]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - net/bluetooth/hci_event.c
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ARM: Merge for-2637/s3c24xx/h1940
[mirror_ubuntu-zesty-kernel.git] / net / bluetooth / hci_event.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI event handling. */
26
27 #include <linux/module.h>
28
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
39 #include <net/sock.h>
40
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
44
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47
48 /* Handle HCI Event packets */
49
50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
51 {
52 __u8 status = *((__u8 *) skb->data);
53
54 BT_DBG("%s status 0x%x", hdev->name, status);
55
56 if (status)
57 return;
58
59 clear_bit(HCI_INQUIRY, &hdev->flags);
60
61 hci_req_complete(hdev, status);
62
63 hci_conn_check_pending(hdev);
64 }
65
66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67 {
68 __u8 status = *((__u8 *) skb->data);
69
70 BT_DBG("%s status 0x%x", hdev->name, status);
71
72 if (status)
73 return;
74
75 clear_bit(HCI_INQUIRY, &hdev->flags);
76
77 hci_conn_check_pending(hdev);
78 }
79
80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
81 {
82 BT_DBG("%s", hdev->name);
83 }
84
85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
86 {
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
89
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
91
92 if (rp->status)
93 return;
94
95 hci_dev_lock(hdev);
96
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
98 if (conn) {
99 if (rp->role)
100 conn->link_mode &= ~HCI_LM_MASTER;
101 else
102 conn->link_mode |= HCI_LM_MASTER;
103 }
104
105 hci_dev_unlock(hdev);
106 }
107
108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
109 {
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
112
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
114
115 if (rp->status)
116 return;
117
118 hci_dev_lock(hdev);
119
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
121 if (conn)
122 conn->link_policy = __le16_to_cpu(rp->policy);
123
124 hci_dev_unlock(hdev);
125 }
126
127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
128 {
129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
130 struct hci_conn *conn;
131 void *sent;
132
133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
134
135 if (rp->status)
136 return;
137
138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
139 if (!sent)
140 return;
141
142 hci_dev_lock(hdev);
143
144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
145 if (conn)
146 conn->link_policy = get_unaligned_le16(sent + 2);
147
148 hci_dev_unlock(hdev);
149 }
150
151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
152 {
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
154
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
156
157 if (rp->status)
158 return;
159
160 hdev->link_policy = __le16_to_cpu(rp->policy);
161 }
162
163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
164 {
165 __u8 status = *((__u8 *) skb->data);
166 void *sent;
167
168 BT_DBG("%s status 0x%x", hdev->name, status);
169
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
171 if (!sent)
172 return;
173
174 if (!status)
175 hdev->link_policy = get_unaligned_le16(sent);
176
177 hci_req_complete(hdev, status);
178 }
179
180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
181 {
182 __u8 status = *((__u8 *) skb->data);
183
184 BT_DBG("%s status 0x%x", hdev->name, status);
185
186 hci_req_complete(hdev, status);
187 }
188
189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
190 {
191 __u8 status = *((__u8 *) skb->data);
192 void *sent;
193
194 BT_DBG("%s status 0x%x", hdev->name, status);
195
196 if (status)
197 return;
198
199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
200 if (!sent)
201 return;
202
203 memcpy(hdev->dev_name, sent, 248);
204 }
205
206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
207 {
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
209
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
211
212 if (rp->status)
213 return;
214
215 memcpy(hdev->dev_name, rp->name, 248);
216 }
217
218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
219 {
220 __u8 status = *((__u8 *) skb->data);
221 void *sent;
222
223 BT_DBG("%s status 0x%x", hdev->name, status);
224
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
226 if (!sent)
227 return;
228
229 if (!status) {
230 __u8 param = *((__u8 *) sent);
231
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
234 else
235 clear_bit(HCI_AUTH, &hdev->flags);
236 }
237
238 hci_req_complete(hdev, status);
239 }
240
241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
242 {
243 __u8 status = *((__u8 *) skb->data);
244 void *sent;
245
246 BT_DBG("%s status 0x%x", hdev->name, status);
247
248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
249 if (!sent)
250 return;
251
252 if (!status) {
253 __u8 param = *((__u8 *) sent);
254
255 if (param)
256 set_bit(HCI_ENCRYPT, &hdev->flags);
257 else
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
259 }
260
261 hci_req_complete(hdev, status);
262 }
263
264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
265 {
266 __u8 status = *((__u8 *) skb->data);
267 void *sent;
268
269 BT_DBG("%s status 0x%x", hdev->name, status);
270
271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
272 if (!sent)
273 return;
274
275 if (!status) {
276 __u8 param = *((__u8 *) sent);
277
278 clear_bit(HCI_PSCAN, &hdev->flags);
279 clear_bit(HCI_ISCAN, &hdev->flags);
280
281 if (param & SCAN_INQUIRY)
282 set_bit(HCI_ISCAN, &hdev->flags);
283
284 if (param & SCAN_PAGE)
285 set_bit(HCI_PSCAN, &hdev->flags);
286 }
287
288 hci_req_complete(hdev, status);
289 }
290
291 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
292 {
293 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
294
295 BT_DBG("%s status 0x%x", hdev->name, rp->status);
296
297 if (rp->status)
298 return;
299
300 memcpy(hdev->dev_class, rp->dev_class, 3);
301
302 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
303 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
304 }
305
306 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
307 {
308 __u8 status = *((__u8 *) skb->data);
309 void *sent;
310
311 BT_DBG("%s status 0x%x", hdev->name, status);
312
313 if (status)
314 return;
315
316 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
317 if (!sent)
318 return;
319
320 memcpy(hdev->dev_class, sent, 3);
321 }
322
323 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
324 {
325 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
326 __u16 setting;
327
328 BT_DBG("%s status 0x%x", hdev->name, rp->status);
329
330 if (rp->status)
331 return;
332
333 setting = __le16_to_cpu(rp->voice_setting);
334
335 if (hdev->voice_setting == setting)
336 return;
337
338 hdev->voice_setting = setting;
339
340 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
341
342 if (hdev->notify) {
343 tasklet_disable(&hdev->tx_task);
344 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
345 tasklet_enable(&hdev->tx_task);
346 }
347 }
348
349 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
350 {
351 __u8 status = *((__u8 *) skb->data);
352 __u16 setting;
353 void *sent;
354
355 BT_DBG("%s status 0x%x", hdev->name, status);
356
357 if (status)
358 return;
359
360 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
361 if (!sent)
362 return;
363
364 setting = get_unaligned_le16(sent);
365
366 if (hdev->voice_setting == setting)
367 return;
368
369 hdev->voice_setting = setting;
370
371 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
372
373 if (hdev->notify) {
374 tasklet_disable(&hdev->tx_task);
375 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
376 tasklet_enable(&hdev->tx_task);
377 }
378 }
379
380 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
381 {
382 __u8 status = *((__u8 *) skb->data);
383
384 BT_DBG("%s status 0x%x", hdev->name, status);
385
386 hci_req_complete(hdev, status);
387 }
388
389 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
390 {
391 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
392
393 BT_DBG("%s status 0x%x", hdev->name, rp->status);
394
395 if (rp->status)
396 return;
397
398 hdev->ssp_mode = rp->mode;
399 }
400
401 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
402 {
403 __u8 status = *((__u8 *) skb->data);
404 void *sent;
405
406 BT_DBG("%s status 0x%x", hdev->name, status);
407
408 if (status)
409 return;
410
411 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
412 if (!sent)
413 return;
414
415 hdev->ssp_mode = *((__u8 *) sent);
416 }
417
418 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
419 {
420 struct hci_rp_read_local_version *rp = (void *) skb->data;
421
422 BT_DBG("%s status 0x%x", hdev->name, rp->status);
423
424 if (rp->status)
425 return;
426
427 hdev->hci_ver = rp->hci_ver;
428 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
429 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
430
431 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
432 hdev->manufacturer,
433 hdev->hci_ver, hdev->hci_rev);
434 }
435
436 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
437 {
438 struct hci_rp_read_local_commands *rp = (void *) skb->data;
439
440 BT_DBG("%s status 0x%x", hdev->name, rp->status);
441
442 if (rp->status)
443 return;
444
445 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
446 }
447
448 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
449 {
450 struct hci_rp_read_local_features *rp = (void *) skb->data;
451
452 BT_DBG("%s status 0x%x", hdev->name, rp->status);
453
454 if (rp->status)
455 return;
456
457 memcpy(hdev->features, rp->features, 8);
458
459 /* Adjust default settings according to features
460 * supported by device. */
461
462 if (hdev->features[0] & LMP_3SLOT)
463 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
464
465 if (hdev->features[0] & LMP_5SLOT)
466 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
467
468 if (hdev->features[1] & LMP_HV2) {
469 hdev->pkt_type |= (HCI_HV2);
470 hdev->esco_type |= (ESCO_HV2);
471 }
472
473 if (hdev->features[1] & LMP_HV3) {
474 hdev->pkt_type |= (HCI_HV3);
475 hdev->esco_type |= (ESCO_HV3);
476 }
477
478 if (hdev->features[3] & LMP_ESCO)
479 hdev->esco_type |= (ESCO_EV3);
480
481 if (hdev->features[4] & LMP_EV4)
482 hdev->esco_type |= (ESCO_EV4);
483
484 if (hdev->features[4] & LMP_EV5)
485 hdev->esco_type |= (ESCO_EV5);
486
487 if (hdev->features[5] & LMP_EDR_ESCO_2M)
488 hdev->esco_type |= (ESCO_2EV3);
489
490 if (hdev->features[5] & LMP_EDR_ESCO_3M)
491 hdev->esco_type |= (ESCO_3EV3);
492
493 if (hdev->features[5] & LMP_EDR_3S_ESCO)
494 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
495
496 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
497 hdev->features[0], hdev->features[1],
498 hdev->features[2], hdev->features[3],
499 hdev->features[4], hdev->features[5],
500 hdev->features[6], hdev->features[7]);
501 }
502
503 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
504 {
505 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
506
507 BT_DBG("%s status 0x%x", hdev->name, rp->status);
508
509 if (rp->status)
510 return;
511
512 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
513 hdev->sco_mtu = rp->sco_mtu;
514 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
515 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
516
517 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
518 hdev->sco_mtu = 64;
519 hdev->sco_pkts = 8;
520 }
521
522 hdev->acl_cnt = hdev->acl_pkts;
523 hdev->sco_cnt = hdev->sco_pkts;
524
525 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
526 hdev->acl_mtu, hdev->acl_pkts,
527 hdev->sco_mtu, hdev->sco_pkts);
528 }
529
530 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
531 {
532 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
533
534 BT_DBG("%s status 0x%x", hdev->name, rp->status);
535
536 if (!rp->status)
537 bacpy(&hdev->bdaddr, &rp->bdaddr);
538
539 hci_req_complete(hdev, rp->status);
540 }
541
542 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
543 {
544 BT_DBG("%s status 0x%x", hdev->name, status);
545
546 if (status) {
547 hci_req_complete(hdev, status);
548
549 hci_conn_check_pending(hdev);
550 } else
551 set_bit(HCI_INQUIRY, &hdev->flags);
552 }
553
554 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
555 {
556 struct hci_cp_create_conn *cp;
557 struct hci_conn *conn;
558
559 BT_DBG("%s status 0x%x", hdev->name, status);
560
561 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
562 if (!cp)
563 return;
564
565 hci_dev_lock(hdev);
566
567 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
568
569 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
570
571 if (status) {
572 if (conn && conn->state == BT_CONNECT) {
573 if (status != 0x0c || conn->attempt > 2) {
574 conn->state = BT_CLOSED;
575 hci_proto_connect_cfm(conn, status);
576 hci_conn_del(conn);
577 } else
578 conn->state = BT_CONNECT2;
579 }
580 } else {
581 if (!conn) {
582 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
583 if (conn) {
584 conn->out = 1;
585 conn->link_mode |= HCI_LM_MASTER;
586 } else
587 BT_ERR("No memory for new connection");
588 }
589 }
590
591 hci_dev_unlock(hdev);
592 }
593
594 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
595 {
596 struct hci_cp_add_sco *cp;
597 struct hci_conn *acl, *sco;
598 __u16 handle;
599
600 BT_DBG("%s status 0x%x", hdev->name, status);
601
602 if (!status)
603 return;
604
605 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
606 if (!cp)
607 return;
608
609 handle = __le16_to_cpu(cp->handle);
610
611 BT_DBG("%s handle %d", hdev->name, handle);
612
613 hci_dev_lock(hdev);
614
615 acl = hci_conn_hash_lookup_handle(hdev, handle);
616 if (acl && (sco = acl->link)) {
617 sco->state = BT_CLOSED;
618
619 hci_proto_connect_cfm(sco, status);
620 hci_conn_del(sco);
621 }
622
623 hci_dev_unlock(hdev);
624 }
625
626 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
627 {
628 struct hci_cp_auth_requested *cp;
629 struct hci_conn *conn;
630
631 BT_DBG("%s status 0x%x", hdev->name, status);
632
633 if (!status)
634 return;
635
636 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
637 if (!cp)
638 return;
639
640 hci_dev_lock(hdev);
641
642 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
643 if (conn) {
644 if (conn->state == BT_CONFIG) {
645 hci_proto_connect_cfm(conn, status);
646 hci_conn_put(conn);
647 }
648 }
649
650 hci_dev_unlock(hdev);
651 }
652
653 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
654 {
655 struct hci_cp_set_conn_encrypt *cp;
656 struct hci_conn *conn;
657
658 BT_DBG("%s status 0x%x", hdev->name, status);
659
660 if (!status)
661 return;
662
663 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
664 if (!cp)
665 return;
666
667 hci_dev_lock(hdev);
668
669 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
670 if (conn) {
671 if (conn->state == BT_CONFIG) {
672 hci_proto_connect_cfm(conn, status);
673 hci_conn_put(conn);
674 }
675 }
676
677 hci_dev_unlock(hdev);
678 }
679
680 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
681 {
682 BT_DBG("%s status 0x%x", hdev->name, status);
683 }
684
685 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
686 {
687 struct hci_cp_read_remote_features *cp;
688 struct hci_conn *conn;
689
690 BT_DBG("%s status 0x%x", hdev->name, status);
691
692 if (!status)
693 return;
694
695 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
696 if (!cp)
697 return;
698
699 hci_dev_lock(hdev);
700
701 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
702 if (conn) {
703 if (conn->state == BT_CONFIG) {
704 hci_proto_connect_cfm(conn, status);
705 hci_conn_put(conn);
706 }
707 }
708
709 hci_dev_unlock(hdev);
710 }
711
712 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
713 {
714 struct hci_cp_read_remote_ext_features *cp;
715 struct hci_conn *conn;
716
717 BT_DBG("%s status 0x%x", hdev->name, status);
718
719 if (!status)
720 return;
721
722 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
723 if (!cp)
724 return;
725
726 hci_dev_lock(hdev);
727
728 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
729 if (conn) {
730 if (conn->state == BT_CONFIG) {
731 hci_proto_connect_cfm(conn, status);
732 hci_conn_put(conn);
733 }
734 }
735
736 hci_dev_unlock(hdev);
737 }
738
739 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
740 {
741 struct hci_cp_setup_sync_conn *cp;
742 struct hci_conn *acl, *sco;
743 __u16 handle;
744
745 BT_DBG("%s status 0x%x", hdev->name, status);
746
747 if (!status)
748 return;
749
750 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
751 if (!cp)
752 return;
753
754 handle = __le16_to_cpu(cp->handle);
755
756 BT_DBG("%s handle %d", hdev->name, handle);
757
758 hci_dev_lock(hdev);
759
760 acl = hci_conn_hash_lookup_handle(hdev, handle);
761 if (acl && (sco = acl->link)) {
762 sco->state = BT_CLOSED;
763
764 hci_proto_connect_cfm(sco, status);
765 hci_conn_del(sco);
766 }
767
768 hci_dev_unlock(hdev);
769 }
770
771 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
772 {
773 struct hci_cp_sniff_mode *cp;
774 struct hci_conn *conn;
775
776 BT_DBG("%s status 0x%x", hdev->name, status);
777
778 if (!status)
779 return;
780
781 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
782 if (!cp)
783 return;
784
785 hci_dev_lock(hdev);
786
787 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
788 if (conn) {
789 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
790
791 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
792 hci_sco_setup(conn, status);
793 }
794
795 hci_dev_unlock(hdev);
796 }
797
798 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
799 {
800 struct hci_cp_exit_sniff_mode *cp;
801 struct hci_conn *conn;
802
803 BT_DBG("%s status 0x%x", hdev->name, status);
804
805 if (!status)
806 return;
807
808 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
809 if (!cp)
810 return;
811
812 hci_dev_lock(hdev);
813
814 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
815 if (conn) {
816 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
817
818 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
819 hci_sco_setup(conn, status);
820 }
821
822 hci_dev_unlock(hdev);
823 }
824
825 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
826 {
827 __u8 status = *((__u8 *) skb->data);
828
829 BT_DBG("%s status %d", hdev->name, status);
830
831 clear_bit(HCI_INQUIRY, &hdev->flags);
832
833 hci_req_complete(hdev, status);
834
835 hci_conn_check_pending(hdev);
836 }
837
838 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
839 {
840 struct inquiry_data data;
841 struct inquiry_info *info = (void *) (skb->data + 1);
842 int num_rsp = *((__u8 *) skb->data);
843
844 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
845
846 if (!num_rsp)
847 return;
848
849 hci_dev_lock(hdev);
850
851 for (; num_rsp; num_rsp--) {
852 bacpy(&data.bdaddr, &info->bdaddr);
853 data.pscan_rep_mode = info->pscan_rep_mode;
854 data.pscan_period_mode = info->pscan_period_mode;
855 data.pscan_mode = info->pscan_mode;
856 memcpy(data.dev_class, info->dev_class, 3);
857 data.clock_offset = info->clock_offset;
858 data.rssi = 0x00;
859 data.ssp_mode = 0x00;
860 info++;
861 hci_inquiry_cache_update(hdev, &data);
862 }
863
864 hci_dev_unlock(hdev);
865 }
866
867 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
868 {
869 struct hci_ev_conn_complete *ev = (void *) skb->data;
870 struct hci_conn *conn;
871
872 BT_DBG("%s", hdev->name);
873
874 hci_dev_lock(hdev);
875
876 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
877 if (!conn) {
878 if (ev->link_type != SCO_LINK)
879 goto unlock;
880
881 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
882 if (!conn)
883 goto unlock;
884
885 conn->type = SCO_LINK;
886 }
887
888 if (!ev->status) {
889 conn->handle = __le16_to_cpu(ev->handle);
890
891 if (conn->type == ACL_LINK) {
892 conn->state = BT_CONFIG;
893 hci_conn_hold(conn);
894 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
895 } else
896 conn->state = BT_CONNECTED;
897
898 hci_conn_hold_device(conn);
899 hci_conn_add_sysfs(conn);
900
901 if (test_bit(HCI_AUTH, &hdev->flags))
902 conn->link_mode |= HCI_LM_AUTH;
903
904 if (test_bit(HCI_ENCRYPT, &hdev->flags))
905 conn->link_mode |= HCI_LM_ENCRYPT;
906
907 /* Get remote features */
908 if (conn->type == ACL_LINK) {
909 struct hci_cp_read_remote_features cp;
910 cp.handle = ev->handle;
911 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
912 sizeof(cp), &cp);
913 }
914
915 /* Set packet type for incoming connection */
916 if (!conn->out && hdev->hci_ver < 3) {
917 struct hci_cp_change_conn_ptype cp;
918 cp.handle = ev->handle;
919 cp.pkt_type = cpu_to_le16(conn->pkt_type);
920 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
921 sizeof(cp), &cp);
922 }
923 } else
924 conn->state = BT_CLOSED;
925
926 if (conn->type == ACL_LINK)
927 hci_sco_setup(conn, ev->status);
928
929 if (ev->status) {
930 hci_proto_connect_cfm(conn, ev->status);
931 hci_conn_del(conn);
932 } else if (ev->link_type != ACL_LINK)
933 hci_proto_connect_cfm(conn, ev->status);
934
935 unlock:
936 hci_dev_unlock(hdev);
937
938 hci_conn_check_pending(hdev);
939 }
940
941 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
942 {
943 struct hci_ev_conn_request *ev = (void *) skb->data;
944 int mask = hdev->link_mode;
945
946 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
947 batostr(&ev->bdaddr), ev->link_type);
948
949 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
950
951 if ((mask & HCI_LM_ACCEPT) && !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
952 /* Connection accepted */
953 struct inquiry_entry *ie;
954 struct hci_conn *conn;
955
956 hci_dev_lock(hdev);
957
958 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr)))
959 memcpy(ie->data.dev_class, ev->dev_class, 3);
960
961 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
962 if (!conn) {
963 if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) {
964 BT_ERR("No memory for new connection");
965 hci_dev_unlock(hdev);
966 return;
967 }
968 }
969
970 memcpy(conn->dev_class, ev->dev_class, 3);
971 conn->state = BT_CONNECT;
972
973 hci_dev_unlock(hdev);
974
975 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
976 struct hci_cp_accept_conn_req cp;
977
978 bacpy(&cp.bdaddr, &ev->bdaddr);
979
980 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
981 cp.role = 0x00; /* Become master */
982 else
983 cp.role = 0x01; /* Remain slave */
984
985 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
986 sizeof(cp), &cp);
987 } else {
988 struct hci_cp_accept_sync_conn_req cp;
989
990 bacpy(&cp.bdaddr, &ev->bdaddr);
991 cp.pkt_type = cpu_to_le16(conn->pkt_type);
992
993 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
994 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
995 cp.max_latency = cpu_to_le16(0xffff);
996 cp.content_format = cpu_to_le16(hdev->voice_setting);
997 cp.retrans_effort = 0xff;
998
999 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1000 sizeof(cp), &cp);
1001 }
1002 } else {
1003 /* Connection rejected */
1004 struct hci_cp_reject_conn_req cp;
1005
1006 bacpy(&cp.bdaddr, &ev->bdaddr);
1007 cp.reason = 0x0f;
1008 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1009 }
1010 }
1011
1012 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1013 {
1014 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1015 struct hci_conn *conn;
1016
1017 BT_DBG("%s status %d", hdev->name, ev->status);
1018
1019 if (ev->status)
1020 return;
1021
1022 hci_dev_lock(hdev);
1023
1024 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1025 if (conn) {
1026 conn->state = BT_CLOSED;
1027
1028 hci_proto_disconn_cfm(conn, ev->reason);
1029 hci_conn_del(conn);
1030 }
1031
1032 hci_dev_unlock(hdev);
1033 }
1034
1035 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1036 {
1037 struct hci_ev_auth_complete *ev = (void *) skb->data;
1038 struct hci_conn *conn;
1039
1040 BT_DBG("%s status %d", hdev->name, ev->status);
1041
1042 hci_dev_lock(hdev);
1043
1044 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1045 if (conn) {
1046 if (!ev->status)
1047 conn->link_mode |= HCI_LM_AUTH;
1048 else
1049 conn->sec_level = BT_SECURITY_LOW;
1050
1051 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1052
1053 if (conn->state == BT_CONFIG) {
1054 if (!ev->status && hdev->ssp_mode > 0 &&
1055 conn->ssp_mode > 0) {
1056 struct hci_cp_set_conn_encrypt cp;
1057 cp.handle = ev->handle;
1058 cp.encrypt = 0x01;
1059 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1060 sizeof(cp), &cp);
1061 } else {
1062 conn->state = BT_CONNECTED;
1063 hci_proto_connect_cfm(conn, ev->status);
1064 hci_conn_put(conn);
1065 }
1066 } else {
1067 hci_auth_cfm(conn, ev->status);
1068
1069 hci_conn_hold(conn);
1070 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1071 hci_conn_put(conn);
1072 }
1073
1074 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1075 if (!ev->status) {
1076 struct hci_cp_set_conn_encrypt cp;
1077 cp.handle = ev->handle;
1078 cp.encrypt = 0x01;
1079 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1080 sizeof(cp), &cp);
1081 } else {
1082 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1083 hci_encrypt_cfm(conn, ev->status, 0x00);
1084 }
1085 }
1086 }
1087
1088 hci_dev_unlock(hdev);
1089 }
1090
1091 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1092 {
1093 BT_DBG("%s", hdev->name);
1094
1095 hci_conn_check_pending(hdev);
1096 }
1097
1098 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1099 {
1100 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1101 struct hci_conn *conn;
1102
1103 BT_DBG("%s status %d", hdev->name, ev->status);
1104
1105 hci_dev_lock(hdev);
1106
1107 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1108 if (conn) {
1109 if (!ev->status) {
1110 if (ev->encrypt) {
1111 /* Encryption implies authentication */
1112 conn->link_mode |= HCI_LM_AUTH;
1113 conn->link_mode |= HCI_LM_ENCRYPT;
1114 } else
1115 conn->link_mode &= ~HCI_LM_ENCRYPT;
1116 }
1117
1118 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1119
1120 if (conn->state == BT_CONFIG) {
1121 if (!ev->status)
1122 conn->state = BT_CONNECTED;
1123
1124 hci_proto_connect_cfm(conn, ev->status);
1125 hci_conn_put(conn);
1126 } else
1127 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1128 }
1129
1130 hci_dev_unlock(hdev);
1131 }
1132
1133 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1134 {
1135 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1136 struct hci_conn *conn;
1137
1138 BT_DBG("%s status %d", hdev->name, ev->status);
1139
1140 hci_dev_lock(hdev);
1141
1142 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1143 if (conn) {
1144 if (!ev->status)
1145 conn->link_mode |= HCI_LM_SECURE;
1146
1147 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1148
1149 hci_key_change_cfm(conn, ev->status);
1150 }
1151
1152 hci_dev_unlock(hdev);
1153 }
1154
1155 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1156 {
1157 struct hci_ev_remote_features *ev = (void *) skb->data;
1158 struct hci_conn *conn;
1159
1160 BT_DBG("%s status %d", hdev->name, ev->status);
1161
1162 hci_dev_lock(hdev);
1163
1164 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1165 if (conn) {
1166 if (!ev->status)
1167 memcpy(conn->features, ev->features, 8);
1168
1169 if (conn->state == BT_CONFIG) {
1170 if (!ev->status && lmp_ssp_capable(hdev) &&
1171 lmp_ssp_capable(conn)) {
1172 struct hci_cp_read_remote_ext_features cp;
1173 cp.handle = ev->handle;
1174 cp.page = 0x01;
1175 hci_send_cmd(hdev,
1176 HCI_OP_READ_REMOTE_EXT_FEATURES,
1177 sizeof(cp), &cp);
1178 } else {
1179 conn->state = BT_CONNECTED;
1180 hci_proto_connect_cfm(conn, ev->status);
1181 hci_conn_put(conn);
1182 }
1183 }
1184 }
1185
1186 hci_dev_unlock(hdev);
1187 }
1188
1189 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1190 {
1191 BT_DBG("%s", hdev->name);
1192 }
1193
1194 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1195 {
1196 BT_DBG("%s", hdev->name);
1197 }
1198
1199 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1200 {
1201 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1202 __u16 opcode;
1203
1204 skb_pull(skb, sizeof(*ev));
1205
1206 opcode = __le16_to_cpu(ev->opcode);
1207
1208 switch (opcode) {
1209 case HCI_OP_INQUIRY_CANCEL:
1210 hci_cc_inquiry_cancel(hdev, skb);
1211 break;
1212
1213 case HCI_OP_EXIT_PERIODIC_INQ:
1214 hci_cc_exit_periodic_inq(hdev, skb);
1215 break;
1216
1217 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1218 hci_cc_remote_name_req_cancel(hdev, skb);
1219 break;
1220
1221 case HCI_OP_ROLE_DISCOVERY:
1222 hci_cc_role_discovery(hdev, skb);
1223 break;
1224
1225 case HCI_OP_READ_LINK_POLICY:
1226 hci_cc_read_link_policy(hdev, skb);
1227 break;
1228
1229 case HCI_OP_WRITE_LINK_POLICY:
1230 hci_cc_write_link_policy(hdev, skb);
1231 break;
1232
1233 case HCI_OP_READ_DEF_LINK_POLICY:
1234 hci_cc_read_def_link_policy(hdev, skb);
1235 break;
1236
1237 case HCI_OP_WRITE_DEF_LINK_POLICY:
1238 hci_cc_write_def_link_policy(hdev, skb);
1239 break;
1240
1241 case HCI_OP_RESET:
1242 hci_cc_reset(hdev, skb);
1243 break;
1244
1245 case HCI_OP_WRITE_LOCAL_NAME:
1246 hci_cc_write_local_name(hdev, skb);
1247 break;
1248
1249 case HCI_OP_READ_LOCAL_NAME:
1250 hci_cc_read_local_name(hdev, skb);
1251 break;
1252
1253 case HCI_OP_WRITE_AUTH_ENABLE:
1254 hci_cc_write_auth_enable(hdev, skb);
1255 break;
1256
1257 case HCI_OP_WRITE_ENCRYPT_MODE:
1258 hci_cc_write_encrypt_mode(hdev, skb);
1259 break;
1260
1261 case HCI_OP_WRITE_SCAN_ENABLE:
1262 hci_cc_write_scan_enable(hdev, skb);
1263 break;
1264
1265 case HCI_OP_READ_CLASS_OF_DEV:
1266 hci_cc_read_class_of_dev(hdev, skb);
1267 break;
1268
1269 case HCI_OP_WRITE_CLASS_OF_DEV:
1270 hci_cc_write_class_of_dev(hdev, skb);
1271 break;
1272
1273 case HCI_OP_READ_VOICE_SETTING:
1274 hci_cc_read_voice_setting(hdev, skb);
1275 break;
1276
1277 case HCI_OP_WRITE_VOICE_SETTING:
1278 hci_cc_write_voice_setting(hdev, skb);
1279 break;
1280
1281 case HCI_OP_HOST_BUFFER_SIZE:
1282 hci_cc_host_buffer_size(hdev, skb);
1283 break;
1284
1285 case HCI_OP_READ_SSP_MODE:
1286 hci_cc_read_ssp_mode(hdev, skb);
1287 break;
1288
1289 case HCI_OP_WRITE_SSP_MODE:
1290 hci_cc_write_ssp_mode(hdev, skb);
1291 break;
1292
1293 case HCI_OP_READ_LOCAL_VERSION:
1294 hci_cc_read_local_version(hdev, skb);
1295 break;
1296
1297 case HCI_OP_READ_LOCAL_COMMANDS:
1298 hci_cc_read_local_commands(hdev, skb);
1299 break;
1300
1301 case HCI_OP_READ_LOCAL_FEATURES:
1302 hci_cc_read_local_features(hdev, skb);
1303 break;
1304
1305 case HCI_OP_READ_BUFFER_SIZE:
1306 hci_cc_read_buffer_size(hdev, skb);
1307 break;
1308
1309 case HCI_OP_READ_BD_ADDR:
1310 hci_cc_read_bd_addr(hdev, skb);
1311 break;
1312
1313 default:
1314 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1315 break;
1316 }
1317
1318 if (ev->ncmd) {
1319 atomic_set(&hdev->cmd_cnt, 1);
1320 if (!skb_queue_empty(&hdev->cmd_q))
1321 tasklet_schedule(&hdev->cmd_task);
1322 }
1323 }
1324
1325 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1326 {
1327 struct hci_ev_cmd_status *ev = (void *) skb->data;
1328 __u16 opcode;
1329
1330 skb_pull(skb, sizeof(*ev));
1331
1332 opcode = __le16_to_cpu(ev->opcode);
1333
1334 switch (opcode) {
1335 case HCI_OP_INQUIRY:
1336 hci_cs_inquiry(hdev, ev->status);
1337 break;
1338
1339 case HCI_OP_CREATE_CONN:
1340 hci_cs_create_conn(hdev, ev->status);
1341 break;
1342
1343 case HCI_OP_ADD_SCO:
1344 hci_cs_add_sco(hdev, ev->status);
1345 break;
1346
1347 case HCI_OP_AUTH_REQUESTED:
1348 hci_cs_auth_requested(hdev, ev->status);
1349 break;
1350
1351 case HCI_OP_SET_CONN_ENCRYPT:
1352 hci_cs_set_conn_encrypt(hdev, ev->status);
1353 break;
1354
1355 case HCI_OP_REMOTE_NAME_REQ:
1356 hci_cs_remote_name_req(hdev, ev->status);
1357 break;
1358
1359 case HCI_OP_READ_REMOTE_FEATURES:
1360 hci_cs_read_remote_features(hdev, ev->status);
1361 break;
1362
1363 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1364 hci_cs_read_remote_ext_features(hdev, ev->status);
1365 break;
1366
1367 case HCI_OP_SETUP_SYNC_CONN:
1368 hci_cs_setup_sync_conn(hdev, ev->status);
1369 break;
1370
1371 case HCI_OP_SNIFF_MODE:
1372 hci_cs_sniff_mode(hdev, ev->status);
1373 break;
1374
1375 case HCI_OP_EXIT_SNIFF_MODE:
1376 hci_cs_exit_sniff_mode(hdev, ev->status);
1377 break;
1378
1379 default:
1380 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1381 break;
1382 }
1383
1384 if (ev->ncmd) {
1385 atomic_set(&hdev->cmd_cnt, 1);
1386 if (!skb_queue_empty(&hdev->cmd_q))
1387 tasklet_schedule(&hdev->cmd_task);
1388 }
1389 }
1390
1391 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1392 {
1393 struct hci_ev_role_change *ev = (void *) skb->data;
1394 struct hci_conn *conn;
1395
1396 BT_DBG("%s status %d", hdev->name, ev->status);
1397
1398 hci_dev_lock(hdev);
1399
1400 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1401 if (conn) {
1402 if (!ev->status) {
1403 if (ev->role)
1404 conn->link_mode &= ~HCI_LM_MASTER;
1405 else
1406 conn->link_mode |= HCI_LM_MASTER;
1407 }
1408
1409 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1410
1411 hci_role_switch_cfm(conn, ev->status, ev->role);
1412 }
1413
1414 hci_dev_unlock(hdev);
1415 }
1416
1417 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1418 {
1419 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1420 __le16 *ptr;
1421 int i;
1422
1423 skb_pull(skb, sizeof(*ev));
1424
1425 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1426
1427 if (skb->len < ev->num_hndl * 4) {
1428 BT_DBG("%s bad parameters", hdev->name);
1429 return;
1430 }
1431
1432 tasklet_disable(&hdev->tx_task);
1433
1434 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1435 struct hci_conn *conn;
1436 __u16 handle, count;
1437
1438 handle = get_unaligned_le16(ptr++);
1439 count = get_unaligned_le16(ptr++);
1440
1441 conn = hci_conn_hash_lookup_handle(hdev, handle);
1442 if (conn) {
1443 conn->sent -= count;
1444
1445 if (conn->type == ACL_LINK) {
1446 if ((hdev->acl_cnt += count) > hdev->acl_pkts)
1447 hdev->acl_cnt = hdev->acl_pkts;
1448 } else {
1449 if ((hdev->sco_cnt += count) > hdev->sco_pkts)
1450 hdev->sco_cnt = hdev->sco_pkts;
1451 }
1452 }
1453 }
1454
1455 tasklet_schedule(&hdev->tx_task);
1456
1457 tasklet_enable(&hdev->tx_task);
1458 }
1459
1460 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1461 {
1462 struct hci_ev_mode_change *ev = (void *) skb->data;
1463 struct hci_conn *conn;
1464
1465 BT_DBG("%s status %d", hdev->name, ev->status);
1466
1467 hci_dev_lock(hdev);
1468
1469 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1470 if (conn) {
1471 conn->mode = ev->mode;
1472 conn->interval = __le16_to_cpu(ev->interval);
1473
1474 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1475 if (conn->mode == HCI_CM_ACTIVE)
1476 conn->power_save = 1;
1477 else
1478 conn->power_save = 0;
1479 }
1480
1481 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1482 hci_sco_setup(conn, ev->status);
1483 }
1484
1485 hci_dev_unlock(hdev);
1486 }
1487
1488 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1489 {
1490 struct hci_ev_pin_code_req *ev = (void *) skb->data;
1491 struct hci_conn *conn;
1492
1493 BT_DBG("%s", hdev->name);
1494
1495 hci_dev_lock(hdev);
1496
1497 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1498 if (conn && conn->state == BT_CONNECTED) {
1499 hci_conn_hold(conn);
1500 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1501 hci_conn_put(conn);
1502 }
1503
1504 hci_dev_unlock(hdev);
1505 }
1506
1507 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1508 {
1509 BT_DBG("%s", hdev->name);
1510 }
1511
1512 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1513 {
1514 struct hci_ev_link_key_notify *ev = (void *) skb->data;
1515 struct hci_conn *conn;
1516
1517 BT_DBG("%s", hdev->name);
1518
1519 hci_dev_lock(hdev);
1520
1521 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1522 if (conn) {
1523 hci_conn_hold(conn);
1524 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1525 hci_conn_put(conn);
1526 }
1527
1528 hci_dev_unlock(hdev);
1529 }
1530
1531 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1532 {
1533 struct hci_ev_clock_offset *ev = (void *) skb->data;
1534 struct hci_conn *conn;
1535
1536 BT_DBG("%s status %d", hdev->name, ev->status);
1537
1538 hci_dev_lock(hdev);
1539
1540 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1541 if (conn && !ev->status) {
1542 struct inquiry_entry *ie;
1543
1544 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
1545 ie->data.clock_offset = ev->clock_offset;
1546 ie->timestamp = jiffies;
1547 }
1548 }
1549
1550 hci_dev_unlock(hdev);
1551 }
1552
1553 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1554 {
1555 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
1556 struct hci_conn *conn;
1557
1558 BT_DBG("%s status %d", hdev->name, ev->status);
1559
1560 hci_dev_lock(hdev);
1561
1562 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1563 if (conn && !ev->status)
1564 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
1565
1566 hci_dev_unlock(hdev);
1567 }
1568
1569 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1570 {
1571 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
1572 struct inquiry_entry *ie;
1573
1574 BT_DBG("%s", hdev->name);
1575
1576 hci_dev_lock(hdev);
1577
1578 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) {
1579 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1580 ie->timestamp = jiffies;
1581 }
1582
1583 hci_dev_unlock(hdev);
1584 }
1585
1586 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1587 {
1588 struct inquiry_data data;
1589 int num_rsp = *((__u8 *) skb->data);
1590
1591 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1592
1593 if (!num_rsp)
1594 return;
1595
1596 hci_dev_lock(hdev);
1597
1598 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1599 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1600
1601 for (; num_rsp; num_rsp--) {
1602 bacpy(&data.bdaddr, &info->bdaddr);
1603 data.pscan_rep_mode = info->pscan_rep_mode;
1604 data.pscan_period_mode = info->pscan_period_mode;
1605 data.pscan_mode = info->pscan_mode;
1606 memcpy(data.dev_class, info->dev_class, 3);
1607 data.clock_offset = info->clock_offset;
1608 data.rssi = info->rssi;
1609 data.ssp_mode = 0x00;
1610 info++;
1611 hci_inquiry_cache_update(hdev, &data);
1612 }
1613 } else {
1614 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1615
1616 for (; num_rsp; num_rsp--) {
1617 bacpy(&data.bdaddr, &info->bdaddr);
1618 data.pscan_rep_mode = info->pscan_rep_mode;
1619 data.pscan_period_mode = info->pscan_period_mode;
1620 data.pscan_mode = 0x00;
1621 memcpy(data.dev_class, info->dev_class, 3);
1622 data.clock_offset = info->clock_offset;
1623 data.rssi = info->rssi;
1624 data.ssp_mode = 0x00;
1625 info++;
1626 hci_inquiry_cache_update(hdev, &data);
1627 }
1628 }
1629
1630 hci_dev_unlock(hdev);
1631 }
1632
1633 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1634 {
1635 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
1636 struct hci_conn *conn;
1637
1638 BT_DBG("%s", hdev->name);
1639
1640 hci_dev_lock(hdev);
1641
1642 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1643 if (conn) {
1644 if (!ev->status && ev->page == 0x01) {
1645 struct inquiry_entry *ie;
1646
1647 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst)))
1648 ie->data.ssp_mode = (ev->features[0] & 0x01);
1649
1650 conn->ssp_mode = (ev->features[0] & 0x01);
1651 }
1652
1653 if (conn->state == BT_CONFIG) {
1654 if (!ev->status && hdev->ssp_mode > 0 &&
1655 conn->ssp_mode > 0 && conn->out &&
1656 conn->sec_level != BT_SECURITY_SDP) {
1657 struct hci_cp_auth_requested cp;
1658 cp.handle = ev->handle;
1659 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
1660 sizeof(cp), &cp);
1661 } else {
1662 conn->state = BT_CONNECTED;
1663 hci_proto_connect_cfm(conn, ev->status);
1664 hci_conn_put(conn);
1665 }
1666 }
1667 }
1668
1669 hci_dev_unlock(hdev);
1670 }
1671
1672 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1673 {
1674 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
1675 struct hci_conn *conn;
1676
1677 BT_DBG("%s status %d", hdev->name, ev->status);
1678
1679 hci_dev_lock(hdev);
1680
1681 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1682 if (!conn) {
1683 if (ev->link_type == ESCO_LINK)
1684 goto unlock;
1685
1686 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1687 if (!conn)
1688 goto unlock;
1689
1690 conn->type = SCO_LINK;
1691 }
1692
1693 switch (ev->status) {
1694 case 0x00:
1695 conn->handle = __le16_to_cpu(ev->handle);
1696 conn->state = BT_CONNECTED;
1697
1698 hci_conn_hold_device(conn);
1699 hci_conn_add_sysfs(conn);
1700 break;
1701
1702 case 0x11: /* Unsupported Feature or Parameter Value */
1703 case 0x1c: /* SCO interval rejected */
1704 case 0x1a: /* Unsupported Remote Feature */
1705 case 0x1f: /* Unspecified error */
1706 if (conn->out && conn->attempt < 2) {
1707 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
1708 (hdev->esco_type & EDR_ESCO_MASK);
1709 hci_setup_sync(conn, conn->link->handle);
1710 goto unlock;
1711 }
1712 /* fall through */
1713
1714 default:
1715 conn->state = BT_CLOSED;
1716 break;
1717 }
1718
1719 hci_proto_connect_cfm(conn, ev->status);
1720 if (ev->status)
1721 hci_conn_del(conn);
1722
1723 unlock:
1724 hci_dev_unlock(hdev);
1725 }
1726
1727 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
1728 {
1729 BT_DBG("%s", hdev->name);
1730 }
1731
1732 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
1733 {
1734 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
1735 struct hci_conn *conn;
1736
1737 BT_DBG("%s status %d", hdev->name, ev->status);
1738
1739 hci_dev_lock(hdev);
1740
1741 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1742 if (conn) {
1743 }
1744
1745 hci_dev_unlock(hdev);
1746 }
1747
1748 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1749 {
1750 struct inquiry_data data;
1751 struct extended_inquiry_info *info = (void *) (skb->data + 1);
1752 int num_rsp = *((__u8 *) skb->data);
1753
1754 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1755
1756 if (!num_rsp)
1757 return;
1758
1759 hci_dev_lock(hdev);
1760
1761 for (; num_rsp; num_rsp--) {
1762 bacpy(&data.bdaddr, &info->bdaddr);
1763 data.pscan_rep_mode = info->pscan_rep_mode;
1764 data.pscan_period_mode = info->pscan_period_mode;
1765 data.pscan_mode = 0x00;
1766 memcpy(data.dev_class, info->dev_class, 3);
1767 data.clock_offset = info->clock_offset;
1768 data.rssi = info->rssi;
1769 data.ssp_mode = 0x01;
1770 info++;
1771 hci_inquiry_cache_update(hdev, &data);
1772 }
1773
1774 hci_dev_unlock(hdev);
1775 }
1776
1777 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1778 {
1779 struct hci_ev_io_capa_request *ev = (void *) skb->data;
1780 struct hci_conn *conn;
1781
1782 BT_DBG("%s", hdev->name);
1783
1784 hci_dev_lock(hdev);
1785
1786 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1787 if (conn)
1788 hci_conn_hold(conn);
1789
1790 hci_dev_unlock(hdev);
1791 }
1792
1793 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1794 {
1795 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
1796 struct hci_conn *conn;
1797
1798 BT_DBG("%s", hdev->name);
1799
1800 hci_dev_lock(hdev);
1801
1802 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1803 if (conn)
1804 hci_conn_put(conn);
1805
1806 hci_dev_unlock(hdev);
1807 }
1808
1809 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1810 {
1811 struct hci_ev_remote_host_features *ev = (void *) skb->data;
1812 struct inquiry_entry *ie;
1813
1814 BT_DBG("%s", hdev->name);
1815
1816 hci_dev_lock(hdev);
1817
1818 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr)))
1819 ie->data.ssp_mode = (ev->features[0] & 0x01);
1820
1821 hci_dev_unlock(hdev);
1822 }
1823
1824 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
1825 {
1826 struct hci_event_hdr *hdr = (void *) skb->data;
1827 __u8 event = hdr->evt;
1828
1829 skb_pull(skb, HCI_EVENT_HDR_SIZE);
1830
1831 switch (event) {
1832 case HCI_EV_INQUIRY_COMPLETE:
1833 hci_inquiry_complete_evt(hdev, skb);
1834 break;
1835
1836 case HCI_EV_INQUIRY_RESULT:
1837 hci_inquiry_result_evt(hdev, skb);
1838 break;
1839
1840 case HCI_EV_CONN_COMPLETE:
1841 hci_conn_complete_evt(hdev, skb);
1842 break;
1843
1844 case HCI_EV_CONN_REQUEST:
1845 hci_conn_request_evt(hdev, skb);
1846 break;
1847
1848 case HCI_EV_DISCONN_COMPLETE:
1849 hci_disconn_complete_evt(hdev, skb);
1850 break;
1851
1852 case HCI_EV_AUTH_COMPLETE:
1853 hci_auth_complete_evt(hdev, skb);
1854 break;
1855
1856 case HCI_EV_REMOTE_NAME:
1857 hci_remote_name_evt(hdev, skb);
1858 break;
1859
1860 case HCI_EV_ENCRYPT_CHANGE:
1861 hci_encrypt_change_evt(hdev, skb);
1862 break;
1863
1864 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
1865 hci_change_link_key_complete_evt(hdev, skb);
1866 break;
1867
1868 case HCI_EV_REMOTE_FEATURES:
1869 hci_remote_features_evt(hdev, skb);
1870 break;
1871
1872 case HCI_EV_REMOTE_VERSION:
1873 hci_remote_version_evt(hdev, skb);
1874 break;
1875
1876 case HCI_EV_QOS_SETUP_COMPLETE:
1877 hci_qos_setup_complete_evt(hdev, skb);
1878 break;
1879
1880 case HCI_EV_CMD_COMPLETE:
1881 hci_cmd_complete_evt(hdev, skb);
1882 break;
1883
1884 case HCI_EV_CMD_STATUS:
1885 hci_cmd_status_evt(hdev, skb);
1886 break;
1887
1888 case HCI_EV_ROLE_CHANGE:
1889 hci_role_change_evt(hdev, skb);
1890 break;
1891
1892 case HCI_EV_NUM_COMP_PKTS:
1893 hci_num_comp_pkts_evt(hdev, skb);
1894 break;
1895
1896 case HCI_EV_MODE_CHANGE:
1897 hci_mode_change_evt(hdev, skb);
1898 break;
1899
1900 case HCI_EV_PIN_CODE_REQ:
1901 hci_pin_code_request_evt(hdev, skb);
1902 break;
1903
1904 case HCI_EV_LINK_KEY_REQ:
1905 hci_link_key_request_evt(hdev, skb);
1906 break;
1907
1908 case HCI_EV_LINK_KEY_NOTIFY:
1909 hci_link_key_notify_evt(hdev, skb);
1910 break;
1911
1912 case HCI_EV_CLOCK_OFFSET:
1913 hci_clock_offset_evt(hdev, skb);
1914 break;
1915
1916 case HCI_EV_PKT_TYPE_CHANGE:
1917 hci_pkt_type_change_evt(hdev, skb);
1918 break;
1919
1920 case HCI_EV_PSCAN_REP_MODE:
1921 hci_pscan_rep_mode_evt(hdev, skb);
1922 break;
1923
1924 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
1925 hci_inquiry_result_with_rssi_evt(hdev, skb);
1926 break;
1927
1928 case HCI_EV_REMOTE_EXT_FEATURES:
1929 hci_remote_ext_features_evt(hdev, skb);
1930 break;
1931
1932 case HCI_EV_SYNC_CONN_COMPLETE:
1933 hci_sync_conn_complete_evt(hdev, skb);
1934 break;
1935
1936 case HCI_EV_SYNC_CONN_CHANGED:
1937 hci_sync_conn_changed_evt(hdev, skb);
1938 break;
1939
1940 case HCI_EV_SNIFF_SUBRATE:
1941 hci_sniff_subrate_evt(hdev, skb);
1942 break;
1943
1944 case HCI_EV_EXTENDED_INQUIRY_RESULT:
1945 hci_extended_inquiry_result_evt(hdev, skb);
1946 break;
1947
1948 case HCI_EV_IO_CAPA_REQUEST:
1949 hci_io_capa_request_evt(hdev, skb);
1950 break;
1951
1952 case HCI_EV_SIMPLE_PAIR_COMPLETE:
1953 hci_simple_pair_complete_evt(hdev, skb);
1954 break;
1955
1956 case HCI_EV_REMOTE_HOST_FEATURES:
1957 hci_remote_host_features_evt(hdev, skb);
1958 break;
1959
1960 default:
1961 BT_DBG("%s event 0x%x", hdev->name, event);
1962 break;
1963 }
1964
1965 kfree_skb(skb);
1966 hdev->stat.evt_rx++;
1967 }
1968
1969 /* Generate internal stack event */
1970 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
1971 {
1972 struct hci_event_hdr *hdr;
1973 struct hci_ev_stack_internal *ev;
1974 struct sk_buff *skb;
1975
1976 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
1977 if (!skb)
1978 return;
1979
1980 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
1981 hdr->evt = HCI_EV_STACK_INTERNAL;
1982 hdr->plen = sizeof(*ev) + dlen;
1983
1984 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
1985 ev->type = type;
1986 memcpy(ev->data, data, dlen);
1987
1988 bt_cb(skb)->incoming = 1;
1989 __net_timestamp(skb);
1990
1991 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1992 skb->dev = (void *) hdev;
1993 hci_send_to_sock(hdev, skb);
1994 kfree_skb(skb);
1995 }
ubuntu-zesty-kernel mirror