projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix parameter list for setting local name
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
ca69b795 27#include <linux/kernel.h>
72359753 28#include <linux/uaccess.h>
3a9a231d 29#include <linux/module.h>
0381101f
JH		 30#include <asm/unaligned.h>
31
32#include <net/bluetooth/bluetooth.h>
33#include <net/bluetooth/hci_core.h>
34#include <net/bluetooth/mgmt.h>
5fe57d9e 35#include <net/bluetooth/smp.h>
0381101f 36
d7b7e796
MH		 37bool enable_hs;
38bool enable_le;
39
2da9c55c
JH		 40#define MGMT_VERSION 1
41#define MGMT_REVISION 0
02d98129 42
e70bb2e8
JH		 43static const u16 mgmt_commands[] = {
44 MGMT_OP_READ_INDEX_LIST,
45 MGMT_OP_READ_INFO,
46 MGMT_OP_SET_POWERED,
47 MGMT_OP_SET_DISCOVERABLE,
48 MGMT_OP_SET_CONNECTABLE,
49 MGMT_OP_SET_FAST_CONNECTABLE,
50 MGMT_OP_SET_PAIRABLE,
51 MGMT_OP_SET_LINK_SECURITY,
52 MGMT_OP_SET_SSP,
53 MGMT_OP_SET_HS,
54 MGMT_OP_SET_LE,
55 MGMT_OP_SET_DEV_CLASS,
56 MGMT_OP_SET_LOCAL_NAME,
57 MGMT_OP_ADD_UUID,
58 MGMT_OP_REMOVE_UUID,
59 MGMT_OP_LOAD_LINK_KEYS,
60 MGMT_OP_LOAD_LONG_TERM_KEYS,
61 MGMT_OP_DISCONNECT,
62 MGMT_OP_GET_CONNECTIONS,
63 MGMT_OP_PIN_CODE_REPLY,
64 MGMT_OP_PIN_CODE_NEG_REPLY,
65 MGMT_OP_SET_IO_CAPABILITY,
66 MGMT_OP_PAIR_DEVICE,
67 MGMT_OP_CANCEL_PAIR_DEVICE,
68 MGMT_OP_UNPAIR_DEVICE,
69 MGMT_OP_USER_CONFIRM_REPLY,
70 MGMT_OP_USER_CONFIRM_NEG_REPLY,
71 MGMT_OP_USER_PASSKEY_REPLY,
72 MGMT_OP_USER_PASSKEY_NEG_REPLY,
73 MGMT_OP_READ_LOCAL_OOB_DATA,
74 MGMT_OP_ADD_REMOTE_OOB_DATA,
75 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
76 MGMT_OP_START_DISCOVERY,
77 MGMT_OP_STOP_DISCOVERY,
78 MGMT_OP_CONFIRM_NAME,
79 MGMT_OP_BLOCK_DEVICE,
80 MGMT_OP_UNBLOCK_DEVICE,
81};
82
83static const u16 mgmt_events[] = {
84 MGMT_EV_CONTROLLER_ERROR,
85 MGMT_EV_INDEX_ADDED,
86 MGMT_EV_INDEX_REMOVED,
87 MGMT_EV_NEW_SETTINGS,
88 MGMT_EV_CLASS_OF_DEV_CHANGED,
89 MGMT_EV_LOCAL_NAME_CHANGED,
90 MGMT_EV_NEW_LINK_KEY,
91 MGMT_EV_NEW_LONG_TERM_KEY,
92 MGMT_EV_DEVICE_CONNECTED,
93 MGMT_EV_DEVICE_DISCONNECTED,
94 MGMT_EV_CONNECT_FAILED,
95 MGMT_EV_PIN_CODE_REQUEST,
96 MGMT_EV_USER_CONFIRM_REQUEST,
97 MGMT_EV_USER_PASSKEY_REQUEST,
98 MGMT_EV_AUTH_FAILED,
99 MGMT_EV_DEVICE_FOUND,
100 MGMT_EV_DISCOVERING,
101 MGMT_EV_DEVICE_BLOCKED,
102 MGMT_EV_DEVICE_UNBLOCKED,
103 MGMT_EV_DEVICE_UNPAIRED,
104};
105
3fd24153
AG		 106/*
107 * These LE scan and inquiry parameters were chosen according to LE General
108 * Discovery Procedure specification.
109 */
110#define LE_SCAN_TYPE 0x01
111#define LE_SCAN_WIN 0x12
112#define LE_SCAN_INT 0x12
113#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 114#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 115
e8777525 116#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 117#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 118
7d78525d
JH		 119#define SERVICE_CACHE_TIMEOUT (5 * 1000)
120
eec8d2bc
JH		 121struct pending_cmd {
122 struct list_head list;
fc2f4b13 123 u16 opcode;
eec8d2bc 124 int index;
c68fb7ff 125 void *param;
eec8d2bc 126 struct sock *sk;
e9a416b5 127 void *user_data;
eec8d2bc
JH		 128};
129
ca69b795
JH		 130/* HCI to MGMT error code conversion table */
131static u8 mgmt_status_table[] = {
132 MGMT_STATUS_SUCCESS,
133 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
134 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
135 MGMT_STATUS_FAILED, /* Hardware Failure */
136 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
137 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
138 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
139 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
140 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
141 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
142 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
143 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
144 MGMT_STATUS_BUSY, /* Command Disallowed */
145 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
146 MGMT_STATUS_REJECTED, /* Rejected Security */
147 MGMT_STATUS_REJECTED, /* Rejected Personal */
148 MGMT_STATUS_TIMEOUT, /* Host Timeout */
149 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
150 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
151 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
152 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
153 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
154 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
155 MGMT_STATUS_BUSY, /* Repeated Attempts */
156 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
157 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
158 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
159 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
160 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
161 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
162 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
163 MGMT_STATUS_FAILED, /* Unspecified Error */
164 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
165 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
166 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
167 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
168 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
169 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
170 MGMT_STATUS_FAILED, /* Unit Link Key Used */
171 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
172 MGMT_STATUS_TIMEOUT, /* Instant Passed */
173 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
174 MGMT_STATUS_FAILED, /* Transaction Collision */
175 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
176 MGMT_STATUS_REJECTED, /* QoS Rejected */
177 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
178 MGMT_STATUS_REJECTED, /* Insufficient Security */
179 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
180 MGMT_STATUS_BUSY, /* Role Switch Pending */
181 MGMT_STATUS_FAILED, /* Slot Violation */
182 MGMT_STATUS_FAILED, /* Role Switch Failed */
183 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
184 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
185 MGMT_STATUS_BUSY, /* Host Busy Pairing */
186 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
187 MGMT_STATUS_BUSY, /* Controller Busy */
188 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
189 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
190 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
191 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
192 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
193};
194
195static u8 mgmt_status(u8 hci_status)
196{
197 if (hci_status < ARRAY_SIZE(mgmt_status_table))
198 return mgmt_status_table[hci_status];
199
200 return MGMT_STATUS_FAILED;
201}
202
4e51eae9 203static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 204{
205 struct sk_buff *skb;
206 struct mgmt_hdr *hdr;
207 struct mgmt_ev_cmd_status *ev;
56b7d137 208 int err;
f7b64e69 209
34eb525c 210 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 211
212 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
213 if (!skb)
214 return -ENOMEM;
215
216 hdr = (void *) skb_put(skb, sizeof(*hdr));
217
218 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 219 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 220 hdr->len = cpu_to_le16(sizeof(*ev));
221
222 ev = (void *) skb_put(skb, sizeof(*ev));
223 ev->status = status;
224 put_unaligned_le16(cmd, &ev->opcode);
225
56b7d137
GP		 226 err = sock_queue_rcv_skb(sk, skb);
227 if (err < 0)
f7b64e69
JH		 228 kfree_skb(skb);
229
56b7d137 230 return err;
f7b64e69
JH		 231}
232
aee9b218
JH		 233static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
234 void *rp, size_t rp_len)
02d98129
JH		 235{
236 struct sk_buff *skb;
237 struct mgmt_hdr *hdr;
238 struct mgmt_ev_cmd_complete *ev;
56b7d137 239 int err;
02d98129
JH		 240
241 BT_DBG("sock %p", sk);
242
a38528f1 243 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 244 if (!skb)
245 return -ENOMEM;
246
247 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 248
a38528f1 249 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 250 hdr->index = cpu_to_le16(index);
a38528f1 251 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 252
a38528f1
JH		 253 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
254 put_unaligned_le16(cmd, &ev->opcode);
aee9b218 255 ev->status = status;
8020c16a
SJ		 256
257 if (rp)
258 memcpy(ev->data, rp, rp_len);
02d98129 259
56b7d137
GP		 260 err = sock_queue_rcv_skb(sk, skb);
261 if (err < 0)
02d98129
JH		 262 kfree_skb(skb);
263
56b7d137 264 return err;;
02d98129
JH		 265}
266
a38528f1
JH		 267static int read_version(struct sock *sk)
268{
269 struct mgmt_rp_read_version rp;
270
271 BT_DBG("sock %p", sk);
272
273 rp.version = MGMT_VERSION;
274 put_unaligned_le16(MGMT_REVISION, &rp.revision);
275
aee9b218 276 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
4e51eae9 277 sizeof(rp));
a38528f1
JH		 278}
279
e70bb2e8
JH		 280static int read_commands(struct sock *sk)
281{
282 struct mgmt_rp_read_commands *rp;
283 u16 num_commands = ARRAY_SIZE(mgmt_commands);
284 u16 num_events = ARRAY_SIZE(mgmt_events);
285 u16 *opcode;
286 size_t rp_size;
287 int i, err;
288
289 BT_DBG("sock %p", sk);
290
291 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
292
293 rp = kmalloc(rp_size, GFP_KERNEL);
294 if (!rp)
295 return -ENOMEM;
296
297 put_unaligned_le16(num_commands, &rp->num_commands);
298 put_unaligned_le16(num_events, &rp->num_events);
299
300 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
301 put_unaligned_le16(mgmt_commands[i], opcode);
302
303 for (i = 0; i < num_events; i++, opcode++)
304 put_unaligned_le16(mgmt_events[i], opcode);
305
aee9b218 306 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
e70bb2e8
JH		 307 rp_size);
308 kfree(rp);
309
310 return err;
311}
312
faba42eb
JH		 313static int read_index_list(struct sock *sk)
314{
faba42eb
JH		 315 struct mgmt_rp_read_index_list *rp;
316 struct list_head *p;
8035ded4 317 struct hci_dev *d;
a38528f1 318 size_t rp_len;
faba42eb 319 u16 count;
a38528f1 320 int i, err;
faba42eb
JH		 321
322 BT_DBG("sock %p", sk);
323
324 read_lock(&hci_dev_list_lock);
325
326 count = 0;
327 list_for_each(p, &hci_dev_list) {
328 count++;
329 }
330
a38528f1
JH		 331 rp_len = sizeof(*rp) + (2 * count);
332 rp = kmalloc(rp_len, GFP_ATOMIC);
333 if (!rp) {
b2c60d42 334 read_unlock(&hci_dev_list_lock);
faba42eb 335 return -ENOMEM;
b2c60d42 336 }
faba42eb 337
faba42eb
JH		 338 put_unaligned_le16(count, &rp->num_controllers);
339
340 i = 0;
8035ded4 341 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 342 if (test_and_clear_bit(HCI_AUTO_OFF, &d->dev_flags))
e0f9309f 343 cancel_delayed_work(&d->power_off);
ab81cbf9 344
a8b2d5c2 345 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 346 continue;
347
faba42eb
JH		 348 put_unaligned_le16(d->id, &rp->index[i++]);
349 BT_DBG("Added hci%u", d->id);
350 }
351
352 read_unlock(&hci_dev_list_lock);
353
aee9b218 354 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
4e51eae9 355 rp_len);
faba42eb 356
a38528f1
JH		 357 kfree(rp);
358
359 return err;
faba42eb
JH		 360}
361
69ab39ea
JH		 362static u32 get_supported_settings(struct hci_dev *hdev)
363{
364 u32 settings = 0;
365
366 settings |= MGMT_SETTING_POWERED;
367 settings |= MGMT_SETTING_CONNECTABLE;
368 settings |= MGMT_SETTING_FAST_CONNECTABLE;
369 settings |= MGMT_SETTING_DISCOVERABLE;
370 settings |= MGMT_SETTING_PAIRABLE;
371
372 if (hdev->features[6] & LMP_SIMPLE_PAIR)
373 settings |= MGMT_SETTING_SSP;
374
375 if (!(hdev->features[4] & LMP_NO_BREDR)) {
376 settings |= MGMT_SETTING_BREDR;
377 settings |= MGMT_SETTING_LINK_SECURITY;
378 }
379
d7b7e796
MH		 380 if (enable_hs)
381 settings |= MGMT_SETTING_HS;
382
383 if (enable_le) {
384 if (hdev->features[4] & LMP_LE)
385 settings |= MGMT_SETTING_LE;
386 }
69ab39ea
JH		 387
388 return settings;
389}
390
391static u32 get_current_settings(struct hci_dev *hdev)
392{
393 u32 settings = 0;
394
395 if (test_bit(HCI_UP, &hdev->flags))
396 settings |= MGMT_SETTING_POWERED;
397 else
398 return settings;
399
400 if (test_bit(HCI_PSCAN, &hdev->flags))
401 settings |= MGMT_SETTING_CONNECTABLE;
402
403 if (test_bit(HCI_ISCAN, &hdev->flags))
404 settings |= MGMT_SETTING_DISCOVERABLE;
405
a8b2d5c2 406 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 407 settings |= MGMT_SETTING_PAIRABLE;
408
409 if (!(hdev->features[4] & LMP_NO_BREDR))
410 settings |= MGMT_SETTING_BREDR;
411
59e29406 412 if (hdev->host_features[0] & LMP_HOST_LE)
69ab39ea
JH		 413 settings |= MGMT_SETTING_LE;
414
415 if (test_bit(HCI_AUTH, &hdev->flags))
416 settings |= MGMT_SETTING_LINK_SECURITY;
417
84bde9d6 418 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 419 settings |= MGMT_SETTING_SSP;
420
6d80dfd0
JH		 421 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
422 settings |= MGMT_SETTING_HS;
423
69ab39ea
JH		 424 return settings;
425}
426
ef580372
JH		 427#define PNP_INFO_SVCLASS_ID 0x1200
428
429static u8 bluetooth_base_uuid[] = {
430 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
431 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
432};
433
434static u16 get_uuid16(u8 *uuid128)
435{
436 u32 val;
437 int i;
438
439 for (i = 0; i < 12; i++) {
440 if (bluetooth_base_uuid[i] != uuid128[i])
441 return 0;
442 }
443
444 memcpy(&val, &uuid128[12], 4);
445
446 val = le32_to_cpu(val);
447 if (val > 0xffff)
448 return 0;
449
450 return (u16) val;
451}
452
453static void create_eir(struct hci_dev *hdev, u8 *data)
454{
455 u8 *ptr = data;
456 u16 eir_len = 0;
457 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
458 int i, truncated = 0;
459 struct bt_uuid *uuid;
460 size_t name_len;
461
462 name_len = strlen(hdev->dev_name);
463
464 if (name_len > 0) {
465 /* EIR Data type */
466 if (name_len > 48) {
467 name_len = 48;
468 ptr[1] = EIR_NAME_SHORT;
469 } else
470 ptr[1] = EIR_NAME_COMPLETE;
471
472 /* EIR Data length */
473 ptr[0] = name_len + 1;
474
475 memcpy(ptr + 2, hdev->dev_name, name_len);
476
477 eir_len += (name_len + 2);
478 ptr += (name_len + 2);
479 }
480
481 memset(uuid16_list, 0, sizeof(uuid16_list));
482
483 /* Group all UUID16 types */
484 list_for_each_entry(uuid, &hdev->uuids, list) {
485 u16 uuid16;
486
487 uuid16 = get_uuid16(uuid->uuid);
488 if (uuid16 == 0)
489 return;
490
491 if (uuid16 < 0x1100)
492 continue;
493
494 if (uuid16 == PNP_INFO_SVCLASS_ID)
495 continue;
496
497 /* Stop if not enough space to put next UUID */
498 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
499 truncated = 1;
500 break;
501 }
502
503 /* Check for duplicates */
504 for (i = 0; uuid16_list[i] != 0; i++)
505 if (uuid16_list[i] == uuid16)
506 break;
507
508 if (uuid16_list[i] == 0) {
509 uuid16_list[i] = uuid16;
510 eir_len += sizeof(u16);
511 }
512 }
513
514 if (uuid16_list[0] != 0) {
515 u8 *length = ptr;
516
517 /* EIR Data type */
518 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
519
520 ptr += 2;
521 eir_len += 2;
522
523 for (i = 0; uuid16_list[i] != 0; i++) {
524 *ptr++ = (uuid16_list[i] & 0x00ff);
525 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
526 }
527
528 /* EIR Data length */
529 *length = (i * sizeof(u16)) + 1;
530 }
531}
532
533static int update_eir(struct hci_dev *hdev)
534{
535 struct hci_cp_write_eir cp;
536
537 if (!(hdev->features[6] & LMP_EXT_INQ))
538 return 0;
539
84bde9d6 540 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 541 return 0;
542
a8b2d5c2 543 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 544 return 0;
545
546 memset(&cp, 0, sizeof(cp));
547
548 create_eir(hdev, cp.data);
549
550 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
551 return 0;
552
553 memcpy(hdev->eir, cp.data, sizeof(cp.data));
554
555 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
556}
557
558static u8 get_service_classes(struct hci_dev *hdev)
559{
560 struct bt_uuid *uuid;
561 u8 val = 0;
562
563 list_for_each_entry(uuid, &hdev->uuids, list)
564 val |= uuid->svc_hint;
565
566 return val;
567}
568
569static int update_class(struct hci_dev *hdev)
570{
571 u8 cod[3];
572
573 BT_DBG("%s", hdev->name);
574
a8b2d5c2 575 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 576 return 0;
577
578 cod[0] = hdev->minor_class;
579 cod[1] = hdev->major_class;
580 cod[2] = get_service_classes(hdev);
581
582 if (memcmp(cod, hdev->dev_class, 3) == 0)
583 return 0;
584
585 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
586}
587
7d78525d
JH		 588static void service_cache_off(struct work_struct *work)
589{
590 struct hci_dev *hdev = container_of(work, struct hci_dev,
591 service_cache.work);
592
a8b2d5c2 593 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 594 return;
595
596 hci_dev_lock(hdev);
597
598 update_eir(hdev);
599 update_class(hdev);
600
601 hci_dev_unlock(hdev);
602}
603
604static void mgmt_init_hdev(struct hci_dev *hdev)
605{
a8b2d5c2 606 if (!test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
7d78525d
JH		 607 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
608
a8b2d5c2 609 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 610 schedule_delayed_work(&hdev->service_cache,
611 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
612}
613
4e51eae9 614static int read_controller_info(struct sock *sk, u16 index)
0381101f 615{
a38528f1 616 struct mgmt_rp_read_info rp;
f7b64e69 617 struct hci_dev *hdev;
0381101f 618
4e51eae9 619 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 620
4e51eae9 621 hdev = hci_dev_get(index);
a38528f1 622 if (!hdev)
ca69b795
JH		 623 return cmd_status(sk, index, MGMT_OP_READ_INFO,
624 MGMT_STATUS_INVALID_PARAMS);
f7b64e69 625
a8b2d5c2 626 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags))
3243553f 627 cancel_delayed_work_sync(&hdev->power_off);
ab81cbf9 628
09fd0de5 629 hci_dev_lock(hdev);
f7b64e69 630
7d78525d
JH		 631 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
632 mgmt_init_hdev(hdev);
ebc99feb 633
dc4fe30b
JH		 634 memset(&rp, 0, sizeof(rp));
635
69ab39ea 636 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 637
69ab39ea 638 rp.version = hdev->hci_ver;
f7b64e69 639
69ab39ea
JH		 640 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
641
642 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
643 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 644
a38528f1 645 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 646
dc4fe30b
JH		 647 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
648
09fd0de5 649 hci_dev_unlock(hdev);
f7b64e69 650 hci_dev_put(hdev);
0381101f 651
aee9b218 652 return cmd_complete(sk, index, MGMT_OP_READ_INFO, 0, &rp, sizeof(rp));
0381101f
JH		 653}
654
eec8d2bc
JH		 655static void mgmt_pending_free(struct pending_cmd *cmd)
656{
657 sock_put(cmd->sk);
c68fb7ff 658 kfree(cmd->param);
eec8d2bc
JH		 659 kfree(cmd);
660}
661
366a0336 662static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
2e58ef3e
JH		 663 struct hci_dev *hdev,
664 void *data, u16 len)
eec8d2bc
JH		 665{
666 struct pending_cmd *cmd;
667
668 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
669 if (!cmd)
366a0336 670 return NULL;
eec8d2bc
JH		 671
672 cmd->opcode = opcode;
2e58ef3e 673 cmd->index = hdev->id;
eec8d2bc 674
c68fb7ff
SJ		 675 cmd->param = kmalloc(len, GFP_ATOMIC);
676 if (!cmd->param) {
eec8d2bc 677 kfree(cmd);
366a0336 678 return NULL;
eec8d2bc
JH		 679 }
680
8fce6357
SJ		 681 if (data)
682 memcpy(cmd->param, data, len);
eec8d2bc
JH		 683
684 cmd->sk = sk;
685 sock_hold(sk);
686
2e58ef3e 687 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 688
366a0336 689 return cmd;
eec8d2bc
JH		 690}
691
744cf19e 692static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
eec8d2bc
JH		 693 void (*cb)(struct pending_cmd *cmd, void *data),
694 void *data)
695{
696 struct list_head *p, *n;
697
2e58ef3e 698 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 699 struct pending_cmd *cmd;
700
701 cmd = list_entry(p, struct pending_cmd, list);
702
b24752fe 703 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 704 continue;
705
eec8d2bc
JH		 706 cb(cmd, data);
707 }
708}
709
2e58ef3e 710static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 711{
8035ded4 712 struct pending_cmd *cmd;
eec8d2bc 713
2e58ef3e 714 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 715 if (cmd->opcode == opcode)
716 return cmd;
eec8d2bc
JH		 717 }
718
719 return NULL;
720}
721
a664b5bc 722static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 723{
73f22f62
JH		 724 list_del(&cmd->list);
725 mgmt_pending_free(cmd);
726}
727
69ab39ea 728static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 729{
69ab39ea 730 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 731
aee9b218
JH		 732 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
733 sizeof(settings));
8680570b
JH		 734}
735
650f726d 736static int set_powered(struct sock *sk, u16 index, void *data, u16 len)
eec8d2bc 737{
650f726d 738 struct mgmt_mode *cp = data;
eec8d2bc 739 struct hci_dev *hdev;
366a0336 740 struct pending_cmd *cmd;
366a0336 741 int err, up;
eec8d2bc 742
4e51eae9 743 BT_DBG("request for hci%u", index);
eec8d2bc 744
bdce7baf 745 if (len != sizeof(*cp))
ca69b795
JH		 746 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
747 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 748
4e51eae9 749 hdev = hci_dev_get(index);
eec8d2bc 750 if (!hdev)
ca69b795
JH		 751 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
752 MGMT_STATUS_INVALID_PARAMS);
eec8d2bc 753
09fd0de5 754 hci_dev_lock(hdev);
eec8d2bc
JH		 755
756 up = test_bit(HCI_UP, &hdev->flags);
72a734ec 757 if ((cp->val && up) || (!cp->val && !up)) {
69ab39ea 758 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 759 goto failed;
760 }
761
2e58ef3e 762 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
ca69b795
JH		 763 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
764 MGMT_STATUS_BUSY);
eec8d2bc
JH		 765 goto failed;
766 }
767
2e58ef3e 768 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 769 if (!cmd) {
770 err = -ENOMEM;
eec8d2bc 771 goto failed;
366a0336 772 }
eec8d2bc 773
72a734ec 774 if (cp->val)
7f971041 775 schedule_work(&hdev->power_on);
eec8d2bc 776 else
80b7ab33 777 schedule_work(&hdev->power_off.work);
eec8d2bc 778
366a0336 779 err = 0;
eec8d2bc
JH		 780
781failed:
09fd0de5 782 hci_dev_unlock(hdev);
eec8d2bc 783 hci_dev_put(hdev);
366a0336 784 return err;
eec8d2bc
JH		 785}
786
650f726d 787static int set_discoverable(struct sock *sk, u16 index, void *data, u16 len)
73f22f62 788{
650f726d 789 struct mgmt_cp_set_discoverable *cp = data;
73f22f62 790 struct hci_dev *hdev;
366a0336 791 struct pending_cmd *cmd;
73f22f62
JH		 792 u8 scan;
793 int err;
794
4e51eae9 795 BT_DBG("request for hci%u", index);
73f22f62 796
bdce7baf 797 if (len != sizeof(*cp))
ca69b795
JH		 798 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
799 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 800
4e51eae9 801 hdev = hci_dev_get(index);
73f22f62 802 if (!hdev)
ca69b795
JH		 803 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
804 MGMT_STATUS_INVALID_PARAMS);
73f22f62 805
09fd0de5 806 hci_dev_lock(hdev);
73f22f62
JH		 807
808 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 809 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
810 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 811 goto failed;
812 }
813
2e58ef3e
JH		 814 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
815 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 816 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
817 MGMT_STATUS_BUSY);
73f22f62
JH		 818 goto failed;
819 }
820
72a734ec 821 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
73f22f62 822 test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 823 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 824 goto failed;
825 }
826
2e58ef3e 827 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 828 if (!cmd) {
829 err = -ENOMEM;
73f22f62 830 goto failed;
366a0336 831 }
73f22f62
JH		 832
833 scan = SCAN_PAGE;
834
72a734ec 835 if (cp->val)
73f22f62 836 scan |= SCAN_INQUIRY;
16ab91ab 837 else
e0f9309f 838 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 839
840 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
841 if (err < 0)
a664b5bc 842 mgmt_pending_remove(cmd);
73f22f62 843
16ab91ab
JH		 844 if (cp->val)
845 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
846
73f22f62 847failed:
09fd0de5 848 hci_dev_unlock(hdev);
73f22f62
JH		 849 hci_dev_put(hdev);
850
851 return err;
852}
853
650f726d 854static int set_connectable(struct sock *sk, u16 index, void *data, u16 len)
9fbcbb45 855{
650f726d 856 struct mgmt_mode *cp = data;
9fbcbb45 857 struct hci_dev *hdev;
366a0336 858 struct pending_cmd *cmd;
9fbcbb45
JH		 859 u8 scan;
860 int err;
861
4e51eae9 862 BT_DBG("request for hci%u", index);
9fbcbb45 863
bdce7baf 864 if (len != sizeof(*cp))
ca69b795
JH		 865 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
866 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 867
4e51eae9 868 hdev = hci_dev_get(index);
9fbcbb45 869 if (!hdev)
ca69b795
JH		 870 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
871 MGMT_STATUS_INVALID_PARAMS);
9fbcbb45 872
09fd0de5 873 hci_dev_lock(hdev);
9fbcbb45
JH		 874
875 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 876 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
877 MGMT_STATUS_NOT_POWERED);
9fbcbb45
JH		 878 goto failed;
879 }
880
2e58ef3e
JH		 881 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
882 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 883 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
884 MGMT_STATUS_BUSY);
9fbcbb45
JH		 885 goto failed;
886 }
887
72a734ec 888 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 889 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 890 goto failed;
891 }
892
2e58ef3e 893 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 894 if (!cmd) {
895 err = -ENOMEM;
9fbcbb45 896 goto failed;
366a0336 897 }
9fbcbb45 898
72a734ec 899 if (cp->val)
9fbcbb45
JH		 900 scan = SCAN_PAGE;
901 else
902 scan = 0;
903
904 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
905 if (err < 0)
a664b5bc 906 mgmt_pending_remove(cmd);
9fbcbb45
JH		 907
908failed:
09fd0de5 909 hci_dev_unlock(hdev);
9fbcbb45
JH		 910 hci_dev_put(hdev);
911
912 return err;
913}
914
744cf19e
JH		 915static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
916 u16 data_len, struct sock *skip_sk)
c542a06c
JH		 917{
918 struct sk_buff *skb;
919 struct mgmt_hdr *hdr;
920
921 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
922 if (!skb)
923 return -ENOMEM;
924
c542a06c
JH		 925 hdr = (void *) skb_put(skb, sizeof(*hdr));
926 hdr->opcode = cpu_to_le16(event);
744cf19e
JH		 927 if (hdev)
928 hdr->index = cpu_to_le16(hdev->id);
929 else
930 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
c542a06c
JH		 931 hdr->len = cpu_to_le16(data_len);
932
4e51eae9
SJ		 933 if (data)
934 memcpy(skb_put(skb, data_len), data, data_len);
c542a06c 935
470fe1b5 936 hci_send_to_control(skb, skip_sk);
c542a06c
JH		 937 kfree_skb(skb);
938
939 return 0;
940}
941
650f726d 942static int set_pairable(struct sock *sk, u16 index, void *data, u16 len)
c542a06c 943{
650f726d 944 struct mgmt_mode *cp = data;
c542a06c 945 struct hci_dev *hdev;
69ab39ea 946 __le32 ev;
c542a06c
JH		 947 int err;
948
4e51eae9 949 BT_DBG("request for hci%u", index);
c542a06c 950
bdce7baf 951 if (len != sizeof(*cp))
ca69b795
JH		 952 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
953 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 954
4e51eae9 955 hdev = hci_dev_get(index);
c542a06c 956 if (!hdev)
ca69b795
JH		 957 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
958 MGMT_STATUS_INVALID_PARAMS);
c542a06c 959
09fd0de5 960 hci_dev_lock(hdev);
c542a06c
JH		 961
962 if (cp->val)
a8b2d5c2 963 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 964 else
a8b2d5c2 965 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 966
69ab39ea 967 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 968 if (err < 0)
969 goto failed;
970
69ab39ea 971 ev = cpu_to_le32(get_current_settings(hdev));
c542a06c 972
69ab39ea 973 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
c542a06c
JH		 974
975failed:
09fd0de5 976 hci_dev_unlock(hdev);
c542a06c
JH		 977 hci_dev_put(hdev);
978
979 return err;
980}
981
33ef95ed
JH		 982static int set_link_security(struct sock *sk, u16 index, void *data, u16 len)
983{
984 struct mgmt_mode *cp = data;
985 struct pending_cmd *cmd;
986 struct hci_dev *hdev;
987 uint8_t val;
988 int err;
989
990 BT_DBG("request for hci%u", index);
991
992 if (len != sizeof(*cp))
993 return cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
994 MGMT_STATUS_INVALID_PARAMS);
995
996 hdev = hci_dev_get(index);
997 if (!hdev)
998 return cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
999 MGMT_STATUS_INVALID_PARAMS);
1000
1001 hci_dev_lock(hdev);
1002
1003 if (!test_bit(HCI_UP, &hdev->flags)) {
1004 err = cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1005 MGMT_STATUS_NOT_POWERED);
1006 goto failed;
1007 }
1008
1009 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
1010 err = cmd_status(sk, index, MGMT_OP_SET_LINK_SECURITY,
1011 MGMT_STATUS_BUSY);
1012 goto failed;
1013 }
1014
1015 val = !!cp->val;
1016
1017 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1018 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1019 goto failed;
1020 }
1021
1022 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1023 if (!cmd) {
1024 err = -ENOMEM;
1025 goto failed;
1026 }
1027
1028 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1029 if (err < 0) {
1030 mgmt_pending_remove(cmd);
1031 goto failed;
1032 }
1033
1034failed:
1035 hci_dev_unlock(hdev);
1036 hci_dev_put(hdev);
1037
1038 return err;
1039}
1040
ed2c4ee3
JH		 1041static int set_ssp(struct sock *sk, u16 index, void *data, u16 len)
1042{
1043 struct mgmt_mode *cp = data;
1044 struct pending_cmd *cmd;
1045 struct hci_dev *hdev;
1046 uint8_t val;
1047 int err;
1048
1049 BT_DBG("request for hci%u", index);
1050
1051 if (len != sizeof(*cp))
1052 return cmd_status(sk, index, MGMT_OP_SET_SSP,
1053 MGMT_STATUS_INVALID_PARAMS);
1054
1055 hdev = hci_dev_get(index);
1056 if (!hdev)
1057 return cmd_status(sk, index, MGMT_OP_SET_SSP,
1058 MGMT_STATUS_INVALID_PARAMS);
1059
1060 hci_dev_lock(hdev);
1061
1062 if (!test_bit(HCI_UP, &hdev->flags)) {
1063 err = cmd_status(sk, index, MGMT_OP_SET_SSP,
1064 MGMT_STATUS_NOT_POWERED);
1065 goto failed;
1066 }
1067
1e163574
JH		 1068 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1069 err = cmd_status(sk, index, MGMT_OP_SET_SSP,
1070 MGMT_STATUS_NOT_SUPPORTED);
1071 goto failed;
1072 }
1073
ed2c4ee3
JH		 1074 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
1075 err = cmd_status(sk, index, MGMT_OP_SET_SSP, MGMT_STATUS_BUSY);
1076 goto failed;
1077 }
1078
1079 val = !!cp->val;
1080
1081 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1082 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1083 goto failed;
1084 }
1085
1086 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1087 if (!cmd) {
1088 err = -ENOMEM;
1089 goto failed;
1090 }
1091
1092 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1093 if (err < 0) {
1094 mgmt_pending_remove(cmd);
1095 goto failed;
1096 }
1097
1098failed:
1099 hci_dev_unlock(hdev);
1100 hci_dev_put(hdev);
1101
1102 return err;
1103}
1104
6d80dfd0
JH		 1105static int set_hs(struct sock *sk, u16 index, void *data, u16 len)
1106{
1107 struct mgmt_mode *cp = data;
1108 struct hci_dev *hdev;
1109 int err;
1110
1111 BT_DBG("request for hci%u", index);
1112
1113 if (len != sizeof(*cp))
1114 return cmd_status(sk, index, MGMT_OP_SET_HS,
1115 MGMT_STATUS_INVALID_PARAMS);
1116
1117 hdev = hci_dev_get(index);
1118 if (!hdev)
1119 return cmd_status(sk, index, MGMT_OP_SET_HS,
1120 MGMT_STATUS_INVALID_PARAMS);
1121
1122 if (!enable_hs) {
1123 err = cmd_status(sk, index, MGMT_OP_SET_HS,
1124 MGMT_STATUS_NOT_SUPPORTED);
1125 goto failed;
1126 }
1127
1128 if (cp->val)
1129 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1130 else
1131 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1132
1133 err = send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
1134
1135failed:
1136 hci_dev_put(hdev);
1137 return err;
1138}
1139
650f726d 1140static int add_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 1141{
650f726d 1142 struct mgmt_cp_add_uuid *cp = data;
2aeb9a1a
JH		 1143 struct hci_dev *hdev;
1144 struct bt_uuid *uuid;
2aeb9a1a
JH		 1145 int err;
1146
4e51eae9 1147 BT_DBG("request for hci%u", index);
2aeb9a1a 1148
bdce7baf 1149 if (len != sizeof(*cp))
ca69b795
JH		 1150 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
1151 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1152
4e51eae9 1153 hdev = hci_dev_get(index);
2aeb9a1a 1154 if (!hdev)
ca69b795
JH		 1155 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
1156 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 1157
09fd0de5 1158 hci_dev_lock(hdev);
2aeb9a1a
JH		 1159
1160 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
1161 if (!uuid) {
1162 err = -ENOMEM;
1163 goto failed;
1164 }
1165
1166 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1167 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1168
1169 list_add(&uuid->list, &hdev->uuids);
1170
1aff6f09
JH		 1171 err = update_class(hdev);
1172 if (err < 0)
1173 goto failed;
1174
80a1e1db
JH		 1175 err = update_eir(hdev);
1176 if (err < 0)
1177 goto failed;
1178
aee9b218 1179 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, 0, NULL, 0);
2aeb9a1a
JH		 1180
1181failed:
09fd0de5 1182 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1183 hci_dev_put(hdev);
1184
1185 return err;
1186}
1187
650f726d 1188static int remove_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 1189{
650f726d 1190 struct mgmt_cp_remove_uuid *cp = data;
2aeb9a1a 1191 struct list_head *p, *n;
2aeb9a1a
JH		 1192 struct hci_dev *hdev;
1193 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1194 int err, found;
1195
4e51eae9 1196 BT_DBG("request for hci%u", index);
2aeb9a1a 1197
bdce7baf 1198 if (len != sizeof(*cp))
ca69b795
JH		 1199 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1200 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1201
4e51eae9 1202 hdev = hci_dev_get(index);
2aeb9a1a 1203 if (!hdev)
ca69b795
JH		 1204 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1205 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 1206
09fd0de5 1207 hci_dev_lock(hdev);
2aeb9a1a
JH		 1208
1209 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1210 err = hci_uuids_clear(hdev);
1211 goto unlock;
1212 }
1213
1214 found = 0;
1215
1216 list_for_each_safe(p, n, &hdev->uuids) {
1217 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1218
1219 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1220 continue;
1221
1222 list_del(&match->list);
1223 found++;
1224 }
1225
1226 if (found == 0) {
ca69b795
JH		 1227 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1228 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1229 goto unlock;
1230 }
1231
1aff6f09
JH		 1232 err = update_class(hdev);
1233 if (err < 0)
1234 goto unlock;
1235
80a1e1db
JH		 1236 err = update_eir(hdev);
1237 if (err < 0)
1238 goto unlock;
1239
aee9b218 1240 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, 0, NULL, 0);
2aeb9a1a
JH		 1241
1242unlock:
09fd0de5 1243 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1244 hci_dev_put(hdev);
1245
1246 return err;
1247}
1248
650f726d 1249static int set_dev_class(struct sock *sk, u16 index, void *data, u16 len)
1aff6f09
JH		 1250{
1251 struct hci_dev *hdev;
650f726d 1252 struct mgmt_cp_set_dev_class *cp = data;
1aff6f09
JH		 1253 int err;
1254
4e51eae9 1255 BT_DBG("request for hci%u", index);
1aff6f09 1256
bdce7baf 1257 if (len != sizeof(*cp))
ca69b795
JH		 1258 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1259 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1260
4e51eae9 1261 hdev = hci_dev_get(index);
1aff6f09 1262 if (!hdev)
ca69b795
JH		 1263 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1264 MGMT_STATUS_INVALID_PARAMS);
1aff6f09 1265
09fd0de5 1266 hci_dev_lock(hdev);
1aff6f09
JH		 1267
1268 hdev->major_class = cp->major;
1269 hdev->minor_class = cp->minor;
1270
a8b2d5c2 1271 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1272 hci_dev_unlock(hdev);
1273 cancel_delayed_work_sync(&hdev->service_cache);
1274 hci_dev_lock(hdev);
14c0b608 1275 update_eir(hdev);
7d78525d 1276 }
14c0b608 1277
1aff6f09
JH		 1278 err = update_class(hdev);
1279
1280 if (err == 0)
aee9b218
JH		 1281 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, 0,
1282 NULL, 0);
1aff6f09 1283
09fd0de5 1284 hci_dev_unlock(hdev);
1aff6f09
JH		 1285 hci_dev_put(hdev);
1286
1287 return err;
1288}
1289
650f726d 1290static int load_link_keys(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1291{
1292 struct hci_dev *hdev;
650f726d 1293 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1294 u16 key_count, expected_len;
a492cd52 1295 int i;
55ed8ca1 1296
bdce7baf 1297 if (len < sizeof(*cp))
ca69b795
JH		 1298 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1299 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1300
55ed8ca1
JH		 1301 key_count = get_unaligned_le16(&cp->key_count);
1302
86742e1e
JH		 1303 expected_len = sizeof(*cp) + key_count *
1304 sizeof(struct mgmt_link_key_info);
a492cd52 1305 if (expected_len != len) {
86742e1e 1306 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 1307 len, expected_len);
ca69b795
JH		 1308 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1309 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1310 }
1311
4e51eae9 1312 hdev = hci_dev_get(index);
55ed8ca1 1313 if (!hdev)
ca69b795
JH		 1314 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1315 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1316
4e51eae9 1317 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 1318 key_count);
1319
09fd0de5 1320 hci_dev_lock(hdev);
55ed8ca1
JH		 1321
1322 hci_link_keys_clear(hdev);
1323
a8b2d5c2 1324 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1325
1326 if (cp->debug_keys)
a8b2d5c2 1327 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1328 else
a8b2d5c2 1329 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1330
a492cd52 1331 for (i = 0; i < key_count; i++) {
86742e1e 1332 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1333
d753fdc4
JH		 1334 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
1335 key->type, key->pin_len);
55ed8ca1
JH		 1336 }
1337
aee9b218 1338 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1339
09fd0de5 1340 hci_dev_unlock(hdev);
55ed8ca1
JH		 1341 hci_dev_put(hdev);
1342
a492cd52 1343 return 0;
55ed8ca1
JH		 1344}
1345
b1078ad0
JH		 1346static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
1347 u8 addr_type, struct sock *skip_sk)
1348{
1349 struct mgmt_ev_device_unpaired ev;
1350
1351 bacpy(&ev.addr.bdaddr, bdaddr);
1352 ev.addr.type = addr_type;
1353
1354 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
1355 skip_sk);
1356}
1357
124f6e35 1358static int unpair_device(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1359{
1360 struct hci_dev *hdev;
124f6e35
JH		 1361 struct mgmt_cp_unpair_device *cp = data;
1362 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1363 struct hci_cp_disconnect dc;
1364 struct pending_cmd *cmd;
55ed8ca1 1365 struct hci_conn *conn;
aee9b218 1366 u8 status = 0;
55ed8ca1
JH		 1367 int err;
1368
bdce7baf 1369 if (len != sizeof(*cp))
124f6e35 1370 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1371 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1372
4e51eae9 1373 hdev = hci_dev_get(index);
55ed8ca1 1374 if (!hdev)
124f6e35 1375 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1376 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1377
09fd0de5 1378 hci_dev_lock(hdev);
55ed8ca1 1379
a8a1d19e 1380 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1381 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1382 rp.addr.type = cp->addr.type;
a8a1d19e 1383
124f6e35
JH		 1384 if (cp->addr.type == MGMT_ADDR_BREDR)
1385 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1386 else
1387 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1388
55ed8ca1 1389 if (err < 0) {
aee9b218 1390 status = MGMT_STATUS_NOT_PAIRED;
55ed8ca1
JH		 1391 goto unlock;
1392 }
1393
a8a1d19e 1394 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
aee9b218
JH		 1395 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, status,
1396 &rp, sizeof(rp));
b1078ad0 1397 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
55ed8ca1 1398 goto unlock;
a8a1d19e 1399 }
55ed8ca1 1400
124f6e35
JH		 1401 if (cp->addr.type == MGMT_ADDR_BREDR)
1402 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1403 &cp->addr.bdaddr);
1404 else
1405 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
1406 &cp->addr.bdaddr);
1407
a8a1d19e 1408 if (!conn) {
aee9b218
JH		 1409 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, status,
1410 &rp, sizeof(rp));
b1078ad0 1411 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1412 goto unlock;
1413 }
55ed8ca1 1414
124f6e35
JH		 1415 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
1416 sizeof(*cp));
a8a1d19e
JH		 1417 if (!cmd) {
1418 err = -ENOMEM;
1419 goto unlock;
55ed8ca1
JH		 1420 }
1421
a8a1d19e
JH		 1422 put_unaligned_le16(conn->handle, &dc.handle);
1423 dc.reason = 0x13; /* Remote User Terminated Connection */
1424 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1425 if (err < 0)
1426 mgmt_pending_remove(cmd);
1427
55ed8ca1 1428unlock:
ca69b795 1429 if (err < 0)
aee9b218
JH		 1430 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, status,
1431 &rp, sizeof(rp));
09fd0de5 1432 hci_dev_unlock(hdev);
55ed8ca1
JH		 1433 hci_dev_put(hdev);
1434
1435 return err;
1436}
1437
650f726d 1438static int disconnect(struct sock *sk, u16 index, void *data, u16 len)
8962ee74
JH		 1439{
1440 struct hci_dev *hdev;
650f726d 1441 struct mgmt_cp_disconnect *cp = data;
8962ee74 1442 struct hci_cp_disconnect dc;
366a0336 1443 struct pending_cmd *cmd;
8962ee74 1444 struct hci_conn *conn;
8962ee74
JH		 1445 int err;
1446
1447 BT_DBG("");
1448
bdce7baf 1449 if (len != sizeof(*cp))
ca69b795
JH		 1450 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1451 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1452
4e51eae9 1453 hdev = hci_dev_get(index);
8962ee74 1454 if (!hdev)
ca69b795
JH		 1455 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1456 MGMT_STATUS_INVALID_PARAMS);
8962ee74 1457
09fd0de5 1458 hci_dev_lock(hdev);
8962ee74
JH		 1459
1460 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1461 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1462 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1463 goto failed;
1464 }
1465
2e58ef3e 1466 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
ca69b795
JH		 1467 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1468 MGMT_STATUS_BUSY);
8962ee74
JH		 1469 goto failed;
1470 }
1471
88c3df13
JH		 1472 if (cp->addr.type == MGMT_ADDR_BREDR)
1473 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
1474 else
1475 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1476
8962ee74 1477 if (!conn) {
ca69b795
JH		 1478 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1479 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1480 goto failed;
1481 }
1482
2e58ef3e 1483 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1484 if (!cmd) {
1485 err = -ENOMEM;
8962ee74 1486 goto failed;
366a0336 1487 }
8962ee74
JH		 1488
1489 put_unaligned_le16(conn->handle, &dc.handle);
1490 dc.reason = 0x13; /* Remote User Terminated Connection */
1491
1492 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1493 if (err < 0)
a664b5bc 1494 mgmt_pending_remove(cmd);
8962ee74
JH		 1495
1496failed:
09fd0de5 1497 hci_dev_unlock(hdev);
8962ee74
JH		 1498 hci_dev_put(hdev);
1499
1500 return err;
1501}
1502
48264f06 1503static u8 link_to_mgmt(u8 link_type, u8 addr_type)
4c659c39
JH		 1504{
1505 switch (link_type) {
1506 case LE_LINK:
48264f06
JH		 1507 switch (addr_type) {
1508 case ADDR_LE_DEV_PUBLIC:
1509 return MGMT_ADDR_LE_PUBLIC;
1510 case ADDR_LE_DEV_RANDOM:
1511 return MGMT_ADDR_LE_RANDOM;
1512 default:
1513 return MGMT_ADDR_INVALID;
1514 }
4c659c39
JH		 1515 case ACL_LINK:
1516 return MGMT_ADDR_BREDR;
1517 default:
1518 return MGMT_ADDR_INVALID;
1519 }
1520}
1521
8ce6284e 1522static int get_connections(struct sock *sk, u16 index)
2784eb41 1523{
2784eb41
JH		 1524 struct mgmt_rp_get_connections *rp;
1525 struct hci_dev *hdev;
8035ded4 1526 struct hci_conn *c;
a38528f1 1527 size_t rp_len;
4e51eae9 1528 u16 count;
2784eb41
JH		 1529 int i, err;
1530
1531 BT_DBG("");
1532
4e51eae9 1533 hdev = hci_dev_get(index);
2784eb41 1534 if (!hdev)
ca69b795
JH		 1535 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1536 MGMT_STATUS_INVALID_PARAMS);
2784eb41 1537
09fd0de5 1538 hci_dev_lock(hdev);
2784eb41
JH		 1539
1540 count = 0;
b644ba33
JH		 1541 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1542 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1543 count++;
2784eb41
JH		 1544 }
1545
4c659c39 1546 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1547 rp = kmalloc(rp_len, GFP_ATOMIC);
1548 if (!rp) {
2784eb41
JH		 1549 err = -ENOMEM;
1550 goto unlock;
1551 }
1552
2784eb41
JH		 1553 put_unaligned_le16(count, &rp->conn_count);
1554
2784eb41 1555 i = 0;
4c659c39 1556 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1557 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1558 continue;
4c659c39 1559 bacpy(&rp->addr[i].bdaddr, &c->dst);
48264f06 1560 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
4c659c39
JH		 1561 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1562 continue;
1563 i++;
1564 }
1565
1566 /* Recalculate length in case of filtered SCO connections, etc */
1567 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1568
aee9b218 1569 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, 0, rp, rp_len);
2784eb41
JH		 1570
1571unlock:
a38528f1 1572 kfree(rp);
09fd0de5 1573 hci_dev_unlock(hdev);
2784eb41
JH		 1574 hci_dev_put(hdev);
1575 return err;
1576}
1577
96d97a67
WR		 1578static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1579 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1580{
1581 struct pending_cmd *cmd;
1582 int err;
1583
2e58ef3e 1584 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
96d97a67
WR		 1585 sizeof(*cp));
1586 if (!cmd)
1587 return -ENOMEM;
1588
d8457698
JH		 1589 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1590 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1591 if (err < 0)
1592 mgmt_pending_remove(cmd);
1593
1594 return err;
1595}
1596
650f726d 1597static int pin_code_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1598{
1599 struct hci_dev *hdev;
96d97a67 1600 struct hci_conn *conn;
650f726d 1601 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1602 struct hci_cp_pin_code_reply reply;
366a0336 1603 struct pending_cmd *cmd;
980e1a53
JH		 1604 int err;
1605
1606 BT_DBG("");
1607
bdce7baf 1608 if (len != sizeof(*cp))
ca69b795
JH		 1609 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1610 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1611
4e51eae9 1612 hdev = hci_dev_get(index);
980e1a53 1613 if (!hdev)
ca69b795
JH		 1614 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1615 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1616
09fd0de5 1617 hci_dev_lock(hdev);
980e1a53
JH		 1618
1619 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1620 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1621 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1622 goto failed;
1623 }
1624
d8457698 1625 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1626 if (!conn) {
ca69b795
JH		 1627 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1628 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1629 goto failed;
1630 }
1631
1632 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1633 struct mgmt_cp_pin_code_neg_reply ncp;
1634
1635 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1636
1637 BT_ERR("PIN code is not 16 bytes long");
1638
1639 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1640 if (err >= 0)
1641 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
ca69b795 1642 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1643
1644 goto failed;
1645 }
1646
650f726d
VCG		 1647 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data,
1648 len);
366a0336
JH		 1649 if (!cmd) {
1650 err = -ENOMEM;
980e1a53 1651 goto failed;
366a0336 1652 }
980e1a53 1653
d8457698 1654 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1655 reply.pin_len = cp->pin_len;
24718ca5 1656 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1657
1658 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1659 if (err < 0)
a664b5bc 1660 mgmt_pending_remove(cmd);
980e1a53
JH		 1661
1662failed:
09fd0de5 1663 hci_dev_unlock(hdev);
980e1a53
JH		 1664 hci_dev_put(hdev);
1665
1666 return err;
1667}
1668
650f726d 1669static int pin_code_neg_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1670{
1671 struct hci_dev *hdev;
650f726d 1672 struct mgmt_cp_pin_code_neg_reply *cp = data;
980e1a53
JH		 1673 int err;
1674
1675 BT_DBG("");
1676
bdce7baf
SJ		 1677 if (len != sizeof(*cp))
1678 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1679 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1680
4e51eae9 1681 hdev = hci_dev_get(index);
980e1a53 1682 if (!hdev)
4e51eae9 1683 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1684 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1685
09fd0de5 1686 hci_dev_lock(hdev);
980e1a53
JH		 1687
1688 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1689 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1690 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1691 goto failed;
1692 }
1693
96d97a67 1694 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1695
1696failed:
09fd0de5 1697 hci_dev_unlock(hdev);
980e1a53
JH		 1698 hci_dev_put(hdev);
1699
1700 return err;
1701}
1702
650f726d 1703static int set_io_capability(struct sock *sk, u16 index, void *data, u16 len)
17fa4b9d
JH		 1704{
1705 struct hci_dev *hdev;
650f726d 1706 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1707
1708 BT_DBG("");
1709
bdce7baf 1710 if (len != sizeof(*cp))
ca69b795
JH		 1711 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1712 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1713
4e51eae9 1714 hdev = hci_dev_get(index);
17fa4b9d 1715 if (!hdev)
ca69b795
JH		 1716 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1717 MGMT_STATUS_INVALID_PARAMS);
17fa4b9d 1718
09fd0de5 1719 hci_dev_lock(hdev);
17fa4b9d
JH		 1720
1721 hdev->io_capability = cp->io_capability;
1722
1723 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1724 hdev->io_capability);
17fa4b9d 1725
09fd0de5 1726 hci_dev_unlock(hdev);
17fa4b9d
JH		 1727 hci_dev_put(hdev);
1728
aee9b218 1729 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, 0, NULL, 0);
17fa4b9d
JH		 1730}
1731
e9a416b5
JH		 1732static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1733{
1734 struct hci_dev *hdev = conn->hdev;
8035ded4 1735 struct pending_cmd *cmd;
e9a416b5 1736
2e58ef3e 1737 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1738 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1739 continue;
1740
e9a416b5
JH		 1741 if (cmd->user_data != conn)
1742 continue;
1743
1744 return cmd;
1745 }
1746
1747 return NULL;
1748}
1749
1750static void pairing_complete(struct pending_cmd *cmd, u8 status)
1751{
1752 struct mgmt_rp_pair_device rp;
1753 struct hci_conn *conn = cmd->user_data;
1754
ba4e564f
JH		 1755 bacpy(&rp.addr.bdaddr, &conn->dst);
1756 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
e9a416b5 1757
aee9b218
JH		 1758 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
1759 &rp, sizeof(rp));
e9a416b5
JH		 1760
1761 /* So we don't get further callbacks for this connection */
1762 conn->connect_cfm_cb = NULL;
1763 conn->security_cfm_cb = NULL;
1764 conn->disconn_cfm_cb = NULL;
1765
1766 hci_conn_put(conn);
1767
a664b5bc 1768 mgmt_pending_remove(cmd);
e9a416b5
JH		 1769}
1770
1771static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1772{
1773 struct pending_cmd *cmd;
1774
1775 BT_DBG("status %u", status);
1776
1777 cmd = find_pairing(conn);
56e5cb86 1778 if (!cmd)
e9a416b5 1779 BT_DBG("Unable to find a pending command");
56e5cb86 1780 else
e211326c 1781 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1782}
1783
650f726d 1784static int pair_device(struct sock *sk, u16 index, void *data, u16 len)
e9a416b5
JH		 1785{
1786 struct hci_dev *hdev;
650f726d 1787 struct mgmt_cp_pair_device *cp = data;
1425acb7 1788 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1789 struct pending_cmd *cmd;
1790 u8 sec_level, auth_type;
1791 struct hci_conn *conn;
e9a416b5
JH		 1792 int err;
1793
1794 BT_DBG("");
1795
bdce7baf 1796 if (len != sizeof(*cp))
ca69b795
JH		 1797 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1798 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1799
4e51eae9 1800 hdev = hci_dev_get(index);
e9a416b5 1801 if (!hdev)
ca69b795
JH		 1802 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1803 MGMT_STATUS_INVALID_PARAMS);
e9a416b5 1804
09fd0de5 1805 hci_dev_lock(hdev);
e9a416b5 1806
c908df36
VCG		 1807 sec_level = BT_SECURITY_MEDIUM;
1808 if (cp->io_cap == 0x03)
e9a416b5 1809 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1810 else
e9a416b5 1811 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1812
ba4e564f
JH		 1813 if (cp->addr.type == MGMT_ADDR_BREDR)
1814 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1815 auth_type);
1816 else
ba4e564f 1817 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1818 auth_type);
1819
1425acb7
JH		 1820 memset(&rp, 0, sizeof(rp));
1821 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1822 rp.addr.type = cp->addr.type;
1823
30e76272 1824 if (IS_ERR(conn)) {
e211326c
JH		 1825 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1826 MGMT_STATUS_CONNECT_FAILED,
1827 &rp, sizeof(rp));
e9a416b5
JH		 1828 goto unlock;
1829 }
1830
1831 if (conn->connect_cfm_cb) {
1832 hci_conn_put(conn);
e211326c
JH		 1833 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1834 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1835 goto unlock;
1836 }
1837
2e58ef3e 1838 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1839 if (!cmd) {
1840 err = -ENOMEM;
1841 hci_conn_put(conn);
1842 goto unlock;
1843 }
1844
7a512d01 1845 /* For LE, just connecting isn't a proof that the pairing finished */
ba4e564f 1846 if (cp->addr.type == MGMT_ADDR_BREDR)
7a512d01
VCG		 1847 conn->connect_cfm_cb = pairing_complete_cb;
1848
e9a416b5
JH		 1849 conn->security_cfm_cb = pairing_complete_cb;
1850 conn->disconn_cfm_cb = pairing_complete_cb;
1851 conn->io_capability = cp->io_cap;
1852 cmd->user_data = conn;
1853
1854 if (conn->state == BT_CONNECTED &&
1855 hci_conn_security(conn, sec_level, auth_type))
1856 pairing_complete(cmd, 0);
1857
1858 err = 0;
1859
1860unlock:
09fd0de5 1861 hci_dev_unlock(hdev);
e9a416b5
JH		 1862 hci_dev_put(hdev);
1863
1864 return err;
1865}
1866
28424707
JH		 1867static int cancel_pair_device(struct sock *sk, u16 index,
1868 unsigned char *data, u16 len)
1869{
1870 struct mgmt_addr_info *addr = (void *) data;
1871 struct hci_dev *hdev;
1872 struct pending_cmd *cmd;
1873 struct hci_conn *conn;
1874 int err;
1875
1876 BT_DBG("");
1877
1878 if (len != sizeof(*addr))
1879 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1880 MGMT_STATUS_INVALID_PARAMS);
1881
1882 hdev = hci_dev_get(index);
1883 if (!hdev)
1884 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1885 MGMT_STATUS_INVALID_PARAMS);
1886
1887 hci_dev_lock(hdev);
1888
1889 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1890 if (!cmd) {
1891 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1892 MGMT_STATUS_INVALID_PARAMS);
1893 goto unlock;
1894 }
1895
1896 conn = cmd->user_data;
1897
1898 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
1899 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1900 MGMT_STATUS_INVALID_PARAMS);
1901 goto unlock;
1902 }
1903
1904 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
1905
aee9b218 1906 err = cmd_complete(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE, 0, addr,
28424707
JH		 1907 sizeof(*addr));
1908unlock:
1909 hci_dev_unlock(hdev);
1910 hci_dev_put(hdev);
1911
1912 return err;
1913}
1914
0df4c185 1915static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
272d90df
JH		 1916 u8 type, u16 mgmt_op, u16 hci_op,
1917 __le32 passkey)
a5c29683 1918{
a5c29683
JH		 1919 struct pending_cmd *cmd;
1920 struct hci_dev *hdev;
0df4c185 1921 struct hci_conn *conn;
a5c29683
JH		 1922 int err;
1923
4e51eae9 1924 hdev = hci_dev_get(index);
a5c29683 1925 if (!hdev)
ca69b795
JH		 1926 return cmd_status(sk, index, mgmt_op,
1927 MGMT_STATUS_INVALID_PARAMS);
a5c29683 1928
09fd0de5 1929 hci_dev_lock(hdev);
08ba5382 1930
a5c29683 1931 if (!test_bit(HCI_UP, &hdev->flags)) {
0df4c185
BG		 1932 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1933 goto done;
a5c29683
JH		 1934 }
1935
272d90df
JH		 1936 if (type == MGMT_ADDR_BREDR)
1937 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1938 else
47c15e2b 1939 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 1940
1941 if (!conn) {
1942 err = cmd_status(sk, index, mgmt_op,
47c15e2b 1943 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 1944 goto done;
1945 }
47c15e2b 1946
272d90df 1947 if (type == MGMT_ADDR_LE_PUBLIC || type == MGMT_ADDR_LE_RANDOM) {
47c15e2b 1948 /* Continue with pairing via SMP */
5fe57d9e
BG		 1949 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
1950
1951 if (!err)
1952 err = cmd_status(sk, index, mgmt_op,
1953 MGMT_STATUS_SUCCESS);
1954 else
1955 err = cmd_status(sk, index, mgmt_op,
1956 MGMT_STATUS_FAILED);
47c15e2b 1957
47c15e2b
BG		 1958 goto done;
1959 }
1960
0df4c185 1961 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 1962 if (!cmd) {
1963 err = -ENOMEM;
0df4c185 1964 goto done;
a5c29683
JH		 1965 }
1966
0df4c185 1967 /* Continue with pairing via HCI */
604086b7
BG		 1968 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1969 struct hci_cp_user_passkey_reply cp;
1970
1971 bacpy(&cp.bdaddr, bdaddr);
1972 cp.passkey = passkey;
1973 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1974 } else
1975 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1976
a664b5bc
JH		 1977 if (err < 0)
1978 mgmt_pending_remove(cmd);
a5c29683 1979
0df4c185 1980done:
09fd0de5 1981 hci_dev_unlock(hdev);
a5c29683
JH		 1982 hci_dev_put(hdev);
1983
1984 return err;
1985}
1986
0df4c185
BG		 1987static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1988{
650f726d 1989 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 1990
1991 BT_DBG("");
1992
1993 if (len != sizeof(*cp))
1994 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
1995 MGMT_STATUS_INVALID_PARAMS);
1996
272d90df
JH		 1997 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
1998 MGMT_OP_USER_CONFIRM_REPLY,
1999 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2000}
2001
2002static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
2003 u16 len)
2004{
c9c2659f 2005 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2006
2007 BT_DBG("");
2008
2009 if (len != sizeof(*cp))
2010 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
2011 MGMT_STATUS_INVALID_PARAMS);
2012
272d90df
JH		 2013 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2014 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2015 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2016}
2017
604086b7
BG		 2018static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
2019{
650f726d 2020 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2021
2022 BT_DBG("");
2023
2024 if (len != sizeof(*cp))
2025 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
2026 EINVAL);
2027
272d90df
JH		 2028 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2029 MGMT_OP_USER_PASSKEY_REPLY,
2030 HCI_OP_USER_PASSKEY_REPLY,
2031 cp->passkey);
604086b7
BG		 2032}
2033
2034static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
2035 u16 len)
2036{
650f726d 2037 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2038
2039 BT_DBG("");
2040
2041 if (len != sizeof(*cp))
2042 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
2043 EINVAL);
2044
272d90df
JH		 2045 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
2046 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2047 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2048}
2049
650f726d 2050static int set_local_name(struct sock *sk, u16 index, void *data,
b312b161
JH		 2051 u16 len)
2052{
650f726d 2053 struct mgmt_cp_set_local_name *mgmt_cp = data;
b312b161
JH		 2054 struct hci_cp_write_local_name hci_cp;
2055 struct hci_dev *hdev;
2056 struct pending_cmd *cmd;
2057 int err;
2058
2059 BT_DBG("");
2060
2061 if (len != sizeof(*mgmt_cp))
ca69b795
JH		 2062 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
2063 MGMT_STATUS_INVALID_PARAMS);
b312b161
JH		 2064
2065 hdev = hci_dev_get(index);
2066 if (!hdev)
ca69b795
JH		 2067 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
2068 MGMT_STATUS_INVALID_PARAMS);
b312b161 2069
09fd0de5 2070 hci_dev_lock(hdev);
b312b161 2071
650f726d
VCG		 2072 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data,
2073 len);
b312b161
JH		 2074 if (!cmd) {
2075 err = -ENOMEM;
2076 goto failed;
2077 }
2078
2079 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
2080 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
2081 &hci_cp);
2082 if (err < 0)
2083 mgmt_pending_remove(cmd);
2084
2085failed:
09fd0de5 2086 hci_dev_unlock(hdev);
b312b161
JH		 2087 hci_dev_put(hdev);
2088
2089 return err;
2090}
2091
c35938b2
SJ		 2092static int read_local_oob_data(struct sock *sk, u16 index)
2093{
2094 struct hci_dev *hdev;
2095 struct pending_cmd *cmd;
2096 int err;
2097
2098 BT_DBG("hci%u", index);
2099
2100 hdev = hci_dev_get(index);
2101 if (!hdev)
2102 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2103 MGMT_STATUS_INVALID_PARAMS);
c35938b2 2104
09fd0de5 2105 hci_dev_lock(hdev);
c35938b2
SJ		 2106
2107 if (!test_bit(HCI_UP, &hdev->flags)) {
2108 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2109 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2110 goto unlock;
2111 }
2112
2113 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
2114 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 2115 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2116 goto unlock;
2117 }
2118
2e58ef3e 2119 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
ca69b795
JH		 2120 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2121 MGMT_STATUS_BUSY);
c35938b2
SJ		 2122 goto unlock;
2123 }
2124
2e58ef3e 2125 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2126 if (!cmd) {
2127 err = -ENOMEM;
2128 goto unlock;
2129 }
2130
2131 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2132 if (err < 0)
2133 mgmt_pending_remove(cmd);
2134
2135unlock:
09fd0de5 2136 hci_dev_unlock(hdev);
c35938b2
SJ		 2137 hci_dev_put(hdev);
2138
2139 return err;
2140}
2141
650f726d
VCG		 2142static int add_remote_oob_data(struct sock *sk, u16 index, void *data,
2143 u16 len)
2763eda6
SJ		 2144{
2145 struct hci_dev *hdev;
650f726d 2146 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2147 u8 status;
2763eda6
SJ		 2148 int err;
2149
2150 BT_DBG("hci%u ", index);
2151
2152 if (len != sizeof(*cp))
2153 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
ca69b795 2154 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2155
2156 hdev = hci_dev_get(index);
2157 if (!hdev)
bf1e3541
JH		 2158 return cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
2159 MGMT_STATUS_INVALID_PARAMS,
2160 &cp->addr, sizeof(cp->addr));
2763eda6 2161
09fd0de5 2162 hci_dev_lock(hdev);
2763eda6 2163
664ce4cc 2164 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
2763eda6
SJ		 2165 cp->randomizer);
2166 if (err < 0)
bf1e3541 2167 status = MGMT_STATUS_FAILED;
2763eda6 2168 else
bf1e3541
JH		 2169 status = 0;
2170
2171 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
2172 &cp->addr, sizeof(cp->addr));
2763eda6 2173
09fd0de5 2174 hci_dev_unlock(hdev);
2763eda6
SJ		 2175 hci_dev_put(hdev);
2176
2177 return err;
2178}
2179
2180static int remove_remote_oob_data(struct sock *sk, u16 index,
650f726d 2181 void *data, u16 len)
2763eda6
SJ		 2182{
2183 struct hci_dev *hdev;
650f726d 2184 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2185 u8 status;
2763eda6
SJ		 2186 int err;
2187
2188 BT_DBG("hci%u ", index);
2189
2190 if (len != sizeof(*cp))
2191 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 2192 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2193
2194 hdev = hci_dev_get(index);
2195 if (!hdev)
bf1e3541
JH		 2196 return cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2197 MGMT_STATUS_INVALID_PARAMS,
2198 &cp->addr, sizeof(cp->addr));
2763eda6 2199
09fd0de5 2200 hci_dev_lock(hdev);
2763eda6 2201
664ce4cc 2202 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2203 if (err < 0)
bf1e3541 2204 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2205 else
bf1e3541
JH		 2206 status = 0;
2207
2208 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA, status,
2209 &cp->addr, sizeof(cp->addr));
2763eda6 2210
09fd0de5 2211 hci_dev_unlock(hdev);
2763eda6
SJ		 2212 hci_dev_put(hdev);
2213
2214 return err;
2215}
2216
5e0452c0
AG		 2217static int discovery(struct hci_dev *hdev)
2218{
2219 int err;
2220
2221 if (lmp_host_le_capable(hdev)) {
2222 if (lmp_bredr_capable(hdev)) {
2223 err = hci_le_scan(hdev, LE_SCAN_TYPE,
2224 LE_SCAN_INT, LE_SCAN_WIN,
2225 LE_SCAN_TIMEOUT_BREDR_LE);
2226 } else {
2227 hdev->discovery.type = DISCOV_TYPE_LE;
2228 err = hci_le_scan(hdev, LE_SCAN_TYPE,
2229 LE_SCAN_INT, LE_SCAN_WIN,
2230 LE_SCAN_TIMEOUT_LE_ONLY);
2231 }
2232 } else {
2233 hdev->discovery.type = DISCOV_TYPE_BREDR;
2234 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2235 }
2236
2237 return err;
2238}
2239
2240int mgmt_interleaved_discovery(struct hci_dev *hdev)
2241{
2242 int err;
2243
2244 BT_DBG("%s", hdev->name);
2245
2246 hci_dev_lock(hdev);
2247
2248 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2249 if (err < 0)
2250 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2251
2252 hci_dev_unlock(hdev);
2253
2254 return err;
2255}
2256
450dfdaf 2257static int start_discovery(struct sock *sk, u16 index,
650f726d 2258 void *data, u16 len)
14a53664 2259{
650f726d 2260 struct mgmt_cp_start_discovery *cp = data;
14a53664
JH		 2261 struct pending_cmd *cmd;
2262 struct hci_dev *hdev;
2263 int err;
2264
2265 BT_DBG("hci%u", index);
2266
450dfdaf
JH		 2267 if (len != sizeof(*cp))
2268 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2269 MGMT_STATUS_INVALID_PARAMS);
2270
14a53664
JH		 2271 hdev = hci_dev_get(index);
2272 if (!hdev)
ca69b795
JH		 2273 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2274 MGMT_STATUS_INVALID_PARAMS);
14a53664 2275
09fd0de5 2276 hci_dev_lock(hdev);
14a53664 2277
bd2d1334 2278 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 2279 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2280 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2281 goto failed;
2282 }
2283
ff9ef578
JH		 2284 if (hdev->discovery.state != DISCOVERY_STOPPED) {
2285 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2286 MGMT_STATUS_BUSY);
2287 goto failed;
2288 }
2289
2e58ef3e 2290 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2291 if (!cmd) {
2292 err = -ENOMEM;
2293 goto failed;
2294 }
2295
4aab14e5
AG		 2296 hdev->discovery.type = cp->type;
2297
2298 switch (hdev->discovery.type) {
f39799f5 2299 case DISCOV_TYPE_BREDR:
3fd24153 2300 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2301 break;
2302
2303 case DISCOV_TYPE_LE:
3fd24153
AG		 2304 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2305 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2306 break;
2307
5e0452c0
AG		 2308 case DISCOV_TYPE_INTERLEAVED:
2309 err = discovery(hdev);
2310 break;
2311
f39799f5 2312 default:
3fd24153 2313 err = -EINVAL;
f39799f5 2314 }
3fd24153 2315
14a53664
JH		 2316 if (err < 0)
2317 mgmt_pending_remove(cmd);
ff9ef578
JH		 2318 else
2319 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2320
2321failed:
09fd0de5 2322 hci_dev_unlock(hdev);
14a53664
JH		 2323 hci_dev_put(hdev);
2324
2325 return err;
2326}
2327
d930650b 2328static int stop_discovery(struct sock *sk, u16 index, void *data, u16 len)
14a53664 2329{
d930650b 2330 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664
JH		 2331 struct hci_dev *hdev;
2332 struct pending_cmd *cmd;
30dc78e1
JH		 2333 struct hci_cp_remote_name_req_cancel cp;
2334 struct inquiry_entry *e;
14a53664
JH		 2335 int err;
2336
2337 BT_DBG("hci%u", index);
2338
d930650b
JH		 2339 if (len != sizeof(*mgmt_cp))
2340 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2341 MGMT_STATUS_INVALID_PARAMS);
2342
14a53664
JH		 2343 hdev = hci_dev_get(index);
2344 if (!hdev)
ca69b795
JH		 2345 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2346 MGMT_STATUS_INVALID_PARAMS);
14a53664 2347
09fd0de5 2348 hci_dev_lock(hdev);
14a53664 2349
30dc78e1 2350 if (!hci_discovery_active(hdev)) {
d930650b
JH		 2351 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2352 MGMT_STATUS_REJECTED,
2353 &mgmt_cp->type, sizeof(mgmt_cp->type));
2354 goto unlock;
2355 }
2356
2357 if (hdev->discovery.type != mgmt_cp->type) {
2358 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY,
2359 MGMT_STATUS_INVALID_PARAMS,
2360 &mgmt_cp->type, sizeof(mgmt_cp->type));
30dc78e1 2361 goto unlock;
ff9ef578
JH		 2362 }
2363
2e58ef3e 2364 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2365 if (!cmd) {
2366 err = -ENOMEM;
30dc78e1
JH		 2367 goto unlock;
2368 }
2369
343f935b 2370 if (hdev->discovery.state == DISCOVERY_FINDING) {
30dc78e1
JH		 2371 err = hci_cancel_inquiry(hdev);
2372 if (err < 0)
2373 mgmt_pending_remove(cmd);
2374 else
2375 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
2376 goto unlock;
2377 }
2378
2379 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_PENDING);
2380 if (!e) {
2381 mgmt_pending_remove(cmd);
aee9b218 2382 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY, 0,
d930650b 2383 &mgmt_cp->type, sizeof(mgmt_cp->type));
30dc78e1
JH		 2384 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2385 goto unlock;
14a53664
JH		 2386 }
2387
30dc78e1
JH		 2388 bacpy(&cp.bdaddr, &e->data.bdaddr);
2389 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2390 sizeof(cp), &cp);
14a53664
JH		 2391 if (err < 0)
2392 mgmt_pending_remove(cmd);
ff9ef578
JH		 2393 else
2394 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2395
30dc78e1 2396unlock:
09fd0de5 2397 hci_dev_unlock(hdev);
14a53664
JH		 2398 hci_dev_put(hdev);
2399
2400 return err;
2401}
2402
650f726d 2403static int confirm_name(struct sock *sk, u16 index, void *data, u16 len)
561aafbc 2404{
650f726d 2405 struct mgmt_cp_confirm_name *cp = data;
561aafbc
JH		 2406 struct inquiry_entry *e;
2407 struct hci_dev *hdev;
2408 int err;
2409
2410 BT_DBG("hci%u", index);
2411
2412 if (len != sizeof(*cp))
2413 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2414 MGMT_STATUS_INVALID_PARAMS);
2415
2416 hdev = hci_dev_get(index);
2417 if (!hdev)
2418 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2419 MGMT_STATUS_INVALID_PARAMS);
2420
2421 hci_dev_lock(hdev);
2422
30dc78e1
JH		 2423 if (!hci_discovery_active(hdev)) {
2424 err = cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2425 MGMT_STATUS_FAILED);
2426 goto failed;
2427 }
2428
a198e7b1 2429 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc
JH		 2430 if (!e) {
2431 err = cmd_status (sk, index, MGMT_OP_CONFIRM_NAME,
2432 MGMT_STATUS_INVALID_PARAMS);
2433 goto failed;
2434 }
2435
2436 if (cp->name_known) {
2437 e->name_state = NAME_KNOWN;
2438 list_del(&e->list);
2439 } else {
2440 e->name_state = NAME_NEEDED;
a3d4e20a 2441 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2442 }
2443
2444 err = 0;
2445
2446failed:
2447 hci_dev_unlock(hdev);
2448
2449 return err;
2450}
2451
650f726d 2452static int block_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2453{
2454 struct hci_dev *hdev;
650f726d 2455 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2456 u8 status;
7fbec224
AJ		 2457 int err;
2458
2459 BT_DBG("hci%u", index);
2460
7fbec224
AJ		 2461 if (len != sizeof(*cp))
2462 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
ca69b795 2463 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2464
2465 hdev = hci_dev_get(index);
2466 if (!hdev)
f0eeea8b
JH		 2467 return cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2468 MGMT_STATUS_INVALID_PARAMS,
2469 &cp->addr, sizeof(cp->addr));
7fbec224 2470
09fd0de5 2471 hci_dev_lock(hdev);
5e762444 2472
88c1fe4b 2473 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2474 if (err < 0)
f0eeea8b 2475 status = MGMT_STATUS_FAILED;
7fbec224 2476 else
f0eeea8b
JH		 2477 status = 0;
2478
2479 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE, status,
2480 &cp->addr, sizeof(cp->addr));
5e762444 2481
09fd0de5 2482 hci_dev_unlock(hdev);
7fbec224
AJ		 2483 hci_dev_put(hdev);
2484
2485 return err;
2486}
2487
650f726d 2488static int unblock_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2489{
2490 struct hci_dev *hdev;
650f726d 2491 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2492 u8 status;
7fbec224
AJ		 2493 int err;
2494
2495 BT_DBG("hci%u", index);
2496
7fbec224
AJ		 2497 if (len != sizeof(*cp))
2498 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
ca69b795 2499 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2500
2501 hdev = hci_dev_get(index);
2502 if (!hdev)
f0eeea8b
JH		 2503 return cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2504 MGMT_STATUS_INVALID_PARAMS,
2505 &cp->addr, sizeof(cp->addr));
7fbec224 2506
09fd0de5 2507 hci_dev_lock(hdev);
5e762444 2508
88c1fe4b 2509 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2510 if (err < 0)
f0eeea8b 2511 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2512 else
f0eeea8b
JH		 2513 status = 0;
2514
2515 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE, status,
2516 &cp->addr, sizeof(cp->addr));
5e762444 2517
09fd0de5 2518 hci_dev_unlock(hdev);
7fbec224
AJ		 2519 hci_dev_put(hdev);
2520
2521 return err;
2522}
2523
f6422ec6 2524static int set_fast_connectable(struct sock *sk, u16 index,
650f726d 2525 void *data, u16 len)
f6422ec6
AJ		 2526{
2527 struct hci_dev *hdev;
650f726d 2528 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2529 struct hci_cp_write_page_scan_activity acp;
2530 u8 type;
2531 int err;
2532
2533 BT_DBG("hci%u", index);
2534
2535 if (len != sizeof(*cp))
2536 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2537 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2538
2539 hdev = hci_dev_get(index);
2540 if (!hdev)
2541 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2542 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2543
2544 hci_dev_lock(hdev);
2545
f7c6869c 2546 if (cp->val) {
f6422ec6
AJ		 2547 type = PAGE_SCAN_TYPE_INTERLACED;
2548 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2549 } else {
2550 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2551 acp.interval = 0x0800; /* default 1.28 sec page scan */
2552 }
2553
2554 acp.window = 0x0012; /* default 11.25 msec page scan window */
2555
2556 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2557 sizeof(acp), &acp);
2558 if (err < 0) {
2559 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2560 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2561 goto done;
2562 }
2563
2564 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2565 if (err < 0) {
2566 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2567 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2568 goto done;
2569 }
2570
aee9b218
JH		 2571 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE, 0,
2572 NULL, 0);
f6422ec6
AJ		 2573done:
2574 hci_dev_unlock(hdev);
2575 hci_dev_put(hdev);
2576
2577 return err;
2578}
2579
346af67b
VCG		 2580static int load_long_term_keys(struct sock *sk, u16 index,
2581 void *cp_data, u16 len)
2582{
2583 struct hci_dev *hdev;
2584 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2585 u16 key_count, expected_len;
2586 int i;
2587
2588 if (len < sizeof(*cp))
2589 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2590 EINVAL);
2591
2592 key_count = get_unaligned_le16(&cp->key_count);
2593
2594 expected_len = sizeof(*cp) + key_count *
2595 sizeof(struct mgmt_ltk_info);
2596 if (expected_len != len) {
2597 BT_ERR("load_keys: expected %u bytes, got %u bytes",
2598 len, expected_len);
2599 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2600 EINVAL);
2601 }
2602
2603 hdev = hci_dev_get(index);
2604 if (!hdev)
2605 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2606 ENODEV);
2607
2608 BT_DBG("hci%u key_count %u", index, key_count);
2609
2610 hci_dev_lock(hdev);
2611
2612 hci_smp_ltks_clear(hdev);
2613
2614 for (i = 0; i < key_count; i++) {
2615 struct mgmt_ltk_info *key = &cp->keys[i];
2616 u8 type;
2617
2618 if (key->master)
2619 type = HCI_SMP_LTK;
2620 else
2621 type = HCI_SMP_LTK_SLAVE;
2622
2623 hci_add_ltk(hdev, &key->addr.bdaddr, key->addr.type,
2624 type, 0, key->authenticated, key->val,
2625 key->enc_size, key->ediv, key->rand);
2626 }
2627
2628 hci_dev_unlock(hdev);
2629 hci_dev_put(hdev);
2630
2631 return 0;
2632}
2633
0381101f
JH		 2634int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2635{
650f726d
VCG		 2636 void *buf;
2637 u8 *cp;
0381101f 2638 struct mgmt_hdr *hdr;
4e51eae9 2639 u16 opcode, index, len;
0381101f
JH		 2640 int err;
2641
2642 BT_DBG("got %zu bytes", msglen);
2643
2644 if (msglen < sizeof(*hdr))
2645 return -EINVAL;
2646
e63a15ec 2647 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2648 if (!buf)
2649 return -ENOMEM;
2650
2651 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2652 err = -EFAULT;
2653 goto done;
2654 }
2655
650f726d 2656 hdr = buf;
0381101f 2657 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 2658 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 2659 len = get_unaligned_le16(&hdr->len);
2660
2661 if (len != msglen - sizeof(*hdr)) {
2662 err = -EINVAL;
2663 goto done;
2664 }
2665
650f726d
VCG		 2666 cp = buf + sizeof(*hdr);
2667
0381101f 2668 switch (opcode) {
02d98129
JH		 2669 case MGMT_OP_READ_VERSION:
2670 err = read_version(sk);
2671 break;
e70bb2e8
JH		 2672 case MGMT_OP_READ_COMMANDS:
2673 err = read_commands(sk);
2674 break;
faba42eb
JH		 2675 case MGMT_OP_READ_INDEX_LIST:
2676 err = read_index_list(sk);
2677 break;
f7b64e69 2678 case MGMT_OP_READ_INFO:
4e51eae9 2679 err = read_controller_info(sk, index);
f7b64e69 2680 break;
eec8d2bc 2681 case MGMT_OP_SET_POWERED:
650f726d 2682 err = set_powered(sk, index, cp, len);
eec8d2bc 2683 break;
73f22f62 2684 case MGMT_OP_SET_DISCOVERABLE:
650f726d 2685 err = set_discoverable(sk, index, cp, len);
73f22f62 2686 break;
9fbcbb45 2687 case MGMT_OP_SET_CONNECTABLE:
650f726d 2688 err = set_connectable(sk, index, cp, len);
9fbcbb45 2689 break;
f7c6869c 2690 case MGMT_OP_SET_FAST_CONNECTABLE:
650f726d 2691 err = set_fast_connectable(sk, index, cp, len);
f7c6869c 2692 break;
c542a06c 2693 case MGMT_OP_SET_PAIRABLE:
650f726d 2694 err = set_pairable(sk, index, cp, len);
c542a06c 2695 break;
33ef95ed
JH		 2696 case MGMT_OP_SET_LINK_SECURITY:
2697 err = set_link_security(sk, index, cp, len);
2698 break;
ed2c4ee3
JH		 2699 case MGMT_OP_SET_SSP:
2700 err = set_ssp(sk, index, cp, len);
2701 break;
6d80dfd0
JH		 2702 case MGMT_OP_SET_HS:
2703 err = set_hs(sk, index, cp, len);
2704 break;
2aeb9a1a 2705 case MGMT_OP_ADD_UUID:
650f726d 2706 err = add_uuid(sk, index, cp, len);
2aeb9a1a
JH		 2707 break;
2708 case MGMT_OP_REMOVE_UUID:
650f726d 2709 err = remove_uuid(sk, index, cp, len);
2aeb9a1a 2710 break;
1aff6f09 2711 case MGMT_OP_SET_DEV_CLASS:
650f726d 2712 err = set_dev_class(sk, index, cp, len);
1aff6f09 2713 break;
86742e1e 2714 case MGMT_OP_LOAD_LINK_KEYS:
650f726d 2715 err = load_link_keys(sk, index, cp, len);
55ed8ca1 2716 break;
8962ee74 2717 case MGMT_OP_DISCONNECT:
650f726d 2718 err = disconnect(sk, index, cp, len);
8962ee74 2719 break;
2784eb41 2720 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 2721 err = get_connections(sk, index);
2784eb41 2722 break;
980e1a53 2723 case MGMT_OP_PIN_CODE_REPLY:
650f726d 2724 err = pin_code_reply(sk, index, cp, len);
980e1a53
JH		 2725 break;
2726 case MGMT_OP_PIN_CODE_NEG_REPLY:
650f726d 2727 err = pin_code_neg_reply(sk, index, cp, len);
980e1a53 2728 break;
17fa4b9d 2729 case MGMT_OP_SET_IO_CAPABILITY:
650f726d 2730 err = set_io_capability(sk, index, cp, len);
17fa4b9d 2731 break;
e9a416b5 2732 case MGMT_OP_PAIR_DEVICE:
650f726d 2733 err = pair_device(sk, index, cp, len);
e9a416b5 2734 break;
28424707
JH		 2735 case MGMT_OP_CANCEL_PAIR_DEVICE:
2736 err = cancel_pair_device(sk, index, buf + sizeof(*hdr), len);
2737 break;
124f6e35
JH		 2738 case MGMT_OP_UNPAIR_DEVICE:
2739 err = unpair_device(sk, index, cp, len);
2740 break;
a5c29683 2741 case MGMT_OP_USER_CONFIRM_REPLY:
650f726d 2742 err = user_confirm_reply(sk, index, cp, len);
a5c29683
JH		 2743 break;
2744 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
650f726d 2745 err = user_confirm_neg_reply(sk, index, cp, len);
a5c29683 2746 break;
604086b7 2747 case MGMT_OP_USER_PASSKEY_REPLY:
650f726d 2748 err = user_passkey_reply(sk, index, cp, len);
604086b7
BG		 2749 break;
2750 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
650f726d 2751 err = user_passkey_neg_reply(sk, index, cp, len);
a5c29683 2752 break;
b312b161 2753 case MGMT_OP_SET_LOCAL_NAME:
650f726d 2754 err = set_local_name(sk, index, cp, len);
b312b161 2755 break;
c35938b2
SJ		 2756 case MGMT_OP_READ_LOCAL_OOB_DATA:
2757 err = read_local_oob_data(sk, index);
2758 break;
2763eda6 2759 case MGMT_OP_ADD_REMOTE_OOB_DATA:
650f726d 2760 err = add_remote_oob_data(sk, index, cp, len);
2763eda6
SJ		 2761 break;
2762 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
650f726d 2763 err = remove_remote_oob_data(sk, index, cp, len);
2763eda6 2764 break;
14a53664 2765 case MGMT_OP_START_DISCOVERY:
650f726d 2766 err = start_discovery(sk, index, cp, len);
14a53664
JH		 2767 break;
2768 case MGMT_OP_STOP_DISCOVERY:
d930650b 2769 err = stop_discovery(sk, index, cp, len);
14a53664 2770 break;
561aafbc 2771 case MGMT_OP_CONFIRM_NAME:
650f726d 2772 err = confirm_name(sk, index, cp, len);
561aafbc 2773 break;
7fbec224 2774 case MGMT_OP_BLOCK_DEVICE:
650f726d 2775 err = block_device(sk, index, cp, len);
7fbec224
AJ		 2776 break;
2777 case MGMT_OP_UNBLOCK_DEVICE:
650f726d 2778 err = unblock_device(sk, index, cp, len);
7fbec224 2779 break;
346af67b
VCG		 2780 case MGMT_OP_LOAD_LONG_TERM_KEYS:
2781 err = load_long_term_keys(sk, index, cp, len);
2782 break;
0381101f
JH		 2783 default:
2784 BT_DBG("Unknown op %u", opcode);
ca69b795
JH		 2785 err = cmd_status(sk, index, opcode,
2786 MGMT_STATUS_UNKNOWN_COMMAND);
0381101f
JH		 2787 break;
2788 }
2789
e41d8b4e
JH		 2790 if (err < 0)
2791 goto done;
2792
0381101f
JH		 2793 err = msglen;
2794
2795done:
2796 kfree(buf);
2797 return err;
2798}
c71e97bf 2799
b24752fe
JH		 2800static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2801{
2802 u8 *status = data;
2803
2804 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2805 mgmt_pending_remove(cmd);
2806}
2807
744cf19e 2808int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2809{
744cf19e 2810 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2811}
2812
744cf19e 2813int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2814{
b24752fe
JH		 2815 u8 status = ENODEV;
2816
744cf19e 2817 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2818
744cf19e 2819 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2820}
2821
73f22f62 2822struct cmd_lookup {
eec8d2bc 2823 struct sock *sk;
69ab39ea 2824 struct hci_dev *hdev;
eec8d2bc
JH		 2825};
2826
69ab39ea 2827static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2828{
73f22f62 2829 struct cmd_lookup *match = data;
eec8d2bc 2830
69ab39ea 2831 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2832
2833 list_del(&cmd->list);
2834
2835 if (match->sk == NULL) {
2836 match->sk = cmd->sk;
2837 sock_hold(match->sk);
2838 }
2839
2840 mgmt_pending_free(cmd);
c71e97bf 2841}
5add6af8 2842
744cf19e 2843int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2844{
76a7f3a4 2845 struct cmd_lookup match = { NULL, hdev };
69ab39ea 2846 __le32 ev;
7bb895d6 2847 int err;
5add6af8 2848
69ab39ea 2849 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2850
b24752fe
JH		 2851 if (!powered) {
2852 u8 status = ENETDOWN;
744cf19e 2853 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2854 }
2855
69ab39ea 2856 ev = cpu_to_le32(get_current_settings(hdev));
eec8d2bc 2857
7bb895d6 2858 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
69ab39ea 2859 match.sk);
eec8d2bc
JH		 2860
2861 if (match.sk)
2862 sock_put(match.sk);
2863
7bb895d6 2864 return err;
5add6af8 2865}
73f22f62 2866
744cf19e 2867int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2868{
76a7f3a4 2869 struct cmd_lookup match = { NULL, hdev };
69ab39ea 2870 __le32 ev;
7bb895d6 2871 int err;
73f22f62 2872
69ab39ea 2873 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
72a734ec 2874
69ab39ea 2875 ev = cpu_to_le32(get_current_settings(hdev));
73f22f62 2876
7bb895d6 2877 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
4e51eae9 2878 match.sk);
73f22f62
JH		 2879 if (match.sk)
2880 sock_put(match.sk);
2881
7bb895d6 2882 return err;
73f22f62 2883}
9fbcbb45 2884
744cf19e 2885int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2886{
69ab39ea 2887 __le32 ev;
76a7f3a4 2888 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2889 int err;
9fbcbb45 2890
69ab39ea
JH		 2891 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2892 &match);
9fbcbb45 2893
69ab39ea 2894 ev = cpu_to_le32(get_current_settings(hdev));
9fbcbb45 2895
7bb895d6 2896 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
9fbcbb45
JH		 2897
2898 if (match.sk)
2899 sock_put(match.sk);
2900
7bb895d6 2901 return err;
9fbcbb45 2902}
55ed8ca1 2903
744cf19e 2904int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2905{
ca69b795
JH		 2906 u8 mgmt_err = mgmt_status(status);
2907
2d7cee58 2908 if (scan & SCAN_PAGE)
744cf19e 2909 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
ca69b795 2910 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2911
2912 if (scan & SCAN_INQUIRY)
744cf19e 2913 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
ca69b795 2914 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2915
2916 return 0;
2917}
2918
744cf19e
JH		 2919int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2920 u8 persistent)
55ed8ca1 2921{
86742e1e 2922 struct mgmt_ev_new_link_key ev;
55ed8ca1 2923
a492cd52 2924 memset(&ev, 0, sizeof(ev));
55ed8ca1 2925
a492cd52 2926 ev.store_hint = persistent;
d753fdc4
JH		 2927 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
2928 ev.key.addr.type = MGMT_ADDR_BREDR;
a492cd52
VCG		 2929 ev.key.type = key->type;
2930 memcpy(ev.key.val, key->val, 16);
2931 ev.key.pin_len = key->pin_len;
55ed8ca1 2932
744cf19e 2933 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 2934}
f7520543 2935
346af67b
VCG		 2936int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
2937{
2938 struct mgmt_ev_new_long_term_key ev;
2939
2940 memset(&ev, 0, sizeof(ev));
2941
2942 ev.store_hint = persistent;
2943 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
2944 ev.key.addr.type = key->bdaddr_type;
2945 ev.key.authenticated = key->authenticated;
2946 ev.key.enc_size = key->enc_size;
2947 ev.key.ediv = key->ediv;
2948
2949 if (key->type == HCI_SMP_LTK)
2950 ev.key.master = 1;
2951
2952 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
2953 memcpy(ev.key.val, key->val, sizeof(key->val));
2954
2955 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev,
2956 &ev, sizeof(ev), NULL);
2957}
2958
afc747a6 2959int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
b644ba33
JH		 2960 u8 addr_type, u8 *name, u8 name_len,
2961 u8 *dev_class)
f7520543 2962{
b644ba33
JH		 2963 char buf[512];
2964 struct mgmt_ev_device_connected *ev = (void *) buf;
2965 u16 eir_len = 0;
f7520543 2966
b644ba33
JH		 2967 bacpy(&ev->addr.bdaddr, bdaddr);
2968 ev->addr.type = link_to_mgmt(link_type, addr_type);
f7520543 2969
b644ba33
JH		 2970 if (name_len > 0)
2971 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
2972 name, name_len);
2973
2974 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
2975 eir_len = eir_append_data(&ev->eir[eir_len], eir_len,
2976 EIR_CLASS_OF_DEV, dev_class, 3);
2977
2978 put_unaligned_le16(eir_len, &ev->eir_len);
2979
2980 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
2981 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 2982}
2983
8962ee74
JH		 2984static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2985{
c68fb7ff 2986 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 2987 struct sock **sk = data;
a38528f1 2988 struct mgmt_rp_disconnect rp;
8962ee74 2989
88c3df13
JH		 2990 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2991 rp.addr.type = cp->addr.type;
8962ee74 2992
aee9b218
JH		 2993 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
2994 sizeof(rp));
8962ee74
JH		 2995
2996 *sk = cmd->sk;
2997 sock_hold(*sk);
2998
a664b5bc 2999 mgmt_pending_remove(cmd);
8962ee74
JH		 3000}
3001
124f6e35 3002static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3003{
b1078ad0 3004 struct hci_dev *hdev = data;
124f6e35
JH		 3005 struct mgmt_cp_unpair_device *cp = cmd->param;
3006 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3007
3008 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3009 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3010 rp.addr.type = cp->addr.type;
a8a1d19e 3011
b1078ad0
JH		 3012 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3013
aee9b218 3014 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3015
3016 mgmt_pending_remove(cmd);
3017}
3018
afc747a6
JH		 3019int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
3020 u8 link_type, u8 addr_type)
f7520543 3021{
4c659c39 3022 struct mgmt_addr_info ev;
8962ee74
JH		 3023 struct sock *sk = NULL;
3024 int err;
3025
744cf19e 3026 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3027
f7520543 3028 bacpy(&ev.bdaddr, bdaddr);
48264f06 3029 ev.type = link_to_mgmt(link_type, addr_type);
f7520543 3030
afc747a6
JH		 3031 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
3032 sk);
8962ee74
JH		 3033
3034 if (sk)
3035 sock_put(sk);
3036
124f6e35 3037 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
b1078ad0 3038 hdev);
a8a1d19e 3039
8962ee74
JH		 3040 return err;
3041}
3042
88c3df13
JH		 3043int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
3044 u8 link_type, u8 addr_type, u8 status)
8962ee74 3045{
88c3df13 3046 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3047 struct pending_cmd *cmd;
3048 int err;
3049
2e58ef3e 3050 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3051 if (!cmd)
3052 return -ENOENT;
3053
88c3df13
JH		 3054 bacpy(&rp.addr.bdaddr, bdaddr);
3055 rp.addr.type = link_to_mgmt(link_type, addr_type);
37d9ef76 3056
88c3df13 3057 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
aee9b218 3058 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3059
a664b5bc 3060 mgmt_pending_remove(cmd);
8962ee74 3061
b1078ad0
JH		 3062 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3063 hdev);
8962ee74 3064 return err;
f7520543 3065}
17d5c04c 3066
48264f06
JH		 3067int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3068 u8 addr_type, u8 status)
17d5c04c
JH		 3069{
3070 struct mgmt_ev_connect_failed ev;
3071
4c659c39 3072 bacpy(&ev.addr.bdaddr, bdaddr);
48264f06 3073 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3074 ev.status = mgmt_status(status);
17d5c04c 3075
744cf19e 3076 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3077}
980e1a53 3078
744cf19e 3079int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3080{
3081 struct mgmt_ev_pin_code_request ev;
3082
d8457698
JH		 3083 bacpy(&ev.addr.bdaddr, bdaddr);
3084 ev.addr.type = MGMT_ADDR_BREDR;
a770bb5a 3085 ev.secure = secure;
980e1a53 3086
744cf19e 3087 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 3088 NULL);
980e1a53
JH		 3089}
3090
744cf19e
JH		 3091int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3092 u8 status)
980e1a53
JH		 3093{
3094 struct pending_cmd *cmd;
ac56fb13 3095 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3096 int err;
3097
2e58ef3e 3098 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3099 if (!cmd)
3100 return -ENOENT;
3101
d8457698
JH		 3102 bacpy(&rp.addr.bdaddr, bdaddr);
3103 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3104
aee9b218
JH		 3105 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
3106 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3107
a664b5bc 3108 mgmt_pending_remove(cmd);
980e1a53
JH		 3109
3110 return err;
3111}
3112
744cf19e
JH		 3113int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3114 u8 status)
980e1a53
JH		 3115{
3116 struct pending_cmd *cmd;
ac56fb13 3117 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3118 int err;
3119
2e58ef3e 3120 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3121 if (!cmd)
3122 return -ENOENT;
3123
d8457698
JH		 3124 bacpy(&rp.addr.bdaddr, bdaddr);
3125 rp.addr.type = MGMT_ADDR_BREDR;
ac56fb13 3126
aee9b218
JH		 3127 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
3128 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3129
a664b5bc 3130 mgmt_pending_remove(cmd);
980e1a53
JH		 3131
3132 return err;
3133}
a5c29683 3134
744cf19e 3135int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 3136 u8 link_type, u8 addr_type, __le32 value,
3137 u8 confirm_hint)
a5c29683
JH		 3138{
3139 struct mgmt_ev_user_confirm_request ev;
3140
744cf19e 3141 BT_DBG("%s", hdev->name);
a5c29683 3142
272d90df
JH		 3143 bacpy(&ev.addr.bdaddr, bdaddr);
3144 ev.addr.type = link_to_mgmt(link_type, addr_type);
55bc1a37 3145 ev.confirm_hint = confirm_hint;
a5c29683
JH		 3146 put_unaligned_le32(value, &ev.value);
3147
744cf19e 3148 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 3149 NULL);
a5c29683
JH		 3150}
3151
272d90df
JH		 3152int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
3153 u8 link_type, u8 addr_type)
604086b7
BG		 3154{
3155 struct mgmt_ev_user_passkey_request ev;
3156
3157 BT_DBG("%s", hdev->name);
3158
272d90df
JH		 3159 bacpy(&ev.addr.bdaddr, bdaddr);
3160 ev.addr.type = link_to_mgmt(link_type, addr_type);
604086b7
BG		 3161
3162 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
3163 NULL);
3164}
3165
0df4c185 3166static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 3167 u8 link_type, u8 addr_type, u8 status,
3168 u8 opcode)
a5c29683
JH		 3169{
3170 struct pending_cmd *cmd;
3171 struct mgmt_rp_user_confirm_reply rp;
3172 int err;
3173
2e58ef3e 3174 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3175 if (!cmd)
3176 return -ENOENT;
3177
272d90df
JH		 3178 bacpy(&rp.addr.bdaddr, bdaddr);
3179 rp.addr.type = link_to_mgmt(link_type, addr_type);
aee9b218
JH		 3180 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
3181 &rp, sizeof(rp));
a5c29683 3182
a664b5bc 3183 mgmt_pending_remove(cmd);
a5c29683
JH		 3184
3185 return err;
3186}
3187
744cf19e 3188int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 3189 u8 link_type, u8 addr_type, u8 status)
a5c29683 3190{
272d90df
JH		 3191 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3192 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3193}
3194
272d90df
JH		 3195int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3196 u8 link_type, u8 addr_type, u8 status)
a5c29683 3197{
272d90df
JH		 3198 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3199 status, MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3200}
2a611692 3201
604086b7 3202int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 3203 u8 link_type, u8 addr_type, u8 status)
604086b7 3204{
272d90df
JH		 3205 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3206 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3207}
3208
272d90df
JH		 3209int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3210 u8 link_type, u8 addr_type, u8 status)
604086b7 3211{
272d90df
JH		 3212 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
3213 status, MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3214}
3215
bab73cb6
JH		 3216int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3217 u8 addr_type, u8 status)
2a611692
JH		 3218{
3219 struct mgmt_ev_auth_failed ev;
3220
bab73cb6
JH		 3221 bacpy(&ev.addr.bdaddr, bdaddr);
3222 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 3223 ev.status = mgmt_status(status);
2a611692 3224
744cf19e 3225 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3226}
b312b161 3227
33ef95ed
JH		 3228int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3229{
3230 struct cmd_lookup match = { NULL, hdev };
3231 __le32 ev;
3232 int err;
3233
3234 if (status) {
3235 u8 mgmt_err = mgmt_status(status);
3236 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
3237 cmd_status_rsp, &mgmt_err);
3238 return 0;
3239 }
3240
3241 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
3242 &match);
3243
3244 ev = cpu_to_le32(get_current_settings(hdev));
3245 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
3246
3247 if (match.sk)
3248 sock_put(match.sk);
3249
3250 return err;
3251}
3252
cacaf52f
JH		 3253static int clear_eir(struct hci_dev *hdev)
3254{
3255 struct hci_cp_write_eir cp;
3256
3257 if (!(hdev->features[6] & LMP_EXT_INQ))
3258 return 0;
3259
3260 memset(&cp, 0, sizeof(cp));
3261
3262 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3263}
3264
ed2c4ee3
JH		 3265int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 status)
3266{
3267 struct cmd_lookup match = { NULL, hdev };
3268 __le32 ev;
3269 int err;
3270
3271 if (status) {
3272 u8 mgmt_err = mgmt_status(status);
3273 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev,
3274 cmd_status_rsp, &mgmt_err);
3275 return 0;
3276 }
3277
3278 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3279
3280 ev = cpu_to_le32(get_current_settings(hdev));
3281 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
3282
cacaf52f 3283 if (match.sk) {
ed2c4ee3
JH		 3284 sock_put(match.sk);
3285
cacaf52f
JH		 3286 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3287 update_eir(hdev);
3288 else
3289 clear_eir(hdev);
3290 }
3291
ed2c4ee3
JH		 3292 return err;
3293}
3294
744cf19e 3295int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3296{
3297 struct pending_cmd *cmd;
3298 struct mgmt_cp_set_local_name ev;
3299 int err;
3300
3301 memset(&ev, 0, sizeof(ev));
3302 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
3303
2e58ef3e 3304 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3305 if (!cmd)
3306 goto send_event;
3307
3308 if (status) {
744cf19e 3309 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
ca69b795 3310 mgmt_status(status));
b312b161
JH		 3311 goto failed;
3312 }
3313
744cf19e 3314 update_eir(hdev);
80a1e1db 3315
aee9b218 3316 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
b312b161
JH		 3317 sizeof(ev));
3318 if (err < 0)
3319 goto failed;
3320
3321send_event:
744cf19e 3322 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
b312b161
JH		 3323 cmd ? cmd->sk : NULL);
3324
3325failed:
3326 if (cmd)
3327 mgmt_pending_remove(cmd);
3328 return err;
3329}
c35938b2 3330
744cf19e
JH		 3331int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
3332 u8 *randomizer, u8 status)
c35938b2
SJ		 3333{
3334 struct pending_cmd *cmd;
3335 int err;
3336
744cf19e 3337 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3338
2e58ef3e 3339 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3340 if (!cmd)
3341 return -ENOENT;
3342
3343 if (status) {
744cf19e 3344 err = cmd_status(cmd->sk, hdev->id,
ca69b795
JH		 3345 MGMT_OP_READ_LOCAL_OOB_DATA,
3346 mgmt_status(status));
c35938b2
SJ		 3347 } else {
3348 struct mgmt_rp_read_local_oob_data rp;
3349
3350 memcpy(rp.hash, hash, sizeof(rp.hash));
3351 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3352
744cf19e
JH		 3353 err = cmd_complete(cmd->sk, hdev->id,
3354 MGMT_OP_READ_LOCAL_OOB_DATA,
aee9b218 3355 0, &rp, sizeof(rp));
c35938b2
SJ		 3356 }
3357
3358 mgmt_pending_remove(cmd);
3359
3360 return err;
3361}
e17acd40 3362
48264f06 3363int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
561aafbc 3364 u8 addr_type, u8 *dev_class, s8 rssi,
e319d2e7 3365 u8 cfm_name, u8 *eir, u16 eir_len)
e17acd40 3366{
e319d2e7
JH		 3367 char buf[512];
3368 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3369 size_t ev_size;
e17acd40 3370
1dc06093
JH		 3371 /* Leave 5 bytes for a potential CoD field */
3372 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3373 return -EINVAL;
3374
1dc06093
JH		 3375 memset(buf, 0, sizeof(buf));
3376
e319d2e7
JH		 3377 bacpy(&ev->addr.bdaddr, bdaddr);
3378 ev->addr.type = link_to_mgmt(link_type, addr_type);
3379 ev->rssi = rssi;
3380 ev->confirm_name = cfm_name;
e17acd40 3381
1dc06093 3382 if (eir_len > 0)
e319d2e7 3383 memcpy(ev->eir, eir, eir_len);
e17acd40 3384
1dc06093
JH		 3385 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3386 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
3387 dev_class, 3);
3388
3389 put_unaligned_le16(eir_len, &ev->eir_len);
3390
3391 ev_size = sizeof(*ev) + eir_len;
f8523598 3392
e319d2e7 3393 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3394}
a88a9652 3395
b644ba33
JH		 3396int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3397 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3398{
b644ba33
JH		 3399 struct mgmt_ev_device_found *ev;
3400 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3401 u16 eir_len;
a88a9652 3402
b644ba33 3403 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3404
b644ba33
JH		 3405 memset(buf, 0, sizeof(buf));
3406
3407 bacpy(&ev->addr.bdaddr, bdaddr);
3408 ev->addr.type = link_to_mgmt(link_type, addr_type);
3409 ev->rssi = rssi;
3410
3411 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
3412 name_len);
3413
3414 put_unaligned_le16(eir_len, &ev->eir_len);
a88a9652 3415
053c7e0c
JH		 3416 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
3417 sizeof(*ev) + eir_len, NULL);
a88a9652 3418}
314b2381 3419
7a135109 3420int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3421{
3422 struct pending_cmd *cmd;
f808e166 3423 u8 type;
164a6e78
JH		 3424 int err;
3425
203159d4
AG		 3426 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3427
2e58ef3e 3428 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3429 if (!cmd)
3430 return -ENOENT;
3431
f808e166
JH		 3432 type = hdev->discovery.type;
3433
3434 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3435 &type, sizeof(type));
164a6e78
JH		 3436 mgmt_pending_remove(cmd);
3437
3438 return err;
3439}
3440
e6d465cb
AG		 3441int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3442{
3443 struct pending_cmd *cmd;
3444 int err;
3445
3446 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3447 if (!cmd)
3448 return -ENOENT;
3449
d930650b
JH		 3450 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
3451 &hdev->discovery.type,
3452 sizeof(hdev->discovery.type));
164a6e78
JH		 3453 mgmt_pending_remove(cmd);
3454
3455 return err;
3456}
3457
744cf19e 3458int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3459{
f963e8e9 3460 struct mgmt_ev_discovering ev;
164a6e78
JH		 3461 struct pending_cmd *cmd;
3462
343fb145
AG		 3463 BT_DBG("%s discovering %u", hdev->name, discovering);
3464
164a6e78 3465 if (discovering)
2e58ef3e 3466 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3467 else
2e58ef3e 3468 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3469
3470 if (cmd != NULL) {
f808e166
JH		 3471 u8 type = hdev->discovery.type;
3472
d930650b 3473 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0,
f808e166 3474 &type, sizeof(type));
164a6e78
JH		 3475 mgmt_pending_remove(cmd);
3476 }
3477
f963e8e9
JH		 3478 memset(&ev, 0, sizeof(ev));
3479 ev.type = hdev->discovery.type;
3480 ev.discovering = discovering;
3481
3482 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3483}
5e762444 3484
88c1fe4b 3485int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3486{
3487 struct pending_cmd *cmd;
3488 struct mgmt_ev_device_blocked ev;
3489
2e58ef3e 3490 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3491
88c1fe4b
JH		 3492 bacpy(&ev.addr.bdaddr, bdaddr);
3493 ev.addr.type = type;
5e762444 3494
744cf19e
JH		 3495 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
3496 cmd ? cmd->sk : NULL);
5e762444
AJ		 3497}
3498
88c1fe4b 3499int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3500{
3501 struct pending_cmd *cmd;
3502 struct mgmt_ev_device_unblocked ev;
3503
2e58ef3e 3504 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3505
88c1fe4b
JH		 3506 bacpy(&ev.addr.bdaddr, bdaddr);
3507 ev.addr.type = type;
5e762444 3508
744cf19e
JH		 3509 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
3510 cmd ? cmd->sk : NULL);
5e762444 3511}
d7b7e796
MH		 3512
3513module_param(enable_hs, bool, 0644);
3514MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
3515
3516module_param(enable_le, bool, 0644);
3517MODULE_PARM_DESC(enable_le, "Enable Low Energy support");
Linux kernel - Deliverables
This page took 0.292834 seconds and 5 git commands to generate.