projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: rename hci_conn_put to hci_conn_drop
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
3810285c 38#define MGMT_REVISION 3
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
612dfce9 225 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
612dfce9 256 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
476e44cb 329 int err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
476e44cb 350 count = 0;
8035ded4 351 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 352 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 353 continue;
354
bb4b2a9a
AE		 355 if (!mgmt_valid_hdev(d))
356 continue;
357
476e44cb 358 rp->index[count++] = cpu_to_le16(d->id);
faba42eb
JH		 359 BT_DBG("Added hci%u", d->id);
360 }
361
476e44cb
JH		 362 rp->num_controllers = cpu_to_le16(count);
363 rp_len = sizeof(*rp) + (2 * count);
364
faba42eb
JH		 365 read_unlock(&hci_dev_list_lock);
366
aee9b218 367 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 368 rp_len);
faba42eb 369
a38528f1
JH		 370 kfree(rp);
371
372 return err;
faba42eb
JH		 373}
374
69ab39ea
JH		 375static u32 get_supported_settings(struct hci_dev *hdev)
376{
377 u32 settings = 0;
378
379 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 380 settings |= MGMT_SETTING_PAIRABLE;
381
9a1a1996 382 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 383 settings |= MGMT_SETTING_SSP;
384
ed3fa31f 385 if (lmp_bredr_capable(hdev)) {
33c525c0 386 settings |= MGMT_SETTING_CONNECTABLE;
1a47aee8
JH		 387 if (hdev->hci_ver >= BLUETOOTH_VER_1_2)
388 settings |= MGMT_SETTING_FAST_CONNECTABLE;
33c525c0 389 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 390 settings |= MGMT_SETTING_BREDR;
391 settings |= MGMT_SETTING_LINK_SECURITY;
392 }
393
d7b7e796
MH		 394 if (enable_hs)
395 settings |= MGMT_SETTING_HS;
396
c383ddc4 397 if (lmp_le_capable(hdev))
9d42820f 398 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 399
400 return settings;
401}
402
403static u32 get_current_settings(struct hci_dev *hdev)
404{
405 u32 settings = 0;
406
f1f0eb02 407 if (hdev_is_powered(hdev))
f0d4b78a
MH		 408 settings |= MGMT_SETTING_POWERED;
409
5e5282bb 410 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 411 settings |= MGMT_SETTING_CONNECTABLE;
412
1a4d3c4b
JH		 413 if (test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
414 settings |= MGMT_SETTING_FAST_CONNECTABLE;
415
5e5282bb 416 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 417 settings |= MGMT_SETTING_DISCOVERABLE;
418
a8b2d5c2 419 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 420 settings |= MGMT_SETTING_PAIRABLE;
421
ed3fa31f 422 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 423 settings |= MGMT_SETTING_BREDR;
424
06199cf8 425 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 426 settings |= MGMT_SETTING_LE;
427
47990ea0 428 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 429 settings |= MGMT_SETTING_LINK_SECURITY;
430
84bde9d6 431 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 432 settings |= MGMT_SETTING_SSP;
433
6d80dfd0
JH		 434 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
435 settings |= MGMT_SETTING_HS;
436
69ab39ea
JH		 437 return settings;
438}
439
ef580372
JH		 440#define PNP_INFO_SVCLASS_ID 0x1200
441
213202ed
JH		 442static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
443{
444 u8 *ptr = data, *uuids_start = NULL;
445 struct bt_uuid *uuid;
446
447 if (len < 4)
448 return ptr;
449
450 list_for_each_entry(uuid, &hdev->uuids, list) {
451 u16 uuid16;
452
453 if (uuid->size != 16)
454 continue;
455
456 uuid16 = get_unaligned_le16(&uuid->uuid[12]);
457 if (uuid16 < 0x1100)
458 continue;
459
460 if (uuid16 == PNP_INFO_SVCLASS_ID)
461 continue;
462
463 if (!uuids_start) {
464 uuids_start = ptr;
465 uuids_start[0] = 1;
466 uuids_start[1] = EIR_UUID16_ALL;
467 ptr += 2;
468 }
469
470 /* Stop if not enough space to put next UUID */
471 if ((ptr - data) + sizeof(u16) > len) {
472 uuids_start[1] = EIR_UUID16_SOME;
473 break;
474 }
475
476 *ptr++ = (uuid16 & 0x00ff);
477 *ptr++ = (uuid16 & 0xff00) >> 8;
478 uuids_start[0] += sizeof(uuid16);
479 }
480
481 return ptr;
482}
483
cdf1963f
JH		 484static u8 *create_uuid32_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
485{
486 u8 *ptr = data, *uuids_start = NULL;
487 struct bt_uuid *uuid;
488
489 if (len < 6)
490 return ptr;
491
492 list_for_each_entry(uuid, &hdev->uuids, list) {
493 if (uuid->size != 32)
494 continue;
495
496 if (!uuids_start) {
497 uuids_start = ptr;
498 uuids_start[0] = 1;
499 uuids_start[1] = EIR_UUID32_ALL;
500 ptr += 2;
501 }
502
503 /* Stop if not enough space to put next UUID */
504 if ((ptr - data) + sizeof(u32) > len) {
505 uuids_start[1] = EIR_UUID32_SOME;
506 break;
507 }
508
509 memcpy(ptr, &uuid->uuid[12], sizeof(u32));
510 ptr += sizeof(u32);
511 uuids_start[0] += sizeof(u32);
512 }
513
514 return ptr;
515}
516
c00d575b
JH		 517static u8 *create_uuid128_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
518{
519 u8 *ptr = data, *uuids_start = NULL;
520 struct bt_uuid *uuid;
521
522 if (len < 18)
523 return ptr;
524
525 list_for_each_entry(uuid, &hdev->uuids, list) {
526 if (uuid->size != 128)
527 continue;
528
529 if (!uuids_start) {
530 uuids_start = ptr;
531 uuids_start[0] = 1;
532 uuids_start[1] = EIR_UUID128_ALL;
533 ptr += 2;
534 }
535
536 /* Stop if not enough space to put next UUID */
537 if ((ptr - data) + 16 > len) {
538 uuids_start[1] = EIR_UUID128_SOME;
539 break;
540 }
541
542 memcpy(ptr, uuid->uuid, 16);
543 ptr += 16;
544 uuids_start[0] += 16;
545 }
546
547 return ptr;
548}
549
ef580372
JH		 550static void create_eir(struct hci_dev *hdev, u8 *data)
551{
552 u8 *ptr = data;
ef580372
JH		 553 size_t name_len;
554
555 name_len = strlen(hdev->dev_name);
556
557 if (name_len > 0) {
558 /* EIR Data type */
559 if (name_len > 48) {
560 name_len = 48;
561 ptr[1] = EIR_NAME_SHORT;
562 } else
563 ptr[1] = EIR_NAME_COMPLETE;
564
565 /* EIR Data length */
566 ptr[0] = name_len + 1;
567
568 memcpy(ptr + 2, hdev->dev_name, name_len);
569
ef580372
JH		 570 ptr += (name_len + 2);
571 }
572
bbaf444a 573 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 574 ptr[0] = 2;
575 ptr[1] = EIR_TX_POWER;
576 ptr[2] = (u8) hdev->inq_tx_power;
577
91c4e9b1
MH		 578 ptr += 3;
579 }
580
2b9be137
MH		 581 if (hdev->devid_source > 0) {
582 ptr[0] = 9;
583 ptr[1] = EIR_DEVICE_ID;
584
585 put_unaligned_le16(hdev->devid_source, ptr + 2);
586 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
587 put_unaligned_le16(hdev->devid_product, ptr + 6);
588 put_unaligned_le16(hdev->devid_version, ptr + 8);
589
2b9be137
MH		 590 ptr += 10;
591 }
592
213202ed 593 ptr = create_uuid16_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
cdf1963f 594 ptr = create_uuid32_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
c00d575b 595 ptr = create_uuid128_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
ef580372
JH		 596}
597
890ea898 598static void update_eir(struct hci_request *req)
ef580372 599{
890ea898 600 struct hci_dev *hdev = req->hdev;
ef580372
JH		 601 struct hci_cp_write_eir cp;
602
504c8dcd 603 if (!hdev_is_powered(hdev))
890ea898 604 return;
7770c4aa 605
976eb20e 606 if (!lmp_ext_inq_capable(hdev))
890ea898 607 return;
ef580372 608
84bde9d6 609 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 610 return;
ef580372 611
a8b2d5c2 612 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 613 return;
ef580372
JH		 614
615 memset(&cp, 0, sizeof(cp));
616
617 create_eir(hdev, cp.data);
618
619 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
890ea898 620 return;
ef580372
JH		 621
622 memcpy(hdev->eir, cp.data, sizeof(cp.data));
623
890ea898 624 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
ef580372
JH		 625}
626
627static u8 get_service_classes(struct hci_dev *hdev)
628{
629 struct bt_uuid *uuid;
630 u8 val = 0;
631
632 list_for_each_entry(uuid, &hdev->uuids, list)
633 val |= uuid->svc_hint;
634
635 return val;
636}
637
890ea898 638static void update_class(struct hci_request *req)
ef580372 639{
890ea898 640 struct hci_dev *hdev = req->hdev;
ef580372
JH		 641 u8 cod[3];
642
643 BT_DBG("%s", hdev->name);
644
504c8dcd 645 if (!hdev_is_powered(hdev))
890ea898 646 return;
7770c4aa 647
a8b2d5c2 648 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 649 return;
ef580372
JH		 650
651 cod[0] = hdev->minor_class;
652 cod[1] = hdev->major_class;
653 cod[2] = get_service_classes(hdev);
654
655 if (memcmp(cod, hdev->dev_class, 3) == 0)
890ea898 656 return;
ef580372 657
890ea898 658 hci_req_add(req, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
ef580372
JH		 659}
660
7d78525d
JH		 661static void service_cache_off(struct work_struct *work)
662{
663 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 664 service_cache.work);
890ea898 665 struct hci_request req;
7d78525d 666
a8b2d5c2 667 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 668 return;
669
890ea898
JH		 670 hci_req_init(&req, hdev);
671
7d78525d
JH		 672 hci_dev_lock(hdev);
673
890ea898
JH		 674 update_eir(&req);
675 update_class(&req);
7d78525d
JH		 676
677 hci_dev_unlock(hdev);
890ea898
JH		 678
679 hci_req_run(&req, NULL);
7d78525d
JH		 680}
681
6a919082 682static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 683{
4f87da80 684 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 685 return;
686
4f87da80 687 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 688
4f87da80
JH		 689 /* Non-mgmt controlled devices get this bit set
690 * implicitly so that pairing works for them, however
691 * for mgmt we require user-space to explicitly enable
692 * it
693 */
694 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 695}
696
0f4e68cf 697static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 698 void *data, u16 data_len)
0381101f 699{
a38528f1 700 struct mgmt_rp_read_info rp;
f7b64e69 701
bdb6d971 702 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 703
09fd0de5 704 hci_dev_lock(hdev);
f7b64e69 705
dc4fe30b
JH		 706 memset(&rp, 0, sizeof(rp));
707
69ab39ea 708 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 709
69ab39ea 710 rp.version = hdev->hci_ver;
eb55ef07 711 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 712
713 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
714 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 715
a38528f1 716 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 717
dc4fe30b 718 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 719 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 720
09fd0de5 721 hci_dev_unlock(hdev);
0381101f 722
bdb6d971 723 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 724 sizeof(rp));
0381101f
JH		 725}
726
eec8d2bc
JH		 727static void mgmt_pending_free(struct pending_cmd *cmd)
728{
729 sock_put(cmd->sk);
c68fb7ff 730 kfree(cmd->param);
eec8d2bc
JH		 731 kfree(cmd);
732}
733
366a0336 734static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 735 struct hci_dev *hdev, void *data,
736 u16 len)
eec8d2bc
JH		 737{
738 struct pending_cmd *cmd;
739
12b94565 740 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 741 if (!cmd)
366a0336 742 return NULL;
eec8d2bc
JH		 743
744 cmd->opcode = opcode;
2e58ef3e 745 cmd->index = hdev->id;
eec8d2bc 746
12b94565 747 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 748 if (!cmd->param) {
eec8d2bc 749 kfree(cmd);
366a0336 750 return NULL;
eec8d2bc
JH		 751 }
752
8fce6357
SJ		 753 if (data)
754 memcpy(cmd->param, data, len);
eec8d2bc
JH		 755
756 cmd->sk = sk;
757 sock_hold(sk);
758
2e58ef3e 759 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 760
366a0336 761 return cmd;
eec8d2bc
JH		 762}
763
744cf19e 764static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 765 void (*cb)(struct pending_cmd *cmd,
766 void *data),
04124681 767 void *data)
eec8d2bc 768{
a3d09356 769 struct pending_cmd *cmd, *tmp;
eec8d2bc 770
a3d09356 771 list_for_each_entry_safe(cmd, tmp, &hdev->mgmt_pending, list) {
b24752fe 772 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 773 continue;
774
eec8d2bc
JH		 775 cb(cmd, data);
776 }
777}
778
2e58ef3e 779static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 780{
8035ded4 781 struct pending_cmd *cmd;
eec8d2bc 782
2e58ef3e 783 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 784 if (cmd->opcode == opcode)
785 return cmd;
eec8d2bc
JH		 786 }
787
788 return NULL;
789}
790
a664b5bc 791static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 792{
73f22f62
JH		 793 list_del(&cmd->list);
794 mgmt_pending_free(cmd);
795}
796
69ab39ea 797static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 798{
69ab39ea 799 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 800
aee9b218 801 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 802 sizeof(settings));
8680570b
JH		 803}
804
bdb6d971 805static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 806 u16 len)
eec8d2bc 807{
650f726d 808 struct mgmt_mode *cp = data;
366a0336 809 struct pending_cmd *cmd;
4b34ee78 810 int err;
eec8d2bc 811
bdb6d971 812 BT_DBG("request for %s", hdev->name);
eec8d2bc 813
a7e80f25
JH		 814 if (cp->val != 0x00 && cp->val != 0x01)
815 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
816 MGMT_STATUS_INVALID_PARAMS);
817
09fd0de5 818 hci_dev_lock(hdev);
eec8d2bc 819
f0d4b78a
MH		 820 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
821 cancel_delayed_work(&hdev->power_off);
822
823 if (cp->val) {
a1d70450
JH		 824 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
825 data, len);
826 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 827 goto failed;
828 }
829 }
830
4b34ee78 831 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 832 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 833 goto failed;
834 }
835
2e58ef3e 836 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 837 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 838 MGMT_STATUS_BUSY);
eec8d2bc
JH		 839 goto failed;
840 }
841
2e58ef3e 842 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 843 if (!cmd) {
844 err = -ENOMEM;
eec8d2bc 845 goto failed;
366a0336 846 }
eec8d2bc 847
72a734ec 848 if (cp->val)
19202573 849 queue_work(hdev->req_workqueue, &hdev->power_on);
eec8d2bc 850 else
19202573 851 queue_work(hdev->req_workqueue, &hdev->power_off.work);
eec8d2bc 852
366a0336 853 err = 0;
eec8d2bc
JH		 854
855failed:
09fd0de5 856 hci_dev_unlock(hdev);
366a0336 857 return err;
eec8d2bc
JH		 858}
859
04124681
GP		 860static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
861 struct sock *skip_sk)
beadb2bd
JH		 862{
863 struct sk_buff *skb;
864 struct mgmt_hdr *hdr;
865
790eff44 866 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 867 if (!skb)
868 return -ENOMEM;
869
870 hdr = (void *) skb_put(skb, sizeof(*hdr));
871 hdr->opcode = cpu_to_le16(event);
872 if (hdev)
873 hdr->index = cpu_to_le16(hdev->id);
874 else
612dfce9 875 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 876 hdr->len = cpu_to_le16(data_len);
877
878 if (data)
879 memcpy(skb_put(skb, data_len), data, data_len);
880
97e0bdeb
MH		 881 /* Time stamp */
882 __net_timestamp(skb);
883
beadb2bd
JH		 884 hci_send_to_control(skb, skip_sk);
885 kfree_skb(skb);
886
887 return 0;
888}
889
890static int new_settings(struct hci_dev *hdev, struct sock *skip)
891{
892 __le32 ev;
893
894 ev = cpu_to_le32(get_current_settings(hdev));
895
896 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
897}
898
bdb6d971 899static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 900 u16 len)
73f22f62 901{
650f726d 902 struct mgmt_cp_set_discoverable *cp = data;
366a0336 903 struct pending_cmd *cmd;
5e5282bb 904 u16 timeout;
73f22f62
JH		 905 u8 scan;
906 int err;
907
bdb6d971 908 BT_DBG("request for %s", hdev->name);
73f22f62 909
33c525c0
JH		 910 if (!lmp_bredr_capable(hdev))
911 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
912 MGMT_STATUS_NOT_SUPPORTED);
913
a7e80f25
JH		 914 if (cp->val != 0x00 && cp->val != 0x01)
915 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
916 MGMT_STATUS_INVALID_PARAMS);
917
1f350c87 918 timeout = __le16_to_cpu(cp->timeout);
24c54a90 919 if (!cp->val && timeout > 0)
bdb6d971 920 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 921 MGMT_STATUS_INVALID_PARAMS);
73f22f62 922
09fd0de5 923 hci_dev_lock(hdev);
73f22f62 924
5e5282bb 925 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 926 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 927 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 928 goto failed;
929 }
930
2e58ef3e 931 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 932 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 933 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 934 MGMT_STATUS_BUSY);
73f22f62
JH		 935 goto failed;
936 }
937
5e5282bb 938 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 939 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 940 MGMT_STATUS_REJECTED);
5e5282bb
JH		 941 goto failed;
942 }
943
944 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 945 bool changed = false;
946
947 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
948 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
949 changed = true;
950 }
951
5e5282bb 952 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 953 if (err < 0)
954 goto failed;
955
956 if (changed)
957 err = new_settings(hdev, sk);
958
5e5282bb
JH		 959 goto failed;
960 }
961
962 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 963 if (hdev->discov_timeout > 0) {
964 cancel_delayed_work(&hdev->discov_off);
965 hdev->discov_timeout = 0;
966 }
967
968 if (cp->val && timeout > 0) {
969 hdev->discov_timeout = timeout;
970 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
971 msecs_to_jiffies(hdev->discov_timeout * 1000));
972 }
973
69ab39ea 974 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 975 goto failed;
976 }
977
2e58ef3e 978 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 979 if (!cmd) {
980 err = -ENOMEM;
73f22f62 981 goto failed;
366a0336 982 }
73f22f62
JH		 983
984 scan = SCAN_PAGE;
985
72a734ec 986 if (cp->val)
73f22f62 987 scan |= SCAN_INQUIRY;
16ab91ab 988 else
e0f9309f 989 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 990
991 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
992 if (err < 0)
a664b5bc 993 mgmt_pending_remove(cmd);
73f22f62 994
16ab91ab 995 if (cp->val)
5e5282bb 996 hdev->discov_timeout = timeout;
16ab91ab 997
73f22f62 998failed:
09fd0de5 999 hci_dev_unlock(hdev);
73f22f62
JH		 1000 return err;
1001}
1002
406d7804
JH		 1003static void write_fast_connectable(struct hci_request *req, bool enable)
1004{
bd98b996 1005 struct hci_dev *hdev = req->hdev;
406d7804
JH		 1006 struct hci_cp_write_page_scan_activity acp;
1007 u8 type;
1008
4c01f8b8
JH		 1009 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
1010 return;
1011
406d7804
JH		 1012 if (enable) {
1013 type = PAGE_SCAN_TYPE_INTERLACED;
1014
1015 /* 160 msec page scan interval */
1016 acp.interval = __constant_cpu_to_le16(0x0100);
1017 } else {
1018 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1019
1020 /* default 1.28 sec page scan */
1021 acp.interval = __constant_cpu_to_le16(0x0800);
1022 }
1023
1024 acp.window = __constant_cpu_to_le16(0x0012);
1025
bd98b996
JH		 1026 if (__cpu_to_le16(hdev->page_scan_interval) != acp.interval ||
1027 __cpu_to_le16(hdev->page_scan_window) != acp.window)
1028 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1029 sizeof(acp), &acp);
1030
1031 if (hdev->page_scan_type != type)
1032 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
406d7804
JH		 1033}
1034
2b76f453
JH		 1035static void set_connectable_complete(struct hci_dev *hdev, u8 status)
1036{
1037 struct pending_cmd *cmd;
1038
1039 BT_DBG("status 0x%02x", status);
1040
1041 hci_dev_lock(hdev);
1042
1043 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
1044 if (!cmd)
1045 goto unlock;
1046
1047 send_settings_rsp(cmd->sk, MGMT_OP_SET_CONNECTABLE, hdev);
1048
1049 mgmt_pending_remove(cmd);
1050
1051unlock:
1052 hci_dev_unlock(hdev);
1053}
1054
bdb6d971 1055static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1056 u16 len)
9fbcbb45 1057{
650f726d 1058 struct mgmt_mode *cp = data;
366a0336 1059 struct pending_cmd *cmd;
2b76f453 1060 struct hci_request req;
9fbcbb45
JH		 1061 u8 scan;
1062 int err;
1063
bdb6d971 1064 BT_DBG("request for %s", hdev->name);
9fbcbb45 1065
33c525c0
JH		 1066 if (!lmp_bredr_capable(hdev))
1067 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1068 MGMT_STATUS_NOT_SUPPORTED);
1069
a7e80f25
JH		 1070 if (cp->val != 0x00 && cp->val != 0x01)
1071 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1072 MGMT_STATUS_INVALID_PARAMS);
1073
09fd0de5 1074 hci_dev_lock(hdev);
9fbcbb45 1075
4b34ee78 1076 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 1077 bool changed = false;
1078
1079 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
1080 changed = true;
1081
6bf0e469 1082 if (cp->val) {
5e5282bb 1083 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 1084 } else {
5e5282bb
JH		 1085 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1086 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1087 }
0224d2fa 1088
5e5282bb 1089 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1090 if (err < 0)
1091 goto failed;
1092
1093 if (changed)
1094 err = new_settings(hdev, sk);
1095
9fbcbb45
JH		 1096 goto failed;
1097 }
1098
2e58ef3e 1099 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1100 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1101 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1102 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1103 goto failed;
1104 }
1105
5e5282bb 1106 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1107 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1108 goto failed;
1109 }
1110
2e58ef3e 1111 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1112 if (!cmd) {
1113 err = -ENOMEM;
9fbcbb45 1114 goto failed;
366a0336 1115 }
9fbcbb45 1116
6bf0e469 1117 if (cp->val) {
9fbcbb45 1118 scan = SCAN_PAGE;
6bf0e469 1119 } else {
9fbcbb45
JH		 1120 scan = 0;
1121
df2c6c5e 1122 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1123 hdev->discov_timeout > 0)
df2c6c5e
JH		 1124 cancel_delayed_work(&hdev->discov_off);
1125 }
1126
2b76f453
JH		 1127 hci_req_init(&req, hdev);
1128
1129 hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1130
4c01f8b8
JH		 1131 /* If we're going from non-connectable to connectable or
1132 * vice-versa when fast connectable is enabled ensure that fast
1133 * connectable gets disabled. write_fast_connectable won't do
1134 * anything if the page scan parameters are already what they
1135 * should be.
1136 */
1137 if (cp->val || test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
e36a3769
JH		 1138 write_fast_connectable(&req, false);
1139
2b76f453 1140 err = hci_req_run(&req, set_connectable_complete);
9fbcbb45 1141 if (err < 0)
a664b5bc 1142 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1143
1144failed:
09fd0de5 1145 hci_dev_unlock(hdev);
9fbcbb45
JH		 1146 return err;
1147}
1148
bdb6d971 1149static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1150 u16 len)
c542a06c 1151{
650f726d 1152 struct mgmt_mode *cp = data;
c542a06c
JH		 1153 int err;
1154
bdb6d971 1155 BT_DBG("request for %s", hdev->name);
c542a06c 1156
a7e80f25
JH		 1157 if (cp->val != 0x00 && cp->val != 0x01)
1158 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1159 MGMT_STATUS_INVALID_PARAMS);
1160
09fd0de5 1161 hci_dev_lock(hdev);
c542a06c
JH		 1162
1163 if (cp->val)
a8b2d5c2 1164 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1165 else
a8b2d5c2 1166 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1167
69ab39ea 1168 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1169 if (err < 0)
1170 goto failed;
1171
beadb2bd 1172 err = new_settings(hdev, sk);
c542a06c
JH		 1173
1174failed:
09fd0de5 1175 hci_dev_unlock(hdev);
c542a06c
JH		 1176 return err;
1177}
1178
04124681
GP		 1179static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1180 u16 len)
33ef95ed
JH		 1181{
1182 struct mgmt_mode *cp = data;
1183 struct pending_cmd *cmd;
816a11d5 1184 u8 val;
33ef95ed
JH		 1185 int err;
1186
bdb6d971 1187 BT_DBG("request for %s", hdev->name);
33ef95ed 1188
33c525c0
JH		 1189 if (!lmp_bredr_capable(hdev))
1190 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1191 MGMT_STATUS_NOT_SUPPORTED);
1192
a7e80f25
JH		 1193 if (cp->val != 0x00 && cp->val != 0x01)
1194 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1195 MGMT_STATUS_INVALID_PARAMS);
1196
33ef95ed
JH		 1197 hci_dev_lock(hdev);
1198
4b34ee78 1199 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1200 bool changed = false;
1201
1202 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1203 &hdev->dev_flags)) {
47990ea0
JH		 1204 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1205 changed = true;
1206 }
1207
1208 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1209 if (err < 0)
1210 goto failed;
1211
1212 if (changed)
1213 err = new_settings(hdev, sk);
1214
33ef95ed
JH		 1215 goto failed;
1216 }
1217
1218 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1219 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1220 MGMT_STATUS_BUSY);
33ef95ed
JH		 1221 goto failed;
1222 }
1223
1224 val = !!cp->val;
1225
1226 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1227 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1228 goto failed;
1229 }
1230
1231 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1232 if (!cmd) {
1233 err = -ENOMEM;
1234 goto failed;
1235 }
1236
1237 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1238 if (err < 0) {
1239 mgmt_pending_remove(cmd);
1240 goto failed;
1241 }
1242
1243failed:
1244 hci_dev_unlock(hdev);
33ef95ed
JH		 1245 return err;
1246}
1247
bdb6d971 1248static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1249{
1250 struct mgmt_mode *cp = data;
1251 struct pending_cmd *cmd;
816a11d5 1252 u8 val;
ed2c4ee3
JH		 1253 int err;
1254
bdb6d971 1255 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1256
13ecd8b6
JH		 1257 if (!lmp_ssp_capable(hdev))
1258 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1259 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1260
a7e80f25
JH		 1261 if (cp->val != 0x00 && cp->val != 0x01)
1262 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1263 MGMT_STATUS_INVALID_PARAMS);
1264
13ecd8b6 1265 hci_dev_lock(hdev);
6c8f12c1 1266
c0ecddc2
JH		 1267 val = !!cp->val;
1268
4b34ee78 1269 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1270 bool changed = false;
1271
1272 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1273 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1274 changed = true;
1275 }
1276
1277 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1278 if (err < 0)
1279 goto failed;
1280
1281 if (changed)
1282 err = new_settings(hdev, sk);
1283
ed2c4ee3
JH		 1284 goto failed;
1285 }
1286
1287 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1288 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1289 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1290 goto failed;
1291 }
1292
ed2c4ee3
JH		 1293 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1294 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1295 goto failed;
1296 }
1297
1298 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1299 if (!cmd) {
1300 err = -ENOMEM;
1301 goto failed;
1302 }
1303
1304 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1305 if (err < 0) {
1306 mgmt_pending_remove(cmd);
1307 goto failed;
1308 }
1309
1310failed:
1311 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1312 return err;
1313}
1314
bdb6d971 1315static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1316{
1317 struct mgmt_mode *cp = data;
6d80dfd0 1318
bdb6d971 1319 BT_DBG("request for %s", hdev->name);
6d80dfd0 1320
bdb6d971
JH		 1321 if (!enable_hs)
1322 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1323 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0 1324
a7e80f25
JH		 1325 if (cp->val != 0x00 && cp->val != 0x01)
1326 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1327 MGMT_STATUS_INVALID_PARAMS);
1328
6d80dfd0
JH		 1329 if (cp->val)
1330 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1331 else
1332 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1333
bdb6d971 1334 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1335}
1336
bdb6d971 1337static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1338{
1339 struct mgmt_mode *cp = data;
1340 struct hci_cp_write_le_host_supported hci_cp;
1341 struct pending_cmd *cmd;
06199cf8 1342 int err;
0b60eba1 1343 u8 val, enabled;
06199cf8 1344
bdb6d971 1345 BT_DBG("request for %s", hdev->name);
06199cf8 1346
13ecd8b6
JH		 1347 if (!lmp_le_capable(hdev))
1348 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1349 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1350
a7e80f25
JH		 1351 if (cp->val != 0x00 && cp->val != 0x01)
1352 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1353 MGMT_STATUS_INVALID_PARAMS);
1354
13ecd8b6 1355 hci_dev_lock(hdev);
06199cf8
JH		 1356
1357 val = !!cp->val;
ffa88e02 1358 enabled = lmp_host_le_capable(hdev);
06199cf8 1359
0b60eba1 1360 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1361 bool changed = false;
1362
1363 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1364 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1365 changed = true;
1366 }
1367
1368 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1369 if (err < 0)
1de028ce 1370 goto unlock;
06199cf8
JH		 1371
1372 if (changed)
1373 err = new_settings(hdev, sk);
1374
1de028ce 1375 goto unlock;
06199cf8
JH		 1376 }
1377
1378 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1379 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1380 MGMT_STATUS_BUSY);
1de028ce 1381 goto unlock;
06199cf8
JH		 1382 }
1383
1384 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1385 if (!cmd) {
1386 err = -ENOMEM;
1de028ce 1387 goto unlock;
06199cf8
JH		 1388 }
1389
1390 memset(&hci_cp, 0, sizeof(hci_cp));
1391
1392 if (val) {
1393 hci_cp.le = val;
ffa88e02 1394 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1395 }
1396
04124681
GP		 1397 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1398 &hci_cp);
0c01bc48 1399 if (err < 0)
06199cf8 1400 mgmt_pending_remove(cmd);
06199cf8 1401
1de028ce
JH		 1402unlock:
1403 hci_dev_unlock(hdev);
06199cf8
JH		 1404 return err;
1405}
1406
0cab9c80
JH		 1407/* This is a helper function to test for pending mgmt commands that can
1408 * cause CoD or EIR HCI commands. We can only allow one such pending
1409 * mgmt command at a time since otherwise we cannot easily track what
1410 * the current values are, will be, and based on that calculate if a new
1411 * HCI command needs to be sent and if yes with what value.
1412 */
1413static bool pending_eir_or_class(struct hci_dev *hdev)
1414{
1415 struct pending_cmd *cmd;
1416
1417 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1418 switch (cmd->opcode) {
1419 case MGMT_OP_ADD_UUID:
1420 case MGMT_OP_REMOVE_UUID:
1421 case MGMT_OP_SET_DEV_CLASS:
1422 case MGMT_OP_SET_POWERED:
1423 return true;
1424 }
1425 }
1426
1427 return false;
1428}
1429
83be8eca
JH		 1430static const u8 bluetooth_base_uuid[] = {
1431 0xfb, 0x34, 0x9b, 0x5f, 0x80, 0x00, 0x00, 0x80,
1432 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1433};
1434
1435static u8 get_uuid_size(const u8 *uuid)
1436{
1437 u32 val;
1438
1439 if (memcmp(uuid, bluetooth_base_uuid, 12))
1440 return 128;
1441
1442 val = get_unaligned_le32(&uuid[12]);
1443 if (val > 0xffff)
1444 return 32;
1445
1446 return 16;
1447}
1448
92da6097
JH		 1449static void mgmt_class_complete(struct hci_dev *hdev, u16 mgmt_op, u8 status)
1450{
1451 struct pending_cmd *cmd;
1452
1453 hci_dev_lock(hdev);
1454
1455 cmd = mgmt_pending_find(mgmt_op, hdev);
1456 if (!cmd)
1457 goto unlock;
1458
1459 cmd_complete(cmd->sk, cmd->index, cmd->opcode, mgmt_status(status),
1460 hdev->dev_class, 3);
1461
1462 mgmt_pending_remove(cmd);
1463
1464unlock:
1465 hci_dev_unlock(hdev);
1466}
1467
1468static void add_uuid_complete(struct hci_dev *hdev, u8 status)
1469{
1470 BT_DBG("status 0x%02x", status);
1471
1472 mgmt_class_complete(hdev, MGMT_OP_ADD_UUID, status);
1473}
1474
bdb6d971 1475static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1476{
650f726d 1477 struct mgmt_cp_add_uuid *cp = data;
90e70454 1478 struct pending_cmd *cmd;
890ea898 1479 struct hci_request req;
2aeb9a1a 1480 struct bt_uuid *uuid;
2aeb9a1a
JH		 1481 int err;
1482
bdb6d971 1483 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1484
09fd0de5 1485 hci_dev_lock(hdev);
2aeb9a1a 1486
0cab9c80 1487 if (pending_eir_or_class(hdev)) {
bdb6d971 1488 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1489 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1490 goto failed;
1491 }
1492
92c4c204 1493 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1494 if (!uuid) {
1495 err = -ENOMEM;
1496 goto failed;
1497 }
1498
1499 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1500 uuid->svc_hint = cp->svc_hint;
83be8eca 1501 uuid->size = get_uuid_size(cp->uuid);
2aeb9a1a 1502
de66aa63 1503 list_add_tail(&uuid->list, &hdev->uuids);
2aeb9a1a 1504
890ea898 1505 hci_req_init(&req, hdev);
1aff6f09 1506
890ea898
JH		 1507 update_class(&req);
1508 update_eir(&req);
1509
92da6097
JH		 1510 err = hci_req_run(&req, add_uuid_complete);
1511 if (err < 0) {
1512 if (err != -ENODATA)
1513 goto failed;
80a1e1db 1514
bdb6d971 1515 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1516 hdev->dev_class, 3);
90e70454
JH		 1517 goto failed;
1518 }
1519
1520 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
890ea898 1521 if (!cmd) {
90e70454 1522 err = -ENOMEM;
890ea898
JH		 1523 goto failed;
1524 }
1525
1526 err = 0;
2aeb9a1a
JH		 1527
1528failed:
09fd0de5 1529 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1530 return err;
1531}
1532
24b78d0f
JH		 1533static bool enable_service_cache(struct hci_dev *hdev)
1534{
1535 if (!hdev_is_powered(hdev))
1536 return false;
1537
1538 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
46818ed5
JH		 1539 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1540 CACHE_TIMEOUT);
24b78d0f
JH		 1541 return true;
1542 }
1543
1544 return false;
1545}
1546
92da6097
JH		 1547static void remove_uuid_complete(struct hci_dev *hdev, u8 status)
1548{
1549 BT_DBG("status 0x%02x", status);
1550
1551 mgmt_class_complete(hdev, MGMT_OP_REMOVE_UUID, status);
1552}
1553
bdb6d971 1554static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1555 u16 len)
2aeb9a1a 1556{
650f726d 1557 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1558 struct pending_cmd *cmd;
056341c8 1559 struct bt_uuid *match, *tmp;
2aeb9a1a 1560 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
890ea898 1561 struct hci_request req;
2aeb9a1a
JH		 1562 int err, found;
1563
bdb6d971 1564 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1565
09fd0de5 1566 hci_dev_lock(hdev);
2aeb9a1a 1567
0cab9c80 1568 if (pending_eir_or_class(hdev)) {
bdb6d971 1569 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1570 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1571 goto unlock;
1572 }
1573
2aeb9a1a
JH		 1574 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1575 err = hci_uuids_clear(hdev);
4004b6d9 1576
24b78d0f 1577 if (enable_service_cache(hdev)) {
bdb6d971 1578 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1579 0, hdev->dev_class, 3);
24b78d0f
JH		 1580 goto unlock;
1581 }
4004b6d9 1582
9246a869 1583 goto update_class;
2aeb9a1a
JH		 1584 }
1585
1586 found = 0;
1587
056341c8 1588 list_for_each_entry_safe(match, tmp, &hdev->uuids, list) {
2aeb9a1a
JH		 1589 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1590 continue;
1591
1592 list_del(&match->list);
482049f7 1593 kfree(match);
2aeb9a1a
JH		 1594 found++;
1595 }
1596
1597 if (found == 0) {
bdb6d971 1598 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1599 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1600 goto unlock;
1601 }
1602
9246a869 1603update_class:
890ea898 1604 hci_req_init(&req, hdev);
1aff6f09 1605
890ea898
JH		 1606 update_class(&req);
1607 update_eir(&req);
1608
92da6097
JH		 1609 err = hci_req_run(&req, remove_uuid_complete);
1610 if (err < 0) {
1611 if (err != -ENODATA)
1612 goto unlock;
80a1e1db 1613
bdb6d971 1614 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1615 hdev->dev_class, 3);
90e70454
JH		 1616 goto unlock;
1617 }
1618
1619 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
890ea898 1620 if (!cmd) {
90e70454 1621 err = -ENOMEM;
890ea898
JH		 1622 goto unlock;
1623 }
1624
1625 err = 0;
2aeb9a1a
JH		 1626
1627unlock:
09fd0de5 1628 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1629 return err;
1630}
1631
92da6097
JH		 1632static void set_class_complete(struct hci_dev *hdev, u8 status)
1633{
1634 BT_DBG("status 0x%02x", status);
1635
1636 mgmt_class_complete(hdev, MGMT_OP_SET_DEV_CLASS, status);
1637}
1638
bdb6d971 1639static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1640 u16 len)
1aff6f09 1641{
650f726d 1642 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1643 struct pending_cmd *cmd;
890ea898 1644 struct hci_request req;
1aff6f09
JH		 1645 int err;
1646
bdb6d971 1647 BT_DBG("request for %s", hdev->name);
1aff6f09 1648
13ecd8b6
JH		 1649 if (!lmp_bredr_capable(hdev))
1650 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1651 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1652
0cab9c80 1653 hci_dev_lock(hdev);
ee98f473 1654
0cab9c80
JH		 1655 if (pending_eir_or_class(hdev)) {
1656 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1657 MGMT_STATUS_BUSY);
1658 goto unlock;
1659 }
c95f0ba7 1660
0cab9c80
JH		 1661 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0) {
1662 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1663 MGMT_STATUS_INVALID_PARAMS);
1664 goto unlock;
1665 }
575b3a02 1666
932f5ff5
JH		 1667 hdev->major_class = cp->major;
1668 hdev->minor_class = cp->minor;
1669
b5235a65 1670 if (!hdev_is_powered(hdev)) {
bdb6d971 1671 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1672 hdev->dev_class, 3);
b5235a65
JH		 1673 goto unlock;
1674 }
1675
890ea898
JH		 1676 hci_req_init(&req, hdev);
1677
a8b2d5c2 1678 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1679 hci_dev_unlock(hdev);
1680 cancel_delayed_work_sync(&hdev->service_cache);
1681 hci_dev_lock(hdev);
890ea898 1682 update_eir(&req);
7d78525d 1683 }
14c0b608 1684
890ea898
JH		 1685 update_class(&req);
1686
92da6097
JH		 1687 err = hci_req_run(&req, set_class_complete);
1688 if (err < 0) {
1689 if (err != -ENODATA)
1690 goto unlock;
1aff6f09 1691
bdb6d971 1692 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1693 hdev->dev_class, 3);
90e70454
JH		 1694 goto unlock;
1695 }
1696
1697 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
890ea898 1698 if (!cmd) {
90e70454 1699 err = -ENOMEM;
890ea898
JH		 1700 goto unlock;
1701 }
1702
1703 err = 0;
1aff6f09 1704
b5235a65 1705unlock:
09fd0de5 1706 hci_dev_unlock(hdev);
1aff6f09
JH		 1707 return err;
1708}
1709
bdb6d971 1710static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1711 u16 len)
55ed8ca1 1712{
650f726d 1713 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1714 u16 key_count, expected_len;
a492cd52 1715 int i;
55ed8ca1 1716
1f350c87 1717 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1718
86742e1e
JH		 1719 expected_len = sizeof(*cp) + key_count *
1720 sizeof(struct mgmt_link_key_info);
a492cd52 1721 if (expected_len != len) {
86742e1e 1722 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1723 len, expected_len);
bdb6d971 1724 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1725 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1726 }
1727
4ae14301
JH		 1728 if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01)
1729 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1730 MGMT_STATUS_INVALID_PARAMS);
1731
bdb6d971 1732 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1733 key_count);
55ed8ca1 1734
4ee71b20
JH		 1735 for (i = 0; i < key_count; i++) {
1736 struct mgmt_link_key_info *key = &cp->keys[i];
1737
1738 if (key->addr.type != BDADDR_BREDR)
1739 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1740 MGMT_STATUS_INVALID_PARAMS);
1741 }
1742
09fd0de5 1743 hci_dev_lock(hdev);
55ed8ca1
JH		 1744
1745 hci_link_keys_clear(hdev);
1746
a8b2d5c2 1747 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1748
1749 if (cp->debug_keys)
a8b2d5c2 1750 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1751 else
a8b2d5c2 1752 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1753
a492cd52 1754 for (i = 0; i < key_count; i++) {
86742e1e 1755 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1756
d753fdc4 1757 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1758 key->type, key->pin_len);
55ed8ca1
JH		 1759 }
1760
bdb6d971 1761 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1762
09fd0de5 1763 hci_dev_unlock(hdev);
55ed8ca1 1764
a492cd52 1765 return 0;
55ed8ca1
JH		 1766}
1767
b1078ad0 1768static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1769 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1770{
1771 struct mgmt_ev_device_unpaired ev;
1772
1773 bacpy(&ev.addr.bdaddr, bdaddr);
1774 ev.addr.type = addr_type;
1775
1776 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1777 skip_sk);
b1078ad0
JH		 1778}
1779
bdb6d971 1780static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1781 u16 len)
55ed8ca1 1782{
124f6e35
JH		 1783 struct mgmt_cp_unpair_device *cp = data;
1784 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1785 struct hci_cp_disconnect dc;
1786 struct pending_cmd *cmd;
55ed8ca1 1787 struct hci_conn *conn;
55ed8ca1
JH		 1788 int err;
1789
a8a1d19e 1790 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1791 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1792 rp.addr.type = cp->addr.type;
a8a1d19e 1793
4ee71b20
JH		 1794 if (!bdaddr_type_is_valid(cp->addr.type))
1795 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1796 MGMT_STATUS_INVALID_PARAMS,
1797 &rp, sizeof(rp));
1798
118da70b
JH		 1799 if (cp->disconnect != 0x00 && cp->disconnect != 0x01)
1800 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1801 MGMT_STATUS_INVALID_PARAMS,
1802 &rp, sizeof(rp));
1803
4ee71b20
JH		 1804 hci_dev_lock(hdev);
1805
86a8cfc6 1806 if (!hdev_is_powered(hdev)) {
bdb6d971 1807 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1808 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1809 goto unlock;
1810 }
1811
591f47f3 1812 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1813 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1814 else
1815 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1816
55ed8ca1 1817 if (err < 0) {
bdb6d971 1818 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1819 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1820 goto unlock;
1821 }
1822
86a8cfc6 1823 if (cp->disconnect) {
591f47f3 1824 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1825 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1826 &cp->addr.bdaddr);
86a8cfc6
JH		 1827 else
1828 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1829 &cp->addr.bdaddr);
86a8cfc6
JH		 1830 } else {
1831 conn = NULL;
1832 }
124f6e35 1833
a8a1d19e 1834 if (!conn) {
bdb6d971 1835 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1836 &rp, sizeof(rp));
b1078ad0 1837 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1838 goto unlock;
1839 }
55ed8ca1 1840
124f6e35 1841 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1842 sizeof(*cp));
a8a1d19e
JH		 1843 if (!cmd) {
1844 err = -ENOMEM;
1845 goto unlock;
55ed8ca1
JH		 1846 }
1847
eb55ef07 1848 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1849 dc.reason = 0x13; /* Remote User Terminated Connection */
1850 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1851 if (err < 0)
1852 mgmt_pending_remove(cmd);
1853
55ed8ca1 1854unlock:
09fd0de5 1855 hci_dev_unlock(hdev);
55ed8ca1
JH		 1856 return err;
1857}
1858
bdb6d971 1859static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1860 u16 len)
8962ee74 1861{
650f726d 1862 struct mgmt_cp_disconnect *cp = data;
06a63b19 1863 struct mgmt_rp_disconnect rp;
8962ee74 1864 struct hci_cp_disconnect dc;
366a0336 1865 struct pending_cmd *cmd;
8962ee74 1866 struct hci_conn *conn;
8962ee74
JH		 1867 int err;
1868
1869 BT_DBG("");
1870
06a63b19
JH		 1871 memset(&rp, 0, sizeof(rp));
1872 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1873 rp.addr.type = cp->addr.type;
1874
4ee71b20 1875 if (!bdaddr_type_is_valid(cp->addr.type))
06a63b19
JH		 1876 return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1877 MGMT_STATUS_INVALID_PARAMS,
1878 &rp, sizeof(rp));
4ee71b20 1879
09fd0de5 1880 hci_dev_lock(hdev);
8962ee74
JH		 1881
1882 if (!test_bit(HCI_UP, &hdev->flags)) {
06a63b19
JH		 1883 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1884 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
8962ee74
JH		 1885 goto failed;
1886 }
1887
2e58ef3e 1888 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
06a63b19
JH		 1889 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1890 MGMT_STATUS_BUSY, &rp, sizeof(rp));
8962ee74
JH		 1891 goto failed;
1892 }
1893
591f47f3 1894 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1895 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1896 &cp->addr.bdaddr);
88c3df13
JH		 1897 else
1898 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1899
f960727e 1900 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
06a63b19
JH		 1901 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
1902 MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp));
8962ee74
JH		 1903 goto failed;
1904 }
1905
2e58ef3e 1906 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1907 if (!cmd) {
1908 err = -ENOMEM;
8962ee74 1909 goto failed;
366a0336 1910 }
8962ee74 1911
eb55ef07 1912 dc.handle = cpu_to_le16(conn->handle);
3701f944 1913 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1914
1915 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1916 if (err < 0)
a664b5bc 1917 mgmt_pending_remove(cmd);
8962ee74
JH		 1918
1919failed:
09fd0de5 1920 hci_dev_unlock(hdev);
8962ee74
JH		 1921 return err;
1922}
1923
57c1477c 1924static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1925{
1926 switch (link_type) {
1927 case LE_LINK:
48264f06
JH		 1928 switch (addr_type) {
1929 case ADDR_LE_DEV_PUBLIC:
591f47f3 1930 return BDADDR_LE_PUBLIC;
0ed09148 1931
48264f06 1932 default:
0ed09148 1933 /* Fallback to LE Random address type */
591f47f3 1934 return BDADDR_LE_RANDOM;
48264f06 1935 }
0ed09148 1936
4c659c39 1937 default:
0ed09148 1938 /* Fallback to BR/EDR type */
591f47f3 1939 return BDADDR_BREDR;
4c659c39
JH		 1940 }
1941}
1942
04124681
GP		 1943static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1944 u16 data_len)
2784eb41 1945{
2784eb41 1946 struct mgmt_rp_get_connections *rp;
8035ded4 1947 struct hci_conn *c;
a38528f1 1948 size_t rp_len;
60fc5fb6
JH		 1949 int err;
1950 u16 i;
2784eb41
JH		 1951
1952 BT_DBG("");
1953
09fd0de5 1954 hci_dev_lock(hdev);
2784eb41 1955
5f97c1df 1956 if (!hdev_is_powered(hdev)) {
bdb6d971 1957 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1958 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1959 goto unlock;
1960 }
1961
60fc5fb6 1962 i = 0;
b644ba33
JH		 1963 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1964 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1965 i++;
2784eb41
JH		 1966 }
1967
60fc5fb6 1968 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1969 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1970 if (!rp) {
2784eb41
JH		 1971 err = -ENOMEM;
1972 goto unlock;
1973 }
1974
2784eb41 1975 i = 0;
4c659c39 1976 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1977 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1978 continue;
4c659c39 1979 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1980 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1981 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1982 continue;
1983 i++;
1984 }
1985
eb55ef07 1986 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1987
4c659c39
JH		 1988 /* Recalculate length in case of filtered SCO connections, etc */
1989 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1990
bdb6d971 1991 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1992 rp_len);
2784eb41 1993
a38528f1 1994 kfree(rp);
5f97c1df
JH		 1995
1996unlock:
09fd0de5 1997 hci_dev_unlock(hdev);
2784eb41
JH		 1998 return err;
1999}
2000
bdb6d971 2001static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2002 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 2003{
2004 struct pending_cmd *cmd;
2005 int err;
2006
2e58ef3e 2007 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 2008 sizeof(*cp));
96d97a67
WR		 2009 if (!cmd)
2010 return -ENOMEM;
2011
d8457698 2012 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 2013 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 2014 if (err < 0)
2015 mgmt_pending_remove(cmd);
2016
2017 return err;
2018}
2019
bdb6d971 2020static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2021 u16 len)
980e1a53 2022{
96d97a67 2023 struct hci_conn *conn;
650f726d 2024 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 2025 struct hci_cp_pin_code_reply reply;
366a0336 2026 struct pending_cmd *cmd;
980e1a53
JH		 2027 int err;
2028
2029 BT_DBG("");
2030
09fd0de5 2031 hci_dev_lock(hdev);
980e1a53 2032
4b34ee78 2033 if (!hdev_is_powered(hdev)) {
bdb6d971 2034 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2035 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 2036 goto failed;
2037 }
2038
d8457698 2039 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 2040 if (!conn) {
bdb6d971 2041 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2042 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 2043 goto failed;
2044 }
2045
2046 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 2047 struct mgmt_cp_pin_code_neg_reply ncp;
2048
2049 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 2050
2051 BT_ERR("PIN code is not 16 bytes long");
2052
bdb6d971 2053 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 2054 if (err >= 0)
bdb6d971 2055 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2056 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 2057
2058 goto failed;
2059 }
2060
00abfe44 2061 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 2062 if (!cmd) {
2063 err = -ENOMEM;
980e1a53 2064 goto failed;
366a0336 2065 }
980e1a53 2066
d8457698 2067 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 2068 reply.pin_len = cp->pin_len;
24718ca5 2069 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 2070
2071 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
2072 if (err < 0)
a664b5bc 2073 mgmt_pending_remove(cmd);
980e1a53
JH		 2074
2075failed:
09fd0de5 2076 hci_dev_unlock(hdev);
980e1a53
JH		 2077 return err;
2078}
2079
04124681
GP		 2080static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
2081 u16 len)
17fa4b9d 2082{
650f726d 2083 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 2084
2085 BT_DBG("");
2086
09fd0de5 2087 hci_dev_lock(hdev);
17fa4b9d
JH		 2088
2089 hdev->io_capability = cp->io_capability;
2090
2091 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 2092 hdev->io_capability);
17fa4b9d 2093
09fd0de5 2094 hci_dev_unlock(hdev);
17fa4b9d 2095
04124681
GP		 2096 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
2097 0);
17fa4b9d
JH		 2098}
2099
6039aa73 2100static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 2101{
2102 struct hci_dev *hdev = conn->hdev;
8035ded4 2103 struct pending_cmd *cmd;
e9a416b5 2104
2e58ef3e 2105 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 2106 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
2107 continue;
2108
e9a416b5
JH		 2109 if (cmd->user_data != conn)
2110 continue;
2111
2112 return cmd;
2113 }
2114
2115 return NULL;
2116}
2117
2118static void pairing_complete(struct pending_cmd *cmd, u8 status)
2119{
2120 struct mgmt_rp_pair_device rp;
2121 struct hci_conn *conn = cmd->user_data;
2122
ba4e564f 2123 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 2124 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 2125
aee9b218 2126 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 2127 &rp, sizeof(rp));
e9a416b5
JH		 2128
2129 /* So we don't get further callbacks for this connection */
2130 conn->connect_cfm_cb = NULL;
2131 conn->security_cfm_cb = NULL;
2132 conn->disconn_cfm_cb = NULL;
2133
76a68ba0 2134 hci_conn_drop(conn);
e9a416b5 2135
a664b5bc 2136 mgmt_pending_remove(cmd);
e9a416b5
JH		 2137}
2138
2139static void pairing_complete_cb(struct hci_conn *conn, u8 status)
2140{
2141 struct pending_cmd *cmd;
2142
2143 BT_DBG("status %u", status);
2144
2145 cmd = find_pairing(conn);
56e5cb86 2146 if (!cmd)
e9a416b5 2147 BT_DBG("Unable to find a pending command");
56e5cb86 2148 else
e211326c 2149 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 2150}
2151
4c47d739
VA		 2152static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
2153{
2154 struct pending_cmd *cmd;
2155
2156 BT_DBG("status %u", status);
2157
2158 if (!status)
2159 return;
2160
2161 cmd = find_pairing(conn);
2162 if (!cmd)
2163 BT_DBG("Unable to find a pending command");
2164 else
2165 pairing_complete(cmd, mgmt_status(status));
2166}
2167
bdb6d971 2168static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2169 u16 len)
e9a416b5 2170{
650f726d 2171 struct mgmt_cp_pair_device *cp = data;
1425acb7 2172 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 2173 struct pending_cmd *cmd;
2174 u8 sec_level, auth_type;
2175 struct hci_conn *conn;
e9a416b5
JH		 2176 int err;
2177
2178 BT_DBG("");
2179
f950a30e
SJ		 2180 memset(&rp, 0, sizeof(rp));
2181 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2182 rp.addr.type = cp->addr.type;
2183
4ee71b20
JH		 2184 if (!bdaddr_type_is_valid(cp->addr.type))
2185 return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2186 MGMT_STATUS_INVALID_PARAMS,
2187 &rp, sizeof(rp));
2188
09fd0de5 2189 hci_dev_lock(hdev);
e9a416b5 2190
5f97c1df 2191 if (!hdev_is_powered(hdev)) {
f950a30e
SJ		 2192 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2193 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
5f97c1df
JH		 2194 goto unlock;
2195 }
2196
c908df36
VCG		 2197 sec_level = BT_SECURITY_MEDIUM;
2198 if (cp->io_cap == 0x03)
e9a416b5 2199 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 2200 else
e9a416b5 2201 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 2202
591f47f3 2203 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 2204 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
2205 cp->addr.type, sec_level, auth_type);
7a512d01 2206 else
b12f62cf
AG		 2207 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
2208 cp->addr.type, sec_level, auth_type);
7a512d01 2209
30e76272 2210 if (IS_ERR(conn)) {
489dc48e
AK		 2211 int status;
2212
2213 if (PTR_ERR(conn) == -EBUSY)
2214 status = MGMT_STATUS_BUSY;
2215 else
2216 status = MGMT_STATUS_CONNECT_FAILED;
2217
bdb6d971 2218 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 2219 status, &rp,
04124681 2220 sizeof(rp));
e9a416b5
JH		 2221 goto unlock;
2222 }
2223
2224 if (conn->connect_cfm_cb) {
76a68ba0 2225 hci_conn_drop(conn);
bdb6d971 2226 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 2227 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 2228 goto unlock;
2229 }
2230
2e58ef3e 2231 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 2232 if (!cmd) {
2233 err = -ENOMEM;
76a68ba0 2234 hci_conn_drop(conn);
e9a416b5
JH		 2235 goto unlock;
2236 }
2237
7a512d01 2238 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 2239 if (cp->addr.type == BDADDR_BREDR)
7a512d01 2240 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 2241 else
2242 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 2243
e9a416b5
JH		 2244 conn->security_cfm_cb = pairing_complete_cb;
2245 conn->disconn_cfm_cb = pairing_complete_cb;
2246 conn->io_capability = cp->io_cap;
2247 cmd->user_data = conn;
2248
2249 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2250 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2251 pairing_complete(cmd, 0);
2252
2253 err = 0;
2254
2255unlock:
09fd0de5 2256 hci_dev_unlock(hdev);
e9a416b5
JH		 2257 return err;
2258}
2259
04124681
GP		 2260static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2261 u16 len)
28424707 2262{
0f4e68cf 2263 struct mgmt_addr_info *addr = data;
28424707
JH		 2264 struct pending_cmd *cmd;
2265 struct hci_conn *conn;
2266 int err;
2267
2268 BT_DBG("");
2269
28424707
JH		 2270 hci_dev_lock(hdev);
2271
5f97c1df 2272 if (!hdev_is_powered(hdev)) {
bdb6d971 2273 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2274 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2275 goto unlock;
2276 }
2277
28424707
JH		 2278 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2279 if (!cmd) {
bdb6d971 2280 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2281 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2282 goto unlock;
2283 }
2284
2285 conn = cmd->user_data;
2286
2287 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2288 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2289 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2290 goto unlock;
2291 }
2292
2293 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2294
bdb6d971 2295 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2296 addr, sizeof(*addr));
28424707
JH		 2297unlock:
2298 hci_dev_unlock(hdev);
28424707
JH		 2299 return err;
2300}
2301
bdb6d971 2302static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
1707c60e 2303 struct mgmt_addr_info *addr, u16 mgmt_op,
04124681 2304 u16 hci_op, __le32 passkey)
a5c29683 2305{
a5c29683 2306 struct pending_cmd *cmd;
0df4c185 2307 struct hci_conn *conn;
a5c29683
JH		 2308 int err;
2309
09fd0de5 2310 hci_dev_lock(hdev);
08ba5382 2311
4b34ee78 2312 if (!hdev_is_powered(hdev)) {
feb94d3d
JH		 2313 err = cmd_complete(sk, hdev->id, mgmt_op,
2314 MGMT_STATUS_NOT_POWERED, addr,
2315 sizeof(*addr));
0df4c185 2316 goto done;
a5c29683
JH		 2317 }
2318
1707c60e
JH		 2319 if (addr->type == BDADDR_BREDR)
2320 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &addr->bdaddr);
272d90df 2321 else
1707c60e 2322 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &addr->bdaddr);
272d90df
JH		 2323
2324 if (!conn) {
feb94d3d
JH		 2325 err = cmd_complete(sk, hdev->id, mgmt_op,
2326 MGMT_STATUS_NOT_CONNECTED, addr,
2327 sizeof(*addr));
272d90df
JH		 2328 goto done;
2329 }
47c15e2b 2330
1707c60e 2331 if (addr->type == BDADDR_LE_PUBLIC || addr->type == BDADDR_LE_RANDOM) {
47c15e2b 2332 /* Continue with pairing via SMP */
5fe57d9e
BG		 2333 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2334
2335 if (!err)
feb94d3d
JH		 2336 err = cmd_complete(sk, hdev->id, mgmt_op,
2337 MGMT_STATUS_SUCCESS, addr,
2338 sizeof(*addr));
5fe57d9e 2339 else
feb94d3d
JH		 2340 err = cmd_complete(sk, hdev->id, mgmt_op,
2341 MGMT_STATUS_FAILED, addr,
2342 sizeof(*addr));
47c15e2b 2343
47c15e2b
BG		 2344 goto done;
2345 }
2346
1707c60e 2347 cmd = mgmt_pending_add(sk, mgmt_op, hdev, addr, sizeof(*addr));
a5c29683
JH		 2348 if (!cmd) {
2349 err = -ENOMEM;
0df4c185 2350 goto done;
a5c29683
JH		 2351 }
2352
0df4c185 2353 /* Continue with pairing via HCI */
604086b7
BG		 2354 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2355 struct hci_cp_user_passkey_reply cp;
2356
1707c60e 2357 bacpy(&cp.bdaddr, &addr->bdaddr);
604086b7
BG		 2358 cp.passkey = passkey;
2359 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2360 } else
1707c60e
JH		 2361 err = hci_send_cmd(hdev, hci_op, sizeof(addr->bdaddr),
2362 &addr->bdaddr);
604086b7 2363
a664b5bc
JH		 2364 if (err < 0)
2365 mgmt_pending_remove(cmd);
a5c29683 2366
0df4c185 2367done:
09fd0de5 2368 hci_dev_unlock(hdev);
a5c29683
JH		 2369 return err;
2370}
2371
afeb019d
JK		 2372static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2373 void *data, u16 len)
2374{
2375 struct mgmt_cp_pin_code_neg_reply *cp = data;
2376
2377 BT_DBG("");
2378
1707c60e 2379 return user_pairing_resp(sk, hdev, &cp->addr,
afeb019d
JK		 2380 MGMT_OP_PIN_CODE_NEG_REPLY,
2381 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2382}
2383
04124681
GP		 2384static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2385 u16 len)
0df4c185 2386{
650f726d 2387 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2388
2389 BT_DBG("");
2390
2391 if (len != sizeof(*cp))
bdb6d971 2392 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2393 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2394
1707c60e 2395 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2396 MGMT_OP_USER_CONFIRM_REPLY,
2397 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2398}
2399
bdb6d971 2400static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2401 void *data, u16 len)
0df4c185 2402{
c9c2659f 2403 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2404
2405 BT_DBG("");
2406
1707c60e 2407 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2408 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2409 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2410}
2411
04124681
GP		 2412static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2413 u16 len)
604086b7 2414{
650f726d 2415 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2416
2417 BT_DBG("");
2418
1707c60e 2419 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2420 MGMT_OP_USER_PASSKEY_REPLY,
2421 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2422}
2423
bdb6d971 2424static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2425 void *data, u16 len)
604086b7 2426{
650f726d 2427 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2428
2429 BT_DBG("");
2430
1707c60e 2431 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2432 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2433 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2434}
2435
13928971 2436static void update_name(struct hci_request *req)
2b4bf397 2437{
13928971 2438 struct hci_dev *hdev = req->hdev;
2b4bf397
JH		 2439 struct hci_cp_write_local_name cp;
2440
13928971 2441 memcpy(cp.name, hdev->dev_name, sizeof(cp.name));
2b4bf397 2442
890ea898 2443 hci_req_add(req, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2b4bf397
JH		 2444}
2445
13928971
JH		 2446static void set_name_complete(struct hci_dev *hdev, u8 status)
2447{
2448 struct mgmt_cp_set_local_name *cp;
2449 struct pending_cmd *cmd;
2450
2451 BT_DBG("status 0x%02x", status);
2452
2453 hci_dev_lock(hdev);
2454
2455 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2456 if (!cmd)
2457 goto unlock;
2458
2459 cp = cmd->param;
2460
2461 if (status)
2462 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2463 mgmt_status(status));
2464 else
2465 cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2466 cp, sizeof(*cp));
2467
2468 mgmt_pending_remove(cmd);
2469
2470unlock:
2471 hci_dev_unlock(hdev);
2472}
2473
bdb6d971 2474static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2475 u16 len)
b312b161 2476{
2b4bf397 2477 struct mgmt_cp_set_local_name *cp = data;
b312b161 2478 struct pending_cmd *cmd;
890ea898 2479 struct hci_request req;
b312b161
JH		 2480 int err;
2481
2482 BT_DBG("");
2483
09fd0de5 2484 hci_dev_lock(hdev);
b312b161 2485
b3f2ca94
JH		 2486 /* If the old values are the same as the new ones just return a
2487 * direct command complete event.
2488 */
2489 if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) &&
2490 !memcmp(hdev->short_name, cp->short_name,
2491 sizeof(hdev->short_name))) {
2492 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2493 data, len);
2494 goto failed;
2495 }
2496
2b4bf397 2497 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2498
b5235a65 2499 if (!hdev_is_powered(hdev)) {
2b4bf397 2500 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2501
2502 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2503 data, len);
28cc7bde
JH		 2504 if (err < 0)
2505 goto failed;
2506
2507 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2508 sk);
28cc7bde 2509
b5235a65
JH		 2510 goto failed;
2511 }
2512
28cc7bde 2513 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2514 if (!cmd) {
2515 err = -ENOMEM;
2516 goto failed;
2517 }
2518
13928971
JH		 2519 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
2520
890ea898 2521 hci_req_init(&req, hdev);
3f985050
JH		 2522
2523 if (lmp_bredr_capable(hdev)) {
2524 update_name(&req);
2525 update_eir(&req);
2526 }
2527
2528 if (lmp_le_capable(hdev))
2529 hci_update_ad(&req);
2530
13928971 2531 err = hci_req_run(&req, set_name_complete);
b312b161
JH		 2532 if (err < 0)
2533 mgmt_pending_remove(cmd);
2534
2535failed:
09fd0de5 2536 hci_dev_unlock(hdev);
b312b161
JH		 2537 return err;
2538}
2539
0f4e68cf 2540static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2541 void *data, u16 data_len)
c35938b2 2542{
c35938b2
SJ		 2543 struct pending_cmd *cmd;
2544 int err;
2545
bdb6d971 2546 BT_DBG("%s", hdev->name);
c35938b2 2547
09fd0de5 2548 hci_dev_lock(hdev);
c35938b2 2549
4b34ee78 2550 if (!hdev_is_powered(hdev)) {
bdb6d971 2551 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2552 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2553 goto unlock;
2554 }
2555
9a1a1996 2556 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2557 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2558 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2559 goto unlock;
2560 }
2561
2e58ef3e 2562 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2563 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2564 MGMT_STATUS_BUSY);
c35938b2
SJ		 2565 goto unlock;
2566 }
2567
2e58ef3e 2568 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2569 if (!cmd) {
2570 err = -ENOMEM;
2571 goto unlock;
2572 }
2573
2574 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2575 if (err < 0)
2576 mgmt_pending_remove(cmd);
2577
2578unlock:
09fd0de5 2579 hci_dev_unlock(hdev);
c35938b2
SJ		 2580 return err;
2581}
2582
bdb6d971 2583static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2584 void *data, u16 len)
2763eda6 2585{
650f726d 2586 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2587 u8 status;
2763eda6
SJ		 2588 int err;
2589
bdb6d971 2590 BT_DBG("%s ", hdev->name);
2763eda6 2591
09fd0de5 2592 hci_dev_lock(hdev);
2763eda6 2593
664ce4cc 2594 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2595 cp->randomizer);
2763eda6 2596 if (err < 0)
bf1e3541 2597 status = MGMT_STATUS_FAILED;
2763eda6 2598 else
a6785be2 2599 status = MGMT_STATUS_SUCCESS;
bf1e3541 2600
bdb6d971 2601 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2602 &cp->addr, sizeof(cp->addr));
2763eda6 2603
09fd0de5 2604 hci_dev_unlock(hdev);
2763eda6
SJ		 2605 return err;
2606}
2607
bdb6d971 2608static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2609 void *data, u16 len)
2763eda6 2610{
650f726d 2611 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2612 u8 status;
2763eda6
SJ		 2613 int err;
2614
bdb6d971 2615 BT_DBG("%s", hdev->name);
2763eda6 2616
09fd0de5 2617 hci_dev_lock(hdev);
2763eda6 2618
664ce4cc 2619 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2620 if (err < 0)
bf1e3541 2621 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2622 else
a6785be2 2623 status = MGMT_STATUS_SUCCESS;
bf1e3541 2624
bdb6d971 2625 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2626 status, &cp->addr, sizeof(cp->addr));
2763eda6 2627
09fd0de5 2628 hci_dev_unlock(hdev);
2763eda6
SJ		 2629 return err;
2630}
2631
5e0452c0
AG		 2632int mgmt_interleaved_discovery(struct hci_dev *hdev)
2633{
2634 int err;
2635
2636 BT_DBG("%s", hdev->name);
2637
2638 hci_dev_lock(hdev);
2639
2640 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2641 if (err < 0)
2642 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2643
2644 hci_dev_unlock(hdev);
2645
2646 return err;
2647}
2648
bdb6d971 2649static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2650 void *data, u16 len)
14a53664 2651{
650f726d 2652 struct mgmt_cp_start_discovery *cp = data;
14a53664 2653 struct pending_cmd *cmd;
14a53664
JH		 2654 int err;
2655
bdb6d971 2656 BT_DBG("%s", hdev->name);
14a53664 2657
09fd0de5 2658 hci_dev_lock(hdev);
14a53664 2659
4b34ee78 2660 if (!hdev_is_powered(hdev)) {
bdb6d971 2661 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2662 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2663 goto failed;
2664 }
2665
642be6c7
AG		 2666 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2667 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2668 MGMT_STATUS_BUSY);
2669 goto failed;
2670 }
2671
ff9ef578 2672 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2673 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2674 MGMT_STATUS_BUSY);
ff9ef578
JH		 2675 goto failed;
2676 }
2677
2e58ef3e 2678 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2679 if (!cmd) {
2680 err = -ENOMEM;
2681 goto failed;
2682 }
2683
4aab14e5
AG		 2684 hdev->discovery.type = cp->type;
2685
2686 switch (hdev->discovery.type) {
f39799f5 2687 case DISCOV_TYPE_BREDR:
04106755
JH		 2688 if (!lmp_bredr_capable(hdev)) {
2689 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2690 MGMT_STATUS_NOT_SUPPORTED);
2691 mgmt_pending_remove(cmd);
2692 goto failed;
2693 }
2694
2695 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2696 break;
2697
2698 case DISCOV_TYPE_LE:
04106755
JH		 2699 if (!lmp_host_le_capable(hdev)) {
2700 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2701 MGMT_STATUS_NOT_SUPPORTED);
2702 mgmt_pending_remove(cmd);
2703 goto failed;
2704 }
2705
2706 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2707 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2708 break;
2709
5e0452c0 2710 case DISCOV_TYPE_INTERLEAVED:
04106755
JH		 2711 if (!lmp_host_le_capable(hdev) || !lmp_bredr_capable(hdev)) {
2712 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2713 MGMT_STATUS_NOT_SUPPORTED);
2714 mgmt_pending_remove(cmd);
2715 goto failed;
2716 }
2717
2718 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, LE_SCAN_WIN,
2719 LE_SCAN_TIMEOUT_BREDR_LE);
5e0452c0
AG		 2720 break;
2721
f39799f5 2722 default:
04106755
JH		 2723 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2724 MGMT_STATUS_INVALID_PARAMS);
2725 mgmt_pending_remove(cmd);
2726 goto failed;
f39799f5 2727 }
3fd24153 2728
14a53664
JH		 2729 if (err < 0)
2730 mgmt_pending_remove(cmd);
ff9ef578
JH		 2731 else
2732 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2733
2734failed:
09fd0de5 2735 hci_dev_unlock(hdev);
14a53664
JH		 2736 return err;
2737}
2738
bdb6d971 2739static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2740 u16 len)
14a53664 2741{
d930650b 2742 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2743 struct pending_cmd *cmd;
30dc78e1
JH		 2744 struct hci_cp_remote_name_req_cancel cp;
2745 struct inquiry_entry *e;
14a53664
JH		 2746 int err;
2747
bdb6d971 2748 BT_DBG("%s", hdev->name);
14a53664 2749
09fd0de5 2750 hci_dev_lock(hdev);
14a53664 2751
30dc78e1 2752 if (!hci_discovery_active(hdev)) {
bdb6d971 2753 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2754 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2755 sizeof(mgmt_cp->type));
d930650b
JH		 2756 goto unlock;
2757 }
2758
2759 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2760 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2761 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2762 sizeof(mgmt_cp->type));
30dc78e1 2763 goto unlock;
ff9ef578
JH		 2764 }
2765
2e58ef3e 2766 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2767 if (!cmd) {
2768 err = -ENOMEM;
30dc78e1
JH		 2769 goto unlock;
2770 }
2771
e0d9727e
AG		 2772 switch (hdev->discovery.state) {
2773 case DISCOVERY_FINDING:
c9ecc48e
AG		 2774 if (test_bit(HCI_INQUIRY, &hdev->flags))
2775 err = hci_cancel_inquiry(hdev);
2776 else
2777 err = hci_cancel_le_scan(hdev);
2778
e0d9727e
AG		 2779 break;
2780
2781 case DISCOVERY_RESOLVING:
2782 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2783 NAME_PENDING);
e0d9727e 2784 if (!e) {
30dc78e1 2785 mgmt_pending_remove(cmd);
e0d9727e
AG		 2786 err = cmd_complete(sk, hdev->id,
2787 MGMT_OP_STOP_DISCOVERY, 0,
2788 &mgmt_cp->type,
2789 sizeof(mgmt_cp->type));
2790 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2791 goto unlock;
2792 }
30dc78e1 2793
e0d9727e
AG		 2794 bacpy(&cp.bdaddr, &e->data.bdaddr);
2795 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2796 sizeof(cp), &cp);
2797
2798 break;
2799
2800 default:
2801 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2802 err = -EFAULT;
14a53664
JH		 2803 }
2804
14a53664
JH		 2805 if (err < 0)
2806 mgmt_pending_remove(cmd);
ff9ef578
JH		 2807 else
2808 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2809
30dc78e1 2810unlock:
09fd0de5 2811 hci_dev_unlock(hdev);
14a53664
JH		 2812 return err;
2813}
2814
bdb6d971 2815static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2816 u16 len)
561aafbc 2817{
650f726d 2818 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2819 struct inquiry_entry *e;
561aafbc
JH		 2820 int err;
2821
bdb6d971 2822 BT_DBG("%s", hdev->name);
561aafbc 2823
561aafbc
JH		 2824 hci_dev_lock(hdev);
2825
30dc78e1 2826 if (!hci_discovery_active(hdev)) {
bdb6d971 2827 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2828 MGMT_STATUS_FAILED);
30dc78e1
JH		 2829 goto failed;
2830 }
2831
a198e7b1 2832 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2833 if (!e) {
bdb6d971 2834 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2835 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2836 goto failed;
2837 }
2838
2839 if (cp->name_known) {
2840 e->name_state = NAME_KNOWN;
2841 list_del(&e->list);
2842 } else {
2843 e->name_state = NAME_NEEDED;
a3d4e20a 2844 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2845 }
2846
e384662b
JH		 2847 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
2848 sizeof(cp->addr));
561aafbc
JH		 2849
2850failed:
2851 hci_dev_unlock(hdev);
561aafbc
JH		 2852 return err;
2853}
2854
bdb6d971 2855static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2856 u16 len)
7fbec224 2857{
650f726d 2858 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2859 u8 status;
7fbec224
AJ		 2860 int err;
2861
bdb6d971 2862 BT_DBG("%s", hdev->name);
7fbec224 2863
4ee71b20 2864 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 2865 return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE,
2866 MGMT_STATUS_INVALID_PARAMS,
2867 &cp->addr, sizeof(cp->addr));
4ee71b20 2868
09fd0de5 2869 hci_dev_lock(hdev);
5e762444 2870
88c1fe4b 2871 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2872 if (err < 0)
f0eeea8b 2873 status = MGMT_STATUS_FAILED;
7fbec224 2874 else
a6785be2 2875 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2876
bdb6d971 2877 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2878 &cp->addr, sizeof(cp->addr));
5e762444 2879
09fd0de5 2880 hci_dev_unlock(hdev);
7fbec224
AJ		 2881
2882 return err;
2883}
2884
bdb6d971 2885static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2886 u16 len)
7fbec224 2887{
650f726d 2888 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2889 u8 status;
7fbec224
AJ		 2890 int err;
2891
bdb6d971 2892 BT_DBG("%s", hdev->name);
7fbec224 2893
4ee71b20 2894 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 2895 return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE,
2896 MGMT_STATUS_INVALID_PARAMS,
2897 &cp->addr, sizeof(cp->addr));
4ee71b20 2898
09fd0de5 2899 hci_dev_lock(hdev);
5e762444 2900
88c1fe4b 2901 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2902 if (err < 0)
f0eeea8b 2903 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2904 else
a6785be2 2905 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2906
bdb6d971 2907 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2908 &cp->addr, sizeof(cp->addr));
5e762444 2909
09fd0de5 2910 hci_dev_unlock(hdev);
7fbec224
AJ		 2911
2912 return err;
2913}
2914
cdbaccca
MH		 2915static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2916 u16 len)
2917{
2918 struct mgmt_cp_set_device_id *cp = data;
890ea898 2919 struct hci_request req;
cdbaccca 2920 int err;
c72d4b8a 2921 __u16 source;
cdbaccca
MH		 2922
2923 BT_DBG("%s", hdev->name);
2924
c72d4b8a
SJ		 2925 source = __le16_to_cpu(cp->source);
2926
2927 if (source > 0x0002)
2928 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2929 MGMT_STATUS_INVALID_PARAMS);
2930
cdbaccca
MH		 2931 hci_dev_lock(hdev);
2932
c72d4b8a 2933 hdev->devid_source = source;
cdbaccca
MH		 2934 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2935 hdev->devid_product = __le16_to_cpu(cp->product);
2936 hdev->devid_version = __le16_to_cpu(cp->version);
2937
2938 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2939
890ea898
JH		 2940 hci_req_init(&req, hdev);
2941 update_eir(&req);
2942 hci_req_run(&req, NULL);
cdbaccca
MH		 2943
2944 hci_dev_unlock(hdev);
2945
2946 return err;
2947}
2948
33e38b3e
JH		 2949static void fast_connectable_complete(struct hci_dev *hdev, u8 status)
2950{
2951 struct pending_cmd *cmd;
2952
2953 BT_DBG("status 0x%02x", status);
2954
2955 hci_dev_lock(hdev);
2956
2957 cmd = mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev);
2958 if (!cmd)
2959 goto unlock;
2960
2961 if (status) {
2962 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2963 mgmt_status(status));
2964 } else {
1a4d3c4b
JH		 2965 struct mgmt_mode *cp = cmd->param;
2966
2967 if (cp->val)
2968 set_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
2969 else
2970 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
2971
33e38b3e
JH		 2972 send_settings_rsp(cmd->sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev);
2973 new_settings(hdev, cmd->sk);
2974 }
2975
2976 mgmt_pending_remove(cmd);
2977
2978unlock:
2979 hci_dev_unlock(hdev);
2980}
2981
bdb6d971 2982static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2983 void *data, u16 len)
f6422ec6 2984{
650f726d 2985 struct mgmt_mode *cp = data;
33e38b3e
JH		 2986 struct pending_cmd *cmd;
2987 struct hci_request req;
f6422ec6
AJ		 2988 int err;
2989
bdb6d971 2990 BT_DBG("%s", hdev->name);
f6422ec6 2991
1a47aee8 2992 if (!lmp_bredr_capable(hdev) || hdev->hci_ver < BLUETOOTH_VER_1_2)
33c525c0
JH		 2993 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2994 MGMT_STATUS_NOT_SUPPORTED);
2995
a7e80f25
JH		 2996 if (cp->val != 0x00 && cp->val != 0x01)
2997 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2998 MGMT_STATUS_INVALID_PARAMS);
2999
5400c044 3000 if (!hdev_is_powered(hdev))
bdb6d971 3001 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3002 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 3003
3004 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 3005 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3006 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 3007
3008 hci_dev_lock(hdev);
3009
05cbf29f
JH		 3010 if (mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev)) {
3011 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3012 MGMT_STATUS_BUSY);
3013 goto unlock;
3014 }
3015
1a4d3c4b
JH		 3016 if (!!cp->val == test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) {
3017 err = send_settings_rsp(sk, MGMT_OP_SET_FAST_CONNECTABLE,
3018 hdev);
3019 goto unlock;
3020 }
3021
33e38b3e
JH		 3022 cmd = mgmt_pending_add(sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev,
3023 data, len);
3024 if (!cmd) {
3025 err = -ENOMEM;
3026 goto unlock;
f6422ec6
AJ		 3027 }
3028
33e38b3e
JH		 3029 hci_req_init(&req, hdev);
3030
406d7804 3031 write_fast_connectable(&req, cp->val);
33e38b3e
JH		 3032
3033 err = hci_req_run(&req, fast_connectable_complete);
f6422ec6 3034 if (err < 0) {
bdb6d971 3035 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3036 MGMT_STATUS_FAILED);
33e38b3e 3037 mgmt_pending_remove(cmd);
f6422ec6
AJ		 3038 }
3039
33e38b3e 3040unlock:
f6422ec6 3041 hci_dev_unlock(hdev);
33e38b3e 3042
f6422ec6
AJ		 3043 return err;
3044}
3045
3f706b72
JH		 3046static bool ltk_is_valid(struct mgmt_ltk_info *key)
3047{
44b20d33
JH		 3048 if (key->authenticated != 0x00 && key->authenticated != 0x01)
3049 return false;
3f706b72
JH		 3050 if (key->master != 0x00 && key->master != 0x01)
3051 return false;
4ee71b20
JH		 3052 if (!bdaddr_type_is_le(key->addr.type))
3053 return false;
3f706b72
JH		 3054 return true;
3055}
3056
bdb6d971 3057static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 3058 void *cp_data, u16 len)
346af67b 3059{
346af67b
VCG		 3060 struct mgmt_cp_load_long_term_keys *cp = cp_data;
3061 u16 key_count, expected_len;
715a5bf2 3062 int i, err;
346af67b 3063
1f350c87 3064 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 3065
3066 expected_len = sizeof(*cp) + key_count *
3067 sizeof(struct mgmt_ltk_info);
3068 if (expected_len != len) {
3069 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 3070 len, expected_len);
bdb6d971 3071 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
e57e619f 3072 MGMT_STATUS_INVALID_PARAMS);
346af67b
VCG		 3073 }
3074
bdb6d971 3075 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b 3076
54ad6d8a
JH		 3077 for (i = 0; i < key_count; i++) {
3078 struct mgmt_ltk_info *key = &cp->keys[i];
3079
3f706b72 3080 if (!ltk_is_valid(key))
54ad6d8a
JH		 3081 return cmd_status(sk, hdev->id,
3082 MGMT_OP_LOAD_LONG_TERM_KEYS,
3083 MGMT_STATUS_INVALID_PARAMS);
3084 }
3085
346af67b
VCG		 3086 hci_dev_lock(hdev);
3087
3088 hci_smp_ltks_clear(hdev);
3089
3090 for (i = 0; i < key_count; i++) {
3091 struct mgmt_ltk_info *key = &cp->keys[i];
3092 u8 type;
3093
3094 if (key->master)
3095 type = HCI_SMP_LTK;
3096 else
3097 type = HCI_SMP_LTK_SLAVE;
3098
4596fde5 3099 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 3100 bdaddr_to_le(key->addr.type),
04124681
GP		 3101 type, 0, key->authenticated, key->val,
3102 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 3103 }
3104
715a5bf2
JH		 3105 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
3106 NULL, 0);
3107
346af67b 3108 hci_dev_unlock(hdev);
346af67b 3109
715a5bf2 3110 return err;
346af67b
VCG		 3111}
3112
2e3c35ea 3113static const struct mgmt_handler {
04124681
GP		 3114 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
3115 u16 data_len);
be22b54e
JH		 3116 bool var_len;
3117 size_t data_len;
0f4e68cf
JH		 3118} mgmt_handlers[] = {
3119 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 3120 { read_version, false, MGMT_READ_VERSION_SIZE },
3121 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
3122 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
3123 { read_controller_info, false, MGMT_READ_INFO_SIZE },
3124 { set_powered, false, MGMT_SETTING_SIZE },
3125 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
3126 { set_connectable, false, MGMT_SETTING_SIZE },
3127 { set_fast_connectable, false, MGMT_SETTING_SIZE },
3128 { set_pairable, false, MGMT_SETTING_SIZE },
3129 { set_link_security, false, MGMT_SETTING_SIZE },
3130 { set_ssp, false, MGMT_SETTING_SIZE },
3131 { set_hs, false, MGMT_SETTING_SIZE },
3132 { set_le, false, MGMT_SETTING_SIZE },
3133 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
3134 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
3135 { add_uuid, false, MGMT_ADD_UUID_SIZE },
3136 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
3137 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
3138 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
3139 { disconnect, false, MGMT_DISCONNECT_SIZE },
3140 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
3141 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
3142 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
3143 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
3144 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
3145 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
3146 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
3147 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
3148 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
3149 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
3150 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
3151 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
3152 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
3153 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
3154 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
3155 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
3156 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
3157 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
3158 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 3159 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 3160};
3161
3162
0381101f
JH		 3163int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
3164{
650f726d
VCG		 3165 void *buf;
3166 u8 *cp;
0381101f 3167 struct mgmt_hdr *hdr;
4e51eae9 3168 u16 opcode, index, len;
bdb6d971 3169 struct hci_dev *hdev = NULL;
2e3c35ea 3170 const struct mgmt_handler *handler;
0381101f
JH		 3171 int err;
3172
3173 BT_DBG("got %zu bytes", msglen);
3174
3175 if (msglen < sizeof(*hdr))
3176 return -EINVAL;
3177
e63a15ec 3178 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 3179 if (!buf)
3180 return -ENOMEM;
3181
3182 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
3183 err = -EFAULT;
3184 goto done;
3185 }
3186
650f726d 3187 hdr = buf;
1f350c87
MH		 3188 opcode = __le16_to_cpu(hdr->opcode);
3189 index = __le16_to_cpu(hdr->index);
3190 len = __le16_to_cpu(hdr->len);
0381101f
JH		 3191
3192 if (len != msglen - sizeof(*hdr)) {
3193 err = -EINVAL;
3194 goto done;
3195 }
3196
0f4e68cf 3197 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 3198 hdev = hci_dev_get(index);
3199 if (!hdev) {
3200 err = cmd_status(sk, index, opcode,
04124681 3201 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 3202 goto done;
3203 }
3204 }
3205
0f4e68cf 3206 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 3207 mgmt_handlers[opcode].func == NULL) {
0381101f 3208 BT_DBG("Unknown op %u", opcode);
ca69b795 3209 err = cmd_status(sk, index, opcode,
04124681 3210 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 3211 goto done;
3212 }
3213
3214 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 3215 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 3216 err = cmd_status(sk, index, opcode,
04124681 3217 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 3218 goto done;
0381101f
JH		 3219 }
3220
be22b54e
JH		 3221 handler = &mgmt_handlers[opcode];
3222
3223 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 3224 (!handler->var_len && len != handler->data_len)) {
be22b54e 3225 err = cmd_status(sk, index, opcode,
04124681 3226 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 3227 goto done;
3228 }
3229
0f4e68cf
JH		 3230 if (hdev)
3231 mgmt_init_hdev(sk, hdev);
3232
3233 cp = buf + sizeof(*hdr);
3234
be22b54e 3235 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 3236 if (err < 0)
3237 goto done;
3238
0381101f
JH		 3239 err = msglen;
3240
3241done:
bdb6d971
JH		 3242 if (hdev)
3243 hci_dev_put(hdev);
3244
0381101f
JH		 3245 kfree(buf);
3246 return err;
3247}
c71e97bf 3248
b24752fe
JH		 3249static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
3250{
3251 u8 *status = data;
3252
3253 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
3254 mgmt_pending_remove(cmd);
3255}
3256
744cf19e 3257int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 3258{
bb4b2a9a
AE		 3259 if (!mgmt_valid_hdev(hdev))
3260 return -ENOTSUPP;
3261
744cf19e 3262 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 3263}
3264
744cf19e 3265int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 3266{
5f159032 3267 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 3268
bb4b2a9a
AE		 3269 if (!mgmt_valid_hdev(hdev))
3270 return -ENOTSUPP;
3271
744cf19e 3272 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 3273
744cf19e 3274 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 3275}
3276
73f22f62 3277struct cmd_lookup {
eec8d2bc 3278 struct sock *sk;
69ab39ea 3279 struct hci_dev *hdev;
90e70454 3280 u8 mgmt_status;
eec8d2bc
JH		 3281};
3282
69ab39ea 3283static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 3284{
73f22f62 3285 struct cmd_lookup *match = data;
eec8d2bc 3286
69ab39ea 3287 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 3288
3289 list_del(&cmd->list);
3290
3291 if (match->sk == NULL) {
3292 match->sk = cmd->sk;
3293 sock_hold(match->sk);
3294 }
3295
3296 mgmt_pending_free(cmd);
c71e97bf 3297}
5add6af8 3298
890ea898 3299static void set_bredr_scan(struct hci_request *req)
7f0ae647 3300{
890ea898 3301 struct hci_dev *hdev = req->hdev;
7f0ae647
JH		 3302 u8 scan = 0;
3303
4c01f8b8
JH		 3304 /* Ensure that fast connectable is disabled. This function will
3305 * not do anything if the page scan parameters are already what
3306 * they should be.
3307 */
3308 write_fast_connectable(req, false);
3309
7f0ae647
JH		 3310 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3311 scan |= SCAN_PAGE;
3312 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3313 scan |= SCAN_INQUIRY;
3314
890ea898
JH		 3315 if (scan)
3316 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
7f0ae647
JH		 3317}
3318
229ab39c
JH		 3319static void powered_complete(struct hci_dev *hdev, u8 status)
3320{
3321 struct cmd_lookup match = { NULL, hdev };
3322
3323 BT_DBG("status 0x%02x", status);
3324
3325 hci_dev_lock(hdev);
3326
3327 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
3328
3329 new_settings(hdev, match.sk);
3330
3331 hci_dev_unlock(hdev);
3332
3333 if (match.sk)
3334 sock_put(match.sk);
3335}
3336
70da6243 3337static int powered_update_hci(struct hci_dev *hdev)
5add6af8 3338{
890ea898 3339 struct hci_request req;
70da6243 3340 u8 link_sec;
5add6af8 3341
890ea898
JH		 3342 hci_req_init(&req, hdev);
3343
70da6243
JH		 3344 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
3345 !lmp_host_ssp_capable(hdev)) {
3346 u8 ssp = 1;
5e5282bb 3347
890ea898 3348 hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
70da6243 3349 }
5add6af8 3350
70da6243
JH		 3351 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
3352 struct hci_cp_write_le_host_supported cp;
f0ff92fb 3353
70da6243
JH		 3354 cp.le = 1;
3355 cp.simul = lmp_le_br_capable(hdev);
3d1cbdd6 3356
70da6243
JH		 3357 /* Check first if we already have the right
3358 * host state (host features set)
3359 */
3360 if (cp.le != lmp_host_le_capable(hdev) ||
3361 cp.simul != lmp_host_le_br_capable(hdev))
890ea898
JH		 3362 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED,
3363 sizeof(cp), &cp);
70da6243 3364 }
3d1cbdd6 3365
70da6243
JH		 3366 link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
3367 if (link_sec != test_bit(HCI_AUTH, &hdev->flags))
890ea898
JH		 3368 hci_req_add(&req, HCI_OP_WRITE_AUTH_ENABLE,
3369 sizeof(link_sec), &link_sec);
562fcc24 3370
70da6243 3371 if (lmp_bredr_capable(hdev)) {
890ea898
JH		 3372 set_bredr_scan(&req);
3373 update_class(&req);
13928971 3374 update_name(&req);
890ea898 3375 update_eir(&req);
70da6243 3376 }
562fcc24 3377
229ab39c 3378 return hci_req_run(&req, powered_complete);
70da6243 3379}
562fcc24 3380
70da6243
JH		 3381int mgmt_powered(struct hci_dev *hdev, u8 powered)
3382{
3383 struct cmd_lookup match = { NULL, hdev };
229ab39c
JH		 3384 u8 status_not_powered = MGMT_STATUS_NOT_POWERED;
3385 u8 zero_cod[] = { 0, 0, 0 };
70da6243 3386 int err;
f0ff92fb 3387
70da6243
JH		 3388 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3389 return 0;
3390
70da6243 3391 if (powered) {
229ab39c
JH		 3392 if (powered_update_hci(hdev) == 0)
3393 return 0;
fe038884 3394
229ab39c
JH		 3395 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp,
3396 &match);
3397 goto new_settings;
b24752fe
JH		 3398 }
3399
229ab39c
JH		 3400 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
3401 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status_not_powered);
3402
3403 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
3404 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
3405 zero_cod, sizeof(zero_cod), NULL);
3406
3407new_settings:
beadb2bd 3408 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 3409
3410 if (match.sk)
3411 sock_put(match.sk);
3412
7bb895d6 3413 return err;
5add6af8 3414}
73f22f62 3415
744cf19e 3416int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 3417{
76a7f3a4 3418 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3419 bool changed = false;
3420 int err = 0;
73f22f62 3421
5e5282bb
JH		 3422 if (discoverable) {
3423 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3424 changed = true;
3425 } else {
3426 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3427 changed = true;
3428 }
73f22f62 3429
ed9b5f2f 3430 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 3431 &match);
ed9b5f2f 3432
beadb2bd
JH		 3433 if (changed)
3434 err = new_settings(hdev, match.sk);
5e5282bb 3435
73f22f62
JH		 3436 if (match.sk)
3437 sock_put(match.sk);
3438
7bb895d6 3439 return err;
73f22f62 3440}
9fbcbb45 3441
744cf19e 3442int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 3443{
2b76f453 3444 struct pending_cmd *cmd;
5e5282bb
JH		 3445 bool changed = false;
3446 int err = 0;
9fbcbb45 3447
5e5282bb
JH		 3448 if (connectable) {
3449 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3450 changed = true;
3451 } else {
3452 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3453 changed = true;
3454 }
9fbcbb45 3455
2b76f453 3456 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
ed9b5f2f 3457
beadb2bd 3458 if (changed)
2b76f453 3459 err = new_settings(hdev, cmd ? cmd->sk : NULL);
9fbcbb45 3460
7bb895d6 3461 return err;
9fbcbb45 3462}
55ed8ca1 3463
744cf19e 3464int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3465{
ca69b795
JH		 3466 u8 mgmt_err = mgmt_status(status);
3467
2d7cee58 3468 if (scan & SCAN_PAGE)
744cf19e 3469 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 3470 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3471
3472 if (scan & SCAN_INQUIRY)
744cf19e 3473 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 3474 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3475
3476 return 0;
3477}
3478
53168e5b
CC		 3479int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3480 bool persistent)
55ed8ca1 3481{
86742e1e 3482 struct mgmt_ev_new_link_key ev;
55ed8ca1 3483
a492cd52 3484 memset(&ev, 0, sizeof(ev));
55ed8ca1 3485
a492cd52 3486 ev.store_hint = persistent;
d753fdc4 3487 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3488 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3489 ev.key.type = key->type;
9b3b4460 3490 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3491 ev.key.pin_len = key->pin_len;
55ed8ca1 3492
744cf19e 3493 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3494}
f7520543 3495
346af67b
VCG		 3496int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3497{
3498 struct mgmt_ev_new_long_term_key ev;
3499
3500 memset(&ev, 0, sizeof(ev));
3501
3502 ev.store_hint = persistent;
3503 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3504 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3505 ev.key.authenticated = key->authenticated;
3506 ev.key.enc_size = key->enc_size;
3507 ev.key.ediv = key->ediv;
3508
3509 if (key->type == HCI_SMP_LTK)
3510 ev.key.master = 1;
3511
3512 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3513 memcpy(ev.key.val, key->val, sizeof(key->val));
3514
04124681
GP		 3515 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3516 NULL);
346af67b
VCG		 3517}
3518
afc747a6 3519int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3520 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3521 u8 *dev_class)
f7520543 3522{
b644ba33
JH		 3523 char buf[512];
3524 struct mgmt_ev_device_connected *ev = (void *) buf;
3525 u16 eir_len = 0;
f7520543 3526
b644ba33 3527 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3528 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3529
c95f0ba7 3530 ev->flags = __cpu_to_le32(flags);
08c79b61 3531
b644ba33
JH		 3532 if (name_len > 0)
3533 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3534 name, name_len);
b644ba33
JH		 3535
3536 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3537 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3538 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3539
eb55ef07 3540 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3541
3542 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3543 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3544}
3545
8962ee74
JH		 3546static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3547{
c68fb7ff 3548 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3549 struct sock **sk = data;
a38528f1 3550 struct mgmt_rp_disconnect rp;
8962ee74 3551
88c3df13
JH		 3552 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3553 rp.addr.type = cp->addr.type;
8962ee74 3554
aee9b218 3555 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3556 sizeof(rp));
8962ee74
JH		 3557
3558 *sk = cmd->sk;
3559 sock_hold(*sk);
3560
a664b5bc 3561 mgmt_pending_remove(cmd);
8962ee74
JH		 3562}
3563
124f6e35 3564static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3565{
b1078ad0 3566 struct hci_dev *hdev = data;
124f6e35
JH		 3567 struct mgmt_cp_unpair_device *cp = cmd->param;
3568 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3569
3570 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3571 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3572 rp.addr.type = cp->addr.type;
a8a1d19e 3573
b1078ad0
JH		 3574 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3575
aee9b218 3576 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3577
3578 mgmt_pending_remove(cmd);
3579}
3580
afc747a6 3581int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3582 u8 link_type, u8 addr_type, u8 reason)
f7520543 3583{
f0d6a0ea 3584 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3585 struct sock *sk = NULL;
3586 int err;
3587
744cf19e 3588 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3589
f0d6a0ea
MA		 3590 bacpy(&ev.addr.bdaddr, bdaddr);
3591 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3592 ev.reason = reason;
f7520543 3593
afc747a6 3594 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3595 sk);
8962ee74
JH		 3596
3597 if (sk)
d97dcb66 3598 sock_put(sk);
8962ee74 3599
124f6e35 3600 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3601 hdev);
a8a1d19e 3602
8962ee74
JH		 3603 return err;
3604}
3605
88c3df13 3606int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3607 u8 link_type, u8 addr_type, u8 status)
8962ee74 3608{
88c3df13 3609 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3610 struct pending_cmd *cmd;
3611 int err;
3612
36a75f1b
JD		 3613 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3614 hdev);
3615
2e58ef3e 3616 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3617 if (!cmd)
3618 return -ENOENT;
3619
88c3df13 3620 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3621 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3622
88c3df13 3623 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3624 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3625
a664b5bc 3626 mgmt_pending_remove(cmd);
8962ee74
JH		 3627
3628 return err;
f7520543 3629}
17d5c04c 3630
48264f06 3631int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3632 u8 addr_type, u8 status)
17d5c04c
JH		 3633{
3634 struct mgmt_ev_connect_failed ev;
3635
4c659c39 3636 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3637 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3638 ev.status = mgmt_status(status);
17d5c04c 3639
744cf19e 3640 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3641}
980e1a53 3642
744cf19e 3643int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3644{
3645 struct mgmt_ev_pin_code_request ev;
3646
d8457698 3647 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3648 ev.addr.type = BDADDR_BREDR;
a770bb5a 3649 ev.secure = secure;
980e1a53 3650
744cf19e 3651 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3652 NULL);
980e1a53
JH		 3653}
3654
744cf19e 3655int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3656 u8 status)
980e1a53
JH		 3657{
3658 struct pending_cmd *cmd;
ac56fb13 3659 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3660 int err;
3661
2e58ef3e 3662 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3663 if (!cmd)
3664 return -ENOENT;
3665
d8457698 3666 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3667 rp.addr.type = BDADDR_BREDR;
ac56fb13 3668
aee9b218 3669 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3670 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3671
a664b5bc 3672 mgmt_pending_remove(cmd);
980e1a53
JH		 3673
3674 return err;
3675}
3676
744cf19e 3677int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3678 u8 status)
980e1a53
JH		 3679{
3680 struct pending_cmd *cmd;
ac56fb13 3681 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3682 int err;
3683
2e58ef3e 3684 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3685 if (!cmd)
3686 return -ENOENT;
3687
d8457698 3688 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3689 rp.addr.type = BDADDR_BREDR;
ac56fb13 3690
aee9b218 3691 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3692 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3693
a664b5bc 3694 mgmt_pending_remove(cmd);
980e1a53
JH		 3695
3696 return err;
3697}
a5c29683 3698
744cf19e 3699int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3700 u8 link_type, u8 addr_type, __le32 value,
3701 u8 confirm_hint)
a5c29683
JH		 3702{
3703 struct mgmt_ev_user_confirm_request ev;
3704
744cf19e 3705 BT_DBG("%s", hdev->name);
a5c29683 3706
272d90df 3707 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3708 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3709 ev.confirm_hint = confirm_hint;
78e8098e 3710 ev.value = value;
a5c29683 3711
744cf19e 3712 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3713 NULL);
a5c29683
JH		 3714}
3715
272d90df 3716int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3717 u8 link_type, u8 addr_type)
604086b7
BG		 3718{
3719 struct mgmt_ev_user_passkey_request ev;
3720
3721 BT_DBG("%s", hdev->name);
3722
272d90df 3723 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3724 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3725
3726 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3727 NULL);
604086b7
BG		 3728}
3729
0df4c185 3730static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3731 u8 link_type, u8 addr_type, u8 status,
3732 u8 opcode)
a5c29683
JH		 3733{
3734 struct pending_cmd *cmd;
3735 struct mgmt_rp_user_confirm_reply rp;
3736 int err;
3737
2e58ef3e 3738 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3739 if (!cmd)
3740 return -ENOENT;
3741
272d90df 3742 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3743 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3744 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3745 &rp, sizeof(rp));
a5c29683 3746
a664b5bc 3747 mgmt_pending_remove(cmd);
a5c29683
JH		 3748
3749 return err;
3750}
3751
744cf19e 3752int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3753 u8 link_type, u8 addr_type, u8 status)
a5c29683 3754{
272d90df 3755 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3756 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3757}
3758
272d90df 3759int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3760 u8 link_type, u8 addr_type, u8 status)
a5c29683 3761{
272d90df 3762 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3763 status,
3764 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3765}
2a611692 3766
604086b7 3767int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3768 u8 link_type, u8 addr_type, u8 status)
604086b7 3769{
272d90df 3770 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3771 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3772}
3773
272d90df 3774int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3775 u8 link_type, u8 addr_type, u8 status)
604086b7 3776{
272d90df 3777 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3778 status,
3779 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3780}
3781
92a25256
JH		 3782int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3783 u8 link_type, u8 addr_type, u32 passkey,
3784 u8 entered)
3785{
3786 struct mgmt_ev_passkey_notify ev;
3787
3788 BT_DBG("%s", hdev->name);
3789
3790 bacpy(&ev.addr.bdaddr, bdaddr);
3791 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3792 ev.passkey = __cpu_to_le32(passkey);
3793 ev.entered = entered;
3794
3795 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3796}
3797
bab73cb6 3798int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3799 u8 addr_type, u8 status)
2a611692
JH		 3800{
3801 struct mgmt_ev_auth_failed ev;
3802
bab73cb6 3803 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3804 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3805 ev.status = mgmt_status(status);
2a611692 3806
744cf19e 3807 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3808}
b312b161 3809
33ef95ed
JH		 3810int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3811{
3812 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3813 bool changed = false;
3814 int err = 0;
33ef95ed
JH		 3815
3816 if (status) {
3817 u8 mgmt_err = mgmt_status(status);
3818 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3819 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3820 return 0;
3821 }
3822
47990ea0
JH		 3823 if (test_bit(HCI_AUTH, &hdev->flags)) {
3824 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3825 changed = true;
3826 } else {
3827 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3828 changed = true;
3829 }
3830
33ef95ed 3831 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3832 &match);
33ef95ed 3833
47990ea0
JH		 3834 if (changed)
3835 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3836
3837 if (match.sk)
3838 sock_put(match.sk);
3839
3840 return err;
3841}
3842
890ea898 3843static void clear_eir(struct hci_request *req)
cacaf52f 3844{
890ea898 3845 struct hci_dev *hdev = req->hdev;
cacaf52f
JH		 3846 struct hci_cp_write_eir cp;
3847
976eb20e 3848 if (!lmp_ext_inq_capable(hdev))
890ea898 3849 return;
cacaf52f 3850
c80da27e
JH		 3851 memset(hdev->eir, 0, sizeof(hdev->eir));
3852
cacaf52f
JH		 3853 memset(&cp, 0, sizeof(cp));
3854
890ea898 3855 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
cacaf52f
JH		 3856}
3857
c0ecddc2 3858int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3859{
3860 struct cmd_lookup match = { NULL, hdev };
890ea898 3861 struct hci_request req;
c0ecddc2
JH		 3862 bool changed = false;
3863 int err = 0;
ed2c4ee3
JH		 3864
3865 if (status) {
3866 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3867
3868 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3869 &hdev->dev_flags))
c0ecddc2
JH		 3870 err = new_settings(hdev, NULL);
3871
04124681
GP		 3872 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3873 &mgmt_err);
c0ecddc2
JH		 3874
3875 return err;
3876 }
3877
3878 if (enable) {
3879 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3880 changed = true;
3881 } else {
3882 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3883 changed = true;
ed2c4ee3
JH		 3884 }
3885
3886 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3887
c0ecddc2
JH		 3888 if (changed)
3889 err = new_settings(hdev, match.sk);
ed2c4ee3 3890
5fc6ebb1 3891 if (match.sk)
ed2c4ee3
JH		 3892 sock_put(match.sk);
3893
890ea898
JH		 3894 hci_req_init(&req, hdev);
3895
5fc6ebb1 3896 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 3897 update_eir(&req);
5fc6ebb1 3898 else
890ea898
JH		 3899 clear_eir(&req);
3900
3901 hci_req_run(&req, NULL);
cacaf52f 3902
ed2c4ee3
JH		 3903 return err;
3904}
3905
92da6097 3906static void sk_lookup(struct pending_cmd *cmd, void *data)
90e70454
JH		 3907{
3908 struct cmd_lookup *match = data;
3909
90e70454
JH		 3910 if (match->sk == NULL) {
3911 match->sk = cmd->sk;
3912 sock_hold(match->sk);
3913 }
90e70454
JH		 3914}
3915
7f9a903c 3916int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3917 u8 status)
7f9a903c 3918{
90e70454
JH		 3919 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3920 int err = 0;
7f9a903c 3921
92da6097
JH		 3922 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, sk_lookup, &match);
3923 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, sk_lookup, &match);
3924 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, sk_lookup, &match);
90e70454
JH		 3925
3926 if (!status)
04124681
GP		 3927 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3928 3, NULL);
90e70454
JH		 3929
3930 if (match.sk)
3931 sock_put(match.sk);
7f9a903c
MH		 3932
3933 return err;
3934}
3935
744cf19e 3936int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161 3937{
b312b161 3938 struct mgmt_cp_set_local_name ev;
13928971 3939 struct pending_cmd *cmd;
28cc7bde 3940
13928971
JH		 3941 if (status)
3942 return 0;
b312b161
JH		 3943
3944 memset(&ev, 0, sizeof(ev));
3945 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3946 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3947
2e58ef3e 3948 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
13928971
JH		 3949 if (!cmd) {
3950 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
28cc7bde 3951
13928971
JH		 3952 /* If this is a HCI command related to powering on the
3953 * HCI dev don't send any mgmt signals.
3954 */
3955 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev))
3956 return 0;
890ea898 3957 }
b312b161 3958
13928971
JH		 3959 return mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
3960 cmd ? cmd->sk : NULL);
b312b161 3961}
c35938b2 3962
744cf19e 3963int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3964 u8 *randomizer, u8 status)
c35938b2
SJ		 3965{
3966 struct pending_cmd *cmd;
3967 int err;
3968
744cf19e 3969 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3970
2e58ef3e 3971 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3972 if (!cmd)
3973 return -ENOENT;
3974
3975 if (status) {
04124681
GP		 3976 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3977 mgmt_status(status));
c35938b2
SJ		 3978 } else {
3979 struct mgmt_rp_read_local_oob_data rp;
3980
3981 memcpy(rp.hash, hash, sizeof(rp.hash));
3982 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3983
744cf19e 3984 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3985 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3986 sizeof(rp));
c35938b2
SJ		 3987 }
3988
3989 mgmt_pending_remove(cmd);
3990
3991 return err;
3992}
e17acd40 3993
06199cf8
JH		 3994int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3995{
3996 struct cmd_lookup match = { NULL, hdev };
3997 bool changed = false;
3998 int err = 0;
3999
4000 if (status) {
4001 u8 mgmt_err = mgmt_status(status);
4002
4003 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 4004 &hdev->dev_flags))
d97dcb66 4005 err = new_settings(hdev, NULL);
06199cf8 4006
d97dcb66
SJ		 4007 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
4008 &mgmt_err);
06199cf8
JH		 4009
4010 return err;
4011 }
4012
4013 if (enable) {
4014 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
4015 changed = true;
4016 } else {
4017 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
4018 changed = true;
4019 }
4020
4021 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
4022
4023 if (changed)
4024 err = new_settings(hdev, match.sk);
4025
4026 if (match.sk)
4027 sock_put(match.sk);
4028
4029 return err;
4030}
4031
48264f06 4032int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 4033 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
4034 ssp, u8 *eir, u16 eir_len)
e17acd40 4035{
e319d2e7
JH		 4036 char buf[512];
4037 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 4038 size_t ev_size;
e17acd40 4039
1dc06093
JH		 4040 /* Leave 5 bytes for a potential CoD field */
4041 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 4042 return -EINVAL;
4043
1dc06093
JH		 4044 memset(buf, 0, sizeof(buf));
4045
e319d2e7 4046 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4047 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 4048 ev->rssi = rssi;
9a395a80 4049 if (cfm_name)
612dfce9 4050 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 4051 if (!ssp)
612dfce9 4052 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 4053
1dc06093 4054 if (eir_len > 0)
e319d2e7 4055 memcpy(ev->eir, eir, eir_len);
e17acd40 4056
1dc06093
JH		 4057 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
4058 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 4059 dev_class, 3);
1dc06093 4060
eb55ef07 4061 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 4062 ev_size = sizeof(*ev) + eir_len;
f8523598 4063
e319d2e7 4064 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 4065}
a88a9652 4066
b644ba33 4067int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 4068 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 4069{
b644ba33
JH		 4070 struct mgmt_ev_device_found *ev;
4071 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
4072 u16 eir_len;
a88a9652 4073
b644ba33 4074 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 4075
b644ba33
JH		 4076 memset(buf, 0, sizeof(buf));
4077
4078 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4079 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 4080 ev->rssi = rssi;
4081
4082 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 4083 name_len);
b644ba33 4084
eb55ef07 4085 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 4086
053c7e0c 4087 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 4088 sizeof(*ev) + eir_len, NULL);
a88a9652 4089}
314b2381 4090
7a135109 4091int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 4092{
4093 struct pending_cmd *cmd;
f808e166 4094 u8 type;
164a6e78
JH		 4095 int err;
4096
203159d4
AG		 4097 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
4098
2e58ef3e 4099 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 4100 if (!cmd)
4101 return -ENOENT;
4102
f808e166
JH		 4103 type = hdev->discovery.type;
4104
4105 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 4106 &type, sizeof(type));
164a6e78
JH		 4107 mgmt_pending_remove(cmd);
4108
4109 return err;
4110}
4111
e6d465cb
AG		 4112int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
4113{
4114 struct pending_cmd *cmd;
4115 int err;
4116
4117 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
4118 if (!cmd)
4119 return -ENOENT;
4120
d930650b 4121 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 4122 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 4123 mgmt_pending_remove(cmd);
4124
4125 return err;
4126}
4127
744cf19e 4128int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 4129{
f963e8e9 4130 struct mgmt_ev_discovering ev;
164a6e78
JH		 4131 struct pending_cmd *cmd;
4132
343fb145
AG		 4133 BT_DBG("%s discovering %u", hdev->name, discovering);
4134
164a6e78 4135 if (discovering)
2e58ef3e 4136 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 4137 else
2e58ef3e 4138 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 4139
4140 if (cmd != NULL) {
f808e166
JH		 4141 u8 type = hdev->discovery.type;
4142
04124681
GP		 4143 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
4144 sizeof(type));
164a6e78
JH		 4145 mgmt_pending_remove(cmd);
4146 }
4147
f963e8e9
JH		 4148 memset(&ev, 0, sizeof(ev));
4149 ev.type = hdev->discovery.type;
4150 ev.discovering = discovering;
4151
4152 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 4153}
5e762444 4154
88c1fe4b 4155int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4156{
4157 struct pending_cmd *cmd;
4158 struct mgmt_ev_device_blocked ev;
4159
2e58ef3e 4160 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 4161
88c1fe4b
JH		 4162 bacpy(&ev.addr.bdaddr, bdaddr);
4163 ev.addr.type = type;
5e762444 4164
744cf19e 4165 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 4166 cmd ? cmd->sk : NULL);
5e762444
AJ		 4167}
4168
88c1fe4b 4169int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4170{
4171 struct pending_cmd *cmd;
4172 struct mgmt_ev_device_unblocked ev;
4173
2e58ef3e 4174 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 4175
88c1fe4b
JH		 4176 bacpy(&ev.addr.bdaddr, bdaddr);
4177 ev.addr.type = type;
5e762444 4178
744cf19e 4179 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 4180 cmd ? cmd->sk : NULL);
5e762444 4181}
d7b7e796
MH		 4182
4183module_param(enable_hs, bool, 0644);
4184MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux kernel - Deliverables
This page took 0.542449 seconds and 5 git commands to generate.