]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blame - net/bluetooth/mgmt.c
projects / mirror_ubuntu-zesty-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Do not dereference zero sk
[mirror_ubuntu-zesty-kernel.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23/* Bluetooth HCI Management interface */
24
ca69b795 25#include <linux/kernel.h>
72359753 26#include <linux/uaccess.h>
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
02d98129
JH		 35#define MGMT_VERSION 0
36#define MGMT_REVISION 1
37
e70bb2e8
JH		 38static const u16 mgmt_commands[] = {
39 MGMT_OP_READ_INDEX_LIST,
40 MGMT_OP_READ_INFO,
41 MGMT_OP_SET_POWERED,
42 MGMT_OP_SET_DISCOVERABLE,
43 MGMT_OP_SET_CONNECTABLE,
44 MGMT_OP_SET_FAST_CONNECTABLE,
45 MGMT_OP_SET_PAIRABLE,
46 MGMT_OP_SET_LINK_SECURITY,
47 MGMT_OP_SET_SSP,
48 MGMT_OP_SET_HS,
49 MGMT_OP_SET_LE,
50 MGMT_OP_SET_DEV_CLASS,
51 MGMT_OP_SET_LOCAL_NAME,
52 MGMT_OP_ADD_UUID,
53 MGMT_OP_REMOVE_UUID,
54 MGMT_OP_LOAD_LINK_KEYS,
55 MGMT_OP_LOAD_LONG_TERM_KEYS,
56 MGMT_OP_DISCONNECT,
57 MGMT_OP_GET_CONNECTIONS,
58 MGMT_OP_PIN_CODE_REPLY,
59 MGMT_OP_PIN_CODE_NEG_REPLY,
60 MGMT_OP_SET_IO_CAPABILITY,
61 MGMT_OP_PAIR_DEVICE,
62 MGMT_OP_CANCEL_PAIR_DEVICE,
63 MGMT_OP_UNPAIR_DEVICE,
64 MGMT_OP_USER_CONFIRM_REPLY,
65 MGMT_OP_USER_CONFIRM_NEG_REPLY,
66 MGMT_OP_USER_PASSKEY_REPLY,
67 MGMT_OP_USER_PASSKEY_NEG_REPLY,
68 MGMT_OP_READ_LOCAL_OOB_DATA,
69 MGMT_OP_ADD_REMOTE_OOB_DATA,
70 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
71 MGMT_OP_START_DISCOVERY,
72 MGMT_OP_STOP_DISCOVERY,
73 MGMT_OP_CONFIRM_NAME,
74 MGMT_OP_BLOCK_DEVICE,
75 MGMT_OP_UNBLOCK_DEVICE,
76};
77
78static const u16 mgmt_events[] = {
79 MGMT_EV_CONTROLLER_ERROR,
80 MGMT_EV_INDEX_ADDED,
81 MGMT_EV_INDEX_REMOVED,
82 MGMT_EV_NEW_SETTINGS,
83 MGMT_EV_CLASS_OF_DEV_CHANGED,
84 MGMT_EV_LOCAL_NAME_CHANGED,
85 MGMT_EV_NEW_LINK_KEY,
86 MGMT_EV_NEW_LONG_TERM_KEY,
87 MGMT_EV_DEVICE_CONNECTED,
88 MGMT_EV_DEVICE_DISCONNECTED,
89 MGMT_EV_CONNECT_FAILED,
90 MGMT_EV_PIN_CODE_REQUEST,
91 MGMT_EV_USER_CONFIRM_REQUEST,
92 MGMT_EV_USER_PASSKEY_REQUEST,
93 MGMT_EV_AUTH_FAILED,
94 MGMT_EV_DEVICE_FOUND,
95 MGMT_EV_DISCOVERING,
96 MGMT_EV_DEVICE_BLOCKED,
97 MGMT_EV_DEVICE_UNBLOCKED,
98 MGMT_EV_DEVICE_UNPAIRED,
99};
100
3fd24153
AG		 101/*
102 * These LE scan and inquiry parameters were chosen according to LE General
103 * Discovery Procedure specification.
104 */
105#define LE_SCAN_TYPE 0x01
106#define LE_SCAN_WIN 0x12
107#define LE_SCAN_INT 0x12
108#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
109
e8777525 110#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
2519a1fc 111
7d78525d
JH		 112#define SERVICE_CACHE_TIMEOUT (5 * 1000)
113
eec8d2bc
JH		 114struct pending_cmd {
115 struct list_head list;
fc2f4b13 116 u16 opcode;
eec8d2bc 117 int index;
c68fb7ff 118 void *param;
eec8d2bc 119 struct sock *sk;
e9a416b5 120 void *user_data;
eec8d2bc
JH		 121};
122
ca69b795
JH		 123/* HCI to MGMT error code conversion table */
124static u8 mgmt_status_table[] = {
125 MGMT_STATUS_SUCCESS,
126 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
127 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
128 MGMT_STATUS_FAILED, /* Hardware Failure */
129 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
130 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
131 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
132 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
133 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
134 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
135 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
136 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
137 MGMT_STATUS_BUSY, /* Command Disallowed */
138 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
139 MGMT_STATUS_REJECTED, /* Rejected Security */
140 MGMT_STATUS_REJECTED, /* Rejected Personal */
141 MGMT_STATUS_TIMEOUT, /* Host Timeout */
142 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
143 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
144 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
145 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
146 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
147 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
148 MGMT_STATUS_BUSY, /* Repeated Attempts */
149 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
150 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
152 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
153 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
154 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
155 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
156 MGMT_STATUS_FAILED, /* Unspecified Error */
157 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
158 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
159 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
160 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
161 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
162 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
163 MGMT_STATUS_FAILED, /* Unit Link Key Used */
164 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
165 MGMT_STATUS_TIMEOUT, /* Instant Passed */
166 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
167 MGMT_STATUS_FAILED, /* Transaction Collision */
168 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
169 MGMT_STATUS_REJECTED, /* QoS Rejected */
170 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
171 MGMT_STATUS_REJECTED, /* Insufficient Security */
172 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
173 MGMT_STATUS_BUSY, /* Role Switch Pending */
174 MGMT_STATUS_FAILED, /* Slot Violation */
175 MGMT_STATUS_FAILED, /* Role Switch Failed */
176 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
177 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
178 MGMT_STATUS_BUSY, /* Host Busy Pairing */
179 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
180 MGMT_STATUS_BUSY, /* Controller Busy */
181 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
182 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
183 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
184 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
185 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
186};
187
188static u8 mgmt_status(u8 hci_status)
189{
190 if (hci_status < ARRAY_SIZE(mgmt_status_table))
191 return mgmt_status_table[hci_status];
192
193 return MGMT_STATUS_FAILED;
194}
195
4e51eae9 196static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 197{
198 struct sk_buff *skb;
199 struct mgmt_hdr *hdr;
200 struct mgmt_ev_cmd_status *ev;
56b7d137 201 int err;
f7b64e69 202
34eb525c 203 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 204
205 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
206 if (!skb)
207 return -ENOMEM;
208
209 hdr = (void *) skb_put(skb, sizeof(*hdr));
210
211 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 212 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 213 hdr->len = cpu_to_le16(sizeof(*ev));
214
215 ev = (void *) skb_put(skb, sizeof(*ev));
216 ev->status = status;
217 put_unaligned_le16(cmd, &ev->opcode);
218
56b7d137
GP		 219 err = sock_queue_rcv_skb(sk, skb);
220 if (err < 0)
f7b64e69
JH		 221 kfree_skb(skb);
222
56b7d137 223 return err;
f7b64e69
JH		 224}
225
4e51eae9
SJ		 226static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
227 size_t rp_len)
02d98129
JH		 228{
229 struct sk_buff *skb;
230 struct mgmt_hdr *hdr;
231 struct mgmt_ev_cmd_complete *ev;
56b7d137 232 int err;
02d98129
JH		 233
234 BT_DBG("sock %p", sk);
235
a38528f1 236 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 237 if (!skb)
238 return -ENOMEM;
239
240 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 241
a38528f1 242 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 243 hdr->index = cpu_to_le16(index);
a38528f1 244 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 245
a38528f1
JH		 246 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
247 put_unaligned_le16(cmd, &ev->opcode);
8020c16a
SJ		 248
249 if (rp)
250 memcpy(ev->data, rp, rp_len);
02d98129 251
56b7d137
GP		 252 err = sock_queue_rcv_skb(sk, skb);
253 if (err < 0)
02d98129
JH		 254 kfree_skb(skb);
255
56b7d137 256 return err;;
02d98129
JH		 257}
258
a38528f1
JH		 259static int read_version(struct sock *sk)
260{
261 struct mgmt_rp_read_version rp;
262
263 BT_DBG("sock %p", sk);
264
265 rp.version = MGMT_VERSION;
266 put_unaligned_le16(MGMT_REVISION, &rp.revision);
267
4e51eae9
SJ		 268 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
269 sizeof(rp));
a38528f1
JH		 270}
271
e70bb2e8
JH		 272static int read_commands(struct sock *sk)
273{
274 struct mgmt_rp_read_commands *rp;
275 u16 num_commands = ARRAY_SIZE(mgmt_commands);
276 u16 num_events = ARRAY_SIZE(mgmt_events);
277 u16 *opcode;
278 size_t rp_size;
279 int i, err;
280
281 BT_DBG("sock %p", sk);
282
283 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
284
285 rp = kmalloc(rp_size, GFP_KERNEL);
286 if (!rp)
287 return -ENOMEM;
288
289 put_unaligned_le16(num_commands, &rp->num_commands);
290 put_unaligned_le16(num_events, &rp->num_events);
291
292 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
293 put_unaligned_le16(mgmt_commands[i], opcode);
294
295 for (i = 0; i < num_events; i++, opcode++)
296 put_unaligned_le16(mgmt_events[i], opcode);
297
298 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, rp,
299 rp_size);
300 kfree(rp);
301
302 return err;
303}
304
faba42eb
JH		 305static int read_index_list(struct sock *sk)
306{
faba42eb
JH		 307 struct mgmt_rp_read_index_list *rp;
308 struct list_head *p;
8035ded4 309 struct hci_dev *d;
a38528f1 310 size_t rp_len;
faba42eb 311 u16 count;
a38528f1 312 int i, err;
faba42eb
JH		 313
314 BT_DBG("sock %p", sk);
315
316 read_lock(&hci_dev_list_lock);
317
318 count = 0;
319 list_for_each(p, &hci_dev_list) {
320 count++;
321 }
322
a38528f1
JH		 323 rp_len = sizeof(*rp) + (2 * count);
324 rp = kmalloc(rp_len, GFP_ATOMIC);
325 if (!rp) {
b2c60d42 326 read_unlock(&hci_dev_list_lock);
faba42eb 327 return -ENOMEM;
b2c60d42 328 }
faba42eb 329
faba42eb
JH		 330 put_unaligned_le16(count, &rp->num_controllers);
331
332 i = 0;
8035ded4 333 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 334 if (test_and_clear_bit(HCI_AUTO_OFF, &d->dev_flags))
e0f9309f 335 cancel_delayed_work(&d->power_off);
ab81cbf9 336
a8b2d5c2 337 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 338 continue;
339
faba42eb
JH		 340 put_unaligned_le16(d->id, &rp->index[i++]);
341 BT_DBG("Added hci%u", d->id);
342 }
343
344 read_unlock(&hci_dev_list_lock);
345
4e51eae9
SJ		 346 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
347 rp_len);
faba42eb 348
a38528f1
JH		 349 kfree(rp);
350
351 return err;
faba42eb
JH		 352}
353
69ab39ea
JH		 354static u32 get_supported_settings(struct hci_dev *hdev)
355{
356 u32 settings = 0;
357
358 settings |= MGMT_SETTING_POWERED;
359 settings |= MGMT_SETTING_CONNECTABLE;
360 settings |= MGMT_SETTING_FAST_CONNECTABLE;
361 settings |= MGMT_SETTING_DISCOVERABLE;
362 settings |= MGMT_SETTING_PAIRABLE;
363
364 if (hdev->features[6] & LMP_SIMPLE_PAIR)
365 settings |= MGMT_SETTING_SSP;
366
367 if (!(hdev->features[4] & LMP_NO_BREDR)) {
368 settings |= MGMT_SETTING_BREDR;
369 settings |= MGMT_SETTING_LINK_SECURITY;
370 }
371
372 if (hdev->features[4] & LMP_LE)
373 settings |= MGMT_SETTING_LE;
374
375 return settings;
376}
377
378static u32 get_current_settings(struct hci_dev *hdev)
379{
380 u32 settings = 0;
381
382 if (test_bit(HCI_UP, &hdev->flags))
383 settings |= MGMT_SETTING_POWERED;
384 else
385 return settings;
386
387 if (test_bit(HCI_PSCAN, &hdev->flags))
388 settings |= MGMT_SETTING_CONNECTABLE;
389
390 if (test_bit(HCI_ISCAN, &hdev->flags))
391 settings |= MGMT_SETTING_DISCOVERABLE;
392
a8b2d5c2 393 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 394 settings |= MGMT_SETTING_PAIRABLE;
395
396 if (!(hdev->features[4] & LMP_NO_BREDR))
397 settings |= MGMT_SETTING_BREDR;
398
59e29406 399 if (hdev->host_features[0] & LMP_HOST_LE)
69ab39ea
JH		 400 settings |= MGMT_SETTING_LE;
401
402 if (test_bit(HCI_AUTH, &hdev->flags))
403 settings |= MGMT_SETTING_LINK_SECURITY;
404
84bde9d6 405 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 406 settings |= MGMT_SETTING_SSP;
407
408 return settings;
409}
410
ef580372
JH		 411#define PNP_INFO_SVCLASS_ID 0x1200
412
413static u8 bluetooth_base_uuid[] = {
414 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
415 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
416};
417
418static u16 get_uuid16(u8 *uuid128)
419{
420 u32 val;
421 int i;
422
423 for (i = 0; i < 12; i++) {
424 if (bluetooth_base_uuid[i] != uuid128[i])
425 return 0;
426 }
427
428 memcpy(&val, &uuid128[12], 4);
429
430 val = le32_to_cpu(val);
431 if (val > 0xffff)
432 return 0;
433
434 return (u16) val;
435}
436
437static void create_eir(struct hci_dev *hdev, u8 *data)
438{
439 u8 *ptr = data;
440 u16 eir_len = 0;
441 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
442 int i, truncated = 0;
443 struct bt_uuid *uuid;
444 size_t name_len;
445
446 name_len = strlen(hdev->dev_name);
447
448 if (name_len > 0) {
449 /* EIR Data type */
450 if (name_len > 48) {
451 name_len = 48;
452 ptr[1] = EIR_NAME_SHORT;
453 } else
454 ptr[1] = EIR_NAME_COMPLETE;
455
456 /* EIR Data length */
457 ptr[0] = name_len + 1;
458
459 memcpy(ptr + 2, hdev->dev_name, name_len);
460
461 eir_len += (name_len + 2);
462 ptr += (name_len + 2);
463 }
464
465 memset(uuid16_list, 0, sizeof(uuid16_list));
466
467 /* Group all UUID16 types */
468 list_for_each_entry(uuid, &hdev->uuids, list) {
469 u16 uuid16;
470
471 uuid16 = get_uuid16(uuid->uuid);
472 if (uuid16 == 0)
473 return;
474
475 if (uuid16 < 0x1100)
476 continue;
477
478 if (uuid16 == PNP_INFO_SVCLASS_ID)
479 continue;
480
481 /* Stop if not enough space to put next UUID */
482 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
483 truncated = 1;
484 break;
485 }
486
487 /* Check for duplicates */
488 for (i = 0; uuid16_list[i] != 0; i++)
489 if (uuid16_list[i] == uuid16)
490 break;
491
492 if (uuid16_list[i] == 0) {
493 uuid16_list[i] = uuid16;
494 eir_len += sizeof(u16);
495 }
496 }
497
498 if (uuid16_list[0] != 0) {
499 u8 *length = ptr;
500
501 /* EIR Data type */
502 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
503
504 ptr += 2;
505 eir_len += 2;
506
507 for (i = 0; uuid16_list[i] != 0; i++) {
508 *ptr++ = (uuid16_list[i] & 0x00ff);
509 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
510 }
511
512 /* EIR Data length */
513 *length = (i * sizeof(u16)) + 1;
514 }
515}
516
517static int update_eir(struct hci_dev *hdev)
518{
519 struct hci_cp_write_eir cp;
520
521 if (!(hdev->features[6] & LMP_EXT_INQ))
522 return 0;
523
84bde9d6 524 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 525 return 0;
526
a8b2d5c2 527 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 528 return 0;
529
530 memset(&cp, 0, sizeof(cp));
531
532 create_eir(hdev, cp.data);
533
534 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
535 return 0;
536
537 memcpy(hdev->eir, cp.data, sizeof(cp.data));
538
539 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
540}
541
542static u8 get_service_classes(struct hci_dev *hdev)
543{
544 struct bt_uuid *uuid;
545 u8 val = 0;
546
547 list_for_each_entry(uuid, &hdev->uuids, list)
548 val |= uuid->svc_hint;
549
550 return val;
551}
552
553static int update_class(struct hci_dev *hdev)
554{
555 u8 cod[3];
556
557 BT_DBG("%s", hdev->name);
558
a8b2d5c2 559 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 560 return 0;
561
562 cod[0] = hdev->minor_class;
563 cod[1] = hdev->major_class;
564 cod[2] = get_service_classes(hdev);
565
566 if (memcmp(cod, hdev->dev_class, 3) == 0)
567 return 0;
568
569 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
570}
571
7d78525d
JH		 572static void service_cache_off(struct work_struct *work)
573{
574 struct hci_dev *hdev = container_of(work, struct hci_dev,
575 service_cache.work);
576
a8b2d5c2 577 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 578 return;
579
580 hci_dev_lock(hdev);
581
582 update_eir(hdev);
583 update_class(hdev);
584
585 hci_dev_unlock(hdev);
586}
587
588static void mgmt_init_hdev(struct hci_dev *hdev)
589{
a8b2d5c2 590 if (!test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
7d78525d
JH		 591 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
592
a8b2d5c2 593 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 594 schedule_delayed_work(&hdev->service_cache,
595 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
596}
597
4e51eae9 598static int read_controller_info(struct sock *sk, u16 index)
0381101f 599{
a38528f1 600 struct mgmt_rp_read_info rp;
f7b64e69 601 struct hci_dev *hdev;
0381101f 602
4e51eae9 603 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 604
4e51eae9 605 hdev = hci_dev_get(index);
a38528f1 606 if (!hdev)
ca69b795
JH		 607 return cmd_status(sk, index, MGMT_OP_READ_INFO,
608 MGMT_STATUS_INVALID_PARAMS);
f7b64e69 609
a8b2d5c2 610 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags))
3243553f 611 cancel_delayed_work_sync(&hdev->power_off);
ab81cbf9 612
09fd0de5 613 hci_dev_lock(hdev);
f7b64e69 614
7d78525d
JH		 615 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
616 mgmt_init_hdev(hdev);
ebc99feb 617
dc4fe30b
JH		 618 memset(&rp, 0, sizeof(rp));
619
69ab39ea 620 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 621
69ab39ea 622 rp.version = hdev->hci_ver;
f7b64e69 623
69ab39ea
JH		 624 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
625
626 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
627 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 628
a38528f1 629 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 630
dc4fe30b
JH		 631 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
632
09fd0de5 633 hci_dev_unlock(hdev);
f7b64e69 634 hci_dev_put(hdev);
0381101f 635
4e51eae9 636 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
0381101f
JH		 637}
638
eec8d2bc
JH		 639static void mgmt_pending_free(struct pending_cmd *cmd)
640{
641 sock_put(cmd->sk);
c68fb7ff 642 kfree(cmd->param);
eec8d2bc
JH		 643 kfree(cmd);
644}
645
366a0336 646static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
2e58ef3e
JH		 647 struct hci_dev *hdev,
648 void *data, u16 len)
eec8d2bc
JH		 649{
650 struct pending_cmd *cmd;
651
652 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
653 if (!cmd)
366a0336 654 return NULL;
eec8d2bc
JH		 655
656 cmd->opcode = opcode;
2e58ef3e 657 cmd->index = hdev->id;
eec8d2bc 658
c68fb7ff
SJ		 659 cmd->param = kmalloc(len, GFP_ATOMIC);
660 if (!cmd->param) {
eec8d2bc 661 kfree(cmd);
366a0336 662 return NULL;
eec8d2bc
JH		 663 }
664
8fce6357
SJ		 665 if (data)
666 memcpy(cmd->param, data, len);
eec8d2bc
JH		 667
668 cmd->sk = sk;
669 sock_hold(sk);
670
2e58ef3e 671 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 672
366a0336 673 return cmd;
eec8d2bc
JH		 674}
675
744cf19e 676static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
eec8d2bc
JH		 677 void (*cb)(struct pending_cmd *cmd, void *data),
678 void *data)
679{
680 struct list_head *p, *n;
681
2e58ef3e 682 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 683 struct pending_cmd *cmd;
684
685 cmd = list_entry(p, struct pending_cmd, list);
686
b24752fe 687 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 688 continue;
689
eec8d2bc
JH		 690 cb(cmd, data);
691 }
692}
693
2e58ef3e 694static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 695{
8035ded4 696 struct pending_cmd *cmd;
eec8d2bc 697
2e58ef3e 698 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 699 if (cmd->opcode == opcode)
700 return cmd;
eec8d2bc
JH		 701 }
702
703 return NULL;
704}
705
a664b5bc 706static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 707{
73f22f62
JH		 708 list_del(&cmd->list);
709 mgmt_pending_free(cmd);
710}
711
69ab39ea 712static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 713{
69ab39ea 714 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 715
69ab39ea 716 return cmd_complete(sk, hdev->id, opcode, &settings, sizeof(settings));
8680570b
JH		 717}
718
650f726d 719static int set_powered(struct sock *sk, u16 index, void *data, u16 len)
eec8d2bc 720{
650f726d 721 struct mgmt_mode *cp = data;
eec8d2bc 722 struct hci_dev *hdev;
366a0336 723 struct pending_cmd *cmd;
366a0336 724 int err, up;
eec8d2bc 725
4e51eae9 726 BT_DBG("request for hci%u", index);
eec8d2bc 727
bdce7baf 728 if (len != sizeof(*cp))
ca69b795
JH		 729 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
730 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 731
4e51eae9 732 hdev = hci_dev_get(index);
eec8d2bc 733 if (!hdev)
ca69b795
JH		 734 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
735 MGMT_STATUS_INVALID_PARAMS);
eec8d2bc 736
09fd0de5 737 hci_dev_lock(hdev);
eec8d2bc
JH		 738
739 up = test_bit(HCI_UP, &hdev->flags);
72a734ec 740 if ((cp->val && up) || (!cp->val && !up)) {
69ab39ea 741 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 742 goto failed;
743 }
744
2e58ef3e 745 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
ca69b795
JH		 746 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
747 MGMT_STATUS_BUSY);
eec8d2bc
JH		 748 goto failed;
749 }
750
2e58ef3e 751 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 752 if (!cmd) {
753 err = -ENOMEM;
eec8d2bc 754 goto failed;
366a0336 755 }
eec8d2bc 756
72a734ec 757 if (cp->val)
7f971041 758 schedule_work(&hdev->power_on);
eec8d2bc 759 else
80b7ab33 760 schedule_work(&hdev->power_off.work);
eec8d2bc 761
366a0336 762 err = 0;
eec8d2bc
JH		 763
764failed:
09fd0de5 765 hci_dev_unlock(hdev);
eec8d2bc 766 hci_dev_put(hdev);
366a0336 767 return err;
eec8d2bc
JH		 768}
769
650f726d 770static int set_discoverable(struct sock *sk, u16 index, void *data, u16 len)
73f22f62 771{
650f726d 772 struct mgmt_cp_set_discoverable *cp = data;
73f22f62 773 struct hci_dev *hdev;
366a0336 774 struct pending_cmd *cmd;
73f22f62
JH		 775 u8 scan;
776 int err;
777
4e51eae9 778 BT_DBG("request for hci%u", index);
73f22f62 779
bdce7baf 780 if (len != sizeof(*cp))
ca69b795
JH		 781 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
782 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 783
4e51eae9 784 hdev = hci_dev_get(index);
73f22f62 785 if (!hdev)
ca69b795
JH		 786 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
787 MGMT_STATUS_INVALID_PARAMS);
73f22f62 788
09fd0de5 789 hci_dev_lock(hdev);
73f22f62
JH		 790
791 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 792 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
793 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 794 goto failed;
795 }
796
2e58ef3e
JH		 797 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
798 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 799 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
800 MGMT_STATUS_BUSY);
73f22f62
JH		 801 goto failed;
802 }
803
72a734ec 804 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
73f22f62 805 test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 806 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 807 goto failed;
808 }
809
2e58ef3e 810 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 811 if (!cmd) {
812 err = -ENOMEM;
73f22f62 813 goto failed;
366a0336 814 }
73f22f62
JH		 815
816 scan = SCAN_PAGE;
817
72a734ec 818 if (cp->val)
73f22f62 819 scan |= SCAN_INQUIRY;
16ab91ab 820 else
e0f9309f 821 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 822
823 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
824 if (err < 0)
a664b5bc 825 mgmt_pending_remove(cmd);
73f22f62 826
16ab91ab
JH		 827 if (cp->val)
828 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
829
73f22f62 830failed:
09fd0de5 831 hci_dev_unlock(hdev);
73f22f62
JH		 832 hci_dev_put(hdev);
833
834 return err;
835}
836
650f726d 837static int set_connectable(struct sock *sk, u16 index, void *data, u16 len)
9fbcbb45 838{
650f726d 839 struct mgmt_mode *cp = data;
9fbcbb45 840 struct hci_dev *hdev;
366a0336 841 struct pending_cmd *cmd;
9fbcbb45
JH		 842 u8 scan;
843 int err;
844
4e51eae9 845 BT_DBG("request for hci%u", index);
9fbcbb45 846
bdce7baf 847 if (len != sizeof(*cp))
ca69b795
JH		 848 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
849 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 850
4e51eae9 851 hdev = hci_dev_get(index);
9fbcbb45 852 if (!hdev)
ca69b795
JH		 853 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
854 MGMT_STATUS_INVALID_PARAMS);
9fbcbb45 855
09fd0de5 856 hci_dev_lock(hdev);
9fbcbb45
JH		 857
858 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 859 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
860 MGMT_STATUS_NOT_POWERED);
9fbcbb45
JH		 861 goto failed;
862 }
863
2e58ef3e
JH		 864 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
865 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
ca69b795
JH		 866 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
867 MGMT_STATUS_BUSY);
9fbcbb45
JH		 868 goto failed;
869 }
870
72a734ec 871 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 872 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 873 goto failed;
874 }
875
2e58ef3e 876 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 877 if (!cmd) {
878 err = -ENOMEM;
9fbcbb45 879 goto failed;
366a0336 880 }
9fbcbb45 881
72a734ec 882 if (cp->val)
9fbcbb45
JH		 883 scan = SCAN_PAGE;
884 else
885 scan = 0;
886
887 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
888 if (err < 0)
a664b5bc 889 mgmt_pending_remove(cmd);
9fbcbb45
JH		 890
891failed:
09fd0de5 892 hci_dev_unlock(hdev);
9fbcbb45
JH		 893 hci_dev_put(hdev);
894
895 return err;
896}
897
744cf19e
JH		 898static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
899 u16 data_len, struct sock *skip_sk)
c542a06c
JH		 900{
901 struct sk_buff *skb;
902 struct mgmt_hdr *hdr;
903
904 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
905 if (!skb)
906 return -ENOMEM;
907
908 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
909
910 hdr = (void *) skb_put(skb, sizeof(*hdr));
911 hdr->opcode = cpu_to_le16(event);
744cf19e
JH		 912 if (hdev)
913 hdr->index = cpu_to_le16(hdev->id);
914 else
915 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
c542a06c
JH		 916 hdr->len = cpu_to_le16(data_len);
917
4e51eae9
SJ		 918 if (data)
919 memcpy(skb_put(skb, data_len), data, data_len);
c542a06c
JH		 920
921 hci_send_to_sock(NULL, skb, skip_sk);
922 kfree_skb(skb);
923
924 return 0;
925}
926
650f726d 927static int set_pairable(struct sock *sk, u16 index, void *data, u16 len)
c542a06c 928{
650f726d 929 struct mgmt_mode *cp = data;
c542a06c 930 struct hci_dev *hdev;
69ab39ea 931 __le32 ev;
c542a06c
JH		 932 int err;
933
4e51eae9 934 BT_DBG("request for hci%u", index);
c542a06c 935
bdce7baf 936 if (len != sizeof(*cp))
ca69b795
JH		 937 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
938 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 939
4e51eae9 940 hdev = hci_dev_get(index);
c542a06c 941 if (!hdev)
ca69b795
JH		 942 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
943 MGMT_STATUS_INVALID_PARAMS);
c542a06c 944
09fd0de5 945 hci_dev_lock(hdev);
c542a06c
JH		 946
947 if (cp->val)
a8b2d5c2 948 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 949 else
a8b2d5c2 950 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 951
69ab39ea 952 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 953 if (err < 0)
954 goto failed;
955
69ab39ea 956 ev = cpu_to_le32(get_current_settings(hdev));
c542a06c 957
69ab39ea 958 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
c542a06c
JH		 959
960failed:
09fd0de5 961 hci_dev_unlock(hdev);
c542a06c
JH		 962 hci_dev_put(hdev);
963
964 return err;
965}
966
650f726d 967static int add_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 968{
650f726d 969 struct mgmt_cp_add_uuid *cp = data;
2aeb9a1a
JH		 970 struct hci_dev *hdev;
971 struct bt_uuid *uuid;
2aeb9a1a
JH		 972 int err;
973
4e51eae9 974 BT_DBG("request for hci%u", index);
2aeb9a1a 975
bdce7baf 976 if (len != sizeof(*cp))
ca69b795
JH		 977 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
978 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 979
4e51eae9 980 hdev = hci_dev_get(index);
2aeb9a1a 981 if (!hdev)
ca69b795
JH		 982 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
983 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 984
09fd0de5 985 hci_dev_lock(hdev);
2aeb9a1a
JH		 986
987 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
988 if (!uuid) {
989 err = -ENOMEM;
990 goto failed;
991 }
992
993 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 994 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 995
996 list_add(&uuid->list, &hdev->uuids);
997
1aff6f09
JH		 998 err = update_class(hdev);
999 if (err < 0)
1000 goto failed;
1001
80a1e1db
JH		 1002 err = update_eir(hdev);
1003 if (err < 0)
1004 goto failed;
1005
4e51eae9 1006 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
2aeb9a1a
JH		 1007
1008failed:
09fd0de5 1009 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1010 hci_dev_put(hdev);
1011
1012 return err;
1013}
1014
650f726d 1015static int remove_uuid(struct sock *sk, u16 index, void *data, u16 len)
2aeb9a1a 1016{
650f726d 1017 struct mgmt_cp_remove_uuid *cp = data;
2aeb9a1a 1018 struct list_head *p, *n;
2aeb9a1a
JH		 1019 struct hci_dev *hdev;
1020 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1021 int err, found;
1022
4e51eae9 1023 BT_DBG("request for hci%u", index);
2aeb9a1a 1024
bdce7baf 1025 if (len != sizeof(*cp))
ca69b795
JH		 1026 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1027 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1028
4e51eae9 1029 hdev = hci_dev_get(index);
2aeb9a1a 1030 if (!hdev)
ca69b795
JH		 1031 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1032 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a 1033
09fd0de5 1034 hci_dev_lock(hdev);
2aeb9a1a
JH		 1035
1036 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1037 err = hci_uuids_clear(hdev);
1038 goto unlock;
1039 }
1040
1041 found = 0;
1042
1043 list_for_each_safe(p, n, &hdev->uuids) {
1044 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1045
1046 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1047 continue;
1048
1049 list_del(&match->list);
1050 found++;
1051 }
1052
1053 if (found == 0) {
ca69b795
JH		 1054 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
1055 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1056 goto unlock;
1057 }
1058
1aff6f09
JH		 1059 err = update_class(hdev);
1060 if (err < 0)
1061 goto unlock;
1062
80a1e1db
JH		 1063 err = update_eir(hdev);
1064 if (err < 0)
1065 goto unlock;
1066
4e51eae9 1067 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
2aeb9a1a
JH		 1068
1069unlock:
09fd0de5 1070 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1071 hci_dev_put(hdev);
1072
1073 return err;
1074}
1075
650f726d 1076static int set_dev_class(struct sock *sk, u16 index, void *data, u16 len)
1aff6f09
JH		 1077{
1078 struct hci_dev *hdev;
650f726d 1079 struct mgmt_cp_set_dev_class *cp = data;
1aff6f09
JH		 1080 int err;
1081
4e51eae9 1082 BT_DBG("request for hci%u", index);
1aff6f09 1083
bdce7baf 1084 if (len != sizeof(*cp))
ca69b795
JH		 1085 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1086 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1087
4e51eae9 1088 hdev = hci_dev_get(index);
1aff6f09 1089 if (!hdev)
ca69b795
JH		 1090 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1091 MGMT_STATUS_INVALID_PARAMS);
1aff6f09 1092
09fd0de5 1093 hci_dev_lock(hdev);
1aff6f09
JH		 1094
1095 hdev->major_class = cp->major;
1096 hdev->minor_class = cp->minor;
1097
a8b2d5c2 1098 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1099 hci_dev_unlock(hdev);
1100 cancel_delayed_work_sync(&hdev->service_cache);
1101 hci_dev_lock(hdev);
14c0b608 1102 update_eir(hdev);
7d78525d 1103 }
14c0b608 1104
1aff6f09
JH		 1105 err = update_class(hdev);
1106
1107 if (err == 0)
4e51eae9 1108 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1aff6f09 1109
09fd0de5 1110 hci_dev_unlock(hdev);
1aff6f09
JH		 1111 hci_dev_put(hdev);
1112
1113 return err;
1114}
1115
650f726d 1116static int load_link_keys(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1117{
1118 struct hci_dev *hdev;
650f726d 1119 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1120 u16 key_count, expected_len;
a492cd52 1121 int i;
55ed8ca1 1122
bdce7baf 1123 if (len < sizeof(*cp))
ca69b795
JH		 1124 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1125 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1126
55ed8ca1
JH		 1127 key_count = get_unaligned_le16(&cp->key_count);
1128
86742e1e
JH		 1129 expected_len = sizeof(*cp) + key_count *
1130 sizeof(struct mgmt_link_key_info);
a492cd52 1131 if (expected_len != len) {
86742e1e 1132 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 1133 len, expected_len);
ca69b795
JH		 1134 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1135 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1136 }
1137
4e51eae9 1138 hdev = hci_dev_get(index);
55ed8ca1 1139 if (!hdev)
ca69b795
JH		 1140 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1141 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1142
4e51eae9 1143 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 1144 key_count);
1145
09fd0de5 1146 hci_dev_lock(hdev);
55ed8ca1
JH		 1147
1148 hci_link_keys_clear(hdev);
1149
a8b2d5c2 1150 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1151
1152 if (cp->debug_keys)
a8b2d5c2 1153 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1154 else
a8b2d5c2 1155 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1156
a492cd52 1157 for (i = 0; i < key_count; i++) {
86742e1e 1158 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1159
d25e28ab 1160 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
55ed8ca1
JH		 1161 key->pin_len);
1162 }
1163
0e5f875a
JH		 1164 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, NULL, 0);
1165
09fd0de5 1166 hci_dev_unlock(hdev);
55ed8ca1
JH		 1167 hci_dev_put(hdev);
1168
a492cd52 1169 return 0;
55ed8ca1
JH		 1170}
1171
b1078ad0
JH		 1172static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
1173 u8 addr_type, struct sock *skip_sk)
1174{
1175 struct mgmt_ev_device_unpaired ev;
1176
1177 bacpy(&ev.addr.bdaddr, bdaddr);
1178 ev.addr.type = addr_type;
1179
1180 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
1181 skip_sk);
1182}
1183
124f6e35 1184static int unpair_device(struct sock *sk, u16 index, void *data, u16 len)
55ed8ca1
JH		 1185{
1186 struct hci_dev *hdev;
124f6e35
JH		 1187 struct mgmt_cp_unpair_device *cp = data;
1188 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1189 struct hci_cp_disconnect dc;
1190 struct pending_cmd *cmd;
55ed8ca1 1191 struct hci_conn *conn;
55ed8ca1
JH		 1192 int err;
1193
bdce7baf 1194 if (len != sizeof(*cp))
124f6e35 1195 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1196 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1197
4e51eae9 1198 hdev = hci_dev_get(index);
55ed8ca1 1199 if (!hdev)
124f6e35 1200 return cmd_status(sk, index, MGMT_OP_UNPAIR_DEVICE,
ca69b795 1201 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1 1202
09fd0de5 1203 hci_dev_lock(hdev);
55ed8ca1 1204
a8a1d19e 1205 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1206 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1207 rp.addr.type = cp->addr.type;
a8a1d19e 1208
124f6e35
JH		 1209 if (cp->addr.type == MGMT_ADDR_BREDR)
1210 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1211 else
1212 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1213
55ed8ca1 1214 if (err < 0) {
ca69b795 1215 rp.status = MGMT_STATUS_NOT_PAIRED;
55ed8ca1
JH		 1216 goto unlock;
1217 }
1218
a8a1d19e 1219 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
124f6e35 1220 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, &rp,
a8a1d19e 1221 sizeof(rp));
b1078ad0 1222 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
55ed8ca1 1223 goto unlock;
a8a1d19e 1224 }
55ed8ca1 1225
124f6e35
JH		 1226 if (cp->addr.type == MGMT_ADDR_BREDR)
1227 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1228 &cp->addr.bdaddr);
1229 else
1230 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
1231 &cp->addr.bdaddr);
1232
a8a1d19e 1233 if (!conn) {
124f6e35 1234 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, &rp,
a8a1d19e 1235 sizeof(rp));
b1078ad0 1236 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1237 goto unlock;
1238 }
55ed8ca1 1239
124f6e35
JH		 1240 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
1241 sizeof(*cp));
a8a1d19e
JH		 1242 if (!cmd) {
1243 err = -ENOMEM;
1244 goto unlock;
55ed8ca1
JH		 1245 }
1246
a8a1d19e
JH		 1247 put_unaligned_le16(conn->handle, &dc.handle);
1248 dc.reason = 0x13; /* Remote User Terminated Connection */
1249 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1250 if (err < 0)
1251 mgmt_pending_remove(cmd);
1252
55ed8ca1 1253unlock:
ca69b795 1254 if (err < 0)
124f6e35 1255 err = cmd_complete(sk, index, MGMT_OP_UNPAIR_DEVICE, &rp,
a8a1d19e 1256 sizeof(rp));
09fd0de5 1257 hci_dev_unlock(hdev);
55ed8ca1
JH		 1258 hci_dev_put(hdev);
1259
1260 return err;
1261}
1262
650f726d 1263static int disconnect(struct sock *sk, u16 index, void *data, u16 len)
8962ee74
JH		 1264{
1265 struct hci_dev *hdev;
650f726d 1266 struct mgmt_cp_disconnect *cp = data;
8962ee74 1267 struct hci_cp_disconnect dc;
366a0336 1268 struct pending_cmd *cmd;
8962ee74 1269 struct hci_conn *conn;
8962ee74
JH		 1270 int err;
1271
1272 BT_DBG("");
1273
bdce7baf 1274 if (len != sizeof(*cp))
ca69b795
JH		 1275 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1276 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1277
4e51eae9 1278 hdev = hci_dev_get(index);
8962ee74 1279 if (!hdev)
ca69b795
JH		 1280 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1281 MGMT_STATUS_INVALID_PARAMS);
8962ee74 1282
09fd0de5 1283 hci_dev_lock(hdev);
8962ee74
JH		 1284
1285 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1286 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1287 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1288 goto failed;
1289 }
1290
2e58ef3e 1291 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
ca69b795
JH		 1292 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1293 MGMT_STATUS_BUSY);
8962ee74
JH		 1294 goto failed;
1295 }
1296
88c3df13
JH		 1297 if (cp->addr.type == MGMT_ADDR_BREDR)
1298 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
1299 else
1300 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1301
8962ee74 1302 if (!conn) {
ca69b795
JH		 1303 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1304 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1305 goto failed;
1306 }
1307
2e58ef3e 1308 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1309 if (!cmd) {
1310 err = -ENOMEM;
8962ee74 1311 goto failed;
366a0336 1312 }
8962ee74
JH		 1313
1314 put_unaligned_le16(conn->handle, &dc.handle);
1315 dc.reason = 0x13; /* Remote User Terminated Connection */
1316
1317 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1318 if (err < 0)
a664b5bc 1319 mgmt_pending_remove(cmd);
8962ee74
JH		 1320
1321failed:
09fd0de5 1322 hci_dev_unlock(hdev);
8962ee74
JH		 1323 hci_dev_put(hdev);
1324
1325 return err;
1326}
1327
48264f06 1328static u8 link_to_mgmt(u8 link_type, u8 addr_type)
4c659c39
JH		 1329{
1330 switch (link_type) {
1331 case LE_LINK:
48264f06
JH		 1332 switch (addr_type) {
1333 case ADDR_LE_DEV_PUBLIC:
1334 return MGMT_ADDR_LE_PUBLIC;
1335 case ADDR_LE_DEV_RANDOM:
1336 return MGMT_ADDR_LE_RANDOM;
1337 default:
1338 return MGMT_ADDR_INVALID;
1339 }
4c659c39
JH		 1340 case ACL_LINK:
1341 return MGMT_ADDR_BREDR;
1342 default:
1343 return MGMT_ADDR_INVALID;
1344 }
1345}
1346
8ce6284e 1347static int get_connections(struct sock *sk, u16 index)
2784eb41 1348{
2784eb41
JH		 1349 struct mgmt_rp_get_connections *rp;
1350 struct hci_dev *hdev;
8035ded4 1351 struct hci_conn *c;
a38528f1 1352 size_t rp_len;
4e51eae9 1353 u16 count;
2784eb41
JH		 1354 int i, err;
1355
1356 BT_DBG("");
1357
4e51eae9 1358 hdev = hci_dev_get(index);
2784eb41 1359 if (!hdev)
ca69b795
JH		 1360 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1361 MGMT_STATUS_INVALID_PARAMS);
2784eb41 1362
09fd0de5 1363 hci_dev_lock(hdev);
2784eb41
JH		 1364
1365 count = 0;
b644ba33
JH		 1366 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1367 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1368 count++;
2784eb41
JH		 1369 }
1370
4c659c39 1371 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
a38528f1
JH		 1372 rp = kmalloc(rp_len, GFP_ATOMIC);
1373 if (!rp) {
2784eb41
JH		 1374 err = -ENOMEM;
1375 goto unlock;
1376 }
1377
2784eb41
JH		 1378 put_unaligned_le16(count, &rp->conn_count);
1379
2784eb41 1380 i = 0;
4c659c39 1381 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1382 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1383 continue;
4c659c39 1384 bacpy(&rp->addr[i].bdaddr, &c->dst);
48264f06 1385 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
4c659c39
JH		 1386 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1387 continue;
1388 i++;
1389 }
1390
1391 /* Recalculate length in case of filtered SCO connections, etc */
1392 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1393
4e51eae9 1394 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
2784eb41
JH		 1395
1396unlock:
a38528f1 1397 kfree(rp);
09fd0de5 1398 hci_dev_unlock(hdev);
2784eb41
JH		 1399 hci_dev_put(hdev);
1400 return err;
1401}
1402
96d97a67
WR		 1403static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1404 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1405{
1406 struct pending_cmd *cmd;
1407 int err;
1408
2e58ef3e 1409 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
96d97a67
WR		 1410 sizeof(*cp));
1411 if (!cmd)
1412 return -ENOMEM;
1413
1414 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1415 &cp->bdaddr);
1416 if (err < 0)
1417 mgmt_pending_remove(cmd);
1418
1419 return err;
1420}
1421
650f726d 1422static int pin_code_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1423{
1424 struct hci_dev *hdev;
96d97a67 1425 struct hci_conn *conn;
650f726d 1426 struct mgmt_cp_pin_code_reply *cp = data;
96d97a67 1427 struct mgmt_cp_pin_code_neg_reply ncp;
980e1a53 1428 struct hci_cp_pin_code_reply reply;
366a0336 1429 struct pending_cmd *cmd;
980e1a53
JH		 1430 int err;
1431
1432 BT_DBG("");
1433
bdce7baf 1434 if (len != sizeof(*cp))
ca69b795
JH		 1435 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1436 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1437
4e51eae9 1438 hdev = hci_dev_get(index);
980e1a53 1439 if (!hdev)
ca69b795
JH		 1440 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1441 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1442
09fd0de5 1443 hci_dev_lock(hdev);
980e1a53
JH		 1444
1445 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 1446 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1447 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1448 goto failed;
1449 }
1450
96d97a67
WR		 1451 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1452 if (!conn) {
ca69b795
JH		 1453 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1454 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1455 goto failed;
1456 }
1457
1458 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1459 bacpy(&ncp.bdaddr, &cp->bdaddr);
1460
1461 BT_ERR("PIN code is not 16 bytes long");
1462
1463 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1464 if (err >= 0)
1465 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
ca69b795 1466 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1467
1468 goto failed;
1469 }
1470
650f726d
VCG		 1471 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data,
1472 len);
366a0336
JH		 1473 if (!cmd) {
1474 err = -ENOMEM;
980e1a53 1475 goto failed;
366a0336 1476 }
980e1a53
JH		 1477
1478 bacpy(&reply.bdaddr, &cp->bdaddr);
1479 reply.pin_len = cp->pin_len;
24718ca5 1480 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1481
1482 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1483 if (err < 0)
a664b5bc 1484 mgmt_pending_remove(cmd);
980e1a53
JH		 1485
1486failed:
09fd0de5 1487 hci_dev_unlock(hdev);
980e1a53
JH		 1488 hci_dev_put(hdev);
1489
1490 return err;
1491}
1492
650f726d 1493static int pin_code_neg_reply(struct sock *sk, u16 index, void *data, u16 len)
980e1a53
JH		 1494{
1495 struct hci_dev *hdev;
650f726d 1496 struct mgmt_cp_pin_code_neg_reply *cp = data;
980e1a53
JH		 1497 int err;
1498
1499 BT_DBG("");
1500
bdce7baf
SJ		 1501 if (len != sizeof(*cp))
1502 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1503 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1504
4e51eae9 1505 hdev = hci_dev_get(index);
980e1a53 1506 if (!hdev)
4e51eae9 1507 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1508 MGMT_STATUS_INVALID_PARAMS);
980e1a53 1509
09fd0de5 1510 hci_dev_lock(hdev);
980e1a53
JH		 1511
1512 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1513 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
ca69b795 1514 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1515 goto failed;
1516 }
1517
96d97a67 1518 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1519
1520failed:
09fd0de5 1521 hci_dev_unlock(hdev);
980e1a53
JH		 1522 hci_dev_put(hdev);
1523
1524 return err;
1525}
1526
650f726d 1527static int set_io_capability(struct sock *sk, u16 index, void *data, u16 len)
17fa4b9d
JH		 1528{
1529 struct hci_dev *hdev;
650f726d 1530 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1531
1532 BT_DBG("");
1533
bdce7baf 1534 if (len != sizeof(*cp))
ca69b795
JH		 1535 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1536 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1537
4e51eae9 1538 hdev = hci_dev_get(index);
17fa4b9d 1539 if (!hdev)
ca69b795
JH		 1540 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1541 MGMT_STATUS_INVALID_PARAMS);
17fa4b9d 1542
09fd0de5 1543 hci_dev_lock(hdev);
17fa4b9d
JH		 1544
1545 hdev->io_capability = cp->io_capability;
1546
1547 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1548 hdev->io_capability);
17fa4b9d 1549
09fd0de5 1550 hci_dev_unlock(hdev);
17fa4b9d
JH		 1551 hci_dev_put(hdev);
1552
4e51eae9 1553 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
17fa4b9d
JH		 1554}
1555
e9a416b5
JH		 1556static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1557{
1558 struct hci_dev *hdev = conn->hdev;
8035ded4 1559 struct pending_cmd *cmd;
e9a416b5 1560
2e58ef3e 1561 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1562 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1563 continue;
1564
e9a416b5
JH		 1565 if (cmd->user_data != conn)
1566 continue;
1567
1568 return cmd;
1569 }
1570
1571 return NULL;
1572}
1573
1574static void pairing_complete(struct pending_cmd *cmd, u8 status)
1575{
1576 struct mgmt_rp_pair_device rp;
1577 struct hci_conn *conn = cmd->user_data;
1578
ba4e564f
JH		 1579 bacpy(&rp.addr.bdaddr, &conn->dst);
1580 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
e9a416b5
JH		 1581 rp.status = status;
1582
4e51eae9 1583 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
e9a416b5
JH		 1584
1585 /* So we don't get further callbacks for this connection */
1586 conn->connect_cfm_cb = NULL;
1587 conn->security_cfm_cb = NULL;
1588 conn->disconn_cfm_cb = NULL;
1589
1590 hci_conn_put(conn);
1591
a664b5bc 1592 mgmt_pending_remove(cmd);
e9a416b5
JH		 1593}
1594
1595static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1596{
1597 struct pending_cmd *cmd;
1598
1599 BT_DBG("status %u", status);
1600
1601 cmd = find_pairing(conn);
56e5cb86 1602 if (!cmd)
e9a416b5 1603 BT_DBG("Unable to find a pending command");
56e5cb86
JH		 1604 else
1605 pairing_complete(cmd, status);
e9a416b5
JH		 1606}
1607
650f726d 1608static int pair_device(struct sock *sk, u16 index, void *data, u16 len)
e9a416b5
JH		 1609{
1610 struct hci_dev *hdev;
650f726d 1611 struct mgmt_cp_pair_device *cp = data;
1425acb7 1612 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1613 struct pending_cmd *cmd;
1614 u8 sec_level, auth_type;
1615 struct hci_conn *conn;
e9a416b5
JH		 1616 int err;
1617
1618 BT_DBG("");
1619
bdce7baf 1620 if (len != sizeof(*cp))
ca69b795
JH		 1621 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1622 MGMT_STATUS_INVALID_PARAMS);
bdce7baf 1623
4e51eae9 1624 hdev = hci_dev_get(index);
e9a416b5 1625 if (!hdev)
ca69b795
JH		 1626 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1627 MGMT_STATUS_INVALID_PARAMS);
e9a416b5 1628
09fd0de5 1629 hci_dev_lock(hdev);
e9a416b5 1630
c908df36
VCG		 1631 sec_level = BT_SECURITY_MEDIUM;
1632 if (cp->io_cap == 0x03)
e9a416b5 1633 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1634 else
e9a416b5 1635 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1636
ba4e564f
JH		 1637 if (cp->addr.type == MGMT_ADDR_BREDR)
1638 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1639 auth_type);
1640 else
ba4e564f 1641 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
7a512d01
VCG		 1642 auth_type);
1643
1425acb7
JH		 1644 memset(&rp, 0, sizeof(rp));
1645 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1646 rp.addr.type = cp->addr.type;
1647
30e76272 1648 if (IS_ERR(conn)) {
1425acb7
JH		 1649 rp.status = -PTR_ERR(conn);
1650 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1651 &rp, sizeof(rp));
e9a416b5
JH		 1652 goto unlock;
1653 }
1654
1655 if (conn->connect_cfm_cb) {
1656 hci_conn_put(conn);
1425acb7
JH		 1657 rp.status = EBUSY;
1658 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1659 &rp, sizeof(rp));
e9a416b5
JH		 1660 goto unlock;
1661 }
1662
2e58ef3e 1663 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1664 if (!cmd) {
1665 err = -ENOMEM;
1666 hci_conn_put(conn);
1667 goto unlock;
1668 }
1669
7a512d01 1670 /* For LE, just connecting isn't a proof that the pairing finished */
ba4e564f 1671 if (cp->addr.type == MGMT_ADDR_BREDR)
7a512d01
VCG		 1672 conn->connect_cfm_cb = pairing_complete_cb;
1673
e9a416b5
JH		 1674 conn->security_cfm_cb = pairing_complete_cb;
1675 conn->disconn_cfm_cb = pairing_complete_cb;
1676 conn->io_capability = cp->io_cap;
1677 cmd->user_data = conn;
1678
1679 if (conn->state == BT_CONNECTED &&
1680 hci_conn_security(conn, sec_level, auth_type))
1681 pairing_complete(cmd, 0);
1682
1683 err = 0;
1684
1685unlock:
09fd0de5 1686 hci_dev_unlock(hdev);
e9a416b5
JH		 1687 hci_dev_put(hdev);
1688
1689 return err;
1690}
1691
28424707
JH		 1692static int cancel_pair_device(struct sock *sk, u16 index,
1693 unsigned char *data, u16 len)
1694{
1695 struct mgmt_addr_info *addr = (void *) data;
1696 struct hci_dev *hdev;
1697 struct pending_cmd *cmd;
1698 struct hci_conn *conn;
1699 int err;
1700
1701 BT_DBG("");
1702
1703 if (len != sizeof(*addr))
1704 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1705 MGMT_STATUS_INVALID_PARAMS);
1706
1707 hdev = hci_dev_get(index);
1708 if (!hdev)
1709 return cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1710 MGMT_STATUS_INVALID_PARAMS);
1711
1712 hci_dev_lock(hdev);
1713
1714 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1715 if (!cmd) {
1716 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1717 MGMT_STATUS_INVALID_PARAMS);
1718 goto unlock;
1719 }
1720
1721 conn = cmd->user_data;
1722
1723 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
1724 err = cmd_status(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE,
1725 MGMT_STATUS_INVALID_PARAMS);
1726 goto unlock;
1727 }
1728
1729 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
1730
1731 err = cmd_complete(sk, index, MGMT_OP_CANCEL_PAIR_DEVICE, addr,
1732 sizeof(*addr));
1733unlock:
1734 hci_dev_unlock(hdev);
1735 hci_dev_put(hdev);
1736
1737 return err;
1738}
1739
0df4c185 1740static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
272d90df
JH		 1741 u8 type, u16 mgmt_op, u16 hci_op,
1742 __le32 passkey)
a5c29683 1743{
a5c29683
JH		 1744 struct pending_cmd *cmd;
1745 struct hci_dev *hdev;
0df4c185 1746 struct hci_conn *conn;
a5c29683
JH		 1747 int err;
1748
4e51eae9 1749 hdev = hci_dev_get(index);
a5c29683 1750 if (!hdev)
ca69b795
JH		 1751 return cmd_status(sk, index, mgmt_op,
1752 MGMT_STATUS_INVALID_PARAMS);
a5c29683 1753
09fd0de5 1754 hci_dev_lock(hdev);
08ba5382 1755
a5c29683 1756 if (!test_bit(HCI_UP, &hdev->flags)) {
0df4c185
BG		 1757 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1758 goto done;
a5c29683
JH		 1759 }
1760
272d90df
JH		 1761 if (type == MGMT_ADDR_BREDR)
1762 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1763 else
47c15e2b 1764 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 1765
1766 if (!conn) {
1767 err = cmd_status(sk, index, mgmt_op,
47c15e2b 1768 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 1769 goto done;
1770 }
47c15e2b 1771
272d90df 1772 if (type == MGMT_ADDR_LE_PUBLIC || type == MGMT_ADDR_LE_RANDOM) {
47c15e2b 1773 /* Continue with pairing via SMP */
5fe57d9e
BG		 1774 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
1775
1776 if (!err)
1777 err = cmd_status(sk, index, mgmt_op,
1778 MGMT_STATUS_SUCCESS);
1779 else
1780 err = cmd_status(sk, index, mgmt_op,
1781 MGMT_STATUS_FAILED);
47c15e2b 1782
47c15e2b
BG		 1783 goto done;
1784 }
1785
0df4c185 1786 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 1787 if (!cmd) {
1788 err = -ENOMEM;
0df4c185 1789 goto done;
a5c29683
JH		 1790 }
1791
0df4c185 1792 /* Continue with pairing via HCI */
604086b7
BG		 1793 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1794 struct hci_cp_user_passkey_reply cp;
1795
1796 bacpy(&cp.bdaddr, bdaddr);
1797 cp.passkey = passkey;
1798 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1799 } else
1800 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1801
a664b5bc
JH		 1802 if (err < 0)
1803 mgmt_pending_remove(cmd);
a5c29683 1804
0df4c185 1805done:
09fd0de5 1806 hci_dev_unlock(hdev);
a5c29683
JH		 1807 hci_dev_put(hdev);
1808
1809 return err;
1810}
1811
0df4c185
BG		 1812static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1813{
650f726d 1814 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 1815
1816 BT_DBG("");
1817
1818 if (len != sizeof(*cp))
1819 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
1820 MGMT_STATUS_INVALID_PARAMS);
1821
272d90df
JH		 1822 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
1823 MGMT_OP_USER_CONFIRM_REPLY,
1824 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 1825}
1826
1827static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
1828 u16 len)
1829{
c9c2659f 1830 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 1831
1832 BT_DBG("");
1833
1834 if (len != sizeof(*cp))
1835 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
1836 MGMT_STATUS_INVALID_PARAMS);
1837
272d90df
JH		 1838 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
1839 MGMT_OP_USER_CONFIRM_NEG_REPLY,
1840 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 1841}
1842
604086b7
BG		 1843static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
1844{
650f726d 1845 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 1846
1847 BT_DBG("");
1848
1849 if (len != sizeof(*cp))
1850 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
1851 EINVAL);
1852
272d90df
JH		 1853 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
1854 MGMT_OP_USER_PASSKEY_REPLY,
1855 HCI_OP_USER_PASSKEY_REPLY,
1856 cp->passkey);
604086b7
BG		 1857}
1858
1859static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
1860 u16 len)
1861{
650f726d 1862 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 1863
1864 BT_DBG("");
1865
1866 if (len != sizeof(*cp))
1867 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
1868 EINVAL);
1869
272d90df
JH		 1870 return user_pairing_resp(sk, index, &cp->addr.bdaddr, cp->addr.type,
1871 MGMT_OP_USER_PASSKEY_NEG_REPLY,
1872 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 1873}
1874
650f726d 1875static int set_local_name(struct sock *sk, u16 index, void *data,
b312b161
JH		 1876 u16 len)
1877{
650f726d 1878 struct mgmt_cp_set_local_name *mgmt_cp = data;
b312b161
JH		 1879 struct hci_cp_write_local_name hci_cp;
1880 struct hci_dev *hdev;
1881 struct pending_cmd *cmd;
1882 int err;
1883
1884 BT_DBG("");
1885
1886 if (len != sizeof(*mgmt_cp))
ca69b795
JH		 1887 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1888 MGMT_STATUS_INVALID_PARAMS);
b312b161
JH		 1889
1890 hdev = hci_dev_get(index);
1891 if (!hdev)
ca69b795
JH		 1892 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1893 MGMT_STATUS_INVALID_PARAMS);
b312b161 1894
09fd0de5 1895 hci_dev_lock(hdev);
b312b161 1896
650f726d
VCG		 1897 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data,
1898 len);
b312b161
JH		 1899 if (!cmd) {
1900 err = -ENOMEM;
1901 goto failed;
1902 }
1903
1904 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1905 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1906 &hci_cp);
1907 if (err < 0)
1908 mgmt_pending_remove(cmd);
1909
1910failed:
09fd0de5 1911 hci_dev_unlock(hdev);
b312b161
JH		 1912 hci_dev_put(hdev);
1913
1914 return err;
1915}
1916
c35938b2
SJ		 1917static int read_local_oob_data(struct sock *sk, u16 index)
1918{
1919 struct hci_dev *hdev;
1920 struct pending_cmd *cmd;
1921 int err;
1922
1923 BT_DBG("hci%u", index);
1924
1925 hdev = hci_dev_get(index);
1926 if (!hdev)
1927 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 1928 MGMT_STATUS_INVALID_PARAMS);
c35938b2 1929
09fd0de5 1930 hci_dev_lock(hdev);
c35938b2
SJ		 1931
1932 if (!test_bit(HCI_UP, &hdev->flags)) {
1933 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 1934 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 1935 goto unlock;
1936 }
1937
1938 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1939 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
ca69b795 1940 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 1941 goto unlock;
1942 }
1943
2e58ef3e 1944 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
ca69b795
JH		 1945 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1946 MGMT_STATUS_BUSY);
c35938b2
SJ		 1947 goto unlock;
1948 }
1949
2e58ef3e 1950 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 1951 if (!cmd) {
1952 err = -ENOMEM;
1953 goto unlock;
1954 }
1955
1956 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1957 if (err < 0)
1958 mgmt_pending_remove(cmd);
1959
1960unlock:
09fd0de5 1961 hci_dev_unlock(hdev);
c35938b2
SJ		 1962 hci_dev_put(hdev);
1963
1964 return err;
1965}
1966
650f726d
VCG		 1967static int add_remote_oob_data(struct sock *sk, u16 index, void *data,
1968 u16 len)
2763eda6
SJ		 1969{
1970 struct hci_dev *hdev;
650f726d 1971 struct mgmt_cp_add_remote_oob_data *cp = data;
2763eda6
SJ		 1972 int err;
1973
1974 BT_DBG("hci%u ", index);
1975
1976 if (len != sizeof(*cp))
1977 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
ca69b795 1978 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 1979
1980 hdev = hci_dev_get(index);
1981 if (!hdev)
1982 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
ca69b795 1983 MGMT_STATUS_INVALID_PARAMS);
2763eda6 1984
09fd0de5 1985 hci_dev_lock(hdev);
2763eda6 1986
664ce4cc 1987 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
2763eda6
SJ		 1988 cp->randomizer);
1989 if (err < 0)
ca69b795
JH		 1990 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1991 MGMT_STATUS_FAILED);
2763eda6
SJ		 1992 else
1993 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1994 0);
1995
09fd0de5 1996 hci_dev_unlock(hdev);
2763eda6
SJ		 1997 hci_dev_put(hdev);
1998
1999 return err;
2000}
2001
2002static int remove_remote_oob_data(struct sock *sk, u16 index,
650f726d 2003 void *data, u16 len)
2763eda6
SJ		 2004{
2005 struct hci_dev *hdev;
650f726d 2006 struct mgmt_cp_remove_remote_oob_data *cp = data;
2763eda6
SJ		 2007 int err;
2008
2009 BT_DBG("hci%u ", index);
2010
2011 if (len != sizeof(*cp))
2012 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 2013 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2014
2015 hdev = hci_dev_get(index);
2016 if (!hdev)
2017 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 2018 MGMT_STATUS_INVALID_PARAMS);
2763eda6 2019
09fd0de5 2020 hci_dev_lock(hdev);
2763eda6 2021
664ce4cc 2022 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6
SJ		 2023 if (err < 0)
2024 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
ca69b795 2025 MGMT_STATUS_INVALID_PARAMS);
2763eda6
SJ		 2026 else
2027 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2028 NULL, 0);
2029
09fd0de5 2030 hci_dev_unlock(hdev);
2763eda6
SJ		 2031 hci_dev_put(hdev);
2032
2033 return err;
2034}
2035
450dfdaf 2036static int start_discovery(struct sock *sk, u16 index,
650f726d 2037 void *data, u16 len)
14a53664 2038{
650f726d 2039 struct mgmt_cp_start_discovery *cp = data;
3fd24153 2040 unsigned long discov_type = cp->type;
14a53664
JH		 2041 struct pending_cmd *cmd;
2042 struct hci_dev *hdev;
2043 int err;
2044
2045 BT_DBG("hci%u", index);
2046
450dfdaf
JH		 2047 if (len != sizeof(*cp))
2048 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2049 MGMT_STATUS_INVALID_PARAMS);
2050
14a53664
JH		 2051 hdev = hci_dev_get(index);
2052 if (!hdev)
ca69b795
JH		 2053 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2054 MGMT_STATUS_INVALID_PARAMS);
14a53664 2055
09fd0de5 2056 hci_dev_lock(hdev);
14a53664 2057
bd2d1334 2058 if (!test_bit(HCI_UP, &hdev->flags)) {
ca69b795
JH		 2059 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2060 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2061 goto failed;
2062 }
2063
ff9ef578
JH		 2064 if (hdev->discovery.state != DISCOVERY_STOPPED) {
2065 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
2066 MGMT_STATUS_BUSY);
2067 goto failed;
2068 }
2069
2e58ef3e 2070 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2071 if (!cmd) {
2072 err = -ENOMEM;
2073 goto failed;
2074 }
2075
3fd24153
AG		 2076 if (test_bit(MGMT_ADDR_BREDR, &discov_type))
2077 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2078 else if (test_bit(MGMT_ADDR_LE_PUBLIC, &discov_type) &&
2079 test_bit(MGMT_ADDR_LE_RANDOM, &discov_type))
2080 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
2081 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
2082 else
2083 err = -EINVAL;
2084
14a53664
JH		 2085 if (err < 0)
2086 mgmt_pending_remove(cmd);
ff9ef578
JH		 2087 else
2088 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2089
2090failed:
09fd0de5 2091 hci_dev_unlock(hdev);
14a53664
JH		 2092 hci_dev_put(hdev);
2093
2094 return err;
2095}
2096
2097static int stop_discovery(struct sock *sk, u16 index)
2098{
2099 struct hci_dev *hdev;
2100 struct pending_cmd *cmd;
30dc78e1
JH		 2101 struct hci_cp_remote_name_req_cancel cp;
2102 struct inquiry_entry *e;
14a53664
JH		 2103 int err;
2104
2105 BT_DBG("hci%u", index);
2106
2107 hdev = hci_dev_get(index);
2108 if (!hdev)
ca69b795
JH		 2109 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2110 MGMT_STATUS_INVALID_PARAMS);
14a53664 2111
09fd0de5 2112 hci_dev_lock(hdev);
14a53664 2113
30dc78e1 2114 if (!hci_discovery_active(hdev)) {
ff9ef578
JH		 2115 err = cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
2116 MGMT_STATUS_REJECTED);
30dc78e1 2117 goto unlock;
ff9ef578
JH		 2118 }
2119
2e58ef3e 2120 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2121 if (!cmd) {
2122 err = -ENOMEM;
30dc78e1
JH		 2123 goto unlock;
2124 }
2125
2126 if (hdev->discovery.state == DISCOVERY_INQUIRY) {
2127 err = hci_cancel_inquiry(hdev);
2128 if (err < 0)
2129 mgmt_pending_remove(cmd);
2130 else
2131 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
2132 goto unlock;
2133 }
2134
2135 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_PENDING);
2136 if (!e) {
2137 mgmt_pending_remove(cmd);
2138 err = cmd_complete(sk, index, MGMT_OP_STOP_DISCOVERY, NULL, 0);
2139 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2140 goto unlock;
14a53664
JH		 2141 }
2142
30dc78e1
JH		 2143 bacpy(&cp.bdaddr, &e->data.bdaddr);
2144 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2145 sizeof(cp), &cp);
14a53664
JH		 2146 if (err < 0)
2147 mgmt_pending_remove(cmd);
ff9ef578
JH		 2148 else
2149 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2150
30dc78e1 2151unlock:
09fd0de5 2152 hci_dev_unlock(hdev);
14a53664
JH		 2153 hci_dev_put(hdev);
2154
2155 return err;
2156}
2157
650f726d 2158static int confirm_name(struct sock *sk, u16 index, void *data, u16 len)
561aafbc 2159{
650f726d 2160 struct mgmt_cp_confirm_name *cp = data;
561aafbc
JH		 2161 struct inquiry_entry *e;
2162 struct hci_dev *hdev;
2163 int err;
2164
2165 BT_DBG("hci%u", index);
2166
2167 if (len != sizeof(*cp))
2168 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2169 MGMT_STATUS_INVALID_PARAMS);
2170
2171 hdev = hci_dev_get(index);
2172 if (!hdev)
2173 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2174 MGMT_STATUS_INVALID_PARAMS);
2175
2176 hci_dev_lock(hdev);
2177
30dc78e1
JH		 2178 if (!hci_discovery_active(hdev)) {
2179 err = cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
2180 MGMT_STATUS_FAILED);
2181 goto failed;
2182 }
2183
561aafbc
JH		 2184 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->bdaddr);
2185 if (!e) {
2186 err = cmd_status (sk, index, MGMT_OP_CONFIRM_NAME,
2187 MGMT_STATUS_INVALID_PARAMS);
2188 goto failed;
2189 }
2190
2191 if (cp->name_known) {
2192 e->name_state = NAME_KNOWN;
2193 list_del(&e->list);
2194 } else {
2195 e->name_state = NAME_NEEDED;
a3d4e20a 2196 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2197 }
2198
2199 err = 0;
2200
2201failed:
2202 hci_dev_unlock(hdev);
2203
2204 return err;
2205}
2206
650f726d 2207static int block_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2208{
2209 struct hci_dev *hdev;
650f726d 2210 struct mgmt_cp_block_device *cp = data;
7fbec224
AJ		 2211 int err;
2212
2213 BT_DBG("hci%u", index);
2214
7fbec224
AJ		 2215 if (len != sizeof(*cp))
2216 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
ca69b795 2217 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2218
2219 hdev = hci_dev_get(index);
2220 if (!hdev)
2221 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
ca69b795 2222 MGMT_STATUS_INVALID_PARAMS);
7fbec224 2223
09fd0de5 2224 hci_dev_lock(hdev);
5e762444 2225
88c1fe4b 2226 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2227 if (err < 0)
ca69b795
JH		 2228 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2229 MGMT_STATUS_FAILED);
7fbec224
AJ		 2230 else
2231 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2232 NULL, 0);
5e762444 2233
09fd0de5 2234 hci_dev_unlock(hdev);
7fbec224
AJ		 2235 hci_dev_put(hdev);
2236
2237 return err;
2238}
2239
650f726d 2240static int unblock_device(struct sock *sk, u16 index, void *data, u16 len)
7fbec224
AJ		 2241{
2242 struct hci_dev *hdev;
650f726d 2243 struct mgmt_cp_unblock_device *cp = data;
7fbec224
AJ		 2244 int err;
2245
2246 BT_DBG("hci%u", index);
2247
7fbec224
AJ		 2248 if (len != sizeof(*cp))
2249 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
ca69b795 2250 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2251
2252 hdev = hci_dev_get(index);
2253 if (!hdev)
2254 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
ca69b795 2255 MGMT_STATUS_INVALID_PARAMS);
7fbec224 2256
09fd0de5 2257 hci_dev_lock(hdev);
5e762444 2258
88c1fe4b 2259 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224
AJ		 2260
2261 if (err < 0)
ca69b795
JH		 2262 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2263 MGMT_STATUS_INVALID_PARAMS);
7fbec224
AJ		 2264 else
2265 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2266 NULL, 0);
5e762444 2267
09fd0de5 2268 hci_dev_unlock(hdev);
7fbec224
AJ		 2269 hci_dev_put(hdev);
2270
2271 return err;
2272}
2273
f6422ec6 2274static int set_fast_connectable(struct sock *sk, u16 index,
650f726d 2275 void *data, u16 len)
f6422ec6
AJ		 2276{
2277 struct hci_dev *hdev;
650f726d 2278 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2279 struct hci_cp_write_page_scan_activity acp;
2280 u8 type;
2281 int err;
2282
2283 BT_DBG("hci%u", index);
2284
2285 if (len != sizeof(*cp))
2286 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2287 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2288
2289 hdev = hci_dev_get(index);
2290 if (!hdev)
2291 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2292 MGMT_STATUS_INVALID_PARAMS);
f6422ec6
AJ		 2293
2294 hci_dev_lock(hdev);
2295
f7c6869c 2296 if (cp->val) {
f6422ec6
AJ		 2297 type = PAGE_SCAN_TYPE_INTERLACED;
2298 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2299 } else {
2300 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2301 acp.interval = 0x0800; /* default 1.28 sec page scan */
2302 }
2303
2304 acp.window = 0x0012; /* default 11.25 msec page scan window */
2305
2306 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2307 sizeof(acp), &acp);
2308 if (err < 0) {
2309 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2310 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2311 goto done;
2312 }
2313
2314 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2315 if (err < 0) {
2316 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
ca69b795 2317 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2318 goto done;
2319 }
2320
2321 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2322 NULL, 0);
2323done:
2324 hci_dev_unlock(hdev);
2325 hci_dev_put(hdev);
2326
2327 return err;
2328}
2329
346af67b
VCG		 2330static int load_long_term_keys(struct sock *sk, u16 index,
2331 void *cp_data, u16 len)
2332{
2333 struct hci_dev *hdev;
2334 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2335 u16 key_count, expected_len;
2336 int i;
2337
2338 if (len < sizeof(*cp))
2339 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2340 EINVAL);
2341
2342 key_count = get_unaligned_le16(&cp->key_count);
2343
2344 expected_len = sizeof(*cp) + key_count *
2345 sizeof(struct mgmt_ltk_info);
2346 if (expected_len != len) {
2347 BT_ERR("load_keys: expected %u bytes, got %u bytes",
2348 len, expected_len);
2349 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2350 EINVAL);
2351 }
2352
2353 hdev = hci_dev_get(index);
2354 if (!hdev)
2355 return cmd_status(sk, index, MGMT_OP_LOAD_LONG_TERM_KEYS,
2356 ENODEV);
2357
2358 BT_DBG("hci%u key_count %u", index, key_count);
2359
2360 hci_dev_lock(hdev);
2361
2362 hci_smp_ltks_clear(hdev);
2363
2364 for (i = 0; i < key_count; i++) {
2365 struct mgmt_ltk_info *key = &cp->keys[i];
2366 u8 type;
2367
2368 if (key->master)
2369 type = HCI_SMP_LTK;
2370 else
2371 type = HCI_SMP_LTK_SLAVE;
2372
2373 hci_add_ltk(hdev, &key->addr.bdaddr, key->addr.type,
2374 type, 0, key->authenticated, key->val,
2375 key->enc_size, key->ediv, key->rand);
2376 }
2377
2378 hci_dev_unlock(hdev);
2379 hci_dev_put(hdev);
2380
2381 return 0;
2382}
2383
0381101f
JH		 2384int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2385{
650f726d
VCG		 2386 void *buf;
2387 u8 *cp;
0381101f 2388 struct mgmt_hdr *hdr;
4e51eae9 2389 u16 opcode, index, len;
0381101f
JH		 2390 int err;
2391
2392 BT_DBG("got %zu bytes", msglen);
2393
2394 if (msglen < sizeof(*hdr))
2395 return -EINVAL;
2396
e63a15ec 2397 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2398 if (!buf)
2399 return -ENOMEM;
2400
2401 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2402 err = -EFAULT;
2403 goto done;
2404 }
2405
650f726d 2406 hdr = buf;
0381101f 2407 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 2408 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 2409 len = get_unaligned_le16(&hdr->len);
2410
2411 if (len != msglen - sizeof(*hdr)) {
2412 err = -EINVAL;
2413 goto done;
2414 }
2415
650f726d
VCG		 2416 cp = buf + sizeof(*hdr);
2417
0381101f 2418 switch (opcode) {
02d98129
JH		 2419 case MGMT_OP_READ_VERSION:
2420 err = read_version(sk);
2421 break;
e70bb2e8
JH		 2422 case MGMT_OP_READ_COMMANDS:
2423 err = read_commands(sk);
2424 break;
faba42eb
JH		 2425 case MGMT_OP_READ_INDEX_LIST:
2426 err = read_index_list(sk);
2427 break;
f7b64e69 2428 case MGMT_OP_READ_INFO:
4e51eae9 2429 err = read_controller_info(sk, index);
f7b64e69 2430 break;
eec8d2bc 2431 case MGMT_OP_SET_POWERED:
650f726d 2432 err = set_powered(sk, index, cp, len);
eec8d2bc 2433 break;
73f22f62 2434 case MGMT_OP_SET_DISCOVERABLE:
650f726d 2435 err = set_discoverable(sk, index, cp, len);
73f22f62 2436 break;
9fbcbb45 2437 case MGMT_OP_SET_CONNECTABLE:
650f726d 2438 err = set_connectable(sk, index, cp, len);
9fbcbb45 2439 break;
f7c6869c 2440 case MGMT_OP_SET_FAST_CONNECTABLE:
650f726d 2441 err = set_fast_connectable(sk, index, cp, len);
f7c6869c 2442 break;
c542a06c 2443 case MGMT_OP_SET_PAIRABLE:
650f726d 2444 err = set_pairable(sk, index, cp, len);
c542a06c 2445 break;
2aeb9a1a 2446 case MGMT_OP_ADD_UUID:
650f726d 2447 err = add_uuid(sk, index, cp, len);
2aeb9a1a
JH		 2448 break;
2449 case MGMT_OP_REMOVE_UUID:
650f726d 2450 err = remove_uuid(sk, index, cp, len);
2aeb9a1a 2451 break;
1aff6f09 2452 case MGMT_OP_SET_DEV_CLASS:
650f726d 2453 err = set_dev_class(sk, index, cp, len);
1aff6f09 2454 break;
86742e1e 2455 case MGMT_OP_LOAD_LINK_KEYS:
650f726d 2456 err = load_link_keys(sk, index, cp, len);
55ed8ca1 2457 break;
8962ee74 2458 case MGMT_OP_DISCONNECT:
650f726d 2459 err = disconnect(sk, index, cp, len);
8962ee74 2460 break;
2784eb41 2461 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 2462 err = get_connections(sk, index);
2784eb41 2463 break;
980e1a53 2464 case MGMT_OP_PIN_CODE_REPLY:
650f726d 2465 err = pin_code_reply(sk, index, cp, len);
980e1a53
JH		 2466 break;
2467 case MGMT_OP_PIN_CODE_NEG_REPLY:
650f726d 2468 err = pin_code_neg_reply(sk, index, cp, len);
980e1a53 2469 break;
17fa4b9d 2470 case MGMT_OP_SET_IO_CAPABILITY:
650f726d 2471 err = set_io_capability(sk, index, cp, len);
17fa4b9d 2472 break;
e9a416b5 2473 case MGMT_OP_PAIR_DEVICE:
650f726d 2474 err = pair_device(sk, index, cp, len);
e9a416b5 2475 break;
28424707
JH		 2476 case MGMT_OP_CANCEL_PAIR_DEVICE:
2477 err = cancel_pair_device(sk, index, buf + sizeof(*hdr), len);
2478 break;
124f6e35
JH		 2479 case MGMT_OP_UNPAIR_DEVICE:
2480 err = unpair_device(sk, index, cp, len);
2481 break;
a5c29683 2482 case MGMT_OP_USER_CONFIRM_REPLY:
650f726d 2483 err = user_confirm_reply(sk, index, cp, len);
a5c29683
JH		 2484 break;
2485 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
650f726d 2486 err = user_confirm_neg_reply(sk, index, cp, len);
a5c29683 2487 break;
604086b7 2488 case MGMT_OP_USER_PASSKEY_REPLY:
650f726d 2489 err = user_passkey_reply(sk, index, cp, len);
604086b7
BG		 2490 break;
2491 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
650f726d 2492 err = user_passkey_neg_reply(sk, index, cp, len);
a5c29683 2493 break;
b312b161 2494 case MGMT_OP_SET_LOCAL_NAME:
650f726d 2495 err = set_local_name(sk, index, cp, len);
b312b161 2496 break;
c35938b2
SJ		 2497 case MGMT_OP_READ_LOCAL_OOB_DATA:
2498 err = read_local_oob_data(sk, index);
2499 break;
2763eda6 2500 case MGMT_OP_ADD_REMOTE_OOB_DATA:
650f726d 2501 err = add_remote_oob_data(sk, index, cp, len);
2763eda6
SJ		 2502 break;
2503 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
650f726d 2504 err = remove_remote_oob_data(sk, index, cp, len);
2763eda6 2505 break;
14a53664 2506 case MGMT_OP_START_DISCOVERY:
650f726d 2507 err = start_discovery(sk, index, cp, len);
14a53664
JH		 2508 break;
2509 case MGMT_OP_STOP_DISCOVERY:
2510 err = stop_discovery(sk, index);
2511 break;
561aafbc 2512 case MGMT_OP_CONFIRM_NAME:
650f726d 2513 err = confirm_name(sk, index, cp, len);
561aafbc 2514 break;
7fbec224 2515 case MGMT_OP_BLOCK_DEVICE:
650f726d 2516 err = block_device(sk, index, cp, len);
7fbec224
AJ		 2517 break;
2518 case MGMT_OP_UNBLOCK_DEVICE:
650f726d 2519 err = unblock_device(sk, index, cp, len);
7fbec224 2520 break;
346af67b
VCG		 2521 case MGMT_OP_LOAD_LONG_TERM_KEYS:
2522 err = load_long_term_keys(sk, index, cp, len);
2523 break;
0381101f
JH		 2524 default:
2525 BT_DBG("Unknown op %u", opcode);
ca69b795
JH		 2526 err = cmd_status(sk, index, opcode,
2527 MGMT_STATUS_UNKNOWN_COMMAND);
0381101f
JH		 2528 break;
2529 }
2530
e41d8b4e
JH		 2531 if (err < 0)
2532 goto done;
2533
0381101f
JH		 2534 err = msglen;
2535
2536done:
2537 kfree(buf);
2538 return err;
2539}
c71e97bf 2540
b24752fe
JH		 2541static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2542{
2543 u8 *status = data;
2544
2545 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2546 mgmt_pending_remove(cmd);
2547}
2548
744cf19e 2549int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2550{
744cf19e 2551 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2552}
2553
744cf19e 2554int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2555{
b24752fe
JH		 2556 u8 status = ENODEV;
2557
744cf19e 2558 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2559
744cf19e 2560 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2561}
2562
73f22f62 2563struct cmd_lookup {
72a734ec 2564 u8 val;
eec8d2bc 2565 struct sock *sk;
69ab39ea 2566 struct hci_dev *hdev;
eec8d2bc
JH		 2567};
2568
69ab39ea 2569static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2570{
73f22f62 2571 struct cmd_lookup *match = data;
eec8d2bc 2572
69ab39ea 2573 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2574
2575 list_del(&cmd->list);
2576
2577 if (match->sk == NULL) {
2578 match->sk = cmd->sk;
2579 sock_hold(match->sk);
2580 }
2581
2582 mgmt_pending_free(cmd);
c71e97bf 2583}
5add6af8 2584
744cf19e 2585int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2586{
69ab39ea
JH		 2587 struct cmd_lookup match = { powered, NULL, hdev };
2588 __le32 ev;
eec8d2bc 2589 int ret;
5add6af8 2590
69ab39ea 2591 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2592
b24752fe
JH		 2593 if (!powered) {
2594 u8 status = ENETDOWN;
744cf19e 2595 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2596 }
2597
69ab39ea 2598 ev = cpu_to_le32(get_current_settings(hdev));
eec8d2bc 2599
69ab39ea
JH		 2600 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2601 match.sk);
eec8d2bc
JH		 2602
2603 if (match.sk)
2604 sock_put(match.sk);
2605
2606 return ret;
5add6af8 2607}
73f22f62 2608
744cf19e 2609int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2610{
69ab39ea
JH		 2611 struct cmd_lookup match = { discoverable, NULL, hdev };
2612 __le32 ev;
73f22f62
JH		 2613 int ret;
2614
69ab39ea 2615 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
72a734ec 2616
69ab39ea 2617 ev = cpu_to_le32(get_current_settings(hdev));
73f22f62 2618
69ab39ea 2619 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
4e51eae9 2620 match.sk);
73f22f62
JH		 2621 if (match.sk)
2622 sock_put(match.sk);
2623
2624 return ret;
2625}
9fbcbb45 2626
744cf19e 2627int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2628{
69ab39ea
JH		 2629 __le32 ev;
2630 struct cmd_lookup match = { connectable, NULL, hdev };
9fbcbb45
JH		 2631 int ret;
2632
69ab39ea
JH		 2633 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2634 &match);
9fbcbb45 2635
69ab39ea 2636 ev = cpu_to_le32(get_current_settings(hdev));
9fbcbb45 2637
69ab39ea 2638 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
9fbcbb45
JH		 2639
2640 if (match.sk)
2641 sock_put(match.sk);
2642
2643 return ret;
2644}
55ed8ca1 2645
744cf19e 2646int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2647{
ca69b795
JH		 2648 u8 mgmt_err = mgmt_status(status);
2649
2d7cee58 2650 if (scan & SCAN_PAGE)
744cf19e 2651 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
ca69b795 2652 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2653
2654 if (scan & SCAN_INQUIRY)
744cf19e 2655 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
ca69b795 2656 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2657
2658 return 0;
2659}
2660
744cf19e
JH		 2661int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2662 u8 persistent)
55ed8ca1 2663{
86742e1e 2664 struct mgmt_ev_new_link_key ev;
55ed8ca1 2665
a492cd52 2666 memset(&ev, 0, sizeof(ev));
55ed8ca1 2667
a492cd52
VCG		 2668 ev.store_hint = persistent;
2669 bacpy(&ev.key.bdaddr, &key->bdaddr);
2670 ev.key.type = key->type;
2671 memcpy(ev.key.val, key->val, 16);
2672 ev.key.pin_len = key->pin_len;
55ed8ca1 2673
744cf19e 2674 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 2675}
f7520543 2676
346af67b
VCG		 2677int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
2678{
2679 struct mgmt_ev_new_long_term_key ev;
2680
2681 memset(&ev, 0, sizeof(ev));
2682
2683 ev.store_hint = persistent;
2684 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
2685 ev.key.addr.type = key->bdaddr_type;
2686 ev.key.authenticated = key->authenticated;
2687 ev.key.enc_size = key->enc_size;
2688 ev.key.ediv = key->ediv;
2689
2690 if (key->type == HCI_SMP_LTK)
2691 ev.key.master = 1;
2692
2693 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
2694 memcpy(ev.key.val, key->val, sizeof(key->val));
2695
2696 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev,
2697 &ev, sizeof(ev), NULL);
2698}
2699
afc747a6 2700int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
b644ba33
JH		 2701 u8 addr_type, u8 *name, u8 name_len,
2702 u8 *dev_class)
f7520543 2703{
b644ba33
JH		 2704 char buf[512];
2705 struct mgmt_ev_device_connected *ev = (void *) buf;
2706 u16 eir_len = 0;
f7520543 2707
b644ba33
JH		 2708 bacpy(&ev->addr.bdaddr, bdaddr);
2709 ev->addr.type = link_to_mgmt(link_type, addr_type);
f7520543 2710
b644ba33
JH		 2711 if (name_len > 0)
2712 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
2713 name, name_len);
2714
2715 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
2716 eir_len = eir_append_data(&ev->eir[eir_len], eir_len,
2717 EIR_CLASS_OF_DEV, dev_class, 3);
2718
2719 put_unaligned_le16(eir_len, &ev->eir_len);
2720
2721 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
2722 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 2723}
2724
8962ee74
JH		 2725static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2726{
c68fb7ff 2727 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 2728 struct sock **sk = data;
a38528f1 2729 struct mgmt_rp_disconnect rp;
8962ee74 2730
88c3df13
JH		 2731 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2732 rp.addr.type = cp->addr.type;
37d9ef76 2733 rp.status = 0;
8962ee74 2734
4e51eae9 2735 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
8962ee74
JH		 2736
2737 *sk = cmd->sk;
2738 sock_hold(*sk);
2739
a664b5bc 2740 mgmt_pending_remove(cmd);
8962ee74
JH		 2741}
2742
124f6e35 2743static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 2744{
b1078ad0 2745 struct hci_dev *hdev = data;
124f6e35
JH		 2746 struct mgmt_cp_unpair_device *cp = cmd->param;
2747 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 2748
2749 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 2750 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
2751 rp.addr.type = cp->addr.type;
a8a1d19e 2752
b1078ad0
JH		 2753 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
2754
2755 cmd_complete(cmd->sk, cmd->index, cmd->opcode, &rp, sizeof(rp));
a8a1d19e
JH		 2756
2757 mgmt_pending_remove(cmd);
2758}
2759
afc747a6
JH		 2760int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
2761 u8 link_type, u8 addr_type)
f7520543 2762{
4c659c39 2763 struct mgmt_addr_info ev;
8962ee74
JH		 2764 struct sock *sk = NULL;
2765 int err;
2766
744cf19e 2767 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 2768
f7520543 2769 bacpy(&ev.bdaddr, bdaddr);
48264f06 2770 ev.type = link_to_mgmt(link_type, addr_type);
f7520543 2771
afc747a6
JH		 2772 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
2773 sk);
8962ee74
JH		 2774
2775 if (sk)
2776 sock_put(sk);
2777
124f6e35 2778 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
b1078ad0 2779 hdev);
a8a1d19e 2780
8962ee74
JH		 2781 return err;
2782}
2783
88c3df13
JH		 2784int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
2785 u8 link_type, u8 addr_type, u8 status)
8962ee74 2786{
88c3df13 2787 struct mgmt_rp_disconnect rp;
8962ee74
JH		 2788 struct pending_cmd *cmd;
2789 int err;
2790
2e58ef3e 2791 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 2792 if (!cmd)
2793 return -ENOENT;
2794
88c3df13
JH		 2795 bacpy(&rp.addr.bdaddr, bdaddr);
2796 rp.addr.type = link_to_mgmt(link_type, addr_type);
2797 rp.status = mgmt_status(status);
37d9ef76 2798
88c3df13 2799 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
37d9ef76 2800 &rp, sizeof(rp));
8962ee74 2801
a664b5bc 2802 mgmt_pending_remove(cmd);
8962ee74 2803
b1078ad0
JH		 2804 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
2805 hdev);
8962ee74 2806 return err;
f7520543 2807}
17d5c04c 2808
48264f06
JH		 2809int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2810 u8 addr_type, u8 status)
17d5c04c
JH		 2811{
2812 struct mgmt_ev_connect_failed ev;
2813
4c659c39 2814 bacpy(&ev.addr.bdaddr, bdaddr);
48264f06 2815 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 2816 ev.status = mgmt_status(status);
17d5c04c 2817
744cf19e 2818 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 2819}
980e1a53 2820
744cf19e 2821int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 2822{
2823 struct mgmt_ev_pin_code_request ev;
2824
980e1a53 2825 bacpy(&ev.bdaddr, bdaddr);
a770bb5a 2826 ev.secure = secure;
980e1a53 2827
744cf19e 2828 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 2829 NULL);
980e1a53
JH		 2830}
2831
744cf19e
JH		 2832int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2833 u8 status)
980e1a53
JH		 2834{
2835 struct pending_cmd *cmd;
ac56fb13 2836 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2837 int err;
2838
2e58ef3e 2839 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 2840 if (!cmd)
2841 return -ENOENT;
2842
ac56fb13 2843 bacpy(&rp.bdaddr, bdaddr);
ca69b795 2844 rp.status = mgmt_status(status);
ac56fb13 2845
744cf19e 2846 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
4e51eae9 2847 sizeof(rp));
980e1a53 2848
a664b5bc 2849 mgmt_pending_remove(cmd);
980e1a53
JH		 2850
2851 return err;
2852}
2853
744cf19e
JH		 2854int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2855 u8 status)
980e1a53
JH		 2856{
2857 struct pending_cmd *cmd;
ac56fb13 2858 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2859 int err;
2860
2e58ef3e 2861 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 2862 if (!cmd)
2863 return -ENOENT;
2864
ac56fb13 2865 bacpy(&rp.bdaddr, bdaddr);
ca69b795 2866 rp.status = mgmt_status(status);
ac56fb13 2867
744cf19e 2868 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
4e51eae9 2869 sizeof(rp));
980e1a53 2870
a664b5bc 2871 mgmt_pending_remove(cmd);
980e1a53
JH		 2872
2873 return err;
2874}
a5c29683 2875
744cf19e 2876int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 2877 u8 link_type, u8 addr_type, __le32 value,
2878 u8 confirm_hint)
a5c29683
JH		 2879{
2880 struct mgmt_ev_user_confirm_request ev;
2881
744cf19e 2882 BT_DBG("%s", hdev->name);
a5c29683 2883
272d90df
JH		 2884 bacpy(&ev.addr.bdaddr, bdaddr);
2885 ev.addr.type = link_to_mgmt(link_type, addr_type);
55bc1a37 2886 ev.confirm_hint = confirm_hint;
a5c29683
JH		 2887 put_unaligned_le32(value, &ev.value);
2888
744cf19e 2889 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
4e51eae9 2890 NULL);
a5c29683
JH		 2891}
2892
272d90df
JH		 2893int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2894 u8 link_type, u8 addr_type)
604086b7
BG		 2895{
2896 struct mgmt_ev_user_passkey_request ev;
2897
2898 BT_DBG("%s", hdev->name);
2899
272d90df
JH		 2900 bacpy(&ev.addr.bdaddr, bdaddr);
2901 ev.addr.type = link_to_mgmt(link_type, addr_type);
604086b7
BG		 2902
2903 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
2904 NULL);
2905}
2906
0df4c185 2907static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df
JH		 2908 u8 link_type, u8 addr_type, u8 status,
2909 u8 opcode)
a5c29683
JH		 2910{
2911 struct pending_cmd *cmd;
2912 struct mgmt_rp_user_confirm_reply rp;
2913 int err;
2914
2e58ef3e 2915 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 2916 if (!cmd)
2917 return -ENOENT;
2918
272d90df
JH		 2919 bacpy(&rp.addr.bdaddr, bdaddr);
2920 rp.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 2921 rp.status = mgmt_status(status);
744cf19e 2922 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
a5c29683 2923
a664b5bc 2924 mgmt_pending_remove(cmd);
a5c29683
JH		 2925
2926 return err;
2927}
2928
744cf19e 2929int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 2930 u8 link_type, u8 addr_type, u8 status)
a5c29683 2931{
272d90df
JH		 2932 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
2933 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 2934}
2935
272d90df
JH		 2936int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2937 u8 link_type, u8 addr_type, u8 status)
a5c29683 2938{
272d90df
JH		 2939 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
2940 status, MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 2941}
2a611692 2942
604086b7 2943int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
272d90df 2944 u8 link_type, u8 addr_type, u8 status)
604086b7 2945{
272d90df
JH		 2946 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
2947 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 2948}
2949
272d90df
JH		 2950int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2951 u8 link_type, u8 addr_type, u8 status)
604086b7 2952{
272d90df
JH		 2953 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
2954 status, MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 2955}
2956
bab73cb6
JH		 2957int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2958 u8 addr_type, u8 status)
2a611692
JH		 2959{
2960 struct mgmt_ev_auth_failed ev;
2961
bab73cb6
JH		 2962 bacpy(&ev.addr.bdaddr, bdaddr);
2963 ev.addr.type = link_to_mgmt(link_type, addr_type);
ca69b795 2964 ev.status = mgmt_status(status);
2a611692 2965
744cf19e 2966 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 2967}
b312b161 2968
744cf19e 2969int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 2970{
2971 struct pending_cmd *cmd;
2972 struct mgmt_cp_set_local_name ev;
2973 int err;
2974
2975 memset(&ev, 0, sizeof(ev));
2976 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2977
2e58ef3e 2978 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 2979 if (!cmd)
2980 goto send_event;
2981
2982 if (status) {
744cf19e 2983 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
ca69b795 2984 mgmt_status(status));
b312b161
JH		 2985 goto failed;
2986 }
2987
744cf19e 2988 update_eir(hdev);
80a1e1db 2989
744cf19e 2990 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
b312b161
JH		 2991 sizeof(ev));
2992 if (err < 0)
2993 goto failed;
2994
2995send_event:
744cf19e 2996 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
b312b161
JH		 2997 cmd ? cmd->sk : NULL);
2998
2999failed:
3000 if (cmd)
3001 mgmt_pending_remove(cmd);
3002 return err;
3003}
c35938b2 3004
744cf19e
JH		 3005int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
3006 u8 *randomizer, u8 status)
c35938b2
SJ		 3007{
3008 struct pending_cmd *cmd;
3009 int err;
3010
744cf19e 3011 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3012
2e58ef3e 3013 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3014 if (!cmd)
3015 return -ENOENT;
3016
3017 if (status) {
744cf19e 3018 err = cmd_status(cmd->sk, hdev->id,
ca69b795
JH		 3019 MGMT_OP_READ_LOCAL_OOB_DATA,
3020 mgmt_status(status));
c35938b2
SJ		 3021 } else {
3022 struct mgmt_rp_read_local_oob_data rp;
3023
3024 memcpy(rp.hash, hash, sizeof(rp.hash));
3025 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3026
744cf19e
JH		 3027 err = cmd_complete(cmd->sk, hdev->id,
3028 MGMT_OP_READ_LOCAL_OOB_DATA,
3029 &rp, sizeof(rp));
c35938b2
SJ		 3030 }
3031
3032 mgmt_pending_remove(cmd);
3033
3034 return err;
3035}
e17acd40 3036
48264f06 3037int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
561aafbc 3038 u8 addr_type, u8 *dev_class, s8 rssi,
e319d2e7 3039 u8 cfm_name, u8 *eir, u16 eir_len)
e17acd40 3040{
e319d2e7
JH		 3041 char buf[512];
3042 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3043 size_t ev_size;
e17acd40 3044
1dc06093
JH		 3045 /* Leave 5 bytes for a potential CoD field */
3046 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3047 return -EINVAL;
3048
1dc06093
JH		 3049 memset(buf, 0, sizeof(buf));
3050
e319d2e7
JH		 3051 bacpy(&ev->addr.bdaddr, bdaddr);
3052 ev->addr.type = link_to_mgmt(link_type, addr_type);
3053 ev->rssi = rssi;
3054 ev->confirm_name = cfm_name;
e17acd40 3055
1dc06093 3056 if (eir_len > 0)
e319d2e7 3057 memcpy(ev->eir, eir, eir_len);
e17acd40 3058
1dc06093
JH		 3059 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3060 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
3061 dev_class, 3);
3062
3063 put_unaligned_le16(eir_len, &ev->eir_len);
3064
3065 ev_size = sizeof(*ev) + eir_len;
f8523598 3066
e319d2e7 3067 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3068}
a88a9652 3069
b644ba33
JH		 3070int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3071 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3072{
b644ba33
JH		 3073 struct mgmt_ev_device_found *ev;
3074 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3075 u16 eir_len;
a88a9652 3076
b644ba33 3077 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3078
b644ba33
JH		 3079 memset(buf, 0, sizeof(buf));
3080
3081 bacpy(&ev->addr.bdaddr, bdaddr);
3082 ev->addr.type = link_to_mgmt(link_type, addr_type);
3083 ev->rssi = rssi;
3084
3085 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
3086 name_len);
3087
3088 put_unaligned_le16(eir_len, &ev->eir_len);
a88a9652 3089
053c7e0c
JH		 3090 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
3091 sizeof(*ev) + eir_len, NULL);
a88a9652 3092}
314b2381 3093
7a135109 3094int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3095{
3096 struct pending_cmd *cmd;
3097 int err;
3098
203159d4
AG		 3099 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3100
2e58ef3e 3101 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3102 if (!cmd)
3103 return -ENOENT;
3104
ca69b795 3105 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
164a6e78
JH		 3106 mgmt_pending_remove(cmd);
3107
3108 return err;
3109}
3110
e6d465cb
AG		 3111int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3112{
3113 struct pending_cmd *cmd;
3114 int err;
3115
3116 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3117 if (!cmd)
3118 return -ENOENT;
3119
e75a8b0c 3120 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
164a6e78
JH		 3121 mgmt_pending_remove(cmd);
3122
3123 return err;
3124}
3125
744cf19e 3126int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3127{
164a6e78
JH		 3128 struct pending_cmd *cmd;
3129
343fb145
AG		 3130 BT_DBG("%s discovering %u", hdev->name, discovering);
3131
164a6e78 3132 if (discovering)
2e58ef3e 3133 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3134 else
2e58ef3e 3135 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3136
3137 if (cmd != NULL) {
744cf19e 3138 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
164a6e78
JH		 3139 mgmt_pending_remove(cmd);
3140 }
3141
744cf19e 3142 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
314b2381
JH		 3143 sizeof(discovering), NULL);
3144}
5e762444 3145
88c1fe4b 3146int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3147{
3148 struct pending_cmd *cmd;
3149 struct mgmt_ev_device_blocked ev;
3150
2e58ef3e 3151 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3152
88c1fe4b
JH		 3153 bacpy(&ev.addr.bdaddr, bdaddr);
3154 ev.addr.type = type;
5e762444 3155
744cf19e
JH		 3156 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
3157 cmd ? cmd->sk : NULL);
5e762444
AJ		 3158}
3159
88c1fe4b 3160int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3161{
3162 struct pending_cmd *cmd;
3163 struct mgmt_ev_device_unblocked ev;
3164
2e58ef3e 3165 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3166
88c1fe4b
JH		 3167 bacpy(&ev.addr.bdaddr, bdaddr);
3168 ev.addr.type = type;
5e762444 3169
744cf19e
JH		 3170 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
3171 cmd ? cmd->sk : NULL);
5e762444 3172}
ubuntu-zesty-kernel mirror