)
2649 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2650 MGMT_STATUS_INVALID_PARAMS);
2651
5400c044 2652 if (!hdev_is_powered(hdev))
bdb6d971 2653 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2654 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2655
2656 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2657 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2658 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2659
2660 hci_dev_lock(hdev);
2661
f7c6869c 2662 if (cp->val) {
f6422ec6 2663 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8 2664
83ce9a06
JH		 2665 /* 160 msec page scan interval */
2666 acp.interval = __constant_cpu_to_le16(0x0100);
f6422ec6
AJ		 2667 } else {
2668 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2669
2670 /* default 1.28 sec page scan */
2671 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2672 }
2673
76ec9de8
AE		 2674 /* default 11.25 msec page scan window */
2675 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2676
04124681
GP		 2677 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2678 &acp);
f6422ec6 2679 if (err < 0) {
bdb6d971 2680 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2681 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2682 goto done;
2683 }
2684
2685 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2686 if (err < 0) {
bdb6d971 2687 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2688 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2689 goto done;
2690 }
2691
bdb6d971 2692 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2693 NULL, 0);
f6422ec6
AJ		 2694done:
2695 hci_dev_unlock(hdev);
f6422ec6
AJ		 2696 return err;
2697}
2698
bdb6d971 2699static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2700 void *cp_data, u16 len)
346af67b 2701{
346af67b
VCG		 2702 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2703 u16 key_count, expected_len;
715a5bf2 2704 int i, err;
346af67b 2705
1f350c87 2706 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2707
2708 expected_len = sizeof(*cp) + key_count *
2709 sizeof(struct mgmt_ltk_info);
2710 if (expected_len != len) {
2711 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2712 len, expected_len);
bdb6d971 2713 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2714 EINVAL);
346af67b
VCG		 2715 }
2716
bdb6d971 2717 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2718
2719 hci_dev_lock(hdev);
2720
2721 hci_smp_ltks_clear(hdev);
2722
2723 for (i = 0; i < key_count; i++) {
2724 struct mgmt_ltk_info *key = &cp->keys[i];
2725 u8 type;
2726
2727 if (key->master)
2728 type = HCI_SMP_LTK;
2729 else
2730 type = HCI_SMP_LTK_SLAVE;
2731
4596fde5 2732 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2733 bdaddr_to_le(key->addr.type),
04124681
GP		 2734 type, 0, key->authenticated, key->val,
2735 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2736 }
2737
715a5bf2
JH		 2738 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
2739 NULL, 0);
2740
346af67b 2741 hci_dev_unlock(hdev);
346af67b 2742
715a5bf2 2743 return err;
346af67b
VCG		 2744}
2745
2e3c35ea 2746static const struct mgmt_handler {
04124681
GP		 2747 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2748 u16 data_len);
be22b54e
JH		 2749 bool var_len;
2750 size_t data_len;
0f4e68cf
JH		 2751} mgmt_handlers[] = {
2752 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2753 { read_version, false, MGMT_READ_VERSION_SIZE },
2754 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2755 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2756 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2757 { set_powered, false, MGMT_SETTING_SIZE },
2758 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2759 { set_connectable, false, MGMT_SETTING_SIZE },
2760 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2761 { set_pairable, false, MGMT_SETTING_SIZE },
2762 { set_link_security, false, MGMT_SETTING_SIZE },
2763 { set_ssp, false, MGMT_SETTING_SIZE },
2764 { set_hs, false, MGMT_SETTING_SIZE },
2765 { set_le, false, MGMT_SETTING_SIZE },
2766 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2767 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2768 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2769 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2770 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2771 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2772 { disconnect, false, MGMT_DISCONNECT_SIZE },
2773 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2774 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2775 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2776 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2777 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2778 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2779 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2780 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2781 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2782 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2783 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2784 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2785 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2786 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2787 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2788 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2789 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2790 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2791 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2792 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2793};
2794
2795
0381101f
JH		 2796int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2797{
650f726d
VCG		 2798 void *buf;
2799 u8 *cp;
0381101f 2800 struct mgmt_hdr *hdr;
4e51eae9 2801 u16 opcode, index, len;
bdb6d971 2802 struct hci_dev *hdev = NULL;
2e3c35ea 2803 const struct mgmt_handler *handler;
0381101f
JH		 2804 int err;
2805
2806 BT_DBG("got %zu bytes", msglen);
2807
2808 if (msglen < sizeof(*hdr))
2809 return -EINVAL;
2810
e63a15ec 2811 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2812 if (!buf)
2813 return -ENOMEM;
2814
2815 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2816 err = -EFAULT;
2817 goto done;
2818 }
2819
650f726d 2820 hdr = buf;
1f350c87
MH		 2821 opcode = __le16_to_cpu(hdr->opcode);
2822 index = __le16_to_cpu(hdr->index);
2823 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2824
2825 if (len != msglen - sizeof(*hdr)) {
2826 err = -EINVAL;
2827 goto done;
2828 }
2829
0f4e68cf 2830 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2831 hdev = hci_dev_get(index);
2832 if (!hdev) {
2833 err = cmd_status(sk, index, opcode,
04124681 2834 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2835 goto done;
2836 }
2837 }
2838
0f4e68cf 2839 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2840 mgmt_handlers[opcode].func == NULL) {
0381101f 2841 BT_DBG("Unknown op %u", opcode);
ca69b795 2842 err = cmd_status(sk, index, opcode,
04124681 2843 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2844 goto done;
2845 }
2846
2847 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2848 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2849 err = cmd_status(sk, index, opcode,
04124681 2850 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2851 goto done;
0381101f
JH		 2852 }
2853
be22b54e
JH		 2854 handler = &mgmt_handlers[opcode];
2855
2856 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2857 (!handler->var_len && len != handler->data_len)) {
be22b54e 2858 err = cmd_status(sk, index, opcode,
04124681 2859 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2860 goto done;
2861 }
2862
0f4e68cf
JH		 2863 if (hdev)
2864 mgmt_init_hdev(sk, hdev);
2865
2866 cp = buf + sizeof(*hdr);
2867
be22b54e 2868 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2869 if (err < 0)
2870 goto done;
2871
0381101f
JH		 2872 err = msglen;
2873
2874done:
bdb6d971
JH		 2875 if (hdev)
2876 hci_dev_put(hdev);
2877
0381101f
JH		 2878 kfree(buf);
2879 return err;
2880}
c71e97bf 2881
b24752fe
JH		 2882static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2883{
2884 u8 *status = data;
2885
2886 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2887 mgmt_pending_remove(cmd);
2888}
2889
744cf19e 2890int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2891{
bb4b2a9a
AE		 2892 if (!mgmt_valid_hdev(hdev))
2893 return -ENOTSUPP;
2894
744cf19e 2895 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2896}
2897
744cf19e 2898int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2899{
5f159032 2900 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2901
bb4b2a9a
AE		 2902 if (!mgmt_valid_hdev(hdev))
2903 return -ENOTSUPP;
2904
744cf19e 2905 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2906
744cf19e 2907 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2908}
2909
73f22f62 2910struct cmd_lookup {
eec8d2bc 2911 struct sock *sk;
69ab39ea 2912 struct hci_dev *hdev;
90e70454 2913 u8 mgmt_status;
eec8d2bc
JH		 2914};
2915
69ab39ea 2916static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2917{
73f22f62 2918 struct cmd_lookup *match = data;
eec8d2bc 2919
69ab39ea 2920 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2921
2922 list_del(&cmd->list);
2923
2924 if (match->sk == NULL) {
2925 match->sk = cmd->sk;
2926 sock_hold(match->sk);
2927 }
2928
2929 mgmt_pending_free(cmd);
c71e97bf 2930}
5add6af8 2931
7f0ae647
JH		 2932static int set_bredr_scan(struct hci_dev *hdev)
2933{
2934 u8 scan = 0;
2935
2936 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2937 scan |= SCAN_PAGE;
2938 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2939 scan |= SCAN_INQUIRY;
2940
2941 if (!scan)
2942 return 0;
2943
2944 return hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2945}
2946
744cf19e 2947int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2948{
76a7f3a4 2949 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2950 int err;
5add6af8 2951
5e5282bb
JH		 2952 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2953 return 0;
2954
69ab39ea 2955 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2956
5e5282bb 2957 if (powered) {
6b4b73ee
JH		 2958 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
2959 !lmp_host_ssp_capable(hdev)) {
3d1cbdd6
AK		 2960 u8 ssp = 1;
2961
2962 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
2963 }
2964
562fcc24
AK		 2965 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
2966 struct hci_cp_write_le_host_supported cp;
2967
2968 cp.le = 1;
ffa88e02 2969 cp.simul = lmp_le_br_capable(hdev);
562fcc24 2970
430a61b8
JH		 2971 /* Check first if we already have the right
2972 * host state (host features set)
2973 */
ffa88e02
GP		 2974 if (cp.le != lmp_host_le_capable(hdev) ||
2975 cp.simul != lmp_host_le_br_capable(hdev))
430a61b8
JH		 2976 hci_send_cmd(hdev,
2977 HCI_OP_WRITE_LE_HOST_SUPPORTED,
2978 sizeof(cp), &cp);
562fcc24
AK		 2979 }
2980
7f0ae647
JH		 2981 if (lmp_bredr_capable(hdev)) {
2982 set_bredr_scan(hdev);
2983 update_class(hdev);
2984 update_name(hdev, hdev->dev_name);
2985 update_eir(hdev);
2986 }
5e5282bb 2987 } else {
d4f68526 2988 u8 status = MGMT_STATUS_NOT_POWERED;
744cf19e 2989 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2990 }
2991
beadb2bd 2992 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 2993
2994 if (match.sk)
2995 sock_put(match.sk);
2996
7bb895d6 2997 return err;
5add6af8 2998}
73f22f62 2999
744cf19e 3000int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 3001{
76a7f3a4 3002 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3003 bool changed = false;
3004 int err = 0;
73f22f62 3005
5e5282bb
JH		 3006 if (discoverable) {
3007 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3008 changed = true;
3009 } else {
3010 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3011 changed = true;
3012 }
73f22f62 3013
ed9b5f2f 3014 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 3015 &match);
ed9b5f2f 3016
beadb2bd
JH		 3017 if (changed)
3018 err = new_settings(hdev, match.sk);
5e5282bb 3019
73f22f62
JH		 3020 if (match.sk)
3021 sock_put(match.sk);
3022
7bb895d6 3023 return err;
73f22f62 3024}
9fbcbb45 3025
744cf19e 3026int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 3027{
76a7f3a4 3028 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3029 bool changed = false;
3030 int err = 0;
9fbcbb45 3031
5e5282bb
JH		 3032 if (connectable) {
3033 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3034 changed = true;
3035 } else {
3036 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3037 changed = true;
3038 }
9fbcbb45 3039
ed9b5f2f 3040 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 3041 &match);
ed9b5f2f 3042
beadb2bd
JH		 3043 if (changed)
3044 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 3045
3046 if (match.sk)
3047 sock_put(match.sk);
3048
7bb895d6 3049 return err;
9fbcbb45 3050}
55ed8ca1 3051
744cf19e 3052int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3053{
ca69b795
JH		 3054 u8 mgmt_err = mgmt_status(status);
3055
2d7cee58 3056 if (scan & SCAN_PAGE)
744cf19e 3057 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 3058 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3059
3060 if (scan & SCAN_INQUIRY)
744cf19e 3061 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 3062 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3063
3064 return 0;
3065}
3066
53168e5b
CC		 3067int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3068 bool persistent)
55ed8ca1 3069{
86742e1e 3070 struct mgmt_ev_new_link_key ev;
55ed8ca1 3071
a492cd52 3072 memset(&ev, 0, sizeof(ev));
55ed8ca1 3073
a492cd52 3074 ev.store_hint = persistent;
d753fdc4 3075 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3076 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3077 ev.key.type = key->type;
9b3b4460 3078 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3079 ev.key.pin_len = key->pin_len;
55ed8ca1 3080
744cf19e 3081 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3082}
f7520543 3083
346af67b
VCG		 3084int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3085{
3086 struct mgmt_ev_new_long_term_key ev;
3087
3088 memset(&ev, 0, sizeof(ev));
3089
3090 ev.store_hint = persistent;
3091 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3092 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3093 ev.key.authenticated = key->authenticated;
3094 ev.key.enc_size = key->enc_size;
3095 ev.key.ediv = key->ediv;
3096
3097 if (key->type == HCI_SMP_LTK)
3098 ev.key.master = 1;
3099
3100 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3101 memcpy(ev.key.val, key->val, sizeof(key->val));
3102
04124681
GP		 3103 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3104 NULL);
346af67b
VCG		 3105}
3106
afc747a6 3107int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3108 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3109 u8 *dev_class)
f7520543 3110{
b644ba33
JH		 3111 char buf[512];
3112 struct mgmt_ev_device_connected *ev = (void *) buf;
3113 u16 eir_len = 0;
f7520543 3114
b644ba33 3115 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3116 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3117
c95f0ba7 3118 ev->flags = __cpu_to_le32(flags);
08c79b61 3119
b644ba33
JH		 3120 if (name_len > 0)
3121 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3122 name, name_len);
b644ba33
JH		 3123
3124 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3125 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3126 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3127
eb55ef07 3128 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3129
3130 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3131 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3132}
3133
8962ee74
JH		 3134static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3135{
c68fb7ff 3136 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3137 struct sock **sk = data;
a38528f1 3138 struct mgmt_rp_disconnect rp;
8962ee74 3139
88c3df13
JH		 3140 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3141 rp.addr.type = cp->addr.type;
8962ee74 3142
aee9b218 3143 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3144 sizeof(rp));
8962ee74
JH		 3145
3146 *sk = cmd->sk;
3147 sock_hold(*sk);
3148
a664b5bc 3149 mgmt_pending_remove(cmd);
8962ee74
JH		 3150}
3151
124f6e35 3152static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3153{
b1078ad0 3154 struct hci_dev *hdev = data;
124f6e35
JH		 3155 struct mgmt_cp_unpair_device *cp = cmd->param;
3156 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3157
3158 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3159 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3160 rp.addr.type = cp->addr.type;
a8a1d19e 3161
b1078ad0
JH		 3162 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3163
aee9b218 3164 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3165
3166 mgmt_pending_remove(cmd);
3167}
3168
afc747a6 3169int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3170 u8 link_type, u8 addr_type, u8 reason)
f7520543 3171{
f0d6a0ea 3172 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3173 struct sock *sk = NULL;
3174 int err;
3175
744cf19e 3176 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3177
f0d6a0ea
MA		 3178 bacpy(&ev.addr.bdaddr, bdaddr);
3179 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3180 ev.reason = reason;
f7520543 3181
afc747a6 3182 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3183 sk);
8962ee74
JH		 3184
3185 if (sk)
d97dcb66 3186 sock_put(sk);
8962ee74 3187
124f6e35 3188 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3189 hdev);
a8a1d19e 3190
8962ee74
JH		 3191 return err;
3192}
3193
88c3df13 3194int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3195 u8 link_type, u8 addr_type, u8 status)
8962ee74 3196{
88c3df13 3197 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3198 struct pending_cmd *cmd;
3199 int err;
3200
36a75f1b
JD		 3201 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3202 hdev);
3203
2e58ef3e 3204 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3205 if (!cmd)
3206 return -ENOENT;
3207
88c3df13 3208 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3209 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3210
88c3df13 3211 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3212 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3213
a664b5bc 3214 mgmt_pending_remove(cmd);
8962ee74
JH		 3215
3216 return err;
f7520543 3217}
17d5c04c 3218
48264f06 3219int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3220 u8 addr_type, u8 status)
17d5c04c
JH		 3221{
3222 struct mgmt_ev_connect_failed ev;
3223
4c659c39 3224 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3225 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3226 ev.status = mgmt_status(status);
17d5c04c 3227
744cf19e 3228 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3229}
980e1a53 3230
744cf19e 3231int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3232{
3233 struct mgmt_ev_pin_code_request ev;
3234
d8457698 3235 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3236 ev.addr.type = BDADDR_BREDR;
a770bb5a 3237 ev.secure = secure;
980e1a53 3238
744cf19e 3239 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3240 NULL);
980e1a53
JH		 3241}
3242
744cf19e 3243int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3244 u8 status)
980e1a53
JH		 3245{
3246 struct pending_cmd *cmd;
ac56fb13 3247 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3248 int err;
3249
2e58ef3e 3250 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3251 if (!cmd)
3252 return -ENOENT;
3253
d8457698 3254 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3255 rp.addr.type = BDADDR_BREDR;
ac56fb13 3256
aee9b218 3257 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3258 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3259
a664b5bc 3260 mgmt_pending_remove(cmd);
980e1a53
JH		 3261
3262 return err;
3263}
3264
744cf19e 3265int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3266 u8 status)
980e1a53
JH		 3267{
3268 struct pending_cmd *cmd;
ac56fb13 3269 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3270 int err;
3271
2e58ef3e 3272 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3273 if (!cmd)
3274 return -ENOENT;
3275
d8457698 3276 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3277 rp.addr.type = BDADDR_BREDR;
ac56fb13 3278
aee9b218 3279 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3280 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3281
a664b5bc 3282 mgmt_pending_remove(cmd);
980e1a53
JH		 3283
3284 return err;
3285}
a5c29683 3286
744cf19e 3287int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3288 u8 link_type, u8 addr_type, __le32 value,
3289 u8 confirm_hint)
a5c29683
JH		 3290{
3291 struct mgmt_ev_user_confirm_request ev;
3292
744cf19e 3293 BT_DBG("%s", hdev->name);
a5c29683 3294
272d90df 3295 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3296 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3297 ev.confirm_hint = confirm_hint;
78e8098e 3298 ev.value = value;
a5c29683 3299
744cf19e 3300 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3301 NULL);
a5c29683
JH		 3302}
3303
272d90df 3304int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3305 u8 link_type, u8 addr_type)
604086b7
BG		 3306{
3307 struct mgmt_ev_user_passkey_request ev;
3308
3309 BT_DBG("%s", hdev->name);
3310
272d90df 3311 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3312 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3313
3314 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3315 NULL);
604086b7
BG		 3316}
3317
0df4c185 3318static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3319 u8 link_type, u8 addr_type, u8 status,
3320 u8 opcode)
a5c29683
JH		 3321{
3322 struct pending_cmd *cmd;
3323 struct mgmt_rp_user_confirm_reply rp;
3324 int err;
3325
2e58ef3e 3326 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3327 if (!cmd)
3328 return -ENOENT;
3329
272d90df 3330 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3331 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3332 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3333 &rp, sizeof(rp));
a5c29683 3334
a664b5bc 3335 mgmt_pending_remove(cmd);
a5c29683
JH		 3336
3337 return err;
3338}
3339
744cf19e 3340int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3341 u8 link_type, u8 addr_type, u8 status)
a5c29683 3342{
272d90df 3343 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3344 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3345}
3346
272d90df 3347int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3348 u8 link_type, u8 addr_type, u8 status)
a5c29683 3349{
272d90df 3350 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3351 status,
3352 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3353}
2a611692 3354
604086b7 3355int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3356 u8 link_type, u8 addr_type, u8 status)
604086b7 3357{
272d90df 3358 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3359 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3360}
3361
272d90df 3362int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3363 u8 link_type, u8 addr_type, u8 status)
604086b7 3364{
272d90df 3365 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3366 status,
3367 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3368}
3369
92a25256
JH		 3370int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3371 u8 link_type, u8 addr_type, u32 passkey,
3372 u8 entered)
3373{
3374 struct mgmt_ev_passkey_notify ev;
3375
3376 BT_DBG("%s", hdev->name);
3377
3378 bacpy(&ev.addr.bdaddr, bdaddr);
3379 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3380 ev.passkey = __cpu_to_le32(passkey);
3381 ev.entered = entered;
3382
3383 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3384}
3385
bab73cb6 3386int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3387 u8 addr_type, u8 status)
2a611692
JH		 3388{
3389 struct mgmt_ev_auth_failed ev;
3390
bab73cb6 3391 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3392 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3393 ev.status = mgmt_status(status);
2a611692 3394
744cf19e 3395 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3396}
b312b161 3397
33ef95ed
JH		 3398int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3399{
3400 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3401 bool changed = false;
3402 int err = 0;
33ef95ed
JH		 3403
3404 if (status) {
3405 u8 mgmt_err = mgmt_status(status);
3406 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3407 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3408 return 0;
3409 }
3410
47990ea0
JH		 3411 if (test_bit(HCI_AUTH, &hdev->flags)) {
3412 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3413 changed = true;
3414 } else {
3415 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3416 changed = true;
3417 }
3418
33ef95ed 3419 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3420 &match);
33ef95ed 3421
47990ea0
JH		 3422 if (changed)
3423 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3424
3425 if (match.sk)
3426 sock_put(match.sk);
3427
3428 return err;
3429}
3430
cacaf52f
JH		 3431static int clear_eir(struct hci_dev *hdev)
3432{
3433 struct hci_cp_write_eir cp;
3434
976eb20e 3435 if (!lmp_ext_inq_capable(hdev))
cacaf52f
JH		 3436 return 0;
3437
c80da27e
JH		 3438 memset(hdev->eir, 0, sizeof(hdev->eir));
3439
cacaf52f
JH		 3440 memset(&cp, 0, sizeof(cp));
3441
3442 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3443}
3444
c0ecddc2 3445int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3446{
3447 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3448 bool changed = false;
3449 int err = 0;
ed2c4ee3
JH		 3450
3451 if (status) {
3452 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3453
3454 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3455 &hdev->dev_flags))
c0ecddc2
JH		 3456 err = new_settings(hdev, NULL);
3457
04124681
GP		 3458 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3459 &mgmt_err);
c0ecddc2
JH		 3460
3461 return err;
3462 }
3463
3464 if (enable) {
3465 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3466 changed = true;
3467 } else {
3468 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3469 changed = true;
ed2c4ee3
JH		 3470 }
3471
3472 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3473
c0ecddc2
JH		 3474 if (changed)
3475 err = new_settings(hdev, match.sk);
ed2c4ee3 3476
5fc6ebb1 3477 if (match.sk)
ed2c4ee3
JH		 3478 sock_put(match.sk);
3479
5fc6ebb1
JH		 3480 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3481 update_eir(hdev);
3482 else
3483 clear_eir(hdev);
cacaf52f 3484
ed2c4ee3
JH		 3485 return err;
3486}
3487
90e70454
JH		 3488static void class_rsp(struct pending_cmd *cmd, void *data)
3489{
3490 struct cmd_lookup *match = data;
3491
3492 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3493 match->hdev->dev_class, 3);
90e70454
JH		 3494
3495 list_del(&cmd->list);
3496
3497 if (match->sk == NULL) {
3498 match->sk = cmd->sk;
3499 sock_hold(match->sk);
3500 }
3501
3502 mgmt_pending_free(cmd);
3503}
3504
7f9a903c 3505int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3506 u8 status)
7f9a903c 3507{
90e70454
JH		 3508 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3509 int err = 0;
7f9a903c 3510
c95f0ba7
JH		 3511 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3512
90e70454
JH		 3513 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3514 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3515 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3516
3517 if (!status)
04124681
GP		 3518 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3519 3, NULL);
90e70454
JH		 3520
3521 if (match.sk)
3522 sock_put(match.sk);
7f9a903c
MH		 3523
3524 return err;
3525}
3526
744cf19e 3527int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3528{
3529 struct pending_cmd *cmd;
3530 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3531 bool changed = false;
3532 int err = 0;
3533
3534 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3535 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3536 changed = true;
3537 }
b312b161
JH		 3538
3539 memset(&ev, 0, sizeof(ev));
3540 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3541 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3542
2e58ef3e 3543 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3544 if (!cmd)
3545 goto send_event;
3546
7bdaae4a
JH		 3547 /* Always assume that either the short or the complete name has
3548 * changed if there was a pending mgmt command */
3549 changed = true;
3550
b312b161 3551 if (status) {
744cf19e 3552 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3553 mgmt_status(status));
b312b161
JH		 3554 goto failed;
3555 }
3556
aee9b218 3557 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3558 sizeof(ev));
b312b161
JH		 3559 if (err < 0)
3560 goto failed;
3561
3562send_event:
28cc7bde
JH		 3563 if (changed)
3564 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3565 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3566
1225a6bd
JH		 3567 /* EIR is taken care of separately when powering on the
3568 * adapter so only update them here if this is a name change
3569 * unrelated to power on.
3570 */
3571 if (!test_bit(HCI_INIT, &hdev->flags))
3572 update_eir(hdev);
b312b161
JH		 3573
3574failed:
3575 if (cmd)
3576 mgmt_pending_remove(cmd);
3577 return err;
3578}
c35938b2 3579
744cf19e 3580int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3581 u8 *randomizer, u8 status)
c35938b2
SJ		 3582{
3583 struct pending_cmd *cmd;
3584 int err;
3585
744cf19e 3586 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3587
2e58ef3e 3588 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3589 if (!cmd)
3590 return -ENOENT;
3591
3592 if (status) {
04124681
GP		 3593 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3594 mgmt_status(status));
c35938b2
SJ		 3595 } else {
3596 struct mgmt_rp_read_local_oob_data rp;
3597
3598 memcpy(rp.hash, hash, sizeof(rp.hash));
3599 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3600
744cf19e 3601 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3602 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3603 sizeof(rp));
c35938b2
SJ		 3604 }
3605
3606 mgmt_pending_remove(cmd);
3607
3608 return err;
3609}
e17acd40 3610
06199cf8
JH		 3611int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3612{
3613 struct cmd_lookup match = { NULL, hdev };
3614 bool changed = false;
3615 int err = 0;
3616
3617 if (status) {
3618 u8 mgmt_err = mgmt_status(status);
3619
3620 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3621 &hdev->dev_flags))
d97dcb66 3622 err = new_settings(hdev, NULL);
06199cf8 3623
d97dcb66
SJ		 3624 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3625 &mgmt_err);
06199cf8
JH		 3626
3627 return err;
3628 }
3629
3630 if (enable) {
3631 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3632 changed = true;
3633 } else {
3634 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3635 changed = true;
3636 }
3637
3638 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3639
3640 if (changed)
3641 err = new_settings(hdev, match.sk);
3642
3643 if (match.sk)
3644 sock_put(match.sk);
3645
3646 return err;
3647}
3648
48264f06 3649int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3650 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3651 ssp, u8 *eir, u16 eir_len)
e17acd40 3652{
e319d2e7
JH		 3653 char buf[512];
3654 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3655 size_t ev_size;
e17acd40 3656
1dc06093
JH		 3657 /* Leave 5 bytes for a potential CoD field */
3658 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3659 return -EINVAL;
3660
1dc06093
JH		 3661 memset(buf, 0, sizeof(buf));
3662
e319d2e7 3663 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3664 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3665 ev->rssi = rssi;
9a395a80 3666 if (cfm_name)
612dfce9 3667 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3668 if (!ssp)
612dfce9 3669 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3670
1dc06093 3671 if (eir_len > 0)
e319d2e7 3672 memcpy(ev->eir, eir, eir_len);
e17acd40 3673
1dc06093
JH		 3674 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3675 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3676 dev_class, 3);
1dc06093 3677
eb55ef07 3678 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3679 ev_size = sizeof(*ev) + eir_len;
f8523598 3680
e319d2e7 3681 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3682}
a88a9652 3683
b644ba33 3684int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3685 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3686{
b644ba33
JH		 3687 struct mgmt_ev_device_found *ev;
3688 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3689 u16 eir_len;
a88a9652 3690
b644ba33 3691 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3692
b644ba33
JH		 3693 memset(buf, 0, sizeof(buf));
3694
3695 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3696 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3697 ev->rssi = rssi;
3698
3699 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3700 name_len);
b644ba33 3701
eb55ef07 3702 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3703
053c7e0c 3704 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3705 sizeof(*ev) + eir_len, NULL);
a88a9652 3706}
314b2381 3707
7a135109 3708int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3709{
3710 struct pending_cmd *cmd;
f808e166 3711 u8 type;
164a6e78
JH		 3712 int err;
3713
203159d4
AG		 3714 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3715
2e58ef3e 3716 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3717 if (!cmd)
3718 return -ENOENT;
3719
f808e166
JH		 3720 type = hdev->discovery.type;
3721
3722 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3723 &type, sizeof(type));
164a6e78
JH		 3724 mgmt_pending_remove(cmd);
3725
3726 return err;
3727}
3728
e6d465cb
AG		 3729int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3730{
3731 struct pending_cmd *cmd;
3732 int err;
3733
3734 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3735 if (!cmd)
3736 return -ENOENT;
3737
d930650b 3738 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3739 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3740 mgmt_pending_remove(cmd);
3741
3742 return err;
3743}
3744
744cf19e 3745int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3746{
f963e8e9 3747 struct mgmt_ev_discovering ev;
164a6e78
JH		 3748 struct pending_cmd *cmd;
3749
343fb145
AG		 3750 BT_DBG("%s discovering %u", hdev->name, discovering);
3751
164a6e78 3752 if (discovering)
2e58ef3e 3753 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3754 else
2e58ef3e 3755 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3756
3757 if (cmd != NULL) {
f808e166
JH		 3758 u8 type = hdev->discovery.type;
3759
04124681
GP		 3760 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3761 sizeof(type));
164a6e78
JH		 3762 mgmt_pending_remove(cmd);
3763 }
3764
f963e8e9
JH		 3765 memset(&ev, 0, sizeof(ev));
3766 ev.type = hdev->discovery.type;
3767 ev.discovering = discovering;
3768
3769 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3770}
5e762444 3771
88c1fe4b 3772int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3773{
3774 struct pending_cmd *cmd;
3775 struct mgmt_ev_device_blocked ev;
3776
2e58ef3e 3777 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3778
88c1fe4b
JH		 3779 bacpy(&ev.addr.bdaddr, bdaddr);
3780 ev.addr.type = type;
5e762444 3781
744cf19e 3782 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3783 cmd ? cmd->sk : NULL);
5e762444
AJ		 3784}
3785
88c1fe4b 3786int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3787{
3788 struct pending_cmd *cmd;
3789 struct mgmt_ev_device_unblocked ev;
3790
2e58ef3e 3791 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3792
88c1fe4b
JH		 3793 bacpy(&ev.addr.bdaddr, bdaddr);
3794 ev.addr.type = type;
5e762444 3795
744cf19e 3796 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3797 cmd ? cmd->sk : NULL);
5e762444 3798}
d7b7e796
MH		 3799
3800module_param(enable_hs, bool, 0644);
3801MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux kernel - Deliverables
This page took 0.407566 seconds and 5 git commands to generate.