projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Use AUTO_OFF constant in jiffies
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
053262dc 38#define MGMT_REVISION 1
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
102};
103
3fd24153
AG		 104/*
105 * These LE scan and inquiry parameters were chosen according to LE General
106 * Discovery Procedure specification.
107 */
108#define LE_SCAN_TYPE 0x01
109#define LE_SCAN_WIN 0x12
110#define LE_SCAN_INT 0x12
111#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 112#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 113
e8777525 114#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 115#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 116
17b02e62 117#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 118
4b34ee78
JH		 119#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
120 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
121
eec8d2bc
JH		 122struct pending_cmd {
123 struct list_head list;
fc2f4b13 124 u16 opcode;
eec8d2bc 125 int index;
c68fb7ff 126 void *param;
eec8d2bc 127 struct sock *sk;
e9a416b5 128 void *user_data;
eec8d2bc
JH		 129};
130
ca69b795
JH		 131/* HCI to MGMT error code conversion table */
132static u8 mgmt_status_table[] = {
133 MGMT_STATUS_SUCCESS,
134 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
135 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
136 MGMT_STATUS_FAILED, /* Hardware Failure */
137 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
138 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
139 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
140 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
141 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
142 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
144 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
145 MGMT_STATUS_BUSY, /* Command Disallowed */
146 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
147 MGMT_STATUS_REJECTED, /* Rejected Security */
148 MGMT_STATUS_REJECTED, /* Rejected Personal */
149 MGMT_STATUS_TIMEOUT, /* Host Timeout */
150 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
151 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
152 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
153 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
154 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
155 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
156 MGMT_STATUS_BUSY, /* Repeated Attempts */
157 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
158 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
159 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
160 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
161 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
162 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
163 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
164 MGMT_STATUS_FAILED, /* Unspecified Error */
165 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
166 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
167 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
168 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
169 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
170 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
171 MGMT_STATUS_FAILED, /* Unit Link Key Used */
172 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
173 MGMT_STATUS_TIMEOUT, /* Instant Passed */
174 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
175 MGMT_STATUS_FAILED, /* Transaction Collision */
176 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
177 MGMT_STATUS_REJECTED, /* QoS Rejected */
178 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
179 MGMT_STATUS_REJECTED, /* Insufficient Security */
180 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
181 MGMT_STATUS_BUSY, /* Role Switch Pending */
182 MGMT_STATUS_FAILED, /* Slot Violation */
183 MGMT_STATUS_FAILED, /* Role Switch Failed */
184 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
185 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
186 MGMT_STATUS_BUSY, /* Host Busy Pairing */
187 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
188 MGMT_STATUS_BUSY, /* Controller Busy */
189 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
190 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
191 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
192 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
193 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
194};
195
196static u8 mgmt_status(u8 hci_status)
197{
198 if (hci_status < ARRAY_SIZE(mgmt_status_table))
199 return mgmt_status_table[hci_status];
200
201 return MGMT_STATUS_FAILED;
202}
203
4e51eae9 204static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 205{
206 struct sk_buff *skb;
207 struct mgmt_hdr *hdr;
208 struct mgmt_ev_cmd_status *ev;
56b7d137 209 int err;
f7b64e69 210
34eb525c 211 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 212
213 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
214 if (!skb)
215 return -ENOMEM;
216
217 hdr = (void *) skb_put(skb, sizeof(*hdr));
218
219 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 220 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 221 hdr->len = cpu_to_le16(sizeof(*ev));
222
223 ev = (void *) skb_put(skb, sizeof(*ev));
224 ev->status = status;
eb55ef07 225 ev->opcode = cpu_to_le16(cmd);
f7b64e69 226
56b7d137
GP		 227 err = sock_queue_rcv_skb(sk, skb);
228 if (err < 0)
f7b64e69
JH		 229 kfree_skb(skb);
230
56b7d137 231 return err;
f7b64e69
JH		 232}
233
aee9b218 234static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 235 void *rp, size_t rp_len)
02d98129
JH		 236{
237 struct sk_buff *skb;
238 struct mgmt_hdr *hdr;
239 struct mgmt_ev_cmd_complete *ev;
56b7d137 240 int err;
02d98129
JH		 241
242 BT_DBG("sock %p", sk);
243
a38528f1 244 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 245 if (!skb)
246 return -ENOMEM;
247
248 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 249
a38528f1 250 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 251 hdr->index = cpu_to_le16(index);
a38528f1 252 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 253
a38528f1 254 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 255 ev->opcode = cpu_to_le16(cmd);
aee9b218 256 ev->status = status;
8020c16a
SJ		 257
258 if (rp)
259 memcpy(ev->data, rp, rp_len);
02d98129 260
56b7d137
GP		 261 err = sock_queue_rcv_skb(sk, skb);
262 if (err < 0)
02d98129
JH		 263 kfree_skb(skb);
264
e5f0e151 265 return err;
02d98129
JH		 266}
267
04124681
GP		 268static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
269 u16 data_len)
a38528f1
JH		 270{
271 struct mgmt_rp_read_version rp;
272
273 BT_DBG("sock %p", sk);
274
275 rp.version = MGMT_VERSION;
eb55ef07 276 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 277
aee9b218 278 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 279 sizeof(rp));
a38528f1
JH		 280}
281
04124681
GP		 282static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
283 u16 data_len)
e70bb2e8
JH		 284{
285 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 286 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
287 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 288 __le16 *opcode;
e70bb2e8
JH		 289 size_t rp_size;
290 int i, err;
291
292 BT_DBG("sock %p", sk);
293
294 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
295
296 rp = kmalloc(rp_size, GFP_KERNEL);
297 if (!rp)
298 return -ENOMEM;
299
eb55ef07
MH		 300 rp->num_commands = __constant_cpu_to_le16(num_commands);
301 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 302
303 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
304 put_unaligned_le16(mgmt_commands[i], opcode);
305
306 for (i = 0; i < num_events; i++, opcode++)
307 put_unaligned_le16(mgmt_events[i], opcode);
308
aee9b218 309 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 310 rp_size);
e70bb2e8
JH		 311 kfree(rp);
312
313 return err;
314}
315
04124681
GP		 316static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
317 u16 data_len)
faba42eb 318{
faba42eb
JH		 319 struct mgmt_rp_read_index_list *rp;
320 struct list_head *p;
8035ded4 321 struct hci_dev *d;
a38528f1 322 size_t rp_len;
faba42eb 323 u16 count;
a38528f1 324 int i, err;
faba42eb
JH		 325
326 BT_DBG("sock %p", sk);
327
328 read_lock(&hci_dev_list_lock);
329
330 count = 0;
331 list_for_each(p, &hci_dev_list) {
332 count++;
333 }
334
a38528f1
JH		 335 rp_len = sizeof(*rp) + (2 * count);
336 rp = kmalloc(rp_len, GFP_ATOMIC);
337 if (!rp) {
b2c60d42 338 read_unlock(&hci_dev_list_lock);
faba42eb 339 return -ENOMEM;
b2c60d42 340 }
faba42eb 341
eb55ef07 342 rp->num_controllers = cpu_to_le16(count);
faba42eb
JH		 343
344 i = 0;
8035ded4 345 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 346 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 347 continue;
348
eb55ef07 349 rp->index[i++] = cpu_to_le16(d->id);
faba42eb
JH		 350 BT_DBG("Added hci%u", d->id);
351 }
352
353 read_unlock(&hci_dev_list_lock);
354
aee9b218 355 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 356 rp_len);
faba42eb 357
a38528f1
JH		 358 kfree(rp);
359
360 return err;
faba42eb
JH		 361}
362
69ab39ea
JH		 363static u32 get_supported_settings(struct hci_dev *hdev)
364{
365 u32 settings = 0;
366
367 settings |= MGMT_SETTING_POWERED;
368 settings |= MGMT_SETTING_CONNECTABLE;
369 settings |= MGMT_SETTING_FAST_CONNECTABLE;
370 settings |= MGMT_SETTING_DISCOVERABLE;
371 settings |= MGMT_SETTING_PAIRABLE;
372
373 if (hdev->features[6] & LMP_SIMPLE_PAIR)
374 settings |= MGMT_SETTING_SSP;
375
376 if (!(hdev->features[4] & LMP_NO_BREDR)) {
377 settings |= MGMT_SETTING_BREDR;
378 settings |= MGMT_SETTING_LINK_SECURITY;
379 }
380
d7b7e796
MH		 381 if (enable_hs)
382 settings |= MGMT_SETTING_HS;
383
9d42820f
MH		 384 if (hdev->features[4] & LMP_LE)
385 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 386
387 return settings;
388}
389
390static u32 get_current_settings(struct hci_dev *hdev)
391{
392 u32 settings = 0;
393
f1f0eb02 394 if (hdev_is_powered(hdev))
f0d4b78a
MH		 395 settings |= MGMT_SETTING_POWERED;
396
5e5282bb 397 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 398 settings |= MGMT_SETTING_CONNECTABLE;
399
5e5282bb 400 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 401 settings |= MGMT_SETTING_DISCOVERABLE;
402
a8b2d5c2 403 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 404 settings |= MGMT_SETTING_PAIRABLE;
405
406 if (!(hdev->features[4] & LMP_NO_BREDR))
407 settings |= MGMT_SETTING_BREDR;
408
06199cf8 409 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 410 settings |= MGMT_SETTING_LE;
411
47990ea0 412 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 413 settings |= MGMT_SETTING_LINK_SECURITY;
414
84bde9d6 415 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 416 settings |= MGMT_SETTING_SSP;
417
6d80dfd0
JH		 418 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
419 settings |= MGMT_SETTING_HS;
420
69ab39ea
JH		 421 return settings;
422}
423
ef580372
JH		 424#define PNP_INFO_SVCLASS_ID 0x1200
425
426static u8 bluetooth_base_uuid[] = {
427 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
428 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
429};
430
431static u16 get_uuid16(u8 *uuid128)
432{
433 u32 val;
434 int i;
435
436 for (i = 0; i < 12; i++) {
437 if (bluetooth_base_uuid[i] != uuid128[i])
438 return 0;
439 }
440
3e9fb6d8 441 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 442 if (val > 0xffff)
443 return 0;
444
445 return (u16) val;
446}
447
448static void create_eir(struct hci_dev *hdev, u8 *data)
449{
450 u8 *ptr = data;
451 u16 eir_len = 0;
452 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
453 int i, truncated = 0;
454 struct bt_uuid *uuid;
455 size_t name_len;
456
457 name_len = strlen(hdev->dev_name);
458
459 if (name_len > 0) {
460 /* EIR Data type */
461 if (name_len > 48) {
462 name_len = 48;
463 ptr[1] = EIR_NAME_SHORT;
464 } else
465 ptr[1] = EIR_NAME_COMPLETE;
466
467 /* EIR Data length */
468 ptr[0] = name_len + 1;
469
470 memcpy(ptr + 2, hdev->dev_name, name_len);
471
472 eir_len += (name_len + 2);
473 ptr += (name_len + 2);
474 }
475
91c4e9b1
MH		 476 if (hdev->inq_tx_power) {
477 ptr[0] = 2;
478 ptr[1] = EIR_TX_POWER;
479 ptr[2] = (u8) hdev->inq_tx_power;
480
481 eir_len += 3;
482 ptr += 3;
483 }
484
2b9be137
MH		 485 if (hdev->devid_source > 0) {
486 ptr[0] = 9;
487 ptr[1] = EIR_DEVICE_ID;
488
489 put_unaligned_le16(hdev->devid_source, ptr + 2);
490 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
491 put_unaligned_le16(hdev->devid_product, ptr + 6);
492 put_unaligned_le16(hdev->devid_version, ptr + 8);
493
494 eir_len += 10;
495 ptr += 10;
496 }
497
ef580372
JH		 498 memset(uuid16_list, 0, sizeof(uuid16_list));
499
500 /* Group all UUID16 types */
501 list_for_each_entry(uuid, &hdev->uuids, list) {
502 u16 uuid16;
503
504 uuid16 = get_uuid16(uuid->uuid);
505 if (uuid16 == 0)
506 return;
507
508 if (uuid16 < 0x1100)
509 continue;
510
511 if (uuid16 == PNP_INFO_SVCLASS_ID)
512 continue;
513
514 /* Stop if not enough space to put next UUID */
515 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
516 truncated = 1;
517 break;
518 }
519
520 /* Check for duplicates */
521 for (i = 0; uuid16_list[i] != 0; i++)
522 if (uuid16_list[i] == uuid16)
523 break;
524
525 if (uuid16_list[i] == 0) {
526 uuid16_list[i] = uuid16;
527 eir_len += sizeof(u16);
528 }
529 }
530
531 if (uuid16_list[0] != 0) {
532 u8 *length = ptr;
533
534 /* EIR Data type */
535 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
536
537 ptr += 2;
538 eir_len += 2;
539
540 for (i = 0; uuid16_list[i] != 0; i++) {
541 *ptr++ = (uuid16_list[i] & 0x00ff);
542 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
543 }
544
545 /* EIR Data length */
546 *length = (i * sizeof(u16)) + 1;
547 }
548}
549
550static int update_eir(struct hci_dev *hdev)
551{
552 struct hci_cp_write_eir cp;
553
504c8dcd 554 if (!hdev_is_powered(hdev))
7770c4aa
JH		 555 return 0;
556
ef580372
JH		 557 if (!(hdev->features[6] & LMP_EXT_INQ))
558 return 0;
559
84bde9d6 560 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 561 return 0;
562
a8b2d5c2 563 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 564 return 0;
565
566 memset(&cp, 0, sizeof(cp));
567
568 create_eir(hdev, cp.data);
569
570 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
571 return 0;
572
573 memcpy(hdev->eir, cp.data, sizeof(cp.data));
574
575 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
576}
577
578static u8 get_service_classes(struct hci_dev *hdev)
579{
580 struct bt_uuid *uuid;
581 u8 val = 0;
582
583 list_for_each_entry(uuid, &hdev->uuids, list)
584 val |= uuid->svc_hint;
585
586 return val;
587}
588
589static int update_class(struct hci_dev *hdev)
590{
591 u8 cod[3];
c95f0ba7 592 int err;
ef580372
JH		 593
594 BT_DBG("%s", hdev->name);
595
504c8dcd 596 if (!hdev_is_powered(hdev))
7770c4aa
JH		 597 return 0;
598
a8b2d5c2 599 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 600 return 0;
601
602 cod[0] = hdev->minor_class;
603 cod[1] = hdev->major_class;
604 cod[2] = get_service_classes(hdev);
605
606 if (memcmp(cod, hdev->dev_class, 3) == 0)
607 return 0;
608
c95f0ba7
JH		 609 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
610 if (err == 0)
611 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
612
613 return err;
ef580372
JH		 614}
615
7d78525d
JH		 616static void service_cache_off(struct work_struct *work)
617{
618 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 619 service_cache.work);
7d78525d 620
a8b2d5c2 621 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 622 return;
623
624 hci_dev_lock(hdev);
625
626 update_eir(hdev);
627 update_class(hdev);
628
629 hci_dev_unlock(hdev);
630}
631
6a919082 632static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 633{
4f87da80 634 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 635 return;
636
4f87da80 637 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 638
4f87da80
JH		 639 /* Non-mgmt controlled devices get this bit set
640 * implicitly so that pairing works for them, however
641 * for mgmt we require user-space to explicitly enable
642 * it
643 */
644 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 645}
646
0f4e68cf 647static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 648 void *data, u16 data_len)
0381101f 649{
a38528f1 650 struct mgmt_rp_read_info rp;
f7b64e69 651
bdb6d971 652 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 653
09fd0de5 654 hci_dev_lock(hdev);
f7b64e69 655
dc4fe30b
JH		 656 memset(&rp, 0, sizeof(rp));
657
69ab39ea 658 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 659
69ab39ea 660 rp.version = hdev->hci_ver;
eb55ef07 661 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 662
663 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
664 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 665
a38528f1 666 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 667
dc4fe30b 668 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 669 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 670
09fd0de5 671 hci_dev_unlock(hdev);
0381101f 672
bdb6d971 673 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 674 sizeof(rp));
0381101f
JH		 675}
676
eec8d2bc
JH		 677static void mgmt_pending_free(struct pending_cmd *cmd)
678{
679 sock_put(cmd->sk);
c68fb7ff 680 kfree(cmd->param);
eec8d2bc
JH		 681 kfree(cmd);
682}
683
366a0336 684static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 685 struct hci_dev *hdev, void *data,
686 u16 len)
eec8d2bc
JH		 687{
688 struct pending_cmd *cmd;
689
690 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
691 if (!cmd)
366a0336 692 return NULL;
eec8d2bc
JH		 693
694 cmd->opcode = opcode;
2e58ef3e 695 cmd->index = hdev->id;
eec8d2bc 696
c68fb7ff
SJ		 697 cmd->param = kmalloc(len, GFP_ATOMIC);
698 if (!cmd->param) {
eec8d2bc 699 kfree(cmd);
366a0336 700 return NULL;
eec8d2bc
JH		 701 }
702
8fce6357
SJ		 703 if (data)
704 memcpy(cmd->param, data, len);
eec8d2bc
JH		 705
706 cmd->sk = sk;
707 sock_hold(sk);
708
2e58ef3e 709 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 710
366a0336 711 return cmd;
eec8d2bc
JH		 712}
713
744cf19e 714static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 715 void (*cb)(struct pending_cmd *cmd,
716 void *data),
04124681 717 void *data)
eec8d2bc
JH		 718{
719 struct list_head *p, *n;
720
2e58ef3e 721 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 722 struct pending_cmd *cmd;
723
724 cmd = list_entry(p, struct pending_cmd, list);
725
b24752fe 726 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 727 continue;
728
eec8d2bc
JH		 729 cb(cmd, data);
730 }
731}
732
2e58ef3e 733static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 734{
8035ded4 735 struct pending_cmd *cmd;
eec8d2bc 736
2e58ef3e 737 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 738 if (cmd->opcode == opcode)
739 return cmd;
eec8d2bc
JH		 740 }
741
742 return NULL;
743}
744
a664b5bc 745static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 746{
73f22f62
JH		 747 list_del(&cmd->list);
748 mgmt_pending_free(cmd);
749}
750
69ab39ea 751static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 752{
69ab39ea 753 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 754
aee9b218 755 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 756 sizeof(settings));
8680570b
JH		 757}
758
bdb6d971 759static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 760 u16 len)
eec8d2bc 761{
650f726d 762 struct mgmt_mode *cp = data;
366a0336 763 struct pending_cmd *cmd;
4b34ee78 764 int err;
eec8d2bc 765
bdb6d971 766 BT_DBG("request for %s", hdev->name);
eec8d2bc 767
09fd0de5 768 hci_dev_lock(hdev);
eec8d2bc 769
f0d4b78a
MH		 770 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
771 cancel_delayed_work(&hdev->power_off);
772
773 if (cp->val) {
774 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
775 mgmt_powered(hdev, 1);
776 goto failed;
777 }
778 }
779
4b34ee78 780 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 781 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 782 goto failed;
783 }
784
2e58ef3e 785 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 786 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 787 MGMT_STATUS_BUSY);
eec8d2bc
JH		 788 goto failed;
789 }
790
2e58ef3e 791 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 792 if (!cmd) {
793 err = -ENOMEM;
eec8d2bc 794 goto failed;
366a0336 795 }
eec8d2bc 796
72a734ec 797 if (cp->val)
7f971041 798 schedule_work(&hdev->power_on);
eec8d2bc 799 else
80b7ab33 800 schedule_work(&hdev->power_off.work);
eec8d2bc 801
366a0336 802 err = 0;
eec8d2bc
JH		 803
804failed:
09fd0de5 805 hci_dev_unlock(hdev);
366a0336 806 return err;
eec8d2bc
JH		 807}
808
04124681
GP		 809static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
810 struct sock *skip_sk)
beadb2bd
JH		 811{
812 struct sk_buff *skb;
813 struct mgmt_hdr *hdr;
814
815 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
816 if (!skb)
817 return -ENOMEM;
818
819 hdr = (void *) skb_put(skb, sizeof(*hdr));
820 hdr->opcode = cpu_to_le16(event);
821 if (hdev)
822 hdr->index = cpu_to_le16(hdev->id);
823 else
824 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
825 hdr->len = cpu_to_le16(data_len);
826
827 if (data)
828 memcpy(skb_put(skb, data_len), data, data_len);
829
97e0bdeb
MH		 830 /* Time stamp */
831 __net_timestamp(skb);
832
beadb2bd
JH		 833 hci_send_to_control(skb, skip_sk);
834 kfree_skb(skb);
835
836 return 0;
837}
838
839static int new_settings(struct hci_dev *hdev, struct sock *skip)
840{
841 __le32 ev;
842
843 ev = cpu_to_le32(get_current_settings(hdev));
844
845 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
846}
847
bdb6d971 848static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 849 u16 len)
73f22f62 850{
650f726d 851 struct mgmt_cp_set_discoverable *cp = data;
366a0336 852 struct pending_cmd *cmd;
5e5282bb 853 u16 timeout;
73f22f62
JH		 854 u8 scan;
855 int err;
856
bdb6d971 857 BT_DBG("request for %s", hdev->name);
73f22f62 858
1f350c87 859 timeout = __le16_to_cpu(cp->timeout);
24c54a90 860 if (!cp->val && timeout > 0)
bdb6d971 861 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 862 MGMT_STATUS_INVALID_PARAMS);
73f22f62 863
09fd0de5 864 hci_dev_lock(hdev);
73f22f62 865
5e5282bb 866 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 867 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 868 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 869 goto failed;
870 }
871
2e58ef3e 872 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 873 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 874 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 875 MGMT_STATUS_BUSY);
73f22f62
JH		 876 goto failed;
877 }
878
5e5282bb 879 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 880 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 881 MGMT_STATUS_REJECTED);
5e5282bb
JH		 882 goto failed;
883 }
884
885 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 886 bool changed = false;
887
888 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
889 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
890 changed = true;
891 }
892
5e5282bb 893 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 894 if (err < 0)
895 goto failed;
896
897 if (changed)
898 err = new_settings(hdev, sk);
899
5e5282bb
JH		 900 goto failed;
901 }
902
903 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 904 if (hdev->discov_timeout > 0) {
905 cancel_delayed_work(&hdev->discov_off);
906 hdev->discov_timeout = 0;
907 }
908
909 if (cp->val && timeout > 0) {
910 hdev->discov_timeout = timeout;
911 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
912 msecs_to_jiffies(hdev->discov_timeout * 1000));
913 }
914
69ab39ea 915 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 916 goto failed;
917 }
918
2e58ef3e 919 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 920 if (!cmd) {
921 err = -ENOMEM;
73f22f62 922 goto failed;
366a0336 923 }
73f22f62
JH		 924
925 scan = SCAN_PAGE;
926
72a734ec 927 if (cp->val)
73f22f62 928 scan |= SCAN_INQUIRY;
16ab91ab 929 else
e0f9309f 930 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 931
932 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
933 if (err < 0)
a664b5bc 934 mgmt_pending_remove(cmd);
73f22f62 935
16ab91ab 936 if (cp->val)
5e5282bb 937 hdev->discov_timeout = timeout;
16ab91ab 938
73f22f62 939failed:
09fd0de5 940 hci_dev_unlock(hdev);
73f22f62
JH		 941 return err;
942}
943
bdb6d971 944static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 945 u16 len)
9fbcbb45 946{
650f726d 947 struct mgmt_mode *cp = data;
366a0336 948 struct pending_cmd *cmd;
9fbcbb45
JH		 949 u8 scan;
950 int err;
951
bdb6d971 952 BT_DBG("request for %s", hdev->name);
9fbcbb45 953
09fd0de5 954 hci_dev_lock(hdev);
9fbcbb45 955
4b34ee78 956 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 957 bool changed = false;
958
959 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
960 changed = true;
961
6bf0e469 962 if (cp->val) {
5e5282bb 963 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 964 } else {
5e5282bb
JH		 965 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
966 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
967 }
0224d2fa 968
5e5282bb 969 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 970 if (err < 0)
971 goto failed;
972
973 if (changed)
974 err = new_settings(hdev, sk);
975
9fbcbb45
JH		 976 goto failed;
977 }
978
2e58ef3e 979 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 980 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 981 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 982 MGMT_STATUS_BUSY);
9fbcbb45
JH		 983 goto failed;
984 }
985
5e5282bb 986 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 987 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 988 goto failed;
989 }
990
2e58ef3e 991 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 992 if (!cmd) {
993 err = -ENOMEM;
9fbcbb45 994 goto failed;
366a0336 995 }
9fbcbb45 996
6bf0e469 997 if (cp->val) {
9fbcbb45 998 scan = SCAN_PAGE;
6bf0e469 999 } else {
9fbcbb45
JH		 1000 scan = 0;
1001
df2c6c5e 1002 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1003 hdev->discov_timeout > 0)
df2c6c5e
JH		 1004 cancel_delayed_work(&hdev->discov_off);
1005 }
1006
9fbcbb45
JH		 1007 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1008 if (err < 0)
a664b5bc 1009 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1010
1011failed:
09fd0de5 1012 hci_dev_unlock(hdev);
9fbcbb45
JH		 1013 return err;
1014}
1015
bdb6d971 1016static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1017 u16 len)
c542a06c 1018{
650f726d 1019 struct mgmt_mode *cp = data;
c542a06c
JH		 1020 int err;
1021
bdb6d971 1022 BT_DBG("request for %s", hdev->name);
c542a06c 1023
09fd0de5 1024 hci_dev_lock(hdev);
c542a06c
JH		 1025
1026 if (cp->val)
a8b2d5c2 1027 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1028 else
a8b2d5c2 1029 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1030
69ab39ea 1031 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1032 if (err < 0)
1033 goto failed;
1034
beadb2bd 1035 err = new_settings(hdev, sk);
c542a06c
JH		 1036
1037failed:
09fd0de5 1038 hci_dev_unlock(hdev);
c542a06c
JH		 1039 return err;
1040}
1041
04124681
GP		 1042static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1043 u16 len)
33ef95ed
JH		 1044{
1045 struct mgmt_mode *cp = data;
1046 struct pending_cmd *cmd;
816a11d5 1047 u8 val;
33ef95ed
JH		 1048 int err;
1049
bdb6d971 1050 BT_DBG("request for %s", hdev->name);
33ef95ed 1051
33ef95ed
JH		 1052 hci_dev_lock(hdev);
1053
4b34ee78 1054 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1055 bool changed = false;
1056
1057 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1058 &hdev->dev_flags)) {
47990ea0
JH		 1059 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1060 changed = true;
1061 }
1062
1063 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1064 if (err < 0)
1065 goto failed;
1066
1067 if (changed)
1068 err = new_settings(hdev, sk);
1069
33ef95ed
JH		 1070 goto failed;
1071 }
1072
1073 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1074 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1075 MGMT_STATUS_BUSY);
33ef95ed
JH		 1076 goto failed;
1077 }
1078
1079 val = !!cp->val;
1080
1081 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1082 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1083 goto failed;
1084 }
1085
1086 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1087 if (!cmd) {
1088 err = -ENOMEM;
1089 goto failed;
1090 }
1091
1092 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1093 if (err < 0) {
1094 mgmt_pending_remove(cmd);
1095 goto failed;
1096 }
1097
1098failed:
1099 hci_dev_unlock(hdev);
33ef95ed
JH		 1100 return err;
1101}
1102
bdb6d971 1103static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1104{
1105 struct mgmt_mode *cp = data;
1106 struct pending_cmd *cmd;
816a11d5 1107 u8 val;
ed2c4ee3
JH		 1108 int err;
1109
bdb6d971 1110 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1111
ed2c4ee3
JH		 1112 hci_dev_lock(hdev);
1113
6c8f12c1 1114 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
bdb6d971 1115 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
04124681 1116 MGMT_STATUS_NOT_SUPPORTED);
6c8f12c1
JH		 1117 goto failed;
1118 }
1119
c0ecddc2
JH		 1120 val = !!cp->val;
1121
4b34ee78 1122 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1123 bool changed = false;
1124
1125 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1126 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1127 changed = true;
1128 }
1129
1130 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1131 if (err < 0)
1132 goto failed;
1133
1134 if (changed)
1135 err = new_settings(hdev, sk);
1136
ed2c4ee3
JH		 1137 goto failed;
1138 }
1139
1140 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1141 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1142 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1143 goto failed;
1144 }
1145
ed2c4ee3
JH		 1146 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1147 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1148 goto failed;
1149 }
1150
1151 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1152 if (!cmd) {
1153 err = -ENOMEM;
1154 goto failed;
1155 }
1156
1157 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1158 if (err < 0) {
1159 mgmt_pending_remove(cmd);
1160 goto failed;
1161 }
1162
1163failed:
1164 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1165 return err;
1166}
1167
bdb6d971 1168static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1169{
1170 struct mgmt_mode *cp = data;
6d80dfd0 1171
bdb6d971 1172 BT_DBG("request for %s", hdev->name);
6d80dfd0 1173
bdb6d971
JH		 1174 if (!enable_hs)
1175 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1176 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0
JH		 1177
1178 if (cp->val)
1179 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1180 else
1181 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1182
bdb6d971 1183 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1184}
1185
bdb6d971 1186static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1187{
1188 struct mgmt_mode *cp = data;
1189 struct hci_cp_write_le_host_supported hci_cp;
1190 struct pending_cmd *cmd;
06199cf8 1191 int err;
0b60eba1 1192 u8 val, enabled;
06199cf8 1193
bdb6d971 1194 BT_DBG("request for %s", hdev->name);
06199cf8 1195
1de028ce
JH		 1196 hci_dev_lock(hdev);
1197
9d42820f 1198 if (!(hdev->features[4] & LMP_LE)) {
bdb6d971 1199 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1200 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1201 goto unlock;
06199cf8
JH		 1202 }
1203
1204 val = !!cp->val;
0b60eba1 1205 enabled = !!(hdev->host_features[0] & LMP_HOST_LE);
06199cf8 1206
0b60eba1 1207 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1208 bool changed = false;
1209
1210 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1211 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1212 changed = true;
1213 }
1214
1215 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1216 if (err < 0)
1de028ce 1217 goto unlock;
06199cf8
JH		 1218
1219 if (changed)
1220 err = new_settings(hdev, sk);
1221
1de028ce 1222 goto unlock;
06199cf8
JH		 1223 }
1224
1225 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1226 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1227 MGMT_STATUS_BUSY);
1de028ce 1228 goto unlock;
06199cf8
JH		 1229 }
1230
1231 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1232 if (!cmd) {
1233 err = -ENOMEM;
1de028ce 1234 goto unlock;
06199cf8
JH		 1235 }
1236
1237 memset(&hci_cp, 0, sizeof(hci_cp));
1238
1239 if (val) {
1240 hci_cp.le = val;
1241 hci_cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
1242 }
1243
04124681
GP		 1244 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1245 &hci_cp);
0c01bc48 1246 if (err < 0)
06199cf8 1247 mgmt_pending_remove(cmd);
06199cf8 1248
1de028ce
JH		 1249unlock:
1250 hci_dev_unlock(hdev);
06199cf8
JH		 1251 return err;
1252}
1253
bdb6d971 1254static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1255{
650f726d 1256 struct mgmt_cp_add_uuid *cp = data;
90e70454 1257 struct pending_cmd *cmd;
2aeb9a1a 1258 struct bt_uuid *uuid;
2aeb9a1a
JH		 1259 int err;
1260
bdb6d971 1261 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1262
09fd0de5 1263 hci_dev_lock(hdev);
2aeb9a1a 1264
c95f0ba7 1265 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1266 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1267 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1268 goto failed;
1269 }
1270
2aeb9a1a
JH		 1271 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
1272 if (!uuid) {
1273 err = -ENOMEM;
1274 goto failed;
1275 }
1276
1277 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1278 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1279
1280 list_add(&uuid->list, &hdev->uuids);
1281
1aff6f09
JH		 1282 err = update_class(hdev);
1283 if (err < 0)
1284 goto failed;
1285
80a1e1db
JH		 1286 err = update_eir(hdev);
1287 if (err < 0)
1288 goto failed;
1289
90e70454 1290 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1291 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1292 hdev->dev_class, 3);
90e70454
JH		 1293 goto failed;
1294 }
1295
1296 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1297 if (!cmd)
90e70454 1298 err = -ENOMEM;
2aeb9a1a
JH		 1299
1300failed:
09fd0de5 1301 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1302 return err;
1303}
1304
24b78d0f
JH		 1305static bool enable_service_cache(struct hci_dev *hdev)
1306{
1307 if (!hdev_is_powered(hdev))
1308 return false;
1309
1310 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
17b02e62 1311 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT);
24b78d0f
JH		 1312 return true;
1313 }
1314
1315 return false;
1316}
1317
bdb6d971 1318static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1319 u16 len)
2aeb9a1a 1320{
650f726d 1321 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1322 struct pending_cmd *cmd;
2aeb9a1a 1323 struct list_head *p, *n;
2aeb9a1a 1324 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1325 int err, found;
1326
bdb6d971 1327 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1328
09fd0de5 1329 hci_dev_lock(hdev);
2aeb9a1a 1330
c95f0ba7 1331 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1332 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1333 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1334 goto unlock;
1335 }
1336
2aeb9a1a
JH		 1337 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1338 err = hci_uuids_clear(hdev);
4004b6d9 1339
24b78d0f 1340 if (enable_service_cache(hdev)) {
bdb6d971 1341 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1342 0, hdev->dev_class, 3);
24b78d0f
JH		 1343 goto unlock;
1344 }
4004b6d9 1345
9246a869 1346 goto update_class;
2aeb9a1a
JH		 1347 }
1348
1349 found = 0;
1350
1351 list_for_each_safe(p, n, &hdev->uuids) {
1352 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1353
1354 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1355 continue;
1356
1357 list_del(&match->list);
1358 found++;
1359 }
1360
1361 if (found == 0) {
bdb6d971 1362 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1363 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1364 goto unlock;
1365 }
1366
9246a869 1367update_class:
1aff6f09
JH		 1368 err = update_class(hdev);
1369 if (err < 0)
1370 goto unlock;
1371
80a1e1db
JH		 1372 err = update_eir(hdev);
1373 if (err < 0)
1374 goto unlock;
1375
90e70454 1376 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1377 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1378 hdev->dev_class, 3);
90e70454
JH		 1379 goto unlock;
1380 }
1381
1382 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1383 if (!cmd)
90e70454 1384 err = -ENOMEM;
2aeb9a1a
JH		 1385
1386unlock:
09fd0de5 1387 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1388 return err;
1389}
1390
bdb6d971 1391static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1392 u16 len)
1aff6f09 1393{
650f726d 1394 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1395 struct pending_cmd *cmd;
1aff6f09
JH		 1396 int err;
1397
bdb6d971 1398 BT_DBG("request for %s", hdev->name);
1aff6f09 1399
09fd0de5 1400 hci_dev_lock(hdev);
1aff6f09 1401
c95f0ba7 1402 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1403 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
04124681 1404 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1405 goto unlock;
1406 }
1407
932f5ff5
JH		 1408 hdev->major_class = cp->major;
1409 hdev->minor_class = cp->minor;
1410
b5235a65 1411 if (!hdev_is_powered(hdev)) {
bdb6d971 1412 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1413 hdev->dev_class, 3);
b5235a65
JH		 1414 goto unlock;
1415 }
1416
a8b2d5c2 1417 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1418 hci_dev_unlock(hdev);
1419 cancel_delayed_work_sync(&hdev->service_cache);
1420 hci_dev_lock(hdev);
14c0b608 1421 update_eir(hdev);
7d78525d 1422 }
14c0b608 1423
1aff6f09 1424 err = update_class(hdev);
90e70454
JH		 1425 if (err < 0)
1426 goto unlock;
1aff6f09 1427
90e70454 1428 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1429 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1430 hdev->dev_class, 3);
90e70454
JH		 1431 goto unlock;
1432 }
1433
1434 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1435 if (!cmd)
90e70454 1436 err = -ENOMEM;
1aff6f09 1437
b5235a65 1438unlock:
09fd0de5 1439 hci_dev_unlock(hdev);
1aff6f09
JH		 1440 return err;
1441}
1442
bdb6d971 1443static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1444 u16 len)
55ed8ca1 1445{
650f726d 1446 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1447 u16 key_count, expected_len;
a492cd52 1448 int i;
55ed8ca1 1449
1f350c87 1450 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1451
86742e1e
JH		 1452 expected_len = sizeof(*cp) + key_count *
1453 sizeof(struct mgmt_link_key_info);
a492cd52 1454 if (expected_len != len) {
86742e1e 1455 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1456 len, expected_len);
bdb6d971 1457 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1458 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1459 }
1460
bdb6d971 1461 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1462 key_count);
55ed8ca1 1463
09fd0de5 1464 hci_dev_lock(hdev);
55ed8ca1
JH		 1465
1466 hci_link_keys_clear(hdev);
1467
a8b2d5c2 1468 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1469
1470 if (cp->debug_keys)
a8b2d5c2 1471 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1472 else
a8b2d5c2 1473 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1474
a492cd52 1475 for (i = 0; i < key_count; i++) {
86742e1e 1476 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1477
d753fdc4 1478 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1479 key->type, key->pin_len);
55ed8ca1
JH		 1480 }
1481
bdb6d971 1482 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1483
09fd0de5 1484 hci_dev_unlock(hdev);
55ed8ca1 1485
a492cd52 1486 return 0;
55ed8ca1
JH		 1487}
1488
b1078ad0 1489static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1490 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1491{
1492 struct mgmt_ev_device_unpaired ev;
1493
1494 bacpy(&ev.addr.bdaddr, bdaddr);
1495 ev.addr.type = addr_type;
1496
1497 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1498 skip_sk);
b1078ad0
JH		 1499}
1500
bdb6d971 1501static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1502 u16 len)
55ed8ca1 1503{
124f6e35
JH		 1504 struct mgmt_cp_unpair_device *cp = data;
1505 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1506 struct hci_cp_disconnect dc;
1507 struct pending_cmd *cmd;
55ed8ca1 1508 struct hci_conn *conn;
55ed8ca1
JH		 1509 int err;
1510
09fd0de5 1511 hci_dev_lock(hdev);
55ed8ca1 1512
a8a1d19e 1513 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1514 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1515 rp.addr.type = cp->addr.type;
a8a1d19e 1516
86a8cfc6 1517 if (!hdev_is_powered(hdev)) {
bdb6d971 1518 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1519 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1520 goto unlock;
1521 }
1522
591f47f3 1523 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1524 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1525 else
1526 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1527
55ed8ca1 1528 if (err < 0) {
bdb6d971 1529 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1530 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1531 goto unlock;
1532 }
1533
86a8cfc6 1534 if (cp->disconnect) {
591f47f3 1535 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1536 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1537 &cp->addr.bdaddr);
86a8cfc6
JH		 1538 else
1539 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1540 &cp->addr.bdaddr);
86a8cfc6
JH		 1541 } else {
1542 conn = NULL;
1543 }
124f6e35 1544
a8a1d19e 1545 if (!conn) {
bdb6d971 1546 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1547 &rp, sizeof(rp));
b1078ad0 1548 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1549 goto unlock;
1550 }
55ed8ca1 1551
124f6e35 1552 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1553 sizeof(*cp));
a8a1d19e
JH		 1554 if (!cmd) {
1555 err = -ENOMEM;
1556 goto unlock;
55ed8ca1
JH		 1557 }
1558
eb55ef07 1559 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1560 dc.reason = 0x13; /* Remote User Terminated Connection */
1561 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1562 if (err < 0)
1563 mgmt_pending_remove(cmd);
1564
55ed8ca1 1565unlock:
09fd0de5 1566 hci_dev_unlock(hdev);
55ed8ca1
JH		 1567 return err;
1568}
1569
bdb6d971 1570static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1571 u16 len)
8962ee74 1572{
650f726d 1573 struct mgmt_cp_disconnect *cp = data;
8962ee74 1574 struct hci_cp_disconnect dc;
366a0336 1575 struct pending_cmd *cmd;
8962ee74 1576 struct hci_conn *conn;
8962ee74
JH		 1577 int err;
1578
1579 BT_DBG("");
1580
09fd0de5 1581 hci_dev_lock(hdev);
8962ee74
JH		 1582
1583 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1584 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1585 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1586 goto failed;
1587 }
1588
2e58ef3e 1589 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1590 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1591 MGMT_STATUS_BUSY);
8962ee74
JH		 1592 goto failed;
1593 }
1594
591f47f3 1595 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1596 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1597 &cp->addr.bdaddr);
88c3df13
JH		 1598 else
1599 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1600
8962ee74 1601 if (!conn) {
bdb6d971 1602 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1603 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1604 goto failed;
1605 }
1606
2e58ef3e 1607 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1608 if (!cmd) {
1609 err = -ENOMEM;
8962ee74 1610 goto failed;
366a0336 1611 }
8962ee74 1612
eb55ef07 1613 dc.handle = cpu_to_le16(conn->handle);
3701f944 1614 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1615
1616 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1617 if (err < 0)
a664b5bc 1618 mgmt_pending_remove(cmd);
8962ee74
JH		 1619
1620failed:
09fd0de5 1621 hci_dev_unlock(hdev);
8962ee74
JH		 1622 return err;
1623}
1624
57c1477c 1625static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1626{
1627 switch (link_type) {
1628 case LE_LINK:
48264f06
JH		 1629 switch (addr_type) {
1630 case ADDR_LE_DEV_PUBLIC:
591f47f3 1631 return BDADDR_LE_PUBLIC;
0ed09148 1632
48264f06 1633 default:
0ed09148 1634 /* Fallback to LE Random address type */
591f47f3 1635 return BDADDR_LE_RANDOM;
48264f06 1636 }
0ed09148 1637
4c659c39 1638 default:
0ed09148 1639 /* Fallback to BR/EDR type */
591f47f3 1640 return BDADDR_BREDR;
4c659c39
JH		 1641 }
1642}
1643
04124681
GP		 1644static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1645 u16 data_len)
2784eb41 1646{
2784eb41 1647 struct mgmt_rp_get_connections *rp;
8035ded4 1648 struct hci_conn *c;
a38528f1 1649 size_t rp_len;
60fc5fb6
JH		 1650 int err;
1651 u16 i;
2784eb41
JH		 1652
1653 BT_DBG("");
1654
09fd0de5 1655 hci_dev_lock(hdev);
2784eb41 1656
5f97c1df 1657 if (!hdev_is_powered(hdev)) {
bdb6d971 1658 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1659 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1660 goto unlock;
1661 }
1662
60fc5fb6 1663 i = 0;
b644ba33
JH		 1664 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1665 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1666 i++;
2784eb41
JH		 1667 }
1668
60fc5fb6 1669 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1670 rp = kmalloc(rp_len, GFP_ATOMIC);
1671 if (!rp) {
2784eb41
JH		 1672 err = -ENOMEM;
1673 goto unlock;
1674 }
1675
2784eb41 1676 i = 0;
4c659c39 1677 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1678 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1679 continue;
4c659c39 1680 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1681 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1682 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1683 continue;
1684 i++;
1685 }
1686
eb55ef07 1687 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1688
4c659c39
JH		 1689 /* Recalculate length in case of filtered SCO connections, etc */
1690 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1691
bdb6d971 1692 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1693 rp_len);
2784eb41 1694
a38528f1 1695 kfree(rp);
5f97c1df
JH		 1696
1697unlock:
09fd0de5 1698 hci_dev_unlock(hdev);
2784eb41
JH		 1699 return err;
1700}
1701
bdb6d971 1702static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1703 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1704{
1705 struct pending_cmd *cmd;
1706 int err;
1707
2e58ef3e 1708 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1709 sizeof(*cp));
96d97a67
WR		 1710 if (!cmd)
1711 return -ENOMEM;
1712
d8457698 1713 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1714 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1715 if (err < 0)
1716 mgmt_pending_remove(cmd);
1717
1718 return err;
1719}
1720
bdb6d971 1721static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1722 u16 len)
980e1a53 1723{
96d97a67 1724 struct hci_conn *conn;
650f726d 1725 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1726 struct hci_cp_pin_code_reply reply;
366a0336 1727 struct pending_cmd *cmd;
980e1a53
JH		 1728 int err;
1729
1730 BT_DBG("");
1731
09fd0de5 1732 hci_dev_lock(hdev);
980e1a53 1733
4b34ee78 1734 if (!hdev_is_powered(hdev)) {
bdb6d971 1735 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1736 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1737 goto failed;
1738 }
1739
d8457698 1740 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1741 if (!conn) {
bdb6d971 1742 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1743 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1744 goto failed;
1745 }
1746
1747 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1748 struct mgmt_cp_pin_code_neg_reply ncp;
1749
1750 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1751
1752 BT_ERR("PIN code is not 16 bytes long");
1753
bdb6d971 1754 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1755 if (err >= 0)
bdb6d971 1756 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1757 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1758
1759 goto failed;
1760 }
1761
00abfe44 1762 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1763 if (!cmd) {
1764 err = -ENOMEM;
980e1a53 1765 goto failed;
366a0336 1766 }
980e1a53 1767
d8457698 1768 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1769 reply.pin_len = cp->pin_len;
24718ca5 1770 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1771
1772 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1773 if (err < 0)
a664b5bc 1774 mgmt_pending_remove(cmd);
980e1a53
JH		 1775
1776failed:
09fd0de5 1777 hci_dev_unlock(hdev);
980e1a53
JH		 1778 return err;
1779}
1780
bdb6d971 1781static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1782 void *data, u16 len)
980e1a53 1783{
650f726d 1784 struct mgmt_cp_pin_code_neg_reply *cp = data;
980e1a53
JH		 1785 int err;
1786
1787 BT_DBG("");
1788
09fd0de5 1789 hci_dev_lock(hdev);
980e1a53 1790
4b34ee78 1791 if (!hdev_is_powered(hdev)) {
bdb6d971 1792 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 1793 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1794 goto failed;
1795 }
1796
bdb6d971 1797 err = send_pin_code_neg_reply(sk, hdev, cp);
980e1a53
JH		 1798
1799failed:
09fd0de5 1800 hci_dev_unlock(hdev);
980e1a53
JH		 1801 return err;
1802}
1803
04124681
GP		 1804static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1805 u16 len)
17fa4b9d 1806{
650f726d 1807 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1808
1809 BT_DBG("");
1810
09fd0de5 1811 hci_dev_lock(hdev);
17fa4b9d
JH		 1812
1813 hdev->io_capability = cp->io_capability;
1814
1815 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1816 hdev->io_capability);
17fa4b9d 1817
09fd0de5 1818 hci_dev_unlock(hdev);
17fa4b9d 1819
04124681
GP		 1820 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1821 0);
17fa4b9d
JH		 1822}
1823
6039aa73 1824static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1825{
1826 struct hci_dev *hdev = conn->hdev;
8035ded4 1827 struct pending_cmd *cmd;
e9a416b5 1828
2e58ef3e 1829 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1830 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1831 continue;
1832
e9a416b5
JH		 1833 if (cmd->user_data != conn)
1834 continue;
1835
1836 return cmd;
1837 }
1838
1839 return NULL;
1840}
1841
1842static void pairing_complete(struct pending_cmd *cmd, u8 status)
1843{
1844 struct mgmt_rp_pair_device rp;
1845 struct hci_conn *conn = cmd->user_data;
1846
ba4e564f 1847 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1848 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1849
aee9b218 1850 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1851 &rp, sizeof(rp));
e9a416b5
JH		 1852
1853 /* So we don't get further callbacks for this connection */
1854 conn->connect_cfm_cb = NULL;
1855 conn->security_cfm_cb = NULL;
1856 conn->disconn_cfm_cb = NULL;
1857
1858 hci_conn_put(conn);
1859
a664b5bc 1860 mgmt_pending_remove(cmd);
e9a416b5
JH		 1861}
1862
1863static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1864{
1865 struct pending_cmd *cmd;
1866
1867 BT_DBG("status %u", status);
1868
1869 cmd = find_pairing(conn);
56e5cb86 1870 if (!cmd)
e9a416b5 1871 BT_DBG("Unable to find a pending command");
56e5cb86 1872 else
e211326c 1873 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1874}
1875
4c47d739
VA		 1876static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1877{
1878 struct pending_cmd *cmd;
1879
1880 BT_DBG("status %u", status);
1881
1882 if (!status)
1883 return;
1884
1885 cmd = find_pairing(conn);
1886 if (!cmd)
1887 BT_DBG("Unable to find a pending command");
1888 else
1889 pairing_complete(cmd, mgmt_status(status));
1890}
1891
bdb6d971 1892static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1893 u16 len)
e9a416b5 1894{
650f726d 1895 struct mgmt_cp_pair_device *cp = data;
1425acb7 1896 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1897 struct pending_cmd *cmd;
1898 u8 sec_level, auth_type;
1899 struct hci_conn *conn;
e9a416b5
JH		 1900 int err;
1901
1902 BT_DBG("");
1903
09fd0de5 1904 hci_dev_lock(hdev);
e9a416b5 1905
5f97c1df 1906 if (!hdev_is_powered(hdev)) {
bdb6d971 1907 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1908 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1909 goto unlock;
1910 }
1911
c908df36
VCG		 1912 sec_level = BT_SECURITY_MEDIUM;
1913 if (cp->io_cap == 0x03)
e9a416b5 1914 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1915 else
e9a416b5 1916 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1917
591f47f3 1918 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1919 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1920 cp->addr.type, sec_level, auth_type);
7a512d01 1921 else
b12f62cf
AG		 1922 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1923 cp->addr.type, sec_level, auth_type);
7a512d01 1924
1425acb7
JH		 1925 memset(&rp, 0, sizeof(rp));
1926 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1927 rp.addr.type = cp->addr.type;
1928
30e76272 1929 if (IS_ERR(conn)) {
489dc48e
AK		 1930 int status;
1931
1932 if (PTR_ERR(conn) == -EBUSY)
1933 status = MGMT_STATUS_BUSY;
1934 else
1935 status = MGMT_STATUS_CONNECT_FAILED;
1936
bdb6d971 1937 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 1938 status, &rp,
04124681 1939 sizeof(rp));
e9a416b5
JH		 1940 goto unlock;
1941 }
1942
1943 if (conn->connect_cfm_cb) {
1944 hci_conn_put(conn);
bdb6d971 1945 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1946 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1947 goto unlock;
1948 }
1949
2e58ef3e 1950 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1951 if (!cmd) {
1952 err = -ENOMEM;
1953 hci_conn_put(conn);
1954 goto unlock;
1955 }
1956
7a512d01 1957 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 1958 if (cp->addr.type == BDADDR_BREDR)
7a512d01 1959 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 1960 else
1961 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 1962
e9a416b5
JH		 1963 conn->security_cfm_cb = pairing_complete_cb;
1964 conn->disconn_cfm_cb = pairing_complete_cb;
1965 conn->io_capability = cp->io_cap;
1966 cmd->user_data = conn;
1967
1968 if (conn->state == BT_CONNECTED &&
8ce8e2b5 1969 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 1970 pairing_complete(cmd, 0);
1971
1972 err = 0;
1973
1974unlock:
09fd0de5 1975 hci_dev_unlock(hdev);
e9a416b5
JH		 1976 return err;
1977}
1978
04124681
GP		 1979static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1980 u16 len)
28424707 1981{
0f4e68cf 1982 struct mgmt_addr_info *addr = data;
28424707
JH		 1983 struct pending_cmd *cmd;
1984 struct hci_conn *conn;
1985 int err;
1986
1987 BT_DBG("");
1988
28424707
JH		 1989 hci_dev_lock(hdev);
1990
5f97c1df 1991 if (!hdev_is_powered(hdev)) {
bdb6d971 1992 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1993 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1994 goto unlock;
1995 }
1996
28424707
JH		 1997 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1998 if (!cmd) {
bdb6d971 1999 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2000 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2001 goto unlock;
2002 }
2003
2004 conn = cmd->user_data;
2005
2006 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2007 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2008 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2009 goto unlock;
2010 }
2011
2012 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2013
bdb6d971 2014 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2015 addr, sizeof(*addr));
28424707
JH		 2016unlock:
2017 hci_dev_unlock(hdev);
28424707
JH		 2018 return err;
2019}
2020
bdb6d971 2021static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2022 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2023 u16 hci_op, __le32 passkey)
a5c29683 2024{
a5c29683 2025 struct pending_cmd *cmd;
0df4c185 2026 struct hci_conn *conn;
a5c29683
JH		 2027 int err;
2028
09fd0de5 2029 hci_dev_lock(hdev);
08ba5382 2030
4b34ee78 2031 if (!hdev_is_powered(hdev)) {
bdb6d971 2032 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2033 MGMT_STATUS_NOT_POWERED);
0df4c185 2034 goto done;
a5c29683
JH		 2035 }
2036
591f47f3 2037 if (type == BDADDR_BREDR)
272d90df
JH		 2038 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2039 else
47c15e2b 2040 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2041
2042 if (!conn) {
bdb6d971 2043 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2044 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2045 goto done;
2046 }
47c15e2b 2047
591f47f3 2048 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2049 /* Continue with pairing via SMP */
5fe57d9e
BG		 2050 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2051
2052 if (!err)
bdb6d971 2053 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2054 MGMT_STATUS_SUCCESS);
5fe57d9e 2055 else
bdb6d971 2056 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2057 MGMT_STATUS_FAILED);
47c15e2b 2058
47c15e2b
BG		 2059 goto done;
2060 }
2061
0df4c185 2062 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2063 if (!cmd) {
2064 err = -ENOMEM;
0df4c185 2065 goto done;
a5c29683
JH		 2066 }
2067
0df4c185 2068 /* Continue with pairing via HCI */
604086b7
BG		 2069 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2070 struct hci_cp_user_passkey_reply cp;
2071
2072 bacpy(&cp.bdaddr, bdaddr);
2073 cp.passkey = passkey;
2074 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2075 } else
2076 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2077
a664b5bc
JH		 2078 if (err < 0)
2079 mgmt_pending_remove(cmd);
a5c29683 2080
0df4c185 2081done:
09fd0de5 2082 hci_dev_unlock(hdev);
a5c29683
JH		 2083 return err;
2084}
2085
04124681
GP		 2086static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2087 u16 len)
0df4c185 2088{
650f726d 2089 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2090
2091 BT_DBG("");
2092
2093 if (len != sizeof(*cp))
bdb6d971 2094 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2095 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2096
bdb6d971 2097 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2098 MGMT_OP_USER_CONFIRM_REPLY,
2099 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2100}
2101
bdb6d971 2102static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2103 void *data, u16 len)
0df4c185 2104{
c9c2659f 2105 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2106
2107 BT_DBG("");
2108
bdb6d971 2109 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2110 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2111 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2112}
2113
04124681
GP		 2114static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2115 u16 len)
604086b7 2116{
650f726d 2117 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2118
2119 BT_DBG("");
2120
bdb6d971 2121 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2122 MGMT_OP_USER_PASSKEY_REPLY,
2123 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2124}
2125
bdb6d971 2126static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2127 void *data, u16 len)
604086b7 2128{
650f726d 2129 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2130
2131 BT_DBG("");
2132
bdb6d971 2133 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2134 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2135 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2136}
2137
2b4bf397
JH		 2138static int update_name(struct hci_dev *hdev, const char *name)
2139{
2140 struct hci_cp_write_local_name cp;
2141
2142 memcpy(cp.name, name, sizeof(cp.name));
2143
2144 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2145}
2146
bdb6d971 2147static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2148 u16 len)
b312b161 2149{
2b4bf397 2150 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2151 struct pending_cmd *cmd;
2152 int err;
2153
2154 BT_DBG("");
2155
09fd0de5 2156 hci_dev_lock(hdev);
b312b161 2157
2b4bf397 2158 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2159
b5235a65 2160 if (!hdev_is_powered(hdev)) {
2b4bf397 2161 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2162
2163 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2164 data, len);
28cc7bde
JH		 2165 if (err < 0)
2166 goto failed;
2167
2168 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2169 sk);
28cc7bde 2170
b5235a65
JH		 2171 goto failed;
2172 }
2173
28cc7bde 2174 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2175 if (!cmd) {
2176 err = -ENOMEM;
2177 goto failed;
2178 }
2179
2b4bf397 2180 err = update_name(hdev, cp->name);
b312b161
JH		 2181 if (err < 0)
2182 mgmt_pending_remove(cmd);
2183
2184failed:
09fd0de5 2185 hci_dev_unlock(hdev);
b312b161
JH		 2186 return err;
2187}
2188
0f4e68cf 2189static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2190 void *data, u16 data_len)
c35938b2 2191{
c35938b2
SJ		 2192 struct pending_cmd *cmd;
2193 int err;
2194
bdb6d971 2195 BT_DBG("%s", hdev->name);
c35938b2 2196
09fd0de5 2197 hci_dev_lock(hdev);
c35938b2 2198
4b34ee78 2199 if (!hdev_is_powered(hdev)) {
bdb6d971 2200 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2201 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2202 goto unlock;
2203 }
2204
2205 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
bdb6d971 2206 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2207 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2208 goto unlock;
2209 }
2210
2e58ef3e 2211 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2212 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2213 MGMT_STATUS_BUSY);
c35938b2
SJ		 2214 goto unlock;
2215 }
2216
2e58ef3e 2217 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2218 if (!cmd) {
2219 err = -ENOMEM;
2220 goto unlock;
2221 }
2222
2223 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2224 if (err < 0)
2225 mgmt_pending_remove(cmd);
2226
2227unlock:
09fd0de5 2228 hci_dev_unlock(hdev);
c35938b2
SJ		 2229 return err;
2230}
2231
bdb6d971 2232static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2233 void *data, u16 len)
2763eda6 2234{
650f726d 2235 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2236 u8 status;
2763eda6
SJ		 2237 int err;
2238
bdb6d971 2239 BT_DBG("%s ", hdev->name);
2763eda6 2240
09fd0de5 2241 hci_dev_lock(hdev);
2763eda6 2242
5f97c1df 2243 if (!hdev_is_powered(hdev)) {
bdb6d971 2244 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA,
04124681
GP		 2245 MGMT_STATUS_NOT_POWERED, &cp->addr,
2246 sizeof(cp->addr));
5f97c1df
JH		 2247 goto unlock;
2248 }
2249
664ce4cc 2250 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2251 cp->randomizer);
2763eda6 2252 if (err < 0)
bf1e3541 2253 status = MGMT_STATUS_FAILED;
2763eda6 2254 else
bf1e3541
JH		 2255 status = 0;
2256
bdb6d971 2257 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2258 &cp->addr, sizeof(cp->addr));
2763eda6 2259
5f97c1df 2260unlock:
09fd0de5 2261 hci_dev_unlock(hdev);
2763eda6
SJ		 2262 return err;
2263}
2264
bdb6d971 2265static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2266 void *data, u16 len)
2763eda6 2267{
650f726d 2268 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2269 u8 status;
2763eda6
SJ		 2270 int err;
2271
bdb6d971 2272 BT_DBG("%s", hdev->name);
2763eda6 2273
09fd0de5 2274 hci_dev_lock(hdev);
2763eda6 2275
5f97c1df 2276 if (!hdev_is_powered(hdev)) {
bdb6d971 2277 err = cmd_complete(sk, hdev->id,
04124681
GP		 2278 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2279 MGMT_STATUS_NOT_POWERED, &cp->addr,
2280 sizeof(cp->addr));
5f97c1df
JH		 2281 goto unlock;
2282 }
2283
664ce4cc 2284 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2285 if (err < 0)
bf1e3541 2286 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2287 else
bf1e3541
JH		 2288 status = 0;
2289
bdb6d971 2290 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2291 status, &cp->addr, sizeof(cp->addr));
2763eda6 2292
5f97c1df 2293unlock:
09fd0de5 2294 hci_dev_unlock(hdev);
2763eda6
SJ		 2295 return err;
2296}
2297
5e0452c0
AG		 2298int mgmt_interleaved_discovery(struct hci_dev *hdev)
2299{
2300 int err;
2301
2302 BT_DBG("%s", hdev->name);
2303
2304 hci_dev_lock(hdev);
2305
2306 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2307 if (err < 0)
2308 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2309
2310 hci_dev_unlock(hdev);
2311
2312 return err;
2313}
2314
bdb6d971 2315static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2316 void *data, u16 len)
14a53664 2317{
650f726d 2318 struct mgmt_cp_start_discovery *cp = data;
14a53664 2319 struct pending_cmd *cmd;
14a53664
JH		 2320 int err;
2321
bdb6d971 2322 BT_DBG("%s", hdev->name);
14a53664 2323
09fd0de5 2324 hci_dev_lock(hdev);
14a53664 2325
4b34ee78 2326 if (!hdev_is_powered(hdev)) {
bdb6d971 2327 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2328 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2329 goto failed;
2330 }
2331
642be6c7
AG		 2332 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2333 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2334 MGMT_STATUS_BUSY);
2335 goto failed;
2336 }
2337
ff9ef578 2338 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2339 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2340 MGMT_STATUS_BUSY);
ff9ef578
JH		 2341 goto failed;
2342 }
2343
2e58ef3e 2344 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2345 if (!cmd) {
2346 err = -ENOMEM;
2347 goto failed;
2348 }
2349
4aab14e5
AG		 2350 hdev->discovery.type = cp->type;
2351
2352 switch (hdev->discovery.type) {
f39799f5 2353 case DISCOV_TYPE_BREDR:
8b90129c
AG		 2354 if (lmp_bredr_capable(hdev))
2355 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2356 else
2357 err = -ENOTSUPP;
f39799f5
AG		 2358 break;
2359
2360 case DISCOV_TYPE_LE:
8b90129c
AG		 2361 if (lmp_host_le_capable(hdev))
2362 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681 2363 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
8b90129c
AG		 2364 else
2365 err = -ENOTSUPP;
f39799f5
AG		 2366 break;
2367
5e0452c0 2368 case DISCOV_TYPE_INTERLEAVED:
426c189a
AG		 2369 if (lmp_host_le_capable(hdev) && lmp_bredr_capable(hdev))
2370 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681
GP		 2371 LE_SCAN_WIN,
2372 LE_SCAN_TIMEOUT_BREDR_LE);
426c189a
AG		 2373 else
2374 err = -ENOTSUPP;
5e0452c0
AG		 2375 break;
2376
f39799f5 2377 default:
3fd24153 2378 err = -EINVAL;
f39799f5 2379 }
3fd24153 2380
14a53664
JH		 2381 if (err < 0)
2382 mgmt_pending_remove(cmd);
ff9ef578
JH		 2383 else
2384 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2385
2386failed:
09fd0de5 2387 hci_dev_unlock(hdev);
14a53664
JH		 2388 return err;
2389}
2390
bdb6d971 2391static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2392 u16 len)
14a53664 2393{
d930650b 2394 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2395 struct pending_cmd *cmd;
30dc78e1
JH		 2396 struct hci_cp_remote_name_req_cancel cp;
2397 struct inquiry_entry *e;
14a53664
JH		 2398 int err;
2399
bdb6d971 2400 BT_DBG("%s", hdev->name);
14a53664 2401
09fd0de5 2402 hci_dev_lock(hdev);
14a53664 2403
30dc78e1 2404 if (!hci_discovery_active(hdev)) {
bdb6d971 2405 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2406 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2407 sizeof(mgmt_cp->type));
d930650b
JH		 2408 goto unlock;
2409 }
2410
2411 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2412 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2413 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2414 sizeof(mgmt_cp->type));
30dc78e1 2415 goto unlock;
ff9ef578
JH		 2416 }
2417
2e58ef3e 2418 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2419 if (!cmd) {
2420 err = -ENOMEM;
30dc78e1
JH		 2421 goto unlock;
2422 }
2423
e0d9727e
AG		 2424 switch (hdev->discovery.state) {
2425 case DISCOVERY_FINDING:
c9ecc48e
AG		 2426 if (test_bit(HCI_INQUIRY, &hdev->flags))
2427 err = hci_cancel_inquiry(hdev);
2428 else
2429 err = hci_cancel_le_scan(hdev);
2430
e0d9727e
AG		 2431 break;
2432
2433 case DISCOVERY_RESOLVING:
2434 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2435 NAME_PENDING);
e0d9727e 2436 if (!e) {
30dc78e1 2437 mgmt_pending_remove(cmd);
e0d9727e
AG		 2438 err = cmd_complete(sk, hdev->id,
2439 MGMT_OP_STOP_DISCOVERY, 0,
2440 &mgmt_cp->type,
2441 sizeof(mgmt_cp->type));
2442 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2443 goto unlock;
2444 }
30dc78e1 2445
e0d9727e
AG		 2446 bacpy(&cp.bdaddr, &e->data.bdaddr);
2447 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2448 sizeof(cp), &cp);
2449
2450 break;
2451
2452 default:
2453 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2454 err = -EFAULT;
14a53664
JH		 2455 }
2456
14a53664
JH		 2457 if (err < 0)
2458 mgmt_pending_remove(cmd);
ff9ef578
JH		 2459 else
2460 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2461
30dc78e1 2462unlock:
09fd0de5 2463 hci_dev_unlock(hdev);
14a53664
JH		 2464 return err;
2465}
2466
bdb6d971 2467static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2468 u16 len)
561aafbc 2469{
650f726d 2470 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2471 struct inquiry_entry *e;
561aafbc
JH		 2472 int err;
2473
bdb6d971 2474 BT_DBG("%s", hdev->name);
561aafbc 2475
561aafbc
JH		 2476 hci_dev_lock(hdev);
2477
30dc78e1 2478 if (!hci_discovery_active(hdev)) {
bdb6d971 2479 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2480 MGMT_STATUS_FAILED);
30dc78e1
JH		 2481 goto failed;
2482 }
2483
a198e7b1 2484 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2485 if (!e) {
bdb6d971 2486 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2487 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2488 goto failed;
2489 }
2490
2491 if (cp->name_known) {
2492 e->name_state = NAME_KNOWN;
2493 list_del(&e->list);
2494 } else {
2495 e->name_state = NAME_NEEDED;
a3d4e20a 2496 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2497 }
2498
2499 err = 0;
2500
2501failed:
2502 hci_dev_unlock(hdev);
561aafbc
JH		 2503 return err;
2504}
2505
bdb6d971 2506static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2507 u16 len)
7fbec224 2508{
650f726d 2509 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2510 u8 status;
7fbec224
AJ		 2511 int err;
2512
bdb6d971 2513 BT_DBG("%s", hdev->name);
7fbec224 2514
09fd0de5 2515 hci_dev_lock(hdev);
5e762444 2516
88c1fe4b 2517 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2518 if (err < 0)
f0eeea8b 2519 status = MGMT_STATUS_FAILED;
7fbec224 2520 else
f0eeea8b
JH		 2521 status = 0;
2522
bdb6d971 2523 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2524 &cp->addr, sizeof(cp->addr));
5e762444 2525
09fd0de5 2526 hci_dev_unlock(hdev);
7fbec224
AJ		 2527
2528 return err;
2529}
2530
bdb6d971 2531static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2532 u16 len)
7fbec224 2533{
650f726d 2534 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2535 u8 status;
7fbec224
AJ		 2536 int err;
2537
bdb6d971 2538 BT_DBG("%s", hdev->name);
7fbec224 2539
09fd0de5 2540 hci_dev_lock(hdev);
5e762444 2541
88c1fe4b 2542 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2543 if (err < 0)
f0eeea8b 2544 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2545 else
f0eeea8b
JH		 2546 status = 0;
2547
bdb6d971 2548 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2549 &cp->addr, sizeof(cp->addr));
5e762444 2550
09fd0de5 2551 hci_dev_unlock(hdev);
7fbec224
AJ		 2552
2553 return err;
2554}
2555
cdbaccca
MH		 2556static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2557 u16 len)
2558{
2559 struct mgmt_cp_set_device_id *cp = data;
2560 int err;
c72d4b8a 2561 __u16 source;
cdbaccca
MH		 2562
2563 BT_DBG("%s", hdev->name);
2564
c72d4b8a
SJ		 2565 source = __le16_to_cpu(cp->source);
2566
2567 if (source > 0x0002)
2568 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2569 MGMT_STATUS_INVALID_PARAMS);
2570
cdbaccca
MH		 2571 hci_dev_lock(hdev);
2572
c72d4b8a 2573 hdev->devid_source = source;
cdbaccca
MH		 2574 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2575 hdev->devid_product = __le16_to_cpu(cp->product);
2576 hdev->devid_version = __le16_to_cpu(cp->version);
2577
2578 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2579
2580 update_eir(hdev);
2581
2582 hci_dev_unlock(hdev);
2583
2584 return err;
2585}
2586
bdb6d971 2587static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2588 void *data, u16 len)
f6422ec6 2589{
650f726d 2590 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2591 struct hci_cp_write_page_scan_activity acp;
2592 u8 type;
2593 int err;
2594
bdb6d971 2595 BT_DBG("%s", hdev->name);
f6422ec6 2596
5400c044 2597 if (!hdev_is_powered(hdev))
bdb6d971 2598 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2599 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2600
2601 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2602 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2603 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2604
2605 hci_dev_lock(hdev);
2606
f7c6869c 2607 if (cp->val) {
f6422ec6 2608 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8
AE		 2609
2610 /* 22.5 msec page scan interval */
2611 acp.interval = __constant_cpu_to_le16(0x0024);
f6422ec6
AJ		 2612 } else {
2613 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2614
2615 /* default 1.28 sec page scan */
2616 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2617 }
2618
76ec9de8
AE		 2619 /* default 11.25 msec page scan window */
2620 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2621
04124681
GP		 2622 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2623 &acp);
f6422ec6 2624 if (err < 0) {
bdb6d971 2625 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2626 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2627 goto done;
2628 }
2629
2630 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2631 if (err < 0) {
bdb6d971 2632 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2633 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2634 goto done;
2635 }
2636
bdb6d971 2637 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2638 NULL, 0);
f6422ec6
AJ		 2639done:
2640 hci_dev_unlock(hdev);
f6422ec6
AJ		 2641 return err;
2642}
2643
bdb6d971 2644static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2645 void *cp_data, u16 len)
346af67b 2646{
346af67b
VCG		 2647 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2648 u16 key_count, expected_len;
2649 int i;
2650
1f350c87 2651 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2652
2653 expected_len = sizeof(*cp) + key_count *
2654 sizeof(struct mgmt_ltk_info);
2655 if (expected_len != len) {
2656 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2657 len, expected_len);
bdb6d971 2658 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2659 EINVAL);
346af67b
VCG		 2660 }
2661
bdb6d971 2662 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2663
2664 hci_dev_lock(hdev);
2665
2666 hci_smp_ltks_clear(hdev);
2667
2668 for (i = 0; i < key_count; i++) {
2669 struct mgmt_ltk_info *key = &cp->keys[i];
2670 u8 type;
2671
2672 if (key->master)
2673 type = HCI_SMP_LTK;
2674 else
2675 type = HCI_SMP_LTK_SLAVE;
2676
4596fde5 2677 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2678 bdaddr_to_le(key->addr.type),
04124681
GP		 2679 type, 0, key->authenticated, key->val,
2680 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2681 }
2682
2683 hci_dev_unlock(hdev);
346af67b
VCG		 2684
2685 return 0;
2686}
2687
2e3c35ea 2688static const struct mgmt_handler {
04124681
GP		 2689 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2690 u16 data_len);
be22b54e
JH		 2691 bool var_len;
2692 size_t data_len;
0f4e68cf
JH		 2693} mgmt_handlers[] = {
2694 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2695 { read_version, false, MGMT_READ_VERSION_SIZE },
2696 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2697 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2698 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2699 { set_powered, false, MGMT_SETTING_SIZE },
2700 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2701 { set_connectable, false, MGMT_SETTING_SIZE },
2702 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2703 { set_pairable, false, MGMT_SETTING_SIZE },
2704 { set_link_security, false, MGMT_SETTING_SIZE },
2705 { set_ssp, false, MGMT_SETTING_SIZE },
2706 { set_hs, false, MGMT_SETTING_SIZE },
2707 { set_le, false, MGMT_SETTING_SIZE },
2708 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2709 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2710 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2711 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2712 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2713 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2714 { disconnect, false, MGMT_DISCONNECT_SIZE },
2715 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2716 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2717 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2718 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2719 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2720 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2721 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2722 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2723 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2724 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2725 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2726 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2727 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2728 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2729 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2730 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2731 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2732 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2733 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2734 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2735};
2736
2737
0381101f
JH		 2738int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2739{
650f726d
VCG		 2740 void *buf;
2741 u8 *cp;
0381101f 2742 struct mgmt_hdr *hdr;
4e51eae9 2743 u16 opcode, index, len;
bdb6d971 2744 struct hci_dev *hdev = NULL;
2e3c35ea 2745 const struct mgmt_handler *handler;
0381101f
JH		 2746 int err;
2747
2748 BT_DBG("got %zu bytes", msglen);
2749
2750 if (msglen < sizeof(*hdr))
2751 return -EINVAL;
2752
e63a15ec 2753 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2754 if (!buf)
2755 return -ENOMEM;
2756
2757 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2758 err = -EFAULT;
2759 goto done;
2760 }
2761
650f726d 2762 hdr = buf;
1f350c87
MH		 2763 opcode = __le16_to_cpu(hdr->opcode);
2764 index = __le16_to_cpu(hdr->index);
2765 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2766
2767 if (len != msglen - sizeof(*hdr)) {
2768 err = -EINVAL;
2769 goto done;
2770 }
2771
0f4e68cf 2772 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2773 hdev = hci_dev_get(index);
2774 if (!hdev) {
2775 err = cmd_status(sk, index, opcode,
04124681 2776 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2777 goto done;
2778 }
2779 }
2780
0f4e68cf 2781 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2782 mgmt_handlers[opcode].func == NULL) {
0381101f 2783 BT_DBG("Unknown op %u", opcode);
ca69b795 2784 err = cmd_status(sk, index, opcode,
04124681 2785 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2786 goto done;
2787 }
2788
2789 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2790 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2791 err = cmd_status(sk, index, opcode,
04124681 2792 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2793 goto done;
0381101f
JH		 2794 }
2795
be22b54e
JH		 2796 handler = &mgmt_handlers[opcode];
2797
2798 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2799 (!handler->var_len && len != handler->data_len)) {
be22b54e 2800 err = cmd_status(sk, index, opcode,
04124681 2801 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2802 goto done;
2803 }
2804
0f4e68cf
JH		 2805 if (hdev)
2806 mgmt_init_hdev(sk, hdev);
2807
2808 cp = buf + sizeof(*hdr);
2809
be22b54e 2810 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2811 if (err < 0)
2812 goto done;
2813
0381101f
JH		 2814 err = msglen;
2815
2816done:
bdb6d971
JH		 2817 if (hdev)
2818 hci_dev_put(hdev);
2819
0381101f
JH		 2820 kfree(buf);
2821 return err;
2822}
c71e97bf 2823
b24752fe
JH		 2824static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2825{
2826 u8 *status = data;
2827
2828 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2829 mgmt_pending_remove(cmd);
2830}
2831
744cf19e 2832int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2833{
744cf19e 2834 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2835}
2836
744cf19e 2837int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2838{
5f159032 2839 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2840
744cf19e 2841 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2842
744cf19e 2843 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2844}
2845
73f22f62 2846struct cmd_lookup {
eec8d2bc 2847 struct sock *sk;
69ab39ea 2848 struct hci_dev *hdev;
90e70454 2849 u8 mgmt_status;
eec8d2bc
JH		 2850};
2851
69ab39ea 2852static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2853{
73f22f62 2854 struct cmd_lookup *match = data;
eec8d2bc 2855
69ab39ea 2856 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2857
2858 list_del(&cmd->list);
2859
2860 if (match->sk == NULL) {
2861 match->sk = cmd->sk;
2862 sock_hold(match->sk);
2863 }
2864
2865 mgmt_pending_free(cmd);
c71e97bf 2866}
5add6af8 2867
744cf19e 2868int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2869{
76a7f3a4 2870 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2871 int err;
5add6af8 2872
5e5282bb
JH		 2873 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2874 return 0;
2875
69ab39ea 2876 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2877
5e5282bb
JH		 2878 if (powered) {
2879 u8 scan = 0;
2880
2881 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2882 scan |= SCAN_PAGE;
2883 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2884 scan |= SCAN_INQUIRY;
2885
2886 if (scan)
2887 hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
504c8dcd
JH		 2888
2889 update_class(hdev);
2b4bf397 2890 update_name(hdev, hdev->dev_name);
504c8dcd 2891 update_eir(hdev);
5e5282bb 2892 } else {
d4f68526 2893 u8 status = MGMT_STATUS_NOT_POWERED;
744cf19e 2894 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2895 }
2896
beadb2bd 2897 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 2898
2899 if (match.sk)
2900 sock_put(match.sk);
2901
7bb895d6 2902 return err;
5add6af8 2903}
73f22f62 2904
744cf19e 2905int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2906{
76a7f3a4 2907 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2908 bool changed = false;
2909 int err = 0;
73f22f62 2910
5e5282bb
JH		 2911 if (discoverable) {
2912 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2913 changed = true;
2914 } else {
2915 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2916 changed = true;
2917 }
73f22f62 2918
ed9b5f2f 2919 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 2920 &match);
ed9b5f2f 2921
beadb2bd
JH		 2922 if (changed)
2923 err = new_settings(hdev, match.sk);
5e5282bb 2924
73f22f62
JH		 2925 if (match.sk)
2926 sock_put(match.sk);
2927
7bb895d6 2928 return err;
73f22f62 2929}
9fbcbb45 2930
744cf19e 2931int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2932{
76a7f3a4 2933 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2934 bool changed = false;
2935 int err = 0;
9fbcbb45 2936
5e5282bb
JH		 2937 if (connectable) {
2938 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2939 changed = true;
2940 } else {
2941 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2942 changed = true;
2943 }
9fbcbb45 2944
ed9b5f2f 2945 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 2946 &match);
ed9b5f2f 2947
beadb2bd
JH		 2948 if (changed)
2949 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 2950
2951 if (match.sk)
2952 sock_put(match.sk);
2953
7bb895d6 2954 return err;
9fbcbb45 2955}
55ed8ca1 2956
744cf19e 2957int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2958{
ca69b795
JH		 2959 u8 mgmt_err = mgmt_status(status);
2960
2d7cee58 2961 if (scan & SCAN_PAGE)
744cf19e 2962 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 2963 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2964
2965 if (scan & SCAN_INQUIRY)
744cf19e 2966 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 2967 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2968
2969 return 0;
2970}
2971
53168e5b
CC		 2972int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2973 bool persistent)
55ed8ca1 2974{
86742e1e 2975 struct mgmt_ev_new_link_key ev;
55ed8ca1 2976
a492cd52 2977 memset(&ev, 0, sizeof(ev));
55ed8ca1 2978
a492cd52 2979 ev.store_hint = persistent;
d753fdc4 2980 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 2981 ev.key.addr.type = BDADDR_BREDR;
a492cd52 2982 ev.key.type = key->type;
9b3b4460 2983 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 2984 ev.key.pin_len = key->pin_len;
55ed8ca1 2985
744cf19e 2986 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 2987}
f7520543 2988
346af67b
VCG		 2989int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
2990{
2991 struct mgmt_ev_new_long_term_key ev;
2992
2993 memset(&ev, 0, sizeof(ev));
2994
2995 ev.store_hint = persistent;
2996 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 2997 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 2998 ev.key.authenticated = key->authenticated;
2999 ev.key.enc_size = key->enc_size;
3000 ev.key.ediv = key->ediv;
3001
3002 if (key->type == HCI_SMP_LTK)
3003 ev.key.master = 1;
3004
3005 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3006 memcpy(ev.key.val, key->val, sizeof(key->val));
3007
04124681
GP		 3008 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3009 NULL);
346af67b
VCG		 3010}
3011
afc747a6 3012int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3013 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3014 u8 *dev_class)
f7520543 3015{
b644ba33
JH		 3016 char buf[512];
3017 struct mgmt_ev_device_connected *ev = (void *) buf;
3018 u16 eir_len = 0;
f7520543 3019
b644ba33 3020 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3021 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3022
c95f0ba7 3023 ev->flags = __cpu_to_le32(flags);
08c79b61 3024
b644ba33
JH		 3025 if (name_len > 0)
3026 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3027 name, name_len);
b644ba33
JH		 3028
3029 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3030 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3031 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3032
eb55ef07 3033 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3034
3035 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3036 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3037}
3038
8962ee74
JH		 3039static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3040{
c68fb7ff 3041 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3042 struct sock **sk = data;
a38528f1 3043 struct mgmt_rp_disconnect rp;
8962ee74 3044
88c3df13
JH		 3045 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3046 rp.addr.type = cp->addr.type;
8962ee74 3047
aee9b218 3048 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3049 sizeof(rp));
8962ee74
JH		 3050
3051 *sk = cmd->sk;
3052 sock_hold(*sk);
3053
a664b5bc 3054 mgmt_pending_remove(cmd);
8962ee74
JH		 3055}
3056
124f6e35 3057static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3058{
b1078ad0 3059 struct hci_dev *hdev = data;
124f6e35
JH		 3060 struct mgmt_cp_unpair_device *cp = cmd->param;
3061 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3062
3063 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3064 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3065 rp.addr.type = cp->addr.type;
a8a1d19e 3066
b1078ad0
JH		 3067 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3068
aee9b218 3069 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3070
3071 mgmt_pending_remove(cmd);
3072}
3073
afc747a6 3074int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3075 u8 link_type, u8 addr_type)
f7520543 3076{
4c659c39 3077 struct mgmt_addr_info ev;
8962ee74
JH		 3078 struct sock *sk = NULL;
3079 int err;
3080
744cf19e 3081 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3082
f7520543 3083 bacpy(&ev.bdaddr, bdaddr);
57c1477c 3084 ev.type = link_to_bdaddr(link_type, addr_type);
f7520543 3085
afc747a6 3086 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3087 sk);
8962ee74
JH		 3088
3089 if (sk)
d97dcb66 3090 sock_put(sk);
8962ee74 3091
124f6e35 3092 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3093 hdev);
a8a1d19e 3094
8962ee74
JH		 3095 return err;
3096}
3097
88c3df13 3098int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3099 u8 link_type, u8 addr_type, u8 status)
8962ee74 3100{
88c3df13 3101 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3102 struct pending_cmd *cmd;
3103 int err;
3104
2e58ef3e 3105 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3106 if (!cmd)
3107 return -ENOENT;
3108
88c3df13 3109 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3110 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3111
88c3df13 3112 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3113 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3114
a664b5bc 3115 mgmt_pending_remove(cmd);
8962ee74 3116
b1078ad0 3117 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
8ce8e2b5 3118 hdev);
8962ee74 3119 return err;
f7520543 3120}
17d5c04c 3121
48264f06 3122int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3123 u8 addr_type, u8 status)
17d5c04c
JH		 3124{
3125 struct mgmt_ev_connect_failed ev;
3126
4c659c39 3127 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3128 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3129 ev.status = mgmt_status(status);
17d5c04c 3130
744cf19e 3131 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3132}
980e1a53 3133
744cf19e 3134int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3135{
3136 struct mgmt_ev_pin_code_request ev;
3137
d8457698 3138 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3139 ev.addr.type = BDADDR_BREDR;
a770bb5a 3140 ev.secure = secure;
980e1a53 3141
744cf19e 3142 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3143 NULL);
980e1a53
JH		 3144}
3145
744cf19e 3146int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3147 u8 status)
980e1a53
JH		 3148{
3149 struct pending_cmd *cmd;
ac56fb13 3150 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3151 int err;
3152
2e58ef3e 3153 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3154 if (!cmd)
3155 return -ENOENT;
3156
d8457698 3157 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3158 rp.addr.type = BDADDR_BREDR;
ac56fb13 3159
aee9b218 3160 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3161 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3162
a664b5bc 3163 mgmt_pending_remove(cmd);
980e1a53
JH		 3164
3165 return err;
3166}
3167
744cf19e 3168int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3169 u8 status)
980e1a53
JH		 3170{
3171 struct pending_cmd *cmd;
ac56fb13 3172 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3173 int err;
3174
2e58ef3e 3175 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3176 if (!cmd)
3177 return -ENOENT;
3178
d8457698 3179 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3180 rp.addr.type = BDADDR_BREDR;
ac56fb13 3181
aee9b218 3182 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3183 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3184
a664b5bc 3185 mgmt_pending_remove(cmd);
980e1a53
JH		 3186
3187 return err;
3188}
a5c29683 3189
744cf19e 3190int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3191 u8 link_type, u8 addr_type, __le32 value,
3192 u8 confirm_hint)
a5c29683
JH		 3193{
3194 struct mgmt_ev_user_confirm_request ev;
3195
744cf19e 3196 BT_DBG("%s", hdev->name);
a5c29683 3197
272d90df 3198 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3199 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3200 ev.confirm_hint = confirm_hint;
78e8098e 3201 ev.value = value;
a5c29683 3202
744cf19e 3203 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3204 NULL);
a5c29683
JH		 3205}
3206
272d90df 3207int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3208 u8 link_type, u8 addr_type)
604086b7
BG		 3209{
3210 struct mgmt_ev_user_passkey_request ev;
3211
3212 BT_DBG("%s", hdev->name);
3213
272d90df 3214 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3215 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3216
3217 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3218 NULL);
604086b7
BG		 3219}
3220
0df4c185 3221static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3222 u8 link_type, u8 addr_type, u8 status,
3223 u8 opcode)
a5c29683
JH		 3224{
3225 struct pending_cmd *cmd;
3226 struct mgmt_rp_user_confirm_reply rp;
3227 int err;
3228
2e58ef3e 3229 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3230 if (!cmd)
3231 return -ENOENT;
3232
272d90df 3233 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3234 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3235 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3236 &rp, sizeof(rp));
a5c29683 3237
a664b5bc 3238 mgmt_pending_remove(cmd);
a5c29683
JH		 3239
3240 return err;
3241}
3242
744cf19e 3243int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3244 u8 link_type, u8 addr_type, u8 status)
a5c29683 3245{
272d90df 3246 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3247 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3248}
3249
272d90df 3250int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3251 u8 link_type, u8 addr_type, u8 status)
a5c29683 3252{
272d90df 3253 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3254 status,
3255 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3256}
2a611692 3257
604086b7 3258int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3259 u8 link_type, u8 addr_type, u8 status)
604086b7 3260{
272d90df 3261 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3262 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3263}
3264
272d90df 3265int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3266 u8 link_type, u8 addr_type, u8 status)
604086b7 3267{
272d90df 3268 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3269 status,
3270 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3271}
3272
bab73cb6 3273int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3274 u8 addr_type, u8 status)
2a611692
JH		 3275{
3276 struct mgmt_ev_auth_failed ev;
3277
bab73cb6 3278 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3279 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3280 ev.status = mgmt_status(status);
2a611692 3281
744cf19e 3282 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3283}
b312b161 3284
33ef95ed
JH		 3285int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3286{
3287 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3288 bool changed = false;
3289 int err = 0;
33ef95ed
JH		 3290
3291 if (status) {
3292 u8 mgmt_err = mgmt_status(status);
3293 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3294 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3295 return 0;
3296 }
3297
47990ea0
JH		 3298 if (test_bit(HCI_AUTH, &hdev->flags)) {
3299 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3300 changed = true;
3301 } else {
3302 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3303 changed = true;
3304 }
3305
33ef95ed 3306 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3307 &match);
33ef95ed 3308
47990ea0
JH		 3309 if (changed)
3310 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3311
3312 if (match.sk)
3313 sock_put(match.sk);
3314
3315 return err;
3316}
3317
cacaf52f
JH		 3318static int clear_eir(struct hci_dev *hdev)
3319{
3320 struct hci_cp_write_eir cp;
3321
3322 if (!(hdev->features[6] & LMP_EXT_INQ))
3323 return 0;
3324
c80da27e
JH		 3325 memset(hdev->eir, 0, sizeof(hdev->eir));
3326
cacaf52f
JH		 3327 memset(&cp, 0, sizeof(cp));
3328
3329 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3330}
3331
c0ecddc2 3332int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3333{
3334 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3335 bool changed = false;
3336 int err = 0;
ed2c4ee3
JH		 3337
3338 if (status) {
3339 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3340
3341 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3342 &hdev->dev_flags))
c0ecddc2
JH		 3343 err = new_settings(hdev, NULL);
3344
04124681
GP		 3345 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3346 &mgmt_err);
c0ecddc2
JH		 3347
3348 return err;
3349 }
3350
3351 if (enable) {
3352 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3353 changed = true;
3354 } else {
3355 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3356 changed = true;
ed2c4ee3
JH		 3357 }
3358
3359 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3360
c0ecddc2
JH		 3361 if (changed)
3362 err = new_settings(hdev, match.sk);
ed2c4ee3 3363
5fc6ebb1 3364 if (match.sk)
ed2c4ee3
JH		 3365 sock_put(match.sk);
3366
5fc6ebb1
JH		 3367 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3368 update_eir(hdev);
3369 else
3370 clear_eir(hdev);
cacaf52f 3371
ed2c4ee3
JH		 3372 return err;
3373}
3374
90e70454
JH		 3375static void class_rsp(struct pending_cmd *cmd, void *data)
3376{
3377 struct cmd_lookup *match = data;
3378
3379 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3380 match->hdev->dev_class, 3);
90e70454
JH		 3381
3382 list_del(&cmd->list);
3383
3384 if (match->sk == NULL) {
3385 match->sk = cmd->sk;
3386 sock_hold(match->sk);
3387 }
3388
3389 mgmt_pending_free(cmd);
3390}
3391
7f9a903c 3392int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3393 u8 status)
7f9a903c 3394{
90e70454
JH		 3395 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3396 int err = 0;
7f9a903c 3397
c95f0ba7
JH		 3398 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3399
90e70454
JH		 3400 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3401 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3402 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3403
3404 if (!status)
04124681
GP		 3405 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3406 3, NULL);
90e70454
JH		 3407
3408 if (match.sk)
3409 sock_put(match.sk);
7f9a903c
MH		 3410
3411 return err;
3412}
3413
744cf19e 3414int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3415{
3416 struct pending_cmd *cmd;
3417 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3418 bool changed = false;
3419 int err = 0;
3420
3421 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3422 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3423 changed = true;
3424 }
b312b161
JH		 3425
3426 memset(&ev, 0, sizeof(ev));
3427 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3428 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3429
2e58ef3e 3430 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3431 if (!cmd)
3432 goto send_event;
3433
7bdaae4a
JH		 3434 /* Always assume that either the short or the complete name has
3435 * changed if there was a pending mgmt command */
3436 changed = true;
3437
b312b161 3438 if (status) {
744cf19e 3439 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3440 mgmt_status(status));
b312b161
JH		 3441 goto failed;
3442 }
3443
aee9b218 3444 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3445 sizeof(ev));
b312b161
JH		 3446 if (err < 0)
3447 goto failed;
3448
3449send_event:
28cc7bde
JH		 3450 if (changed)
3451 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3452 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3453
f51d5b24 3454 update_eir(hdev);
b312b161
JH		 3455
3456failed:
3457 if (cmd)
3458 mgmt_pending_remove(cmd);
3459 return err;
3460}
c35938b2 3461
744cf19e 3462int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3463 u8 *randomizer, u8 status)
c35938b2
SJ		 3464{
3465 struct pending_cmd *cmd;
3466 int err;
3467
744cf19e 3468 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3469
2e58ef3e 3470 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3471 if (!cmd)
3472 return -ENOENT;
3473
3474 if (status) {
04124681
GP		 3475 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3476 mgmt_status(status));
c35938b2
SJ		 3477 } else {
3478 struct mgmt_rp_read_local_oob_data rp;
3479
3480 memcpy(rp.hash, hash, sizeof(rp.hash));
3481 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3482
744cf19e 3483 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3484 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3485 sizeof(rp));
c35938b2
SJ		 3486 }
3487
3488 mgmt_pending_remove(cmd);
3489
3490 return err;
3491}
e17acd40 3492
06199cf8
JH		 3493int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3494{
3495 struct cmd_lookup match = { NULL, hdev };
3496 bool changed = false;
3497 int err = 0;
3498
3499 if (status) {
3500 u8 mgmt_err = mgmt_status(status);
3501
3502 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3503 &hdev->dev_flags))
d97dcb66 3504 err = new_settings(hdev, NULL);
06199cf8 3505
d97dcb66
SJ		 3506 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3507 &mgmt_err);
06199cf8
JH		 3508
3509 return err;
3510 }
3511
3512 if (enable) {
3513 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3514 changed = true;
3515 } else {
3516 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3517 changed = true;
3518 }
3519
3520 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3521
3522 if (changed)
3523 err = new_settings(hdev, match.sk);
3524
3525 if (match.sk)
3526 sock_put(match.sk);
3527
3528 return err;
3529}
3530
48264f06 3531int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3532 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3533 ssp, u8 *eir, u16 eir_len)
e17acd40 3534{
e319d2e7
JH		 3535 char buf[512];
3536 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3537 size_t ev_size;
e17acd40 3538
1dc06093
JH		 3539 /* Leave 5 bytes for a potential CoD field */
3540 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3541 return -EINVAL;
3542
1dc06093
JH		 3543 memset(buf, 0, sizeof(buf));
3544
e319d2e7 3545 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3546 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3547 ev->rssi = rssi;
9a395a80 3548 if (cfm_name)
33cef264 3549 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3550 if (!ssp)
33cef264 3551 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3552
1dc06093 3553 if (eir_len > 0)
e319d2e7 3554 memcpy(ev->eir, eir, eir_len);
e17acd40 3555
1dc06093
JH		 3556 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3557 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3558 dev_class, 3);
1dc06093 3559
eb55ef07 3560 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3561 ev_size = sizeof(*ev) + eir_len;
f8523598 3562
e319d2e7 3563 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3564}
a88a9652 3565
b644ba33 3566int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3567 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3568{
b644ba33
JH		 3569 struct mgmt_ev_device_found *ev;
3570 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3571 u16 eir_len;
a88a9652 3572
b644ba33 3573 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3574
b644ba33
JH		 3575 memset(buf, 0, sizeof(buf));
3576
3577 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3578 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3579 ev->rssi = rssi;
3580
3581 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3582 name_len);
b644ba33 3583
eb55ef07 3584 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3585
053c7e0c 3586 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3587 sizeof(*ev) + eir_len, NULL);
a88a9652 3588}
314b2381 3589
7a135109 3590int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3591{
3592 struct pending_cmd *cmd;
f808e166 3593 u8 type;
164a6e78
JH		 3594 int err;
3595
203159d4
AG		 3596 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3597
2e58ef3e 3598 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3599 if (!cmd)
3600 return -ENOENT;
3601
f808e166
JH		 3602 type = hdev->discovery.type;
3603
3604 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3605 &type, sizeof(type));
164a6e78
JH		 3606 mgmt_pending_remove(cmd);
3607
3608 return err;
3609}
3610
e6d465cb
AG		 3611int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3612{
3613 struct pending_cmd *cmd;
3614 int err;
3615
3616 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3617 if (!cmd)
3618 return -ENOENT;
3619
d930650b 3620 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3621 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3622 mgmt_pending_remove(cmd);
3623
3624 return err;
3625}
3626
744cf19e 3627int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3628{
f963e8e9 3629 struct mgmt_ev_discovering ev;
164a6e78
JH		 3630 struct pending_cmd *cmd;
3631
343fb145
AG		 3632 BT_DBG("%s discovering %u", hdev->name, discovering);
3633
164a6e78 3634 if (discovering)
2e58ef3e 3635 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3636 else
2e58ef3e 3637 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3638
3639 if (cmd != NULL) {
f808e166
JH		 3640 u8 type = hdev->discovery.type;
3641
04124681
GP		 3642 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3643 sizeof(type));
164a6e78
JH		 3644 mgmt_pending_remove(cmd);
3645 }
3646
f963e8e9
JH		 3647 memset(&ev, 0, sizeof(ev));
3648 ev.type = hdev->discovery.type;
3649 ev.discovering = discovering;
3650
3651 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3652}
5e762444 3653
88c1fe4b 3654int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3655{
3656 struct pending_cmd *cmd;
3657 struct mgmt_ev_device_blocked ev;
3658
2e58ef3e 3659 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3660
88c1fe4b
JH		 3661 bacpy(&ev.addr.bdaddr, bdaddr);
3662 ev.addr.type = type;
5e762444 3663
744cf19e 3664 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3665 cmd ? cmd->sk : NULL);
5e762444
AJ		 3666}
3667
88c1fe4b 3668int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3669{
3670 struct pending_cmd *cmd;
3671 struct mgmt_ev_device_unblocked ev;
3672
2e58ef3e 3673 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3674
88c1fe4b
JH		 3675 bacpy(&ev.addr.bdaddr, bdaddr);
3676 ev.addr.type = type;
5e762444 3677
744cf19e 3678 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3679 cmd ? cmd->sk : NULL);
5e762444 3680}
d7b7e796
MH		 3681
3682module_param(enable_hs, bool, 0644);
3683MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux kernel - Deliverables
This page took 0.347923 seconds and 5 git commands to generate.