]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - net/bluetooth/mgmt.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Update link key mgmt APIs to match latest spec.
[mirror_ubuntu-artful-kernel.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23/* Bluetooth HCI Management interface */
24
72359753 25#include <linux/uaccess.h>
0381101f
JH		 26#include <asm/unaligned.h>
27
28#include <net/bluetooth/bluetooth.h>
29#include <net/bluetooth/hci_core.h>
30#include <net/bluetooth/mgmt.h>
31
02d98129
JH		 32#define MGMT_VERSION 0
33#define MGMT_REVISION 1
34
2519a1fc
AG		 35#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
36
eec8d2bc
JH		 37struct pending_cmd {
38 struct list_head list;
39 __u16 opcode;
40 int index;
c68fb7ff 41 void *param;
eec8d2bc 42 struct sock *sk;
e9a416b5 43 void *user_data;
eec8d2bc
JH		 44};
45
b5ad8b7f 46static LIST_HEAD(cmd_list);
eec8d2bc 47
4e51eae9 48static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 49{
50 struct sk_buff *skb;
51 struct mgmt_hdr *hdr;
52 struct mgmt_ev_cmd_status *ev;
56b7d137 53 int err;
f7b64e69 54
34eb525c 55 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69
JH		 56
57 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
58 if (!skb)
59 return -ENOMEM;
60
61 hdr = (void *) skb_put(skb, sizeof(*hdr));
62
63 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 64 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 65 hdr->len = cpu_to_le16(sizeof(*ev));
66
67 ev = (void *) skb_put(skb, sizeof(*ev));
68 ev->status = status;
69 put_unaligned_le16(cmd, &ev->opcode);
70
56b7d137
GP		 71 err = sock_queue_rcv_skb(sk, skb);
72 if (err < 0)
f7b64e69
JH		 73 kfree_skb(skb);
74
56b7d137 75 return err;
f7b64e69
JH		 76}
77
4e51eae9
SJ		 78static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
79 size_t rp_len)
02d98129
JH		 80{
81 struct sk_buff *skb;
82 struct mgmt_hdr *hdr;
83 struct mgmt_ev_cmd_complete *ev;
56b7d137 84 int err;
02d98129
JH		 85
86 BT_DBG("sock %p", sk);
87
a38528f1 88 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
02d98129
JH		 89 if (!skb)
90 return -ENOMEM;
91
92 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 93
a38528f1 94 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 95 hdr->index = cpu_to_le16(index);
a38528f1 96 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 97
a38528f1
JH		 98 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
99 put_unaligned_le16(cmd, &ev->opcode);
8020c16a
SJ		 100
101 if (rp)
102 memcpy(ev->data, rp, rp_len);
02d98129 103
56b7d137
GP		 104 err = sock_queue_rcv_skb(sk, skb);
105 if (err < 0)
02d98129
JH		 106 kfree_skb(skb);
107
56b7d137 108 return err;;
02d98129
JH		 109}
110
a38528f1
JH		 111static int read_version(struct sock *sk)
112{
113 struct mgmt_rp_read_version rp;
114
115 BT_DBG("sock %p", sk);
116
117 rp.version = MGMT_VERSION;
118 put_unaligned_le16(MGMT_REVISION, &rp.revision);
119
4e51eae9
SJ		 120 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
121 sizeof(rp));
a38528f1
JH		 122}
123
faba42eb
JH		 124static int read_index_list(struct sock *sk)
125{
faba42eb
JH		 126 struct mgmt_rp_read_index_list *rp;
127 struct list_head *p;
8035ded4 128 struct hci_dev *d;
a38528f1 129 size_t rp_len;
faba42eb 130 u16 count;
a38528f1 131 int i, err;
faba42eb
JH		 132
133 BT_DBG("sock %p", sk);
134
135 read_lock(&hci_dev_list_lock);
136
137 count = 0;
138 list_for_each(p, &hci_dev_list) {
139 count++;
140 }
141
a38528f1
JH		 142 rp_len = sizeof(*rp) + (2 * count);
143 rp = kmalloc(rp_len, GFP_ATOMIC);
144 if (!rp) {
b2c60d42 145 read_unlock(&hci_dev_list_lock);
faba42eb 146 return -ENOMEM;
b2c60d42 147 }
faba42eb 148
faba42eb
JH		 149 put_unaligned_le16(count, &rp->num_controllers);
150
151 i = 0;
8035ded4 152 list_for_each_entry(d, &hci_dev_list, list) {
3243553f
JH		 153 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
154 cancel_delayed_work_sync(&d->power_off);
ab81cbf9
JH		 155
156 if (test_bit(HCI_SETUP, &d->flags))
157 continue;
158
faba42eb
JH		 159 put_unaligned_le16(d->id, &rp->index[i++]);
160 BT_DBG("Added hci%u", d->id);
161 }
162
163 read_unlock(&hci_dev_list_lock);
164
4e51eae9
SJ		 165 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
166 rp_len);
faba42eb 167
a38528f1
JH		 168 kfree(rp);
169
170 return err;
faba42eb
JH		 171}
172
4e51eae9 173static int read_controller_info(struct sock *sk, u16 index)
0381101f 174{
a38528f1 175 struct mgmt_rp_read_info rp;
f7b64e69 176 struct hci_dev *hdev;
0381101f 177
4e51eae9 178 BT_DBG("sock %p hci%u", sk, index);
f7b64e69 179
4e51eae9 180 hdev = hci_dev_get(index);
a38528f1 181 if (!hdev)
4e51eae9 182 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
f7b64e69 183
3243553f
JH		 184 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
185 cancel_delayed_work_sync(&hdev->power_off);
ab81cbf9 186
8c156c32 187 hci_dev_lock_bh(hdev);
f7b64e69 188
ebc99feb
JH		 189 set_bit(HCI_MGMT, &hdev->flags);
190
dc4fe30b
JH		 191 memset(&rp, 0, sizeof(rp));
192
a38528f1 193 rp.type = hdev->dev_type;
f7b64e69 194
a38528f1
JH		 195 rp.powered = test_bit(HCI_UP, &hdev->flags);
196 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
197 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
198 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
f7b64e69
JH		 199
200 if (test_bit(HCI_AUTH, &hdev->flags))
a38528f1 201 rp.sec_mode = 3;
f7b64e69 202 else if (hdev->ssp_mode > 0)
a38528f1 203 rp.sec_mode = 4;
f7b64e69 204 else
a38528f1 205 rp.sec_mode = 2;
f7b64e69 206
a38528f1
JH		 207 bacpy(&rp.bdaddr, &hdev->bdaddr);
208 memcpy(rp.features, hdev->features, 8);
209 memcpy(rp.dev_class, hdev->dev_class, 3);
210 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
211 rp.hci_ver = hdev->hci_ver;
212 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
f7b64e69 213
dc4fe30b
JH		 214 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
215
8c156c32 216 hci_dev_unlock_bh(hdev);
f7b64e69 217 hci_dev_put(hdev);
0381101f 218
4e51eae9 219 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
0381101f
JH		 220}
221
eec8d2bc
JH		 222static void mgmt_pending_free(struct pending_cmd *cmd)
223{
224 sock_put(cmd->sk);
c68fb7ff 225 kfree(cmd->param);
eec8d2bc
JH		 226 kfree(cmd);
227}
228
366a0336
JH		 229static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
230 u16 index, void *data, u16 len)
eec8d2bc
JH		 231{
232 struct pending_cmd *cmd;
233
234 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
235 if (!cmd)
366a0336 236 return NULL;
eec8d2bc
JH		 237
238 cmd->opcode = opcode;
239 cmd->index = index;
240
c68fb7ff
SJ		 241 cmd->param = kmalloc(len, GFP_ATOMIC);
242 if (!cmd->param) {
eec8d2bc 243 kfree(cmd);
366a0336 244 return NULL;
eec8d2bc
JH		 245 }
246
8fce6357
SJ		 247 if (data)
248 memcpy(cmd->param, data, len);
eec8d2bc
JH		 249
250 cmd->sk = sk;
251 sock_hold(sk);
252
253 list_add(&cmd->list, &cmd_list);
254
366a0336 255 return cmd;
eec8d2bc
JH		 256}
257
258static void mgmt_pending_foreach(u16 opcode, int index,
259 void (*cb)(struct pending_cmd *cmd, void *data),
260 void *data)
261{
262 struct list_head *p, *n;
263
264 list_for_each_safe(p, n, &cmd_list) {
265 struct pending_cmd *cmd;
266
267 cmd = list_entry(p, struct pending_cmd, list);
268
b24752fe 269 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 270 continue;
271
272 if (index >= 0 && cmd->index != index)
273 continue;
274
275 cb(cmd, data);
276 }
277}
278
279static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
280{
8035ded4 281 struct pending_cmd *cmd;
eec8d2bc 282
8035ded4 283 list_for_each_entry(cmd, &cmd_list, list) {
eec8d2bc
JH		 284 if (cmd->opcode != opcode)
285 continue;
286
287 if (index >= 0 && cmd->index != index)
288 continue;
289
290 return cmd;
291 }
292
293 return NULL;
294}
295
a664b5bc 296static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 297{
73f22f62
JH		 298 list_del(&cmd->list);
299 mgmt_pending_free(cmd);
300}
301
4e51eae9 302static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
eec8d2bc 303{
72a734ec 304 struct mgmt_mode *cp;
eec8d2bc 305 struct hci_dev *hdev;
366a0336 306 struct pending_cmd *cmd;
366a0336 307 int err, up;
eec8d2bc
JH		 308
309 cp = (void *) data;
eec8d2bc 310
4e51eae9 311 BT_DBG("request for hci%u", index);
eec8d2bc 312
bdce7baf
SJ		 313 if (len != sizeof(*cp))
314 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
315
4e51eae9 316 hdev = hci_dev_get(index);
eec8d2bc 317 if (!hdev)
4e51eae9 318 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
eec8d2bc 319
8c156c32 320 hci_dev_lock_bh(hdev);
eec8d2bc
JH		 321
322 up = test_bit(HCI_UP, &hdev->flags);
72a734ec 323 if ((cp->val && up) || (!cp->val && !up)) {
4e51eae9 324 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
eec8d2bc
JH		 325 goto failed;
326 }
327
4e51eae9
SJ		 328 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
329 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
eec8d2bc
JH		 330 goto failed;
331 }
332
4e51eae9 333 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
366a0336
JH		 334 if (!cmd) {
335 err = -ENOMEM;
eec8d2bc 336 goto failed;
366a0336 337 }
eec8d2bc 338
72a734ec 339 if (cp->val)
eec8d2bc
JH		 340 queue_work(hdev->workqueue, &hdev->power_on);
341 else
3243553f 342 queue_work(hdev->workqueue, &hdev->power_off.work);
eec8d2bc 343
366a0336 344 err = 0;
eec8d2bc
JH		 345
346failed:
8c156c32 347 hci_dev_unlock_bh(hdev);
eec8d2bc 348 hci_dev_put(hdev);
366a0336 349 return err;
eec8d2bc
JH		 350}
351
4e51eae9
SJ		 352static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
353 u16 len)
73f22f62 354{
16ab91ab 355 struct mgmt_cp_set_discoverable *cp;
73f22f62 356 struct hci_dev *hdev;
366a0336 357 struct pending_cmd *cmd;
73f22f62
JH		 358 u8 scan;
359 int err;
360
361 cp = (void *) data;
73f22f62 362
4e51eae9 363 BT_DBG("request for hci%u", index);
73f22f62 364
bdce7baf
SJ		 365 if (len != sizeof(*cp))
366 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
367
4e51eae9 368 hdev = hci_dev_get(index);
73f22f62 369 if (!hdev)
4e51eae9 370 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
73f22f62 371
8c156c32 372 hci_dev_lock_bh(hdev);
73f22f62
JH		 373
374 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 375 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
73f22f62
JH		 376 goto failed;
377 }
378
4e51eae9
SJ		 379 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
380 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
381 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
73f22f62
JH		 382 goto failed;
383 }
384
72a734ec 385 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
73f22f62 386 test_bit(HCI_PSCAN, &hdev->flags)) {
4e51eae9 387 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
73f22f62
JH		 388 goto failed;
389 }
390
4e51eae9 391 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
366a0336
JH		 392 if (!cmd) {
393 err = -ENOMEM;
73f22f62 394 goto failed;
366a0336 395 }
73f22f62
JH		 396
397 scan = SCAN_PAGE;
398
72a734ec 399 if (cp->val)
73f22f62 400 scan |= SCAN_INQUIRY;
16ab91ab
JH		 401 else
402 cancel_delayed_work_sync(&hdev->discov_off);
73f22f62
JH		 403
404 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
405 if (err < 0)
a664b5bc 406 mgmt_pending_remove(cmd);
73f22f62 407
16ab91ab
JH		 408 if (cp->val)
409 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
410
73f22f62 411failed:
8c156c32 412 hci_dev_unlock_bh(hdev);
73f22f62
JH		 413 hci_dev_put(hdev);
414
415 return err;
416}
417
4e51eae9
SJ		 418static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
419 u16 len)
9fbcbb45 420{
72a734ec 421 struct mgmt_mode *cp;
9fbcbb45 422 struct hci_dev *hdev;
366a0336 423 struct pending_cmd *cmd;
9fbcbb45
JH		 424 u8 scan;
425 int err;
426
427 cp = (void *) data;
9fbcbb45 428
4e51eae9 429 BT_DBG("request for hci%u", index);
9fbcbb45 430
bdce7baf
SJ		 431 if (len != sizeof(*cp))
432 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
433
4e51eae9 434 hdev = hci_dev_get(index);
9fbcbb45 435 if (!hdev)
4e51eae9 436 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
9fbcbb45 437
8c156c32 438 hci_dev_lock_bh(hdev);
9fbcbb45
JH		 439
440 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 441 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
9fbcbb45
JH		 442 goto failed;
443 }
444
4e51eae9
SJ		 445 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
446 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
447 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
9fbcbb45
JH		 448 goto failed;
449 }
450
72a734ec 451 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
4e51eae9 452 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
9fbcbb45
JH		 453 goto failed;
454 }
455
4e51eae9 456 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
366a0336
JH		 457 if (!cmd) {
458 err = -ENOMEM;
9fbcbb45 459 goto failed;
366a0336 460 }
9fbcbb45 461
72a734ec 462 if (cp->val)
9fbcbb45
JH		 463 scan = SCAN_PAGE;
464 else
465 scan = 0;
466
467 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
468 if (err < 0)
a664b5bc 469 mgmt_pending_remove(cmd);
9fbcbb45
JH		 470
471failed:
8c156c32 472 hci_dev_unlock_bh(hdev);
9fbcbb45
JH		 473 hci_dev_put(hdev);
474
475 return err;
476}
477
4e51eae9
SJ		 478static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
479 struct sock *skip_sk)
c542a06c
JH		 480{
481 struct sk_buff *skb;
482 struct mgmt_hdr *hdr;
483
484 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
485 if (!skb)
486 return -ENOMEM;
487
488 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
489
490 hdr = (void *) skb_put(skb, sizeof(*hdr));
491 hdr->opcode = cpu_to_le16(event);
4e51eae9 492 hdr->index = cpu_to_le16(index);
c542a06c
JH		 493 hdr->len = cpu_to_le16(data_len);
494
4e51eae9
SJ		 495 if (data)
496 memcpy(skb_put(skb, data_len), data, data_len);
c542a06c
JH		 497
498 hci_send_to_sock(NULL, skb, skip_sk);
499 kfree_skb(skb);
500
501 return 0;
502}
503
053f0211
JH		 504static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
505{
a38528f1 506 struct mgmt_mode rp;
053f0211 507
a38528f1 508 rp.val = val;
053f0211 509
4e51eae9 510 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
053f0211
JH		 511}
512
4e51eae9
SJ		 513static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
514 u16 len)
c542a06c
JH		 515{
516 struct mgmt_mode *cp, ev;
517 struct hci_dev *hdev;
c542a06c
JH		 518 int err;
519
520 cp = (void *) data;
c542a06c 521
4e51eae9 522 BT_DBG("request for hci%u", index);
c542a06c 523
bdce7baf
SJ		 524 if (len != sizeof(*cp))
525 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
526
4e51eae9 527 hdev = hci_dev_get(index);
c542a06c 528 if (!hdev)
4e51eae9 529 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
c542a06c 530
8c156c32 531 hci_dev_lock_bh(hdev);
c542a06c
JH		 532
533 if (cp->val)
534 set_bit(HCI_PAIRABLE, &hdev->flags);
535 else
536 clear_bit(HCI_PAIRABLE, &hdev->flags);
537
4e51eae9 538 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
c542a06c
JH		 539 if (err < 0)
540 goto failed;
541
c542a06c
JH		 542 ev.val = cp->val;
543
4e51eae9 544 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
c542a06c
JH		 545
546failed:
8c156c32 547 hci_dev_unlock_bh(hdev);
c542a06c
JH		 548 hci_dev_put(hdev);
549
550 return err;
551}
552
80a1e1db
JH		 553#define EIR_FLAGS 0x01 /* flags */
554#define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
555#define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
556#define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
557#define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
558#define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
559#define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
560#define EIR_NAME_SHORT 0x08 /* shortened local name */
561#define EIR_NAME_COMPLETE 0x09 /* complete local name */
562#define EIR_TX_POWER 0x0A /* transmit power level */
563#define EIR_DEVICE_ID 0x10 /* device ID */
564
565#define PNP_INFO_SVCLASS_ID 0x1200
566
567static u8 bluetooth_base_uuid[] = {
568 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
569 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
570};
571
572static u16 get_uuid16(u8 *uuid128)
573{
574 u32 val;
575 int i;
576
577 for (i = 0; i < 12; i++) {
578 if (bluetooth_base_uuid[i] != uuid128[i])
579 return 0;
580 }
581
582 memcpy(&val, &uuid128[12], 4);
583
584 val = le32_to_cpu(val);
585 if (val > 0xffff)
586 return 0;
587
588 return (u16) val;
589}
590
591static void create_eir(struct hci_dev *hdev, u8 *data)
592{
593 u8 *ptr = data;
594 u16 eir_len = 0;
595 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
596 int i, truncated = 0;
8035ded4 597 struct bt_uuid *uuid;
80a1e1db
JH		 598 size_t name_len;
599
600 name_len = strlen(hdev->dev_name);
601
602 if (name_len > 0) {
603 /* EIR Data type */
604 if (name_len > 48) {
605 name_len = 48;
606 ptr[1] = EIR_NAME_SHORT;
607 } else
608 ptr[1] = EIR_NAME_COMPLETE;
609
610 /* EIR Data length */
611 ptr[0] = name_len + 1;
612
613 memcpy(ptr + 2, hdev->dev_name, name_len);
614
615 eir_len += (name_len + 2);
616 ptr += (name_len + 2);
617 }
618
619 memset(uuid16_list, 0, sizeof(uuid16_list));
620
621 /* Group all UUID16 types */
8035ded4 622 list_for_each_entry(uuid, &hdev->uuids, list) {
80a1e1db
JH		 623 u16 uuid16;
624
625 uuid16 = get_uuid16(uuid->uuid);
626 if (uuid16 == 0)
627 return;
628
629 if (uuid16 < 0x1100)
630 continue;
631
632 if (uuid16 == PNP_INFO_SVCLASS_ID)
633 continue;
634
635 /* Stop if not enough space to put next UUID */
636 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
637 truncated = 1;
638 break;
639 }
640
641 /* Check for duplicates */
642 for (i = 0; uuid16_list[i] != 0; i++)
643 if (uuid16_list[i] == uuid16)
644 break;
645
646 if (uuid16_list[i] == 0) {
647 uuid16_list[i] = uuid16;
648 eir_len += sizeof(u16);
649 }
650 }
651
652 if (uuid16_list[0] != 0) {
653 u8 *length = ptr;
654
655 /* EIR Data type */
656 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
657
658 ptr += 2;
659 eir_len += 2;
660
661 for (i = 0; uuid16_list[i] != 0; i++) {
662 *ptr++ = (uuid16_list[i] & 0x00ff);
663 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
664 }
665
666 /* EIR Data length */
667 *length = (i * sizeof(u16)) + 1;
668 }
669}
670
671static int update_eir(struct hci_dev *hdev)
672{
673 struct hci_cp_write_eir cp;
674
675 if (!(hdev->features[6] & LMP_EXT_INQ))
676 return 0;
677
678 if (hdev->ssp_mode == 0)
679 return 0;
680
681 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
682 return 0;
683
684 memset(&cp, 0, sizeof(cp));
685
686 create_eir(hdev, cp.data);
687
688 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
689 return 0;
690
691 memcpy(hdev->eir, cp.data, sizeof(cp.data));
692
693 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
694}
695
1aff6f09
JH		 696static u8 get_service_classes(struct hci_dev *hdev)
697{
12dc0743 698 struct bt_uuid *uuid;
1aff6f09
JH		 699 u8 val = 0;
700
12dc0743 701 list_for_each_entry(uuid, &hdev->uuids, list)
1aff6f09 702 val |= uuid->svc_hint;
1aff6f09
JH		 703
704 return val;
705}
706
707static int update_class(struct hci_dev *hdev)
708{
709 u8 cod[3];
710
711 BT_DBG("%s", hdev->name);
712
713 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
714 return 0;
715
716 cod[0] = hdev->minor_class;
717 cod[1] = hdev->major_class;
718 cod[2] = get_service_classes(hdev);
719
720 if (memcmp(cod, hdev->dev_class, 3) == 0)
721 return 0;
722
723 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
724}
725
4e51eae9 726static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 727{
728 struct mgmt_cp_add_uuid *cp;
729 struct hci_dev *hdev;
730 struct bt_uuid *uuid;
2aeb9a1a
JH		 731 int err;
732
733 cp = (void *) data;
2aeb9a1a 734
4e51eae9 735 BT_DBG("request for hci%u", index);
2aeb9a1a 736
bdce7baf
SJ		 737 if (len != sizeof(*cp))
738 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
739
4e51eae9 740 hdev = hci_dev_get(index);
2aeb9a1a 741 if (!hdev)
4e51eae9 742 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
2aeb9a1a 743
8c156c32 744 hci_dev_lock_bh(hdev);
2aeb9a1a
JH		 745
746 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
747 if (!uuid) {
748 err = -ENOMEM;
749 goto failed;
750 }
751
752 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 753 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 754
755 list_add(&uuid->list, &hdev->uuids);
756
1aff6f09
JH		 757 err = update_class(hdev);
758 if (err < 0)
759 goto failed;
760
80a1e1db
JH		 761 err = update_eir(hdev);
762 if (err < 0)
763 goto failed;
764
4e51eae9 765 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
2aeb9a1a
JH		 766
767failed:
8c156c32 768 hci_dev_unlock_bh(hdev);
2aeb9a1a
JH		 769 hci_dev_put(hdev);
770
771 return err;
772}
773
4e51eae9 774static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
2aeb9a1a
JH		 775{
776 struct list_head *p, *n;
779cb850 777 struct mgmt_cp_remove_uuid *cp;
2aeb9a1a
JH		 778 struct hci_dev *hdev;
779 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 780 int err, found;
781
782 cp = (void *) data;
2aeb9a1a 783
4e51eae9 784 BT_DBG("request for hci%u", index);
2aeb9a1a 785
bdce7baf
SJ		 786 if (len != sizeof(*cp))
787 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
788
4e51eae9 789 hdev = hci_dev_get(index);
2aeb9a1a 790 if (!hdev)
4e51eae9 791 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
2aeb9a1a 792
8c156c32 793 hci_dev_lock_bh(hdev);
2aeb9a1a
JH		 794
795 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
796 err = hci_uuids_clear(hdev);
797 goto unlock;
798 }
799
800 found = 0;
801
802 list_for_each_safe(p, n, &hdev->uuids) {
803 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
804
805 if (memcmp(match->uuid, cp->uuid, 16) != 0)
806 continue;
807
808 list_del(&match->list);
809 found++;
810 }
811
812 if (found == 0) {
4e51eae9 813 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
2aeb9a1a
JH		 814 goto unlock;
815 }
816
1aff6f09
JH		 817 err = update_class(hdev);
818 if (err < 0)
819 goto unlock;
820
80a1e1db
JH		 821 err = update_eir(hdev);
822 if (err < 0)
823 goto unlock;
824
4e51eae9 825 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
2aeb9a1a
JH		 826
827unlock:
8c156c32 828 hci_dev_unlock_bh(hdev);
2aeb9a1a
JH		 829 hci_dev_put(hdev);
830
831 return err;
832}
833
4e51eae9
SJ		 834static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
835 u16 len)
1aff6f09
JH		 836{
837 struct hci_dev *hdev;
838 struct mgmt_cp_set_dev_class *cp;
1aff6f09
JH		 839 int err;
840
841 cp = (void *) data;
1aff6f09 842
4e51eae9 843 BT_DBG("request for hci%u", index);
1aff6f09 844
bdce7baf
SJ		 845 if (len != sizeof(*cp))
846 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
847
4e51eae9 848 hdev = hci_dev_get(index);
1aff6f09 849 if (!hdev)
4e51eae9 850 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
1aff6f09 851
8c156c32 852 hci_dev_lock_bh(hdev);
1aff6f09
JH		 853
854 hdev->major_class = cp->major;
855 hdev->minor_class = cp->minor;
856
857 err = update_class(hdev);
858
859 if (err == 0)
4e51eae9 860 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1aff6f09 861
8c156c32 862 hci_dev_unlock_bh(hdev);
1aff6f09
JH		 863 hci_dev_put(hdev);
864
865 return err;
866}
867
4e51eae9
SJ		 868static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
869 u16 len)
1aff6f09
JH		 870{
871 struct hci_dev *hdev;
872 struct mgmt_cp_set_service_cache *cp;
1aff6f09
JH		 873 int err;
874
875 cp = (void *) data;
1aff6f09 876
bdce7baf 877 if (len != sizeof(*cp))
b8534e0f 878 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
bdce7baf 879
4e51eae9 880 hdev = hci_dev_get(index);
1aff6f09 881 if (!hdev)
4e51eae9 882 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
1aff6f09 883
8c156c32 884 hci_dev_lock_bh(hdev);
1aff6f09 885
4e51eae9 886 BT_DBG("hci%u enable %d", index, cp->enable);
1aff6f09
JH		 887
888 if (cp->enable) {
889 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
890 err = 0;
891 } else {
892 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
893 err = update_class(hdev);
80a1e1db
JH		 894 if (err == 0)
895 err = update_eir(hdev);
1aff6f09
JH		 896 }
897
898 if (err == 0)
4e51eae9
SJ		 899 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
900 0);
e5b82e58
GP		 901 else
902 cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, -err);
903
1aff6f09 904
8c156c32 905 hci_dev_unlock_bh(hdev);
1aff6f09
JH		 906 hci_dev_put(hdev);
907
908 return err;
909}
910
86742e1e
JH		 911static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
912 u16 len)
55ed8ca1
JH		 913{
914 struct hci_dev *hdev;
86742e1e 915 struct mgmt_cp_load_link_keys *cp;
4e51eae9 916 u16 key_count, expected_len;
a492cd52 917 int i;
55ed8ca1
JH		 918
919 cp = (void *) data;
bdce7baf
SJ		 920
921 if (len < sizeof(*cp))
86742e1e 922 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, EINVAL);
bdce7baf 923
55ed8ca1
JH		 924 key_count = get_unaligned_le16(&cp->key_count);
925
86742e1e
JH		 926 expected_len = sizeof(*cp) + key_count *
927 sizeof(struct mgmt_link_key_info);
a492cd52 928 if (expected_len != len) {
86742e1e 929 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
a492cd52 930 len, expected_len);
86742e1e 931 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, EINVAL);
55ed8ca1
JH		 932 }
933
4e51eae9 934 hdev = hci_dev_get(index);
55ed8ca1 935 if (!hdev)
86742e1e 936 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS, ENODEV);
55ed8ca1 937
4e51eae9 938 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
55ed8ca1
JH		 939 key_count);
940
8c156c32 941 hci_dev_lock_bh(hdev);
55ed8ca1
JH		 942
943 hci_link_keys_clear(hdev);
944
945 set_bit(HCI_LINK_KEYS, &hdev->flags);
946
947 if (cp->debug_keys)
948 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
949 else
950 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
951
a492cd52 952 for (i = 0; i < key_count; i++) {
86742e1e 953 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 954
d25e28ab 955 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
55ed8ca1
JH		 956 key->pin_len);
957 }
958
8c156c32 959 hci_dev_unlock_bh(hdev);
55ed8ca1
JH		 960 hci_dev_put(hdev);
961
a492cd52 962 return 0;
55ed8ca1
JH		 963}
964
86742e1e
JH		 965static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
966 u16 len)
55ed8ca1
JH		 967{
968 struct hci_dev *hdev;
86742e1e 969 struct mgmt_cp_remove_keys *cp;
55ed8ca1 970 struct hci_conn *conn;
55ed8ca1
JH		 971 int err;
972
973 cp = (void *) data;
55ed8ca1 974
bdce7baf 975 if (len != sizeof(*cp))
86742e1e 976 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, EINVAL);
bdce7baf 977
4e51eae9 978 hdev = hci_dev_get(index);
55ed8ca1 979 if (!hdev)
86742e1e 980 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, ENODEV);
55ed8ca1 981
8c156c32 982 hci_dev_lock_bh(hdev);
55ed8ca1
JH		 983
984 err = hci_remove_link_key(hdev, &cp->bdaddr);
985 if (err < 0) {
86742e1e 986 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEYS, -err);
55ed8ca1
JH		 987 goto unlock;
988 }
989
990 err = 0;
991
992 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
993 goto unlock;
994
995 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
996 if (conn) {
997 struct hci_cp_disconnect dc;
998
999 put_unaligned_le16(conn->handle, &dc.handle);
1000 dc.reason = 0x13; /* Remote User Terminated Connection */
94ac0272 1001 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
55ed8ca1
JH		 1002 }
1003
1004unlock:
8c156c32 1005 hci_dev_unlock_bh(hdev);
55ed8ca1
JH		 1006 hci_dev_put(hdev);
1007
1008 return err;
1009}
1010
4e51eae9 1011static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
8962ee74
JH		 1012{
1013 struct hci_dev *hdev;
1014 struct mgmt_cp_disconnect *cp;
1015 struct hci_cp_disconnect dc;
366a0336 1016 struct pending_cmd *cmd;
8962ee74 1017 struct hci_conn *conn;
8962ee74
JH		 1018 int err;
1019
1020 BT_DBG("");
1021
1022 cp = (void *) data;
8962ee74 1023
bdce7baf
SJ		 1024 if (len != sizeof(*cp))
1025 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1026
4e51eae9 1027 hdev = hci_dev_get(index);
8962ee74 1028 if (!hdev)
4e51eae9 1029 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
8962ee74 1030
8c156c32 1031 hci_dev_lock_bh(hdev);
8962ee74
JH		 1032
1033 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1034 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
8962ee74
JH		 1035 goto failed;
1036 }
1037
4e51eae9
SJ		 1038 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1039 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
8962ee74
JH		 1040 goto failed;
1041 }
1042
1043 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
365227e5
VCG		 1044 if (!conn)
1045 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1046
8962ee74 1047 if (!conn) {
4e51eae9 1048 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
8962ee74
JH		 1049 goto failed;
1050 }
1051
4e51eae9 1052 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
366a0336
JH		 1053 if (!cmd) {
1054 err = -ENOMEM;
8962ee74 1055 goto failed;
366a0336 1056 }
8962ee74
JH		 1057
1058 put_unaligned_le16(conn->handle, &dc.handle);
1059 dc.reason = 0x13; /* Remote User Terminated Connection */
1060
1061 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1062 if (err < 0)
a664b5bc 1063 mgmt_pending_remove(cmd);
8962ee74
JH		 1064
1065failed:
8c156c32 1066 hci_dev_unlock_bh(hdev);
8962ee74
JH		 1067 hci_dev_put(hdev);
1068
1069 return err;
1070}
1071
8ce6284e 1072static int get_connections(struct sock *sk, u16 index)
2784eb41 1073{
2784eb41
JH		 1074 struct mgmt_rp_get_connections *rp;
1075 struct hci_dev *hdev;
8035ded4 1076 struct hci_conn *c;
2784eb41 1077 struct list_head *p;
a38528f1 1078 size_t rp_len;
4e51eae9 1079 u16 count;
2784eb41
JH		 1080 int i, err;
1081
1082 BT_DBG("");
1083
4e51eae9 1084 hdev = hci_dev_get(index);
2784eb41 1085 if (!hdev)
4e51eae9 1086 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
2784eb41 1087
8c156c32 1088 hci_dev_lock_bh(hdev);
2784eb41
JH		 1089
1090 count = 0;
1091 list_for_each(p, &hdev->conn_hash.list) {
1092 count++;
1093 }
1094
a38528f1
JH		 1095 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1096 rp = kmalloc(rp_len, GFP_ATOMIC);
1097 if (!rp) {
2784eb41
JH		 1098 err = -ENOMEM;
1099 goto unlock;
1100 }
1101
2784eb41
JH		 1102 put_unaligned_le16(count, &rp->conn_count);
1103
2784eb41 1104 i = 0;
8035ded4 1105 list_for_each_entry(c, &hdev->conn_hash.list, list)
2784eb41 1106 bacpy(&rp->conn[i++], &c->dst);
2784eb41 1107
4e51eae9 1108 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
2784eb41
JH		 1109
1110unlock:
a38528f1 1111 kfree(rp);
8c156c32 1112 hci_dev_unlock_bh(hdev);
2784eb41
JH		 1113 hci_dev_put(hdev);
1114 return err;
1115}
1116
96d97a67
WR		 1117static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1118 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1119{
1120 struct pending_cmd *cmd;
1121 int err;
1122
1123 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1124 sizeof(*cp));
1125 if (!cmd)
1126 return -ENOMEM;
1127
1128 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1129 &cp->bdaddr);
1130 if (err < 0)
1131 mgmt_pending_remove(cmd);
1132
1133 return err;
1134}
1135
4e51eae9
SJ		 1136static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1137 u16 len)
980e1a53
JH		 1138{
1139 struct hci_dev *hdev;
96d97a67 1140 struct hci_conn *conn;
980e1a53 1141 struct mgmt_cp_pin_code_reply *cp;
96d97a67 1142 struct mgmt_cp_pin_code_neg_reply ncp;
980e1a53 1143 struct hci_cp_pin_code_reply reply;
366a0336 1144 struct pending_cmd *cmd;
980e1a53
JH		 1145 int err;
1146
1147 BT_DBG("");
1148
1149 cp = (void *) data;
980e1a53 1150
bdce7baf
SJ		 1151 if (len != sizeof(*cp))
1152 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1153
4e51eae9 1154 hdev = hci_dev_get(index);
980e1a53 1155 if (!hdev)
4e51eae9 1156 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
980e1a53 1157
8c156c32 1158 hci_dev_lock_bh(hdev);
980e1a53
JH		 1159
1160 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1161 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
980e1a53
JH		 1162 goto failed;
1163 }
1164
96d97a67
WR		 1165 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1166 if (!conn) {
1167 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1168 goto failed;
1169 }
1170
1171 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1172 bacpy(&ncp.bdaddr, &cp->bdaddr);
1173
1174 BT_ERR("PIN code is not 16 bytes long");
1175
1176 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1177 if (err >= 0)
1178 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1179 EINVAL);
1180
1181 goto failed;
1182 }
1183
4e51eae9 1184 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
366a0336
JH		 1185 if (!cmd) {
1186 err = -ENOMEM;
980e1a53 1187 goto failed;
366a0336 1188 }
980e1a53
JH		 1189
1190 bacpy(&reply.bdaddr, &cp->bdaddr);
1191 reply.pin_len = cp->pin_len;
24718ca5 1192 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1193
1194 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1195 if (err < 0)
a664b5bc 1196 mgmt_pending_remove(cmd);
980e1a53
JH		 1197
1198failed:
8c156c32 1199 hci_dev_unlock_bh(hdev);
980e1a53
JH		 1200 hci_dev_put(hdev);
1201
1202 return err;
1203}
1204
4e51eae9
SJ		 1205static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1206 u16 len)
980e1a53
JH		 1207{
1208 struct hci_dev *hdev;
1209 struct mgmt_cp_pin_code_neg_reply *cp;
980e1a53
JH		 1210 int err;
1211
1212 BT_DBG("");
1213
1214 cp = (void *) data;
980e1a53 1215
bdce7baf
SJ		 1216 if (len != sizeof(*cp))
1217 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1218 EINVAL);
1219
4e51eae9 1220 hdev = hci_dev_get(index);
980e1a53 1221 if (!hdev)
4e51eae9
SJ		 1222 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1223 ENODEV);
980e1a53 1224
8c156c32 1225 hci_dev_lock_bh(hdev);
980e1a53
JH		 1226
1227 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9
SJ		 1228 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1229 ENETDOWN);
980e1a53
JH		 1230 goto failed;
1231 }
1232
96d97a67 1233 err = send_pin_code_neg_reply(sk, index, hdev, cp);
980e1a53
JH		 1234
1235failed:
8c156c32 1236 hci_dev_unlock_bh(hdev);
980e1a53
JH		 1237 hci_dev_put(hdev);
1238
1239 return err;
1240}
1241
4e51eae9
SJ		 1242static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1243 u16 len)
17fa4b9d
JH		 1244{
1245 struct hci_dev *hdev;
1246 struct mgmt_cp_set_io_capability *cp;
17fa4b9d
JH		 1247
1248 BT_DBG("");
1249
1250 cp = (void *) data;
17fa4b9d 1251
bdce7baf 1252 if (len != sizeof(*cp))
b8534e0f 1253 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
bdce7baf 1254
4e51eae9 1255 hdev = hci_dev_get(index);
17fa4b9d 1256 if (!hdev)
4e51eae9 1257 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
17fa4b9d 1258
8c156c32 1259 hci_dev_lock_bh(hdev);
17fa4b9d
JH		 1260
1261 hdev->io_capability = cp->io_capability;
1262
1263 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
b8534e0f 1264 hdev->io_capability);
17fa4b9d 1265
8c156c32 1266 hci_dev_unlock_bh(hdev);
17fa4b9d
JH		 1267 hci_dev_put(hdev);
1268
4e51eae9 1269 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
17fa4b9d
JH		 1270}
1271
e9a416b5
JH		 1272static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1273{
1274 struct hci_dev *hdev = conn->hdev;
8035ded4 1275 struct pending_cmd *cmd;
e9a416b5 1276
8035ded4 1277 list_for_each_entry(cmd, &cmd_list, list) {
e9a416b5
JH		 1278 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1279 continue;
1280
1281 if (cmd->index != hdev->id)
1282 continue;
1283
1284 if (cmd->user_data != conn)
1285 continue;
1286
1287 return cmd;
1288 }
1289
1290 return NULL;
1291}
1292
1293static void pairing_complete(struct pending_cmd *cmd, u8 status)
1294{
1295 struct mgmt_rp_pair_device rp;
1296 struct hci_conn *conn = cmd->user_data;
1297
e9a416b5
JH		 1298 bacpy(&rp.bdaddr, &conn->dst);
1299 rp.status = status;
1300
4e51eae9 1301 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
e9a416b5
JH		 1302
1303 /* So we don't get further callbacks for this connection */
1304 conn->connect_cfm_cb = NULL;
1305 conn->security_cfm_cb = NULL;
1306 conn->disconn_cfm_cb = NULL;
1307
1308 hci_conn_put(conn);
1309
a664b5bc 1310 mgmt_pending_remove(cmd);
e9a416b5
JH		 1311}
1312
1313static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1314{
1315 struct pending_cmd *cmd;
1316
1317 BT_DBG("status %u", status);
1318
1319 cmd = find_pairing(conn);
1320 if (!cmd) {
1321 BT_DBG("Unable to find a pending command");
1322 return;
1323 }
1324
1325 pairing_complete(cmd, status);
1326}
1327
4e51eae9 1328static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
e9a416b5
JH		 1329{
1330 struct hci_dev *hdev;
1331 struct mgmt_cp_pair_device *cp;
1332 struct pending_cmd *cmd;
7a512d01 1333 struct adv_entry *entry;
e9a416b5
JH		 1334 u8 sec_level, auth_type;
1335 struct hci_conn *conn;
e9a416b5
JH		 1336 int err;
1337
1338 BT_DBG("");
1339
1340 cp = (void *) data;
e9a416b5 1341
bdce7baf
SJ		 1342 if (len != sizeof(*cp))
1343 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1344
4e51eae9 1345 hdev = hci_dev_get(index);
e9a416b5 1346 if (!hdev)
4e51eae9 1347 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
e9a416b5 1348
8c156c32 1349 hci_dev_lock_bh(hdev);
e9a416b5 1350
c908df36
VCG		 1351 sec_level = BT_SECURITY_MEDIUM;
1352 if (cp->io_cap == 0x03)
e9a416b5 1353 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1354 else
e9a416b5 1355 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1356
7a512d01
VCG		 1357 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1358 if (entry)
1359 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1360 auth_type);
1361 else
1362 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1363 auth_type);
1364
30e76272
VT		 1365 if (IS_ERR(conn)) {
1366 err = PTR_ERR(conn);
e9a416b5
JH		 1367 goto unlock;
1368 }
1369
1370 if (conn->connect_cfm_cb) {
1371 hci_conn_put(conn);
4e51eae9 1372 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
e9a416b5
JH		 1373 goto unlock;
1374 }
1375
4e51eae9 1376 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
e9a416b5
JH		 1377 if (!cmd) {
1378 err = -ENOMEM;
1379 hci_conn_put(conn);
1380 goto unlock;
1381 }
1382
7a512d01
VCG		 1383 /* For LE, just connecting isn't a proof that the pairing finished */
1384 if (!entry)
1385 conn->connect_cfm_cb = pairing_complete_cb;
1386
e9a416b5
JH		 1387 conn->security_cfm_cb = pairing_complete_cb;
1388 conn->disconn_cfm_cb = pairing_complete_cb;
1389 conn->io_capability = cp->io_cap;
1390 cmd->user_data = conn;
1391
1392 if (conn->state == BT_CONNECTED &&
1393 hci_conn_security(conn, sec_level, auth_type))
1394 pairing_complete(cmd, 0);
1395
1396 err = 0;
1397
1398unlock:
8c156c32 1399 hci_dev_unlock_bh(hdev);
e9a416b5
JH		 1400 hci_dev_put(hdev);
1401
1402 return err;
1403}
1404
4e51eae9
SJ		 1405static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1406 u16 len, int success)
a5c29683
JH		 1407{
1408 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
4e51eae9 1409 u16 mgmt_op, hci_op;
a5c29683
JH		 1410 struct pending_cmd *cmd;
1411 struct hci_dev *hdev;
1412 int err;
1413
1414 BT_DBG("");
1415
a5c29683
JH		 1416 if (success) {
1417 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1418 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1419 } else {
1420 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1421 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1422 }
1423
bdce7baf
SJ		 1424 if (len != sizeof(*cp))
1425 return cmd_status(sk, index, mgmt_op, EINVAL);
1426
4e51eae9 1427 hdev = hci_dev_get(index);
a5c29683 1428 if (!hdev)
4e51eae9 1429 return cmd_status(sk, index, mgmt_op, ENODEV);
a5c29683 1430
8c156c32 1431 hci_dev_lock_bh(hdev);
08ba5382 1432
a5c29683 1433 if (!test_bit(HCI_UP, &hdev->flags)) {
4e51eae9 1434 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
a5c29683
JH		 1435 goto failed;
1436 }
1437
4e51eae9 1438 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
a5c29683
JH		 1439 if (!cmd) {
1440 err = -ENOMEM;
1441 goto failed;
1442 }
1443
1444 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
a664b5bc
JH		 1445 if (err < 0)
1446 mgmt_pending_remove(cmd);
a5c29683
JH		 1447
1448failed:
8c156c32 1449 hci_dev_unlock_bh(hdev);
a5c29683
JH		 1450 hci_dev_put(hdev);
1451
1452 return err;
1453}
1454
b312b161
JH		 1455static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1456 u16 len)
1457{
1458 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1459 struct hci_cp_write_local_name hci_cp;
1460 struct hci_dev *hdev;
1461 struct pending_cmd *cmd;
1462 int err;
1463
1464 BT_DBG("");
1465
1466 if (len != sizeof(*mgmt_cp))
1467 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1468
1469 hdev = hci_dev_get(index);
1470 if (!hdev)
1471 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1472
8c156c32 1473 hci_dev_lock_bh(hdev);
b312b161
JH		 1474
1475 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1476 if (!cmd) {
1477 err = -ENOMEM;
1478 goto failed;
1479 }
1480
1481 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1482 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1483 &hci_cp);
1484 if (err < 0)
1485 mgmt_pending_remove(cmd);
1486
1487failed:
8c156c32 1488 hci_dev_unlock_bh(hdev);
b312b161
JH		 1489 hci_dev_put(hdev);
1490
1491 return err;
1492}
1493
c35938b2
SJ		 1494static int read_local_oob_data(struct sock *sk, u16 index)
1495{
1496 struct hci_dev *hdev;
1497 struct pending_cmd *cmd;
1498 int err;
1499
1500 BT_DBG("hci%u", index);
1501
1502 hdev = hci_dev_get(index);
1503 if (!hdev)
1504 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1505 ENODEV);
1506
8c156c32 1507 hci_dev_lock_bh(hdev);
c35938b2
SJ		 1508
1509 if (!test_bit(HCI_UP, &hdev->flags)) {
1510 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1511 ENETDOWN);
1512 goto unlock;
1513 }
1514
1515 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1516 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1517 EOPNOTSUPP);
1518 goto unlock;
1519 }
1520
1521 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1522 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1523 goto unlock;
1524 }
1525
1526 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1527 if (!cmd) {
1528 err = -ENOMEM;
1529 goto unlock;
1530 }
1531
1532 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1533 if (err < 0)
1534 mgmt_pending_remove(cmd);
1535
1536unlock:
8c156c32 1537 hci_dev_unlock_bh(hdev);
c35938b2
SJ		 1538 hci_dev_put(hdev);
1539
1540 return err;
1541}
1542
2763eda6
SJ		 1543static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1544 u16 len)
1545{
1546 struct hci_dev *hdev;
1547 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1548 int err;
1549
1550 BT_DBG("hci%u ", index);
1551
1552 if (len != sizeof(*cp))
1553 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1554 EINVAL);
1555
1556 hdev = hci_dev_get(index);
1557 if (!hdev)
1558 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1559 ENODEV);
1560
8c156c32 1561 hci_dev_lock_bh(hdev);
2763eda6
SJ		 1562
1563 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1564 cp->randomizer);
1565 if (err < 0)
1566 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1567 else
1568 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1569 0);
1570
8c156c32 1571 hci_dev_unlock_bh(hdev);
2763eda6
SJ		 1572 hci_dev_put(hdev);
1573
1574 return err;
1575}
1576
1577static int remove_remote_oob_data(struct sock *sk, u16 index,
1578 unsigned char *data, u16 len)
1579{
1580 struct hci_dev *hdev;
1581 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1582 int err;
1583
1584 BT_DBG("hci%u ", index);
1585
1586 if (len != sizeof(*cp))
1587 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1588 EINVAL);
1589
1590 hdev = hci_dev_get(index);
1591 if (!hdev)
1592 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1593 ENODEV);
1594
8c156c32 1595 hci_dev_lock_bh(hdev);
2763eda6
SJ		 1596
1597 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1598 if (err < 0)
1599 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1600 -err);
1601 else
1602 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1603 NULL, 0);
1604
8c156c32 1605 hci_dev_unlock_bh(hdev);
2763eda6
SJ		 1606 hci_dev_put(hdev);
1607
1608 return err;
1609}
1610
14a53664
JH		 1611static int start_discovery(struct sock *sk, u16 index)
1612{
14a53664
JH		 1613 struct pending_cmd *cmd;
1614 struct hci_dev *hdev;
1615 int err;
1616
1617 BT_DBG("hci%u", index);
1618
1619 hdev = hci_dev_get(index);
1620 if (!hdev)
1621 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1622
1623 hci_dev_lock_bh(hdev);
1624
bd2d1334
JH		 1625 if (!test_bit(HCI_UP, &hdev->flags)) {
1626 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENETDOWN);
1627 goto failed;
1628 }
1629
14a53664
JH		 1630 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1631 if (!cmd) {
1632 err = -ENOMEM;
1633 goto failed;
1634 }
1635
2519a1fc 1636 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
14a53664
JH		 1637 if (err < 0)
1638 mgmt_pending_remove(cmd);
1639
1640failed:
1641 hci_dev_unlock_bh(hdev);
1642 hci_dev_put(hdev);
1643
1644 return err;
1645}
1646
1647static int stop_discovery(struct sock *sk, u16 index)
1648{
1649 struct hci_dev *hdev;
1650 struct pending_cmd *cmd;
1651 int err;
1652
1653 BT_DBG("hci%u", index);
1654
1655 hdev = hci_dev_get(index);
1656 if (!hdev)
1657 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1658
1659 hci_dev_lock_bh(hdev);
1660
1661 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1662 if (!cmd) {
1663 err = -ENOMEM;
1664 goto failed;
1665 }
1666
023d5049 1667 err = hci_cancel_inquiry(hdev);
14a53664
JH		 1668 if (err < 0)
1669 mgmt_pending_remove(cmd);
1670
1671failed:
1672 hci_dev_unlock_bh(hdev);
1673 hci_dev_put(hdev);
1674
1675 return err;
1676}
1677
7fbec224
AJ		 1678static int block_device(struct sock *sk, u16 index, unsigned char *data,
1679 u16 len)
1680{
1681 struct hci_dev *hdev;
5e762444 1682 struct mgmt_cp_block_device *cp = (void *) data;
7fbec224
AJ		 1683 int err;
1684
1685 BT_DBG("hci%u", index);
1686
7fbec224
AJ		 1687 if (len != sizeof(*cp))
1688 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1689 EINVAL);
1690
1691 hdev = hci_dev_get(index);
1692 if (!hdev)
1693 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1694 ENODEV);
1695
5e762444
AJ		 1696 hci_dev_lock_bh(hdev);
1697
7fbec224 1698 err = hci_blacklist_add(hdev, &cp->bdaddr);
7fbec224
AJ		 1699 if (err < 0)
1700 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1701 else
1702 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1703 NULL, 0);
5e762444 1704
5e762444 1705 hci_dev_unlock_bh(hdev);
7fbec224
AJ		 1706 hci_dev_put(hdev);
1707
1708 return err;
1709}
1710
1711static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1712 u16 len)
1713{
1714 struct hci_dev *hdev;
5e762444 1715 struct mgmt_cp_unblock_device *cp = (void *) data;
7fbec224
AJ		 1716 int err;
1717
1718 BT_DBG("hci%u", index);
1719
7fbec224
AJ		 1720 if (len != sizeof(*cp))
1721 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1722 EINVAL);
1723
1724 hdev = hci_dev_get(index);
1725 if (!hdev)
1726 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1727 ENODEV);
1728
5e762444
AJ		 1729 hci_dev_lock_bh(hdev);
1730
7fbec224
AJ		 1731 err = hci_blacklist_del(hdev, &cp->bdaddr);
1732
1733 if (err < 0)
1734 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1735 else
1736 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1737 NULL, 0);
5e762444 1738
5e762444 1739 hci_dev_unlock_bh(hdev);
7fbec224
AJ		 1740 hci_dev_put(hdev);
1741
1742 return err;
1743}
1744
f6422ec6
AJ		 1745static int set_fast_connectable(struct sock *sk, u16 index,
1746 unsigned char *data, u16 len)
1747{
1748 struct hci_dev *hdev;
1749 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1750 struct hci_cp_write_page_scan_activity acp;
1751 u8 type;
1752 int err;
1753
1754 BT_DBG("hci%u", index);
1755
1756 if (len != sizeof(*cp))
1757 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1758 EINVAL);
1759
1760 hdev = hci_dev_get(index);
1761 if (!hdev)
1762 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1763 ENODEV);
1764
1765 hci_dev_lock(hdev);
1766
1767 if (cp->enable) {
1768 type = PAGE_SCAN_TYPE_INTERLACED;
1769 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1770 } else {
1771 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1772 acp.interval = 0x0800; /* default 1.28 sec page scan */
1773 }
1774
1775 acp.window = 0x0012; /* default 11.25 msec page scan window */
1776
1777 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1778 sizeof(acp), &acp);
1779 if (err < 0) {
1780 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1781 -err);
1782 goto done;
1783 }
1784
1785 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1786 if (err < 0) {
1787 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1788 -err);
1789 goto done;
1790 }
1791
1792 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1793 NULL, 0);
1794done:
1795 hci_dev_unlock(hdev);
1796 hci_dev_put(hdev);
1797
1798 return err;
1799}
1800
0381101f
JH		 1801int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1802{
1803 unsigned char *buf;
1804 struct mgmt_hdr *hdr;
4e51eae9 1805 u16 opcode, index, len;
0381101f
JH		 1806 int err;
1807
1808 BT_DBG("got %zu bytes", msglen);
1809
1810 if (msglen < sizeof(*hdr))
1811 return -EINVAL;
1812
e63a15ec 1813 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 1814 if (!buf)
1815 return -ENOMEM;
1816
1817 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1818 err = -EFAULT;
1819 goto done;
1820 }
1821
1822 hdr = (struct mgmt_hdr *) buf;
1823 opcode = get_unaligned_le16(&hdr->opcode);
4e51eae9 1824 index = get_unaligned_le16(&hdr->index);
0381101f
JH		 1825 len = get_unaligned_le16(&hdr->len);
1826
1827 if (len != msglen - sizeof(*hdr)) {
1828 err = -EINVAL;
1829 goto done;
1830 }
1831
1832 switch (opcode) {
02d98129
JH		 1833 case MGMT_OP_READ_VERSION:
1834 err = read_version(sk);
1835 break;
faba42eb
JH		 1836 case MGMT_OP_READ_INDEX_LIST:
1837 err = read_index_list(sk);
1838 break;
f7b64e69 1839 case MGMT_OP_READ_INFO:
4e51eae9 1840 err = read_controller_info(sk, index);
f7b64e69 1841 break;
eec8d2bc 1842 case MGMT_OP_SET_POWERED:
4e51eae9 1843 err = set_powered(sk, index, buf + sizeof(*hdr), len);
eec8d2bc 1844 break;
73f22f62 1845 case MGMT_OP_SET_DISCOVERABLE:
4e51eae9 1846 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
73f22f62 1847 break;
9fbcbb45 1848 case MGMT_OP_SET_CONNECTABLE:
4e51eae9 1849 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
9fbcbb45 1850 break;
c542a06c 1851 case MGMT_OP_SET_PAIRABLE:
4e51eae9 1852 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
c542a06c 1853 break;
2aeb9a1a 1854 case MGMT_OP_ADD_UUID:
4e51eae9 1855 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a
JH		 1856 break;
1857 case MGMT_OP_REMOVE_UUID:
4e51eae9 1858 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2aeb9a1a 1859 break;
1aff6f09 1860 case MGMT_OP_SET_DEV_CLASS:
4e51eae9 1861 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1aff6f09
JH		 1862 break;
1863 case MGMT_OP_SET_SERVICE_CACHE:
4e51eae9 1864 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1aff6f09 1865 break;
86742e1e
JH		 1866 case MGMT_OP_LOAD_LINK_KEYS:
1867 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
55ed8ca1 1868 break;
86742e1e
JH		 1869 case MGMT_OP_REMOVE_KEYS:
1870 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
55ed8ca1 1871 break;
8962ee74 1872 case MGMT_OP_DISCONNECT:
4e51eae9 1873 err = disconnect(sk, index, buf + sizeof(*hdr), len);
8962ee74 1874 break;
2784eb41 1875 case MGMT_OP_GET_CONNECTIONS:
8ce6284e 1876 err = get_connections(sk, index);
2784eb41 1877 break;
980e1a53 1878 case MGMT_OP_PIN_CODE_REPLY:
4e51eae9 1879 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53
JH		 1880 break;
1881 case MGMT_OP_PIN_CODE_NEG_REPLY:
4e51eae9 1882 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
980e1a53 1883 break;
17fa4b9d 1884 case MGMT_OP_SET_IO_CAPABILITY:
4e51eae9 1885 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
17fa4b9d 1886 break;
e9a416b5 1887 case MGMT_OP_PAIR_DEVICE:
4e51eae9 1888 err = pair_device(sk, index, buf + sizeof(*hdr), len);
e9a416b5 1889 break;
a5c29683 1890 case MGMT_OP_USER_CONFIRM_REPLY:
4e51eae9 1891 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
a5c29683
JH		 1892 break;
1893 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
4e51eae9 1894 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
a5c29683 1895 break;
b312b161
JH		 1896 case MGMT_OP_SET_LOCAL_NAME:
1897 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1898 break;
c35938b2
SJ		 1899 case MGMT_OP_READ_LOCAL_OOB_DATA:
1900 err = read_local_oob_data(sk, index);
1901 break;
2763eda6
SJ		 1902 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1903 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1904 break;
1905 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1906 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1907 len);
1908 break;
14a53664
JH		 1909 case MGMT_OP_START_DISCOVERY:
1910 err = start_discovery(sk, index);
1911 break;
1912 case MGMT_OP_STOP_DISCOVERY:
1913 err = stop_discovery(sk, index);
1914 break;
7fbec224
AJ		 1915 case MGMT_OP_BLOCK_DEVICE:
1916 err = block_device(sk, index, buf + sizeof(*hdr), len);
1917 break;
1918 case MGMT_OP_UNBLOCK_DEVICE:
1919 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1920 break;
f6422ec6
AJ		 1921 case MGMT_OP_SET_FAST_CONNECTABLE:
1922 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1923 len);
1924 break;
0381101f
JH		 1925 default:
1926 BT_DBG("Unknown op %u", opcode);
4e51eae9 1927 err = cmd_status(sk, index, opcode, 0x01);
0381101f
JH		 1928 break;
1929 }
1930
e41d8b4e
JH		 1931 if (err < 0)
1932 goto done;
1933
0381101f
JH		 1934 err = msglen;
1935
1936done:
1937 kfree(buf);
1938 return err;
1939}
c71e97bf 1940
b24752fe
JH		 1941static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
1942{
1943 u8 *status = data;
1944
1945 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
1946 mgmt_pending_remove(cmd);
1947}
1948
c71e97bf
JH		 1949int mgmt_index_added(u16 index)
1950{
4e51eae9 1951 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
c71e97bf
JH		 1952}
1953
1954int mgmt_index_removed(u16 index)
1955{
b24752fe
JH		 1956 u8 status = ENODEV;
1957
1958 mgmt_pending_foreach(0, index, cmd_status_rsp, &status);
1959
4e51eae9 1960 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
eec8d2bc
JH		 1961}
1962
73f22f62 1963struct cmd_lookup {
72a734ec 1964 u8 val;
eec8d2bc
JH		 1965 struct sock *sk;
1966};
1967
72a734ec 1968static void mode_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 1969{
c68fb7ff 1970 struct mgmt_mode *cp = cmd->param;
73f22f62 1971 struct cmd_lookup *match = data;
eec8d2bc 1972
72a734ec 1973 if (cp->val != match->val)
eec8d2bc
JH		 1974 return;
1975
053f0211 1976 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
eec8d2bc
JH		 1977
1978 list_del(&cmd->list);
1979
1980 if (match->sk == NULL) {
1981 match->sk = cmd->sk;
1982 sock_hold(match->sk);
1983 }
1984
1985 mgmt_pending_free(cmd);
c71e97bf 1986}
5add6af8
JH		 1987
1988int mgmt_powered(u16 index, u8 powered)
1989{
72a734ec 1990 struct mgmt_mode ev;
73f22f62 1991 struct cmd_lookup match = { powered, NULL };
eec8d2bc 1992 int ret;
5add6af8 1993
72a734ec 1994 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
5add6af8 1995
b24752fe
JH		 1996 if (!powered) {
1997 u8 status = ENETDOWN;
1998 mgmt_pending_foreach(0, index, cmd_status_rsp, &status);
1999 }
2000
72a734ec 2001 ev.val = powered;
eec8d2bc 2002
4e51eae9 2003 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
eec8d2bc
JH		 2004
2005 if (match.sk)
2006 sock_put(match.sk);
2007
2008 return ret;
5add6af8 2009}
73f22f62 2010
73f22f62
JH		 2011int mgmt_discoverable(u16 index, u8 discoverable)
2012{
72a734ec 2013 struct mgmt_mode ev;
73f22f62
JH		 2014 struct cmd_lookup match = { discoverable, NULL };
2015 int ret;
2016
b8534e0f 2017 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
72a734ec 2018
72a734ec 2019 ev.val = discoverable;
73f22f62 2020
4e51eae9
SJ		 2021 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
2022 match.sk);
73f22f62
JH		 2023
2024 if (match.sk)
2025 sock_put(match.sk);
2026
2027 return ret;
2028}
9fbcbb45 2029
9fbcbb45
JH		 2030int mgmt_connectable(u16 index, u8 connectable)
2031{
72a734ec 2032 struct mgmt_mode ev;
9fbcbb45
JH		 2033 struct cmd_lookup match = { connectable, NULL };
2034 int ret;
2035
72a734ec 2036 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
9fbcbb45 2037
72a734ec 2038 ev.val = connectable;
9fbcbb45 2039
4e51eae9 2040 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
9fbcbb45
JH		 2041
2042 if (match.sk)
2043 sock_put(match.sk);
2044
2045 return ret;
2046}
55ed8ca1 2047
2d7cee58
JH		 2048int mgmt_write_scan_failed(u16 index, u8 scan, u8 status)
2049{
2050 if (scan & SCAN_PAGE)
2051 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index,
2052 cmd_status_rsp, &status);
2053
2054 if (scan & SCAN_INQUIRY)
2055 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index,
2056 cmd_status_rsp, &status);
2057
2058 return 0;
2059}
2060
86742e1e 2061int mgmt_new_link_key(u16 index, struct link_key *key, u8 persistent)
55ed8ca1 2062{
86742e1e 2063 struct mgmt_ev_new_link_key ev;
55ed8ca1 2064
a492cd52 2065 memset(&ev, 0, sizeof(ev));
55ed8ca1 2066
a492cd52
VCG		 2067 ev.store_hint = persistent;
2068 bacpy(&ev.key.bdaddr, &key->bdaddr);
2069 ev.key.type = key->type;
2070 memcpy(ev.key.val, key->val, 16);
2071 ev.key.pin_len = key->pin_len;
55ed8ca1 2072
86742e1e 2073 return mgmt_event(MGMT_EV_NEW_LINK_KEY, index, &ev, sizeof(ev), NULL);
55ed8ca1 2074}
f7520543 2075
cfafccf7 2076int mgmt_connected(u16 index, bdaddr_t *bdaddr, u8 link_type)
f7520543
JH		 2077{
2078 struct mgmt_ev_connected ev;
2079
f7520543 2080 bacpy(&ev.bdaddr, bdaddr);
cfafccf7 2081 ev.link_type = link_type;
f7520543 2082
4e51eae9 2083 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
f7520543
JH		 2084}
2085
8962ee74
JH		 2086static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2087{
c68fb7ff 2088 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 2089 struct sock **sk = data;
a38528f1 2090 struct mgmt_rp_disconnect rp;
8962ee74 2091
a38528f1 2092 bacpy(&rp.bdaddr, &cp->bdaddr);
8962ee74 2093
4e51eae9 2094 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
8962ee74
JH		 2095
2096 *sk = cmd->sk;
2097 sock_hold(*sk);
2098
a664b5bc 2099 mgmt_pending_remove(cmd);
8962ee74
JH		 2100}
2101
f7520543
JH		 2102int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2103{
2104 struct mgmt_ev_disconnected ev;
8962ee74
JH		 2105 struct sock *sk = NULL;
2106 int err;
2107
2108 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
f7520543 2109
f7520543
JH		 2110 bacpy(&ev.bdaddr, bdaddr);
2111
4e51eae9 2112 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
8962ee74
JH		 2113
2114 if (sk)
2115 sock_put(sk);
2116
2117 return err;
2118}
2119
2120int mgmt_disconnect_failed(u16 index)
2121{
2122 struct pending_cmd *cmd;
2123 int err;
2124
2125 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2126 if (!cmd)
2127 return -ENOENT;
2128
4e51eae9 2129 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
8962ee74 2130
a664b5bc 2131 mgmt_pending_remove(cmd);
8962ee74
JH		 2132
2133 return err;
f7520543 2134}
17d5c04c
JH		 2135
2136int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2137{
2138 struct mgmt_ev_connect_failed ev;
2139
17d5c04c
JH		 2140 bacpy(&ev.bdaddr, bdaddr);
2141 ev.status = status;
2142
4e51eae9 2143 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
17d5c04c 2144}
980e1a53 2145
a770bb5a 2146int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 2147{
2148 struct mgmt_ev_pin_code_request ev;
2149
980e1a53 2150 bacpy(&ev.bdaddr, bdaddr);
a770bb5a 2151 ev.secure = secure;
980e1a53 2152
4e51eae9
SJ		 2153 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2154 NULL);
980e1a53
JH		 2155}
2156
2157int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2158{
2159 struct pending_cmd *cmd;
ac56fb13 2160 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2161 int err;
2162
2163 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2164 if (!cmd)
2165 return -ENOENT;
2166
ac56fb13
JH		 2167 bacpy(&rp.bdaddr, bdaddr);
2168 rp.status = status;
2169
4e51eae9
SJ		 2170 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2171 sizeof(rp));
980e1a53 2172
a664b5bc 2173 mgmt_pending_remove(cmd);
980e1a53
JH		 2174
2175 return err;
2176}
2177
2178int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2179{
2180 struct pending_cmd *cmd;
ac56fb13 2181 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 2182 int err;
2183
2184 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2185 if (!cmd)
2186 return -ENOENT;
2187
ac56fb13
JH		 2188 bacpy(&rp.bdaddr, bdaddr);
2189 rp.status = status;
2190
4e51eae9
SJ		 2191 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2192 sizeof(rp));
980e1a53 2193
a664b5bc 2194 mgmt_pending_remove(cmd);
980e1a53
JH		 2195
2196 return err;
2197}
a5c29683 2198
55bc1a37
JH		 2199int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2200 u8 confirm_hint)
a5c29683
JH		 2201{
2202 struct mgmt_ev_user_confirm_request ev;
2203
2204 BT_DBG("hci%u", index);
2205
a5c29683 2206 bacpy(&ev.bdaddr, bdaddr);
55bc1a37 2207 ev.confirm_hint = confirm_hint;
a5c29683
JH		 2208 put_unaligned_le32(value, &ev.value);
2209
4e51eae9
SJ		 2210 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2211 NULL);
a5c29683
JH		 2212}
2213
2214static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2215 u8 opcode)
2216{
2217 struct pending_cmd *cmd;
2218 struct mgmt_rp_user_confirm_reply rp;
2219 int err;
2220
2221 cmd = mgmt_pending_find(opcode, index);
2222 if (!cmd)
2223 return -ENOENT;
2224
a5c29683
JH		 2225 bacpy(&rp.bdaddr, bdaddr);
2226 rp.status = status;
4e51eae9 2227 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
a5c29683 2228
a664b5bc 2229 mgmt_pending_remove(cmd);
a5c29683
JH		 2230
2231 return err;
2232}
2233
2234int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2235{
2236 return confirm_reply_complete(index, bdaddr, status,
2237 MGMT_OP_USER_CONFIRM_REPLY);
2238}
2239
b8534e0f 2240int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
a5c29683
JH		 2241{
2242 return confirm_reply_complete(index, bdaddr, status,
2243 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2244}
2a611692
JH		 2245
2246int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2247{
2248 struct mgmt_ev_auth_failed ev;
2249
2a611692
JH		 2250 bacpy(&ev.bdaddr, bdaddr);
2251 ev.status = status;
2252
4e51eae9 2253 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2a611692 2254}
b312b161
JH		 2255
2256int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2257{
2258 struct pending_cmd *cmd;
80a1e1db 2259 struct hci_dev *hdev;
b312b161
JH		 2260 struct mgmt_cp_set_local_name ev;
2261 int err;
2262
2263 memset(&ev, 0, sizeof(ev));
2264 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2265
2266 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2267 if (!cmd)
2268 goto send_event;
2269
2270 if (status) {
2271 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2272 goto failed;
2273 }
2274
80a1e1db
JH		 2275 hdev = hci_dev_get(index);
2276 if (hdev) {
2277 hci_dev_lock_bh(hdev);
2278 update_eir(hdev);
2279 hci_dev_unlock_bh(hdev);
2280 hci_dev_put(hdev);
2281 }
2282
b312b161
JH		 2283 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2284 sizeof(ev));
2285 if (err < 0)
2286 goto failed;
2287
2288send_event:
2289 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2290 cmd ? cmd->sk : NULL);
2291
2292failed:
2293 if (cmd)
2294 mgmt_pending_remove(cmd);
2295 return err;
2296}
c35938b2
SJ		 2297
2298int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2299 u8 status)
2300{
2301 struct pending_cmd *cmd;
2302 int err;
2303
2304 BT_DBG("hci%u status %u", index, status);
2305
2306 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2307 if (!cmd)
2308 return -ENOENT;
2309
2310 if (status) {
2311 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2312 EIO);
2313 } else {
2314 struct mgmt_rp_read_local_oob_data rp;
2315
2316 memcpy(rp.hash, hash, sizeof(rp.hash));
2317 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2318
2319 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2320 &rp, sizeof(rp));
2321 }
2322
2323 mgmt_pending_remove(cmd);
2324
2325 return err;
2326}
e17acd40
JH		 2327
2328int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2329 u8 *eir)
2330{
2331 struct mgmt_ev_device_found ev;
2332
2333 memset(&ev, 0, sizeof(ev));
2334
2335 bacpy(&ev.bdaddr, bdaddr);
e17acd40
JH		 2336 ev.rssi = rssi;
2337
2338 if (eir)
2339 memcpy(ev.eir, eir, sizeof(ev.eir));
2340
f8523598
AG		 2341 if (dev_class)
2342 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2343
e17acd40
JH		 2344 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2345}
a88a9652
JH		 2346
2347int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2348{
2349 struct mgmt_ev_remote_name ev;
2350
2351 memset(&ev, 0, sizeof(ev));
2352
2353 bacpy(&ev.bdaddr, bdaddr);
2354 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2355
2356 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2357}
314b2381 2358
164a6e78
JH		 2359int mgmt_inquiry_failed(u16 index, u8 status)
2360{
2361 struct pending_cmd *cmd;
2362 int err;
2363
2364 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, index);
2365 if (!cmd)
2366 return -ENOENT;
2367
2368 err = cmd_status(cmd->sk, index, cmd->opcode, status);
2369 mgmt_pending_remove(cmd);
2370
2371 return err;
2372}
2373
314b2381
JH		 2374int mgmt_discovering(u16 index, u8 discovering)
2375{
164a6e78
JH		 2376 struct pending_cmd *cmd;
2377
2378 if (discovering)
2379 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, index);
2380 else
2381 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, index);
2382
2383 if (cmd != NULL) {
2384 cmd_complete(cmd->sk, index, cmd->opcode, NULL, 0);
2385 mgmt_pending_remove(cmd);
2386 }
2387
314b2381
JH		 2388 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2389 sizeof(discovering), NULL);
2390}
5e762444
AJ		 2391
2392int mgmt_device_blocked(u16 index, bdaddr_t *bdaddr)
2393{
2394 struct pending_cmd *cmd;
2395 struct mgmt_ev_device_blocked ev;
2396
2397 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, index);
2398
2399 bacpy(&ev.bdaddr, bdaddr);
2400
2401 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, index, &ev, sizeof(ev),
2402 cmd ? cmd->sk : NULL);
2403}
2404
2405int mgmt_device_unblocked(u16 index, bdaddr_t *bdaddr)
2406{
2407 struct pending_cmd *cmd;
2408 struct mgmt_ev_device_unblocked ev;
2409
2410 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, index);
2411
2412 bacpy(&ev.bdaddr, bdaddr);
2413
2414 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, index, &ev, sizeof(ev),
2415 cmd ? cmd->sk : NULL);
2416}
Ubuntu Artful kernel mirror