2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/sched.h>
33 #include <linux/slab.h>
34 #include <linux/poll.h>
35 #include <linux/fcntl.h>
36 #include <linux/init.h>
37 #include <linux/skbuff.h>
38 #include <linux/interrupt.h>
39 #include <linux/notifier.h>
42 #include <asm/system.h>
43 #include <asm/uaccess.h>
44 #include <asm/unaligned.h>
46 #include <net/bluetooth/bluetooth.h>
47 #include <net/bluetooth/hci_core.h>
49 #ifndef CONFIG_BT_HCI_CORE_DEBUG
54 /* Handle HCI Event packets */
56 /* Command Complete OGF LINK_CTL */
57 static void hci_cc_link_ctl(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
61 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
64 case OCF_INQUIRY_CANCEL
:
65 case OCF_EXIT_PERIODIC_INQ
:
66 status
= *((__u8
*) skb
->data
);
69 BT_DBG("%s Inquiry cancel error: status 0x%x", hdev
->name
, status
);
71 clear_bit(HCI_INQUIRY
, &hdev
->flags
);
72 hci_req_complete(hdev
, status
);
77 BT_DBG("%s Command complete: ogf LINK_CTL ocf %x", hdev
->name
, ocf
);
82 /* Command Complete OGF LINK_POLICY */
83 static void hci_cc_link_policy(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
85 struct hci_conn
*conn
;
86 struct hci_rp_role_discovery
*rd
;
87 struct hci_rp_write_link_policy
*lp
;
90 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
93 case OCF_ROLE_DISCOVERY
:
94 rd
= (void *) skb
->data
;
101 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(rd
->handle
));
104 conn
->link_mode
&= ~HCI_LM_MASTER
;
106 conn
->link_mode
|= HCI_LM_MASTER
;
109 hci_dev_unlock(hdev
);
112 case OCF_WRITE_LINK_POLICY
:
113 sent
= hci_sent_cmd_data(hdev
, OGF_LINK_POLICY
, OCF_WRITE_LINK_POLICY
);
117 lp
= (struct hci_rp_write_link_policy
*) skb
->data
;
124 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(lp
->handle
));
126 __le16 policy
= get_unaligned((__le16
*) (sent
+ 2));
127 conn
->link_policy
= __le16_to_cpu(policy
);
130 hci_dev_unlock(hdev
);
134 BT_DBG("%s: Command complete: ogf LINK_POLICY ocf %x",
140 /* Command Complete OGF HOST_CTL */
141 static void hci_cc_host_ctl(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
145 struct hci_rp_read_voice_setting
*vs
;
148 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
152 status
= *((__u8
*) skb
->data
);
153 hci_req_complete(hdev
, status
);
156 case OCF_SET_EVENT_FLT
:
157 status
= *((__u8
*) skb
->data
);
159 BT_DBG("%s SET_EVENT_FLT failed %d", hdev
->name
, status
);
161 BT_DBG("%s SET_EVENT_FLT succeseful", hdev
->name
);
165 case OCF_WRITE_AUTH_ENABLE
:
166 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_AUTH_ENABLE
);
170 status
= *((__u8
*) skb
->data
);
171 param
= *((__u8
*) sent
);
174 if (param
== AUTH_ENABLED
)
175 set_bit(HCI_AUTH
, &hdev
->flags
);
177 clear_bit(HCI_AUTH
, &hdev
->flags
);
179 hci_req_complete(hdev
, status
);
182 case OCF_WRITE_ENCRYPT_MODE
:
183 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_ENCRYPT_MODE
);
187 status
= *((__u8
*) skb
->data
);
188 param
= *((__u8
*) sent
);
192 set_bit(HCI_ENCRYPT
, &hdev
->flags
);
194 clear_bit(HCI_ENCRYPT
, &hdev
->flags
);
196 hci_req_complete(hdev
, status
);
199 case OCF_WRITE_CA_TIMEOUT
:
200 status
= *((__u8
*) skb
->data
);
202 BT_DBG("%s OCF_WRITE_CA_TIMEOUT failed %d", hdev
->name
, status
);
204 BT_DBG("%s OCF_WRITE_CA_TIMEOUT succeseful", hdev
->name
);
208 case OCF_WRITE_PG_TIMEOUT
:
209 status
= *((__u8
*) skb
->data
);
211 BT_DBG("%s OCF_WRITE_PG_TIMEOUT failed %d", hdev
->name
, status
);
213 BT_DBG("%s: OCF_WRITE_PG_TIMEOUT succeseful", hdev
->name
);
217 case OCF_WRITE_SCAN_ENABLE
:
218 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_SCAN_ENABLE
);
222 status
= *((__u8
*) skb
->data
);
223 param
= *((__u8
*) sent
);
225 BT_DBG("param 0x%x", param
);
228 clear_bit(HCI_PSCAN
, &hdev
->flags
);
229 clear_bit(HCI_ISCAN
, &hdev
->flags
);
230 if (param
& SCAN_INQUIRY
)
231 set_bit(HCI_ISCAN
, &hdev
->flags
);
233 if (param
& SCAN_PAGE
)
234 set_bit(HCI_PSCAN
, &hdev
->flags
);
236 hci_req_complete(hdev
, status
);
239 case OCF_READ_VOICE_SETTING
:
240 vs
= (struct hci_rp_read_voice_setting
*) skb
->data
;
243 BT_DBG("%s READ_VOICE_SETTING failed %d", hdev
->name
, vs
->status
);
247 setting
= __le16_to_cpu(vs
->voice_setting
);
249 if (hdev
->voice_setting
!= setting
) {
250 hdev
->voice_setting
= setting
;
252 BT_DBG("%s: voice setting 0x%04x", hdev
->name
, setting
);
255 tasklet_disable(&hdev
->tx_task
);
256 hdev
->notify(hdev
, HCI_NOTIFY_VOICE_SETTING
);
257 tasklet_enable(&hdev
->tx_task
);
262 case OCF_WRITE_VOICE_SETTING
:
263 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_VOICE_SETTING
);
267 status
= *((__u8
*) skb
->data
);
268 setting
= __le16_to_cpu(get_unaligned((__le16
*) sent
));
270 if (!status
&& hdev
->voice_setting
!= setting
) {
271 hdev
->voice_setting
= setting
;
273 BT_DBG("%s: voice setting 0x%04x", hdev
->name
, setting
);
276 tasklet_disable(&hdev
->tx_task
);
277 hdev
->notify(hdev
, HCI_NOTIFY_VOICE_SETTING
);
278 tasklet_enable(&hdev
->tx_task
);
281 hci_req_complete(hdev
, status
);
284 case OCF_HOST_BUFFER_SIZE
:
285 status
= *((__u8
*) skb
->data
);
287 BT_DBG("%s OCF_BUFFER_SIZE failed %d", hdev
->name
, status
);
288 hci_req_complete(hdev
, status
);
293 BT_DBG("%s Command complete: ogf HOST_CTL ocf %x", hdev
->name
, ocf
);
298 /* Command Complete OGF INFO_PARAM */
299 static void hci_cc_info_param(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
301 struct hci_rp_read_local_features
*lf
;
302 struct hci_rp_read_buffer_size
*bs
;
303 struct hci_rp_read_bd_addr
*ba
;
305 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
308 case OCF_READ_LOCAL_FEATURES
:
309 lf
= (struct hci_rp_read_local_features
*) skb
->data
;
312 BT_DBG("%s READ_LOCAL_FEATURES failed %d", hdev
->name
, lf
->status
);
316 memcpy(hdev
->features
, lf
->features
, sizeof(hdev
->features
));
318 /* Adjust default settings according to features
319 * supported by device. */
320 if (hdev
->features
[0] & LMP_3SLOT
)
321 hdev
->pkt_type
|= (HCI_DM3
| HCI_DH3
);
323 if (hdev
->features
[0] & LMP_5SLOT
)
324 hdev
->pkt_type
|= (HCI_DM5
| HCI_DH5
);
326 if (hdev
->features
[1] & LMP_HV2
)
327 hdev
->pkt_type
|= (HCI_HV2
);
329 if (hdev
->features
[1] & LMP_HV3
)
330 hdev
->pkt_type
|= (HCI_HV3
);
332 BT_DBG("%s: features 0x%x 0x%x 0x%x", hdev
->name
, lf
->features
[0], lf
->features
[1], lf
->features
[2]);
336 case OCF_READ_BUFFER_SIZE
:
337 bs
= (struct hci_rp_read_buffer_size
*) skb
->data
;
340 BT_DBG("%s READ_BUFFER_SIZE failed %d", hdev
->name
, bs
->status
);
341 hci_req_complete(hdev
, bs
->status
);
345 hdev
->acl_mtu
= __le16_to_cpu(bs
->acl_mtu
);
346 hdev
->sco_mtu
= bs
->sco_mtu
;
347 hdev
->acl_pkts
= __le16_to_cpu(bs
->acl_max_pkt
);
348 hdev
->sco_pkts
= __le16_to_cpu(bs
->sco_max_pkt
);
350 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE
, &hdev
->quirks
)) {
355 hdev
->acl_cnt
= hdev
->acl_pkts
;
356 hdev
->sco_cnt
= hdev
->sco_pkts
;
358 BT_DBG("%s mtu: acl %d, sco %d max_pkt: acl %d, sco %d", hdev
->name
,
359 hdev
->acl_mtu
, hdev
->sco_mtu
, hdev
->acl_pkts
, hdev
->sco_pkts
);
362 case OCF_READ_BD_ADDR
:
363 ba
= (struct hci_rp_read_bd_addr
*) skb
->data
;
366 bacpy(&hdev
->bdaddr
, &ba
->bdaddr
);
368 BT_DBG("%s: READ_BD_ADDR failed %d", hdev
->name
, ba
->status
);
371 hci_req_complete(hdev
, ba
->status
);
375 BT_DBG("%s Command complete: ogf INFO_PARAM ocf %x", hdev
->name
, ocf
);
380 /* Command Status OGF LINK_CTL */
381 static inline void hci_cs_create_conn(struct hci_dev
*hdev
, __u8 status
)
383 struct hci_conn
*conn
;
384 struct hci_cp_create_conn
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_CTL
, OCF_CREATE_CONN
);
391 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
393 BT_DBG("%s status 0x%x bdaddr %s conn %p", hdev
->name
,
394 status
, batostr(&cp
->bdaddr
), conn
);
397 if (conn
&& conn
->state
== BT_CONNECT
) {
398 conn
->state
= BT_CLOSED
;
399 hci_proto_connect_cfm(conn
, status
);
404 conn
= hci_conn_add(hdev
, ACL_LINK
, &cp
->bdaddr
);
407 conn
->link_mode
|= HCI_LM_MASTER
;
409 BT_ERR("No memmory for new connection");
413 hci_dev_unlock(hdev
);
416 static void hci_cs_link_ctl(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
418 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
421 case OCF_CREATE_CONN
:
422 hci_cs_create_conn(hdev
, status
);
427 struct hci_conn
*acl
, *sco
;
428 struct hci_cp_add_sco
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_CTL
, OCF_ADD_SCO
);
434 handle
= __le16_to_cpu(cp
->handle
);
436 BT_DBG("%s Add SCO error: handle %d status 0x%x", hdev
->name
, handle
, status
);
440 acl
= hci_conn_hash_lookup_handle(hdev
, handle
);
441 if (acl
&& (sco
= acl
->link
)) {
442 sco
->state
= BT_CLOSED
;
444 hci_proto_connect_cfm(sco
, status
);
448 hci_dev_unlock(hdev
);
454 BT_DBG("%s Inquiry error: status 0x%x", hdev
->name
, status
);
455 hci_req_complete(hdev
, status
);
457 set_bit(HCI_INQUIRY
, &hdev
->flags
);
462 BT_DBG("%s Command status: ogf LINK_CTL ocf %x status %d",
463 hdev
->name
, ocf
, status
);
468 /* Command Status OGF LINK_POLICY */
469 static void hci_cs_link_policy(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
471 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
476 struct hci_conn
*conn
;
477 struct hci_cp_sniff_mode
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_POLICY
, OCF_SNIFF_MODE
);
484 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
486 clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
);
489 hci_dev_unlock(hdev
);
493 case OCF_EXIT_SNIFF_MODE
:
495 struct hci_conn
*conn
;
496 struct hci_cp_exit_sniff_mode
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_POLICY
, OCF_EXIT_SNIFF_MODE
);
503 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
505 clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
);
508 hci_dev_unlock(hdev
);
513 BT_DBG("%s Command status: ogf LINK_POLICY ocf %x", hdev
->name
, ocf
);
518 /* Command Status OGF HOST_CTL */
519 static void hci_cs_host_ctl(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
521 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
525 BT_DBG("%s Command status: ogf HOST_CTL ocf %x", hdev
->name
, ocf
);
530 /* Command Status OGF INFO_PARAM */
531 static void hci_cs_info_param(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
533 BT_DBG("%s: hci_cs_info_param: ocf 0x%x", hdev
->name
, ocf
);
537 BT_DBG("%s Command status: ogf INFO_PARAM ocf %x", hdev
->name
, ocf
);
542 /* Inquiry Complete */
543 static inline void hci_inquiry_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
545 __u8 status
= *((__u8
*) skb
->data
);
547 BT_DBG("%s status %d", hdev
->name
, status
);
549 clear_bit(HCI_INQUIRY
, &hdev
->flags
);
550 hci_req_complete(hdev
, status
);
554 static inline void hci_inquiry_result_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
556 struct inquiry_data data
;
557 struct inquiry_info
*info
= (struct inquiry_info
*) (skb
->data
+ 1);
558 int num_rsp
= *((__u8
*) skb
->data
);
560 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
567 for (; num_rsp
; num_rsp
--) {
568 bacpy(&data
.bdaddr
, &info
->bdaddr
);
569 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
570 data
.pscan_period_mode
= info
->pscan_period_mode
;
571 data
.pscan_mode
= info
->pscan_mode
;
572 memcpy(data
.dev_class
, info
->dev_class
, 3);
573 data
.clock_offset
= info
->clock_offset
;
576 hci_inquiry_cache_update(hdev
, &data
);
579 hci_dev_unlock(hdev
);
582 /* Inquiry Result With RSSI */
583 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
585 struct inquiry_data data
;
586 int num_rsp
= *((__u8
*) skb
->data
);
588 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
595 if ((skb
->len
- 1) / num_rsp
!= sizeof(struct inquiry_info_with_rssi
)) {
596 struct inquiry_info_with_rssi_and_pscan_mode
*info
=
597 (struct inquiry_info_with_rssi_and_pscan_mode
*) (skb
->data
+ 1);
599 for (; num_rsp
; num_rsp
--) {
600 bacpy(&data
.bdaddr
, &info
->bdaddr
);
601 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
602 data
.pscan_period_mode
= info
->pscan_period_mode
;
603 data
.pscan_mode
= info
->pscan_mode
;
604 memcpy(data
.dev_class
, info
->dev_class
, 3);
605 data
.clock_offset
= info
->clock_offset
;
606 data
.rssi
= info
->rssi
;
608 hci_inquiry_cache_update(hdev
, &data
);
611 struct inquiry_info_with_rssi
*info
=
612 (struct inquiry_info_with_rssi
*) (skb
->data
+ 1);
614 for (; num_rsp
; num_rsp
--) {
615 bacpy(&data
.bdaddr
, &info
->bdaddr
);
616 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
617 data
.pscan_period_mode
= info
->pscan_period_mode
;
618 data
.pscan_mode
= 0x00;
619 memcpy(data
.dev_class
, info
->dev_class
, 3);
620 data
.clock_offset
= info
->clock_offset
;
621 data
.rssi
= info
->rssi
;
623 hci_inquiry_cache_update(hdev
, &data
);
627 hci_dev_unlock(hdev
);
630 /* Extended Inquiry Result */
631 static inline void hci_extended_inquiry_result_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
633 struct inquiry_data data
;
634 struct extended_inquiry_info
*info
= (struct extended_inquiry_info
*) (skb
->data
+ 1);
635 int num_rsp
= *((__u8
*) skb
->data
);
637 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
644 for (; num_rsp
; num_rsp
--) {
645 bacpy(&data
.bdaddr
, &info
->bdaddr
);
646 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
647 data
.pscan_period_mode
= info
->pscan_period_mode
;
648 data
.pscan_mode
= 0x00;
649 memcpy(data
.dev_class
, info
->dev_class
, 3);
650 data
.clock_offset
= info
->clock_offset
;
651 data
.rssi
= info
->rssi
;
653 hci_inquiry_cache_update(hdev
, &data
);
656 hci_dev_unlock(hdev
);
659 /* Connect Request */
660 static inline void hci_conn_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
662 struct hci_ev_conn_request
*ev
= (struct hci_ev_conn_request
*) skb
->data
;
663 int mask
= hdev
->link_mode
;
665 BT_DBG("%s Connection request: %s type 0x%x", hdev
->name
,
666 batostr(&ev
->bdaddr
), ev
->link_type
);
668 mask
|= hci_proto_connect_ind(hdev
, &ev
->bdaddr
, ev
->link_type
);
670 if (mask
& HCI_LM_ACCEPT
) {
671 /* Connection accepted */
672 struct hci_conn
*conn
;
673 struct hci_cp_accept_conn_req cp
;
676 conn
= hci_conn_hash_lookup_ba(hdev
, ev
->link_type
, &ev
->bdaddr
);
678 if (!(conn
= hci_conn_add(hdev
, ev
->link_type
, &ev
->bdaddr
))) {
679 BT_ERR("No memmory for new connection");
680 hci_dev_unlock(hdev
);
684 memcpy(conn
->dev_class
, ev
->dev_class
, 3);
685 conn
->state
= BT_CONNECT
;
686 hci_dev_unlock(hdev
);
688 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
690 if (lmp_rswitch_capable(hdev
) && (mask
& HCI_LM_MASTER
))
691 cp
.role
= 0x00; /* Become master */
693 cp
.role
= 0x01; /* Remain slave */
695 hci_send_cmd(hdev
, OGF_LINK_CTL
,
696 OCF_ACCEPT_CONN_REQ
, sizeof(cp
), &cp
);
698 /* Connection rejected */
699 struct hci_cp_reject_conn_req cp
;
701 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
703 hci_send_cmd(hdev
, OGF_LINK_CTL
,
704 OCF_REJECT_CONN_REQ
, sizeof(cp
), &cp
);
708 /* Connect Complete */
709 static inline void hci_conn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
711 struct hci_ev_conn_complete
*ev
= (struct hci_ev_conn_complete
*) skb
->data
;
712 struct hci_conn
*conn
;
714 BT_DBG("%s", hdev
->name
);
718 conn
= hci_conn_hash_lookup_ba(hdev
, ev
->link_type
, &ev
->bdaddr
);
720 hci_dev_unlock(hdev
);
725 conn
->handle
= __le16_to_cpu(ev
->handle
);
726 conn
->state
= BT_CONNECTED
;
728 if (test_bit(HCI_AUTH
, &hdev
->flags
))
729 conn
->link_mode
|= HCI_LM_AUTH
;
731 if (test_bit(HCI_ENCRYPT
, &hdev
->flags
))
732 conn
->link_mode
|= HCI_LM_ENCRYPT
;
734 /* Get remote features */
735 if (conn
->type
== ACL_LINK
) {
736 struct hci_cp_read_remote_features cp
;
737 cp
.handle
= ev
->handle
;
738 hci_send_cmd(hdev
, OGF_LINK_CTL
,
739 OCF_READ_REMOTE_FEATURES
, sizeof(cp
), &cp
);
742 /* Set link policy */
743 if (conn
->type
== ACL_LINK
&& hdev
->link_policy
) {
744 struct hci_cp_write_link_policy cp
;
745 cp
.handle
= ev
->handle
;
746 cp
.policy
= __cpu_to_le16(hdev
->link_policy
);
747 hci_send_cmd(hdev
, OGF_LINK_POLICY
,
748 OCF_WRITE_LINK_POLICY
, sizeof(cp
), &cp
);
751 /* Set packet type for incoming connection */
753 struct hci_cp_change_conn_ptype cp
;
754 cp
.handle
= ev
->handle
;
755 cp
.pkt_type
= (conn
->type
== ACL_LINK
) ?
756 __cpu_to_le16(hdev
->pkt_type
& ACL_PTYPE_MASK
):
757 __cpu_to_le16(hdev
->pkt_type
& SCO_PTYPE_MASK
);
759 hci_send_cmd(hdev
, OGF_LINK_CTL
,
760 OCF_CHANGE_CONN_PTYPE
, sizeof(cp
), &cp
);
763 conn
->state
= BT_CLOSED
;
765 if (conn
->type
== ACL_LINK
) {
766 struct hci_conn
*sco
= conn
->link
;
769 hci_add_sco(sco
, conn
->handle
);
771 hci_proto_connect_cfm(sco
, ev
->status
);
777 hci_proto_connect_cfm(conn
, ev
->status
);
781 hci_dev_unlock(hdev
);
784 /* Disconnect Complete */
785 static inline void hci_disconn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
787 struct hci_ev_disconn_complete
*ev
= (struct hci_ev_disconn_complete
*) skb
->data
;
788 struct hci_conn
*conn
;
790 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
797 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
799 conn
->state
= BT_CLOSED
;
800 hci_proto_disconn_ind(conn
, ev
->reason
);
804 hci_dev_unlock(hdev
);
807 /* Number of completed packets */
808 static inline void hci_num_comp_pkts_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
810 struct hci_ev_num_comp_pkts
*ev
= (struct hci_ev_num_comp_pkts
*) skb
->data
;
814 skb_pull(skb
, sizeof(*ev
));
816 BT_DBG("%s num_hndl %d", hdev
->name
, ev
->num_hndl
);
818 if (skb
->len
< ev
->num_hndl
* 4) {
819 BT_DBG("%s bad parameters", hdev
->name
);
823 tasklet_disable(&hdev
->tx_task
);
825 for (i
= 0, ptr
= (__le16
*) skb
->data
; i
< ev
->num_hndl
; i
++) {
826 struct hci_conn
*conn
;
829 handle
= __le16_to_cpu(get_unaligned(ptr
++));
830 count
= __le16_to_cpu(get_unaligned(ptr
++));
832 conn
= hci_conn_hash_lookup_handle(hdev
, handle
);
836 if (conn
->type
== SCO_LINK
) {
837 if ((hdev
->sco_cnt
+= count
) > hdev
->sco_pkts
)
838 hdev
->sco_cnt
= hdev
->sco_pkts
;
840 if ((hdev
->acl_cnt
+= count
) > hdev
->acl_pkts
)
841 hdev
->acl_cnt
= hdev
->acl_pkts
;
847 tasklet_enable(&hdev
->tx_task
);
851 static inline void hci_role_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
853 struct hci_ev_role_change
*ev
= (struct hci_ev_role_change
*) skb
->data
;
854 struct hci_conn
*conn
;
856 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
860 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
864 conn
->link_mode
&= ~HCI_LM_MASTER
;
866 conn
->link_mode
|= HCI_LM_MASTER
;
869 clear_bit(HCI_CONN_RSWITCH_PEND
, &conn
->pend
);
871 hci_role_switch_cfm(conn
, ev
->status
, ev
->role
);
874 hci_dev_unlock(hdev
);
878 static inline void hci_mode_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
880 struct hci_ev_mode_change
*ev
= (struct hci_ev_mode_change
*) skb
->data
;
881 struct hci_conn
*conn
;
883 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
887 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
889 conn
->mode
= ev
->mode
;
890 conn
->interval
= __le16_to_cpu(ev
->interval
);
892 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
)) {
893 if (conn
->mode
== HCI_CM_ACTIVE
)
894 conn
->power_save
= 1;
896 conn
->power_save
= 0;
900 hci_dev_unlock(hdev
);
903 /* Authentication Complete */
904 static inline void hci_auth_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
906 struct hci_ev_auth_complete
*ev
= (struct hci_ev_auth_complete
*) skb
->data
;
907 struct hci_conn
*conn
;
909 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
913 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
916 conn
->link_mode
|= HCI_LM_AUTH
;
918 clear_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
);
920 hci_auth_cfm(conn
, ev
->status
);
922 if (test_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
)) {
924 struct hci_cp_set_conn_encrypt cp
;
925 cp
.handle
= __cpu_to_le16(conn
->handle
);
927 hci_send_cmd(conn
->hdev
, OGF_LINK_CTL
,
928 OCF_SET_CONN_ENCRYPT
, sizeof(cp
), &cp
);
930 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
);
931 hci_encrypt_cfm(conn
, ev
->status
, 0x00);
936 hci_dev_unlock(hdev
);
939 /* Encryption Change */
940 static inline void hci_encrypt_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
942 struct hci_ev_encrypt_change
*ev
= (struct hci_ev_encrypt_change
*) skb
->data
;
943 struct hci_conn
*conn
;
945 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
949 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
953 conn
->link_mode
|= HCI_LM_ENCRYPT
;
955 conn
->link_mode
&= ~HCI_LM_ENCRYPT
;
958 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
);
960 hci_encrypt_cfm(conn
, ev
->status
, ev
->encrypt
);
963 hci_dev_unlock(hdev
);
966 /* Change Connection Link Key Complete */
967 static inline void hci_change_conn_link_key_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
969 struct hci_ev_change_conn_link_key_complete
*ev
= (struct hci_ev_change_conn_link_key_complete
*) skb
->data
;
970 struct hci_conn
*conn
;
972 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
976 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
979 conn
->link_mode
|= HCI_LM_SECURE
;
981 clear_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
);
983 hci_key_change_cfm(conn
, ev
->status
);
986 hci_dev_unlock(hdev
);
989 /* Pin Code Request*/
990 static inline void hci_pin_code_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
994 /* Link Key Request */
995 static inline void hci_link_key_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
999 /* Link Key Notification */
1000 static inline void hci_link_key_notify_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1004 /* Remote Features */
1005 static inline void hci_remote_features_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1007 struct hci_ev_remote_features
*ev
= (struct hci_ev_remote_features
*) skb
->data
;
1008 struct hci_conn
*conn
;
1010 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1014 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1015 if (conn
&& !ev
->status
) {
1016 memcpy(conn
->features
, ev
->features
, sizeof(conn
->features
));
1019 hci_dev_unlock(hdev
);
1023 static inline void hci_clock_offset_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1025 struct hci_ev_clock_offset
*ev
= (struct hci_ev_clock_offset
*) skb
->data
;
1026 struct hci_conn
*conn
;
1028 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1032 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1033 if (conn
&& !ev
->status
) {
1034 struct inquiry_entry
*ie
;
1036 if ((ie
= hci_inquiry_cache_lookup(hdev
, &conn
->dst
))) {
1037 ie
->data
.clock_offset
= ev
->clock_offset
;
1038 ie
->timestamp
= jiffies
;
1042 hci_dev_unlock(hdev
);
1045 /* Page Scan Repetition Mode */
1046 static inline void hci_pscan_rep_mode_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1048 struct hci_ev_pscan_rep_mode
*ev
= (struct hci_ev_pscan_rep_mode
*) skb
->data
;
1049 struct inquiry_entry
*ie
;
1051 BT_DBG("%s", hdev
->name
);
1055 if ((ie
= hci_inquiry_cache_lookup(hdev
, &ev
->bdaddr
))) {
1056 ie
->data
.pscan_rep_mode
= ev
->pscan_rep_mode
;
1057 ie
->timestamp
= jiffies
;
1060 hci_dev_unlock(hdev
);
1064 static inline void hci_sniff_subrate_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1066 struct hci_ev_sniff_subrate
*ev
= (struct hci_ev_sniff_subrate
*) skb
->data
;
1067 struct hci_conn
*conn
;
1069 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1073 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1077 hci_dev_unlock(hdev
);
1080 void hci_event_packet(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1082 struct hci_event_hdr
*hdr
= (struct hci_event_hdr
*) skb
->data
;
1083 struct hci_ev_cmd_complete
*ec
;
1084 struct hci_ev_cmd_status
*cs
;
1085 u16 opcode
, ocf
, ogf
;
1087 skb_pull(skb
, HCI_EVENT_HDR_SIZE
);
1089 BT_DBG("%s evt 0x%x", hdev
->name
, hdr
->evt
);
1092 case HCI_EV_NUM_COMP_PKTS
:
1093 hci_num_comp_pkts_evt(hdev
, skb
);
1096 case HCI_EV_INQUIRY_COMPLETE
:
1097 hci_inquiry_complete_evt(hdev
, skb
);
1100 case HCI_EV_INQUIRY_RESULT
:
1101 hci_inquiry_result_evt(hdev
, skb
);
1104 case HCI_EV_INQUIRY_RESULT_WITH_RSSI
:
1105 hci_inquiry_result_with_rssi_evt(hdev
, skb
);
1108 case HCI_EV_EXTENDED_INQUIRY_RESULT
:
1109 hci_extended_inquiry_result_evt(hdev
, skb
);
1112 case HCI_EV_CONN_REQUEST
:
1113 hci_conn_request_evt(hdev
, skb
);
1116 case HCI_EV_CONN_COMPLETE
:
1117 hci_conn_complete_evt(hdev
, skb
);
1120 case HCI_EV_DISCONN_COMPLETE
:
1121 hci_disconn_complete_evt(hdev
, skb
);
1124 case HCI_EV_ROLE_CHANGE
:
1125 hci_role_change_evt(hdev
, skb
);
1128 case HCI_EV_MODE_CHANGE
:
1129 hci_mode_change_evt(hdev
, skb
);
1132 case HCI_EV_AUTH_COMPLETE
:
1133 hci_auth_complete_evt(hdev
, skb
);
1136 case HCI_EV_ENCRYPT_CHANGE
:
1137 hci_encrypt_change_evt(hdev
, skb
);
1140 case HCI_EV_CHANGE_CONN_LINK_KEY_COMPLETE
:
1141 hci_change_conn_link_key_complete_evt(hdev
, skb
);
1144 case HCI_EV_PIN_CODE_REQ
:
1145 hci_pin_code_request_evt(hdev
, skb
);
1148 case HCI_EV_LINK_KEY_REQ
:
1149 hci_link_key_request_evt(hdev
, skb
);
1152 case HCI_EV_LINK_KEY_NOTIFY
:
1153 hci_link_key_notify_evt(hdev
, skb
);
1156 case HCI_EV_REMOTE_FEATURES
:
1157 hci_remote_features_evt(hdev
, skb
);
1160 case HCI_EV_CLOCK_OFFSET
:
1161 hci_clock_offset_evt(hdev
, skb
);
1164 case HCI_EV_PSCAN_REP_MODE
:
1165 hci_pscan_rep_mode_evt(hdev
, skb
);
1168 case HCI_EV_SNIFF_SUBRATE
:
1169 hci_sniff_subrate_evt(hdev
, skb
);
1172 case HCI_EV_CMD_STATUS
:
1173 cs
= (struct hci_ev_cmd_status
*) skb
->data
;
1174 skb_pull(skb
, sizeof(cs
));
1176 opcode
= __le16_to_cpu(cs
->opcode
);
1177 ogf
= hci_opcode_ogf(opcode
);
1178 ocf
= hci_opcode_ocf(opcode
);
1181 case OGF_INFO_PARAM
:
1182 hci_cs_info_param(hdev
, ocf
, cs
->status
);
1186 hci_cs_host_ctl(hdev
, ocf
, cs
->status
);
1190 hci_cs_link_ctl(hdev
, ocf
, cs
->status
);
1193 case OGF_LINK_POLICY
:
1194 hci_cs_link_policy(hdev
, ocf
, cs
->status
);
1198 BT_DBG("%s Command Status OGF %x", hdev
->name
, ogf
);
1203 atomic_set(&hdev
->cmd_cnt
, 1);
1204 if (!skb_queue_empty(&hdev
->cmd_q
))
1205 hci_sched_cmd(hdev
);
1209 case HCI_EV_CMD_COMPLETE
:
1210 ec
= (struct hci_ev_cmd_complete
*) skb
->data
;
1211 skb_pull(skb
, sizeof(*ec
));
1213 opcode
= __le16_to_cpu(ec
->opcode
);
1214 ogf
= hci_opcode_ogf(opcode
);
1215 ocf
= hci_opcode_ocf(opcode
);
1218 case OGF_INFO_PARAM
:
1219 hci_cc_info_param(hdev
, ocf
, skb
);
1223 hci_cc_host_ctl(hdev
, ocf
, skb
);
1227 hci_cc_link_ctl(hdev
, ocf
, skb
);
1230 case OGF_LINK_POLICY
:
1231 hci_cc_link_policy(hdev
, ocf
, skb
);
1235 BT_DBG("%s Command Completed OGF %x", hdev
->name
, ogf
);
1240 atomic_set(&hdev
->cmd_cnt
, 1);
1241 if (!skb_queue_empty(&hdev
->cmd_q
))
1242 hci_sched_cmd(hdev
);
1248 hdev
->stat
.evt_rx
++;
1251 /* Generate internal stack event */
1252 void hci_si_event(struct hci_dev
*hdev
, int type
, int dlen
, void *data
)
1254 struct hci_event_hdr
*hdr
;
1255 struct hci_ev_stack_internal
*ev
;
1256 struct sk_buff
*skb
;
1258 skb
= bt_skb_alloc(HCI_EVENT_HDR_SIZE
+ sizeof(*ev
) + dlen
, GFP_ATOMIC
);
1262 hdr
= (void *) skb_put(skb
, HCI_EVENT_HDR_SIZE
);
1263 hdr
->evt
= HCI_EV_STACK_INTERNAL
;
1264 hdr
->plen
= sizeof(*ev
) + dlen
;
1266 ev
= (void *) skb_put(skb
, sizeof(*ev
) + dlen
);
1268 memcpy(ev
->data
, data
, dlen
);
1270 bt_cb(skb
)->incoming
= 1;
1271 __net_timestamp(skb
);
1273 bt_cb(skb
)->pkt_type
= HCI_EVENT_PKT
;
1274 skb
->dev
= (void *) hdev
;
1275 hci_send_to_sock(hdev
, skb
);