projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Don't send New Settings event during setup power down
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
ca69b795 27#include <linux/kernel.h>
72359753 28#include <linux/uaccess.h>
3a9a231d 29#include <linux/module.h>
0381101f
JH		 30#include <asm/unaligned.h>
31
32#include <net/bluetooth/bluetooth.h>
33#include <net/bluetooth/hci_core.h>
34#include <net/bluetooth/mgmt.h>
5fe57d9e 35#include <net/bluetooth/smp.h>
0381101f 36
d7b7e796
MH		 37bool enable_hs;
38bool enable_le;
39
2da9c55c
JH		 40#define MGMT_VERSION 1
41#define MGMT_REVISION 0
02d98129 42
e70bb2e8
JH		 43static const u16 mgmt_commands[] = {
44 MGMT_OP_READ_INDEX_LIST,
45 MGMT_OP_READ_INFO,
46 MGMT_OP_SET_POWERED,
47 MGMT_OP_SET_DISCOVERABLE,
48 MGMT_OP_SET_CONNECTABLE,
49 MGMT_OP_SET_FAST_CONNECTABLE,
50 MGMT_OP_SET_PAIRABLE,
51 MGMT_OP_SET_LINK_SECURITY,
52 MGMT_OP_SET_SSP,
53 MGMT_OP_SET_HS,
54 MGMT_OP_SET_LE,
55 MGMT_OP_SET_DEV_CLASS,
56 MGMT_OP_SET_LOCAL_NAME,
57 MGMT_OP_ADD_UUID,
58 MGMT_OP_REMOVE_UUID,
59 MGMT_OP_LOAD_LINK_KEYS,
60 MGMT_OP_LOAD_LONG_TERM_KEYS,
61 MGMT_OP_DISCONNECT,
62 MGMT_OP_GET_CONNECTIONS,
63 MGMT_OP_PIN_CODE_REPLY,
64 MGMT_OP_PIN_CODE_NEG_REPLY,
65 MGMT_OP_SET_IO_CAPABILITY,
66 MGMT_OP_PAIR_DEVICE,
67 MGMT_OP_CANCEL_PAIR_DEVICE,
68 MGMT_OP_UNPAIR_DEVICE,
69 MGMT_OP_USER_CONFIRM_REPLY,
70 MGMT_OP_USER_CONFIRM_NEG_REPLY,
71 MGMT_OP_USER_PASSKEY_REPLY,
72 MGMT_OP_USER_PASSKEY_NEG_REPLY,
73 MGMT_OP_READ_LOCAL_OOB_DATA,
74 MGMT_OP_ADD_REMOTE_OOB_DATA,
75 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
76 MGMT_OP_START_DISCOVERY,
77 MGMT_OP_STOP_DISCOVERY,
78 MGMT_OP_CONFIRM_NAME,
79 MGMT_OP_BLOCK_DEVICE,
80 MGMT_OP_UNBLOCK_DEVICE,
81};
82
83static const u16 mgmt_events[] = {
84 MGMT_EV_CONTROLLER_ERROR,
85 MGMT_EV_INDEX_ADDED,
86 MGMT_EV_INDEX_REMOVED,
87 MGMT_EV_NEW_SETTINGS,
88 MGMT_EV_CLASS_OF_DEV_CHANGED,
89 MGMT_EV_LOCAL_NAME_CHANGED,
90 MGMT_EV_NEW_LINK_KEY,
91 MGMT_EV_NEW_LONG_TERM_KEY,
92 MGMT_EV_DEVICE_CONNECTED,
93 MGMT_EV_DEVICE_DISCONNECTED,
94 MGMT_EV_CONNECT_FAILED,
95 MGMT_EV_PIN_CODE_REQUEST,
96 MGMT_EV_USER_CONFIRM_REQUEST,
97 MGMT_EV_USER_PASSKEY_REQUEST,
98 MGMT_EV_AUTH_FAILED,
99 MGMT_EV_DEVICE_FOUND,
100 MGMT_EV_DISCOVERING,
101 MGMT_EV_DEVICE_BLOCKED,
102 MGMT_EV_DEVICE_UNBLOCKED,
103 MGMT_EV_DEVICE_UNPAIRED,
104};
105
3fd24153
AG		 106/*
107 * These LE scan and inquiry parameters were chosen according to LE General
108 * Discovery Procedure specification.
109 */
110#define LE_SCAN_TYPE 0x01
111#define LE_SCAN_WIN 0x12
112#define LE_SCAN_INT 0x12
113#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 114#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 115
e8777525 116#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 117#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 118
7d78525d
JH		 119#define SERVICE_CACHE_TIMEOUT (5 * 1000)
120
eec8d2bc
JH		 121struct pending_cmd {
122 struct list_head list;
fc2f4b13 123 u16 opcode;
eec8d2bc 124 int index;
c68fb7ff 125 void *param;
eec8d2bc 126 struct sock *sk;
e9a416b5 127 void *user_data;
eec8d2bc
JH		 128};
129
ca69b795
JH		 130/* HCI to MGMT error code conversion table */
131static u8 mgmt_status_table[] = {
132 MGMT_STATUS_SUCCESS,
133 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
134 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
135 MGMT_STATUS_FAILED, /* Hardware Failure */
136 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
137 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
138 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
139 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
140 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
141 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
142 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
143 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
144 MGMT_STATUS_BUSY, /* Command Disallowed */
145 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
146 MGMT_STATUS_REJECTED, /* Rejected Security */
147 MGMT_STATUS_REJECTED, /* Rejected Personal */
148 MGMT_STATUS_TIMEOUT, /* Host Timeout */
149 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
150 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
151 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
152 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
153 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
154 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
155 MGMT_STATUS_BUSY, /* Repeated Attempts */
156 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
157 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
158 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
159 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
160 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
161 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
162 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
163 MGMT_STATUS_FAILED, /* Unspecified Error */
164 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
165 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
166 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
167 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
168 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
169 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
170 MGMT_STATUS_FAILED, /* Unit Link Key Used */
171 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
172 MGMT_STATUS_TIMEOUT, /* Instant Passed */
173 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
174 MGMT_STATUS_FAILED, /* Transaction Collision */
175 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
176 MGMT_STATUS_REJECTED, /* QoS Rejected */
177 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
178 MGMT_STATUS_REJECTED, /* Insufficient Security */
179 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
180 MGMT_STATUS_BUSY, /* Role Switch Pending */
181 MGMT_STATUS_FAILED, /* Slot Violation */
182 MGMT_STATUS_FAILED, /* Role Switch Failed */
183 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
184 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
185 MGMT_STATUS_BUSY, /* Host Busy Pairing */
186 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
187 MGMT_STATUS_BUSY, /* Controller Busy */
188 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
189 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
190 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
191 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
192 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
193};
194
195static u8 mgmt_status(u8 hci_status)
196{
197 if (hci_status < ARRAY_SIZE(mgmt_status_table))
198 return mgmt_status_table[hci_status];
199
200 return MGMT_STATUS_FAILED;
201}
202
4e51eae9 203static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 204{
205 struct sk_buff *skb;
206 struct mgmt_hdr *hdr;
207 struct mgmt_ev_cmd_status *ev;
56b7d137 208 int err;
f7b64e69 209
34eb525c 210 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 211
212 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
213 if (!skb)
214 return -ENOMEM;
215
216 hdr = (void *) skb_put(skb, sizeof(*hdr));
217
218 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 219 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 220 hdr->len = cpu_to_le16(sizeof(*ev));
221
222 ev = (void *) skb_put(skb, sizeof(*ev));
223 ev->status = status;
224 put_unaligned_le16(cmd, &ev->opcode);
225
56b7d137
GP		 226 err = sock_queue_rcv_skb(sk, skb);
227 if (err < 0)
f7b64e69
JH		 228 kfree_skb(skb);
229
56b7d137 230 return err;
f7b64e69
JH		 231}
232
aee9b218
JH		 233static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
234 void *rp, size_t rp_len)
02d98129
JH		 235{
236 struct sk_buff *skb;
237 struct mgmt_hdr *hdr;
238 struct mgmt_ev_cmd_complete *ev;
56b7d137 239 int err;
02d98129
JH		 240
241 BT_DBG("sock %p", sk);
242
a38528f1 243 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 244 if (!skb)
245 return -ENOMEM;
246
247 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 248
a38528f1 249 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 250 hdr->index = cpu_to_le16(index);
a38528f1 251 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 252
a38528f1
JH		 253 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
254 put_unaligned_le16(cmd, &ev->opcode);
aee9b218 255 ev->status = status;
8020c16a
SJ		 256
257 if (rp)
258 memcpy(ev->data, rp, rp_len);
02d98129 259
56b7d137
GP		 260 err = sock_queue_rcv_skb(sk, skb);
261 if (err < 0)
02d98129
JH		 262 kfree_skb(skb);
263
56b7d137 264 return err;;
02d98129
JH		 265}
266
a38528f1
JH		 267static int read_version(struct sock *sk)
268{
269 struct mgmt_rp_read_version rp;
270
271 BT_DBG("sock %p", sk);
272
273 rp.version = MGMT_VERSION;
274 put_unaligned_le16(MGMT_REVISION, &rp.revision);
275
aee9b218 276 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
4e51eae9 277 sizeof(rp));
a38528f1
JH		 278}
279
e70bb2e8
JH		 280static int read_commands(struct sock *sk)
281{
282 struct mgmt_rp_read_commands *rp;
283 u16 num_commands = ARRAY_SIZE(mgmt_commands);
284 u16 num_events = ARRAY_SIZE(mgmt_events);
285 u16 *opcode;
286 size_t rp_size;
287 int i, err;
288
289 BT_DBG("sock %p", sk);
290
291 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
292
293 rp = kmalloc(rp_size, GFP_KERNEL);
294 if (!rp)
295 return -ENOMEM;
296
297 put_unaligned_le16(num_commands, &rp->num_commands);
298 put_unaligned_le16(num_events, &rp->num_events);
299
300 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
301 put_unaligned_le16(mgmt_commands[i], opcode);
302
303 for (i = 0; i < num_events; i++, opcode++)
304 put_unaligned_le16(mgmt_events[i], opcode);
305
aee9b218 306 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
e70bb2e8
JH		 307 rp_size);
308 kfree(rp);
309
310 return err;
311}
312
faba42eb
JH		 313static int read_index_list(struct sock *sk)
314{
faba42eb
JH		 315 struct mgmt_rp_read_index_list *rp;
316 struct list_head *p;
8035ded4 317 struct hci_dev *d;
a38528f1 318 size_t rp_len;
faba42eb 319 u16 count;
a38528f1 320 int i, err;
faba42eb
JH		 321
322 BT_DBG("sock %p", sk);
323
324 read_lock(&hci_dev_list_lock);
325
326 count = 0;
327 list_for_each(p, &hci_dev_list) {
328 count++;
329 }
330
a38528f1
JH		 331 rp_len = sizeof(*rp) + (2 * count);
332 rp = kmalloc(rp_len, GFP_ATOMIC);
333 if (!rp) {
b2c60d42 334 read_unlock(&hci_dev_list_lock);
faba42eb 335 return -ENOMEM;
b2c60d42 336 }
faba42eb 337
faba42eb
JH		 338 put_unaligned_le16(count, &rp->num_controllers);
339
340 i = 0;
8035ded4 341 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 342 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 343 continue;
344
faba42eb
JH		 345 put_unaligned_le16(d->id, &rp->index[i++]);
346 BT_DBG("Added hci%u", d->id);
347 }
348
349 read_unlock(&hci_dev_list_lock);
350
aee9b218 351 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
4e51eae9 352 rp_len);
faba42eb 353
a38528f1
JH		 354 kfree(rp);
355
356 return err;
faba42eb
JH		 357}
358
69ab39ea
JH		 359static u32 get_supported_settings(struct hci_dev *hdev)
360{
361 u32 settings = 0;
362
363 settings |= MGMT_SETTING_POWERED;
364 settings |= MGMT_SETTING_CONNECTABLE;
365 settings |= MGMT_SETTING_FAST_CONNECTABLE;
366 settings |= MGMT_SETTING_DISCOVERABLE;
367 settings |= MGMT_SETTING_PAIRABLE;
368
369 if (hdev->features[6] & LMP_SIMPLE_PAIR)
370 settings |= MGMT_SETTING_SSP;
371
372 if (!(hdev->features[4] & LMP_NO_BREDR)) {
373 settings |= MGMT_SETTING_BREDR;
374 settings |= MGMT_SETTING_LINK_SECURITY;
375 }
376
d7b7e796
MH		 377 if (enable_hs)
378 settings |= MGMT_SETTING_HS;
379
380 if (enable_le) {
381 if (hdev->features[4] & LMP_LE)
382 settings |= MGMT_SETTING_LE;
383 }
69ab39ea
JH		 384
385 return settings;
386}
387
388static u32 get_current_settings(struct hci_dev *hdev)
389{
390 u32 settings = 0;
391
f0d4b78a 392 if (!test_bit(HCI_UP, &hdev->flags))
69ab39ea
JH		 393 return settings;
394
f0d4b78a
MH		 395 if (!test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
396 settings |= MGMT_SETTING_POWERED;
397
69ab39ea
JH		 398 if (test_bit(HCI_PSCAN, &hdev->flags))
399 settings |= MGMT_SETTING_CONNECTABLE;
400
401 if (test_bit(HCI_ISCAN, &hdev->flags))
402 settings |= MGMT_SETTING_DISCOVERABLE;
403
a8b2d5c2 404 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 405 settings |= MGMT_SETTING_PAIRABLE;
406
407 if (!(hdev->features[4] & LMP_NO_BREDR))
408 settings |= MGMT_SETTING_BREDR;
409
59e29406 410 if (hdev->host_features[0] & LMP_HOST_LE)
69ab39ea
JH		 411 settings |= MGMT_SETTING_LE;
412
413 if (test_bit(HCI_AUTH, &hdev->flags))
414 settings |= MGMT_SETTING_LINK_SECURITY;
415
84bde9d6 416 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 417 settings |= MGMT_SETTING_SSP;
418
6d80dfd0
JH		 419 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
420 settings |= MGMT_SETTING_HS;
421
69ab39ea
JH		 422 return settings;
423}
424
ef580372
JH		 425#define PNP_INFO_SVCLASS_ID 0x1200
426
427static u8 bluetooth_base_uuid[] = {
428 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
429 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
430};
431
432static u16 get_uuid16(u8 *uuid128)
433{
434 u32 val;
435 int i;
436
437 for (i = 0; i < 12; i++) {
438 if (bluetooth_base_uuid[i] != uuid128[i])
439 return 0;
440 }
441
442 memcpy(&val, &uuid128[12], 4);
443
444 val = le32_to_cpu(val);
445 if (val > 0xffff)
446 return 0;
447
448 return (u16) val;
449}
450
451static void create_eir(struct hci_dev *hdev, u8 *data)
452{
453 u8 *ptr = data;
454 u16 eir_len = 0;
455 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
456 int i, truncated = 0;
457 struct bt_uuid *uuid;
458 size_t name_len;
459
460 name_len = strlen(hdev->dev_name);
461
462 if (name_len > 0) {
463 /* EIR Data type */
464 if (name_len > 48) {
465 name_len = 48;
466 ptr[1] = EIR_NAME_SHORT;
467 } else
468 ptr[1] = EIR_NAME_COMPLETE;
469
470 /* EIR Data length */
471 ptr[0] = name_len + 1;
472
473 memcpy(ptr + 2, hdev->dev_name, name_len);
474
475 eir_len += (name_len + 2);
476 ptr += (name_len + 2);
477 }
478
479 memset(uuid16_list, 0, sizeof(uuid16_list));
480
481 /* Group all UUID16 types */
482 list_for_each_entry(uuid, &hdev->uuids, list) {
483 u16 uuid16;
484
485 uuid16 = get_uuid16(uuid->uuid);
486 if (uuid16 == 0)
487 return;
488
489 if (uuid16 < 0x1100)
490 continue;
491
492 if (uuid16 == PNP_INFO_SVCLASS_ID)
493 continue;
494
495 /* Stop if not enough space to put next UUID */
496 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
497 truncated = 1;
498 break;
499 }
500
501 /* Check for duplicates */
502 for (i = 0; uuid16_list[i] != 0; i++)
503 if (uuid16_list[i] == uuid16)
504 break;
505
506 if (uuid16_list[i] == 0) {
507 uuid16_list[i] = uuid16;
508 eir_len += sizeof(u16);
509 }
510 }
511
512 if (uuid16_list[0] != 0) {
513 u8 *length = ptr;
514
515 /* EIR Data type */
516 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
517
518 ptr += 2;
519 eir_len += 2;
520
521 for (i = 0; uuid16_list[i] != 0; i++) {
522 *ptr++ = (uuid16_list[i] & 0x00ff);
523 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
524 }
525
526 /* EIR Data length */
527 *length = (i * sizeof(u16)) + 1;
528 }
529}
530
531static int update_eir(struct hci_dev *hdev)
532{
533 struct hci_cp_write_eir cp;
534
535 if (!(hdev->features[6] & LMP_EXT_INQ))
536 return 0;
537
84bde9d6 538 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 539 return 0;
540
a8b2d5c2 541 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 542 return 0;
543
544 memset(&cp, 0, sizeof(cp));
545
546 create_eir(hdev, cp.data);
547
548 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
549 return 0;
550
551 memcpy(hdev->eir, cp.data, sizeof(cp.data));
552
553 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
554}
555
556static u8 get_service_classes(struct hci_dev *hdev)
557{
558 struct bt_uuid *uuid;
559 u8 val = 0;
560
561 list_for_each_entry(uuid, &hdev->uuids, list)
562 val |= uuid->svc_hint;
563
564 return val;
565}
566
567static int update_class(struct hci_dev *hdev)
568{
569 u8 cod[3];
570
571 BT_DBG("%s", hdev->name);
572
a8b2d5c2 573 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 574 return 0;
575
576 cod[0] = hdev->minor_class;
577 cod[1] = hdev->major_class;
578 cod[2] = get_service_classes(hdev);
579
580 if (memcmp(cod, hdev->dev_class, 3) == 0)
581 return 0;
582
583 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
584}
585
7d78525d
JH		 586static void service_cache_off(struct work_struct *work)
587{
588 struct hci_dev *hdev = container_of(work, struct hci_dev,
589 service_cache.work);
590
a8b2d5c2 591 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 592 return;
593
594 hci_dev_lock(hdev);
595
596 update_eir(hdev);
597 update_class(hdev);
598
599 hci_dev_unlock(hdev);
600}
601
602static void mgmt_init_hdev(struct hci_dev *hdev)
603{
a8b2d5c2 604 if (!test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
7d78525d
JH		 605 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
606
a8b2d5c2 607 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 608 schedule_delayed_work(&hdev->service_cache,
609 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
610}
611
4e51eae9 612static int read_controller_info(struct sock *sk, u16 index)
0381101f 613{
a38528f1 614 struct mgmt_rp_read_info rp;
f7b64e69 615 struct hci_dev *hdev;
0381101f 616
4e51eae9 617 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 618
4e51eae9 619 hdev = hci_dev_get(index);
a38528f1 620 if (!hdev)
ca69b795
JH		 621 return cmd_status(sk, index, MGMT_OP_READ_INFO,
622 MGMT_STATUS_INVALID_PARAMS);
f7b64e69 623
09fd0de5 624 hci_dev_lock(hdev);
f7b64e69 625
7d78525d
JH		 626 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
627 mgmt_init_hdev(hdev);
ebc99feb 628
dc4fe30b
JH		 629 memset(&rp, 0, sizeof(rp));
630
69ab39ea 631 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 632
69ab39ea 633 rp.version = hdev->hci_ver;
f7b64e69 634
69ab39ea
JH		 635 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
636
637 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
638 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 639
a38528f1 640 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 641
dc4fe30b
JH		 642 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
643
09fd0de5 644 hci_dev_unlock(hdev);
f7b64e69 645 hci_dev_put(hdev);
0381101f 646
aee9b218 647 return cmd_complete(sk, index, MGMT_OP_READ_INFO, 0, &rp, sizeof(rp));
0381101f
JH		 648}
649
eec8d2bc
JH		 650static void mgmt_pending_free(struct pending_cmd *cmd)
651{
652 sock_put(cmd->sk);
c68fb7ff 653 kfree(cmd->param);
eec8d2bc
JH		 654 kfree(cmd);
655}
656
366a0336 657static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
2e58ef3e
JH		 658 struct hci_dev *hdev,
659 void *data, u16 len)
eec8d2bc
JH		 660{
661 struct pending_cmd *cmd;
662
663 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
664 if (!cmd)
366a0336 665 return NULL;
eec8d2bc
JH		 666
667 cmd->opcode = opcode;
2e58ef3e 668 cmd->index = hdev->id;
eec8d2bc 669
c68fb7ff
SJ		 670 cmd->param = kmalloc(len, GFP_ATOMIC);
671 if (!cmd->param) {
eec8d2bc 672 kfree(cmd);
366a0336 673 return NULL;
eec8d2bc
JH		 674 }
675
8fce6357
SJ		 676 if (data)
677 memcpy(cmd->param, data, len);
eec8d2bc
JH		 678
679 cmd->sk = sk;
680 sock_hold(sk);
681
2e58ef3e 682 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 683
366a0336 684 return cmd;
eec8d2bc
JH		 685}
686
744cf19e 687static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
eec8d2bc
JH		 688 void (*cb)(struct pending_cmd *cmd, void *data),
689 void *data)
690{
691 struct list_head *p, *n;
692
2e58ef3e 693 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 694 struct pending_cmd *cmd;
695
696 cmd = list_entry(p, struct pending_cmd, list);
697
b24752fe 698 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 699 continue;
700
eec8d2bc
JH		 701 cb(cmd, data);
702 }
703}
704
2e58ef3e 705static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 706{
8035ded4 707 struct pending_cmd *cmd;
eec8d2bc 708
2e58ef3e 709 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 710 if (cmd->opcode == opcode)
711 return cmd;
eec8d2bc
JH		 712 }
713
714 return NULL;
715}
716
a664b5bc 717static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 718{
73f22f62
JH		 719 list_del(&cmd->list);
720 mgmt_pending_free(cmd);
721}
722
69ab39ea 723static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 724{
69ab39ea 725 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 726
aee9b218
JH		 727 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
728 sizeof(settings));
8680570b
JH		 729}
730
650f726d 731static int set_powered(struct sock *sk, u16 index, void *data, u16 len)
eec8d2bc 732{
650f726d 733 struct mgmt_mode *cp = data;
eec8d2bc 734 struct hci_dev *hdev;
366a0336 735 struct pending_cmd *cmd;
366a0336 736 int err, up;
eec8d2bc 737
4e51eae9 738 BT_DBG("request for hci%u", index);
eec8d2bc 739
bdce7baf 740 if (len != sizeof(*cp))
ca69b795
JH		 741 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
742 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 743
4e51eae9 744 hdev = hci_dev_get(index);
eec8d2bc 745 if (!hdev)
ca69b795
JH		 746 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
747 MGMT_STATUS_INVALID_PARAMS);
eec8d2bc 748
09fd0de5 749 hci_dev_lock(hdev);
eec8d2bc 750
f0d4b78a
MH		 751 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
752 cancel_delayed_work(&hdev->power_off);
753
754 if (cp->val) {
755 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
756 mgmt_powered(hdev, 1);
757 goto failed;
758 }
759 }
760
eec8d2bc 761 up = test_bit(HCI_UP, &hdev->flags);
72a734ec 762 if ((cp->val && up) || (!cp->val && !up)) {
69ab39ea 763 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 764 goto failed;
765 }
766
2e58ef3e 767 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
ca69b795
JH		 768 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
769 MGMT_STATUS_BUSY);
eec8d2bc
JH		 770 goto failed;
771 }
772
2e58ef3e 773 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 774 if (!cmd) {
775 err = -ENOMEM;
eec8d2bc 776 goto failed;
366a0336 777 }
eec8d2bc 778
72a734ec 779 if (cp->val)
7f971041 780 schedule_work(&hdev->power_on);
eec8d2bc 781 else
80b7ab33 782 schedule_work(&hdev->power_off.work);
eec8d2bc 783
366a0336 784 err = 0;
eec8d2bc
JH		 785
786failed:
09fd0de5 787 hci_dev_unlock(hdev);
eec8d2bc 788 hci_dev_put(hdev);
366a0336 789 return err;
eec8d2bc
JH		 790}
791
650f726d 792static int set_discoverable(struct sock *sk, u16 index, void *data, u16 len)
73f22f62 793{
650f726d 794 struct mgmt_cp_set_discoverable *cp = data;
73f22f62 795 struct hci_dev *hdev;
366a0336 796 struct pending_cmd *cmd;
73f22f62
JH		 797 u8 scan;
798 int err;
799
4e51eae9 800 BT_DBG("request for hci%u", index);
73f22f62 801
bdce7baf 802 if (len != sizeof(*cp))
ca69b795
JH		 803 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
804 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 805
4e51eae9 806 hdev = hci_dev_get(index);
73f22f62 807 if (!hdev)
ca69b795
JH		 808 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
809 MGMT_STATUS_INVALID_PARAMS);
73f22f62 810
09fd0de5 811 hci_dev_lock(hdev);
73f22f62
JH		 812
813 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 814 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
815 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 816 goto failed;
817 }
818
2e58ef3e
JH		 819 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
820 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 821 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
822 MGMT_STATUS_BUSY);
73f22f62
JH		 823 goto failed;
824 }
825
72a734ec 826 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
73f22f62 827 test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 828 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 829 goto failed;
830 }
831
2e58ef3e 832 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 833 if (!cmd) {
834 err = -ENOMEM;
73f22f62 835 goto failed;
366a0336 836 }
73f22f62
JH		 837
838 scan = SCAN_PAGE;
839
72a734ec 840 if (cp->val)
73f22f62 841 scan |= SCAN_INQUIRY;
16ab91ab 842 else
e0f9309f 843 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 844
845 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
846 if (err < 0)
a664b5bc 847 mgmt_pending_remove(cmd);
73f22f62 848
16ab91ab
JH		 849 if (cp->val)
850 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
851
73f22f62 852failed:
09fd0de5 853 hci_dev_unlock(hdev);
73f22f62
JH		 854 hci_dev_put(hdev);
855
856 return err;
857}
858
650f726d 859static int set_connectable(struct sock *sk, u16 index, void *data, u16 len)
9fbcbb45 860{
650f726d 861 struct mgmt_mode *cp = data;
9fbcbb45 862 struct hci_dev *hdev;
366a0336 863 struct pending_cmd *cmd;
9fbcbb45
JH		 864 u8 scan;
865 int err;
866
4e51eae9 867 BT_DBG("request for hci%u", index);
9fbcbb45 868
bdce7baf 869 if (len != sizeof(*cp))
ca69b795
JH		 870 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
871 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 872
4e51eae9 873 hdev = hci_dev_get(index);
9fbcbb45 874 if (!hdev)
ca69b795
JH		 875 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
876 MGMT_STATUS_INVALID_PARAMS);
9fbcbb45 877
09fd0de5 878 hci_dev_lock(hdev);
9fbcbb45
JH		 879
880 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 881 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
882 MGMT_STATUS_NOT_POWERED);
9fbcbb45
JH		 883 goto failed;
884 }
885
2e58ef3e
JH		 886 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
887 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 888 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
889 MGMT_STATUS_BUSY);
9fbcbb45
JH		 890 goto failed;
891 }
892
72a734ec 893 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 894 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 895 goto failed;
896 }
897
2e58ef3e 898 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 899 if (!cmd) {
900 err = -ENOMEM;
9fbcbb45 901 goto failed;
366a0336 902 }
9fbcbb45 903
72a734ec 904 if (cp->val)
9fbcbb45
JH		 905 scan = SCAN_PAGE;
906 else
907 scan = 0;
908
909 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
910 if (err < 0)
a664b5bc 911 mgmt_pending_remove(cmd);
9fbcbb45
JH		 912
913failed:
09fd0de5 914 hci_dev_unlock(hdev);
9fbcbb45
JH		 915 hci_dev_put(hdev);
916
917 return err;
918}
919
744cf19e
JH		 920static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
921 u16 data_len, struct sock *skip_sk)
c542a06c
JH		 922{
923 struct sk_buff *skb;
924 struct mgmt_hdr *hdr;
925
926 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
927 if (!skb)
928 return -ENOMEM;
929
c542a06c
JH		 930 hdr = (void *) skb_put(skb, sizeof(*hdr));
931 hdr->opcode = cpu_to_le16(event);
744cf19e
JH		 932 if (hdev)
933 hdr->index = cpu_to_le16(hdev->id);
934 else
935 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
c542a06c
JH		 936 hdr->len = cpu_to_le16(data_len);
937
4e51eae9
SJ		 938 if (data)
939 memcpy(skb_put(skb, data_len), data, data_len);
c542a06c 940
470fe1b5 941 hci_send_to_control(skb, skip_sk);
c542a06c
JH		 942 kfree_skb(skb);
943
944 return 0;
945}
946
650f726d 947static int set_pairable(struct sock *sk, u16 index, void *data, u16 len)
c542a06c 948{
650f726d 949 struct mgmt_mode *cp = data;
c542a06c 950 struct hci_dev *hdev;
69ab39ea 951 __le32 ev;
c542a06c
JH		 952 int err;
953
4e51eae9 954 BT_DBG("request for hci%u", index);
c542a06c 955
bdce7baf 956 if (len != sizeof(*cp))
ca69b795
JH		 957 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
958 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 959
4e51eae9 960 hdev = hci_dev_get(index);
c542a06c 961 if (!hdev)
ca69b795
JH		 962 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
963 MGMT_STATUS_INVALID_PARAMS);
c542a06c 964
09fd0de5 965 hci_dev_lock(hdev);
c542a06c
JH		 966
967 if (cp->val)
a8b2d5c2 968 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 969 else
a8b2d5c2 970 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 971
69ab39ea 972 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 973 if (err < 0)
974 goto failed;
975
69ab39ea 976 ev = cpu_to_le32(get_current_settings(hdev));
c542a06c 977
69ab39ea 978 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
c542a06c
JH		 979
980failed:
09fd0de5 981 hci_dev_unlock(hdev);
c542a06c
JH		 982 hci_dev_put(hdev);
983
984 return err;
985}
986
33ef95ed
JH		 987static int set_link_security(struct sock *sk, u16 index, void *data, u16 len)
988{
989 struct mgmt_mode *cp = data;
990 struct pending_cmd *cmd;
991 struct hci_dev *hdev;
992 uint8_t val;
993 int err;
994
995 BT_DBG("request for hci%u", index);
996
997 if (len != sizeof(*cp))
998 return cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
999 MGMT_STATUS_INVALID_PARAMS);
1000
1001 hdev = hci_dev_get(index);
1002 if (!hdev)
1003 return cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1004 MGMT_STATUS_INVALID_PARAMS);
1005
1006 hci_dev_lock(hdev);
1007
1008 if (!test_bit(HCI_UP, &hdev->flags)) {
1009 err = cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1010 MGMT_STATUS_NOT_POWERED);
1011 goto failed;
1012 }
1013
1014 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
1015 err = cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1016 MGMT_STATUS_BUSY);
1017 goto failed;
1018 }
1019
1020 val = !!cp->val;
1021
1022 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1023 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1024 goto failed;
1025 }
1026
1027 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1028 if (!cmd) {
1029 err = -ENOMEM;
1030 goto failed;
1031 }
1032
1033 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1034 if (err < 0) {
1035 mgmt_pending_remove(cmd);
1036 goto failed;
1037 }
1038
1039failed:
1040 hci_dev_unlock(hdev);
1041 hci_dev_put(hdev);
1042
1043 return err;
1044}
1045
ed2c4ee3
JH		 1046static int set_ssp(struct sock *sk, u16 index, void *data, u16 len)
1047{
1048 struct mgmt_mode *cp = data;
1049 struct pending_cmd *cmd;
1050 struct hci_dev *hdev;
1051 uint8_t val;
1052 int err;
1053
1054 BT_DBG("request for hci%u", index);
1055
1056 if (len != sizeof(*cp))
1057 return cmd_status(sk, index, MGMT_OP_SET_SSP,
1058 MGMT_STATUS_INVALID_PARAMS);
1059
1060 hdev = hci_dev_get(index);
1061 if (!hdev)
1062 return cmd_status(sk, index, MGMT_OP_SET_SSP,
1063 MGMT_STATUS_INVALID_PARAMS);
1064
1065 hci_dev_lock(hdev);
1066
1067 if (!test_bit(HCI_UP, &hdev->flags)) {
1068 err = cmd_status(sk, index, MGMT_OP_SET_SSP,
1069 MGMT_STATUS_NOT_POWERED);
1070 goto failed;
1071 }
1072
1e163574
JH		 1073 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1074 err = cmd_status(sk, index, MGMT_OP_SET_SSP,
1075 MGMT_STATUS_NOT_SUPPORTED);
1076 goto failed;
1077 }
1078
ed2c4ee3
JH		 1079 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
1080 err = cmd_status(sk, index, MGMT_OP_SET_SSP, MGMT_STATUS_BUSY);
1081 goto failed;
1082 }
1083
1084 val = !!cp->val;
1085
1086 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1087 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1088 goto failed;
1089 }
1090
1091 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1092 if (!cmd) {
1093 err = -ENOMEM;
1094 goto failed;
1095 }
1096
1097 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1098 if (err < 0) {
1099 mgmt_pending_remove(cmd);
1100 goto failed;
1101 }
1102
1103failed:
1104 hci_dev_unlock(hdev);
1105 hci_dev_put(hdev);
1106
1107 return err;
1108}
1109
6d80dfd0
JH		 1110static int set_hs(struct sock *sk, u16 index, void *data, u16 len)
1111{
1112 struct mgmt_mode *cp = data;
1113 struct hci_dev *hdev;
1114 int err;
1115
1116 BT_DBG("request for hci%u", index);
1117
1118 if (len != sizeof(*cp))
1119 return cmd_status(sk, index, MGMT_OP_SET_HS,
1120 MGMT_STATUS_INVALID_PARAMS);
1121
1122 hdev = hci_dev_get(index);
1123 if (!hdev)
1124 return cmd_status(sk, index, MGMT_OP_SET_HS,
1125 MGMT_STATUS_INVALID_PARAMS);
1126
1127 if (!enable_hs) {
1128 err = cmd_status(sk, index, MGMT_OP_SET_HS,
1129 MGMT_STATUS_NOT_SUPPORTED);
1130 goto failed;
1131 }
1132
1133 if (cp->val)
1134 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1135 else
1136 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1137
1138 err = send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
1139
1140failed:
1141 hci_dev_put(hdev);
1142 return err;
1143}
1144
650f726d 1145static int add_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 1146{
650f726d 1147 struct mgmt_cp_add_uuid *cp = data;
2aeb9a1a
JH		 1148 struct hci_dev *hdev;
1149 struct bt_uuid *uuid;
2aeb9a1a
JH		 1150 int err;
1151
4e51eae9 1152 BT_DBG("request for hci%u", index);
2aeb9a1a 1153
bdce7baf 1154 if (len != sizeof(*cp))
ca69b795
JH		 1155 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
1156 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1157
4e51eae9 1158 hdev = hci_dev_get(index);
2aeb9a1a 1159 if (!hdev)
ca69b795
JH		 1160 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
1161 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 1162
09fd0de5 1163 hci_dev_lock(hdev);
2aeb9a1a
JH		 1164
1165 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
1166 if (!uuid) {
1167 err = -ENOMEM;
1168 goto failed;
1169 }
1170
1171 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1172 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1173
1174 list_add(&uuid->list, &hdev->uuids);
1175
1aff6f09
JH		 1176 err = update_class(hdev);
1177 if (err < 0)
1178 goto failed;
1179
80a1e1db
JH		 1180 err = update_eir(hdev);
1181 if (err < 0)
1182 goto failed;
1183
aee9b218 1184 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, 0, NULL, 0);
2aeb9a1a
JH		 1185
1186failed:
09fd0de5 1187 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1188 hci_dev_put(hdev);
1189
1190 return err;
1191}
1192
650f726d 1193static int remove_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 1194{
650f726d 1195 struct mgmt_cp_remove_uuid *cp = data;
2aeb9a1a 1196 struct list_head *p, *n;
2aeb9a1a
JH		 1197 struct hci_dev *hdev;
1198 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1199 int err, found;
1200
4e51eae9 1201 BT_DBG("request for hci%u", index);
2aeb9a1a 1202
bdce7baf 1203 if (len != sizeof(*cp))
ca69b795
JH		 1204 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1205 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1206
4e51eae9 1207 hdev = hci_dev_get(index);
2aeb9a1a 1208 if (!hdev)
ca69b795
JH		 1209 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1210 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 1211
09fd0de5 1212 hci_dev_lock(hdev);
2aeb9a1a
JH		 1213
1214 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1215 err = hci_uuids_clear(hdev);
1216 goto unlock;
1217 }
1218
1219 found = 0;
1220
1221 list_for_each_safe(p, n, &hdev->uuids) {
1222 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1223
1224 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1225 continue;
1226
1227 list_del(&match->list);
1228 found++;
1229 }
1230
1231 if (found == 0) {
ca69b795
JH		 1232 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1233 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1234 goto unlock;
1235 }
1236
1aff6f09
JH		 1237 err = update_class(hdev);
1238 if (err < 0)
1239 goto unlock;
1240
80a1e1db
JH		 1241 err = update_eir(hdev);
1242 if (err < 0)
1243 goto unlock;
1244
aee9b218 1245 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, 0, NULL, 0);
2aeb9a1a
JH		 1246
1247unlock:
09fd0de5 1248 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1249 hci_dev_put(hdev);
1250
1251 return err;
1252}
1253
650f726d 1254static int set_dev_class(struct sock *sk, u16 index, void *data, u16 len)
1aff6f09
JH		 1255{
1256 struct hci_dev *hdev;
650f726d 1257 struct mgmt_cp_set_dev_class *cp = data;
1aff6f09
JH		 1258 int err;
1259
4e51eae9 1260 BT_DBG("request for hci%u", index);
1aff6f09 1261
bdce7baf 1262 if (len != sizeof(*cp))
ca69b795
JH		 1263 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1264 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1265
4e51eae9 1266 hdev = hci_dev_get(index);
1aff6f09 1267 if (!hdev)
ca69b795
JH		 1268 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1269 MGMT_STATUS_INVALID_PARAMS);
1aff6f09 1270
09fd0de5 1271 hci_dev_lock(hdev);
1aff6f09
JH		 1272
1273 hdev->major_class = cp->major;
1274 hdev->minor_class = cp->minor;
1275
a8b2d5c2 1276 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1277 hci_dev_unlock(hdev);
1278 cancel_delayed_work_sync(&hdev->service_cache);
1279 hci_dev_lock(hdev);
14c0b608 1280 update_eir(hdev);
7d78525d 1281 }
14c0b608 1282
1aff6f09
JH		 1283 err = update_class(hdev);
1284
1285 if (err == 0)
aee9b218
JH		 1286 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, 0,
1287 NULL, 0);
1aff6f09 1288
09fd0de5 1289 hci_dev_unlock(hdev);
1aff6f09
JH		 1290 hci_dev_put(hdev);
1291
1292 return err;
1293}
1294
650f726d 1295static int load_link_keys(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1296{
1297 struct hci_dev *hdev;
650f726d 1298 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1299 u16 key_count, expected_len;
a492cd52 1300 int i;
55ed8ca1 1301
bdce7baf 1302 if (len < sizeof(*cp))
ca69b795
JH		 1303 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1304 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1305
55ed8ca1
JH		 1306 key_count = get_unaligned_le16(&cp->key_count);
1307
86742e1e
JH		 1308 expected_len = sizeof(*cp) + key_count *
1309 sizeof(struct mgmt_link_key_info);
a492cd52 1310 if (expected_len != len) {
86742e1e 1311 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 1312 len, expected_len);
ca69b795
JH		 1313 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1314 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1315 }
1316
4e51eae9 1317 hdev = hci_dev_get(index);
55ed8ca1 1318 if (!hdev)
ca69b795
JH		 1319 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1320 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1321
4e51eae9 1322 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 1323 key_count);
1324
09fd0de5 1325 hci_dev_lock(hdev);
55ed8ca1
JH		 1326
1327 hci_link_keys_clear(hdev);
1328
a8b2d5c2 1329 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1330
1331 if (cp->debug_keys)
a8b2d5c2 1332 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1333 else
a8b2d5c2 1334 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1335
a492cd52 1336 for (i = 0; i < key_count; i++) {
86742e1e 1337 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1338
d753fdc4
JH		 1339 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
1340 key->type, key->pin_len);
55ed8ca1
JH		 1341 }
1342
aee9b218 1343 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1344
09fd0de5 1345 hci_dev_unlock(hdev);
55ed8ca1
JH		 1346 hci_dev_put(hdev);
1347
a492cd52 1348 return 0;
55ed8ca1
JH		 1349}
1350
b1078ad0
JH		 1351static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
1352 u8 addr_type, struct sock *skip_sk)
1353{
1354 struct mgmt_ev_device_unpaired ev;
1355
1356 bacpy(&ev.addr.bdaddr, bdaddr);
1357 ev.addr.type = addr_type;
1358
1359 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
1360 skip_sk);
1361}
1362
124f6e35 1363static int unpair_device(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1364{
1365 struct hci_dev *hdev;
124f6e35
JH		 1366 struct mgmt_cp_unpair_device *cp = data;
1367 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1368 struct hci_cp_disconnect dc;
1369 struct pending_cmd *cmd;
55ed8ca1 1370 struct hci_conn *conn;
aee9b218 1371 u8 status = 0;
55ed8ca1
JH		 1372 int err;
1373
bdce7baf 1374 if (len != sizeof(*cp))
124f6e35 1375 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1376 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1377
4e51eae9 1378 hdev = hci_dev_get(index);
55ed8ca1 1379 if (!hdev)
124f6e35 1380 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1381 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1382
09fd0de5 1383 hci_dev_lock(hdev);
55ed8ca1 1384
a8a1d19e 1385 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1386 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1387 rp.addr.type = cp->addr.type;
a8a1d19e 1388
124f6e35
JH		 1389 if (cp->addr.type == MGMT_ADDR_BREDR)
1390 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1391 else
1392 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1393
55ed8ca1 1394 if (err < 0) {
aee9b218 1395 status = MGMT_STATUS_NOT_PAIRED;
55ed8ca1
JH		 1396 goto unlock;
1397 }
1398
a8a1d19e 1399 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
aee9b218
JH		 1400 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, status,
1401 &rp, sizeof(rp));
b1078ad0 1402 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
55ed8ca1 1403 goto unlock;
a8a1d19e 1404 }
55ed8ca1 1405
124f6e35
JH		 1406 if (cp->addr.type == MGMT_ADDR_BREDR)
1407 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1408 &cp->addr.bdaddr);
1409 else
1410 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
1411 &cp->addr.bdaddr);
1412
a8a1d19e 1413 if (!conn) {
aee9b218
JH		 1414 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, status,
1415 &rp, sizeof(rp));
b1078ad0 1416 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1417 goto unlock;
1418 }
55ed8ca1 1419
124f6e35
JH		 1420 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
1421 sizeof(*cp));
a8a1d19e
JH		 1422 if (!cmd) {
1423 err = -ENOMEM;
1424 goto unlock;
55ed8ca1
JH		 1425 }
1426
a8a1d19e
JH		 1427 put_unaligned_le16(conn->handle, &dc.handle);
1428 dc.reason = 0x13; /* Remote User Terminated Connection */
1429 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1430 if (err < 0)
1431 mgmt_pending_remove(cmd);
1432
55ed8ca1 1433unlock:
ca69b795 1434 if (err < 0)
aee9b218
JH		 1435 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, status,
1436 &rp, sizeof(rp));
09fd0de5 1437 hci_dev_unlock(hdev);
55ed8ca1
JH		 1438 hci_dev_put(hdev);
1439
1440 return err;
1441}
1442
650f726d 1443static int disconnect(struct sock *sk, u16 index, void *data, u16 len)
8962ee74
JH		 1444{
1445 struct hci_dev *hdev;
650f726d 1446 struct mgmt_cp_disconnect *cp = data;
8962ee74 1447 struct hci_cp_disconnect dc;
366a0336 1448 struct pending_cmd *cmd;
8962ee74 1449 struct hci_conn *conn;
8962ee74
JH		 1450 int err;
1451
1452 BT_DBG("");
1453
bdce7baf 1454 if (len != sizeof(*cp))
ca69b795
JH		 1455 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1456 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1457
4e51eae9 1458 hdev = hci_dev_get(index);
8962ee74 1459 if (!hdev)
ca69b795
JH		 1460 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1461 MGMT_STATUS_INVALID_PARAMS);
8962ee74 1462
09fd0de5 1463 hci_dev_lock(hdev);
8962ee74
JH		 1464
1465 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1466 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1467 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1468 goto failed;
1469 }
1470
2e58ef3e 1471 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
ca69b795
JH		 1472 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1473 MGMT_STATUS_BUSY);
8962ee74
JH		 1474 goto failed;
1475 }
1476
88c3df13
JH		 1477 if (cp->addr.type == MGMT_ADDR_BREDR)
1478 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
1479 else
1480 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1481
8962ee74 1482 if (!conn) {
ca69b795
JH		 1483 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1484 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1485 goto failed;
1486 }
1487
2e58ef3e 1488 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1489 if (!cmd) {
1490 err = -ENOMEM;
8962ee74 1491 goto failed;
366a0336 1492 }
8962ee74
JH		 1493
1494 put_unaligned_le16(conn->handle, &dc.handle);
1495 dc.reason = 0x13; /* Remote User Terminated Connection */
1496
1497 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1498 if (err < 0)
a664b5bc 1499 mgmt_pending_remove(cmd);
8962ee74
JH		 1500
1501failed:
09fd0de5 1502 hci_dev_unlock(hdev);
8962ee74
JH		 1503 hci_dev_put(hdev);
1504
1505 return err;
1506}
1507
48264f06 1508static u8 link_to_mgmt(u8 link_type, u8 addr_type)
4c659c39
JH		 1509{
1510 switch (link_type) {
1511 case LE_LINK:
48264f06
JH		 1512 switch (addr_type) {
1513 case ADDR_LE_DEV_PUBLIC:
1514 return MGMT_ADDR_LE_PUBLIC;
1515 case ADDR_LE_DEV_RANDOM:
1516 return MGMT_ADDR_LE_RANDOM;
1517 default:
1518 return MGMT_ADDR_INVALID;
1519 }
4c659c39
JH		 1520 case ACL_LINK:
1521 return MGMT_ADDR_BREDR;
1522 default:
1523 return MGMT_ADDR_INVALID;
1524 }
1525}
1526
8ce6284e 1527static int get_connections(struct sock *sk, u16 index)
2784eb41 1528{
2784eb41
JH		 1529 struct mgmt_rp_get_connections *rp;
1530 struct hci_dev *hdev;
8035ded4 1531 struct hci_conn *c;
a38528f1 1532 size_t rp_len;
4e51eae9 1533 u16 count;
2784eb41
JH		 1534 int i, err;
1535
1536 BT_DBG("");
1537
4e51eae9 1538 hdev = hci_dev_get(index);
2784eb41 1539 if (!hdev)
ca69b795
JH		 1540 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1541 MGMT_STATUS_INVALID_PARAMS);
2784eb41 1542
09fd0de5 1543 hci_dev_lock(hdev);
2784eb41
JH		 1544
1545 count = 0;
b644ba33
JH		 1546 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1547 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1548 count++;
2784eb41
JH		 1549 }
1550
4c659c39 1551 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1552 rp = kmalloc(rp_len, GFP_ATOMIC);
1553 if (!rp) {
2784eb41
JH		 1554 err = -ENOMEM;
1555 goto unlock;
1556 }
1557
2784eb41
JH		 1558 put_unaligned_le16(count, &rp->conn_count);
1559
2784eb41 1560 i = 0;
4c659c39 1561 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1562 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1563 continue;
4c659c39 1564 bacpy(&rp->addr[i].bdaddr, &c->dst);
48264f06 1565 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
4c659c39
JH		 1566 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1567 continue;
1568 i++;
1569 }
1570
1571 /* Recalculate length in case of filtered SCO connections, etc */
1572 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1573
aee9b218 1574 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, 0, rp, rp_len);
2784eb41
JH		 1575
1576unlock:
a38528f1 1577 kfree(rp);
09fd0de5 1578 hci_dev_unlock(hdev);
2784eb41
JH		 1579 hci_dev_put(hdev);
1580 return err;
1581}
1582
96d97a67
WR		 1583static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1584 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1585{
1586 struct pending_cmd *cmd;
1587 int err;
1588
2e58ef3e 1589 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
96d97a67
WR		 1590 sizeof(*cp));
1591 if (!cmd)
1592 return -ENOMEM;
1593
d8457698
JH		 1594 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1595 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1596 if (err < 0)
1597 mgmt_pending_remove(cmd);
1598
1599 return err;
1600}
1601
650f726d 1602static int pin_code_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1603{
1604 struct hci_dev *hdev;
96d97a67 1605 struct hci_conn *conn;
650f726d 1606 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1607 struct hci_cp_pin_code_reply reply;
366a0336 1608 struct pending_cmd *cmd;
980e1a53
JH		 1609 int err;
1610
1611 BT_DBG("");
1612
bdce7baf 1613 if (len != sizeof(*cp))
ca69b795
JH		 1614 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1615 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1616
4e51eae9 1617 hdev = hci_dev_get(index);
980e1a53 1618 if (!hdev)
ca69b795
JH		 1619 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1620 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1621
09fd0de5 1622 hci_dev_lock(hdev);
980e1a53
JH		 1623
1624 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1625 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1626 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1627 goto failed;
1628 }
1629
d8457698 1630 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1631 if (!conn) {
ca69b795
JH		 1632 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1633 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1634 goto failed;
1635 }
1636
1637 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1638 struct mgmt_cp_pin_code_neg_reply ncp;
1639
1640 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1641
1642 BT_ERR("PIN code is not 16 bytes long");
1643
1644 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1645 if (err >= 0)
1646 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
ca69b795 1647 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1648
1649 goto failed;
1650 }
1651
650f726d
VCG		 1652 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data,
1653 len);
366a0336
JH		 1654 if (!cmd) {
1655 err = -ENOMEM;
980e1a53 1656 goto failed;
366a0336 1657 }
980e1a53 1658
d8457698 1659 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1660 reply.pin_len = cp->pin_len;
24718ca5 1661 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1662
1663 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1664 if (err < 0)
a664b5bc 1665 mgmt_pending_remove(cmd);
980e1a53
JH		 1666
1667failed:
09fd0de5 1668 hci_dev_unlock(hdev);
980e1a53
JH		 1669 hci_dev_put(hdev);
1670
1671 return err;
1672}
1673
650f726d 1674static int pin_code_neg_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1675{
1676 struct hci_dev *hdev;
650f726d 1677 struct mgmt_cp_pin_code_neg_reply *cp = data;
980e1a53
JH		 1678 int err;
1679
1680 BT_DBG("");
1681
bdce7baf
SJ		 1682 if (len != sizeof(*cp))
1683 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1684 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1685
4e51eae9 1686 hdev = hci_dev_get(index);
980e1a53 1687 if (!hdev)
4e51eae9 1688 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1689 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1690
09fd0de5 1691 hci_dev_lock(hdev);
980e1a53
JH		 1692
1693 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1694 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1695 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1696 goto failed;
1697 }
1698
96d97a67 1699 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1700
1701failed:
09fd0de5 1702 hci_dev_unlock(hdev);
980e1a53
JH		 1703 hci_dev_put(hdev);
1704
1705 return err;
1706}
1707
650f726d 1708static int set_io_capability(struct sock *sk, u16 index, void *data, u16 len)
17fa4b9d
JH		 1709{
1710 struct hci_dev *hdev;
650f726d 1711 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1712
1713 BT_DBG("");
1714
bdce7baf 1715 if (len != sizeof(*cp))
ca69b795
JH		 1716 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1717 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1718
4e51eae9 1719 hdev = hci_dev_get(index);
17fa4b9d 1720 if (!hdev)
ca69b795
JH		 1721 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1722 MGMT_STATUS_INVALID_PARAMS);
17fa4b9d 1723
09fd0de5 1724 hci_dev_lock(hdev);
17fa4b9d
JH		 1725
1726 hdev->io_capability = cp->io_capability;
1727
1728 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1729 hdev->io_capability);
17fa4b9d 1730
09fd0de5 1731 hci_dev_unlock(hdev);
17fa4b9d
JH		 1732 hci_dev_put(hdev);
1733
aee9b218 1734 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, 0, NULL, 0);
17fa4b9d
JH		 1735}
1736
e9a416b5
JH		 1737static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1738{
1739 struct hci_dev *hdev = conn->hdev;
8035ded4 1740 struct pending_cmd *cmd;
e9a416b5 1741
2e58ef3e 1742 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1743 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1744 continue;
1745
e9a416b5
JH		 1746 if (cmd->user_data != conn)
1747 continue;
1748
1749 return cmd;
1750 }
1751
1752 return NULL;
1753}
1754
1755static void pairing_complete(struct pending_cmd *cmd, u8 status)
1756{
1757 struct mgmt_rp_pair_device rp;
1758 struct hci_conn *conn = cmd->user_data;
1759
ba4e564f
JH		 1760 bacpy(&rp.addr.bdaddr, &conn->dst);
1761 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
e9a416b5 1762
aee9b218
JH		 1763 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
1764 &rp, sizeof(rp));
e9a416b5
JH		 1765
1766 /* So we don't get further callbacks for this connection */
1767 conn->connect_cfm_cb = NULL;
1768 conn->security_cfm_cb = NULL;
1769 conn->disconn_cfm_cb = NULL;
1770
1771 hci_conn_put(conn);
1772
a664b5bc 1773 mgmt_pending_remove(cmd);
e9a416b5
JH		 1774}
1775
1776static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1777{
1778 struct pending_cmd *cmd;
1779
1780 BT_DBG("status %u", status);
1781
1782 cmd = find_pairing(conn);
56e5cb86 1783 if (!cmd)
e9a416b5 1784 BT_DBG("Unable to find a pending command");
56e5cb86 1785 else
e211326c 1786 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1787}
1788
650f726d 1789static int pair_device(struct sock *sk, u16 index, void *data, u16 len)
e9a416b5
JH		 1790{
1791 struct hci_dev *hdev;
650f726d 1792 struct mgmt_cp_pair_device *cp = data;
1425acb7 1793 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1794 struct pending_cmd *cmd;
1795 u8 sec_level, auth_type;
1796 struct hci_conn *conn;
e9a416b5
JH		 1797 int err;
1798
1799 BT_DBG("");
1800
bdce7baf 1801 if (len != sizeof(*cp))
ca69b795
JH		 1802 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1803 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1804
4e51eae9 1805 hdev = hci_dev_get(index);
e9a416b5 1806 if (!hdev)
ca69b795
JH		 1807 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1808 MGMT_STATUS_INVALID_PARAMS);
e9a416b5 1809
09fd0de5 1810 hci_dev_lock(hdev);
e9a416b5 1811
c908df36
VCG		 1812 sec_level = BT_SECURITY_MEDIUM;
1813 if (cp->io_cap == 0x03)
e9a416b5 1814 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1815 else
e9a416b5 1816 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1817
ba4e564f
JH		 1818 if (cp->addr.type == MGMT_ADDR_BREDR)
1819 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1820 auth_type);
1821 else
ba4e564f 1822 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1823 auth_type);
1824
1425acb7
JH		 1825 memset(&rp, 0, sizeof(rp));
1826 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1827 rp.addr.type = cp->addr.type;
1828
30e76272 1829 if (IS_ERR(conn)) {
e211326c
JH		 1830 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1831 MGMT_STATUS_CONNECT_FAILED,
1832 &rp, sizeof(rp));
e9a416b5
JH		 1833 goto unlock;
1834 }
1835
1836 if (conn->connect_cfm_cb) {
1837 hci_conn_put(conn);
e211326c
JH		 1838 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1839 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1840 goto unlock;
1841 }
1842
2e58ef3e 1843 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1844 if (!cmd) {
1845 err = -ENOMEM;
1846 hci_conn_put(conn);
1847 goto unlock;
1848 }
1849
7a512d01 1850 /* For LE, just connecting isn't a proof that the pairing finished */
ba4e564f 1851 if (cp->addr.type == MGMT_ADDR_BREDR)
7a512d01
VCG		 1852 conn->connect_cfm_cb = pairing_complete_cb;
1853
e9a416b5
JH		 1854 conn->security_cfm_cb = pairing_complete_cb;
1855 conn->disconn_cfm_cb = pairing_complete_cb;
1856 conn->io_capability = cp->io_cap;
1857 cmd->user_data = conn;
1858
1859 if (conn->state == BT_CONNECTED &&
1860 hci_conn_security(conn, sec_level, auth_type))
1861 pairing_complete(cmd, 0);
1862
1863 err = 0;
1864
1865unlock:
09fd0de5 1866 hci_dev_unlock(hdev);
e9a416b5
JH		 1867 hci_dev_put(hdev);
1868
1869 return err;
1870}
1871
28424707
JH		 1872static int cancel_pair_device(struct sock *sk, u16 index,
1873 unsigned char *data, u16 len)
1874{
1875 struct mgmt_addr_info *addr = (void *) data;
1876 struct hci_dev *hdev;
1877 struct pending_cmd *cmd;
1878 struct hci_conn *conn;
1879 int err;
1880
1881 BT_DBG("");
1882
1883 if (len != sizeof(*addr))
1884 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1885 MGMT_STATUS_INVALID_PARAMS);
1886
1887 hdev = hci_dev_get(index);
1888 if (!hdev)
1889 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1890 MGMT_STATUS_INVALID_PARAMS);
1891
1892 hci_dev_lock(hdev);
1893
1894 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1895 if (!cmd) {
1896 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1897 MGMT_STATUS_INVALID_PARAMS);
1898 goto unlock;
1899 }
1900
1901 conn = cmd->user_data;
1902
1903 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
1904 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1905 MGMT_STATUS_INVALID_PARAMS);
1906 goto unlock;
1907 }
1908
1909 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
1910
aee9b218 1911 err = cmd_complete(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE, 0, addr,
28424707
JH		 1912 sizeof(*addr));
1913unlock:
1914 hci_dev_unlock(hdev);
1915 hci_dev_put(hdev);
1916
1917 return err;
1918}
1919
0df4c185 1920static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
272d90df
JH		 1921 u8 type, u16 mgmt_op, u16 hci_op,
1922 __le32 passkey)
a5c29683 1923{
a5c29683
JH		 1924 struct pending_cmd *cmd;
1925 struct hci_dev *hdev;
0df4c185 1926 struct hci_conn *conn;
a5c29683
JH		 1927 int err;
1928
4e51eae9 1929 hdev = hci_dev_get(index);
a5c29683 1930 if (!hdev)
ca69b795
JH		 1931 return cmd_status(sk, index, mgmt_op,
1932 MGMT_STATUS_INVALID_PARAMS);
a5c29683 1933
09fd0de5 1934 hci_dev_lock(hdev);
08ba5382 1935
a5c29683 1936 if (!test_bit(HCI_UP, &hdev->flags)) {
0df4c185
BG		 1937 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1938 goto done;
a5c29683
JH		 1939 }
1940
272d90df
JH		 1941 if (type == MGMT_ADDR_BREDR)
1942 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1943 else
47c15e2b 1944 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 1945
1946 if (!conn) {
1947 err = cmd_status(sk, index, mgmt_op,
47c15e2b 1948 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 1949 goto done;
1950 }
47c15e2b 1951
272d90df 1952 if (type == MGMT_ADDR_LE_PUBLIC || type == MGMT_ADDR_LE_RANDOM) {
47c15e2b 1953 /* Continue with pairing via SMP */
5fe57d9e
BG		 1954 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
1955
1956 if (!err)
1957 err = cmd_status(sk, index, mgmt_op,
1958 MGMT_STATUS_SUCCESS);
1959 else
1960 err = cmd_status(sk, index, mgmt_op,
1961 MGMT_STATUS_FAILED);
47c15e2b 1962
47c15e2b
BG		 1963 goto done;
1964 }
1965
0df4c185 1966 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 1967 if (!cmd) {
1968 err = -ENOMEM;
0df4c185 1969 goto done;
a5c29683
JH		 1970 }
1971
0df4c185 1972 /* Continue with pairing via HCI */
604086b7
BG		 1973 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1974 struct hci_cp_user_passkey_reply cp;
1975
1976 bacpy(&cp.bdaddr, bdaddr);
1977 cp.passkey = passkey;
1978 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1979 } else
1980 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1981
a664b5bc
JH		 1982 if (err < 0)
1983 mgmt_pending_remove(cmd);
a5c29683 1984
0df4c185 1985done:
09fd0de5 1986 hci_dev_unlock(hdev);
a5c29683
JH		 1987 hci_dev_put(hdev);
1988
1989 return err;
1990}
1991
0df4c185
BG		 1992static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1993{
650f726d 1994 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 1995
1996 BT_DBG("");
1997
1998 if (len != sizeof(*cp))
1999 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
2000 MGMT_STATUS_INVALID_PARAMS);
2001
272d90df
JH		 2002 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2003 MGMT_OP_USER_CONFIRM_REPLY,
2004 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2005}
2006
2007static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
2008 u16 len)
2009{
c9c2659f 2010 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2011
2012 BT_DBG("");
2013
2014 if (len != sizeof(*cp))
2015 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
2016 MGMT_STATUS_INVALID_PARAMS);
2017
272d90df
JH		 2018 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2019 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2020 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2021}
2022
604086b7
BG		 2023static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
2024{
650f726d 2025 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2026
2027 BT_DBG("");
2028
2029 if (len != sizeof(*cp))
2030 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
2031 EINVAL);
2032
272d90df
JH		 2033 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2034 MGMT_OP_USER_PASSKEY_REPLY,
2035 HCI_OP_USER_PASSKEY_REPLY,
2036 cp->passkey);
604086b7
BG		 2037}
2038
2039static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
2040 u16 len)
2041{
650f726d 2042 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2043
2044 BT_DBG("");
2045
2046 if (len != sizeof(*cp))
2047 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
2048 EINVAL);
2049
272d90df
JH		 2050 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2051 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2052 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2053}
2054
650f726d 2055static int set_local_name(struct sock *sk, u16 index, void *data,
b312b161
JH		 2056 u16 len)
2057{
650f726d 2058 struct mgmt_cp_set_local_name *mgmt_cp = data;
b312b161
JH		 2059 struct hci_cp_write_local_name hci_cp;
2060 struct hci_dev *hdev;
2061 struct pending_cmd *cmd;
2062 int err;
2063
2064 BT_DBG("");
2065
2066 if (len != sizeof(*mgmt_cp))
ca69b795
JH		 2067 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
2068 MGMT_STATUS_INVALID_PARAMS);
b312b161
JH		 2069
2070 hdev = hci_dev_get(index);
2071 if (!hdev)
ca69b795
JH		 2072 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
2073 MGMT_STATUS_INVALID_PARAMS);
b312b161 2074
09fd0de5 2075 hci_dev_lock(hdev);
b312b161 2076
650f726d
VCG		 2077 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data,
2078 len);
b312b161
JH		 2079 if (!cmd) {
2080 err = -ENOMEM;
2081 goto failed;
2082 }
2083
2084 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
2085 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
2086 &hci_cp);
2087 if (err < 0)
2088 mgmt_pending_remove(cmd);
2089
2090failed:
09fd0de5 2091 hci_dev_unlock(hdev);
b312b161
JH		 2092 hci_dev_put(hdev);
2093
2094 return err;
2095}
2096
c35938b2
SJ		 2097static int read_local_oob_data(struct sock *sk, u16 index)
2098{
2099 struct hci_dev *hdev;
2100 struct pending_cmd *cmd;
2101 int err;
2102
2103 BT_DBG("hci%u", index);
2104
2105 hdev = hci_dev_get(index);
2106 if (!hdev)
2107 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2108 MGMT_STATUS_INVALID_PARAMS);
c35938b2 2109
09fd0de5 2110 hci_dev_lock(hdev);
c35938b2
SJ		 2111
2112 if (!test_bit(HCI_UP, &hdev->flags)) {
2113 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2114 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2115 goto unlock;
2116 }
2117
2118 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
2119 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2120 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2121 goto unlock;
2122 }
2123
2e58ef3e 2124 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
ca69b795
JH		 2125 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2126 MGMT_STATUS_BUSY);
c35938b2
SJ		 2127 goto unlock;
2128 }
2129
2e58ef3e 2130 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2131 if (!cmd) {
2132 err = -ENOMEM;
2133 goto unlock;
2134 }
2135
2136 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2137 if (err < 0)
2138 mgmt_pending_remove(cmd);
2139
2140unlock:
09fd0de5 2141 hci_dev_unlock(hdev);
c35938b2
SJ		 2142 hci_dev_put(hdev);
2143
2144 return err;
2145}
2146
650f726d
VCG		 2147static int add_remote_oob_data(struct sock *sk, u16 index, void *data,
2148 u16 len)
2763eda6
SJ		 2149{
2150 struct hci_dev *hdev;
650f726d 2151 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2152 u8 status;
2763eda6
SJ		 2153 int err;
2154
2155 BT_DBG("hci%u ", index);
2156
2157 if (len != sizeof(*cp))
2158 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
ca69b795 2159 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2160
2161 hdev = hci_dev_get(index);
2162 if (!hdev)
bf1e3541
JH		 2163 return cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
2164 MGMT_STATUS_INVALID_PARAMS,
2165 &cp->addr, sizeof(cp->addr));
2763eda6 2166
09fd0de5 2167 hci_dev_lock(hdev);
2763eda6 2168
664ce4cc 2169 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
2763eda6
SJ		 2170 cp->randomizer);
2171 if (err < 0)
bf1e3541 2172 status = MGMT_STATUS_FAILED;
2763eda6 2173 else
bf1e3541
JH		 2174 status = 0;
2175
2176 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
2177 &cp->addr, sizeof(cp->addr));
2763eda6 2178
09fd0de5 2179 hci_dev_unlock(hdev);
2763eda6
SJ		 2180 hci_dev_put(hdev);
2181
2182 return err;
2183}
2184
2185static int remove_remote_oob_data(struct sock *sk, u16 index,
650f726d 2186 void *data, u16 len)
2763eda6
SJ		 2187{
2188 struct hci_dev *hdev;
650f726d 2189 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2190 u8 status;
2763eda6
SJ		 2191 int err;
2192
2193 BT_DBG("hci%u ", index);
2194
2195 if (len != sizeof(*cp))
2196 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 2197 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2198
2199 hdev = hci_dev_get(index);
2200 if (!hdev)
bf1e3541
JH		 2201 return cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2202 MGMT_STATUS_INVALID_PARAMS,
2203 &cp->addr, sizeof(cp->addr));
2763eda6 2204
09fd0de5 2205 hci_dev_lock(hdev);
2763eda6 2206
664ce4cc 2207 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2208 if (err < 0)
bf1e3541 2209 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2210 else
bf1e3541
JH		 2211 status = 0;
2212
2213 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, status,
2214 &cp->addr, sizeof(cp->addr));
2763eda6 2215
09fd0de5 2216 hci_dev_unlock(hdev);
2763eda6
SJ		 2217 hci_dev_put(hdev);
2218
2219 return err;
2220}
2221
5e0452c0
AG		 2222static int discovery(struct hci_dev *hdev)
2223{
2224 int err;
2225
2226 if (lmp_host_le_capable(hdev)) {
2227 if (lmp_bredr_capable(hdev)) {
2228 err = hci_le_scan(hdev, LE_SCAN_TYPE,
2229 LE_SCAN_INT, LE_SCAN_WIN,
2230 LE_SCAN_TIMEOUT_BREDR_LE);
2231 } else {
2232 hdev->discovery.type = DISCOV_TYPE_LE;
2233 err = hci_le_scan(hdev, LE_SCAN_TYPE,
2234 LE_SCAN_INT, LE_SCAN_WIN,
2235 LE_SCAN_TIMEOUT_LE_ONLY);
2236 }
2237 } else {
2238 hdev->discovery.type = DISCOV_TYPE_BREDR;
2239 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2240 }
2241
2242 return err;
2243}
2244
2245int mgmt_interleaved_discovery(struct hci_dev *hdev)
2246{
2247 int err;
2248
2249 BT_DBG("%s", hdev->name);
2250
2251 hci_dev_lock(hdev);
2252
2253 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2254 if (err < 0)
2255 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2256
2257 hci_dev_unlock(hdev);
2258
2259 return err;
2260}
2261
450dfdaf 2262static int start_discovery(struct sock *sk, u16 index,
650f726d 2263 void *data, u16 len)
14a53664 2264{
650f726d 2265 struct mgmt_cp_start_discovery *cp = data;
14a53664
JH		 2266 struct pending_cmd *cmd;
2267 struct hci_dev *hdev;
2268 int err;
2269
2270 BT_DBG("hci%u", index);
2271
450dfdaf
JH		 2272 if (len != sizeof(*cp))
2273 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2274 MGMT_STATUS_INVALID_PARAMS);
2275
14a53664
JH		 2276 hdev = hci_dev_get(index);
2277 if (!hdev)
ca69b795
JH		 2278 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2279 MGMT_STATUS_INVALID_PARAMS);
14a53664 2280
09fd0de5 2281 hci_dev_lock(hdev);
14a53664 2282
bd2d1334 2283 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 2284 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2285 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2286 goto failed;
2287 }
2288
ff9ef578
JH		 2289 if (hdev->discovery.state != DISCOVERY_STOPPED) {
2290 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2291 MGMT_STATUS_BUSY);
2292 goto failed;
2293 }
2294
2e58ef3e 2295 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2296 if (!cmd) {
2297 err = -ENOMEM;
2298 goto failed;
2299 }
2300
4aab14e5
AG		 2301 hdev->discovery.type = cp->type;
2302
2303 switch (hdev->discovery.type) {
f39799f5 2304 case DISCOV_TYPE_BREDR:
3fd24153 2305 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2306 break;
2307
2308 case DISCOV_TYPE_LE:
3fd24153
AG		 2309 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2310 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2311 break;
2312
5e0452c0
AG		 2313 case DISCOV_TYPE_INTERLEAVED:
2314 err = discovery(hdev);
2315 break;
2316
f39799f5 2317 default:
3fd24153 2318 err = -EINVAL;
f39799f5 2319 }
3fd24153 2320
14a53664
JH		 2321 if (err < 0)
2322 mgmt_pending_remove(cmd);
ff9ef578
JH		 2323 else
2324 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2325
2326failed:
09fd0de5 2327 hci_dev_unlock(hdev);
14a53664
JH		 2328 hci_dev_put(hdev);
2329
2330 return err;
2331}
2332
d930650b 2333static int stop_discovery(struct sock *sk, u16 index, void *data, u16 len)
14a53664 2334{
d930650b 2335 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664
JH		 2336 struct hci_dev *hdev;
2337 struct pending_cmd *cmd;
30dc78e1
JH		 2338 struct hci_cp_remote_name_req_cancel cp;
2339 struct inquiry_entry *e;
14a53664
JH		 2340 int err;
2341
2342 BT_DBG("hci%u", index);
2343
d930650b
JH		 2344 if (len != sizeof(*mgmt_cp))
2345 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2346 MGMT_STATUS_INVALID_PARAMS);
2347
14a53664
JH		 2348 hdev = hci_dev_get(index);
2349 if (!hdev)
ca69b795
JH		 2350 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2351 MGMT_STATUS_INVALID_PARAMS);
14a53664 2352
09fd0de5 2353 hci_dev_lock(hdev);
14a53664 2354
30dc78e1 2355 if (!hci_discovery_active(hdev)) {
d930650b
JH		 2356 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2357 MGMT_STATUS_REJECTED,
2358 &mgmt_cp->type, sizeof(mgmt_cp->type));
2359 goto unlock;
2360 }
2361
2362 if (hdev->discovery.type != mgmt_cp->type) {
2363 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2364 MGMT_STATUS_INVALID_PARAMS,
2365 &mgmt_cp->type, sizeof(mgmt_cp->type));
30dc78e1 2366 goto unlock;
ff9ef578
JH		 2367 }
2368
2e58ef3e 2369 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2370 if (!cmd) {
2371 err = -ENOMEM;
30dc78e1
JH		 2372 goto unlock;
2373 }
2374
343f935b 2375 if (hdev->discovery.state == DISCOVERY_FINDING) {
30dc78e1
JH		 2376 err = hci_cancel_inquiry(hdev);
2377 if (err < 0)
2378 mgmt_pending_remove(cmd);
2379 else
2380 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
2381 goto unlock;
2382 }
2383
2384 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_PENDING);
2385 if (!e) {
2386 mgmt_pending_remove(cmd);
aee9b218 2387 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY, 0,
d930650b 2388 &mgmt_cp->type, sizeof(mgmt_cp->type));
30dc78e1
JH		 2389 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2390 goto unlock;
14a53664
JH		 2391 }
2392
30dc78e1
JH		 2393 bacpy(&cp.bdaddr, &e->data.bdaddr);
2394 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2395 sizeof(cp), &cp);
14a53664
JH		 2396 if (err < 0)
2397 mgmt_pending_remove(cmd);
ff9ef578
JH		 2398 else
2399 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2400
30dc78e1 2401unlock:
09fd0de5 2402 hci_dev_unlock(hdev);
14a53664
JH		 2403 hci_dev_put(hdev);
2404
2405 return err;
2406}
2407
650f726d 2408static int confirm_name(struct sock *sk, u16 index, void *data, u16 len)
561aafbc 2409{
650f726d 2410 struct mgmt_cp_confirm_name *cp = data;
561aafbc
JH		 2411 struct inquiry_entry *e;
2412 struct hci_dev *hdev;
2413 int err;
2414
2415 BT_DBG("hci%u", index);
2416
2417 if (len != sizeof(*cp))
2418 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2419 MGMT_STATUS_INVALID_PARAMS);
2420
2421 hdev = hci_dev_get(index);
2422 if (!hdev)
2423 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2424 MGMT_STATUS_INVALID_PARAMS);
2425
2426 hci_dev_lock(hdev);
2427
30dc78e1
JH		 2428 if (!hci_discovery_active(hdev)) {
2429 err = cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2430 MGMT_STATUS_FAILED);
2431 goto failed;
2432 }
2433
a198e7b1 2434 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc
JH		 2435 if (!e) {
2436 err = cmd_status (sk, index, MGMT_OP_CONFIRM_NAME,
2437 MGMT_STATUS_INVALID_PARAMS);
2438 goto failed;
2439 }
2440
2441 if (cp->name_known) {
2442 e->name_state = NAME_KNOWN;
2443 list_del(&e->list);
2444 } else {
2445 e->name_state = NAME_NEEDED;
a3d4e20a 2446 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2447 }
2448
2449 err = 0;
2450
2451failed:
2452 hci_dev_unlock(hdev);
2453
2454 return err;
2455}
2456
650f726d 2457static int block_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2458{
2459 struct hci_dev *hdev;
650f726d 2460 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2461 u8 status;
7fbec224
AJ		 2462 int err;
2463
2464 BT_DBG("hci%u", index);
2465
7fbec224
AJ		 2466 if (len != sizeof(*cp))
2467 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
ca69b795 2468 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2469
2470 hdev = hci_dev_get(index);
2471 if (!hdev)
f0eeea8b
JH		 2472 return cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2473 MGMT_STATUS_INVALID_PARAMS,
2474 &cp->addr, sizeof(cp->addr));
7fbec224 2475
09fd0de5 2476 hci_dev_lock(hdev);
5e762444 2477
88c1fe4b 2478 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2479 if (err < 0)
f0eeea8b 2480 status = MGMT_STATUS_FAILED;
7fbec224 2481 else
f0eeea8b
JH		 2482 status = 0;
2483
2484 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE, status,
2485 &cp->addr, sizeof(cp->addr));
5e762444 2486
09fd0de5 2487 hci_dev_unlock(hdev);
7fbec224
AJ		 2488 hci_dev_put(hdev);
2489
2490 return err;
2491}
2492
650f726d 2493static int unblock_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2494{
2495 struct hci_dev *hdev;
650f726d 2496 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2497 u8 status;
7fbec224
AJ		 2498 int err;
2499
2500 BT_DBG("hci%u", index);
2501
7fbec224
AJ		 2502 if (len != sizeof(*cp))
2503 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
ca69b795 2504 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2505
2506 hdev = hci_dev_get(index);
2507 if (!hdev)
f0eeea8b
JH		 2508 return cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2509 MGMT_STATUS_INVALID_PARAMS,
2510 &cp->addr, sizeof(cp->addr));
7fbec224 2511
09fd0de5 2512 hci_dev_lock(hdev);
5e762444 2513
88c1fe4b 2514 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2515 if (err < 0)
f0eeea8b 2516 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2517 else
f0eeea8b
JH		 2518 status = 0;
2519
2520 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE, status,
2521 &cp->addr, sizeof(cp->addr));
5e762444 2522
09fd0de5 2523 hci_dev_unlock(hdev);
7fbec224
AJ		 2524 hci_dev_put(hdev);
2525
2526 return err;
2527}
2528
f6422ec6 2529static int set_fast_connectable(struct sock *sk, u16 index,
650f726d 2530 void *data, u16 len)
f6422ec6
AJ		 2531{
2532 struct hci_dev *hdev;
650f726d 2533 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2534 struct hci_cp_write_page_scan_activity acp;
2535 u8 type;
2536 int err;
2537
2538 BT_DBG("hci%u", index);
2539
2540 if (len != sizeof(*cp))
2541 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2542 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2543
2544 hdev = hci_dev_get(index);
2545 if (!hdev)
2546 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2547 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2548
2549 hci_dev_lock(hdev);
2550
f7c6869c 2551 if (cp->val) {
f6422ec6
AJ		 2552 type = PAGE_SCAN_TYPE_INTERLACED;
2553 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2554 } else {
2555 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2556 acp.interval = 0x0800; /* default 1.28 sec page scan */
2557 }
2558
2559 acp.window = 0x0012; /* default 11.25 msec page scan window */
2560
2561 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2562 sizeof(acp), &acp);
2563 if (err < 0) {
2564 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2565 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2566 goto done;
2567 }
2568
2569 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2570 if (err < 0) {
2571 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2572 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2573 goto done;
2574 }
2575
aee9b218
JH		 2576 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE, 0,
2577 NULL, 0);
f6422ec6
AJ		 2578done:
2579 hci_dev_unlock(hdev);
2580 hci_dev_put(hdev);
2581
2582 return err;
2583}
2584
346af67b
VCG		 2585static int load_long_term_keys(struct sock *sk, u16 index,
2586 void *cp_data, u16 len)
2587{
2588 struct hci_dev *hdev;
2589 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2590 u16 key_count, expected_len;
2591 int i;
2592
2593 if (len < sizeof(*cp))
2594 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2595 EINVAL);
2596
2597 key_count = get_unaligned_le16(&cp->key_count);
2598
2599 expected_len = sizeof(*cp) + key_count *
2600 sizeof(struct mgmt_ltk_info);
2601 if (expected_len != len) {
2602 BT_ERR("load_keys: expected %u bytes, got %u bytes",
2603 len, expected_len);
2604 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2605 EINVAL);
2606 }
2607
2608 hdev = hci_dev_get(index);
2609 if (!hdev)
2610 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2611 ENODEV);
2612
2613 BT_DBG("hci%u key_count %u", index, key_count);
2614
2615 hci_dev_lock(hdev);
2616
2617 hci_smp_ltks_clear(hdev);
2618
2619 for (i = 0; i < key_count; i++) {
2620 struct mgmt_ltk_info *key = &cp->keys[i];
2621 u8 type;
2622
2623 if (key->master)
2624 type = HCI_SMP_LTK;
2625 else
2626 type = HCI_SMP_LTK_SLAVE;
2627
2628 hci_add_ltk(hdev, &key->addr.bdaddr, key->addr.type,
2629 type, 0, key->authenticated, key->val,
2630 key->enc_size, key->ediv, key->rand);
2631 }
2632
2633 hci_dev_unlock(hdev);
2634 hci_dev_put(hdev);
2635
2636 return 0;
2637}
2638
0381101f
JH		 2639int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2640{
650f726d
VCG		 2641 void *buf;
2642 u8 *cp;
0381101f 2643 struct mgmt_hdr *hdr;
4e51eae9 2644 u16 opcode, index, len;
0381101f
JH		 2645 int err;
2646
2647 BT_DBG("got %zu bytes", msglen);
2648
2649 if (msglen < sizeof(*hdr))
2650 return -EINVAL;
2651
e63a15ec 2652 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2653 if (!buf)
2654 return -ENOMEM;
2655
2656 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2657 err = -EFAULT;
2658 goto done;
2659 }
2660
650f726d 2661 hdr = buf;
0381101f 2662 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 2663 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 2664 len = get_unaligned_le16(&hdr->len);
2665
2666 if (len != msglen - sizeof(*hdr)) {
2667 err = -EINVAL;
2668 goto done;
2669 }
2670
650f726d
VCG		 2671 cp = buf + sizeof(*hdr);
2672
0381101f 2673 switch (opcode) {
02d98129
JH		 2674 case MGMT_OP_READ_VERSION:
2675 err = read_version(sk);
2676 break;
e70bb2e8
JH		 2677 case MGMT_OP_READ_COMMANDS:
2678 err = read_commands(sk);
2679 break;
faba42eb
JH		 2680 case MGMT_OP_READ_INDEX_LIST:
2681 err = read_index_list(sk);
2682 break;
f7b64e69 2683 case MGMT_OP_READ_INFO:
4e51eae9 2684 err = read_controller_info(sk, index);
f7b64e69 2685 break;
eec8d2bc 2686 case MGMT_OP_SET_POWERED:
650f726d 2687 err = set_powered(sk, index, cp, len);
eec8d2bc 2688 break;
73f22f62 2689 case MGMT_OP_SET_DISCOVERABLE:
650f726d 2690 err = set_discoverable(sk, index, cp, len);
73f22f62 2691 break;
9fbcbb45 2692 case MGMT_OP_SET_CONNECTABLE:
650f726d 2693 err = set_connectable(sk, index, cp, len);
9fbcbb45 2694 break;
f7c6869c 2695 case MGMT_OP_SET_FAST_CONNECTABLE:
650f726d 2696 err = set_fast_connectable(sk, index, cp, len);
f7c6869c 2697 break;
c542a06c 2698 case MGMT_OP_SET_PAIRABLE:
650f726d 2699 err = set_pairable(sk, index, cp, len);
c542a06c 2700 break;
33ef95ed
JH		 2701 case MGMT_OP_SET_LINK_SECURITY:
2702 err = set_link_security(sk, index, cp, len);
2703 break;
ed2c4ee3
JH		 2704 case MGMT_OP_SET_SSP:
2705 err = set_ssp(sk, index, cp, len);
2706 break;
6d80dfd0
JH		 2707 case MGMT_OP_SET_HS:
2708 err = set_hs(sk, index, cp, len);
2709 break;
2aeb9a1a 2710 case MGMT_OP_ADD_UUID:
650f726d 2711 err = add_uuid(sk, index, cp, len);
2aeb9a1a
JH		 2712 break;
2713 case MGMT_OP_REMOVE_UUID:
650f726d 2714 err = remove_uuid(sk, index, cp, len);
2aeb9a1a 2715 break;
1aff6f09 2716 case MGMT_OP_SET_DEV_CLASS:
650f726d 2717 err = set_dev_class(sk, index, cp, len);
1aff6f09 2718 break;
86742e1e 2719 case MGMT_OP_LOAD_LINK_KEYS:
650f726d 2720 err = load_link_keys(sk, index, cp, len);
55ed8ca1 2721 break;
8962ee74 2722 case MGMT_OP_DISCONNECT:
650f726d 2723 err = disconnect(sk, index, cp, len);
8962ee74 2724 break;
2784eb41 2725 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 2726 err = get_connections(sk, index);
2784eb41 2727 break;
980e1a53 2728 case MGMT_OP_PIN_CODE_REPLY:
650f726d 2729 err = pin_code_reply(sk, index, cp, len);
980e1a53
JH		 2730 break;
2731 case MGMT_OP_PIN_CODE_NEG_REPLY:
650f726d 2732 err = pin_code_neg_reply(sk, index, cp, len);
980e1a53 2733 break;
17fa4b9d 2734 case MGMT_OP_SET_IO_CAPABILITY:
650f726d 2735 err = set_io_capability(sk, index, cp, len);
17fa4b9d 2736 break;
e9a416b5 2737 case MGMT_OP_PAIR_DEVICE:
650f726d 2738 err = pair_device(sk, index, cp, len);
e9a416b5 2739 break;
28424707
JH		 2740 case MGMT_OP_CANCEL_PAIR_DEVICE:
2741 err = cancel_pair_device(sk, index, buf + sizeof(*hdr), len);
2742 break;
124f6e35
JH		 2743 case MGMT_OP_UNPAIR_DEVICE:
2744 err = unpair_device(sk, index, cp, len);
2745 break;
a5c29683 2746 case MGMT_OP_USER_CONFIRM_REPLY:
650f726d 2747 err = user_confirm_reply(sk, index, cp, len);
a5c29683
JH		 2748 break;
2749 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
650f726d 2750 err = user_confirm_neg_reply(sk, index, cp, len);
a5c29683 2751 break;
604086b7 2752 case MGMT_OP_USER_PASSKEY_REPLY:
650f726d 2753 err = user_passkey_reply(sk, index, cp, len);
604086b7
BG		 2754 break;
2755 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
650f726d 2756 err = user_passkey_neg_reply(sk, index, cp, len);
a5c29683 2757 break;
b312b161 2758 case MGMT_OP_SET_LOCAL_NAME:
650f726d 2759 err = set_local_name(sk, index, cp, len);
b312b161 2760 break;
c35938b2
SJ		 2761 case MGMT_OP_READ_LOCAL_OOB_DATA:
2762 err = read_local_oob_data(sk, index);
2763 break;
2763eda6 2764 case MGMT_OP_ADD_REMOTE_OOB_DATA:
650f726d 2765 err = add_remote_oob_data(sk, index, cp, len);
2763eda6
SJ		 2766 break;
2767 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
650f726d 2768 err = remove_remote_oob_data(sk, index, cp, len);
2763eda6 2769 break;
14a53664 2770 case MGMT_OP_START_DISCOVERY:
650f726d 2771 err = start_discovery(sk, index, cp, len);
14a53664
JH		 2772 break;
2773 case MGMT_OP_STOP_DISCOVERY:
d930650b 2774 err = stop_discovery(sk, index, cp, len);
14a53664 2775 break;
561aafbc 2776 case MGMT_OP_CONFIRM_NAME:
650f726d 2777 err = confirm_name(sk, index, cp, len);
561aafbc 2778 break;
7fbec224 2779 case MGMT_OP_BLOCK_DEVICE:
650f726d 2780 err = block_device(sk, index, cp, len);
7fbec224
AJ		 2781 break;
2782 case MGMT_OP_UNBLOCK_DEVICE:
650f726d 2783 err = unblock_device(sk, index, cp, len);
7fbec224 2784 break;
346af67b
VCG		 2785 case MGMT_OP_LOAD_LONG_TERM_KEYS:
2786 err = load_long_term_keys(sk, index, cp, len);
2787 break;
0381101f
JH		 2788 default:
2789 BT_DBG("Unknown op %u", opcode);
ca69b795
JH		 2790 err = cmd_status(sk, index, opcode,
2791 MGMT_STATUS_UNKNOWN_COMMAND);
0381101f
JH		 2792 break;
2793 }
2794
e41d8b4e
JH		 2795 if (err < 0)
2796 goto done;
2797
0381101f
JH		 2798 err = msglen;
2799
2800done:
2801 kfree(buf);
2802 return err;
2803}
c71e97bf 2804
b24752fe
JH		 2805static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2806{
2807 u8 *status = data;
2808
2809 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2810 mgmt_pending_remove(cmd);
2811}
2812
744cf19e 2813int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2814{
744cf19e 2815 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2816}
2817
744cf19e 2818int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2819{
b24752fe
JH		 2820 u8 status = ENODEV;
2821
744cf19e 2822 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2823
744cf19e 2824 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2825}
2826
73f22f62 2827struct cmd_lookup {
eec8d2bc 2828 struct sock *sk;
69ab39ea 2829 struct hci_dev *hdev;
eec8d2bc
JH		 2830};
2831
69ab39ea 2832static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2833{
73f22f62 2834 struct cmd_lookup *match = data;
eec8d2bc 2835
69ab39ea 2836 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2837
2838 list_del(&cmd->list);
2839
2840 if (match->sk == NULL) {
2841 match->sk = cmd->sk;
2842 sock_hold(match->sk);
2843 }
2844
2845 mgmt_pending_free(cmd);
c71e97bf 2846}
5add6af8 2847
744cf19e 2848int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2849{
76a7f3a4 2850 struct cmd_lookup match = { NULL, hdev };
69ab39ea 2851 __le32 ev;
7bb895d6 2852 int err;
5add6af8 2853
69ab39ea 2854 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2855
b24752fe
JH		 2856 if (!powered) {
2857 u8 status = ENETDOWN;
744cf19e 2858 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2859 }
2860
69ab39ea 2861 ev = cpu_to_le32(get_current_settings(hdev));
eec8d2bc 2862
7bb895d6 2863 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
69ab39ea 2864 match.sk);
eec8d2bc
JH		 2865
2866 if (match.sk)
2867 sock_put(match.sk);
2868
7bb895d6 2869 return err;
5add6af8 2870}
73f22f62 2871
744cf19e 2872int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2873{
76a7f3a4 2874 struct cmd_lookup match = { NULL, hdev };
69ab39ea 2875 __le32 ev;
7bb895d6 2876 int err;
73f22f62 2877
69ab39ea 2878 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
72a734ec 2879
69ab39ea 2880 ev = cpu_to_le32(get_current_settings(hdev));
73f22f62 2881
7bb895d6 2882 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
4e51eae9 2883 match.sk);
73f22f62
JH		 2884 if (match.sk)
2885 sock_put(match.sk);
2886
7bb895d6 2887 return err;
73f22f62 2888}
9fbcbb45 2889
744cf19e 2890int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2891{
69ab39ea 2892 __le32 ev;
76a7f3a4 2893 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2894 int err;
9fbcbb45 2895
69ab39ea
JH		 2896 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2897 &match);
9fbcbb45 2898
69ab39ea 2899 ev = cpu_to_le32(get_current_settings(hdev));
9fbcbb45 2900
7bb895d6 2901 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
9fbcbb45
JH		 2902
2903 if (match.sk)
2904 sock_put(match.sk);
2905
7bb895d6 2906 return err;
9fbcbb45 2907}
55ed8ca1 2908
744cf19e 2909int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2910{
ca69b795
JH		 2911 u8 mgmt_err = mgmt_status(status);
2912
2d7cee58 2913 if (scan & SCAN_PAGE)
744cf19e 2914 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
ca69b795 2915 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2916
2917 if (scan & SCAN_INQUIRY)
744cf19e 2918 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
ca69b795 2919 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2920
2921 return 0;
2922}
2923
744cf19e
JH		 2924int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2925 u8 persistent)
55ed8ca1 2926{
86742e1e 2927 struct mgmt_ev_new_link_key ev;
55ed8ca1 2928
a492cd52 2929 memset(&ev, 0, sizeof(ev));
55ed8ca1 2930
a492cd52 2931 ev.store_hint = persistent;
d753fdc4
JH		 2932 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
2933 ev.key.addr.type = MGMT_ADDR_BREDR;
a492cd52
VCG		 2934 ev.key.type = key->type;
2935 memcpy(ev.key.val, key->val, 16);
2936 ev.key.pin_len = key->pin_len;
55ed8ca1 2937
744cf19e 2938 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 2939}
f7520543 2940
346af67b
VCG		 2941int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
2942{
2943 struct mgmt_ev_new_long_term_key ev;
2944
2945 memset(&ev, 0, sizeof(ev));
2946
2947 ev.store_hint = persistent;
2948 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
2949 ev.key.addr.type = key->bdaddr_type;
2950 ev.key.authenticated = key->authenticated;
2951 ev.key.enc_size = key->enc_size;
2952 ev.key.ediv = key->ediv;
2953
2954 if (key->type == HCI_SMP_LTK)
2955 ev.key.master = 1;
2956
2957 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
2958 memcpy(ev.key.val, key->val, sizeof(key->val));
2959
2960 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev,
2961 &ev, sizeof(ev), NULL);
2962}
2963
afc747a6 2964int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
b644ba33
JH		 2965 u8 addr_type, u8 *name, u8 name_len,
2966 u8 *dev_class)
f7520543 2967{
b644ba33
JH		 2968 char buf[512];
2969 struct mgmt_ev_device_connected *ev = (void *) buf;
2970 u16 eir_len = 0;
f7520543 2971
b644ba33
JH		 2972 bacpy(&ev->addr.bdaddr, bdaddr);
2973 ev->addr.type = link_to_mgmt(link_type, addr_type);
f7520543 2974
b644ba33
JH		 2975 if (name_len > 0)
2976 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
2977 name, name_len);
2978
2979 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
2980 eir_len = eir_append_data(&ev->eir[eir_len], eir_len,
2981 EIR_CLASS_OF_DEV, dev_class, 3);
2982
2983 put_unaligned_le16(eir_len, &ev->eir_len);
2984
2985 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
2986 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 2987}
2988
8962ee74
JH		 2989static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2990{
c68fb7ff 2991 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 2992 struct sock **sk = data;
a38528f1 2993 struct mgmt_rp_disconnect rp;
8962ee74 2994
88c3df13
JH		 2995 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2996 rp.addr.type = cp->addr.type;
8962ee74 2997
aee9b218
JH		 2998 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
2999 sizeof(rp));
8962ee74
JH		 3000
3001 *sk = cmd->sk;
3002 sock_hold(*sk);
3003
a664b5bc 3004 mgmt_pending_remove(cmd);
8962ee74
JH		 3005}
3006
124f6e35 3007static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3008{
b1078ad0 3009 struct hci_dev *hdev = data;
124f6e35
JH		 3010 struct mgmt_cp_unpair_device *cp = cmd->param;
3011 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3012
3013 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3014 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3015 rp.addr.type = cp->addr.type;
a8a1d19e 3016
b1078ad0
JH		 3017 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3018
aee9b218 3019 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3020
3021 mgmt_pending_remove(cmd);
3022}
3023
afc747a6
JH		 3024int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
3025 u8 link_type, u8 addr_type)
f7520543 3026{
4c659c39 3027 struct mgmt_addr_info ev;
8962ee74
JH		 3028 struct sock *sk = NULL;
3029 int err;
3030
744cf19e 3031 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3032
f7520543 3033 bacpy(&ev.bdaddr, bdaddr);
48264f06 3034 ev.type = link_to_mgmt(link_type, addr_type);
f7520543 3035
afc747a6
JH		 3036 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
3037 sk);
8962ee74
JH		 3038
3039 if (sk)
3040 sock_put(sk);
3041
124f6e35 3042 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
b1078ad0 3043 hdev);
a8a1d19e 3044
8962ee74
JH		 3045 return err;
3046}
3047
88c3df13
JH		 3048int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
3049 u8 link_type, u8 addr_type, u8 status)
8962ee74 3050{
88c3df13 3051 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3052 struct pending_cmd *cmd;
3053 int err;
3054
2e58ef3e 3055 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3056 if (!cmd)
3057 return -ENOENT;
3058
88c3df13
JH		 3059 bacpy(&rp.addr.bdaddr, bdaddr);
3060 rp.addr.type = link_to_mgmt(link_type, addr_type);
37d9ef76 3061
88c3df13 3062 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
aee9b218 3063 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3064
a664b5bc 3065 mgmt_pending_remove(cmd);
8962ee74 3066
b1078ad0
JH		 3067 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3068 hdev);
8962ee74 3069 return err;
f7520543 3070}
17d5c04c 3071
48264f06
JH		 3072int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3073 u8 addr_type, u8 status)
17d5c04c
JH		 3074{
3075 struct mgmt_ev_connect_failed ev;
3076
4c659c39 3077 bacpy(&ev.addr.bdaddr, bdaddr);
48264f06 3078 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3079 ev.status = mgmt_status(status);
17d5c04c 3080
744cf19e 3081 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3082}
980e1a53 3083
744cf19e 3084int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3085{
3086 struct mgmt_ev_pin_code_request ev;
3087
d8457698
JH		 3088 bacpy(&ev.addr.bdaddr, bdaddr);
3089 ev.addr.type = MGMT_ADDR_BREDR;
a770bb5a 3090 ev.secure = secure;
980e1a53 3091
744cf19e 3092 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 3093 NULL);
980e1a53
JH		 3094}
3095
744cf19e
JH		 3096int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3097 u8 status)
980e1a53
JH		 3098{
3099 struct pending_cmd *cmd;
ac56fb13 3100 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3101 int err;
3102
2e58ef3e 3103 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3104 if (!cmd)
3105 return -ENOENT;
3106
d8457698
JH		 3107 bacpy(&rp.addr.bdaddr, bdaddr);
3108 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3109
aee9b218
JH		 3110 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
3111 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3112
a664b5bc 3113 mgmt_pending_remove(cmd);
980e1a53
JH		 3114
3115 return err;
3116}
3117
744cf19e
JH		 3118int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3119 u8 status)
980e1a53
JH		 3120{
3121 struct pending_cmd *cmd;
ac56fb13 3122 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3123 int err;
3124
2e58ef3e 3125 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3126 if (!cmd)
3127 return -ENOENT;
3128
d8457698
JH		 3129 bacpy(&rp.addr.bdaddr, bdaddr);
3130 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3131
aee9b218
JH		 3132 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
3133 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3134
a664b5bc 3135 mgmt_pending_remove(cmd);
980e1a53
JH		 3136
3137 return err;
3138}
a5c29683 3139
744cf19e 3140int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 3141 u8 link_type, u8 addr_type, __le32 value,
3142 u8 confirm_hint)
a5c29683
JH		 3143{
3144 struct mgmt_ev_user_confirm_request ev;
3145
744cf19e 3146 BT_DBG("%s", hdev->name);
a5c29683 3147
272d90df
JH		 3148 bacpy(&ev.addr.bdaddr, bdaddr);
3149 ev.addr.type = link_to_mgmt(link_type, addr_type);
55bc1a37 3150 ev.confirm_hint = confirm_hint;
a5c29683
JH		 3151 put_unaligned_le32(value, &ev.value);
3152
744cf19e 3153 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 3154 NULL);
a5c29683
JH		 3155}
3156
272d90df
JH		 3157int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
3158 u8 link_type, u8 addr_type)
604086b7
BG		 3159{
3160 struct mgmt_ev_user_passkey_request ev;
3161
3162 BT_DBG("%s", hdev->name);
3163
272d90df
JH		 3164 bacpy(&ev.addr.bdaddr, bdaddr);
3165 ev.addr.type = link_to_mgmt(link_type, addr_type);
604086b7
BG		 3166
3167 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
3168 NULL);
3169}
3170
0df4c185 3171static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 3172 u8 link_type, u8 addr_type, u8 status,
3173 u8 opcode)
a5c29683
JH		 3174{
3175 struct pending_cmd *cmd;
3176 struct mgmt_rp_user_confirm_reply rp;
3177 int err;
3178
2e58ef3e 3179 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3180 if (!cmd)
3181 return -ENOENT;
3182
272d90df
JH		 3183 bacpy(&rp.addr.bdaddr, bdaddr);
3184 rp.addr.type = link_to_mgmt(link_type, addr_type);
aee9b218
JH		 3185 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
3186 &rp, sizeof(rp));
a5c29683 3187
a664b5bc 3188 mgmt_pending_remove(cmd);
a5c29683
JH		 3189
3190 return err;
3191}
3192
744cf19e 3193int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 3194 u8 link_type, u8 addr_type, u8 status)
a5c29683 3195{
272d90df
JH		 3196 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3197 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3198}
3199
272d90df
JH		 3200int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3201 u8 link_type, u8 addr_type, u8 status)
a5c29683 3202{
272d90df
JH		 3203 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3204 status, MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3205}
2a611692 3206
604086b7 3207int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 3208 u8 link_type, u8 addr_type, u8 status)
604086b7 3209{
272d90df
JH		 3210 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3211 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3212}
3213
272d90df
JH		 3214int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3215 u8 link_type, u8 addr_type, u8 status)
604086b7 3216{
272d90df
JH		 3217 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3218 status, MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3219}
3220
bab73cb6
JH		 3221int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3222 u8 addr_type, u8 status)
2a611692
JH		 3223{
3224 struct mgmt_ev_auth_failed ev;
3225
bab73cb6
JH		 3226 bacpy(&ev.addr.bdaddr, bdaddr);
3227 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3228 ev.status = mgmt_status(status);
2a611692 3229
744cf19e 3230 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3231}
b312b161 3232
33ef95ed
JH		 3233int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3234{
3235 struct cmd_lookup match = { NULL, hdev };
3236 __le32 ev;
3237 int err;
3238
3239 if (status) {
3240 u8 mgmt_err = mgmt_status(status);
3241 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
3242 cmd_status_rsp, &mgmt_err);
3243 return 0;
3244 }
3245
3246 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
3247 &match);
3248
3249 ev = cpu_to_le32(get_current_settings(hdev));
3250 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
3251
3252 if (match.sk)
3253 sock_put(match.sk);
3254
3255 return err;
3256}
3257
cacaf52f
JH		 3258static int clear_eir(struct hci_dev *hdev)
3259{
3260 struct hci_cp_write_eir cp;
3261
3262 if (!(hdev->features[6] & LMP_EXT_INQ))
3263 return 0;
3264
3265 memset(&cp, 0, sizeof(cp));
3266
3267 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3268}
3269
ed2c4ee3
JH		 3270int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 status)
3271{
3272 struct cmd_lookup match = { NULL, hdev };
3273 __le32 ev;
3274 int err;
3275
3276 if (status) {
3277 u8 mgmt_err = mgmt_status(status);
3278 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev,
3279 cmd_status_rsp, &mgmt_err);
3280 return 0;
3281 }
3282
3283 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3284
3285 ev = cpu_to_le32(get_current_settings(hdev));
3286 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
3287
cacaf52f 3288 if (match.sk) {
ed2c4ee3
JH		 3289 sock_put(match.sk);
3290
cacaf52f
JH		 3291 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3292 update_eir(hdev);
3293 else
3294 clear_eir(hdev);
3295 }
3296
ed2c4ee3
JH		 3297 return err;
3298}
3299
744cf19e 3300int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3301{
3302 struct pending_cmd *cmd;
3303 struct mgmt_cp_set_local_name ev;
3304 int err;
3305
3306 memset(&ev, 0, sizeof(ev));
3307 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
3308
2e58ef3e 3309 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3310 if (!cmd)
3311 goto send_event;
3312
3313 if (status) {
744cf19e 3314 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
ca69b795 3315 mgmt_status(status));
b312b161
JH		 3316 goto failed;
3317 }
3318
744cf19e 3319 update_eir(hdev);
80a1e1db 3320
aee9b218 3321 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
b312b161
JH		 3322 sizeof(ev));
3323 if (err < 0)
3324 goto failed;
3325
3326send_event:
744cf19e 3327 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
b312b161
JH		 3328 cmd ? cmd->sk : NULL);
3329
3330failed:
3331 if (cmd)
3332 mgmt_pending_remove(cmd);
3333 return err;
3334}
c35938b2 3335
744cf19e
JH		 3336int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
3337 u8 *randomizer, u8 status)
c35938b2
SJ		 3338{
3339 struct pending_cmd *cmd;
3340 int err;
3341
744cf19e 3342 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3343
2e58ef3e 3344 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3345 if (!cmd)
3346 return -ENOENT;
3347
3348 if (status) {
744cf19e 3349 err = cmd_status(cmd->sk, hdev->id,
ca69b795
JH		 3350 MGMT_OP_READ_LOCAL_OOB_DATA,
3351 mgmt_status(status));
c35938b2
SJ		 3352 } else {
3353 struct mgmt_rp_read_local_oob_data rp;
3354
3355 memcpy(rp.hash, hash, sizeof(rp.hash));
3356 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3357
744cf19e
JH		 3358 err = cmd_complete(cmd->sk, hdev->id,
3359 MGMT_OP_READ_LOCAL_OOB_DATA,
aee9b218 3360 0, &rp, sizeof(rp));
c35938b2
SJ		 3361 }
3362
3363 mgmt_pending_remove(cmd);
3364
3365 return err;
3366}
e17acd40 3367
48264f06 3368int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
561aafbc 3369 u8 addr_type, u8 *dev_class, s8 rssi,
e319d2e7 3370 u8 cfm_name, u8 *eir, u16 eir_len)
e17acd40 3371{
e319d2e7
JH		 3372 char buf[512];
3373 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3374 size_t ev_size;
e17acd40 3375
1dc06093
JH		 3376 /* Leave 5 bytes for a potential CoD field */
3377 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3378 return -EINVAL;
3379
1dc06093
JH		 3380 memset(buf, 0, sizeof(buf));
3381
e319d2e7
JH		 3382 bacpy(&ev->addr.bdaddr, bdaddr);
3383 ev->addr.type = link_to_mgmt(link_type, addr_type);
3384 ev->rssi = rssi;
3385 ev->confirm_name = cfm_name;
e17acd40 3386
1dc06093 3387 if (eir_len > 0)
e319d2e7 3388 memcpy(ev->eir, eir, eir_len);
e17acd40 3389
1dc06093
JH		 3390 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3391 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
3392 dev_class, 3);
3393
3394 put_unaligned_le16(eir_len, &ev->eir_len);
3395
3396 ev_size = sizeof(*ev) + eir_len;
f8523598 3397
e319d2e7 3398 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3399}
a88a9652 3400
b644ba33
JH		 3401int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3402 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3403{
b644ba33
JH		 3404 struct mgmt_ev_device_found *ev;
3405 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3406 u16 eir_len;
a88a9652 3407
b644ba33 3408 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3409
b644ba33
JH		 3410 memset(buf, 0, sizeof(buf));
3411
3412 bacpy(&ev->addr.bdaddr, bdaddr);
3413 ev->addr.type = link_to_mgmt(link_type, addr_type);
3414 ev->rssi = rssi;
3415
3416 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
3417 name_len);
3418
3419 put_unaligned_le16(eir_len, &ev->eir_len);
a88a9652 3420
053c7e0c
JH		 3421 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
3422 sizeof(*ev) + eir_len, NULL);
a88a9652 3423}
314b2381 3424
7a135109 3425int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3426{
3427 struct pending_cmd *cmd;
f808e166 3428 u8 type;
164a6e78
JH		 3429 int err;
3430
203159d4
AG		 3431 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3432
2e58ef3e 3433 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3434 if (!cmd)
3435 return -ENOENT;
3436
f808e166
JH		 3437 type = hdev->discovery.type;
3438
3439 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3440 &type, sizeof(type));
164a6e78
JH		 3441 mgmt_pending_remove(cmd);
3442
3443 return err;
3444}
3445
e6d465cb
AG		 3446int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3447{
3448 struct pending_cmd *cmd;
3449 int err;
3450
3451 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3452 if (!cmd)
3453 return -ENOENT;
3454
d930650b
JH		 3455 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3456 &hdev->discovery.type,
3457 sizeof(hdev->discovery.type));
164a6e78
JH		 3458 mgmt_pending_remove(cmd);
3459
3460 return err;
3461}
3462
744cf19e 3463int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3464{
f963e8e9 3465 struct mgmt_ev_discovering ev;
164a6e78
JH		 3466 struct pending_cmd *cmd;
3467
343fb145
AG		 3468 BT_DBG("%s discovering %u", hdev->name, discovering);
3469
164a6e78 3470 if (discovering)
2e58ef3e 3471 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3472 else
2e58ef3e 3473 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3474
3475 if (cmd != NULL) {
f808e166
JH		 3476 u8 type = hdev->discovery.type;
3477
d930650b 3478 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0,
f808e166 3479 &type, sizeof(type));
164a6e78
JH		 3480 mgmt_pending_remove(cmd);
3481 }
3482
f963e8e9
JH		 3483 memset(&ev, 0, sizeof(ev));
3484 ev.type = hdev->discovery.type;
3485 ev.discovering = discovering;
3486
3487 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3488}
5e762444 3489
88c1fe4b 3490int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3491{
3492 struct pending_cmd *cmd;
3493 struct mgmt_ev_device_blocked ev;
3494
2e58ef3e 3495 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3496
88c1fe4b
JH		 3497 bacpy(&ev.addr.bdaddr, bdaddr);
3498 ev.addr.type = type;
5e762444 3499
744cf19e
JH		 3500 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
3501 cmd ? cmd->sk : NULL);
5e762444
AJ		 3502}
3503
88c1fe4b 3504int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3505{
3506 struct pending_cmd *cmd;
3507 struct mgmt_ev_device_unblocked ev;
3508
2e58ef3e 3509 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3510
88c1fe4b
JH		 3511 bacpy(&ev.addr.bdaddr, bdaddr);
3512 ev.addr.type = type;
5e762444 3513
744cf19e
JH		 3514 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
3515 cmd ? cmd->sk : NULL);
5e762444 3516}
d7b7e796
MH		 3517
3518module_param(enable_hs, bool, 0644);
3519MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
3520
3521module_param(enable_le, bool, 0644);
3522MODULE_PARM_DESC(enable_le, "Enable Low Energy support");
Linux kernel - Deliverables
This page took 0.292078 seconds and 5 git commands to generate.