projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Reorganize set_connectable HCI command sending
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
ac4b7236
MH		 33
34#include "smp.h"
0381101f 35
2da9c55c 36#define MGMT_VERSION 1
9ab8cf37 37#define MGMT_REVISION 4
02d98129 38
e70bb2e8
JH		 39static const u16 mgmt_commands[] = {
40 MGMT_OP_READ_INDEX_LIST,
41 MGMT_OP_READ_INFO,
42 MGMT_OP_SET_POWERED,
43 MGMT_OP_SET_DISCOVERABLE,
44 MGMT_OP_SET_CONNECTABLE,
45 MGMT_OP_SET_FAST_CONNECTABLE,
46 MGMT_OP_SET_PAIRABLE,
47 MGMT_OP_SET_LINK_SECURITY,
48 MGMT_OP_SET_SSP,
49 MGMT_OP_SET_HS,
50 MGMT_OP_SET_LE,
51 MGMT_OP_SET_DEV_CLASS,
52 MGMT_OP_SET_LOCAL_NAME,
53 MGMT_OP_ADD_UUID,
54 MGMT_OP_REMOVE_UUID,
55 MGMT_OP_LOAD_LINK_KEYS,
56 MGMT_OP_LOAD_LONG_TERM_KEYS,
57 MGMT_OP_DISCONNECT,
58 MGMT_OP_GET_CONNECTIONS,
59 MGMT_OP_PIN_CODE_REPLY,
60 MGMT_OP_PIN_CODE_NEG_REPLY,
61 MGMT_OP_SET_IO_CAPABILITY,
62 MGMT_OP_PAIR_DEVICE,
63 MGMT_OP_CANCEL_PAIR_DEVICE,
64 MGMT_OP_UNPAIR_DEVICE,
65 MGMT_OP_USER_CONFIRM_REPLY,
66 MGMT_OP_USER_CONFIRM_NEG_REPLY,
67 MGMT_OP_USER_PASSKEY_REPLY,
68 MGMT_OP_USER_PASSKEY_NEG_REPLY,
69 MGMT_OP_READ_LOCAL_OOB_DATA,
70 MGMT_OP_ADD_REMOTE_OOB_DATA,
71 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
72 MGMT_OP_START_DISCOVERY,
73 MGMT_OP_STOP_DISCOVERY,
74 MGMT_OP_CONFIRM_NAME,
75 MGMT_OP_BLOCK_DEVICE,
76 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 77 MGMT_OP_SET_DEVICE_ID,
4375f103 78 MGMT_OP_SET_ADVERTISING,
0663ca2a 79 MGMT_OP_SET_BREDR,
d13eafce 80 MGMT_OP_SET_STATIC_ADDRESS,
7f72134e 81 MGMT_OP_SET_SCAN_PARAMS,
e70bb2e8
JH		 82};
83
84static const u16 mgmt_events[] = {
85 MGMT_EV_CONTROLLER_ERROR,
86 MGMT_EV_INDEX_ADDED,
87 MGMT_EV_INDEX_REMOVED,
88 MGMT_EV_NEW_SETTINGS,
89 MGMT_EV_CLASS_OF_DEV_CHANGED,
90 MGMT_EV_LOCAL_NAME_CHANGED,
91 MGMT_EV_NEW_LINK_KEY,
92 MGMT_EV_NEW_LONG_TERM_KEY,
93 MGMT_EV_DEVICE_CONNECTED,
94 MGMT_EV_DEVICE_DISCONNECTED,
95 MGMT_EV_CONNECT_FAILED,
96 MGMT_EV_PIN_CODE_REQUEST,
97 MGMT_EV_USER_CONFIRM_REQUEST,
98 MGMT_EV_USER_PASSKEY_REQUEST,
99 MGMT_EV_AUTH_FAILED,
100 MGMT_EV_DEVICE_FOUND,
101 MGMT_EV_DISCOVERING,
102 MGMT_EV_DEVICE_BLOCKED,
103 MGMT_EV_DEVICE_UNBLOCKED,
104 MGMT_EV_DEVICE_UNPAIRED,
92a25256 105 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 106};
107
17b02e62 108#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 109
4b34ee78
JH		 110#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
111 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
112
eec8d2bc
JH		 113struct pending_cmd {
114 struct list_head list;
fc2f4b13 115 u16 opcode;
eec8d2bc 116 int index;
c68fb7ff 117 void *param;
eec8d2bc 118 struct sock *sk;
e9a416b5 119 void *user_data;
eec8d2bc
JH		 120};
121
ca69b795
JH		 122/* HCI to MGMT error code conversion table */
123static u8 mgmt_status_table[] = {
124 MGMT_STATUS_SUCCESS,
125 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
126 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
127 MGMT_STATUS_FAILED, /* Hardware Failure */
128 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
129 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
130 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
131 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
132 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
133 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
134 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
135 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
136 MGMT_STATUS_BUSY, /* Command Disallowed */
137 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
138 MGMT_STATUS_REJECTED, /* Rejected Security */
139 MGMT_STATUS_REJECTED, /* Rejected Personal */
140 MGMT_STATUS_TIMEOUT, /* Host Timeout */
141 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
142 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
143 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
144 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
145 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
146 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
147 MGMT_STATUS_BUSY, /* Repeated Attempts */
148 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
149 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
150 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
151 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
152 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
153 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
154 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
155 MGMT_STATUS_FAILED, /* Unspecified Error */
156 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
157 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
158 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
159 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
160 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
161 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
162 MGMT_STATUS_FAILED, /* Unit Link Key Used */
163 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
164 MGMT_STATUS_TIMEOUT, /* Instant Passed */
165 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
166 MGMT_STATUS_FAILED, /* Transaction Collision */
167 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
168 MGMT_STATUS_REJECTED, /* QoS Rejected */
169 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
170 MGMT_STATUS_REJECTED, /* Insufficient Security */
171 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
172 MGMT_STATUS_BUSY, /* Role Switch Pending */
173 MGMT_STATUS_FAILED, /* Slot Violation */
174 MGMT_STATUS_FAILED, /* Role Switch Failed */
175 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
176 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
177 MGMT_STATUS_BUSY, /* Host Busy Pairing */
178 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
179 MGMT_STATUS_BUSY, /* Controller Busy */
180 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
181 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
182 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
183 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
184 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
185};
186
187static u8 mgmt_status(u8 hci_status)
188{
189 if (hci_status < ARRAY_SIZE(mgmt_status_table))
190 return mgmt_status_table[hci_status];
191
192 return MGMT_STATUS_FAILED;
193}
194
4e51eae9 195static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 196{
197 struct sk_buff *skb;
198 struct mgmt_hdr *hdr;
199 struct mgmt_ev_cmd_status *ev;
56b7d137 200 int err;
f7b64e69 201
34eb525c 202 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 203
790eff44 204 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 205 if (!skb)
206 return -ENOMEM;
207
208 hdr = (void *) skb_put(skb, sizeof(*hdr));
209
612dfce9 210 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 211 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 212 hdr->len = cpu_to_le16(sizeof(*ev));
213
214 ev = (void *) skb_put(skb, sizeof(*ev));
215 ev->status = status;
eb55ef07 216 ev->opcode = cpu_to_le16(cmd);
f7b64e69 217
56b7d137
GP		 218 err = sock_queue_rcv_skb(sk, skb);
219 if (err < 0)
f7b64e69
JH		 220 kfree_skb(skb);
221
56b7d137 222 return err;
f7b64e69
JH		 223}
224
aee9b218 225static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 226 void *rp, size_t rp_len)
02d98129
JH		 227{
228 struct sk_buff *skb;
229 struct mgmt_hdr *hdr;
230 struct mgmt_ev_cmd_complete *ev;
56b7d137 231 int err;
02d98129
JH		 232
233 BT_DBG("sock %p", sk);
234
790eff44 235 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 236 if (!skb)
237 return -ENOMEM;
238
239 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 240
612dfce9 241 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 242 hdr->index = cpu_to_le16(index);
a38528f1 243 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 244
a38528f1 245 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 246 ev->opcode = cpu_to_le16(cmd);
aee9b218 247 ev->status = status;
8020c16a
SJ		 248
249 if (rp)
250 memcpy(ev->data, rp, rp_len);
02d98129 251
56b7d137
GP		 252 err = sock_queue_rcv_skb(sk, skb);
253 if (err < 0)
02d98129
JH		 254 kfree_skb(skb);
255
e5f0e151 256 return err;
02d98129
JH		 257}
258
04124681
GP		 259static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
260 u16 data_len)
a38528f1
JH		 261{
262 struct mgmt_rp_read_version rp;
263
264 BT_DBG("sock %p", sk);
265
266 rp.version = MGMT_VERSION;
eb55ef07 267 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 268
aee9b218 269 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 270 sizeof(rp));
a38528f1
JH		 271}
272
04124681
GP		 273static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
274 u16 data_len)
e70bb2e8
JH		 275{
276 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 277 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
278 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 279 __le16 *opcode;
e70bb2e8
JH		 280 size_t rp_size;
281 int i, err;
282
283 BT_DBG("sock %p", sk);
284
285 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
286
287 rp = kmalloc(rp_size, GFP_KERNEL);
288 if (!rp)
289 return -ENOMEM;
290
eb55ef07
MH		 291 rp->num_commands = __constant_cpu_to_le16(num_commands);
292 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 293
294 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
295 put_unaligned_le16(mgmt_commands[i], opcode);
296
297 for (i = 0; i < num_events; i++, opcode++)
298 put_unaligned_le16(mgmt_events[i], opcode);
299
aee9b218 300 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 301 rp_size);
e70bb2e8
JH		 302 kfree(rp);
303
304 return err;
305}
306
04124681
GP		 307static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
308 u16 data_len)
faba42eb 309{
faba42eb 310 struct mgmt_rp_read_index_list *rp;
8035ded4 311 struct hci_dev *d;
a38528f1 312 size_t rp_len;
faba42eb 313 u16 count;
476e44cb 314 int err;
faba42eb
JH		 315
316 BT_DBG("sock %p", sk);
317
318 read_lock(&hci_dev_list_lock);
319
320 count = 0;
bb4b2a9a 321 list_for_each_entry(d, &hci_dev_list, list) {
1514b892
MH		 322 if (d->dev_type == HCI_BREDR)
323 count++;
faba42eb
JH		 324 }
325
a38528f1
JH		 326 rp_len = sizeof(*rp) + (2 * count);
327 rp = kmalloc(rp_len, GFP_ATOMIC);
328 if (!rp) {
b2c60d42 329 read_unlock(&hci_dev_list_lock);
faba42eb 330 return -ENOMEM;
b2c60d42 331 }
faba42eb 332
476e44cb 333 count = 0;
8035ded4 334 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 335 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 336 continue;
337
0736cfa8
MH		 338 if (test_bit(HCI_USER_CHANNEL, &d->dev_flags))
339 continue;
340
1514b892
MH		 341 if (d->dev_type == HCI_BREDR) {
342 rp->index[count++] = cpu_to_le16(d->id);
343 BT_DBG("Added hci%u", d->id);
344 }
faba42eb
JH		 345 }
346
476e44cb
JH		 347 rp->num_controllers = cpu_to_le16(count);
348 rp_len = sizeof(*rp) + (2 * count);
349
faba42eb
JH		 350 read_unlock(&hci_dev_list_lock);
351
aee9b218 352 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 353 rp_len);
faba42eb 354
a38528f1
JH		 355 kfree(rp);
356
357 return err;
faba42eb
JH		 358}
359
69ab39ea
JH		 360static u32 get_supported_settings(struct hci_dev *hdev)
361{
362 u32 settings = 0;
363
364 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 365 settings |= MGMT_SETTING_PAIRABLE;
366
ed3fa31f 367 if (lmp_bredr_capable(hdev)) {
33c525c0 368 settings |= MGMT_SETTING_CONNECTABLE;
1a47aee8
JH		 369 if (hdev->hci_ver >= BLUETOOTH_VER_1_2)
370 settings |= MGMT_SETTING_FAST_CONNECTABLE;
33c525c0 371 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 372 settings |= MGMT_SETTING_BREDR;
373 settings |= MGMT_SETTING_LINK_SECURITY;
a82974c9
MH		 374
375 if (lmp_ssp_capable(hdev)) {
376 settings |= MGMT_SETTING_SSP;
377 settings |= MGMT_SETTING_HS;
378 }
848566b3 379 }
d7b7e796 380
eeca6f89 381 if (lmp_le_capable(hdev)) {
9d42820f 382 settings |= MGMT_SETTING_LE;
eeca6f89
JH		 383 settings |= MGMT_SETTING_ADVERTISING;
384 }
69ab39ea
JH		 385
386 return settings;
387}
388
389static u32 get_current_settings(struct hci_dev *hdev)
390{
391 u32 settings = 0;
392
f1f0eb02 393 if (hdev_is_powered(hdev))
f0d4b78a
MH		 394 settings |= MGMT_SETTING_POWERED;
395
5e5282bb 396 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 397 settings |= MGMT_SETTING_CONNECTABLE;
398
1a4d3c4b
JH		 399 if (test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
400 settings |= MGMT_SETTING_FAST_CONNECTABLE;
401
5e5282bb 402 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 403 settings |= MGMT_SETTING_DISCOVERABLE;
404
a8b2d5c2 405 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 406 settings |= MGMT_SETTING_PAIRABLE;
407
56f87901 408 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 409 settings |= MGMT_SETTING_BREDR;
410
06199cf8 411 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 412 settings |= MGMT_SETTING_LE;
413
47990ea0 414 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 415 settings |= MGMT_SETTING_LINK_SECURITY;
416
84bde9d6 417 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 418 settings |= MGMT_SETTING_SSP;
419
6d80dfd0
JH		 420 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
421 settings |= MGMT_SETTING_HS;
422
f3d3444a 423 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags))
eeca6f89
JH		 424 settings |= MGMT_SETTING_ADVERTISING;
425
69ab39ea
JH		 426 return settings;
427}
428
ef580372
JH		 429#define PNP_INFO_SVCLASS_ID 0x1200
430
213202ed
JH		 431static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
432{
433 u8 *ptr = data, *uuids_start = NULL;
434 struct bt_uuid *uuid;
435
436 if (len < 4)
437 return ptr;
438
439 list_for_each_entry(uuid, &hdev->uuids, list) {
440 u16 uuid16;
441
442 if (uuid->size != 16)
443 continue;
444
445 uuid16 = get_unaligned_le16(&uuid->uuid[12]);
446 if (uuid16 < 0x1100)
447 continue;
448
449 if (uuid16 == PNP_INFO_SVCLASS_ID)
450 continue;
451
452 if (!uuids_start) {
453 uuids_start = ptr;
454 uuids_start[0] = 1;
455 uuids_start[1] = EIR_UUID16_ALL;
456 ptr += 2;
457 }
458
459 /* Stop if not enough space to put next UUID */
460 if ((ptr - data) + sizeof(u16) > len) {
461 uuids_start[1] = EIR_UUID16_SOME;
462 break;
463 }
464
465 *ptr++ = (uuid16 & 0x00ff);
466 *ptr++ = (uuid16 & 0xff00) >> 8;
467 uuids_start[0] += sizeof(uuid16);
468 }
469
470 return ptr;
471}
472
cdf1963f
JH		 473static u8 *create_uuid32_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
474{
475 u8 *ptr = data, *uuids_start = NULL;
476 struct bt_uuid *uuid;
477
478 if (len < 6)
479 return ptr;
480
481 list_for_each_entry(uuid, &hdev->uuids, list) {
482 if (uuid->size != 32)
483 continue;
484
485 if (!uuids_start) {
486 uuids_start = ptr;
487 uuids_start[0] = 1;
488 uuids_start[1] = EIR_UUID32_ALL;
489 ptr += 2;
490 }
491
492 /* Stop if not enough space to put next UUID */
493 if ((ptr - data) + sizeof(u32) > len) {
494 uuids_start[1] = EIR_UUID32_SOME;
495 break;
496 }
497
498 memcpy(ptr, &uuid->uuid[12], sizeof(u32));
499 ptr += sizeof(u32);
500 uuids_start[0] += sizeof(u32);
501 }
502
503 return ptr;
504}
505
c00d575b
JH		 506static u8 *create_uuid128_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
507{
508 u8 *ptr = data, *uuids_start = NULL;
509 struct bt_uuid *uuid;
510
511 if (len < 18)
512 return ptr;
513
514 list_for_each_entry(uuid, &hdev->uuids, list) {
515 if (uuid->size != 128)
516 continue;
517
518 if (!uuids_start) {
519 uuids_start = ptr;
520 uuids_start[0] = 1;
521 uuids_start[1] = EIR_UUID128_ALL;
522 ptr += 2;
523 }
524
525 /* Stop if not enough space to put next UUID */
526 if ((ptr - data) + 16 > len) {
527 uuids_start[1] = EIR_UUID128_SOME;
528 break;
529 }
530
531 memcpy(ptr, uuid->uuid, 16);
532 ptr += 16;
533 uuids_start[0] += 16;
534 }
535
536 return ptr;
537}
538
ef580372
JH		 539static void create_eir(struct hci_dev *hdev, u8 *data)
540{
541 u8 *ptr = data;
ef580372
JH		 542 size_t name_len;
543
544 name_len = strlen(hdev->dev_name);
545
546 if (name_len > 0) {
547 /* EIR Data type */
548 if (name_len > 48) {
549 name_len = 48;
550 ptr[1] = EIR_NAME_SHORT;
551 } else
552 ptr[1] = EIR_NAME_COMPLETE;
553
554 /* EIR Data length */
555 ptr[0] = name_len + 1;
556
557 memcpy(ptr + 2, hdev->dev_name, name_len);
558
ef580372
JH		 559 ptr += (name_len + 2);
560 }
561
bbaf444a 562 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 563 ptr[0] = 2;
564 ptr[1] = EIR_TX_POWER;
565 ptr[2] = (u8) hdev->inq_tx_power;
566
91c4e9b1
MH		 567 ptr += 3;
568 }
569
2b9be137
MH		 570 if (hdev->devid_source > 0) {
571 ptr[0] = 9;
572 ptr[1] = EIR_DEVICE_ID;
573
574 put_unaligned_le16(hdev->devid_source, ptr + 2);
575 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
576 put_unaligned_le16(hdev->devid_product, ptr + 6);
577 put_unaligned_le16(hdev->devid_version, ptr + 8);
578
2b9be137
MH		 579 ptr += 10;
580 }
581
213202ed 582 ptr = create_uuid16_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
cdf1963f 583 ptr = create_uuid32_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
c00d575b 584 ptr = create_uuid128_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data));
ef580372
JH		 585}
586
890ea898 587static void update_eir(struct hci_request *req)
ef580372 588{
890ea898 589 struct hci_dev *hdev = req->hdev;
ef580372
JH		 590 struct hci_cp_write_eir cp;
591
504c8dcd 592 if (!hdev_is_powered(hdev))
890ea898 593 return;
7770c4aa 594
976eb20e 595 if (!lmp_ext_inq_capable(hdev))
890ea898 596 return;
ef580372 597
84bde9d6 598 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 599 return;
ef580372 600
a8b2d5c2 601 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 602 return;
ef580372
JH		 603
604 memset(&cp, 0, sizeof(cp));
605
606 create_eir(hdev, cp.data);
607
608 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
890ea898 609 return;
ef580372
JH		 610
611 memcpy(hdev->eir, cp.data, sizeof(cp.data));
612
890ea898 613 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
ef580372
JH		 614}
615
616static u8 get_service_classes(struct hci_dev *hdev)
617{
618 struct bt_uuid *uuid;
619 u8 val = 0;
620
621 list_for_each_entry(uuid, &hdev->uuids, list)
622 val |= uuid->svc_hint;
623
624 return val;
625}
626
890ea898 627static void update_class(struct hci_request *req)
ef580372 628{
890ea898 629 struct hci_dev *hdev = req->hdev;
ef580372
JH		 630 u8 cod[3];
631
632 BT_DBG("%s", hdev->name);
633
504c8dcd 634 if (!hdev_is_powered(hdev))
890ea898 635 return;
7770c4aa 636
a8b2d5c2 637 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
890ea898 638 return;
ef580372
JH		 639
640 cod[0] = hdev->minor_class;
641 cod[1] = hdev->major_class;
642 cod[2] = get_service_classes(hdev);
643
644 if (memcmp(cod, hdev->dev_class, 3) == 0)
890ea898 645 return;
ef580372 646
890ea898 647 hci_req_add(req, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
ef580372
JH		 648}
649
7d78525d
JH		 650static void service_cache_off(struct work_struct *work)
651{
652 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 653 service_cache.work);
890ea898 654 struct hci_request req;
7d78525d 655
a8b2d5c2 656 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 657 return;
658
890ea898
JH		 659 hci_req_init(&req, hdev);
660
7d78525d
JH		 661 hci_dev_lock(hdev);
662
890ea898
JH		 663 update_eir(&req);
664 update_class(&req);
7d78525d
JH		 665
666 hci_dev_unlock(hdev);
890ea898
JH		 667
668 hci_req_run(&req, NULL);
7d78525d
JH		 669}
670
6a919082 671static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 672{
4f87da80 673 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 674 return;
675
4f87da80 676 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 677
4f87da80
JH		 678 /* Non-mgmt controlled devices get this bit set
679 * implicitly so that pairing works for them, however
680 * for mgmt we require user-space to explicitly enable
681 * it
682 */
683 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 684}
685
0f4e68cf 686static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 687 void *data, u16 data_len)
0381101f 688{
a38528f1 689 struct mgmt_rp_read_info rp;
f7b64e69 690
bdb6d971 691 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 692
09fd0de5 693 hci_dev_lock(hdev);
f7b64e69 694
dc4fe30b
JH		 695 memset(&rp, 0, sizeof(rp));
696
69ab39ea 697 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 698
69ab39ea 699 rp.version = hdev->hci_ver;
eb55ef07 700 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 701
702 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
703 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 704
a38528f1 705 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 706
dc4fe30b 707 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 708 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 709
09fd0de5 710 hci_dev_unlock(hdev);
0381101f 711
bdb6d971 712 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 713 sizeof(rp));
0381101f
JH		 714}
715
eec8d2bc
JH		 716static void mgmt_pending_free(struct pending_cmd *cmd)
717{
718 sock_put(cmd->sk);
c68fb7ff 719 kfree(cmd->param);
eec8d2bc
JH		 720 kfree(cmd);
721}
722
366a0336 723static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 724 struct hci_dev *hdev, void *data,
725 u16 len)
eec8d2bc
JH		 726{
727 struct pending_cmd *cmd;
728
12b94565 729 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 730 if (!cmd)
366a0336 731 return NULL;
eec8d2bc
JH		 732
733 cmd->opcode = opcode;
2e58ef3e 734 cmd->index = hdev->id;
eec8d2bc 735
12b94565 736 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 737 if (!cmd->param) {
eec8d2bc 738 kfree(cmd);
366a0336 739 return NULL;
eec8d2bc
JH		 740 }
741
8fce6357
SJ		 742 if (data)
743 memcpy(cmd->param, data, len);
eec8d2bc
JH		 744
745 cmd->sk = sk;
746 sock_hold(sk);
747
2e58ef3e 748 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 749
366a0336 750 return cmd;
eec8d2bc
JH		 751}
752
744cf19e 753static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 754 void (*cb)(struct pending_cmd *cmd,
755 void *data),
04124681 756 void *data)
eec8d2bc 757{
a3d09356 758 struct pending_cmd *cmd, *tmp;
eec8d2bc 759
a3d09356 760 list_for_each_entry_safe(cmd, tmp, &hdev->mgmt_pending, list) {
b24752fe 761 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 762 continue;
763
eec8d2bc
JH		 764 cb(cmd, data);
765 }
766}
767
2e58ef3e 768static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 769{
8035ded4 770 struct pending_cmd *cmd;
eec8d2bc 771
2e58ef3e 772 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 773 if (cmd->opcode == opcode)
774 return cmd;
eec8d2bc
JH		 775 }
776
777 return NULL;
778}
779
a664b5bc 780static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 781{
73f22f62
JH		 782 list_del(&cmd->list);
783 mgmt_pending_free(cmd);
784}
785
69ab39ea 786static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 787{
69ab39ea 788 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 789
aee9b218 790 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 791 sizeof(settings));
8680570b
JH		 792}
793
bdb6d971 794static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 795 u16 len)
eec8d2bc 796{
650f726d 797 struct mgmt_mode *cp = data;
366a0336 798 struct pending_cmd *cmd;
4b34ee78 799 int err;
eec8d2bc 800
bdb6d971 801 BT_DBG("request for %s", hdev->name);
eec8d2bc 802
a7e80f25
JH		 803 if (cp->val != 0x00 && cp->val != 0x01)
804 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
805 MGMT_STATUS_INVALID_PARAMS);
806
09fd0de5 807 hci_dev_lock(hdev);
eec8d2bc 808
87b95ba6
JH		 809 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
810 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
811 MGMT_STATUS_BUSY);
812 goto failed;
813 }
814
f0d4b78a
MH		 815 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
816 cancel_delayed_work(&hdev->power_off);
817
818 if (cp->val) {
a1d70450
JH		 819 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
820 data, len);
821 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 822 goto failed;
823 }
824 }
825
4b34ee78 826 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 827 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 828 goto failed;
829 }
830
2e58ef3e 831 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 832 if (!cmd) {
833 err = -ENOMEM;
eec8d2bc 834 goto failed;
366a0336 835 }
eec8d2bc 836
72a734ec 837 if (cp->val)
19202573 838 queue_work(hdev->req_workqueue, &hdev->power_on);
eec8d2bc 839 else
19202573 840 queue_work(hdev->req_workqueue, &hdev->power_off.work);
eec8d2bc 841
366a0336 842 err = 0;
eec8d2bc
JH		 843
844failed:
09fd0de5 845 hci_dev_unlock(hdev);
366a0336 846 return err;
eec8d2bc
JH		 847}
848
04124681
GP		 849static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
850 struct sock *skip_sk)
beadb2bd
JH		 851{
852 struct sk_buff *skb;
853 struct mgmt_hdr *hdr;
854
790eff44 855 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 856 if (!skb)
857 return -ENOMEM;
858
859 hdr = (void *) skb_put(skb, sizeof(*hdr));
860 hdr->opcode = cpu_to_le16(event);
861 if (hdev)
862 hdr->index = cpu_to_le16(hdev->id);
863 else
612dfce9 864 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 865 hdr->len = cpu_to_le16(data_len);
866
867 if (data)
868 memcpy(skb_put(skb, data_len), data, data_len);
869
97e0bdeb
MH		 870 /* Time stamp */
871 __net_timestamp(skb);
872
beadb2bd
JH		 873 hci_send_to_control(skb, skip_sk);
874 kfree_skb(skb);
875
876 return 0;
877}
878
879static int new_settings(struct hci_dev *hdev, struct sock *skip)
880{
881 __le32 ev;
882
883 ev = cpu_to_le32(get_current_settings(hdev));
884
885 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
886}
887
bd99abdd
JH		 888struct cmd_lookup {
889 struct sock *sk;
890 struct hci_dev *hdev;
891 u8 mgmt_status;
892};
893
894static void settings_rsp(struct pending_cmd *cmd, void *data)
895{
896 struct cmd_lookup *match = data;
897
898 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
899
900 list_del(&cmd->list);
901
902 if (match->sk == NULL) {
903 match->sk = cmd->sk;
904 sock_hold(match->sk);
905 }
906
907 mgmt_pending_free(cmd);
908}
909
910static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
911{
912 u8 *status = data;
913
914 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
915 mgmt_pending_remove(cmd);
916}
917
e6fe7986
JH		 918static u8 mgmt_bredr_support(struct hci_dev *hdev)
919{
920 if (!lmp_bredr_capable(hdev))
921 return MGMT_STATUS_NOT_SUPPORTED;
922 else if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
923 return MGMT_STATUS_REJECTED;
924 else
925 return MGMT_STATUS_SUCCESS;
926}
927
928static u8 mgmt_le_support(struct hci_dev *hdev)
929{
930 if (!lmp_le_capable(hdev))
931 return MGMT_STATUS_NOT_SUPPORTED;
932 else if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
933 return MGMT_STATUS_REJECTED;
934 else
935 return MGMT_STATUS_SUCCESS;
936}
937
bdb6d971 938static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 939 u16 len)
73f22f62 940{
650f726d 941 struct mgmt_cp_set_discoverable *cp = data;
366a0336 942 struct pending_cmd *cmd;
5e5282bb 943 u16 timeout;
e6fe7986 944 u8 scan, status;
73f22f62
JH		 945 int err;
946
bdb6d971 947 BT_DBG("request for %s", hdev->name);
73f22f62 948
e6fe7986
JH		 949 status = mgmt_bredr_support(hdev);
950 if (status)
33c525c0 951 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
e6fe7986 952 status);
33c525c0 953
a7e80f25
JH		 954 if (cp->val != 0x00 && cp->val != 0x01)
955 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
956 MGMT_STATUS_INVALID_PARAMS);
957
1f350c87 958 timeout = __le16_to_cpu(cp->timeout);
24c54a90 959 if (!cp->val && timeout > 0)
bdb6d971 960 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 961 MGMT_STATUS_INVALID_PARAMS);
73f22f62 962
09fd0de5 963 hci_dev_lock(hdev);
73f22f62 964
5e5282bb 965 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 966 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 967 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 968 goto failed;
969 }
970
2e58ef3e 971 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 972 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 973 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 974 MGMT_STATUS_BUSY);
73f22f62
JH		 975 goto failed;
976 }
977
5e5282bb 978 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 979 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 980 MGMT_STATUS_REJECTED);
5e5282bb
JH		 981 goto failed;
982 }
983
984 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 985 bool changed = false;
986
987 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
988 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
989 changed = true;
990 }
991
5e5282bb 992 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 993 if (err < 0)
994 goto failed;
995
996 if (changed)
997 err = new_settings(hdev, sk);
998
5e5282bb
JH		 999 goto failed;
1000 }
1001
1002 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 1003 if (hdev->discov_timeout > 0) {
1004 cancel_delayed_work(&hdev->discov_off);
1005 hdev->discov_timeout = 0;
1006 }
1007
1008 if (cp->val && timeout > 0) {
1009 hdev->discov_timeout = timeout;
1010 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
1011 msecs_to_jiffies(hdev->discov_timeout * 1000));
1012 }
1013
69ab39ea 1014 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 1015 goto failed;
1016 }
1017
2e58ef3e 1018 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 1019 if (!cmd) {
1020 err = -ENOMEM;
73f22f62 1021 goto failed;
366a0336 1022 }
73f22f62
JH		 1023
1024 scan = SCAN_PAGE;
1025
72a734ec 1026 if (cp->val)
73f22f62 1027 scan |= SCAN_INQUIRY;
16ab91ab 1028 else
e0f9309f 1029 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 1030
1031 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1032 if (err < 0)
a664b5bc 1033 mgmt_pending_remove(cmd);
73f22f62 1034
16ab91ab 1035 if (cp->val)
5e5282bb 1036 hdev->discov_timeout = timeout;
16ab91ab 1037
73f22f62 1038failed:
09fd0de5 1039 hci_dev_unlock(hdev);
73f22f62
JH		 1040 return err;
1041}
1042
406d7804
JH		 1043static void write_fast_connectable(struct hci_request *req, bool enable)
1044{
bd98b996 1045 struct hci_dev *hdev = req->hdev;
406d7804
JH		 1046 struct hci_cp_write_page_scan_activity acp;
1047 u8 type;
1048
4c01f8b8
JH		 1049 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
1050 return;
1051
406d7804
JH		 1052 if (enable) {
1053 type = PAGE_SCAN_TYPE_INTERLACED;
1054
1055 /* 160 msec page scan interval */
1056 acp.interval = __constant_cpu_to_le16(0x0100);
1057 } else {
1058 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1059
1060 /* default 1.28 sec page scan */
1061 acp.interval = __constant_cpu_to_le16(0x0800);
1062 }
1063
1064 acp.window = __constant_cpu_to_le16(0x0012);
1065
bd98b996
JH		 1066 if (__cpu_to_le16(hdev->page_scan_interval) != acp.interval ||
1067 __cpu_to_le16(hdev->page_scan_window) != acp.window)
1068 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1069 sizeof(acp), &acp);
1070
1071 if (hdev->page_scan_type != type)
1072 hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
406d7804
JH		 1073}
1074
2b76f453
JH		 1075static void set_connectable_complete(struct hci_dev *hdev, u8 status)
1076{
1077 struct pending_cmd *cmd;
1078
1079 BT_DBG("status 0x%02x", status);
1080
1081 hci_dev_lock(hdev);
1082
1083 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
1084 if (!cmd)
1085 goto unlock;
1086
1087 send_settings_rsp(cmd->sk, MGMT_OP_SET_CONNECTABLE, hdev);
1088
1089 mgmt_pending_remove(cmd);
1090
1091unlock:
1092 hci_dev_unlock(hdev);
1093}
1094
bdb6d971 1095static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1096 u16 len)
9fbcbb45 1097{
650f726d 1098 struct mgmt_mode *cp = data;
366a0336 1099 struct pending_cmd *cmd;
2b76f453 1100 struct hci_request req;
e6fe7986 1101 u8 scan, status;
9fbcbb45
JH		 1102 int err;
1103
bdb6d971 1104 BT_DBG("request for %s", hdev->name);
9fbcbb45 1105
e6fe7986
JH		 1106 status = mgmt_bredr_support(hdev);
1107 if (status)
33c525c0 1108 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
e6fe7986 1109 status);
33c525c0 1110
a7e80f25
JH		 1111 if (cp->val != 0x00 && cp->val != 0x01)
1112 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
1113 MGMT_STATUS_INVALID_PARAMS);
1114
09fd0de5 1115 hci_dev_lock(hdev);
9fbcbb45 1116
4b34ee78 1117 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 1118 bool changed = false;
1119
1120 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
1121 changed = true;
1122
6bf0e469 1123 if (cp->val) {
5e5282bb 1124 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 1125 } else {
5e5282bb
JH		 1126 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
1127 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1128 }
0224d2fa 1129
5e5282bb 1130 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1131 if (err < 0)
1132 goto failed;
1133
1134 if (changed)
1135 err = new_settings(hdev, sk);
1136
9fbcbb45
JH		 1137 goto failed;
1138 }
1139
2e58ef3e 1140 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1141 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1142 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1143 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1144 goto failed;
1145 }
1146
2e58ef3e 1147 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1148 if (!cmd) {
1149 err = -ENOMEM;
9fbcbb45 1150 goto failed;
366a0336 1151 }
9fbcbb45 1152
9b74246f 1153 hci_req_init(&req, hdev);
9fbcbb45 1154
9b74246f
JH		 1155 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) &&
1156 cp->val != test_bit(HCI_PSCAN, &hdev->flags)) {
df2c6c5e 1157
9b74246f
JH		 1158 if (cp->val) {
1159 scan = SCAN_PAGE;
1160 } else {
1161 scan = 0;
1162
1163 if (test_bit(HCI_ISCAN, &hdev->flags) &&
1164 hdev->discov_timeout > 0)
1165 cancel_delayed_work(&hdev->discov_off);
1166 }
2b76f453 1167
9b74246f
JH		 1168 hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1169 }
2b76f453 1170
4c01f8b8
JH		 1171 /* If we're going from non-connectable to connectable or
1172 * vice-versa when fast connectable is enabled ensure that fast
1173 * connectable gets disabled. write_fast_connectable won't do
1174 * anything if the page scan parameters are already what they
1175 * should be.
1176 */
1177 if (cp->val || test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags))
e36a3769
JH		 1178 write_fast_connectable(&req, false);
1179
2b76f453 1180 err = hci_req_run(&req, set_connectable_complete);
9b74246f 1181 if (err < 0) {
a664b5bc 1182 mgmt_pending_remove(cmd);
9b74246f
JH		 1183 if (err == -ENODATA)
1184 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE,
1185 hdev);
1186 goto failed;
1187 }
9fbcbb45
JH		 1188
1189failed:
09fd0de5 1190 hci_dev_unlock(hdev);
9fbcbb45
JH		 1191 return err;
1192}
1193
bdb6d971 1194static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1195 u16 len)
c542a06c 1196{
650f726d 1197 struct mgmt_mode *cp = data;
55594356 1198 bool changed;
c542a06c
JH		 1199 int err;
1200
bdb6d971 1201 BT_DBG("request for %s", hdev->name);
c542a06c 1202
a7e80f25
JH		 1203 if (cp->val != 0x00 && cp->val != 0x01)
1204 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1205 MGMT_STATUS_INVALID_PARAMS);
1206
09fd0de5 1207 hci_dev_lock(hdev);
c542a06c
JH		 1208
1209 if (cp->val)
55594356 1210 changed = !test_and_set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1211 else
55594356 1212 changed = test_and_clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1213
69ab39ea 1214 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c 1215 if (err < 0)
55594356 1216 goto unlock;
c542a06c 1217
55594356
MH		 1218 if (changed)
1219 err = new_settings(hdev, sk);
c542a06c 1220
55594356 1221unlock:
09fd0de5 1222 hci_dev_unlock(hdev);
c542a06c
JH		 1223 return err;
1224}
1225
04124681
GP		 1226static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1227 u16 len)
33ef95ed
JH		 1228{
1229 struct mgmt_mode *cp = data;
1230 struct pending_cmd *cmd;
e6fe7986 1231 u8 val, status;
33ef95ed
JH		 1232 int err;
1233
bdb6d971 1234 BT_DBG("request for %s", hdev->name);
33ef95ed 1235
e6fe7986
JH		 1236 status = mgmt_bredr_support(hdev);
1237 if (status)
33c525c0 1238 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
e6fe7986 1239 status);
33c525c0 1240
a7e80f25
JH		 1241 if (cp->val != 0x00 && cp->val != 0x01)
1242 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1243 MGMT_STATUS_INVALID_PARAMS);
1244
33ef95ed
JH		 1245 hci_dev_lock(hdev);
1246
4b34ee78 1247 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1248 bool changed = false;
1249
1250 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1251 &hdev->dev_flags)) {
47990ea0
JH		 1252 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1253 changed = true;
1254 }
1255
1256 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1257 if (err < 0)
1258 goto failed;
1259
1260 if (changed)
1261 err = new_settings(hdev, sk);
1262
33ef95ed
JH		 1263 goto failed;
1264 }
1265
1266 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1267 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1268 MGMT_STATUS_BUSY);
33ef95ed
JH		 1269 goto failed;
1270 }
1271
1272 val = !!cp->val;
1273
1274 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1275 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1276 goto failed;
1277 }
1278
1279 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1280 if (!cmd) {
1281 err = -ENOMEM;
1282 goto failed;
1283 }
1284
1285 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1286 if (err < 0) {
1287 mgmt_pending_remove(cmd);
1288 goto failed;
1289 }
1290
1291failed:
1292 hci_dev_unlock(hdev);
33ef95ed
JH		 1293 return err;
1294}
1295
bdb6d971 1296static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1297{
1298 struct mgmt_mode *cp = data;
1299 struct pending_cmd *cmd;
72ef0c1a 1300 u8 status;
ed2c4ee3
JH		 1301 int err;
1302
bdb6d971 1303 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1304
cdba5281
MH		 1305 status = mgmt_bredr_support(hdev);
1306 if (status)
1307 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, status);
1308
13ecd8b6
JH		 1309 if (!lmp_ssp_capable(hdev))
1310 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1311 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1312
a7e80f25
JH		 1313 if (cp->val != 0x00 && cp->val != 0x01)
1314 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1315 MGMT_STATUS_INVALID_PARAMS);
1316
13ecd8b6 1317 hci_dev_lock(hdev);
6c8f12c1 1318
4b34ee78 1319 if (!hdev_is_powered(hdev)) {
9ecb3e24 1320 bool changed;
c0ecddc2 1321
9ecb3e24
MH		 1322 if (cp->val) {
1323 changed = !test_and_set_bit(HCI_SSP_ENABLED,
1324 &hdev->dev_flags);
1325 } else {
1326 changed = test_and_clear_bit(HCI_SSP_ENABLED,
1327 &hdev->dev_flags);
1328 if (!changed)
1329 changed = test_and_clear_bit(HCI_HS_ENABLED,
1330 &hdev->dev_flags);
1331 else
1332 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
c0ecddc2
JH		 1333 }
1334
1335 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1336 if (err < 0)
1337 goto failed;
1338
1339 if (changed)
1340 err = new_settings(hdev, sk);
1341
ed2c4ee3
JH		 1342 goto failed;
1343 }
1344
9ecb3e24
MH		 1345 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev) ||
1346 mgmt_pending_find(MGMT_OP_SET_HS, hdev)) {
d97dcb66
SJ		 1347 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1348 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1349 goto failed;
1350 }
1351
72ef0c1a 1352 if (!!cp->val == test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
ed2c4ee3
JH		 1353 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1354 goto failed;
1355 }
1356
1357 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1358 if (!cmd) {
1359 err = -ENOMEM;
1360 goto failed;
1361 }
1362
72ef0c1a 1363 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &cp->val);
ed2c4ee3
JH		 1364 if (err < 0) {
1365 mgmt_pending_remove(cmd);
1366 goto failed;
1367 }
1368
1369failed:
1370 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1371 return err;
1372}
1373
bdb6d971 1374static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1375{
1376 struct mgmt_mode *cp = data;
ee392693 1377 bool changed;
e6fe7986 1378 u8 status;
ee392693 1379 int err;
6d80dfd0 1380
bdb6d971 1381 BT_DBG("request for %s", hdev->name);
6d80dfd0 1382
e6fe7986
JH		 1383 status = mgmt_bredr_support(hdev);
1384 if (status)
1385 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, status);
6d80dfd0 1386
9ecb3e24
MH		 1387 if (!lmp_ssp_capable(hdev))
1388 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1389 MGMT_STATUS_NOT_SUPPORTED);
1390
1391 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
1392 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1393 MGMT_STATUS_REJECTED);
1394
a7e80f25
JH		 1395 if (cp->val != 0x00 && cp->val != 0x01)
1396 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1397 MGMT_STATUS_INVALID_PARAMS);
1398
ee392693
MH		 1399 hci_dev_lock(hdev);
1400
a0cdf960 1401 if (cp->val) {
ee392693 1402 changed = !test_and_set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
a0cdf960
MH		 1403 } else {
1404 if (hdev_is_powered(hdev)) {
1405 err = cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1406 MGMT_STATUS_REJECTED);
1407 goto unlock;
1408 }
1409
ee392693 1410 changed = test_and_clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
a0cdf960 1411 }
ee392693
MH		 1412
1413 err = send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
1414 if (err < 0)
1415 goto unlock;
1416
1417 if (changed)
1418 err = new_settings(hdev, sk);
6d80dfd0 1419
ee392693
MH		 1420unlock:
1421 hci_dev_unlock(hdev);
1422 return err;
6d80dfd0
JH		 1423}
1424
bba3aa55
MH		 1425static void enable_advertising(struct hci_request *req)
1426{
b4faf300
MH		 1427 struct hci_dev *hdev = req->hdev;
1428 struct hci_cp_le_set_adv_param cp;
1429 u8 enable = 0x01;
1430
1431 memset(&cp, 0, sizeof(cp));
1432 cp.min_interval = __constant_cpu_to_le16(0x0800);
1433 cp.max_interval = __constant_cpu_to_le16(0x0800);
1434 cp.type = LE_ADV_IND;
1435 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
1436 cp.own_address_type = ADDR_LE_DEV_PUBLIC;
1437 else
1438 cp.own_address_type = ADDR_LE_DEV_RANDOM;
1439 cp.channel_map = 0x07;
1440
1441 hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp);
bba3aa55 1442
b4faf300 1443 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
bba3aa55
MH		 1444}
1445
1446static void disable_advertising(struct hci_request *req)
1447{
b4faf300 1448 u8 enable = 0x00;
bba3aa55 1449
b4faf300 1450 hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable);
bba3aa55
MH		 1451}
1452
416a4ae5
JH		 1453static void le_enable_complete(struct hci_dev *hdev, u8 status)
1454{
1455 struct cmd_lookup match = { NULL, hdev };
1456
1457 if (status) {
1458 u8 mgmt_err = mgmt_status(status);
1459
1460 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
1461 &mgmt_err);
1462 return;
1463 }
1464
1465 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
1466
1467 new_settings(hdev, match.sk);
1468
1469 if (match.sk)
1470 sock_put(match.sk);
1471}
1472
bdb6d971 1473static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1474{
1475 struct mgmt_mode *cp = data;
1476 struct hci_cp_write_le_host_supported hci_cp;
1477 struct pending_cmd *cmd;
416a4ae5 1478 struct hci_request req;
06199cf8 1479 int err;
0b60eba1 1480 u8 val, enabled;
06199cf8 1481
bdb6d971 1482 BT_DBG("request for %s", hdev->name);
06199cf8 1483
13ecd8b6
JH		 1484 if (!lmp_le_capable(hdev))
1485 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1486 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1487
a7e80f25
JH		 1488 if (cp->val != 0x00 && cp->val != 0x01)
1489 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1490 MGMT_STATUS_INVALID_PARAMS);
1491
c73eee91 1492 /* LE-only devices do not allow toggling LE on/off */
56f87901 1493 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
c73eee91
JH		 1494 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1495 MGMT_STATUS_REJECTED);
1496
13ecd8b6 1497 hci_dev_lock(hdev);
06199cf8
JH		 1498
1499 val = !!cp->val;
ffa88e02 1500 enabled = lmp_host_le_capable(hdev);
06199cf8 1501
0b60eba1 1502 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1503 bool changed = false;
1504
1505 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1506 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1507 changed = true;
1508 }
1509
f3d3444a
JH		 1510 if (!val && test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
1511 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
eeca6f89
JH		 1512 changed = true;
1513 }
1514
06199cf8
JH		 1515 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1516 if (err < 0)
1de028ce 1517 goto unlock;
06199cf8
JH		 1518
1519 if (changed)
1520 err = new_settings(hdev, sk);
1521
1de028ce 1522 goto unlock;
06199cf8
JH		 1523 }
1524
4375f103
JH		 1525 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev) ||
1526 mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev)) {
bdb6d971 1527 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1528 MGMT_STATUS_BUSY);
1de028ce 1529 goto unlock;
06199cf8
JH		 1530 }
1531
1532 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1533 if (!cmd) {
1534 err = -ENOMEM;
1de028ce 1535 goto unlock;
06199cf8
JH		 1536 }
1537
1538 memset(&hci_cp, 0, sizeof(hci_cp));
1539
1540 if (val) {
1541 hci_cp.le = val;
ffa88e02 1542 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1543 }
1544
416a4ae5
JH		 1545 hci_req_init(&req, hdev);
1546
bba3aa55
MH		 1547 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags) && !val)
1548 disable_advertising(&req);
eeca6f89 1549
416a4ae5
JH		 1550 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1551 &hci_cp);
1552
1553 err = hci_req_run(&req, le_enable_complete);
0c01bc48 1554 if (err < 0)
06199cf8 1555 mgmt_pending_remove(cmd);
06199cf8 1556
1de028ce
JH		 1557unlock:
1558 hci_dev_unlock(hdev);
06199cf8
JH		 1559 return err;
1560}
1561
0cab9c80
JH		 1562/* This is a helper function to test for pending mgmt commands that can
1563 * cause CoD or EIR HCI commands. We can only allow one such pending
1564 * mgmt command at a time since otherwise we cannot easily track what
1565 * the current values are, will be, and based on that calculate if a new
1566 * HCI command needs to be sent and if yes with what value.
1567 */
1568static bool pending_eir_or_class(struct hci_dev *hdev)
1569{
1570 struct pending_cmd *cmd;
1571
1572 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1573 switch (cmd->opcode) {
1574 case MGMT_OP_ADD_UUID:
1575 case MGMT_OP_REMOVE_UUID:
1576 case MGMT_OP_SET_DEV_CLASS:
1577 case MGMT_OP_SET_POWERED:
1578 return true;
1579 }
1580 }
1581
1582 return false;
1583}
1584
83be8eca
JH		 1585static const u8 bluetooth_base_uuid[] = {
1586 0xfb, 0x34, 0x9b, 0x5f, 0x80, 0x00, 0x00, 0x80,
1587 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1588};
1589
1590static u8 get_uuid_size(const u8 *uuid)
1591{
1592 u32 val;
1593
1594 if (memcmp(uuid, bluetooth_base_uuid, 12))
1595 return 128;
1596
1597 val = get_unaligned_le32(&uuid[12]);
1598 if (val > 0xffff)
1599 return 32;
1600
1601 return 16;
1602}
1603
92da6097
JH		 1604static void mgmt_class_complete(struct hci_dev *hdev, u16 mgmt_op, u8 status)
1605{
1606 struct pending_cmd *cmd;
1607
1608 hci_dev_lock(hdev);
1609
1610 cmd = mgmt_pending_find(mgmt_op, hdev);
1611 if (!cmd)
1612 goto unlock;
1613
1614 cmd_complete(cmd->sk, cmd->index, cmd->opcode, mgmt_status(status),
1615 hdev->dev_class, 3);
1616
1617 mgmt_pending_remove(cmd);
1618
1619unlock:
1620 hci_dev_unlock(hdev);
1621}
1622
1623static void add_uuid_complete(struct hci_dev *hdev, u8 status)
1624{
1625 BT_DBG("status 0x%02x", status);
1626
1627 mgmt_class_complete(hdev, MGMT_OP_ADD_UUID, status);
1628}
1629
bdb6d971 1630static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1631{
650f726d 1632 struct mgmt_cp_add_uuid *cp = data;
90e70454 1633 struct pending_cmd *cmd;
890ea898 1634 struct hci_request req;
2aeb9a1a 1635 struct bt_uuid *uuid;
2aeb9a1a
JH		 1636 int err;
1637
bdb6d971 1638 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1639
09fd0de5 1640 hci_dev_lock(hdev);
2aeb9a1a 1641
0cab9c80 1642 if (pending_eir_or_class(hdev)) {
bdb6d971 1643 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1644 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1645 goto failed;
1646 }
1647
92c4c204 1648 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1649 if (!uuid) {
1650 err = -ENOMEM;
1651 goto failed;
1652 }
1653
1654 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1655 uuid->svc_hint = cp->svc_hint;
83be8eca 1656 uuid->size = get_uuid_size(cp->uuid);
2aeb9a1a 1657
de66aa63 1658 list_add_tail(&uuid->list, &hdev->uuids);
2aeb9a1a 1659
890ea898 1660 hci_req_init(&req, hdev);
1aff6f09 1661
890ea898
JH		 1662 update_class(&req);
1663 update_eir(&req);
1664
92da6097
JH		 1665 err = hci_req_run(&req, add_uuid_complete);
1666 if (err < 0) {
1667 if (err != -ENODATA)
1668 goto failed;
80a1e1db 1669
bdb6d971 1670 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1671 hdev->dev_class, 3);
90e70454
JH		 1672 goto failed;
1673 }
1674
1675 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
890ea898 1676 if (!cmd) {
90e70454 1677 err = -ENOMEM;
890ea898
JH		 1678 goto failed;
1679 }
1680
1681 err = 0;
2aeb9a1a
JH		 1682
1683failed:
09fd0de5 1684 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1685 return err;
1686}
1687
24b78d0f
JH		 1688static bool enable_service_cache(struct hci_dev *hdev)
1689{
1690 if (!hdev_is_powered(hdev))
1691 return false;
1692
1693 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
46818ed5
JH		 1694 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1695 CACHE_TIMEOUT);
24b78d0f
JH		 1696 return true;
1697 }
1698
1699 return false;
1700}
1701
92da6097
JH		 1702static void remove_uuid_complete(struct hci_dev *hdev, u8 status)
1703{
1704 BT_DBG("status 0x%02x", status);
1705
1706 mgmt_class_complete(hdev, MGMT_OP_REMOVE_UUID, status);
1707}
1708
bdb6d971 1709static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1710 u16 len)
2aeb9a1a 1711{
650f726d 1712 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1713 struct pending_cmd *cmd;
056341c8 1714 struct bt_uuid *match, *tmp;
2aeb9a1a 1715 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
890ea898 1716 struct hci_request req;
2aeb9a1a
JH		 1717 int err, found;
1718
bdb6d971 1719 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1720
09fd0de5 1721 hci_dev_lock(hdev);
2aeb9a1a 1722
0cab9c80 1723 if (pending_eir_or_class(hdev)) {
bdb6d971 1724 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1725 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1726 goto unlock;
1727 }
1728
2aeb9a1a
JH		 1729 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1730 err = hci_uuids_clear(hdev);
4004b6d9 1731
24b78d0f 1732 if (enable_service_cache(hdev)) {
bdb6d971 1733 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1734 0, hdev->dev_class, 3);
24b78d0f
JH		 1735 goto unlock;
1736 }
4004b6d9 1737
9246a869 1738 goto update_class;
2aeb9a1a
JH		 1739 }
1740
1741 found = 0;
1742
056341c8 1743 list_for_each_entry_safe(match, tmp, &hdev->uuids, list) {
2aeb9a1a
JH		 1744 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1745 continue;
1746
1747 list_del(&match->list);
482049f7 1748 kfree(match);
2aeb9a1a
JH		 1749 found++;
1750 }
1751
1752 if (found == 0) {
bdb6d971 1753 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1754 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1755 goto unlock;
1756 }
1757
9246a869 1758update_class:
890ea898 1759 hci_req_init(&req, hdev);
1aff6f09 1760
890ea898
JH		 1761 update_class(&req);
1762 update_eir(&req);
1763
92da6097
JH		 1764 err = hci_req_run(&req, remove_uuid_complete);
1765 if (err < 0) {
1766 if (err != -ENODATA)
1767 goto unlock;
80a1e1db 1768
bdb6d971 1769 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1770 hdev->dev_class, 3);
90e70454
JH		 1771 goto unlock;
1772 }
1773
1774 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
890ea898 1775 if (!cmd) {
90e70454 1776 err = -ENOMEM;
890ea898
JH		 1777 goto unlock;
1778 }
1779
1780 err = 0;
2aeb9a1a
JH		 1781
1782unlock:
09fd0de5 1783 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1784 return err;
1785}
1786
92da6097
JH		 1787static void set_class_complete(struct hci_dev *hdev, u8 status)
1788{
1789 BT_DBG("status 0x%02x", status);
1790
1791 mgmt_class_complete(hdev, MGMT_OP_SET_DEV_CLASS, status);
1792}
1793
bdb6d971 1794static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1795 u16 len)
1aff6f09 1796{
650f726d 1797 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1798 struct pending_cmd *cmd;
890ea898 1799 struct hci_request req;
1aff6f09
JH		 1800 int err;
1801
bdb6d971 1802 BT_DBG("request for %s", hdev->name);
1aff6f09 1803
6203fc98 1804 if (!lmp_bredr_capable(hdev))
13ecd8b6
JH		 1805 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1806 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1807
0cab9c80 1808 hci_dev_lock(hdev);
ee98f473 1809
0cab9c80
JH		 1810 if (pending_eir_or_class(hdev)) {
1811 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1812 MGMT_STATUS_BUSY);
1813 goto unlock;
1814 }
c95f0ba7 1815
0cab9c80
JH		 1816 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0) {
1817 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1818 MGMT_STATUS_INVALID_PARAMS);
1819 goto unlock;
1820 }
575b3a02 1821
932f5ff5
JH		 1822 hdev->major_class = cp->major;
1823 hdev->minor_class = cp->minor;
1824
b5235a65 1825 if (!hdev_is_powered(hdev)) {
bdb6d971 1826 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1827 hdev->dev_class, 3);
b5235a65
JH		 1828 goto unlock;
1829 }
1830
890ea898
JH		 1831 hci_req_init(&req, hdev);
1832
a8b2d5c2 1833 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1834 hci_dev_unlock(hdev);
1835 cancel_delayed_work_sync(&hdev->service_cache);
1836 hci_dev_lock(hdev);
890ea898 1837 update_eir(&req);
7d78525d 1838 }
14c0b608 1839
890ea898
JH		 1840 update_class(&req);
1841
92da6097
JH		 1842 err = hci_req_run(&req, set_class_complete);
1843 if (err < 0) {
1844 if (err != -ENODATA)
1845 goto unlock;
1aff6f09 1846
bdb6d971 1847 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1848 hdev->dev_class, 3);
90e70454
JH		 1849 goto unlock;
1850 }
1851
1852 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
890ea898 1853 if (!cmd) {
90e70454 1854 err = -ENOMEM;
890ea898
JH		 1855 goto unlock;
1856 }
1857
1858 err = 0;
1aff6f09 1859
b5235a65 1860unlock:
09fd0de5 1861 hci_dev_unlock(hdev);
1aff6f09
JH		 1862 return err;
1863}
1864
bdb6d971 1865static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1866 u16 len)
55ed8ca1 1867{
650f726d 1868 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1869 u16 key_count, expected_len;
a492cd52 1870 int i;
55ed8ca1 1871
9060d5cf
MH		 1872 BT_DBG("request for %s", hdev->name);
1873
1874 if (!lmp_bredr_capable(hdev))
1875 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1876 MGMT_STATUS_NOT_SUPPORTED);
1877
1f350c87 1878 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1879
86742e1e
JH		 1880 expected_len = sizeof(*cp) + key_count *
1881 sizeof(struct mgmt_link_key_info);
a492cd52 1882 if (expected_len != len) {
86742e1e 1883 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1884 len, expected_len);
bdb6d971 1885 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1886 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1887 }
1888
4ae14301
JH		 1889 if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01)
1890 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1891 MGMT_STATUS_INVALID_PARAMS);
1892
bdb6d971 1893 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1894 key_count);
55ed8ca1 1895
4ee71b20
JH		 1896 for (i = 0; i < key_count; i++) {
1897 struct mgmt_link_key_info *key = &cp->keys[i];
1898
1899 if (key->addr.type != BDADDR_BREDR)
1900 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
1901 MGMT_STATUS_INVALID_PARAMS);
1902 }
1903
09fd0de5 1904 hci_dev_lock(hdev);
55ed8ca1
JH		 1905
1906 hci_link_keys_clear(hdev);
1907
55ed8ca1 1908 if (cp->debug_keys)
a8b2d5c2 1909 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1910 else
a8b2d5c2 1911 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1912
a492cd52 1913 for (i = 0; i < key_count; i++) {
86742e1e 1914 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1915
d753fdc4 1916 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1917 key->type, key->pin_len);
55ed8ca1
JH		 1918 }
1919
bdb6d971 1920 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1921
09fd0de5 1922 hci_dev_unlock(hdev);
55ed8ca1 1923
a492cd52 1924 return 0;
55ed8ca1
JH		 1925}
1926
b1078ad0 1927static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1928 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1929{
1930 struct mgmt_ev_device_unpaired ev;
1931
1932 bacpy(&ev.addr.bdaddr, bdaddr);
1933 ev.addr.type = addr_type;
1934
1935 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1936 skip_sk);
b1078ad0
JH		 1937}
1938
bdb6d971 1939static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1940 u16 len)
55ed8ca1 1941{
124f6e35
JH		 1942 struct mgmt_cp_unpair_device *cp = data;
1943 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1944 struct hci_cp_disconnect dc;
1945 struct pending_cmd *cmd;
55ed8ca1 1946 struct hci_conn *conn;
55ed8ca1
JH		 1947 int err;
1948
a8a1d19e 1949 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1950 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1951 rp.addr.type = cp->addr.type;
a8a1d19e 1952
4ee71b20
JH		 1953 if (!bdaddr_type_is_valid(cp->addr.type))
1954 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1955 MGMT_STATUS_INVALID_PARAMS,
1956 &rp, sizeof(rp));
1957
118da70b
JH		 1958 if (cp->disconnect != 0x00 && cp->disconnect != 0x01)
1959 return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
1960 MGMT_STATUS_INVALID_PARAMS,
1961 &rp, sizeof(rp));
1962
4ee71b20
JH		 1963 hci_dev_lock(hdev);
1964
86a8cfc6 1965 if (!hdev_is_powered(hdev)) {
bdb6d971 1966 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1967 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1968 goto unlock;
1969 }
1970
591f47f3 1971 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1972 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1973 else
1974 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1975
55ed8ca1 1976 if (err < 0) {
bdb6d971 1977 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1978 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1979 goto unlock;
1980 }
1981
86a8cfc6 1982 if (cp->disconnect) {
591f47f3 1983 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1984 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1985 &cp->addr.bdaddr);
86a8cfc6
JH		 1986 else
1987 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1988 &cp->addr.bdaddr);
86a8cfc6
JH		 1989 } else {
1990 conn = NULL;
1991 }
124f6e35 1992
a8a1d19e 1993 if (!conn) {
bdb6d971 1994 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1995 &rp, sizeof(rp));
b1078ad0 1996 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1997 goto unlock;
1998 }
55ed8ca1 1999
124f6e35 2000 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 2001 sizeof(*cp));
a8a1d19e
JH		 2002 if (!cmd) {
2003 err = -ENOMEM;
2004 goto unlock;
55ed8ca1
JH		 2005 }
2006
eb55ef07 2007 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 2008 dc.reason = 0x13; /* Remote User Terminated Connection */
2009 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
2010 if (err < 0)
2011 mgmt_pending_remove(cmd);
2012
55ed8ca1 2013unlock:
09fd0de5 2014 hci_dev_unlock(hdev);
55ed8ca1
JH		 2015 return err;
2016}
2017
bdb6d971 2018static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2019 u16 len)
8962ee74 2020{
650f726d 2021 struct mgmt_cp_disconnect *cp = data;
06a63b19 2022 struct mgmt_rp_disconnect rp;
8962ee74 2023 struct hci_cp_disconnect dc;
366a0336 2024 struct pending_cmd *cmd;
8962ee74 2025 struct hci_conn *conn;
8962ee74
JH		 2026 int err;
2027
2028 BT_DBG("");
2029
06a63b19
JH		 2030 memset(&rp, 0, sizeof(rp));
2031 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2032 rp.addr.type = cp->addr.type;
2033
4ee71b20 2034 if (!bdaddr_type_is_valid(cp->addr.type))
06a63b19
JH		 2035 return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2036 MGMT_STATUS_INVALID_PARAMS,
2037 &rp, sizeof(rp));
4ee71b20 2038
09fd0de5 2039 hci_dev_lock(hdev);
8962ee74
JH		 2040
2041 if (!test_bit(HCI_UP, &hdev->flags)) {
06a63b19
JH		 2042 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2043 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
8962ee74
JH		 2044 goto failed;
2045 }
2046
2e58ef3e 2047 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
06a63b19
JH		 2048 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2049 MGMT_STATUS_BUSY, &rp, sizeof(rp));
8962ee74
JH		 2050 goto failed;
2051 }
2052
591f47f3 2053 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 2054 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
2055 &cp->addr.bdaddr);
88c3df13
JH		 2056 else
2057 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 2058
f960727e 2059 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
06a63b19
JH		 2060 err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT,
2061 MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp));
8962ee74
JH		 2062 goto failed;
2063 }
2064
2e58ef3e 2065 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 2066 if (!cmd) {
2067 err = -ENOMEM;
8962ee74 2068 goto failed;
366a0336 2069 }
8962ee74 2070
eb55ef07 2071 dc.handle = cpu_to_le16(conn->handle);
3701f944 2072 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 2073
2074 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
2075 if (err < 0)
a664b5bc 2076 mgmt_pending_remove(cmd);
8962ee74
JH		 2077
2078failed:
09fd0de5 2079 hci_dev_unlock(hdev);
8962ee74
JH		 2080 return err;
2081}
2082
57c1477c 2083static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 2084{
2085 switch (link_type) {
2086 case LE_LINK:
48264f06
JH		 2087 switch (addr_type) {
2088 case ADDR_LE_DEV_PUBLIC:
591f47f3 2089 return BDADDR_LE_PUBLIC;
0ed09148 2090
48264f06 2091 default:
0ed09148 2092 /* Fallback to LE Random address type */
591f47f3 2093 return BDADDR_LE_RANDOM;
48264f06 2094 }
0ed09148 2095
4c659c39 2096 default:
0ed09148 2097 /* Fallback to BR/EDR type */
591f47f3 2098 return BDADDR_BREDR;
4c659c39
JH		 2099 }
2100}
2101
04124681
GP		 2102static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
2103 u16 data_len)
2784eb41 2104{
2784eb41 2105 struct mgmt_rp_get_connections *rp;
8035ded4 2106 struct hci_conn *c;
a38528f1 2107 size_t rp_len;
60fc5fb6
JH		 2108 int err;
2109 u16 i;
2784eb41
JH		 2110
2111 BT_DBG("");
2112
09fd0de5 2113 hci_dev_lock(hdev);
2784eb41 2114
5f97c1df 2115 if (!hdev_is_powered(hdev)) {
bdb6d971 2116 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 2117 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2118 goto unlock;
2119 }
2120
60fc5fb6 2121 i = 0;
b644ba33
JH		 2122 list_for_each_entry(c, &hdev->conn_hash.list, list) {
2123 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 2124 i++;
2784eb41
JH		 2125 }
2126
60fc5fb6 2127 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 2128 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 2129 if (!rp) {
2784eb41
JH		 2130 err = -ENOMEM;
2131 goto unlock;
2132 }
2133
2784eb41 2134 i = 0;
4c659c39 2135 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 2136 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
2137 continue;
4c659c39 2138 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 2139 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 2140 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 2141 continue;
2142 i++;
2143 }
2144
eb55ef07 2145 rp->conn_count = cpu_to_le16(i);
60fc5fb6 2146
4c659c39
JH		 2147 /* Recalculate length in case of filtered SCO connections, etc */
2148 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 2149
bdb6d971 2150 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 2151 rp_len);
2784eb41 2152
a38528f1 2153 kfree(rp);
5f97c1df
JH		 2154
2155unlock:
09fd0de5 2156 hci_dev_unlock(hdev);
2784eb41
JH		 2157 return err;
2158}
2159
bdb6d971 2160static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2161 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 2162{
2163 struct pending_cmd *cmd;
2164 int err;
2165
2e58ef3e 2166 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 2167 sizeof(*cp));
96d97a67
WR		 2168 if (!cmd)
2169 return -ENOMEM;
2170
d8457698 2171 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 2172 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 2173 if (err < 0)
2174 mgmt_pending_remove(cmd);
2175
2176 return err;
2177}
2178
bdb6d971 2179static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2180 u16 len)
980e1a53 2181{
96d97a67 2182 struct hci_conn *conn;
650f726d 2183 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 2184 struct hci_cp_pin_code_reply reply;
366a0336 2185 struct pending_cmd *cmd;
980e1a53
JH		 2186 int err;
2187
2188 BT_DBG("");
2189
09fd0de5 2190 hci_dev_lock(hdev);
980e1a53 2191
4b34ee78 2192 if (!hdev_is_powered(hdev)) {
bdb6d971 2193 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2194 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 2195 goto failed;
2196 }
2197
d8457698 2198 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 2199 if (!conn) {
bdb6d971 2200 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2201 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 2202 goto failed;
2203 }
2204
2205 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 2206 struct mgmt_cp_pin_code_neg_reply ncp;
2207
2208 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 2209
2210 BT_ERR("PIN code is not 16 bytes long");
2211
bdb6d971 2212 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 2213 if (err >= 0)
bdb6d971 2214 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 2215 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 2216
2217 goto failed;
2218 }
2219
00abfe44 2220 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 2221 if (!cmd) {
2222 err = -ENOMEM;
980e1a53 2223 goto failed;
366a0336 2224 }
980e1a53 2225
d8457698 2226 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 2227 reply.pin_len = cp->pin_len;
24718ca5 2228 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 2229
2230 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
2231 if (err < 0)
a664b5bc 2232 mgmt_pending_remove(cmd);
980e1a53
JH		 2233
2234failed:
09fd0de5 2235 hci_dev_unlock(hdev);
980e1a53
JH		 2236 return err;
2237}
2238
04124681
GP		 2239static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
2240 u16 len)
17fa4b9d 2241{
650f726d 2242 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 2243
2244 BT_DBG("");
2245
09fd0de5 2246 hci_dev_lock(hdev);
17fa4b9d
JH		 2247
2248 hdev->io_capability = cp->io_capability;
2249
2250 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 2251 hdev->io_capability);
17fa4b9d 2252
09fd0de5 2253 hci_dev_unlock(hdev);
17fa4b9d 2254
04124681
GP		 2255 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
2256 0);
17fa4b9d
JH		 2257}
2258
6039aa73 2259static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 2260{
2261 struct hci_dev *hdev = conn->hdev;
8035ded4 2262 struct pending_cmd *cmd;
e9a416b5 2263
2e58ef3e 2264 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 2265 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
2266 continue;
2267
e9a416b5
JH		 2268 if (cmd->user_data != conn)
2269 continue;
2270
2271 return cmd;
2272 }
2273
2274 return NULL;
2275}
2276
2277static void pairing_complete(struct pending_cmd *cmd, u8 status)
2278{
2279 struct mgmt_rp_pair_device rp;
2280 struct hci_conn *conn = cmd->user_data;
2281
ba4e564f 2282 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 2283 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 2284
aee9b218 2285 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 2286 &rp, sizeof(rp));
e9a416b5
JH		 2287
2288 /* So we don't get further callbacks for this connection */
2289 conn->connect_cfm_cb = NULL;
2290 conn->security_cfm_cb = NULL;
2291 conn->disconn_cfm_cb = NULL;
2292
76a68ba0 2293 hci_conn_drop(conn);
e9a416b5 2294
a664b5bc 2295 mgmt_pending_remove(cmd);
e9a416b5
JH		 2296}
2297
2298static void pairing_complete_cb(struct hci_conn *conn, u8 status)
2299{
2300 struct pending_cmd *cmd;
2301
2302 BT_DBG("status %u", status);
2303
2304 cmd = find_pairing(conn);
56e5cb86 2305 if (!cmd)
e9a416b5 2306 BT_DBG("Unable to find a pending command");
56e5cb86 2307 else
e211326c 2308 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 2309}
2310
4c47d739
VA		 2311static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
2312{
2313 struct pending_cmd *cmd;
2314
2315 BT_DBG("status %u", status);
2316
2317 if (!status)
2318 return;
2319
2320 cmd = find_pairing(conn);
2321 if (!cmd)
2322 BT_DBG("Unable to find a pending command");
2323 else
2324 pairing_complete(cmd, mgmt_status(status));
2325}
2326
bdb6d971 2327static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2328 u16 len)
e9a416b5 2329{
650f726d 2330 struct mgmt_cp_pair_device *cp = data;
1425acb7 2331 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 2332 struct pending_cmd *cmd;
2333 u8 sec_level, auth_type;
2334 struct hci_conn *conn;
e9a416b5
JH		 2335 int err;
2336
2337 BT_DBG("");
2338
f950a30e
SJ		 2339 memset(&rp, 0, sizeof(rp));
2340 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2341 rp.addr.type = cp->addr.type;
2342
4ee71b20
JH		 2343 if (!bdaddr_type_is_valid(cp->addr.type))
2344 return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2345 MGMT_STATUS_INVALID_PARAMS,
2346 &rp, sizeof(rp));
2347
09fd0de5 2348 hci_dev_lock(hdev);
e9a416b5 2349
5f97c1df 2350 if (!hdev_is_powered(hdev)) {
f950a30e
SJ		 2351 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
2352 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
5f97c1df
JH		 2353 goto unlock;
2354 }
2355
c908df36
VCG		 2356 sec_level = BT_SECURITY_MEDIUM;
2357 if (cp->io_cap == 0x03)
e9a416b5 2358 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 2359 else
e9a416b5 2360 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 2361
591f47f3 2362 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 2363 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
2364 cp->addr.type, sec_level, auth_type);
7a512d01 2365 else
b12f62cf
AG		 2366 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
2367 cp->addr.type, sec_level, auth_type);
7a512d01 2368
30e76272 2369 if (IS_ERR(conn)) {
489dc48e
AK		 2370 int status;
2371
2372 if (PTR_ERR(conn) == -EBUSY)
2373 status = MGMT_STATUS_BUSY;
2374 else
2375 status = MGMT_STATUS_CONNECT_FAILED;
2376
bdb6d971 2377 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 2378 status, &rp,
04124681 2379 sizeof(rp));
e9a416b5
JH		 2380 goto unlock;
2381 }
2382
2383 if (conn->connect_cfm_cb) {
76a68ba0 2384 hci_conn_drop(conn);
bdb6d971 2385 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 2386 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 2387 goto unlock;
2388 }
2389
2e58ef3e 2390 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 2391 if (!cmd) {
2392 err = -ENOMEM;
76a68ba0 2393 hci_conn_drop(conn);
e9a416b5
JH		 2394 goto unlock;
2395 }
2396
7a512d01 2397 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 2398 if (cp->addr.type == BDADDR_BREDR)
7a512d01 2399 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 2400 else
2401 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 2402
e9a416b5
JH		 2403 conn->security_cfm_cb = pairing_complete_cb;
2404 conn->disconn_cfm_cb = pairing_complete_cb;
2405 conn->io_capability = cp->io_cap;
2406 cmd->user_data = conn;
2407
2408 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2409 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2410 pairing_complete(cmd, 0);
2411
2412 err = 0;
2413
2414unlock:
09fd0de5 2415 hci_dev_unlock(hdev);
e9a416b5
JH		 2416 return err;
2417}
2418
04124681
GP		 2419static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2420 u16 len)
28424707 2421{
0f4e68cf 2422 struct mgmt_addr_info *addr = data;
28424707
JH		 2423 struct pending_cmd *cmd;
2424 struct hci_conn *conn;
2425 int err;
2426
2427 BT_DBG("");
2428
28424707
JH		 2429 hci_dev_lock(hdev);
2430
5f97c1df 2431 if (!hdev_is_powered(hdev)) {
bdb6d971 2432 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2433 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2434 goto unlock;
2435 }
2436
28424707
JH		 2437 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2438 if (!cmd) {
bdb6d971 2439 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2440 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2441 goto unlock;
2442 }
2443
2444 conn = cmd->user_data;
2445
2446 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2447 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2448 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2449 goto unlock;
2450 }
2451
2452 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2453
bdb6d971 2454 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2455 addr, sizeof(*addr));
28424707
JH		 2456unlock:
2457 hci_dev_unlock(hdev);
28424707
JH		 2458 return err;
2459}
2460
bdb6d971 2461static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
1707c60e 2462 struct mgmt_addr_info *addr, u16 mgmt_op,
04124681 2463 u16 hci_op, __le32 passkey)
a5c29683 2464{
a5c29683 2465 struct pending_cmd *cmd;
0df4c185 2466 struct hci_conn *conn;
a5c29683
JH		 2467 int err;
2468
09fd0de5 2469 hci_dev_lock(hdev);
08ba5382 2470
4b34ee78 2471 if (!hdev_is_powered(hdev)) {
feb94d3d
JH		 2472 err = cmd_complete(sk, hdev->id, mgmt_op,
2473 MGMT_STATUS_NOT_POWERED, addr,
2474 sizeof(*addr));
0df4c185 2475 goto done;
a5c29683
JH		 2476 }
2477
1707c60e
JH		 2478 if (addr->type == BDADDR_BREDR)
2479 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &addr->bdaddr);
272d90df 2480 else
1707c60e 2481 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &addr->bdaddr);
272d90df
JH		 2482
2483 if (!conn) {
feb94d3d
JH		 2484 err = cmd_complete(sk, hdev->id, mgmt_op,
2485 MGMT_STATUS_NOT_CONNECTED, addr,
2486 sizeof(*addr));
272d90df
JH		 2487 goto done;
2488 }
47c15e2b 2489
1707c60e 2490 if (addr->type == BDADDR_LE_PUBLIC || addr->type == BDADDR_LE_RANDOM) {
47c15e2b 2491 /* Continue with pairing via SMP */
5fe57d9e
BG		 2492 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2493
2494 if (!err)
feb94d3d
JH		 2495 err = cmd_complete(sk, hdev->id, mgmt_op,
2496 MGMT_STATUS_SUCCESS, addr,
2497 sizeof(*addr));
5fe57d9e 2498 else
feb94d3d
JH		 2499 err = cmd_complete(sk, hdev->id, mgmt_op,
2500 MGMT_STATUS_FAILED, addr,
2501 sizeof(*addr));
47c15e2b 2502
47c15e2b
BG		 2503 goto done;
2504 }
2505
1707c60e 2506 cmd = mgmt_pending_add(sk, mgmt_op, hdev, addr, sizeof(*addr));
a5c29683
JH		 2507 if (!cmd) {
2508 err = -ENOMEM;
0df4c185 2509 goto done;
a5c29683
JH		 2510 }
2511
0df4c185 2512 /* Continue with pairing via HCI */
604086b7
BG		 2513 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2514 struct hci_cp_user_passkey_reply cp;
2515
1707c60e 2516 bacpy(&cp.bdaddr, &addr->bdaddr);
604086b7
BG		 2517 cp.passkey = passkey;
2518 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2519 } else
1707c60e
JH		 2520 err = hci_send_cmd(hdev, hci_op, sizeof(addr->bdaddr),
2521 &addr->bdaddr);
604086b7 2522
a664b5bc
JH		 2523 if (err < 0)
2524 mgmt_pending_remove(cmd);
a5c29683 2525
0df4c185 2526done:
09fd0de5 2527 hci_dev_unlock(hdev);
a5c29683
JH		 2528 return err;
2529}
2530
afeb019d
JK		 2531static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2532 void *data, u16 len)
2533{
2534 struct mgmt_cp_pin_code_neg_reply *cp = data;
2535
2536 BT_DBG("");
2537
1707c60e 2538 return user_pairing_resp(sk, hdev, &cp->addr,
afeb019d
JK		 2539 MGMT_OP_PIN_CODE_NEG_REPLY,
2540 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2541}
2542
04124681
GP		 2543static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2544 u16 len)
0df4c185 2545{
650f726d 2546 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2547
2548 BT_DBG("");
2549
2550 if (len != sizeof(*cp))
bdb6d971 2551 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2552 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2553
1707c60e 2554 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2555 MGMT_OP_USER_CONFIRM_REPLY,
2556 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2557}
2558
bdb6d971 2559static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2560 void *data, u16 len)
0df4c185 2561{
c9c2659f 2562 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2563
2564 BT_DBG("");
2565
1707c60e 2566 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2567 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2568 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2569}
2570
04124681
GP		 2571static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2572 u16 len)
604086b7 2573{
650f726d 2574 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2575
2576 BT_DBG("");
2577
1707c60e 2578 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2579 MGMT_OP_USER_PASSKEY_REPLY,
2580 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2581}
2582
bdb6d971 2583static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2584 void *data, u16 len)
604086b7 2585{
650f726d 2586 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2587
2588 BT_DBG("");
2589
1707c60e 2590 return user_pairing_resp(sk, hdev, &cp->addr,
04124681
GP		 2591 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2592 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2593}
2594
13928971 2595static void update_name(struct hci_request *req)
2b4bf397 2596{
13928971 2597 struct hci_dev *hdev = req->hdev;
2b4bf397
JH		 2598 struct hci_cp_write_local_name cp;
2599
13928971 2600 memcpy(cp.name, hdev->dev_name, sizeof(cp.name));
2b4bf397 2601
890ea898 2602 hci_req_add(req, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2b4bf397
JH		 2603}
2604
13928971
JH		 2605static void set_name_complete(struct hci_dev *hdev, u8 status)
2606{
2607 struct mgmt_cp_set_local_name *cp;
2608 struct pending_cmd *cmd;
2609
2610 BT_DBG("status 0x%02x", status);
2611
2612 hci_dev_lock(hdev);
2613
2614 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2615 if (!cmd)
2616 goto unlock;
2617
2618 cp = cmd->param;
2619
2620 if (status)
2621 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2622 mgmt_status(status));
2623 else
2624 cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2625 cp, sizeof(*cp));
2626
2627 mgmt_pending_remove(cmd);
2628
2629unlock:
2630 hci_dev_unlock(hdev);
2631}
2632
bdb6d971 2633static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2634 u16 len)
b312b161 2635{
2b4bf397 2636 struct mgmt_cp_set_local_name *cp = data;
b312b161 2637 struct pending_cmd *cmd;
890ea898 2638 struct hci_request req;
b312b161
JH		 2639 int err;
2640
2641 BT_DBG("");
2642
09fd0de5 2643 hci_dev_lock(hdev);
b312b161 2644
b3f2ca94
JH		 2645 /* If the old values are the same as the new ones just return a
2646 * direct command complete event.
2647 */
2648 if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) &&
2649 !memcmp(hdev->short_name, cp->short_name,
2650 sizeof(hdev->short_name))) {
2651 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
2652 data, len);
2653 goto failed;
2654 }
2655
2b4bf397 2656 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2657
b5235a65 2658 if (!hdev_is_powered(hdev)) {
2b4bf397 2659 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2660
2661 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2662 data, len);
28cc7bde
JH		 2663 if (err < 0)
2664 goto failed;
2665
2666 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2667 sk);
28cc7bde 2668
b5235a65
JH		 2669 goto failed;
2670 }
2671
28cc7bde 2672 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2673 if (!cmd) {
2674 err = -ENOMEM;
2675 goto failed;
2676 }
2677
13928971
JH		 2678 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
2679
890ea898 2680 hci_req_init(&req, hdev);
3f985050
JH		 2681
2682 if (lmp_bredr_capable(hdev)) {
2683 update_name(&req);
2684 update_eir(&req);
2685 }
2686
2687 if (lmp_le_capable(hdev))
2688 hci_update_ad(&req);
2689
13928971 2690 err = hci_req_run(&req, set_name_complete);
b312b161
JH		 2691 if (err < 0)
2692 mgmt_pending_remove(cmd);
2693
2694failed:
09fd0de5 2695 hci_dev_unlock(hdev);
b312b161
JH		 2696 return err;
2697}
2698
0f4e68cf 2699static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2700 void *data, u16 data_len)
c35938b2 2701{
c35938b2
SJ		 2702 struct pending_cmd *cmd;
2703 int err;
2704
bdb6d971 2705 BT_DBG("%s", hdev->name);
c35938b2 2706
09fd0de5 2707 hci_dev_lock(hdev);
c35938b2 2708
4b34ee78 2709 if (!hdev_is_powered(hdev)) {
bdb6d971 2710 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2711 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2712 goto unlock;
2713 }
2714
9a1a1996 2715 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2716 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2717 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2718 goto unlock;
2719 }
2720
2e58ef3e 2721 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2722 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2723 MGMT_STATUS_BUSY);
c35938b2
SJ		 2724 goto unlock;
2725 }
2726
2e58ef3e 2727 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2728 if (!cmd) {
2729 err = -ENOMEM;
2730 goto unlock;
2731 }
2732
2733 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2734 if (err < 0)
2735 mgmt_pending_remove(cmd);
2736
2737unlock:
09fd0de5 2738 hci_dev_unlock(hdev);
c35938b2
SJ		 2739 return err;
2740}
2741
bdb6d971 2742static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2743 void *data, u16 len)
2763eda6 2744{
650f726d 2745 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2746 u8 status;
2763eda6
SJ		 2747 int err;
2748
bdb6d971 2749 BT_DBG("%s ", hdev->name);
2763eda6 2750
09fd0de5 2751 hci_dev_lock(hdev);
2763eda6 2752
664ce4cc 2753 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2754 cp->randomizer);
2763eda6 2755 if (err < 0)
bf1e3541 2756 status = MGMT_STATUS_FAILED;
2763eda6 2757 else
a6785be2 2758 status = MGMT_STATUS_SUCCESS;
bf1e3541 2759
bdb6d971 2760 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2761 &cp->addr, sizeof(cp->addr));
2763eda6 2762
09fd0de5 2763 hci_dev_unlock(hdev);
2763eda6
SJ		 2764 return err;
2765}
2766
bdb6d971 2767static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2768 void *data, u16 len)
2763eda6 2769{
650f726d 2770 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2771 u8 status;
2763eda6
SJ		 2772 int err;
2773
bdb6d971 2774 BT_DBG("%s", hdev->name);
2763eda6 2775
09fd0de5 2776 hci_dev_lock(hdev);
2763eda6 2777
664ce4cc 2778 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2779 if (err < 0)
bf1e3541 2780 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2781 else
a6785be2 2782 status = MGMT_STATUS_SUCCESS;
bf1e3541 2783
bdb6d971 2784 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2785 status, &cp->addr, sizeof(cp->addr));
2763eda6 2786
09fd0de5 2787 hci_dev_unlock(hdev);
2763eda6
SJ		 2788 return err;
2789}
2790
41dc2bd6
AG		 2791static int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2792{
2793 struct pending_cmd *cmd;
2794 u8 type;
2795 int err;
2796
2797 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2798
2799 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2800 if (!cmd)
2801 return -ENOENT;
2802
2803 type = hdev->discovery.type;
2804
2805 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
2806 &type, sizeof(type));
2807 mgmt_pending_remove(cmd);
2808
2809 return err;
2810}
2811
7c307720
AG		 2812static void start_discovery_complete(struct hci_dev *hdev, u8 status)
2813{
2814 BT_DBG("status %d", status);
2815
2816 if (status) {
2817 hci_dev_lock(hdev);
2818 mgmt_start_discovery_failed(hdev, status);
2819 hci_dev_unlock(hdev);
2820 return;
2821 }
2822
2823 hci_dev_lock(hdev);
2824 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
2825 hci_dev_unlock(hdev);
2826
2827 switch (hdev->discovery.type) {
2828 case DISCOV_TYPE_LE:
2829 queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable,
0d8cc935 2830 DISCOV_LE_TIMEOUT);
7c307720
AG		 2831 break;
2832
2833 case DISCOV_TYPE_INTERLEAVED:
2834 queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable,
0d8cc935 2835 DISCOV_INTERLEAVED_TIMEOUT);
7c307720
AG		 2836 break;
2837
2838 case DISCOV_TYPE_BREDR:
2839 break;
2840
2841 default:
2842 BT_ERR("Invalid discovery type %d", hdev->discovery.type);
2843 }
2844}
2845
bdb6d971 2846static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2847 void *data, u16 len)
14a53664 2848{
650f726d 2849 struct mgmt_cp_start_discovery *cp = data;
14a53664 2850 struct pending_cmd *cmd;
7c307720
AG		 2851 struct hci_cp_le_set_scan_param param_cp;
2852 struct hci_cp_le_set_scan_enable enable_cp;
2853 struct hci_cp_inquiry inq_cp;
2854 struct hci_request req;
2855 /* General inquiry access code (GIAC) */
2856 u8 lap[3] = { 0x33, 0x8b, 0x9e };
e6fe7986 2857 u8 status;
14a53664
JH		 2858 int err;
2859
bdb6d971 2860 BT_DBG("%s", hdev->name);
14a53664 2861
09fd0de5 2862 hci_dev_lock(hdev);
14a53664 2863
4b34ee78 2864 if (!hdev_is_powered(hdev)) {
bdb6d971 2865 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2866 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2867 goto failed;
2868 }
2869
642be6c7
AG		 2870 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2871 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2872 MGMT_STATUS_BUSY);
2873 goto failed;
2874 }
2875
ff9ef578 2876 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2877 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2878 MGMT_STATUS_BUSY);
ff9ef578
JH		 2879 goto failed;
2880 }
2881
2e58ef3e 2882 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2883 if (!cmd) {
2884 err = -ENOMEM;
2885 goto failed;
2886 }
2887
4aab14e5
AG		 2888 hdev->discovery.type = cp->type;
2889
7c307720
AG		 2890 hci_req_init(&req, hdev);
2891
4aab14e5 2892 switch (hdev->discovery.type) {
f39799f5 2893 case DISCOV_TYPE_BREDR:
e6fe7986
JH		 2894 status = mgmt_bredr_support(hdev);
2895 if (status) {
04106755 2896 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
e6fe7986 2897 status);
04106755
JH		 2898 mgmt_pending_remove(cmd);
2899 goto failed;
2900 }
2901
7c307720
AG		 2902 if (test_bit(HCI_INQUIRY, &hdev->flags)) {
2903 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2904 MGMT_STATUS_BUSY);
2905 mgmt_pending_remove(cmd);
2906 goto failed;
2907 }
2908
2909 hci_inquiry_cache_flush(hdev);
2910
2911 memset(&inq_cp, 0, sizeof(inq_cp));
2912 memcpy(&inq_cp.lap, lap, sizeof(inq_cp.lap));
0d8cc935 2913 inq_cp.length = DISCOV_BREDR_INQUIRY_LEN;
7c307720 2914 hci_req_add(&req, HCI_OP_INQUIRY, sizeof(inq_cp), &inq_cp);
f39799f5
AG		 2915 break;
2916
2917 case DISCOV_TYPE_LE:
7c307720 2918 case DISCOV_TYPE_INTERLEAVED:
e6fe7986
JH		 2919 status = mgmt_le_support(hdev);
2920 if (status) {
04106755 2921 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
e6fe7986 2922 status);
04106755
JH		 2923 mgmt_pending_remove(cmd);
2924 goto failed;
2925 }
2926
7c307720 2927 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
56f87901 2928 !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) {
04106755
JH		 2929 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2930 MGMT_STATUS_NOT_SUPPORTED);
2931 mgmt_pending_remove(cmd);
2932 goto failed;
2933 }
2934
f3d3444a 2935 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
7c307720
AG		 2936 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2937 MGMT_STATUS_REJECTED);
2938 mgmt_pending_remove(cmd);
2939 goto failed;
2940 }
2941
2942 if (test_bit(HCI_LE_SCAN, &hdev->dev_flags)) {
2943 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2944 MGMT_STATUS_BUSY);
2945 mgmt_pending_remove(cmd);
2946 goto failed;
2947 }
2948
2949 memset(&param_cp, 0, sizeof(param_cp));
2950 param_cp.type = LE_SCAN_ACTIVE;
0d8cc935
AG		 2951 param_cp.interval = cpu_to_le16(DISCOV_LE_SCAN_INT);
2952 param_cp.window = cpu_to_le16(DISCOV_LE_SCAN_WIN);
c25dfc61
MH		 2953 if (bacmp(&hdev->bdaddr, BDADDR_ANY))
2954 param_cp.own_address_type = ADDR_LE_DEV_PUBLIC;
2955 else
2956 param_cp.own_address_type = ADDR_LE_DEV_RANDOM;
7c307720
AG		 2957 hci_req_add(&req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp),
2958 &param_cp);
2959
2960 memset(&enable_cp, 0, sizeof(enable_cp));
2961 enable_cp.enable = LE_SCAN_ENABLE;
2962 enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE;
2963 hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp),
2964 &enable_cp);
5e0452c0
AG		 2965 break;
2966
f39799f5 2967 default:
04106755
JH		 2968 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2969 MGMT_STATUS_INVALID_PARAMS);
2970 mgmt_pending_remove(cmd);
2971 goto failed;
f39799f5 2972 }
3fd24153 2973
7c307720 2974 err = hci_req_run(&req, start_discovery_complete);
14a53664
JH		 2975 if (err < 0)
2976 mgmt_pending_remove(cmd);
ff9ef578
JH		 2977 else
2978 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2979
2980failed:
09fd0de5 2981 hci_dev_unlock(hdev);
14a53664
JH		 2982 return err;
2983}
2984
1183fdca
AG		 2985static int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
2986{
2987 struct pending_cmd *cmd;
2988 int err;
2989
2990 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2991 if (!cmd)
2992 return -ENOENT;
2993
2994 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
2995 &hdev->discovery.type, sizeof(hdev->discovery.type));
2996 mgmt_pending_remove(cmd);
2997
2998 return err;
2999}
3000
0e05bba6
AG		 3001static void stop_discovery_complete(struct hci_dev *hdev, u8 status)
3002{
3003 BT_DBG("status %d", status);
3004
3005 hci_dev_lock(hdev);
3006
3007 if (status) {
3008 mgmt_stop_discovery_failed(hdev, status);
3009 goto unlock;
3010 }
3011
3012 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3013
3014unlock:
3015 hci_dev_unlock(hdev);
3016}
3017
bdb6d971 3018static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3019 u16 len)
14a53664 3020{
d930650b 3021 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 3022 struct pending_cmd *cmd;
30dc78e1
JH		 3023 struct hci_cp_remote_name_req_cancel cp;
3024 struct inquiry_entry *e;
0e05bba6
AG		 3025 struct hci_request req;
3026 struct hci_cp_le_set_scan_enable enable_cp;
14a53664
JH		 3027 int err;
3028
bdb6d971 3029 BT_DBG("%s", hdev->name);
14a53664 3030
09fd0de5 3031 hci_dev_lock(hdev);
14a53664 3032
30dc78e1 3033 if (!hci_discovery_active(hdev)) {
bdb6d971 3034 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 3035 MGMT_STATUS_REJECTED, &mgmt_cp->type,
3036 sizeof(mgmt_cp->type));
d930650b
JH		 3037 goto unlock;
3038 }
3039
3040 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 3041 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 3042 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
3043 sizeof(mgmt_cp->type));
30dc78e1 3044 goto unlock;
ff9ef578
JH		 3045 }
3046
2e58ef3e 3047 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 3048 if (!cmd) {
3049 err = -ENOMEM;
30dc78e1
JH		 3050 goto unlock;
3051 }
3052
0e05bba6
AG		 3053 hci_req_init(&req, hdev);
3054
e0d9727e
AG		 3055 switch (hdev->discovery.state) {
3056 case DISCOVERY_FINDING:
0e05bba6
AG		 3057 if (test_bit(HCI_INQUIRY, &hdev->flags)) {
3058 hci_req_add(&req, HCI_OP_INQUIRY_CANCEL, 0, NULL);
3059 } else {
3060 cancel_delayed_work(&hdev->le_scan_disable);
3061
3062 memset(&enable_cp, 0, sizeof(enable_cp));
3063 enable_cp.enable = LE_SCAN_DISABLE;
3064 hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE,
3065 sizeof(enable_cp), &enable_cp);
3066 }
c9ecc48e 3067
e0d9727e
AG		 3068 break;
3069
3070 case DISCOVERY_RESOLVING:
3071 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 3072 NAME_PENDING);
e0d9727e 3073 if (!e) {
30dc78e1 3074 mgmt_pending_remove(cmd);
e0d9727e
AG		 3075 err = cmd_complete(sk, hdev->id,
3076 MGMT_OP_STOP_DISCOVERY, 0,
3077 &mgmt_cp->type,
3078 sizeof(mgmt_cp->type));
3079 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3080 goto unlock;
3081 }
30dc78e1 3082
e0d9727e 3083 bacpy(&cp.bdaddr, &e->data.bdaddr);
0e05bba6
AG		 3084 hci_req_add(&req, HCI_OP_REMOTE_NAME_REQ_CANCEL, sizeof(cp),
3085 &cp);
e0d9727e
AG		 3086
3087 break;
3088
3089 default:
3090 BT_DBG("unknown discovery state %u", hdev->discovery.state);
0e05bba6
AG		 3091
3092 mgmt_pending_remove(cmd);
3093 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
3094 MGMT_STATUS_FAILED, &mgmt_cp->type,
3095 sizeof(mgmt_cp->type));
3096 goto unlock;
14a53664
JH		 3097 }
3098
0e05bba6 3099 err = hci_req_run(&req, stop_discovery_complete);
14a53664
JH		 3100 if (err < 0)
3101 mgmt_pending_remove(cmd);
ff9ef578
JH		 3102 else
3103 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 3104
30dc78e1 3105unlock:
09fd0de5 3106 hci_dev_unlock(hdev);
14a53664
JH		 3107 return err;
3108}
3109
bdb6d971 3110static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3111 u16 len)
561aafbc 3112{
650f726d 3113 struct mgmt_cp_confirm_name *cp = data;
561aafbc 3114 struct inquiry_entry *e;
561aafbc
JH		 3115 int err;
3116
bdb6d971 3117 BT_DBG("%s", hdev->name);
561aafbc 3118
561aafbc
JH		 3119 hci_dev_lock(hdev);
3120
30dc78e1 3121 if (!hci_discovery_active(hdev)) {
bdb6d971 3122 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 3123 MGMT_STATUS_FAILED);
30dc78e1
JH		 3124 goto failed;
3125 }
3126
a198e7b1 3127 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 3128 if (!e) {
bdb6d971 3129 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 3130 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 3131 goto failed;
3132 }
3133
3134 if (cp->name_known) {
3135 e->name_state = NAME_KNOWN;
3136 list_del(&e->list);
3137 } else {
3138 e->name_state = NAME_NEEDED;
a3d4e20a 3139 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 3140 }
3141
e384662b
JH		 3142 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
3143 sizeof(cp->addr));
561aafbc
JH		 3144
3145failed:
3146 hci_dev_unlock(hdev);
561aafbc
JH		 3147 return err;
3148}
3149
bdb6d971 3150static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3151 u16 len)
7fbec224 3152{
650f726d 3153 struct mgmt_cp_block_device *cp = data;
f0eeea8b 3154 u8 status;
7fbec224
AJ		 3155 int err;
3156
bdb6d971 3157 BT_DBG("%s", hdev->name);
7fbec224 3158
4ee71b20 3159 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 3160 return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE,
3161 MGMT_STATUS_INVALID_PARAMS,
3162 &cp->addr, sizeof(cp->addr));
4ee71b20 3163
09fd0de5 3164 hci_dev_lock(hdev);
5e762444 3165
88c1fe4b 3166 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 3167 if (err < 0)
f0eeea8b 3168 status = MGMT_STATUS_FAILED;
7fbec224 3169 else
a6785be2 3170 status = MGMT_STATUS_SUCCESS;
f0eeea8b 3171
bdb6d971 3172 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 3173 &cp->addr, sizeof(cp->addr));
5e762444 3174
09fd0de5 3175 hci_dev_unlock(hdev);
7fbec224
AJ		 3176
3177 return err;
3178}
3179
bdb6d971 3180static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 3181 u16 len)
7fbec224 3182{
650f726d 3183 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 3184 u8 status;
7fbec224
AJ		 3185 int err;
3186
bdb6d971 3187 BT_DBG("%s", hdev->name);
7fbec224 3188
4ee71b20 3189 if (!bdaddr_type_is_valid(cp->addr.type))
5d0846d4
JH		 3190 return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE,
3191 MGMT_STATUS_INVALID_PARAMS,
3192 &cp->addr, sizeof(cp->addr));
4ee71b20 3193
09fd0de5 3194 hci_dev_lock(hdev);
5e762444 3195
88c1fe4b 3196 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 3197 if (err < 0)
f0eeea8b 3198 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 3199 else
a6785be2 3200 status = MGMT_STATUS_SUCCESS;
f0eeea8b 3201
bdb6d971 3202 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 3203 &cp->addr, sizeof(cp->addr));
5e762444 3204
09fd0de5 3205 hci_dev_unlock(hdev);
7fbec224
AJ		 3206
3207 return err;
3208}
3209
cdbaccca
MH		 3210static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
3211 u16 len)
3212{
3213 struct mgmt_cp_set_device_id *cp = data;
890ea898 3214 struct hci_request req;
cdbaccca 3215 int err;
c72d4b8a 3216 __u16 source;
cdbaccca
MH		 3217
3218 BT_DBG("%s", hdev->name);
3219
c72d4b8a
SJ		 3220 source = __le16_to_cpu(cp->source);
3221
3222 if (source > 0x0002)
3223 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
3224 MGMT_STATUS_INVALID_PARAMS);
3225
cdbaccca
MH		 3226 hci_dev_lock(hdev);
3227
c72d4b8a 3228 hdev->devid_source = source;
cdbaccca
MH		 3229 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
3230 hdev->devid_product = __le16_to_cpu(cp->product);
3231 hdev->devid_version = __le16_to_cpu(cp->version);
3232
3233 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
3234
890ea898
JH		 3235 hci_req_init(&req, hdev);
3236 update_eir(&req);
3237 hci_req_run(&req, NULL);
cdbaccca
MH		 3238
3239 hci_dev_unlock(hdev);
3240
3241 return err;
3242}
3243
4375f103
JH		 3244static void set_advertising_complete(struct hci_dev *hdev, u8 status)
3245{
3246 struct cmd_lookup match = { NULL, hdev };
3247
3248 if (status) {
3249 u8 mgmt_err = mgmt_status(status);
3250
3251 mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev,
3252 cmd_status_rsp, &mgmt_err);
3253 return;
3254 }
3255
3256 mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, settings_rsp,
3257 &match);
3258
3259 new_settings(hdev, match.sk);
3260
3261 if (match.sk)
3262 sock_put(match.sk);
3263}
3264
21b5187f
MH		 3265static int set_advertising(struct sock *sk, struct hci_dev *hdev, void *data,
3266 u16 len)
4375f103
JH		 3267{
3268 struct mgmt_mode *cp = data;
3269 struct pending_cmd *cmd;
3270 struct hci_request req;
e6fe7986 3271 u8 val, enabled, status;
4375f103
JH		 3272 int err;
3273
3274 BT_DBG("request for %s", hdev->name);
3275
e6fe7986
JH		 3276 status = mgmt_le_support(hdev);
3277 if (status)
4375f103 3278 return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
e6fe7986 3279 status);
4375f103
JH		 3280
3281 if (cp->val != 0x00 && cp->val != 0x01)
3282 return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
3283 MGMT_STATUS_INVALID_PARAMS);
3284
3285 hci_dev_lock(hdev);
3286
3287 val = !!cp->val;
f3d3444a 3288 enabled = test_bit(HCI_ADVERTISING, &hdev->dev_flags);
4375f103 3289
f74ca9b8
JH		 3290 /* The following conditions are ones which mean that we should
3291 * not do any HCI communication but directly send a mgmt
3292 * response to user space (after toggling the flag if
3293 * necessary).
3294 */
3295 if (!hdev_is_powered(hdev) || val == enabled ||
b145edcd 3296 hci_conn_num(hdev, LE_LINK) > 0) {
4375f103
JH		 3297 bool changed = false;
3298
f3d3444a
JH		 3299 if (val != test_bit(HCI_ADVERTISING, &hdev->dev_flags)) {
3300 change_bit(HCI_ADVERTISING, &hdev->dev_flags);
4375f103
JH		 3301 changed = true;
3302 }
3303
3304 err = send_settings_rsp(sk, MGMT_OP_SET_ADVERTISING, hdev);
3305 if (err < 0)
3306 goto unlock;
3307
3308 if (changed)
3309 err = new_settings(hdev, sk);
3310
3311 goto unlock;
3312 }
3313
3314 if (mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev) ||
3315 mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
3316 err = cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING,
3317 MGMT_STATUS_BUSY);
3318 goto unlock;
3319 }
3320
3321 cmd = mgmt_pending_add(sk, MGMT_OP_SET_ADVERTISING, hdev, data, len);
3322 if (!cmd) {
3323 err = -ENOMEM;
3324 goto unlock;
3325 }
3326
3327 hci_req_init(&req, hdev);
3328
bba3aa55
MH		 3329 if (val)
3330 enable_advertising(&req);
3331 else
3332 disable_advertising(&req);
4375f103
JH		 3333
3334 err = hci_req_run(&req, set_advertising_complete);
3335 if (err < 0)
3336 mgmt_pending_remove(cmd);
3337
3338unlock:
3339 hci_dev_unlock(hdev);
3340 return err;
3341}
3342
d13eafce
MH		 3343static int set_static_address(struct sock *sk, struct hci_dev *hdev,
3344 void *data, u16 len)
3345{
3346 struct mgmt_cp_set_static_address *cp = data;
3347 int err;
3348
3349 BT_DBG("%s", hdev->name);
3350
62af4443 3351 if (!lmp_le_capable(hdev))
d13eafce 3352 return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS,
62af4443 3353 MGMT_STATUS_NOT_SUPPORTED);
d13eafce
MH		 3354
3355 if (hdev_is_powered(hdev))
3356 return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS,
3357 MGMT_STATUS_REJECTED);
3358
3359 if (bacmp(&cp->bdaddr, BDADDR_ANY)) {
3360 if (!bacmp(&cp->bdaddr, BDADDR_NONE))
3361 return cmd_status(sk, hdev->id,
3362 MGMT_OP_SET_STATIC_ADDRESS,
3363 MGMT_STATUS_INVALID_PARAMS);
3364
3365 /* Two most significant bits shall be set */
3366 if ((cp->bdaddr.b[5] & 0xc0) != 0xc0)
3367 return cmd_status(sk, hdev->id,
3368 MGMT_OP_SET_STATIC_ADDRESS,
3369 MGMT_STATUS_INVALID_PARAMS);
3370 }
3371
3372 hci_dev_lock(hdev);
3373
3374 bacpy(&hdev->static_addr, &cp->bdaddr);
3375
3376 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS, 0, NULL, 0);
3377
3378 hci_dev_unlock(hdev);
3379
3380 return err;
3381}
3382
14b49b9a
MH		 3383static int set_scan_params(struct sock *sk, struct hci_dev *hdev,
3384 void *data, u16 len)
3385{
3386 struct mgmt_cp_set_scan_params *cp = data;
3387 __u16 interval, window;
3388 int err;
3389
3390 BT_DBG("%s", hdev->name);
3391
3392 if (!lmp_le_capable(hdev))
3393 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3394 MGMT_STATUS_NOT_SUPPORTED);
3395
3396 interval = __le16_to_cpu(cp->interval);
3397
3398 if (interval < 0x0004 || interval > 0x4000)
3399 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3400 MGMT_STATUS_INVALID_PARAMS);
3401
3402 window = __le16_to_cpu(cp->window);
3403
3404 if (window < 0x0004 || window > 0x4000)
3405 return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS,
3406 MGMT_STATUS_INVALID_PARAMS);
3407
3408 hci_dev_lock(hdev);
3409
3410 hdev->le_scan_interval = interval;
3411 hdev->le_scan_window = window;
3412
3413 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, 0, NULL, 0);
3414
3415 hci_dev_unlock(hdev);
3416
3417 return err;
3418}
3419
33e38b3e
JH		 3420static void fast_connectable_complete(struct hci_dev *hdev, u8 status)
3421{
3422 struct pending_cmd *cmd;
3423
3424 BT_DBG("status 0x%02x", status);
3425
3426 hci_dev_lock(hdev);
3427
3428 cmd = mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev);
3429 if (!cmd)
3430 goto unlock;
3431
3432 if (status) {
3433 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3434 mgmt_status(status));
3435 } else {
1a4d3c4b
JH		 3436 struct mgmt_mode *cp = cmd->param;
3437
3438 if (cp->val)
3439 set_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3440 else
3441 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3442
33e38b3e
JH		 3443 send_settings_rsp(cmd->sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev);
3444 new_settings(hdev, cmd->sk);
3445 }
3446
3447 mgmt_pending_remove(cmd);
3448
3449unlock:
3450 hci_dev_unlock(hdev);
3451}
3452
bdb6d971 3453static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 3454 void *data, u16 len)
f6422ec6 3455{
650f726d 3456 struct mgmt_mode *cp = data;
33e38b3e
JH		 3457 struct pending_cmd *cmd;
3458 struct hci_request req;
f6422ec6
AJ		 3459 int err;
3460
bdb6d971 3461 BT_DBG("%s", hdev->name);
f6422ec6 3462
56f87901
JH		 3463 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) ||
3464 hdev->hci_ver < BLUETOOTH_VER_1_2)
33c525c0
JH		 3465 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3466 MGMT_STATUS_NOT_SUPPORTED);
3467
a7e80f25
JH		 3468 if (cp->val != 0x00 && cp->val != 0x01)
3469 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3470 MGMT_STATUS_INVALID_PARAMS);
3471
5400c044 3472 if (!hdev_is_powered(hdev))
bdb6d971 3473 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3474 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 3475
3476 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 3477 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3478 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 3479
3480 hci_dev_lock(hdev);
3481
05cbf29f
JH		 3482 if (mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev)) {
3483 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
3484 MGMT_STATUS_BUSY);
3485 goto unlock;
3486 }
3487
1a4d3c4b
JH		 3488 if (!!cp->val == test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) {
3489 err = send_settings_rsp(sk, MGMT_OP_SET_FAST_CONNECTABLE,
3490 hdev);
3491 goto unlock;
3492 }
3493
33e38b3e
JH		 3494 cmd = mgmt_pending_add(sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev,
3495 data, len);
3496 if (!cmd) {
3497 err = -ENOMEM;
3498 goto unlock;
f6422ec6
AJ		 3499 }
3500
33e38b3e
JH		 3501 hci_req_init(&req, hdev);
3502
406d7804 3503 write_fast_connectable(&req, cp->val);
33e38b3e
JH		 3504
3505 err = hci_req_run(&req, fast_connectable_complete);
f6422ec6 3506 if (err < 0) {
bdb6d971 3507 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 3508 MGMT_STATUS_FAILED);
33e38b3e 3509 mgmt_pending_remove(cmd);
f6422ec6
AJ		 3510 }
3511
33e38b3e 3512unlock:
f6422ec6 3513 hci_dev_unlock(hdev);
33e38b3e 3514
f6422ec6
AJ		 3515 return err;
3516}
3517
0663ca2a
JH		 3518static void set_bredr_complete(struct hci_dev *hdev, u8 status)
3519{
3520 struct pending_cmd *cmd;
3521
3522 BT_DBG("status 0x%02x", status);
3523
3524 hci_dev_lock(hdev);
3525
3526 cmd = mgmt_pending_find(MGMT_OP_SET_BREDR, hdev);
3527 if (!cmd)
3528 goto unlock;
3529
3530 if (status) {
3531 u8 mgmt_err = mgmt_status(status);
3532
3533 /* We need to restore the flag if related HCI commands
3534 * failed.
3535 */
3536 clear_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3537
3538 cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err);
3539 } else {
3540 send_settings_rsp(cmd->sk, MGMT_OP_SET_BREDR, hdev);
3541 new_settings(hdev, cmd->sk);
3542 }
3543
3544 mgmt_pending_remove(cmd);
3545
3546unlock:
3547 hci_dev_unlock(hdev);
3548}
3549
3550static int set_bredr(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
3551{
3552 struct mgmt_mode *cp = data;
3553 struct pending_cmd *cmd;
3554 struct hci_request req;
3555 int err;
3556
3557 BT_DBG("request for %s", hdev->name);
3558
3559 if (!lmp_bredr_capable(hdev) || !lmp_le_capable(hdev))
3560 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3561 MGMT_STATUS_NOT_SUPPORTED);
3562
3563 if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3564 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3565 MGMT_STATUS_REJECTED);
3566
3567 if (cp->val != 0x00 && cp->val != 0x01)
3568 return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3569 MGMT_STATUS_INVALID_PARAMS);
3570
3571 hci_dev_lock(hdev);
3572
3573 if (cp->val == test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) {
3574 err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev);
3575 goto unlock;
3576 }
3577
3578 if (!hdev_is_powered(hdev)) {
3579 if (!cp->val) {
3580 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
3581 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
3582 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
3583 clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
3584 clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags);
3585 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
3586 }
3587
3588 change_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3589
3590 err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev);
3591 if (err < 0)
3592 goto unlock;
3593
3594 err = new_settings(hdev, sk);
3595 goto unlock;
3596 }
3597
3598 /* Reject disabling when powered on */
3599 if (!cp->val) {
3600 err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3601 MGMT_STATUS_REJECTED);
3602 goto unlock;
3603 }
3604
3605 if (mgmt_pending_find(MGMT_OP_SET_BREDR, hdev)) {
3606 err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR,
3607 MGMT_STATUS_BUSY);
3608 goto unlock;
3609 }
3610
3611 cmd = mgmt_pending_add(sk, MGMT_OP_SET_BREDR, hdev, data, len);
3612 if (!cmd) {
3613 err = -ENOMEM;
3614 goto unlock;
3615 }
3616
3617 /* We need to flip the bit already here so that hci_update_ad
3618 * generates the correct flags.
3619 */
3620 set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
3621
3622 hci_req_init(&req, hdev);
3623 hci_update_ad(&req);
3624 err = hci_req_run(&req, set_bredr_complete);
3625 if (err < 0)
3626 mgmt_pending_remove(cmd);
3627
3628unlock:
3629 hci_dev_unlock(hdev);
3630 return err;
3631}
3632
3f706b72
JH		 3633static bool ltk_is_valid(struct mgmt_ltk_info *key)
3634{
44b20d33
JH		 3635 if (key->authenticated != 0x00 && key->authenticated != 0x01)
3636 return false;
3f706b72
JH		 3637 if (key->master != 0x00 && key->master != 0x01)
3638 return false;
4ee71b20
JH		 3639 if (!bdaddr_type_is_le(key->addr.type))
3640 return false;
3f706b72
JH		 3641 return true;
3642}
3643
bdb6d971 3644static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 3645 void *cp_data, u16 len)
346af67b 3646{
346af67b
VCG		 3647 struct mgmt_cp_load_long_term_keys *cp = cp_data;
3648 u16 key_count, expected_len;
715a5bf2 3649 int i, err;
346af67b 3650
cf99ba13
MH		 3651 BT_DBG("request for %s", hdev->name);
3652
3653 if (!lmp_le_capable(hdev))
3654 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
3655 MGMT_STATUS_NOT_SUPPORTED);
3656
1f350c87 3657 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 3658
3659 expected_len = sizeof(*cp) + key_count *
3660 sizeof(struct mgmt_ltk_info);
3661 if (expected_len != len) {
3662 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 3663 len, expected_len);
bdb6d971 3664 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
e57e619f 3665 MGMT_STATUS_INVALID_PARAMS);
346af67b
VCG		 3666 }
3667
bdb6d971 3668 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b 3669
54ad6d8a
JH		 3670 for (i = 0; i < key_count; i++) {
3671 struct mgmt_ltk_info *key = &cp->keys[i];
3672
3f706b72 3673 if (!ltk_is_valid(key))
54ad6d8a
JH		 3674 return cmd_status(sk, hdev->id,
3675 MGMT_OP_LOAD_LONG_TERM_KEYS,
3676 MGMT_STATUS_INVALID_PARAMS);
3677 }
3678
346af67b
VCG		 3679 hci_dev_lock(hdev);
3680
3681 hci_smp_ltks_clear(hdev);
3682
3683 for (i = 0; i < key_count; i++) {
3684 struct mgmt_ltk_info *key = &cp->keys[i];
79d95a19
MH		 3685 u8 type, addr_type;
3686
3687 if (key->addr.type == BDADDR_LE_PUBLIC)
3688 addr_type = ADDR_LE_DEV_PUBLIC;
3689 else
3690 addr_type = ADDR_LE_DEV_RANDOM;
346af67b
VCG		 3691
3692 if (key->master)
3693 type = HCI_SMP_LTK;
3694 else
3695 type = HCI_SMP_LTK_SLAVE;
3696
79d95a19 3697 hci_add_ltk(hdev, &key->addr.bdaddr, addr_type,
04124681
GP		 3698 type, 0, key->authenticated, key->val,
3699 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 3700 }
3701
715a5bf2
JH		 3702 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
3703 NULL, 0);
3704
346af67b 3705 hci_dev_unlock(hdev);
346af67b 3706
715a5bf2 3707 return err;
346af67b
VCG		 3708}
3709
2e3c35ea 3710static const struct mgmt_handler {
04124681
GP		 3711 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
3712 u16 data_len);
be22b54e
JH		 3713 bool var_len;
3714 size_t data_len;
0f4e68cf
JH		 3715} mgmt_handlers[] = {
3716 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 3717 { read_version, false, MGMT_READ_VERSION_SIZE },
3718 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
3719 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
3720 { read_controller_info, false, MGMT_READ_INFO_SIZE },
3721 { set_powered, false, MGMT_SETTING_SIZE },
3722 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
3723 { set_connectable, false, MGMT_SETTING_SIZE },
3724 { set_fast_connectable, false, MGMT_SETTING_SIZE },
3725 { set_pairable, false, MGMT_SETTING_SIZE },
3726 { set_link_security, false, MGMT_SETTING_SIZE },
3727 { set_ssp, false, MGMT_SETTING_SIZE },
3728 { set_hs, false, MGMT_SETTING_SIZE },
3729 { set_le, false, MGMT_SETTING_SIZE },
3730 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
3731 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
3732 { add_uuid, false, MGMT_ADD_UUID_SIZE },
3733 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
3734 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
3735 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
3736 { disconnect, false, MGMT_DISCONNECT_SIZE },
3737 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
3738 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
3739 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
3740 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
3741 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
3742 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
3743 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
3744 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
3745 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
3746 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
3747 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
3748 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
3749 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
3750 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
3751 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
3752 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
3753 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
3754 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
3755 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 3756 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
4375f103 3757 { set_advertising, false, MGMT_SETTING_SIZE },
0663ca2a 3758 { set_bredr, false, MGMT_SETTING_SIZE },
d13eafce 3759 { set_static_address, false, MGMT_SET_STATIC_ADDRESS_SIZE },
14b49b9a 3760 { set_scan_params, false, MGMT_SET_SCAN_PARAMS_SIZE },
0f4e68cf
JH		 3761};
3762
3763
0381101f
JH		 3764int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
3765{
650f726d
VCG		 3766 void *buf;
3767 u8 *cp;
0381101f 3768 struct mgmt_hdr *hdr;
4e51eae9 3769 u16 opcode, index, len;
bdb6d971 3770 struct hci_dev *hdev = NULL;
2e3c35ea 3771 const struct mgmt_handler *handler;
0381101f
JH		 3772 int err;
3773
3774 BT_DBG("got %zu bytes", msglen);
3775
3776 if (msglen < sizeof(*hdr))
3777 return -EINVAL;
3778
e63a15ec 3779 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 3780 if (!buf)
3781 return -ENOMEM;
3782
3783 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
3784 err = -EFAULT;
3785 goto done;
3786 }
3787
650f726d 3788 hdr = buf;
1f350c87
MH		 3789 opcode = __le16_to_cpu(hdr->opcode);
3790 index = __le16_to_cpu(hdr->index);
3791 len = __le16_to_cpu(hdr->len);
0381101f
JH		 3792
3793 if (len != msglen - sizeof(*hdr)) {
3794 err = -EINVAL;
3795 goto done;
3796 }
3797
0f4e68cf 3798 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 3799 hdev = hci_dev_get(index);
3800 if (!hdev) {
3801 err = cmd_status(sk, index, opcode,
04124681 3802 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 3803 goto done;
3804 }
0736cfa8 3805
cebf4cfd
JH		 3806 if (test_bit(HCI_SETUP, &hdev->dev_flags) ||
3807 test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) {
0736cfa8
MH		 3808 err = cmd_status(sk, index, opcode,
3809 MGMT_STATUS_INVALID_INDEX);
3810 goto done;
3811 }
bdb6d971
JH		 3812 }
3813
0f4e68cf 3814 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 3815 mgmt_handlers[opcode].func == NULL) {
0381101f 3816 BT_DBG("Unknown op %u", opcode);
ca69b795 3817 err = cmd_status(sk, index, opcode,
04124681 3818 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 3819 goto done;
3820 }
3821
3822 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 3823 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 3824 err = cmd_status(sk, index, opcode,
04124681 3825 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 3826 goto done;
0381101f
JH		 3827 }
3828
be22b54e
JH		 3829 handler = &mgmt_handlers[opcode];
3830
3831 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 3832 (!handler->var_len && len != handler->data_len)) {
be22b54e 3833 err = cmd_status(sk, index, opcode,
04124681 3834 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 3835 goto done;
3836 }
3837
0f4e68cf
JH		 3838 if (hdev)
3839 mgmt_init_hdev(sk, hdev);
3840
3841 cp = buf + sizeof(*hdr);
3842
be22b54e 3843 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 3844 if (err < 0)
3845 goto done;
3846
0381101f
JH		 3847 err = msglen;
3848
3849done:
bdb6d971
JH		 3850 if (hdev)
3851 hci_dev_put(hdev);
3852
0381101f
JH		 3853 kfree(buf);
3854 return err;
3855}
c71e97bf 3856
bf6b56db 3857void mgmt_index_added(struct hci_dev *hdev)
c71e97bf 3858{
1514b892 3859 if (hdev->dev_type != HCI_BREDR)
bf6b56db 3860 return;
bb4b2a9a 3861
bf6b56db 3862 mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 3863}
3864
bf6b56db 3865void mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 3866{
5f159032 3867 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 3868
1514b892 3869 if (hdev->dev_type != HCI_BREDR)
bf6b56db 3870 return;
bb4b2a9a 3871
744cf19e 3872 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 3873
bf6b56db 3874 mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 3875}
3876
890ea898 3877static void set_bredr_scan(struct hci_request *req)
7f0ae647 3878{
890ea898 3879 struct hci_dev *hdev = req->hdev;
7f0ae647
JH		 3880 u8 scan = 0;
3881
4c01f8b8
JH		 3882 /* Ensure that fast connectable is disabled. This function will
3883 * not do anything if the page scan parameters are already what
3884 * they should be.
3885 */
3886 write_fast_connectable(req, false);
3887
7f0ae647
JH		 3888 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3889 scan |= SCAN_PAGE;
3890 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3891 scan |= SCAN_INQUIRY;
3892
890ea898
JH		 3893 if (scan)
3894 hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
7f0ae647
JH		 3895}
3896
229ab39c
JH		 3897static void powered_complete(struct hci_dev *hdev, u8 status)
3898{
3899 struct cmd_lookup match = { NULL, hdev };
3900
3901 BT_DBG("status 0x%02x", status);
3902
3903 hci_dev_lock(hdev);
3904
3905 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
3906
3907 new_settings(hdev, match.sk);
3908
3909 hci_dev_unlock(hdev);
3910
3911 if (match.sk)
3912 sock_put(match.sk);
3913}
3914
70da6243 3915static int powered_update_hci(struct hci_dev *hdev)
5add6af8 3916{
890ea898 3917 struct hci_request req;
70da6243 3918 u8 link_sec;
5add6af8 3919
890ea898
JH		 3920 hci_req_init(&req, hdev);
3921
70da6243
JH		 3922 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
3923 !lmp_host_ssp_capable(hdev)) {
3924 u8 ssp = 1;
5e5282bb 3925
890ea898 3926 hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
70da6243 3927 }
5add6af8 3928
c73eee91
JH		 3929 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags) &&
3930 lmp_bredr_capable(hdev)) {
70da6243 3931 struct hci_cp_write_le_host_supported cp;
f0ff92fb 3932
70da6243
JH		 3933 cp.le = 1;
3934 cp.simul = lmp_le_br_capable(hdev);
3d1cbdd6 3935
70da6243
JH		 3936 /* Check first if we already have the right
3937 * host state (host features set)
3938 */
3939 if (cp.le != lmp_host_le_capable(hdev) ||
3940 cp.simul != lmp_host_le_br_capable(hdev))
890ea898
JH		 3941 hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED,
3942 sizeof(cp), &cp);
0663ca2a
JH		 3943
3944 /* In case BR/EDR was toggled during the AUTO_OFF phase */
3945 hci_update_ad(&req);
70da6243 3946 }
3d1cbdd6 3947
d13eafce
MH		 3948 if (lmp_le_capable(hdev)) {
3949 /* Set random address to static address if configured */
3950 if (bacmp(&hdev->static_addr, BDADDR_ANY))
3951 hci_req_add(&req, HCI_OP_LE_SET_RANDOM_ADDR, 6,
3952 &hdev->static_addr);
eeca6f89 3953
bba3aa55
MH		 3954 if (test_bit(HCI_ADVERTISING, &hdev->dev_flags))
3955 enable_advertising(&req);
eeca6f89
JH		 3956 }
3957
70da6243
JH		 3958 link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
3959 if (link_sec != test_bit(HCI_AUTH, &hdev->flags))
890ea898
JH		 3960 hci_req_add(&req, HCI_OP_WRITE_AUTH_ENABLE,
3961 sizeof(link_sec), &link_sec);
562fcc24 3962
70da6243 3963 if (lmp_bredr_capable(hdev)) {
56f87901
JH		 3964 if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
3965 set_bredr_scan(&req);
890ea898 3966 update_class(&req);
13928971 3967 update_name(&req);
890ea898 3968 update_eir(&req);
70da6243 3969 }
562fcc24 3970
229ab39c 3971 return hci_req_run(&req, powered_complete);
70da6243 3972}
562fcc24 3973
70da6243
JH		 3974int mgmt_powered(struct hci_dev *hdev, u8 powered)
3975{
3976 struct cmd_lookup match = { NULL, hdev };
229ab39c
JH		 3977 u8 status_not_powered = MGMT_STATUS_NOT_POWERED;
3978 u8 zero_cod[] = { 0, 0, 0 };
70da6243 3979 int err;
f0ff92fb 3980
70da6243
JH		 3981 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
3982 return 0;
3983
70da6243 3984 if (powered) {
229ab39c
JH		 3985 if (powered_update_hci(hdev) == 0)
3986 return 0;
fe038884 3987
229ab39c
JH		 3988 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp,
3989 &match);
3990 goto new_settings;
b24752fe
JH		 3991 }
3992
229ab39c
JH		 3993 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
3994 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status_not_powered);
3995
3996 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
3997 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
3998 zero_cod, sizeof(zero_cod), NULL);
3999
4000new_settings:
beadb2bd 4001 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 4002
4003 if (match.sk)
4004 sock_put(match.sk);
4005
7bb895d6 4006 return err;
5add6af8 4007}
73f22f62 4008
3eec705e 4009void mgmt_set_powered_failed(struct hci_dev *hdev, int err)
96570ffc
JH		 4010{
4011 struct pending_cmd *cmd;
4012 u8 status;
4013
4014 cmd = mgmt_pending_find(MGMT_OP_SET_POWERED, hdev);
4015 if (!cmd)
3eec705e 4016 return;
96570ffc
JH		 4017
4018 if (err == -ERFKILL)
4019 status = MGMT_STATUS_RFKILLED;
4020 else
4021 status = MGMT_STATUS_FAILED;
4022
3eec705e 4023 cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_POWERED, status);
96570ffc
JH		 4024
4025 mgmt_pending_remove(cmd);
96570ffc
JH		 4026}
4027
744cf19e 4028int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 4029{
76a7f3a4 4030 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 4031 bool changed = false;
4032 int err = 0;
73f22f62 4033
5e5282bb
JH		 4034 if (discoverable) {
4035 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
4036 changed = true;
4037 } else {
4038 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
4039 changed = true;
4040 }
73f22f62 4041
ed9b5f2f 4042 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 4043 &match);
ed9b5f2f 4044
beadb2bd
JH		 4045 if (changed)
4046 err = new_settings(hdev, match.sk);
5e5282bb 4047
73f22f62
JH		 4048 if (match.sk)
4049 sock_put(match.sk);
4050
7bb895d6 4051 return err;
73f22f62 4052}
9fbcbb45 4053
744cf19e 4054int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 4055{
2b76f453 4056 struct pending_cmd *cmd;
5e5282bb
JH		 4057 bool changed = false;
4058 int err = 0;
9fbcbb45 4059
5e5282bb
JH		 4060 if (connectable) {
4061 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
4062 changed = true;
4063 } else {
4064 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
4065 changed = true;
4066 }
9fbcbb45 4067
2b76f453 4068 cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev);
ed9b5f2f 4069
beadb2bd 4070 if (changed)
2b76f453 4071 err = new_settings(hdev, cmd ? cmd->sk : NULL);
9fbcbb45 4072
7bb895d6 4073 return err;
9fbcbb45 4074}
55ed8ca1 4075
744cf19e 4076int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 4077{
ca69b795
JH		 4078 u8 mgmt_err = mgmt_status(status);
4079
2d7cee58 4080 if (scan & SCAN_PAGE)
744cf19e 4081 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 4082 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 4083
4084 if (scan & SCAN_INQUIRY)
744cf19e 4085 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 4086 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 4087
4088 return 0;
4089}
4090
53168e5b
CC		 4091int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
4092 bool persistent)
55ed8ca1 4093{
86742e1e 4094 struct mgmt_ev_new_link_key ev;
55ed8ca1 4095
a492cd52 4096 memset(&ev, 0, sizeof(ev));
55ed8ca1 4097
a492cd52 4098 ev.store_hint = persistent;
d753fdc4 4099 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 4100 ev.key.addr.type = BDADDR_BREDR;
a492cd52 4101 ev.key.type = key->type;
9b3b4460 4102 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 4103 ev.key.pin_len = key->pin_len;
55ed8ca1 4104
744cf19e 4105 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 4106}
f7520543 4107
346af67b
VCG		 4108int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
4109{
4110 struct mgmt_ev_new_long_term_key ev;
4111
4112 memset(&ev, 0, sizeof(ev));
4113
4114 ev.store_hint = persistent;
4115 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 4116 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 4117 ev.key.authenticated = key->authenticated;
4118 ev.key.enc_size = key->enc_size;
4119 ev.key.ediv = key->ediv;
4120
4121 if (key->type == HCI_SMP_LTK)
4122 ev.key.master = 1;
4123
4124 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
4125 memcpy(ev.key.val, key->val, sizeof(key->val));
4126
04124681
GP		 4127 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
4128 NULL);
346af67b
VCG		 4129}
4130
ecd90ae7
MH		 4131void mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4132 u8 addr_type, u32 flags, u8 *name, u8 name_len,
4133 u8 *dev_class)
f7520543 4134{
b644ba33
JH		 4135 char buf[512];
4136 struct mgmt_ev_device_connected *ev = (void *) buf;
4137 u16 eir_len = 0;
f7520543 4138
b644ba33 4139 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4140 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 4141
c95f0ba7 4142 ev->flags = __cpu_to_le32(flags);
08c79b61 4143
b644ba33
JH		 4144 if (name_len > 0)
4145 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 4146 name, name_len);
b644ba33
JH		 4147
4148 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 4149 eir_len = eir_append_data(ev->eir, eir_len,
04124681 4150 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 4151
eb55ef07 4152 ev->eir_len = cpu_to_le16(eir_len);
b644ba33 4153
ecd90ae7
MH		 4154 mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
4155 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 4156}
4157
8962ee74
JH		 4158static void disconnect_rsp(struct pending_cmd *cmd, void *data)
4159{
c68fb7ff 4160 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 4161 struct sock **sk = data;
a38528f1 4162 struct mgmt_rp_disconnect rp;
8962ee74 4163
88c3df13
JH		 4164 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
4165 rp.addr.type = cp->addr.type;
8962ee74 4166
aee9b218 4167 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 4168 sizeof(rp));
8962ee74
JH		 4169
4170 *sk = cmd->sk;
4171 sock_hold(*sk);
4172
a664b5bc 4173 mgmt_pending_remove(cmd);
8962ee74
JH		 4174}
4175
124f6e35 4176static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 4177{
b1078ad0 4178 struct hci_dev *hdev = data;
124f6e35
JH		 4179 struct mgmt_cp_unpair_device *cp = cmd->param;
4180 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 4181
4182 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 4183 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
4184 rp.addr.type = cp->addr.type;
a8a1d19e 4185
b1078ad0
JH		 4186 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
4187
aee9b218 4188 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 4189
4190 mgmt_pending_remove(cmd);
4191}
4192
9b80ec5e
MH		 4193void mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
4194 u8 link_type, u8 addr_type, u8 reason)
f7520543 4195{
f0d6a0ea 4196 struct mgmt_ev_device_disconnected ev;
8962ee74 4197 struct sock *sk = NULL;
8962ee74 4198
744cf19e 4199 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 4200
f0d6a0ea
MA		 4201 bacpy(&ev.addr.bdaddr, bdaddr);
4202 ev.addr.type = link_to_bdaddr(link_type, addr_type);
4203 ev.reason = reason;
f7520543 4204
9b80ec5e 4205 mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
8962ee74
JH		 4206
4207 if (sk)
d97dcb66 4208 sock_put(sk);
8962ee74 4209
124f6e35 4210 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 4211 hdev);
8962ee74
JH		 4212}
4213
7892924c
MH		 4214void mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
4215 u8 link_type, u8 addr_type, u8 status)
8962ee74 4216{
88c3df13 4217 struct mgmt_rp_disconnect rp;
8962ee74 4218 struct pending_cmd *cmd;
8962ee74 4219
36a75f1b
JD		 4220 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
4221 hdev);
4222
2e58ef3e 4223 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74 4224 if (!cmd)
7892924c 4225 return;
8962ee74 4226
88c3df13 4227 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 4228 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 4229
7892924c
MH		 4230 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
4231 mgmt_status(status), &rp, sizeof(rp));
8962ee74 4232
a664b5bc 4233 mgmt_pending_remove(cmd);
f7520543 4234}
17d5c04c 4235
445608d0
MH		 4236void mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4237 u8 addr_type, u8 status)
17d5c04c
JH		 4238{
4239 struct mgmt_ev_connect_failed ev;
4240
4c659c39 4241 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4242 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 4243 ev.status = mgmt_status(status);
17d5c04c 4244
445608d0 4245 mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 4246}
980e1a53 4247
744cf19e 4248int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 4249{
4250 struct mgmt_ev_pin_code_request ev;
4251
d8457698 4252 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 4253 ev.addr.type = BDADDR_BREDR;
a770bb5a 4254 ev.secure = secure;
980e1a53 4255
744cf19e 4256 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 4257 NULL);
980e1a53
JH		 4258}
4259
744cf19e 4260int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4261 u8 status)
980e1a53
JH		 4262{
4263 struct pending_cmd *cmd;
ac56fb13 4264 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 4265 int err;
4266
2e58ef3e 4267 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 4268 if (!cmd)
4269 return -ENOENT;
4270
d8457698 4271 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 4272 rp.addr.type = BDADDR_BREDR;
ac56fb13 4273
aee9b218 4274 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 4275 mgmt_status(status), &rp, sizeof(rp));
980e1a53 4276
a664b5bc 4277 mgmt_pending_remove(cmd);
980e1a53
JH		 4278
4279 return err;
4280}
4281
744cf19e 4282int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4283 u8 status)
980e1a53
JH		 4284{
4285 struct pending_cmd *cmd;
ac56fb13 4286 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 4287 int err;
4288
2e58ef3e 4289 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 4290 if (!cmd)
4291 return -ENOENT;
4292
d8457698 4293 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 4294 rp.addr.type = BDADDR_BREDR;
ac56fb13 4295
aee9b218 4296 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 4297 mgmt_status(status), &rp, sizeof(rp));
980e1a53 4298
a664b5bc 4299 mgmt_pending_remove(cmd);
980e1a53
JH		 4300
4301 return err;
4302}
a5c29683 4303
744cf19e 4304int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 4305 u8 link_type, u8 addr_type, __le32 value,
4306 u8 confirm_hint)
a5c29683
JH		 4307{
4308 struct mgmt_ev_user_confirm_request ev;
4309
744cf19e 4310 BT_DBG("%s", hdev->name);
a5c29683 4311
272d90df 4312 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4313 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 4314 ev.confirm_hint = confirm_hint;
78e8098e 4315 ev.value = value;
a5c29683 4316
744cf19e 4317 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 4318 NULL);
a5c29683
JH		 4319}
4320
272d90df 4321int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 4322 u8 link_type, u8 addr_type)
604086b7
BG		 4323{
4324 struct mgmt_ev_user_passkey_request ev;
4325
4326 BT_DBG("%s", hdev->name);
4327
272d90df 4328 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4329 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 4330
4331 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 4332 NULL);
604086b7
BG		 4333}
4334
0df4c185 4335static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 4336 u8 link_type, u8 addr_type, u8 status,
4337 u8 opcode)
a5c29683
JH		 4338{
4339 struct pending_cmd *cmd;
4340 struct mgmt_rp_user_confirm_reply rp;
4341 int err;
4342
2e58ef3e 4343 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 4344 if (!cmd)
4345 return -ENOENT;
4346
272d90df 4347 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 4348 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 4349 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 4350 &rp, sizeof(rp));
a5c29683 4351
a664b5bc 4352 mgmt_pending_remove(cmd);
a5c29683
JH		 4353
4354 return err;
4355}
4356
744cf19e 4357int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4358 u8 link_type, u8 addr_type, u8 status)
a5c29683 4359{
272d90df 4360 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 4361 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 4362}
4363
272d90df 4364int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4365 u8 link_type, u8 addr_type, u8 status)
a5c29683 4366{
272d90df 4367 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 4368 status,
4369 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 4370}
2a611692 4371
604086b7 4372int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4373 u8 link_type, u8 addr_type, u8 status)
604086b7 4374{
272d90df 4375 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 4376 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 4377}
4378
272d90df 4379int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 4380 u8 link_type, u8 addr_type, u8 status)
604086b7 4381{
272d90df 4382 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 4383 status,
4384 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 4385}
4386
92a25256
JH		 4387int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
4388 u8 link_type, u8 addr_type, u32 passkey,
4389 u8 entered)
4390{
4391 struct mgmt_ev_passkey_notify ev;
4392
4393 BT_DBG("%s", hdev->name);
4394
4395 bacpy(&ev.addr.bdaddr, bdaddr);
4396 ev.addr.type = link_to_bdaddr(link_type, addr_type);
4397 ev.passkey = __cpu_to_le32(passkey);
4398 ev.entered = entered;
4399
4400 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
4401}
4402
bab73cb6 4403int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 4404 u8 addr_type, u8 status)
2a611692
JH		 4405{
4406 struct mgmt_ev_auth_failed ev;
4407
bab73cb6 4408 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 4409 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 4410 ev.status = mgmt_status(status);
2a611692 4411
744cf19e 4412 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 4413}
b312b161 4414
33ef95ed
JH		 4415int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
4416{
4417 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 4418 bool changed = false;
4419 int err = 0;
33ef95ed
JH		 4420
4421 if (status) {
4422 u8 mgmt_err = mgmt_status(status);
4423 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 4424 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 4425 return 0;
4426 }
4427
47990ea0
JH		 4428 if (test_bit(HCI_AUTH, &hdev->flags)) {
4429 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
4430 changed = true;
4431 } else {
4432 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
4433 changed = true;
4434 }
4435
33ef95ed 4436 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 4437 &match);
33ef95ed 4438
47990ea0
JH		 4439 if (changed)
4440 err = new_settings(hdev, match.sk);
33ef95ed
JH		 4441
4442 if (match.sk)
4443 sock_put(match.sk);
4444
4445 return err;
4446}
4447
890ea898 4448static void clear_eir(struct hci_request *req)
cacaf52f 4449{
890ea898 4450 struct hci_dev *hdev = req->hdev;
cacaf52f
JH		 4451 struct hci_cp_write_eir cp;
4452
976eb20e 4453 if (!lmp_ext_inq_capable(hdev))
890ea898 4454 return;
cacaf52f 4455
c80da27e
JH		 4456 memset(hdev->eir, 0, sizeof(hdev->eir));
4457
cacaf52f
JH		 4458 memset(&cp, 0, sizeof(cp));
4459
890ea898 4460 hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
cacaf52f
JH		 4461}
4462
c0ecddc2 4463int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 4464{
4465 struct cmd_lookup match = { NULL, hdev };
890ea898 4466 struct hci_request req;
c0ecddc2
JH		 4467 bool changed = false;
4468 int err = 0;
ed2c4ee3
JH		 4469
4470 if (status) {
4471 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 4472
4473 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
9ecb3e24
MH		 4474 &hdev->dev_flags)) {
4475 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
c0ecddc2 4476 err = new_settings(hdev, NULL);
9ecb3e24 4477 }
c0ecddc2 4478
04124681
GP		 4479 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
4480 &mgmt_err);
c0ecddc2
JH		 4481
4482 return err;
4483 }
4484
4485 if (enable) {
9ecb3e24 4486 changed = !test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
c0ecddc2 4487 } else {
9ecb3e24
MH		 4488 changed = test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
4489 if (!changed)
4490 changed = test_and_clear_bit(HCI_HS_ENABLED,
4491 &hdev->dev_flags);
4492 else
4493 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
ed2c4ee3
JH		 4494 }
4495
4496 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
4497
c0ecddc2
JH		 4498 if (changed)
4499 err = new_settings(hdev, match.sk);
ed2c4ee3 4500
5fc6ebb1 4501 if (match.sk)
ed2c4ee3
JH		 4502 sock_put(match.sk);
4503
890ea898
JH		 4504 hci_req_init(&req, hdev);
4505
5fc6ebb1 4506 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
890ea898 4507 update_eir(&req);
5fc6ebb1 4508 else
890ea898
JH		 4509 clear_eir(&req);
4510
4511 hci_req_run(&req, NULL);
cacaf52f 4512
ed2c4ee3
JH		 4513 return err;
4514}
4515
92da6097 4516static void sk_lookup(struct pending_cmd *cmd, void *data)
90e70454
JH		 4517{
4518 struct cmd_lookup *match = data;
4519
90e70454
JH		 4520 if (match->sk == NULL) {
4521 match->sk = cmd->sk;
4522 sock_hold(match->sk);
4523 }
90e70454
JH		 4524}
4525
7f9a903c 4526int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 4527 u8 status)
7f9a903c 4528{
90e70454
JH		 4529 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
4530 int err = 0;
7f9a903c 4531
92da6097
JH		 4532 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, sk_lookup, &match);
4533 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, sk_lookup, &match);
4534 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, sk_lookup, &match);
90e70454
JH		 4535
4536 if (!status)
04124681
GP		 4537 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
4538 3, NULL);
90e70454
JH		 4539
4540 if (match.sk)
4541 sock_put(match.sk);
7f9a903c
MH		 4542
4543 return err;
4544}
4545
744cf19e 4546int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161 4547{
b312b161 4548 struct mgmt_cp_set_local_name ev;
13928971 4549 struct pending_cmd *cmd;
28cc7bde 4550
13928971
JH		 4551 if (status)
4552 return 0;
b312b161
JH		 4553
4554 memset(&ev, 0, sizeof(ev));
4555 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 4556 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 4557
2e58ef3e 4558 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
13928971
JH		 4559 if (!cmd) {
4560 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
28cc7bde 4561
13928971
JH		 4562 /* If this is a HCI command related to powering on the
4563 * HCI dev don't send any mgmt signals.
4564 */
4565 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev))
4566 return 0;
890ea898 4567 }
b312b161 4568
13928971
JH		 4569 return mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
4570 cmd ? cmd->sk : NULL);
b312b161 4571}
c35938b2 4572
744cf19e 4573int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 4574 u8 *randomizer, u8 status)
c35938b2
SJ		 4575{
4576 struct pending_cmd *cmd;
4577 int err;
4578
744cf19e 4579 BT_DBG("%s status %u", hdev->name, status);
c35938b2 4580
2e58ef3e 4581 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 4582 if (!cmd)
4583 return -ENOENT;
4584
4585 if (status) {
04124681
GP		 4586 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
4587 mgmt_status(status));
c35938b2
SJ		 4588 } else {
4589 struct mgmt_rp_read_local_oob_data rp;
4590
4591 memcpy(rp.hash, hash, sizeof(rp.hash));
4592 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
4593
744cf19e 4594 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 4595 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
4596 sizeof(rp));
c35938b2
SJ		 4597 }
4598
4599 mgmt_pending_remove(cmd);
4600
4601 return err;
4602}
e17acd40 4603
901801b9
MH		 4604void mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4605 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
4606 ssp, u8 *eir, u16 eir_len)
e17acd40 4607{
e319d2e7
JH		 4608 char buf[512];
4609 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 4610 size_t ev_size;
e17acd40 4611
12602d0c 4612 if (!hci_discovery_active(hdev))
901801b9 4613 return;
12602d0c 4614
1dc06093
JH		 4615 /* Leave 5 bytes for a potential CoD field */
4616 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
901801b9 4617 return;
7d262f86 4618
1dc06093
JH		 4619 memset(buf, 0, sizeof(buf));
4620
e319d2e7 4621 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4622 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 4623 ev->rssi = rssi;
9a395a80 4624 if (cfm_name)
612dfce9 4625 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 4626 if (!ssp)
612dfce9 4627 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 4628
1dc06093 4629 if (eir_len > 0)
e319d2e7 4630 memcpy(ev->eir, eir, eir_len);
e17acd40 4631
1dc06093
JH		 4632 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
4633 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 4634 dev_class, 3);
1dc06093 4635
eb55ef07 4636 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 4637 ev_size = sizeof(*ev) + eir_len;
f8523598 4638
901801b9 4639 mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 4640}
a88a9652 4641
9cf12aee
MH		 4642void mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
4643 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 4644{
b644ba33
JH		 4645 struct mgmt_ev_device_found *ev;
4646 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
4647 u16 eir_len;
a88a9652 4648
b644ba33 4649 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 4650
b644ba33
JH		 4651 memset(buf, 0, sizeof(buf));
4652
4653 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 4654 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 4655 ev->rssi = rssi;
4656
4657 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 4658 name_len);
b644ba33 4659
eb55ef07 4660 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 4661
9cf12aee 4662 mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, sizeof(*ev) + eir_len, NULL);
a88a9652 4663}
314b2381 4664
2f1e063b 4665void mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 4666{
f963e8e9 4667 struct mgmt_ev_discovering ev;
164a6e78
JH		 4668 struct pending_cmd *cmd;
4669
343fb145
AG		 4670 BT_DBG("%s discovering %u", hdev->name, discovering);
4671
164a6e78 4672 if (discovering)
2e58ef3e 4673 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 4674 else
2e58ef3e 4675 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 4676
4677 if (cmd != NULL) {
f808e166
JH		 4678 u8 type = hdev->discovery.type;
4679
04124681
GP		 4680 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
4681 sizeof(type));
164a6e78
JH		 4682 mgmt_pending_remove(cmd);
4683 }
4684
f963e8e9
JH		 4685 memset(&ev, 0, sizeof(ev));
4686 ev.type = hdev->discovery.type;
4687 ev.discovering = discovering;
4688
2f1e063b 4689 mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 4690}
5e762444 4691
88c1fe4b 4692int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4693{
4694 struct pending_cmd *cmd;
4695 struct mgmt_ev_device_blocked ev;
4696
2e58ef3e 4697 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 4698
88c1fe4b
JH		 4699 bacpy(&ev.addr.bdaddr, bdaddr);
4700 ev.addr.type = type;
5e762444 4701
744cf19e 4702 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 4703 cmd ? cmd->sk : NULL);
5e762444
AJ		 4704}
4705
88c1fe4b 4706int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 4707{
4708 struct pending_cmd *cmd;
4709 struct mgmt_ev_device_unblocked ev;
4710
2e58ef3e 4711 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 4712
88c1fe4b
JH		 4713 bacpy(&ev.addr.bdaddr, bdaddr);
4714 ev.addr.type = type;
5e762444 4715
744cf19e 4716 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 4717 cmd ? cmd->sk : NULL);
5e762444 4718}
5976e608
MH		 4719
4720static void adv_enable_complete(struct hci_dev *hdev, u8 status)
4721{
4722 BT_DBG("%s status %u", hdev->name, status);
4723
4724 /* Clear the advertising mgmt setting if we failed to re-enable it */
4725 if (status) {
4726 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
a6d811ed 4727 new_settings(hdev, NULL);
5976e608
MH		 4728 }
4729}
4730
4731void mgmt_reenable_advertising(struct hci_dev *hdev)
4732{
4733 struct hci_request req;
4734
b145edcd 4735 if (hci_conn_num(hdev, LE_LINK) > 0)
5976e608
MH		 4736 return;
4737
4738 if (!test_bit(HCI_ADVERTISING, &hdev->dev_flags))
4739 return;
4740
4741 hci_req_init(&req, hdev);
4742 enable_advertising(&req);
4743
4744 /* If this fails we have no option but to let user space know
4745 * that we've disabled advertising.
4746 */
4747 if (hci_req_run(&req, adv_enable_complete) < 0) {
4748 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
a6d811ed 4749 new_settings(hdev, NULL);
5976e608
MH		 4750 }
4751}
Linux kernel - Deliverables
This page took 0.52822 seconds and 5 git commands to generate.