2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <linux/module.h>
28 #include <asm/unaligned.h>
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/mgmt.h>
33 #include <net/bluetooth/smp.h>
35 #define MGMT_VERSION 0
36 #define MGMT_REVISION 1
38 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
40 #define SERVICE_CACHE_TIMEOUT (5 * 1000)
43 struct list_head list
;
51 /* HCI to MGMT error code conversion table */
52 static u8 mgmt_status_table
[] = {
54 MGMT_STATUS_UNKNOWN_COMMAND
, /* Unknown Command */
55 MGMT_STATUS_NOT_CONNECTED
, /* No Connection */
56 MGMT_STATUS_FAILED
, /* Hardware Failure */
57 MGMT_STATUS_CONNECT_FAILED
, /* Page Timeout */
58 MGMT_STATUS_AUTH_FAILED
, /* Authentication Failed */
59 MGMT_STATUS_NOT_PAIRED
, /* PIN or Key Missing */
60 MGMT_STATUS_NO_RESOURCES
, /* Memory Full */
61 MGMT_STATUS_TIMEOUT
, /* Connection Timeout */
62 MGMT_STATUS_NO_RESOURCES
, /* Max Number of Connections */
63 MGMT_STATUS_NO_RESOURCES
, /* Max Number of SCO Connections */
64 MGMT_STATUS_ALREADY_CONNECTED
, /* ACL Connection Exists */
65 MGMT_STATUS_BUSY
, /* Command Disallowed */
66 MGMT_STATUS_NO_RESOURCES
, /* Rejected Limited Resources */
67 MGMT_STATUS_REJECTED
, /* Rejected Security */
68 MGMT_STATUS_REJECTED
, /* Rejected Personal */
69 MGMT_STATUS_TIMEOUT
, /* Host Timeout */
70 MGMT_STATUS_NOT_SUPPORTED
, /* Unsupported Feature */
71 MGMT_STATUS_INVALID_PARAMS
, /* Invalid Parameters */
72 MGMT_STATUS_DISCONNECTED
, /* OE User Ended Connection */
73 MGMT_STATUS_NO_RESOURCES
, /* OE Low Resources */
74 MGMT_STATUS_DISCONNECTED
, /* OE Power Off */
75 MGMT_STATUS_DISCONNECTED
, /* Connection Terminated */
76 MGMT_STATUS_BUSY
, /* Repeated Attempts */
77 MGMT_STATUS_REJECTED
, /* Pairing Not Allowed */
78 MGMT_STATUS_FAILED
, /* Unknown LMP PDU */
79 MGMT_STATUS_NOT_SUPPORTED
, /* Unsupported Remote Feature */
80 MGMT_STATUS_REJECTED
, /* SCO Offset Rejected */
81 MGMT_STATUS_REJECTED
, /* SCO Interval Rejected */
82 MGMT_STATUS_REJECTED
, /* Air Mode Rejected */
83 MGMT_STATUS_INVALID_PARAMS
, /* Invalid LMP Parameters */
84 MGMT_STATUS_FAILED
, /* Unspecified Error */
85 MGMT_STATUS_NOT_SUPPORTED
, /* Unsupported LMP Parameter Value */
86 MGMT_STATUS_FAILED
, /* Role Change Not Allowed */
87 MGMT_STATUS_TIMEOUT
, /* LMP Response Timeout */
88 MGMT_STATUS_FAILED
, /* LMP Error Transaction Collision */
89 MGMT_STATUS_FAILED
, /* LMP PDU Not Allowed */
90 MGMT_STATUS_REJECTED
, /* Encryption Mode Not Accepted */
91 MGMT_STATUS_FAILED
, /* Unit Link Key Used */
92 MGMT_STATUS_NOT_SUPPORTED
, /* QoS Not Supported */
93 MGMT_STATUS_TIMEOUT
, /* Instant Passed */
94 MGMT_STATUS_NOT_SUPPORTED
, /* Pairing Not Supported */
95 MGMT_STATUS_FAILED
, /* Transaction Collision */
96 MGMT_STATUS_INVALID_PARAMS
, /* Unacceptable Parameter */
97 MGMT_STATUS_REJECTED
, /* QoS Rejected */
98 MGMT_STATUS_NOT_SUPPORTED
, /* Classification Not Supported */
99 MGMT_STATUS_REJECTED
, /* Insufficient Security */
100 MGMT_STATUS_INVALID_PARAMS
, /* Parameter Out Of Range */
101 MGMT_STATUS_BUSY
, /* Role Switch Pending */
102 MGMT_STATUS_FAILED
, /* Slot Violation */
103 MGMT_STATUS_FAILED
, /* Role Switch Failed */
104 MGMT_STATUS_INVALID_PARAMS
, /* EIR Too Large */
105 MGMT_STATUS_NOT_SUPPORTED
, /* Simple Pairing Not Supported */
106 MGMT_STATUS_BUSY
, /* Host Busy Pairing */
107 MGMT_STATUS_REJECTED
, /* Rejected, No Suitable Channel */
108 MGMT_STATUS_BUSY
, /* Controller Busy */
109 MGMT_STATUS_INVALID_PARAMS
, /* Unsuitable Connection Interval */
110 MGMT_STATUS_TIMEOUT
, /* Directed Advertising Timeout */
111 MGMT_STATUS_AUTH_FAILED
, /* Terminated Due to MIC Failure */
112 MGMT_STATUS_CONNECT_FAILED
, /* Connection Establishment Failed */
113 MGMT_STATUS_CONNECT_FAILED
, /* MAC Connection Failed */
116 static u8
mgmt_status(u8 hci_status
)
118 if (hci_status
< ARRAY_SIZE(mgmt_status_table
))
119 return mgmt_status_table
[hci_status
];
121 return MGMT_STATUS_FAILED
;
124 static int cmd_status(struct sock
*sk
, u16 index
, u16 cmd
, u8 status
)
127 struct mgmt_hdr
*hdr
;
128 struct mgmt_ev_cmd_status
*ev
;
131 BT_DBG("sock %p, index %u, cmd %u, status %u", sk
, index
, cmd
, status
);
133 skb
= alloc_skb(sizeof(*hdr
) + sizeof(*ev
), GFP_ATOMIC
);
137 hdr
= (void *) skb_put(skb
, sizeof(*hdr
));
139 hdr
->opcode
= cpu_to_le16(MGMT_EV_CMD_STATUS
);
140 hdr
->index
= cpu_to_le16(index
);
141 hdr
->len
= cpu_to_le16(sizeof(*ev
));
143 ev
= (void *) skb_put(skb
, sizeof(*ev
));
145 put_unaligned_le16(cmd
, &ev
->opcode
);
147 err
= sock_queue_rcv_skb(sk
, skb
);
154 static int cmd_complete(struct sock
*sk
, u16 index
, u16 cmd
, void *rp
,
158 struct mgmt_hdr
*hdr
;
159 struct mgmt_ev_cmd_complete
*ev
;
162 BT_DBG("sock %p", sk
);
164 skb
= alloc_skb(sizeof(*hdr
) + sizeof(*ev
) + rp_len
, GFP_ATOMIC
);
168 hdr
= (void *) skb_put(skb
, sizeof(*hdr
));
170 hdr
->opcode
= cpu_to_le16(MGMT_EV_CMD_COMPLETE
);
171 hdr
->index
= cpu_to_le16(index
);
172 hdr
->len
= cpu_to_le16(sizeof(*ev
) + rp_len
);
174 ev
= (void *) skb_put(skb
, sizeof(*ev
) + rp_len
);
175 put_unaligned_le16(cmd
, &ev
->opcode
);
178 memcpy(ev
->data
, rp
, rp_len
);
180 err
= sock_queue_rcv_skb(sk
, skb
);
187 static int read_version(struct sock
*sk
)
189 struct mgmt_rp_read_version rp
;
191 BT_DBG("sock %p", sk
);
193 rp
.version
= MGMT_VERSION
;
194 put_unaligned_le16(MGMT_REVISION
, &rp
.revision
);
196 return cmd_complete(sk
, MGMT_INDEX_NONE
, MGMT_OP_READ_VERSION
, &rp
,
200 static int read_index_list(struct sock
*sk
)
202 struct mgmt_rp_read_index_list
*rp
;
209 BT_DBG("sock %p", sk
);
211 read_lock(&hci_dev_list_lock
);
214 list_for_each(p
, &hci_dev_list
) {
218 rp_len
= sizeof(*rp
) + (2 * count
);
219 rp
= kmalloc(rp_len
, GFP_ATOMIC
);
221 read_unlock(&hci_dev_list_lock
);
225 put_unaligned_le16(count
, &rp
->num_controllers
);
228 list_for_each_entry(d
, &hci_dev_list
, list
) {
229 if (test_and_clear_bit(HCI_AUTO_OFF
, &d
->dev_flags
))
230 cancel_delayed_work(&d
->power_off
);
232 if (test_bit(HCI_SETUP
, &d
->dev_flags
))
235 put_unaligned_le16(d
->id
, &rp
->index
[i
++]);
236 BT_DBG("Added hci%u", d
->id
);
239 read_unlock(&hci_dev_list_lock
);
241 err
= cmd_complete(sk
, MGMT_INDEX_NONE
, MGMT_OP_READ_INDEX_LIST
, rp
,
249 static u32
get_supported_settings(struct hci_dev
*hdev
)
253 settings
|= MGMT_SETTING_POWERED
;
254 settings
|= MGMT_SETTING_CONNECTABLE
;
255 settings
|= MGMT_SETTING_FAST_CONNECTABLE
;
256 settings
|= MGMT_SETTING_DISCOVERABLE
;
257 settings
|= MGMT_SETTING_PAIRABLE
;
259 if (hdev
->features
[6] & LMP_SIMPLE_PAIR
)
260 settings
|= MGMT_SETTING_SSP
;
262 if (!(hdev
->features
[4] & LMP_NO_BREDR
)) {
263 settings
|= MGMT_SETTING_BREDR
;
264 settings
|= MGMT_SETTING_LINK_SECURITY
;
267 if (hdev
->features
[4] & LMP_LE
)
268 settings
|= MGMT_SETTING_LE
;
273 static u32
get_current_settings(struct hci_dev
*hdev
)
277 if (test_bit(HCI_UP
, &hdev
->flags
))
278 settings
|= MGMT_SETTING_POWERED
;
282 if (test_bit(HCI_PSCAN
, &hdev
->flags
))
283 settings
|= MGMT_SETTING_CONNECTABLE
;
285 if (test_bit(HCI_ISCAN
, &hdev
->flags
))
286 settings
|= MGMT_SETTING_DISCOVERABLE
;
288 if (test_bit(HCI_PAIRABLE
, &hdev
->dev_flags
))
289 settings
|= MGMT_SETTING_PAIRABLE
;
291 if (!(hdev
->features
[4] & LMP_NO_BREDR
))
292 settings
|= MGMT_SETTING_BREDR
;
294 if (hdev
->host_features
[0] & LMP_HOST_LE
)
295 settings
|= MGMT_SETTING_LE
;
297 if (test_bit(HCI_AUTH
, &hdev
->flags
))
298 settings
|= MGMT_SETTING_LINK_SECURITY
;
300 if (hdev
->ssp_mode
> 0)
301 settings
|= MGMT_SETTING_SSP
;
306 #define PNP_INFO_SVCLASS_ID 0x1200
308 static u8 bluetooth_base_uuid
[] = {
309 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
310 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
313 static u16
get_uuid16(u8
*uuid128
)
318 for (i
= 0; i
< 12; i
++) {
319 if (bluetooth_base_uuid
[i
] != uuid128
[i
])
323 memcpy(&val
, &uuid128
[12], 4);
325 val
= le32_to_cpu(val
);
332 static void create_eir(struct hci_dev
*hdev
, u8
*data
)
336 u16 uuid16_list
[HCI_MAX_EIR_LENGTH
/ sizeof(u16
)];
337 int i
, truncated
= 0;
338 struct bt_uuid
*uuid
;
341 name_len
= strlen(hdev
->dev_name
);
347 ptr
[1] = EIR_NAME_SHORT
;
349 ptr
[1] = EIR_NAME_COMPLETE
;
351 /* EIR Data length */
352 ptr
[0] = name_len
+ 1;
354 memcpy(ptr
+ 2, hdev
->dev_name
, name_len
);
356 eir_len
+= (name_len
+ 2);
357 ptr
+= (name_len
+ 2);
360 memset(uuid16_list
, 0, sizeof(uuid16_list
));
362 /* Group all UUID16 types */
363 list_for_each_entry(uuid
, &hdev
->uuids
, list
) {
366 uuid16
= get_uuid16(uuid
->uuid
);
373 if (uuid16
== PNP_INFO_SVCLASS_ID
)
376 /* Stop if not enough space to put next UUID */
377 if (eir_len
+ 2 + sizeof(u16
) > HCI_MAX_EIR_LENGTH
) {
382 /* Check for duplicates */
383 for (i
= 0; uuid16_list
[i
] != 0; i
++)
384 if (uuid16_list
[i
] == uuid16
)
387 if (uuid16_list
[i
] == 0) {
388 uuid16_list
[i
] = uuid16
;
389 eir_len
+= sizeof(u16
);
393 if (uuid16_list
[0] != 0) {
397 ptr
[1] = truncated
? EIR_UUID16_SOME
: EIR_UUID16_ALL
;
402 for (i
= 0; uuid16_list
[i
] != 0; i
++) {
403 *ptr
++ = (uuid16_list
[i
] & 0x00ff);
404 *ptr
++ = (uuid16_list
[i
] & 0xff00) >> 8;
407 /* EIR Data length */
408 *length
= (i
* sizeof(u16
)) + 1;
412 static int update_eir(struct hci_dev
*hdev
)
414 struct hci_cp_write_eir cp
;
416 if (!(hdev
->features
[6] & LMP_EXT_INQ
))
419 if (hdev
->ssp_mode
== 0)
422 if (test_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
425 memset(&cp
, 0, sizeof(cp
));
427 create_eir(hdev
, cp
.data
);
429 if (memcmp(cp
.data
, hdev
->eir
, sizeof(cp
.data
)) == 0)
432 memcpy(hdev
->eir
, cp
.data
, sizeof(cp
.data
));
434 return hci_send_cmd(hdev
, HCI_OP_WRITE_EIR
, sizeof(cp
), &cp
);
437 static u8
get_service_classes(struct hci_dev
*hdev
)
439 struct bt_uuid
*uuid
;
442 list_for_each_entry(uuid
, &hdev
->uuids
, list
)
443 val
|= uuid
->svc_hint
;
448 static int update_class(struct hci_dev
*hdev
)
452 BT_DBG("%s", hdev
->name
);
454 if (test_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
457 cod
[0] = hdev
->minor_class
;
458 cod
[1] = hdev
->major_class
;
459 cod
[2] = get_service_classes(hdev
);
461 if (memcmp(cod
, hdev
->dev_class
, 3) == 0)
464 return hci_send_cmd(hdev
, HCI_OP_WRITE_CLASS_OF_DEV
, sizeof(cod
), cod
);
467 static void service_cache_off(struct work_struct
*work
)
469 struct hci_dev
*hdev
= container_of(work
, struct hci_dev
,
472 if (!test_and_clear_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
480 hci_dev_unlock(hdev
);
483 static void mgmt_init_hdev(struct hci_dev
*hdev
)
485 if (!test_and_set_bit(HCI_MGMT
, &hdev
->dev_flags
))
486 INIT_DELAYED_WORK(&hdev
->service_cache
, service_cache_off
);
488 if (!test_and_set_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
))
489 schedule_delayed_work(&hdev
->service_cache
,
490 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT
));
493 static int read_controller_info(struct sock
*sk
, u16 index
)
495 struct mgmt_rp_read_info rp
;
496 struct hci_dev
*hdev
;
498 BT_DBG("sock %p hci%u", sk
, index
);
500 hdev
= hci_dev_get(index
);
502 return cmd_status(sk
, index
, MGMT_OP_READ_INFO
,
503 MGMT_STATUS_INVALID_PARAMS
);
505 if (test_and_clear_bit(HCI_AUTO_OFF
, &hdev
->dev_flags
))
506 cancel_delayed_work_sync(&hdev
->power_off
);
510 if (test_and_clear_bit(HCI_PI_MGMT_INIT
, &hci_pi(sk
)->flags
))
511 mgmt_init_hdev(hdev
);
513 memset(&rp
, 0, sizeof(rp
));
515 bacpy(&rp
.bdaddr
, &hdev
->bdaddr
);
517 rp
.version
= hdev
->hci_ver
;
519 put_unaligned_le16(hdev
->manufacturer
, &rp
.manufacturer
);
521 rp
.supported_settings
= cpu_to_le32(get_supported_settings(hdev
));
522 rp
.current_settings
= cpu_to_le32(get_current_settings(hdev
));
524 memcpy(rp
.dev_class
, hdev
->dev_class
, 3);
526 memcpy(rp
.name
, hdev
->dev_name
, sizeof(hdev
->dev_name
));
528 hci_dev_unlock(hdev
);
531 return cmd_complete(sk
, index
, MGMT_OP_READ_INFO
, &rp
, sizeof(rp
));
534 static void mgmt_pending_free(struct pending_cmd
*cmd
)
541 static struct pending_cmd
*mgmt_pending_add(struct sock
*sk
, u16 opcode
,
542 struct hci_dev
*hdev
,
545 struct pending_cmd
*cmd
;
547 cmd
= kmalloc(sizeof(*cmd
), GFP_ATOMIC
);
551 cmd
->opcode
= opcode
;
552 cmd
->index
= hdev
->id
;
554 cmd
->param
= kmalloc(len
, GFP_ATOMIC
);
561 memcpy(cmd
->param
, data
, len
);
566 list_add(&cmd
->list
, &hdev
->mgmt_pending
);
571 static void mgmt_pending_foreach(u16 opcode
, struct hci_dev
*hdev
,
572 void (*cb
)(struct pending_cmd
*cmd
, void *data
),
575 struct list_head
*p
, *n
;
577 list_for_each_safe(p
, n
, &hdev
->mgmt_pending
) {
578 struct pending_cmd
*cmd
;
580 cmd
= list_entry(p
, struct pending_cmd
, list
);
582 if (opcode
> 0 && cmd
->opcode
!= opcode
)
589 static struct pending_cmd
*mgmt_pending_find(u16 opcode
, struct hci_dev
*hdev
)
591 struct pending_cmd
*cmd
;
593 list_for_each_entry(cmd
, &hdev
->mgmt_pending
, list
) {
594 if (cmd
->opcode
== opcode
)
601 static void mgmt_pending_remove(struct pending_cmd
*cmd
)
603 list_del(&cmd
->list
);
604 mgmt_pending_free(cmd
);
607 static int send_settings_rsp(struct sock
*sk
, u16 opcode
, struct hci_dev
*hdev
)
609 __le32 settings
= cpu_to_le32(get_current_settings(hdev
));
611 return cmd_complete(sk
, hdev
->id
, opcode
, &settings
, sizeof(settings
));
614 static int set_powered(struct sock
*sk
, u16 index
, unsigned char *data
, u16 len
)
616 struct mgmt_mode
*cp
;
617 struct hci_dev
*hdev
;
618 struct pending_cmd
*cmd
;
623 BT_DBG("request for hci%u", index
);
625 if (len
!= sizeof(*cp
))
626 return cmd_status(sk
, index
, MGMT_OP_SET_POWERED
,
627 MGMT_STATUS_INVALID_PARAMS
);
629 hdev
= hci_dev_get(index
);
631 return cmd_status(sk
, index
, MGMT_OP_SET_POWERED
,
632 MGMT_STATUS_INVALID_PARAMS
);
636 up
= test_bit(HCI_UP
, &hdev
->flags
);
637 if ((cp
->val
&& up
) || (!cp
->val
&& !up
)) {
638 err
= send_settings_rsp(sk
, MGMT_OP_SET_POWERED
, hdev
);
642 if (mgmt_pending_find(MGMT_OP_SET_POWERED
, hdev
)) {
643 err
= cmd_status(sk
, index
, MGMT_OP_SET_POWERED
,
648 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_POWERED
, hdev
, data
, len
);
655 schedule_work(&hdev
->power_on
);
657 schedule_work(&hdev
->power_off
.work
);
662 hci_dev_unlock(hdev
);
667 static int set_discoverable(struct sock
*sk
, u16 index
, unsigned char *data
,
670 struct mgmt_cp_set_discoverable
*cp
;
671 struct hci_dev
*hdev
;
672 struct pending_cmd
*cmd
;
678 BT_DBG("request for hci%u", index
);
680 if (len
!= sizeof(*cp
))
681 return cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
682 MGMT_STATUS_INVALID_PARAMS
);
684 hdev
= hci_dev_get(index
);
686 return cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
687 MGMT_STATUS_INVALID_PARAMS
);
691 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
692 err
= cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
693 MGMT_STATUS_NOT_POWERED
);
697 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE
, hdev
) ||
698 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE
, hdev
)) {
699 err
= cmd_status(sk
, index
, MGMT_OP_SET_DISCOVERABLE
,
704 if (cp
->val
== test_bit(HCI_ISCAN
, &hdev
->flags
) &&
705 test_bit(HCI_PSCAN
, &hdev
->flags
)) {
706 err
= send_settings_rsp(sk
, MGMT_OP_SET_DISCOVERABLE
, hdev
);
710 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_DISCOVERABLE
, hdev
, data
, len
);
719 scan
|= SCAN_INQUIRY
;
721 cancel_delayed_work(&hdev
->discov_off
);
723 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_SCAN_ENABLE
, 1, &scan
);
725 mgmt_pending_remove(cmd
);
728 hdev
->discov_timeout
= get_unaligned_le16(&cp
->timeout
);
731 hci_dev_unlock(hdev
);
737 static int set_connectable(struct sock
*sk
, u16 index
, unsigned char *data
,
740 struct mgmt_mode
*cp
;
741 struct hci_dev
*hdev
;
742 struct pending_cmd
*cmd
;
748 BT_DBG("request for hci%u", index
);
750 if (len
!= sizeof(*cp
))
751 return cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
752 MGMT_STATUS_INVALID_PARAMS
);
754 hdev
= hci_dev_get(index
);
756 return cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
757 MGMT_STATUS_INVALID_PARAMS
);
761 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
762 err
= cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
763 MGMT_STATUS_NOT_POWERED
);
767 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE
, hdev
) ||
768 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE
, hdev
)) {
769 err
= cmd_status(sk
, index
, MGMT_OP_SET_CONNECTABLE
,
774 if (cp
->val
== test_bit(HCI_PSCAN
, &hdev
->flags
)) {
775 err
= send_settings_rsp(sk
, MGMT_OP_SET_CONNECTABLE
, hdev
);
779 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_CONNECTABLE
, hdev
, data
, len
);
790 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_SCAN_ENABLE
, 1, &scan
);
792 mgmt_pending_remove(cmd
);
795 hci_dev_unlock(hdev
);
801 static int mgmt_event(u16 event
, struct hci_dev
*hdev
, void *data
,
802 u16 data_len
, struct sock
*skip_sk
)
805 struct mgmt_hdr
*hdr
;
807 skb
= alloc_skb(sizeof(*hdr
) + data_len
, GFP_ATOMIC
);
811 bt_cb(skb
)->channel
= HCI_CHANNEL_CONTROL
;
813 hdr
= (void *) skb_put(skb
, sizeof(*hdr
));
814 hdr
->opcode
= cpu_to_le16(event
);
816 hdr
->index
= cpu_to_le16(hdev
->id
);
818 hdr
->index
= cpu_to_le16(MGMT_INDEX_NONE
);
819 hdr
->len
= cpu_to_le16(data_len
);
822 memcpy(skb_put(skb
, data_len
), data
, data_len
);
824 hci_send_to_sock(NULL
, skb
, skip_sk
);
830 static int set_pairable(struct sock
*sk
, u16 index
, unsigned char *data
,
833 struct mgmt_mode
*cp
;
834 struct hci_dev
*hdev
;
840 BT_DBG("request for hci%u", index
);
842 if (len
!= sizeof(*cp
))
843 return cmd_status(sk
, index
, MGMT_OP_SET_PAIRABLE
,
844 MGMT_STATUS_INVALID_PARAMS
);
846 hdev
= hci_dev_get(index
);
848 return cmd_status(sk
, index
, MGMT_OP_SET_PAIRABLE
,
849 MGMT_STATUS_INVALID_PARAMS
);
854 set_bit(HCI_PAIRABLE
, &hdev
->dev_flags
);
856 clear_bit(HCI_PAIRABLE
, &hdev
->dev_flags
);
858 err
= send_settings_rsp(sk
, MGMT_OP_SET_PAIRABLE
, hdev
);
862 ev
= cpu_to_le32(get_current_settings(hdev
));
864 err
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
), sk
);
867 hci_dev_unlock(hdev
);
873 static int add_uuid(struct sock
*sk
, u16 index
, unsigned char *data
, u16 len
)
875 struct mgmt_cp_add_uuid
*cp
;
876 struct hci_dev
*hdev
;
877 struct bt_uuid
*uuid
;
882 BT_DBG("request for hci%u", index
);
884 if (len
!= sizeof(*cp
))
885 return cmd_status(sk
, index
, MGMT_OP_ADD_UUID
,
886 MGMT_STATUS_INVALID_PARAMS
);
888 hdev
= hci_dev_get(index
);
890 return cmd_status(sk
, index
, MGMT_OP_ADD_UUID
,
891 MGMT_STATUS_INVALID_PARAMS
);
895 uuid
= kmalloc(sizeof(*uuid
), GFP_ATOMIC
);
901 memcpy(uuid
->uuid
, cp
->uuid
, 16);
902 uuid
->svc_hint
= cp
->svc_hint
;
904 list_add(&uuid
->list
, &hdev
->uuids
);
906 err
= update_class(hdev
);
910 err
= update_eir(hdev
);
914 err
= cmd_complete(sk
, index
, MGMT_OP_ADD_UUID
, NULL
, 0);
917 hci_dev_unlock(hdev
);
923 static int remove_uuid(struct sock
*sk
, u16 index
, unsigned char *data
, u16 len
)
925 struct list_head
*p
, *n
;
926 struct mgmt_cp_remove_uuid
*cp
;
927 struct hci_dev
*hdev
;
928 u8 bt_uuid_any
[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
933 BT_DBG("request for hci%u", index
);
935 if (len
!= sizeof(*cp
))
936 return cmd_status(sk
, index
, MGMT_OP_REMOVE_UUID
,
937 MGMT_STATUS_INVALID_PARAMS
);
939 hdev
= hci_dev_get(index
);
941 return cmd_status(sk
, index
, MGMT_OP_REMOVE_UUID
,
942 MGMT_STATUS_INVALID_PARAMS
);
946 if (memcmp(cp
->uuid
, bt_uuid_any
, 16) == 0) {
947 err
= hci_uuids_clear(hdev
);
953 list_for_each_safe(p
, n
, &hdev
->uuids
) {
954 struct bt_uuid
*match
= list_entry(p
, struct bt_uuid
, list
);
956 if (memcmp(match
->uuid
, cp
->uuid
, 16) != 0)
959 list_del(&match
->list
);
964 err
= cmd_status(sk
, index
, MGMT_OP_REMOVE_UUID
,
965 MGMT_STATUS_INVALID_PARAMS
);
969 err
= update_class(hdev
);
973 err
= update_eir(hdev
);
977 err
= cmd_complete(sk
, index
, MGMT_OP_REMOVE_UUID
, NULL
, 0);
980 hci_dev_unlock(hdev
);
986 static int set_dev_class(struct sock
*sk
, u16 index
, unsigned char *data
,
989 struct hci_dev
*hdev
;
990 struct mgmt_cp_set_dev_class
*cp
;
995 BT_DBG("request for hci%u", index
);
997 if (len
!= sizeof(*cp
))
998 return cmd_status(sk
, index
, MGMT_OP_SET_DEV_CLASS
,
999 MGMT_STATUS_INVALID_PARAMS
);
1001 hdev
= hci_dev_get(index
);
1003 return cmd_status(sk
, index
, MGMT_OP_SET_DEV_CLASS
,
1004 MGMT_STATUS_INVALID_PARAMS
);
1008 hdev
->major_class
= cp
->major
;
1009 hdev
->minor_class
= cp
->minor
;
1011 if (test_and_clear_bit(HCI_SERVICE_CACHE
, &hdev
->dev_flags
)) {
1012 hci_dev_unlock(hdev
);
1013 cancel_delayed_work_sync(&hdev
->service_cache
);
1018 err
= update_class(hdev
);
1021 err
= cmd_complete(sk
, index
, MGMT_OP_SET_DEV_CLASS
, NULL
, 0);
1023 hci_dev_unlock(hdev
);
1029 static int load_link_keys(struct sock
*sk
, u16 index
, unsigned char *data
,
1032 struct hci_dev
*hdev
;
1033 struct mgmt_cp_load_link_keys
*cp
;
1034 u16 key_count
, expected_len
;
1039 if (len
< sizeof(*cp
))
1040 return cmd_status(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
,
1041 MGMT_STATUS_INVALID_PARAMS
);
1043 key_count
= get_unaligned_le16(&cp
->key_count
);
1045 expected_len
= sizeof(*cp
) + key_count
*
1046 sizeof(struct mgmt_link_key_info
);
1047 if (expected_len
!= len
) {
1048 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
1050 return cmd_status(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
,
1051 MGMT_STATUS_INVALID_PARAMS
);
1054 hdev
= hci_dev_get(index
);
1056 return cmd_status(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
,
1057 MGMT_STATUS_INVALID_PARAMS
);
1059 BT_DBG("hci%u debug_keys %u key_count %u", index
, cp
->debug_keys
,
1064 hci_link_keys_clear(hdev
);
1066 set_bit(HCI_LINK_KEYS
, &hdev
->dev_flags
);
1069 set_bit(HCI_DEBUG_KEYS
, &hdev
->dev_flags
);
1071 clear_bit(HCI_DEBUG_KEYS
, &hdev
->dev_flags
);
1073 for (i
= 0; i
< key_count
; i
++) {
1074 struct mgmt_link_key_info
*key
= &cp
->keys
[i
];
1076 hci_add_link_key(hdev
, NULL
, 0, &key
->bdaddr
, key
->val
, key
->type
,
1080 cmd_complete(sk
, index
, MGMT_OP_LOAD_LINK_KEYS
, NULL
, 0);
1082 hci_dev_unlock(hdev
);
1088 static int remove_keys(struct sock
*sk
, u16 index
, unsigned char *data
,
1091 struct hci_dev
*hdev
;
1092 struct mgmt_cp_remove_keys
*cp
;
1093 struct mgmt_rp_remove_keys rp
;
1094 struct hci_cp_disconnect dc
;
1095 struct pending_cmd
*cmd
;
1096 struct hci_conn
*conn
;
1101 if (len
!= sizeof(*cp
))
1102 return cmd_status(sk
, index
, MGMT_OP_REMOVE_KEYS
,
1103 MGMT_STATUS_INVALID_PARAMS
);
1105 hdev
= hci_dev_get(index
);
1107 return cmd_status(sk
, index
, MGMT_OP_REMOVE_KEYS
,
1108 MGMT_STATUS_INVALID_PARAMS
);
1112 memset(&rp
, 0, sizeof(rp
));
1113 bacpy(&rp
.bdaddr
, &cp
->bdaddr
);
1114 rp
.status
= MGMT_STATUS_FAILED
;
1116 err
= hci_remove_link_key(hdev
, &cp
->bdaddr
);
1118 rp
.status
= MGMT_STATUS_NOT_PAIRED
;
1122 if (!test_bit(HCI_UP
, &hdev
->flags
) || !cp
->disconnect
) {
1123 err
= cmd_complete(sk
, index
, MGMT_OP_REMOVE_KEYS
, &rp
,
1128 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
1130 err
= cmd_complete(sk
, index
, MGMT_OP_REMOVE_KEYS
, &rp
,
1135 cmd
= mgmt_pending_add(sk
, MGMT_OP_REMOVE_KEYS
, hdev
, cp
, sizeof(*cp
));
1141 put_unaligned_le16(conn
->handle
, &dc
.handle
);
1142 dc
.reason
= 0x13; /* Remote User Terminated Connection */
1143 err
= hci_send_cmd(hdev
, HCI_OP_DISCONNECT
, sizeof(dc
), &dc
);
1145 mgmt_pending_remove(cmd
);
1149 err
= cmd_complete(sk
, index
, MGMT_OP_REMOVE_KEYS
, &rp
,
1151 hci_dev_unlock(hdev
);
1157 static int disconnect(struct sock
*sk
, u16 index
, unsigned char *data
, u16 len
)
1159 struct hci_dev
*hdev
;
1160 struct mgmt_cp_disconnect
*cp
;
1161 struct hci_cp_disconnect dc
;
1162 struct pending_cmd
*cmd
;
1163 struct hci_conn
*conn
;
1170 if (len
!= sizeof(*cp
))
1171 return cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1172 MGMT_STATUS_INVALID_PARAMS
);
1174 hdev
= hci_dev_get(index
);
1176 return cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1177 MGMT_STATUS_INVALID_PARAMS
);
1181 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1182 err
= cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1183 MGMT_STATUS_NOT_POWERED
);
1187 if (mgmt_pending_find(MGMT_OP_DISCONNECT
, hdev
)) {
1188 err
= cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1193 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
1195 conn
= hci_conn_hash_lookup_ba(hdev
, LE_LINK
, &cp
->bdaddr
);
1198 err
= cmd_status(sk
, index
, MGMT_OP_DISCONNECT
,
1199 MGMT_STATUS_NOT_CONNECTED
);
1203 cmd
= mgmt_pending_add(sk
, MGMT_OP_DISCONNECT
, hdev
, data
, len
);
1209 put_unaligned_le16(conn
->handle
, &dc
.handle
);
1210 dc
.reason
= 0x13; /* Remote User Terminated Connection */
1212 err
= hci_send_cmd(hdev
, HCI_OP_DISCONNECT
, sizeof(dc
), &dc
);
1214 mgmt_pending_remove(cmd
);
1217 hci_dev_unlock(hdev
);
1223 static u8
link_to_mgmt(u8 link_type
, u8 addr_type
)
1225 switch (link_type
) {
1227 switch (addr_type
) {
1228 case ADDR_LE_DEV_PUBLIC
:
1229 return MGMT_ADDR_LE_PUBLIC
;
1230 case ADDR_LE_DEV_RANDOM
:
1231 return MGMT_ADDR_LE_RANDOM
;
1233 return MGMT_ADDR_INVALID
;
1236 return MGMT_ADDR_BREDR
;
1238 return MGMT_ADDR_INVALID
;
1242 static int get_connections(struct sock
*sk
, u16 index
)
1244 struct mgmt_rp_get_connections
*rp
;
1245 struct hci_dev
*hdev
;
1253 hdev
= hci_dev_get(index
);
1255 return cmd_status(sk
, index
, MGMT_OP_GET_CONNECTIONS
,
1256 MGMT_STATUS_INVALID_PARAMS
);
1261 list_for_each_entry(c
, &hdev
->conn_hash
.list
, list
) {
1262 if (test_bit(HCI_CONN_MGMT_CONNECTED
, &c
->flags
))
1266 rp_len
= sizeof(*rp
) + (count
* sizeof(struct mgmt_addr_info
));
1267 rp
= kmalloc(rp_len
, GFP_ATOMIC
);
1273 put_unaligned_le16(count
, &rp
->conn_count
);
1276 list_for_each_entry(c
, &hdev
->conn_hash
.list
, list
) {
1277 if (!test_bit(HCI_CONN_MGMT_CONNECTED
, &c
->flags
))
1279 bacpy(&rp
->addr
[i
].bdaddr
, &c
->dst
);
1280 rp
->addr
[i
].type
= link_to_mgmt(c
->type
, c
->dst_type
);
1281 if (rp
->addr
[i
].type
== MGMT_ADDR_INVALID
)
1286 /* Recalculate length in case of filtered SCO connections, etc */
1287 rp_len
= sizeof(*rp
) + (i
* sizeof(struct mgmt_addr_info
));
1289 err
= cmd_complete(sk
, index
, MGMT_OP_GET_CONNECTIONS
, rp
, rp_len
);
1293 hci_dev_unlock(hdev
);
1298 static int send_pin_code_neg_reply(struct sock
*sk
, u16 index
,
1299 struct hci_dev
*hdev
, struct mgmt_cp_pin_code_neg_reply
*cp
)
1301 struct pending_cmd
*cmd
;
1304 cmd
= mgmt_pending_add(sk
, MGMT_OP_PIN_CODE_NEG_REPLY
, hdev
, cp
,
1309 err
= hci_send_cmd(hdev
, HCI_OP_PIN_CODE_NEG_REPLY
, sizeof(cp
->bdaddr
),
1312 mgmt_pending_remove(cmd
);
1317 static int pin_code_reply(struct sock
*sk
, u16 index
, unsigned char *data
,
1320 struct hci_dev
*hdev
;
1321 struct hci_conn
*conn
;
1322 struct mgmt_cp_pin_code_reply
*cp
;
1323 struct mgmt_cp_pin_code_neg_reply ncp
;
1324 struct hci_cp_pin_code_reply reply
;
1325 struct pending_cmd
*cmd
;
1332 if (len
!= sizeof(*cp
))
1333 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1334 MGMT_STATUS_INVALID_PARAMS
);
1336 hdev
= hci_dev_get(index
);
1338 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1339 MGMT_STATUS_INVALID_PARAMS
);
1343 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1344 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1345 MGMT_STATUS_NOT_POWERED
);
1349 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
1351 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1352 MGMT_STATUS_NOT_CONNECTED
);
1356 if (conn
->pending_sec_level
== BT_SECURITY_HIGH
&& cp
->pin_len
!= 16) {
1357 bacpy(&ncp
.bdaddr
, &cp
->bdaddr
);
1359 BT_ERR("PIN code is not 16 bytes long");
1361 err
= send_pin_code_neg_reply(sk
, index
, hdev
, &ncp
);
1363 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_REPLY
,
1364 MGMT_STATUS_INVALID_PARAMS
);
1369 cmd
= mgmt_pending_add(sk
, MGMT_OP_PIN_CODE_REPLY
, hdev
, data
, len
);
1375 bacpy(&reply
.bdaddr
, &cp
->bdaddr
);
1376 reply
.pin_len
= cp
->pin_len
;
1377 memcpy(reply
.pin_code
, cp
->pin_code
, sizeof(reply
.pin_code
));
1379 err
= hci_send_cmd(hdev
, HCI_OP_PIN_CODE_REPLY
, sizeof(reply
), &reply
);
1381 mgmt_pending_remove(cmd
);
1384 hci_dev_unlock(hdev
);
1390 static int pin_code_neg_reply(struct sock
*sk
, u16 index
, unsigned char *data
,
1393 struct hci_dev
*hdev
;
1394 struct mgmt_cp_pin_code_neg_reply
*cp
;
1401 if (len
!= sizeof(*cp
))
1402 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_NEG_REPLY
,
1403 MGMT_STATUS_INVALID_PARAMS
);
1405 hdev
= hci_dev_get(index
);
1407 return cmd_status(sk
, index
, MGMT_OP_PIN_CODE_NEG_REPLY
,
1408 MGMT_STATUS_INVALID_PARAMS
);
1412 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1413 err
= cmd_status(sk
, index
, MGMT_OP_PIN_CODE_NEG_REPLY
,
1414 MGMT_STATUS_NOT_POWERED
);
1418 err
= send_pin_code_neg_reply(sk
, index
, hdev
, cp
);
1421 hci_dev_unlock(hdev
);
1427 static int set_io_capability(struct sock
*sk
, u16 index
, unsigned char *data
,
1430 struct hci_dev
*hdev
;
1431 struct mgmt_cp_set_io_capability
*cp
;
1437 if (len
!= sizeof(*cp
))
1438 return cmd_status(sk
, index
, MGMT_OP_SET_IO_CAPABILITY
,
1439 MGMT_STATUS_INVALID_PARAMS
);
1441 hdev
= hci_dev_get(index
);
1443 return cmd_status(sk
, index
, MGMT_OP_SET_IO_CAPABILITY
,
1444 MGMT_STATUS_INVALID_PARAMS
);
1448 hdev
->io_capability
= cp
->io_capability
;
1450 BT_DBG("%s IO capability set to 0x%02x", hdev
->name
,
1451 hdev
->io_capability
);
1453 hci_dev_unlock(hdev
);
1456 return cmd_complete(sk
, index
, MGMT_OP_SET_IO_CAPABILITY
, NULL
, 0);
1459 static inline struct pending_cmd
*find_pairing(struct hci_conn
*conn
)
1461 struct hci_dev
*hdev
= conn
->hdev
;
1462 struct pending_cmd
*cmd
;
1464 list_for_each_entry(cmd
, &hdev
->mgmt_pending
, list
) {
1465 if (cmd
->opcode
!= MGMT_OP_PAIR_DEVICE
)
1468 if (cmd
->user_data
!= conn
)
1477 static void pairing_complete(struct pending_cmd
*cmd
, u8 status
)
1479 struct mgmt_rp_pair_device rp
;
1480 struct hci_conn
*conn
= cmd
->user_data
;
1482 bacpy(&rp
.addr
.bdaddr
, &conn
->dst
);
1483 rp
.addr
.type
= link_to_mgmt(conn
->type
, conn
->dst_type
);
1486 cmd_complete(cmd
->sk
, cmd
->index
, MGMT_OP_PAIR_DEVICE
, &rp
, sizeof(rp
));
1488 /* So we don't get further callbacks for this connection */
1489 conn
->connect_cfm_cb
= NULL
;
1490 conn
->security_cfm_cb
= NULL
;
1491 conn
->disconn_cfm_cb
= NULL
;
1495 mgmt_pending_remove(cmd
);
1498 static void pairing_complete_cb(struct hci_conn
*conn
, u8 status
)
1500 struct pending_cmd
*cmd
;
1502 BT_DBG("status %u", status
);
1504 cmd
= find_pairing(conn
);
1506 BT_DBG("Unable to find a pending command");
1508 pairing_complete(cmd
, status
);
1511 static int pair_device(struct sock
*sk
, u16 index
, unsigned char *data
, u16 len
)
1513 struct hci_dev
*hdev
;
1514 struct mgmt_cp_pair_device
*cp
;
1515 struct mgmt_rp_pair_device rp
;
1516 struct pending_cmd
*cmd
;
1517 u8 sec_level
, auth_type
;
1518 struct hci_conn
*conn
;
1525 if (len
!= sizeof(*cp
))
1526 return cmd_status(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1527 MGMT_STATUS_INVALID_PARAMS
);
1529 hdev
= hci_dev_get(index
);
1531 return cmd_status(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1532 MGMT_STATUS_INVALID_PARAMS
);
1536 sec_level
= BT_SECURITY_MEDIUM
;
1537 if (cp
->io_cap
== 0x03)
1538 auth_type
= HCI_AT_DEDICATED_BONDING
;
1540 auth_type
= HCI_AT_DEDICATED_BONDING_MITM
;
1542 if (cp
->addr
.type
== MGMT_ADDR_BREDR
)
1543 conn
= hci_connect(hdev
, ACL_LINK
, &cp
->addr
.bdaddr
, sec_level
,
1546 conn
= hci_connect(hdev
, LE_LINK
, &cp
->addr
.bdaddr
, sec_level
,
1549 memset(&rp
, 0, sizeof(rp
));
1550 bacpy(&rp
.addr
.bdaddr
, &cp
->addr
.bdaddr
);
1551 rp
.addr
.type
= cp
->addr
.type
;
1554 rp
.status
= -PTR_ERR(conn
);
1555 err
= cmd_complete(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1560 if (conn
->connect_cfm_cb
) {
1563 err
= cmd_complete(sk
, index
, MGMT_OP_PAIR_DEVICE
,
1568 cmd
= mgmt_pending_add(sk
, MGMT_OP_PAIR_DEVICE
, hdev
, data
, len
);
1575 /* For LE, just connecting isn't a proof that the pairing finished */
1576 if (cp
->addr
.type
== MGMT_ADDR_BREDR
)
1577 conn
->connect_cfm_cb
= pairing_complete_cb
;
1579 conn
->security_cfm_cb
= pairing_complete_cb
;
1580 conn
->disconn_cfm_cb
= pairing_complete_cb
;
1581 conn
->io_capability
= cp
->io_cap
;
1582 cmd
->user_data
= conn
;
1584 if (conn
->state
== BT_CONNECTED
&&
1585 hci_conn_security(conn
, sec_level
, auth_type
))
1586 pairing_complete(cmd
, 0);
1591 hci_dev_unlock(hdev
);
1597 static int user_pairing_resp(struct sock
*sk
, u16 index
, bdaddr_t
*bdaddr
,
1598 u16 mgmt_op
, u16 hci_op
, __le32 passkey
)
1600 struct pending_cmd
*cmd
;
1601 struct hci_dev
*hdev
;
1602 struct hci_conn
*conn
;
1605 hdev
= hci_dev_get(index
);
1607 return cmd_status(sk
, index
, mgmt_op
,
1608 MGMT_STATUS_INVALID_PARAMS
);
1612 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1613 err
= cmd_status(sk
, index
, mgmt_op
, MGMT_STATUS_NOT_POWERED
);
1618 * Check for an existing ACL link, if present pair via
1621 * If no ACL link is present, check for an LE link and if
1622 * present, pair via the SMP engine.
1624 * If neither ACL nor LE links are present, fail with error.
1626 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, bdaddr
);
1628 conn
= hci_conn_hash_lookup_ba(hdev
, LE_LINK
, bdaddr
);
1630 err
= cmd_status(sk
, index
, mgmt_op
,
1631 MGMT_STATUS_NOT_CONNECTED
);
1635 /* Continue with pairing via SMP */
1636 err
= smp_user_confirm_reply(conn
, mgmt_op
, passkey
);
1639 err
= cmd_status(sk
, index
, mgmt_op
,
1640 MGMT_STATUS_SUCCESS
);
1642 err
= cmd_status(sk
, index
, mgmt_op
,
1643 MGMT_STATUS_FAILED
);
1648 cmd
= mgmt_pending_add(sk
, mgmt_op
, hdev
, bdaddr
, sizeof(*bdaddr
));
1654 /* Continue with pairing via HCI */
1655 if (hci_op
== HCI_OP_USER_PASSKEY_REPLY
) {
1656 struct hci_cp_user_passkey_reply cp
;
1658 bacpy(&cp
.bdaddr
, bdaddr
);
1659 cp
.passkey
= passkey
;
1660 err
= hci_send_cmd(hdev
, hci_op
, sizeof(cp
), &cp
);
1662 err
= hci_send_cmd(hdev
, hci_op
, sizeof(*bdaddr
), bdaddr
);
1665 mgmt_pending_remove(cmd
);
1668 hci_dev_unlock(hdev
);
1674 static int user_confirm_reply(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1676 struct mgmt_cp_user_confirm_reply
*cp
= (void *) data
;
1680 if (len
!= sizeof(*cp
))
1681 return cmd_status(sk
, index
, MGMT_OP_USER_CONFIRM_REPLY
,
1682 MGMT_STATUS_INVALID_PARAMS
);
1684 return user_pairing_resp(sk
, index
, &cp
->bdaddr
,
1685 MGMT_OP_USER_CONFIRM_REPLY
,
1686 HCI_OP_USER_CONFIRM_REPLY
, 0);
1689 static int user_confirm_neg_reply(struct sock
*sk
, u16 index
, void *data
,
1692 struct mgmt_cp_user_confirm_neg_reply
*cp
= data
;
1696 if (len
!= sizeof(*cp
))
1697 return cmd_status(sk
, index
, MGMT_OP_USER_CONFIRM_NEG_REPLY
,
1698 MGMT_STATUS_INVALID_PARAMS
);
1700 return user_pairing_resp(sk
, index
, &cp
->bdaddr
,
1701 MGMT_OP_USER_CONFIRM_NEG_REPLY
,
1702 HCI_OP_USER_CONFIRM_NEG_REPLY
, 0);
1705 static int user_passkey_reply(struct sock
*sk
, u16 index
, void *data
, u16 len
)
1707 struct mgmt_cp_user_passkey_reply
*cp
= (void *) data
;
1711 if (len
!= sizeof(*cp
))
1712 return cmd_status(sk
, index
, MGMT_OP_USER_PASSKEY_REPLY
,
1715 return user_pairing_resp(sk
, index
, &cp
->bdaddr
,
1716 MGMT_OP_USER_PASSKEY_REPLY
,
1717 HCI_OP_USER_PASSKEY_REPLY
, cp
->passkey
);
1720 static int user_passkey_neg_reply(struct sock
*sk
, u16 index
, void *data
,
1723 struct mgmt_cp_user_passkey_neg_reply
*cp
= (void *) data
;
1727 if (len
!= sizeof(*cp
))
1728 return cmd_status(sk
, index
, MGMT_OP_USER_PASSKEY_NEG_REPLY
,
1731 return user_pairing_resp(sk
, index
, &cp
->bdaddr
,
1732 MGMT_OP_USER_PASSKEY_NEG_REPLY
,
1733 HCI_OP_USER_PASSKEY_NEG_REPLY
, 0);
1736 static int set_local_name(struct sock
*sk
, u16 index
, unsigned char *data
,
1739 struct mgmt_cp_set_local_name
*mgmt_cp
= (void *) data
;
1740 struct hci_cp_write_local_name hci_cp
;
1741 struct hci_dev
*hdev
;
1742 struct pending_cmd
*cmd
;
1747 if (len
!= sizeof(*mgmt_cp
))
1748 return cmd_status(sk
, index
, MGMT_OP_SET_LOCAL_NAME
,
1749 MGMT_STATUS_INVALID_PARAMS
);
1751 hdev
= hci_dev_get(index
);
1753 return cmd_status(sk
, index
, MGMT_OP_SET_LOCAL_NAME
,
1754 MGMT_STATUS_INVALID_PARAMS
);
1758 cmd
= mgmt_pending_add(sk
, MGMT_OP_SET_LOCAL_NAME
, hdev
, data
, len
);
1764 memcpy(hci_cp
.name
, mgmt_cp
->name
, sizeof(hci_cp
.name
));
1765 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_LOCAL_NAME
, sizeof(hci_cp
),
1768 mgmt_pending_remove(cmd
);
1771 hci_dev_unlock(hdev
);
1777 static int read_local_oob_data(struct sock
*sk
, u16 index
)
1779 struct hci_dev
*hdev
;
1780 struct pending_cmd
*cmd
;
1783 BT_DBG("hci%u", index
);
1785 hdev
= hci_dev_get(index
);
1787 return cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1788 MGMT_STATUS_INVALID_PARAMS
);
1792 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1793 err
= cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1794 MGMT_STATUS_NOT_POWERED
);
1798 if (!(hdev
->features
[6] & LMP_SIMPLE_PAIR
)) {
1799 err
= cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1800 MGMT_STATUS_NOT_SUPPORTED
);
1804 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA
, hdev
)) {
1805 err
= cmd_status(sk
, index
, MGMT_OP_READ_LOCAL_OOB_DATA
,
1810 cmd
= mgmt_pending_add(sk
, MGMT_OP_READ_LOCAL_OOB_DATA
, hdev
, NULL
, 0);
1816 err
= hci_send_cmd(hdev
, HCI_OP_READ_LOCAL_OOB_DATA
, 0, NULL
);
1818 mgmt_pending_remove(cmd
);
1821 hci_dev_unlock(hdev
);
1827 static int add_remote_oob_data(struct sock
*sk
, u16 index
, unsigned char *data
,
1830 struct hci_dev
*hdev
;
1831 struct mgmt_cp_add_remote_oob_data
*cp
= (void *) data
;
1834 BT_DBG("hci%u ", index
);
1836 if (len
!= sizeof(*cp
))
1837 return cmd_status(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
,
1838 MGMT_STATUS_INVALID_PARAMS
);
1840 hdev
= hci_dev_get(index
);
1842 return cmd_status(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
,
1843 MGMT_STATUS_INVALID_PARAMS
);
1847 err
= hci_add_remote_oob_data(hdev
, &cp
->bdaddr
, cp
->hash
,
1850 err
= cmd_status(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
,
1851 MGMT_STATUS_FAILED
);
1853 err
= cmd_complete(sk
, index
, MGMT_OP_ADD_REMOTE_OOB_DATA
, NULL
,
1856 hci_dev_unlock(hdev
);
1862 static int remove_remote_oob_data(struct sock
*sk
, u16 index
,
1863 unsigned char *data
, u16 len
)
1865 struct hci_dev
*hdev
;
1866 struct mgmt_cp_remove_remote_oob_data
*cp
= (void *) data
;
1869 BT_DBG("hci%u ", index
);
1871 if (len
!= sizeof(*cp
))
1872 return cmd_status(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
1873 MGMT_STATUS_INVALID_PARAMS
);
1875 hdev
= hci_dev_get(index
);
1877 return cmd_status(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
1878 MGMT_STATUS_INVALID_PARAMS
);
1882 err
= hci_remove_remote_oob_data(hdev
, &cp
->bdaddr
);
1884 err
= cmd_status(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
1885 MGMT_STATUS_INVALID_PARAMS
);
1887 err
= cmd_complete(sk
, index
, MGMT_OP_REMOVE_REMOTE_OOB_DATA
,
1890 hci_dev_unlock(hdev
);
1896 static int start_discovery(struct sock
*sk
, u16 index
,
1897 unsigned char *data
, u16 len
)
1899 struct mgmt_cp_start_discovery
*cp
= (void *) data
;
1900 struct pending_cmd
*cmd
;
1901 struct hci_dev
*hdev
;
1904 BT_DBG("hci%u", index
);
1906 if (len
!= sizeof(*cp
))
1907 return cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
1908 MGMT_STATUS_INVALID_PARAMS
);
1910 hdev
= hci_dev_get(index
);
1912 return cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
1913 MGMT_STATUS_INVALID_PARAMS
);
1917 if (!test_bit(HCI_UP
, &hdev
->flags
)) {
1918 err
= cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
1919 MGMT_STATUS_NOT_POWERED
);
1923 if (hdev
->discovery
.state
!= DISCOVERY_STOPPED
) {
1924 err
= cmd_status(sk
, index
, MGMT_OP_START_DISCOVERY
,
1929 cmd
= mgmt_pending_add(sk
, MGMT_OP_START_DISCOVERY
, hdev
, NULL
, 0);
1935 err
= hci_do_inquiry(hdev
, INQUIRY_LEN_BREDR
);
1937 mgmt_pending_remove(cmd
);
1939 hci_discovery_set_state(hdev
, DISCOVERY_STARTING
);
1942 hci_dev_unlock(hdev
);
1948 static int stop_discovery(struct sock
*sk
, u16 index
)
1950 struct hci_dev
*hdev
;
1951 struct pending_cmd
*cmd
;
1952 struct hci_cp_remote_name_req_cancel cp
;
1953 struct inquiry_entry
*e
;
1956 BT_DBG("hci%u", index
);
1958 hdev
= hci_dev_get(index
);
1960 return cmd_status(sk
, index
, MGMT_OP_STOP_DISCOVERY
,
1961 MGMT_STATUS_INVALID_PARAMS
);
1965 if (!hci_discovery_active(hdev
)) {
1966 err
= cmd_status(sk
, index
, MGMT_OP_STOP_DISCOVERY
,
1967 MGMT_STATUS_REJECTED
);
1971 cmd
= mgmt_pending_add(sk
, MGMT_OP_STOP_DISCOVERY
, hdev
, NULL
, 0);
1977 if (hdev
->discovery
.state
== DISCOVERY_INQUIRY
) {
1978 err
= hci_cancel_inquiry(hdev
);
1980 mgmt_pending_remove(cmd
);
1982 hci_discovery_set_state(hdev
, DISCOVERY_STOPPING
);
1986 e
= hci_inquiry_cache_lookup_resolve(hdev
, BDADDR_ANY
, NAME_PENDING
);
1988 mgmt_pending_remove(cmd
);
1989 err
= cmd_complete(sk
, index
, MGMT_OP_STOP_DISCOVERY
, NULL
, 0);
1990 hci_discovery_set_state(hdev
, DISCOVERY_STOPPED
);
1994 bacpy(&cp
.bdaddr
, &e
->data
.bdaddr
);
1995 err
= hci_send_cmd(hdev
, HCI_OP_REMOTE_NAME_REQ_CANCEL
,
1998 mgmt_pending_remove(cmd
);
2000 hci_discovery_set_state(hdev
, DISCOVERY_STOPPING
);
2003 hci_dev_unlock(hdev
);
2009 static int confirm_name(struct sock
*sk
, u16 index
, unsigned char *data
,
2012 struct mgmt_cp_confirm_name
*cp
= (void *) data
;
2013 struct inquiry_entry
*e
;
2014 struct hci_dev
*hdev
;
2017 BT_DBG("hci%u", index
);
2019 if (len
!= sizeof(*cp
))
2020 return cmd_status(sk
, index
, MGMT_OP_CONFIRM_NAME
,
2021 MGMT_STATUS_INVALID_PARAMS
);
2023 hdev
= hci_dev_get(index
);
2025 return cmd_status(sk
, index
, MGMT_OP_CONFIRM_NAME
,
2026 MGMT_STATUS_INVALID_PARAMS
);
2030 if (!hci_discovery_active(hdev
)) {
2031 err
= cmd_status(sk
, index
, MGMT_OP_CONFIRM_NAME
,
2032 MGMT_STATUS_FAILED
);
2036 e
= hci_inquiry_cache_lookup_unknown(hdev
, &cp
->bdaddr
);
2038 err
= cmd_status (sk
, index
, MGMT_OP_CONFIRM_NAME
,
2039 MGMT_STATUS_INVALID_PARAMS
);
2043 if (cp
->name_known
) {
2044 e
->name_state
= NAME_KNOWN
;
2047 e
->name_state
= NAME_NEEDED
;
2048 hci_inquiry_cache_update_resolve(hdev
, e
);
2054 hci_dev_unlock(hdev
);
2059 static int block_device(struct sock
*sk
, u16 index
, unsigned char *data
,
2062 struct hci_dev
*hdev
;
2063 struct mgmt_cp_block_device
*cp
= (void *) data
;
2066 BT_DBG("hci%u", index
);
2068 if (len
!= sizeof(*cp
))
2069 return cmd_status(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2070 MGMT_STATUS_INVALID_PARAMS
);
2072 hdev
= hci_dev_get(index
);
2074 return cmd_status(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2075 MGMT_STATUS_INVALID_PARAMS
);
2079 err
= hci_blacklist_add(hdev
, &cp
->bdaddr
);
2081 err
= cmd_status(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2082 MGMT_STATUS_FAILED
);
2084 err
= cmd_complete(sk
, index
, MGMT_OP_BLOCK_DEVICE
,
2087 hci_dev_unlock(hdev
);
2093 static int unblock_device(struct sock
*sk
, u16 index
, unsigned char *data
,
2096 struct hci_dev
*hdev
;
2097 struct mgmt_cp_unblock_device
*cp
= (void *) data
;
2100 BT_DBG("hci%u", index
);
2102 if (len
!= sizeof(*cp
))
2103 return cmd_status(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2104 MGMT_STATUS_INVALID_PARAMS
);
2106 hdev
= hci_dev_get(index
);
2108 return cmd_status(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2109 MGMT_STATUS_INVALID_PARAMS
);
2113 err
= hci_blacklist_del(hdev
, &cp
->bdaddr
);
2116 err
= cmd_status(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2117 MGMT_STATUS_INVALID_PARAMS
);
2119 err
= cmd_complete(sk
, index
, MGMT_OP_UNBLOCK_DEVICE
,
2122 hci_dev_unlock(hdev
);
2128 static int set_fast_connectable(struct sock
*sk
, u16 index
,
2129 unsigned char *data
, u16 len
)
2131 struct hci_dev
*hdev
;
2132 struct mgmt_mode
*cp
= (void *) data
;
2133 struct hci_cp_write_page_scan_activity acp
;
2137 BT_DBG("hci%u", index
);
2139 if (len
!= sizeof(*cp
))
2140 return cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2141 MGMT_STATUS_INVALID_PARAMS
);
2143 hdev
= hci_dev_get(index
);
2145 return cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2146 MGMT_STATUS_INVALID_PARAMS
);
2151 type
= PAGE_SCAN_TYPE_INTERLACED
;
2152 acp
.interval
= 0x0024; /* 22.5 msec page scan interval */
2154 type
= PAGE_SCAN_TYPE_STANDARD
; /* default */
2155 acp
.interval
= 0x0800; /* default 1.28 sec page scan */
2158 acp
.window
= 0x0012; /* default 11.25 msec page scan window */
2160 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY
,
2163 err
= cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2164 MGMT_STATUS_FAILED
);
2168 err
= hci_send_cmd(hdev
, HCI_OP_WRITE_PAGE_SCAN_TYPE
, 1, &type
);
2170 err
= cmd_status(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2171 MGMT_STATUS_FAILED
);
2175 err
= cmd_complete(sk
, index
, MGMT_OP_SET_FAST_CONNECTABLE
,
2178 hci_dev_unlock(hdev
);
2184 int mgmt_control(struct sock
*sk
, struct msghdr
*msg
, size_t msglen
)
2187 struct mgmt_hdr
*hdr
;
2188 u16 opcode
, index
, len
;
2191 BT_DBG("got %zu bytes", msglen
);
2193 if (msglen
< sizeof(*hdr
))
2196 buf
= kmalloc(msglen
, GFP_KERNEL
);
2200 if (memcpy_fromiovec(buf
, msg
->msg_iov
, msglen
)) {
2205 hdr
= (struct mgmt_hdr
*) buf
;
2206 opcode
= get_unaligned_le16(&hdr
->opcode
);
2207 index
= get_unaligned_le16(&hdr
->index
);
2208 len
= get_unaligned_le16(&hdr
->len
);
2210 if (len
!= msglen
- sizeof(*hdr
)) {
2216 case MGMT_OP_READ_VERSION
:
2217 err
= read_version(sk
);
2219 case MGMT_OP_READ_INDEX_LIST
:
2220 err
= read_index_list(sk
);
2222 case MGMT_OP_READ_INFO
:
2223 err
= read_controller_info(sk
, index
);
2225 case MGMT_OP_SET_POWERED
:
2226 err
= set_powered(sk
, index
, buf
+ sizeof(*hdr
), len
);
2228 case MGMT_OP_SET_DISCOVERABLE
:
2229 err
= set_discoverable(sk
, index
, buf
+ sizeof(*hdr
), len
);
2231 case MGMT_OP_SET_CONNECTABLE
:
2232 err
= set_connectable(sk
, index
, buf
+ sizeof(*hdr
), len
);
2234 case MGMT_OP_SET_FAST_CONNECTABLE
:
2235 err
= set_fast_connectable(sk
, index
, buf
+ sizeof(*hdr
),
2238 case MGMT_OP_SET_PAIRABLE
:
2239 err
= set_pairable(sk
, index
, buf
+ sizeof(*hdr
), len
);
2241 case MGMT_OP_ADD_UUID
:
2242 err
= add_uuid(sk
, index
, buf
+ sizeof(*hdr
), len
);
2244 case MGMT_OP_REMOVE_UUID
:
2245 err
= remove_uuid(sk
, index
, buf
+ sizeof(*hdr
), len
);
2247 case MGMT_OP_SET_DEV_CLASS
:
2248 err
= set_dev_class(sk
, index
, buf
+ sizeof(*hdr
), len
);
2250 case MGMT_OP_LOAD_LINK_KEYS
:
2251 err
= load_link_keys(sk
, index
, buf
+ sizeof(*hdr
), len
);
2253 case MGMT_OP_REMOVE_KEYS
:
2254 err
= remove_keys(sk
, index
, buf
+ sizeof(*hdr
), len
);
2256 case MGMT_OP_DISCONNECT
:
2257 err
= disconnect(sk
, index
, buf
+ sizeof(*hdr
), len
);
2259 case MGMT_OP_GET_CONNECTIONS
:
2260 err
= get_connections(sk
, index
);
2262 case MGMT_OP_PIN_CODE_REPLY
:
2263 err
= pin_code_reply(sk
, index
, buf
+ sizeof(*hdr
), len
);
2265 case MGMT_OP_PIN_CODE_NEG_REPLY
:
2266 err
= pin_code_neg_reply(sk
, index
, buf
+ sizeof(*hdr
), len
);
2268 case MGMT_OP_SET_IO_CAPABILITY
:
2269 err
= set_io_capability(sk
, index
, buf
+ sizeof(*hdr
), len
);
2271 case MGMT_OP_PAIR_DEVICE
:
2272 err
= pair_device(sk
, index
, buf
+ sizeof(*hdr
), len
);
2274 case MGMT_OP_USER_CONFIRM_REPLY
:
2275 err
= user_confirm_reply(sk
, index
, buf
+ sizeof(*hdr
), len
);
2277 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
2278 err
= user_confirm_neg_reply(sk
, index
, buf
+ sizeof(*hdr
),
2281 case MGMT_OP_USER_PASSKEY_REPLY
:
2282 err
= user_passkey_reply(sk
, index
, buf
+ sizeof(*hdr
), len
);
2284 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
2285 err
= user_passkey_neg_reply(sk
, index
, buf
+ sizeof(*hdr
),
2288 case MGMT_OP_SET_LOCAL_NAME
:
2289 err
= set_local_name(sk
, index
, buf
+ sizeof(*hdr
), len
);
2291 case MGMT_OP_READ_LOCAL_OOB_DATA
:
2292 err
= read_local_oob_data(sk
, index
);
2294 case MGMT_OP_ADD_REMOTE_OOB_DATA
:
2295 err
= add_remote_oob_data(sk
, index
, buf
+ sizeof(*hdr
), len
);
2297 case MGMT_OP_REMOVE_REMOTE_OOB_DATA
:
2298 err
= remove_remote_oob_data(sk
, index
, buf
+ sizeof(*hdr
),
2301 case MGMT_OP_START_DISCOVERY
:
2302 err
= start_discovery(sk
, index
, buf
+ sizeof(*hdr
), len
);
2304 case MGMT_OP_STOP_DISCOVERY
:
2305 err
= stop_discovery(sk
, index
);
2307 case MGMT_OP_CONFIRM_NAME
:
2308 err
= confirm_name(sk
, index
, buf
+ sizeof(*hdr
), len
);
2310 case MGMT_OP_BLOCK_DEVICE
:
2311 err
= block_device(sk
, index
, buf
+ sizeof(*hdr
), len
);
2313 case MGMT_OP_UNBLOCK_DEVICE
:
2314 err
= unblock_device(sk
, index
, buf
+ sizeof(*hdr
), len
);
2317 BT_DBG("Unknown op %u", opcode
);
2318 err
= cmd_status(sk
, index
, opcode
,
2319 MGMT_STATUS_UNKNOWN_COMMAND
);
2333 static void cmd_status_rsp(struct pending_cmd
*cmd
, void *data
)
2337 cmd_status(cmd
->sk
, cmd
->index
, cmd
->opcode
, *status
);
2338 mgmt_pending_remove(cmd
);
2341 int mgmt_index_added(struct hci_dev
*hdev
)
2343 return mgmt_event(MGMT_EV_INDEX_ADDED
, hdev
, NULL
, 0, NULL
);
2346 int mgmt_index_removed(struct hci_dev
*hdev
)
2350 mgmt_pending_foreach(0, hdev
, cmd_status_rsp
, &status
);
2352 return mgmt_event(MGMT_EV_INDEX_REMOVED
, hdev
, NULL
, 0, NULL
);
2358 struct hci_dev
*hdev
;
2361 static void settings_rsp(struct pending_cmd
*cmd
, void *data
)
2363 struct cmd_lookup
*match
= data
;
2365 send_settings_rsp(cmd
->sk
, cmd
->opcode
, match
->hdev
);
2367 list_del(&cmd
->list
);
2369 if (match
->sk
== NULL
) {
2370 match
->sk
= cmd
->sk
;
2371 sock_hold(match
->sk
);
2374 mgmt_pending_free(cmd
);
2377 int mgmt_powered(struct hci_dev
*hdev
, u8 powered
)
2379 struct cmd_lookup match
= { powered
, NULL
, hdev
};
2383 mgmt_pending_foreach(MGMT_OP_SET_POWERED
, hdev
, settings_rsp
, &match
);
2386 u8 status
= ENETDOWN
;
2387 mgmt_pending_foreach(0, hdev
, cmd_status_rsp
, &status
);
2390 ev
= cpu_to_le32(get_current_settings(hdev
));
2392 ret
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
),
2401 int mgmt_discoverable(struct hci_dev
*hdev
, u8 discoverable
)
2403 struct cmd_lookup match
= { discoverable
, NULL
, hdev
};
2407 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE
, hdev
, settings_rsp
, &match
);
2409 ev
= cpu_to_le32(get_current_settings(hdev
));
2411 ret
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
),
2419 int mgmt_connectable(struct hci_dev
*hdev
, u8 connectable
)
2422 struct cmd_lookup match
= { connectable
, NULL
, hdev
};
2425 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE
, hdev
, settings_rsp
,
2428 ev
= cpu_to_le32(get_current_settings(hdev
));
2430 ret
= mgmt_event(MGMT_EV_NEW_SETTINGS
, hdev
, &ev
, sizeof(ev
), match
.sk
);
2438 int mgmt_write_scan_failed(struct hci_dev
*hdev
, u8 scan
, u8 status
)
2440 u8 mgmt_err
= mgmt_status(status
);
2442 if (scan
& SCAN_PAGE
)
2443 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE
, hdev
,
2444 cmd_status_rsp
, &mgmt_err
);
2446 if (scan
& SCAN_INQUIRY
)
2447 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE
, hdev
,
2448 cmd_status_rsp
, &mgmt_err
);
2453 int mgmt_new_link_key(struct hci_dev
*hdev
, struct link_key
*key
,
2456 struct mgmt_ev_new_link_key ev
;
2458 memset(&ev
, 0, sizeof(ev
));
2460 ev
.store_hint
= persistent
;
2461 bacpy(&ev
.key
.bdaddr
, &key
->bdaddr
);
2462 ev
.key
.type
= key
->type
;
2463 memcpy(ev
.key
.val
, key
->val
, 16);
2464 ev
.key
.pin_len
= key
->pin_len
;
2466 return mgmt_event(MGMT_EV_NEW_LINK_KEY
, hdev
, &ev
, sizeof(ev
), NULL
);
2469 int mgmt_device_connected(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
2470 u8 addr_type
, u8
*name
, u8 name_len
,
2474 struct mgmt_ev_device_connected
*ev
= (void *) buf
;
2477 bacpy(&ev
->addr
.bdaddr
, bdaddr
);
2478 ev
->addr
.type
= link_to_mgmt(link_type
, addr_type
);
2481 eir_len
= eir_append_data(ev
->eir
, 0, EIR_NAME_COMPLETE
,
2484 if (dev_class
&& memcmp(dev_class
, "\0\0\0", 3) != 0)
2485 eir_len
= eir_append_data(&ev
->eir
[eir_len
], eir_len
,
2486 EIR_CLASS_OF_DEV
, dev_class
, 3);
2488 put_unaligned_le16(eir_len
, &ev
->eir_len
);
2490 return mgmt_event(MGMT_EV_DEVICE_CONNECTED
, hdev
, buf
,
2491 sizeof(*ev
) + eir_len
, NULL
);
2494 static void disconnect_rsp(struct pending_cmd
*cmd
, void *data
)
2496 struct mgmt_cp_disconnect
*cp
= cmd
->param
;
2497 struct sock
**sk
= data
;
2498 struct mgmt_rp_disconnect rp
;
2500 bacpy(&rp
.bdaddr
, &cp
->bdaddr
);
2503 cmd_complete(cmd
->sk
, cmd
->index
, MGMT_OP_DISCONNECT
, &rp
, sizeof(rp
));
2508 mgmt_pending_remove(cmd
);
2511 static void remove_keys_rsp(struct pending_cmd
*cmd
, void *data
)
2514 struct mgmt_cp_remove_keys
*cp
= cmd
->param
;
2515 struct mgmt_rp_remove_keys rp
;
2517 memset(&rp
, 0, sizeof(rp
));
2518 bacpy(&rp
.bdaddr
, &cp
->bdaddr
);
2520 rp
.status
= *status
;
2522 cmd_complete(cmd
->sk
, cmd
->index
, MGMT_OP_REMOVE_KEYS
, &rp
,
2525 mgmt_pending_remove(cmd
);
2528 int mgmt_device_disconnected(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2529 u8 link_type
, u8 addr_type
)
2531 struct mgmt_addr_info ev
;
2532 struct sock
*sk
= NULL
;
2535 mgmt_pending_foreach(MGMT_OP_DISCONNECT
, hdev
, disconnect_rsp
, &sk
);
2537 bacpy(&ev
.bdaddr
, bdaddr
);
2538 ev
.type
= link_to_mgmt(link_type
, addr_type
);
2540 err
= mgmt_event(MGMT_EV_DEVICE_DISCONNECTED
, hdev
, &ev
, sizeof(ev
),
2546 mgmt_pending_foreach(MGMT_OP_REMOVE_KEYS
, hdev
, remove_keys_rsp
, NULL
);
2551 int mgmt_disconnect_failed(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 status
)
2553 struct pending_cmd
*cmd
;
2554 u8 mgmt_err
= mgmt_status(status
);
2557 cmd
= mgmt_pending_find(MGMT_OP_DISCONNECT
, hdev
);
2562 struct mgmt_rp_disconnect rp
;
2564 bacpy(&rp
.bdaddr
, bdaddr
);
2567 err
= cmd_complete(cmd
->sk
, cmd
->index
, MGMT_OP_DISCONNECT
,
2570 err
= cmd_status(cmd
->sk
, hdev
->id
, MGMT_OP_DISCONNECT
,
2573 mgmt_pending_remove(cmd
);
2578 int mgmt_connect_failed(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
2579 u8 addr_type
, u8 status
)
2581 struct mgmt_ev_connect_failed ev
;
2583 bacpy(&ev
.addr
.bdaddr
, bdaddr
);
2584 ev
.addr
.type
= link_to_mgmt(link_type
, addr_type
);
2585 ev
.status
= mgmt_status(status
);
2587 return mgmt_event(MGMT_EV_CONNECT_FAILED
, hdev
, &ev
, sizeof(ev
), NULL
);
2590 int mgmt_pin_code_request(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 secure
)
2592 struct mgmt_ev_pin_code_request ev
;
2594 bacpy(&ev
.bdaddr
, bdaddr
);
2597 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST
, hdev
, &ev
, sizeof(ev
),
2601 int mgmt_pin_code_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2604 struct pending_cmd
*cmd
;
2605 struct mgmt_rp_pin_code_reply rp
;
2608 cmd
= mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY
, hdev
);
2612 bacpy(&rp
.bdaddr
, bdaddr
);
2613 rp
.status
= mgmt_status(status
);
2615 err
= cmd_complete(cmd
->sk
, hdev
->id
, MGMT_OP_PIN_CODE_REPLY
, &rp
,
2618 mgmt_pending_remove(cmd
);
2623 int mgmt_pin_code_neg_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2626 struct pending_cmd
*cmd
;
2627 struct mgmt_rp_pin_code_reply rp
;
2630 cmd
= mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY
, hdev
);
2634 bacpy(&rp
.bdaddr
, bdaddr
);
2635 rp
.status
= mgmt_status(status
);
2637 err
= cmd_complete(cmd
->sk
, hdev
->id
, MGMT_OP_PIN_CODE_NEG_REPLY
, &rp
,
2640 mgmt_pending_remove(cmd
);
2645 int mgmt_user_confirm_request(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2646 __le32 value
, u8 confirm_hint
)
2648 struct mgmt_ev_user_confirm_request ev
;
2650 BT_DBG("%s", hdev
->name
);
2652 bacpy(&ev
.bdaddr
, bdaddr
);
2653 ev
.confirm_hint
= confirm_hint
;
2654 put_unaligned_le32(value
, &ev
.value
);
2656 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST
, hdev
, &ev
, sizeof(ev
),
2660 int mgmt_user_passkey_request(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
)
2662 struct mgmt_ev_user_passkey_request ev
;
2664 BT_DBG("%s", hdev
->name
);
2666 bacpy(&ev
.bdaddr
, bdaddr
);
2668 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST
, hdev
, &ev
, sizeof(ev
),
2672 static int user_pairing_resp_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2673 u8 status
, u8 opcode
)
2675 struct pending_cmd
*cmd
;
2676 struct mgmt_rp_user_confirm_reply rp
;
2679 cmd
= mgmt_pending_find(opcode
, hdev
);
2683 bacpy(&rp
.bdaddr
, bdaddr
);
2684 rp
.status
= mgmt_status(status
);
2685 err
= cmd_complete(cmd
->sk
, hdev
->id
, opcode
, &rp
, sizeof(rp
));
2687 mgmt_pending_remove(cmd
);
2692 int mgmt_user_confirm_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2695 return user_pairing_resp_complete(hdev
, bdaddr
, status
,
2696 MGMT_OP_USER_CONFIRM_REPLY
);
2699 int mgmt_user_confirm_neg_reply_complete(struct hci_dev
*hdev
,
2700 bdaddr_t
*bdaddr
, u8 status
)
2702 return user_pairing_resp_complete(hdev
, bdaddr
, status
,
2703 MGMT_OP_USER_CONFIRM_NEG_REPLY
);
2706 int mgmt_user_passkey_reply_complete(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
,
2709 return user_pairing_resp_complete(hdev
, bdaddr
, status
,
2710 MGMT_OP_USER_PASSKEY_REPLY
);
2713 int mgmt_user_passkey_neg_reply_complete(struct hci_dev
*hdev
,
2714 bdaddr_t
*bdaddr
, u8 status
)
2716 return user_pairing_resp_complete(hdev
, bdaddr
, status
,
2717 MGMT_OP_USER_PASSKEY_NEG_REPLY
);
2720 int mgmt_auth_failed(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 status
)
2722 struct mgmt_ev_auth_failed ev
;
2724 bacpy(&ev
.bdaddr
, bdaddr
);
2725 ev
.status
= mgmt_status(status
);
2727 return mgmt_event(MGMT_EV_AUTH_FAILED
, hdev
, &ev
, sizeof(ev
), NULL
);
2730 int mgmt_set_local_name_complete(struct hci_dev
*hdev
, u8
*name
, u8 status
)
2732 struct pending_cmd
*cmd
;
2733 struct mgmt_cp_set_local_name ev
;
2736 memset(&ev
, 0, sizeof(ev
));
2737 memcpy(ev
.name
, name
, HCI_MAX_NAME_LENGTH
);
2739 cmd
= mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME
, hdev
);
2744 err
= cmd_status(cmd
->sk
, hdev
->id
, MGMT_OP_SET_LOCAL_NAME
,
2745 mgmt_status(status
));
2751 err
= cmd_complete(cmd
->sk
, hdev
->id
, MGMT_OP_SET_LOCAL_NAME
, &ev
,
2757 err
= mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED
, hdev
, &ev
, sizeof(ev
),
2758 cmd
? cmd
->sk
: NULL
);
2762 mgmt_pending_remove(cmd
);
2766 int mgmt_read_local_oob_data_reply_complete(struct hci_dev
*hdev
, u8
*hash
,
2767 u8
*randomizer
, u8 status
)
2769 struct pending_cmd
*cmd
;
2772 BT_DBG("%s status %u", hdev
->name
, status
);
2774 cmd
= mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA
, hdev
);
2779 err
= cmd_status(cmd
->sk
, hdev
->id
,
2780 MGMT_OP_READ_LOCAL_OOB_DATA
,
2781 mgmt_status(status
));
2783 struct mgmt_rp_read_local_oob_data rp
;
2785 memcpy(rp
.hash
, hash
, sizeof(rp
.hash
));
2786 memcpy(rp
.randomizer
, randomizer
, sizeof(rp
.randomizer
));
2788 err
= cmd_complete(cmd
->sk
, hdev
->id
,
2789 MGMT_OP_READ_LOCAL_OOB_DATA
,
2793 mgmt_pending_remove(cmd
);
2798 int mgmt_device_found(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
2799 u8 addr_type
, u8
*dev_class
, s8 rssi
,
2800 u8 cfm_name
, u8
*eir
, u16 eir_len
)
2803 struct mgmt_ev_device_found
*ev
= (void *) buf
;
2806 /* Leave 5 bytes for a potential CoD field */
2807 if (sizeof(*ev
) + eir_len
+ 5 > sizeof(buf
))
2810 memset(buf
, 0, sizeof(buf
));
2812 bacpy(&ev
->addr
.bdaddr
, bdaddr
);
2813 ev
->addr
.type
= link_to_mgmt(link_type
, addr_type
);
2815 ev
->confirm_name
= cfm_name
;
2818 memcpy(ev
->eir
, eir
, eir_len
);
2820 if (dev_class
&& !eir_has_data_type(ev
->eir
, eir_len
, EIR_CLASS_OF_DEV
))
2821 eir_len
= eir_append_data(ev
->eir
, eir_len
, EIR_CLASS_OF_DEV
,
2824 put_unaligned_le16(eir_len
, &ev
->eir_len
);
2826 ev_size
= sizeof(*ev
) + eir_len
;
2828 return mgmt_event(MGMT_EV_DEVICE_FOUND
, hdev
, ev
, ev_size
, NULL
);
2831 int mgmt_remote_name(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
, u8 link_type
,
2832 u8 addr_type
, s8 rssi
, u8
*name
, u8 name_len
)
2834 struct mgmt_ev_device_found
*ev
;
2835 char buf
[sizeof(*ev
) + HCI_MAX_NAME_LENGTH
+ 2];
2838 ev
= (struct mgmt_ev_device_found
*) buf
;
2840 memset(buf
, 0, sizeof(buf
));
2842 bacpy(&ev
->addr
.bdaddr
, bdaddr
);
2843 ev
->addr
.type
= link_to_mgmt(link_type
, addr_type
);
2846 eir_len
= eir_append_data(ev
->eir
, 0, EIR_NAME_COMPLETE
, name
,
2849 put_unaligned_le16(eir_len
, &ev
->eir_len
);
2851 return mgmt_event(MGMT_EV_DEVICE_FOUND
, hdev
, &ev
, sizeof(ev
), NULL
);
2854 int mgmt_start_discovery_failed(struct hci_dev
*hdev
, u8 status
)
2856 struct pending_cmd
*cmd
;
2859 cmd
= mgmt_pending_find(MGMT_OP_START_DISCOVERY
, hdev
);
2863 err
= cmd_status(cmd
->sk
, hdev
->id
, cmd
->opcode
, mgmt_status(status
));
2864 mgmt_pending_remove(cmd
);
2869 int mgmt_stop_discovery_failed(struct hci_dev
*hdev
, u8 status
)
2871 struct pending_cmd
*cmd
;
2874 cmd
= mgmt_pending_find(MGMT_OP_STOP_DISCOVERY
, hdev
);
2878 err
= cmd_status(cmd
->sk
, hdev
->id
, cmd
->opcode
, mgmt_status(status
));
2879 mgmt_pending_remove(cmd
);
2884 int mgmt_discovering(struct hci_dev
*hdev
, u8 discovering
)
2886 struct pending_cmd
*cmd
;
2889 cmd
= mgmt_pending_find(MGMT_OP_START_DISCOVERY
, hdev
);
2891 cmd
= mgmt_pending_find(MGMT_OP_STOP_DISCOVERY
, hdev
);
2894 cmd_complete(cmd
->sk
, hdev
->id
, cmd
->opcode
, NULL
, 0);
2895 mgmt_pending_remove(cmd
);
2898 return mgmt_event(MGMT_EV_DISCOVERING
, hdev
, &discovering
,
2899 sizeof(discovering
), NULL
);
2902 int mgmt_device_blocked(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
)
2904 struct pending_cmd
*cmd
;
2905 struct mgmt_ev_device_blocked ev
;
2907 cmd
= mgmt_pending_find(MGMT_OP_BLOCK_DEVICE
, hdev
);
2909 bacpy(&ev
.bdaddr
, bdaddr
);
2911 return mgmt_event(MGMT_EV_DEVICE_BLOCKED
, hdev
, &ev
, sizeof(ev
),
2912 cmd
? cmd
->sk
: NULL
);
2915 int mgmt_device_unblocked(struct hci_dev
*hdev
, bdaddr_t
*bdaddr
)
2917 struct pending_cmd
*cmd
;
2918 struct mgmt_ev_device_unblocked ev
;
2920 cmd
= mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE
, hdev
);
2922 bacpy(&ev
.bdaddr
, bdaddr
);
2924 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED
, hdev
, &ev
, sizeof(ev
),
2925 cmd
? cmd
->sk
: NULL
);