projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix pair device command reply if adapter is powered off
[deliverable/linux.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
23b3b133 38#define MGMT_REVISION 2
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
612dfce9 225 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
612dfce9 256 hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
476e44cb 329 int err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
476e44cb 350 count = 0;
8035ded4 351 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 352 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 353 continue;
354
bb4b2a9a
AE		 355 if (!mgmt_valid_hdev(d))
356 continue;
357
476e44cb 358 rp->index[count++] = cpu_to_le16(d->id);
faba42eb
JH		 359 BT_DBG("Added hci%u", d->id);
360 }
361
476e44cb
JH		 362 rp->num_controllers = cpu_to_le16(count);
363 rp_len = sizeof(*rp) + (2 * count);
364
faba42eb
JH		 365 read_unlock(&hci_dev_list_lock);
366
aee9b218 367 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 368 rp_len);
faba42eb 369
a38528f1
JH		 370 kfree(rp);
371
372 return err;
faba42eb
JH		 373}
374
69ab39ea
JH		 375static u32 get_supported_settings(struct hci_dev *hdev)
376{
377 u32 settings = 0;
378
379 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 380 settings |= MGMT_SETTING_PAIRABLE;
381
9a1a1996 382 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 383 settings |= MGMT_SETTING_SSP;
384
ed3fa31f 385 if (lmp_bredr_capable(hdev)) {
33c525c0
JH		 386 settings |= MGMT_SETTING_CONNECTABLE;
387 settings |= MGMT_SETTING_FAST_CONNECTABLE;
388 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 389 settings |= MGMT_SETTING_BREDR;
390 settings |= MGMT_SETTING_LINK_SECURITY;
391 }
392
d7b7e796
MH		 393 if (enable_hs)
394 settings |= MGMT_SETTING_HS;
395
c383ddc4 396 if (lmp_le_capable(hdev))
9d42820f 397 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 398
399 return settings;
400}
401
402static u32 get_current_settings(struct hci_dev *hdev)
403{
404 u32 settings = 0;
405
f1f0eb02 406 if (hdev_is_powered(hdev))
f0d4b78a
MH		 407 settings |= MGMT_SETTING_POWERED;
408
5e5282bb 409 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 410 settings |= MGMT_SETTING_CONNECTABLE;
411
5e5282bb 412 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 413 settings |= MGMT_SETTING_DISCOVERABLE;
414
a8b2d5c2 415 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 416 settings |= MGMT_SETTING_PAIRABLE;
417
ed3fa31f 418 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 419 settings |= MGMT_SETTING_BREDR;
420
06199cf8 421 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 422 settings |= MGMT_SETTING_LE;
423
47990ea0 424 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 425 settings |= MGMT_SETTING_LINK_SECURITY;
426
84bde9d6 427 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 428 settings |= MGMT_SETTING_SSP;
429
6d80dfd0
JH		 430 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
431 settings |= MGMT_SETTING_HS;
432
69ab39ea
JH		 433 return settings;
434}
435
ef580372
JH		 436#define PNP_INFO_SVCLASS_ID 0x1200
437
438static u8 bluetooth_base_uuid[] = {
439 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
440 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
441};
442
443static u16 get_uuid16(u8 *uuid128)
444{
445 u32 val;
446 int i;
447
448 for (i = 0; i < 12; i++) {
449 if (bluetooth_base_uuid[i] != uuid128[i])
450 return 0;
451 }
452
3e9fb6d8 453 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 454 if (val > 0xffff)
455 return 0;
456
457 return (u16) val;
458}
459
460static void create_eir(struct hci_dev *hdev, u8 *data)
461{
462 u8 *ptr = data;
463 u16 eir_len = 0;
464 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
465 int i, truncated = 0;
466 struct bt_uuid *uuid;
467 size_t name_len;
468
469 name_len = strlen(hdev->dev_name);
470
471 if (name_len > 0) {
472 /* EIR Data type */
473 if (name_len > 48) {
474 name_len = 48;
475 ptr[1] = EIR_NAME_SHORT;
476 } else
477 ptr[1] = EIR_NAME_COMPLETE;
478
479 /* EIR Data length */
480 ptr[0] = name_len + 1;
481
482 memcpy(ptr + 2, hdev->dev_name, name_len);
483
484 eir_len += (name_len + 2);
485 ptr += (name_len + 2);
486 }
487
bbaf444a 488 if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) {
91c4e9b1
MH		 489 ptr[0] = 2;
490 ptr[1] = EIR_TX_POWER;
491 ptr[2] = (u8) hdev->inq_tx_power;
492
493 eir_len += 3;
494 ptr += 3;
495 }
496
2b9be137
MH		 497 if (hdev->devid_source > 0) {
498 ptr[0] = 9;
499 ptr[1] = EIR_DEVICE_ID;
500
501 put_unaligned_le16(hdev->devid_source, ptr + 2);
502 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
503 put_unaligned_le16(hdev->devid_product, ptr + 6);
504 put_unaligned_le16(hdev->devid_version, ptr + 8);
505
506 eir_len += 10;
507 ptr += 10;
508 }
509
ef580372
JH		 510 memset(uuid16_list, 0, sizeof(uuid16_list));
511
512 /* Group all UUID16 types */
513 list_for_each_entry(uuid, &hdev->uuids, list) {
514 u16 uuid16;
515
516 uuid16 = get_uuid16(uuid->uuid);
517 if (uuid16 == 0)
518 return;
519
520 if (uuid16 < 0x1100)
521 continue;
522
523 if (uuid16 == PNP_INFO_SVCLASS_ID)
524 continue;
525
526 /* Stop if not enough space to put next UUID */
527 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
528 truncated = 1;
529 break;
530 }
531
532 /* Check for duplicates */
533 for (i = 0; uuid16_list[i] != 0; i++)
534 if (uuid16_list[i] == uuid16)
535 break;
536
537 if (uuid16_list[i] == 0) {
538 uuid16_list[i] = uuid16;
539 eir_len += sizeof(u16);
540 }
541 }
542
543 if (uuid16_list[0] != 0) {
544 u8 *length = ptr;
545
546 /* EIR Data type */
547 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
548
549 ptr += 2;
550 eir_len += 2;
551
552 for (i = 0; uuid16_list[i] != 0; i++) {
553 *ptr++ = (uuid16_list[i] & 0x00ff);
554 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
555 }
556
557 /* EIR Data length */
558 *length = (i * sizeof(u16)) + 1;
559 }
560}
561
562static int update_eir(struct hci_dev *hdev)
563{
564 struct hci_cp_write_eir cp;
565
504c8dcd 566 if (!hdev_is_powered(hdev))
7770c4aa
JH		 567 return 0;
568
976eb20e 569 if (!lmp_ext_inq_capable(hdev))
ef580372
JH		 570 return 0;
571
84bde9d6 572 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 573 return 0;
574
a8b2d5c2 575 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 576 return 0;
577
578 memset(&cp, 0, sizeof(cp));
579
580 create_eir(hdev, cp.data);
581
582 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
583 return 0;
584
585 memcpy(hdev->eir, cp.data, sizeof(cp.data));
586
587 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
588}
589
590static u8 get_service_classes(struct hci_dev *hdev)
591{
592 struct bt_uuid *uuid;
593 u8 val = 0;
594
595 list_for_each_entry(uuid, &hdev->uuids, list)
596 val |= uuid->svc_hint;
597
598 return val;
599}
600
601static int update_class(struct hci_dev *hdev)
602{
603 u8 cod[3];
c95f0ba7 604 int err;
ef580372
JH		 605
606 BT_DBG("%s", hdev->name);
607
504c8dcd 608 if (!hdev_is_powered(hdev))
7770c4aa
JH		 609 return 0;
610
a8b2d5c2 611 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 612 return 0;
613
614 cod[0] = hdev->minor_class;
615 cod[1] = hdev->major_class;
616 cod[2] = get_service_classes(hdev);
617
618 if (memcmp(cod, hdev->dev_class, 3) == 0)
619 return 0;
620
c95f0ba7
JH		 621 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
622 if (err == 0)
623 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
624
625 return err;
ef580372
JH		 626}
627
7d78525d
JH		 628static void service_cache_off(struct work_struct *work)
629{
630 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 631 service_cache.work);
7d78525d 632
a8b2d5c2 633 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 634 return;
635
636 hci_dev_lock(hdev);
637
638 update_eir(hdev);
639 update_class(hdev);
640
641 hci_dev_unlock(hdev);
642}
643
6a919082 644static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 645{
4f87da80 646 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 647 return;
648
4f87da80 649 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 650
4f87da80
JH		 651 /* Non-mgmt controlled devices get this bit set
652 * implicitly so that pairing works for them, however
653 * for mgmt we require user-space to explicitly enable
654 * it
655 */
656 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 657}
658
0f4e68cf 659static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 660 void *data, u16 data_len)
0381101f 661{
a38528f1 662 struct mgmt_rp_read_info rp;
f7b64e69 663
bdb6d971 664 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 665
09fd0de5 666 hci_dev_lock(hdev);
f7b64e69 667
dc4fe30b
JH		 668 memset(&rp, 0, sizeof(rp));
669
69ab39ea 670 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 671
69ab39ea 672 rp.version = hdev->hci_ver;
eb55ef07 673 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 674
675 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
676 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 677
a38528f1 678 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 679
dc4fe30b 680 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 681 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 682
09fd0de5 683 hci_dev_unlock(hdev);
0381101f 684
bdb6d971 685 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 686 sizeof(rp));
0381101f
JH		 687}
688
eec8d2bc
JH		 689static void mgmt_pending_free(struct pending_cmd *cmd)
690{
691 sock_put(cmd->sk);
c68fb7ff 692 kfree(cmd->param);
eec8d2bc
JH		 693 kfree(cmd);
694}
695
366a0336 696static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 697 struct hci_dev *hdev, void *data,
698 u16 len)
eec8d2bc
JH		 699{
700 struct pending_cmd *cmd;
701
12b94565 702 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 703 if (!cmd)
366a0336 704 return NULL;
eec8d2bc
JH		 705
706 cmd->opcode = opcode;
2e58ef3e 707 cmd->index = hdev->id;
eec8d2bc 708
12b94565 709 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 710 if (!cmd->param) {
eec8d2bc 711 kfree(cmd);
366a0336 712 return NULL;
eec8d2bc
JH		 713 }
714
8fce6357
SJ		 715 if (data)
716 memcpy(cmd->param, data, len);
eec8d2bc
JH		 717
718 cmd->sk = sk;
719 sock_hold(sk);
720
2e58ef3e 721 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 722
366a0336 723 return cmd;
eec8d2bc
JH		 724}
725
744cf19e 726static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 727 void (*cb)(struct pending_cmd *cmd,
728 void *data),
04124681 729 void *data)
eec8d2bc
JH		 730{
731 struct list_head *p, *n;
732
2e58ef3e 733 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 734 struct pending_cmd *cmd;
735
736 cmd = list_entry(p, struct pending_cmd, list);
737
b24752fe 738 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 739 continue;
740
eec8d2bc
JH		 741 cb(cmd, data);
742 }
743}
744
2e58ef3e 745static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 746{
8035ded4 747 struct pending_cmd *cmd;
eec8d2bc 748
2e58ef3e 749 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 750 if (cmd->opcode == opcode)
751 return cmd;
eec8d2bc
JH		 752 }
753
754 return NULL;
755}
756
a664b5bc 757static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 758{
73f22f62
JH		 759 list_del(&cmd->list);
760 mgmt_pending_free(cmd);
761}
762
69ab39ea 763static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 764{
69ab39ea 765 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 766
aee9b218 767 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 768 sizeof(settings));
8680570b
JH		 769}
770
bdb6d971 771static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 772 u16 len)
eec8d2bc 773{
650f726d 774 struct mgmt_mode *cp = data;
366a0336 775 struct pending_cmd *cmd;
4b34ee78 776 int err;
eec8d2bc 777
bdb6d971 778 BT_DBG("request for %s", hdev->name);
eec8d2bc 779
a7e80f25
JH		 780 if (cp->val != 0x00 && cp->val != 0x01)
781 return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
782 MGMT_STATUS_INVALID_PARAMS);
783
09fd0de5 784 hci_dev_lock(hdev);
eec8d2bc 785
f0d4b78a
MH		 786 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
787 cancel_delayed_work(&hdev->power_off);
788
789 if (cp->val) {
a1d70450
JH		 790 mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev,
791 data, len);
792 err = mgmt_powered(hdev, 1);
f0d4b78a
MH		 793 goto failed;
794 }
795 }
796
4b34ee78 797 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 798 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 799 goto failed;
800 }
801
2e58ef3e 802 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 803 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 804 MGMT_STATUS_BUSY);
eec8d2bc
JH		 805 goto failed;
806 }
807
2e58ef3e 808 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 809 if (!cmd) {
810 err = -ENOMEM;
eec8d2bc 811 goto failed;
366a0336 812 }
eec8d2bc 813
72a734ec 814 if (cp->val)
19202573 815 queue_work(hdev->req_workqueue, &hdev->power_on);
eec8d2bc 816 else
19202573 817 queue_work(hdev->req_workqueue, &hdev->power_off.work);
eec8d2bc 818
366a0336 819 err = 0;
eec8d2bc
JH		 820
821failed:
09fd0de5 822 hci_dev_unlock(hdev);
366a0336 823 return err;
eec8d2bc
JH		 824}
825
04124681
GP		 826static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
827 struct sock *skip_sk)
beadb2bd
JH		 828{
829 struct sk_buff *skb;
830 struct mgmt_hdr *hdr;
831
790eff44 832 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 833 if (!skb)
834 return -ENOMEM;
835
836 hdr = (void *) skb_put(skb, sizeof(*hdr));
837 hdr->opcode = cpu_to_le16(event);
838 if (hdev)
839 hdr->index = cpu_to_le16(hdev->id);
840 else
612dfce9 841 hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE);
beadb2bd
JH		 842 hdr->len = cpu_to_le16(data_len);
843
844 if (data)
845 memcpy(skb_put(skb, data_len), data, data_len);
846
97e0bdeb
MH		 847 /* Time stamp */
848 __net_timestamp(skb);
849
beadb2bd
JH		 850 hci_send_to_control(skb, skip_sk);
851 kfree_skb(skb);
852
853 return 0;
854}
855
856static int new_settings(struct hci_dev *hdev, struct sock *skip)
857{
858 __le32 ev;
859
860 ev = cpu_to_le32(get_current_settings(hdev));
861
862 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
863}
864
bdb6d971 865static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 866 u16 len)
73f22f62 867{
650f726d 868 struct mgmt_cp_set_discoverable *cp = data;
366a0336 869 struct pending_cmd *cmd;
5e5282bb 870 u16 timeout;
73f22f62
JH		 871 u8 scan;
872 int err;
873
bdb6d971 874 BT_DBG("request for %s", hdev->name);
73f22f62 875
33c525c0
JH		 876 if (!lmp_bredr_capable(hdev))
877 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
878 MGMT_STATUS_NOT_SUPPORTED);
879
a7e80f25
JH		 880 if (cp->val != 0x00 && cp->val != 0x01)
881 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
882 MGMT_STATUS_INVALID_PARAMS);
883
1f350c87 884 timeout = __le16_to_cpu(cp->timeout);
24c54a90 885 if (!cp->val && timeout > 0)
bdb6d971 886 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 887 MGMT_STATUS_INVALID_PARAMS);
73f22f62 888
09fd0de5 889 hci_dev_lock(hdev);
73f22f62 890
5e5282bb 891 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 892 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 893 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 894 goto failed;
895 }
896
2e58ef3e 897 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 898 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 899 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 900 MGMT_STATUS_BUSY);
73f22f62
JH		 901 goto failed;
902 }
903
5e5282bb 904 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 905 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 906 MGMT_STATUS_REJECTED);
5e5282bb
JH		 907 goto failed;
908 }
909
910 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 911 bool changed = false;
912
913 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
914 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
915 changed = true;
916 }
917
5e5282bb 918 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 919 if (err < 0)
920 goto failed;
921
922 if (changed)
923 err = new_settings(hdev, sk);
924
5e5282bb
JH		 925 goto failed;
926 }
927
928 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 929 if (hdev->discov_timeout > 0) {
930 cancel_delayed_work(&hdev->discov_off);
931 hdev->discov_timeout = 0;
932 }
933
934 if (cp->val && timeout > 0) {
935 hdev->discov_timeout = timeout;
936 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
937 msecs_to_jiffies(hdev->discov_timeout * 1000));
938 }
939
69ab39ea 940 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 941 goto failed;
942 }
943
2e58ef3e 944 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 945 if (!cmd) {
946 err = -ENOMEM;
73f22f62 947 goto failed;
366a0336 948 }
73f22f62
JH		 949
950 scan = SCAN_PAGE;
951
72a734ec 952 if (cp->val)
73f22f62 953 scan |= SCAN_INQUIRY;
16ab91ab 954 else
e0f9309f 955 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 956
957 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
958 if (err < 0)
a664b5bc 959 mgmt_pending_remove(cmd);
73f22f62 960
16ab91ab 961 if (cp->val)
5e5282bb 962 hdev->discov_timeout = timeout;
16ab91ab 963
73f22f62 964failed:
09fd0de5 965 hci_dev_unlock(hdev);
73f22f62
JH		 966 return err;
967}
968
bdb6d971 969static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 970 u16 len)
9fbcbb45 971{
650f726d 972 struct mgmt_mode *cp = data;
366a0336 973 struct pending_cmd *cmd;
9fbcbb45
JH		 974 u8 scan;
975 int err;
976
bdb6d971 977 BT_DBG("request for %s", hdev->name);
9fbcbb45 978
33c525c0
JH		 979 if (!lmp_bredr_capable(hdev))
980 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
981 MGMT_STATUS_NOT_SUPPORTED);
982
a7e80f25
JH		 983 if (cp->val != 0x00 && cp->val != 0x01)
984 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
985 MGMT_STATUS_INVALID_PARAMS);
986
09fd0de5 987 hci_dev_lock(hdev);
9fbcbb45 988
4b34ee78 989 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 990 bool changed = false;
991
992 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
993 changed = true;
994
6bf0e469 995 if (cp->val) {
5e5282bb 996 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 997 } else {
5e5282bb
JH		 998 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
999 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
1000 }
0224d2fa 1001
5e5282bb 1002 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 1003 if (err < 0)
1004 goto failed;
1005
1006 if (changed)
1007 err = new_settings(hdev, sk);
1008
9fbcbb45
JH		 1009 goto failed;
1010 }
1011
2e58ef3e 1012 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 1013 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1014 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1015 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1016 goto failed;
1017 }
1018
5e5282bb 1019 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1020 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1021 goto failed;
1022 }
1023
2e58ef3e 1024 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1025 if (!cmd) {
1026 err = -ENOMEM;
9fbcbb45 1027 goto failed;
366a0336 1028 }
9fbcbb45 1029
6bf0e469 1030 if (cp->val) {
9fbcbb45 1031 scan = SCAN_PAGE;
6bf0e469 1032 } else {
9fbcbb45
JH		 1033 scan = 0;
1034
df2c6c5e 1035 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1036 hdev->discov_timeout > 0)
df2c6c5e
JH		 1037 cancel_delayed_work(&hdev->discov_off);
1038 }
1039
9fbcbb45
JH		 1040 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1041 if (err < 0)
a664b5bc 1042 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1043
1044failed:
09fd0de5 1045 hci_dev_unlock(hdev);
9fbcbb45
JH		 1046 return err;
1047}
1048
bdb6d971 1049static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1050 u16 len)
c542a06c 1051{
650f726d 1052 struct mgmt_mode *cp = data;
c542a06c
JH		 1053 int err;
1054
bdb6d971 1055 BT_DBG("request for %s", hdev->name);
c542a06c 1056
a7e80f25
JH		 1057 if (cp->val != 0x00 && cp->val != 0x01)
1058 return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE,
1059 MGMT_STATUS_INVALID_PARAMS);
1060
09fd0de5 1061 hci_dev_lock(hdev);
c542a06c
JH		 1062
1063 if (cp->val)
a8b2d5c2 1064 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1065 else
a8b2d5c2 1066 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1067
69ab39ea 1068 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1069 if (err < 0)
1070 goto failed;
1071
beadb2bd 1072 err = new_settings(hdev, sk);
c542a06c
JH		 1073
1074failed:
09fd0de5 1075 hci_dev_unlock(hdev);
c542a06c
JH		 1076 return err;
1077}
1078
04124681
GP		 1079static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1080 u16 len)
33ef95ed
JH		 1081{
1082 struct mgmt_mode *cp = data;
1083 struct pending_cmd *cmd;
816a11d5 1084 u8 val;
33ef95ed
JH		 1085 int err;
1086
bdb6d971 1087 BT_DBG("request for %s", hdev->name);
33ef95ed 1088
33c525c0
JH		 1089 if (!lmp_bredr_capable(hdev))
1090 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1091 MGMT_STATUS_NOT_SUPPORTED);
1092
a7e80f25
JH		 1093 if (cp->val != 0x00 && cp->val != 0x01)
1094 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1095 MGMT_STATUS_INVALID_PARAMS);
1096
33ef95ed
JH		 1097 hci_dev_lock(hdev);
1098
4b34ee78 1099 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1100 bool changed = false;
1101
1102 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1103 &hdev->dev_flags)) {
47990ea0
JH		 1104 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1105 changed = true;
1106 }
1107
1108 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1109 if (err < 0)
1110 goto failed;
1111
1112 if (changed)
1113 err = new_settings(hdev, sk);
1114
33ef95ed
JH		 1115 goto failed;
1116 }
1117
1118 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1119 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1120 MGMT_STATUS_BUSY);
33ef95ed
JH		 1121 goto failed;
1122 }
1123
1124 val = !!cp->val;
1125
1126 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1127 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1128 goto failed;
1129 }
1130
1131 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1132 if (!cmd) {
1133 err = -ENOMEM;
1134 goto failed;
1135 }
1136
1137 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1138 if (err < 0) {
1139 mgmt_pending_remove(cmd);
1140 goto failed;
1141 }
1142
1143failed:
1144 hci_dev_unlock(hdev);
33ef95ed
JH		 1145 return err;
1146}
1147
bdb6d971 1148static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1149{
1150 struct mgmt_mode *cp = data;
1151 struct pending_cmd *cmd;
816a11d5 1152 u8 val;
ed2c4ee3
JH		 1153 int err;
1154
bdb6d971 1155 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1156
13ecd8b6
JH		 1157 if (!lmp_ssp_capable(hdev))
1158 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1159 MGMT_STATUS_NOT_SUPPORTED);
ed2c4ee3 1160
a7e80f25
JH		 1161 if (cp->val != 0x00 && cp->val != 0x01)
1162 return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1163 MGMT_STATUS_INVALID_PARAMS);
1164
13ecd8b6 1165 hci_dev_lock(hdev);
6c8f12c1 1166
c0ecddc2
JH		 1167 val = !!cp->val;
1168
4b34ee78 1169 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1170 bool changed = false;
1171
1172 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1173 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1174 changed = true;
1175 }
1176
1177 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1178 if (err < 0)
1179 goto failed;
1180
1181 if (changed)
1182 err = new_settings(hdev, sk);
1183
ed2c4ee3
JH		 1184 goto failed;
1185 }
1186
1187 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1188 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1189 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1190 goto failed;
1191 }
1192
ed2c4ee3
JH		 1193 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1194 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1195 goto failed;
1196 }
1197
1198 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1199 if (!cmd) {
1200 err = -ENOMEM;
1201 goto failed;
1202 }
1203
1204 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1205 if (err < 0) {
1206 mgmt_pending_remove(cmd);
1207 goto failed;
1208 }
1209
1210failed:
1211 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1212 return err;
1213}
1214
bdb6d971 1215static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1216{
1217 struct mgmt_mode *cp = data;
6d80dfd0 1218
bdb6d971 1219 BT_DBG("request for %s", hdev->name);
6d80dfd0 1220
bdb6d971
JH		 1221 if (!enable_hs)
1222 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1223 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0 1224
a7e80f25
JH		 1225 if (cp->val != 0x00 && cp->val != 0x01)
1226 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
1227 MGMT_STATUS_INVALID_PARAMS);
1228
6d80dfd0
JH		 1229 if (cp->val)
1230 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1231 else
1232 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1233
bdb6d971 1234 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1235}
1236
bdb6d971 1237static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1238{
1239 struct mgmt_mode *cp = data;
1240 struct hci_cp_write_le_host_supported hci_cp;
1241 struct pending_cmd *cmd;
06199cf8 1242 int err;
0b60eba1 1243 u8 val, enabled;
06199cf8 1244
bdb6d971 1245 BT_DBG("request for %s", hdev->name);
06199cf8 1246
13ecd8b6
JH		 1247 if (!lmp_le_capable(hdev))
1248 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1249 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1250
a7e80f25
JH		 1251 if (cp->val != 0x00 && cp->val != 0x01)
1252 return cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1253 MGMT_STATUS_INVALID_PARAMS);
1254
13ecd8b6 1255 hci_dev_lock(hdev);
06199cf8
JH		 1256
1257 val = !!cp->val;
ffa88e02 1258 enabled = lmp_host_le_capable(hdev);
06199cf8 1259
0b60eba1 1260 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1261 bool changed = false;
1262
1263 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1264 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1265 changed = true;
1266 }
1267
1268 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1269 if (err < 0)
1de028ce 1270 goto unlock;
06199cf8
JH		 1271
1272 if (changed)
1273 err = new_settings(hdev, sk);
1274
1de028ce 1275 goto unlock;
06199cf8
JH		 1276 }
1277
1278 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1279 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1280 MGMT_STATUS_BUSY);
1de028ce 1281 goto unlock;
06199cf8
JH		 1282 }
1283
1284 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1285 if (!cmd) {
1286 err = -ENOMEM;
1de028ce 1287 goto unlock;
06199cf8
JH		 1288 }
1289
1290 memset(&hci_cp, 0, sizeof(hci_cp));
1291
1292 if (val) {
1293 hci_cp.le = val;
ffa88e02 1294 hci_cp.simul = lmp_le_br_capable(hdev);
06199cf8
JH		 1295 }
1296
04124681
GP		 1297 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1298 &hci_cp);
0c01bc48 1299 if (err < 0)
06199cf8 1300 mgmt_pending_remove(cmd);
06199cf8 1301
1de028ce
JH		 1302unlock:
1303 hci_dev_unlock(hdev);
06199cf8
JH		 1304 return err;
1305}
1306
bdb6d971 1307static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1308{
650f726d 1309 struct mgmt_cp_add_uuid *cp = data;
90e70454 1310 struct pending_cmd *cmd;
2aeb9a1a 1311 struct bt_uuid *uuid;
2aeb9a1a
JH		 1312 int err;
1313
bdb6d971 1314 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1315
09fd0de5 1316 hci_dev_lock(hdev);
2aeb9a1a 1317
c95f0ba7 1318 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1319 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1320 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1321 goto failed;
1322 }
1323
92c4c204 1324 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1325 if (!uuid) {
1326 err = -ENOMEM;
1327 goto failed;
1328 }
1329
1330 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1331 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1332
1333 list_add(&uuid->list, &hdev->uuids);
1334
1aff6f09
JH		 1335 err = update_class(hdev);
1336 if (err < 0)
1337 goto failed;
1338
80a1e1db
JH		 1339 err = update_eir(hdev);
1340 if (err < 0)
1341 goto failed;
1342
90e70454 1343 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1344 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1345 hdev->dev_class, 3);
90e70454
JH		 1346 goto failed;
1347 }
1348
1349 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1350 if (!cmd)
90e70454 1351 err = -ENOMEM;
2aeb9a1a
JH		 1352
1353failed:
09fd0de5 1354 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1355 return err;
1356}
1357
24b78d0f
JH		 1358static bool enable_service_cache(struct hci_dev *hdev)
1359{
1360 if (!hdev_is_powered(hdev))
1361 return false;
1362
1363 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
46818ed5
JH		 1364 queue_delayed_work(hdev->workqueue, &hdev->service_cache,
1365 CACHE_TIMEOUT);
24b78d0f
JH		 1366 return true;
1367 }
1368
1369 return false;
1370}
1371
bdb6d971 1372static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1373 u16 len)
2aeb9a1a 1374{
650f726d 1375 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1376 struct pending_cmd *cmd;
2aeb9a1a 1377 struct list_head *p, *n;
2aeb9a1a 1378 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1379 int err, found;
1380
bdb6d971 1381 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1382
09fd0de5 1383 hci_dev_lock(hdev);
2aeb9a1a 1384
c95f0ba7 1385 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1386 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1387 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1388 goto unlock;
1389 }
1390
2aeb9a1a
JH		 1391 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1392 err = hci_uuids_clear(hdev);
4004b6d9 1393
24b78d0f 1394 if (enable_service_cache(hdev)) {
bdb6d971 1395 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1396 0, hdev->dev_class, 3);
24b78d0f
JH		 1397 goto unlock;
1398 }
4004b6d9 1399
9246a869 1400 goto update_class;
2aeb9a1a
JH		 1401 }
1402
1403 found = 0;
1404
1405 list_for_each_safe(p, n, &hdev->uuids) {
1406 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1407
1408 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1409 continue;
1410
1411 list_del(&match->list);
482049f7 1412 kfree(match);
2aeb9a1a
JH		 1413 found++;
1414 }
1415
1416 if (found == 0) {
bdb6d971 1417 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1418 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1419 goto unlock;
1420 }
1421
9246a869 1422update_class:
1aff6f09
JH		 1423 err = update_class(hdev);
1424 if (err < 0)
1425 goto unlock;
1426
80a1e1db
JH		 1427 err = update_eir(hdev);
1428 if (err < 0)
1429 goto unlock;
1430
90e70454 1431 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1432 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1433 hdev->dev_class, 3);
90e70454
JH		 1434 goto unlock;
1435 }
1436
1437 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1438 if (!cmd)
90e70454 1439 err = -ENOMEM;
2aeb9a1a
JH		 1440
1441unlock:
09fd0de5 1442 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1443 return err;
1444}
1445
bdb6d971 1446static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1447 u16 len)
1aff6f09 1448{
650f726d 1449 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1450 struct pending_cmd *cmd;
1aff6f09
JH		 1451 int err;
1452
bdb6d971 1453 BT_DBG("request for %s", hdev->name);
1aff6f09 1454
13ecd8b6
JH		 1455 if (!lmp_bredr_capable(hdev))
1456 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1457 MGMT_STATUS_NOT_SUPPORTED);
1aff6f09 1458
13ecd8b6
JH		 1459 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags))
1460 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1461 MGMT_STATUS_BUSY);
ee98f473 1462
13ecd8b6
JH		 1463 if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0)
1464 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
1465 MGMT_STATUS_INVALID_PARAMS);
c95f0ba7 1466
13ecd8b6 1467 hci_dev_lock(hdev);
575b3a02 1468
932f5ff5
JH		 1469 hdev->major_class = cp->major;
1470 hdev->minor_class = cp->minor;
1471
b5235a65 1472 if (!hdev_is_powered(hdev)) {
bdb6d971 1473 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1474 hdev->dev_class, 3);
b5235a65
JH		 1475 goto unlock;
1476 }
1477
a8b2d5c2 1478 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1479 hci_dev_unlock(hdev);
1480 cancel_delayed_work_sync(&hdev->service_cache);
1481 hci_dev_lock(hdev);
14c0b608 1482 update_eir(hdev);
7d78525d 1483 }
14c0b608 1484
1aff6f09 1485 err = update_class(hdev);
90e70454
JH		 1486 if (err < 0)
1487 goto unlock;
1aff6f09 1488
90e70454 1489 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1490 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1491 hdev->dev_class, 3);
90e70454
JH		 1492 goto unlock;
1493 }
1494
1495 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1496 if (!cmd)
90e70454 1497 err = -ENOMEM;
1aff6f09 1498
b5235a65 1499unlock:
09fd0de5 1500 hci_dev_unlock(hdev);
1aff6f09
JH		 1501 return err;
1502}
1503
bdb6d971 1504static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1505 u16 len)
55ed8ca1 1506{
650f726d 1507 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1508 u16 key_count, expected_len;
a492cd52 1509 int i;
55ed8ca1 1510
1f350c87 1511 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1512
86742e1e
JH		 1513 expected_len = sizeof(*cp) + key_count *
1514 sizeof(struct mgmt_link_key_info);
a492cd52 1515 if (expected_len != len) {
86742e1e 1516 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1517 len, expected_len);
bdb6d971 1518 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1519 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1520 }
1521
bdb6d971 1522 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1523 key_count);
55ed8ca1 1524
09fd0de5 1525 hci_dev_lock(hdev);
55ed8ca1
JH		 1526
1527 hci_link_keys_clear(hdev);
1528
a8b2d5c2 1529 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1530
1531 if (cp->debug_keys)
a8b2d5c2 1532 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1533 else
a8b2d5c2 1534 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1535
a492cd52 1536 for (i = 0; i < key_count; i++) {
86742e1e 1537 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1538
d753fdc4 1539 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1540 key->type, key->pin_len);
55ed8ca1
JH		 1541 }
1542
bdb6d971 1543 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1544
09fd0de5 1545 hci_dev_unlock(hdev);
55ed8ca1 1546
a492cd52 1547 return 0;
55ed8ca1
JH		 1548}
1549
b1078ad0 1550static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1551 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1552{
1553 struct mgmt_ev_device_unpaired ev;
1554
1555 bacpy(&ev.addr.bdaddr, bdaddr);
1556 ev.addr.type = addr_type;
1557
1558 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1559 skip_sk);
b1078ad0
JH		 1560}
1561
bdb6d971 1562static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1563 u16 len)
55ed8ca1 1564{
124f6e35
JH		 1565 struct mgmt_cp_unpair_device *cp = data;
1566 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1567 struct hci_cp_disconnect dc;
1568 struct pending_cmd *cmd;
55ed8ca1 1569 struct hci_conn *conn;
55ed8ca1
JH		 1570 int err;
1571
09fd0de5 1572 hci_dev_lock(hdev);
55ed8ca1 1573
a8a1d19e 1574 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1575 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1576 rp.addr.type = cp->addr.type;
a8a1d19e 1577
86a8cfc6 1578 if (!hdev_is_powered(hdev)) {
bdb6d971 1579 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1580 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1581 goto unlock;
1582 }
1583
591f47f3 1584 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1585 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1586 else
1587 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1588
55ed8ca1 1589 if (err < 0) {
bdb6d971 1590 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1591 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1592 goto unlock;
1593 }
1594
86a8cfc6 1595 if (cp->disconnect) {
591f47f3 1596 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1597 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1598 &cp->addr.bdaddr);
86a8cfc6
JH		 1599 else
1600 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1601 &cp->addr.bdaddr);
86a8cfc6
JH		 1602 } else {
1603 conn = NULL;
1604 }
124f6e35 1605
a8a1d19e 1606 if (!conn) {
bdb6d971 1607 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1608 &rp, sizeof(rp));
b1078ad0 1609 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1610 goto unlock;
1611 }
55ed8ca1 1612
124f6e35 1613 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1614 sizeof(*cp));
a8a1d19e
JH		 1615 if (!cmd) {
1616 err = -ENOMEM;
1617 goto unlock;
55ed8ca1
JH		 1618 }
1619
eb55ef07 1620 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1621 dc.reason = 0x13; /* Remote User Terminated Connection */
1622 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1623 if (err < 0)
1624 mgmt_pending_remove(cmd);
1625
55ed8ca1 1626unlock:
09fd0de5 1627 hci_dev_unlock(hdev);
55ed8ca1
JH		 1628 return err;
1629}
1630
bdb6d971 1631static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1632 u16 len)
8962ee74 1633{
650f726d 1634 struct mgmt_cp_disconnect *cp = data;
8962ee74 1635 struct hci_cp_disconnect dc;
366a0336 1636 struct pending_cmd *cmd;
8962ee74 1637 struct hci_conn *conn;
8962ee74
JH		 1638 int err;
1639
1640 BT_DBG("");
1641
09fd0de5 1642 hci_dev_lock(hdev);
8962ee74
JH		 1643
1644 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1645 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1646 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1647 goto failed;
1648 }
1649
2e58ef3e 1650 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1651 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1652 MGMT_STATUS_BUSY);
8962ee74
JH		 1653 goto failed;
1654 }
1655
591f47f3 1656 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1657 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1658 &cp->addr.bdaddr);
88c3df13
JH		 1659 else
1660 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1661
f960727e 1662 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
bdb6d971 1663 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1664 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1665 goto failed;
1666 }
1667
2e58ef3e 1668 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1669 if (!cmd) {
1670 err = -ENOMEM;
8962ee74 1671 goto failed;
366a0336 1672 }
8962ee74 1673
eb55ef07 1674 dc.handle = cpu_to_le16(conn->handle);
3701f944 1675 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1676
1677 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1678 if (err < 0)
a664b5bc 1679 mgmt_pending_remove(cmd);
8962ee74
JH		 1680
1681failed:
09fd0de5 1682 hci_dev_unlock(hdev);
8962ee74
JH		 1683 return err;
1684}
1685
57c1477c 1686static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1687{
1688 switch (link_type) {
1689 case LE_LINK:
48264f06
JH		 1690 switch (addr_type) {
1691 case ADDR_LE_DEV_PUBLIC:
591f47f3 1692 return BDADDR_LE_PUBLIC;
0ed09148 1693
48264f06 1694 default:
0ed09148 1695 /* Fallback to LE Random address type */
591f47f3 1696 return BDADDR_LE_RANDOM;
48264f06 1697 }
0ed09148 1698
4c659c39 1699 default:
0ed09148 1700 /* Fallback to BR/EDR type */
591f47f3 1701 return BDADDR_BREDR;
4c659c39
JH		 1702 }
1703}
1704
04124681
GP		 1705static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1706 u16 data_len)
2784eb41 1707{
2784eb41 1708 struct mgmt_rp_get_connections *rp;
8035ded4 1709 struct hci_conn *c;
a38528f1 1710 size_t rp_len;
60fc5fb6
JH		 1711 int err;
1712 u16 i;
2784eb41
JH		 1713
1714 BT_DBG("");
1715
09fd0de5 1716 hci_dev_lock(hdev);
2784eb41 1717
5f97c1df 1718 if (!hdev_is_powered(hdev)) {
bdb6d971 1719 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1720 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1721 goto unlock;
1722 }
1723
60fc5fb6 1724 i = 0;
b644ba33
JH		 1725 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1726 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1727 i++;
2784eb41
JH		 1728 }
1729
60fc5fb6 1730 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1731 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1732 if (!rp) {
2784eb41
JH		 1733 err = -ENOMEM;
1734 goto unlock;
1735 }
1736
2784eb41 1737 i = 0;
4c659c39 1738 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1739 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1740 continue;
4c659c39 1741 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1742 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1743 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1744 continue;
1745 i++;
1746 }
1747
eb55ef07 1748 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1749
4c659c39
JH		 1750 /* Recalculate length in case of filtered SCO connections, etc */
1751 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1752
bdb6d971 1753 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1754 rp_len);
2784eb41 1755
a38528f1 1756 kfree(rp);
5f97c1df
JH		 1757
1758unlock:
09fd0de5 1759 hci_dev_unlock(hdev);
2784eb41
JH		 1760 return err;
1761}
1762
bdb6d971 1763static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1764 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1765{
1766 struct pending_cmd *cmd;
1767 int err;
1768
2e58ef3e 1769 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1770 sizeof(*cp));
96d97a67
WR		 1771 if (!cmd)
1772 return -ENOMEM;
1773
d8457698 1774 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1775 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1776 if (err < 0)
1777 mgmt_pending_remove(cmd);
1778
1779 return err;
1780}
1781
bdb6d971 1782static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1783 u16 len)
980e1a53 1784{
96d97a67 1785 struct hci_conn *conn;
650f726d 1786 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1787 struct hci_cp_pin_code_reply reply;
366a0336 1788 struct pending_cmd *cmd;
980e1a53
JH		 1789 int err;
1790
1791 BT_DBG("");
1792
09fd0de5 1793 hci_dev_lock(hdev);
980e1a53 1794
4b34ee78 1795 if (!hdev_is_powered(hdev)) {
bdb6d971 1796 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1797 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1798 goto failed;
1799 }
1800
d8457698 1801 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1802 if (!conn) {
bdb6d971 1803 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1804 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1805 goto failed;
1806 }
1807
1808 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1809 struct mgmt_cp_pin_code_neg_reply ncp;
1810
1811 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1812
1813 BT_ERR("PIN code is not 16 bytes long");
1814
bdb6d971 1815 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1816 if (err >= 0)
bdb6d971 1817 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1818 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1819
1820 goto failed;
1821 }
1822
00abfe44 1823 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1824 if (!cmd) {
1825 err = -ENOMEM;
980e1a53 1826 goto failed;
366a0336 1827 }
980e1a53 1828
d8457698 1829 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1830 reply.pin_len = cp->pin_len;
24718ca5 1831 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1832
1833 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1834 if (err < 0)
a664b5bc 1835 mgmt_pending_remove(cmd);
980e1a53
JH		 1836
1837failed:
09fd0de5 1838 hci_dev_unlock(hdev);
980e1a53
JH		 1839 return err;
1840}
1841
04124681
GP		 1842static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1843 u16 len)
17fa4b9d 1844{
650f726d 1845 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1846
1847 BT_DBG("");
1848
09fd0de5 1849 hci_dev_lock(hdev);
17fa4b9d
JH		 1850
1851 hdev->io_capability = cp->io_capability;
1852
1853 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1854 hdev->io_capability);
17fa4b9d 1855
09fd0de5 1856 hci_dev_unlock(hdev);
17fa4b9d 1857
04124681
GP		 1858 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1859 0);
17fa4b9d
JH		 1860}
1861
6039aa73 1862static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1863{
1864 struct hci_dev *hdev = conn->hdev;
8035ded4 1865 struct pending_cmd *cmd;
e9a416b5 1866
2e58ef3e 1867 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1868 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1869 continue;
1870
e9a416b5
JH		 1871 if (cmd->user_data != conn)
1872 continue;
1873
1874 return cmd;
1875 }
1876
1877 return NULL;
1878}
1879
1880static void pairing_complete(struct pending_cmd *cmd, u8 status)
1881{
1882 struct mgmt_rp_pair_device rp;
1883 struct hci_conn *conn = cmd->user_data;
1884
ba4e564f 1885 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1886 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1887
aee9b218 1888 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1889 &rp, sizeof(rp));
e9a416b5
JH		 1890
1891 /* So we don't get further callbacks for this connection */
1892 conn->connect_cfm_cb = NULL;
1893 conn->security_cfm_cb = NULL;
1894 conn->disconn_cfm_cb = NULL;
1895
1896 hci_conn_put(conn);
1897
a664b5bc 1898 mgmt_pending_remove(cmd);
e9a416b5
JH		 1899}
1900
1901static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1902{
1903 struct pending_cmd *cmd;
1904
1905 BT_DBG("status %u", status);
1906
1907 cmd = find_pairing(conn);
56e5cb86 1908 if (!cmd)
e9a416b5 1909 BT_DBG("Unable to find a pending command");
56e5cb86 1910 else
e211326c 1911 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1912}
1913
4c47d739
VA		 1914static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1915{
1916 struct pending_cmd *cmd;
1917
1918 BT_DBG("status %u", status);
1919
1920 if (!status)
1921 return;
1922
1923 cmd = find_pairing(conn);
1924 if (!cmd)
1925 BT_DBG("Unable to find a pending command");
1926 else
1927 pairing_complete(cmd, mgmt_status(status));
1928}
1929
bdb6d971 1930static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1931 u16 len)
e9a416b5 1932{
650f726d 1933 struct mgmt_cp_pair_device *cp = data;
1425acb7 1934 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1935 struct pending_cmd *cmd;
1936 u8 sec_level, auth_type;
1937 struct hci_conn *conn;
e9a416b5
JH		 1938 int err;
1939
1940 BT_DBG("");
1941
f950a30e
SJ		 1942 memset(&rp, 0, sizeof(rp));
1943 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1944 rp.addr.type = cp->addr.type;
1945
09fd0de5 1946 hci_dev_lock(hdev);
e9a416b5 1947
5f97c1df 1948 if (!hdev_is_powered(hdev)) {
f950a30e
SJ		 1949 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
1950 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
5f97c1df
JH		 1951 goto unlock;
1952 }
1953
c908df36
VCG		 1954 sec_level = BT_SECURITY_MEDIUM;
1955 if (cp->io_cap == 0x03)
e9a416b5 1956 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1957 else
e9a416b5 1958 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1959
591f47f3 1960 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1961 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1962 cp->addr.type, sec_level, auth_type);
7a512d01 1963 else
b12f62cf
AG		 1964 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1965 cp->addr.type, sec_level, auth_type);
7a512d01 1966
30e76272 1967 if (IS_ERR(conn)) {
489dc48e
AK		 1968 int status;
1969
1970 if (PTR_ERR(conn) == -EBUSY)
1971 status = MGMT_STATUS_BUSY;
1972 else
1973 status = MGMT_STATUS_CONNECT_FAILED;
1974
bdb6d971 1975 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 1976 status, &rp,
04124681 1977 sizeof(rp));
e9a416b5
JH		 1978 goto unlock;
1979 }
1980
1981 if (conn->connect_cfm_cb) {
1982 hci_conn_put(conn);
bdb6d971 1983 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1984 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1985 goto unlock;
1986 }
1987
2e58ef3e 1988 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1989 if (!cmd) {
1990 err = -ENOMEM;
1991 hci_conn_put(conn);
1992 goto unlock;
1993 }
1994
7a512d01 1995 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 1996 if (cp->addr.type == BDADDR_BREDR)
7a512d01 1997 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 1998 else
1999 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 2000
e9a416b5
JH		 2001 conn->security_cfm_cb = pairing_complete_cb;
2002 conn->disconn_cfm_cb = pairing_complete_cb;
2003 conn->io_capability = cp->io_cap;
2004 cmd->user_data = conn;
2005
2006 if (conn->state == BT_CONNECTED &&
8ce8e2b5 2007 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 2008 pairing_complete(cmd, 0);
2009
2010 err = 0;
2011
2012unlock:
09fd0de5 2013 hci_dev_unlock(hdev);
e9a416b5
JH		 2014 return err;
2015}
2016
04124681
GP		 2017static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
2018 u16 len)
28424707 2019{
0f4e68cf 2020 struct mgmt_addr_info *addr = data;
28424707
JH		 2021 struct pending_cmd *cmd;
2022 struct hci_conn *conn;
2023 int err;
2024
2025 BT_DBG("");
2026
28424707
JH		 2027 hci_dev_lock(hdev);
2028
5f97c1df 2029 if (!hdev_is_powered(hdev)) {
bdb6d971 2030 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2031 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 2032 goto unlock;
2033 }
2034
28424707
JH		 2035 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
2036 if (!cmd) {
bdb6d971 2037 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2038 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2039 goto unlock;
2040 }
2041
2042 conn = cmd->user_data;
2043
2044 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2045 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2046 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2047 goto unlock;
2048 }
2049
2050 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2051
bdb6d971 2052 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2053 addr, sizeof(*addr));
28424707
JH		 2054unlock:
2055 hci_dev_unlock(hdev);
28424707
JH		 2056 return err;
2057}
2058
bdb6d971 2059static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2060 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2061 u16 hci_op, __le32 passkey)
a5c29683 2062{
a5c29683 2063 struct pending_cmd *cmd;
0df4c185 2064 struct hci_conn *conn;
a5c29683
JH		 2065 int err;
2066
09fd0de5 2067 hci_dev_lock(hdev);
08ba5382 2068
4b34ee78 2069 if (!hdev_is_powered(hdev)) {
bdb6d971 2070 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2071 MGMT_STATUS_NOT_POWERED);
0df4c185 2072 goto done;
a5c29683
JH		 2073 }
2074
591f47f3 2075 if (type == BDADDR_BREDR)
272d90df
JH		 2076 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2077 else
47c15e2b 2078 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2079
2080 if (!conn) {
bdb6d971 2081 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2082 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2083 goto done;
2084 }
47c15e2b 2085
591f47f3 2086 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2087 /* Continue with pairing via SMP */
5fe57d9e
BG		 2088 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2089
2090 if (!err)
bdb6d971 2091 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2092 MGMT_STATUS_SUCCESS);
5fe57d9e 2093 else
bdb6d971 2094 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2095 MGMT_STATUS_FAILED);
47c15e2b 2096
47c15e2b
BG		 2097 goto done;
2098 }
2099
0df4c185 2100 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2101 if (!cmd) {
2102 err = -ENOMEM;
0df4c185 2103 goto done;
a5c29683
JH		 2104 }
2105
0df4c185 2106 /* Continue with pairing via HCI */
604086b7
BG		 2107 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2108 struct hci_cp_user_passkey_reply cp;
2109
2110 bacpy(&cp.bdaddr, bdaddr);
2111 cp.passkey = passkey;
2112 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2113 } else
2114 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2115
a664b5bc
JH		 2116 if (err < 0)
2117 mgmt_pending_remove(cmd);
a5c29683 2118
0df4c185 2119done:
09fd0de5 2120 hci_dev_unlock(hdev);
a5c29683
JH		 2121 return err;
2122}
2123
afeb019d
JK		 2124static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2125 void *data, u16 len)
2126{
2127 struct mgmt_cp_pin_code_neg_reply *cp = data;
2128
2129 BT_DBG("");
2130
2131 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2132 MGMT_OP_PIN_CODE_NEG_REPLY,
2133 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2134}
2135
04124681
GP		 2136static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2137 u16 len)
0df4c185 2138{
650f726d 2139 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2140
2141 BT_DBG("");
2142
2143 if (len != sizeof(*cp))
bdb6d971 2144 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2145 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2146
bdb6d971 2147 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2148 MGMT_OP_USER_CONFIRM_REPLY,
2149 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2150}
2151
bdb6d971 2152static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2153 void *data, u16 len)
0df4c185 2154{
c9c2659f 2155 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2156
2157 BT_DBG("");
2158
bdb6d971 2159 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2160 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2161 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2162}
2163
04124681
GP		 2164static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2165 u16 len)
604086b7 2166{
650f726d 2167 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2168
2169 BT_DBG("");
2170
bdb6d971 2171 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2172 MGMT_OP_USER_PASSKEY_REPLY,
2173 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2174}
2175
bdb6d971 2176static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2177 void *data, u16 len)
604086b7 2178{
650f726d 2179 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2180
2181 BT_DBG("");
2182
bdb6d971 2183 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2184 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2185 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2186}
2187
2b4bf397
JH		 2188static int update_name(struct hci_dev *hdev, const char *name)
2189{
2190 struct hci_cp_write_local_name cp;
2191
2192 memcpy(cp.name, name, sizeof(cp.name));
2193
2194 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2195}
2196
bdb6d971 2197static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2198 u16 len)
b312b161 2199{
2b4bf397 2200 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2201 struct pending_cmd *cmd;
2202 int err;
2203
2204 BT_DBG("");
2205
09fd0de5 2206 hci_dev_lock(hdev);
b312b161 2207
2b4bf397 2208 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2209
b5235a65 2210 if (!hdev_is_powered(hdev)) {
2b4bf397 2211 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2212
2213 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2214 data, len);
28cc7bde
JH		 2215 if (err < 0)
2216 goto failed;
2217
2218 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2219 sk);
28cc7bde 2220
b5235a65
JH		 2221 goto failed;
2222 }
2223
28cc7bde 2224 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2225 if (!cmd) {
2226 err = -ENOMEM;
2227 goto failed;
2228 }
2229
2b4bf397 2230 err = update_name(hdev, cp->name);
b312b161
JH		 2231 if (err < 0)
2232 mgmt_pending_remove(cmd);
2233
2234failed:
09fd0de5 2235 hci_dev_unlock(hdev);
b312b161
JH		 2236 return err;
2237}
2238
0f4e68cf 2239static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2240 void *data, u16 data_len)
c35938b2 2241{
c35938b2
SJ		 2242 struct pending_cmd *cmd;
2243 int err;
2244
bdb6d971 2245 BT_DBG("%s", hdev->name);
c35938b2 2246
09fd0de5 2247 hci_dev_lock(hdev);
c35938b2 2248
4b34ee78 2249 if (!hdev_is_powered(hdev)) {
bdb6d971 2250 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2251 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2252 goto unlock;
2253 }
2254
9a1a1996 2255 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2256 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2257 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2258 goto unlock;
2259 }
2260
2e58ef3e 2261 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2262 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2263 MGMT_STATUS_BUSY);
c35938b2
SJ		 2264 goto unlock;
2265 }
2266
2e58ef3e 2267 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2268 if (!cmd) {
2269 err = -ENOMEM;
2270 goto unlock;
2271 }
2272
2273 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2274 if (err < 0)
2275 mgmt_pending_remove(cmd);
2276
2277unlock:
09fd0de5 2278 hci_dev_unlock(hdev);
c35938b2
SJ		 2279 return err;
2280}
2281
bdb6d971 2282static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2283 void *data, u16 len)
2763eda6 2284{
650f726d 2285 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2286 u8 status;
2763eda6
SJ		 2287 int err;
2288
bdb6d971 2289 BT_DBG("%s ", hdev->name);
2763eda6 2290
09fd0de5 2291 hci_dev_lock(hdev);
2763eda6 2292
664ce4cc 2293 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2294 cp->randomizer);
2763eda6 2295 if (err < 0)
bf1e3541 2296 status = MGMT_STATUS_FAILED;
2763eda6 2297 else
a6785be2 2298 status = MGMT_STATUS_SUCCESS;
bf1e3541 2299
bdb6d971 2300 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2301 &cp->addr, sizeof(cp->addr));
2763eda6 2302
09fd0de5 2303 hci_dev_unlock(hdev);
2763eda6
SJ		 2304 return err;
2305}
2306
bdb6d971 2307static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2308 void *data, u16 len)
2763eda6 2309{
650f726d 2310 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2311 u8 status;
2763eda6
SJ		 2312 int err;
2313
bdb6d971 2314 BT_DBG("%s", hdev->name);
2763eda6 2315
09fd0de5 2316 hci_dev_lock(hdev);
2763eda6 2317
664ce4cc 2318 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2319 if (err < 0)
bf1e3541 2320 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2321 else
a6785be2 2322 status = MGMT_STATUS_SUCCESS;
bf1e3541 2323
bdb6d971 2324 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2325 status, &cp->addr, sizeof(cp->addr));
2763eda6 2326
09fd0de5 2327 hci_dev_unlock(hdev);
2763eda6
SJ		 2328 return err;
2329}
2330
5e0452c0
AG		 2331int mgmt_interleaved_discovery(struct hci_dev *hdev)
2332{
2333 int err;
2334
2335 BT_DBG("%s", hdev->name);
2336
2337 hci_dev_lock(hdev);
2338
2339 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2340 if (err < 0)
2341 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2342
2343 hci_dev_unlock(hdev);
2344
2345 return err;
2346}
2347
bdb6d971 2348static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2349 void *data, u16 len)
14a53664 2350{
650f726d 2351 struct mgmt_cp_start_discovery *cp = data;
14a53664 2352 struct pending_cmd *cmd;
14a53664
JH		 2353 int err;
2354
bdb6d971 2355 BT_DBG("%s", hdev->name);
14a53664 2356
09fd0de5 2357 hci_dev_lock(hdev);
14a53664 2358
4b34ee78 2359 if (!hdev_is_powered(hdev)) {
bdb6d971 2360 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2361 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2362 goto failed;
2363 }
2364
642be6c7
AG		 2365 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2366 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2367 MGMT_STATUS_BUSY);
2368 goto failed;
2369 }
2370
ff9ef578 2371 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2372 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2373 MGMT_STATUS_BUSY);
ff9ef578
JH		 2374 goto failed;
2375 }
2376
2e58ef3e 2377 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2378 if (!cmd) {
2379 err = -ENOMEM;
2380 goto failed;
2381 }
2382
4aab14e5
AG		 2383 hdev->discovery.type = cp->type;
2384
2385 switch (hdev->discovery.type) {
f39799f5 2386 case DISCOV_TYPE_BREDR:
04106755
JH		 2387 if (!lmp_bredr_capable(hdev)) {
2388 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2389 MGMT_STATUS_NOT_SUPPORTED);
2390 mgmt_pending_remove(cmd);
2391 goto failed;
2392 }
2393
2394 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
f39799f5
AG		 2395 break;
2396
2397 case DISCOV_TYPE_LE:
04106755
JH		 2398 if (!lmp_host_le_capable(hdev)) {
2399 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2400 MGMT_STATUS_NOT_SUPPORTED);
2401 mgmt_pending_remove(cmd);
2402 goto failed;
2403 }
2404
2405 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2406 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
f39799f5
AG		 2407 break;
2408
5e0452c0 2409 case DISCOV_TYPE_INTERLEAVED:
04106755
JH		 2410 if (!lmp_host_le_capable(hdev) || !lmp_bredr_capable(hdev)) {
2411 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2412 MGMT_STATUS_NOT_SUPPORTED);
2413 mgmt_pending_remove(cmd);
2414 goto failed;
2415 }
2416
2417 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT, LE_SCAN_WIN,
2418 LE_SCAN_TIMEOUT_BREDR_LE);
5e0452c0
AG		 2419 break;
2420
f39799f5 2421 default:
04106755
JH		 2422 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2423 MGMT_STATUS_INVALID_PARAMS);
2424 mgmt_pending_remove(cmd);
2425 goto failed;
f39799f5 2426 }
3fd24153 2427
14a53664
JH		 2428 if (err < 0)
2429 mgmt_pending_remove(cmd);
ff9ef578
JH		 2430 else
2431 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2432
2433failed:
09fd0de5 2434 hci_dev_unlock(hdev);
14a53664
JH		 2435 return err;
2436}
2437
bdb6d971 2438static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2439 u16 len)
14a53664 2440{
d930650b 2441 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2442 struct pending_cmd *cmd;
30dc78e1
JH		 2443 struct hci_cp_remote_name_req_cancel cp;
2444 struct inquiry_entry *e;
14a53664
JH		 2445 int err;
2446
bdb6d971 2447 BT_DBG("%s", hdev->name);
14a53664 2448
09fd0de5 2449 hci_dev_lock(hdev);
14a53664 2450
30dc78e1 2451 if (!hci_discovery_active(hdev)) {
bdb6d971 2452 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2453 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2454 sizeof(mgmt_cp->type));
d930650b
JH		 2455 goto unlock;
2456 }
2457
2458 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2459 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2460 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2461 sizeof(mgmt_cp->type));
30dc78e1 2462 goto unlock;
ff9ef578
JH		 2463 }
2464
2e58ef3e 2465 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2466 if (!cmd) {
2467 err = -ENOMEM;
30dc78e1
JH		 2468 goto unlock;
2469 }
2470
e0d9727e
AG		 2471 switch (hdev->discovery.state) {
2472 case DISCOVERY_FINDING:
c9ecc48e
AG		 2473 if (test_bit(HCI_INQUIRY, &hdev->flags))
2474 err = hci_cancel_inquiry(hdev);
2475 else
2476 err = hci_cancel_le_scan(hdev);
2477
e0d9727e
AG		 2478 break;
2479
2480 case DISCOVERY_RESOLVING:
2481 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2482 NAME_PENDING);
e0d9727e 2483 if (!e) {
30dc78e1 2484 mgmt_pending_remove(cmd);
e0d9727e
AG		 2485 err = cmd_complete(sk, hdev->id,
2486 MGMT_OP_STOP_DISCOVERY, 0,
2487 &mgmt_cp->type,
2488 sizeof(mgmt_cp->type));
2489 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2490 goto unlock;
2491 }
30dc78e1 2492
e0d9727e
AG		 2493 bacpy(&cp.bdaddr, &e->data.bdaddr);
2494 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2495 sizeof(cp), &cp);
2496
2497 break;
2498
2499 default:
2500 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2501 err = -EFAULT;
14a53664
JH		 2502 }
2503
14a53664
JH		 2504 if (err < 0)
2505 mgmt_pending_remove(cmd);
ff9ef578
JH		 2506 else
2507 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2508
30dc78e1 2509unlock:
09fd0de5 2510 hci_dev_unlock(hdev);
14a53664
JH		 2511 return err;
2512}
2513
bdb6d971 2514static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2515 u16 len)
561aafbc 2516{
650f726d 2517 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2518 struct inquiry_entry *e;
561aafbc
JH		 2519 int err;
2520
bdb6d971 2521 BT_DBG("%s", hdev->name);
561aafbc 2522
561aafbc
JH		 2523 hci_dev_lock(hdev);
2524
30dc78e1 2525 if (!hci_discovery_active(hdev)) {
bdb6d971 2526 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2527 MGMT_STATUS_FAILED);
30dc78e1
JH		 2528 goto failed;
2529 }
2530
a198e7b1 2531 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2532 if (!e) {
bdb6d971 2533 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2534 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2535 goto failed;
2536 }
2537
2538 if (cp->name_known) {
2539 e->name_state = NAME_KNOWN;
2540 list_del(&e->list);
2541 } else {
2542 e->name_state = NAME_NEEDED;
a3d4e20a 2543 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2544 }
2545
e384662b
JH		 2546 err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr,
2547 sizeof(cp->addr));
561aafbc
JH		 2548
2549failed:
2550 hci_dev_unlock(hdev);
561aafbc
JH		 2551 return err;
2552}
2553
bdb6d971 2554static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2555 u16 len)
7fbec224 2556{
650f726d 2557 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2558 u8 status;
7fbec224
AJ		 2559 int err;
2560
bdb6d971 2561 BT_DBG("%s", hdev->name);
7fbec224 2562
09fd0de5 2563 hci_dev_lock(hdev);
5e762444 2564
88c1fe4b 2565 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2566 if (err < 0)
f0eeea8b 2567 status = MGMT_STATUS_FAILED;
7fbec224 2568 else
a6785be2 2569 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2570
bdb6d971 2571 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2572 &cp->addr, sizeof(cp->addr));
5e762444 2573
09fd0de5 2574 hci_dev_unlock(hdev);
7fbec224
AJ		 2575
2576 return err;
2577}
2578
bdb6d971 2579static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2580 u16 len)
7fbec224 2581{
650f726d 2582 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2583 u8 status;
7fbec224
AJ		 2584 int err;
2585
bdb6d971 2586 BT_DBG("%s", hdev->name);
7fbec224 2587
09fd0de5 2588 hci_dev_lock(hdev);
5e762444 2589
88c1fe4b 2590 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2591 if (err < 0)
f0eeea8b 2592 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2593 else
a6785be2 2594 status = MGMT_STATUS_SUCCESS;
f0eeea8b 2595
bdb6d971 2596 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2597 &cp->addr, sizeof(cp->addr));
5e762444 2598
09fd0de5 2599 hci_dev_unlock(hdev);
7fbec224
AJ		 2600
2601 return err;
2602}
2603
cdbaccca
MH		 2604static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2605 u16 len)
2606{
2607 struct mgmt_cp_set_device_id *cp = data;
2608 int err;
c72d4b8a 2609 __u16 source;
cdbaccca
MH		 2610
2611 BT_DBG("%s", hdev->name);
2612
c72d4b8a
SJ		 2613 source = __le16_to_cpu(cp->source);
2614
2615 if (source > 0x0002)
2616 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2617 MGMT_STATUS_INVALID_PARAMS);
2618
cdbaccca
MH		 2619 hci_dev_lock(hdev);
2620
c72d4b8a 2621 hdev->devid_source = source;
cdbaccca
MH		 2622 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2623 hdev->devid_product = __le16_to_cpu(cp->product);
2624 hdev->devid_version = __le16_to_cpu(cp->version);
2625
2626 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2627
2628 update_eir(hdev);
2629
2630 hci_dev_unlock(hdev);
2631
2632 return err;
2633}
2634
bdb6d971 2635static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2636 void *data, u16 len)
f6422ec6 2637{
650f726d 2638 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2639 struct hci_cp_write_page_scan_activity acp;
2640 u8 type;
2641 int err;
2642
bdb6d971 2643 BT_DBG("%s", hdev->name);
f6422ec6 2644
33c525c0
JH		 2645 if (!lmp_bredr_capable(hdev))
2646 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2647 MGMT_STATUS_NOT_SUPPORTED);
2648
a7e80f25
JH		 2649 if (cp->val != 0x00 && cp->val != 0x01)
2650 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2651 MGMT_STATUS_INVALID_PARAMS);
2652
5400c044 2653 if (!hdev_is_powered(hdev))
bdb6d971 2654 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2655 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2656
2657 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2658 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2659 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2660
2661 hci_dev_lock(hdev);
2662
f7c6869c 2663 if (cp->val) {
f6422ec6 2664 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8 2665
83ce9a06
JH		 2666 /* 160 msec page scan interval */
2667 acp.interval = __constant_cpu_to_le16(0x0100);
f6422ec6
AJ		 2668 } else {
2669 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2670
2671 /* default 1.28 sec page scan */
2672 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2673 }
2674
76ec9de8
AE		 2675 /* default 11.25 msec page scan window */
2676 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2677
04124681
GP		 2678 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2679 &acp);
f6422ec6 2680 if (err < 0) {
bdb6d971 2681 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2682 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2683 goto done;
2684 }
2685
2686 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2687 if (err < 0) {
bdb6d971 2688 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2689 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2690 goto done;
2691 }
2692
bdb6d971 2693 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2694 NULL, 0);
f6422ec6
AJ		 2695done:
2696 hci_dev_unlock(hdev);
f6422ec6
AJ		 2697 return err;
2698}
2699
bdb6d971 2700static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2701 void *cp_data, u16 len)
346af67b 2702{
346af67b
VCG		 2703 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2704 u16 key_count, expected_len;
715a5bf2 2705 int i, err;
346af67b 2706
1f350c87 2707 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2708
2709 expected_len = sizeof(*cp) + key_count *
2710 sizeof(struct mgmt_ltk_info);
2711 if (expected_len != len) {
2712 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2713 len, expected_len);
bdb6d971 2714 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2715 EINVAL);
346af67b
VCG		 2716 }
2717
bdb6d971 2718 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2719
2720 hci_dev_lock(hdev);
2721
2722 hci_smp_ltks_clear(hdev);
2723
2724 for (i = 0; i < key_count; i++) {
2725 struct mgmt_ltk_info *key = &cp->keys[i];
2726 u8 type;
2727
2728 if (key->master)
2729 type = HCI_SMP_LTK;
2730 else
2731 type = HCI_SMP_LTK_SLAVE;
2732
4596fde5 2733 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2734 bdaddr_to_le(key->addr.type),
04124681
GP		 2735 type, 0, key->authenticated, key->val,
2736 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2737 }
2738
715a5bf2
JH		 2739 err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0,
2740 NULL, 0);
2741
346af67b 2742 hci_dev_unlock(hdev);
346af67b 2743
715a5bf2 2744 return err;
346af67b
VCG		 2745}
2746
2e3c35ea 2747static const struct mgmt_handler {
04124681
GP		 2748 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2749 u16 data_len);
be22b54e
JH		 2750 bool var_len;
2751 size_t data_len;
0f4e68cf
JH		 2752} mgmt_handlers[] = {
2753 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2754 { read_version, false, MGMT_READ_VERSION_SIZE },
2755 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2756 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2757 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2758 { set_powered, false, MGMT_SETTING_SIZE },
2759 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2760 { set_connectable, false, MGMT_SETTING_SIZE },
2761 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2762 { set_pairable, false, MGMT_SETTING_SIZE },
2763 { set_link_security, false, MGMT_SETTING_SIZE },
2764 { set_ssp, false, MGMT_SETTING_SIZE },
2765 { set_hs, false, MGMT_SETTING_SIZE },
2766 { set_le, false, MGMT_SETTING_SIZE },
2767 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2768 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2769 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2770 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2771 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2772 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2773 { disconnect, false, MGMT_DISCONNECT_SIZE },
2774 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2775 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2776 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2777 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2778 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2779 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2780 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2781 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2782 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2783 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2784 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2785 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2786 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2787 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2788 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2789 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2790 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2791 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2792 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2793 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2794};
2795
2796
0381101f
JH		 2797int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2798{
650f726d
VCG		 2799 void *buf;
2800 u8 *cp;
0381101f 2801 struct mgmt_hdr *hdr;
4e51eae9 2802 u16 opcode, index, len;
bdb6d971 2803 struct hci_dev *hdev = NULL;
2e3c35ea 2804 const struct mgmt_handler *handler;
0381101f
JH		 2805 int err;
2806
2807 BT_DBG("got %zu bytes", msglen);
2808
2809 if (msglen < sizeof(*hdr))
2810 return -EINVAL;
2811
e63a15ec 2812 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2813 if (!buf)
2814 return -ENOMEM;
2815
2816 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2817 err = -EFAULT;
2818 goto done;
2819 }
2820
650f726d 2821 hdr = buf;
1f350c87
MH		 2822 opcode = __le16_to_cpu(hdr->opcode);
2823 index = __le16_to_cpu(hdr->index);
2824 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2825
2826 if (len != msglen - sizeof(*hdr)) {
2827 err = -EINVAL;
2828 goto done;
2829 }
2830
0f4e68cf 2831 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2832 hdev = hci_dev_get(index);
2833 if (!hdev) {
2834 err = cmd_status(sk, index, opcode,
04124681 2835 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2836 goto done;
2837 }
2838 }
2839
0f4e68cf 2840 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2841 mgmt_handlers[opcode].func == NULL) {
0381101f 2842 BT_DBG("Unknown op %u", opcode);
ca69b795 2843 err = cmd_status(sk, index, opcode,
04124681 2844 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2845 goto done;
2846 }
2847
2848 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2849 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2850 err = cmd_status(sk, index, opcode,
04124681 2851 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2852 goto done;
0381101f
JH		 2853 }
2854
be22b54e
JH		 2855 handler = &mgmt_handlers[opcode];
2856
2857 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2858 (!handler->var_len && len != handler->data_len)) {
be22b54e 2859 err = cmd_status(sk, index, opcode,
04124681 2860 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2861 goto done;
2862 }
2863
0f4e68cf
JH		 2864 if (hdev)
2865 mgmt_init_hdev(sk, hdev);
2866
2867 cp = buf + sizeof(*hdr);
2868
be22b54e 2869 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2870 if (err < 0)
2871 goto done;
2872
0381101f
JH		 2873 err = msglen;
2874
2875done:
bdb6d971
JH		 2876 if (hdev)
2877 hci_dev_put(hdev);
2878
0381101f
JH		 2879 kfree(buf);
2880 return err;
2881}
c71e97bf 2882
b24752fe
JH		 2883static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2884{
2885 u8 *status = data;
2886
2887 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2888 mgmt_pending_remove(cmd);
2889}
2890
744cf19e 2891int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2892{
bb4b2a9a
AE		 2893 if (!mgmt_valid_hdev(hdev))
2894 return -ENOTSUPP;
2895
744cf19e 2896 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2897}
2898
744cf19e 2899int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2900{
5f159032 2901 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2902
bb4b2a9a
AE		 2903 if (!mgmt_valid_hdev(hdev))
2904 return -ENOTSUPP;
2905
744cf19e 2906 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2907
744cf19e 2908 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2909}
2910
73f22f62 2911struct cmd_lookup {
eec8d2bc 2912 struct sock *sk;
69ab39ea 2913 struct hci_dev *hdev;
90e70454 2914 u8 mgmt_status;
eec8d2bc
JH		 2915};
2916
69ab39ea 2917static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2918{
73f22f62 2919 struct cmd_lookup *match = data;
eec8d2bc 2920
69ab39ea 2921 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2922
2923 list_del(&cmd->list);
2924
2925 if (match->sk == NULL) {
2926 match->sk = cmd->sk;
2927 sock_hold(match->sk);
2928 }
2929
2930 mgmt_pending_free(cmd);
c71e97bf 2931}
5add6af8 2932
7f0ae647
JH		 2933static int set_bredr_scan(struct hci_dev *hdev)
2934{
2935 u8 scan = 0;
2936
2937 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2938 scan |= SCAN_PAGE;
2939 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2940 scan |= SCAN_INQUIRY;
2941
2942 if (!scan)
2943 return 0;
2944
2945 return hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2946}
2947
744cf19e 2948int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2949{
76a7f3a4 2950 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2951 int err;
5add6af8 2952
5e5282bb
JH		 2953 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2954 return 0;
2955
69ab39ea 2956 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2957
5e5282bb 2958 if (powered) {
6b4b73ee
JH		 2959 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
2960 !lmp_host_ssp_capable(hdev)) {
3d1cbdd6
AK		 2961 u8 ssp = 1;
2962
2963 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
2964 }
2965
562fcc24
AK		 2966 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
2967 struct hci_cp_write_le_host_supported cp;
2968
2969 cp.le = 1;
ffa88e02 2970 cp.simul = lmp_le_br_capable(hdev);
562fcc24 2971
430a61b8
JH		 2972 /* Check first if we already have the right
2973 * host state (host features set)
2974 */
ffa88e02
GP		 2975 if (cp.le != lmp_host_le_capable(hdev) ||
2976 cp.simul != lmp_host_le_br_capable(hdev))
430a61b8
JH		 2977 hci_send_cmd(hdev,
2978 HCI_OP_WRITE_LE_HOST_SUPPORTED,
2979 sizeof(cp), &cp);
562fcc24
AK		 2980 }
2981
7f0ae647
JH		 2982 if (lmp_bredr_capable(hdev)) {
2983 set_bredr_scan(hdev);
2984 update_class(hdev);
2985 update_name(hdev, hdev->dev_name);
2986 update_eir(hdev);
2987 }
5e5282bb 2988 } else {
d4f68526 2989 u8 status = MGMT_STATUS_NOT_POWERED;
fe038884
JH		 2990 u8 zero_cod[] = { 0, 0, 0 };
2991
744cf19e 2992 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
fe038884
JH		 2993
2994 if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0)
2995 mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev,
2996 zero_cod, sizeof(zero_cod), NULL);
b24752fe
JH		 2997 }
2998
beadb2bd 2999 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 3000
3001 if (match.sk)
3002 sock_put(match.sk);
3003
7bb895d6 3004 return err;
5add6af8 3005}
73f22f62 3006
744cf19e 3007int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 3008{
76a7f3a4 3009 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3010 bool changed = false;
3011 int err = 0;
73f22f62 3012
5e5282bb
JH		 3013 if (discoverable) {
3014 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3015 changed = true;
3016 } else {
3017 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
3018 changed = true;
3019 }
73f22f62 3020
ed9b5f2f 3021 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 3022 &match);
ed9b5f2f 3023
beadb2bd
JH		 3024 if (changed)
3025 err = new_settings(hdev, match.sk);
5e5282bb 3026
73f22f62
JH		 3027 if (match.sk)
3028 sock_put(match.sk);
3029
7bb895d6 3030 return err;
73f22f62 3031}
9fbcbb45 3032
744cf19e 3033int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 3034{
76a7f3a4 3035 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 3036 bool changed = false;
3037 int err = 0;
9fbcbb45 3038
5e5282bb
JH		 3039 if (connectable) {
3040 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3041 changed = true;
3042 } else {
3043 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
3044 changed = true;
3045 }
9fbcbb45 3046
ed9b5f2f 3047 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 3048 &match);
ed9b5f2f 3049
beadb2bd
JH		 3050 if (changed)
3051 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 3052
3053 if (match.sk)
3054 sock_put(match.sk);
3055
7bb895d6 3056 return err;
9fbcbb45 3057}
55ed8ca1 3058
744cf19e 3059int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3060{
ca69b795
JH		 3061 u8 mgmt_err = mgmt_status(status);
3062
2d7cee58 3063 if (scan & SCAN_PAGE)
744cf19e 3064 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 3065 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3066
3067 if (scan & SCAN_INQUIRY)
744cf19e 3068 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 3069 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3070
3071 return 0;
3072}
3073
53168e5b
CC		 3074int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3075 bool persistent)
55ed8ca1 3076{
86742e1e 3077 struct mgmt_ev_new_link_key ev;
55ed8ca1 3078
a492cd52 3079 memset(&ev, 0, sizeof(ev));
55ed8ca1 3080
a492cd52 3081 ev.store_hint = persistent;
d753fdc4 3082 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3083 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3084 ev.key.type = key->type;
9b3b4460 3085 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3086 ev.key.pin_len = key->pin_len;
55ed8ca1 3087
744cf19e 3088 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3089}
f7520543 3090
346af67b
VCG		 3091int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3092{
3093 struct mgmt_ev_new_long_term_key ev;
3094
3095 memset(&ev, 0, sizeof(ev));
3096
3097 ev.store_hint = persistent;
3098 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3099 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3100 ev.key.authenticated = key->authenticated;
3101 ev.key.enc_size = key->enc_size;
3102 ev.key.ediv = key->ediv;
3103
3104 if (key->type == HCI_SMP_LTK)
3105 ev.key.master = 1;
3106
3107 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3108 memcpy(ev.key.val, key->val, sizeof(key->val));
3109
04124681
GP		 3110 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3111 NULL);
346af67b
VCG		 3112}
3113
afc747a6 3114int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3115 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3116 u8 *dev_class)
f7520543 3117{
b644ba33
JH		 3118 char buf[512];
3119 struct mgmt_ev_device_connected *ev = (void *) buf;
3120 u16 eir_len = 0;
f7520543 3121
b644ba33 3122 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3123 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3124
c95f0ba7 3125 ev->flags = __cpu_to_le32(flags);
08c79b61 3126
b644ba33
JH		 3127 if (name_len > 0)
3128 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3129 name, name_len);
b644ba33
JH		 3130
3131 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3132 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3133 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3134
eb55ef07 3135 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3136
3137 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3138 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3139}
3140
8962ee74
JH		 3141static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3142{
c68fb7ff 3143 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3144 struct sock **sk = data;
a38528f1 3145 struct mgmt_rp_disconnect rp;
8962ee74 3146
88c3df13
JH		 3147 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3148 rp.addr.type = cp->addr.type;
8962ee74 3149
aee9b218 3150 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3151 sizeof(rp));
8962ee74
JH		 3152
3153 *sk = cmd->sk;
3154 sock_hold(*sk);
3155
a664b5bc 3156 mgmt_pending_remove(cmd);
8962ee74
JH		 3157}
3158
124f6e35 3159static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3160{
b1078ad0 3161 struct hci_dev *hdev = data;
124f6e35
JH		 3162 struct mgmt_cp_unpair_device *cp = cmd->param;
3163 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3164
3165 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3166 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3167 rp.addr.type = cp->addr.type;
a8a1d19e 3168
b1078ad0
JH		 3169 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3170
aee9b218 3171 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3172
3173 mgmt_pending_remove(cmd);
3174}
3175
afc747a6 3176int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3177 u8 link_type, u8 addr_type, u8 reason)
f7520543 3178{
f0d6a0ea 3179 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3180 struct sock *sk = NULL;
3181 int err;
3182
744cf19e 3183 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3184
f0d6a0ea
MA		 3185 bacpy(&ev.addr.bdaddr, bdaddr);
3186 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3187 ev.reason = reason;
f7520543 3188
afc747a6 3189 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3190 sk);
8962ee74
JH		 3191
3192 if (sk)
d97dcb66 3193 sock_put(sk);
8962ee74 3194
124f6e35 3195 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3196 hdev);
a8a1d19e 3197
8962ee74
JH		 3198 return err;
3199}
3200
88c3df13 3201int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3202 u8 link_type, u8 addr_type, u8 status)
8962ee74 3203{
88c3df13 3204 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3205 struct pending_cmd *cmd;
3206 int err;
3207
36a75f1b
JD		 3208 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3209 hdev);
3210
2e58ef3e 3211 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3212 if (!cmd)
3213 return -ENOENT;
3214
88c3df13 3215 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3216 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3217
88c3df13 3218 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3219 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3220
a664b5bc 3221 mgmt_pending_remove(cmd);
8962ee74
JH		 3222
3223 return err;
f7520543 3224}
17d5c04c 3225
48264f06 3226int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3227 u8 addr_type, u8 status)
17d5c04c
JH		 3228{
3229 struct mgmt_ev_connect_failed ev;
3230
4c659c39 3231 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3232 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3233 ev.status = mgmt_status(status);
17d5c04c 3234
744cf19e 3235 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3236}
980e1a53 3237
744cf19e 3238int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3239{
3240 struct mgmt_ev_pin_code_request ev;
3241
d8457698 3242 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3243 ev.addr.type = BDADDR_BREDR;
a770bb5a 3244 ev.secure = secure;
980e1a53 3245
744cf19e 3246 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3247 NULL);
980e1a53
JH		 3248}
3249
744cf19e 3250int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3251 u8 status)
980e1a53
JH		 3252{
3253 struct pending_cmd *cmd;
ac56fb13 3254 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3255 int err;
3256
2e58ef3e 3257 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3258 if (!cmd)
3259 return -ENOENT;
3260
d8457698 3261 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3262 rp.addr.type = BDADDR_BREDR;
ac56fb13 3263
aee9b218 3264 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3265 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3266
a664b5bc 3267 mgmt_pending_remove(cmd);
980e1a53
JH		 3268
3269 return err;
3270}
3271
744cf19e 3272int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3273 u8 status)
980e1a53
JH		 3274{
3275 struct pending_cmd *cmd;
ac56fb13 3276 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3277 int err;
3278
2e58ef3e 3279 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3280 if (!cmd)
3281 return -ENOENT;
3282
d8457698 3283 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3284 rp.addr.type = BDADDR_BREDR;
ac56fb13 3285
aee9b218 3286 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3287 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3288
a664b5bc 3289 mgmt_pending_remove(cmd);
980e1a53
JH		 3290
3291 return err;
3292}
a5c29683 3293
744cf19e 3294int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3295 u8 link_type, u8 addr_type, __le32 value,
3296 u8 confirm_hint)
a5c29683
JH		 3297{
3298 struct mgmt_ev_user_confirm_request ev;
3299
744cf19e 3300 BT_DBG("%s", hdev->name);
a5c29683 3301
272d90df 3302 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3303 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3304 ev.confirm_hint = confirm_hint;
78e8098e 3305 ev.value = value;
a5c29683 3306
744cf19e 3307 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3308 NULL);
a5c29683
JH		 3309}
3310
272d90df 3311int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3312 u8 link_type, u8 addr_type)
604086b7
BG		 3313{
3314 struct mgmt_ev_user_passkey_request ev;
3315
3316 BT_DBG("%s", hdev->name);
3317
272d90df 3318 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3319 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3320
3321 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3322 NULL);
604086b7
BG		 3323}
3324
0df4c185 3325static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3326 u8 link_type, u8 addr_type, u8 status,
3327 u8 opcode)
a5c29683
JH		 3328{
3329 struct pending_cmd *cmd;
3330 struct mgmt_rp_user_confirm_reply rp;
3331 int err;
3332
2e58ef3e 3333 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3334 if (!cmd)
3335 return -ENOENT;
3336
272d90df 3337 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3338 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3339 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3340 &rp, sizeof(rp));
a5c29683 3341
a664b5bc 3342 mgmt_pending_remove(cmd);
a5c29683
JH		 3343
3344 return err;
3345}
3346
744cf19e 3347int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3348 u8 link_type, u8 addr_type, u8 status)
a5c29683 3349{
272d90df 3350 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3351 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3352}
3353
272d90df 3354int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3355 u8 link_type, u8 addr_type, u8 status)
a5c29683 3356{
272d90df 3357 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3358 status,
3359 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3360}
2a611692 3361
604086b7 3362int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3363 u8 link_type, u8 addr_type, u8 status)
604086b7 3364{
272d90df 3365 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3366 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3367}
3368
272d90df 3369int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3370 u8 link_type, u8 addr_type, u8 status)
604086b7 3371{
272d90df 3372 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3373 status,
3374 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3375}
3376
92a25256
JH		 3377int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3378 u8 link_type, u8 addr_type, u32 passkey,
3379 u8 entered)
3380{
3381 struct mgmt_ev_passkey_notify ev;
3382
3383 BT_DBG("%s", hdev->name);
3384
3385 bacpy(&ev.addr.bdaddr, bdaddr);
3386 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3387 ev.passkey = __cpu_to_le32(passkey);
3388 ev.entered = entered;
3389
3390 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3391}
3392
bab73cb6 3393int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3394 u8 addr_type, u8 status)
2a611692
JH		 3395{
3396 struct mgmt_ev_auth_failed ev;
3397
bab73cb6 3398 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3399 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3400 ev.status = mgmt_status(status);
2a611692 3401
744cf19e 3402 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3403}
b312b161 3404
33ef95ed
JH		 3405int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3406{
3407 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3408 bool changed = false;
3409 int err = 0;
33ef95ed
JH		 3410
3411 if (status) {
3412 u8 mgmt_err = mgmt_status(status);
3413 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3414 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3415 return 0;
3416 }
3417
47990ea0
JH		 3418 if (test_bit(HCI_AUTH, &hdev->flags)) {
3419 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3420 changed = true;
3421 } else {
3422 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3423 changed = true;
3424 }
3425
33ef95ed 3426 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3427 &match);
33ef95ed 3428
47990ea0
JH		 3429 if (changed)
3430 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3431
3432 if (match.sk)
3433 sock_put(match.sk);
3434
3435 return err;
3436}
3437
cacaf52f
JH		 3438static int clear_eir(struct hci_dev *hdev)
3439{
3440 struct hci_cp_write_eir cp;
3441
976eb20e 3442 if (!lmp_ext_inq_capable(hdev))
cacaf52f
JH		 3443 return 0;
3444
c80da27e
JH		 3445 memset(hdev->eir, 0, sizeof(hdev->eir));
3446
cacaf52f
JH		 3447 memset(&cp, 0, sizeof(cp));
3448
3449 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3450}
3451
c0ecddc2 3452int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3453{
3454 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3455 bool changed = false;
3456 int err = 0;
ed2c4ee3
JH		 3457
3458 if (status) {
3459 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3460
3461 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3462 &hdev->dev_flags))
c0ecddc2
JH		 3463 err = new_settings(hdev, NULL);
3464
04124681
GP		 3465 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3466 &mgmt_err);
c0ecddc2
JH		 3467
3468 return err;
3469 }
3470
3471 if (enable) {
3472 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3473 changed = true;
3474 } else {
3475 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3476 changed = true;
ed2c4ee3
JH		 3477 }
3478
3479 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3480
c0ecddc2
JH		 3481 if (changed)
3482 err = new_settings(hdev, match.sk);
ed2c4ee3 3483
5fc6ebb1 3484 if (match.sk)
ed2c4ee3
JH		 3485 sock_put(match.sk);
3486
5fc6ebb1
JH		 3487 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3488 update_eir(hdev);
3489 else
3490 clear_eir(hdev);
cacaf52f 3491
ed2c4ee3
JH		 3492 return err;
3493}
3494
90e70454
JH		 3495static void class_rsp(struct pending_cmd *cmd, void *data)
3496{
3497 struct cmd_lookup *match = data;
3498
3499 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3500 match->hdev->dev_class, 3);
90e70454
JH		 3501
3502 list_del(&cmd->list);
3503
3504 if (match->sk == NULL) {
3505 match->sk = cmd->sk;
3506 sock_hold(match->sk);
3507 }
3508
3509 mgmt_pending_free(cmd);
3510}
3511
7f9a903c 3512int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3513 u8 status)
7f9a903c 3514{
90e70454
JH		 3515 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3516 int err = 0;
7f9a903c 3517
c95f0ba7
JH		 3518 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3519
90e70454
JH		 3520 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3521 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3522 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3523
3524 if (!status)
04124681
GP		 3525 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3526 3, NULL);
90e70454
JH		 3527
3528 if (match.sk)
3529 sock_put(match.sk);
7f9a903c
MH		 3530
3531 return err;
3532}
3533
744cf19e 3534int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3535{
3536 struct pending_cmd *cmd;
3537 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3538 bool changed = false;
3539 int err = 0;
3540
3541 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3542 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3543 changed = true;
3544 }
b312b161
JH		 3545
3546 memset(&ev, 0, sizeof(ev));
3547 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3548 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3549
2e58ef3e 3550 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3551 if (!cmd)
3552 goto send_event;
3553
7bdaae4a
JH		 3554 /* Always assume that either the short or the complete name has
3555 * changed if there was a pending mgmt command */
3556 changed = true;
3557
b312b161 3558 if (status) {
744cf19e 3559 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3560 mgmt_status(status));
b312b161
JH		 3561 goto failed;
3562 }
3563
aee9b218 3564 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3565 sizeof(ev));
b312b161
JH		 3566 if (err < 0)
3567 goto failed;
3568
3569send_event:
28cc7bde
JH		 3570 if (changed)
3571 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3572 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3573
1225a6bd
JH		 3574 /* EIR is taken care of separately when powering on the
3575 * adapter so only update them here if this is a name change
3576 * unrelated to power on.
3577 */
3578 if (!test_bit(HCI_INIT, &hdev->flags))
3579 update_eir(hdev);
b312b161
JH		 3580
3581failed:
3582 if (cmd)
3583 mgmt_pending_remove(cmd);
3584 return err;
3585}
c35938b2 3586
744cf19e 3587int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3588 u8 *randomizer, u8 status)
c35938b2
SJ		 3589{
3590 struct pending_cmd *cmd;
3591 int err;
3592
744cf19e 3593 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3594
2e58ef3e 3595 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3596 if (!cmd)
3597 return -ENOENT;
3598
3599 if (status) {
04124681
GP		 3600 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3601 mgmt_status(status));
c35938b2
SJ		 3602 } else {
3603 struct mgmt_rp_read_local_oob_data rp;
3604
3605 memcpy(rp.hash, hash, sizeof(rp.hash));
3606 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3607
744cf19e 3608 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3609 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3610 sizeof(rp));
c35938b2
SJ		 3611 }
3612
3613 mgmt_pending_remove(cmd);
3614
3615 return err;
3616}
e17acd40 3617
06199cf8
JH		 3618int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3619{
3620 struct cmd_lookup match = { NULL, hdev };
3621 bool changed = false;
3622 int err = 0;
3623
3624 if (status) {
3625 u8 mgmt_err = mgmt_status(status);
3626
3627 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3628 &hdev->dev_flags))
d97dcb66 3629 err = new_settings(hdev, NULL);
06199cf8 3630
d97dcb66
SJ		 3631 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3632 &mgmt_err);
06199cf8
JH		 3633
3634 return err;
3635 }
3636
3637 if (enable) {
3638 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3639 changed = true;
3640 } else {
3641 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3642 changed = true;
3643 }
3644
3645 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3646
3647 if (changed)
3648 err = new_settings(hdev, match.sk);
3649
3650 if (match.sk)
3651 sock_put(match.sk);
3652
3653 return err;
3654}
3655
48264f06 3656int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3657 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3658 ssp, u8 *eir, u16 eir_len)
e17acd40 3659{
e319d2e7
JH		 3660 char buf[512];
3661 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3662 size_t ev_size;
e17acd40 3663
1dc06093
JH		 3664 /* Leave 5 bytes for a potential CoD field */
3665 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3666 return -EINVAL;
3667
1dc06093
JH		 3668 memset(buf, 0, sizeof(buf));
3669
e319d2e7 3670 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3671 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3672 ev->rssi = rssi;
9a395a80 3673 if (cfm_name)
612dfce9 3674 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3675 if (!ssp)
612dfce9 3676 ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3677
1dc06093 3678 if (eir_len > 0)
e319d2e7 3679 memcpy(ev->eir, eir, eir_len);
e17acd40 3680
1dc06093
JH		 3681 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3682 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3683 dev_class, 3);
1dc06093 3684
eb55ef07 3685 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3686 ev_size = sizeof(*ev) + eir_len;
f8523598 3687
e319d2e7 3688 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3689}
a88a9652 3690
b644ba33 3691int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3692 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3693{
b644ba33
JH		 3694 struct mgmt_ev_device_found *ev;
3695 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3696 u16 eir_len;
a88a9652 3697
b644ba33 3698 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3699
b644ba33
JH		 3700 memset(buf, 0, sizeof(buf));
3701
3702 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3703 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3704 ev->rssi = rssi;
3705
3706 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3707 name_len);
b644ba33 3708
eb55ef07 3709 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3710
053c7e0c 3711 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3712 sizeof(*ev) + eir_len, NULL);
a88a9652 3713}
314b2381 3714
7a135109 3715int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3716{
3717 struct pending_cmd *cmd;
f808e166 3718 u8 type;
164a6e78
JH		 3719 int err;
3720
203159d4
AG		 3721 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3722
2e58ef3e 3723 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3724 if (!cmd)
3725 return -ENOENT;
3726
f808e166
JH		 3727 type = hdev->discovery.type;
3728
3729 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3730 &type, sizeof(type));
164a6e78
JH		 3731 mgmt_pending_remove(cmd);
3732
3733 return err;
3734}
3735
e6d465cb
AG		 3736int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3737{
3738 struct pending_cmd *cmd;
3739 int err;
3740
3741 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3742 if (!cmd)
3743 return -ENOENT;
3744
d930650b 3745 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3746 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3747 mgmt_pending_remove(cmd);
3748
3749 return err;
3750}
3751
744cf19e 3752int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3753{
f963e8e9 3754 struct mgmt_ev_discovering ev;
164a6e78
JH		 3755 struct pending_cmd *cmd;
3756
343fb145
AG		 3757 BT_DBG("%s discovering %u", hdev->name, discovering);
3758
164a6e78 3759 if (discovering)
2e58ef3e 3760 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3761 else
2e58ef3e 3762 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3763
3764 if (cmd != NULL) {
f808e166
JH		 3765 u8 type = hdev->discovery.type;
3766
04124681
GP		 3767 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3768 sizeof(type));
164a6e78
JH		 3769 mgmt_pending_remove(cmd);
3770 }
3771
f963e8e9
JH		 3772 memset(&ev, 0, sizeof(ev));
3773 ev.type = hdev->discovery.type;
3774 ev.discovering = discovering;
3775
3776 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3777}
5e762444 3778
88c1fe4b 3779int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3780{
3781 struct pending_cmd *cmd;
3782 struct mgmt_ev_device_blocked ev;
3783
2e58ef3e 3784 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3785
88c1fe4b
JH		 3786 bacpy(&ev.addr.bdaddr, bdaddr);
3787 ev.addr.type = type;
5e762444 3788
744cf19e 3789 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3790 cmd ? cmd->sk : NULL);
5e762444
AJ		 3791}
3792
88c1fe4b 3793int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3794{
3795 struct pending_cmd *cmd;
3796 struct mgmt_ev_device_unblocked ev;
3797
2e58ef3e 3798 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3799
88c1fe4b
JH		 3800 bacpy(&ev.addr.bdaddr, bdaddr);
3801 ev.addr.type = type;
5e762444 3802
744cf19e 3803 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3804 cmd ? cmd->sk : NULL);
5e762444 3805}
d7b7e796
MH		 3806
3807module_param(enable_hs, bool, 0644);
3808MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
Linux kernel - Deliverables
This page took 0.388898 seconds and 5 git commands to generate.