]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - net/bluetooth/hci_event.c
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:


655af8bc60e2213b618a1ec67e10686f076e8727
[mirror_ubuntu-zesty-kernel.git] / net / bluetooth / hci_event.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI event handling. */
26
27 #include <linux/module.h>
28
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
39 #include <net/sock.h>
40
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
44
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47
48 /* Handle HCI Event packets */
49
50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
51 {
52 __u8 status = *((__u8 *) skb->data);
53
54 BT_DBG("%s status 0x%x", hdev->name, status);
55
56 if (status)
57 return;
58
59 if (test_bit(HCI_MGMT, &hdev->flags) &&
60 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
61 mgmt_discovering(hdev->id, 0);
62
63 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
64
65 hci_conn_check_pending(hdev);
66 }
67
68 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
69 {
70 __u8 status = *((__u8 *) skb->data);
71
72 BT_DBG("%s status 0x%x", hdev->name, status);
73
74 if (status)
75 return;
76
77 if (test_bit(HCI_MGMT, &hdev->flags) &&
78 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
79 mgmt_discovering(hdev->id, 0);
80
81 hci_conn_check_pending(hdev);
82 }
83
84 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
85 {
86 BT_DBG("%s", hdev->name);
87 }
88
89 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
90 {
91 struct hci_rp_role_discovery *rp = (void *) skb->data;
92 struct hci_conn *conn;
93
94 BT_DBG("%s status 0x%x", hdev->name, rp->status);
95
96 if (rp->status)
97 return;
98
99 hci_dev_lock(hdev);
100
101 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
102 if (conn) {
103 if (rp->role)
104 conn->link_mode &= ~HCI_LM_MASTER;
105 else
106 conn->link_mode |= HCI_LM_MASTER;
107 }
108
109 hci_dev_unlock(hdev);
110 }
111
112 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
113 {
114 struct hci_rp_read_link_policy *rp = (void *) skb->data;
115 struct hci_conn *conn;
116
117 BT_DBG("%s status 0x%x", hdev->name, rp->status);
118
119 if (rp->status)
120 return;
121
122 hci_dev_lock(hdev);
123
124 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
125 if (conn)
126 conn->link_policy = __le16_to_cpu(rp->policy);
127
128 hci_dev_unlock(hdev);
129 }
130
131 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
132 {
133 struct hci_rp_write_link_policy *rp = (void *) skb->data;
134 struct hci_conn *conn;
135 void *sent;
136
137 BT_DBG("%s status 0x%x", hdev->name, rp->status);
138
139 if (rp->status)
140 return;
141
142 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
143 if (!sent)
144 return;
145
146 hci_dev_lock(hdev);
147
148 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
149 if (conn)
150 conn->link_policy = get_unaligned_le16(sent + 2);
151
152 hci_dev_unlock(hdev);
153 }
154
155 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
156 {
157 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
158
159 BT_DBG("%s status 0x%x", hdev->name, rp->status);
160
161 if (rp->status)
162 return;
163
164 hdev->link_policy = __le16_to_cpu(rp->policy);
165 }
166
167 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
168 {
169 __u8 status = *((__u8 *) skb->data);
170 void *sent;
171
172 BT_DBG("%s status 0x%x", hdev->name, status);
173
174 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
175 if (!sent)
176 return;
177
178 if (!status)
179 hdev->link_policy = get_unaligned_le16(sent);
180
181 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
182 }
183
184 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
185 {
186 __u8 status = *((__u8 *) skb->data);
187
188 BT_DBG("%s status 0x%x", hdev->name, status);
189
190 clear_bit(HCI_RESET, &hdev->flags);
191
192 hci_req_complete(hdev, HCI_OP_RESET, status);
193 }
194
195 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
196 {
197 __u8 status = *((__u8 *) skb->data);
198 void *sent;
199
200 BT_DBG("%s status 0x%x", hdev->name, status);
201
202 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
203 if (!sent)
204 return;
205
206 if (test_bit(HCI_MGMT, &hdev->flags))
207 mgmt_set_local_name_complete(hdev->id, sent, status);
208
209 if (status)
210 return;
211
212 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
213 }
214
215 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
216 {
217 struct hci_rp_read_local_name *rp = (void *) skb->data;
218
219 BT_DBG("%s status 0x%x", hdev->name, rp->status);
220
221 if (rp->status)
222 return;
223
224 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
225 }
226
227 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
228 {
229 __u8 status = *((__u8 *) skb->data);
230 void *sent;
231
232 BT_DBG("%s status 0x%x", hdev->name, status);
233
234 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
235 if (!sent)
236 return;
237
238 if (!status) {
239 __u8 param = *((__u8 *) sent);
240
241 if (param == AUTH_ENABLED)
242 set_bit(HCI_AUTH, &hdev->flags);
243 else
244 clear_bit(HCI_AUTH, &hdev->flags);
245 }
246
247 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
248 }
249
250 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
251 {
252 __u8 status = *((__u8 *) skb->data);
253 void *sent;
254
255 BT_DBG("%s status 0x%x", hdev->name, status);
256
257 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
258 if (!sent)
259 return;
260
261 if (!status) {
262 __u8 param = *((__u8 *) sent);
263
264 if (param)
265 set_bit(HCI_ENCRYPT, &hdev->flags);
266 else
267 clear_bit(HCI_ENCRYPT, &hdev->flags);
268 }
269
270 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
271 }
272
273 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
274 {
275 __u8 status = *((__u8 *) skb->data);
276 void *sent;
277
278 BT_DBG("%s status 0x%x", hdev->name, status);
279
280 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
281 if (!sent)
282 return;
283
284 if (!status) {
285 __u8 param = *((__u8 *) sent);
286 int old_pscan, old_iscan;
287
288 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
289 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
290
291 if (param & SCAN_INQUIRY) {
292 set_bit(HCI_ISCAN, &hdev->flags);
293 if (!old_iscan)
294 mgmt_discoverable(hdev->id, 1);
295 } else if (old_iscan)
296 mgmt_discoverable(hdev->id, 0);
297
298 if (param & SCAN_PAGE) {
299 set_bit(HCI_PSCAN, &hdev->flags);
300 if (!old_pscan)
301 mgmt_connectable(hdev->id, 1);
302 } else if (old_pscan)
303 mgmt_connectable(hdev->id, 0);
304 }
305
306 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
307 }
308
309 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
310 {
311 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
312
313 BT_DBG("%s status 0x%x", hdev->name, rp->status);
314
315 if (rp->status)
316 return;
317
318 memcpy(hdev->dev_class, rp->dev_class, 3);
319
320 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
321 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
322 }
323
324 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
325 {
326 __u8 status = *((__u8 *) skb->data);
327 void *sent;
328
329 BT_DBG("%s status 0x%x", hdev->name, status);
330
331 if (status)
332 return;
333
334 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
335 if (!sent)
336 return;
337
338 memcpy(hdev->dev_class, sent, 3);
339 }
340
341 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
342 {
343 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
344 __u16 setting;
345
346 BT_DBG("%s status 0x%x", hdev->name, rp->status);
347
348 if (rp->status)
349 return;
350
351 setting = __le16_to_cpu(rp->voice_setting);
352
353 if (hdev->voice_setting == setting)
354 return;
355
356 hdev->voice_setting = setting;
357
358 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
359
360 if (hdev->notify) {
361 tasklet_disable(&hdev->tx_task);
362 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
363 tasklet_enable(&hdev->tx_task);
364 }
365 }
366
367 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
368 {
369 __u8 status = *((__u8 *) skb->data);
370 __u16 setting;
371 void *sent;
372
373 BT_DBG("%s status 0x%x", hdev->name, status);
374
375 if (status)
376 return;
377
378 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
379 if (!sent)
380 return;
381
382 setting = get_unaligned_le16(sent);
383
384 if (hdev->voice_setting == setting)
385 return;
386
387 hdev->voice_setting = setting;
388
389 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
390
391 if (hdev->notify) {
392 tasklet_disable(&hdev->tx_task);
393 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
394 tasklet_enable(&hdev->tx_task);
395 }
396 }
397
398 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
399 {
400 __u8 status = *((__u8 *) skb->data);
401
402 BT_DBG("%s status 0x%x", hdev->name, status);
403
404 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
405 }
406
407 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
408 {
409 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
410
411 BT_DBG("%s status 0x%x", hdev->name, rp->status);
412
413 if (rp->status)
414 return;
415
416 hdev->ssp_mode = rp->mode;
417 }
418
419 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
420 {
421 __u8 status = *((__u8 *) skb->data);
422 void *sent;
423
424 BT_DBG("%s status 0x%x", hdev->name, status);
425
426 if (status)
427 return;
428
429 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
430 if (!sent)
431 return;
432
433 hdev->ssp_mode = *((__u8 *) sent);
434 }
435
436 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
437 {
438 if (hdev->features[6] & LMP_EXT_INQ)
439 return 2;
440
441 if (hdev->features[3] & LMP_RSSI_INQ)
442 return 1;
443
444 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
445 hdev->lmp_subver == 0x0757)
446 return 1;
447
448 if (hdev->manufacturer == 15) {
449 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
450 return 1;
451 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
452 return 1;
453 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
454 return 1;
455 }
456
457 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
458 hdev->lmp_subver == 0x1805)
459 return 1;
460
461 return 0;
462 }
463
464 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
465 {
466 u8 mode;
467
468 mode = hci_get_inquiry_mode(hdev);
469
470 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
471 }
472
473 static void hci_setup_event_mask(struct hci_dev *hdev)
474 {
475 /* The second byte is 0xff instead of 0x9f (two reserved bits
476 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
477 * command otherwise */
478 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
479
480 /* Events for 1.2 and newer controllers */
481 if (hdev->lmp_ver > 1) {
482 events[4] |= 0x01; /* Flow Specification Complete */
483 events[4] |= 0x02; /* Inquiry Result with RSSI */
484 events[4] |= 0x04; /* Read Remote Extended Features Complete */
485 events[5] |= 0x08; /* Synchronous Connection Complete */
486 events[5] |= 0x10; /* Synchronous Connection Changed */
487 }
488
489 if (hdev->features[3] & LMP_RSSI_INQ)
490 events[4] |= 0x04; /* Inquiry Result with RSSI */
491
492 if (hdev->features[5] & LMP_SNIFF_SUBR)
493 events[5] |= 0x20; /* Sniff Subrating */
494
495 if (hdev->features[5] & LMP_PAUSE_ENC)
496 events[5] |= 0x80; /* Encryption Key Refresh Complete */
497
498 if (hdev->features[6] & LMP_EXT_INQ)
499 events[5] |= 0x40; /* Extended Inquiry Result */
500
501 if (hdev->features[6] & LMP_NO_FLUSH)
502 events[7] |= 0x01; /* Enhanced Flush Complete */
503
504 if (hdev->features[7] & LMP_LSTO)
505 events[6] |= 0x80; /* Link Supervision Timeout Changed */
506
507 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
508 events[6] |= 0x01; /* IO Capability Request */
509 events[6] |= 0x02; /* IO Capability Response */
510 events[6] |= 0x04; /* User Confirmation Request */
511 events[6] |= 0x08; /* User Passkey Request */
512 events[6] |= 0x10; /* Remote OOB Data Request */
513 events[6] |= 0x20; /* Simple Pairing Complete */
514 events[7] |= 0x04; /* User Passkey Notification */
515 events[7] |= 0x08; /* Keypress Notification */
516 events[7] |= 0x10; /* Remote Host Supported
517 * Features Notification */
518 }
519
520 if (hdev->features[4] & LMP_LE)
521 events[7] |= 0x20; /* LE Meta-Event */
522
523 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
524 }
525
526 static void hci_setup(struct hci_dev *hdev)
527 {
528 hci_setup_event_mask(hdev);
529
530 if (hdev->lmp_ver > 1)
531 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
532
533 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
534 u8 mode = 0x01;
535 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
536 }
537
538 if (hdev->features[3] & LMP_RSSI_INQ)
539 hci_setup_inquiry_mode(hdev);
540
541 if (hdev->features[7] & LMP_INQ_TX_PWR)
542 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
543 }
544
545 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
546 {
547 struct hci_rp_read_local_version *rp = (void *) skb->data;
548
549 BT_DBG("%s status 0x%x", hdev->name, rp->status);
550
551 if (rp->status)
552 return;
553
554 hdev->hci_ver = rp->hci_ver;
555 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
556 hdev->lmp_ver = rp->lmp_ver;
557 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
558 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
559
560 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
561 hdev->manufacturer,
562 hdev->hci_ver, hdev->hci_rev);
563
564 if (test_bit(HCI_INIT, &hdev->flags))
565 hci_setup(hdev);
566 }
567
568 static void hci_setup_link_policy(struct hci_dev *hdev)
569 {
570 u16 link_policy = 0;
571
572 if (hdev->features[0] & LMP_RSWITCH)
573 link_policy |= HCI_LP_RSWITCH;
574 if (hdev->features[0] & LMP_HOLD)
575 link_policy |= HCI_LP_HOLD;
576 if (hdev->features[0] & LMP_SNIFF)
577 link_policy |= HCI_LP_SNIFF;
578 if (hdev->features[1] & LMP_PARK)
579 link_policy |= HCI_LP_PARK;
580
581 link_policy = cpu_to_le16(link_policy);
582 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
583 sizeof(link_policy), &link_policy);
584 }
585
586 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
587 {
588 struct hci_rp_read_local_commands *rp = (void *) skb->data;
589
590 BT_DBG("%s status 0x%x", hdev->name, rp->status);
591
592 if (rp->status)
593 goto done;
594
595 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
596
597 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
598 hci_setup_link_policy(hdev);
599
600 done:
601 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
602 }
603
604 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
605 {
606 struct hci_rp_read_local_features *rp = (void *) skb->data;
607
608 BT_DBG("%s status 0x%x", hdev->name, rp->status);
609
610 if (rp->status)
611 return;
612
613 memcpy(hdev->features, rp->features, 8);
614
615 /* Adjust default settings according to features
616 * supported by device. */
617
618 if (hdev->features[0] & LMP_3SLOT)
619 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
620
621 if (hdev->features[0] & LMP_5SLOT)
622 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
623
624 if (hdev->features[1] & LMP_HV2) {
625 hdev->pkt_type |= (HCI_HV2);
626 hdev->esco_type |= (ESCO_HV2);
627 }
628
629 if (hdev->features[1] & LMP_HV3) {
630 hdev->pkt_type |= (HCI_HV3);
631 hdev->esco_type |= (ESCO_HV3);
632 }
633
634 if (hdev->features[3] & LMP_ESCO)
635 hdev->esco_type |= (ESCO_EV3);
636
637 if (hdev->features[4] & LMP_EV4)
638 hdev->esco_type |= (ESCO_EV4);
639
640 if (hdev->features[4] & LMP_EV5)
641 hdev->esco_type |= (ESCO_EV5);
642
643 if (hdev->features[5] & LMP_EDR_ESCO_2M)
644 hdev->esco_type |= (ESCO_2EV3);
645
646 if (hdev->features[5] & LMP_EDR_ESCO_3M)
647 hdev->esco_type |= (ESCO_3EV3);
648
649 if (hdev->features[5] & LMP_EDR_3S_ESCO)
650 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
651
652 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
653 hdev->features[0], hdev->features[1],
654 hdev->features[2], hdev->features[3],
655 hdev->features[4], hdev->features[5],
656 hdev->features[6], hdev->features[7]);
657 }
658
659 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
660 {
661 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
662
663 BT_DBG("%s status 0x%x", hdev->name, rp->status);
664
665 if (rp->status)
666 return;
667
668 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
669 hdev->sco_mtu = rp->sco_mtu;
670 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
671 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
672
673 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
674 hdev->sco_mtu = 64;
675 hdev->sco_pkts = 8;
676 }
677
678 hdev->acl_cnt = hdev->acl_pkts;
679 hdev->sco_cnt = hdev->sco_pkts;
680
681 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
682 hdev->acl_mtu, hdev->acl_pkts,
683 hdev->sco_mtu, hdev->sco_pkts);
684 }
685
686 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
687 {
688 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
689
690 BT_DBG("%s status 0x%x", hdev->name, rp->status);
691
692 if (!rp->status)
693 bacpy(&hdev->bdaddr, &rp->bdaddr);
694
695 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
696 }
697
698 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
699 {
700 __u8 status = *((__u8 *) skb->data);
701
702 BT_DBG("%s status 0x%x", hdev->name, status);
703
704 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
705 }
706
707 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
708 struct sk_buff *skb)
709 {
710 __u8 status = *((__u8 *) skb->data);
711
712 BT_DBG("%s status 0x%x", hdev->name, status);
713
714 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
715 }
716
717 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
718 {
719 __u8 status = *((__u8 *) skb->data);
720
721 BT_DBG("%s status 0x%x", hdev->name, status);
722
723 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
724 }
725
726 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
727 struct sk_buff *skb)
728 {
729 __u8 status = *((__u8 *) skb->data);
730
731 BT_DBG("%s status 0x%x", hdev->name, status);
732
733 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
734 }
735
736 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
737 struct sk_buff *skb)
738 {
739 __u8 status = *((__u8 *) skb->data);
740
741 BT_DBG("%s status 0x%x", hdev->name, status);
742
743 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
744 }
745
746 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
747 {
748 __u8 status = *((__u8 *) skb->data);
749
750 BT_DBG("%s status 0x%x", hdev->name, status);
751
752 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
753 }
754
755 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
756 {
757 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
758 struct hci_cp_pin_code_reply *cp;
759 struct hci_conn *conn;
760
761 BT_DBG("%s status 0x%x", hdev->name, rp->status);
762
763 if (test_bit(HCI_MGMT, &hdev->flags))
764 mgmt_pin_code_reply_complete(hdev->id, &rp->bdaddr, rp->status);
765
766 if (rp->status != 0)
767 return;
768
769 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
770 if (!cp)
771 return;
772
773 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
774 if (conn)
775 conn->pin_length = cp->pin_len;
776 }
777
778 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
779 {
780 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
781
782 BT_DBG("%s status 0x%x", hdev->name, rp->status);
783
784 if (test_bit(HCI_MGMT, &hdev->flags))
785 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
786 rp->status);
787 }
788 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
789 struct sk_buff *skb)
790 {
791 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
792
793 BT_DBG("%s status 0x%x", hdev->name, rp->status);
794
795 if (rp->status)
796 return;
797
798 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
799 hdev->le_pkts = rp->le_max_pkt;
800
801 hdev->le_cnt = hdev->le_pkts;
802
803 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
804
805 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
806 }
807
808 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
809 {
810 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
811
812 BT_DBG("%s status 0x%x", hdev->name, rp->status);
813
814 if (test_bit(HCI_MGMT, &hdev->flags))
815 mgmt_user_confirm_reply_complete(hdev->id, &rp->bdaddr,
816 rp->status);
817 }
818
819 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
820 struct sk_buff *skb)
821 {
822 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
823
824 BT_DBG("%s status 0x%x", hdev->name, rp->status);
825
826 if (test_bit(HCI_MGMT, &hdev->flags))
827 mgmt_user_confirm_neg_reply_complete(hdev->id, &rp->bdaddr,
828 rp->status);
829 }
830
831 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
832 struct sk_buff *skb)
833 {
834 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
835
836 BT_DBG("%s status 0x%x", hdev->name, rp->status);
837
838 mgmt_read_local_oob_data_reply_complete(hdev->id, rp->hash,
839 rp->randomizer, rp->status);
840 }
841
842 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
843 {
844 BT_DBG("%s status 0x%x", hdev->name, status);
845
846 if (status) {
847 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
848 hci_conn_check_pending(hdev);
849 return;
850 }
851
852 if (test_bit(HCI_MGMT, &hdev->flags) &&
853 !test_and_set_bit(HCI_INQUIRY,
854 &hdev->flags))
855 mgmt_discovering(hdev->id, 1);
856 }
857
858 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
859 {
860 struct hci_cp_create_conn *cp;
861 struct hci_conn *conn;
862
863 BT_DBG("%s status 0x%x", hdev->name, status);
864
865 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
866 if (!cp)
867 return;
868
869 hci_dev_lock(hdev);
870
871 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
872
873 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
874
875 if (status) {
876 if (conn && conn->state == BT_CONNECT) {
877 if (status != 0x0c || conn->attempt > 2) {
878 conn->state = BT_CLOSED;
879 hci_proto_connect_cfm(conn, status);
880 hci_conn_del(conn);
881 } else
882 conn->state = BT_CONNECT2;
883 }
884 } else {
885 if (!conn) {
886 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
887 if (conn) {
888 conn->out = 1;
889 conn->link_mode |= HCI_LM_MASTER;
890 } else
891 BT_ERR("No memory for new connection");
892 }
893 }
894
895 hci_dev_unlock(hdev);
896 }
897
898 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
899 {
900 struct hci_cp_add_sco *cp;
901 struct hci_conn *acl, *sco;
902 __u16 handle;
903
904 BT_DBG("%s status 0x%x", hdev->name, status);
905
906 if (!status)
907 return;
908
909 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
910 if (!cp)
911 return;
912
913 handle = __le16_to_cpu(cp->handle);
914
915 BT_DBG("%s handle %d", hdev->name, handle);
916
917 hci_dev_lock(hdev);
918
919 acl = hci_conn_hash_lookup_handle(hdev, handle);
920 if (acl) {
921 sco = acl->link;
922 if (sco) {
923 sco->state = BT_CLOSED;
924
925 hci_proto_connect_cfm(sco, status);
926 hci_conn_del(sco);
927 }
928 }
929
930 hci_dev_unlock(hdev);
931 }
932
933 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
934 {
935 struct hci_cp_auth_requested *cp;
936 struct hci_conn *conn;
937
938 BT_DBG("%s status 0x%x", hdev->name, status);
939
940 if (!status)
941 return;
942
943 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
944 if (!cp)
945 return;
946
947 hci_dev_lock(hdev);
948
949 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
950 if (conn) {
951 if (conn->state == BT_CONFIG) {
952 hci_proto_connect_cfm(conn, status);
953 hci_conn_put(conn);
954 }
955 }
956
957 hci_dev_unlock(hdev);
958 }
959
960 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
961 {
962 struct hci_cp_set_conn_encrypt *cp;
963 struct hci_conn *conn;
964
965 BT_DBG("%s status 0x%x", hdev->name, status);
966
967 if (!status)
968 return;
969
970 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
971 if (!cp)
972 return;
973
974 hci_dev_lock(hdev);
975
976 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
977 if (conn) {
978 if (conn->state == BT_CONFIG) {
979 hci_proto_connect_cfm(conn, status);
980 hci_conn_put(conn);
981 }
982 }
983
984 hci_dev_unlock(hdev);
985 }
986
987 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
988 struct hci_conn *conn)
989 {
990 if (conn->state != BT_CONFIG || !conn->out)
991 return 0;
992
993 if (conn->pending_sec_level == BT_SECURITY_SDP)
994 return 0;
995
996 /* Only request authentication for SSP connections or non-SSP
997 * devices with sec_level HIGH */
998 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
999 conn->pending_sec_level != BT_SECURITY_HIGH)
1000 return 0;
1001
1002 return 1;
1003 }
1004
1005 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1006 {
1007 struct hci_cp_remote_name_req *cp;
1008 struct hci_conn *conn;
1009
1010 BT_DBG("%s status 0x%x", hdev->name, status);
1011
1012 /* If successful wait for the name req complete event before
1013 * checking for the need to do authentication */
1014 if (!status)
1015 return;
1016
1017 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1018 if (!cp)
1019 return;
1020
1021 hci_dev_lock(hdev);
1022
1023 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1024 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1025 struct hci_cp_auth_requested cp;
1026 cp.handle = __cpu_to_le16(conn->handle);
1027 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1028 }
1029
1030 hci_dev_unlock(hdev);
1031 }
1032
1033 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1034 {
1035 struct hci_cp_read_remote_features *cp;
1036 struct hci_conn *conn;
1037
1038 BT_DBG("%s status 0x%x", hdev->name, status);
1039
1040 if (!status)
1041 return;
1042
1043 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1044 if (!cp)
1045 return;
1046
1047 hci_dev_lock(hdev);
1048
1049 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1050 if (conn) {
1051 if (conn->state == BT_CONFIG) {
1052 hci_proto_connect_cfm(conn, status);
1053 hci_conn_put(conn);
1054 }
1055 }
1056
1057 hci_dev_unlock(hdev);
1058 }
1059
1060 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1061 {
1062 struct hci_cp_read_remote_ext_features *cp;
1063 struct hci_conn *conn;
1064
1065 BT_DBG("%s status 0x%x", hdev->name, status);
1066
1067 if (!status)
1068 return;
1069
1070 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1071 if (!cp)
1072 return;
1073
1074 hci_dev_lock(hdev);
1075
1076 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1077 if (conn) {
1078 if (conn->state == BT_CONFIG) {
1079 hci_proto_connect_cfm(conn, status);
1080 hci_conn_put(conn);
1081 }
1082 }
1083
1084 hci_dev_unlock(hdev);
1085 }
1086
1087 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1088 {
1089 struct hci_cp_setup_sync_conn *cp;
1090 struct hci_conn *acl, *sco;
1091 __u16 handle;
1092
1093 BT_DBG("%s status 0x%x", hdev->name, status);
1094
1095 if (!status)
1096 return;
1097
1098 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1099 if (!cp)
1100 return;
1101
1102 handle = __le16_to_cpu(cp->handle);
1103
1104 BT_DBG("%s handle %d", hdev->name, handle);
1105
1106 hci_dev_lock(hdev);
1107
1108 acl = hci_conn_hash_lookup_handle(hdev, handle);
1109 if (acl) {
1110 sco = acl->link;
1111 if (sco) {
1112 sco->state = BT_CLOSED;
1113
1114 hci_proto_connect_cfm(sco, status);
1115 hci_conn_del(sco);
1116 }
1117 }
1118
1119 hci_dev_unlock(hdev);
1120 }
1121
1122 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1123 {
1124 struct hci_cp_sniff_mode *cp;
1125 struct hci_conn *conn;
1126
1127 BT_DBG("%s status 0x%x", hdev->name, status);
1128
1129 if (!status)
1130 return;
1131
1132 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1133 if (!cp)
1134 return;
1135
1136 hci_dev_lock(hdev);
1137
1138 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1139 if (conn) {
1140 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1141
1142 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1143 hci_sco_setup(conn, status);
1144 }
1145
1146 hci_dev_unlock(hdev);
1147 }
1148
1149 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1150 {
1151 struct hci_cp_exit_sniff_mode *cp;
1152 struct hci_conn *conn;
1153
1154 BT_DBG("%s status 0x%x", hdev->name, status);
1155
1156 if (!status)
1157 return;
1158
1159 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1160 if (!cp)
1161 return;
1162
1163 hci_dev_lock(hdev);
1164
1165 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1166 if (conn) {
1167 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1168
1169 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1170 hci_sco_setup(conn, status);
1171 }
1172
1173 hci_dev_unlock(hdev);
1174 }
1175
1176 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1177 {
1178 struct hci_cp_le_create_conn *cp;
1179 struct hci_conn *conn;
1180
1181 BT_DBG("%s status 0x%x", hdev->name, status);
1182
1183 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1184 if (!cp)
1185 return;
1186
1187 hci_dev_lock(hdev);
1188
1189 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1190
1191 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1192 conn);
1193
1194 if (status) {
1195 if (conn && conn->state == BT_CONNECT) {
1196 conn->state = BT_CLOSED;
1197 hci_proto_connect_cfm(conn, status);
1198 hci_conn_del(conn);
1199 }
1200 } else {
1201 if (!conn) {
1202 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1203 if (conn)
1204 conn->out = 1;
1205 else
1206 BT_ERR("No memory for new connection");
1207 }
1208 }
1209
1210 hci_dev_unlock(hdev);
1211 }
1212
1213 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1214 {
1215 __u8 status = *((__u8 *) skb->data);
1216
1217 BT_DBG("%s status %d", hdev->name, status);
1218
1219 if (test_bit(HCI_MGMT, &hdev->flags) &&
1220 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1221 mgmt_discovering(hdev->id, 0);
1222
1223 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1224
1225 hci_conn_check_pending(hdev);
1226 }
1227
1228 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1229 {
1230 struct inquiry_data data;
1231 struct inquiry_info *info = (void *) (skb->data + 1);
1232 int num_rsp = *((__u8 *) skb->data);
1233
1234 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1235
1236 if (!num_rsp)
1237 return;
1238
1239 hci_dev_lock(hdev);
1240
1241 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
1242
1243 if (test_bit(HCI_MGMT, &hdev->flags))
1244 mgmt_discovering(hdev->id, 1);
1245 }
1246
1247 for (; num_rsp; num_rsp--, info++) {
1248 bacpy(&data.bdaddr, &info->bdaddr);
1249 data.pscan_rep_mode = info->pscan_rep_mode;
1250 data.pscan_period_mode = info->pscan_period_mode;
1251 data.pscan_mode = info->pscan_mode;
1252 memcpy(data.dev_class, info->dev_class, 3);
1253 data.clock_offset = info->clock_offset;
1254 data.rssi = 0x00;
1255 data.ssp_mode = 0x00;
1256 hci_inquiry_cache_update(hdev, &data);
1257 mgmt_device_found(hdev->id, &info->bdaddr, info->dev_class, 0,
1258 NULL);
1259 }
1260
1261 hci_dev_unlock(hdev);
1262 }
1263
1264 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1265 {
1266 struct hci_ev_conn_complete *ev = (void *) skb->data;
1267 struct hci_conn *conn;
1268
1269 BT_DBG("%s", hdev->name);
1270
1271 hci_dev_lock(hdev);
1272
1273 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1274 if (!conn) {
1275 if (ev->link_type != SCO_LINK)
1276 goto unlock;
1277
1278 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1279 if (!conn)
1280 goto unlock;
1281
1282 conn->type = SCO_LINK;
1283 }
1284
1285 if (!ev->status) {
1286 conn->handle = __le16_to_cpu(ev->handle);
1287
1288 if (conn->type == ACL_LINK) {
1289 conn->state = BT_CONFIG;
1290 hci_conn_hold(conn);
1291 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1292 mgmt_connected(hdev->id, &ev->bdaddr);
1293 } else
1294 conn->state = BT_CONNECTED;
1295
1296 hci_conn_hold_device(conn);
1297 hci_conn_add_sysfs(conn);
1298
1299 if (test_bit(HCI_AUTH, &hdev->flags))
1300 conn->link_mode |= HCI_LM_AUTH;
1301
1302 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1303 conn->link_mode |= HCI_LM_ENCRYPT;
1304
1305 /* Get remote features */
1306 if (conn->type == ACL_LINK) {
1307 struct hci_cp_read_remote_features cp;
1308 cp.handle = ev->handle;
1309 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1310 sizeof(cp), &cp);
1311 }
1312
1313 /* Set packet type for incoming connection */
1314 if (!conn->out && hdev->hci_ver < 3) {
1315 struct hci_cp_change_conn_ptype cp;
1316 cp.handle = ev->handle;
1317 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1318 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1319 sizeof(cp), &cp);
1320 }
1321 } else {
1322 conn->state = BT_CLOSED;
1323 if (conn->type == ACL_LINK)
1324 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1325 }
1326
1327 if (conn->type == ACL_LINK)
1328 hci_sco_setup(conn, ev->status);
1329
1330 if (ev->status) {
1331 hci_proto_connect_cfm(conn, ev->status);
1332 hci_conn_del(conn);
1333 } else if (ev->link_type != ACL_LINK)
1334 hci_proto_connect_cfm(conn, ev->status);
1335
1336 unlock:
1337 hci_dev_unlock(hdev);
1338
1339 hci_conn_check_pending(hdev);
1340 }
1341
1342 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1343 {
1344 struct hci_ev_conn_request *ev = (void *) skb->data;
1345 int mask = hdev->link_mode;
1346
1347 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1348 batostr(&ev->bdaddr), ev->link_type);
1349
1350 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1351
1352 if ((mask & HCI_LM_ACCEPT) &&
1353 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1354 /* Connection accepted */
1355 struct inquiry_entry *ie;
1356 struct hci_conn *conn;
1357
1358 hci_dev_lock(hdev);
1359
1360 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1361 if (ie)
1362 memcpy(ie->data.dev_class, ev->dev_class, 3);
1363
1364 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1365 if (!conn) {
1366 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1367 if (!conn) {
1368 BT_ERR("No memory for new connection");
1369 hci_dev_unlock(hdev);
1370 return;
1371 }
1372 }
1373
1374 memcpy(conn->dev_class, ev->dev_class, 3);
1375 conn->state = BT_CONNECT;
1376
1377 hci_dev_unlock(hdev);
1378
1379 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1380 struct hci_cp_accept_conn_req cp;
1381
1382 bacpy(&cp.bdaddr, &ev->bdaddr);
1383
1384 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1385 cp.role = 0x00; /* Become master */
1386 else
1387 cp.role = 0x01; /* Remain slave */
1388
1389 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1390 sizeof(cp), &cp);
1391 } else {
1392 struct hci_cp_accept_sync_conn_req cp;
1393
1394 bacpy(&cp.bdaddr, &ev->bdaddr);
1395 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1396
1397 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1398 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1399 cp.max_latency = cpu_to_le16(0xffff);
1400 cp.content_format = cpu_to_le16(hdev->voice_setting);
1401 cp.retrans_effort = 0xff;
1402
1403 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1404 sizeof(cp), &cp);
1405 }
1406 } else {
1407 /* Connection rejected */
1408 struct hci_cp_reject_conn_req cp;
1409
1410 bacpy(&cp.bdaddr, &ev->bdaddr);
1411 cp.reason = 0x0f;
1412 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1413 }
1414 }
1415
1416 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1417 {
1418 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1419 struct hci_conn *conn;
1420
1421 BT_DBG("%s status %d", hdev->name, ev->status);
1422
1423 if (ev->status) {
1424 mgmt_disconnect_failed(hdev->id);
1425 return;
1426 }
1427
1428 hci_dev_lock(hdev);
1429
1430 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1431 if (!conn)
1432 goto unlock;
1433
1434 conn->state = BT_CLOSED;
1435
1436 if (conn->type == ACL_LINK)
1437 mgmt_disconnected(hdev->id, &conn->dst);
1438
1439 hci_proto_disconn_cfm(conn, ev->reason);
1440 hci_conn_del(conn);
1441
1442 unlock:
1443 hci_dev_unlock(hdev);
1444 }
1445
1446 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1447 {
1448 struct hci_ev_auth_complete *ev = (void *) skb->data;
1449 struct hci_conn *conn;
1450
1451 BT_DBG("%s status %d", hdev->name, ev->status);
1452
1453 hci_dev_lock(hdev);
1454
1455 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1456 if (conn) {
1457 if (!ev->status) {
1458 conn->link_mode |= HCI_LM_AUTH;
1459 conn->sec_level = conn->pending_sec_level;
1460 } else {
1461 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
1462 }
1463
1464 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1465
1466 if (conn->state == BT_CONFIG) {
1467 if (!ev->status && hdev->ssp_mode > 0 &&
1468 conn->ssp_mode > 0) {
1469 struct hci_cp_set_conn_encrypt cp;
1470 cp.handle = ev->handle;
1471 cp.encrypt = 0x01;
1472 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1473 sizeof(cp), &cp);
1474 } else {
1475 conn->state = BT_CONNECTED;
1476 hci_proto_connect_cfm(conn, ev->status);
1477 hci_conn_put(conn);
1478 }
1479 } else {
1480 hci_auth_cfm(conn, ev->status);
1481
1482 hci_conn_hold(conn);
1483 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1484 hci_conn_put(conn);
1485 }
1486
1487 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1488 if (!ev->status) {
1489 struct hci_cp_set_conn_encrypt cp;
1490 cp.handle = ev->handle;
1491 cp.encrypt = 0x01;
1492 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1493 sizeof(cp), &cp);
1494 } else {
1495 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1496 hci_encrypt_cfm(conn, ev->status, 0x00);
1497 }
1498 }
1499 }
1500
1501 hci_dev_unlock(hdev);
1502 }
1503
1504 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1505 {
1506 struct hci_ev_remote_name *ev = (void *) skb->data;
1507 struct hci_conn *conn;
1508
1509 BT_DBG("%s", hdev->name);
1510
1511 hci_conn_check_pending(hdev);
1512
1513 hci_dev_lock(hdev);
1514
1515 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1516 mgmt_remote_name(hdev->id, &ev->bdaddr, ev->name);
1517
1518 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1519 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1520 struct hci_cp_auth_requested cp;
1521 cp.handle = __cpu_to_le16(conn->handle);
1522 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1523 }
1524
1525 hci_dev_unlock(hdev);
1526 }
1527
1528 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1529 {
1530 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1531 struct hci_conn *conn;
1532
1533 BT_DBG("%s status %d", hdev->name, ev->status);
1534
1535 hci_dev_lock(hdev);
1536
1537 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1538 if (conn) {
1539 if (!ev->status) {
1540 if (ev->encrypt) {
1541 /* Encryption implies authentication */
1542 conn->link_mode |= HCI_LM_AUTH;
1543 conn->link_mode |= HCI_LM_ENCRYPT;
1544 } else
1545 conn->link_mode &= ~HCI_LM_ENCRYPT;
1546 }
1547
1548 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1549
1550 if (conn->state == BT_CONFIG) {
1551 if (!ev->status)
1552 conn->state = BT_CONNECTED;
1553
1554 hci_proto_connect_cfm(conn, ev->status);
1555 hci_conn_put(conn);
1556 } else
1557 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1558 }
1559
1560 hci_dev_unlock(hdev);
1561 }
1562
1563 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1564 {
1565 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1566 struct hci_conn *conn;
1567
1568 BT_DBG("%s status %d", hdev->name, ev->status);
1569
1570 hci_dev_lock(hdev);
1571
1572 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1573 if (conn) {
1574 if (!ev->status)
1575 conn->link_mode |= HCI_LM_SECURE;
1576
1577 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1578
1579 hci_key_change_cfm(conn, ev->status);
1580 }
1581
1582 hci_dev_unlock(hdev);
1583 }
1584
1585 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1586 {
1587 struct hci_ev_remote_features *ev = (void *) skb->data;
1588 struct hci_conn *conn;
1589
1590 BT_DBG("%s status %d", hdev->name, ev->status);
1591
1592 hci_dev_lock(hdev);
1593
1594 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1595 if (!conn)
1596 goto unlock;
1597
1598 if (!ev->status)
1599 memcpy(conn->features, ev->features, 8);
1600
1601 if (conn->state != BT_CONFIG)
1602 goto unlock;
1603
1604 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1605 struct hci_cp_read_remote_ext_features cp;
1606 cp.handle = ev->handle;
1607 cp.page = 0x01;
1608 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1609 sizeof(cp), &cp);
1610 goto unlock;
1611 }
1612
1613 if (!ev->status) {
1614 struct hci_cp_remote_name_req cp;
1615 memset(&cp, 0, sizeof(cp));
1616 bacpy(&cp.bdaddr, &conn->dst);
1617 cp.pscan_rep_mode = 0x02;
1618 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1619 }
1620
1621 if (!hci_outgoing_auth_needed(hdev, conn)) {
1622 conn->state = BT_CONNECTED;
1623 hci_proto_connect_cfm(conn, ev->status);
1624 hci_conn_put(conn);
1625 }
1626
1627 unlock:
1628 hci_dev_unlock(hdev);
1629 }
1630
1631 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1632 {
1633 BT_DBG("%s", hdev->name);
1634 }
1635
1636 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1637 {
1638 BT_DBG("%s", hdev->name);
1639 }
1640
1641 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1642 {
1643 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1644 __u16 opcode;
1645
1646 skb_pull(skb, sizeof(*ev));
1647
1648 opcode = __le16_to_cpu(ev->opcode);
1649
1650 switch (opcode) {
1651 case HCI_OP_INQUIRY_CANCEL:
1652 hci_cc_inquiry_cancel(hdev, skb);
1653 break;
1654
1655 case HCI_OP_EXIT_PERIODIC_INQ:
1656 hci_cc_exit_periodic_inq(hdev, skb);
1657 break;
1658
1659 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1660 hci_cc_remote_name_req_cancel(hdev, skb);
1661 break;
1662
1663 case HCI_OP_ROLE_DISCOVERY:
1664 hci_cc_role_discovery(hdev, skb);
1665 break;
1666
1667 case HCI_OP_READ_LINK_POLICY:
1668 hci_cc_read_link_policy(hdev, skb);
1669 break;
1670
1671 case HCI_OP_WRITE_LINK_POLICY:
1672 hci_cc_write_link_policy(hdev, skb);
1673 break;
1674
1675 case HCI_OP_READ_DEF_LINK_POLICY:
1676 hci_cc_read_def_link_policy(hdev, skb);
1677 break;
1678
1679 case HCI_OP_WRITE_DEF_LINK_POLICY:
1680 hci_cc_write_def_link_policy(hdev, skb);
1681 break;
1682
1683 case HCI_OP_RESET:
1684 hci_cc_reset(hdev, skb);
1685 break;
1686
1687 case HCI_OP_WRITE_LOCAL_NAME:
1688 hci_cc_write_local_name(hdev, skb);
1689 break;
1690
1691 case HCI_OP_READ_LOCAL_NAME:
1692 hci_cc_read_local_name(hdev, skb);
1693 break;
1694
1695 case HCI_OP_WRITE_AUTH_ENABLE:
1696 hci_cc_write_auth_enable(hdev, skb);
1697 break;
1698
1699 case HCI_OP_WRITE_ENCRYPT_MODE:
1700 hci_cc_write_encrypt_mode(hdev, skb);
1701 break;
1702
1703 case HCI_OP_WRITE_SCAN_ENABLE:
1704 hci_cc_write_scan_enable(hdev, skb);
1705 break;
1706
1707 case HCI_OP_READ_CLASS_OF_DEV:
1708 hci_cc_read_class_of_dev(hdev, skb);
1709 break;
1710
1711 case HCI_OP_WRITE_CLASS_OF_DEV:
1712 hci_cc_write_class_of_dev(hdev, skb);
1713 break;
1714
1715 case HCI_OP_READ_VOICE_SETTING:
1716 hci_cc_read_voice_setting(hdev, skb);
1717 break;
1718
1719 case HCI_OP_WRITE_VOICE_SETTING:
1720 hci_cc_write_voice_setting(hdev, skb);
1721 break;
1722
1723 case HCI_OP_HOST_BUFFER_SIZE:
1724 hci_cc_host_buffer_size(hdev, skb);
1725 break;
1726
1727 case HCI_OP_READ_SSP_MODE:
1728 hci_cc_read_ssp_mode(hdev, skb);
1729 break;
1730
1731 case HCI_OP_WRITE_SSP_MODE:
1732 hci_cc_write_ssp_mode(hdev, skb);
1733 break;
1734
1735 case HCI_OP_READ_LOCAL_VERSION:
1736 hci_cc_read_local_version(hdev, skb);
1737 break;
1738
1739 case HCI_OP_READ_LOCAL_COMMANDS:
1740 hci_cc_read_local_commands(hdev, skb);
1741 break;
1742
1743 case HCI_OP_READ_LOCAL_FEATURES:
1744 hci_cc_read_local_features(hdev, skb);
1745 break;
1746
1747 case HCI_OP_READ_BUFFER_SIZE:
1748 hci_cc_read_buffer_size(hdev, skb);
1749 break;
1750
1751 case HCI_OP_READ_BD_ADDR:
1752 hci_cc_read_bd_addr(hdev, skb);
1753 break;
1754
1755 case HCI_OP_WRITE_CA_TIMEOUT:
1756 hci_cc_write_ca_timeout(hdev, skb);
1757 break;
1758
1759 case HCI_OP_DELETE_STORED_LINK_KEY:
1760 hci_cc_delete_stored_link_key(hdev, skb);
1761 break;
1762
1763 case HCI_OP_SET_EVENT_MASK:
1764 hci_cc_set_event_mask(hdev, skb);
1765 break;
1766
1767 case HCI_OP_WRITE_INQUIRY_MODE:
1768 hci_cc_write_inquiry_mode(hdev, skb);
1769 break;
1770
1771 case HCI_OP_READ_INQ_RSP_TX_POWER:
1772 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1773 break;
1774
1775 case HCI_OP_SET_EVENT_FLT:
1776 hci_cc_set_event_flt(hdev, skb);
1777 break;
1778
1779 case HCI_OP_PIN_CODE_REPLY:
1780 hci_cc_pin_code_reply(hdev, skb);
1781 break;
1782
1783 case HCI_OP_PIN_CODE_NEG_REPLY:
1784 hci_cc_pin_code_neg_reply(hdev, skb);
1785 break;
1786
1787 case HCI_OP_READ_LOCAL_OOB_DATA:
1788 hci_cc_read_local_oob_data_reply(hdev, skb);
1789 break;
1790
1791 case HCI_OP_LE_READ_BUFFER_SIZE:
1792 hci_cc_le_read_buffer_size(hdev, skb);
1793 break;
1794
1795 case HCI_OP_USER_CONFIRM_REPLY:
1796 hci_cc_user_confirm_reply(hdev, skb);
1797 break;
1798
1799 case HCI_OP_USER_CONFIRM_NEG_REPLY:
1800 hci_cc_user_confirm_neg_reply(hdev, skb);
1801 break;
1802
1803 default:
1804 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1805 break;
1806 }
1807
1808 if (ev->opcode != HCI_OP_NOP)
1809 del_timer(&hdev->cmd_timer);
1810
1811 if (ev->ncmd) {
1812 atomic_set(&hdev->cmd_cnt, 1);
1813 if (!skb_queue_empty(&hdev->cmd_q))
1814 tasklet_schedule(&hdev->cmd_task);
1815 }
1816 }
1817
1818 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1819 {
1820 struct hci_ev_cmd_status *ev = (void *) skb->data;
1821 __u16 opcode;
1822
1823 skb_pull(skb, sizeof(*ev));
1824
1825 opcode = __le16_to_cpu(ev->opcode);
1826
1827 switch (opcode) {
1828 case HCI_OP_INQUIRY:
1829 hci_cs_inquiry(hdev, ev->status);
1830 break;
1831
1832 case HCI_OP_CREATE_CONN:
1833 hci_cs_create_conn(hdev, ev->status);
1834 break;
1835
1836 case HCI_OP_ADD_SCO:
1837 hci_cs_add_sco(hdev, ev->status);
1838 break;
1839
1840 case HCI_OP_AUTH_REQUESTED:
1841 hci_cs_auth_requested(hdev, ev->status);
1842 break;
1843
1844 case HCI_OP_SET_CONN_ENCRYPT:
1845 hci_cs_set_conn_encrypt(hdev, ev->status);
1846 break;
1847
1848 case HCI_OP_REMOTE_NAME_REQ:
1849 hci_cs_remote_name_req(hdev, ev->status);
1850 break;
1851
1852 case HCI_OP_READ_REMOTE_FEATURES:
1853 hci_cs_read_remote_features(hdev, ev->status);
1854 break;
1855
1856 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1857 hci_cs_read_remote_ext_features(hdev, ev->status);
1858 break;
1859
1860 case HCI_OP_SETUP_SYNC_CONN:
1861 hci_cs_setup_sync_conn(hdev, ev->status);
1862 break;
1863
1864 case HCI_OP_SNIFF_MODE:
1865 hci_cs_sniff_mode(hdev, ev->status);
1866 break;
1867
1868 case HCI_OP_EXIT_SNIFF_MODE:
1869 hci_cs_exit_sniff_mode(hdev, ev->status);
1870 break;
1871
1872 case HCI_OP_DISCONNECT:
1873 if (ev->status != 0)
1874 mgmt_disconnect_failed(hdev->id);
1875 break;
1876
1877 case HCI_OP_LE_CREATE_CONN:
1878 hci_cs_le_create_conn(hdev, ev->status);
1879 break;
1880
1881 default:
1882 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1883 break;
1884 }
1885
1886 if (ev->opcode != HCI_OP_NOP)
1887 del_timer(&hdev->cmd_timer);
1888
1889 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
1890 atomic_set(&hdev->cmd_cnt, 1);
1891 if (!skb_queue_empty(&hdev->cmd_q))
1892 tasklet_schedule(&hdev->cmd_task);
1893 }
1894 }
1895
1896 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1897 {
1898 struct hci_ev_role_change *ev = (void *) skb->data;
1899 struct hci_conn *conn;
1900
1901 BT_DBG("%s status %d", hdev->name, ev->status);
1902
1903 hci_dev_lock(hdev);
1904
1905 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1906 if (conn) {
1907 if (!ev->status) {
1908 if (ev->role)
1909 conn->link_mode &= ~HCI_LM_MASTER;
1910 else
1911 conn->link_mode |= HCI_LM_MASTER;
1912 }
1913
1914 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1915
1916 hci_role_switch_cfm(conn, ev->status, ev->role);
1917 }
1918
1919 hci_dev_unlock(hdev);
1920 }
1921
1922 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1923 {
1924 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1925 __le16 *ptr;
1926 int i;
1927
1928 skb_pull(skb, sizeof(*ev));
1929
1930 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1931
1932 if (skb->len < ev->num_hndl * 4) {
1933 BT_DBG("%s bad parameters", hdev->name);
1934 return;
1935 }
1936
1937 tasklet_disable(&hdev->tx_task);
1938
1939 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1940 struct hci_conn *conn;
1941 __u16 handle, count;
1942
1943 handle = get_unaligned_le16(ptr++);
1944 count = get_unaligned_le16(ptr++);
1945
1946 conn = hci_conn_hash_lookup_handle(hdev, handle);
1947 if (conn) {
1948 conn->sent -= count;
1949
1950 if (conn->type == ACL_LINK) {
1951 hdev->acl_cnt += count;
1952 if (hdev->acl_cnt > hdev->acl_pkts)
1953 hdev->acl_cnt = hdev->acl_pkts;
1954 } else if (conn->type == LE_LINK) {
1955 if (hdev->le_pkts) {
1956 hdev->le_cnt += count;
1957 if (hdev->le_cnt > hdev->le_pkts)
1958 hdev->le_cnt = hdev->le_pkts;
1959 } else {
1960 hdev->acl_cnt += count;
1961 if (hdev->acl_cnt > hdev->acl_pkts)
1962 hdev->acl_cnt = hdev->acl_pkts;
1963 }
1964 } else {
1965 hdev->sco_cnt += count;
1966 if (hdev->sco_cnt > hdev->sco_pkts)
1967 hdev->sco_cnt = hdev->sco_pkts;
1968 }
1969 }
1970 }
1971
1972 tasklet_schedule(&hdev->tx_task);
1973
1974 tasklet_enable(&hdev->tx_task);
1975 }
1976
1977 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1978 {
1979 struct hci_ev_mode_change *ev = (void *) skb->data;
1980 struct hci_conn *conn;
1981
1982 BT_DBG("%s status %d", hdev->name, ev->status);
1983
1984 hci_dev_lock(hdev);
1985
1986 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1987 if (conn) {
1988 conn->mode = ev->mode;
1989 conn->interval = __le16_to_cpu(ev->interval);
1990
1991 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1992 if (conn->mode == HCI_CM_ACTIVE)
1993 conn->power_save = 1;
1994 else
1995 conn->power_save = 0;
1996 }
1997
1998 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1999 hci_sco_setup(conn, ev->status);
2000 }
2001
2002 hci_dev_unlock(hdev);
2003 }
2004
2005 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2006 {
2007 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2008 struct hci_conn *conn;
2009
2010 BT_DBG("%s", hdev->name);
2011
2012 hci_dev_lock(hdev);
2013
2014 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2015 if (conn && conn->state == BT_CONNECTED) {
2016 hci_conn_hold(conn);
2017 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2018 hci_conn_put(conn);
2019 }
2020
2021 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2022 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2023 sizeof(ev->bdaddr), &ev->bdaddr);
2024
2025 if (test_bit(HCI_MGMT, &hdev->flags))
2026 mgmt_pin_code_request(hdev->id, &ev->bdaddr);
2027
2028 hci_dev_unlock(hdev);
2029 }
2030
2031 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2032 {
2033 struct hci_ev_link_key_req *ev = (void *) skb->data;
2034 struct hci_cp_link_key_reply cp;
2035 struct hci_conn *conn;
2036 struct link_key *key;
2037
2038 BT_DBG("%s", hdev->name);
2039
2040 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2041 return;
2042
2043 hci_dev_lock(hdev);
2044
2045 key = hci_find_link_key(hdev, &ev->bdaddr);
2046 if (!key) {
2047 BT_DBG("%s link key not found for %s", hdev->name,
2048 batostr(&ev->bdaddr));
2049 goto not_found;
2050 }
2051
2052 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2053 batostr(&ev->bdaddr));
2054
2055 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2056 key->type == HCI_LK_DEBUG_COMBINATION) {
2057 BT_DBG("%s ignoring debug key", hdev->name);
2058 goto not_found;
2059 }
2060
2061 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2062
2063 if (key->type == HCI_LK_UNAUTH_COMBINATION && conn &&
2064 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
2065 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2066 goto not_found;
2067 }
2068
2069 bacpy(&cp.bdaddr, &ev->bdaddr);
2070 memcpy(cp.link_key, key->val, 16);
2071
2072 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2073
2074 hci_dev_unlock(hdev);
2075
2076 return;
2077
2078 not_found:
2079 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2080 hci_dev_unlock(hdev);
2081 }
2082
2083 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2084 {
2085 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2086 struct hci_conn *conn;
2087 u8 pin_len = 0;
2088
2089 BT_DBG("%s", hdev->name);
2090
2091 hci_dev_lock(hdev);
2092
2093 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2094 if (conn) {
2095 hci_conn_hold(conn);
2096 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2097 pin_len = conn->pin_length;
2098
2099 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2100 conn->key_type = ev->key_type;
2101
2102 hci_conn_put(conn);
2103 }
2104
2105 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2106 hci_add_link_key(hdev, 1, &ev->bdaddr, ev->link_key,
2107 ev->key_type, pin_len);
2108
2109 hci_dev_unlock(hdev);
2110 }
2111
2112 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2113 {
2114 struct hci_ev_clock_offset *ev = (void *) skb->data;
2115 struct hci_conn *conn;
2116
2117 BT_DBG("%s status %d", hdev->name, ev->status);
2118
2119 hci_dev_lock(hdev);
2120
2121 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2122 if (conn && !ev->status) {
2123 struct inquiry_entry *ie;
2124
2125 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2126 if (ie) {
2127 ie->data.clock_offset = ev->clock_offset;
2128 ie->timestamp = jiffies;
2129 }
2130 }
2131
2132 hci_dev_unlock(hdev);
2133 }
2134
2135 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2136 {
2137 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2138 struct hci_conn *conn;
2139
2140 BT_DBG("%s status %d", hdev->name, ev->status);
2141
2142 hci_dev_lock(hdev);
2143
2144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2145 if (conn && !ev->status)
2146 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2147
2148 hci_dev_unlock(hdev);
2149 }
2150
2151 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2152 {
2153 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2154 struct inquiry_entry *ie;
2155
2156 BT_DBG("%s", hdev->name);
2157
2158 hci_dev_lock(hdev);
2159
2160 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2161 if (ie) {
2162 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2163 ie->timestamp = jiffies;
2164 }
2165
2166 hci_dev_unlock(hdev);
2167 }
2168
2169 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2170 {
2171 struct inquiry_data data;
2172 int num_rsp = *((__u8 *) skb->data);
2173
2174 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2175
2176 if (!num_rsp)
2177 return;
2178
2179 hci_dev_lock(hdev);
2180
2181 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
2182
2183 if (test_bit(HCI_MGMT, &hdev->flags))
2184 mgmt_discovering(hdev->id, 1);
2185 }
2186
2187 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2188 struct inquiry_info_with_rssi_and_pscan_mode *info;
2189 info = (void *) (skb->data + 1);
2190
2191 for (; num_rsp; num_rsp--, info++) {
2192 bacpy(&data.bdaddr, &info->bdaddr);
2193 data.pscan_rep_mode = info->pscan_rep_mode;
2194 data.pscan_period_mode = info->pscan_period_mode;
2195 data.pscan_mode = info->pscan_mode;
2196 memcpy(data.dev_class, info->dev_class, 3);
2197 data.clock_offset = info->clock_offset;
2198 data.rssi = info->rssi;
2199 data.ssp_mode = 0x00;
2200 hci_inquiry_cache_update(hdev, &data);
2201 mgmt_device_found(hdev->id, &info->bdaddr,
2202 info->dev_class, info->rssi,
2203 NULL);
2204 }
2205 } else {
2206 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2207
2208 for (; num_rsp; num_rsp--, info++) {
2209 bacpy(&data.bdaddr, &info->bdaddr);
2210 data.pscan_rep_mode = info->pscan_rep_mode;
2211 data.pscan_period_mode = info->pscan_period_mode;
2212 data.pscan_mode = 0x00;
2213 memcpy(data.dev_class, info->dev_class, 3);
2214 data.clock_offset = info->clock_offset;
2215 data.rssi = info->rssi;
2216 data.ssp_mode = 0x00;
2217 hci_inquiry_cache_update(hdev, &data);
2218 mgmt_device_found(hdev->id, &info->bdaddr,
2219 info->dev_class, info->rssi,
2220 NULL);
2221 }
2222 }
2223
2224 hci_dev_unlock(hdev);
2225 }
2226
2227 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2228 {
2229 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2230 struct hci_conn *conn;
2231
2232 BT_DBG("%s", hdev->name);
2233
2234 hci_dev_lock(hdev);
2235
2236 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2237 if (!conn)
2238 goto unlock;
2239
2240 if (!ev->status && ev->page == 0x01) {
2241 struct inquiry_entry *ie;
2242
2243 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2244 if (ie)
2245 ie->data.ssp_mode = (ev->features[0] & 0x01);
2246
2247 conn->ssp_mode = (ev->features[0] & 0x01);
2248 }
2249
2250 if (conn->state != BT_CONFIG)
2251 goto unlock;
2252
2253 if (!ev->status) {
2254 struct hci_cp_remote_name_req cp;
2255 memset(&cp, 0, sizeof(cp));
2256 bacpy(&cp.bdaddr, &conn->dst);
2257 cp.pscan_rep_mode = 0x02;
2258 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2259 }
2260
2261 if (!hci_outgoing_auth_needed(hdev, conn)) {
2262 conn->state = BT_CONNECTED;
2263 hci_proto_connect_cfm(conn, ev->status);
2264 hci_conn_put(conn);
2265 }
2266
2267 unlock:
2268 hci_dev_unlock(hdev);
2269 }
2270
2271 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2272 {
2273 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2274 struct hci_conn *conn;
2275
2276 BT_DBG("%s status %d", hdev->name, ev->status);
2277
2278 hci_dev_lock(hdev);
2279
2280 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2281 if (!conn) {
2282 if (ev->link_type == ESCO_LINK)
2283 goto unlock;
2284
2285 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2286 if (!conn)
2287 goto unlock;
2288
2289 conn->type = SCO_LINK;
2290 }
2291
2292 switch (ev->status) {
2293 case 0x00:
2294 conn->handle = __le16_to_cpu(ev->handle);
2295 conn->state = BT_CONNECTED;
2296
2297 hci_conn_hold_device(conn);
2298 hci_conn_add_sysfs(conn);
2299 break;
2300
2301 case 0x11: /* Unsupported Feature or Parameter Value */
2302 case 0x1c: /* SCO interval rejected */
2303 case 0x1a: /* Unsupported Remote Feature */
2304 case 0x1f: /* Unspecified error */
2305 if (conn->out && conn->attempt < 2) {
2306 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2307 (hdev->esco_type & EDR_ESCO_MASK);
2308 hci_setup_sync(conn, conn->link->handle);
2309 goto unlock;
2310 }
2311 /* fall through */
2312
2313 default:
2314 conn->state = BT_CLOSED;
2315 break;
2316 }
2317
2318 hci_proto_connect_cfm(conn, ev->status);
2319 if (ev->status)
2320 hci_conn_del(conn);
2321
2322 unlock:
2323 hci_dev_unlock(hdev);
2324 }
2325
2326 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2327 {
2328 BT_DBG("%s", hdev->name);
2329 }
2330
2331 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2332 {
2333 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2334
2335 BT_DBG("%s status %d", hdev->name, ev->status);
2336 }
2337
2338 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2339 {
2340 struct inquiry_data data;
2341 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2342 int num_rsp = *((__u8 *) skb->data);
2343
2344 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2345
2346 if (!num_rsp)
2347 return;
2348
2349 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
2350
2351 if (test_bit(HCI_MGMT, &hdev->flags))
2352 mgmt_discovering(hdev->id, 1);
2353 }
2354
2355 hci_dev_lock(hdev);
2356
2357 for (; num_rsp; num_rsp--, info++) {
2358 bacpy(&data.bdaddr, &info->bdaddr);
2359 data.pscan_rep_mode = info->pscan_rep_mode;
2360 data.pscan_period_mode = info->pscan_period_mode;
2361 data.pscan_mode = 0x00;
2362 memcpy(data.dev_class, info->dev_class, 3);
2363 data.clock_offset = info->clock_offset;
2364 data.rssi = info->rssi;
2365 data.ssp_mode = 0x01;
2366 hci_inquiry_cache_update(hdev, &data);
2367 mgmt_device_found(hdev->id, &info->bdaddr, info->dev_class,
2368 info->rssi, info->data);
2369 }
2370
2371 hci_dev_unlock(hdev);
2372 }
2373
2374 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2375 {
2376 /* If remote requests dedicated bonding follow that lead */
2377 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2378 /* If both remote and local IO capabilities allow MITM
2379 * protection then require it, otherwise don't */
2380 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2381 return 0x02;
2382 else
2383 return 0x03;
2384 }
2385
2386 /* If remote requests no-bonding follow that lead */
2387 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2388 return 0x00;
2389
2390 return conn->auth_type;
2391 }
2392
2393 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2394 {
2395 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2396 struct hci_conn *conn;
2397
2398 BT_DBG("%s", hdev->name);
2399
2400 hci_dev_lock(hdev);
2401
2402 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2403 if (!conn)
2404 goto unlock;
2405
2406 hci_conn_hold(conn);
2407
2408 if (!test_bit(HCI_MGMT, &hdev->flags))
2409 goto unlock;
2410
2411 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2412 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2413 struct hci_cp_io_capability_reply cp;
2414
2415 bacpy(&cp.bdaddr, &ev->bdaddr);
2416 cp.capability = conn->io_capability;
2417 cp.authentication = hci_get_auth_req(conn);
2418
2419 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2420 hci_find_remote_oob_data(hdev, &conn->dst))
2421 cp.oob_data = 0x01;
2422 else
2423 cp.oob_data = 0x00;
2424
2425 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2426 sizeof(cp), &cp);
2427 } else {
2428 struct hci_cp_io_capability_neg_reply cp;
2429
2430 bacpy(&cp.bdaddr, &ev->bdaddr);
2431 cp.reason = 0x16; /* Pairing not allowed */
2432
2433 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2434 sizeof(cp), &cp);
2435 }
2436
2437 unlock:
2438 hci_dev_unlock(hdev);
2439 }
2440
2441 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2442 {
2443 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2444 struct hci_conn *conn;
2445
2446 BT_DBG("%s", hdev->name);
2447
2448 hci_dev_lock(hdev);
2449
2450 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2451 if (!conn)
2452 goto unlock;
2453
2454 conn->remote_cap = ev->capability;
2455 conn->remote_oob = ev->oob_data;
2456 conn->remote_auth = ev->authentication;
2457
2458 unlock:
2459 hci_dev_unlock(hdev);
2460 }
2461
2462 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2463 struct sk_buff *skb)
2464 {
2465 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2466
2467 BT_DBG("%s", hdev->name);
2468
2469 hci_dev_lock(hdev);
2470
2471 if (test_bit(HCI_MGMT, &hdev->flags))
2472 mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey);
2473
2474 hci_dev_unlock(hdev);
2475 }
2476
2477 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2478 {
2479 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2480 struct hci_conn *conn;
2481
2482 BT_DBG("%s", hdev->name);
2483
2484 hci_dev_lock(hdev);
2485
2486 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2487 if (!conn)
2488 goto unlock;
2489
2490 /* To avoid duplicate auth_failed events to user space we check
2491 * the HCI_CONN_AUTH_PEND flag which will be set if we
2492 * initiated the authentication. A traditional auth_complete
2493 * event gets always produced as initiator and is also mapped to
2494 * the mgmt_auth_failed event */
2495 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2496 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
2497
2498 hci_conn_put(conn);
2499
2500 unlock:
2501 hci_dev_unlock(hdev);
2502 }
2503
2504 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2505 {
2506 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2507 struct inquiry_entry *ie;
2508
2509 BT_DBG("%s", hdev->name);
2510
2511 hci_dev_lock(hdev);
2512
2513 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2514 if (ie)
2515 ie->data.ssp_mode = (ev->features[0] & 0x01);
2516
2517 hci_dev_unlock(hdev);
2518 }
2519
2520 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2521 struct sk_buff *skb)
2522 {
2523 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2524 struct oob_data *data;
2525
2526 BT_DBG("%s", hdev->name);
2527
2528 hci_dev_lock(hdev);
2529
2530 if (!test_bit(HCI_MGMT, &hdev->flags))
2531 goto unlock;
2532
2533 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2534 if (data) {
2535 struct hci_cp_remote_oob_data_reply cp;
2536
2537 bacpy(&cp.bdaddr, &ev->bdaddr);
2538 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2539 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2540
2541 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2542 &cp);
2543 } else {
2544 struct hci_cp_remote_oob_data_neg_reply cp;
2545
2546 bacpy(&cp.bdaddr, &ev->bdaddr);
2547 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2548 &cp);
2549 }
2550
2551 unlock:
2552 hci_dev_unlock(hdev);
2553 }
2554
2555 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2556 {
2557 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2558 struct hci_conn *conn;
2559
2560 BT_DBG("%s status %d", hdev->name, ev->status);
2561
2562 hci_dev_lock(hdev);
2563
2564 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2565 if (!conn) {
2566 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2567 if (!conn) {
2568 BT_ERR("No memory for new connection");
2569 hci_dev_unlock(hdev);
2570 return;
2571 }
2572 }
2573
2574 if (ev->status) {
2575 hci_proto_connect_cfm(conn, ev->status);
2576 conn->state = BT_CLOSED;
2577 hci_conn_del(conn);
2578 goto unlock;
2579 }
2580
2581 conn->handle = __le16_to_cpu(ev->handle);
2582 conn->state = BT_CONNECTED;
2583
2584 hci_conn_hold_device(conn);
2585 hci_conn_add_sysfs(conn);
2586
2587 hci_proto_connect_cfm(conn, ev->status);
2588
2589 unlock:
2590 hci_dev_unlock(hdev);
2591 }
2592
2593 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2594 {
2595 struct hci_ev_le_meta *le_ev = (void *) skb->data;
2596
2597 skb_pull(skb, sizeof(*le_ev));
2598
2599 switch (le_ev->subevent) {
2600 case HCI_EV_LE_CONN_COMPLETE:
2601 hci_le_conn_complete_evt(hdev, skb);
2602 break;
2603
2604 default:
2605 break;
2606 }
2607 }
2608
2609 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2610 {
2611 struct hci_event_hdr *hdr = (void *) skb->data;
2612 __u8 event = hdr->evt;
2613
2614 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2615
2616 switch (event) {
2617 case HCI_EV_INQUIRY_COMPLETE:
2618 hci_inquiry_complete_evt(hdev, skb);
2619 break;
2620
2621 case HCI_EV_INQUIRY_RESULT:
2622 hci_inquiry_result_evt(hdev, skb);
2623 break;
2624
2625 case HCI_EV_CONN_COMPLETE:
2626 hci_conn_complete_evt(hdev, skb);
2627 break;
2628
2629 case HCI_EV_CONN_REQUEST:
2630 hci_conn_request_evt(hdev, skb);
2631 break;
2632
2633 case HCI_EV_DISCONN_COMPLETE:
2634 hci_disconn_complete_evt(hdev, skb);
2635 break;
2636
2637 case HCI_EV_AUTH_COMPLETE:
2638 hci_auth_complete_evt(hdev, skb);
2639 break;
2640
2641 case HCI_EV_REMOTE_NAME:
2642 hci_remote_name_evt(hdev, skb);
2643 break;
2644
2645 case HCI_EV_ENCRYPT_CHANGE:
2646 hci_encrypt_change_evt(hdev, skb);
2647 break;
2648
2649 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2650 hci_change_link_key_complete_evt(hdev, skb);
2651 break;
2652
2653 case HCI_EV_REMOTE_FEATURES:
2654 hci_remote_features_evt(hdev, skb);
2655 break;
2656
2657 case HCI_EV_REMOTE_VERSION:
2658 hci_remote_version_evt(hdev, skb);
2659 break;
2660
2661 case HCI_EV_QOS_SETUP_COMPLETE:
2662 hci_qos_setup_complete_evt(hdev, skb);
2663 break;
2664
2665 case HCI_EV_CMD_COMPLETE:
2666 hci_cmd_complete_evt(hdev, skb);
2667 break;
2668
2669 case HCI_EV_CMD_STATUS:
2670 hci_cmd_status_evt(hdev, skb);
2671 break;
2672
2673 case HCI_EV_ROLE_CHANGE:
2674 hci_role_change_evt(hdev, skb);
2675 break;
2676
2677 case HCI_EV_NUM_COMP_PKTS:
2678 hci_num_comp_pkts_evt(hdev, skb);
2679 break;
2680
2681 case HCI_EV_MODE_CHANGE:
2682 hci_mode_change_evt(hdev, skb);
2683 break;
2684
2685 case HCI_EV_PIN_CODE_REQ:
2686 hci_pin_code_request_evt(hdev, skb);
2687 break;
2688
2689 case HCI_EV_LINK_KEY_REQ:
2690 hci_link_key_request_evt(hdev, skb);
2691 break;
2692
2693 case HCI_EV_LINK_KEY_NOTIFY:
2694 hci_link_key_notify_evt(hdev, skb);
2695 break;
2696
2697 case HCI_EV_CLOCK_OFFSET:
2698 hci_clock_offset_evt(hdev, skb);
2699 break;
2700
2701 case HCI_EV_PKT_TYPE_CHANGE:
2702 hci_pkt_type_change_evt(hdev, skb);
2703 break;
2704
2705 case HCI_EV_PSCAN_REP_MODE:
2706 hci_pscan_rep_mode_evt(hdev, skb);
2707 break;
2708
2709 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2710 hci_inquiry_result_with_rssi_evt(hdev, skb);
2711 break;
2712
2713 case HCI_EV_REMOTE_EXT_FEATURES:
2714 hci_remote_ext_features_evt(hdev, skb);
2715 break;
2716
2717 case HCI_EV_SYNC_CONN_COMPLETE:
2718 hci_sync_conn_complete_evt(hdev, skb);
2719 break;
2720
2721 case HCI_EV_SYNC_CONN_CHANGED:
2722 hci_sync_conn_changed_evt(hdev, skb);
2723 break;
2724
2725 case HCI_EV_SNIFF_SUBRATE:
2726 hci_sniff_subrate_evt(hdev, skb);
2727 break;
2728
2729 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2730 hci_extended_inquiry_result_evt(hdev, skb);
2731 break;
2732
2733 case HCI_EV_IO_CAPA_REQUEST:
2734 hci_io_capa_request_evt(hdev, skb);
2735 break;
2736
2737 case HCI_EV_IO_CAPA_REPLY:
2738 hci_io_capa_reply_evt(hdev, skb);
2739 break;
2740
2741 case HCI_EV_USER_CONFIRM_REQUEST:
2742 hci_user_confirm_request_evt(hdev, skb);
2743 break;
2744
2745 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2746 hci_simple_pair_complete_evt(hdev, skb);
2747 break;
2748
2749 case HCI_EV_REMOTE_HOST_FEATURES:
2750 hci_remote_host_features_evt(hdev, skb);
2751 break;
2752
2753 case HCI_EV_LE_META:
2754 hci_le_meta_evt(hdev, skb);
2755 break;
2756
2757 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
2758 hci_remote_oob_data_request_evt(hdev, skb);
2759 break;
2760
2761 default:
2762 BT_DBG("%s event 0x%x", hdev->name, event);
2763 break;
2764 }
2765
2766 kfree_skb(skb);
2767 hdev->stat.evt_rx++;
2768 }
2769
2770 /* Generate internal stack event */
2771 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2772 {
2773 struct hci_event_hdr *hdr;
2774 struct hci_ev_stack_internal *ev;
2775 struct sk_buff *skb;
2776
2777 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2778 if (!skb)
2779 return;
2780
2781 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2782 hdr->evt = HCI_EV_STACK_INTERNAL;
2783 hdr->plen = sizeof(*ev) + dlen;
2784
2785 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2786 ev->type = type;
2787 memcpy(ev->data, data, dlen);
2788
2789 bt_cb(skb)->incoming = 1;
2790 __net_timestamp(skb);
2791
2792 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
2793 skb->dev = (void *) hdev;
2794 hci_send_to_sock(hdev, skb, NULL);
2795 kfree_skb(skb);
2796 }
ubuntu-zesty-kernel mirror