]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blame - net/bluetooth/hci_conn.c
projects / mirror_ubuntu-zesty-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Don't try to look up private addresses as Identity Address
[mirror_ubuntu-zesty-kernel.git] / net / bluetooth / hci_conn.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI connection handling. */
26
8c520a59 27#include <linux/export.h>
1da177e4
LT		 28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
31
ac4b7236 32#include "smp.h"
7024728e
MH		 33#include "a2mp.h"
34
2dea632f
FD		 35struct sco_param {
36 u16 pkt_type;
37 u16 max_latency;
38};
39
40static const struct sco_param sco_param_cvsd[] = {
41 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000a }, /* S3 */
42 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x0007 }, /* S2 */
43 { EDR_ESCO_MASK | ESCO_EV3, 0x0007 }, /* S1 */
44 { EDR_ESCO_MASK | ESCO_HV3, 0xffff }, /* D1 */
45 { EDR_ESCO_MASK | ESCO_HV1, 0xffff }, /* D0 */
46};
47
48static const struct sco_param sco_param_wideband[] = {
49 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000d }, /* T2 */
50 { EDR_ESCO_MASK | ESCO_EV3, 0x0008 }, /* T1 */
51};
52
1aef8669 53static void hci_le_create_connection_cancel(struct hci_conn *conn)
fcd89c09
VT		 54{
55 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
56}
57
1aef8669 58static void hci_acl_create_connection(struct hci_conn *conn)
1da177e4
LT		 59{
60 struct hci_dev *hdev = conn->hdev;
61 struct inquiry_entry *ie;
62 struct hci_cp_create_conn cp;
63
42d2d87c 64 BT_DBG("hcon %p", conn);
1da177e4
LT		 65
66 conn->state = BT_CONNECT;
a0c808b3 67 conn->out = true;
a8746417 68
1da177e4
LT		 69 conn->link_mode = HCI_LM_MASTER;
70
4c67bc74
MH		 71 conn->attempt++;
72
e4e8e37c
MH		 73 conn->link_policy = hdev->link_policy;
74
1da177e4
LT		 75 memset(&cp, 0, sizeof(cp));
76 bacpy(&cp.bdaddr, &conn->dst);
77 cp.pscan_rep_mode = 0x02;
78
70f23020
AE		 79 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
80 if (ie) {
41a96212
MH		 81 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
82 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
83 cp.pscan_mode = ie->data.pscan_mode;
84 cp.clock_offset = ie->data.clock_offset |
82781e63 85 __constant_cpu_to_le16(0x8000);
41a96212
MH		 86 }
87
1da177e4 88 memcpy(conn->dev_class, ie->data.dev_class, 3);
58a681ef
JH		 89 if (ie->data.ssp_mode > 0)
90 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
1da177e4
LT		 91 }
92
a8746417 93 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 94 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
b6a0dc82 95 cp.role_switch = 0x01;
1da177e4 96 else
b6a0dc82 97 cp.role_switch = 0x00;
4c67bc74 98
a9de9248 99 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
1da177e4
LT		 100}
101
1aef8669 102static void hci_acl_create_connection_cancel(struct hci_conn *conn)
6ac59344
MH		 103{
104 struct hci_cp_create_conn_cancel cp;
105
38b3fef1 106 BT_DBG("hcon %p", conn);
6ac59344 107
d095c1eb 108 if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
6ac59344
MH		 109 return;
110
111 bacpy(&cp.bdaddr, &conn->dst);
a9de9248 112 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
6ac59344
MH		 113}
114
93796fa6
CT		 115static void hci_reject_sco(struct hci_conn *conn)
116{
117 struct hci_cp_reject_sync_conn_req cp;
118
119 cp.reason = HCI_ERROR_REMOTE_USER_TERM;
120 bacpy(&cp.bdaddr, &conn->dst);
121
122 hci_send_cmd(conn->hdev, HCI_OP_REJECT_SYNC_CONN_REQ, sizeof(cp), &cp);
123}
124
bed71748 125void hci_disconnect(struct hci_conn *conn, __u8 reason)
1da177e4
LT		 126{
127 struct hci_cp_disconnect cp;
128
38b3fef1 129 BT_DBG("hcon %p", conn);
1da177e4
LT		 130
131 conn->state = BT_DISCONN;
132
aca3192c 133 cp.handle = cpu_to_le16(conn->handle);
1da177e4 134 cp.reason = reason;
a9de9248 135 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
1da177e4
LT		 136}
137
53502d69
AE		 138static void hci_amp_disconn(struct hci_conn *conn, __u8 reason)
139{
140 struct hci_cp_disconn_phy_link cp;
141
142 BT_DBG("hcon %p", conn);
143
144 conn->state = BT_DISCONN;
145
146 cp.phy_handle = HCI_PHY_HANDLE(conn->handle);
147 cp.reason = reason;
148 hci_send_cmd(conn->hdev, HCI_OP_DISCONN_PHY_LINK,
149 sizeof(cp), &cp);
150}
151
57f5d0d1 152static void hci_add_sco(struct hci_conn *conn, __u16 handle)
1da177e4
LT		 153{
154 struct hci_dev *hdev = conn->hdev;
155 struct hci_cp_add_sco cp;
156
38b3fef1 157 BT_DBG("hcon %p", conn);
1da177e4
LT		 158
159 conn->state = BT_CONNECT;
a0c808b3 160 conn->out = true;
1da177e4 161
efc7688b
MH		 162 conn->attempt++;
163
aca3192c 164 cp.handle = cpu_to_le16(handle);
a8746417 165 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 166
a9de9248 167 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
1da177e4
LT		 168}
169
2dea632f 170bool hci_setup_sync(struct hci_conn *conn, __u16 handle)
b6a0dc82
MH		 171{
172 struct hci_dev *hdev = conn->hdev;
173 struct hci_cp_setup_sync_conn cp;
2dea632f 174 const struct sco_param *param;
b6a0dc82 175
38b3fef1 176 BT_DBG("hcon %p", conn);
b6a0dc82
MH		 177
178 conn->state = BT_CONNECT;
a0c808b3 179 conn->out = true;
b6a0dc82 180
efc7688b
MH		 181 conn->attempt++;
182
b6a0dc82 183 cp.handle = cpu_to_le16(handle);
b6a0dc82 184
82781e63
AE		 185 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
186 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
10c62ddc
FD		 187 cp.voice_setting = cpu_to_le16(conn->setting);
188
189 switch (conn->setting & SCO_AIRMODE_MASK) {
190 case SCO_AIRMODE_TRANSP:
2dea632f
FD		 191 if (conn->attempt > ARRAY_SIZE(sco_param_wideband))
192 return false;
10c62ddc 193 cp.retrans_effort = 0x02;
2dea632f 194 param = &sco_param_wideband[conn->attempt - 1];
10c62ddc
FD		 195 break;
196 case SCO_AIRMODE_CVSD:
2dea632f
FD		 197 if (conn->attempt > ARRAY_SIZE(sco_param_cvsd))
198 return false;
199 cp.retrans_effort = 0x01;
200 param = &sco_param_cvsd[conn->attempt - 1];
10c62ddc 201 break;
2dea632f
FD		 202 default:
203 return false;
10c62ddc 204 }
b6a0dc82 205
2dea632f
FD		 206 cp.pkt_type = __cpu_to_le16(param->pkt_type);
207 cp.max_latency = __cpu_to_le16(param->max_latency);
208
209 if (hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp) < 0)
210 return false;
211
212 return true;
b6a0dc82
MH		 213}
214
2ce603eb 215void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
5974e4c4 216 u16 latency, u16 to_multiplier)
2ce603eb
CT		 217{
218 struct hci_cp_le_conn_update cp;
219 struct hci_dev *hdev = conn->hdev;
220
221 memset(&cp, 0, sizeof(cp));
222
223 cp.handle = cpu_to_le16(conn->handle);
224 cp.conn_interval_min = cpu_to_le16(min);
225 cp.conn_interval_max = cpu_to_le16(max);
226 cp.conn_latency = cpu_to_le16(latency);
227 cp.supervision_timeout = cpu_to_le16(to_multiplier);
82781e63
AE		 228 cp.min_ce_len = __constant_cpu_to_le16(0x0001);
229 cp.max_ce_len = __constant_cpu_to_le16(0x0001);
2ce603eb
CT		 230
231 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
232}
2ce603eb 233
a7a595f6 234void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8],
5974e4c4 235 __u8 ltk[16])
a7a595f6
VCG		 236{
237 struct hci_dev *hdev = conn->hdev;
238 struct hci_cp_le_start_enc cp;
239
38b3fef1 240 BT_DBG("hcon %p", conn);
a7a595f6
VCG		 241
242 memset(&cp, 0, sizeof(cp));
243
244 cp.handle = cpu_to_le16(conn->handle);
245 memcpy(cp.ltk, ltk, sizeof(cp.ltk));
246 cp.ediv = ediv;
51beabdf 247 memcpy(cp.rand, rand, sizeof(cp.rand));
a7a595f6
VCG		 248
249 hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
250}
a7a595f6 251
e73439d8
MH		 252/* Device _must_ be locked */
253void hci_sco_setup(struct hci_conn *conn, __u8 status)
254{
255 struct hci_conn *sco = conn->link;
256
e73439d8
MH		 257 if (!sco)
258 return;
259
38b3fef1
AE		 260 BT_DBG("hcon %p", conn);
261
e73439d8
MH		 262 if (!status) {
263 if (lmp_esco_capable(conn->hdev))
264 hci_setup_sync(sco, conn->handle);
265 else
266 hci_add_sco(sco, conn->handle);
267 } else {
268 hci_proto_connect_cfm(sco, status);
269 hci_conn_del(sco);
270 }
271}
272
53502d69
AE		 273static void hci_conn_disconnect(struct hci_conn *conn)
274{
275 __u8 reason = hci_proto_disconn_ind(conn);
276
277 switch (conn->type) {
53502d69
AE		 278 case AMP_LINK:
279 hci_amp_disconn(conn, reason);
280 break;
4c02e2d4 281 default:
bed71748 282 hci_disconnect(conn, reason);
4c02e2d4 283 break;
53502d69
AE		 284 }
285}
286
19c40e3b 287static void hci_conn_timeout(struct work_struct *work)
1da177e4 288{
19c40e3b 289 struct hci_conn *conn = container_of(work, struct hci_conn,
5974e4c4 290 disc_work.work);
1da177e4 291
38b3fef1 292 BT_DBG("hcon %p state %s", conn, state_to_string(conn->state));
1da177e4
LT		 293
294 if (atomic_read(&conn->refcnt))
295 return;
296
6ac59344
MH		 297 switch (conn->state) {
298 case BT_CONNECT:
769be974 299 case BT_CONNECT2:
fcd89c09
VT		 300 if (conn->out) {
301 if (conn->type == ACL_LINK)
1aef8669 302 hci_acl_create_connection_cancel(conn);
fcd89c09 303 else if (conn->type == LE_LINK)
1aef8669 304 hci_le_create_connection_cancel(conn);
93796fa6
CT		 305 } else if (conn->type == SCO_LINK || conn->type == ESCO_LINK) {
306 hci_reject_sco(conn);
fcd89c09 307 }
6ac59344 308 break;
769be974 309 case BT_CONFIG:
8e87d142 310 case BT_CONNECTED:
53502d69 311 hci_conn_disconnect(conn);
6ac59344
MH		 312 break;
313 default:
1da177e4 314 conn->state = BT_CLOSED;
6ac59344
MH		 315 break;
316 }
1da177e4
LT		 317}
318
416dc94b 319/* Enter sniff mode */
a74a84f6 320static void hci_conn_idle(struct work_struct *work)
416dc94b 321{
a74a84f6
JH		 322 struct hci_conn *conn = container_of(work, struct hci_conn,
323 idle_work.work);
416dc94b
GP		 324 struct hci_dev *hdev = conn->hdev;
325
38b3fef1 326 BT_DBG("hcon %p mode %d", conn, conn->mode);
416dc94b
GP		 327
328 if (test_bit(HCI_RAW, &hdev->flags))
329 return;
330
331 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
332 return;
333
334 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
335 return;
336
337 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
338 struct hci_cp_sniff_subrate cp;
339 cp.handle = cpu_to_le16(conn->handle);
82781e63
AE		 340 cp.max_latency = __constant_cpu_to_le16(0);
341 cp.min_remote_timeout = __constant_cpu_to_le16(0);
342 cp.min_local_timeout = __constant_cpu_to_le16(0);
416dc94b
GP		 343 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
344 }
345
51a8efd7 346 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
416dc94b
GP		 347 struct hci_cp_sniff_mode cp;
348 cp.handle = cpu_to_le16(conn->handle);
349 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
350 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
82781e63
AE		 351 cp.attempt = __constant_cpu_to_le16(4);
352 cp.timeout = __constant_cpu_to_le16(1);
416dc94b
GP		 353 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
354 }
355}
356
7bc18d9d 357static void hci_conn_auto_accept(struct work_struct *work)
9f61656a 358{
7bc18d9d
JH		 359 struct hci_conn *conn = container_of(work, struct hci_conn,
360 auto_accept_work.work);
9f61656a 361
7bc18d9d 362 hci_send_cmd(conn->hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
5974e4c4 363 &conn->dst);
9f61656a
JH		 364}
365
1da177e4
LT		 366struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
367{
368 struct hci_conn *conn;
369
6ed93dc6 370 BT_DBG("%s dst %pMR", hdev->name, dst);
1da177e4 371
cb601d7e 372 conn = kzalloc(sizeof(struct hci_conn), GFP_KERNEL);
04837f64 373 if (!conn)
1da177e4 374 return NULL;
1da177e4
LT		 375
376 bacpy(&conn->dst, dst);
662e8820 377 bacpy(&conn->src, &hdev->bdaddr);
a8746417
MH		 378 conn->hdev = hdev;
379 conn->type = type;
380 conn->mode = HCI_CM_ACTIVE;
381 conn->state = BT_OPEN;
93f19c9f 382 conn->auth_type = HCI_AT_GENERAL_BONDING;
17fa4b9d 383 conn->io_capability = hdev->io_capability;
a9583556 384 conn->remote_auth = 0xff;
13d39315 385 conn->key_type = 0xff;
1da177e4 386
58a681ef 387 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
052b30b0 388 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
04837f64 389
a8746417
MH		 390 switch (type) {
391 case ACL_LINK:
392 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
393 break;
394 case SCO_LINK:
395 if (lmp_esco_capable(hdev))
efc7688b
MH		 396 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
397 (hdev->esco_type & EDR_ESCO_MASK);
a8746417
MH		 398 else
399 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
400 break;
401 case ESCO_LINK:
efc7688b 402 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
a8746417
MH		 403 break;
404 }
405
1da177e4 406 skb_queue_head_init(&conn->data_q);
04837f64 407
70c1f20b 408 INIT_LIST_HEAD(&conn->chan_list);
73d80deb 409
19c40e3b 410 INIT_DELAYED_WORK(&conn->disc_work, hci_conn_timeout);
7bc18d9d 411 INIT_DELAYED_WORK(&conn->auto_accept_work, hci_conn_auto_accept);
a74a84f6 412 INIT_DELAYED_WORK(&conn->idle_work, hci_conn_idle);
1da177e4
LT		 413
414 atomic_set(&conn->refcnt, 0);
415
416 hci_dev_hold(hdev);
417
1da177e4 418 hci_conn_hash_add(hdev, conn);
3c54711c 419 if (hdev->notify)
1da177e4
LT		 420 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
421
a67e899c
MH		 422 hci_conn_init_sysfs(conn);
423
1da177e4
LT		 424 return conn;
425}
426
427int hci_conn_del(struct hci_conn *conn)
428{
429 struct hci_dev *hdev = conn->hdev;
430
38b3fef1 431 BT_DBG("%s hcon %p handle %d", hdev->name, conn, conn->handle);
1da177e4 432
19c40e3b 433 cancel_delayed_work_sync(&conn->disc_work);
7bc18d9d 434 cancel_delayed_work_sync(&conn->auto_accept_work);
a74a84f6 435 cancel_delayed_work_sync(&conn->idle_work);
9f61656a 436
5b7f9909 437 if (conn->type == ACL_LINK) {
1da177e4
LT		 438 struct hci_conn *sco = conn->link;
439 if (sco)
440 sco->link = NULL;
441
442 /* Unacked frames */
443 hdev->acl_cnt += conn->sent;
6ed58ec5
VT		 444 } else if (conn->type == LE_LINK) {
445 if (hdev->le_pkts)
446 hdev->le_cnt += conn->sent;
447 else
448 hdev->acl_cnt += conn->sent;
5b7f9909
MH		 449 } else {
450 struct hci_conn *acl = conn->link;
451 if (acl) {
452 acl->link = NULL;
76a68ba0 453 hci_conn_drop(acl);
5b7f9909 454 }
1da177e4
LT		 455 }
456
2c33c06a 457 hci_chan_list_flush(conn);
73d80deb 458
9740e49d
AE		 459 if (conn->amp_mgr)
460 amp_mgr_put(conn->amp_mgr);
461
1da177e4 462 hci_conn_hash_del(hdev, conn);
3c54711c 463 if (hdev->notify)
1da177e4 464 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
7d0db0a3 465
1da177e4 466 skb_queue_purge(&conn->data_q);
1da177e4 467
fc225c3f 468 hci_conn_del_sysfs(conn);
2ae9a6be 469
384943ec
MH		 470 hci_dev_put(hdev);
471
8d12356f 472 hci_conn_put(conn);
163f4dab 473
1da177e4
LT		 474 return 0;
475}
476
477struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
478{
479 int use_src = bacmp(src, BDADDR_ANY);
8035ded4 480 struct hci_dev *hdev = NULL, *d;
1da177e4 481
6ed93dc6 482 BT_DBG("%pMR -> %pMR", src, dst);
1da177e4 483
f20d09d5 484 read_lock(&hci_dev_list_lock);
1da177e4 485
8035ded4 486 list_for_each_entry(d, &hci_dev_list, list) {
8fc9ced3 487 if (!test_bit(HCI_UP, &d->flags) ||
d300fa9b 488 test_bit(HCI_RAW, &d->flags) ||
af750e94 489 test_bit(HCI_USER_CHANNEL, &d->dev_flags) ||
d300fa9b 490 d->dev_type != HCI_BREDR)
1da177e4
LT		 491 continue;
492
8e87d142 493 /* Simple routing:
1da177e4
LT		 494 * No source address - find interface with bdaddr != dst
495 * Source address - find interface with bdaddr == src
496 */
497
498 if (use_src) {
499 if (!bacmp(&d->bdaddr, src)) {
500 hdev = d; break;
501 }
502 } else {
503 if (bacmp(&d->bdaddr, dst)) {
504 hdev = d; break;
505 }
506 }
507 }
508
509 if (hdev)
510 hdev = hci_dev_hold(hdev);
511
f20d09d5 512 read_unlock(&hci_dev_list_lock);
1da177e4
LT		 513 return hdev;
514}
515EXPORT_SYMBOL(hci_get_route);
516
9bb3c01f
AG		 517/* This function requires the caller holds hdev->lock */
518static void le_conn_failed(struct hci_conn *conn, u8 status)
519{
520 struct hci_dev *hdev = conn->hdev;
521
522 conn->state = BT_CLOSED;
523
524 mgmt_connect_failed(hdev, &conn->dst, conn->type, conn->dst_type,
525 status);
526
527 hci_proto_connect_cfm(conn, status);
528
529 hci_conn_del(conn);
530}
531
1d399ae5
AG		 532static void create_le_conn_complete(struct hci_dev *hdev, u8 status)
533{
534 struct hci_conn *conn;
535
536 if (status == 0)
537 return;
538
539 BT_ERR("HCI request failed to create LE connection: status 0x%2.2x",
540 status);
541
542 hci_dev_lock(hdev);
543
544 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
545 if (!conn)
546 goto done;
547
9bb3c01f 548 le_conn_failed(conn, status);
1d399ae5
AG		 549
550done:
551 hci_dev_unlock(hdev);
552}
553
554static int hci_create_le_conn(struct hci_conn *conn)
555{
556 struct hci_dev *hdev = conn->hdev;
557 struct hci_cp_le_create_conn cp;
558 struct hci_request req;
559 int err;
560
561 hci_req_init(&req, hdev);
562
563 memset(&cp, 0, sizeof(cp));
bef64738
MH		 564 cp.scan_interval = cpu_to_le16(hdev->le_scan_interval);
565 cp.scan_window = cpu_to_le16(hdev->le_scan_window);
1d399ae5
AG		 566 bacpy(&cp.peer_addr, &conn->dst);
567 cp.peer_addr_type = conn->dst_type;
e7c4096e 568 cp.own_address_type = conn->src_type;
1e406eef
AG		 569 cp.conn_interval_min = cpu_to_le16(conn->le_conn_min_interval);
570 cp.conn_interval_max = cpu_to_le16(conn->le_conn_max_interval);
1d399ae5
AG		 571 cp.supervision_timeout = __constant_cpu_to_le16(0x002a);
572 cp.min_ce_len = __constant_cpu_to_le16(0x0000);
573 cp.max_ce_len = __constant_cpu_to_le16(0x0000);
4e70c7e7 574
1d399ae5
AG		 575 hci_req_add(&req, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
576
577 err = hci_req_run(&req, create_le_conn_complete);
578 if (err) {
579 hci_conn_del(conn);
580 return err;
581 }
582
583 return 0;
584}
585
d04aef4c
VCG		 586static struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst,
587 u8 dst_type, u8 sec_level, u8 auth_type)
1da177e4 588{
4292f1f3 589 struct hci_conn_params *params;
f1e5d547 590 struct hci_conn *conn;
1d399ae5 591 int err;
1da177e4 592
f3d3444a 593 if (test_bit(HCI_ADVERTISING, &hdev->flags))
f1550478
JH		 594 return ERR_PTR(-ENOTSUPP);
595
620ad521
AG		 596 /* Some devices send ATT messages as soon as the physical link is
597 * established. To be able to handle these ATT messages, the user-
598 * space first establishes the connection and then starts the pairing
599 * process.
600 *
601 * So if a hci_conn object already exists for the following connection
602 * attempt, we simply update pending_sec_level and auth_type fields
603 * and return the object found.
604 */
f1e5d547 605 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
620ad521
AG		 606 if (conn) {
607 conn->pending_sec_level = sec_level;
608 conn->auth_type = auth_type;
609 goto done;
610 }
dfc94dbd 611
620ad521
AG		 612 /* Since the controller supports only one LE connection attempt at a
613 * time, we return -EBUSY if there is any connection attempt running.
614 */
615 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
616 if (conn)
617 return ERR_PTR(-EBUSY);
46a190cb 618
620ad521
AG		 619 conn = hci_conn_add(hdev, LE_LINK, dst);
620 if (!conn)
621 return ERR_PTR(-ENOMEM);
9f0caeb1 622
79d95a19
MH		 623 if (dst_type == BDADDR_LE_PUBLIC)
624 conn->dst_type = ADDR_LE_DEV_PUBLIC;
625 else
626 conn->dst_type = ADDR_LE_DEV_RANDOM;
e7c4096e 627
79830f66 628 conn->src_type = hdev->own_addr_type;
e7c4096e 629
620ad521
AG		 630 conn->state = BT_CONNECT;
631 conn->out = true;
632 conn->link_mode |= HCI_LM_MASTER;
633 conn->sec_level = BT_SECURITY_LOW;
f1e5d547
AG		 634 conn->pending_sec_level = sec_level;
635 conn->auth_type = auth_type;
4292f1f3
AG		 636
637 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
638 if (params) {
639 conn->le_conn_min_interval = params->conn_min_interval;
640 conn->le_conn_max_interval = params->conn_max_interval;
641 } else {
642 conn->le_conn_min_interval = hdev->le_conn_min_interval;
643 conn->le_conn_max_interval = hdev->le_conn_max_interval;
644 }
eda42b50 645
620ad521
AG		 646 err = hci_create_le_conn(conn);
647 if (err)
648 return ERR_PTR(err);
fcd89c09 649
620ad521
AG		 650done:
651 hci_conn_hold(conn);
f1e5d547 652 return conn;
d04aef4c 653}
fcd89c09 654
db474275
VCG		 655static struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst,
656 u8 sec_level, u8 auth_type)
1da177e4
LT		 657{
658 struct hci_conn *acl;
fcd89c09 659
56f87901
JH		 660 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
661 return ERR_PTR(-ENOTSUPP);
662
70f23020
AE		 663 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
664 if (!acl) {
665 acl = hci_conn_add(hdev, ACL_LINK, dst);
666 if (!acl)
48c7aba9 667 return ERR_PTR(-ENOMEM);
1da177e4
LT		 668 }
669
670 hci_conn_hold(acl);
671
09ab6f4c 672 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
765c2a96
JH		 673 acl->sec_level = BT_SECURITY_LOW;
674 acl->pending_sec_level = sec_level;
09ab6f4c 675 acl->auth_type = auth_type;
1aef8669 676 hci_acl_create_connection(acl);
09ab6f4c 677 }
1da177e4 678
db474275
VCG		 679 return acl;
680}
681
10c62ddc
FD		 682struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type, bdaddr_t *dst,
683 __u16 setting)
db474275
VCG		 684{
685 struct hci_conn *acl;
686 struct hci_conn *sco;
687
e660ed6c 688 acl = hci_connect_acl(hdev, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING);
db474275 689 if (IS_ERR(acl))
5b7f9909 690 return acl;
1da177e4 691
70f23020
AE		 692 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
693 if (!sco) {
694 sco = hci_conn_add(hdev, type, dst);
695 if (!sco) {
76a68ba0 696 hci_conn_drop(acl);
48c7aba9 697 return ERR_PTR(-ENOMEM);
1da177e4 698 }
5b7f9909 699 }
1da177e4 700
5b7f9909
MH		 701 acl->link = sco;
702 sco->link = acl;
1da177e4 703
5b7f9909 704 hci_conn_hold(sco);
1da177e4 705
10c62ddc
FD		 706 sco->setting = setting;
707
5b7f9909 708 if (acl->state == BT_CONNECTED &&
5974e4c4 709 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
58a681ef 710 set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
14b12d0b 711 hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
c390216b 712
51a8efd7 713 if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->flags)) {
e73439d8 714 /* defer SCO setup until mode change completed */
51a8efd7 715 set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->flags);
e73439d8
MH		 716 return sco;
717 }
718
719 hci_sco_setup(acl, 0x00);
b6a0dc82 720 }
5b7f9909
MH		 721
722 return sco;
1da177e4 723}
1da177e4 724
b7d839bf
VCG		 725/* Create SCO, ACL or LE connection. */
726struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
727 __u8 dst_type, __u8 sec_level, __u8 auth_type)
728{
6ed93dc6 729 BT_DBG("%s dst %pMR type 0x%x", hdev->name, dst, type);
b7d839bf 730
4cd2d983
VCG		 731 switch (type) {
732 case LE_LINK:
b7d839bf 733 return hci_connect_le(hdev, dst, dst_type, sec_level, auth_type);
4cd2d983 734 case ACL_LINK:
b7d839bf 735 return hci_connect_acl(hdev, dst, sec_level, auth_type);
4cd2d983 736 }
b7d839bf 737
4cd2d983 738 return ERR_PTR(-EINVAL);
b7d839bf
VCG		 739}
740
e7c29cb1
MH		 741/* Check link security requirement */
742int hci_conn_check_link_mode(struct hci_conn *conn)
743{
38b3fef1 744 BT_DBG("hcon %p", conn);
e7c29cb1 745
aa64a8b5 746 if (hci_conn_ssp_enabled(conn) && !(conn->link_mode & HCI_LM_ENCRYPT))
e7c29cb1
MH		 747 return 0;
748
749 return 1;
750}
e7c29cb1 751
1da177e4 752/* Authenticate remote device */
0684e5f9 753static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4 754{
38b3fef1 755 BT_DBG("hcon %p", conn);
1da177e4 756
765c2a96
JH		 757 if (conn->pending_sec_level > sec_level)
758 sec_level = conn->pending_sec_level;
759
96a31833 760 if (sec_level > conn->sec_level)
765c2a96 761 conn->pending_sec_level = sec_level;
96a31833 762 else if (conn->link_mode & HCI_LM_AUTH)
1da177e4
LT		 763 return 1;
764
65cf686e
JH		 765 /* Make sure we preserve an existing MITM requirement*/
766 auth_type |= (conn->auth_type & 0x01);
767
96a31833
MH		 768 conn->auth_type = auth_type;
769
51a8efd7 770 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 771 struct hci_cp_auth_requested cp;
b7d05bad
PH		 772
773 /* encrypt must be pending if auth is also pending */
774 set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
775
aca3192c 776 cp.handle = cpu_to_le16(conn->handle);
40be492f 777 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
5974e4c4 778 sizeof(cp), &cp);
19f8def0 779 if (conn->key_type != 0xff)
51a8efd7 780 set_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 781 }
8c1b2355 782
1da177e4
LT		 783 return 0;
784}
1da177e4 785
13d39315
WR		 786/* Encrypt the the link */
787static void hci_conn_encrypt(struct hci_conn *conn)
788{
38b3fef1 789 BT_DBG("hcon %p", conn);
13d39315 790
51a8efd7 791 if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
13d39315
WR		 792 struct hci_cp_set_conn_encrypt cp;
793 cp.handle = cpu_to_le16(conn->handle);
794 cp.encrypt = 0x01;
795 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
5974e4c4 796 &cp);
13d39315
WR		 797 }
798}
799
8c1b2355 800/* Enable security */
0684e5f9 801int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4 802{
38b3fef1 803 BT_DBG("hcon %p", conn);
1da177e4 804
d8343f12
VCG		 805 if (conn->type == LE_LINK)
806 return smp_conn_security(conn, sec_level);
807
13d39315 808 /* For sdp we don't need the link key. */
8c1b2355
MH		 809 if (sec_level == BT_SECURITY_SDP)
810 return 1;
811
13d39315
WR		 812 /* For non 2.1 devices and low security level we don't need the link
813 key. */
aa64a8b5 814 if (sec_level == BT_SECURITY_LOW && !hci_conn_ssp_enabled(conn))
3fdca1e1 815 return 1;
8c1b2355 816
13d39315
WR		 817 /* For other security levels we need the link key. */
818 if (!(conn->link_mode & HCI_LM_AUTH))
819 goto auth;
820
7b5a9241
MH		 821 /* An authenticated FIPS approved combination key has sufficient
822 * security for security level 4. */
823 if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256 &&
824 sec_level == BT_SECURITY_FIPS)
825 goto encrypt;
826
827 /* An authenticated combination key has sufficient security for
828 security level 3. */
829 if ((conn->key_type == HCI_LK_AUTH_COMBINATION_P192 ||
830 conn->key_type == HCI_LK_AUTH_COMBINATION_P256) &&
831 sec_level == BT_SECURITY_HIGH)
13d39315
WR		 832 goto encrypt;
833
834 /* An unauthenticated combination key has sufficient security for
835 security level 1 and 2. */
66138ce8
MH		 836 if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 ||
837 conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) &&
5974e4c4 838 (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
13d39315
WR		 839 goto encrypt;
840
841 /* A combination key has always sufficient security for the security
842 levels 1 or 2. High security level requires the combination key
843 is generated using maximum PIN code length (16).
844 For pre 2.1 units. */
845 if (conn->key_type == HCI_LK_COMBINATION &&
7b5a9241
MH		 846 (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW ||
847 conn->pin_length == 16))
13d39315
WR		 848 goto encrypt;
849
850auth:
51a8efd7 851 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
1da177e4
LT		 852 return 0;
853
6fdf658c
LAD		 854 if (!hci_conn_auth(conn, sec_level, auth_type))
855 return 0;
13d39315
WR		 856
857encrypt:
858 if (conn->link_mode & HCI_LM_ENCRYPT)
859 return 1;
8c1b2355 860
13d39315 861 hci_conn_encrypt(conn);
1da177e4
LT		 862 return 0;
863}
8c1b2355 864EXPORT_SYMBOL(hci_conn_security);
1da177e4 865
b3b1b061
WR		 866/* Check secure link requirement */
867int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
868{
38b3fef1 869 BT_DBG("hcon %p", conn);
b3b1b061 870
9cb2e030
MH		 871 /* Accept if non-secure or higher security level is required */
872 if (sec_level != BT_SECURITY_HIGH && sec_level != BT_SECURITY_FIPS)
873 return 1;
b3b1b061 874
9cb2e030
MH		 875 /* Accept if secure or higher security level is already present */
876 if (conn->sec_level == BT_SECURITY_HIGH ||
877 conn->sec_level == BT_SECURITY_FIPS)
b3b1b061
WR		 878 return 1;
879
9cb2e030
MH		 880 /* Reject not secure link */
881 return 0;
b3b1b061
WR		 882}
883EXPORT_SYMBOL(hci_conn_check_secure);
884
1da177e4
LT		 885/* Change link key */
886int hci_conn_change_link_key(struct hci_conn *conn)
887{
38b3fef1 888 BT_DBG("hcon %p", conn);
1da177e4 889
51a8efd7 890 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 891 struct hci_cp_change_conn_link_key cp;
aca3192c 892 cp.handle = cpu_to_le16(conn->handle);
40be492f 893 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
5974e4c4 894 sizeof(cp), &cp);
1da177e4 895 }
8c1b2355 896
1da177e4
LT		 897 return 0;
898}
1da177e4
LT		 899
900/* Switch role */
8c1b2355 901int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
1da177e4 902{
38b3fef1 903 BT_DBG("hcon %p", conn);
1da177e4
LT		 904
905 if (!role && conn->link_mode & HCI_LM_MASTER)
906 return 1;
907
51a8efd7 908 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->flags)) {
1da177e4
LT		 909 struct hci_cp_switch_role cp;
910 bacpy(&cp.bdaddr, &conn->dst);
911 cp.role = role;
a9de9248 912 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
1da177e4 913 }
8c1b2355 914
1da177e4
LT		 915 return 0;
916}
917EXPORT_SYMBOL(hci_conn_switch_role);
918
04837f64 919/* Enter active mode */
14b12d0b 920void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
04837f64
MH		 921{
922 struct hci_dev *hdev = conn->hdev;
923
38b3fef1 924 BT_DBG("hcon %p mode %d", conn, conn->mode);
04837f64
MH		 925
926 if (test_bit(HCI_RAW, &hdev->flags))
927 return;
928
14b12d0b
JG		 929 if (conn->mode != HCI_CM_SNIFF)
930 goto timer;
931
58a681ef 932 if (!test_bit(HCI_CONN_POWER_SAVE, &conn->flags) && !force_active)
04837f64
MH		 933 goto timer;
934
51a8efd7 935 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
04837f64 936 struct hci_cp_exit_sniff_mode cp;
aca3192c 937 cp.handle = cpu_to_le16(conn->handle);
a9de9248 938 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
04837f64
MH		 939 }
940
941timer:
942 if (hdev->idle_timeout > 0)
a74a84f6
JH		 943 queue_delayed_work(hdev->workqueue, &conn->idle_work,
944 msecs_to_jiffies(hdev->idle_timeout));
04837f64
MH		 945}
946
1da177e4
LT		 947/* Drop all connection on the device */
948void hci_conn_hash_flush(struct hci_dev *hdev)
949{
950 struct hci_conn_hash *h = &hdev->conn_hash;
3c4e0df0 951 struct hci_conn *c, *n;
1da177e4
LT		 952
953 BT_DBG("hdev %s", hdev->name);
954
3c4e0df0 955 list_for_each_entry_safe(c, n, &h->list, list) {
1da177e4
LT		 956 c->state = BT_CLOSED;
957
9f5a0d7b 958 hci_proto_disconn_cfm(c, HCI_ERROR_LOCAL_HOST_TERM);
1da177e4
LT		 959 hci_conn_del(c);
960 }
961}
962
a9de9248
MH		 963/* Check pending connect attempts */
964void hci_conn_check_pending(struct hci_dev *hdev)
965{
966 struct hci_conn *conn;
967
968 BT_DBG("hdev %s", hdev->name);
969
970 hci_dev_lock(hdev);
971
972 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
973 if (conn)
1aef8669 974 hci_acl_create_connection(conn);
a9de9248
MH		 975
976 hci_dev_unlock(hdev);
977}
978
1da177e4
LT		 979int hci_get_conn_list(void __user *arg)
980{
fc5fef61 981 struct hci_conn *c;
1da177e4
LT		 982 struct hci_conn_list_req req, *cl;
983 struct hci_conn_info *ci;
984 struct hci_dev *hdev;
1da177e4
LT		 985 int n = 0, size, err;
986
987 if (copy_from_user(&req, arg, sizeof(req)))
988 return -EFAULT;
989
990 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
991 return -EINVAL;
992
993 size = sizeof(req) + req.conn_num * sizeof(*ci);
994
70f23020
AE		 995 cl = kmalloc(size, GFP_KERNEL);
996 if (!cl)
1da177e4
LT		 997 return -ENOMEM;
998
70f23020
AE		 999 hdev = hci_dev_get(req.dev_id);
1000 if (!hdev) {
1da177e4
LT		 1001 kfree(cl);
1002 return -ENODEV;
1003 }
1004
1005 ci = cl->conn_info;
1006
09fd0de5 1007 hci_dev_lock(hdev);
8035ded4 1008 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1da177e4
LT		 1009 bacpy(&(ci + n)->bdaddr, &c->dst);
1010 (ci + n)->handle = c->handle;
1011 (ci + n)->type = c->type;
1012 (ci + n)->out = c->out;
1013 (ci + n)->state = c->state;
1014 (ci + n)->link_mode = c->link_mode;
1015 if (++n >= req.conn_num)
1016 break;
1017 }
09fd0de5 1018 hci_dev_unlock(hdev);
1da177e4
LT		 1019
1020 cl->dev_id = hdev->id;
1021 cl->conn_num = n;
1022 size = sizeof(req) + n * sizeof(*ci);
1023
1024 hci_dev_put(hdev);
1025
1026 err = copy_to_user(arg, cl, size);
1027 kfree(cl);
1028
1029 return err ? -EFAULT : 0;
1030}
1031
1032int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
1033{
1034 struct hci_conn_info_req req;
1035 struct hci_conn_info ci;
1036 struct hci_conn *conn;
1037 char __user *ptr = arg + sizeof(req);
1038
1039 if (copy_from_user(&req, arg, sizeof(req)))
1040 return -EFAULT;
1041
09fd0de5 1042 hci_dev_lock(hdev);
1da177e4
LT		 1043 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
1044 if (conn) {
1045 bacpy(&ci.bdaddr, &conn->dst);
1046 ci.handle = conn->handle;
1047 ci.type = conn->type;
1048 ci.out = conn->out;
1049 ci.state = conn->state;
1050 ci.link_mode = conn->link_mode;
1051 }
09fd0de5 1052 hci_dev_unlock(hdev);
1da177e4
LT		 1053
1054 if (!conn)
1055 return -ENOENT;
1056
1057 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
1058}
40be492f
MH		 1059
1060int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
1061{
1062 struct hci_auth_info_req req;
1063 struct hci_conn *conn;
1064
1065 if (copy_from_user(&req, arg, sizeof(req)))
1066 return -EFAULT;
1067
09fd0de5 1068 hci_dev_lock(hdev);
40be492f
MH		 1069 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
1070 if (conn)
1071 req.type = conn->auth_type;
09fd0de5 1072 hci_dev_unlock(hdev);
40be492f
MH		 1073
1074 if (!conn)
1075 return -ENOENT;
1076
1077 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
1078}
73d80deb
LAD		 1079
1080struct hci_chan *hci_chan_create(struct hci_conn *conn)
1081{
1082 struct hci_dev *hdev = conn->hdev;
1083 struct hci_chan *chan;
1084
38b3fef1 1085 BT_DBG("%s hcon %p", hdev->name, conn);
73d80deb 1086
75d7735c 1087 chan = kzalloc(sizeof(struct hci_chan), GFP_KERNEL);
73d80deb
LAD		 1088 if (!chan)
1089 return NULL;
1090
1091 chan->conn = conn;
1092 skb_queue_head_init(&chan->data_q);
168df8e5 1093 chan->state = BT_CONNECTED;
73d80deb 1094
8192edef 1095 list_add_rcu(&chan->list, &conn->chan_list);
73d80deb
LAD		 1096
1097 return chan;
1098}
1099
9472007c 1100void hci_chan_del(struct hci_chan *chan)
73d80deb
LAD		 1101{
1102 struct hci_conn *conn = chan->conn;
1103 struct hci_dev *hdev = conn->hdev;
1104
38b3fef1 1105 BT_DBG("%s hcon %p chan %p", hdev->name, conn, chan);
73d80deb 1106
8192edef
GP		 1107 list_del_rcu(&chan->list);
1108
1109 synchronize_rcu();
73d80deb 1110
76a68ba0 1111 hci_conn_drop(conn);
e9b02748 1112
73d80deb
LAD		 1113 skb_queue_purge(&chan->data_q);
1114 kfree(chan);
73d80deb
LAD		 1115}
1116
2c33c06a 1117void hci_chan_list_flush(struct hci_conn *conn)
73d80deb 1118{
2a5a5ec6 1119 struct hci_chan *chan, *n;
73d80deb 1120
38b3fef1 1121 BT_DBG("hcon %p", conn);
73d80deb 1122
2a5a5ec6 1123 list_for_each_entry_safe(chan, n, &conn->chan_list, list)
73d80deb
LAD		 1124 hci_chan_del(chan);
1125}
42c4e53e
AE		 1126
1127static struct hci_chan *__hci_chan_lookup_handle(struct hci_conn *hcon,
1128 __u16 handle)
1129{
1130 struct hci_chan *hchan;
1131
1132 list_for_each_entry(hchan, &hcon->chan_list, list) {
1133 if (hchan->handle == handle)
1134 return hchan;
1135 }
1136
1137 return NULL;
1138}
1139
1140struct hci_chan *hci_chan_lookup_handle(struct hci_dev *hdev, __u16 handle)
1141{
1142 struct hci_conn_hash *h = &hdev->conn_hash;
1143 struct hci_conn *hcon;
1144 struct hci_chan *hchan = NULL;
1145
1146 rcu_read_lock();
1147
1148 list_for_each_entry_rcu(hcon, &h->list, list) {
1149 hchan = __hci_chan_lookup_handle(hcon, handle);
1150 if (hchan)
1151 break;
1152 }
1153
1154 rcu_read_unlock();
1155
1156 return hchan;
1157}
ubuntu-zesty-kernel mirror