]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | BlueZ - Bluetooth protocol stack for Linux | |
3 | ||
4 | Copyright (C) 2010 Nokia Corporation | |
5 | Copyright (C) 2011-2012 Intel Corporation | |
6 | ||
7 | This program is free software; you can redistribute it and/or modify | |
8 | it under the terms of the GNU General Public License version 2 as | |
9 | published by the Free Software Foundation; | |
10 | ||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |
12 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. | |
14 | IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY | |
15 | CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES | |
16 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
17 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
18 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
19 | ||
20 | ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, | |
21 | COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS | |
22 | SOFTWARE IS DISCLAIMED. | |
23 | */ | |
24 | ||
25 | /* Bluetooth HCI Management interface */ | |
26 | ||
27 | #include <linux/module.h> | |
28 | #include <asm/unaligned.h> | |
29 | ||
30 | #include <net/bluetooth/bluetooth.h> | |
31 | #include <net/bluetooth/hci_core.h> | |
32 | #include <net/bluetooth/mgmt.h> | |
33 | ||
34 | #include "smp.h" | |
35 | ||
36 | #define MGMT_VERSION 1 | |
37 | #define MGMT_REVISION 5 | |
38 | ||
39 | static const u16 mgmt_commands[] = { | |
40 | MGMT_OP_READ_INDEX_LIST, | |
41 | MGMT_OP_READ_INFO, | |
42 | MGMT_OP_SET_POWERED, | |
43 | MGMT_OP_SET_DISCOVERABLE, | |
44 | MGMT_OP_SET_CONNECTABLE, | |
45 | MGMT_OP_SET_FAST_CONNECTABLE, | |
46 | MGMT_OP_SET_PAIRABLE, | |
47 | MGMT_OP_SET_LINK_SECURITY, | |
48 | MGMT_OP_SET_SSP, | |
49 | MGMT_OP_SET_HS, | |
50 | MGMT_OP_SET_LE, | |
51 | MGMT_OP_SET_DEV_CLASS, | |
52 | MGMT_OP_SET_LOCAL_NAME, | |
53 | MGMT_OP_ADD_UUID, | |
54 | MGMT_OP_REMOVE_UUID, | |
55 | MGMT_OP_LOAD_LINK_KEYS, | |
56 | MGMT_OP_LOAD_LONG_TERM_KEYS, | |
57 | MGMT_OP_DISCONNECT, | |
58 | MGMT_OP_GET_CONNECTIONS, | |
59 | MGMT_OP_PIN_CODE_REPLY, | |
60 | MGMT_OP_PIN_CODE_NEG_REPLY, | |
61 | MGMT_OP_SET_IO_CAPABILITY, | |
62 | MGMT_OP_PAIR_DEVICE, | |
63 | MGMT_OP_CANCEL_PAIR_DEVICE, | |
64 | MGMT_OP_UNPAIR_DEVICE, | |
65 | MGMT_OP_USER_CONFIRM_REPLY, | |
66 | MGMT_OP_USER_CONFIRM_NEG_REPLY, | |
67 | MGMT_OP_USER_PASSKEY_REPLY, | |
68 | MGMT_OP_USER_PASSKEY_NEG_REPLY, | |
69 | MGMT_OP_READ_LOCAL_OOB_DATA, | |
70 | MGMT_OP_ADD_REMOTE_OOB_DATA, | |
71 | MGMT_OP_REMOVE_REMOTE_OOB_DATA, | |
72 | MGMT_OP_START_DISCOVERY, | |
73 | MGMT_OP_STOP_DISCOVERY, | |
74 | MGMT_OP_CONFIRM_NAME, | |
75 | MGMT_OP_BLOCK_DEVICE, | |
76 | MGMT_OP_UNBLOCK_DEVICE, | |
77 | MGMT_OP_SET_DEVICE_ID, | |
78 | MGMT_OP_SET_ADVERTISING, | |
79 | MGMT_OP_SET_BREDR, | |
80 | MGMT_OP_SET_STATIC_ADDRESS, | |
81 | MGMT_OP_SET_SCAN_PARAMS, | |
82 | MGMT_OP_SET_SECURE_CONN, | |
83 | MGMT_OP_SET_DEBUG_KEYS, | |
84 | MGMT_OP_LOAD_IRKS, | |
85 | }; | |
86 | ||
87 | static const u16 mgmt_events[] = { | |
88 | MGMT_EV_CONTROLLER_ERROR, | |
89 | MGMT_EV_INDEX_ADDED, | |
90 | MGMT_EV_INDEX_REMOVED, | |
91 | MGMT_EV_NEW_SETTINGS, | |
92 | MGMT_EV_CLASS_OF_DEV_CHANGED, | |
93 | MGMT_EV_LOCAL_NAME_CHANGED, | |
94 | MGMT_EV_NEW_LINK_KEY, | |
95 | MGMT_EV_NEW_LONG_TERM_KEY, | |
96 | MGMT_EV_DEVICE_CONNECTED, | |
97 | MGMT_EV_DEVICE_DISCONNECTED, | |
98 | MGMT_EV_CONNECT_FAILED, | |
99 | MGMT_EV_PIN_CODE_REQUEST, | |
100 | MGMT_EV_USER_CONFIRM_REQUEST, | |
101 | MGMT_EV_USER_PASSKEY_REQUEST, | |
102 | MGMT_EV_AUTH_FAILED, | |
103 | MGMT_EV_DEVICE_FOUND, | |
104 | MGMT_EV_DISCOVERING, | |
105 | MGMT_EV_DEVICE_BLOCKED, | |
106 | MGMT_EV_DEVICE_UNBLOCKED, | |
107 | MGMT_EV_DEVICE_UNPAIRED, | |
108 | MGMT_EV_PASSKEY_NOTIFY, | |
109 | }; | |
110 | ||
111 | #define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000) | |
112 | ||
113 | #define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \ | |
114 | !test_bit(HCI_AUTO_OFF, &hdev->dev_flags)) | |
115 | ||
116 | struct pending_cmd { | |
117 | struct list_head list; | |
118 | u16 opcode; | |
119 | int index; | |
120 | void *param; | |
121 | struct sock *sk; | |
122 | void *user_data; | |
123 | }; | |
124 | ||
125 | /* HCI to MGMT error code conversion table */ | |
126 | static u8 mgmt_status_table[] = { | |
127 | MGMT_STATUS_SUCCESS, | |
128 | MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */ | |
129 | MGMT_STATUS_NOT_CONNECTED, /* No Connection */ | |
130 | MGMT_STATUS_FAILED, /* Hardware Failure */ | |
131 | MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */ | |
132 | MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */ | |
133 | MGMT_STATUS_AUTH_FAILED, /* PIN or Key Missing */ | |
134 | MGMT_STATUS_NO_RESOURCES, /* Memory Full */ | |
135 | MGMT_STATUS_TIMEOUT, /* Connection Timeout */ | |
136 | MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */ | |
137 | MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */ | |
138 | MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */ | |
139 | MGMT_STATUS_BUSY, /* Command Disallowed */ | |
140 | MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */ | |
141 | MGMT_STATUS_REJECTED, /* Rejected Security */ | |
142 | MGMT_STATUS_REJECTED, /* Rejected Personal */ | |
143 | MGMT_STATUS_TIMEOUT, /* Host Timeout */ | |
144 | MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */ | |
145 | MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */ | |
146 | MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */ | |
147 | MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */ | |
148 | MGMT_STATUS_DISCONNECTED, /* OE Power Off */ | |
149 | MGMT_STATUS_DISCONNECTED, /* Connection Terminated */ | |
150 | MGMT_STATUS_BUSY, /* Repeated Attempts */ | |
151 | MGMT_STATUS_REJECTED, /* Pairing Not Allowed */ | |
152 | MGMT_STATUS_FAILED, /* Unknown LMP PDU */ | |
153 | MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */ | |
154 | MGMT_STATUS_REJECTED, /* SCO Offset Rejected */ | |
155 | MGMT_STATUS_REJECTED, /* SCO Interval Rejected */ | |
156 | MGMT_STATUS_REJECTED, /* Air Mode Rejected */ | |
157 | MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */ | |
158 | MGMT_STATUS_FAILED, /* Unspecified Error */ | |
159 | MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */ | |
160 | MGMT_STATUS_FAILED, /* Role Change Not Allowed */ | |
161 | MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */ | |
162 | MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */ | |
163 | MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */ | |
164 | MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */ | |
165 | MGMT_STATUS_FAILED, /* Unit Link Key Used */ | |
166 | MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */ | |
167 | MGMT_STATUS_TIMEOUT, /* Instant Passed */ | |
168 | MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */ | |
169 | MGMT_STATUS_FAILED, /* Transaction Collision */ | |
170 | MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */ | |
171 | MGMT_STATUS_REJECTED, /* QoS Rejected */ | |
172 | MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */ | |
173 | MGMT_STATUS_REJECTED, /* Insufficient Security */ | |
174 | MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */ | |
175 | MGMT_STATUS_BUSY, /* Role Switch Pending */ | |
176 | MGMT_STATUS_FAILED, /* Slot Violation */ | |
177 | MGMT_STATUS_FAILED, /* Role Switch Failed */ | |
178 | MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */ | |
179 | MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */ | |
180 | MGMT_STATUS_BUSY, /* Host Busy Pairing */ | |
181 | MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */ | |
182 | MGMT_STATUS_BUSY, /* Controller Busy */ | |
183 | MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */ | |
184 | MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */ | |
185 | MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */ | |
186 | MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */ | |
187 | MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */ | |
188 | }; | |
189 | ||
190 | static u8 mgmt_status(u8 hci_status) | |
191 | { | |
192 | if (hci_status < ARRAY_SIZE(mgmt_status_table)) | |
193 | return mgmt_status_table[hci_status]; | |
194 | ||
195 | return MGMT_STATUS_FAILED; | |
196 | } | |
197 | ||
198 | static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status) | |
199 | { | |
200 | struct sk_buff *skb; | |
201 | struct mgmt_hdr *hdr; | |
202 | struct mgmt_ev_cmd_status *ev; | |
203 | int err; | |
204 | ||
205 | BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status); | |
206 | ||
207 | skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL); | |
208 | if (!skb) | |
209 | return -ENOMEM; | |
210 | ||
211 | hdr = (void *) skb_put(skb, sizeof(*hdr)); | |
212 | ||
213 | hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_STATUS); | |
214 | hdr->index = cpu_to_le16(index); | |
215 | hdr->len = cpu_to_le16(sizeof(*ev)); | |
216 | ||
217 | ev = (void *) skb_put(skb, sizeof(*ev)); | |
218 | ev->status = status; | |
219 | ev->opcode = cpu_to_le16(cmd); | |
220 | ||
221 | err = sock_queue_rcv_skb(sk, skb); | |
222 | if (err < 0) | |
223 | kfree_skb(skb); | |
224 | ||
225 | return err; | |
226 | } | |
227 | ||
228 | static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status, | |
229 | void *rp, size_t rp_len) | |
230 | { | |
231 | struct sk_buff *skb; | |
232 | struct mgmt_hdr *hdr; | |
233 | struct mgmt_ev_cmd_complete *ev; | |
234 | int err; | |
235 | ||
236 | BT_DBG("sock %p", sk); | |
237 | ||
238 | skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL); | |
239 | if (!skb) | |
240 | return -ENOMEM; | |
241 | ||
242 | hdr = (void *) skb_put(skb, sizeof(*hdr)); | |
243 | ||
244 | hdr->opcode = __constant_cpu_to_le16(MGMT_EV_CMD_COMPLETE); | |
245 | hdr->index = cpu_to_le16(index); | |
246 | hdr->len = cpu_to_le16(sizeof(*ev) + rp_len); | |
247 | ||
248 | ev = (void *) skb_put(skb, sizeof(*ev) + rp_len); | |
249 | ev->opcode = cpu_to_le16(cmd); | |
250 | ev->status = status; | |
251 | ||
252 | if (rp) | |
253 | memcpy(ev->data, rp, rp_len); | |
254 | ||
255 | err = sock_queue_rcv_skb(sk, skb); | |
256 | if (err < 0) | |
257 | kfree_skb(skb); | |
258 | ||
259 | return err; | |
260 | } | |
261 | ||
262 | static int read_version(struct sock *sk, struct hci_dev *hdev, void *data, | |
263 | u16 data_len) | |
264 | { | |
265 | struct mgmt_rp_read_version rp; | |
266 | ||
267 | BT_DBG("sock %p", sk); | |
268 | ||
269 | rp.version = MGMT_VERSION; | |
270 | rp.revision = __constant_cpu_to_le16(MGMT_REVISION); | |
271 | ||
272 | return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp, | |
273 | sizeof(rp)); | |
274 | } | |
275 | ||
276 | static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data, | |
277 | u16 data_len) | |
278 | { | |
279 | struct mgmt_rp_read_commands *rp; | |
280 | const u16 num_commands = ARRAY_SIZE(mgmt_commands); | |
281 | const u16 num_events = ARRAY_SIZE(mgmt_events); | |
282 | __le16 *opcode; | |
283 | size_t rp_size; | |
284 | int i, err; | |
285 | ||
286 | BT_DBG("sock %p", sk); | |
287 | ||
288 | rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16)); | |
289 | ||
290 | rp = kmalloc(rp_size, GFP_KERNEL); | |
291 | if (!rp) | |
292 | return -ENOMEM; | |
293 | ||
294 | rp->num_commands = __constant_cpu_to_le16(num_commands); | |
295 | rp->num_events = __constant_cpu_to_le16(num_events); | |
296 | ||
297 | for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++) | |
298 | put_unaligned_le16(mgmt_commands[i], opcode); | |
299 | ||
300 | for (i = 0; i < num_events; i++, opcode++) | |
301 | put_unaligned_le16(mgmt_events[i], opcode); | |
302 | ||
303 | err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp, | |
304 | rp_size); | |
305 | kfree(rp); | |
306 | ||
307 | return err; | |
308 | } | |
309 | ||
310 | static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data, | |
311 | u16 data_len) | |
312 | { | |
313 | struct mgmt_rp_read_index_list *rp; | |
314 | struct hci_dev *d; | |
315 | size_t rp_len; | |
316 | u16 count; | |
317 | int err; | |
318 | ||
319 | BT_DBG("sock %p", sk); | |
320 | ||
321 | read_lock(&hci_dev_list_lock); | |
322 | ||
323 | count = 0; | |
324 | list_for_each_entry(d, &hci_dev_list, list) { | |
325 | if (d->dev_type == HCI_BREDR) | |
326 | count++; | |
327 | } | |
328 | ||
329 | rp_len = sizeof(*rp) + (2 * count); | |
330 | rp = kmalloc(rp_len, GFP_ATOMIC); | |
331 | if (!rp) { | |
332 | read_unlock(&hci_dev_list_lock); | |
333 | return -ENOMEM; | |
334 | } | |
335 | ||
336 | count = 0; | |
337 | list_for_each_entry(d, &hci_dev_list, list) { | |
338 | if (test_bit(HCI_SETUP, &d->dev_flags)) | |
339 | continue; | |
340 | ||
341 | if (test_bit(HCI_USER_CHANNEL, &d->dev_flags)) | |
342 | continue; | |
343 | ||
344 | if (d->dev_type == HCI_BREDR) { | |
345 | rp->index[count++] = cpu_to_le16(d->id); | |
346 | BT_DBG("Added hci%u", d->id); | |
347 | } | |
348 | } | |
349 | ||
350 | rp->num_controllers = cpu_to_le16(count); | |
351 | rp_len = sizeof(*rp) + (2 * count); | |
352 | ||
353 | read_unlock(&hci_dev_list_lock); | |
354 | ||
355 | err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp, | |
356 | rp_len); | |
357 | ||
358 | kfree(rp); | |
359 | ||
360 | return err; | |
361 | } | |
362 | ||
363 | static u32 get_supported_settings(struct hci_dev *hdev) | |
364 | { | |
365 | u32 settings = 0; | |
366 | ||
367 | settings |= MGMT_SETTING_POWERED; | |
368 | settings |= MGMT_SETTING_PAIRABLE; | |
369 | settings |= MGMT_SETTING_DEBUG_KEYS; | |
370 | ||
371 | if (lmp_bredr_capable(hdev)) { | |
372 | settings |= MGMT_SETTING_CONNECTABLE; | |
373 | if (hdev->hci_ver >= BLUETOOTH_VER_1_2) | |
374 | settings |= MGMT_SETTING_FAST_CONNECTABLE; | |
375 | settings |= MGMT_SETTING_DISCOVERABLE; | |
376 | settings |= MGMT_SETTING_BREDR; | |
377 | settings |= MGMT_SETTING_LINK_SECURITY; | |
378 | ||
379 | if (lmp_ssp_capable(hdev)) { | |
380 | settings |= MGMT_SETTING_SSP; | |
381 | settings |= MGMT_SETTING_HS; | |
382 | } | |
383 | ||
384 | if (lmp_sc_capable(hdev) || | |
385 | test_bit(HCI_FORCE_SC, &hdev->dev_flags)) | |
386 | settings |= MGMT_SETTING_SECURE_CONN; | |
387 | } | |
388 | ||
389 | if (lmp_le_capable(hdev)) { | |
390 | settings |= MGMT_SETTING_LE; | |
391 | settings |= MGMT_SETTING_ADVERTISING; | |
392 | } | |
393 | ||
394 | return settings; | |
395 | } | |
396 | ||
397 | static u32 get_current_settings(struct hci_dev *hdev) | |
398 | { | |
399 | u32 settings = 0; | |
400 | ||
401 | if (hdev_is_powered(hdev)) | |
402 | settings |= MGMT_SETTING_POWERED; | |
403 | ||
404 | if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) | |
405 | settings |= MGMT_SETTING_CONNECTABLE; | |
406 | ||
407 | if (test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) | |
408 | settings |= MGMT_SETTING_FAST_CONNECTABLE; | |
409 | ||
410 | if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) | |
411 | settings |= MGMT_SETTING_DISCOVERABLE; | |
412 | ||
413 | if (test_bit(HCI_PAIRABLE, &hdev->dev_flags)) | |
414 | settings |= MGMT_SETTING_PAIRABLE; | |
415 | ||
416 | if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
417 | settings |= MGMT_SETTING_BREDR; | |
418 | ||
419 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) | |
420 | settings |= MGMT_SETTING_LE; | |
421 | ||
422 | if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) | |
423 | settings |= MGMT_SETTING_LINK_SECURITY; | |
424 | ||
425 | if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) | |
426 | settings |= MGMT_SETTING_SSP; | |
427 | ||
428 | if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags)) | |
429 | settings |= MGMT_SETTING_HS; | |
430 | ||
431 | if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) | |
432 | settings |= MGMT_SETTING_ADVERTISING; | |
433 | ||
434 | if (test_bit(HCI_SC_ENABLED, &hdev->dev_flags)) | |
435 | settings |= MGMT_SETTING_SECURE_CONN; | |
436 | ||
437 | if (test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags)) | |
438 | settings |= MGMT_SETTING_DEBUG_KEYS; | |
439 | ||
440 | return settings; | |
441 | } | |
442 | ||
443 | #define PNP_INFO_SVCLASS_ID 0x1200 | |
444 | ||
445 | static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len) | |
446 | { | |
447 | u8 *ptr = data, *uuids_start = NULL; | |
448 | struct bt_uuid *uuid; | |
449 | ||
450 | if (len < 4) | |
451 | return ptr; | |
452 | ||
453 | list_for_each_entry(uuid, &hdev->uuids, list) { | |
454 | u16 uuid16; | |
455 | ||
456 | if (uuid->size != 16) | |
457 | continue; | |
458 | ||
459 | uuid16 = get_unaligned_le16(&uuid->uuid[12]); | |
460 | if (uuid16 < 0x1100) | |
461 | continue; | |
462 | ||
463 | if (uuid16 == PNP_INFO_SVCLASS_ID) | |
464 | continue; | |
465 | ||
466 | if (!uuids_start) { | |
467 | uuids_start = ptr; | |
468 | uuids_start[0] = 1; | |
469 | uuids_start[1] = EIR_UUID16_ALL; | |
470 | ptr += 2; | |
471 | } | |
472 | ||
473 | /* Stop if not enough space to put next UUID */ | |
474 | if ((ptr - data) + sizeof(u16) > len) { | |
475 | uuids_start[1] = EIR_UUID16_SOME; | |
476 | break; | |
477 | } | |
478 | ||
479 | *ptr++ = (uuid16 & 0x00ff); | |
480 | *ptr++ = (uuid16 & 0xff00) >> 8; | |
481 | uuids_start[0] += sizeof(uuid16); | |
482 | } | |
483 | ||
484 | return ptr; | |
485 | } | |
486 | ||
487 | static u8 *create_uuid32_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len) | |
488 | { | |
489 | u8 *ptr = data, *uuids_start = NULL; | |
490 | struct bt_uuid *uuid; | |
491 | ||
492 | if (len < 6) | |
493 | return ptr; | |
494 | ||
495 | list_for_each_entry(uuid, &hdev->uuids, list) { | |
496 | if (uuid->size != 32) | |
497 | continue; | |
498 | ||
499 | if (!uuids_start) { | |
500 | uuids_start = ptr; | |
501 | uuids_start[0] = 1; | |
502 | uuids_start[1] = EIR_UUID32_ALL; | |
503 | ptr += 2; | |
504 | } | |
505 | ||
506 | /* Stop if not enough space to put next UUID */ | |
507 | if ((ptr - data) + sizeof(u32) > len) { | |
508 | uuids_start[1] = EIR_UUID32_SOME; | |
509 | break; | |
510 | } | |
511 | ||
512 | memcpy(ptr, &uuid->uuid[12], sizeof(u32)); | |
513 | ptr += sizeof(u32); | |
514 | uuids_start[0] += sizeof(u32); | |
515 | } | |
516 | ||
517 | return ptr; | |
518 | } | |
519 | ||
520 | static u8 *create_uuid128_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len) | |
521 | { | |
522 | u8 *ptr = data, *uuids_start = NULL; | |
523 | struct bt_uuid *uuid; | |
524 | ||
525 | if (len < 18) | |
526 | return ptr; | |
527 | ||
528 | list_for_each_entry(uuid, &hdev->uuids, list) { | |
529 | if (uuid->size != 128) | |
530 | continue; | |
531 | ||
532 | if (!uuids_start) { | |
533 | uuids_start = ptr; | |
534 | uuids_start[0] = 1; | |
535 | uuids_start[1] = EIR_UUID128_ALL; | |
536 | ptr += 2; | |
537 | } | |
538 | ||
539 | /* Stop if not enough space to put next UUID */ | |
540 | if ((ptr - data) + 16 > len) { | |
541 | uuids_start[1] = EIR_UUID128_SOME; | |
542 | break; | |
543 | } | |
544 | ||
545 | memcpy(ptr, uuid->uuid, 16); | |
546 | ptr += 16; | |
547 | uuids_start[0] += 16; | |
548 | } | |
549 | ||
550 | return ptr; | |
551 | } | |
552 | ||
553 | static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev) | |
554 | { | |
555 | struct pending_cmd *cmd; | |
556 | ||
557 | list_for_each_entry(cmd, &hdev->mgmt_pending, list) { | |
558 | if (cmd->opcode == opcode) | |
559 | return cmd; | |
560 | } | |
561 | ||
562 | return NULL; | |
563 | } | |
564 | ||
565 | static u8 create_scan_rsp_data(struct hci_dev *hdev, u8 *ptr) | |
566 | { | |
567 | u8 ad_len = 0; | |
568 | size_t name_len; | |
569 | ||
570 | name_len = strlen(hdev->dev_name); | |
571 | if (name_len > 0) { | |
572 | size_t max_len = HCI_MAX_AD_LENGTH - ad_len - 2; | |
573 | ||
574 | if (name_len > max_len) { | |
575 | name_len = max_len; | |
576 | ptr[1] = EIR_NAME_SHORT; | |
577 | } else | |
578 | ptr[1] = EIR_NAME_COMPLETE; | |
579 | ||
580 | ptr[0] = name_len + 1; | |
581 | ||
582 | memcpy(ptr + 2, hdev->dev_name, name_len); | |
583 | ||
584 | ad_len += (name_len + 2); | |
585 | ptr += (name_len + 2); | |
586 | } | |
587 | ||
588 | return ad_len; | |
589 | } | |
590 | ||
591 | static void update_scan_rsp_data(struct hci_request *req) | |
592 | { | |
593 | struct hci_dev *hdev = req->hdev; | |
594 | struct hci_cp_le_set_scan_rsp_data cp; | |
595 | u8 len; | |
596 | ||
597 | if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) | |
598 | return; | |
599 | ||
600 | memset(&cp, 0, sizeof(cp)); | |
601 | ||
602 | len = create_scan_rsp_data(hdev, cp.data); | |
603 | ||
604 | if (hdev->scan_rsp_data_len == len && | |
605 | memcmp(cp.data, hdev->scan_rsp_data, len) == 0) | |
606 | return; | |
607 | ||
608 | memcpy(hdev->scan_rsp_data, cp.data, sizeof(cp.data)); | |
609 | hdev->scan_rsp_data_len = len; | |
610 | ||
611 | cp.length = len; | |
612 | ||
613 | hci_req_add(req, HCI_OP_LE_SET_SCAN_RSP_DATA, sizeof(cp), &cp); | |
614 | } | |
615 | ||
616 | static u8 get_adv_discov_flags(struct hci_dev *hdev) | |
617 | { | |
618 | struct pending_cmd *cmd; | |
619 | ||
620 | /* If there's a pending mgmt command the flags will not yet have | |
621 | * their final values, so check for this first. | |
622 | */ | |
623 | cmd = mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev); | |
624 | if (cmd) { | |
625 | struct mgmt_mode *cp = cmd->param; | |
626 | if (cp->val == 0x01) | |
627 | return LE_AD_GENERAL; | |
628 | else if (cp->val == 0x02) | |
629 | return LE_AD_LIMITED; | |
630 | } else { | |
631 | if (test_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags)) | |
632 | return LE_AD_LIMITED; | |
633 | else if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) | |
634 | return LE_AD_GENERAL; | |
635 | } | |
636 | ||
637 | return 0; | |
638 | } | |
639 | ||
640 | static u8 create_adv_data(struct hci_dev *hdev, u8 *ptr) | |
641 | { | |
642 | u8 ad_len = 0, flags = 0; | |
643 | ||
644 | flags |= get_adv_discov_flags(hdev); | |
645 | ||
646 | if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
647 | flags |= LE_AD_NO_BREDR; | |
648 | ||
649 | if (flags) { | |
650 | BT_DBG("adv flags 0x%02x", flags); | |
651 | ||
652 | ptr[0] = 2; | |
653 | ptr[1] = EIR_FLAGS; | |
654 | ptr[2] = flags; | |
655 | ||
656 | ad_len += 3; | |
657 | ptr += 3; | |
658 | } | |
659 | ||
660 | if (hdev->adv_tx_power != HCI_TX_POWER_INVALID) { | |
661 | ptr[0] = 2; | |
662 | ptr[1] = EIR_TX_POWER; | |
663 | ptr[2] = (u8) hdev->adv_tx_power; | |
664 | ||
665 | ad_len += 3; | |
666 | ptr += 3; | |
667 | } | |
668 | ||
669 | return ad_len; | |
670 | } | |
671 | ||
672 | static void update_adv_data(struct hci_request *req) | |
673 | { | |
674 | struct hci_dev *hdev = req->hdev; | |
675 | struct hci_cp_le_set_adv_data cp; | |
676 | u8 len; | |
677 | ||
678 | if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) | |
679 | return; | |
680 | ||
681 | memset(&cp, 0, sizeof(cp)); | |
682 | ||
683 | len = create_adv_data(hdev, cp.data); | |
684 | ||
685 | if (hdev->adv_data_len == len && | |
686 | memcmp(cp.data, hdev->adv_data, len) == 0) | |
687 | return; | |
688 | ||
689 | memcpy(hdev->adv_data, cp.data, sizeof(cp.data)); | |
690 | hdev->adv_data_len = len; | |
691 | ||
692 | cp.length = len; | |
693 | ||
694 | hci_req_add(req, HCI_OP_LE_SET_ADV_DATA, sizeof(cp), &cp); | |
695 | } | |
696 | ||
697 | static void create_eir(struct hci_dev *hdev, u8 *data) | |
698 | { | |
699 | u8 *ptr = data; | |
700 | size_t name_len; | |
701 | ||
702 | name_len = strlen(hdev->dev_name); | |
703 | ||
704 | if (name_len > 0) { | |
705 | /* EIR Data type */ | |
706 | if (name_len > 48) { | |
707 | name_len = 48; | |
708 | ptr[1] = EIR_NAME_SHORT; | |
709 | } else | |
710 | ptr[1] = EIR_NAME_COMPLETE; | |
711 | ||
712 | /* EIR Data length */ | |
713 | ptr[0] = name_len + 1; | |
714 | ||
715 | memcpy(ptr + 2, hdev->dev_name, name_len); | |
716 | ||
717 | ptr += (name_len + 2); | |
718 | } | |
719 | ||
720 | if (hdev->inq_tx_power != HCI_TX_POWER_INVALID) { | |
721 | ptr[0] = 2; | |
722 | ptr[1] = EIR_TX_POWER; | |
723 | ptr[2] = (u8) hdev->inq_tx_power; | |
724 | ||
725 | ptr += 3; | |
726 | } | |
727 | ||
728 | if (hdev->devid_source > 0) { | |
729 | ptr[0] = 9; | |
730 | ptr[1] = EIR_DEVICE_ID; | |
731 | ||
732 | put_unaligned_le16(hdev->devid_source, ptr + 2); | |
733 | put_unaligned_le16(hdev->devid_vendor, ptr + 4); | |
734 | put_unaligned_le16(hdev->devid_product, ptr + 6); | |
735 | put_unaligned_le16(hdev->devid_version, ptr + 8); | |
736 | ||
737 | ptr += 10; | |
738 | } | |
739 | ||
740 | ptr = create_uuid16_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data)); | |
741 | ptr = create_uuid32_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data)); | |
742 | ptr = create_uuid128_list(hdev, ptr, HCI_MAX_EIR_LENGTH - (ptr - data)); | |
743 | } | |
744 | ||
745 | static void update_eir(struct hci_request *req) | |
746 | { | |
747 | struct hci_dev *hdev = req->hdev; | |
748 | struct hci_cp_write_eir cp; | |
749 | ||
750 | if (!hdev_is_powered(hdev)) | |
751 | return; | |
752 | ||
753 | if (!lmp_ext_inq_capable(hdev)) | |
754 | return; | |
755 | ||
756 | if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) | |
757 | return; | |
758 | ||
759 | if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) | |
760 | return; | |
761 | ||
762 | memset(&cp, 0, sizeof(cp)); | |
763 | ||
764 | create_eir(hdev, cp.data); | |
765 | ||
766 | if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0) | |
767 | return; | |
768 | ||
769 | memcpy(hdev->eir, cp.data, sizeof(cp.data)); | |
770 | ||
771 | hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp); | |
772 | } | |
773 | ||
774 | static u8 get_service_classes(struct hci_dev *hdev) | |
775 | { | |
776 | struct bt_uuid *uuid; | |
777 | u8 val = 0; | |
778 | ||
779 | list_for_each_entry(uuid, &hdev->uuids, list) | |
780 | val |= uuid->svc_hint; | |
781 | ||
782 | return val; | |
783 | } | |
784 | ||
785 | static void update_class(struct hci_request *req) | |
786 | { | |
787 | struct hci_dev *hdev = req->hdev; | |
788 | u8 cod[3]; | |
789 | ||
790 | BT_DBG("%s", hdev->name); | |
791 | ||
792 | if (!hdev_is_powered(hdev)) | |
793 | return; | |
794 | ||
795 | if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
796 | return; | |
797 | ||
798 | if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) | |
799 | return; | |
800 | ||
801 | cod[0] = hdev->minor_class; | |
802 | cod[1] = hdev->major_class; | |
803 | cod[2] = get_service_classes(hdev); | |
804 | ||
805 | if (test_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags)) | |
806 | cod[1] |= 0x20; | |
807 | ||
808 | if (memcmp(cod, hdev->dev_class, 3) == 0) | |
809 | return; | |
810 | ||
811 | hci_req_add(req, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod); | |
812 | } | |
813 | ||
814 | static void service_cache_off(struct work_struct *work) | |
815 | { | |
816 | struct hci_dev *hdev = container_of(work, struct hci_dev, | |
817 | service_cache.work); | |
818 | struct hci_request req; | |
819 | ||
820 | if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) | |
821 | return; | |
822 | ||
823 | hci_req_init(&req, hdev); | |
824 | ||
825 | hci_dev_lock(hdev); | |
826 | ||
827 | update_eir(&req); | |
828 | update_class(&req); | |
829 | ||
830 | hci_dev_unlock(hdev); | |
831 | ||
832 | hci_req_run(&req, NULL); | |
833 | } | |
834 | ||
835 | static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev) | |
836 | { | |
837 | if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags)) | |
838 | return; | |
839 | ||
840 | INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off); | |
841 | ||
842 | /* Non-mgmt controlled devices get this bit set | |
843 | * implicitly so that pairing works for them, however | |
844 | * for mgmt we require user-space to explicitly enable | |
845 | * it | |
846 | */ | |
847 | clear_bit(HCI_PAIRABLE, &hdev->dev_flags); | |
848 | } | |
849 | ||
850 | static int read_controller_info(struct sock *sk, struct hci_dev *hdev, | |
851 | void *data, u16 data_len) | |
852 | { | |
853 | struct mgmt_rp_read_info rp; | |
854 | ||
855 | BT_DBG("sock %p %s", sk, hdev->name); | |
856 | ||
857 | hci_dev_lock(hdev); | |
858 | ||
859 | memset(&rp, 0, sizeof(rp)); | |
860 | ||
861 | bacpy(&rp.bdaddr, &hdev->bdaddr); | |
862 | ||
863 | rp.version = hdev->hci_ver; | |
864 | rp.manufacturer = cpu_to_le16(hdev->manufacturer); | |
865 | ||
866 | rp.supported_settings = cpu_to_le32(get_supported_settings(hdev)); | |
867 | rp.current_settings = cpu_to_le32(get_current_settings(hdev)); | |
868 | ||
869 | memcpy(rp.dev_class, hdev->dev_class, 3); | |
870 | ||
871 | memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name)); | |
872 | memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name)); | |
873 | ||
874 | hci_dev_unlock(hdev); | |
875 | ||
876 | return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp, | |
877 | sizeof(rp)); | |
878 | } | |
879 | ||
880 | static void mgmt_pending_free(struct pending_cmd *cmd) | |
881 | { | |
882 | sock_put(cmd->sk); | |
883 | kfree(cmd->param); | |
884 | kfree(cmd); | |
885 | } | |
886 | ||
887 | static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode, | |
888 | struct hci_dev *hdev, void *data, | |
889 | u16 len) | |
890 | { | |
891 | struct pending_cmd *cmd; | |
892 | ||
893 | cmd = kmalloc(sizeof(*cmd), GFP_KERNEL); | |
894 | if (!cmd) | |
895 | return NULL; | |
896 | ||
897 | cmd->opcode = opcode; | |
898 | cmd->index = hdev->id; | |
899 | ||
900 | cmd->param = kmalloc(len, GFP_KERNEL); | |
901 | if (!cmd->param) { | |
902 | kfree(cmd); | |
903 | return NULL; | |
904 | } | |
905 | ||
906 | if (data) | |
907 | memcpy(cmd->param, data, len); | |
908 | ||
909 | cmd->sk = sk; | |
910 | sock_hold(sk); | |
911 | ||
912 | list_add(&cmd->list, &hdev->mgmt_pending); | |
913 | ||
914 | return cmd; | |
915 | } | |
916 | ||
917 | static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev, | |
918 | void (*cb)(struct pending_cmd *cmd, | |
919 | void *data), | |
920 | void *data) | |
921 | { | |
922 | struct pending_cmd *cmd, *tmp; | |
923 | ||
924 | list_for_each_entry_safe(cmd, tmp, &hdev->mgmt_pending, list) { | |
925 | if (opcode > 0 && cmd->opcode != opcode) | |
926 | continue; | |
927 | ||
928 | cb(cmd, data); | |
929 | } | |
930 | } | |
931 | ||
932 | static void mgmt_pending_remove(struct pending_cmd *cmd) | |
933 | { | |
934 | list_del(&cmd->list); | |
935 | mgmt_pending_free(cmd); | |
936 | } | |
937 | ||
938 | static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev) | |
939 | { | |
940 | __le32 settings = cpu_to_le32(get_current_settings(hdev)); | |
941 | ||
942 | return cmd_complete(sk, hdev->id, opcode, 0, &settings, | |
943 | sizeof(settings)); | |
944 | } | |
945 | ||
946 | static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data, | |
947 | u16 len) | |
948 | { | |
949 | struct mgmt_mode *cp = data; | |
950 | struct pending_cmd *cmd; | |
951 | int err; | |
952 | ||
953 | BT_DBG("request for %s", hdev->name); | |
954 | ||
955 | if (cp->val != 0x00 && cp->val != 0x01) | |
956 | return cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED, | |
957 | MGMT_STATUS_INVALID_PARAMS); | |
958 | ||
959 | hci_dev_lock(hdev); | |
960 | ||
961 | if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) { | |
962 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED, | |
963 | MGMT_STATUS_BUSY); | |
964 | goto failed; | |
965 | } | |
966 | ||
967 | if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) { | |
968 | cancel_delayed_work(&hdev->power_off); | |
969 | ||
970 | if (cp->val) { | |
971 | mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, | |
972 | data, len); | |
973 | err = mgmt_powered(hdev, 1); | |
974 | goto failed; | |
975 | } | |
976 | } | |
977 | ||
978 | if (!!cp->val == hdev_is_powered(hdev)) { | |
979 | err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev); | |
980 | goto failed; | |
981 | } | |
982 | ||
983 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len); | |
984 | if (!cmd) { | |
985 | err = -ENOMEM; | |
986 | goto failed; | |
987 | } | |
988 | ||
989 | if (cp->val) | |
990 | queue_work(hdev->req_workqueue, &hdev->power_on); | |
991 | else | |
992 | queue_work(hdev->req_workqueue, &hdev->power_off.work); | |
993 | ||
994 | err = 0; | |
995 | ||
996 | failed: | |
997 | hci_dev_unlock(hdev); | |
998 | return err; | |
999 | } | |
1000 | ||
1001 | static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len, | |
1002 | struct sock *skip_sk) | |
1003 | { | |
1004 | struct sk_buff *skb; | |
1005 | struct mgmt_hdr *hdr; | |
1006 | ||
1007 | skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL); | |
1008 | if (!skb) | |
1009 | return -ENOMEM; | |
1010 | ||
1011 | hdr = (void *) skb_put(skb, sizeof(*hdr)); | |
1012 | hdr->opcode = cpu_to_le16(event); | |
1013 | if (hdev) | |
1014 | hdr->index = cpu_to_le16(hdev->id); | |
1015 | else | |
1016 | hdr->index = __constant_cpu_to_le16(MGMT_INDEX_NONE); | |
1017 | hdr->len = cpu_to_le16(data_len); | |
1018 | ||
1019 | if (data) | |
1020 | memcpy(skb_put(skb, data_len), data, data_len); | |
1021 | ||
1022 | /* Time stamp */ | |
1023 | __net_timestamp(skb); | |
1024 | ||
1025 | hci_send_to_control(skb, skip_sk); | |
1026 | kfree_skb(skb); | |
1027 | ||
1028 | return 0; | |
1029 | } | |
1030 | ||
1031 | static int new_settings(struct hci_dev *hdev, struct sock *skip) | |
1032 | { | |
1033 | __le32 ev; | |
1034 | ||
1035 | ev = cpu_to_le32(get_current_settings(hdev)); | |
1036 | ||
1037 | return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip); | |
1038 | } | |
1039 | ||
1040 | struct cmd_lookup { | |
1041 | struct sock *sk; | |
1042 | struct hci_dev *hdev; | |
1043 | u8 mgmt_status; | |
1044 | }; | |
1045 | ||
1046 | static void settings_rsp(struct pending_cmd *cmd, void *data) | |
1047 | { | |
1048 | struct cmd_lookup *match = data; | |
1049 | ||
1050 | send_settings_rsp(cmd->sk, cmd->opcode, match->hdev); | |
1051 | ||
1052 | list_del(&cmd->list); | |
1053 | ||
1054 | if (match->sk == NULL) { | |
1055 | match->sk = cmd->sk; | |
1056 | sock_hold(match->sk); | |
1057 | } | |
1058 | ||
1059 | mgmt_pending_free(cmd); | |
1060 | } | |
1061 | ||
1062 | static void cmd_status_rsp(struct pending_cmd *cmd, void *data) | |
1063 | { | |
1064 | u8 *status = data; | |
1065 | ||
1066 | cmd_status(cmd->sk, cmd->index, cmd->opcode, *status); | |
1067 | mgmt_pending_remove(cmd); | |
1068 | } | |
1069 | ||
1070 | static u8 mgmt_bredr_support(struct hci_dev *hdev) | |
1071 | { | |
1072 | if (!lmp_bredr_capable(hdev)) | |
1073 | return MGMT_STATUS_NOT_SUPPORTED; | |
1074 | else if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
1075 | return MGMT_STATUS_REJECTED; | |
1076 | else | |
1077 | return MGMT_STATUS_SUCCESS; | |
1078 | } | |
1079 | ||
1080 | static u8 mgmt_le_support(struct hci_dev *hdev) | |
1081 | { | |
1082 | if (!lmp_le_capable(hdev)) | |
1083 | return MGMT_STATUS_NOT_SUPPORTED; | |
1084 | else if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) | |
1085 | return MGMT_STATUS_REJECTED; | |
1086 | else | |
1087 | return MGMT_STATUS_SUCCESS; | |
1088 | } | |
1089 | ||
1090 | static void set_discoverable_complete(struct hci_dev *hdev, u8 status) | |
1091 | { | |
1092 | struct pending_cmd *cmd; | |
1093 | struct mgmt_mode *cp; | |
1094 | struct hci_request req; | |
1095 | bool changed; | |
1096 | ||
1097 | BT_DBG("status 0x%02x", status); | |
1098 | ||
1099 | hci_dev_lock(hdev); | |
1100 | ||
1101 | cmd = mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev); | |
1102 | if (!cmd) | |
1103 | goto unlock; | |
1104 | ||
1105 | if (status) { | |
1106 | u8 mgmt_err = mgmt_status(status); | |
1107 | cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err); | |
1108 | clear_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags); | |
1109 | goto remove_cmd; | |
1110 | } | |
1111 | ||
1112 | cp = cmd->param; | |
1113 | if (cp->val) { | |
1114 | changed = !test_and_set_bit(HCI_DISCOVERABLE, | |
1115 | &hdev->dev_flags); | |
1116 | ||
1117 | if (hdev->discov_timeout > 0) { | |
1118 | int to = msecs_to_jiffies(hdev->discov_timeout * 1000); | |
1119 | queue_delayed_work(hdev->workqueue, &hdev->discov_off, | |
1120 | to); | |
1121 | } | |
1122 | } else { | |
1123 | changed = test_and_clear_bit(HCI_DISCOVERABLE, | |
1124 | &hdev->dev_flags); | |
1125 | } | |
1126 | ||
1127 | send_settings_rsp(cmd->sk, MGMT_OP_SET_DISCOVERABLE, hdev); | |
1128 | ||
1129 | if (changed) | |
1130 | new_settings(hdev, cmd->sk); | |
1131 | ||
1132 | /* When the discoverable mode gets changed, make sure | |
1133 | * that class of device has the limited discoverable | |
1134 | * bit correctly set. | |
1135 | */ | |
1136 | hci_req_init(&req, hdev); | |
1137 | update_class(&req); | |
1138 | hci_req_run(&req, NULL); | |
1139 | ||
1140 | remove_cmd: | |
1141 | mgmt_pending_remove(cmd); | |
1142 | ||
1143 | unlock: | |
1144 | hci_dev_unlock(hdev); | |
1145 | } | |
1146 | ||
1147 | static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data, | |
1148 | u16 len) | |
1149 | { | |
1150 | struct mgmt_cp_set_discoverable *cp = data; | |
1151 | struct pending_cmd *cmd; | |
1152 | struct hci_request req; | |
1153 | u16 timeout; | |
1154 | u8 scan; | |
1155 | int err; | |
1156 | ||
1157 | BT_DBG("request for %s", hdev->name); | |
1158 | ||
1159 | if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags) && | |
1160 | !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
1161 | return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, | |
1162 | MGMT_STATUS_REJECTED); | |
1163 | ||
1164 | if (cp->val != 0x00 && cp->val != 0x01 && cp->val != 0x02) | |
1165 | return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, | |
1166 | MGMT_STATUS_INVALID_PARAMS); | |
1167 | ||
1168 | timeout = __le16_to_cpu(cp->timeout); | |
1169 | ||
1170 | /* Disabling discoverable requires that no timeout is set, | |
1171 | * and enabling limited discoverable requires a timeout. | |
1172 | */ | |
1173 | if ((cp->val == 0x00 && timeout > 0) || | |
1174 | (cp->val == 0x02 && timeout == 0)) | |
1175 | return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, | |
1176 | MGMT_STATUS_INVALID_PARAMS); | |
1177 | ||
1178 | hci_dev_lock(hdev); | |
1179 | ||
1180 | if (!hdev_is_powered(hdev) && timeout > 0) { | |
1181 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, | |
1182 | MGMT_STATUS_NOT_POWERED); | |
1183 | goto failed; | |
1184 | } | |
1185 | ||
1186 | if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) || | |
1187 | mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) { | |
1188 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, | |
1189 | MGMT_STATUS_BUSY); | |
1190 | goto failed; | |
1191 | } | |
1192 | ||
1193 | if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) { | |
1194 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE, | |
1195 | MGMT_STATUS_REJECTED); | |
1196 | goto failed; | |
1197 | } | |
1198 | ||
1199 | if (!hdev_is_powered(hdev)) { | |
1200 | bool changed = false; | |
1201 | ||
1202 | /* Setting limited discoverable when powered off is | |
1203 | * not a valid operation since it requires a timeout | |
1204 | * and so no need to check HCI_LIMITED_DISCOVERABLE. | |
1205 | */ | |
1206 | if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) { | |
1207 | change_bit(HCI_DISCOVERABLE, &hdev->dev_flags); | |
1208 | changed = true; | |
1209 | } | |
1210 | ||
1211 | err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev); | |
1212 | if (err < 0) | |
1213 | goto failed; | |
1214 | ||
1215 | if (changed) | |
1216 | err = new_settings(hdev, sk); | |
1217 | ||
1218 | goto failed; | |
1219 | } | |
1220 | ||
1221 | /* If the current mode is the same, then just update the timeout | |
1222 | * value with the new value. And if only the timeout gets updated, | |
1223 | * then no need for any HCI transactions. | |
1224 | */ | |
1225 | if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags) && | |
1226 | (cp->val == 0x02) == test_bit(HCI_LIMITED_DISCOVERABLE, | |
1227 | &hdev->dev_flags)) { | |
1228 | cancel_delayed_work(&hdev->discov_off); | |
1229 | hdev->discov_timeout = timeout; | |
1230 | ||
1231 | if (cp->val && hdev->discov_timeout > 0) { | |
1232 | int to = msecs_to_jiffies(hdev->discov_timeout * 1000); | |
1233 | queue_delayed_work(hdev->workqueue, &hdev->discov_off, | |
1234 | to); | |
1235 | } | |
1236 | ||
1237 | err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev); | |
1238 | goto failed; | |
1239 | } | |
1240 | ||
1241 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len); | |
1242 | if (!cmd) { | |
1243 | err = -ENOMEM; | |
1244 | goto failed; | |
1245 | } | |
1246 | ||
1247 | /* Cancel any potential discoverable timeout that might be | |
1248 | * still active and store new timeout value. The arming of | |
1249 | * the timeout happens in the complete handler. | |
1250 | */ | |
1251 | cancel_delayed_work(&hdev->discov_off); | |
1252 | hdev->discov_timeout = timeout; | |
1253 | ||
1254 | /* Limited discoverable mode */ | |
1255 | if (cp->val == 0x02) | |
1256 | set_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags); | |
1257 | else | |
1258 | clear_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags); | |
1259 | ||
1260 | hci_req_init(&req, hdev); | |
1261 | ||
1262 | /* The procedure for LE-only controllers is much simpler - just | |
1263 | * update the advertising data. | |
1264 | */ | |
1265 | if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
1266 | goto update_ad; | |
1267 | ||
1268 | scan = SCAN_PAGE; | |
1269 | ||
1270 | if (cp->val) { | |
1271 | struct hci_cp_write_current_iac_lap hci_cp; | |
1272 | ||
1273 | if (cp->val == 0x02) { | |
1274 | /* Limited discoverable mode */ | |
1275 | hci_cp.num_iac = min_t(u8, hdev->num_iac, 2); | |
1276 | hci_cp.iac_lap[0] = 0x00; /* LIAC */ | |
1277 | hci_cp.iac_lap[1] = 0x8b; | |
1278 | hci_cp.iac_lap[2] = 0x9e; | |
1279 | hci_cp.iac_lap[3] = 0x33; /* GIAC */ | |
1280 | hci_cp.iac_lap[4] = 0x8b; | |
1281 | hci_cp.iac_lap[5] = 0x9e; | |
1282 | } else { | |
1283 | /* General discoverable mode */ | |
1284 | hci_cp.num_iac = 1; | |
1285 | hci_cp.iac_lap[0] = 0x33; /* GIAC */ | |
1286 | hci_cp.iac_lap[1] = 0x8b; | |
1287 | hci_cp.iac_lap[2] = 0x9e; | |
1288 | } | |
1289 | ||
1290 | hci_req_add(&req, HCI_OP_WRITE_CURRENT_IAC_LAP, | |
1291 | (hci_cp.num_iac * 3) + 1, &hci_cp); | |
1292 | ||
1293 | scan |= SCAN_INQUIRY; | |
1294 | } else { | |
1295 | clear_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags); | |
1296 | } | |
1297 | ||
1298 | hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, sizeof(scan), &scan); | |
1299 | ||
1300 | update_ad: | |
1301 | update_adv_data(&req); | |
1302 | ||
1303 | err = hci_req_run(&req, set_discoverable_complete); | |
1304 | if (err < 0) | |
1305 | mgmt_pending_remove(cmd); | |
1306 | ||
1307 | failed: | |
1308 | hci_dev_unlock(hdev); | |
1309 | return err; | |
1310 | } | |
1311 | ||
1312 | static void write_fast_connectable(struct hci_request *req, bool enable) | |
1313 | { | |
1314 | struct hci_dev *hdev = req->hdev; | |
1315 | struct hci_cp_write_page_scan_activity acp; | |
1316 | u8 type; | |
1317 | ||
1318 | if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
1319 | return; | |
1320 | ||
1321 | if (hdev->hci_ver < BLUETOOTH_VER_1_2) | |
1322 | return; | |
1323 | ||
1324 | if (enable) { | |
1325 | type = PAGE_SCAN_TYPE_INTERLACED; | |
1326 | ||
1327 | /* 160 msec page scan interval */ | |
1328 | acp.interval = __constant_cpu_to_le16(0x0100); | |
1329 | } else { | |
1330 | type = PAGE_SCAN_TYPE_STANDARD; /* default */ | |
1331 | ||
1332 | /* default 1.28 sec page scan */ | |
1333 | acp.interval = __constant_cpu_to_le16(0x0800); | |
1334 | } | |
1335 | ||
1336 | acp.window = __constant_cpu_to_le16(0x0012); | |
1337 | ||
1338 | if (__cpu_to_le16(hdev->page_scan_interval) != acp.interval || | |
1339 | __cpu_to_le16(hdev->page_scan_window) != acp.window) | |
1340 | hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, | |
1341 | sizeof(acp), &acp); | |
1342 | ||
1343 | if (hdev->page_scan_type != type) | |
1344 | hci_req_add(req, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type); | |
1345 | } | |
1346 | ||
1347 | static u8 get_adv_type(struct hci_dev *hdev) | |
1348 | { | |
1349 | struct pending_cmd *cmd; | |
1350 | bool connectable; | |
1351 | ||
1352 | /* If there's a pending mgmt command the flag will not yet have | |
1353 | * it's final value, so check for this first. | |
1354 | */ | |
1355 | cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev); | |
1356 | if (cmd) { | |
1357 | struct mgmt_mode *cp = cmd->param; | |
1358 | connectable = !!cp->val; | |
1359 | } else { | |
1360 | connectable = test_bit(HCI_CONNECTABLE, &hdev->dev_flags); | |
1361 | } | |
1362 | ||
1363 | return connectable ? LE_ADV_IND : LE_ADV_NONCONN_IND; | |
1364 | } | |
1365 | ||
1366 | static void enable_advertising(struct hci_request *req) | |
1367 | { | |
1368 | struct hci_dev *hdev = req->hdev; | |
1369 | struct hci_cp_le_set_adv_param cp; | |
1370 | u8 enable = 0x01; | |
1371 | ||
1372 | memset(&cp, 0, sizeof(cp)); | |
1373 | cp.min_interval = __constant_cpu_to_le16(0x0800); | |
1374 | cp.max_interval = __constant_cpu_to_le16(0x0800); | |
1375 | cp.type = get_adv_type(hdev); | |
1376 | cp.own_address_type = hdev->own_addr_type; | |
1377 | cp.channel_map = 0x07; | |
1378 | ||
1379 | hci_req_add(req, HCI_OP_LE_SET_ADV_PARAM, sizeof(cp), &cp); | |
1380 | ||
1381 | hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable); | |
1382 | } | |
1383 | ||
1384 | static void disable_advertising(struct hci_request *req) | |
1385 | { | |
1386 | u8 enable = 0x00; | |
1387 | ||
1388 | hci_req_add(req, HCI_OP_LE_SET_ADV_ENABLE, sizeof(enable), &enable); | |
1389 | } | |
1390 | ||
1391 | static void set_connectable_complete(struct hci_dev *hdev, u8 status) | |
1392 | { | |
1393 | struct pending_cmd *cmd; | |
1394 | struct mgmt_mode *cp; | |
1395 | bool changed; | |
1396 | ||
1397 | BT_DBG("status 0x%02x", status); | |
1398 | ||
1399 | hci_dev_lock(hdev); | |
1400 | ||
1401 | cmd = mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev); | |
1402 | if (!cmd) | |
1403 | goto unlock; | |
1404 | ||
1405 | if (status) { | |
1406 | u8 mgmt_err = mgmt_status(status); | |
1407 | cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err); | |
1408 | goto remove_cmd; | |
1409 | } | |
1410 | ||
1411 | cp = cmd->param; | |
1412 | if (cp->val) | |
1413 | changed = !test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags); | |
1414 | else | |
1415 | changed = test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags); | |
1416 | ||
1417 | send_settings_rsp(cmd->sk, MGMT_OP_SET_CONNECTABLE, hdev); | |
1418 | ||
1419 | if (changed) | |
1420 | new_settings(hdev, cmd->sk); | |
1421 | ||
1422 | remove_cmd: | |
1423 | mgmt_pending_remove(cmd); | |
1424 | ||
1425 | unlock: | |
1426 | hci_dev_unlock(hdev); | |
1427 | } | |
1428 | ||
1429 | static int set_connectable_update_settings(struct hci_dev *hdev, | |
1430 | struct sock *sk, u8 val) | |
1431 | { | |
1432 | bool changed = false; | |
1433 | int err; | |
1434 | ||
1435 | if (!!val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) | |
1436 | changed = true; | |
1437 | ||
1438 | if (val) { | |
1439 | set_bit(HCI_CONNECTABLE, &hdev->dev_flags); | |
1440 | } else { | |
1441 | clear_bit(HCI_CONNECTABLE, &hdev->dev_flags); | |
1442 | clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags); | |
1443 | } | |
1444 | ||
1445 | err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev); | |
1446 | if (err < 0) | |
1447 | return err; | |
1448 | ||
1449 | if (changed) | |
1450 | return new_settings(hdev, sk); | |
1451 | ||
1452 | return 0; | |
1453 | } | |
1454 | ||
1455 | static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data, | |
1456 | u16 len) | |
1457 | { | |
1458 | struct mgmt_mode *cp = data; | |
1459 | struct pending_cmd *cmd; | |
1460 | struct hci_request req; | |
1461 | u8 scan; | |
1462 | int err; | |
1463 | ||
1464 | BT_DBG("request for %s", hdev->name); | |
1465 | ||
1466 | if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags) && | |
1467 | !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
1468 | return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE, | |
1469 | MGMT_STATUS_REJECTED); | |
1470 | ||
1471 | if (cp->val != 0x00 && cp->val != 0x01) | |
1472 | return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE, | |
1473 | MGMT_STATUS_INVALID_PARAMS); | |
1474 | ||
1475 | hci_dev_lock(hdev); | |
1476 | ||
1477 | if (!hdev_is_powered(hdev)) { | |
1478 | err = set_connectable_update_settings(hdev, sk, cp->val); | |
1479 | goto failed; | |
1480 | } | |
1481 | ||
1482 | if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) || | |
1483 | mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) { | |
1484 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE, | |
1485 | MGMT_STATUS_BUSY); | |
1486 | goto failed; | |
1487 | } | |
1488 | ||
1489 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len); | |
1490 | if (!cmd) { | |
1491 | err = -ENOMEM; | |
1492 | goto failed; | |
1493 | } | |
1494 | ||
1495 | hci_req_init(&req, hdev); | |
1496 | ||
1497 | /* If BR/EDR is not enabled and we disable advertising as a | |
1498 | * by-product of disabling connectable, we need to update the | |
1499 | * advertising flags. | |
1500 | */ | |
1501 | if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) { | |
1502 | if (!cp->val) { | |
1503 | clear_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags); | |
1504 | clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags); | |
1505 | } | |
1506 | update_adv_data(&req); | |
1507 | } else if (cp->val != test_bit(HCI_PSCAN, &hdev->flags)) { | |
1508 | if (cp->val) { | |
1509 | scan = SCAN_PAGE; | |
1510 | } else { | |
1511 | scan = 0; | |
1512 | ||
1513 | if (test_bit(HCI_ISCAN, &hdev->flags) && | |
1514 | hdev->discov_timeout > 0) | |
1515 | cancel_delayed_work(&hdev->discov_off); | |
1516 | } | |
1517 | ||
1518 | hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan); | |
1519 | } | |
1520 | ||
1521 | /* If we're going from non-connectable to connectable or | |
1522 | * vice-versa when fast connectable is enabled ensure that fast | |
1523 | * connectable gets disabled. write_fast_connectable won't do | |
1524 | * anything if the page scan parameters are already what they | |
1525 | * should be. | |
1526 | */ | |
1527 | if (cp->val || test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) | |
1528 | write_fast_connectable(&req, false); | |
1529 | ||
1530 | if (test_bit(HCI_ADVERTISING, &hdev->dev_flags) && | |
1531 | hci_conn_num(hdev, LE_LINK) == 0) { | |
1532 | disable_advertising(&req); | |
1533 | enable_advertising(&req); | |
1534 | } | |
1535 | ||
1536 | err = hci_req_run(&req, set_connectable_complete); | |
1537 | if (err < 0) { | |
1538 | mgmt_pending_remove(cmd); | |
1539 | if (err == -ENODATA) | |
1540 | err = set_connectable_update_settings(hdev, sk, | |
1541 | cp->val); | |
1542 | goto failed; | |
1543 | } | |
1544 | ||
1545 | failed: | |
1546 | hci_dev_unlock(hdev); | |
1547 | return err; | |
1548 | } | |
1549 | ||
1550 | static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data, | |
1551 | u16 len) | |
1552 | { | |
1553 | struct mgmt_mode *cp = data; | |
1554 | bool changed; | |
1555 | int err; | |
1556 | ||
1557 | BT_DBG("request for %s", hdev->name); | |
1558 | ||
1559 | if (cp->val != 0x00 && cp->val != 0x01) | |
1560 | return cmd_status(sk, hdev->id, MGMT_OP_SET_PAIRABLE, | |
1561 | MGMT_STATUS_INVALID_PARAMS); | |
1562 | ||
1563 | hci_dev_lock(hdev); | |
1564 | ||
1565 | if (cp->val) | |
1566 | changed = !test_and_set_bit(HCI_PAIRABLE, &hdev->dev_flags); | |
1567 | else | |
1568 | changed = test_and_clear_bit(HCI_PAIRABLE, &hdev->dev_flags); | |
1569 | ||
1570 | err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev); | |
1571 | if (err < 0) | |
1572 | goto unlock; | |
1573 | ||
1574 | if (changed) | |
1575 | err = new_settings(hdev, sk); | |
1576 | ||
1577 | unlock: | |
1578 | hci_dev_unlock(hdev); | |
1579 | return err; | |
1580 | } | |
1581 | ||
1582 | static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data, | |
1583 | u16 len) | |
1584 | { | |
1585 | struct mgmt_mode *cp = data; | |
1586 | struct pending_cmd *cmd; | |
1587 | u8 val, status; | |
1588 | int err; | |
1589 | ||
1590 | BT_DBG("request for %s", hdev->name); | |
1591 | ||
1592 | status = mgmt_bredr_support(hdev); | |
1593 | if (status) | |
1594 | return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY, | |
1595 | status); | |
1596 | ||
1597 | if (cp->val != 0x00 && cp->val != 0x01) | |
1598 | return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY, | |
1599 | MGMT_STATUS_INVALID_PARAMS); | |
1600 | ||
1601 | hci_dev_lock(hdev); | |
1602 | ||
1603 | if (!hdev_is_powered(hdev)) { | |
1604 | bool changed = false; | |
1605 | ||
1606 | if (!!cp->val != test_bit(HCI_LINK_SECURITY, | |
1607 | &hdev->dev_flags)) { | |
1608 | change_bit(HCI_LINK_SECURITY, &hdev->dev_flags); | |
1609 | changed = true; | |
1610 | } | |
1611 | ||
1612 | err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev); | |
1613 | if (err < 0) | |
1614 | goto failed; | |
1615 | ||
1616 | if (changed) | |
1617 | err = new_settings(hdev, sk); | |
1618 | ||
1619 | goto failed; | |
1620 | } | |
1621 | ||
1622 | if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) { | |
1623 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY, | |
1624 | MGMT_STATUS_BUSY); | |
1625 | goto failed; | |
1626 | } | |
1627 | ||
1628 | val = !!cp->val; | |
1629 | ||
1630 | if (test_bit(HCI_AUTH, &hdev->flags) == val) { | |
1631 | err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev); | |
1632 | goto failed; | |
1633 | } | |
1634 | ||
1635 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len); | |
1636 | if (!cmd) { | |
1637 | err = -ENOMEM; | |
1638 | goto failed; | |
1639 | } | |
1640 | ||
1641 | err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val); | |
1642 | if (err < 0) { | |
1643 | mgmt_pending_remove(cmd); | |
1644 | goto failed; | |
1645 | } | |
1646 | ||
1647 | failed: | |
1648 | hci_dev_unlock(hdev); | |
1649 | return err; | |
1650 | } | |
1651 | ||
1652 | static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len) | |
1653 | { | |
1654 | struct mgmt_mode *cp = data; | |
1655 | struct pending_cmd *cmd; | |
1656 | u8 status; | |
1657 | int err; | |
1658 | ||
1659 | BT_DBG("request for %s", hdev->name); | |
1660 | ||
1661 | status = mgmt_bredr_support(hdev); | |
1662 | if (status) | |
1663 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, status); | |
1664 | ||
1665 | if (!lmp_ssp_capable(hdev)) | |
1666 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, | |
1667 | MGMT_STATUS_NOT_SUPPORTED); | |
1668 | ||
1669 | if (cp->val != 0x00 && cp->val != 0x01) | |
1670 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, | |
1671 | MGMT_STATUS_INVALID_PARAMS); | |
1672 | ||
1673 | hci_dev_lock(hdev); | |
1674 | ||
1675 | if (!hdev_is_powered(hdev)) { | |
1676 | bool changed; | |
1677 | ||
1678 | if (cp->val) { | |
1679 | changed = !test_and_set_bit(HCI_SSP_ENABLED, | |
1680 | &hdev->dev_flags); | |
1681 | } else { | |
1682 | changed = test_and_clear_bit(HCI_SSP_ENABLED, | |
1683 | &hdev->dev_flags); | |
1684 | if (!changed) | |
1685 | changed = test_and_clear_bit(HCI_HS_ENABLED, | |
1686 | &hdev->dev_flags); | |
1687 | else | |
1688 | clear_bit(HCI_HS_ENABLED, &hdev->dev_flags); | |
1689 | } | |
1690 | ||
1691 | err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev); | |
1692 | if (err < 0) | |
1693 | goto failed; | |
1694 | ||
1695 | if (changed) | |
1696 | err = new_settings(hdev, sk); | |
1697 | ||
1698 | goto failed; | |
1699 | } | |
1700 | ||
1701 | if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev) || | |
1702 | mgmt_pending_find(MGMT_OP_SET_HS, hdev)) { | |
1703 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, | |
1704 | MGMT_STATUS_BUSY); | |
1705 | goto failed; | |
1706 | } | |
1707 | ||
1708 | if (!!cp->val == test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) { | |
1709 | err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev); | |
1710 | goto failed; | |
1711 | } | |
1712 | ||
1713 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len); | |
1714 | if (!cmd) { | |
1715 | err = -ENOMEM; | |
1716 | goto failed; | |
1717 | } | |
1718 | ||
1719 | err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &cp->val); | |
1720 | if (err < 0) { | |
1721 | mgmt_pending_remove(cmd); | |
1722 | goto failed; | |
1723 | } | |
1724 | ||
1725 | failed: | |
1726 | hci_dev_unlock(hdev); | |
1727 | return err; | |
1728 | } | |
1729 | ||
1730 | static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len) | |
1731 | { | |
1732 | struct mgmt_mode *cp = data; | |
1733 | bool changed; | |
1734 | u8 status; | |
1735 | int err; | |
1736 | ||
1737 | BT_DBG("request for %s", hdev->name); | |
1738 | ||
1739 | status = mgmt_bredr_support(hdev); | |
1740 | if (status) | |
1741 | return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, status); | |
1742 | ||
1743 | if (!lmp_ssp_capable(hdev)) | |
1744 | return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, | |
1745 | MGMT_STATUS_NOT_SUPPORTED); | |
1746 | ||
1747 | if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) | |
1748 | return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, | |
1749 | MGMT_STATUS_REJECTED); | |
1750 | ||
1751 | if (cp->val != 0x00 && cp->val != 0x01) | |
1752 | return cmd_status(sk, hdev->id, MGMT_OP_SET_HS, | |
1753 | MGMT_STATUS_INVALID_PARAMS); | |
1754 | ||
1755 | hci_dev_lock(hdev); | |
1756 | ||
1757 | if (cp->val) { | |
1758 | changed = !test_and_set_bit(HCI_HS_ENABLED, &hdev->dev_flags); | |
1759 | } else { | |
1760 | if (hdev_is_powered(hdev)) { | |
1761 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_HS, | |
1762 | MGMT_STATUS_REJECTED); | |
1763 | goto unlock; | |
1764 | } | |
1765 | ||
1766 | changed = test_and_clear_bit(HCI_HS_ENABLED, &hdev->dev_flags); | |
1767 | } | |
1768 | ||
1769 | err = send_settings_rsp(sk, MGMT_OP_SET_HS, hdev); | |
1770 | if (err < 0) | |
1771 | goto unlock; | |
1772 | ||
1773 | if (changed) | |
1774 | err = new_settings(hdev, sk); | |
1775 | ||
1776 | unlock: | |
1777 | hci_dev_unlock(hdev); | |
1778 | return err; | |
1779 | } | |
1780 | ||
1781 | static void le_enable_complete(struct hci_dev *hdev, u8 status) | |
1782 | { | |
1783 | struct cmd_lookup match = { NULL, hdev }; | |
1784 | ||
1785 | if (status) { | |
1786 | u8 mgmt_err = mgmt_status(status); | |
1787 | ||
1788 | mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp, | |
1789 | &mgmt_err); | |
1790 | return; | |
1791 | } | |
1792 | ||
1793 | mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match); | |
1794 | ||
1795 | new_settings(hdev, match.sk); | |
1796 | ||
1797 | if (match.sk) | |
1798 | sock_put(match.sk); | |
1799 | ||
1800 | /* Make sure the controller has a good default for | |
1801 | * advertising data. Restrict the update to when LE | |
1802 | * has actually been enabled. During power on, the | |
1803 | * update in powered_update_hci will take care of it. | |
1804 | */ | |
1805 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) { | |
1806 | struct hci_request req; | |
1807 | ||
1808 | hci_dev_lock(hdev); | |
1809 | ||
1810 | hci_req_init(&req, hdev); | |
1811 | update_adv_data(&req); | |
1812 | update_scan_rsp_data(&req); | |
1813 | hci_req_run(&req, NULL); | |
1814 | ||
1815 | hci_dev_unlock(hdev); | |
1816 | } | |
1817 | } | |
1818 | ||
1819 | static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len) | |
1820 | { | |
1821 | struct mgmt_mode *cp = data; | |
1822 | struct hci_cp_write_le_host_supported hci_cp; | |
1823 | struct pending_cmd *cmd; | |
1824 | struct hci_request req; | |
1825 | int err; | |
1826 | u8 val, enabled; | |
1827 | ||
1828 | BT_DBG("request for %s", hdev->name); | |
1829 | ||
1830 | if (!lmp_le_capable(hdev)) | |
1831 | return cmd_status(sk, hdev->id, MGMT_OP_SET_LE, | |
1832 | MGMT_STATUS_NOT_SUPPORTED); | |
1833 | ||
1834 | if (cp->val != 0x00 && cp->val != 0x01) | |
1835 | return cmd_status(sk, hdev->id, MGMT_OP_SET_LE, | |
1836 | MGMT_STATUS_INVALID_PARAMS); | |
1837 | ||
1838 | /* LE-only devices do not allow toggling LE on/off */ | |
1839 | if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
1840 | return cmd_status(sk, hdev->id, MGMT_OP_SET_LE, | |
1841 | MGMT_STATUS_REJECTED); | |
1842 | ||
1843 | hci_dev_lock(hdev); | |
1844 | ||
1845 | val = !!cp->val; | |
1846 | enabled = lmp_host_le_capable(hdev); | |
1847 | ||
1848 | if (!hdev_is_powered(hdev) || val == enabled) { | |
1849 | bool changed = false; | |
1850 | ||
1851 | if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) { | |
1852 | change_bit(HCI_LE_ENABLED, &hdev->dev_flags); | |
1853 | changed = true; | |
1854 | } | |
1855 | ||
1856 | if (!val && test_bit(HCI_ADVERTISING, &hdev->dev_flags)) { | |
1857 | clear_bit(HCI_ADVERTISING, &hdev->dev_flags); | |
1858 | changed = true; | |
1859 | } | |
1860 | ||
1861 | err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev); | |
1862 | if (err < 0) | |
1863 | goto unlock; | |
1864 | ||
1865 | if (changed) | |
1866 | err = new_settings(hdev, sk); | |
1867 | ||
1868 | goto unlock; | |
1869 | } | |
1870 | ||
1871 | if (mgmt_pending_find(MGMT_OP_SET_LE, hdev) || | |
1872 | mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev)) { | |
1873 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE, | |
1874 | MGMT_STATUS_BUSY); | |
1875 | goto unlock; | |
1876 | } | |
1877 | ||
1878 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len); | |
1879 | if (!cmd) { | |
1880 | err = -ENOMEM; | |
1881 | goto unlock; | |
1882 | } | |
1883 | ||
1884 | hci_req_init(&req, hdev); | |
1885 | ||
1886 | memset(&hci_cp, 0, sizeof(hci_cp)); | |
1887 | ||
1888 | if (val) { | |
1889 | hci_cp.le = val; | |
1890 | hci_cp.simul = lmp_le_br_capable(hdev); | |
1891 | } else { | |
1892 | if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) | |
1893 | disable_advertising(&req); | |
1894 | } | |
1895 | ||
1896 | hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp), | |
1897 | &hci_cp); | |
1898 | ||
1899 | err = hci_req_run(&req, le_enable_complete); | |
1900 | if (err < 0) | |
1901 | mgmt_pending_remove(cmd); | |
1902 | ||
1903 | unlock: | |
1904 | hci_dev_unlock(hdev); | |
1905 | return err; | |
1906 | } | |
1907 | ||
1908 | /* This is a helper function to test for pending mgmt commands that can | |
1909 | * cause CoD or EIR HCI commands. We can only allow one such pending | |
1910 | * mgmt command at a time since otherwise we cannot easily track what | |
1911 | * the current values are, will be, and based on that calculate if a new | |
1912 | * HCI command needs to be sent and if yes with what value. | |
1913 | */ | |
1914 | static bool pending_eir_or_class(struct hci_dev *hdev) | |
1915 | { | |
1916 | struct pending_cmd *cmd; | |
1917 | ||
1918 | list_for_each_entry(cmd, &hdev->mgmt_pending, list) { | |
1919 | switch (cmd->opcode) { | |
1920 | case MGMT_OP_ADD_UUID: | |
1921 | case MGMT_OP_REMOVE_UUID: | |
1922 | case MGMT_OP_SET_DEV_CLASS: | |
1923 | case MGMT_OP_SET_POWERED: | |
1924 | return true; | |
1925 | } | |
1926 | } | |
1927 | ||
1928 | return false; | |
1929 | } | |
1930 | ||
1931 | static const u8 bluetooth_base_uuid[] = { | |
1932 | 0xfb, 0x34, 0x9b, 0x5f, 0x80, 0x00, 0x00, 0x80, | |
1933 | 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1934 | }; | |
1935 | ||
1936 | static u8 get_uuid_size(const u8 *uuid) | |
1937 | { | |
1938 | u32 val; | |
1939 | ||
1940 | if (memcmp(uuid, bluetooth_base_uuid, 12)) | |
1941 | return 128; | |
1942 | ||
1943 | val = get_unaligned_le32(&uuid[12]); | |
1944 | if (val > 0xffff) | |
1945 | return 32; | |
1946 | ||
1947 | return 16; | |
1948 | } | |
1949 | ||
1950 | static void mgmt_class_complete(struct hci_dev *hdev, u16 mgmt_op, u8 status) | |
1951 | { | |
1952 | struct pending_cmd *cmd; | |
1953 | ||
1954 | hci_dev_lock(hdev); | |
1955 | ||
1956 | cmd = mgmt_pending_find(mgmt_op, hdev); | |
1957 | if (!cmd) | |
1958 | goto unlock; | |
1959 | ||
1960 | cmd_complete(cmd->sk, cmd->index, cmd->opcode, mgmt_status(status), | |
1961 | hdev->dev_class, 3); | |
1962 | ||
1963 | mgmt_pending_remove(cmd); | |
1964 | ||
1965 | unlock: | |
1966 | hci_dev_unlock(hdev); | |
1967 | } | |
1968 | ||
1969 | static void add_uuid_complete(struct hci_dev *hdev, u8 status) | |
1970 | { | |
1971 | BT_DBG("status 0x%02x", status); | |
1972 | ||
1973 | mgmt_class_complete(hdev, MGMT_OP_ADD_UUID, status); | |
1974 | } | |
1975 | ||
1976 | static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len) | |
1977 | { | |
1978 | struct mgmt_cp_add_uuid *cp = data; | |
1979 | struct pending_cmd *cmd; | |
1980 | struct hci_request req; | |
1981 | struct bt_uuid *uuid; | |
1982 | int err; | |
1983 | ||
1984 | BT_DBG("request for %s", hdev->name); | |
1985 | ||
1986 | hci_dev_lock(hdev); | |
1987 | ||
1988 | if (pending_eir_or_class(hdev)) { | |
1989 | err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID, | |
1990 | MGMT_STATUS_BUSY); | |
1991 | goto failed; | |
1992 | } | |
1993 | ||
1994 | uuid = kmalloc(sizeof(*uuid), GFP_KERNEL); | |
1995 | if (!uuid) { | |
1996 | err = -ENOMEM; | |
1997 | goto failed; | |
1998 | } | |
1999 | ||
2000 | memcpy(uuid->uuid, cp->uuid, 16); | |
2001 | uuid->svc_hint = cp->svc_hint; | |
2002 | uuid->size = get_uuid_size(cp->uuid); | |
2003 | ||
2004 | list_add_tail(&uuid->list, &hdev->uuids); | |
2005 | ||
2006 | hci_req_init(&req, hdev); | |
2007 | ||
2008 | update_class(&req); | |
2009 | update_eir(&req); | |
2010 | ||
2011 | err = hci_req_run(&req, add_uuid_complete); | |
2012 | if (err < 0) { | |
2013 | if (err != -ENODATA) | |
2014 | goto failed; | |
2015 | ||
2016 | err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0, | |
2017 | hdev->dev_class, 3); | |
2018 | goto failed; | |
2019 | } | |
2020 | ||
2021 | cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len); | |
2022 | if (!cmd) { | |
2023 | err = -ENOMEM; | |
2024 | goto failed; | |
2025 | } | |
2026 | ||
2027 | err = 0; | |
2028 | ||
2029 | failed: | |
2030 | hci_dev_unlock(hdev); | |
2031 | return err; | |
2032 | } | |
2033 | ||
2034 | static bool enable_service_cache(struct hci_dev *hdev) | |
2035 | { | |
2036 | if (!hdev_is_powered(hdev)) | |
2037 | return false; | |
2038 | ||
2039 | if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) { | |
2040 | queue_delayed_work(hdev->workqueue, &hdev->service_cache, | |
2041 | CACHE_TIMEOUT); | |
2042 | return true; | |
2043 | } | |
2044 | ||
2045 | return false; | |
2046 | } | |
2047 | ||
2048 | static void remove_uuid_complete(struct hci_dev *hdev, u8 status) | |
2049 | { | |
2050 | BT_DBG("status 0x%02x", status); | |
2051 | ||
2052 | mgmt_class_complete(hdev, MGMT_OP_REMOVE_UUID, status); | |
2053 | } | |
2054 | ||
2055 | static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data, | |
2056 | u16 len) | |
2057 | { | |
2058 | struct mgmt_cp_remove_uuid *cp = data; | |
2059 | struct pending_cmd *cmd; | |
2060 | struct bt_uuid *match, *tmp; | |
2061 | u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; | |
2062 | struct hci_request req; | |
2063 | int err, found; | |
2064 | ||
2065 | BT_DBG("request for %s", hdev->name); | |
2066 | ||
2067 | hci_dev_lock(hdev); | |
2068 | ||
2069 | if (pending_eir_or_class(hdev)) { | |
2070 | err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID, | |
2071 | MGMT_STATUS_BUSY); | |
2072 | goto unlock; | |
2073 | } | |
2074 | ||
2075 | if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) { | |
2076 | hci_uuids_clear(hdev); | |
2077 | ||
2078 | if (enable_service_cache(hdev)) { | |
2079 | err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, | |
2080 | 0, hdev->dev_class, 3); | |
2081 | goto unlock; | |
2082 | } | |
2083 | ||
2084 | goto update_class; | |
2085 | } | |
2086 | ||
2087 | found = 0; | |
2088 | ||
2089 | list_for_each_entry_safe(match, tmp, &hdev->uuids, list) { | |
2090 | if (memcmp(match->uuid, cp->uuid, 16) != 0) | |
2091 | continue; | |
2092 | ||
2093 | list_del(&match->list); | |
2094 | kfree(match); | |
2095 | found++; | |
2096 | } | |
2097 | ||
2098 | if (found == 0) { | |
2099 | err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID, | |
2100 | MGMT_STATUS_INVALID_PARAMS); | |
2101 | goto unlock; | |
2102 | } | |
2103 | ||
2104 | update_class: | |
2105 | hci_req_init(&req, hdev); | |
2106 | ||
2107 | update_class(&req); | |
2108 | update_eir(&req); | |
2109 | ||
2110 | err = hci_req_run(&req, remove_uuid_complete); | |
2111 | if (err < 0) { | |
2112 | if (err != -ENODATA) | |
2113 | goto unlock; | |
2114 | ||
2115 | err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0, | |
2116 | hdev->dev_class, 3); | |
2117 | goto unlock; | |
2118 | } | |
2119 | ||
2120 | cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len); | |
2121 | if (!cmd) { | |
2122 | err = -ENOMEM; | |
2123 | goto unlock; | |
2124 | } | |
2125 | ||
2126 | err = 0; | |
2127 | ||
2128 | unlock: | |
2129 | hci_dev_unlock(hdev); | |
2130 | return err; | |
2131 | } | |
2132 | ||
2133 | static void set_class_complete(struct hci_dev *hdev, u8 status) | |
2134 | { | |
2135 | BT_DBG("status 0x%02x", status); | |
2136 | ||
2137 | mgmt_class_complete(hdev, MGMT_OP_SET_DEV_CLASS, status); | |
2138 | } | |
2139 | ||
2140 | static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data, | |
2141 | u16 len) | |
2142 | { | |
2143 | struct mgmt_cp_set_dev_class *cp = data; | |
2144 | struct pending_cmd *cmd; | |
2145 | struct hci_request req; | |
2146 | int err; | |
2147 | ||
2148 | BT_DBG("request for %s", hdev->name); | |
2149 | ||
2150 | if (!lmp_bredr_capable(hdev)) | |
2151 | return cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, | |
2152 | MGMT_STATUS_NOT_SUPPORTED); | |
2153 | ||
2154 | hci_dev_lock(hdev); | |
2155 | ||
2156 | if (pending_eir_or_class(hdev)) { | |
2157 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, | |
2158 | MGMT_STATUS_BUSY); | |
2159 | goto unlock; | |
2160 | } | |
2161 | ||
2162 | if ((cp->minor & 0x03) != 0 || (cp->major & 0xe0) != 0) { | |
2163 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, | |
2164 | MGMT_STATUS_INVALID_PARAMS); | |
2165 | goto unlock; | |
2166 | } | |
2167 | ||
2168 | hdev->major_class = cp->major; | |
2169 | hdev->minor_class = cp->minor; | |
2170 | ||
2171 | if (!hdev_is_powered(hdev)) { | |
2172 | err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0, | |
2173 | hdev->dev_class, 3); | |
2174 | goto unlock; | |
2175 | } | |
2176 | ||
2177 | hci_req_init(&req, hdev); | |
2178 | ||
2179 | if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) { | |
2180 | hci_dev_unlock(hdev); | |
2181 | cancel_delayed_work_sync(&hdev->service_cache); | |
2182 | hci_dev_lock(hdev); | |
2183 | update_eir(&req); | |
2184 | } | |
2185 | ||
2186 | update_class(&req); | |
2187 | ||
2188 | err = hci_req_run(&req, set_class_complete); | |
2189 | if (err < 0) { | |
2190 | if (err != -ENODATA) | |
2191 | goto unlock; | |
2192 | ||
2193 | err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0, | |
2194 | hdev->dev_class, 3); | |
2195 | goto unlock; | |
2196 | } | |
2197 | ||
2198 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len); | |
2199 | if (!cmd) { | |
2200 | err = -ENOMEM; | |
2201 | goto unlock; | |
2202 | } | |
2203 | ||
2204 | err = 0; | |
2205 | ||
2206 | unlock: | |
2207 | hci_dev_unlock(hdev); | |
2208 | return err; | |
2209 | } | |
2210 | ||
2211 | static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data, | |
2212 | u16 len) | |
2213 | { | |
2214 | struct mgmt_cp_load_link_keys *cp = data; | |
2215 | u16 key_count, expected_len; | |
2216 | bool changed; | |
2217 | int i; | |
2218 | ||
2219 | BT_DBG("request for %s", hdev->name); | |
2220 | ||
2221 | if (!lmp_bredr_capable(hdev)) | |
2222 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, | |
2223 | MGMT_STATUS_NOT_SUPPORTED); | |
2224 | ||
2225 | key_count = __le16_to_cpu(cp->key_count); | |
2226 | ||
2227 | expected_len = sizeof(*cp) + key_count * | |
2228 | sizeof(struct mgmt_link_key_info); | |
2229 | if (expected_len != len) { | |
2230 | BT_ERR("load_link_keys: expected %u bytes, got %u bytes", | |
2231 | len, expected_len); | |
2232 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, | |
2233 | MGMT_STATUS_INVALID_PARAMS); | |
2234 | } | |
2235 | ||
2236 | if (cp->debug_keys != 0x00 && cp->debug_keys != 0x01) | |
2237 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, | |
2238 | MGMT_STATUS_INVALID_PARAMS); | |
2239 | ||
2240 | BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys, | |
2241 | key_count); | |
2242 | ||
2243 | for (i = 0; i < key_count; i++) { | |
2244 | struct mgmt_link_key_info *key = &cp->keys[i]; | |
2245 | ||
2246 | if (key->addr.type != BDADDR_BREDR || key->type > 0x08) | |
2247 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, | |
2248 | MGMT_STATUS_INVALID_PARAMS); | |
2249 | } | |
2250 | ||
2251 | hci_dev_lock(hdev); | |
2252 | ||
2253 | hci_link_keys_clear(hdev); | |
2254 | ||
2255 | if (cp->debug_keys) | |
2256 | changed = !test_and_set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags); | |
2257 | else | |
2258 | changed = test_and_clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags); | |
2259 | ||
2260 | if (changed) | |
2261 | new_settings(hdev, NULL); | |
2262 | ||
2263 | for (i = 0; i < key_count; i++) { | |
2264 | struct mgmt_link_key_info *key = &cp->keys[i]; | |
2265 | ||
2266 | hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val, | |
2267 | key->type, key->pin_len); | |
2268 | } | |
2269 | ||
2270 | cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0); | |
2271 | ||
2272 | hci_dev_unlock(hdev); | |
2273 | ||
2274 | return 0; | |
2275 | } | |
2276 | ||
2277 | static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
2278 | u8 addr_type, struct sock *skip_sk) | |
2279 | { | |
2280 | struct mgmt_ev_device_unpaired ev; | |
2281 | ||
2282 | bacpy(&ev.addr.bdaddr, bdaddr); | |
2283 | ev.addr.type = addr_type; | |
2284 | ||
2285 | return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev), | |
2286 | skip_sk); | |
2287 | } | |
2288 | ||
2289 | static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data, | |
2290 | u16 len) | |
2291 | { | |
2292 | struct mgmt_cp_unpair_device *cp = data; | |
2293 | struct mgmt_rp_unpair_device rp; | |
2294 | struct hci_cp_disconnect dc; | |
2295 | struct pending_cmd *cmd; | |
2296 | struct hci_conn *conn; | |
2297 | int err; | |
2298 | ||
2299 | memset(&rp, 0, sizeof(rp)); | |
2300 | bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr); | |
2301 | rp.addr.type = cp->addr.type; | |
2302 | ||
2303 | if (!bdaddr_type_is_valid(cp->addr.type)) | |
2304 | return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, | |
2305 | MGMT_STATUS_INVALID_PARAMS, | |
2306 | &rp, sizeof(rp)); | |
2307 | ||
2308 | if (cp->disconnect != 0x00 && cp->disconnect != 0x01) | |
2309 | return cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, | |
2310 | MGMT_STATUS_INVALID_PARAMS, | |
2311 | &rp, sizeof(rp)); | |
2312 | ||
2313 | hci_dev_lock(hdev); | |
2314 | ||
2315 | if (!hdev_is_powered(hdev)) { | |
2316 | err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, | |
2317 | MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp)); | |
2318 | goto unlock; | |
2319 | } | |
2320 | ||
2321 | if (cp->addr.type == BDADDR_BREDR) { | |
2322 | err = hci_remove_link_key(hdev, &cp->addr.bdaddr); | |
2323 | } else { | |
2324 | u8 addr_type; | |
2325 | ||
2326 | if (cp->addr.type == BDADDR_LE_PUBLIC) | |
2327 | addr_type = ADDR_LE_DEV_PUBLIC; | |
2328 | else | |
2329 | addr_type = ADDR_LE_DEV_RANDOM; | |
2330 | ||
2331 | hci_remove_irk(hdev, &cp->addr.bdaddr, addr_type); | |
2332 | ||
2333 | err = hci_remove_ltk(hdev, &cp->addr.bdaddr, addr_type); | |
2334 | } | |
2335 | ||
2336 | if (err < 0) { | |
2337 | err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, | |
2338 | MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp)); | |
2339 | goto unlock; | |
2340 | } | |
2341 | ||
2342 | if (cp->disconnect) { | |
2343 | if (cp->addr.type == BDADDR_BREDR) | |
2344 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, | |
2345 | &cp->addr.bdaddr); | |
2346 | else | |
2347 | conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, | |
2348 | &cp->addr.bdaddr); | |
2349 | } else { | |
2350 | conn = NULL; | |
2351 | } | |
2352 | ||
2353 | if (!conn) { | |
2354 | err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0, | |
2355 | &rp, sizeof(rp)); | |
2356 | device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk); | |
2357 | goto unlock; | |
2358 | } | |
2359 | ||
2360 | cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp, | |
2361 | sizeof(*cp)); | |
2362 | if (!cmd) { | |
2363 | err = -ENOMEM; | |
2364 | goto unlock; | |
2365 | } | |
2366 | ||
2367 | dc.handle = cpu_to_le16(conn->handle); | |
2368 | dc.reason = 0x13; /* Remote User Terminated Connection */ | |
2369 | err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc); | |
2370 | if (err < 0) | |
2371 | mgmt_pending_remove(cmd); | |
2372 | ||
2373 | unlock: | |
2374 | hci_dev_unlock(hdev); | |
2375 | return err; | |
2376 | } | |
2377 | ||
2378 | static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data, | |
2379 | u16 len) | |
2380 | { | |
2381 | struct mgmt_cp_disconnect *cp = data; | |
2382 | struct mgmt_rp_disconnect rp; | |
2383 | struct hci_cp_disconnect dc; | |
2384 | struct pending_cmd *cmd; | |
2385 | struct hci_conn *conn; | |
2386 | int err; | |
2387 | ||
2388 | BT_DBG(""); | |
2389 | ||
2390 | memset(&rp, 0, sizeof(rp)); | |
2391 | bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr); | |
2392 | rp.addr.type = cp->addr.type; | |
2393 | ||
2394 | if (!bdaddr_type_is_valid(cp->addr.type)) | |
2395 | return cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT, | |
2396 | MGMT_STATUS_INVALID_PARAMS, | |
2397 | &rp, sizeof(rp)); | |
2398 | ||
2399 | hci_dev_lock(hdev); | |
2400 | ||
2401 | if (!test_bit(HCI_UP, &hdev->flags)) { | |
2402 | err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT, | |
2403 | MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp)); | |
2404 | goto failed; | |
2405 | } | |
2406 | ||
2407 | if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) { | |
2408 | err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT, | |
2409 | MGMT_STATUS_BUSY, &rp, sizeof(rp)); | |
2410 | goto failed; | |
2411 | } | |
2412 | ||
2413 | if (cp->addr.type == BDADDR_BREDR) | |
2414 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, | |
2415 | &cp->addr.bdaddr); | |
2416 | else | |
2417 | conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr); | |
2418 | ||
2419 | if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) { | |
2420 | err = cmd_complete(sk, hdev->id, MGMT_OP_DISCONNECT, | |
2421 | MGMT_STATUS_NOT_CONNECTED, &rp, sizeof(rp)); | |
2422 | goto failed; | |
2423 | } | |
2424 | ||
2425 | cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len); | |
2426 | if (!cmd) { | |
2427 | err = -ENOMEM; | |
2428 | goto failed; | |
2429 | } | |
2430 | ||
2431 | dc.handle = cpu_to_le16(conn->handle); | |
2432 | dc.reason = HCI_ERROR_REMOTE_USER_TERM; | |
2433 | ||
2434 | err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc); | |
2435 | if (err < 0) | |
2436 | mgmt_pending_remove(cmd); | |
2437 | ||
2438 | failed: | |
2439 | hci_dev_unlock(hdev); | |
2440 | return err; | |
2441 | } | |
2442 | ||
2443 | static u8 link_to_bdaddr(u8 link_type, u8 addr_type) | |
2444 | { | |
2445 | switch (link_type) { | |
2446 | case LE_LINK: | |
2447 | switch (addr_type) { | |
2448 | case ADDR_LE_DEV_PUBLIC: | |
2449 | return BDADDR_LE_PUBLIC; | |
2450 | ||
2451 | default: | |
2452 | /* Fallback to LE Random address type */ | |
2453 | return BDADDR_LE_RANDOM; | |
2454 | } | |
2455 | ||
2456 | default: | |
2457 | /* Fallback to BR/EDR type */ | |
2458 | return BDADDR_BREDR; | |
2459 | } | |
2460 | } | |
2461 | ||
2462 | static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data, | |
2463 | u16 data_len) | |
2464 | { | |
2465 | struct mgmt_rp_get_connections *rp; | |
2466 | struct hci_conn *c; | |
2467 | size_t rp_len; | |
2468 | int err; | |
2469 | u16 i; | |
2470 | ||
2471 | BT_DBG(""); | |
2472 | ||
2473 | hci_dev_lock(hdev); | |
2474 | ||
2475 | if (!hdev_is_powered(hdev)) { | |
2476 | err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, | |
2477 | MGMT_STATUS_NOT_POWERED); | |
2478 | goto unlock; | |
2479 | } | |
2480 | ||
2481 | i = 0; | |
2482 | list_for_each_entry(c, &hdev->conn_hash.list, list) { | |
2483 | if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags)) | |
2484 | i++; | |
2485 | } | |
2486 | ||
2487 | rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info)); | |
2488 | rp = kmalloc(rp_len, GFP_KERNEL); | |
2489 | if (!rp) { | |
2490 | err = -ENOMEM; | |
2491 | goto unlock; | |
2492 | } | |
2493 | ||
2494 | i = 0; | |
2495 | list_for_each_entry(c, &hdev->conn_hash.list, list) { | |
2496 | if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags)) | |
2497 | continue; | |
2498 | bacpy(&rp->addr[i].bdaddr, &c->dst); | |
2499 | rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type); | |
2500 | if (c->type == SCO_LINK || c->type == ESCO_LINK) | |
2501 | continue; | |
2502 | i++; | |
2503 | } | |
2504 | ||
2505 | rp->conn_count = cpu_to_le16(i); | |
2506 | ||
2507 | /* Recalculate length in case of filtered SCO connections, etc */ | |
2508 | rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info)); | |
2509 | ||
2510 | err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp, | |
2511 | rp_len); | |
2512 | ||
2513 | kfree(rp); | |
2514 | ||
2515 | unlock: | |
2516 | hci_dev_unlock(hdev); | |
2517 | return err; | |
2518 | } | |
2519 | ||
2520 | static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev, | |
2521 | struct mgmt_cp_pin_code_neg_reply *cp) | |
2522 | { | |
2523 | struct pending_cmd *cmd; | |
2524 | int err; | |
2525 | ||
2526 | cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp, | |
2527 | sizeof(*cp)); | |
2528 | if (!cmd) | |
2529 | return -ENOMEM; | |
2530 | ||
2531 | err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, | |
2532 | sizeof(cp->addr.bdaddr), &cp->addr.bdaddr); | |
2533 | if (err < 0) | |
2534 | mgmt_pending_remove(cmd); | |
2535 | ||
2536 | return err; | |
2537 | } | |
2538 | ||
2539 | static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data, | |
2540 | u16 len) | |
2541 | { | |
2542 | struct hci_conn *conn; | |
2543 | struct mgmt_cp_pin_code_reply *cp = data; | |
2544 | struct hci_cp_pin_code_reply reply; | |
2545 | struct pending_cmd *cmd; | |
2546 | int err; | |
2547 | ||
2548 | BT_DBG(""); | |
2549 | ||
2550 | hci_dev_lock(hdev); | |
2551 | ||
2552 | if (!hdev_is_powered(hdev)) { | |
2553 | err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, | |
2554 | MGMT_STATUS_NOT_POWERED); | |
2555 | goto failed; | |
2556 | } | |
2557 | ||
2558 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr); | |
2559 | if (!conn) { | |
2560 | err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, | |
2561 | MGMT_STATUS_NOT_CONNECTED); | |
2562 | goto failed; | |
2563 | } | |
2564 | ||
2565 | if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) { | |
2566 | struct mgmt_cp_pin_code_neg_reply ncp; | |
2567 | ||
2568 | memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr)); | |
2569 | ||
2570 | BT_ERR("PIN code is not 16 bytes long"); | |
2571 | ||
2572 | err = send_pin_code_neg_reply(sk, hdev, &ncp); | |
2573 | if (err >= 0) | |
2574 | err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, | |
2575 | MGMT_STATUS_INVALID_PARAMS); | |
2576 | ||
2577 | goto failed; | |
2578 | } | |
2579 | ||
2580 | cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len); | |
2581 | if (!cmd) { | |
2582 | err = -ENOMEM; | |
2583 | goto failed; | |
2584 | } | |
2585 | ||
2586 | bacpy(&reply.bdaddr, &cp->addr.bdaddr); | |
2587 | reply.pin_len = cp->pin_len; | |
2588 | memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code)); | |
2589 | ||
2590 | err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply); | |
2591 | if (err < 0) | |
2592 | mgmt_pending_remove(cmd); | |
2593 | ||
2594 | failed: | |
2595 | hci_dev_unlock(hdev); | |
2596 | return err; | |
2597 | } | |
2598 | ||
2599 | static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data, | |
2600 | u16 len) | |
2601 | { | |
2602 | struct mgmt_cp_set_io_capability *cp = data; | |
2603 | ||
2604 | BT_DBG(""); | |
2605 | ||
2606 | hci_dev_lock(hdev); | |
2607 | ||
2608 | hdev->io_capability = cp->io_capability; | |
2609 | ||
2610 | BT_DBG("%s IO capability set to 0x%02x", hdev->name, | |
2611 | hdev->io_capability); | |
2612 | ||
2613 | hci_dev_unlock(hdev); | |
2614 | ||
2615 | return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL, | |
2616 | 0); | |
2617 | } | |
2618 | ||
2619 | static struct pending_cmd *find_pairing(struct hci_conn *conn) | |
2620 | { | |
2621 | struct hci_dev *hdev = conn->hdev; | |
2622 | struct pending_cmd *cmd; | |
2623 | ||
2624 | list_for_each_entry(cmd, &hdev->mgmt_pending, list) { | |
2625 | if (cmd->opcode != MGMT_OP_PAIR_DEVICE) | |
2626 | continue; | |
2627 | ||
2628 | if (cmd->user_data != conn) | |
2629 | continue; | |
2630 | ||
2631 | return cmd; | |
2632 | } | |
2633 | ||
2634 | return NULL; | |
2635 | } | |
2636 | ||
2637 | static void pairing_complete(struct pending_cmd *cmd, u8 status) | |
2638 | { | |
2639 | struct mgmt_rp_pair_device rp; | |
2640 | struct hci_conn *conn = cmd->user_data; | |
2641 | ||
2642 | bacpy(&rp.addr.bdaddr, &conn->dst); | |
2643 | rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type); | |
2644 | ||
2645 | cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status, | |
2646 | &rp, sizeof(rp)); | |
2647 | ||
2648 | /* So we don't get further callbacks for this connection */ | |
2649 | conn->connect_cfm_cb = NULL; | |
2650 | conn->security_cfm_cb = NULL; | |
2651 | conn->disconn_cfm_cb = NULL; | |
2652 | ||
2653 | hci_conn_drop(conn); | |
2654 | ||
2655 | mgmt_pending_remove(cmd); | |
2656 | } | |
2657 | ||
2658 | void mgmt_smp_complete(struct hci_conn *conn, bool complete) | |
2659 | { | |
2660 | u8 status = complete ? MGMT_STATUS_SUCCESS : MGMT_STATUS_FAILED; | |
2661 | struct pending_cmd *cmd; | |
2662 | ||
2663 | cmd = find_pairing(conn); | |
2664 | if (cmd) | |
2665 | pairing_complete(cmd, status); | |
2666 | } | |
2667 | ||
2668 | static void pairing_complete_cb(struct hci_conn *conn, u8 status) | |
2669 | { | |
2670 | struct pending_cmd *cmd; | |
2671 | ||
2672 | BT_DBG("status %u", status); | |
2673 | ||
2674 | cmd = find_pairing(conn); | |
2675 | if (!cmd) | |
2676 | BT_DBG("Unable to find a pending command"); | |
2677 | else | |
2678 | pairing_complete(cmd, mgmt_status(status)); | |
2679 | } | |
2680 | ||
2681 | static void le_pairing_complete_cb(struct hci_conn *conn, u8 status) | |
2682 | { | |
2683 | struct pending_cmd *cmd; | |
2684 | ||
2685 | BT_DBG("status %u", status); | |
2686 | ||
2687 | if (!status) | |
2688 | return; | |
2689 | ||
2690 | cmd = find_pairing(conn); | |
2691 | if (!cmd) | |
2692 | BT_DBG("Unable to find a pending command"); | |
2693 | else | |
2694 | pairing_complete(cmd, mgmt_status(status)); | |
2695 | } | |
2696 | ||
2697 | static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data, | |
2698 | u16 len) | |
2699 | { | |
2700 | struct mgmt_cp_pair_device *cp = data; | |
2701 | struct mgmt_rp_pair_device rp; | |
2702 | struct pending_cmd *cmd; | |
2703 | u8 sec_level, auth_type; | |
2704 | struct hci_conn *conn; | |
2705 | int err; | |
2706 | ||
2707 | BT_DBG(""); | |
2708 | ||
2709 | memset(&rp, 0, sizeof(rp)); | |
2710 | bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr); | |
2711 | rp.addr.type = cp->addr.type; | |
2712 | ||
2713 | if (!bdaddr_type_is_valid(cp->addr.type)) | |
2714 | return cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE, | |
2715 | MGMT_STATUS_INVALID_PARAMS, | |
2716 | &rp, sizeof(rp)); | |
2717 | ||
2718 | hci_dev_lock(hdev); | |
2719 | ||
2720 | if (!hdev_is_powered(hdev)) { | |
2721 | err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE, | |
2722 | MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp)); | |
2723 | goto unlock; | |
2724 | } | |
2725 | ||
2726 | sec_level = BT_SECURITY_MEDIUM; | |
2727 | if (cp->io_cap == 0x03) | |
2728 | auth_type = HCI_AT_DEDICATED_BONDING; | |
2729 | else | |
2730 | auth_type = HCI_AT_DEDICATED_BONDING_MITM; | |
2731 | ||
2732 | if (cp->addr.type == BDADDR_BREDR) | |
2733 | conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, | |
2734 | cp->addr.type, sec_level, auth_type); | |
2735 | else | |
2736 | conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, | |
2737 | cp->addr.type, sec_level, auth_type); | |
2738 | ||
2739 | if (IS_ERR(conn)) { | |
2740 | int status; | |
2741 | ||
2742 | if (PTR_ERR(conn) == -EBUSY) | |
2743 | status = MGMT_STATUS_BUSY; | |
2744 | else | |
2745 | status = MGMT_STATUS_CONNECT_FAILED; | |
2746 | ||
2747 | err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE, | |
2748 | status, &rp, | |
2749 | sizeof(rp)); | |
2750 | goto unlock; | |
2751 | } | |
2752 | ||
2753 | if (conn->connect_cfm_cb) { | |
2754 | hci_conn_drop(conn); | |
2755 | err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE, | |
2756 | MGMT_STATUS_BUSY, &rp, sizeof(rp)); | |
2757 | goto unlock; | |
2758 | } | |
2759 | ||
2760 | cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len); | |
2761 | if (!cmd) { | |
2762 | err = -ENOMEM; | |
2763 | hci_conn_drop(conn); | |
2764 | goto unlock; | |
2765 | } | |
2766 | ||
2767 | /* For LE, just connecting isn't a proof that the pairing finished */ | |
2768 | if (cp->addr.type == BDADDR_BREDR) { | |
2769 | conn->connect_cfm_cb = pairing_complete_cb; | |
2770 | conn->security_cfm_cb = pairing_complete_cb; | |
2771 | conn->disconn_cfm_cb = pairing_complete_cb; | |
2772 | } else { | |
2773 | conn->connect_cfm_cb = le_pairing_complete_cb; | |
2774 | conn->security_cfm_cb = le_pairing_complete_cb; | |
2775 | conn->disconn_cfm_cb = le_pairing_complete_cb; | |
2776 | } | |
2777 | ||
2778 | conn->io_capability = cp->io_cap; | |
2779 | cmd->user_data = conn; | |
2780 | ||
2781 | if (conn->state == BT_CONNECTED && | |
2782 | hci_conn_security(conn, sec_level, auth_type)) | |
2783 | pairing_complete(cmd, 0); | |
2784 | ||
2785 | err = 0; | |
2786 | ||
2787 | unlock: | |
2788 | hci_dev_unlock(hdev); | |
2789 | return err; | |
2790 | } | |
2791 | ||
2792 | static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data, | |
2793 | u16 len) | |
2794 | { | |
2795 | struct mgmt_addr_info *addr = data; | |
2796 | struct pending_cmd *cmd; | |
2797 | struct hci_conn *conn; | |
2798 | int err; | |
2799 | ||
2800 | BT_DBG(""); | |
2801 | ||
2802 | hci_dev_lock(hdev); | |
2803 | ||
2804 | if (!hdev_is_powered(hdev)) { | |
2805 | err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, | |
2806 | MGMT_STATUS_NOT_POWERED); | |
2807 | goto unlock; | |
2808 | } | |
2809 | ||
2810 | cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev); | |
2811 | if (!cmd) { | |
2812 | err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, | |
2813 | MGMT_STATUS_INVALID_PARAMS); | |
2814 | goto unlock; | |
2815 | } | |
2816 | ||
2817 | conn = cmd->user_data; | |
2818 | ||
2819 | if (bacmp(&addr->bdaddr, &conn->dst) != 0) { | |
2820 | err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, | |
2821 | MGMT_STATUS_INVALID_PARAMS); | |
2822 | goto unlock; | |
2823 | } | |
2824 | ||
2825 | pairing_complete(cmd, MGMT_STATUS_CANCELLED); | |
2826 | ||
2827 | err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0, | |
2828 | addr, sizeof(*addr)); | |
2829 | unlock: | |
2830 | hci_dev_unlock(hdev); | |
2831 | return err; | |
2832 | } | |
2833 | ||
2834 | static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev, | |
2835 | struct mgmt_addr_info *addr, u16 mgmt_op, | |
2836 | u16 hci_op, __le32 passkey) | |
2837 | { | |
2838 | struct pending_cmd *cmd; | |
2839 | struct hci_conn *conn; | |
2840 | int err; | |
2841 | ||
2842 | hci_dev_lock(hdev); | |
2843 | ||
2844 | if (!hdev_is_powered(hdev)) { | |
2845 | err = cmd_complete(sk, hdev->id, mgmt_op, | |
2846 | MGMT_STATUS_NOT_POWERED, addr, | |
2847 | sizeof(*addr)); | |
2848 | goto done; | |
2849 | } | |
2850 | ||
2851 | if (addr->type == BDADDR_BREDR) | |
2852 | conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &addr->bdaddr); | |
2853 | else | |
2854 | conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &addr->bdaddr); | |
2855 | ||
2856 | if (!conn) { | |
2857 | err = cmd_complete(sk, hdev->id, mgmt_op, | |
2858 | MGMT_STATUS_NOT_CONNECTED, addr, | |
2859 | sizeof(*addr)); | |
2860 | goto done; | |
2861 | } | |
2862 | ||
2863 | if (addr->type == BDADDR_LE_PUBLIC || addr->type == BDADDR_LE_RANDOM) { | |
2864 | /* Continue with pairing via SMP */ | |
2865 | err = smp_user_confirm_reply(conn, mgmt_op, passkey); | |
2866 | ||
2867 | if (!err) | |
2868 | err = cmd_complete(sk, hdev->id, mgmt_op, | |
2869 | MGMT_STATUS_SUCCESS, addr, | |
2870 | sizeof(*addr)); | |
2871 | else | |
2872 | err = cmd_complete(sk, hdev->id, mgmt_op, | |
2873 | MGMT_STATUS_FAILED, addr, | |
2874 | sizeof(*addr)); | |
2875 | ||
2876 | goto done; | |
2877 | } | |
2878 | ||
2879 | cmd = mgmt_pending_add(sk, mgmt_op, hdev, addr, sizeof(*addr)); | |
2880 | if (!cmd) { | |
2881 | err = -ENOMEM; | |
2882 | goto done; | |
2883 | } | |
2884 | ||
2885 | /* Continue with pairing via HCI */ | |
2886 | if (hci_op == HCI_OP_USER_PASSKEY_REPLY) { | |
2887 | struct hci_cp_user_passkey_reply cp; | |
2888 | ||
2889 | bacpy(&cp.bdaddr, &addr->bdaddr); | |
2890 | cp.passkey = passkey; | |
2891 | err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp); | |
2892 | } else | |
2893 | err = hci_send_cmd(hdev, hci_op, sizeof(addr->bdaddr), | |
2894 | &addr->bdaddr); | |
2895 | ||
2896 | if (err < 0) | |
2897 | mgmt_pending_remove(cmd); | |
2898 | ||
2899 | done: | |
2900 | hci_dev_unlock(hdev); | |
2901 | return err; | |
2902 | } | |
2903 | ||
2904 | static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev, | |
2905 | void *data, u16 len) | |
2906 | { | |
2907 | struct mgmt_cp_pin_code_neg_reply *cp = data; | |
2908 | ||
2909 | BT_DBG(""); | |
2910 | ||
2911 | return user_pairing_resp(sk, hdev, &cp->addr, | |
2912 | MGMT_OP_PIN_CODE_NEG_REPLY, | |
2913 | HCI_OP_PIN_CODE_NEG_REPLY, 0); | |
2914 | } | |
2915 | ||
2916 | static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data, | |
2917 | u16 len) | |
2918 | { | |
2919 | struct mgmt_cp_user_confirm_reply *cp = data; | |
2920 | ||
2921 | BT_DBG(""); | |
2922 | ||
2923 | if (len != sizeof(*cp)) | |
2924 | return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY, | |
2925 | MGMT_STATUS_INVALID_PARAMS); | |
2926 | ||
2927 | return user_pairing_resp(sk, hdev, &cp->addr, | |
2928 | MGMT_OP_USER_CONFIRM_REPLY, | |
2929 | HCI_OP_USER_CONFIRM_REPLY, 0); | |
2930 | } | |
2931 | ||
2932 | static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev, | |
2933 | void *data, u16 len) | |
2934 | { | |
2935 | struct mgmt_cp_user_confirm_neg_reply *cp = data; | |
2936 | ||
2937 | BT_DBG(""); | |
2938 | ||
2939 | return user_pairing_resp(sk, hdev, &cp->addr, | |
2940 | MGMT_OP_USER_CONFIRM_NEG_REPLY, | |
2941 | HCI_OP_USER_CONFIRM_NEG_REPLY, 0); | |
2942 | } | |
2943 | ||
2944 | static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data, | |
2945 | u16 len) | |
2946 | { | |
2947 | struct mgmt_cp_user_passkey_reply *cp = data; | |
2948 | ||
2949 | BT_DBG(""); | |
2950 | ||
2951 | return user_pairing_resp(sk, hdev, &cp->addr, | |
2952 | MGMT_OP_USER_PASSKEY_REPLY, | |
2953 | HCI_OP_USER_PASSKEY_REPLY, cp->passkey); | |
2954 | } | |
2955 | ||
2956 | static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev, | |
2957 | void *data, u16 len) | |
2958 | { | |
2959 | struct mgmt_cp_user_passkey_neg_reply *cp = data; | |
2960 | ||
2961 | BT_DBG(""); | |
2962 | ||
2963 | return user_pairing_resp(sk, hdev, &cp->addr, | |
2964 | MGMT_OP_USER_PASSKEY_NEG_REPLY, | |
2965 | HCI_OP_USER_PASSKEY_NEG_REPLY, 0); | |
2966 | } | |
2967 | ||
2968 | static void update_name(struct hci_request *req) | |
2969 | { | |
2970 | struct hci_dev *hdev = req->hdev; | |
2971 | struct hci_cp_write_local_name cp; | |
2972 | ||
2973 | memcpy(cp.name, hdev->dev_name, sizeof(cp.name)); | |
2974 | ||
2975 | hci_req_add(req, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp); | |
2976 | } | |
2977 | ||
2978 | static void set_name_complete(struct hci_dev *hdev, u8 status) | |
2979 | { | |
2980 | struct mgmt_cp_set_local_name *cp; | |
2981 | struct pending_cmd *cmd; | |
2982 | ||
2983 | BT_DBG("status 0x%02x", status); | |
2984 | ||
2985 | hci_dev_lock(hdev); | |
2986 | ||
2987 | cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev); | |
2988 | if (!cmd) | |
2989 | goto unlock; | |
2990 | ||
2991 | cp = cmd->param; | |
2992 | ||
2993 | if (status) | |
2994 | cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, | |
2995 | mgmt_status(status)); | |
2996 | else | |
2997 | cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, | |
2998 | cp, sizeof(*cp)); | |
2999 | ||
3000 | mgmt_pending_remove(cmd); | |
3001 | ||
3002 | unlock: | |
3003 | hci_dev_unlock(hdev); | |
3004 | } | |
3005 | ||
3006 | static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data, | |
3007 | u16 len) | |
3008 | { | |
3009 | struct mgmt_cp_set_local_name *cp = data; | |
3010 | struct pending_cmd *cmd; | |
3011 | struct hci_request req; | |
3012 | int err; | |
3013 | ||
3014 | BT_DBG(""); | |
3015 | ||
3016 | hci_dev_lock(hdev); | |
3017 | ||
3018 | /* If the old values are the same as the new ones just return a | |
3019 | * direct command complete event. | |
3020 | */ | |
3021 | if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) && | |
3022 | !memcmp(hdev->short_name, cp->short_name, | |
3023 | sizeof(hdev->short_name))) { | |
3024 | err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, | |
3025 | data, len); | |
3026 | goto failed; | |
3027 | } | |
3028 | ||
3029 | memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name)); | |
3030 | ||
3031 | if (!hdev_is_powered(hdev)) { | |
3032 | memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name)); | |
3033 | ||
3034 | err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, | |
3035 | data, len); | |
3036 | if (err < 0) | |
3037 | goto failed; | |
3038 | ||
3039 | err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len, | |
3040 | sk); | |
3041 | ||
3042 | goto failed; | |
3043 | } | |
3044 | ||
3045 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len); | |
3046 | if (!cmd) { | |
3047 | err = -ENOMEM; | |
3048 | goto failed; | |
3049 | } | |
3050 | ||
3051 | memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name)); | |
3052 | ||
3053 | hci_req_init(&req, hdev); | |
3054 | ||
3055 | if (lmp_bredr_capable(hdev)) { | |
3056 | update_name(&req); | |
3057 | update_eir(&req); | |
3058 | } | |
3059 | ||
3060 | /* The name is stored in the scan response data and so | |
3061 | * no need to udpate the advertising data here. | |
3062 | */ | |
3063 | if (lmp_le_capable(hdev)) | |
3064 | update_scan_rsp_data(&req); | |
3065 | ||
3066 | err = hci_req_run(&req, set_name_complete); | |
3067 | if (err < 0) | |
3068 | mgmt_pending_remove(cmd); | |
3069 | ||
3070 | failed: | |
3071 | hci_dev_unlock(hdev); | |
3072 | return err; | |
3073 | } | |
3074 | ||
3075 | static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev, | |
3076 | void *data, u16 data_len) | |
3077 | { | |
3078 | struct pending_cmd *cmd; | |
3079 | int err; | |
3080 | ||
3081 | BT_DBG("%s", hdev->name); | |
3082 | ||
3083 | hci_dev_lock(hdev); | |
3084 | ||
3085 | if (!hdev_is_powered(hdev)) { | |
3086 | err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA, | |
3087 | MGMT_STATUS_NOT_POWERED); | |
3088 | goto unlock; | |
3089 | } | |
3090 | ||
3091 | if (!lmp_ssp_capable(hdev)) { | |
3092 | err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA, | |
3093 | MGMT_STATUS_NOT_SUPPORTED); | |
3094 | goto unlock; | |
3095 | } | |
3096 | ||
3097 | if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) { | |
3098 | err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA, | |
3099 | MGMT_STATUS_BUSY); | |
3100 | goto unlock; | |
3101 | } | |
3102 | ||
3103 | cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0); | |
3104 | if (!cmd) { | |
3105 | err = -ENOMEM; | |
3106 | goto unlock; | |
3107 | } | |
3108 | ||
3109 | if (test_bit(HCI_SC_ENABLED, &hdev->dev_flags)) | |
3110 | err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_EXT_DATA, | |
3111 | 0, NULL); | |
3112 | else | |
3113 | err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL); | |
3114 | ||
3115 | if (err < 0) | |
3116 | mgmt_pending_remove(cmd); | |
3117 | ||
3118 | unlock: | |
3119 | hci_dev_unlock(hdev); | |
3120 | return err; | |
3121 | } | |
3122 | ||
3123 | static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev, | |
3124 | void *data, u16 len) | |
3125 | { | |
3126 | int err; | |
3127 | ||
3128 | BT_DBG("%s ", hdev->name); | |
3129 | ||
3130 | hci_dev_lock(hdev); | |
3131 | ||
3132 | if (len == MGMT_ADD_REMOTE_OOB_DATA_SIZE) { | |
3133 | struct mgmt_cp_add_remote_oob_data *cp = data; | |
3134 | u8 status; | |
3135 | ||
3136 | err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, | |
3137 | cp->hash, cp->randomizer); | |
3138 | if (err < 0) | |
3139 | status = MGMT_STATUS_FAILED; | |
3140 | else | |
3141 | status = MGMT_STATUS_SUCCESS; | |
3142 | ||
3143 | err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, | |
3144 | status, &cp->addr, sizeof(cp->addr)); | |
3145 | } else if (len == MGMT_ADD_REMOTE_OOB_EXT_DATA_SIZE) { | |
3146 | struct mgmt_cp_add_remote_oob_ext_data *cp = data; | |
3147 | u8 status; | |
3148 | ||
3149 | err = hci_add_remote_oob_ext_data(hdev, &cp->addr.bdaddr, | |
3150 | cp->hash192, | |
3151 | cp->randomizer192, | |
3152 | cp->hash256, | |
3153 | cp->randomizer256); | |
3154 | if (err < 0) | |
3155 | status = MGMT_STATUS_FAILED; | |
3156 | else | |
3157 | status = MGMT_STATUS_SUCCESS; | |
3158 | ||
3159 | err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, | |
3160 | status, &cp->addr, sizeof(cp->addr)); | |
3161 | } else { | |
3162 | BT_ERR("add_remote_oob_data: invalid length of %u bytes", len); | |
3163 | err = cmd_status(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, | |
3164 | MGMT_STATUS_INVALID_PARAMS); | |
3165 | } | |
3166 | ||
3167 | hci_dev_unlock(hdev); | |
3168 | return err; | |
3169 | } | |
3170 | ||
3171 | static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev, | |
3172 | void *data, u16 len) | |
3173 | { | |
3174 | struct mgmt_cp_remove_remote_oob_data *cp = data; | |
3175 | u8 status; | |
3176 | int err; | |
3177 | ||
3178 | BT_DBG("%s", hdev->name); | |
3179 | ||
3180 | hci_dev_lock(hdev); | |
3181 | ||
3182 | err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr); | |
3183 | if (err < 0) | |
3184 | status = MGMT_STATUS_INVALID_PARAMS; | |
3185 | else | |
3186 | status = MGMT_STATUS_SUCCESS; | |
3187 | ||
3188 | err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA, | |
3189 | status, &cp->addr, sizeof(cp->addr)); | |
3190 | ||
3191 | hci_dev_unlock(hdev); | |
3192 | return err; | |
3193 | } | |
3194 | ||
3195 | static int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status) | |
3196 | { | |
3197 | struct pending_cmd *cmd; | |
3198 | u8 type; | |
3199 | int err; | |
3200 | ||
3201 | hci_discovery_set_state(hdev, DISCOVERY_STOPPED); | |
3202 | ||
3203 | cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev); | |
3204 | if (!cmd) | |
3205 | return -ENOENT; | |
3206 | ||
3207 | type = hdev->discovery.type; | |
3208 | ||
3209 | err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status), | |
3210 | &type, sizeof(type)); | |
3211 | mgmt_pending_remove(cmd); | |
3212 | ||
3213 | return err; | |
3214 | } | |
3215 | ||
3216 | static void start_discovery_complete(struct hci_dev *hdev, u8 status) | |
3217 | { | |
3218 | BT_DBG("status %d", status); | |
3219 | ||
3220 | if (status) { | |
3221 | hci_dev_lock(hdev); | |
3222 | mgmt_start_discovery_failed(hdev, status); | |
3223 | hci_dev_unlock(hdev); | |
3224 | return; | |
3225 | } | |
3226 | ||
3227 | hci_dev_lock(hdev); | |
3228 | hci_discovery_set_state(hdev, DISCOVERY_FINDING); | |
3229 | hci_dev_unlock(hdev); | |
3230 | ||
3231 | switch (hdev->discovery.type) { | |
3232 | case DISCOV_TYPE_LE: | |
3233 | queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable, | |
3234 | DISCOV_LE_TIMEOUT); | |
3235 | break; | |
3236 | ||
3237 | case DISCOV_TYPE_INTERLEAVED: | |
3238 | queue_delayed_work(hdev->workqueue, &hdev->le_scan_disable, | |
3239 | DISCOV_INTERLEAVED_TIMEOUT); | |
3240 | break; | |
3241 | ||
3242 | case DISCOV_TYPE_BREDR: | |
3243 | break; | |
3244 | ||
3245 | default: | |
3246 | BT_ERR("Invalid discovery type %d", hdev->discovery.type); | |
3247 | } | |
3248 | } | |
3249 | ||
3250 | static int start_discovery(struct sock *sk, struct hci_dev *hdev, | |
3251 | void *data, u16 len) | |
3252 | { | |
3253 | struct mgmt_cp_start_discovery *cp = data; | |
3254 | struct pending_cmd *cmd; | |
3255 | struct hci_cp_le_set_scan_param param_cp; | |
3256 | struct hci_cp_le_set_scan_enable enable_cp; | |
3257 | struct hci_cp_inquiry inq_cp; | |
3258 | struct hci_request req; | |
3259 | /* General inquiry access code (GIAC) */ | |
3260 | u8 lap[3] = { 0x33, 0x8b, 0x9e }; | |
3261 | u8 status; | |
3262 | int err; | |
3263 | ||
3264 | BT_DBG("%s", hdev->name); | |
3265 | ||
3266 | hci_dev_lock(hdev); | |
3267 | ||
3268 | if (!hdev_is_powered(hdev)) { | |
3269 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3270 | MGMT_STATUS_NOT_POWERED); | |
3271 | goto failed; | |
3272 | } | |
3273 | ||
3274 | if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) { | |
3275 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3276 | MGMT_STATUS_BUSY); | |
3277 | goto failed; | |
3278 | } | |
3279 | ||
3280 | if (hdev->discovery.state != DISCOVERY_STOPPED) { | |
3281 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3282 | MGMT_STATUS_BUSY); | |
3283 | goto failed; | |
3284 | } | |
3285 | ||
3286 | cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0); | |
3287 | if (!cmd) { | |
3288 | err = -ENOMEM; | |
3289 | goto failed; | |
3290 | } | |
3291 | ||
3292 | hdev->discovery.type = cp->type; | |
3293 | ||
3294 | hci_req_init(&req, hdev); | |
3295 | ||
3296 | switch (hdev->discovery.type) { | |
3297 | case DISCOV_TYPE_BREDR: | |
3298 | status = mgmt_bredr_support(hdev); | |
3299 | if (status) { | |
3300 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3301 | status); | |
3302 | mgmt_pending_remove(cmd); | |
3303 | goto failed; | |
3304 | } | |
3305 | ||
3306 | if (test_bit(HCI_INQUIRY, &hdev->flags)) { | |
3307 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3308 | MGMT_STATUS_BUSY); | |
3309 | mgmt_pending_remove(cmd); | |
3310 | goto failed; | |
3311 | } | |
3312 | ||
3313 | hci_inquiry_cache_flush(hdev); | |
3314 | ||
3315 | memset(&inq_cp, 0, sizeof(inq_cp)); | |
3316 | memcpy(&inq_cp.lap, lap, sizeof(inq_cp.lap)); | |
3317 | inq_cp.length = DISCOV_BREDR_INQUIRY_LEN; | |
3318 | hci_req_add(&req, HCI_OP_INQUIRY, sizeof(inq_cp), &inq_cp); | |
3319 | break; | |
3320 | ||
3321 | case DISCOV_TYPE_LE: | |
3322 | case DISCOV_TYPE_INTERLEAVED: | |
3323 | status = mgmt_le_support(hdev); | |
3324 | if (status) { | |
3325 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3326 | status); | |
3327 | mgmt_pending_remove(cmd); | |
3328 | goto failed; | |
3329 | } | |
3330 | ||
3331 | if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED && | |
3332 | !test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) { | |
3333 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3334 | MGMT_STATUS_NOT_SUPPORTED); | |
3335 | mgmt_pending_remove(cmd); | |
3336 | goto failed; | |
3337 | } | |
3338 | ||
3339 | if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) { | |
3340 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3341 | MGMT_STATUS_REJECTED); | |
3342 | mgmt_pending_remove(cmd); | |
3343 | goto failed; | |
3344 | } | |
3345 | ||
3346 | if (test_bit(HCI_LE_SCAN, &hdev->dev_flags)) { | |
3347 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3348 | MGMT_STATUS_BUSY); | |
3349 | mgmt_pending_remove(cmd); | |
3350 | goto failed; | |
3351 | } | |
3352 | ||
3353 | memset(¶m_cp, 0, sizeof(param_cp)); | |
3354 | param_cp.type = LE_SCAN_ACTIVE; | |
3355 | param_cp.interval = cpu_to_le16(DISCOV_LE_SCAN_INT); | |
3356 | param_cp.window = cpu_to_le16(DISCOV_LE_SCAN_WIN); | |
3357 | param_cp.own_address_type = hdev->own_addr_type; | |
3358 | hci_req_add(&req, HCI_OP_LE_SET_SCAN_PARAM, sizeof(param_cp), | |
3359 | ¶m_cp); | |
3360 | ||
3361 | memset(&enable_cp, 0, sizeof(enable_cp)); | |
3362 | enable_cp.enable = LE_SCAN_ENABLE; | |
3363 | enable_cp.filter_dup = LE_SCAN_FILTER_DUP_ENABLE; | |
3364 | hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE, sizeof(enable_cp), | |
3365 | &enable_cp); | |
3366 | break; | |
3367 | ||
3368 | default: | |
3369 | err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY, | |
3370 | MGMT_STATUS_INVALID_PARAMS); | |
3371 | mgmt_pending_remove(cmd); | |
3372 | goto failed; | |
3373 | } | |
3374 | ||
3375 | err = hci_req_run(&req, start_discovery_complete); | |
3376 | if (err < 0) | |
3377 | mgmt_pending_remove(cmd); | |
3378 | else | |
3379 | hci_discovery_set_state(hdev, DISCOVERY_STARTING); | |
3380 | ||
3381 | failed: | |
3382 | hci_dev_unlock(hdev); | |
3383 | return err; | |
3384 | } | |
3385 | ||
3386 | static int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status) | |
3387 | { | |
3388 | struct pending_cmd *cmd; | |
3389 | int err; | |
3390 | ||
3391 | cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev); | |
3392 | if (!cmd) | |
3393 | return -ENOENT; | |
3394 | ||
3395 | err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status), | |
3396 | &hdev->discovery.type, sizeof(hdev->discovery.type)); | |
3397 | mgmt_pending_remove(cmd); | |
3398 | ||
3399 | return err; | |
3400 | } | |
3401 | ||
3402 | static void stop_discovery_complete(struct hci_dev *hdev, u8 status) | |
3403 | { | |
3404 | BT_DBG("status %d", status); | |
3405 | ||
3406 | hci_dev_lock(hdev); | |
3407 | ||
3408 | if (status) { | |
3409 | mgmt_stop_discovery_failed(hdev, status); | |
3410 | goto unlock; | |
3411 | } | |
3412 | ||
3413 | hci_discovery_set_state(hdev, DISCOVERY_STOPPED); | |
3414 | ||
3415 | unlock: | |
3416 | hci_dev_unlock(hdev); | |
3417 | } | |
3418 | ||
3419 | static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data, | |
3420 | u16 len) | |
3421 | { | |
3422 | struct mgmt_cp_stop_discovery *mgmt_cp = data; | |
3423 | struct pending_cmd *cmd; | |
3424 | struct hci_cp_remote_name_req_cancel cp; | |
3425 | struct inquiry_entry *e; | |
3426 | struct hci_request req; | |
3427 | struct hci_cp_le_set_scan_enable enable_cp; | |
3428 | int err; | |
3429 | ||
3430 | BT_DBG("%s", hdev->name); | |
3431 | ||
3432 | hci_dev_lock(hdev); | |
3433 | ||
3434 | if (!hci_discovery_active(hdev)) { | |
3435 | err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY, | |
3436 | MGMT_STATUS_REJECTED, &mgmt_cp->type, | |
3437 | sizeof(mgmt_cp->type)); | |
3438 | goto unlock; | |
3439 | } | |
3440 | ||
3441 | if (hdev->discovery.type != mgmt_cp->type) { | |
3442 | err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY, | |
3443 | MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type, | |
3444 | sizeof(mgmt_cp->type)); | |
3445 | goto unlock; | |
3446 | } | |
3447 | ||
3448 | cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0); | |
3449 | if (!cmd) { | |
3450 | err = -ENOMEM; | |
3451 | goto unlock; | |
3452 | } | |
3453 | ||
3454 | hci_req_init(&req, hdev); | |
3455 | ||
3456 | switch (hdev->discovery.state) { | |
3457 | case DISCOVERY_FINDING: | |
3458 | if (test_bit(HCI_INQUIRY, &hdev->flags)) { | |
3459 | hci_req_add(&req, HCI_OP_INQUIRY_CANCEL, 0, NULL); | |
3460 | } else { | |
3461 | cancel_delayed_work(&hdev->le_scan_disable); | |
3462 | ||
3463 | memset(&enable_cp, 0, sizeof(enable_cp)); | |
3464 | enable_cp.enable = LE_SCAN_DISABLE; | |
3465 | hci_req_add(&req, HCI_OP_LE_SET_SCAN_ENABLE, | |
3466 | sizeof(enable_cp), &enable_cp); | |
3467 | } | |
3468 | ||
3469 | break; | |
3470 | ||
3471 | case DISCOVERY_RESOLVING: | |
3472 | e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, | |
3473 | NAME_PENDING); | |
3474 | if (!e) { | |
3475 | mgmt_pending_remove(cmd); | |
3476 | err = cmd_complete(sk, hdev->id, | |
3477 | MGMT_OP_STOP_DISCOVERY, 0, | |
3478 | &mgmt_cp->type, | |
3479 | sizeof(mgmt_cp->type)); | |
3480 | hci_discovery_set_state(hdev, DISCOVERY_STOPPED); | |
3481 | goto unlock; | |
3482 | } | |
3483 | ||
3484 | bacpy(&cp.bdaddr, &e->data.bdaddr); | |
3485 | hci_req_add(&req, HCI_OP_REMOTE_NAME_REQ_CANCEL, sizeof(cp), | |
3486 | &cp); | |
3487 | ||
3488 | break; | |
3489 | ||
3490 | default: | |
3491 | BT_DBG("unknown discovery state %u", hdev->discovery.state); | |
3492 | ||
3493 | mgmt_pending_remove(cmd); | |
3494 | err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY, | |
3495 | MGMT_STATUS_FAILED, &mgmt_cp->type, | |
3496 | sizeof(mgmt_cp->type)); | |
3497 | goto unlock; | |
3498 | } | |
3499 | ||
3500 | err = hci_req_run(&req, stop_discovery_complete); | |
3501 | if (err < 0) | |
3502 | mgmt_pending_remove(cmd); | |
3503 | else | |
3504 | hci_discovery_set_state(hdev, DISCOVERY_STOPPING); | |
3505 | ||
3506 | unlock: | |
3507 | hci_dev_unlock(hdev); | |
3508 | return err; | |
3509 | } | |
3510 | ||
3511 | static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data, | |
3512 | u16 len) | |
3513 | { | |
3514 | struct mgmt_cp_confirm_name *cp = data; | |
3515 | struct inquiry_entry *e; | |
3516 | int err; | |
3517 | ||
3518 | BT_DBG("%s", hdev->name); | |
3519 | ||
3520 | hci_dev_lock(hdev); | |
3521 | ||
3522 | if (!hci_discovery_active(hdev)) { | |
3523 | err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME, | |
3524 | MGMT_STATUS_FAILED); | |
3525 | goto failed; | |
3526 | } | |
3527 | ||
3528 | e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr); | |
3529 | if (!e) { | |
3530 | err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME, | |
3531 | MGMT_STATUS_INVALID_PARAMS); | |
3532 | goto failed; | |
3533 | } | |
3534 | ||
3535 | if (cp->name_known) { | |
3536 | e->name_state = NAME_KNOWN; | |
3537 | list_del(&e->list); | |
3538 | } else { | |
3539 | e->name_state = NAME_NEEDED; | |
3540 | hci_inquiry_cache_update_resolve(hdev, e); | |
3541 | } | |
3542 | ||
3543 | err = cmd_complete(sk, hdev->id, MGMT_OP_CONFIRM_NAME, 0, &cp->addr, | |
3544 | sizeof(cp->addr)); | |
3545 | ||
3546 | failed: | |
3547 | hci_dev_unlock(hdev); | |
3548 | return err; | |
3549 | } | |
3550 | ||
3551 | static int block_device(struct sock *sk, struct hci_dev *hdev, void *data, | |
3552 | u16 len) | |
3553 | { | |
3554 | struct mgmt_cp_block_device *cp = data; | |
3555 | u8 status; | |
3556 | int err; | |
3557 | ||
3558 | BT_DBG("%s", hdev->name); | |
3559 | ||
3560 | if (!bdaddr_type_is_valid(cp->addr.type)) | |
3561 | return cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, | |
3562 | MGMT_STATUS_INVALID_PARAMS, | |
3563 | &cp->addr, sizeof(cp->addr)); | |
3564 | ||
3565 | hci_dev_lock(hdev); | |
3566 | ||
3567 | err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type); | |
3568 | if (err < 0) | |
3569 | status = MGMT_STATUS_FAILED; | |
3570 | else | |
3571 | status = MGMT_STATUS_SUCCESS; | |
3572 | ||
3573 | err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status, | |
3574 | &cp->addr, sizeof(cp->addr)); | |
3575 | ||
3576 | hci_dev_unlock(hdev); | |
3577 | ||
3578 | return err; | |
3579 | } | |
3580 | ||
3581 | static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data, | |
3582 | u16 len) | |
3583 | { | |
3584 | struct mgmt_cp_unblock_device *cp = data; | |
3585 | u8 status; | |
3586 | int err; | |
3587 | ||
3588 | BT_DBG("%s", hdev->name); | |
3589 | ||
3590 | if (!bdaddr_type_is_valid(cp->addr.type)) | |
3591 | return cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, | |
3592 | MGMT_STATUS_INVALID_PARAMS, | |
3593 | &cp->addr, sizeof(cp->addr)); | |
3594 | ||
3595 | hci_dev_lock(hdev); | |
3596 | ||
3597 | err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type); | |
3598 | if (err < 0) | |
3599 | status = MGMT_STATUS_INVALID_PARAMS; | |
3600 | else | |
3601 | status = MGMT_STATUS_SUCCESS; | |
3602 | ||
3603 | err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status, | |
3604 | &cp->addr, sizeof(cp->addr)); | |
3605 | ||
3606 | hci_dev_unlock(hdev); | |
3607 | ||
3608 | return err; | |
3609 | } | |
3610 | ||
3611 | static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data, | |
3612 | u16 len) | |
3613 | { | |
3614 | struct mgmt_cp_set_device_id *cp = data; | |
3615 | struct hci_request req; | |
3616 | int err; | |
3617 | __u16 source; | |
3618 | ||
3619 | BT_DBG("%s", hdev->name); | |
3620 | ||
3621 | source = __le16_to_cpu(cp->source); | |
3622 | ||
3623 | if (source > 0x0002) | |
3624 | return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, | |
3625 | MGMT_STATUS_INVALID_PARAMS); | |
3626 | ||
3627 | hci_dev_lock(hdev); | |
3628 | ||
3629 | hdev->devid_source = source; | |
3630 | hdev->devid_vendor = __le16_to_cpu(cp->vendor); | |
3631 | hdev->devid_product = __le16_to_cpu(cp->product); | |
3632 | hdev->devid_version = __le16_to_cpu(cp->version); | |
3633 | ||
3634 | err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0); | |
3635 | ||
3636 | hci_req_init(&req, hdev); | |
3637 | update_eir(&req); | |
3638 | hci_req_run(&req, NULL); | |
3639 | ||
3640 | hci_dev_unlock(hdev); | |
3641 | ||
3642 | return err; | |
3643 | } | |
3644 | ||
3645 | static void set_advertising_complete(struct hci_dev *hdev, u8 status) | |
3646 | { | |
3647 | struct cmd_lookup match = { NULL, hdev }; | |
3648 | ||
3649 | if (status) { | |
3650 | u8 mgmt_err = mgmt_status(status); | |
3651 | ||
3652 | mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, | |
3653 | cmd_status_rsp, &mgmt_err); | |
3654 | return; | |
3655 | } | |
3656 | ||
3657 | mgmt_pending_foreach(MGMT_OP_SET_ADVERTISING, hdev, settings_rsp, | |
3658 | &match); | |
3659 | ||
3660 | new_settings(hdev, match.sk); | |
3661 | ||
3662 | if (match.sk) | |
3663 | sock_put(match.sk); | |
3664 | } | |
3665 | ||
3666 | static int set_advertising(struct sock *sk, struct hci_dev *hdev, void *data, | |
3667 | u16 len) | |
3668 | { | |
3669 | struct mgmt_mode *cp = data; | |
3670 | struct pending_cmd *cmd; | |
3671 | struct hci_request req; | |
3672 | u8 val, enabled, status; | |
3673 | int err; | |
3674 | ||
3675 | BT_DBG("request for %s", hdev->name); | |
3676 | ||
3677 | status = mgmt_le_support(hdev); | |
3678 | if (status) | |
3679 | return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING, | |
3680 | status); | |
3681 | ||
3682 | if (cp->val != 0x00 && cp->val != 0x01) | |
3683 | return cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING, | |
3684 | MGMT_STATUS_INVALID_PARAMS); | |
3685 | ||
3686 | hci_dev_lock(hdev); | |
3687 | ||
3688 | val = !!cp->val; | |
3689 | enabled = test_bit(HCI_ADVERTISING, &hdev->dev_flags); | |
3690 | ||
3691 | /* The following conditions are ones which mean that we should | |
3692 | * not do any HCI communication but directly send a mgmt | |
3693 | * response to user space (after toggling the flag if | |
3694 | * necessary). | |
3695 | */ | |
3696 | if (!hdev_is_powered(hdev) || val == enabled || | |
3697 | hci_conn_num(hdev, LE_LINK) > 0) { | |
3698 | bool changed = false; | |
3699 | ||
3700 | if (val != test_bit(HCI_ADVERTISING, &hdev->dev_flags)) { | |
3701 | change_bit(HCI_ADVERTISING, &hdev->dev_flags); | |
3702 | changed = true; | |
3703 | } | |
3704 | ||
3705 | err = send_settings_rsp(sk, MGMT_OP_SET_ADVERTISING, hdev); | |
3706 | if (err < 0) | |
3707 | goto unlock; | |
3708 | ||
3709 | if (changed) | |
3710 | err = new_settings(hdev, sk); | |
3711 | ||
3712 | goto unlock; | |
3713 | } | |
3714 | ||
3715 | if (mgmt_pending_find(MGMT_OP_SET_ADVERTISING, hdev) || | |
3716 | mgmt_pending_find(MGMT_OP_SET_LE, hdev)) { | |
3717 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_ADVERTISING, | |
3718 | MGMT_STATUS_BUSY); | |
3719 | goto unlock; | |
3720 | } | |
3721 | ||
3722 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_ADVERTISING, hdev, data, len); | |
3723 | if (!cmd) { | |
3724 | err = -ENOMEM; | |
3725 | goto unlock; | |
3726 | } | |
3727 | ||
3728 | hci_req_init(&req, hdev); | |
3729 | ||
3730 | if (val) | |
3731 | enable_advertising(&req); | |
3732 | else | |
3733 | disable_advertising(&req); | |
3734 | ||
3735 | err = hci_req_run(&req, set_advertising_complete); | |
3736 | if (err < 0) | |
3737 | mgmt_pending_remove(cmd); | |
3738 | ||
3739 | unlock: | |
3740 | hci_dev_unlock(hdev); | |
3741 | return err; | |
3742 | } | |
3743 | ||
3744 | static int set_static_address(struct sock *sk, struct hci_dev *hdev, | |
3745 | void *data, u16 len) | |
3746 | { | |
3747 | struct mgmt_cp_set_static_address *cp = data; | |
3748 | int err; | |
3749 | ||
3750 | BT_DBG("%s", hdev->name); | |
3751 | ||
3752 | if (!lmp_le_capable(hdev)) | |
3753 | return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS, | |
3754 | MGMT_STATUS_NOT_SUPPORTED); | |
3755 | ||
3756 | if (hdev_is_powered(hdev)) | |
3757 | return cmd_status(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS, | |
3758 | MGMT_STATUS_REJECTED); | |
3759 | ||
3760 | if (bacmp(&cp->bdaddr, BDADDR_ANY)) { | |
3761 | if (!bacmp(&cp->bdaddr, BDADDR_NONE)) | |
3762 | return cmd_status(sk, hdev->id, | |
3763 | MGMT_OP_SET_STATIC_ADDRESS, | |
3764 | MGMT_STATUS_INVALID_PARAMS); | |
3765 | ||
3766 | /* Two most significant bits shall be set */ | |
3767 | if ((cp->bdaddr.b[5] & 0xc0) != 0xc0) | |
3768 | return cmd_status(sk, hdev->id, | |
3769 | MGMT_OP_SET_STATIC_ADDRESS, | |
3770 | MGMT_STATUS_INVALID_PARAMS); | |
3771 | } | |
3772 | ||
3773 | hci_dev_lock(hdev); | |
3774 | ||
3775 | bacpy(&hdev->static_addr, &cp->bdaddr); | |
3776 | ||
3777 | err = cmd_complete(sk, hdev->id, MGMT_OP_SET_STATIC_ADDRESS, 0, NULL, 0); | |
3778 | ||
3779 | hci_dev_unlock(hdev); | |
3780 | ||
3781 | return err; | |
3782 | } | |
3783 | ||
3784 | static int set_scan_params(struct sock *sk, struct hci_dev *hdev, | |
3785 | void *data, u16 len) | |
3786 | { | |
3787 | struct mgmt_cp_set_scan_params *cp = data; | |
3788 | __u16 interval, window; | |
3789 | int err; | |
3790 | ||
3791 | BT_DBG("%s", hdev->name); | |
3792 | ||
3793 | if (!lmp_le_capable(hdev)) | |
3794 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, | |
3795 | MGMT_STATUS_NOT_SUPPORTED); | |
3796 | ||
3797 | interval = __le16_to_cpu(cp->interval); | |
3798 | ||
3799 | if (interval < 0x0004 || interval > 0x4000) | |
3800 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, | |
3801 | MGMT_STATUS_INVALID_PARAMS); | |
3802 | ||
3803 | window = __le16_to_cpu(cp->window); | |
3804 | ||
3805 | if (window < 0x0004 || window > 0x4000) | |
3806 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, | |
3807 | MGMT_STATUS_INVALID_PARAMS); | |
3808 | ||
3809 | if (window > interval) | |
3810 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, | |
3811 | MGMT_STATUS_INVALID_PARAMS); | |
3812 | ||
3813 | hci_dev_lock(hdev); | |
3814 | ||
3815 | hdev->le_scan_interval = interval; | |
3816 | hdev->le_scan_window = window; | |
3817 | ||
3818 | err = cmd_complete(sk, hdev->id, MGMT_OP_SET_SCAN_PARAMS, 0, NULL, 0); | |
3819 | ||
3820 | hci_dev_unlock(hdev); | |
3821 | ||
3822 | return err; | |
3823 | } | |
3824 | ||
3825 | static void fast_connectable_complete(struct hci_dev *hdev, u8 status) | |
3826 | { | |
3827 | struct pending_cmd *cmd; | |
3828 | ||
3829 | BT_DBG("status 0x%02x", status); | |
3830 | ||
3831 | hci_dev_lock(hdev); | |
3832 | ||
3833 | cmd = mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev); | |
3834 | if (!cmd) | |
3835 | goto unlock; | |
3836 | ||
3837 | if (status) { | |
3838 | cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, | |
3839 | mgmt_status(status)); | |
3840 | } else { | |
3841 | struct mgmt_mode *cp = cmd->param; | |
3842 | ||
3843 | if (cp->val) | |
3844 | set_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags); | |
3845 | else | |
3846 | clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags); | |
3847 | ||
3848 | send_settings_rsp(cmd->sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev); | |
3849 | new_settings(hdev, cmd->sk); | |
3850 | } | |
3851 | ||
3852 | mgmt_pending_remove(cmd); | |
3853 | ||
3854 | unlock: | |
3855 | hci_dev_unlock(hdev); | |
3856 | } | |
3857 | ||
3858 | static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev, | |
3859 | void *data, u16 len) | |
3860 | { | |
3861 | struct mgmt_mode *cp = data; | |
3862 | struct pending_cmd *cmd; | |
3863 | struct hci_request req; | |
3864 | int err; | |
3865 | ||
3866 | BT_DBG("%s", hdev->name); | |
3867 | ||
3868 | if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags) || | |
3869 | hdev->hci_ver < BLUETOOTH_VER_1_2) | |
3870 | return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, | |
3871 | MGMT_STATUS_NOT_SUPPORTED); | |
3872 | ||
3873 | if (cp->val != 0x00 && cp->val != 0x01) | |
3874 | return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, | |
3875 | MGMT_STATUS_INVALID_PARAMS); | |
3876 | ||
3877 | if (!hdev_is_powered(hdev)) | |
3878 | return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, | |
3879 | MGMT_STATUS_NOT_POWERED); | |
3880 | ||
3881 | if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) | |
3882 | return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, | |
3883 | MGMT_STATUS_REJECTED); | |
3884 | ||
3885 | hci_dev_lock(hdev); | |
3886 | ||
3887 | if (mgmt_pending_find(MGMT_OP_SET_FAST_CONNECTABLE, hdev)) { | |
3888 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, | |
3889 | MGMT_STATUS_BUSY); | |
3890 | goto unlock; | |
3891 | } | |
3892 | ||
3893 | if (!!cp->val == test_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags)) { | |
3894 | err = send_settings_rsp(sk, MGMT_OP_SET_FAST_CONNECTABLE, | |
3895 | hdev); | |
3896 | goto unlock; | |
3897 | } | |
3898 | ||
3899 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_FAST_CONNECTABLE, hdev, | |
3900 | data, len); | |
3901 | if (!cmd) { | |
3902 | err = -ENOMEM; | |
3903 | goto unlock; | |
3904 | } | |
3905 | ||
3906 | hci_req_init(&req, hdev); | |
3907 | ||
3908 | write_fast_connectable(&req, cp->val); | |
3909 | ||
3910 | err = hci_req_run(&req, fast_connectable_complete); | |
3911 | if (err < 0) { | |
3912 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, | |
3913 | MGMT_STATUS_FAILED); | |
3914 | mgmt_pending_remove(cmd); | |
3915 | } | |
3916 | ||
3917 | unlock: | |
3918 | hci_dev_unlock(hdev); | |
3919 | ||
3920 | return err; | |
3921 | } | |
3922 | ||
3923 | static void set_bredr_scan(struct hci_request *req) | |
3924 | { | |
3925 | struct hci_dev *hdev = req->hdev; | |
3926 | u8 scan = 0; | |
3927 | ||
3928 | /* Ensure that fast connectable is disabled. This function will | |
3929 | * not do anything if the page scan parameters are already what | |
3930 | * they should be. | |
3931 | */ | |
3932 | write_fast_connectable(req, false); | |
3933 | ||
3934 | if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) | |
3935 | scan |= SCAN_PAGE; | |
3936 | if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) | |
3937 | scan |= SCAN_INQUIRY; | |
3938 | ||
3939 | if (scan) | |
3940 | hci_req_add(req, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan); | |
3941 | } | |
3942 | ||
3943 | static void set_bredr_complete(struct hci_dev *hdev, u8 status) | |
3944 | { | |
3945 | struct pending_cmd *cmd; | |
3946 | ||
3947 | BT_DBG("status 0x%02x", status); | |
3948 | ||
3949 | hci_dev_lock(hdev); | |
3950 | ||
3951 | cmd = mgmt_pending_find(MGMT_OP_SET_BREDR, hdev); | |
3952 | if (!cmd) | |
3953 | goto unlock; | |
3954 | ||
3955 | if (status) { | |
3956 | u8 mgmt_err = mgmt_status(status); | |
3957 | ||
3958 | /* We need to restore the flag if related HCI commands | |
3959 | * failed. | |
3960 | */ | |
3961 | clear_bit(HCI_BREDR_ENABLED, &hdev->dev_flags); | |
3962 | ||
3963 | cmd_status(cmd->sk, cmd->index, cmd->opcode, mgmt_err); | |
3964 | } else { | |
3965 | send_settings_rsp(cmd->sk, MGMT_OP_SET_BREDR, hdev); | |
3966 | new_settings(hdev, cmd->sk); | |
3967 | } | |
3968 | ||
3969 | mgmt_pending_remove(cmd); | |
3970 | ||
3971 | unlock: | |
3972 | hci_dev_unlock(hdev); | |
3973 | } | |
3974 | ||
3975 | static int set_bredr(struct sock *sk, struct hci_dev *hdev, void *data, u16 len) | |
3976 | { | |
3977 | struct mgmt_mode *cp = data; | |
3978 | struct pending_cmd *cmd; | |
3979 | struct hci_request req; | |
3980 | int err; | |
3981 | ||
3982 | BT_DBG("request for %s", hdev->name); | |
3983 | ||
3984 | if (!lmp_bredr_capable(hdev) || !lmp_le_capable(hdev)) | |
3985 | return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR, | |
3986 | MGMT_STATUS_NOT_SUPPORTED); | |
3987 | ||
3988 | if (!test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) | |
3989 | return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR, | |
3990 | MGMT_STATUS_REJECTED); | |
3991 | ||
3992 | if (cp->val != 0x00 && cp->val != 0x01) | |
3993 | return cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR, | |
3994 | MGMT_STATUS_INVALID_PARAMS); | |
3995 | ||
3996 | hci_dev_lock(hdev); | |
3997 | ||
3998 | if (cp->val == test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) { | |
3999 | err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev); | |
4000 | goto unlock; | |
4001 | } | |
4002 | ||
4003 | if (!hdev_is_powered(hdev)) { | |
4004 | if (!cp->val) { | |
4005 | clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags); | |
4006 | clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags); | |
4007 | clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags); | |
4008 | clear_bit(HCI_FAST_CONNECTABLE, &hdev->dev_flags); | |
4009 | clear_bit(HCI_HS_ENABLED, &hdev->dev_flags); | |
4010 | } | |
4011 | ||
4012 | change_bit(HCI_BREDR_ENABLED, &hdev->dev_flags); | |
4013 | ||
4014 | err = send_settings_rsp(sk, MGMT_OP_SET_BREDR, hdev); | |
4015 | if (err < 0) | |
4016 | goto unlock; | |
4017 | ||
4018 | err = new_settings(hdev, sk); | |
4019 | goto unlock; | |
4020 | } | |
4021 | ||
4022 | /* Reject disabling when powered on */ | |
4023 | if (!cp->val) { | |
4024 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR, | |
4025 | MGMT_STATUS_REJECTED); | |
4026 | goto unlock; | |
4027 | } | |
4028 | ||
4029 | if (mgmt_pending_find(MGMT_OP_SET_BREDR, hdev)) { | |
4030 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_BREDR, | |
4031 | MGMT_STATUS_BUSY); | |
4032 | goto unlock; | |
4033 | } | |
4034 | ||
4035 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_BREDR, hdev, data, len); | |
4036 | if (!cmd) { | |
4037 | err = -ENOMEM; | |
4038 | goto unlock; | |
4039 | } | |
4040 | ||
4041 | /* We need to flip the bit already here so that update_adv_data | |
4042 | * generates the correct flags. | |
4043 | */ | |
4044 | set_bit(HCI_BREDR_ENABLED, &hdev->dev_flags); | |
4045 | ||
4046 | hci_req_init(&req, hdev); | |
4047 | ||
4048 | if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) | |
4049 | set_bredr_scan(&req); | |
4050 | ||
4051 | /* Since only the advertising data flags will change, there | |
4052 | * is no need to update the scan response data. | |
4053 | */ | |
4054 | update_adv_data(&req); | |
4055 | ||
4056 | err = hci_req_run(&req, set_bredr_complete); | |
4057 | if (err < 0) | |
4058 | mgmt_pending_remove(cmd); | |
4059 | ||
4060 | unlock: | |
4061 | hci_dev_unlock(hdev); | |
4062 | return err; | |
4063 | } | |
4064 | ||
4065 | static int set_secure_conn(struct sock *sk, struct hci_dev *hdev, | |
4066 | void *data, u16 len) | |
4067 | { | |
4068 | struct mgmt_mode *cp = data; | |
4069 | struct pending_cmd *cmd; | |
4070 | u8 val, status; | |
4071 | int err; | |
4072 | ||
4073 | BT_DBG("request for %s", hdev->name); | |
4074 | ||
4075 | status = mgmt_bredr_support(hdev); | |
4076 | if (status) | |
4077 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SECURE_CONN, | |
4078 | status); | |
4079 | ||
4080 | if (!lmp_sc_capable(hdev) && | |
4081 | !test_bit(HCI_FORCE_SC, &hdev->dev_flags)) | |
4082 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SECURE_CONN, | |
4083 | MGMT_STATUS_NOT_SUPPORTED); | |
4084 | ||
4085 | if (cp->val != 0x00 && cp->val != 0x01 && cp->val != 0x02) | |
4086 | return cmd_status(sk, hdev->id, MGMT_OP_SET_SECURE_CONN, | |
4087 | MGMT_STATUS_INVALID_PARAMS); | |
4088 | ||
4089 | hci_dev_lock(hdev); | |
4090 | ||
4091 | if (!hdev_is_powered(hdev)) { | |
4092 | bool changed; | |
4093 | ||
4094 | if (cp->val) { | |
4095 | changed = !test_and_set_bit(HCI_SC_ENABLED, | |
4096 | &hdev->dev_flags); | |
4097 | if (cp->val == 0x02) | |
4098 | set_bit(HCI_SC_ONLY, &hdev->dev_flags); | |
4099 | else | |
4100 | clear_bit(HCI_SC_ONLY, &hdev->dev_flags); | |
4101 | } else { | |
4102 | changed = test_and_clear_bit(HCI_SC_ENABLED, | |
4103 | &hdev->dev_flags); | |
4104 | clear_bit(HCI_SC_ONLY, &hdev->dev_flags); | |
4105 | } | |
4106 | ||
4107 | err = send_settings_rsp(sk, MGMT_OP_SET_SECURE_CONN, hdev); | |
4108 | if (err < 0) | |
4109 | goto failed; | |
4110 | ||
4111 | if (changed) | |
4112 | err = new_settings(hdev, sk); | |
4113 | ||
4114 | goto failed; | |
4115 | } | |
4116 | ||
4117 | if (mgmt_pending_find(MGMT_OP_SET_SECURE_CONN, hdev)) { | |
4118 | err = cmd_status(sk, hdev->id, MGMT_OP_SET_SECURE_CONN, | |
4119 | MGMT_STATUS_BUSY); | |
4120 | goto failed; | |
4121 | } | |
4122 | ||
4123 | val = !!cp->val; | |
4124 | ||
4125 | if (val == test_bit(HCI_SC_ENABLED, &hdev->dev_flags) && | |
4126 | (cp->val == 0x02) == test_bit(HCI_SC_ONLY, &hdev->dev_flags)) { | |
4127 | err = send_settings_rsp(sk, MGMT_OP_SET_SECURE_CONN, hdev); | |
4128 | goto failed; | |
4129 | } | |
4130 | ||
4131 | cmd = mgmt_pending_add(sk, MGMT_OP_SET_SECURE_CONN, hdev, data, len); | |
4132 | if (!cmd) { | |
4133 | err = -ENOMEM; | |
4134 | goto failed; | |
4135 | } | |
4136 | ||
4137 | err = hci_send_cmd(hdev, HCI_OP_WRITE_SC_SUPPORT, 1, &val); | |
4138 | if (err < 0) { | |
4139 | mgmt_pending_remove(cmd); | |
4140 | goto failed; | |
4141 | } | |
4142 | ||
4143 | if (cp->val == 0x02) | |
4144 | set_bit(HCI_SC_ONLY, &hdev->dev_flags); | |
4145 | else | |
4146 | clear_bit(HCI_SC_ONLY, &hdev->dev_flags); | |
4147 | ||
4148 | failed: | |
4149 | hci_dev_unlock(hdev); | |
4150 | return err; | |
4151 | } | |
4152 | ||
4153 | static int set_debug_keys(struct sock *sk, struct hci_dev *hdev, | |
4154 | void *data, u16 len) | |
4155 | { | |
4156 | struct mgmt_mode *cp = data; | |
4157 | bool changed; | |
4158 | int err; | |
4159 | ||
4160 | BT_DBG("request for %s", hdev->name); | |
4161 | ||
4162 | if (cp->val != 0x00 && cp->val != 0x01) | |
4163 | return cmd_status(sk, hdev->id, MGMT_OP_SET_DEBUG_KEYS, | |
4164 | MGMT_STATUS_INVALID_PARAMS); | |
4165 | ||
4166 | hci_dev_lock(hdev); | |
4167 | ||
4168 | if (cp->val) | |
4169 | changed = !test_and_set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags); | |
4170 | else | |
4171 | changed = test_and_clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags); | |
4172 | ||
4173 | err = send_settings_rsp(sk, MGMT_OP_SET_DEBUG_KEYS, hdev); | |
4174 | if (err < 0) | |
4175 | goto unlock; | |
4176 | ||
4177 | if (changed) | |
4178 | err = new_settings(hdev, sk); | |
4179 | ||
4180 | unlock: | |
4181 | hci_dev_unlock(hdev); | |
4182 | return err; | |
4183 | } | |
4184 | ||
4185 | static bool irk_is_valid(struct mgmt_irk_info *irk) | |
4186 | { | |
4187 | switch (irk->addr.type) { | |
4188 | case BDADDR_LE_PUBLIC: | |
4189 | return true; | |
4190 | ||
4191 | case BDADDR_LE_RANDOM: | |
4192 | /* Two most significant bits shall be set */ | |
4193 | if ((irk->addr.bdaddr.b[5] & 0xc0) != 0xc0) | |
4194 | return false; | |
4195 | return true; | |
4196 | } | |
4197 | ||
4198 | return false; | |
4199 | } | |
4200 | ||
4201 | static int load_irks(struct sock *sk, struct hci_dev *hdev, void *cp_data, | |
4202 | u16 len) | |
4203 | { | |
4204 | struct mgmt_cp_load_irks *cp = cp_data; | |
4205 | u16 irk_count, expected_len; | |
4206 | int i, err; | |
4207 | ||
4208 | BT_DBG("request for %s", hdev->name); | |
4209 | ||
4210 | if (!lmp_le_capable(hdev)) | |
4211 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_IRKS, | |
4212 | MGMT_STATUS_NOT_SUPPORTED); | |
4213 | ||
4214 | irk_count = __le16_to_cpu(cp->irk_count); | |
4215 | ||
4216 | expected_len = sizeof(*cp) + irk_count * sizeof(struct mgmt_irk_info); | |
4217 | if (expected_len != len) { | |
4218 | BT_ERR("load_irks: expected %u bytes, got %u bytes", | |
4219 | len, expected_len); | |
4220 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_IRKS, | |
4221 | MGMT_STATUS_INVALID_PARAMS); | |
4222 | } | |
4223 | ||
4224 | BT_DBG("%s irk_count %u", hdev->name, irk_count); | |
4225 | ||
4226 | for (i = 0; i < irk_count; i++) { | |
4227 | struct mgmt_irk_info *key = &cp->irks[i]; | |
4228 | ||
4229 | if (!irk_is_valid(key)) | |
4230 | return cmd_status(sk, hdev->id, | |
4231 | MGMT_OP_LOAD_IRKS, | |
4232 | MGMT_STATUS_INVALID_PARAMS); | |
4233 | } | |
4234 | ||
4235 | hci_dev_lock(hdev); | |
4236 | ||
4237 | hci_smp_irks_clear(hdev); | |
4238 | ||
4239 | for (i = 0; i < irk_count; i++) { | |
4240 | struct mgmt_irk_info *irk = &cp->irks[i]; | |
4241 | u8 addr_type; | |
4242 | ||
4243 | if (irk->addr.type == BDADDR_LE_PUBLIC) | |
4244 | addr_type = ADDR_LE_DEV_PUBLIC; | |
4245 | else | |
4246 | addr_type = ADDR_LE_DEV_RANDOM; | |
4247 | ||
4248 | hci_add_irk(hdev, &irk->addr.bdaddr, addr_type, irk->val, | |
4249 | BDADDR_ANY); | |
4250 | } | |
4251 | ||
4252 | set_bit(HCI_RPA_RESOLVING, &hdev->dev_flags); | |
4253 | ||
4254 | err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_IRKS, 0, NULL, 0); | |
4255 | ||
4256 | hci_dev_unlock(hdev); | |
4257 | ||
4258 | return err; | |
4259 | } | |
4260 | ||
4261 | static bool ltk_is_valid(struct mgmt_ltk_info *key) | |
4262 | { | |
4263 | if (key->master != 0x00 && key->master != 0x01) | |
4264 | return false; | |
4265 | ||
4266 | switch (key->addr.type) { | |
4267 | case BDADDR_LE_PUBLIC: | |
4268 | return true; | |
4269 | ||
4270 | case BDADDR_LE_RANDOM: | |
4271 | /* Two most significant bits shall be set */ | |
4272 | if ((key->addr.bdaddr.b[5] & 0xc0) != 0xc0) | |
4273 | return false; | |
4274 | return true; | |
4275 | } | |
4276 | ||
4277 | return false; | |
4278 | } | |
4279 | ||
4280 | static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev, | |
4281 | void *cp_data, u16 len) | |
4282 | { | |
4283 | struct mgmt_cp_load_long_term_keys *cp = cp_data; | |
4284 | u16 key_count, expected_len; | |
4285 | int i, err; | |
4286 | ||
4287 | BT_DBG("request for %s", hdev->name); | |
4288 | ||
4289 | if (!lmp_le_capable(hdev)) | |
4290 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, | |
4291 | MGMT_STATUS_NOT_SUPPORTED); | |
4292 | ||
4293 | key_count = __le16_to_cpu(cp->key_count); | |
4294 | ||
4295 | expected_len = sizeof(*cp) + key_count * | |
4296 | sizeof(struct mgmt_ltk_info); | |
4297 | if (expected_len != len) { | |
4298 | BT_ERR("load_keys: expected %u bytes, got %u bytes", | |
4299 | len, expected_len); | |
4300 | return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, | |
4301 | MGMT_STATUS_INVALID_PARAMS); | |
4302 | } | |
4303 | ||
4304 | BT_DBG("%s key_count %u", hdev->name, key_count); | |
4305 | ||
4306 | for (i = 0; i < key_count; i++) { | |
4307 | struct mgmt_ltk_info *key = &cp->keys[i]; | |
4308 | ||
4309 | if (!ltk_is_valid(key)) | |
4310 | return cmd_status(sk, hdev->id, | |
4311 | MGMT_OP_LOAD_LONG_TERM_KEYS, | |
4312 | MGMT_STATUS_INVALID_PARAMS); | |
4313 | } | |
4314 | ||
4315 | hci_dev_lock(hdev); | |
4316 | ||
4317 | hci_smp_ltks_clear(hdev); | |
4318 | ||
4319 | for (i = 0; i < key_count; i++) { | |
4320 | struct mgmt_ltk_info *key = &cp->keys[i]; | |
4321 | u8 type, addr_type; | |
4322 | ||
4323 | if (key->addr.type == BDADDR_LE_PUBLIC) | |
4324 | addr_type = ADDR_LE_DEV_PUBLIC; | |
4325 | else | |
4326 | addr_type = ADDR_LE_DEV_RANDOM; | |
4327 | ||
4328 | if (key->master) | |
4329 | type = HCI_SMP_LTK; | |
4330 | else | |
4331 | type = HCI_SMP_LTK_SLAVE; | |
4332 | ||
4333 | hci_add_ltk(hdev, &key->addr.bdaddr, addr_type, type, | |
4334 | key->type, key->val, key->enc_size, key->ediv, | |
4335 | key->rand); | |
4336 | } | |
4337 | ||
4338 | err = cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS, 0, | |
4339 | NULL, 0); | |
4340 | ||
4341 | hci_dev_unlock(hdev); | |
4342 | ||
4343 | return err; | |
4344 | } | |
4345 | ||
4346 | static const struct mgmt_handler { | |
4347 | int (*func) (struct sock *sk, struct hci_dev *hdev, void *data, | |
4348 | u16 data_len); | |
4349 | bool var_len; | |
4350 | size_t data_len; | |
4351 | } mgmt_handlers[] = { | |
4352 | { NULL }, /* 0x0000 (no command) */ | |
4353 | { read_version, false, MGMT_READ_VERSION_SIZE }, | |
4354 | { read_commands, false, MGMT_READ_COMMANDS_SIZE }, | |
4355 | { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE }, | |
4356 | { read_controller_info, false, MGMT_READ_INFO_SIZE }, | |
4357 | { set_powered, false, MGMT_SETTING_SIZE }, | |
4358 | { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE }, | |
4359 | { set_connectable, false, MGMT_SETTING_SIZE }, | |
4360 | { set_fast_connectable, false, MGMT_SETTING_SIZE }, | |
4361 | { set_pairable, false, MGMT_SETTING_SIZE }, | |
4362 | { set_link_security, false, MGMT_SETTING_SIZE }, | |
4363 | { set_ssp, false, MGMT_SETTING_SIZE }, | |
4364 | { set_hs, false, MGMT_SETTING_SIZE }, | |
4365 | { set_le, false, MGMT_SETTING_SIZE }, | |
4366 | { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE }, | |
4367 | { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE }, | |
4368 | { add_uuid, false, MGMT_ADD_UUID_SIZE }, | |
4369 | { remove_uuid, false, MGMT_REMOVE_UUID_SIZE }, | |
4370 | { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE }, | |
4371 | { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE }, | |
4372 | { disconnect, false, MGMT_DISCONNECT_SIZE }, | |
4373 | { get_connections, false, MGMT_GET_CONNECTIONS_SIZE }, | |
4374 | { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE }, | |
4375 | { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE }, | |
4376 | { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE }, | |
4377 | { pair_device, false, MGMT_PAIR_DEVICE_SIZE }, | |
4378 | { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE }, | |
4379 | { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE }, | |
4380 | { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE }, | |
4381 | { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE }, | |
4382 | { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE }, | |
4383 | { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE }, | |
4384 | { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE }, | |
4385 | { add_remote_oob_data, true, MGMT_ADD_REMOTE_OOB_DATA_SIZE }, | |
4386 | { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE }, | |
4387 | { start_discovery, false, MGMT_START_DISCOVERY_SIZE }, | |
4388 | { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE }, | |
4389 | { confirm_name, false, MGMT_CONFIRM_NAME_SIZE }, | |
4390 | { block_device, false, MGMT_BLOCK_DEVICE_SIZE }, | |
4391 | { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE }, | |
4392 | { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE }, | |
4393 | { set_advertising, false, MGMT_SETTING_SIZE }, | |
4394 | { set_bredr, false, MGMT_SETTING_SIZE }, | |
4395 | { set_static_address, false, MGMT_SET_STATIC_ADDRESS_SIZE }, | |
4396 | { set_scan_params, false, MGMT_SET_SCAN_PARAMS_SIZE }, | |
4397 | { set_secure_conn, false, MGMT_SETTING_SIZE }, | |
4398 | { set_debug_keys, false, MGMT_SETTING_SIZE }, | |
4399 | { }, | |
4400 | { load_irks, true, MGMT_LOAD_IRKS_SIZE }, | |
4401 | }; | |
4402 | ||
4403 | ||
4404 | int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen) | |
4405 | { | |
4406 | void *buf; | |
4407 | u8 *cp; | |
4408 | struct mgmt_hdr *hdr; | |
4409 | u16 opcode, index, len; | |
4410 | struct hci_dev *hdev = NULL; | |
4411 | const struct mgmt_handler *handler; | |
4412 | int err; | |
4413 | ||
4414 | BT_DBG("got %zu bytes", msglen); | |
4415 | ||
4416 | if (msglen < sizeof(*hdr)) | |
4417 | return -EINVAL; | |
4418 | ||
4419 | buf = kmalloc(msglen, GFP_KERNEL); | |
4420 | if (!buf) | |
4421 | return -ENOMEM; | |
4422 | ||
4423 | if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) { | |
4424 | err = -EFAULT; | |
4425 | goto done; | |
4426 | } | |
4427 | ||
4428 | hdr = buf; | |
4429 | opcode = __le16_to_cpu(hdr->opcode); | |
4430 | index = __le16_to_cpu(hdr->index); | |
4431 | len = __le16_to_cpu(hdr->len); | |
4432 | ||
4433 | if (len != msglen - sizeof(*hdr)) { | |
4434 | err = -EINVAL; | |
4435 | goto done; | |
4436 | } | |
4437 | ||
4438 | if (index != MGMT_INDEX_NONE) { | |
4439 | hdev = hci_dev_get(index); | |
4440 | if (!hdev) { | |
4441 | err = cmd_status(sk, index, opcode, | |
4442 | MGMT_STATUS_INVALID_INDEX); | |
4443 | goto done; | |
4444 | } | |
4445 | ||
4446 | if (test_bit(HCI_SETUP, &hdev->dev_flags) || | |
4447 | test_bit(HCI_USER_CHANNEL, &hdev->dev_flags)) { | |
4448 | err = cmd_status(sk, index, opcode, | |
4449 | MGMT_STATUS_INVALID_INDEX); | |
4450 | goto done; | |
4451 | } | |
4452 | } | |
4453 | ||
4454 | if (opcode >= ARRAY_SIZE(mgmt_handlers) || | |
4455 | mgmt_handlers[opcode].func == NULL) { | |
4456 | BT_DBG("Unknown op %u", opcode); | |
4457 | err = cmd_status(sk, index, opcode, | |
4458 | MGMT_STATUS_UNKNOWN_COMMAND); | |
4459 | goto done; | |
4460 | } | |
4461 | ||
4462 | if ((hdev && opcode < MGMT_OP_READ_INFO) || | |
4463 | (!hdev && opcode >= MGMT_OP_READ_INFO)) { | |
4464 | err = cmd_status(sk, index, opcode, | |
4465 | MGMT_STATUS_INVALID_INDEX); | |
4466 | goto done; | |
4467 | } | |
4468 | ||
4469 | handler = &mgmt_handlers[opcode]; | |
4470 | ||
4471 | if ((handler->var_len && len < handler->data_len) || | |
4472 | (!handler->var_len && len != handler->data_len)) { | |
4473 | err = cmd_status(sk, index, opcode, | |
4474 | MGMT_STATUS_INVALID_PARAMS); | |
4475 | goto done; | |
4476 | } | |
4477 | ||
4478 | if (hdev) | |
4479 | mgmt_init_hdev(sk, hdev); | |
4480 | ||
4481 | cp = buf + sizeof(*hdr); | |
4482 | ||
4483 | err = handler->func(sk, hdev, cp, len); | |
4484 | if (err < 0) | |
4485 | goto done; | |
4486 | ||
4487 | err = msglen; | |
4488 | ||
4489 | done: | |
4490 | if (hdev) | |
4491 | hci_dev_put(hdev); | |
4492 | ||
4493 | kfree(buf); | |
4494 | return err; | |
4495 | } | |
4496 | ||
4497 | void mgmt_index_added(struct hci_dev *hdev) | |
4498 | { | |
4499 | if (hdev->dev_type != HCI_BREDR) | |
4500 | return; | |
4501 | ||
4502 | mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL); | |
4503 | } | |
4504 | ||
4505 | void mgmt_index_removed(struct hci_dev *hdev) | |
4506 | { | |
4507 | u8 status = MGMT_STATUS_INVALID_INDEX; | |
4508 | ||
4509 | if (hdev->dev_type != HCI_BREDR) | |
4510 | return; | |
4511 | ||
4512 | mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status); | |
4513 | ||
4514 | mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL); | |
4515 | } | |
4516 | ||
4517 | static void powered_complete(struct hci_dev *hdev, u8 status) | |
4518 | { | |
4519 | struct cmd_lookup match = { NULL, hdev }; | |
4520 | ||
4521 | BT_DBG("status 0x%02x", status); | |
4522 | ||
4523 | hci_dev_lock(hdev); | |
4524 | ||
4525 | mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match); | |
4526 | ||
4527 | new_settings(hdev, match.sk); | |
4528 | ||
4529 | hci_dev_unlock(hdev); | |
4530 | ||
4531 | if (match.sk) | |
4532 | sock_put(match.sk); | |
4533 | } | |
4534 | ||
4535 | static int powered_update_hci(struct hci_dev *hdev) | |
4536 | { | |
4537 | struct hci_request req; | |
4538 | u8 link_sec; | |
4539 | ||
4540 | hci_req_init(&req, hdev); | |
4541 | ||
4542 | if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) && | |
4543 | !lmp_host_ssp_capable(hdev)) { | |
4544 | u8 ssp = 1; | |
4545 | ||
4546 | hci_req_add(&req, HCI_OP_WRITE_SSP_MODE, 1, &ssp); | |
4547 | } | |
4548 | ||
4549 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags) && | |
4550 | lmp_bredr_capable(hdev)) { | |
4551 | struct hci_cp_write_le_host_supported cp; | |
4552 | ||
4553 | cp.le = 1; | |
4554 | cp.simul = lmp_le_br_capable(hdev); | |
4555 | ||
4556 | /* Check first if we already have the right | |
4557 | * host state (host features set) | |
4558 | */ | |
4559 | if (cp.le != lmp_host_le_capable(hdev) || | |
4560 | cp.simul != lmp_host_le_br_capable(hdev)) | |
4561 | hci_req_add(&req, HCI_OP_WRITE_LE_HOST_SUPPORTED, | |
4562 | sizeof(cp), &cp); | |
4563 | } | |
4564 | ||
4565 | if (lmp_le_capable(hdev)) { | |
4566 | /* Set random address to static address if configured */ | |
4567 | if (bacmp(&hdev->static_addr, BDADDR_ANY)) | |
4568 | hci_req_add(&req, HCI_OP_LE_SET_RANDOM_ADDR, 6, | |
4569 | &hdev->static_addr); | |
4570 | ||
4571 | /* Make sure the controller has a good default for | |
4572 | * advertising data. This also applies to the case | |
4573 | * where BR/EDR was toggled during the AUTO_OFF phase. | |
4574 | */ | |
4575 | if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) { | |
4576 | update_adv_data(&req); | |
4577 | update_scan_rsp_data(&req); | |
4578 | } | |
4579 | ||
4580 | if (test_bit(HCI_ADVERTISING, &hdev->dev_flags)) | |
4581 | enable_advertising(&req); | |
4582 | } | |
4583 | ||
4584 | link_sec = test_bit(HCI_LINK_SECURITY, &hdev->dev_flags); | |
4585 | if (link_sec != test_bit(HCI_AUTH, &hdev->flags)) | |
4586 | hci_req_add(&req, HCI_OP_WRITE_AUTH_ENABLE, | |
4587 | sizeof(link_sec), &link_sec); | |
4588 | ||
4589 | if (lmp_bredr_capable(hdev)) { | |
4590 | if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) | |
4591 | set_bredr_scan(&req); | |
4592 | update_class(&req); | |
4593 | update_name(&req); | |
4594 | update_eir(&req); | |
4595 | } | |
4596 | ||
4597 | return hci_req_run(&req, powered_complete); | |
4598 | } | |
4599 | ||
4600 | int mgmt_powered(struct hci_dev *hdev, u8 powered) | |
4601 | { | |
4602 | struct cmd_lookup match = { NULL, hdev }; | |
4603 | u8 status_not_powered = MGMT_STATUS_NOT_POWERED; | |
4604 | u8 zero_cod[] = { 0, 0, 0 }; | |
4605 | int err; | |
4606 | ||
4607 | if (!test_bit(HCI_MGMT, &hdev->dev_flags)) | |
4608 | return 0; | |
4609 | ||
4610 | if (powered) { | |
4611 | if (powered_update_hci(hdev) == 0) | |
4612 | return 0; | |
4613 | ||
4614 | mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, | |
4615 | &match); | |
4616 | goto new_settings; | |
4617 | } | |
4618 | ||
4619 | mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match); | |
4620 | mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status_not_powered); | |
4621 | ||
4622 | if (memcmp(hdev->dev_class, zero_cod, sizeof(zero_cod)) != 0) | |
4623 | mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, | |
4624 | zero_cod, sizeof(zero_cod), NULL); | |
4625 | ||
4626 | new_settings: | |
4627 | err = new_settings(hdev, match.sk); | |
4628 | ||
4629 | if (match.sk) | |
4630 | sock_put(match.sk); | |
4631 | ||
4632 | return err; | |
4633 | } | |
4634 | ||
4635 | void mgmt_set_powered_failed(struct hci_dev *hdev, int err) | |
4636 | { | |
4637 | struct pending_cmd *cmd; | |
4638 | u8 status; | |
4639 | ||
4640 | cmd = mgmt_pending_find(MGMT_OP_SET_POWERED, hdev); | |
4641 | if (!cmd) | |
4642 | return; | |
4643 | ||
4644 | if (err == -ERFKILL) | |
4645 | status = MGMT_STATUS_RFKILLED; | |
4646 | else | |
4647 | status = MGMT_STATUS_FAILED; | |
4648 | ||
4649 | cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_POWERED, status); | |
4650 | ||
4651 | mgmt_pending_remove(cmd); | |
4652 | } | |
4653 | ||
4654 | void mgmt_discoverable_timeout(struct hci_dev *hdev) | |
4655 | { | |
4656 | struct hci_request req; | |
4657 | ||
4658 | hci_dev_lock(hdev); | |
4659 | ||
4660 | /* When discoverable timeout triggers, then just make sure | |
4661 | * the limited discoverable flag is cleared. Even in the case | |
4662 | * of a timeout triggered from general discoverable, it is | |
4663 | * safe to unconditionally clear the flag. | |
4664 | */ | |
4665 | clear_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags); | |
4666 | clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags); | |
4667 | ||
4668 | hci_req_init(&req, hdev); | |
4669 | if (test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags)) { | |
4670 | u8 scan = SCAN_PAGE; | |
4671 | hci_req_add(&req, HCI_OP_WRITE_SCAN_ENABLE, | |
4672 | sizeof(scan), &scan); | |
4673 | } | |
4674 | update_class(&req); | |
4675 | update_adv_data(&req); | |
4676 | hci_req_run(&req, NULL); | |
4677 | ||
4678 | hdev->discov_timeout = 0; | |
4679 | ||
4680 | new_settings(hdev, NULL); | |
4681 | ||
4682 | hci_dev_unlock(hdev); | |
4683 | } | |
4684 | ||
4685 | void mgmt_discoverable(struct hci_dev *hdev, u8 discoverable) | |
4686 | { | |
4687 | bool changed; | |
4688 | ||
4689 | /* Nothing needed here if there's a pending command since that | |
4690 | * commands request completion callback takes care of everything | |
4691 | * necessary. | |
4692 | */ | |
4693 | if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev)) | |
4694 | return; | |
4695 | ||
4696 | if (discoverable) { | |
4697 | changed = !test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags); | |
4698 | } else { | |
4699 | clear_bit(HCI_LIMITED_DISCOVERABLE, &hdev->dev_flags); | |
4700 | changed = test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags); | |
4701 | } | |
4702 | ||
4703 | if (changed) { | |
4704 | struct hci_request req; | |
4705 | ||
4706 | /* In case this change in discoverable was triggered by | |
4707 | * a disabling of connectable there could be a need to | |
4708 | * update the advertising flags. | |
4709 | */ | |
4710 | hci_req_init(&req, hdev); | |
4711 | update_adv_data(&req); | |
4712 | hci_req_run(&req, NULL); | |
4713 | ||
4714 | new_settings(hdev, NULL); | |
4715 | } | |
4716 | } | |
4717 | ||
4718 | void mgmt_connectable(struct hci_dev *hdev, u8 connectable) | |
4719 | { | |
4720 | bool changed; | |
4721 | ||
4722 | /* Nothing needed here if there's a pending command since that | |
4723 | * commands request completion callback takes care of everything | |
4724 | * necessary. | |
4725 | */ | |
4726 | if (mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) | |
4727 | return; | |
4728 | ||
4729 | if (connectable) | |
4730 | changed = !test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags); | |
4731 | else | |
4732 | changed = test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags); | |
4733 | ||
4734 | if (changed) | |
4735 | new_settings(hdev, NULL); | |
4736 | } | |
4737 | ||
4738 | void mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status) | |
4739 | { | |
4740 | u8 mgmt_err = mgmt_status(status); | |
4741 | ||
4742 | if (scan & SCAN_PAGE) | |
4743 | mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, | |
4744 | cmd_status_rsp, &mgmt_err); | |
4745 | ||
4746 | if (scan & SCAN_INQUIRY) | |
4747 | mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, | |
4748 | cmd_status_rsp, &mgmt_err); | |
4749 | } | |
4750 | ||
4751 | void mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key, | |
4752 | bool persistent) | |
4753 | { | |
4754 | struct mgmt_ev_new_link_key ev; | |
4755 | ||
4756 | memset(&ev, 0, sizeof(ev)); | |
4757 | ||
4758 | ev.store_hint = persistent; | |
4759 | bacpy(&ev.key.addr.bdaddr, &key->bdaddr); | |
4760 | ev.key.addr.type = BDADDR_BREDR; | |
4761 | ev.key.type = key->type; | |
4762 | memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE); | |
4763 | ev.key.pin_len = key->pin_len; | |
4764 | ||
4765 | mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL); | |
4766 | } | |
4767 | ||
4768 | void mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key) | |
4769 | { | |
4770 | struct mgmt_ev_new_long_term_key ev; | |
4771 | ||
4772 | memset(&ev, 0, sizeof(ev)); | |
4773 | ||
4774 | if (key->bdaddr_type == ADDR_LE_DEV_RANDOM && | |
4775 | (key->bdaddr.b[5] & 0xc0) != 0xc0) | |
4776 | ev.store_hint = 0x00; | |
4777 | else | |
4778 | ev.store_hint = 0x01; | |
4779 | ||
4780 | bacpy(&ev.key.addr.bdaddr, &key->bdaddr); | |
4781 | ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type); | |
4782 | ev.key.type = key->authenticated; | |
4783 | ev.key.enc_size = key->enc_size; | |
4784 | ev.key.ediv = key->ediv; | |
4785 | ||
4786 | if (key->type == HCI_SMP_LTK) | |
4787 | ev.key.master = 1; | |
4788 | ||
4789 | memcpy(ev.key.rand, key->rand, sizeof(key->rand)); | |
4790 | memcpy(ev.key.val, key->val, sizeof(key->val)); | |
4791 | ||
4792 | mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev), NULL); | |
4793 | } | |
4794 | ||
4795 | static inline u16 eir_append_data(u8 *eir, u16 eir_len, u8 type, u8 *data, | |
4796 | u8 data_len) | |
4797 | { | |
4798 | eir[eir_len++] = sizeof(type) + data_len; | |
4799 | eir[eir_len++] = type; | |
4800 | memcpy(&eir[eir_len], data, data_len); | |
4801 | eir_len += data_len; | |
4802 | ||
4803 | return eir_len; | |
4804 | } | |
4805 | ||
4806 | void mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, | |
4807 | u8 addr_type, u32 flags, u8 *name, u8 name_len, | |
4808 | u8 *dev_class) | |
4809 | { | |
4810 | char buf[512]; | |
4811 | struct mgmt_ev_device_connected *ev = (void *) buf; | |
4812 | u16 eir_len = 0; | |
4813 | ||
4814 | bacpy(&ev->addr.bdaddr, bdaddr); | |
4815 | ev->addr.type = link_to_bdaddr(link_type, addr_type); | |
4816 | ||
4817 | ev->flags = __cpu_to_le32(flags); | |
4818 | ||
4819 | if (name_len > 0) | |
4820 | eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, | |
4821 | name, name_len); | |
4822 | ||
4823 | if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0) | |
4824 | eir_len = eir_append_data(ev->eir, eir_len, | |
4825 | EIR_CLASS_OF_DEV, dev_class, 3); | |
4826 | ||
4827 | ev->eir_len = cpu_to_le16(eir_len); | |
4828 | ||
4829 | mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf, | |
4830 | sizeof(*ev) + eir_len, NULL); | |
4831 | } | |
4832 | ||
4833 | static void disconnect_rsp(struct pending_cmd *cmd, void *data) | |
4834 | { | |
4835 | struct mgmt_cp_disconnect *cp = cmd->param; | |
4836 | struct sock **sk = data; | |
4837 | struct mgmt_rp_disconnect rp; | |
4838 | ||
4839 | bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr); | |
4840 | rp.addr.type = cp->addr.type; | |
4841 | ||
4842 | cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp, | |
4843 | sizeof(rp)); | |
4844 | ||
4845 | *sk = cmd->sk; | |
4846 | sock_hold(*sk); | |
4847 | ||
4848 | mgmt_pending_remove(cmd); | |
4849 | } | |
4850 | ||
4851 | static void unpair_device_rsp(struct pending_cmd *cmd, void *data) | |
4852 | { | |
4853 | struct hci_dev *hdev = data; | |
4854 | struct mgmt_cp_unpair_device *cp = cmd->param; | |
4855 | struct mgmt_rp_unpair_device rp; | |
4856 | ||
4857 | memset(&rp, 0, sizeof(rp)); | |
4858 | bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr); | |
4859 | rp.addr.type = cp->addr.type; | |
4860 | ||
4861 | device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk); | |
4862 | ||
4863 | cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp)); | |
4864 | ||
4865 | mgmt_pending_remove(cmd); | |
4866 | } | |
4867 | ||
4868 | void mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
4869 | u8 link_type, u8 addr_type, u8 reason) | |
4870 | { | |
4871 | struct mgmt_ev_device_disconnected ev; | |
4872 | struct sock *sk = NULL; | |
4873 | ||
4874 | if (link_type != ACL_LINK && link_type != LE_LINK) | |
4875 | return; | |
4876 | ||
4877 | mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk); | |
4878 | ||
4879 | bacpy(&ev.addr.bdaddr, bdaddr); | |
4880 | ev.addr.type = link_to_bdaddr(link_type, addr_type); | |
4881 | ev.reason = reason; | |
4882 | ||
4883 | mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev), sk); | |
4884 | ||
4885 | if (sk) | |
4886 | sock_put(sk); | |
4887 | ||
4888 | mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp, | |
4889 | hdev); | |
4890 | } | |
4891 | ||
4892 | void mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
4893 | u8 link_type, u8 addr_type, u8 status) | |
4894 | { | |
4895 | u8 bdaddr_type = link_to_bdaddr(link_type, addr_type); | |
4896 | struct mgmt_cp_disconnect *cp; | |
4897 | struct mgmt_rp_disconnect rp; | |
4898 | struct pending_cmd *cmd; | |
4899 | ||
4900 | mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp, | |
4901 | hdev); | |
4902 | ||
4903 | cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev); | |
4904 | if (!cmd) | |
4905 | return; | |
4906 | ||
4907 | cp = cmd->param; | |
4908 | ||
4909 | if (bacmp(bdaddr, &cp->addr.bdaddr)) | |
4910 | return; | |
4911 | ||
4912 | if (cp->addr.type != bdaddr_type) | |
4913 | return; | |
4914 | ||
4915 | bacpy(&rp.addr.bdaddr, bdaddr); | |
4916 | rp.addr.type = bdaddr_type; | |
4917 | ||
4918 | cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, | |
4919 | mgmt_status(status), &rp, sizeof(rp)); | |
4920 | ||
4921 | mgmt_pending_remove(cmd); | |
4922 | } | |
4923 | ||
4924 | void mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, | |
4925 | u8 addr_type, u8 status) | |
4926 | { | |
4927 | struct mgmt_ev_connect_failed ev; | |
4928 | ||
4929 | bacpy(&ev.addr.bdaddr, bdaddr); | |
4930 | ev.addr.type = link_to_bdaddr(link_type, addr_type); | |
4931 | ev.status = mgmt_status(status); | |
4932 | ||
4933 | mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL); | |
4934 | } | |
4935 | ||
4936 | void mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure) | |
4937 | { | |
4938 | struct mgmt_ev_pin_code_request ev; | |
4939 | ||
4940 | bacpy(&ev.addr.bdaddr, bdaddr); | |
4941 | ev.addr.type = BDADDR_BREDR; | |
4942 | ev.secure = secure; | |
4943 | ||
4944 | mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev), NULL); | |
4945 | } | |
4946 | ||
4947 | void mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
4948 | u8 status) | |
4949 | { | |
4950 | struct pending_cmd *cmd; | |
4951 | struct mgmt_rp_pin_code_reply rp; | |
4952 | ||
4953 | cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev); | |
4954 | if (!cmd) | |
4955 | return; | |
4956 | ||
4957 | bacpy(&rp.addr.bdaddr, bdaddr); | |
4958 | rp.addr.type = BDADDR_BREDR; | |
4959 | ||
4960 | cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, | |
4961 | mgmt_status(status), &rp, sizeof(rp)); | |
4962 | ||
4963 | mgmt_pending_remove(cmd); | |
4964 | } | |
4965 | ||
4966 | void mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
4967 | u8 status) | |
4968 | { | |
4969 | struct pending_cmd *cmd; | |
4970 | struct mgmt_rp_pin_code_reply rp; | |
4971 | ||
4972 | cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev); | |
4973 | if (!cmd) | |
4974 | return; | |
4975 | ||
4976 | bacpy(&rp.addr.bdaddr, bdaddr); | |
4977 | rp.addr.type = BDADDR_BREDR; | |
4978 | ||
4979 | cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, | |
4980 | mgmt_status(status), &rp, sizeof(rp)); | |
4981 | ||
4982 | mgmt_pending_remove(cmd); | |
4983 | } | |
4984 | ||
4985 | int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
4986 | u8 link_type, u8 addr_type, __le32 value, | |
4987 | u8 confirm_hint) | |
4988 | { | |
4989 | struct mgmt_ev_user_confirm_request ev; | |
4990 | ||
4991 | BT_DBG("%s", hdev->name); | |
4992 | ||
4993 | bacpy(&ev.addr.bdaddr, bdaddr); | |
4994 | ev.addr.type = link_to_bdaddr(link_type, addr_type); | |
4995 | ev.confirm_hint = confirm_hint; | |
4996 | ev.value = value; | |
4997 | ||
4998 | return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev), | |
4999 | NULL); | |
5000 | } | |
5001 | ||
5002 | int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
5003 | u8 link_type, u8 addr_type) | |
5004 | { | |
5005 | struct mgmt_ev_user_passkey_request ev; | |
5006 | ||
5007 | BT_DBG("%s", hdev->name); | |
5008 | ||
5009 | bacpy(&ev.addr.bdaddr, bdaddr); | |
5010 | ev.addr.type = link_to_bdaddr(link_type, addr_type); | |
5011 | ||
5012 | return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev), | |
5013 | NULL); | |
5014 | } | |
5015 | ||
5016 | static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
5017 | u8 link_type, u8 addr_type, u8 status, | |
5018 | u8 opcode) | |
5019 | { | |
5020 | struct pending_cmd *cmd; | |
5021 | struct mgmt_rp_user_confirm_reply rp; | |
5022 | int err; | |
5023 | ||
5024 | cmd = mgmt_pending_find(opcode, hdev); | |
5025 | if (!cmd) | |
5026 | return -ENOENT; | |
5027 | ||
5028 | bacpy(&rp.addr.bdaddr, bdaddr); | |
5029 | rp.addr.type = link_to_bdaddr(link_type, addr_type); | |
5030 | err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status), | |
5031 | &rp, sizeof(rp)); | |
5032 | ||
5033 | mgmt_pending_remove(cmd); | |
5034 | ||
5035 | return err; | |
5036 | } | |
5037 | ||
5038 | int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
5039 | u8 link_type, u8 addr_type, u8 status) | |
5040 | { | |
5041 | return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type, | |
5042 | status, MGMT_OP_USER_CONFIRM_REPLY); | |
5043 | } | |
5044 | ||
5045 | int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
5046 | u8 link_type, u8 addr_type, u8 status) | |
5047 | { | |
5048 | return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type, | |
5049 | status, | |
5050 | MGMT_OP_USER_CONFIRM_NEG_REPLY); | |
5051 | } | |
5052 | ||
5053 | int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
5054 | u8 link_type, u8 addr_type, u8 status) | |
5055 | { | |
5056 | return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type, | |
5057 | status, MGMT_OP_USER_PASSKEY_REPLY); | |
5058 | } | |
5059 | ||
5060 | int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
5061 | u8 link_type, u8 addr_type, u8 status) | |
5062 | { | |
5063 | return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type, | |
5064 | status, | |
5065 | MGMT_OP_USER_PASSKEY_NEG_REPLY); | |
5066 | } | |
5067 | ||
5068 | int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr, | |
5069 | u8 link_type, u8 addr_type, u32 passkey, | |
5070 | u8 entered) | |
5071 | { | |
5072 | struct mgmt_ev_passkey_notify ev; | |
5073 | ||
5074 | BT_DBG("%s", hdev->name); | |
5075 | ||
5076 | bacpy(&ev.addr.bdaddr, bdaddr); | |
5077 | ev.addr.type = link_to_bdaddr(link_type, addr_type); | |
5078 | ev.passkey = __cpu_to_le32(passkey); | |
5079 | ev.entered = entered; | |
5080 | ||
5081 | return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL); | |
5082 | } | |
5083 | ||
5084 | void mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, | |
5085 | u8 addr_type, u8 status) | |
5086 | { | |
5087 | struct mgmt_ev_auth_failed ev; | |
5088 | ||
5089 | bacpy(&ev.addr.bdaddr, bdaddr); | |
5090 | ev.addr.type = link_to_bdaddr(link_type, addr_type); | |
5091 | ev.status = mgmt_status(status); | |
5092 | ||
5093 | mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL); | |
5094 | } | |
5095 | ||
5096 | void mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status) | |
5097 | { | |
5098 | struct cmd_lookup match = { NULL, hdev }; | |
5099 | bool changed; | |
5100 | ||
5101 | if (status) { | |
5102 | u8 mgmt_err = mgmt_status(status); | |
5103 | mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, | |
5104 | cmd_status_rsp, &mgmt_err); | |
5105 | return; | |
5106 | } | |
5107 | ||
5108 | if (test_bit(HCI_AUTH, &hdev->flags)) | |
5109 | changed = !test_and_set_bit(HCI_LINK_SECURITY, | |
5110 | &hdev->dev_flags); | |
5111 | else | |
5112 | changed = test_and_clear_bit(HCI_LINK_SECURITY, | |
5113 | &hdev->dev_flags); | |
5114 | ||
5115 | mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp, | |
5116 | &match); | |
5117 | ||
5118 | if (changed) | |
5119 | new_settings(hdev, match.sk); | |
5120 | ||
5121 | if (match.sk) | |
5122 | sock_put(match.sk); | |
5123 | } | |
5124 | ||
5125 | static void clear_eir(struct hci_request *req) | |
5126 | { | |
5127 | struct hci_dev *hdev = req->hdev; | |
5128 | struct hci_cp_write_eir cp; | |
5129 | ||
5130 | if (!lmp_ext_inq_capable(hdev)) | |
5131 | return; | |
5132 | ||
5133 | memset(hdev->eir, 0, sizeof(hdev->eir)); | |
5134 | ||
5135 | memset(&cp, 0, sizeof(cp)); | |
5136 | ||
5137 | hci_req_add(req, HCI_OP_WRITE_EIR, sizeof(cp), &cp); | |
5138 | } | |
5139 | ||
5140 | void mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status) | |
5141 | { | |
5142 | struct cmd_lookup match = { NULL, hdev }; | |
5143 | struct hci_request req; | |
5144 | bool changed = false; | |
5145 | ||
5146 | if (status) { | |
5147 | u8 mgmt_err = mgmt_status(status); | |
5148 | ||
5149 | if (enable && test_and_clear_bit(HCI_SSP_ENABLED, | |
5150 | &hdev->dev_flags)) { | |
5151 | clear_bit(HCI_HS_ENABLED, &hdev->dev_flags); | |
5152 | new_settings(hdev, NULL); | |
5153 | } | |
5154 | ||
5155 | mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp, | |
5156 | &mgmt_err); | |
5157 | return; | |
5158 | } | |
5159 | ||
5160 | if (enable) { | |
5161 | changed = !test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags); | |
5162 | } else { | |
5163 | changed = test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags); | |
5164 | if (!changed) | |
5165 | changed = test_and_clear_bit(HCI_HS_ENABLED, | |
5166 | &hdev->dev_flags); | |
5167 | else | |
5168 | clear_bit(HCI_HS_ENABLED, &hdev->dev_flags); | |
5169 | } | |
5170 | ||
5171 | mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match); | |
5172 | ||
5173 | if (changed) | |
5174 | new_settings(hdev, match.sk); | |
5175 | ||
5176 | if (match.sk) | |
5177 | sock_put(match.sk); | |
5178 | ||
5179 | hci_req_init(&req, hdev); | |
5180 | ||
5181 | if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) | |
5182 | update_eir(&req); | |
5183 | else | |
5184 | clear_eir(&req); | |
5185 | ||
5186 | hci_req_run(&req, NULL); | |
5187 | } | |
5188 | ||
5189 | void mgmt_sc_enable_complete(struct hci_dev *hdev, u8 enable, u8 status) | |
5190 | { | |
5191 | struct cmd_lookup match = { NULL, hdev }; | |
5192 | bool changed = false; | |
5193 | ||
5194 | if (status) { | |
5195 | u8 mgmt_err = mgmt_status(status); | |
5196 | ||
5197 | if (enable) { | |
5198 | if (test_and_clear_bit(HCI_SC_ENABLED, | |
5199 | &hdev->dev_flags)) | |
5200 | new_settings(hdev, NULL); | |
5201 | clear_bit(HCI_SC_ONLY, &hdev->dev_flags); | |
5202 | } | |
5203 | ||
5204 | mgmt_pending_foreach(MGMT_OP_SET_SECURE_CONN, hdev, | |
5205 | cmd_status_rsp, &mgmt_err); | |
5206 | return; | |
5207 | } | |
5208 | ||
5209 | if (enable) { | |
5210 | changed = !test_and_set_bit(HCI_SC_ENABLED, &hdev->dev_flags); | |
5211 | } else { | |
5212 | changed = test_and_clear_bit(HCI_SC_ENABLED, &hdev->dev_flags); | |
5213 | clear_bit(HCI_SC_ONLY, &hdev->dev_flags); | |
5214 | } | |
5215 | ||
5216 | mgmt_pending_foreach(MGMT_OP_SET_SECURE_CONN, hdev, | |
5217 | settings_rsp, &match); | |
5218 | ||
5219 | if (changed) | |
5220 | new_settings(hdev, match.sk); | |
5221 | ||
5222 | if (match.sk) | |
5223 | sock_put(match.sk); | |
5224 | } | |
5225 | ||
5226 | static void sk_lookup(struct pending_cmd *cmd, void *data) | |
5227 | { | |
5228 | struct cmd_lookup *match = data; | |
5229 | ||
5230 | if (match->sk == NULL) { | |
5231 | match->sk = cmd->sk; | |
5232 | sock_hold(match->sk); | |
5233 | } | |
5234 | } | |
5235 | ||
5236 | void mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class, | |
5237 | u8 status) | |
5238 | { | |
5239 | struct cmd_lookup match = { NULL, hdev, mgmt_status(status) }; | |
5240 | ||
5241 | mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, sk_lookup, &match); | |
5242 | mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, sk_lookup, &match); | |
5243 | mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, sk_lookup, &match); | |
5244 | ||
5245 | if (!status) | |
5246 | mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class, 3, | |
5247 | NULL); | |
5248 | ||
5249 | if (match.sk) | |
5250 | sock_put(match.sk); | |
5251 | } | |
5252 | ||
5253 | void mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status) | |
5254 | { | |
5255 | struct mgmt_cp_set_local_name ev; | |
5256 | struct pending_cmd *cmd; | |
5257 | ||
5258 | if (status) | |
5259 | return; | |
5260 | ||
5261 | memset(&ev, 0, sizeof(ev)); | |
5262 | memcpy(ev.name, name, HCI_MAX_NAME_LENGTH); | |
5263 | memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH); | |
5264 | ||
5265 | cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev); | |
5266 | if (!cmd) { | |
5267 | memcpy(hdev->dev_name, name, sizeof(hdev->dev_name)); | |
5268 | ||
5269 | /* If this is a HCI command related to powering on the | |
5270 | * HCI dev don't send any mgmt signals. | |
5271 | */ | |
5272 | if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) | |
5273 | return; | |
5274 | } | |
5275 | ||
5276 | mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev), | |
5277 | cmd ? cmd->sk : NULL); | |
5278 | } | |
5279 | ||
5280 | void mgmt_read_local_oob_data_complete(struct hci_dev *hdev, u8 *hash192, | |
5281 | u8 *randomizer192, u8 *hash256, | |
5282 | u8 *randomizer256, u8 status) | |
5283 | { | |
5284 | struct pending_cmd *cmd; | |
5285 | ||
5286 | BT_DBG("%s status %u", hdev->name, status); | |
5287 | ||
5288 | cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev); | |
5289 | if (!cmd) | |
5290 | return; | |
5291 | ||
5292 | if (status) { | |
5293 | cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA, | |
5294 | mgmt_status(status)); | |
5295 | } else { | |
5296 | if (test_bit(HCI_SC_ENABLED, &hdev->dev_flags) && | |
5297 | hash256 && randomizer256) { | |
5298 | struct mgmt_rp_read_local_oob_ext_data rp; | |
5299 | ||
5300 | memcpy(rp.hash192, hash192, sizeof(rp.hash192)); | |
5301 | memcpy(rp.randomizer192, randomizer192, | |
5302 | sizeof(rp.randomizer192)); | |
5303 | ||
5304 | memcpy(rp.hash256, hash256, sizeof(rp.hash256)); | |
5305 | memcpy(rp.randomizer256, randomizer256, | |
5306 | sizeof(rp.randomizer256)); | |
5307 | ||
5308 | cmd_complete(cmd->sk, hdev->id, | |
5309 | MGMT_OP_READ_LOCAL_OOB_DATA, 0, | |
5310 | &rp, sizeof(rp)); | |
5311 | } else { | |
5312 | struct mgmt_rp_read_local_oob_data rp; | |
5313 | ||
5314 | memcpy(rp.hash, hash192, sizeof(rp.hash)); | |
5315 | memcpy(rp.randomizer, randomizer192, | |
5316 | sizeof(rp.randomizer)); | |
5317 | ||
5318 | cmd_complete(cmd->sk, hdev->id, | |
5319 | MGMT_OP_READ_LOCAL_OOB_DATA, 0, | |
5320 | &rp, sizeof(rp)); | |
5321 | } | |
5322 | } | |
5323 | ||
5324 | mgmt_pending_remove(cmd); | |
5325 | } | |
5326 | ||
5327 | void mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, | |
5328 | u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8 | |
5329 | ssp, u8 *eir, u16 eir_len) | |
5330 | { | |
5331 | char buf[512]; | |
5332 | struct mgmt_ev_device_found *ev = (void *) buf; | |
5333 | struct smp_irk *irk; | |
5334 | size_t ev_size; | |
5335 | ||
5336 | if (!hci_discovery_active(hdev)) | |
5337 | return; | |
5338 | ||
5339 | /* Leave 5 bytes for a potential CoD field */ | |
5340 | if (sizeof(*ev) + eir_len + 5 > sizeof(buf)) | |
5341 | return; | |
5342 | ||
5343 | memset(buf, 0, sizeof(buf)); | |
5344 | ||
5345 | irk = hci_get_irk(hdev, bdaddr, addr_type); | |
5346 | if (irk) { | |
5347 | bacpy(&ev->addr.bdaddr, &irk->bdaddr); | |
5348 | ev->addr.type = link_to_bdaddr(link_type, irk->addr_type); | |
5349 | } else { | |
5350 | bacpy(&ev->addr.bdaddr, bdaddr); | |
5351 | ev->addr.type = link_to_bdaddr(link_type, addr_type); | |
5352 | } | |
5353 | ||
5354 | ev->rssi = rssi; | |
5355 | if (cfm_name) | |
5356 | ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME); | |
5357 | if (!ssp) | |
5358 | ev->flags |= __constant_cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING); | |
5359 | ||
5360 | if (eir_len > 0) | |
5361 | memcpy(ev->eir, eir, eir_len); | |
5362 | ||
5363 | if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV)) | |
5364 | eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV, | |
5365 | dev_class, 3); | |
5366 | ||
5367 | ev->eir_len = cpu_to_le16(eir_len); | |
5368 | ev_size = sizeof(*ev) + eir_len; | |
5369 | ||
5370 | mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL); | |
5371 | } | |
5372 | ||
5373 | void mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, | |
5374 | u8 addr_type, s8 rssi, u8 *name, u8 name_len) | |
5375 | { | |
5376 | struct mgmt_ev_device_found *ev; | |
5377 | char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2]; | |
5378 | u16 eir_len; | |
5379 | ||
5380 | ev = (struct mgmt_ev_device_found *) buf; | |
5381 | ||
5382 | memset(buf, 0, sizeof(buf)); | |
5383 | ||
5384 | bacpy(&ev->addr.bdaddr, bdaddr); | |
5385 | ev->addr.type = link_to_bdaddr(link_type, addr_type); | |
5386 | ev->rssi = rssi; | |
5387 | ||
5388 | eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name, | |
5389 | name_len); | |
5390 | ||
5391 | ev->eir_len = cpu_to_le16(eir_len); | |
5392 | ||
5393 | mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, sizeof(*ev) + eir_len, NULL); | |
5394 | } | |
5395 | ||
5396 | void mgmt_discovering(struct hci_dev *hdev, u8 discovering) | |
5397 | { | |
5398 | struct mgmt_ev_discovering ev; | |
5399 | struct pending_cmd *cmd; | |
5400 | ||
5401 | BT_DBG("%s discovering %u", hdev->name, discovering); | |
5402 | ||
5403 | if (discovering) | |
5404 | cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev); | |
5405 | else | |
5406 | cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev); | |
5407 | ||
5408 | if (cmd != NULL) { | |
5409 | u8 type = hdev->discovery.type; | |
5410 | ||
5411 | cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type, | |
5412 | sizeof(type)); | |
5413 | mgmt_pending_remove(cmd); | |
5414 | } | |
5415 | ||
5416 | memset(&ev, 0, sizeof(ev)); | |
5417 | ev.type = hdev->discovery.type; | |
5418 | ev.discovering = discovering; | |
5419 | ||
5420 | mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL); | |
5421 | } | |
5422 | ||
5423 | int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type) | |
5424 | { | |
5425 | struct pending_cmd *cmd; | |
5426 | struct mgmt_ev_device_blocked ev; | |
5427 | ||
5428 | cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev); | |
5429 | ||
5430 | bacpy(&ev.addr.bdaddr, bdaddr); | |
5431 | ev.addr.type = type; | |
5432 | ||
5433 | return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev), | |
5434 | cmd ? cmd->sk : NULL); | |
5435 | } | |
5436 | ||
5437 | int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type) | |
5438 | { | |
5439 | struct pending_cmd *cmd; | |
5440 | struct mgmt_ev_device_unblocked ev; | |
5441 | ||
5442 | cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev); | |
5443 | ||
5444 | bacpy(&ev.addr.bdaddr, bdaddr); | |
5445 | ev.addr.type = type; | |
5446 | ||
5447 | return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev), | |
5448 | cmd ? cmd->sk : NULL); | |
5449 | } | |
5450 | ||
5451 | static void adv_enable_complete(struct hci_dev *hdev, u8 status) | |
5452 | { | |
5453 | BT_DBG("%s status %u", hdev->name, status); | |
5454 | ||
5455 | /* Clear the advertising mgmt setting if we failed to re-enable it */ | |
5456 | if (status) { | |
5457 | clear_bit(HCI_ADVERTISING, &hdev->dev_flags); | |
5458 | new_settings(hdev, NULL); | |
5459 | } | |
5460 | } | |
5461 | ||
5462 | void mgmt_reenable_advertising(struct hci_dev *hdev) | |
5463 | { | |
5464 | struct hci_request req; | |
5465 | ||
5466 | if (hci_conn_num(hdev, LE_LINK) > 0) | |
5467 | return; | |
5468 | ||
5469 | if (!test_bit(HCI_ADVERTISING, &hdev->dev_flags)) | |
5470 | return; | |
5471 | ||
5472 | hci_req_init(&req, hdev); | |
5473 | enable_advertising(&req); | |
5474 | ||
5475 | /* If this fails we have no option but to let user space know | |
5476 | * that we've disabled advertising. | |
5477 | */ | |
5478 | if (hci_req_run(&req, adv_enable_complete) < 0) { | |
5479 | clear_bit(HCI_ADVERTISING, &hdev->dev_flags); | |
5480 | new_settings(hdev, NULL); | |
5481 | } | |
5482 | } |