]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - net/bluetooth/hci_event.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
[mirror_ubuntu-artful-kernel.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <asm/unaligned.h>
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
f0d6a0ea 31#include <net/bluetooth/mgmt.h>
7ef9fbf0 32
7024728e 33#include "a2mp.h"
7ef9fbf0 34#include "amp.h"
1da177e4 35
1da177e4
LT		 36/* Handle HCI Event packets */
37
a9de9248 38static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 39{
a9de9248 40 __u8 status = *((__u8 *) skb->data);
1da177e4 41
9f1db00c 42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 43
82f4785c 44 if (status)
a9de9248 45 return;
1da177e4 46
89352e7d 47 clear_bit(HCI_INQUIRY, &hdev->flags);
3e13fa1e
AG		 48 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
49 wake_up_bit(&hdev->flags, HCI_INQUIRY);
89352e7d 50
a9de9248
MH		 51 hci_conn_check_pending(hdev);
52}
6bd57416 53
4d93483b
AG		 54static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
55{
56 __u8 status = *((__u8 *) skb->data);
57
9f1db00c 58 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 59
60 if (status)
61 return;
62
63 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 64}
65
a9de9248
MH		 66static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67{
68 __u8 status = *((__u8 *) skb->data);
6bd57416 69
9f1db00c 70 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 71
a9de9248
MH		 72 if (status)
73 return;
1da177e4 74
ae854a70
AG		 75 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
76
a9de9248
MH		 77 hci_conn_check_pending(hdev);
78}
79
807deac2
GP		 80static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
81 struct sk_buff *skb)
a9de9248
MH		 82{
83 BT_DBG("%s", hdev->name);
84}
85
86static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
87{
88 struct hci_rp_role_discovery *rp = (void *) skb->data;
89 struct hci_conn *conn;
90
9f1db00c 91 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 92
93 if (rp->status)
94 return;
95
96 hci_dev_lock(hdev);
97
98 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
99 if (conn) {
100 if (rp->role)
101 conn->link_mode &= ~HCI_LM_MASTER;
102 else
103 conn->link_mode |= HCI_LM_MASTER;
1da177e4 104 }
a9de9248
MH		 105
106 hci_dev_unlock(hdev);
1da177e4
LT		 107}
108
e4e8e37c
MH		 109static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
110{
111 struct hci_rp_read_link_policy *rp = (void *) skb->data;
112 struct hci_conn *conn;
113
9f1db00c 114 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 115
116 if (rp->status)
117 return;
118
119 hci_dev_lock(hdev);
120
121 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
122 if (conn)
123 conn->link_policy = __le16_to_cpu(rp->policy);
124
125 hci_dev_unlock(hdev);
126}
127
a9de9248 128static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 129{
a9de9248 130 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 131 struct hci_conn *conn;
04837f64 132 void *sent;
1da177e4 133
9f1db00c 134 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 135
a9de9248
MH		 136 if (rp->status)
137 return;
1da177e4 138
a9de9248
MH		 139 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
140 if (!sent)
141 return;
1da177e4 142
a9de9248 143 hci_dev_lock(hdev);
1da177e4 144
a9de9248 145 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 146 if (conn)
83985319 147 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 148
a9de9248
MH		 149 hci_dev_unlock(hdev);
150}
1da177e4 151
807deac2
GP		 152static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
153 struct sk_buff *skb)
e4e8e37c
MH		 154{
155 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
156
9f1db00c 157 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 158
159 if (rp->status)
160 return;
161
162 hdev->link_policy = __le16_to_cpu(rp->policy);
163}
164
807deac2
GP		 165static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
166 struct sk_buff *skb)
e4e8e37c
MH		 167{
168 __u8 status = *((__u8 *) skb->data);
169 void *sent;
170
9f1db00c 171 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 172
173 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
174 if (!sent)
175 return;
176
177 if (!status)
178 hdev->link_policy = get_unaligned_le16(sent);
e4e8e37c
MH		 179}
180
a9de9248
MH		 181static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
182{
183 __u8 status = *((__u8 *) skb->data);
04837f64 184
9f1db00c 185 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 186
10572132
GP		 187 clear_bit(HCI_RESET, &hdev->flags);
188
a297e97c 189 /* Reset all non-persistent flags */
2cc6fb00 190 hdev->dev_flags &= ~HCI_PERSISTENT_MASK;
69775ff6
AG		 191
192 hdev->discovery.state = DISCOVERY_STOPPED;
bbaf444a
JH		 193 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
194 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
3f0f524b
JH		 195
196 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
197 hdev->adv_data_len = 0;
f8e808bd
MH		 198
199 memset(hdev->scan_rsp_data, 0, sizeof(hdev->scan_rsp_data));
200 hdev->scan_rsp_data_len = 0;
06f5b778
MH		 201
202 hdev->ssp_debug_mode = 0;
a9de9248 203}
04837f64 204
a9de9248
MH		 205static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
206{
207 __u8 status = *((__u8 *) skb->data);
208 void *sent;
04837f64 209
9f1db00c 210 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 211
a9de9248
MH		 212 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
213 if (!sent)
214 return;
04837f64 215
56e5cb86
JH		 216 hci_dev_lock(hdev);
217
f51d5b24
JH		 218 if (test_bit(HCI_MGMT, &hdev->dev_flags))
219 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 220 else if (!status)
221 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 222
56e5cb86 223 hci_dev_unlock(hdev);
a9de9248
MH		 224}
225
226static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
227{
228 struct hci_rp_read_local_name *rp = (void *) skb->data;
229
9f1db00c 230 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 231
232 if (rp->status)
233 return;
234
db99b5fc
JH		 235 if (test_bit(HCI_SETUP, &hdev->dev_flags))
236 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 237}
238
239static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
240{
241 __u8 status = *((__u8 *) skb->data);
242 void *sent;
243
9f1db00c 244 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 245
246 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
247 if (!sent)
248 return;
249
250 if (!status) {
251 __u8 param = *((__u8 *) sent);
252
253 if (param == AUTH_ENABLED)
254 set_bit(HCI_AUTH, &hdev->flags);
255 else
256 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 257 }
a9de9248 258
33ef95ed
JH		 259 if (test_bit(HCI_MGMT, &hdev->dev_flags))
260 mgmt_auth_enable_complete(hdev, status);
1da177e4
LT		 261}
262
a9de9248 263static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 264{
a9de9248 265 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 266 void *sent;
267
9f1db00c 268 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 269
a9de9248
MH		 270 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
271 if (!sent)
272 return;
1da177e4 273
a9de9248
MH		 274 if (!status) {
275 __u8 param = *((__u8 *) sent);
276
277 if (param)
278 set_bit(HCI_ENCRYPT, &hdev->flags);
279 else
280 clear_bit(HCI_ENCRYPT, &hdev->flags);
281 }
a9de9248 282}
1da177e4 283
a9de9248
MH		 284static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
285{
36f7fc7e
JH		 286 __u8 param, status = *((__u8 *) skb->data);
287 int old_pscan, old_iscan;
a9de9248 288 void *sent;
1da177e4 289
9f1db00c 290 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 291
a9de9248
MH		 292 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
293 if (!sent)
294 return;
1da177e4 295
36f7fc7e
JH		 296 param = *((__u8 *) sent);
297
56e5cb86
JH		 298 hci_dev_lock(hdev);
299
fa1bd918 300 if (status) {
744cf19e 301 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 302 hdev->discov_timeout = 0;
303 goto done;
304 }
305
0663ca2a
JH		 306 /* We need to ensure that we set this back on if someone changed
307 * the scan mode through a raw HCI socket.
308 */
309 set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags);
310
36f7fc7e
JH		 311 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
312 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
313
314 if (param & SCAN_INQUIRY) {
315 set_bit(HCI_ISCAN, &hdev->flags);
316 if (!old_iscan)
744cf19e 317 mgmt_discoverable(hdev, 1);
36f7fc7e 318 } else if (old_iscan)
744cf19e 319 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 320
321 if (param & SCAN_PAGE) {
322 set_bit(HCI_PSCAN, &hdev->flags);
323 if (!old_pscan)
744cf19e 324 mgmt_connectable(hdev, 1);
36f7fc7e 325 } else if (old_pscan)
744cf19e 326 mgmt_connectable(hdev, 0);
1da177e4 327
36f7fc7e 328done:
56e5cb86 329 hci_dev_unlock(hdev);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 335
9f1db00c 336 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 337
a9de9248
MH		 338 if (rp->status)
339 return;
1da177e4 340
a9de9248 341 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 342
a9de9248 343 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 344 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 345}
1da177e4 346
a9de9248
MH		 347static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
348{
349 __u8 status = *((__u8 *) skb->data);
350 void *sent;
1da177e4 351
9f1db00c 352 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 353
a9de9248
MH		 354 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
355 if (!sent)
356 return;
1da177e4 357
7f9a903c
MH		 358 hci_dev_lock(hdev);
359
360 if (status == 0)
361 memcpy(hdev->dev_class, sent, 3);
362
363 if (test_bit(HCI_MGMT, &hdev->dev_flags))
364 mgmt_set_class_of_dev_complete(hdev, sent, status);
365
366 hci_dev_unlock(hdev);
a9de9248 367}
1da177e4 368
a9de9248
MH		 369static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
370{
371 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
372 __u16 setting;
373
9f1db00c 374 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 375
376 if (rp->status)
377 return;
378
379 setting = __le16_to_cpu(rp->voice_setting);
380
f383f275 381 if (hdev->voice_setting == setting)
a9de9248
MH		 382 return;
383
384 hdev->voice_setting = setting;
385
9f1db00c 386 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 387
3c54711c 388 if (hdev->notify)
a9de9248 389 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 390}
391
8fc9ced3
GP		 392static void hci_cc_write_voice_setting(struct hci_dev *hdev,
393 struct sk_buff *skb)
a9de9248
MH		 394{
395 __u8 status = *((__u8 *) skb->data);
f383f275 396 __u16 setting;
a9de9248
MH		 397 void *sent;
398
9f1db00c 399 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 400
f383f275
MH		 401 if (status)
402 return;
403
a9de9248
MH		 404 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
405 if (!sent)
406 return;
1da177e4 407
f383f275 408 setting = get_unaligned_le16(sent);
1da177e4 409
f383f275
MH		 410 if (hdev->voice_setting == setting)
411 return;
412
413 hdev->voice_setting = setting;
1da177e4 414
9f1db00c 415 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 416
3c54711c 417 if (hdev->notify)
f383f275 418 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 419}
420
b4cb9fb2
MH		 421static void hci_cc_read_num_supported_iac(struct hci_dev *hdev,
422 struct sk_buff *skb)
423{
424 struct hci_rp_read_num_supported_iac *rp = (void *) skb->data;
425
426 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
427
428 if (rp->status)
429 return;
430
431 hdev->num_iac = rp->num_iac;
432
433 BT_DBG("%s num iac %d", hdev->name, hdev->num_iac);
434}
435
333140b5
MH		 436static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
437{
438 __u8 status = *((__u8 *) skb->data);
5ed8eb2f 439 struct hci_cp_write_ssp_mode *sent;
333140b5 440
9f1db00c 441 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 442
333140b5
MH		 443 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
444 if (!sent)
445 return;
446
5ed8eb2f
JH		 447 if (!status) {
448 if (sent->mode)
cad718ed 449 hdev->features[1][0] |= LMP_HOST_SSP;
5ed8eb2f 450 else
cad718ed 451 hdev->features[1][0] &= ~LMP_HOST_SSP;
5ed8eb2f
JH		 452 }
453
ed2c4ee3 454 if (test_bit(HCI_MGMT, &hdev->dev_flags))
5ed8eb2f 455 mgmt_ssp_enable_complete(hdev, sent->mode, status);
c0ecddc2 456 else if (!status) {
5ed8eb2f 457 if (sent->mode)
c0ecddc2
JH		 458 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
459 else
460 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
461 }
333140b5
MH		 462}
463
a9de9248
MH		 464static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
465{
466 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 467
9f1db00c 468 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 469
a9de9248 470 if (rp->status)
42c6b129 471 return;
1143e5a6 472
0d5551f5
MH		 473 if (test_bit(HCI_SETUP, &hdev->dev_flags)) {
474 hdev->hci_ver = rp->hci_ver;
475 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
476 hdev->lmp_ver = rp->lmp_ver;
477 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
478 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
479 }
d5859e22
JH		 480}
481
8fc9ced3
GP		 482static void hci_cc_read_local_commands(struct hci_dev *hdev,
483 struct sk_buff *skb)
a9de9248
MH		 484{
485 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 486
9f1db00c 487 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 488
2177bab5
JH		 489 if (!rp->status)
490 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
a9de9248 491}
1da177e4 492
8fc9ced3
GP		 493static void hci_cc_read_local_features(struct hci_dev *hdev,
494 struct sk_buff *skb)
a9de9248
MH		 495{
496 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 497
9f1db00c 498 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 499
a9de9248
MH		 500 if (rp->status)
501 return;
5b7f9909 502
a9de9248 503 memcpy(hdev->features, rp->features, 8);
5b7f9909 504
a9de9248
MH		 505 /* Adjust default settings according to features
506 * supported by device. */
1da177e4 507
cad718ed 508 if (hdev->features[0][0] & LMP_3SLOT)
a9de9248 509 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 510
cad718ed 511 if (hdev->features[0][0] & LMP_5SLOT)
a9de9248 512 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 513
cad718ed 514 if (hdev->features[0][1] & LMP_HV2) {
a9de9248
MH		 515 hdev->pkt_type |= (HCI_HV2);
516 hdev->esco_type |= (ESCO_HV2);
517 }
1da177e4 518
cad718ed 519 if (hdev->features[0][1] & LMP_HV3) {
a9de9248
MH		 520 hdev->pkt_type |= (HCI_HV3);
521 hdev->esco_type |= (ESCO_HV3);
522 }
1da177e4 523
45db810f 524 if (lmp_esco_capable(hdev))
a9de9248 525 hdev->esco_type |= (ESCO_EV3);
da1f5198 526
cad718ed 527 if (hdev->features[0][4] & LMP_EV4)
a9de9248 528 hdev->esco_type |= (ESCO_EV4);
da1f5198 529
cad718ed 530 if (hdev->features[0][4] & LMP_EV5)
a9de9248 531 hdev->esco_type |= (ESCO_EV5);
1da177e4 532
cad718ed 533 if (hdev->features[0][5] & LMP_EDR_ESCO_2M)
efc7688b
MH		 534 hdev->esco_type |= (ESCO_2EV3);
535
cad718ed 536 if (hdev->features[0][5] & LMP_EDR_ESCO_3M)
efc7688b
MH		 537 hdev->esco_type |= (ESCO_3EV3);
538
cad718ed 539 if (hdev->features[0][5] & LMP_EDR_3S_ESCO)
efc7688b
MH		 540 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
541
a9de9248 542 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
cad718ed
JH		 543 hdev->features[0][0], hdev->features[0][1],
544 hdev->features[0][2], hdev->features[0][3],
545 hdev->features[0][4], hdev->features[0][5],
546 hdev->features[0][6], hdev->features[0][7]);
a9de9248 547}
1da177e4 548
971e3a4b 549static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 550 struct sk_buff *skb)
971e3a4b
AG		 551{
552 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
553
9f1db00c 554 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 555
556 if (rp->status)
42c6b129 557 return;
971e3a4b 558
57af75a8
MH		 559 if (hdev->max_page < rp->max_page)
560 hdev->max_page = rp->max_page;
d2c5d77f 561
cad718ed
JH		 562 if (rp->page < HCI_MAX_PAGES)
563 memcpy(hdev->features[rp->page], rp->features, 8);
971e3a4b
AG		 564}
565
1e89cffb 566static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 567 struct sk_buff *skb)
1e89cffb
AE		 568{
569 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
570
9f1db00c 571 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb 572
42c6b129
JH		 573 if (!rp->status)
574 hdev->flow_ctl_mode = rp->mode;
1e89cffb
AE		 575}
576
a9de9248
MH		 577static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
578{
579 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 580
9f1db00c 581 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 582
a9de9248
MH		 583 if (rp->status)
584 return;
1da177e4 585
a9de9248
MH		 586 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
587 hdev->sco_mtu = rp->sco_mtu;
588 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
589 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
590
591 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
592 hdev->sco_mtu = 64;
593 hdev->sco_pkts = 8;
1da177e4 594 }
a9de9248
MH		 595
596 hdev->acl_cnt = hdev->acl_pkts;
597 hdev->sco_cnt = hdev->sco_pkts;
598
807deac2
GP		 599 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
600 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 601}
602
603static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
604{
605 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
606
9f1db00c 607 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 608
609 if (!rp->status)
610 bacpy(&hdev->bdaddr, &rp->bdaddr);
23bb5763
JH		 611}
612
f332ec66
JH		 613static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
614 struct sk_buff *skb)
615{
616 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
617
618 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
619
620 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status) {
621 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
622 hdev->page_scan_window = __le16_to_cpu(rp->window);
623 }
624}
625
4a3ee763
JH		 626static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
627 struct sk_buff *skb)
628{
629 u8 status = *((u8 *) skb->data);
630 struct hci_cp_write_page_scan_activity *sent;
631
632 BT_DBG("%s status 0x%2.2x", hdev->name, status);
633
634 if (status)
635 return;
636
637 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
638 if (!sent)
639 return;
640
641 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
642 hdev->page_scan_window = __le16_to_cpu(sent->window);
643}
644
f332ec66
JH		 645static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
646 struct sk_buff *skb)
647{
648 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
649
650 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
651
652 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status)
653 hdev->page_scan_type = rp->type;
654}
655
4a3ee763
JH		 656static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
657 struct sk_buff *skb)
658{
659 u8 status = *((u8 *) skb->data);
660 u8 *type;
661
662 BT_DBG("%s status 0x%2.2x", hdev->name, status);
663
664 if (status)
665 return;
666
667 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
668 if (type)
669 hdev->page_scan_type = *type;
670}
671
350ee4cf 672static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 673 struct sk_buff *skb)
350ee4cf
AE		 674{
675 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
676
9f1db00c 677 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 678
679 if (rp->status)
680 return;
681
682 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
683 hdev->block_len = __le16_to_cpu(rp->block_len);
684 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
685
686 hdev->block_cnt = hdev->num_blocks;
687
688 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 689 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 690}
691
928abaa7 692static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 693 struct sk_buff *skb)
928abaa7
AE		 694{
695 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
696
9f1db00c 697 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 698
699 if (rp->status)
8e2a0d92 700 goto a2mp_rsp;
928abaa7
AE		 701
702 hdev->amp_status = rp->amp_status;
703 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
704 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
705 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
706 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
707 hdev->amp_type = rp->amp_type;
708 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
709 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
710 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
711 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
712
8e2a0d92
AE		 713a2mp_rsp:
714 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 715}
716
903e4541
AE		 717static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
718 struct sk_buff *skb)
719{
720 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
721 struct amp_assoc *assoc = &hdev->loc_assoc;
722 size_t rem_len, frag_len;
723
724 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
725
726 if (rp->status)
727 goto a2mp_rsp;
728
729 frag_len = skb->len - sizeof(*rp);
730 rem_len = __le16_to_cpu(rp->rem_len);
731
732 if (rem_len > frag_len) {
2e430be3 733 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 734
735 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
736 assoc->offset += frag_len;
737
738 /* Read other fragments */
739 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
740
741 return;
742 }
743
744 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
745 assoc->len = assoc->offset + rem_len;
746 assoc->offset = 0;
747
748a2mp_rsp:
749 /* Send A2MP Rsp when all fragments are received */
750 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 751 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 752}
753
d5859e22 754static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 755 struct sk_buff *skb)
d5859e22 756{
91c4e9b1 757 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 758
9f1db00c 759 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 760
761 if (!rp->status)
762 hdev->inq_tx_power = rp->tx_power;
d5859e22
JH		 763}
764
980e1a53
JH		 765static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
766{
767 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
768 struct hci_cp_pin_code_reply *cp;
769 struct hci_conn *conn;
770
9f1db00c 771 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 772
56e5cb86
JH		 773 hci_dev_lock(hdev);
774
a8b2d5c2 775 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 776 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 777
fa1bd918 778 if (rp->status)
56e5cb86 779 goto unlock;
980e1a53
JH		 780
781 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
782 if (!cp)
56e5cb86 783 goto unlock;
980e1a53
JH		 784
785 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
786 if (conn)
787 conn->pin_length = cp->pin_len;
56e5cb86
JH		 788
789unlock:
790 hci_dev_unlock(hdev);
980e1a53
JH		 791}
792
793static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
794{
795 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
796
9f1db00c 797 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 798
56e5cb86
JH		 799 hci_dev_lock(hdev);
800
a8b2d5c2 801 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 802 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 803 rp->status);
56e5cb86
JH		 804
805 hci_dev_unlock(hdev);
980e1a53 806}
56e5cb86 807
6ed58ec5
VT		 808static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
809 struct sk_buff *skb)
810{
811 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
812
9f1db00c 813 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 814
815 if (rp->status)
816 return;
817
818 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
819 hdev->le_pkts = rp->le_max_pkt;
820
821 hdev->le_cnt = hdev->le_pkts;
822
823 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
6ed58ec5 824}
980e1a53 825
60e77321
JH		 826static void hci_cc_le_read_local_features(struct hci_dev *hdev,
827 struct sk_buff *skb)
828{
829 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
830
831 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
832
833 if (!rp->status)
834 memcpy(hdev->le_features, rp->features, 8);
60e77321
JH		 835}
836
8fa19098
JH		 837static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
838 struct sk_buff *skb)
839{
840 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
841
842 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
843
04b4edcb 844 if (!rp->status)
8fa19098 845 hdev->adv_tx_power = rp->tx_power;
8fa19098
JH		 846}
847
a5c29683
JH		 848static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
849{
850 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
851
9f1db00c 852 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 853
56e5cb86
JH		 854 hci_dev_lock(hdev);
855
a8b2d5c2 856 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 857 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
858 rp->status);
56e5cb86
JH		 859
860 hci_dev_unlock(hdev);
a5c29683
JH		 861}
862
863static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 864 struct sk_buff *skb)
a5c29683
JH		 865{
866 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
867
9f1db00c 868 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 869
56e5cb86
JH		 870 hci_dev_lock(hdev);
871
a8b2d5c2 872 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 873 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 874 ACL_LINK, 0, rp->status);
56e5cb86
JH		 875
876 hci_dev_unlock(hdev);
a5c29683
JH		 877}
878
1143d458
BG		 879static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
880{
881 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
882
9f1db00c 883 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 884
885 hci_dev_lock(hdev);
886
a8b2d5c2 887 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 888 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 889 0, rp->status);
1143d458
BG		 890
891 hci_dev_unlock(hdev);
892}
893
894static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 895 struct sk_buff *skb)
1143d458
BG		 896{
897 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
898
9f1db00c 899 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 900
901 hci_dev_lock(hdev);
902
a8b2d5c2 903 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 904 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 905 ACL_LINK, 0, rp->status);
1143d458
BG		 906
907 hci_dev_unlock(hdev);
908}
909
c35938b2 910static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 911 struct sk_buff *skb)
c35938b2
SJ		 912{
913 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
914
9f1db00c 915 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 916
56e5cb86 917 hci_dev_lock(hdev);
744cf19e 918 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 919 rp->randomizer, rp->status);
56e5cb86 920 hci_dev_unlock(hdev);
c35938b2
SJ		 921}
922
c1d5dc4a
JH		 923static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
924{
925 __u8 *sent, status = *((__u8 *) skb->data);
926
927 BT_DBG("%s status 0x%2.2x", hdev->name, status);
928
929 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
930 if (!sent)
931 return;
932
933 hci_dev_lock(hdev);
934
935 if (!status) {
936 if (*sent)
f3d3444a 937 set_bit(HCI_ADVERTISING, &hdev->dev_flags);
c1d5dc4a 938 else
f3d3444a 939 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
c1d5dc4a
JH		 940 }
941
04b4edcb 942 hci_dev_unlock(hdev);
c1d5dc4a
JH		 943}
944
eb9d91f5 945static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 946 struct sk_buff *skb)
eb9d91f5
AG		 947{
948 struct hci_cp_le_set_scan_enable *cp;
949 __u8 status = *((__u8 *) skb->data);
950
9f1db00c 951 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 952
eb9d91f5
AG		 953 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
954 if (!cp)
955 return;
956
3fd319b8
AG		 957 if (status)
958 return;
959
68a8aea4 960 switch (cp->enable) {
76a388be 961 case LE_SCAN_ENABLE:
d23264a8 962 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 963 break;
964
76a388be 965 case LE_SCAN_DISABLE:
d23264a8 966 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
68a8aea4
AE		 967 break;
968
969 default:
970 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
971 break;
35815085 972 }
eb9d91f5
AG		 973}
974
cf1d081f
JH		 975static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
976 struct sk_buff *skb)
977{
978 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
979
980 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
981
982 if (!rp->status)
983 hdev->le_white_list_size = rp->size;
cf1d081f
JH		 984}
985
9b008c04
JH		 986static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
987 struct sk_buff *skb)
988{
989 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
990
991 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
992
993 if (!rp->status)
994 memcpy(hdev->le_states, rp->le_states, 8);
9b008c04
JH		 995}
996
6039aa73
GP		 997static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
998 struct sk_buff *skb)
f9b49306 999{
06199cf8 1000 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 1001 __u8 status = *((__u8 *) skb->data);
1002
9f1db00c 1003 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1004
06199cf8 1005 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1006 if (!sent)
f9b49306
AG		 1007 return;
1008
8f984dfa 1009 if (!status) {
416a4ae5 1010 if (sent->le) {
cad718ed 1011 hdev->features[1][0] |= LMP_HOST_LE;
416a4ae5
JH		 1012 set_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1013 } else {
cad718ed 1014 hdev->features[1][0] &= ~LMP_HOST_LE;
416a4ae5 1015 clear_bit(HCI_LE_ENABLED, &hdev->dev_flags);
f3d3444a 1016 clear_bit(HCI_ADVERTISING, &hdev->dev_flags);
416a4ae5 1017 }
53b2caab
JH		 1018
1019 if (sent->simul)
cad718ed 1020 hdev->features[1][0] |= LMP_HOST_LE_BREDR;
53b2caab 1021 else
cad718ed 1022 hdev->features[1][0] &= ~LMP_HOST_LE_BREDR;
8f984dfa 1023 }
f9b49306
AG		 1024}
1025
93c284ee
AE		 1026static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1027 struct sk_buff *skb)
1028{
1029 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1030
1031 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1032 hdev->name, rp->status, rp->phy_handle);
1033
1034 if (rp->status)
1035 return;
1036
1037 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1038}
1039
6039aa73 1040static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1041{
9f1db00c 1042 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1043
1044 if (status) {
a9de9248 1045 hci_conn_check_pending(hdev);
314b2381
JH		 1046 return;
1047 }
1048
89352e7d 1049 set_bit(HCI_INQUIRY, &hdev->flags);
1da177e4
LT		 1050}
1051
6039aa73 1052static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1053{
a9de9248 1054 struct hci_cp_create_conn *cp;
1da177e4 1055 struct hci_conn *conn;
1da177e4 1056
9f1db00c 1057 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1058
1059 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1060 if (!cp)
1061 return;
1062
1063 hci_dev_lock(hdev);
1064
1065 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1066
6ed93dc6 1067 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1068
1069 if (status) {
1070 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1071 if (status != 0x0c || conn->attempt > 2) {
1072 conn->state = BT_CLOSED;
1073 hci_proto_connect_cfm(conn, status);
1074 hci_conn_del(conn);
1075 } else
1076 conn->state = BT_CONNECT2;
1da177e4
LT		 1077 }
1078 } else {
1079 if (!conn) {
1080 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1081 if (conn) {
a0c808b3 1082 conn->out = true;
1da177e4
LT		 1083 conn->link_mode |= HCI_LM_MASTER;
1084 } else
893ef971 1085 BT_ERR("No memory for new connection");
1da177e4
LT		 1086 }
1087 }
1088
1089 hci_dev_unlock(hdev);
1090}
1091
a9de9248 1092static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1093{
a9de9248
MH		 1094 struct hci_cp_add_sco *cp;
1095 struct hci_conn *acl, *sco;
1096 __u16 handle;
1da177e4 1097
9f1db00c 1098 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1099
a9de9248
MH		 1100 if (!status)
1101 return;
1da177e4 1102
a9de9248
MH		 1103 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1104 if (!cp)
1105 return;
1da177e4 1106
a9de9248 1107 handle = __le16_to_cpu(cp->handle);
1da177e4 1108
9f1db00c 1109 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1110
a9de9248 1111 hci_dev_lock(hdev);
1da177e4 1112
a9de9248 1113 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1114 if (acl) {
1115 sco = acl->link;
1116 if (sco) {
1117 sco->state = BT_CLOSED;
1da177e4 1118
5a08ecce
AE		 1119 hci_proto_connect_cfm(sco, status);
1120 hci_conn_del(sco);
1121 }
a9de9248 1122 }
1da177e4 1123
a9de9248
MH		 1124 hci_dev_unlock(hdev);
1125}
1da177e4 1126
f8558555
MH		 1127static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1128{
1129 struct hci_cp_auth_requested *cp;
1130 struct hci_conn *conn;
1131
9f1db00c 1132 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1133
1134 if (!status)
1135 return;
1136
1137 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1138 if (!cp)
1139 return;
1140
1141 hci_dev_lock(hdev);
1142
1143 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1144 if (conn) {
1145 if (conn->state == BT_CONFIG) {
1146 hci_proto_connect_cfm(conn, status);
76a68ba0 1147 hci_conn_drop(conn);
f8558555
MH		 1148 }
1149 }
1150
1151 hci_dev_unlock(hdev);
1152}
1153
1154static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1155{
1156 struct hci_cp_set_conn_encrypt *cp;
1157 struct hci_conn *conn;
1158
9f1db00c 1159 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1160
1161 if (!status)
1162 return;
1163
1164 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1165 if (!cp)
1166 return;
1167
1168 hci_dev_lock(hdev);
1169
1170 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1171 if (conn) {
1172 if (conn->state == BT_CONFIG) {
1173 hci_proto_connect_cfm(conn, status);
76a68ba0 1174 hci_conn_drop(conn);
f8558555
MH		 1175 }
1176 }
1177
1178 hci_dev_unlock(hdev);
1179}
1180
127178d2 1181static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1182 struct hci_conn *conn)
392599b9 1183{
392599b9
JH		 1184 if (conn->state != BT_CONFIG || !conn->out)
1185 return 0;
1186
765c2a96 1187 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1188 return 0;
1189
1190 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1191 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1192 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1193 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1194 return 0;
1195
392599b9
JH		 1196 return 1;
1197}
1198
6039aa73 1199static int hci_resolve_name(struct hci_dev *hdev,
04124681 1200 struct inquiry_entry *e)
30dc78e1
JH		 1201{
1202 struct hci_cp_remote_name_req cp;
1203
1204 memset(&cp, 0, sizeof(cp));
1205
1206 bacpy(&cp.bdaddr, &e->data.bdaddr);
1207 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1208 cp.pscan_mode = e->data.pscan_mode;
1209 cp.clock_offset = e->data.clock_offset;
1210
1211 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1212}
1213
b644ba33 1214static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1215{
1216 struct discovery_state *discov = &hdev->discovery;
1217 struct inquiry_entry *e;
1218
b644ba33
JH		 1219 if (list_empty(&discov->resolve))
1220 return false;
1221
1222 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1223 if (!e)
1224 return false;
1225
b644ba33
JH		 1226 if (hci_resolve_name(hdev, e) == 0) {
1227 e->name_state = NAME_PENDING;
1228 return true;
1229 }
1230
1231 return false;
1232}
1233
1234static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1235 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1236{
1237 struct discovery_state *discov = &hdev->discovery;
1238 struct inquiry_entry *e;
1239
1240 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1241 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1242 name_len, conn->dev_class);
b644ba33
JH		 1243
1244 if (discov->state == DISCOVERY_STOPPED)
1245 return;
1246
30dc78e1
JH		 1247 if (discov->state == DISCOVERY_STOPPING)
1248 goto discov_complete;
1249
1250 if (discov->state != DISCOVERY_RESOLVING)
1251 return;
1252
1253 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1254 /* If the device was not found in a list of found devices names of which
1255 * are pending. there is no need to continue resolving a next name as it
1256 * will be done upon receiving another Remote Name Request Complete
1257 * Event */
1258 if (!e)
1259 return;
1260
1261 list_del(&e->list);
1262 if (name) {
30dc78e1 1263 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1264 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1265 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1266 } else {
1267 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1268 }
1269
b644ba33 1270 if (hci_resolve_next_name(hdev))
30dc78e1 1271 return;
30dc78e1
JH		 1272
1273discov_complete:
1274 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1275}
1276
a9de9248
MH		 1277static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1278{
127178d2
JH		 1279 struct hci_cp_remote_name_req *cp;
1280 struct hci_conn *conn;
1281
9f1db00c 1282 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1283
1284 /* If successful wait for the name req complete event before
1285 * checking for the need to do authentication */
1286 if (!status)
1287 return;
1288
1289 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1290 if (!cp)
1291 return;
1292
1293 hci_dev_lock(hdev);
1294
b644ba33
JH		 1295 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1296
a8b2d5c2 1297 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1298 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1299
79c6c70c
JH		 1300 if (!conn)
1301 goto unlock;
1302
1303 if (!hci_outgoing_auth_needed(hdev, conn))
1304 goto unlock;
1305
51a8efd7 1306 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
c1f23a2b
JB		 1307 struct hci_cp_auth_requested auth_cp;
1308
1309 auth_cp.handle = __cpu_to_le16(conn->handle);
1310 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
1311 sizeof(auth_cp), &auth_cp);
127178d2
JH		 1312 }
1313
79c6c70c 1314unlock:
127178d2 1315 hci_dev_unlock(hdev);
a9de9248 1316}
1da177e4 1317
769be974
MH		 1318static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1319{
1320 struct hci_cp_read_remote_features *cp;
1321 struct hci_conn *conn;
1322
9f1db00c 1323 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1324
1325 if (!status)
1326 return;
1327
1328 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1329 if (!cp)
1330 return;
1331
1332 hci_dev_lock(hdev);
1333
1334 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1335 if (conn) {
1336 if (conn->state == BT_CONFIG) {
769be974 1337 hci_proto_connect_cfm(conn, status);
76a68ba0 1338 hci_conn_drop(conn);
769be974
MH		 1339 }
1340 }
1341
1342 hci_dev_unlock(hdev);
1343}
1344
1345static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1346{
1347 struct hci_cp_read_remote_ext_features *cp;
1348 struct hci_conn *conn;
1349
9f1db00c 1350 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1351
1352 if (!status)
1353 return;
1354
1355 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1356 if (!cp)
1357 return;
1358
1359 hci_dev_lock(hdev);
1360
1361 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1362 if (conn) {
1363 if (conn->state == BT_CONFIG) {
769be974 1364 hci_proto_connect_cfm(conn, status);
76a68ba0 1365 hci_conn_drop(conn);
769be974
MH		 1366 }
1367 }
1368
1369 hci_dev_unlock(hdev);
1370}
1371
a9de9248
MH		 1372static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1373{
b6a0dc82
MH		 1374 struct hci_cp_setup_sync_conn *cp;
1375 struct hci_conn *acl, *sco;
1376 __u16 handle;
1377
9f1db00c 1378 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1379
1380 if (!status)
1381 return;
1382
1383 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1384 if (!cp)
1385 return;
1386
1387 handle = __le16_to_cpu(cp->handle);
1388
9f1db00c 1389 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1390
1391 hci_dev_lock(hdev);
1392
1393 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1394 if (acl) {
1395 sco = acl->link;
1396 if (sco) {
1397 sco->state = BT_CLOSED;
b6a0dc82 1398
5a08ecce
AE		 1399 hci_proto_connect_cfm(sco, status);
1400 hci_conn_del(sco);
1401 }
b6a0dc82
MH		 1402 }
1403
1404 hci_dev_unlock(hdev);
1da177e4
LT		 1405}
1406
a9de9248 1407static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1408{
a9de9248
MH		 1409 struct hci_cp_sniff_mode *cp;
1410 struct hci_conn *conn;
1da177e4 1411
9f1db00c 1412 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1413
a9de9248
MH		 1414 if (!status)
1415 return;
04837f64 1416
a9de9248
MH		 1417 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1418 if (!cp)
1419 return;
04837f64 1420
a9de9248 1421 hci_dev_lock(hdev);
04837f64 1422
a9de9248 1423 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1424 if (conn) {
51a8efd7 1425 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1426
51a8efd7 1427 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1428 hci_sco_setup(conn, status);
1429 }
1430
a9de9248
MH		 1431 hci_dev_unlock(hdev);
1432}
04837f64 1433
a9de9248
MH		 1434static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1435{
1436 struct hci_cp_exit_sniff_mode *cp;
1437 struct hci_conn *conn;
04837f64 1438
9f1db00c 1439 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1440
a9de9248
MH		 1441 if (!status)
1442 return;
04837f64 1443
a9de9248
MH		 1444 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1445 if (!cp)
1446 return;
04837f64 1447
a9de9248 1448 hci_dev_lock(hdev);
1da177e4 1449
a9de9248 1450 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1451 if (conn) {
51a8efd7 1452 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1453
51a8efd7 1454 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1455 hci_sco_setup(conn, status);
1456 }
1457
a9de9248 1458 hci_dev_unlock(hdev);
1da177e4
LT		 1459}
1460
88c3df13
JH		 1461static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1462{
1463 struct hci_cp_disconnect *cp;
1464 struct hci_conn *conn;
1465
1466 if (!status)
1467 return;
1468
1469 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1470 if (!cp)
1471 return;
1472
1473 hci_dev_lock(hdev);
1474
1475 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1476 if (conn)
1477 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1478 conn->dst_type, status);
88c3df13
JH		 1479
1480 hci_dev_unlock(hdev);
1481}
1482
a02226d6
AE		 1483static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1484{
93c284ee
AE		 1485 struct hci_cp_create_phy_link *cp;
1486
a02226d6 1487 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee 1488
93c284ee
AE		 1489 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1490 if (!cp)
1491 return;
1492
e58917b9
AE		 1493 hci_dev_lock(hdev);
1494
1495 if (status) {
1496 struct hci_conn *hcon;
1497
1498 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1499 if (hcon)
1500 hci_conn_del(hcon);
1501 } else {
1502 amp_write_remote_assoc(hdev, cp->phy_handle);
1503 }
1504
1505 hci_dev_unlock(hdev);
a02226d6
AE		 1506}
1507
0b26ab9d
AE		 1508static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1509{
1510 struct hci_cp_accept_phy_link *cp;
1511
1512 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1513
1514 if (status)
1515 return;
1516
1517 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1518 if (!cp)
1519 return;
1520
1521 amp_write_remote_assoc(hdev, cp->phy_handle);
1522}
1523
6039aa73 1524static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1525{
1526 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1527 struct discovery_state *discov = &hdev->discovery;
1528 struct inquiry_entry *e;
1da177e4 1529
9f1db00c 1530 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1531
a9de9248 1532 hci_conn_check_pending(hdev);
89352e7d
AG		 1533
1534 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1535 return;
1536
3e13fa1e
AG		 1537 smp_mb__after_clear_bit(); /* wake_up_bit advises about this barrier */
1538 wake_up_bit(&hdev->flags, HCI_INQUIRY);
1539
a8b2d5c2 1540 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1541 return;
1542
56e5cb86 1543 hci_dev_lock(hdev);
30dc78e1 1544
343f935b 1545 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1546 goto unlock;
1547
1548 if (list_empty(&discov->resolve)) {
1549 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1550 goto unlock;
1551 }
1552
1553 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1554 if (e && hci_resolve_name(hdev, e) == 0) {
1555 e->name_state = NAME_PENDING;
1556 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1557 } else {
1558 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1559 }
1560
1561unlock:
56e5cb86 1562 hci_dev_unlock(hdev);
1da177e4
LT		 1563}
1564
6039aa73 1565static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1566{
45bb4bf0 1567 struct inquiry_data data;
a9de9248 1568 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1569 int num_rsp = *((__u8 *) skb->data);
1570
1571 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1572
45bb4bf0
MH		 1573 if (!num_rsp)
1574 return;
1575
1519cc17
AG		 1576 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1577 return;
1578
1da177e4 1579 hci_dev_lock(hdev);
45bb4bf0 1580
e17acd40 1581 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1582 bool name_known, ssp;
3175405b 1583
1da177e4
LT		 1584 bacpy(&data.bdaddr, &info->bdaddr);
1585 data.pscan_rep_mode = info->pscan_rep_mode;
1586 data.pscan_period_mode = info->pscan_period_mode;
1587 data.pscan_mode = info->pscan_mode;
1588 memcpy(data.dev_class, info->dev_class, 3);
1589 data.clock_offset = info->clock_offset;
1590 data.rssi = 0x00;
41a96212 1591 data.ssp_mode = 0x00;
3175405b 1592
388fc8fa 1593 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1594 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1595 info->dev_class, 0, !name_known, ssp, NULL,
1596 0);
1da177e4 1597 }
45bb4bf0 1598
1da177e4
LT		 1599 hci_dev_unlock(hdev);
1600}
1601
6039aa73 1602static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1603{
a9de9248
MH		 1604 struct hci_ev_conn_complete *ev = (void *) skb->data;
1605 struct hci_conn *conn;
1da177e4
LT		 1606
1607 BT_DBG("%s", hdev->name);
1608
1609 hci_dev_lock(hdev);
1610
1611 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1612 if (!conn) {
1613 if (ev->link_type != SCO_LINK)
1614 goto unlock;
1615
1616 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1617 if (!conn)
1618 goto unlock;
1619
1620 conn->type = SCO_LINK;
1621 }
1da177e4
LT		 1622
1623 if (!ev->status) {
1624 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1625
1626 if (conn->type == ACL_LINK) {
1627 conn->state = BT_CONFIG;
1628 hci_conn_hold(conn);
a9ea3ed9
SJ		 1629
1630 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1631 !hci_find_link_key(hdev, &ev->bdaddr))
1632 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1633 else
1634 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1635 } else
1636 conn->state = BT_CONNECTED;
1da177e4 1637
7d0db0a3
MH		 1638 hci_conn_add_sysfs(conn);
1639
1da177e4
LT		 1640 if (test_bit(HCI_AUTH, &hdev->flags))
1641 conn->link_mode |= HCI_LM_AUTH;
1642
1643 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1644 conn->link_mode |= HCI_LM_ENCRYPT;
1645
04837f64
MH		 1646 /* Get remote features */
1647 if (conn->type == ACL_LINK) {
1648 struct hci_cp_read_remote_features cp;
1649 cp.handle = ev->handle;
769be974 1650 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1651 sizeof(cp), &cp);
04837f64
MH		 1652 }
1653
1da177e4 1654 /* Set packet type for incoming connection */
d095c1eb 1655 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1656 struct hci_cp_change_conn_ptype cp;
1657 cp.handle = ev->handle;
a8746417 1658 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1659 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1660 &cp);
1da177e4 1661 }
17d5c04c 1662 } else {
1da177e4 1663 conn->state = BT_CLOSED;
17d5c04c 1664 if (conn->type == ACL_LINK)
744cf19e 1665 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1666 conn->dst_type, ev->status);
17d5c04c 1667 }
1da177e4 1668
e73439d8
MH		 1669 if (conn->type == ACL_LINK)
1670 hci_sco_setup(conn, ev->status);
1da177e4 1671
769be974
MH		 1672 if (ev->status) {
1673 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1674 hci_conn_del(conn);
c89b6e6b
MH		 1675 } else if (ev->link_type != ACL_LINK)
1676 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1677
a9de9248 1678unlock:
1da177e4 1679 hci_dev_unlock(hdev);
1da177e4 1680
a9de9248 1681 hci_conn_check_pending(hdev);
1da177e4
LT		 1682}
1683
6039aa73 1684static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1685{
a9de9248
MH		 1686 struct hci_ev_conn_request *ev = (void *) skb->data;
1687 int mask = hdev->link_mode;
20714bfe 1688 __u8 flags = 0;
1da177e4 1689
6ed93dc6 1690 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1691 ev->link_type);
1da177e4 1692
20714bfe
FD		 1693 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
1694 &flags);
1da177e4 1695
138d22ef 1696 if ((mask & HCI_LM_ACCEPT) &&
b9ee0a78 1697 !hci_blacklist_lookup(hdev, &ev->bdaddr, BDADDR_BREDR)) {
a9de9248 1698 /* Connection accepted */
c7bdd502 1699 struct inquiry_entry *ie;
1da177e4 1700 struct hci_conn *conn;
1da177e4 1701
a9de9248 1702 hci_dev_lock(hdev);
b6a0dc82 1703
cc11b9c1
AE		 1704 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1705 if (ie)
c7bdd502
MH		 1706 memcpy(ie->data.dev_class, ev->dev_class, 3);
1707
8fc9ced3
GP		 1708 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1709 &ev->bdaddr);
a9de9248 1710 if (!conn) {
cc11b9c1
AE		 1711 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1712 if (!conn) {
893ef971 1713 BT_ERR("No memory for new connection");
a9de9248
MH		 1714 hci_dev_unlock(hdev);
1715 return;
1da177e4
LT		 1716 }
1717 }
b6a0dc82 1718
a9de9248 1719 memcpy(conn->dev_class, ev->dev_class, 3);
b6a0dc82 1720
a9de9248 1721 hci_dev_unlock(hdev);
1da177e4 1722
20714bfe
FD		 1723 if (ev->link_type == ACL_LINK ||
1724 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
b6a0dc82 1725 struct hci_cp_accept_conn_req cp;
20714bfe 1726 conn->state = BT_CONNECT;
1da177e4 1727
b6a0dc82
MH		 1728 bacpy(&cp.bdaddr, &ev->bdaddr);
1729
1730 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1731 cp.role = 0x00; /* Become master */
1732 else
1733 cp.role = 0x01; /* Remain slave */
1734
04124681
GP		 1735 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1736 &cp);
20714bfe 1737 } else if (!(flags & HCI_PROTO_DEFER)) {
b6a0dc82 1738 struct hci_cp_accept_sync_conn_req cp;
20714bfe 1739 conn->state = BT_CONNECT;
b6a0dc82
MH		 1740
1741 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1742 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1743
82781e63
AE		 1744 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1745 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1746 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1747 cp.content_format = cpu_to_le16(hdev->voice_setting);
1748 cp.retrans_effort = 0xff;
1da177e4 1749
b6a0dc82 1750 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1751 sizeof(cp), &cp);
20714bfe
FD		 1752 } else {
1753 conn->state = BT_CONNECT2;
1754 hci_proto_connect_cfm(conn, 0);
b6a0dc82 1755 }
a9de9248
MH		 1756 } else {
1757 /* Connection rejected */
1758 struct hci_cp_reject_conn_req cp;
1da177e4 1759
a9de9248 1760 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1761 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1762 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1763 }
1da177e4
LT		 1764}
1765
f0d6a0ea
MA		 1766static u8 hci_to_mgmt_reason(u8 err)
1767{
1768 switch (err) {
1769 case HCI_ERROR_CONNECTION_TIMEOUT:
1770 return MGMT_DEV_DISCONN_TIMEOUT;
1771 case HCI_ERROR_REMOTE_USER_TERM:
1772 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1773 case HCI_ERROR_REMOTE_POWER_OFF:
1774 return MGMT_DEV_DISCONN_REMOTE;
1775 case HCI_ERROR_LOCAL_HOST_TERM:
1776 return MGMT_DEV_DISCONN_LOCAL_HOST;
1777 default:
1778 return MGMT_DEV_DISCONN_UNKNOWN;
1779 }
1780}
1781
6039aa73 1782static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1783{
a9de9248 1784 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1785 struct hci_conn *conn;
1786
9f1db00c 1787 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1788
1789 hci_dev_lock(hdev);
1790
1791 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1792 if (!conn)
1793 goto unlock;
7d0db0a3 1794
37d9ef76
JH		 1795 if (ev->status == 0)
1796 conn->state = BT_CLOSED;
04837f64 1797
b644ba33 1798 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 1799 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 1800 if (ev->status) {
88c3df13 1801 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 1802 conn->dst_type, ev->status);
f0d6a0ea
MA		 1803 } else {
1804 u8 reason = hci_to_mgmt_reason(ev->reason);
1805
afc747a6 1806 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 1807 conn->dst_type, reason);
1808 }
37d9ef76 1809 }
f7520543 1810
37d9ef76 1811 if (ev->status == 0) {
2210246c
JH		 1812 u8 type = conn->type;
1813
1814 if (type == ACL_LINK && conn->flush_key)
6ec5bcad 1815 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 1816 hci_proto_disconn_cfm(conn, ev->reason);
1817 hci_conn_del(conn);
2210246c
JH		 1818
1819 /* Re-enable advertising if necessary, since it might
1820 * have been disabled by the connection. From the
1821 * HCI_LE_Set_Advertise_Enable command description in
1822 * the core specification (v4.0):
1823 * "The Controller shall continue advertising until the Host
1824 * issues an LE_Set_Advertise_Enable command with
1825 * Advertising_Enable set to 0x00 (Advertising is disabled)
1826 * or until a connection is created or until the Advertising
1827 * is timed out due to Directed Advertising."
1828 */
1829 if (type == LE_LINK)
5976e608 1830 mgmt_reenable_advertising(hdev);
37d9ef76 1831 }
f7520543
JH		 1832
1833unlock:
04837f64
MH		 1834 hci_dev_unlock(hdev);
1835}
1836
6039aa73 1837static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1838{
a9de9248 1839 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1840 struct hci_conn *conn;
1da177e4 1841
9f1db00c 1842 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1843
1844 hci_dev_lock(hdev);
1845
04837f64 1846 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1847 if (!conn)
1848 goto unlock;
1849
1850 if (!ev->status) {
aa64a8b5 1851 if (!hci_conn_ssp_enabled(conn) &&
807deac2 1852 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1853 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1854 } else {
d7556e20
WR		 1855 conn->link_mode |= HCI_LM_AUTH;
1856 conn->sec_level = conn->pending_sec_level;
2a611692 1857 }
d7556e20 1858 } else {
bab73cb6 1859 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 1860 ev->status);
d7556e20 1861 }
1da177e4 1862
51a8efd7
JH		 1863 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1864 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1865
d7556e20 1866 if (conn->state == BT_CONFIG) {
aa64a8b5 1867 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1868 struct hci_cp_set_conn_encrypt cp;
1869 cp.handle = ev->handle;
1870 cp.encrypt = 0x01;
1871 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1872 &cp);
052b30b0 1873 } else {
d7556e20
WR		 1874 conn->state = BT_CONNECTED;
1875 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1876 hci_conn_drop(conn);
052b30b0 1877 }
d7556e20
WR		 1878 } else {
1879 hci_auth_cfm(conn, ev->status);
052b30b0 1880
d7556e20
WR		 1881 hci_conn_hold(conn);
1882 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 1883 hci_conn_drop(conn);
d7556e20
WR		 1884 }
1885
51a8efd7 1886 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1887 if (!ev->status) {
1888 struct hci_cp_set_conn_encrypt cp;
1889 cp.handle = ev->handle;
1890 cp.encrypt = 0x01;
1891 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1892 &cp);
d7556e20 1893 } else {
51a8efd7 1894 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1895 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1896 }
1897 }
1898
d7556e20 1899unlock:
1da177e4
LT		 1900 hci_dev_unlock(hdev);
1901}
1902
6039aa73 1903static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1904{
127178d2
JH		 1905 struct hci_ev_remote_name *ev = (void *) skb->data;
1906 struct hci_conn *conn;
1907
a9de9248 1908 BT_DBG("%s", hdev->name);
1da177e4 1909
a9de9248 1910 hci_conn_check_pending(hdev);
127178d2
JH		 1911
1912 hci_dev_lock(hdev);
1913
b644ba33 1914 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1915
b644ba33
JH		 1916 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1917 goto check_auth;
a88a9652 1918
b644ba33
JH		 1919 if (ev->status == 0)
1920 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 1921 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 1922 else
1923 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1924
1925check_auth:
79c6c70c
JH		 1926 if (!conn)
1927 goto unlock;
1928
1929 if (!hci_outgoing_auth_needed(hdev, conn))
1930 goto unlock;
1931
51a8efd7 1932 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1933 struct hci_cp_auth_requested cp;
1934 cp.handle = __cpu_to_le16(conn->handle);
1935 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1936 }
1937
79c6c70c 1938unlock:
127178d2 1939 hci_dev_unlock(hdev);
a9de9248
MH		 1940}
1941
6039aa73 1942static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 1943{
1944 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1945 struct hci_conn *conn;
1946
9f1db00c 1947 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1948
1949 hci_dev_lock(hdev);
1950
04837f64 1951 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1952 if (conn) {
1953 if (!ev->status) {
ae293196
MH		 1954 if (ev->encrypt) {
1955 /* Encryption implies authentication */
1956 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1957 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 1958 conn->sec_level = conn->pending_sec_level;
ae293196 1959 } else
1da177e4
LT		 1960 conn->link_mode &= ~HCI_LM_ENCRYPT;
1961 }
1962
51a8efd7 1963 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 1964
a7d7723a 1965 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 1966 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 1967 hci_conn_drop(conn);
a7d7723a
GP		 1968 goto unlock;
1969 }
1970
f8558555
MH		 1971 if (conn->state == BT_CONFIG) {
1972 if (!ev->status)
1973 conn->state = BT_CONNECTED;
1974
1975 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 1976 hci_conn_drop(conn);
f8558555
MH		 1977 } else
1978 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1979 }
1980
a7d7723a 1981unlock:
1da177e4
LT		 1982 hci_dev_unlock(hdev);
1983}
1984
6039aa73
GP		 1985static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
1986 struct sk_buff *skb)
1da177e4 1987{
a9de9248 1988 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1989 struct hci_conn *conn;
1da177e4 1990
9f1db00c 1991 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1992
1993 hci_dev_lock(hdev);
1994
04837f64 1995 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1996 if (conn) {
1997 if (!ev->status)
1998 conn->link_mode |= HCI_LM_SECURE;
1999
51a8efd7 2000 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2001
2002 hci_key_change_cfm(conn, ev->status);
2003 }
2004
2005 hci_dev_unlock(hdev);
2006}
2007
6039aa73
GP		 2008static void hci_remote_features_evt(struct hci_dev *hdev,
2009 struct sk_buff *skb)
1da177e4 2010{
a9de9248
MH		 2011 struct hci_ev_remote_features *ev = (void *) skb->data;
2012 struct hci_conn *conn;
2013
9f1db00c 2014 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2015
a9de9248
MH		 2016 hci_dev_lock(hdev);
2017
2018 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2019 if (!conn)
2020 goto unlock;
769be974 2021
ccd556fe 2022 if (!ev->status)
cad718ed 2023 memcpy(conn->features[0], ev->features, 8);
ccd556fe
JH		 2024
2025 if (conn->state != BT_CONFIG)
2026 goto unlock;
2027
2028 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2029 struct hci_cp_read_remote_ext_features cp;
2030 cp.handle = ev->handle;
2031 cp.page = 0x01;
2032 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2033 sizeof(cp), &cp);
392599b9
JH		 2034 goto unlock;
2035 }
2036
671267bf 2037 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2038 struct hci_cp_remote_name_req cp;
2039 memset(&cp, 0, sizeof(cp));
2040 bacpy(&cp.bdaddr, &conn->dst);
2041 cp.pscan_rep_mode = 0x02;
2042 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2043 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2044 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2045 conn->dst_type, 0, NULL, 0,
2046 conn->dev_class);
392599b9 2047
127178d2 2048 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2049 conn->state = BT_CONNECTED;
2050 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2051 hci_conn_drop(conn);
769be974 2052 }
a9de9248 2053
ccd556fe 2054unlock:
a9de9248 2055 hci_dev_unlock(hdev);
1da177e4
LT		 2056}
2057
6039aa73 2058static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2059{
2060 struct hci_ev_cmd_complete *ev = (void *) skb->data;
9238f36a 2061 u8 status = skb->data[sizeof(*ev)];
a9de9248
MH		 2062 __u16 opcode;
2063
2064 skb_pull(skb, sizeof(*ev));
2065
2066 opcode = __le16_to_cpu(ev->opcode);
2067
2068 switch (opcode) {
2069 case HCI_OP_INQUIRY_CANCEL:
2070 hci_cc_inquiry_cancel(hdev, skb);
2071 break;
2072
4d93483b
AG		 2073 case HCI_OP_PERIODIC_INQ:
2074 hci_cc_periodic_inq(hdev, skb);
2075 break;
2076
a9de9248
MH		 2077 case HCI_OP_EXIT_PERIODIC_INQ:
2078 hci_cc_exit_periodic_inq(hdev, skb);
2079 break;
2080
2081 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2082 hci_cc_remote_name_req_cancel(hdev, skb);
2083 break;
2084
2085 case HCI_OP_ROLE_DISCOVERY:
2086 hci_cc_role_discovery(hdev, skb);
2087 break;
2088
e4e8e37c
MH		 2089 case HCI_OP_READ_LINK_POLICY:
2090 hci_cc_read_link_policy(hdev, skb);
2091 break;
2092
a9de9248
MH		 2093 case HCI_OP_WRITE_LINK_POLICY:
2094 hci_cc_write_link_policy(hdev, skb);
2095 break;
2096
e4e8e37c
MH		 2097 case HCI_OP_READ_DEF_LINK_POLICY:
2098 hci_cc_read_def_link_policy(hdev, skb);
2099 break;
2100
2101 case HCI_OP_WRITE_DEF_LINK_POLICY:
2102 hci_cc_write_def_link_policy(hdev, skb);
2103 break;
2104
a9de9248
MH		 2105 case HCI_OP_RESET:
2106 hci_cc_reset(hdev, skb);
2107 break;
2108
2109 case HCI_OP_WRITE_LOCAL_NAME:
2110 hci_cc_write_local_name(hdev, skb);
2111 break;
2112
2113 case HCI_OP_READ_LOCAL_NAME:
2114 hci_cc_read_local_name(hdev, skb);
2115 break;
2116
2117 case HCI_OP_WRITE_AUTH_ENABLE:
2118 hci_cc_write_auth_enable(hdev, skb);
2119 break;
2120
2121 case HCI_OP_WRITE_ENCRYPT_MODE:
2122 hci_cc_write_encrypt_mode(hdev, skb);
2123 break;
2124
2125 case HCI_OP_WRITE_SCAN_ENABLE:
2126 hci_cc_write_scan_enable(hdev, skb);
2127 break;
2128
2129 case HCI_OP_READ_CLASS_OF_DEV:
2130 hci_cc_read_class_of_dev(hdev, skb);
2131 break;
2132
2133 case HCI_OP_WRITE_CLASS_OF_DEV:
2134 hci_cc_write_class_of_dev(hdev, skb);
2135 break;
2136
2137 case HCI_OP_READ_VOICE_SETTING:
2138 hci_cc_read_voice_setting(hdev, skb);
2139 break;
2140
2141 case HCI_OP_WRITE_VOICE_SETTING:
2142 hci_cc_write_voice_setting(hdev, skb);
2143 break;
2144
b4cb9fb2
MH		 2145 case HCI_OP_READ_NUM_SUPPORTED_IAC:
2146 hci_cc_read_num_supported_iac(hdev, skb);
2147 break;
2148
333140b5
MH		 2149 case HCI_OP_WRITE_SSP_MODE:
2150 hci_cc_write_ssp_mode(hdev, skb);
2151 break;
2152
a9de9248
MH		 2153 case HCI_OP_READ_LOCAL_VERSION:
2154 hci_cc_read_local_version(hdev, skb);
2155 break;
2156
2157 case HCI_OP_READ_LOCAL_COMMANDS:
2158 hci_cc_read_local_commands(hdev, skb);
2159 break;
2160
2161 case HCI_OP_READ_LOCAL_FEATURES:
2162 hci_cc_read_local_features(hdev, skb);
2163 break;
2164
971e3a4b
AG		 2165 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2166 hci_cc_read_local_ext_features(hdev, skb);
2167 break;
2168
a9de9248
MH		 2169 case HCI_OP_READ_BUFFER_SIZE:
2170 hci_cc_read_buffer_size(hdev, skb);
2171 break;
2172
2173 case HCI_OP_READ_BD_ADDR:
2174 hci_cc_read_bd_addr(hdev, skb);
2175 break;
2176
f332ec66
JH		 2177 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
2178 hci_cc_read_page_scan_activity(hdev, skb);
2179 break;
2180
4a3ee763
JH		 2181 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
2182 hci_cc_write_page_scan_activity(hdev, skb);
2183 break;
2184
f332ec66
JH		 2185 case HCI_OP_READ_PAGE_SCAN_TYPE:
2186 hci_cc_read_page_scan_type(hdev, skb);
2187 break;
2188
4a3ee763
JH		 2189 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
2190 hci_cc_write_page_scan_type(hdev, skb);
2191 break;
2192
350ee4cf
AE		 2193 case HCI_OP_READ_DATA_BLOCK_SIZE:
2194 hci_cc_read_data_block_size(hdev, skb);
2195 break;
2196
1e89cffb
AE		 2197 case HCI_OP_READ_FLOW_CONTROL_MODE:
2198 hci_cc_read_flow_control_mode(hdev, skb);
2199 break;
2200
928abaa7
AE		 2201 case HCI_OP_READ_LOCAL_AMP_INFO:
2202 hci_cc_read_local_amp_info(hdev, skb);
2203 break;
2204
903e4541
AE		 2205 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2206 hci_cc_read_local_amp_assoc(hdev, skb);
2207 break;
2208
d5859e22
JH		 2209 case HCI_OP_READ_INQ_RSP_TX_POWER:
2210 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2211 break;
2212
980e1a53
JH		 2213 case HCI_OP_PIN_CODE_REPLY:
2214 hci_cc_pin_code_reply(hdev, skb);
2215 break;
2216
2217 case HCI_OP_PIN_CODE_NEG_REPLY:
2218 hci_cc_pin_code_neg_reply(hdev, skb);
2219 break;
2220
c35938b2
SJ		 2221 case HCI_OP_READ_LOCAL_OOB_DATA:
2222 hci_cc_read_local_oob_data_reply(hdev, skb);
2223 break;
2224
6ed58ec5
VT		 2225 case HCI_OP_LE_READ_BUFFER_SIZE:
2226 hci_cc_le_read_buffer_size(hdev, skb);
2227 break;
2228
60e77321
JH		 2229 case HCI_OP_LE_READ_LOCAL_FEATURES:
2230 hci_cc_le_read_local_features(hdev, skb);
2231 break;
2232
8fa19098
JH		 2233 case HCI_OP_LE_READ_ADV_TX_POWER:
2234 hci_cc_le_read_adv_tx_power(hdev, skb);
2235 break;
2236
a5c29683
JH		 2237 case HCI_OP_USER_CONFIRM_REPLY:
2238 hci_cc_user_confirm_reply(hdev, skb);
2239 break;
2240
2241 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2242 hci_cc_user_confirm_neg_reply(hdev, skb);
2243 break;
2244
1143d458
BG		 2245 case HCI_OP_USER_PASSKEY_REPLY:
2246 hci_cc_user_passkey_reply(hdev, skb);
2247 break;
2248
2249 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2250 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2251 break;
07f7fa5d 2252
c1d5dc4a
JH		 2253 case HCI_OP_LE_SET_ADV_ENABLE:
2254 hci_cc_le_set_adv_enable(hdev, skb);
2255 break;
2256
eb9d91f5
AG		 2257 case HCI_OP_LE_SET_SCAN_ENABLE:
2258 hci_cc_le_set_scan_enable(hdev, skb);
2259 break;
2260
cf1d081f
JH		 2261 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
2262 hci_cc_le_read_white_list_size(hdev, skb);
2263 break;
2264
9b008c04
JH		 2265 case HCI_OP_LE_READ_SUPPORTED_STATES:
2266 hci_cc_le_read_supported_states(hdev, skb);
2267 break;
2268
f9b49306
AG		 2269 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2270 hci_cc_write_le_host_supported(hdev, skb);
2271 break;
2272
93c284ee
AE		 2273 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2274 hci_cc_write_remote_amp_assoc(hdev, skb);
2275 break;
2276
a9de9248 2277 default:
9f1db00c 2278 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2279 break;
2280 }
2281
ad82cdd1 2282 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2283 del_timer(&hdev->cmd_timer);
2284
ad82cdd1 2285 hci_req_cmd_complete(hdev, opcode, status);
9238f36a 2286
dbccd791 2287 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2288 atomic_set(&hdev->cmd_cnt, 1);
2289 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2290 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2291 }
2292}
2293
6039aa73 2294static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2295{
2296 struct hci_ev_cmd_status *ev = (void *) skb->data;
2297 __u16 opcode;
2298
2299 skb_pull(skb, sizeof(*ev));
2300
2301 opcode = __le16_to_cpu(ev->opcode);
2302
2303 switch (opcode) {
2304 case HCI_OP_INQUIRY:
2305 hci_cs_inquiry(hdev, ev->status);
2306 break;
2307
2308 case HCI_OP_CREATE_CONN:
2309 hci_cs_create_conn(hdev, ev->status);
2310 break;
2311
2312 case HCI_OP_ADD_SCO:
2313 hci_cs_add_sco(hdev, ev->status);
2314 break;
2315
f8558555
MH		 2316 case HCI_OP_AUTH_REQUESTED:
2317 hci_cs_auth_requested(hdev, ev->status);
2318 break;
2319
2320 case HCI_OP_SET_CONN_ENCRYPT:
2321 hci_cs_set_conn_encrypt(hdev, ev->status);
2322 break;
2323
a9de9248
MH		 2324 case HCI_OP_REMOTE_NAME_REQ:
2325 hci_cs_remote_name_req(hdev, ev->status);
2326 break;
2327
769be974
MH		 2328 case HCI_OP_READ_REMOTE_FEATURES:
2329 hci_cs_read_remote_features(hdev, ev->status);
2330 break;
2331
2332 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2333 hci_cs_read_remote_ext_features(hdev, ev->status);
2334 break;
2335
a9de9248
MH		 2336 case HCI_OP_SETUP_SYNC_CONN:
2337 hci_cs_setup_sync_conn(hdev, ev->status);
2338 break;
2339
2340 case HCI_OP_SNIFF_MODE:
2341 hci_cs_sniff_mode(hdev, ev->status);
2342 break;
2343
2344 case HCI_OP_EXIT_SNIFF_MODE:
2345 hci_cs_exit_sniff_mode(hdev, ev->status);
2346 break;
2347
8962ee74 2348 case HCI_OP_DISCONNECT:
88c3df13 2349 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2350 break;
2351
a02226d6
AE		 2352 case HCI_OP_CREATE_PHY_LINK:
2353 hci_cs_create_phylink(hdev, ev->status);
2354 break;
2355
0b26ab9d
AE		 2356 case HCI_OP_ACCEPT_PHY_LINK:
2357 hci_cs_accept_phylink(hdev, ev->status);
2358 break;
2359
a9de9248 2360 default:
9f1db00c 2361 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2362 break;
2363 }
2364
ad82cdd1 2365 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2366 del_timer(&hdev->cmd_timer);
2367
02350a72
JH		 2368 if (ev->status ||
2369 (hdev->sent_cmd && !bt_cb(hdev->sent_cmd)->req.event))
2370 hci_req_cmd_complete(hdev, opcode, ev->status);
9238f36a 2371
10572132 2372 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2373 atomic_set(&hdev->cmd_cnt, 1);
2374 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2375 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2376 }
2377}
2378
6039aa73 2379static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2380{
2381 struct hci_ev_role_change *ev = (void *) skb->data;
2382 struct hci_conn *conn;
2383
9f1db00c 2384 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2385
2386 hci_dev_lock(hdev);
2387
2388 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2389 if (conn) {
2390 if (!ev->status) {
2391 if (ev->role)
2392 conn->link_mode &= ~HCI_LM_MASTER;
2393 else
2394 conn->link_mode |= HCI_LM_MASTER;
2395 }
2396
51a8efd7 2397 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2398
2399 hci_role_switch_cfm(conn, ev->status, ev->role);
2400 }
2401
2402 hci_dev_unlock(hdev);
2403}
2404
6039aa73 2405static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2406{
2407 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2408 int i;
2409
32ac5b9b
AE		 2410 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2411 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2412 return;
2413 }
2414
c5993de8 2415 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2416 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2417 BT_DBG("%s bad parameters", hdev->name);
2418 return;
2419 }
2420
c5993de8
AE		 2421 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2422
613a1c0c
AE		 2423 for (i = 0; i < ev->num_hndl; i++) {
2424 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2425 struct hci_conn *conn;
2426 __u16 handle, count;
2427
613a1c0c
AE		 2428 handle = __le16_to_cpu(info->handle);
2429 count = __le16_to_cpu(info->count);
a9de9248
MH		 2430
2431 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2432 if (!conn)
2433 continue;
2434
2435 conn->sent -= count;
2436
2437 switch (conn->type) {
2438 case ACL_LINK:
2439 hdev->acl_cnt += count;
2440 if (hdev->acl_cnt > hdev->acl_pkts)
2441 hdev->acl_cnt = hdev->acl_pkts;
2442 break;
2443
2444 case LE_LINK:
2445 if (hdev->le_pkts) {
2446 hdev->le_cnt += count;
2447 if (hdev->le_cnt > hdev->le_pkts)
2448 hdev->le_cnt = hdev->le_pkts;
2449 } else {
70f23020
AE		 2450 hdev->acl_cnt += count;
2451 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2452 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2453 }
f4280918
AE		 2454 break;
2455
2456 case SCO_LINK:
2457 hdev->sco_cnt += count;
2458 if (hdev->sco_cnt > hdev->sco_pkts)
2459 hdev->sco_cnt = hdev->sco_pkts;
2460 break;
2461
2462 default:
2463 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2464 break;
a9de9248
MH		 2465 }
2466 }
2467
3eff45ea 2468 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2469}
2470
76ef7cf7
AE		 2471static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2472 __u16 handle)
2473{
2474 struct hci_chan *chan;
2475
2476 switch (hdev->dev_type) {
2477 case HCI_BREDR:
2478 return hci_conn_hash_lookup_handle(hdev, handle);
2479 case HCI_AMP:
2480 chan = hci_chan_lookup_handle(hdev, handle);
2481 if (chan)
2482 return chan->conn;
2483 break;
2484 default:
2485 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2486 break;
2487 }
2488
2489 return NULL;
2490}
2491
6039aa73 2492static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2493{
2494 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2495 int i;
2496
2497 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2498 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2499 return;
2500 }
2501
2502 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2503 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2504 BT_DBG("%s bad parameters", hdev->name);
2505 return;
2506 }
2507
2508 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2509 ev->num_hndl);
25e89e99
AE		 2510
2511 for (i = 0; i < ev->num_hndl; i++) {
2512 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2513 struct hci_conn *conn = NULL;
25e89e99
AE		 2514 __u16 handle, block_count;
2515
2516 handle = __le16_to_cpu(info->handle);
2517 block_count = __le16_to_cpu(info->blocks);
2518
76ef7cf7 2519 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2520 if (!conn)
2521 continue;
2522
2523 conn->sent -= block_count;
2524
2525 switch (conn->type) {
2526 case ACL_LINK:
bd1eb66b 2527 case AMP_LINK:
25e89e99
AE		 2528 hdev->block_cnt += block_count;
2529 if (hdev->block_cnt > hdev->num_blocks)
2530 hdev->block_cnt = hdev->num_blocks;
2531 break;
2532
2533 default:
2534 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2535 break;
2536 }
2537 }
2538
2539 queue_work(hdev->workqueue, &hdev->tx_work);
2540}
2541
6039aa73 2542static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2543{
a9de9248 2544 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2545 struct hci_conn *conn;
2546
9f1db00c 2547 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2548
2549 hci_dev_lock(hdev);
2550
2551 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2552 if (conn) {
2553 conn->mode = ev->mode;
a9de9248 2554
8fc9ced3
GP		 2555 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2556 &conn->flags)) {
a9de9248 2557 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2558 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2559 else
58a681ef 2560 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2561 }
e73439d8 2562
51a8efd7 2563 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2564 hci_sco_setup(conn, ev->status);
04837f64
MH		 2565 }
2566
2567 hci_dev_unlock(hdev);
2568}
2569
6039aa73 2570static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2571{
052b30b0
MH		 2572 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2573 struct hci_conn *conn;
2574
a9de9248 2575 BT_DBG("%s", hdev->name);
052b30b0
MH		 2576
2577 hci_dev_lock(hdev);
2578
2579 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2580 if (!conn)
2581 goto unlock;
2582
2583 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2584 hci_conn_hold(conn);
2585 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
76a68ba0 2586 hci_conn_drop(conn);
052b30b0
MH		 2587 }
2588
a8b2d5c2 2589 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2590 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2591 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2592 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2593 u8 secure;
2594
2595 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2596 secure = 1;
2597 else
2598 secure = 0;
2599
744cf19e 2600 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2601 }
980e1a53 2602
b6f98044 2603unlock:
052b30b0 2604 hci_dev_unlock(hdev);
a9de9248
MH		 2605}
2606
6039aa73 2607static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2608{
55ed8ca1
JH		 2609 struct hci_ev_link_key_req *ev = (void *) skb->data;
2610 struct hci_cp_link_key_reply cp;
2611 struct hci_conn *conn;
2612 struct link_key *key;
2613
a9de9248 2614 BT_DBG("%s", hdev->name);
55ed8ca1 2615
034cbea0 2616 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
55ed8ca1
JH		 2617 return;
2618
2619 hci_dev_lock(hdev);
2620
2621 key = hci_find_link_key(hdev, &ev->bdaddr);
2622 if (!key) {
6ed93dc6
AE		 2623 BT_DBG("%s link key not found for %pMR", hdev->name,
2624 &ev->bdaddr);
55ed8ca1
JH		 2625 goto not_found;
2626 }
2627
6ed93dc6
AE		 2628 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2629 &ev->bdaddr);
55ed8ca1 2630
a8b2d5c2 2631 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2632 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2633 BT_DBG("%s ignoring debug key", hdev->name);
2634 goto not_found;
2635 }
2636
2637 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2638 if (conn) {
2639 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2640 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2641 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2642 goto not_found;
2643 }
55ed8ca1 2644
60b83f57 2645 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2646 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2647 BT_DBG("%s ignoring key unauthenticated for high security",
2648 hdev->name);
60b83f57
WR		 2649 goto not_found;
2650 }
2651
2652 conn->key_type = key->type;
2653 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2654 }
2655
2656 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2657 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2658
2659 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2660
2661 hci_dev_unlock(hdev);
2662
2663 return;
2664
2665not_found:
2666 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2667 hci_dev_unlock(hdev);
a9de9248
MH		 2668}
2669
6039aa73 2670static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2671{
052b30b0
MH		 2672 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2673 struct hci_conn *conn;
55ed8ca1 2674 u8 pin_len = 0;
052b30b0 2675
a9de9248 2676 BT_DBG("%s", hdev->name);
052b30b0
MH		 2677
2678 hci_dev_lock(hdev);
2679
2680 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2681 if (conn) {
2682 hci_conn_hold(conn);
2683 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2684 pin_len = conn->pin_length;
13d39315
WR		 2685
2686 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2687 conn->key_type = ev->key_type;
2688
76a68ba0 2689 hci_conn_drop(conn);
052b30b0
MH		 2690 }
2691
034cbea0 2692 if (test_bit(HCI_MGMT, &hdev->dev_flags))
d25e28ab 2693 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2694 ev->key_type, pin_len);
55ed8ca1 2695
052b30b0 2696 hci_dev_unlock(hdev);
a9de9248
MH		 2697}
2698
6039aa73 2699static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2700{
a9de9248 2701 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2702 struct hci_conn *conn;
1da177e4 2703
9f1db00c 2704 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2705
2706 hci_dev_lock(hdev);
2707
04837f64 2708 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2709 if (conn && !ev->status) {
2710 struct inquiry_entry *ie;
2711
cc11b9c1
AE		 2712 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2713 if (ie) {
1da177e4
LT		 2714 ie->data.clock_offset = ev->clock_offset;
2715 ie->timestamp = jiffies;
2716 }
2717 }
2718
2719 hci_dev_unlock(hdev);
2720}
2721
6039aa73 2722static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2723{
2724 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2725 struct hci_conn *conn;
2726
9f1db00c 2727 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2728
2729 hci_dev_lock(hdev);
2730
2731 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2732 if (conn && !ev->status)
2733 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2734
2735 hci_dev_unlock(hdev);
2736}
2737
6039aa73 2738static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2739{
a9de9248 2740 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2741 struct inquiry_entry *ie;
2742
2743 BT_DBG("%s", hdev->name);
2744
2745 hci_dev_lock(hdev);
2746
cc11b9c1
AE		 2747 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2748 if (ie) {
85a1e930
MH		 2749 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2750 ie->timestamp = jiffies;
2751 }
2752
2753 hci_dev_unlock(hdev);
2754}
2755
6039aa73
GP		 2756static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2757 struct sk_buff *skb)
a9de9248
MH		 2758{
2759 struct inquiry_data data;
2760 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2761 bool name_known, ssp;
a9de9248
MH		 2762
2763 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2764
2765 if (!num_rsp)
2766 return;
2767
1519cc17
AG		 2768 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2769 return;
2770
a9de9248
MH		 2771 hci_dev_lock(hdev);
2772
2773 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2774 struct inquiry_info_with_rssi_and_pscan_mode *info;
2775 info = (void *) (skb->data + 1);
a9de9248 2776
e17acd40 2777 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2778 bacpy(&data.bdaddr, &info->bdaddr);
2779 data.pscan_rep_mode = info->pscan_rep_mode;
2780 data.pscan_period_mode = info->pscan_period_mode;
2781 data.pscan_mode = info->pscan_mode;
2782 memcpy(data.dev_class, info->dev_class, 3);
2783 data.clock_offset = info->clock_offset;
2784 data.rssi = info->rssi;
41a96212 2785 data.ssp_mode = 0x00;
3175405b
JH		 2786
2787 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2788 false, &ssp);
48264f06 2789 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2790 info->dev_class, info->rssi,
2791 !name_known, ssp, NULL, 0);
a9de9248
MH		 2792 }
2793 } else {
2794 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2795
e17acd40 2796 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2797 bacpy(&data.bdaddr, &info->bdaddr);
2798 data.pscan_rep_mode = info->pscan_rep_mode;
2799 data.pscan_period_mode = info->pscan_period_mode;
2800 data.pscan_mode = 0x00;
2801 memcpy(data.dev_class, info->dev_class, 3);
2802 data.clock_offset = info->clock_offset;
2803 data.rssi = info->rssi;
41a96212 2804 data.ssp_mode = 0x00;
3175405b 2805 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2806 false, &ssp);
48264f06 2807 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2808 info->dev_class, info->rssi,
2809 !name_known, ssp, NULL, 0);
a9de9248
MH		 2810 }
2811 }
2812
2813 hci_dev_unlock(hdev);
2814}
2815
6039aa73
GP		 2816static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2817 struct sk_buff *skb)
a9de9248 2818{
41a96212
MH		 2819 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2820 struct hci_conn *conn;
2821
a9de9248 2822 BT_DBG("%s", hdev->name);
41a96212 2823
41a96212
MH		 2824 hci_dev_lock(hdev);
2825
2826 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2827 if (!conn)
2828 goto unlock;
41a96212 2829
cad718ed
JH		 2830 if (ev->page < HCI_MAX_PAGES)
2831 memcpy(conn->features[ev->page], ev->features, 8);
2832
ccd556fe
JH		 2833 if (!ev->status && ev->page == 0x01) {
2834 struct inquiry_entry *ie;
41a96212 2835
cc11b9c1
AE		 2836 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2837 if (ie)
02b7cc62 2838 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 2839
bbb0eada 2840 if (ev->features[0] & LMP_HOST_SSP) {
58a681ef 2841 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
bbb0eada
JK		 2842 } else {
2843 /* It is mandatory by the Bluetooth specification that
2844 * Extended Inquiry Results are only used when Secure
2845 * Simple Pairing is enabled, but some devices violate
2846 * this.
2847 *
2848 * To make these devices work, the internal SSP
2849 * enabled flag needs to be cleared if the remote host
2850 * features do not indicate SSP support */
2851 clear_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
2852 }
ccd556fe
JH		 2853 }
2854
2855 if (conn->state != BT_CONFIG)
2856 goto unlock;
2857
671267bf 2858 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2859 struct hci_cp_remote_name_req cp;
2860 memset(&cp, 0, sizeof(cp));
2861 bacpy(&cp.bdaddr, &conn->dst);
2862 cp.pscan_rep_mode = 0x02;
2863 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2864 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2865 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2866 conn->dst_type, 0, NULL, 0,
2867 conn->dev_class);
392599b9 2868
127178d2 2869 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2870 conn->state = BT_CONNECTED;
2871 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 2872 hci_conn_drop(conn);
41a96212
MH		 2873 }
2874
ccd556fe 2875unlock:
41a96212 2876 hci_dev_unlock(hdev);
a9de9248
MH		 2877}
2878
6039aa73
GP		 2879static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
2880 struct sk_buff *skb)
a9de9248 2881{
b6a0dc82
MH		 2882 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2883 struct hci_conn *conn;
2884
9f1db00c 2885 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 2886
2887 hci_dev_lock(hdev);
2888
2889 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2890 if (!conn) {
2891 if (ev->link_type == ESCO_LINK)
2892 goto unlock;
2893
2894 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2895 if (!conn)
2896 goto unlock;
2897
2898 conn->type = SCO_LINK;
2899 }
b6a0dc82 2900
732547f9
MH		 2901 switch (ev->status) {
2902 case 0x00:
b6a0dc82
MH		 2903 conn->handle = __le16_to_cpu(ev->handle);
2904 conn->state = BT_CONNECTED;
7d0db0a3
MH		 2905
2906 hci_conn_add_sysfs(conn);
732547f9
MH		 2907 break;
2908
1a4c958c 2909 case 0x0d: /* Connection Rejected due to Limited Resources */
705e5711 2910 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2911 case 0x1c: /* SCO interval rejected */
1038a00b 2912 case 0x1a: /* Unsupported Remote Feature */
732547f9 2913 case 0x1f: /* Unspecified error */
2dea632f 2914 if (conn->out) {
732547f9
MH		 2915 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2916 (hdev->esco_type & EDR_ESCO_MASK);
2dea632f
FD		 2917 if (hci_setup_sync(conn, conn->link->handle))
2918 goto unlock;
732547f9
MH		 2919 }
2920 /* fall through */
2921
2922 default:
b6a0dc82 2923 conn->state = BT_CLOSED;
732547f9
MH		 2924 break;
2925 }
b6a0dc82
MH		 2926
2927 hci_proto_connect_cfm(conn, ev->status);
2928 if (ev->status)
2929 hci_conn_del(conn);
2930
2931unlock:
2932 hci_dev_unlock(hdev);
a9de9248
MH		 2933}
2934
efdcf8e3
MH		 2935static inline size_t eir_get_length(u8 *eir, size_t eir_len)
2936{
2937 size_t parsed = 0;
2938
2939 while (parsed < eir_len) {
2940 u8 field_len = eir[0];
2941
2942 if (field_len == 0)
2943 return parsed;
2944
2945 parsed += field_len + 1;
2946 eir += field_len + 1;
2947 }
2948
2949 return eir_len;
2950}
2951
6039aa73
GP		 2952static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
2953 struct sk_buff *skb)
1da177e4 2954{
a9de9248
MH		 2955 struct inquiry_data data;
2956 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2957 int num_rsp = *((__u8 *) skb->data);
9d939d94 2958 size_t eir_len;
1da177e4 2959
a9de9248 2960 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2961
a9de9248
MH		 2962 if (!num_rsp)
2963 return;
1da177e4 2964
1519cc17
AG		 2965 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2966 return;
2967
a9de9248
MH		 2968 hci_dev_lock(hdev);
2969
e17acd40 2970 for (; num_rsp; num_rsp--, info++) {
388fc8fa 2971 bool name_known, ssp;
561aafbc 2972
a9de9248 2973 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2974 data.pscan_rep_mode = info->pscan_rep_mode;
2975 data.pscan_period_mode = info->pscan_period_mode;
2976 data.pscan_mode = 0x00;
a9de9248 2977 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2978 data.clock_offset = info->clock_offset;
2979 data.rssi = info->rssi;
41a96212 2980 data.ssp_mode = 0x01;
561aafbc 2981
a8b2d5c2 2982 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 2983 name_known = eir_has_data_type(info->data,
04124681
GP		 2984 sizeof(info->data),
2985 EIR_NAME_COMPLETE);
561aafbc
JH		 2986 else
2987 name_known = true;
2988
388fc8fa 2989 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 2990 &ssp);
9d939d94 2991 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 2992 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 2993 info->dev_class, info->rssi, !name_known,
9d939d94 2994 ssp, info->data, eir_len);
a9de9248
MH		 2995 }
2996
2997 hci_dev_unlock(hdev);
2998}
1da177e4 2999
1c2e0041
JH		 3000static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3001 struct sk_buff *skb)
3002{
3003 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3004 struct hci_conn *conn;
3005
9f1db00c 3006 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3007 __le16_to_cpu(ev->handle));
3008
3009 hci_dev_lock(hdev);
3010
3011 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3012 if (!conn)
3013 goto unlock;
3014
3015 if (!ev->status)
3016 conn->sec_level = conn->pending_sec_level;
3017
3018 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3019
3020 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 3021 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
76a68ba0 3022 hci_conn_drop(conn);
1c2e0041
JH		 3023 goto unlock;
3024 }
3025
3026 if (conn->state == BT_CONFIG) {
3027 if (!ev->status)
3028 conn->state = BT_CONNECTED;
3029
3030 hci_proto_connect_cfm(conn, ev->status);
76a68ba0 3031 hci_conn_drop(conn);
1c2e0041
JH		 3032 } else {
3033 hci_auth_cfm(conn, ev->status);
3034
3035 hci_conn_hold(conn);
3036 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3037 hci_conn_drop(conn);
1c2e0041
JH		 3038 }
3039
3040unlock:
3041 hci_dev_unlock(hdev);
3042}
3043
6039aa73 3044static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3045{
3046 /* If remote requests dedicated bonding follow that lead */
acabae96
MA		 3047 if (conn->remote_auth == HCI_AT_DEDICATED_BONDING ||
3048 conn->remote_auth == HCI_AT_DEDICATED_BONDING_MITM) {
17fa4b9d
JH		 3049 /* If both remote and local IO capabilities allow MITM
3050 * protection then require it, otherwise don't */
acabae96
MA		 3051 if (conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT ||
3052 conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)
3053 return HCI_AT_DEDICATED_BONDING;
17fa4b9d 3054 else
acabae96 3055 return HCI_AT_DEDICATED_BONDING_MITM;
17fa4b9d
JH		 3056 }
3057
3058 /* If remote requests no-bonding follow that lead */
acabae96
MA		 3059 if (conn->remote_auth == HCI_AT_NO_BONDING ||
3060 conn->remote_auth == HCI_AT_NO_BONDING_MITM)
58797bf7 3061 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3062
3063 return conn->auth_type;
3064}
3065
6039aa73 3066static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3067{
3068 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3069 struct hci_conn *conn;
3070
3071 BT_DBG("%s", hdev->name);
3072
3073 hci_dev_lock(hdev);
3074
3075 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3076 if (!conn)
3077 goto unlock;
3078
3079 hci_conn_hold(conn);
3080
a8b2d5c2 3081 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3082 goto unlock;
3083
a8b2d5c2 3084 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3085 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3086 struct hci_cp_io_capability_reply cp;
3087
3088 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3089 /* Change the IO capability from KeyboardDisplay
3090 * to DisplayYesNo as it is not supported by BT spec. */
3091 cp.capability = (conn->io_capability == 0x04) ?
a767631a 3092 HCI_IO_DISPLAY_YESNO : conn->io_capability;
7cbc9bd9
JH		 3093 conn->auth_type = hci_get_auth_req(conn);
3094 cp.authentication = conn->auth_type;
17fa4b9d 3095
8fc9ced3
GP		 3096 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3097 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3098 cp.oob_data = 0x01;
3099 else
3100 cp.oob_data = 0x00;
3101
17fa4b9d 3102 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3103 sizeof(cp), &cp);
03b555e1
JH		 3104 } else {
3105 struct hci_cp_io_capability_neg_reply cp;
3106
3107 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3108 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3109
03b555e1 3110 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3111 sizeof(cp), &cp);
03b555e1
JH		 3112 }
3113
3114unlock:
3115 hci_dev_unlock(hdev);
3116}
3117
6039aa73 3118static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3119{
3120 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3121 struct hci_conn *conn;
3122
3123 BT_DBG("%s", hdev->name);
3124
3125 hci_dev_lock(hdev);
3126
3127 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3128 if (!conn)
3129 goto unlock;
3130
03b555e1 3131 conn->remote_cap = ev->capability;
03b555e1 3132 conn->remote_auth = ev->authentication;
58a681ef
JH		 3133 if (ev->oob_data)
3134 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3135
3136unlock:
0493684e
MH		 3137 hci_dev_unlock(hdev);
3138}
3139
6039aa73
GP		 3140static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3141 struct sk_buff *skb)
a5c29683
JH		 3142{
3143 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3144 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3145 struct hci_conn *conn;
a5c29683
JH		 3146
3147 BT_DBG("%s", hdev->name);
3148
3149 hci_dev_lock(hdev);
3150
a8b2d5c2 3151 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3152 goto unlock;
a5c29683 3153
7a828908
JH		 3154 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3155 if (!conn)
3156 goto unlock;
3157
3158 loc_mitm = (conn->auth_type & 0x01);
3159 rem_mitm = (conn->remote_auth & 0x01);
3160
3161 /* If we require MITM but the remote device can't provide that
3162 * (it has NoInputNoOutput) then reject the confirmation
3163 * request. The only exception is when we're dedicated bonding
3164 * initiators (connect_cfm_cb set) since then we always have the MITM
3165 * bit set. */
a767631a
MA		 3166 if (!conn->connect_cfm_cb && loc_mitm &&
3167 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) {
7a828908
JH		 3168 BT_DBG("Rejecting request: remote device can't provide MITM");
3169 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3170 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3171 goto unlock;
3172 }
3173
3174 /* If no side requires MITM protection; auto-accept */
a767631a
MA		 3175 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) &&
3176 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) {
55bc1a37
JH		 3177
3178 /* If we're not the initiators request authorization to
3179 * proceed from user space (mgmt_user_confirm with
3180 * confirm_hint set to 1). */
51a8efd7 3181 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3182 BT_DBG("Confirming auto-accept as acceptor");
3183 confirm_hint = 1;
3184 goto confirm;
3185 }
3186
9f61656a 3187 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3188 hdev->auto_accept_delay);
9f61656a
JH		 3189
3190 if (hdev->auto_accept_delay > 0) {
3191 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
7bc18d9d
JH		 3192 queue_delayed_work(conn->hdev->workqueue,
3193 &conn->auto_accept_work, delay);
9f61656a
JH		 3194 goto unlock;
3195 }
3196
7a828908 3197 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3198 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3199 goto unlock;
3200 }
3201
55bc1a37 3202confirm:
272d90df 3203 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3204 confirm_hint);
7a828908
JH		 3205
3206unlock:
a5c29683
JH		 3207 hci_dev_unlock(hdev);
3208}
3209
6039aa73
GP		 3210static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3211 struct sk_buff *skb)
1143d458
BG		 3212{
3213 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3214
3215 BT_DBG("%s", hdev->name);
3216
a8b2d5c2 3217 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3218 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3219}
3220
92a25256
JH		 3221static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3222 struct sk_buff *skb)
3223{
3224 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3225 struct hci_conn *conn;
3226
3227 BT_DBG("%s", hdev->name);
3228
3229 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3230 if (!conn)
3231 return;
3232
3233 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3234 conn->passkey_entered = 0;
3235
3236 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3237 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3238 conn->dst_type, conn->passkey_notify,
3239 conn->passkey_entered);
3240}
3241
3242static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3243{
3244 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3245 struct hci_conn *conn;
3246
3247 BT_DBG("%s", hdev->name);
3248
3249 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3250 if (!conn)
3251 return;
3252
3253 switch (ev->type) {
3254 case HCI_KEYPRESS_STARTED:
3255 conn->passkey_entered = 0;
3256 return;
3257
3258 case HCI_KEYPRESS_ENTERED:
3259 conn->passkey_entered++;
3260 break;
3261
3262 case HCI_KEYPRESS_ERASED:
3263 conn->passkey_entered--;
3264 break;
3265
3266 case HCI_KEYPRESS_CLEARED:
3267 conn->passkey_entered = 0;
3268 break;
3269
3270 case HCI_KEYPRESS_COMPLETED:
3271 return;
3272 }
3273
3274 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3275 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3276 conn->dst_type, conn->passkey_notify,
3277 conn->passkey_entered);
3278}
3279
6039aa73
GP		 3280static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3281 struct sk_buff *skb)
0493684e
MH		 3282{
3283 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3284 struct hci_conn *conn;
3285
3286 BT_DBG("%s", hdev->name);
3287
3288 hci_dev_lock(hdev);
3289
3290 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3291 if (!conn)
3292 goto unlock;
3293
3294 /* To avoid duplicate auth_failed events to user space we check
3295 * the HCI_CONN_AUTH_PEND flag which will be set if we
3296 * initiated the authentication. A traditional auth_complete
3297 * event gets always produced as initiator and is also mapped to
3298 * the mgmt_auth_failed event */
fa1bd918 3299 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3300 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3301 ev->status);
0493684e 3302
76a68ba0 3303 hci_conn_drop(conn);
2a611692
JH		 3304
3305unlock:
0493684e
MH		 3306 hci_dev_unlock(hdev);
3307}
3308
6039aa73
GP		 3309static void hci_remote_host_features_evt(struct hci_dev *hdev,
3310 struct sk_buff *skb)
41a96212
MH		 3311{
3312 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3313 struct inquiry_entry *ie;
cad718ed 3314 struct hci_conn *conn;
41a96212
MH		 3315
3316 BT_DBG("%s", hdev->name);
3317
3318 hci_dev_lock(hdev);
3319
cad718ed
JH		 3320 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3321 if (conn)
3322 memcpy(conn->features[1], ev->features, 8);
3323
cc11b9c1
AE		 3324 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3325 if (ie)
02b7cc62 3326 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3327
3328 hci_dev_unlock(hdev);
3329}
3330
6039aa73
GP		 3331static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3332 struct sk_buff *skb)
2763eda6
SJ		 3333{
3334 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3335 struct oob_data *data;
3336
3337 BT_DBG("%s", hdev->name);
3338
3339 hci_dev_lock(hdev);
3340
a8b2d5c2 3341 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3342 goto unlock;
3343
2763eda6
SJ		 3344 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3345 if (data) {
3346 struct hci_cp_remote_oob_data_reply cp;
3347
3348 bacpy(&cp.bdaddr, &ev->bdaddr);
3349 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3350 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3351
3352 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3353 &cp);
2763eda6
SJ		 3354 } else {
3355 struct hci_cp_remote_oob_data_neg_reply cp;
3356
3357 bacpy(&cp.bdaddr, &ev->bdaddr);
3358 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3359 &cp);
2763eda6
SJ		 3360 }
3361
e1ba1f15 3362unlock:
2763eda6
SJ		 3363 hci_dev_unlock(hdev);
3364}
3365
d5e91192
AE		 3366static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3367 struct sk_buff *skb)
3368{
3369 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3370 struct hci_conn *hcon, *bredr_hcon;
3371
3372 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3373 ev->status);
3374
3375 hci_dev_lock(hdev);
3376
3377 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3378 if (!hcon) {
3379 hci_dev_unlock(hdev);
3380 return;
3381 }
3382
3383 if (ev->status) {
3384 hci_conn_del(hcon);
3385 hci_dev_unlock(hdev);
3386 return;
3387 }
3388
3389 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3390
3391 hcon->state = BT_CONNECTED;
3392 bacpy(&hcon->dst, &bredr_hcon->dst);
3393
3394 hci_conn_hold(hcon);
3395 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
76a68ba0 3396 hci_conn_drop(hcon);
d5e91192 3397
d5e91192
AE		 3398 hci_conn_add_sysfs(hcon);
3399
cf70ff22 3400 amp_physical_cfm(bredr_hcon, hcon);
d5e91192 3401
cf70ff22 3402 hci_dev_unlock(hdev);
d5e91192
AE		 3403}
3404
27695fb4
AE		 3405static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3406{
3407 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3408 struct hci_conn *hcon;
3409 struct hci_chan *hchan;
3410 struct amp_mgr *mgr;
3411
3412 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3413 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3414 ev->status);
3415
3416 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3417 if (!hcon)
3418 return;
3419
3420 /* Create AMP hchan */
3421 hchan = hci_chan_create(hcon);
3422 if (!hchan)
3423 return;
3424
3425 hchan->handle = le16_to_cpu(ev->handle);
3426
3427 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3428
3429 mgr = hcon->amp_mgr;
3430 if (mgr && mgr->bredr_chan) {
3431 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3432
3433 l2cap_chan_lock(bredr_chan);
3434
3435 bredr_chan->conn->mtu = hdev->block_mtu;
3436 l2cap_logical_cfm(bredr_chan, hchan, 0);
3437 hci_conn_hold(hcon);
3438
3439 l2cap_chan_unlock(bredr_chan);
3440 }
3441}
3442
606e2a10
AE		 3443static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3444 struct sk_buff *skb)
3445{
3446 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3447 struct hci_chan *hchan;
3448
3449 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3450 le16_to_cpu(ev->handle), ev->status);
3451
3452 if (ev->status)
3453 return;
3454
3455 hci_dev_lock(hdev);
3456
3457 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3458 if (!hchan)
3459 goto unlock;
3460
3461 amp_destroy_logical_link(hchan, ev->reason);
3462
3463unlock:
3464 hci_dev_unlock(hdev);
3465}
3466
9eef6b3a
AE		 3467static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3468 struct sk_buff *skb)
3469{
3470 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3471 struct hci_conn *hcon;
3472
3473 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3474
3475 if (ev->status)
3476 return;
3477
3478 hci_dev_lock(hdev);
3479
3480 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3481 if (hcon) {
3482 hcon->state = BT_CLOSED;
3483 hci_conn_del(hcon);
3484 }
3485
3486 hci_dev_unlock(hdev);
3487}
3488
6039aa73 3489static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3490{
3491 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3492 struct hci_conn *conn;
3493
9f1db00c 3494 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3495
3496 hci_dev_lock(hdev);
3497
b47a09b3 3498 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3499 if (!conn) {
3500 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3501 if (!conn) {
3502 BT_ERR("No memory for new connection");
230fd16a 3503 goto unlock;
b62f328b 3504 }
29b7988a
AG		 3505
3506 conn->dst_type = ev->bdaddr_type;
b9b343d2 3507
880be4e8
MH		 3508 /* The advertising parameters for own address type
3509 * define which source address and source address
3510 * type this connections has.
3511 */
3512 if (bacmp(&conn->src, BDADDR_ANY)) {
3513 conn->src_type = ADDR_LE_DEV_PUBLIC;
3514 } else {
3515 bacpy(&conn->src, &hdev->static_addr);
3516 conn->src_type = ADDR_LE_DEV_RANDOM;
3517 }
3518
b9b343d2
AG		 3519 if (ev->role == LE_CONN_ROLE_MASTER) {
3520 conn->out = true;
3521 conn->link_mode |= HCI_LM_MASTER;
3522 }
b62f328b 3523 }
fcd89c09 3524
cd17decb
AG		 3525 if (ev->status) {
3526 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3527 conn->dst_type, ev->status);
3528 hci_proto_connect_cfm(conn, ev->status);
3529 conn->state = BT_CLOSED;
3530 hci_conn_del(conn);
3531 goto unlock;
3532 }
3533
b644ba33
JH		 3534 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3535 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3536 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3537
7b5c0d52 3538 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3539 conn->handle = __le16_to_cpu(ev->handle);
3540 conn->state = BT_CONNECTED;
3541
fcd89c09
VT		 3542 hci_conn_add_sysfs(conn);
3543
3544 hci_proto_connect_cfm(conn, ev->status);
3545
3546unlock:
3547 hci_dev_unlock(hdev);
3548}
3549
6039aa73 3550static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3551{
e95beb41
AG		 3552 u8 num_reports = skb->data[0];
3553 void *ptr = &skb->data[1];
3c9e9195 3554 s8 rssi;
9aa04c91 3555
e95beb41
AG		 3556 while (num_reports--) {
3557 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3558
3c9e9195
AG		 3559 rssi = ev->data[ev->length];
3560 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3561 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3562
e95beb41 3563 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91 3564 }
9aa04c91
AG		 3565}
3566
6039aa73 3567static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3568{
3569 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3570 struct hci_cp_le_ltk_reply cp;
bea710fe 3571 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3572 struct hci_conn *conn;
c9839a11 3573 struct smp_ltk *ltk;
a7a595f6 3574
9f1db00c 3575 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3576
3577 hci_dev_lock(hdev);
3578
3579 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3580 if (conn == NULL)
3581 goto not_found;
a7a595f6 3582
bea710fe
VCG		 3583 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3584 if (ltk == NULL)
3585 goto not_found;
3586
3587 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3588 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3589
3590 if (ltk->authenticated)
f8776218
AG		 3591 conn->pending_sec_level = BT_SECURITY_HIGH;
3592 else
3593 conn->pending_sec_level = BT_SECURITY_MEDIUM;
a7a595f6 3594
89cbb4da 3595 conn->enc_key_size = ltk->enc_size;
a7a595f6
VCG		 3596
3597 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3598
c9839a11
VCG		 3599 if (ltk->type & HCI_SMP_STK) {
3600 list_del(&ltk->list);
3601 kfree(ltk);
3602 }
3603
a7a595f6 3604 hci_dev_unlock(hdev);
bea710fe
VCG		 3605
3606 return;
3607
3608not_found:
3609 neg.handle = ev->handle;
3610 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3611 hci_dev_unlock(hdev);
a7a595f6
VCG		 3612}
3613
6039aa73 3614static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3615{
3616 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3617
3618 skb_pull(skb, sizeof(*le_ev));
3619
3620 switch (le_ev->subevent) {
3621 case HCI_EV_LE_CONN_COMPLETE:
3622 hci_le_conn_complete_evt(hdev, skb);
3623 break;
3624
9aa04c91
AG		 3625 case HCI_EV_LE_ADVERTISING_REPORT:
3626 hci_le_adv_report_evt(hdev, skb);
3627 break;
3628
a7a595f6
VCG		 3629 case HCI_EV_LE_LTK_REQ:
3630 hci_le_ltk_request_evt(hdev, skb);
3631 break;
3632
fcd89c09
VT		 3633 default:
3634 break;
3635 }
3636}
3637
9495b2ee
AE		 3638static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3639{
3640 struct hci_ev_channel_selected *ev = (void *) skb->data;
3641 struct hci_conn *hcon;
3642
3643 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3644
3645 skb_pull(skb, sizeof(*ev));
3646
3647 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3648 if (!hcon)
3649 return;
3650
3651 amp_read_loc_assoc_final_data(hdev, hcon);
3652}
3653
a9de9248
MH		 3654void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3655{
3656 struct hci_event_hdr *hdr = (void *) skb->data;
3657 __u8 event = hdr->evt;
3658
b6ddb638
JH		 3659 hci_dev_lock(hdev);
3660
3661 /* Received events are (currently) only needed when a request is
3662 * ongoing so avoid unnecessary memory allocation.
3663 */
3664 if (hdev->req_status == HCI_REQ_PEND) {
3665 kfree_skb(hdev->recv_evt);
3666 hdev->recv_evt = skb_clone(skb, GFP_KERNEL);
3667 }
3668
3669 hci_dev_unlock(hdev);
3670
a9de9248
MH		 3671 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3672
02350a72 3673 if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->req.event == event) {
c1f23a2b
JB		 3674 struct hci_command_hdr *cmd_hdr = (void *) hdev->sent_cmd->data;
3675 u16 opcode = __le16_to_cpu(cmd_hdr->opcode);
02350a72
JH		 3676
3677 hci_req_cmd_complete(hdev, opcode, 0);
3678 }
3679
a9de9248 3680 switch (event) {
1da177e4
LT		 3681 case HCI_EV_INQUIRY_COMPLETE:
3682 hci_inquiry_complete_evt(hdev, skb);
3683 break;
3684
3685 case HCI_EV_INQUIRY_RESULT:
3686 hci_inquiry_result_evt(hdev, skb);
3687 break;
3688
a9de9248
MH		 3689 case HCI_EV_CONN_COMPLETE:
3690 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3691 break;
3692
1da177e4
LT		 3693 case HCI_EV_CONN_REQUEST:
3694 hci_conn_request_evt(hdev, skb);
3695 break;
3696
1da177e4
LT		 3697 case HCI_EV_DISCONN_COMPLETE:
3698 hci_disconn_complete_evt(hdev, skb);
3699 break;
3700
1da177e4
LT		 3701 case HCI_EV_AUTH_COMPLETE:
3702 hci_auth_complete_evt(hdev, skb);
3703 break;
3704
a9de9248
MH		 3705 case HCI_EV_REMOTE_NAME:
3706 hci_remote_name_evt(hdev, skb);
3707 break;
3708
1da177e4
LT		 3709 case HCI_EV_ENCRYPT_CHANGE:
3710 hci_encrypt_change_evt(hdev, skb);
3711 break;
3712
a9de9248
MH		 3713 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3714 hci_change_link_key_complete_evt(hdev, skb);
3715 break;
3716
3717 case HCI_EV_REMOTE_FEATURES:
3718 hci_remote_features_evt(hdev, skb);
3719 break;
3720
a9de9248
MH		 3721 case HCI_EV_CMD_COMPLETE:
3722 hci_cmd_complete_evt(hdev, skb);
3723 break;
3724
3725 case HCI_EV_CMD_STATUS:
3726 hci_cmd_status_evt(hdev, skb);
3727 break;
3728
3729 case HCI_EV_ROLE_CHANGE:
3730 hci_role_change_evt(hdev, skb);
3731 break;
3732
3733 case HCI_EV_NUM_COMP_PKTS:
3734 hci_num_comp_pkts_evt(hdev, skb);
3735 break;
3736
3737 case HCI_EV_MODE_CHANGE:
3738 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3739 break;
3740
3741 case HCI_EV_PIN_CODE_REQ:
3742 hci_pin_code_request_evt(hdev, skb);
3743 break;
3744
3745 case HCI_EV_LINK_KEY_REQ:
3746 hci_link_key_request_evt(hdev, skb);
3747 break;
3748
3749 case HCI_EV_LINK_KEY_NOTIFY:
3750 hci_link_key_notify_evt(hdev, skb);
3751 break;
3752
3753 case HCI_EV_CLOCK_OFFSET:
3754 hci_clock_offset_evt(hdev, skb);
3755 break;
3756
a8746417
MH		 3757 case HCI_EV_PKT_TYPE_CHANGE:
3758 hci_pkt_type_change_evt(hdev, skb);
3759 break;
3760
85a1e930
MH		 3761 case HCI_EV_PSCAN_REP_MODE:
3762 hci_pscan_rep_mode_evt(hdev, skb);
3763 break;
3764
a9de9248
MH		 3765 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3766 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3767 break;
3768
a9de9248
MH		 3769 case HCI_EV_REMOTE_EXT_FEATURES:
3770 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3771 break;
3772
a9de9248
MH		 3773 case HCI_EV_SYNC_CONN_COMPLETE:
3774 hci_sync_conn_complete_evt(hdev, skb);
3775 break;
1da177e4 3776
a9de9248
MH		 3777 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3778 hci_extended_inquiry_result_evt(hdev, skb);
3779 break;
1da177e4 3780
1c2e0041
JH		 3781 case HCI_EV_KEY_REFRESH_COMPLETE:
3782 hci_key_refresh_complete_evt(hdev, skb);
3783 break;
3784
0493684e
MH		 3785 case HCI_EV_IO_CAPA_REQUEST:
3786 hci_io_capa_request_evt(hdev, skb);
3787 break;
3788
03b555e1
JH		 3789 case HCI_EV_IO_CAPA_REPLY:
3790 hci_io_capa_reply_evt(hdev, skb);
3791 break;
3792
a5c29683
JH		 3793 case HCI_EV_USER_CONFIRM_REQUEST:
3794 hci_user_confirm_request_evt(hdev, skb);
3795 break;
3796
1143d458
BG		 3797 case HCI_EV_USER_PASSKEY_REQUEST:
3798 hci_user_passkey_request_evt(hdev, skb);
3799 break;
3800
92a25256
JH		 3801 case HCI_EV_USER_PASSKEY_NOTIFY:
3802 hci_user_passkey_notify_evt(hdev, skb);
3803 break;
3804
3805 case HCI_EV_KEYPRESS_NOTIFY:
3806 hci_keypress_notify_evt(hdev, skb);
3807 break;
3808
0493684e
MH		 3809 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3810 hci_simple_pair_complete_evt(hdev, skb);
3811 break;
3812
41a96212
MH		 3813 case HCI_EV_REMOTE_HOST_FEATURES:
3814 hci_remote_host_features_evt(hdev, skb);
3815 break;
3816
fcd89c09
VT		 3817 case HCI_EV_LE_META:
3818 hci_le_meta_evt(hdev, skb);
3819 break;
3820
9495b2ee
AE		 3821 case HCI_EV_CHANNEL_SELECTED:
3822 hci_chan_selected_evt(hdev, skb);
3823 break;
3824
2763eda6
SJ		 3825 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3826 hci_remote_oob_data_request_evt(hdev, skb);
3827 break;
3828
d5e91192
AE		 3829 case HCI_EV_PHY_LINK_COMPLETE:
3830 hci_phy_link_complete_evt(hdev, skb);
3831 break;
3832
27695fb4
AE		 3833 case HCI_EV_LOGICAL_LINK_COMPLETE:
3834 hci_loglink_complete_evt(hdev, skb);
3835 break;
3836
606e2a10
AE		 3837 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
3838 hci_disconn_loglink_complete_evt(hdev, skb);
3839 break;
3840
9eef6b3a
AE		 3841 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
3842 hci_disconn_phylink_complete_evt(hdev, skb);
3843 break;
3844
25e89e99
AE		 3845 case HCI_EV_NUM_COMP_BLOCKS:
3846 hci_num_comp_blocks_evt(hdev, skb);
3847 break;
3848
a9de9248 3849 default:
9f1db00c 3850 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3851 break;
3852 }
3853
3854 kfree_skb(skb);
3855 hdev->stat.evt_rx++;
3856}
Ubuntu Artful kernel mirror