projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Pass full hci_dev struct to mgmt callbacks
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23/* Bluetooth HCI Management interface */
24
72359753 25#include <linux/uaccess.h>
0381101f
JH		 26#include <asm/unaligned.h>
27
28#include <net/bluetooth/bluetooth.h>
29#include <net/bluetooth/hci_core.h>
30#include <net/bluetooth/mgmt.h>
31
02d98129
JH		 32#define MGMT_VERSION 0
33#define MGMT_REVISION 1
34
2519a1fc
AG		 35#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
36
eec8d2bc
JH		 37struct pending_cmd {
38 struct list_head list;
39 __u16 opcode;
40 int index;
c68fb7ff 41 void *param;
eec8d2bc 42 struct sock *sk;
e9a416b5 43 void *user_data;
eec8d2bc
JH		 44};
45
b5ad8b7f 46static LIST_HEAD(cmd_list);
eec8d2bc 47
4e51eae9 48static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 49{
50 struct sk_buff *skb;
51 struct mgmt_hdr *hdr;
52 struct mgmt_ev_cmd_status *ev;
56b7d137 53 int err;
f7b64e69 54
34eb525c 55 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 56
57 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
58 if (!skb)
59 return -ENOMEM;
60
61 hdr = (void *) skb_put(skb, sizeof(*hdr));
62
63 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 64 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 65 hdr->len = cpu_to_le16(sizeof(*ev));
66
67 ev = (void *) skb_put(skb, sizeof(*ev));
68 ev->status = status;
69 put_unaligned_le16(cmd, &ev->opcode);
70
56b7d137
GP		 71 err = sock_queue_rcv_skb(sk, skb);
72 if (err < 0)
f7b64e69
JH		 73 kfree_skb(skb);
74
56b7d137 75 return err;
f7b64e69
JH		 76}
77
4e51eae9
SJ		 78static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
79 size_t rp_len)
02d98129
JH		 80{
81 struct sk_buff *skb;
82 struct mgmt_hdr *hdr;
83 struct mgmt_ev_cmd_complete *ev;
56b7d137 84 int err;
02d98129
JH		 85
86 BT_DBG("sock %p", sk);
87
a38528f1 88 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 89 if (!skb)
90 return -ENOMEM;
91
92 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 93
a38528f1 94 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 95 hdr->index = cpu_to_le16(index);
a38528f1 96 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 97
a38528f1
JH		 98 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
99 put_unaligned_le16(cmd, &ev->opcode);
8020c16a
SJ		 100
101 if (rp)
102 memcpy(ev->data, rp, rp_len);
02d98129 103
56b7d137
GP		 104 err = sock_queue_rcv_skb(sk, skb);
105 if (err < 0)
02d98129
JH		 106 kfree_skb(skb);
107
56b7d137 108 return err;;
02d98129
JH		 109}
110
a38528f1
JH		 111static int read_version(struct sock *sk)
112{
113 struct mgmt_rp_read_version rp;
114
115 BT_DBG("sock %p", sk);
116
117 rp.version = MGMT_VERSION;
118 put_unaligned_le16(MGMT_REVISION, &rp.revision);
119
4e51eae9
SJ		 120 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
121 sizeof(rp));
a38528f1
JH		 122}
123
faba42eb
JH		 124static int read_index_list(struct sock *sk)
125{
faba42eb
JH		 126 struct mgmt_rp_read_index_list *rp;
127 struct list_head *p;
8035ded4 128 struct hci_dev *d;
a38528f1 129 size_t rp_len;
faba42eb 130 u16 count;
a38528f1 131 int i, err;
faba42eb
JH		 132
133 BT_DBG("sock %p", sk);
134
135 read_lock(&hci_dev_list_lock);
136
137 count = 0;
138 list_for_each(p, &hci_dev_list) {
139 count++;
140 }
141
a38528f1
JH		 142 rp_len = sizeof(*rp) + (2 * count);
143 rp = kmalloc(rp_len, GFP_ATOMIC);
144 if (!rp) {
b2c60d42 145 read_unlock(&hci_dev_list_lock);
faba42eb 146 return -ENOMEM;
b2c60d42 147 }
faba42eb 148
faba42eb
JH		 149 put_unaligned_le16(count, &rp->num_controllers);
150
151 i = 0;
8035ded4 152 list_for_each_entry(d, &hci_dev_list, list) {
3243553f
JH		 153 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
154 cancel_delayed_work_sync(&d->power_off);
ab81cbf9
JH		 155
156 if (test_bit(HCI_SETUP, &d->flags))
157 continue;
158
faba42eb
JH		 159 put_unaligned_le16(d->id, &rp->index[i++]);
160 BT_DBG("Added hci%u", d->id);
161 }
162
163 read_unlock(&hci_dev_list_lock);
164
4e51eae9
SJ		 165 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
166 rp_len);
faba42eb 167
a38528f1
JH		 168 kfree(rp);
169
170 return err;
faba42eb
JH		 171}
172
4e51eae9 173static int read_controller_info(struct sock *sk, u16 index)
0381101f 174{
a38528f1 175 struct mgmt_rp_read_info rp;
f7b64e69 176 struct hci_dev *hdev;
0381101f 177
4e51eae9 178 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 179
4e51eae9 180 hdev = hci_dev_get(index);
a38528f1 181 if (!hdev)
4e51eae9 182 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
f7b64e69 183
3243553f
JH		 184 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
185 cancel_delayed_work_sync(&hdev->power_off);
ab81cbf9 186
8c156c32 187 hci_dev_lock_bh(hdev);
f7b64e69 188
ebc99feb
JH		 189 set_bit(HCI_MGMT, &hdev->flags);
190
dc4fe30b
JH		 191 memset(&rp, 0, sizeof(rp));
192
a38528f1 193 rp.type = hdev->dev_type;
f7b64e69 194
a38528f1
JH		 195 rp.powered = test_bit(HCI_UP, &hdev->flags);
196 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
197 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
198 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
f7b64e69
JH		 199
200 if (test_bit(HCI_AUTH, &hdev->flags))
a38528f1 201 rp.sec_mode = 3;
f7b64e69 202 else if (hdev->ssp_mode > 0)
a38528f1 203 rp.sec_mode = 4;
f7b64e69 204 else
a38528f1 205 rp.sec_mode = 2;
f7b64e69 206
a38528f1
JH		 207 bacpy(&rp.bdaddr, &hdev->bdaddr);
208 memcpy(rp.features, hdev->features, 8);
209 memcpy(rp.dev_class, hdev->dev_class, 3);
210 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
211 rp.hci_ver = hdev->hci_ver;
212 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
f7b64e69 213
dc4fe30b
JH		 214 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
215
8c156c32 216 hci_dev_unlock_bh(hdev);
f7b64e69 217 hci_dev_put(hdev);
0381101f 218
4e51eae9 219 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
0381101f
JH		 220}
221
eec8d2bc
JH		 222static void mgmt_pending_free(struct pending_cmd *cmd)
223{
224 sock_put(cmd->sk);
c68fb7ff 225 kfree(cmd->param);
eec8d2bc
JH		 226 kfree(cmd);
227}
228
366a0336
JH		 229static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
230 u16 index, void *data, u16 len)
eec8d2bc
JH		 231{
232 struct pending_cmd *cmd;
233
234 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
235 if (!cmd)
366a0336 236 return NULL;
eec8d2bc
JH		 237
238 cmd->opcode = opcode;
239 cmd->index = index;
240
c68fb7ff
SJ		 241 cmd->param = kmalloc(len, GFP_ATOMIC);
242 if (!cmd->param) {
eec8d2bc 243 kfree(cmd);
366a0336 244 return NULL;
eec8d2bc
JH		 245 }
246
8fce6357
SJ		 247 if (data)
248 memcpy(cmd->param, data, len);
eec8d2bc
JH		 249
250 cmd->sk = sk;
251 sock_hold(sk);
252
253 list_add(&cmd->list, &cmd_list);
254
366a0336 255 return cmd;
eec8d2bc
JH		 256}
257
744cf19e 258static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
eec8d2bc
JH		 259 void (*cb)(struct pending_cmd *cmd, void *data),
260 void *data)
261{
262 struct list_head *p, *n;
263
264 list_for_each_safe(p, n, &cmd_list) {
265 struct pending_cmd *cmd;
266
267 cmd = list_entry(p, struct pending_cmd, list);
268
b24752fe 269 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 270 continue;
271
744cf19e 272 if (hdev && cmd->index != hdev->id)
eec8d2bc
JH		 273 continue;
274
275 cb(cmd, data);
276 }
277}
278
279static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
280{
8035ded4 281 struct pending_cmd *cmd;
eec8d2bc 282
8035ded4 283 list_for_each_entry(cmd, &cmd_list, list) {
eec8d2bc
JH		 284 if (cmd->opcode != opcode)
285 continue;
286
287 if (index >= 0 && cmd->index != index)
288 continue;
289
290 return cmd;
291 }
292
293 return NULL;
294}
295
a664b5bc 296static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 297{
73f22f62
JH		 298 list_del(&cmd->list);
299 mgmt_pending_free(cmd);
300}
301
4e51eae9 302static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
eec8d2bc 303{
72a734ec 304 struct mgmt_mode *cp;
eec8d2bc 305 struct hci_dev *hdev;
366a0336 306 struct pending_cmd *cmd;
366a0336 307 int err, up;
eec8d2bc
JH		 308
309 cp = (void *) data;
eec8d2bc 310
4e51eae9 311 BT_DBG("request for hci%u", index);
eec8d2bc 312
bdce7baf
SJ		 313 if (len != sizeof(*cp))
314 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
315
4e51eae9 316 hdev = hci_dev_get(index);
eec8d2bc 317 if (!hdev)
4e51eae9 318 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
eec8d2bc 319
8c156c32 320 hci_dev_lock_bh(hdev);
eec8d2bc
JH		 321
322 up = test_bit(HCI_UP, &hdev->flags);
72a734ec 323 if ((cp->val && up) || (!cp->val && !up)) {
4e51eae9 324 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
eec8d2bc
JH		 325 goto failed;
326 }
327
4e51eae9
SJ		 328 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
329 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
eec8d2bc
JH		 330 goto failed;
331 }
332
4e51eae9 333 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
366a0336
JH		 334 if (!cmd) {
335 err = -ENOMEM;
eec8d2bc 336 goto failed;
366a0336 337 }
eec8d2bc 338
72a734ec 339 if (cp->val)
eec8d2bc
JH		 340 queue_work(hdev->workqueue, &hdev->power_on);
341 else
3243553f 342 queue_work(hdev->workqueue, &hdev->power_off.work);
eec8d2bc 343
366a0336 344 err = 0;
eec8d2bc
JH		 345
346failed:
8c156c32 347 hci_dev_unlock_bh(hdev);
eec8d2bc 348 hci_dev_put(hdev);
366a0336 349 return err;
eec8d2bc
JH		 350}
351
4e51eae9
SJ		 352static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
353 u16 len)
73f22f62 354{
16ab91ab 355 struct mgmt_cp_set_discoverable *cp;
73f22f62 356 struct hci_dev *hdev;
366a0336 357 struct pending_cmd *cmd;
73f22f62
JH		 358 u8 scan;
359 int err;
360
361 cp = (void *) data;
73f22f62 362
4e51eae9 363 BT_DBG("request for hci%u", index);
73f22f62 364
bdce7baf
SJ		 365 if (len != sizeof(*cp))
366 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
367
4e51eae9 368 hdev = hci_dev_get(index);
73f22f62 369 if (!hdev)
4e51eae9 370 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
73f22f62 371
8c156c32 372 hci_dev_lock_bh(hdev);
73f22f62
JH		 373
374 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 375 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
73f22f62
JH		 376 goto failed;
377 }
378
4e51eae9
SJ		 379 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
380 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
381 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
73f22f62
JH		 382 goto failed;
383 }
384
72a734ec 385 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
73f22f62 386 test_bit(HCI_PSCAN, &hdev->flags)) {
4e51eae9 387 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
73f22f62
JH		 388 goto failed;
389 }
390
4e51eae9 391 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
366a0336
JH		 392 if (!cmd) {
393 err = -ENOMEM;
73f22f62 394 goto failed;
366a0336 395 }
73f22f62
JH		 396
397 scan = SCAN_PAGE;
398
72a734ec 399 if (cp->val)
73f22f62 400 scan |= SCAN_INQUIRY;
16ab91ab
JH		 401 else
402 cancel_delayed_work_sync(&hdev->discov_off);
73f22f62
JH		 403
404 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
405 if (err < 0)
a664b5bc 406 mgmt_pending_remove(cmd);
73f22f62 407
16ab91ab
JH		 408 if (cp->val)
409 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
410
73f22f62 411failed:
8c156c32 412 hci_dev_unlock_bh(hdev);
73f22f62
JH		 413 hci_dev_put(hdev);
414
415 return err;
416}
417
4e51eae9
SJ		 418static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
419 u16 len)
9fbcbb45 420{
72a734ec 421 struct mgmt_mode *cp;
9fbcbb45 422 struct hci_dev *hdev;
366a0336 423 struct pending_cmd *cmd;
9fbcbb45
JH		 424 u8 scan;
425 int err;
426
427 cp = (void *) data;
9fbcbb45 428
4e51eae9 429 BT_DBG("request for hci%u", index);
9fbcbb45 430
bdce7baf
SJ		 431 if (len != sizeof(*cp))
432 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
433
4e51eae9 434 hdev = hci_dev_get(index);
9fbcbb45 435 if (!hdev)
4e51eae9 436 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
9fbcbb45 437
8c156c32 438 hci_dev_lock_bh(hdev);
9fbcbb45
JH		 439
440 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 441 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
9fbcbb45
JH		 442 goto failed;
443 }
444
4e51eae9
SJ		 445 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
446 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
447 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
9fbcbb45
JH		 448 goto failed;
449 }
450
72a734ec 451 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
4e51eae9 452 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
9fbcbb45
JH		 453 goto failed;
454 }
455
4e51eae9 456 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
366a0336
JH		 457 if (!cmd) {
458 err = -ENOMEM;
9fbcbb45 459 goto failed;
366a0336 460 }
9fbcbb45 461
72a734ec 462 if (cp->val)
9fbcbb45
JH		 463 scan = SCAN_PAGE;
464 else
465 scan = 0;
466
467 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
468 if (err < 0)
a664b5bc 469 mgmt_pending_remove(cmd);
9fbcbb45
JH		 470
471failed:
8c156c32 472 hci_dev_unlock_bh(hdev);
9fbcbb45
JH		 473 hci_dev_put(hdev);
474
475 return err;
476}
477
744cf19e
JH		 478static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
479 u16 data_len, struct sock *skip_sk)
c542a06c
JH		 480{
481 struct sk_buff *skb;
482 struct mgmt_hdr *hdr;
483
484 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
485 if (!skb)
486 return -ENOMEM;
487
488 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
489
490 hdr = (void *) skb_put(skb, sizeof(*hdr));
491 hdr->opcode = cpu_to_le16(event);
744cf19e
JH		 492 if (hdev)
493 hdr->index = cpu_to_le16(hdev->id);
494 else
495 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
c542a06c
JH		 496 hdr->len = cpu_to_le16(data_len);
497
4e51eae9
SJ		 498 if (data)
499 memcpy(skb_put(skb, data_len), data, data_len);
c542a06c
JH		 500
501 hci_send_to_sock(NULL, skb, skip_sk);
502 kfree_skb(skb);
503
504 return 0;
505}
506
053f0211
JH		 507static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
508{
a38528f1 509 struct mgmt_mode rp;
053f0211 510
a38528f1 511 rp.val = val;
053f0211 512
4e51eae9 513 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
053f0211
JH		 514}
515
4e51eae9
SJ		 516static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
517 u16 len)
c542a06c
JH		 518{
519 struct mgmt_mode *cp, ev;
520 struct hci_dev *hdev;
c542a06c
JH		 521 int err;
522
523 cp = (void *) data;
c542a06c 524
4e51eae9 525 BT_DBG("request for hci%u", index);
c542a06c 526
bdce7baf
SJ		 527 if (len != sizeof(*cp))
528 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
529
4e51eae9 530 hdev = hci_dev_get(index);
c542a06c 531 if (!hdev)
4e51eae9 532 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
c542a06c 533
8c156c32 534 hci_dev_lock_bh(hdev);
c542a06c
JH		 535
536 if (cp->val)
537 set_bit(HCI_PAIRABLE, &hdev->flags);
538 else
539 clear_bit(HCI_PAIRABLE, &hdev->flags);
540
4e51eae9 541 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
c542a06c
JH		 542 if (err < 0)
543 goto failed;
544
c542a06c
JH		 545 ev.val = cp->val;
546
744cf19e 547 err = mgmt_event(MGMT_EV_PAIRABLE, hdev, &ev, sizeof(ev), sk);
c542a06c
JH		 548
549failed:
8c156c32 550 hci_dev_unlock_bh(hdev);
c542a06c
JH		 551 hci_dev_put(hdev);
552
553 return err;
554}
555
80a1e1db
JH		 556#define EIR_FLAGS 0x01 /* flags */
557#define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
558#define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
559#define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
560#define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
561#define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
562#define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
563#define EIR_NAME_SHORT 0x08 /* shortened local name */
564#define EIR_NAME_COMPLETE 0x09 /* complete local name */
565#define EIR_TX_POWER 0x0A /* transmit power level */
566#define EIR_DEVICE_ID 0x10 /* device ID */
567
568#define PNP_INFO_SVCLASS_ID 0x1200
569
570static u8 bluetooth_base_uuid[] = {
571 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
572 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
573};
574
575static u16 get_uuid16(u8 *uuid128)
576{
577 u32 val;
578 int i;
579
580 for (i = 0; i < 12; i++) {
581 if (bluetooth_base_uuid[i] != uuid128[i])
582 return 0;
583 }
584
585 memcpy(&val, &uuid128[12], 4);
586
587 val = le32_to_cpu(val);
588 if (val > 0xffff)
589 return 0;
590
591 return (u16) val;
592}
593
594static void create_eir(struct hci_dev *hdev, u8 *data)
595{
596 u8 *ptr = data;
597 u16 eir_len = 0;
598 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
599 int i, truncated = 0;
8035ded4 600 struct bt_uuid *uuid;
80a1e1db
JH		 601 size_t name_len;
602
603 name_len = strlen(hdev->dev_name);
604
605 if (name_len > 0) {
606 /* EIR Data type */
607 if (name_len > 48) {
608 name_len = 48;
609 ptr[1] = EIR_NAME_SHORT;
610 } else
611 ptr[1] = EIR_NAME_COMPLETE;
612
613 /* EIR Data length */
614 ptr[0] = name_len + 1;
615
616 memcpy(ptr + 2, hdev->dev_name, name_len);
617
618 eir_len += (name_len + 2);
619 ptr += (name_len + 2);
620 }
621
622 memset(uuid16_list, 0, sizeof(uuid16_list));
623
624 /* Group all UUID16 types */
8035ded4 625 list_for_each_entry(uuid, &hdev->uuids, list) {
80a1e1db
JH		 626 u16 uuid16;
627
628 uuid16 = get_uuid16(uuid->uuid);
629 if (uuid16 == 0)
630 return;
631
632 if (uuid16 < 0x1100)
633 continue;
634
635 if (uuid16 == PNP_INFO_SVCLASS_ID)
636 continue;
637
638 /* Stop if not enough space to put next UUID */
639 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
640 truncated = 1;
641 break;
642 }
643
644 /* Check for duplicates */
645 for (i = 0; uuid16_list[i] != 0; i++)
646 if (uuid16_list[i] == uuid16)
647 break;
648
649 if (uuid16_list[i] == 0) {
650 uuid16_list[i] = uuid16;
651 eir_len += sizeof(u16);
652 }
653 }
654
655 if (uuid16_list[0] != 0) {
656 u8 *length = ptr;
657
658 /* EIR Data type */
659 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
660
661 ptr += 2;
662 eir_len += 2;
663
664 for (i = 0; uuid16_list[i] != 0; i++) {
665 *ptr++ = (uuid16_list[i] & 0x00ff);
666 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
667 }
668
669 /* EIR Data length */
670 *length = (i * sizeof(u16)) + 1;
671 }
672}
673
674static int update_eir(struct hci_dev *hdev)
675{
676 struct hci_cp_write_eir cp;
677
678 if (!(hdev->features[6] & LMP_EXT_INQ))
679 return 0;
680
681 if (hdev->ssp_mode == 0)
682 return 0;
683
684 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
685 return 0;
686
687 memset(&cp, 0, sizeof(cp));
688
689 create_eir(hdev, cp.data);
690
691 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
692 return 0;
693
694 memcpy(hdev->eir, cp.data, sizeof(cp.data));
695
696 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
697}
698
1aff6f09
JH		 699static u8 get_service_classes(struct hci_dev *hdev)
700{
12dc0743 701 struct bt_uuid *uuid;
1aff6f09
JH		 702 u8 val = 0;
703
12dc0743 704 list_for_each_entry(uuid, &hdev->uuids, list)
1aff6f09 705 val |= uuid->svc_hint;
1aff6f09
JH		 706
707 return val;
708}
709
710static int update_class(struct hci_dev *hdev)
711{
712 u8 cod[3];
713
714 BT_DBG("%s", hdev->name);
715
716 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
717 return 0;
718
719 cod[0] = hdev->minor_class;
720 cod[1] = hdev->major_class;
721 cod[2] = get_service_classes(hdev);
722
723 if (memcmp(cod, hdev->dev_class, 3) == 0)
724 return 0;
725
726 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
727}
728
4e51eae9 729static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 730{
731 struct mgmt_cp_add_uuid *cp;
732 struct hci_dev *hdev;
733 struct bt_uuid *uuid;
2aeb9a1a
JH		 734 int err;
735
736 cp = (void *) data;
2aeb9a1a 737
4e51eae9 738 BT_DBG("request for hci%u", index);
2aeb9a1a 739
bdce7baf
SJ		 740 if (len != sizeof(*cp))
741 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
742
4e51eae9 743 hdev = hci_dev_get(index);
2aeb9a1a 744 if (!hdev)
4e51eae9 745 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
2aeb9a1a 746
8c156c32 747 hci_dev_lock_bh(hdev);
2aeb9a1a
JH		 748
749 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
750 if (!uuid) {
751 err = -ENOMEM;
752 goto failed;
753 }
754
755 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 756 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 757
758 list_add(&uuid->list, &hdev->uuids);
759
1aff6f09
JH		 760 err = update_class(hdev);
761 if (err < 0)
762 goto failed;
763
80a1e1db
JH		 764 err = update_eir(hdev);
765 if (err < 0)
766 goto failed;
767
4e51eae9 768 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
2aeb9a1a
JH		 769
770failed:
8c156c32 771 hci_dev_unlock_bh(hdev);
2aeb9a1a
JH		 772 hci_dev_put(hdev);
773
774 return err;
775}
776
4e51eae9 777static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 778{
779 struct list_head *p, *n;
779cb850 780 struct mgmt_cp_remove_uuid *cp;
2aeb9a1a
JH		 781 struct hci_dev *hdev;
782 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 783 int err, found;
784
785 cp = (void *) data;
2aeb9a1a 786
4e51eae9 787 BT_DBG("request for hci%u", index);
2aeb9a1a 788
bdce7baf
SJ		 789 if (len != sizeof(*cp))
790 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
791
4e51eae9 792 hdev = hci_dev_get(index);
2aeb9a1a 793 if (!hdev)
4e51eae9 794 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
2aeb9a1a 795
8c156c32 796 hci_dev_lock_bh(hdev);
2aeb9a1a
JH		 797
798 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
799 err = hci_uuids_clear(hdev);
800 goto unlock;
801 }
802
803 found = 0;
804
805 list_for_each_safe(p, n, &hdev->uuids) {
806 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
807
808 if (memcmp(match->uuid, cp->uuid, 16) != 0)
809 continue;
810
811 list_del(&match->list);
812 found++;
813 }
814
815 if (found == 0) {
4e51eae9 816 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
2aeb9a1a
JH		 817 goto unlock;
818 }
819
1aff6f09
JH		 820 err = update_class(hdev);
821 if (err < 0)
822 goto unlock;
823
80a1e1db
JH		 824 err = update_eir(hdev);
825 if (err < 0)
826 goto unlock;
827
4e51eae9 828 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
2aeb9a1a
JH		 829
830unlock:
8c156c32 831 hci_dev_unlock_bh(hdev);
2aeb9a1a
JH		 832 hci_dev_put(hdev);
833
834 return err;
835}
836
4e51eae9
SJ		 837static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
838 u16 len)
1aff6f09
JH		 839{
840 struct hci_dev *hdev;
841 struct mgmt_cp_set_dev_class *cp;
1aff6f09
JH		 842 int err;
843
844 cp = (void *) data;
1aff6f09 845
4e51eae9 846 BT_DBG("request for hci%u", index);
1aff6f09 847
bdce7baf
SJ		 848 if (len != sizeof(*cp))
849 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
850
4e51eae9 851 hdev = hci_dev_get(index);
1aff6f09 852 if (!hdev)
4e51eae9 853 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
1aff6f09 854
8c156c32 855 hci_dev_lock_bh(hdev);
1aff6f09
JH		 856
857 hdev->major_class = cp->major;
858 hdev->minor_class = cp->minor;
859
860 err = update_class(hdev);
861
862 if (err == 0)
4e51eae9 863 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1aff6f09 864
8c156c32 865 hci_dev_unlock_bh(hdev);
1aff6f09
JH		 866 hci_dev_put(hdev);
867
868 return err;
869}
870
4e51eae9
SJ		 871static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
872 u16 len)
1aff6f09
JH		 873{
874 struct hci_dev *hdev;
875 struct mgmt_cp_set_service_cache *cp;
1aff6f09
JH		 876 int err;
877
878 cp = (void *) data;
1aff6f09 879
bdce7baf 880 if (len != sizeof(*cp))
b8534e0f 881 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
bdce7baf 882
4e51eae9 883 hdev = hci_dev_get(index);
1aff6f09 884 if (!hdev)
4e51eae9 885 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
1aff6f09 886
8c156c32 887 hci_dev_lock_bh(hdev);
1aff6f09 888
4e51eae9 889 BT_DBG("hci%u enable %d", index, cp->enable);
1aff6f09
JH		 890
891 if (cp->enable) {
892 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
893 err = 0;
894 } else {
895 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
896 err = update_class(hdev);
80a1e1db
JH		 897 if (err == 0)
898 err = update_eir(hdev);
1aff6f09
JH		 899 }
900
901 if (err == 0)
4e51eae9
SJ		 902 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
903 0);
e5b82e58
GP		 904 else
905 cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, -err);
906
1aff6f09 907
8c156c32 908 hci_dev_unlock_bh(hdev);
1aff6f09
JH		 909 hci_dev_put(hdev);
910
911 return err;
912}
913
86742e1e
JH		 914static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
915 u16 len)
55ed8ca1
JH		 916{
917 struct hci_dev *hdev;
86742e1e 918 struct mgmt_cp_load_link_keys *cp;
4e51eae9 919 u16 key_count, expected_len;
a492cd52 920 int i;
55ed8ca1
JH		 921
922 cp = (void *) data;
bdce7baf
SJ		 923
924 if (len < sizeof(*cp))
86742e1e 925 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, EINVAL);
bdce7baf 926
55ed8ca1
JH		 927 key_count = get_unaligned_le16(&cp->key_count);
928
86742e1e
JH		 929 expected_len = sizeof(*cp) + key_count *
930 sizeof(struct mgmt_link_key_info);
a492cd52 931 if (expected_len != len) {
86742e1e 932 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 933 len, expected_len);
86742e1e 934 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, EINVAL);
55ed8ca1
JH		 935 }
936
4e51eae9 937 hdev = hci_dev_get(index);
55ed8ca1 938 if (!hdev)
86742e1e 939 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, ENODEV);
55ed8ca1 940
4e51eae9 941 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 942 key_count);
943
8c156c32 944 hci_dev_lock_bh(hdev);
55ed8ca1
JH		 945
946 hci_link_keys_clear(hdev);
947
948 set_bit(HCI_LINK_KEYS, &hdev->flags);
949
950 if (cp->debug_keys)
951 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
952 else
953 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
954
a492cd52 955 for (i = 0; i < key_count; i++) {
86742e1e 956 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 957
d25e28ab 958 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
55ed8ca1
JH		 959 key->pin_len);
960 }
961
8c156c32 962 hci_dev_unlock_bh(hdev);
55ed8ca1
JH		 963 hci_dev_put(hdev);
964
a492cd52 965 return 0;
55ed8ca1
JH		 966}
967
86742e1e
JH		 968static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
969 u16 len)
55ed8ca1
JH		 970{
971 struct hci_dev *hdev;
86742e1e 972 struct mgmt_cp_remove_keys *cp;
55ed8ca1 973 struct hci_conn *conn;
55ed8ca1
JH		 974 int err;
975
976 cp = (void *) data;
55ed8ca1 977
bdce7baf 978 if (len != sizeof(*cp))
86742e1e 979 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, EINVAL);
bdce7baf 980
4e51eae9 981 hdev = hci_dev_get(index);
55ed8ca1 982 if (!hdev)
86742e1e 983 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, ENODEV);
55ed8ca1 984
8c156c32 985 hci_dev_lock_bh(hdev);
55ed8ca1
JH		 986
987 err = hci_remove_link_key(hdev, &cp->bdaddr);
988 if (err < 0) {
86742e1e 989 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, -err);
55ed8ca1
JH		 990 goto unlock;
991 }
992
993 err = 0;
994
995 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
996 goto unlock;
997
998 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
999 if (conn) {
1000 struct hci_cp_disconnect dc;
1001
1002 put_unaligned_le16(conn->handle, &dc.handle);
1003 dc.reason = 0x13; /* Remote User Terminated Connection */
94ac0272 1004 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
55ed8ca1
JH		 1005 }
1006
1007unlock:
8c156c32 1008 hci_dev_unlock_bh(hdev);
55ed8ca1
JH		 1009 hci_dev_put(hdev);
1010
1011 return err;
1012}
1013
4e51eae9 1014static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
8962ee74
JH		 1015{
1016 struct hci_dev *hdev;
1017 struct mgmt_cp_disconnect *cp;
1018 struct hci_cp_disconnect dc;
366a0336 1019 struct pending_cmd *cmd;
8962ee74 1020 struct hci_conn *conn;
8962ee74
JH		 1021 int err;
1022
1023 BT_DBG("");
1024
1025 cp = (void *) data;
8962ee74 1026
bdce7baf
SJ		 1027 if (len != sizeof(*cp))
1028 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1029
4e51eae9 1030 hdev = hci_dev_get(index);
8962ee74 1031 if (!hdev)
4e51eae9 1032 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
8962ee74 1033
8c156c32 1034 hci_dev_lock_bh(hdev);
8962ee74
JH		 1035
1036 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1037 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
8962ee74
JH		 1038 goto failed;
1039 }
1040
4e51eae9
SJ		 1041 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1042 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
8962ee74
JH		 1043 goto failed;
1044 }
1045
1046 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
365227e5
VCG		 1047 if (!conn)
1048 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1049
8962ee74 1050 if (!conn) {
4e51eae9 1051 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
8962ee74
JH		 1052 goto failed;
1053 }
1054
4e51eae9 1055 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
366a0336
JH		 1056 if (!cmd) {
1057 err = -ENOMEM;
8962ee74 1058 goto failed;
366a0336 1059 }
8962ee74
JH		 1060
1061 put_unaligned_le16(conn->handle, &dc.handle);
1062 dc.reason = 0x13; /* Remote User Terminated Connection */
1063
1064 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1065 if (err < 0)
a664b5bc 1066 mgmt_pending_remove(cmd);
8962ee74
JH		 1067
1068failed:
8c156c32 1069 hci_dev_unlock_bh(hdev);
8962ee74
JH		 1070 hci_dev_put(hdev);
1071
1072 return err;
1073}
1074
4c659c39
JH		 1075static u8 link_to_mgmt(u8 link_type)
1076{
1077 switch (link_type) {
1078 case LE_LINK:
1079 return MGMT_ADDR_LE;
1080 case ACL_LINK:
1081 return MGMT_ADDR_BREDR;
1082 default:
1083 return MGMT_ADDR_INVALID;
1084 }
1085}
1086
8ce6284e 1087static int get_connections(struct sock *sk, u16 index)
2784eb41 1088{
2784eb41
JH		 1089 struct mgmt_rp_get_connections *rp;
1090 struct hci_dev *hdev;
8035ded4 1091 struct hci_conn *c;
2784eb41 1092 struct list_head *p;
a38528f1 1093 size_t rp_len;
4e51eae9 1094 u16 count;
2784eb41
JH		 1095 int i, err;
1096
1097 BT_DBG("");
1098
4e51eae9 1099 hdev = hci_dev_get(index);
2784eb41 1100 if (!hdev)
4e51eae9 1101 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
2784eb41 1102
8c156c32 1103 hci_dev_lock_bh(hdev);
2784eb41
JH		 1104
1105 count = 0;
1106 list_for_each(p, &hdev->conn_hash.list) {
1107 count++;
1108 }
1109
4c659c39 1110 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1111 rp = kmalloc(rp_len, GFP_ATOMIC);
1112 if (!rp) {
2784eb41
JH		 1113 err = -ENOMEM;
1114 goto unlock;
1115 }
1116
2784eb41
JH		 1117 put_unaligned_le16(count, &rp->conn_count);
1118
2784eb41 1119 i = 0;
4c659c39
JH		 1120 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1121 bacpy(&rp->addr[i].bdaddr, &c->dst);
1122 rp->addr[i].type = link_to_mgmt(c->type);
1123 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1124 continue;
1125 i++;
1126 }
1127
1128 /* Recalculate length in case of filtered SCO connections, etc */
1129 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1130
4e51eae9 1131 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
2784eb41
JH		 1132
1133unlock:
a38528f1 1134 kfree(rp);
8c156c32 1135 hci_dev_unlock_bh(hdev);
2784eb41
JH		 1136 hci_dev_put(hdev);
1137 return err;
1138}
1139
96d97a67
WR		 1140static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1141 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1142{
1143 struct pending_cmd *cmd;
1144 int err;
1145
1146 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1147 sizeof(*cp));
1148 if (!cmd)
1149 return -ENOMEM;
1150
1151 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1152 &cp->bdaddr);
1153 if (err < 0)
1154 mgmt_pending_remove(cmd);
1155
1156 return err;
1157}
1158
4e51eae9
SJ		 1159static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1160 u16 len)
980e1a53
JH		 1161{
1162 struct hci_dev *hdev;
96d97a67 1163 struct hci_conn *conn;
980e1a53 1164 struct mgmt_cp_pin_code_reply *cp;
96d97a67 1165 struct mgmt_cp_pin_code_neg_reply ncp;
980e1a53 1166 struct hci_cp_pin_code_reply reply;
366a0336 1167 struct pending_cmd *cmd;
980e1a53
JH		 1168 int err;
1169
1170 BT_DBG("");
1171
1172 cp = (void *) data;
980e1a53 1173
bdce7baf
SJ		 1174 if (len != sizeof(*cp))
1175 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1176
4e51eae9 1177 hdev = hci_dev_get(index);
980e1a53 1178 if (!hdev)
4e51eae9 1179 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
980e1a53 1180
8c156c32 1181 hci_dev_lock_bh(hdev);
980e1a53
JH		 1182
1183 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1184 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
980e1a53
JH		 1185 goto failed;
1186 }
1187
96d97a67
WR		 1188 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1189 if (!conn) {
1190 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1191 goto failed;
1192 }
1193
1194 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1195 bacpy(&ncp.bdaddr, &cp->bdaddr);
1196
1197 BT_ERR("PIN code is not 16 bytes long");
1198
1199 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1200 if (err >= 0)
1201 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1202 EINVAL);
1203
1204 goto failed;
1205 }
1206
4e51eae9 1207 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
366a0336
JH		 1208 if (!cmd) {
1209 err = -ENOMEM;
980e1a53 1210 goto failed;
366a0336 1211 }
980e1a53
JH		 1212
1213 bacpy(&reply.bdaddr, &cp->bdaddr);
1214 reply.pin_len = cp->pin_len;
24718ca5 1215 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1216
1217 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1218 if (err < 0)
a664b5bc 1219 mgmt_pending_remove(cmd);
980e1a53
JH		 1220
1221failed:
8c156c32 1222 hci_dev_unlock_bh(hdev);
980e1a53
JH		 1223 hci_dev_put(hdev);
1224
1225 return err;
1226}
1227
4e51eae9
SJ		 1228static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1229 u16 len)
980e1a53
JH		 1230{
1231 struct hci_dev *hdev;
1232 struct mgmt_cp_pin_code_neg_reply *cp;
980e1a53
JH		 1233 int err;
1234
1235 BT_DBG("");
1236
1237 cp = (void *) data;
980e1a53 1238
bdce7baf
SJ		 1239 if (len != sizeof(*cp))
1240 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1241 EINVAL);
1242
4e51eae9 1243 hdev = hci_dev_get(index);
980e1a53 1244 if (!hdev)
4e51eae9
SJ		 1245 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1246 ENODEV);
980e1a53 1247
8c156c32 1248 hci_dev_lock_bh(hdev);
980e1a53
JH		 1249
1250 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9
SJ		 1251 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1252 ENETDOWN);
980e1a53
JH		 1253 goto failed;
1254 }
1255
96d97a67 1256 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1257
1258failed:
8c156c32 1259 hci_dev_unlock_bh(hdev);
980e1a53
JH		 1260 hci_dev_put(hdev);
1261
1262 return err;
1263}
1264
4e51eae9
SJ		 1265static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1266 u16 len)
17fa4b9d
JH		 1267{
1268 struct hci_dev *hdev;
1269 struct mgmt_cp_set_io_capability *cp;
17fa4b9d
JH		 1270
1271 BT_DBG("");
1272
1273 cp = (void *) data;
17fa4b9d 1274
bdce7baf 1275 if (len != sizeof(*cp))
b8534e0f 1276 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
bdce7baf 1277
4e51eae9 1278 hdev = hci_dev_get(index);
17fa4b9d 1279 if (!hdev)
4e51eae9 1280 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
17fa4b9d 1281
8c156c32 1282 hci_dev_lock_bh(hdev);
17fa4b9d
JH		 1283
1284 hdev->io_capability = cp->io_capability;
1285
1286 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1287 hdev->io_capability);
17fa4b9d 1288
8c156c32 1289 hci_dev_unlock_bh(hdev);
17fa4b9d
JH		 1290 hci_dev_put(hdev);
1291
4e51eae9 1292 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
17fa4b9d
JH		 1293}
1294
e9a416b5
JH		 1295static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1296{
1297 struct hci_dev *hdev = conn->hdev;
8035ded4 1298 struct pending_cmd *cmd;
e9a416b5 1299
8035ded4 1300 list_for_each_entry(cmd, &cmd_list, list) {
e9a416b5
JH		 1301 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1302 continue;
1303
1304 if (cmd->index != hdev->id)
1305 continue;
1306
1307 if (cmd->user_data != conn)
1308 continue;
1309
1310 return cmd;
1311 }
1312
1313 return NULL;
1314}
1315
1316static void pairing_complete(struct pending_cmd *cmd, u8 status)
1317{
1318 struct mgmt_rp_pair_device rp;
1319 struct hci_conn *conn = cmd->user_data;
1320
e9a416b5
JH		 1321 bacpy(&rp.bdaddr, &conn->dst);
1322 rp.status = status;
1323
4e51eae9 1324 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
e9a416b5
JH		 1325
1326 /* So we don't get further callbacks for this connection */
1327 conn->connect_cfm_cb = NULL;
1328 conn->security_cfm_cb = NULL;
1329 conn->disconn_cfm_cb = NULL;
1330
1331 hci_conn_put(conn);
1332
a664b5bc 1333 mgmt_pending_remove(cmd);
e9a416b5
JH		 1334}
1335
1336static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1337{
1338 struct pending_cmd *cmd;
1339
1340 BT_DBG("status %u", status);
1341
1342 cmd = find_pairing(conn);
1343 if (!cmd) {
1344 BT_DBG("Unable to find a pending command");
1345 return;
1346 }
1347
1348 pairing_complete(cmd, status);
1349}
1350
4e51eae9 1351static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
e9a416b5
JH		 1352{
1353 struct hci_dev *hdev;
1354 struct mgmt_cp_pair_device *cp;
1355 struct pending_cmd *cmd;
7a512d01 1356 struct adv_entry *entry;
e9a416b5
JH		 1357 u8 sec_level, auth_type;
1358 struct hci_conn *conn;
e9a416b5
JH		 1359 int err;
1360
1361 BT_DBG("");
1362
1363 cp = (void *) data;
e9a416b5 1364
bdce7baf
SJ		 1365 if (len != sizeof(*cp))
1366 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1367
4e51eae9 1368 hdev = hci_dev_get(index);
e9a416b5 1369 if (!hdev)
4e51eae9 1370 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
e9a416b5 1371
8c156c32 1372 hci_dev_lock_bh(hdev);
e9a416b5 1373
c908df36
VCG		 1374 sec_level = BT_SECURITY_MEDIUM;
1375 if (cp->io_cap == 0x03)
e9a416b5 1376 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1377 else
e9a416b5 1378 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1379
7a512d01
VCG		 1380 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1381 if (entry)
1382 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1383 auth_type);
1384 else
1385 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1386 auth_type);
1387
30e76272
VT		 1388 if (IS_ERR(conn)) {
1389 err = PTR_ERR(conn);
e9a416b5
JH		 1390 goto unlock;
1391 }
1392
1393 if (conn->connect_cfm_cb) {
1394 hci_conn_put(conn);
4e51eae9 1395 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
e9a416b5
JH		 1396 goto unlock;
1397 }
1398
4e51eae9 1399 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
e9a416b5
JH		 1400 if (!cmd) {
1401 err = -ENOMEM;
1402 hci_conn_put(conn);
1403 goto unlock;
1404 }
1405
7a512d01
VCG		 1406 /* For LE, just connecting isn't a proof that the pairing finished */
1407 if (!entry)
1408 conn->connect_cfm_cb = pairing_complete_cb;
1409
e9a416b5
JH		 1410 conn->security_cfm_cb = pairing_complete_cb;
1411 conn->disconn_cfm_cb = pairing_complete_cb;
1412 conn->io_capability = cp->io_cap;
1413 cmd->user_data = conn;
1414
1415 if (conn->state == BT_CONNECTED &&
1416 hci_conn_security(conn, sec_level, auth_type))
1417 pairing_complete(cmd, 0);
1418
1419 err = 0;
1420
1421unlock:
8c156c32 1422 hci_dev_unlock_bh(hdev);
e9a416b5
JH		 1423 hci_dev_put(hdev);
1424
1425 return err;
1426}
1427
4e51eae9
SJ		 1428static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1429 u16 len, int success)
a5c29683
JH		 1430{
1431 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
4e51eae9 1432 u16 mgmt_op, hci_op;
a5c29683
JH		 1433 struct pending_cmd *cmd;
1434 struct hci_dev *hdev;
1435 int err;
1436
1437 BT_DBG("");
1438
a5c29683
JH		 1439 if (success) {
1440 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1441 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1442 } else {
1443 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1444 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1445 }
1446
bdce7baf
SJ		 1447 if (len != sizeof(*cp))
1448 return cmd_status(sk, index, mgmt_op, EINVAL);
1449
4e51eae9 1450 hdev = hci_dev_get(index);
a5c29683 1451 if (!hdev)
4e51eae9 1452 return cmd_status(sk, index, mgmt_op, ENODEV);
a5c29683 1453
8c156c32 1454 hci_dev_lock_bh(hdev);
08ba5382 1455
a5c29683 1456 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1457 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
a5c29683
JH		 1458 goto failed;
1459 }
1460
4e51eae9 1461 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
a5c29683
JH		 1462 if (!cmd) {
1463 err = -ENOMEM;
1464 goto failed;
1465 }
1466
1467 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
a664b5bc
JH		 1468 if (err < 0)
1469 mgmt_pending_remove(cmd);
a5c29683
JH		 1470
1471failed:
8c156c32 1472 hci_dev_unlock_bh(hdev);
a5c29683
JH		 1473 hci_dev_put(hdev);
1474
1475 return err;
1476}
1477
b312b161
JH		 1478static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1479 u16 len)
1480{
1481 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1482 struct hci_cp_write_local_name hci_cp;
1483 struct hci_dev *hdev;
1484 struct pending_cmd *cmd;
1485 int err;
1486
1487 BT_DBG("");
1488
1489 if (len != sizeof(*mgmt_cp))
1490 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1491
1492 hdev = hci_dev_get(index);
1493 if (!hdev)
1494 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1495
8c156c32 1496 hci_dev_lock_bh(hdev);
b312b161
JH		 1497
1498 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1499 if (!cmd) {
1500 err = -ENOMEM;
1501 goto failed;
1502 }
1503
1504 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1505 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1506 &hci_cp);
1507 if (err < 0)
1508 mgmt_pending_remove(cmd);
1509
1510failed:
8c156c32 1511 hci_dev_unlock_bh(hdev);
b312b161
JH		 1512 hci_dev_put(hdev);
1513
1514 return err;
1515}
1516
c35938b2
SJ		 1517static int read_local_oob_data(struct sock *sk, u16 index)
1518{
1519 struct hci_dev *hdev;
1520 struct pending_cmd *cmd;
1521 int err;
1522
1523 BT_DBG("hci%u", index);
1524
1525 hdev = hci_dev_get(index);
1526 if (!hdev)
1527 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1528 ENODEV);
1529
8c156c32 1530 hci_dev_lock_bh(hdev);
c35938b2
SJ		 1531
1532 if (!test_bit(HCI_UP, &hdev->flags)) {
1533 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1534 ENETDOWN);
1535 goto unlock;
1536 }
1537
1538 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1539 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1540 EOPNOTSUPP);
1541 goto unlock;
1542 }
1543
1544 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1545 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1546 goto unlock;
1547 }
1548
1549 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1550 if (!cmd) {
1551 err = -ENOMEM;
1552 goto unlock;
1553 }
1554
1555 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1556 if (err < 0)
1557 mgmt_pending_remove(cmd);
1558
1559unlock:
8c156c32 1560 hci_dev_unlock_bh(hdev);
c35938b2
SJ		 1561 hci_dev_put(hdev);
1562
1563 return err;
1564}
1565
2763eda6
SJ		 1566static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1567 u16 len)
1568{
1569 struct hci_dev *hdev;
1570 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1571 int err;
1572
1573 BT_DBG("hci%u ", index);
1574
1575 if (len != sizeof(*cp))
1576 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1577 EINVAL);
1578
1579 hdev = hci_dev_get(index);
1580 if (!hdev)
1581 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1582 ENODEV);
1583
8c156c32 1584 hci_dev_lock_bh(hdev);
2763eda6
SJ		 1585
1586 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1587 cp->randomizer);
1588 if (err < 0)
1589 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1590 else
1591 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1592 0);
1593
8c156c32 1594 hci_dev_unlock_bh(hdev);
2763eda6
SJ		 1595 hci_dev_put(hdev);
1596
1597 return err;
1598}
1599
1600static int remove_remote_oob_data(struct sock *sk, u16 index,
1601 unsigned char *data, u16 len)
1602{
1603 struct hci_dev *hdev;
1604 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1605 int err;
1606
1607 BT_DBG("hci%u ", index);
1608
1609 if (len != sizeof(*cp))
1610 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1611 EINVAL);
1612
1613 hdev = hci_dev_get(index);
1614 if (!hdev)
1615 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1616 ENODEV);
1617
8c156c32 1618 hci_dev_lock_bh(hdev);
2763eda6
SJ		 1619
1620 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1621 if (err < 0)
1622 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1623 -err);
1624 else
1625 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1626 NULL, 0);
1627
8c156c32 1628 hci_dev_unlock_bh(hdev);
2763eda6
SJ		 1629 hci_dev_put(hdev);
1630
1631 return err;
1632}
1633
14a53664
JH		 1634static int start_discovery(struct sock *sk, u16 index)
1635{
14a53664
JH		 1636 struct pending_cmd *cmd;
1637 struct hci_dev *hdev;
1638 int err;
1639
1640 BT_DBG("hci%u", index);
1641
1642 hdev = hci_dev_get(index);
1643 if (!hdev)
1644 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1645
1646 hci_dev_lock_bh(hdev);
1647
bd2d1334
JH		 1648 if (!test_bit(HCI_UP, &hdev->flags)) {
1649 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENETDOWN);
1650 goto failed;
1651 }
1652
14a53664
JH		 1653 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1654 if (!cmd) {
1655 err = -ENOMEM;
1656 goto failed;
1657 }
1658
2519a1fc 1659 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
14a53664
JH		 1660 if (err < 0)
1661 mgmt_pending_remove(cmd);
1662
1663failed:
1664 hci_dev_unlock_bh(hdev);
1665 hci_dev_put(hdev);
1666
1667 return err;
1668}
1669
1670static int stop_discovery(struct sock *sk, u16 index)
1671{
1672 struct hci_dev *hdev;
1673 struct pending_cmd *cmd;
1674 int err;
1675
1676 BT_DBG("hci%u", index);
1677
1678 hdev = hci_dev_get(index);
1679 if (!hdev)
1680 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1681
1682 hci_dev_lock_bh(hdev);
1683
1684 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1685 if (!cmd) {
1686 err = -ENOMEM;
1687 goto failed;
1688 }
1689
023d5049 1690 err = hci_cancel_inquiry(hdev);
14a53664
JH		 1691 if (err < 0)
1692 mgmt_pending_remove(cmd);
1693
1694failed:
1695 hci_dev_unlock_bh(hdev);
1696 hci_dev_put(hdev);
1697
1698 return err;
1699}
1700
7fbec224
AJ		 1701static int block_device(struct sock *sk, u16 index, unsigned char *data,
1702 u16 len)
1703{
1704 struct hci_dev *hdev;
5e762444 1705 struct mgmt_cp_block_device *cp = (void *) data;
7fbec224
AJ		 1706 int err;
1707
1708 BT_DBG("hci%u", index);
1709
7fbec224
AJ		 1710 if (len != sizeof(*cp))
1711 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1712 EINVAL);
1713
1714 hdev = hci_dev_get(index);
1715 if (!hdev)
1716 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1717 ENODEV);
1718
5e762444
AJ		 1719 hci_dev_lock_bh(hdev);
1720
7fbec224 1721 err = hci_blacklist_add(hdev, &cp->bdaddr);
7fbec224
AJ		 1722 if (err < 0)
1723 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1724 else
1725 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1726 NULL, 0);
5e762444 1727
5e762444 1728 hci_dev_unlock_bh(hdev);
7fbec224
AJ		 1729 hci_dev_put(hdev);
1730
1731 return err;
1732}
1733
1734static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1735 u16 len)
1736{
1737 struct hci_dev *hdev;
5e762444 1738 struct mgmt_cp_unblock_device *cp = (void *) data;
7fbec224
AJ		 1739 int err;
1740
1741 BT_DBG("hci%u", index);
1742
7fbec224
AJ		 1743 if (len != sizeof(*cp))
1744 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1745 EINVAL);
1746
1747 hdev = hci_dev_get(index);
1748 if (!hdev)
1749 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1750 ENODEV);
1751
5e762444
AJ		 1752 hci_dev_lock_bh(hdev);
1753
7fbec224
AJ		 1754 err = hci_blacklist_del(hdev, &cp->bdaddr);
1755
1756 if (err < 0)
1757 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1758 else
1759 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1760 NULL, 0);
5e762444 1761
5e762444 1762 hci_dev_unlock_bh(hdev);
7fbec224
AJ		 1763 hci_dev_put(hdev);
1764
1765 return err;
1766}
1767
f6422ec6
AJ		 1768static int set_fast_connectable(struct sock *sk, u16 index,
1769 unsigned char *data, u16 len)
1770{
1771 struct hci_dev *hdev;
1772 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1773 struct hci_cp_write_page_scan_activity acp;
1774 u8 type;
1775 int err;
1776
1777 BT_DBG("hci%u", index);
1778
1779 if (len != sizeof(*cp))
1780 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1781 EINVAL);
1782
1783 hdev = hci_dev_get(index);
1784 if (!hdev)
1785 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1786 ENODEV);
1787
1788 hci_dev_lock(hdev);
1789
1790 if (cp->enable) {
1791 type = PAGE_SCAN_TYPE_INTERLACED;
1792 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1793 } else {
1794 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1795 acp.interval = 0x0800; /* default 1.28 sec page scan */
1796 }
1797
1798 acp.window = 0x0012; /* default 11.25 msec page scan window */
1799
1800 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1801 sizeof(acp), &acp);
1802 if (err < 0) {
1803 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1804 -err);
1805 goto done;
1806 }
1807
1808 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1809 if (err < 0) {
1810 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1811 -err);
1812 goto done;
1813 }
1814
1815 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1816 NULL, 0);
1817done:
1818 hci_dev_unlock(hdev);
1819 hci_dev_put(hdev);
1820
1821 return err;
1822}
1823
0381101f
JH		 1824int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1825{
1826 unsigned char *buf;
1827 struct mgmt_hdr *hdr;
4e51eae9 1828 u16 opcode, index, len;
0381101f
JH		 1829 int err;
1830
1831 BT_DBG("got %zu bytes", msglen);
1832
1833 if (msglen < sizeof(*hdr))
1834 return -EINVAL;
1835
e63a15ec 1836 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 1837 if (!buf)
1838 return -ENOMEM;
1839
1840 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1841 err = -EFAULT;
1842 goto done;
1843 }
1844
1845 hdr = (struct mgmt_hdr *) buf;
1846 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 1847 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 1848 len = get_unaligned_le16(&hdr->len);
1849
1850 if (len != msglen - sizeof(*hdr)) {
1851 err = -EINVAL;
1852 goto done;
1853 }
1854
1855 switch (opcode) {
02d98129
JH		 1856 case MGMT_OP_READ_VERSION:
1857 err = read_version(sk);
1858 break;
faba42eb
JH		 1859 case MGMT_OP_READ_INDEX_LIST:
1860 err = read_index_list(sk);
1861 break;
f7b64e69 1862 case MGMT_OP_READ_INFO:
4e51eae9 1863 err = read_controller_info(sk, index);
f7b64e69 1864 break;
eec8d2bc 1865 case MGMT_OP_SET_POWERED:
4e51eae9 1866 err = set_powered(sk, index, buf + sizeof(*hdr), len);
eec8d2bc 1867 break;
73f22f62 1868 case MGMT_OP_SET_DISCOVERABLE:
4e51eae9 1869 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
73f22f62 1870 break;
9fbcbb45 1871 case MGMT_OP_SET_CONNECTABLE:
4e51eae9 1872 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
9fbcbb45 1873 break;
c542a06c 1874 case MGMT_OP_SET_PAIRABLE:
4e51eae9 1875 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
c542a06c 1876 break;
2aeb9a1a 1877 case MGMT_OP_ADD_UUID:
4e51eae9 1878 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a
JH		 1879 break;
1880 case MGMT_OP_REMOVE_UUID:
4e51eae9 1881 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a 1882 break;
1aff6f09 1883 case MGMT_OP_SET_DEV_CLASS:
4e51eae9 1884 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1aff6f09
JH		 1885 break;
1886 case MGMT_OP_SET_SERVICE_CACHE:
4e51eae9 1887 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1aff6f09 1888 break;
86742e1e
JH		 1889 case MGMT_OP_LOAD_LINK_KEYS:
1890 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
55ed8ca1 1891 break;
86742e1e
JH		 1892 case MGMT_OP_REMOVE_KEYS:
1893 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
55ed8ca1 1894 break;
8962ee74 1895 case MGMT_OP_DISCONNECT:
4e51eae9 1896 err = disconnect(sk, index, buf + sizeof(*hdr), len);
8962ee74 1897 break;
2784eb41 1898 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 1899 err = get_connections(sk, index);
2784eb41 1900 break;
980e1a53 1901 case MGMT_OP_PIN_CODE_REPLY:
4e51eae9 1902 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53
JH		 1903 break;
1904 case MGMT_OP_PIN_CODE_NEG_REPLY:
4e51eae9 1905 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53 1906 break;
17fa4b9d 1907 case MGMT_OP_SET_IO_CAPABILITY:
4e51eae9 1908 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
17fa4b9d 1909 break;
e9a416b5 1910 case MGMT_OP_PAIR_DEVICE:
4e51eae9 1911 err = pair_device(sk, index, buf + sizeof(*hdr), len);
e9a416b5 1912 break;
a5c29683 1913 case MGMT_OP_USER_CONFIRM_REPLY:
4e51eae9 1914 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
a5c29683
JH		 1915 break;
1916 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
4e51eae9 1917 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
a5c29683 1918 break;
b312b161
JH		 1919 case MGMT_OP_SET_LOCAL_NAME:
1920 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1921 break;
c35938b2
SJ		 1922 case MGMT_OP_READ_LOCAL_OOB_DATA:
1923 err = read_local_oob_data(sk, index);
1924 break;
2763eda6
SJ		 1925 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1926 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1927 break;
1928 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1929 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1930 len);
1931 break;
14a53664
JH		 1932 case MGMT_OP_START_DISCOVERY:
1933 err = start_discovery(sk, index);
1934 break;
1935 case MGMT_OP_STOP_DISCOVERY:
1936 err = stop_discovery(sk, index);
1937 break;
7fbec224
AJ		 1938 case MGMT_OP_BLOCK_DEVICE:
1939 err = block_device(sk, index, buf + sizeof(*hdr), len);
1940 break;
1941 case MGMT_OP_UNBLOCK_DEVICE:
1942 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1943 break;
f6422ec6
AJ		 1944 case MGMT_OP_SET_FAST_CONNECTABLE:
1945 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1946 len);
1947 break;
0381101f
JH		 1948 default:
1949 BT_DBG("Unknown op %u", opcode);
4e51eae9 1950 err = cmd_status(sk, index, opcode, 0x01);
0381101f
JH		 1951 break;
1952 }
1953
e41d8b4e
JH		 1954 if (err < 0)
1955 goto done;
1956
0381101f
JH		 1957 err = msglen;
1958
1959done:
1960 kfree(buf);
1961 return err;
1962}
c71e97bf 1963
b24752fe
JH		 1964static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
1965{
1966 u8 *status = data;
1967
1968 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
1969 mgmt_pending_remove(cmd);
1970}
1971
744cf19e 1972int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 1973{
744cf19e 1974 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 1975}
1976
744cf19e 1977int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 1978{
b24752fe
JH		 1979 u8 status = ENODEV;
1980
744cf19e 1981 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 1982
744cf19e 1983 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 1984}
1985
73f22f62 1986struct cmd_lookup {
72a734ec 1987 u8 val;
eec8d2bc
JH		 1988 struct sock *sk;
1989};
1990
72a734ec 1991static void mode_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 1992{
c68fb7ff 1993 struct mgmt_mode *cp = cmd->param;
73f22f62 1994 struct cmd_lookup *match = data;
eec8d2bc 1995
72a734ec 1996 if (cp->val != match->val)
eec8d2bc
JH		 1997 return;
1998
053f0211 1999 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
eec8d2bc
JH		 2000
2001 list_del(&cmd->list);
2002
2003 if (match->sk == NULL) {
2004 match->sk = cmd->sk;
2005 sock_hold(match->sk);
2006 }
2007
2008 mgmt_pending_free(cmd);
c71e97bf 2009}
5add6af8 2010
744cf19e 2011int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2012{
72a734ec 2013 struct mgmt_mode ev;
73f22f62 2014 struct cmd_lookup match = { powered, NULL };
eec8d2bc 2015 int ret;
5add6af8 2016
744cf19e 2017 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, mode_rsp, &match);
5add6af8 2018
b24752fe
JH		 2019 if (!powered) {
2020 u8 status = ENETDOWN;
744cf19e 2021 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2022 }
2023
72a734ec 2024 ev.val = powered;
eec8d2bc 2025
744cf19e 2026 ret = mgmt_event(MGMT_EV_POWERED, hdev, &ev, sizeof(ev), match.sk);
eec8d2bc
JH		 2027
2028 if (match.sk)
2029 sock_put(match.sk);
2030
2031 return ret;
5add6af8 2032}
73f22f62 2033
744cf19e 2034int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2035{
72a734ec 2036 struct mgmt_mode ev;
73f22f62
JH		 2037 struct cmd_lookup match = { discoverable, NULL };
2038 int ret;
2039
744cf19e 2040 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, mode_rsp, &match);
72a734ec 2041
72a734ec 2042 ev.val = discoverable;
73f22f62 2043
744cf19e 2044 ret = mgmt_event(MGMT_EV_DISCOVERABLE, hdev, &ev, sizeof(ev),
4e51eae9 2045 match.sk);
73f22f62
JH		 2046
2047 if (match.sk)
2048 sock_put(match.sk);
2049
2050 return ret;
2051}
9fbcbb45 2052
744cf19e 2053int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2054{
72a734ec 2055 struct mgmt_mode ev;
9fbcbb45
JH		 2056 struct cmd_lookup match = { connectable, NULL };
2057 int ret;
2058
744cf19e 2059 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, mode_rsp, &match);
9fbcbb45 2060
72a734ec 2061 ev.val = connectable;
9fbcbb45 2062
744cf19e 2063 ret = mgmt_event(MGMT_EV_CONNECTABLE, hdev, &ev, sizeof(ev), match.sk);
9fbcbb45
JH		 2064
2065 if (match.sk)
2066 sock_put(match.sk);
2067
2068 return ret;
2069}
55ed8ca1 2070
744cf19e 2071int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58
JH		 2072{
2073 if (scan & SCAN_PAGE)
744cf19e 2074 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
2d7cee58
JH		 2075 cmd_status_rsp, &status);
2076
2077 if (scan & SCAN_INQUIRY)
744cf19e 2078 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
2d7cee58
JH		 2079 cmd_status_rsp, &status);
2080
2081 return 0;
2082}
2083
744cf19e
JH		 2084int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2085 u8 persistent)
55ed8ca1 2086{
86742e1e 2087 struct mgmt_ev_new_link_key ev;
55ed8ca1 2088
a492cd52 2089 memset(&ev, 0, sizeof(ev));
55ed8ca1 2090
a492cd52
VCG		 2091 ev.store_hint = persistent;
2092 bacpy(&ev.key.bdaddr, &key->bdaddr);
2093 ev.key.type = key->type;
2094 memcpy(ev.key.val, key->val, 16);
2095 ev.key.pin_len = key->pin_len;
55ed8ca1 2096
744cf19e 2097 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 2098}
f7520543 2099
744cf19e 2100int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type)
f7520543 2101{
4c659c39 2102 struct mgmt_addr_info ev;
f7520543 2103
f7520543 2104 bacpy(&ev.bdaddr, bdaddr);
4c659c39 2105 ev.type = link_to_mgmt(link_type);
f7520543 2106
744cf19e 2107 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
f7520543
JH		 2108}
2109
8962ee74
JH		 2110static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2111{
c68fb7ff 2112 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 2113 struct sock **sk = data;
a38528f1 2114 struct mgmt_rp_disconnect rp;
8962ee74 2115
a38528f1 2116 bacpy(&rp.bdaddr, &cp->bdaddr);
8962ee74 2117
4e51eae9 2118 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
8962ee74
JH		 2119
2120 *sk = cmd->sk;
2121 sock_hold(*sk);
2122
a664b5bc 2123 mgmt_pending_remove(cmd);
8962ee74
JH		 2124}
2125
744cf19e 2126int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
f7520543 2127{
4c659c39 2128 struct mgmt_addr_info ev;
8962ee74
JH		 2129 struct sock *sk = NULL;
2130 int err;
2131
744cf19e 2132 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 2133
f7520543 2134 bacpy(&ev.bdaddr, bdaddr);
4c659c39 2135 ev.type = link_to_mgmt(type);
f7520543 2136
744cf19e 2137 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
8962ee74
JH		 2138
2139 if (sk)
2140 sock_put(sk);
2141
2142 return err;
2143}
2144
744cf19e 2145int mgmt_disconnect_failed(struct hci_dev *hdev)
8962ee74
JH		 2146{
2147 struct pending_cmd *cmd;
2148 int err;
2149
744cf19e 2150 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev->id);
8962ee74
JH		 2151 if (!cmd)
2152 return -ENOENT;
2153
744cf19e 2154 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT, EIO);
8962ee74 2155
a664b5bc 2156 mgmt_pending_remove(cmd);
8962ee74
JH		 2157
2158 return err;
f7520543 2159}
17d5c04c 2160
744cf19e
JH		 2161int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type,
2162 u8 status)
17d5c04c
JH		 2163{
2164 struct mgmt_ev_connect_failed ev;
2165
4c659c39
JH		 2166 bacpy(&ev.addr.bdaddr, bdaddr);
2167 ev.addr.type = link_to_mgmt(type);
17d5c04c
JH		 2168 ev.status = status;
2169
744cf19e 2170 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 2171}
980e1a53 2172
744cf19e 2173int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 2174{
2175 struct mgmt_ev_pin_code_request ev;
2176
980e1a53 2177 bacpy(&ev.bdaddr, bdaddr);
a770bb5a 2178 ev.secure = secure;
980e1a53 2179
744cf19e 2180 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 2181 NULL);
980e1a53
JH		 2182}
2183
744cf19e
JH		 2184int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2185 u8 status)
980e1a53
JH		 2186{
2187 struct pending_cmd *cmd;
ac56fb13 2188 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2189 int err;
2190
744cf19e 2191 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev->id);
980e1a53
JH		 2192 if (!cmd)
2193 return -ENOENT;
2194
ac56fb13
JH		 2195 bacpy(&rp.bdaddr, bdaddr);
2196 rp.status = status;
2197
744cf19e 2198 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
4e51eae9 2199 sizeof(rp));
980e1a53 2200
a664b5bc 2201 mgmt_pending_remove(cmd);
980e1a53
JH		 2202
2203 return err;
2204}
2205
744cf19e
JH		 2206int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2207 u8 status)
980e1a53
JH		 2208{
2209 struct pending_cmd *cmd;
ac56fb13 2210 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2211 int err;
2212
744cf19e 2213 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev->id);
980e1a53
JH		 2214 if (!cmd)
2215 return -ENOENT;
2216
ac56fb13
JH		 2217 bacpy(&rp.bdaddr, bdaddr);
2218 rp.status = status;
2219
744cf19e 2220 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
4e51eae9 2221 sizeof(rp));
980e1a53 2222
a664b5bc 2223 mgmt_pending_remove(cmd);
980e1a53
JH		 2224
2225 return err;
2226}
a5c29683 2227
744cf19e
JH		 2228int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2229 __le32 value, u8 confirm_hint)
a5c29683
JH		 2230{
2231 struct mgmt_ev_user_confirm_request ev;
2232
744cf19e 2233 BT_DBG("%s", hdev->name);
a5c29683 2234
a5c29683 2235 bacpy(&ev.bdaddr, bdaddr);
55bc1a37 2236 ev.confirm_hint = confirm_hint;
a5c29683
JH		 2237 put_unaligned_le32(value, &ev.value);
2238
744cf19e 2239 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 2240 NULL);
a5c29683
JH		 2241}
2242
744cf19e
JH		 2243static int confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2244 u8 status, u8 opcode)
a5c29683
JH		 2245{
2246 struct pending_cmd *cmd;
2247 struct mgmt_rp_user_confirm_reply rp;
2248 int err;
2249
744cf19e 2250 cmd = mgmt_pending_find(opcode, hdev->id);
a5c29683
JH		 2251 if (!cmd)
2252 return -ENOENT;
2253
a5c29683
JH		 2254 bacpy(&rp.bdaddr, bdaddr);
2255 rp.status = status;
744cf19e 2256 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
a5c29683 2257
a664b5bc 2258 mgmt_pending_remove(cmd);
a5c29683
JH		 2259
2260 return err;
2261}
2262
744cf19e
JH		 2263int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2264 u8 status)
a5c29683 2265{
744cf19e 2266 return confirm_reply_complete(hdev, bdaddr, status,
a5c29683
JH		 2267 MGMT_OP_USER_CONFIRM_REPLY);
2268}
2269
744cf19e
JH		 2270int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2271 bdaddr_t *bdaddr, u8 status)
a5c29683 2272{
744cf19e 2273 return confirm_reply_complete(hdev, bdaddr, status,
a5c29683
JH		 2274 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2275}
2a611692 2276
744cf19e 2277int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2a611692
JH		 2278{
2279 struct mgmt_ev_auth_failed ev;
2280
2a611692
JH		 2281 bacpy(&ev.bdaddr, bdaddr);
2282 ev.status = status;
2283
744cf19e 2284 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 2285}
b312b161 2286
744cf19e 2287int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 2288{
2289 struct pending_cmd *cmd;
2290 struct mgmt_cp_set_local_name ev;
2291 int err;
2292
2293 memset(&ev, 0, sizeof(ev));
2294 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2295
744cf19e 2296 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev->id);
b312b161
JH		 2297 if (!cmd)
2298 goto send_event;
2299
2300 if (status) {
744cf19e
JH		 2301 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2302 EIO);
b312b161
JH		 2303 goto failed;
2304 }
2305
744cf19e
JH		 2306 hci_dev_lock_bh(hdev);
2307 update_eir(hdev);
2308 hci_dev_unlock_bh(hdev);
80a1e1db 2309
744cf19e 2310 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
b312b161
JH		 2311 sizeof(ev));
2312 if (err < 0)
2313 goto failed;
2314
2315send_event:
744cf19e 2316 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
b312b161
JH		 2317 cmd ? cmd->sk : NULL);
2318
2319failed:
2320 if (cmd)
2321 mgmt_pending_remove(cmd);
2322 return err;
2323}
c35938b2 2324
744cf19e
JH		 2325int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2326 u8 *randomizer, u8 status)
c35938b2
SJ		 2327{
2328 struct pending_cmd *cmd;
2329 int err;
2330
744cf19e 2331 BT_DBG("%s status %u", hdev->name, status);
c35938b2 2332
744cf19e 2333 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev->id);
c35938b2
SJ		 2334 if (!cmd)
2335 return -ENOENT;
2336
2337 if (status) {
744cf19e
JH		 2338 err = cmd_status(cmd->sk, hdev->id,
2339 MGMT_OP_READ_LOCAL_OOB_DATA, EIO);
c35938b2
SJ		 2340 } else {
2341 struct mgmt_rp_read_local_oob_data rp;
2342
2343 memcpy(rp.hash, hash, sizeof(rp.hash));
2344 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2345
744cf19e
JH		 2346 err = cmd_complete(cmd->sk, hdev->id,
2347 MGMT_OP_READ_LOCAL_OOB_DATA,
2348 &rp, sizeof(rp));
c35938b2
SJ		 2349 }
2350
2351 mgmt_pending_remove(cmd);
2352
2353 return err;
2354}
e17acd40 2355
744cf19e
JH		 2356int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type,
2357 u8 *dev_class, s8 rssi, u8 *eir)
e17acd40
JH		 2358{
2359 struct mgmt_ev_device_found ev;
2360
2361 memset(&ev, 0, sizeof(ev));
2362
4c659c39
JH		 2363 bacpy(&ev.addr.bdaddr, bdaddr);
2364 ev.addr.type = link_to_mgmt(type);
e17acd40
JH		 2365 ev.rssi = rssi;
2366
2367 if (eir)
2368 memcpy(ev.eir, eir, sizeof(ev.eir));
2369
f8523598
AG		 2370 if (dev_class)
2371 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2372
744cf19e 2373 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
e17acd40 2374}
a88a9652 2375
744cf19e 2376int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
a88a9652
JH		 2377{
2378 struct mgmt_ev_remote_name ev;
2379
2380 memset(&ev, 0, sizeof(ev));
2381
2382 bacpy(&ev.bdaddr, bdaddr);
2383 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2384
744cf19e 2385 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
a88a9652 2386}
314b2381 2387
744cf19e 2388int mgmt_inquiry_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 2389{
2390 struct pending_cmd *cmd;
2391 int err;
2392
744cf19e 2393 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev->id);
164a6e78
JH		 2394 if (!cmd)
2395 return -ENOENT;
2396
744cf19e 2397 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, status);
164a6e78
JH		 2398 mgmt_pending_remove(cmd);
2399
2400 return err;
2401}
2402
744cf19e 2403int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 2404{
164a6e78
JH		 2405 struct pending_cmd *cmd;
2406
2407 if (discovering)
744cf19e 2408 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev->id);
164a6e78 2409 else
744cf19e 2410 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev->id);
164a6e78
JH		 2411
2412 if (cmd != NULL) {
744cf19e 2413 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
164a6e78
JH		 2414 mgmt_pending_remove(cmd);
2415 }
2416
744cf19e 2417 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
314b2381
JH		 2418 sizeof(discovering), NULL);
2419}
5e762444 2420
744cf19e 2421int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
5e762444
AJ		 2422{
2423 struct pending_cmd *cmd;
2424 struct mgmt_ev_device_blocked ev;
2425
744cf19e 2426 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev->id);
5e762444
AJ		 2427
2428 bacpy(&ev.bdaddr, bdaddr);
2429
744cf19e
JH		 2430 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2431 cmd ? cmd->sk : NULL);
5e762444
AJ		 2432}
2433
744cf19e 2434int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
5e762444
AJ		 2435{
2436 struct pending_cmd *cmd;
2437 struct mgmt_ev_device_unblocked ev;
2438
744cf19e 2439 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev->id);
5e762444
AJ		 2440
2441 bacpy(&ev.bdaddr, bdaddr);
2442
744cf19e
JH		 2443 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2444 cmd ? cmd->sk : NULL);
5e762444 2445}
Linux kernel - Deliverables
This page took 0.198932 seconds and 5 git commands to generate.