2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 static bool enable_le;
50 /* Handle HCI Event packets */
52 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
54 __u8 status = *((__u8 *) skb->data);
56 BT_DBG("%s status 0x%x", hdev->name, status);
60 mgmt_stop_discovery_failed(hdev, status);
65 clear_bit(HCI_INQUIRY, &hdev->flags);
68 mgmt_discovering(hdev, 0);
71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
73 hci_conn_check_pending(hdev);
76 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
78 __u8 status = *((__u8 *) skb->data);
80 BT_DBG("%s status 0x%x", hdev->name, status);
85 hci_conn_check_pending(hdev);
88 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
168 hdev->link_policy = __le16_to_cpu(rp->policy);
171 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
173 __u8 status = *((__u8 *) skb->data);
176 BT_DBG("%s status 0x%x", hdev->name, status);
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
183 hdev->link_policy = get_unaligned_le16(sent);
185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
188 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
190 __u8 status = *((__u8 *) skb->data);
192 BT_DBG("%s status 0x%x", hdev->name, status);
194 clear_bit(HCI_RESET, &hdev->flags);
196 hci_req_complete(hdev, HCI_OP_RESET, status);
201 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
203 __u8 status = *((__u8 *) skb->data);
206 BT_DBG("%s status 0x%x", hdev->name, status);
208 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
214 if (test_bit(HCI_MGMT, &hdev->flags))
215 mgmt_set_local_name_complete(hdev, sent, status);
218 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
220 hci_dev_unlock(hdev);
223 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225 struct hci_rp_read_local_name *rp = (void *) skb->data;
227 BT_DBG("%s status 0x%x", hdev->name, rp->status);
232 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
235 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
237 __u8 status = *((__u8 *) skb->data);
240 BT_DBG("%s status 0x%x", hdev->name, status);
242 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
247 __u8 param = *((__u8 *) sent);
249 if (param == AUTH_ENABLED)
250 set_bit(HCI_AUTH, &hdev->flags);
252 clear_bit(HCI_AUTH, &hdev->flags);
255 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
258 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
260 __u8 status = *((__u8 *) skb->data);
263 BT_DBG("%s status 0x%x", hdev->name, status);
265 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
270 __u8 param = *((__u8 *) sent);
273 set_bit(HCI_ENCRYPT, &hdev->flags);
275 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
281 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283 __u8 param, status = *((__u8 *) skb->data);
284 int old_pscan, old_iscan;
287 BT_DBG("%s status 0x%x", hdev->name, status);
289 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
293 param = *((__u8 *) sent);
298 mgmt_write_scan_failed(hdev, param, status);
299 hdev->discov_timeout = 0;
303 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
304 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306 if (param & SCAN_INQUIRY) {
307 set_bit(HCI_ISCAN, &hdev->flags);
309 mgmt_discoverable(hdev, 1);
310 if (hdev->discov_timeout > 0) {
311 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
312 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 } else if (old_iscan)
316 mgmt_discoverable(hdev, 0);
318 if (param & SCAN_PAGE) {
319 set_bit(HCI_PSCAN, &hdev->flags);
321 mgmt_connectable(hdev, 1);
322 } else if (old_pscan)
323 mgmt_connectable(hdev, 0);
326 hci_dev_unlock(hdev);
327 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
330 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
334 BT_DBG("%s status 0x%x", hdev->name, rp->status);
339 memcpy(hdev->dev_class, rp->dev_class, 3);
341 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
342 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347 __u8 status = *((__u8 *) skb->data);
350 BT_DBG("%s status 0x%x", hdev->name, status);
355 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
359 memcpy(hdev->dev_class, sent, 3);
362 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 BT_DBG("%s status 0x%x", hdev->name, rp->status);
372 setting = __le16_to_cpu(rp->voice_setting);
374 if (hdev->voice_setting == setting)
377 hdev->voice_setting = setting;
379 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387 __u8 status = *((__u8 *) skb->data);
391 BT_DBG("%s status 0x%x", hdev->name, status);
396 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
400 setting = get_unaligned_le16(sent);
402 if (hdev->voice_setting == setting)
405 hdev->voice_setting = setting;
407 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
410 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
413 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
415 __u8 status = *((__u8 *) skb->data);
417 BT_DBG("%s status 0x%x", hdev->name, status);
419 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
422 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
426 BT_DBG("%s status 0x%x", hdev->name, rp->status);
431 hdev->ssp_mode = rp->mode;
434 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
436 __u8 status = *((__u8 *) skb->data);
439 BT_DBG("%s status 0x%x", hdev->name, status);
444 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 hdev->ssp_mode = *((__u8 *) sent);
451 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
453 if (hdev->features[6] & LMP_EXT_INQ)
456 if (hdev->features[3] & LMP_RSSI_INQ)
459 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
460 hdev->lmp_subver == 0x0757)
463 if (hdev->manufacturer == 15) {
464 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
466 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
468 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
472 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
473 hdev->lmp_subver == 0x1805)
479 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
483 mode = hci_get_inquiry_mode(hdev);
485 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
488 static void hci_setup_event_mask(struct hci_dev *hdev)
490 /* The second byte is 0xff instead of 0x9f (two reserved bits
491 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
492 * command otherwise */
493 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
495 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
496 * any event mask for pre 1.2 devices */
497 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
500 events[4] |= 0x01; /* Flow Specification Complete */
501 events[4] |= 0x02; /* Inquiry Result with RSSI */
502 events[4] |= 0x04; /* Read Remote Extended Features Complete */
503 events[5] |= 0x08; /* Synchronous Connection Complete */
504 events[5] |= 0x10; /* Synchronous Connection Changed */
506 if (hdev->features[3] & LMP_RSSI_INQ)
507 events[4] |= 0x04; /* Inquiry Result with RSSI */
509 if (hdev->features[5] & LMP_SNIFF_SUBR)
510 events[5] |= 0x20; /* Sniff Subrating */
512 if (hdev->features[5] & LMP_PAUSE_ENC)
513 events[5] |= 0x80; /* Encryption Key Refresh Complete */
515 if (hdev->features[6] & LMP_EXT_INQ)
516 events[5] |= 0x40; /* Extended Inquiry Result */
518 if (hdev->features[6] & LMP_NO_FLUSH)
519 events[7] |= 0x01; /* Enhanced Flush Complete */
521 if (hdev->features[7] & LMP_LSTO)
522 events[6] |= 0x80; /* Link Supervision Timeout Changed */
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
525 events[6] |= 0x01; /* IO Capability Request */
526 events[6] |= 0x02; /* IO Capability Response */
527 events[6] |= 0x04; /* User Confirmation Request */
528 events[6] |= 0x08; /* User Passkey Request */
529 events[6] |= 0x10; /* Remote OOB Data Request */
530 events[6] |= 0x20; /* Simple Pairing Complete */
531 events[7] |= 0x04; /* User Passkey Notification */
532 events[7] |= 0x08; /* Keypress Notification */
533 events[7] |= 0x10; /* Remote Host Supported
534 * Features Notification */
537 if (hdev->features[4] & LMP_LE)
538 events[7] |= 0x20; /* LE Meta-Event */
540 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
543 static void hci_set_le_support(struct hci_dev *hdev)
545 struct hci_cp_write_le_host_supported cp;
547 memset(&cp, 0, sizeof(cp));
551 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
554 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
557 static void hci_setup(struct hci_dev *hdev)
559 if (hdev->dev_type != HCI_BREDR)
562 hci_setup_event_mask(hdev);
564 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
565 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
567 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
569 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
572 if (hdev->features[3] & LMP_RSSI_INQ)
573 hci_setup_inquiry_mode(hdev);
575 if (hdev->features[7] & LMP_INQ_TX_PWR)
576 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
578 if (hdev->features[7] & LMP_EXTFEATURES) {
579 struct hci_cp_read_local_ext_features cp;
582 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
586 if (hdev->features[4] & LMP_LE)
587 hci_set_le_support(hdev);
590 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
592 struct hci_rp_read_local_version *rp = (void *) skb->data;
594 BT_DBG("%s status 0x%x", hdev->name, rp->status);
599 hdev->hci_ver = rp->hci_ver;
600 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
601 hdev->lmp_ver = rp->lmp_ver;
602 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
603 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
605 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
607 hdev->hci_ver, hdev->hci_rev);
609 if (test_bit(HCI_INIT, &hdev->flags))
613 static void hci_setup_link_policy(struct hci_dev *hdev)
617 if (hdev->features[0] & LMP_RSWITCH)
618 link_policy |= HCI_LP_RSWITCH;
619 if (hdev->features[0] & LMP_HOLD)
620 link_policy |= HCI_LP_HOLD;
621 if (hdev->features[0] & LMP_SNIFF)
622 link_policy |= HCI_LP_SNIFF;
623 if (hdev->features[1] & LMP_PARK)
624 link_policy |= HCI_LP_PARK;
626 link_policy = cpu_to_le16(link_policy);
627 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
628 sizeof(link_policy), &link_policy);
631 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
633 struct hci_rp_read_local_commands *rp = (void *) skb->data;
635 BT_DBG("%s status 0x%x", hdev->name, rp->status);
640 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
642 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
643 hci_setup_link_policy(hdev);
646 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
649 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
651 struct hci_rp_read_local_features *rp = (void *) skb->data;
653 BT_DBG("%s status 0x%x", hdev->name, rp->status);
658 memcpy(hdev->features, rp->features, 8);
660 /* Adjust default settings according to features
661 * supported by device. */
663 if (hdev->features[0] & LMP_3SLOT)
664 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
666 if (hdev->features[0] & LMP_5SLOT)
667 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
669 if (hdev->features[1] & LMP_HV2) {
670 hdev->pkt_type |= (HCI_HV2);
671 hdev->esco_type |= (ESCO_HV2);
674 if (hdev->features[1] & LMP_HV3) {
675 hdev->pkt_type |= (HCI_HV3);
676 hdev->esco_type |= (ESCO_HV3);
679 if (hdev->features[3] & LMP_ESCO)
680 hdev->esco_type |= (ESCO_EV3);
682 if (hdev->features[4] & LMP_EV4)
683 hdev->esco_type |= (ESCO_EV4);
685 if (hdev->features[4] & LMP_EV5)
686 hdev->esco_type |= (ESCO_EV5);
688 if (hdev->features[5] & LMP_EDR_ESCO_2M)
689 hdev->esco_type |= (ESCO_2EV3);
691 if (hdev->features[5] & LMP_EDR_ESCO_3M)
692 hdev->esco_type |= (ESCO_3EV3);
694 if (hdev->features[5] & LMP_EDR_3S_ESCO)
695 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
697 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
698 hdev->features[0], hdev->features[1],
699 hdev->features[2], hdev->features[3],
700 hdev->features[4], hdev->features[5],
701 hdev->features[6], hdev->features[7]);
704 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
707 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
709 BT_DBG("%s status 0x%x", hdev->name, rp->status);
716 memcpy(hdev->features, rp->features, 8);
719 memcpy(hdev->host_features, rp->features, 8);
723 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
726 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
729 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
731 BT_DBG("%s status 0x%x", hdev->name, rp->status);
736 hdev->flow_ctl_mode = rp->mode;
738 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
741 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
743 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
745 BT_DBG("%s status 0x%x", hdev->name, rp->status);
750 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
751 hdev->sco_mtu = rp->sco_mtu;
752 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
753 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
755 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
760 hdev->acl_cnt = hdev->acl_pkts;
761 hdev->sco_cnt = hdev->sco_pkts;
763 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
764 hdev->acl_mtu, hdev->acl_pkts,
765 hdev->sco_mtu, hdev->sco_pkts);
768 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
770 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
772 BT_DBG("%s status 0x%x", hdev->name, rp->status);
775 bacpy(&hdev->bdaddr, &rp->bdaddr);
777 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
780 static void hci_cc_read_data_block_size(struct hci_dev *hdev,
783 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
785 BT_DBG("%s status 0x%x", hdev->name, rp->status);
790 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
791 hdev->block_len = __le16_to_cpu(rp->block_len);
792 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
794 hdev->block_cnt = hdev->num_blocks;
796 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
797 hdev->block_cnt, hdev->block_len);
799 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
802 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
804 __u8 status = *((__u8 *) skb->data);
806 BT_DBG("%s status 0x%x", hdev->name, status);
808 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
811 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
814 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
816 BT_DBG("%s status 0x%x", hdev->name, rp->status);
821 hdev->amp_status = rp->amp_status;
822 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
823 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
824 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
825 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
826 hdev->amp_type = rp->amp_type;
827 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
828 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
829 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
830 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
832 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
835 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
838 __u8 status = *((__u8 *) skb->data);
840 BT_DBG("%s status 0x%x", hdev->name, status);
842 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
845 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
847 __u8 status = *((__u8 *) skb->data);
849 BT_DBG("%s status 0x%x", hdev->name, status);
851 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
854 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
857 __u8 status = *((__u8 *) skb->data);
859 BT_DBG("%s status 0x%x", hdev->name, status);
861 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
864 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
867 __u8 status = *((__u8 *) skb->data);
869 BT_DBG("%s status 0x%x", hdev->name, status);
871 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
874 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
876 __u8 status = *((__u8 *) skb->data);
878 BT_DBG("%s status 0x%x", hdev->name, status);
880 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
883 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
885 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
886 struct hci_cp_pin_code_reply *cp;
887 struct hci_conn *conn;
889 BT_DBG("%s status 0x%x", hdev->name, rp->status);
893 if (test_bit(HCI_MGMT, &hdev->flags))
894 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
899 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
903 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
905 conn->pin_length = cp->pin_len;
908 hci_dev_unlock(hdev);
911 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
913 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
915 BT_DBG("%s status 0x%x", hdev->name, rp->status);
919 if (test_bit(HCI_MGMT, &hdev->flags))
920 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
923 hci_dev_unlock(hdev);
926 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
929 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
931 BT_DBG("%s status 0x%x", hdev->name, rp->status);
936 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
937 hdev->le_pkts = rp->le_max_pkt;
939 hdev->le_cnt = hdev->le_pkts;
941 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
943 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
946 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
948 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
950 BT_DBG("%s status 0x%x", hdev->name, rp->status);
954 if (test_bit(HCI_MGMT, &hdev->flags))
955 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
958 hci_dev_unlock(hdev);
961 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
964 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
966 BT_DBG("%s status 0x%x", hdev->name, rp->status);
970 if (test_bit(HCI_MGMT, &hdev->flags))
971 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
974 hci_dev_unlock(hdev);
977 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
979 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
981 BT_DBG("%s status 0x%x", hdev->name, rp->status);
985 if (test_bit(HCI_MGMT, &hdev->flags))
986 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
989 hci_dev_unlock(hdev);
992 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
995 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
997 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1001 if (test_bit(HCI_MGMT, &hdev->flags))
1002 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1005 hci_dev_unlock(hdev);
1008 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1009 struct sk_buff *skb)
1011 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1013 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1016 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
1017 rp->randomizer, rp->status);
1018 hci_dev_unlock(hdev);
1021 static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1023 __u8 status = *((__u8 *) skb->data);
1025 BT_DBG("%s status 0x%x", hdev->name, status);
1028 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1029 struct sk_buff *skb)
1031 struct hci_cp_le_set_scan_enable *cp;
1032 __u8 status = *((__u8 *) skb->data);
1034 BT_DBG("%s status 0x%x", hdev->name, status);
1039 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1043 switch (cp->enable) {
1044 case LE_SCANNING_ENABLED:
1045 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1047 cancel_delayed_work_sync(&hdev->adv_work);
1050 hci_adv_entries_clear(hdev);
1051 hci_dev_unlock(hdev);
1054 case LE_SCANNING_DISABLED:
1055 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1057 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
1061 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1066 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1068 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1070 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1075 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1078 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1080 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1082 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1087 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1090 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1091 struct sk_buff *skb)
1093 struct hci_cp_read_local_ext_features cp;
1094 __u8 status = *((__u8 *) skb->data);
1096 BT_DBG("%s status 0x%x", hdev->name, status);
1102 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1105 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1107 BT_DBG("%s status 0x%x", hdev->name, status);
1110 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1111 hci_conn_check_pending(hdev);
1113 if (test_bit(HCI_MGMT, &hdev->flags))
1114 mgmt_start_discovery_failed(hdev, status);
1115 hci_dev_unlock(hdev);
1119 set_bit(HCI_INQUIRY, &hdev->flags);
1122 mgmt_discovering(hdev, 1);
1123 hci_dev_unlock(hdev);
1126 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1128 struct hci_cp_create_conn *cp;
1129 struct hci_conn *conn;
1131 BT_DBG("%s status 0x%x", hdev->name, status);
1133 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1139 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1141 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1144 if (conn && conn->state == BT_CONNECT) {
1145 if (status != 0x0c || conn->attempt > 2) {
1146 conn->state = BT_CLOSED;
1147 hci_proto_connect_cfm(conn, status);
1150 conn->state = BT_CONNECT2;
1154 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1157 conn->link_mode |= HCI_LM_MASTER;
1159 BT_ERR("No memory for new connection");
1163 hci_dev_unlock(hdev);
1166 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1168 struct hci_cp_add_sco *cp;
1169 struct hci_conn *acl, *sco;
1172 BT_DBG("%s status 0x%x", hdev->name, status);
1177 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1181 handle = __le16_to_cpu(cp->handle);
1183 BT_DBG("%s handle %d", hdev->name, handle);
1187 acl = hci_conn_hash_lookup_handle(hdev, handle);
1191 sco->state = BT_CLOSED;
1193 hci_proto_connect_cfm(sco, status);
1198 hci_dev_unlock(hdev);
1201 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1203 struct hci_cp_auth_requested *cp;
1204 struct hci_conn *conn;
1206 BT_DBG("%s status 0x%x", hdev->name, status);
1211 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1217 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1219 if (conn->state == BT_CONFIG) {
1220 hci_proto_connect_cfm(conn, status);
1225 hci_dev_unlock(hdev);
1228 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1230 struct hci_cp_set_conn_encrypt *cp;
1231 struct hci_conn *conn;
1233 BT_DBG("%s status 0x%x", hdev->name, status);
1238 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1244 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1246 if (conn->state == BT_CONFIG) {
1247 hci_proto_connect_cfm(conn, status);
1252 hci_dev_unlock(hdev);
1255 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1256 struct hci_conn *conn)
1258 if (conn->state != BT_CONFIG || !conn->out)
1261 if (conn->pending_sec_level == BT_SECURITY_SDP)
1264 /* Only request authentication for SSP connections or non-SSP
1265 * devices with sec_level HIGH or if MITM protection is requested */
1266 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
1267 conn->pending_sec_level != BT_SECURITY_HIGH &&
1268 !(conn->auth_type & 0x01))
1274 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1276 struct hci_cp_remote_name_req *cp;
1277 struct hci_conn *conn;
1279 BT_DBG("%s status 0x%x", hdev->name, status);
1281 /* If successful wait for the name req complete event before
1282 * checking for the need to do authentication */
1286 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1292 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1296 if (!hci_outgoing_auth_needed(hdev, conn))
1299 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1300 struct hci_cp_auth_requested cp;
1301 cp.handle = __cpu_to_le16(conn->handle);
1302 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1306 hci_dev_unlock(hdev);
1309 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1311 struct hci_cp_read_remote_features *cp;
1312 struct hci_conn *conn;
1314 BT_DBG("%s status 0x%x", hdev->name, status);
1319 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1325 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1327 if (conn->state == BT_CONFIG) {
1328 hci_proto_connect_cfm(conn, status);
1333 hci_dev_unlock(hdev);
1336 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1338 struct hci_cp_read_remote_ext_features *cp;
1339 struct hci_conn *conn;
1341 BT_DBG("%s status 0x%x", hdev->name, status);
1346 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1352 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1354 if (conn->state == BT_CONFIG) {
1355 hci_proto_connect_cfm(conn, status);
1360 hci_dev_unlock(hdev);
1363 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1365 struct hci_cp_setup_sync_conn *cp;
1366 struct hci_conn *acl, *sco;
1369 BT_DBG("%s status 0x%x", hdev->name, status);
1374 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1378 handle = __le16_to_cpu(cp->handle);
1380 BT_DBG("%s handle %d", hdev->name, handle);
1384 acl = hci_conn_hash_lookup_handle(hdev, handle);
1388 sco->state = BT_CLOSED;
1390 hci_proto_connect_cfm(sco, status);
1395 hci_dev_unlock(hdev);
1398 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1400 struct hci_cp_sniff_mode *cp;
1401 struct hci_conn *conn;
1403 BT_DBG("%s status 0x%x", hdev->name, status);
1408 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1414 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1416 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1418 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1419 hci_sco_setup(conn, status);
1422 hci_dev_unlock(hdev);
1425 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1427 struct hci_cp_exit_sniff_mode *cp;
1428 struct hci_conn *conn;
1430 BT_DBG("%s status 0x%x", hdev->name, status);
1435 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1441 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1443 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1445 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1446 hci_sco_setup(conn, status);
1449 hci_dev_unlock(hdev);
1452 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1454 struct hci_cp_le_create_conn *cp;
1455 struct hci_conn *conn;
1457 BT_DBG("%s status 0x%x", hdev->name, status);
1459 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1465 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1467 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1471 if (conn && conn->state == BT_CONNECT) {
1472 conn->state = BT_CLOSED;
1473 hci_proto_connect_cfm(conn, status);
1478 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1480 conn->dst_type = cp->peer_addr_type;
1483 BT_ERR("No memory for new connection");
1488 hci_dev_unlock(hdev);
1491 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1493 BT_DBG("%s status 0x%x", hdev->name, status);
1496 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1498 __u8 status = *((__u8 *) skb->data);
1500 BT_DBG("%s status %d", hdev->name, status);
1502 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1504 hci_conn_check_pending(hdev);
1506 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1510 mgmt_discovering(hdev, 0);
1511 hci_dev_unlock(hdev);
1514 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1516 struct inquiry_data data;
1517 struct inquiry_info *info = (void *) (skb->data + 1);
1518 int num_rsp = *((__u8 *) skb->data);
1520 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1527 for (; num_rsp; num_rsp--, info++) {
1530 bacpy(&data.bdaddr, &info->bdaddr);
1531 data.pscan_rep_mode = info->pscan_rep_mode;
1532 data.pscan_period_mode = info->pscan_period_mode;
1533 data.pscan_mode = info->pscan_mode;
1534 memcpy(data.dev_class, info->dev_class, 3);
1535 data.clock_offset = info->clock_offset;
1537 data.ssp_mode = 0x00;
1539 name_known = hci_inquiry_cache_update(hdev, &data, false);
1540 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1541 info->dev_class, 0, !name_known, NULL);
1544 hci_dev_unlock(hdev);
1547 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1549 struct hci_ev_conn_complete *ev = (void *) skb->data;
1550 struct hci_conn *conn;
1552 BT_DBG("%s", hdev->name);
1556 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1558 if (ev->link_type != SCO_LINK)
1561 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1565 conn->type = SCO_LINK;
1569 conn->handle = __le16_to_cpu(ev->handle);
1571 if (conn->type == ACL_LINK) {
1572 conn->state = BT_CONFIG;
1573 hci_conn_hold(conn);
1574 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1575 mgmt_connected(hdev, &ev->bdaddr, conn->type,
1578 conn->state = BT_CONNECTED;
1580 hci_conn_hold_device(conn);
1581 hci_conn_add_sysfs(conn);
1583 if (test_bit(HCI_AUTH, &hdev->flags))
1584 conn->link_mode |= HCI_LM_AUTH;
1586 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1587 conn->link_mode |= HCI_LM_ENCRYPT;
1589 /* Get remote features */
1590 if (conn->type == ACL_LINK) {
1591 struct hci_cp_read_remote_features cp;
1592 cp.handle = ev->handle;
1593 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1597 /* Set packet type for incoming connection */
1598 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1599 struct hci_cp_change_conn_ptype cp;
1600 cp.handle = ev->handle;
1601 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1602 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1606 conn->state = BT_CLOSED;
1607 if (conn->type == ACL_LINK)
1608 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1609 conn->dst_type, ev->status);
1612 if (conn->type == ACL_LINK)
1613 hci_sco_setup(conn, ev->status);
1616 hci_proto_connect_cfm(conn, ev->status);
1618 } else if (ev->link_type != ACL_LINK)
1619 hci_proto_connect_cfm(conn, ev->status);
1622 hci_dev_unlock(hdev);
1624 hci_conn_check_pending(hdev);
1627 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1629 struct hci_ev_conn_request *ev = (void *) skb->data;
1630 int mask = hdev->link_mode;
1632 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1633 batostr(&ev->bdaddr), ev->link_type);
1635 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1637 if ((mask & HCI_LM_ACCEPT) &&
1638 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1639 /* Connection accepted */
1640 struct inquiry_entry *ie;
1641 struct hci_conn *conn;
1645 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1647 memcpy(ie->data.dev_class, ev->dev_class, 3);
1649 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1651 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1653 BT_ERR("No memory for new connection");
1654 hci_dev_unlock(hdev);
1659 memcpy(conn->dev_class, ev->dev_class, 3);
1660 conn->state = BT_CONNECT;
1662 hci_dev_unlock(hdev);
1664 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1665 struct hci_cp_accept_conn_req cp;
1667 bacpy(&cp.bdaddr, &ev->bdaddr);
1669 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1670 cp.role = 0x00; /* Become master */
1672 cp.role = 0x01; /* Remain slave */
1674 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1677 struct hci_cp_accept_sync_conn_req cp;
1679 bacpy(&cp.bdaddr, &ev->bdaddr);
1680 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1682 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1683 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1684 cp.max_latency = cpu_to_le16(0xffff);
1685 cp.content_format = cpu_to_le16(hdev->voice_setting);
1686 cp.retrans_effort = 0xff;
1688 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1692 /* Connection rejected */
1693 struct hci_cp_reject_conn_req cp;
1695 bacpy(&cp.bdaddr, &ev->bdaddr);
1696 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
1697 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1701 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1703 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1704 struct hci_conn *conn;
1706 BT_DBG("%s status %d", hdev->name, ev->status);
1710 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1714 if (ev->status == 0)
1715 conn->state = BT_CLOSED;
1717 if (conn->type == ACL_LINK || conn->type == LE_LINK) {
1718 if (ev->status != 0)
1719 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1721 mgmt_disconnected(hdev, &conn->dst, conn->type,
1725 if (ev->status == 0) {
1726 hci_proto_disconn_cfm(conn, ev->reason);
1731 hci_dev_unlock(hdev);
1734 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1736 struct hci_ev_auth_complete *ev = (void *) skb->data;
1737 struct hci_conn *conn;
1739 BT_DBG("%s status %d", hdev->name, ev->status);
1743 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1748 if (!(conn->ssp_mode > 0 && hdev->ssp_mode > 0) &&
1749 test_bit(HCI_CONN_REAUTH_PEND, &conn->pend)) {
1750 BT_INFO("re-auth of legacy device is not possible.");
1752 conn->link_mode |= HCI_LM_AUTH;
1753 conn->sec_level = conn->pending_sec_level;
1756 mgmt_auth_failed(hdev, &conn->dst, ev->status);
1759 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1760 clear_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1762 if (conn->state == BT_CONFIG) {
1763 if (!ev->status && hdev->ssp_mode > 0 && conn->ssp_mode > 0) {
1764 struct hci_cp_set_conn_encrypt cp;
1765 cp.handle = ev->handle;
1767 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1770 conn->state = BT_CONNECTED;
1771 hci_proto_connect_cfm(conn, ev->status);
1775 hci_auth_cfm(conn, ev->status);
1777 hci_conn_hold(conn);
1778 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1782 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1784 struct hci_cp_set_conn_encrypt cp;
1785 cp.handle = ev->handle;
1787 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1790 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1791 hci_encrypt_cfm(conn, ev->status, 0x00);
1796 hci_dev_unlock(hdev);
1799 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1801 struct hci_ev_remote_name *ev = (void *) skb->data;
1802 struct hci_conn *conn;
1804 BT_DBG("%s", hdev->name);
1806 hci_conn_check_pending(hdev);
1810 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1811 mgmt_remote_name(hdev, &ev->bdaddr, ev->name);
1813 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1817 if (!hci_outgoing_auth_needed(hdev, conn))
1820 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1821 struct hci_cp_auth_requested cp;
1822 cp.handle = __cpu_to_le16(conn->handle);
1823 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1827 hci_dev_unlock(hdev);
1830 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1832 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1833 struct hci_conn *conn;
1835 BT_DBG("%s status %d", hdev->name, ev->status);
1839 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1843 /* Encryption implies authentication */
1844 conn->link_mode |= HCI_LM_AUTH;
1845 conn->link_mode |= HCI_LM_ENCRYPT;
1846 conn->sec_level = conn->pending_sec_level;
1848 conn->link_mode &= ~HCI_LM_ENCRYPT;
1851 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1853 if (conn->state == BT_CONFIG) {
1855 conn->state = BT_CONNECTED;
1857 hci_proto_connect_cfm(conn, ev->status);
1860 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1863 hci_dev_unlock(hdev);
1866 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1868 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1869 struct hci_conn *conn;
1871 BT_DBG("%s status %d", hdev->name, ev->status);
1875 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1878 conn->link_mode |= HCI_LM_SECURE;
1880 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1882 hci_key_change_cfm(conn, ev->status);
1885 hci_dev_unlock(hdev);
1888 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1890 struct hci_ev_remote_features *ev = (void *) skb->data;
1891 struct hci_conn *conn;
1893 BT_DBG("%s status %d", hdev->name, ev->status);
1897 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1902 memcpy(conn->features, ev->features, 8);
1904 if (conn->state != BT_CONFIG)
1907 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1908 struct hci_cp_read_remote_ext_features cp;
1909 cp.handle = ev->handle;
1911 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1917 struct hci_cp_remote_name_req cp;
1918 memset(&cp, 0, sizeof(cp));
1919 bacpy(&cp.bdaddr, &conn->dst);
1920 cp.pscan_rep_mode = 0x02;
1921 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1924 if (!hci_outgoing_auth_needed(hdev, conn)) {
1925 conn->state = BT_CONNECTED;
1926 hci_proto_connect_cfm(conn, ev->status);
1931 hci_dev_unlock(hdev);
1934 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1936 BT_DBG("%s", hdev->name);
1939 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1941 BT_DBG("%s", hdev->name);
1944 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1946 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1949 skb_pull(skb, sizeof(*ev));
1951 opcode = __le16_to_cpu(ev->opcode);
1954 case HCI_OP_INQUIRY_CANCEL:
1955 hci_cc_inquiry_cancel(hdev, skb);
1958 case HCI_OP_EXIT_PERIODIC_INQ:
1959 hci_cc_exit_periodic_inq(hdev, skb);
1962 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1963 hci_cc_remote_name_req_cancel(hdev, skb);
1966 case HCI_OP_ROLE_DISCOVERY:
1967 hci_cc_role_discovery(hdev, skb);
1970 case HCI_OP_READ_LINK_POLICY:
1971 hci_cc_read_link_policy(hdev, skb);
1974 case HCI_OP_WRITE_LINK_POLICY:
1975 hci_cc_write_link_policy(hdev, skb);
1978 case HCI_OP_READ_DEF_LINK_POLICY:
1979 hci_cc_read_def_link_policy(hdev, skb);
1982 case HCI_OP_WRITE_DEF_LINK_POLICY:
1983 hci_cc_write_def_link_policy(hdev, skb);
1987 hci_cc_reset(hdev, skb);
1990 case HCI_OP_WRITE_LOCAL_NAME:
1991 hci_cc_write_local_name(hdev, skb);
1994 case HCI_OP_READ_LOCAL_NAME:
1995 hci_cc_read_local_name(hdev, skb);
1998 case HCI_OP_WRITE_AUTH_ENABLE:
1999 hci_cc_write_auth_enable(hdev, skb);
2002 case HCI_OP_WRITE_ENCRYPT_MODE:
2003 hci_cc_write_encrypt_mode(hdev, skb);
2006 case HCI_OP_WRITE_SCAN_ENABLE:
2007 hci_cc_write_scan_enable(hdev, skb);
2010 case HCI_OP_READ_CLASS_OF_DEV:
2011 hci_cc_read_class_of_dev(hdev, skb);
2014 case HCI_OP_WRITE_CLASS_OF_DEV:
2015 hci_cc_write_class_of_dev(hdev, skb);
2018 case HCI_OP_READ_VOICE_SETTING:
2019 hci_cc_read_voice_setting(hdev, skb);
2022 case HCI_OP_WRITE_VOICE_SETTING:
2023 hci_cc_write_voice_setting(hdev, skb);
2026 case HCI_OP_HOST_BUFFER_SIZE:
2027 hci_cc_host_buffer_size(hdev, skb);
2030 case HCI_OP_READ_SSP_MODE:
2031 hci_cc_read_ssp_mode(hdev, skb);
2034 case HCI_OP_WRITE_SSP_MODE:
2035 hci_cc_write_ssp_mode(hdev, skb);
2038 case HCI_OP_READ_LOCAL_VERSION:
2039 hci_cc_read_local_version(hdev, skb);
2042 case HCI_OP_READ_LOCAL_COMMANDS:
2043 hci_cc_read_local_commands(hdev, skb);
2046 case HCI_OP_READ_LOCAL_FEATURES:
2047 hci_cc_read_local_features(hdev, skb);
2050 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2051 hci_cc_read_local_ext_features(hdev, skb);
2054 case HCI_OP_READ_BUFFER_SIZE:
2055 hci_cc_read_buffer_size(hdev, skb);
2058 case HCI_OP_READ_BD_ADDR:
2059 hci_cc_read_bd_addr(hdev, skb);
2062 case HCI_OP_READ_DATA_BLOCK_SIZE:
2063 hci_cc_read_data_block_size(hdev, skb);
2066 case HCI_OP_WRITE_CA_TIMEOUT:
2067 hci_cc_write_ca_timeout(hdev, skb);
2070 case HCI_OP_READ_FLOW_CONTROL_MODE:
2071 hci_cc_read_flow_control_mode(hdev, skb);
2074 case HCI_OP_READ_LOCAL_AMP_INFO:
2075 hci_cc_read_local_amp_info(hdev, skb);
2078 case HCI_OP_DELETE_STORED_LINK_KEY:
2079 hci_cc_delete_stored_link_key(hdev, skb);
2082 case HCI_OP_SET_EVENT_MASK:
2083 hci_cc_set_event_mask(hdev, skb);
2086 case HCI_OP_WRITE_INQUIRY_MODE:
2087 hci_cc_write_inquiry_mode(hdev, skb);
2090 case HCI_OP_READ_INQ_RSP_TX_POWER:
2091 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2094 case HCI_OP_SET_EVENT_FLT:
2095 hci_cc_set_event_flt(hdev, skb);
2098 case HCI_OP_PIN_CODE_REPLY:
2099 hci_cc_pin_code_reply(hdev, skb);
2102 case HCI_OP_PIN_CODE_NEG_REPLY:
2103 hci_cc_pin_code_neg_reply(hdev, skb);
2106 case HCI_OP_READ_LOCAL_OOB_DATA:
2107 hci_cc_read_local_oob_data_reply(hdev, skb);
2110 case HCI_OP_LE_READ_BUFFER_SIZE:
2111 hci_cc_le_read_buffer_size(hdev, skb);
2114 case HCI_OP_USER_CONFIRM_REPLY:
2115 hci_cc_user_confirm_reply(hdev, skb);
2118 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2119 hci_cc_user_confirm_neg_reply(hdev, skb);
2122 case HCI_OP_USER_PASSKEY_REPLY:
2123 hci_cc_user_passkey_reply(hdev, skb);
2126 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2127 hci_cc_user_passkey_neg_reply(hdev, skb);
2129 case HCI_OP_LE_SET_SCAN_PARAM:
2130 hci_cc_le_set_scan_param(hdev, skb);
2133 case HCI_OP_LE_SET_SCAN_ENABLE:
2134 hci_cc_le_set_scan_enable(hdev, skb);
2137 case HCI_OP_LE_LTK_REPLY:
2138 hci_cc_le_ltk_reply(hdev, skb);
2141 case HCI_OP_LE_LTK_NEG_REPLY:
2142 hci_cc_le_ltk_neg_reply(hdev, skb);
2145 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2146 hci_cc_write_le_host_supported(hdev, skb);
2150 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2154 if (ev->opcode != HCI_OP_NOP)
2155 del_timer(&hdev->cmd_timer);
2158 atomic_set(&hdev->cmd_cnt, 1);
2159 if (!skb_queue_empty(&hdev->cmd_q))
2160 queue_work(hdev->workqueue, &hdev->cmd_work);
2164 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2166 struct hci_ev_cmd_status *ev = (void *) skb->data;
2169 skb_pull(skb, sizeof(*ev));
2171 opcode = __le16_to_cpu(ev->opcode);
2174 case HCI_OP_INQUIRY:
2175 hci_cs_inquiry(hdev, ev->status);
2178 case HCI_OP_CREATE_CONN:
2179 hci_cs_create_conn(hdev, ev->status);
2182 case HCI_OP_ADD_SCO:
2183 hci_cs_add_sco(hdev, ev->status);
2186 case HCI_OP_AUTH_REQUESTED:
2187 hci_cs_auth_requested(hdev, ev->status);
2190 case HCI_OP_SET_CONN_ENCRYPT:
2191 hci_cs_set_conn_encrypt(hdev, ev->status);
2194 case HCI_OP_REMOTE_NAME_REQ:
2195 hci_cs_remote_name_req(hdev, ev->status);
2198 case HCI_OP_READ_REMOTE_FEATURES:
2199 hci_cs_read_remote_features(hdev, ev->status);
2202 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2203 hci_cs_read_remote_ext_features(hdev, ev->status);
2206 case HCI_OP_SETUP_SYNC_CONN:
2207 hci_cs_setup_sync_conn(hdev, ev->status);
2210 case HCI_OP_SNIFF_MODE:
2211 hci_cs_sniff_mode(hdev, ev->status);
2214 case HCI_OP_EXIT_SNIFF_MODE:
2215 hci_cs_exit_sniff_mode(hdev, ev->status);
2218 case HCI_OP_DISCONNECT:
2219 if (ev->status != 0)
2220 mgmt_disconnect_failed(hdev, NULL, ev->status);
2223 case HCI_OP_LE_CREATE_CONN:
2224 hci_cs_le_create_conn(hdev, ev->status);
2227 case HCI_OP_LE_START_ENC:
2228 hci_cs_le_start_enc(hdev, ev->status);
2232 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2236 if (ev->opcode != HCI_OP_NOP)
2237 del_timer(&hdev->cmd_timer);
2239 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2240 atomic_set(&hdev->cmd_cnt, 1);
2241 if (!skb_queue_empty(&hdev->cmd_q))
2242 queue_work(hdev->workqueue, &hdev->cmd_work);
2246 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2248 struct hci_ev_role_change *ev = (void *) skb->data;
2249 struct hci_conn *conn;
2251 BT_DBG("%s status %d", hdev->name, ev->status);
2255 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2259 conn->link_mode &= ~HCI_LM_MASTER;
2261 conn->link_mode |= HCI_LM_MASTER;
2264 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
2266 hci_role_switch_cfm(conn, ev->status, ev->role);
2269 hci_dev_unlock(hdev);
2272 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2274 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2277 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2278 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2282 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2283 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
2284 BT_DBG("%s bad parameters", hdev->name);
2288 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2290 for (i = 0; i < ev->num_hndl; i++) {
2291 struct hci_comp_pkts_info *info = &ev->handles[i];
2292 struct hci_conn *conn;
2293 __u16 handle, count;
2295 handle = __le16_to_cpu(info->handle);
2296 count = __le16_to_cpu(info->count);
2298 conn = hci_conn_hash_lookup_handle(hdev, handle);
2302 conn->sent -= count;
2304 switch (conn->type) {
2306 hdev->acl_cnt += count;
2307 if (hdev->acl_cnt > hdev->acl_pkts)
2308 hdev->acl_cnt = hdev->acl_pkts;
2312 if (hdev->le_pkts) {
2313 hdev->le_cnt += count;
2314 if (hdev->le_cnt > hdev->le_pkts)
2315 hdev->le_cnt = hdev->le_pkts;
2317 hdev->acl_cnt += count;
2318 if (hdev->acl_cnt > hdev->acl_pkts)
2319 hdev->acl_cnt = hdev->acl_pkts;
2324 hdev->sco_cnt += count;
2325 if (hdev->sco_cnt > hdev->sco_pkts)
2326 hdev->sco_cnt = hdev->sco_pkts;
2330 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2335 queue_work(hdev->workqueue, &hdev->tx_work);
2338 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2340 struct hci_ev_mode_change *ev = (void *) skb->data;
2341 struct hci_conn *conn;
2343 BT_DBG("%s status %d", hdev->name, ev->status);
2347 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2349 conn->mode = ev->mode;
2350 conn->interval = __le16_to_cpu(ev->interval);
2352 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2353 if (conn->mode == HCI_CM_ACTIVE)
2354 conn->power_save = 1;
2356 conn->power_save = 0;
2359 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2360 hci_sco_setup(conn, ev->status);
2363 hci_dev_unlock(hdev);
2366 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2368 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2369 struct hci_conn *conn;
2371 BT_DBG("%s", hdev->name);
2375 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2379 if (conn->state == BT_CONNECTED) {
2380 hci_conn_hold(conn);
2381 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2385 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2386 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2387 sizeof(ev->bdaddr), &ev->bdaddr);
2388 else if (test_bit(HCI_MGMT, &hdev->flags)) {
2391 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2396 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2400 hci_dev_unlock(hdev);
2403 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2405 struct hci_ev_link_key_req *ev = (void *) skb->data;
2406 struct hci_cp_link_key_reply cp;
2407 struct hci_conn *conn;
2408 struct link_key *key;
2410 BT_DBG("%s", hdev->name);
2412 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2417 key = hci_find_link_key(hdev, &ev->bdaddr);
2419 BT_DBG("%s link key not found for %s", hdev->name,
2420 batostr(&ev->bdaddr));
2424 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2425 batostr(&ev->bdaddr));
2427 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2428 key->type == HCI_LK_DEBUG_COMBINATION) {
2429 BT_DBG("%s ignoring debug key", hdev->name);
2433 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2435 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2436 conn->auth_type != 0xff &&
2437 (conn->auth_type & 0x01)) {
2438 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2442 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2443 conn->pending_sec_level == BT_SECURITY_HIGH) {
2444 BT_DBG("%s ignoring key unauthenticated for high \
2445 security", hdev->name);
2449 conn->key_type = key->type;
2450 conn->pin_length = key->pin_len;
2453 bacpy(&cp.bdaddr, &ev->bdaddr);
2454 memcpy(cp.link_key, key->val, 16);
2456 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2458 hci_dev_unlock(hdev);
2463 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2464 hci_dev_unlock(hdev);
2467 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2469 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2470 struct hci_conn *conn;
2473 BT_DBG("%s", hdev->name);
2477 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2479 hci_conn_hold(conn);
2480 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2481 pin_len = conn->pin_length;
2483 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2484 conn->key_type = ev->key_type;
2489 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2490 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
2491 ev->key_type, pin_len);
2493 hci_dev_unlock(hdev);
2496 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2498 struct hci_ev_clock_offset *ev = (void *) skb->data;
2499 struct hci_conn *conn;
2501 BT_DBG("%s status %d", hdev->name, ev->status);
2505 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2506 if (conn && !ev->status) {
2507 struct inquiry_entry *ie;
2509 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2511 ie->data.clock_offset = ev->clock_offset;
2512 ie->timestamp = jiffies;
2516 hci_dev_unlock(hdev);
2519 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2521 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2522 struct hci_conn *conn;
2524 BT_DBG("%s status %d", hdev->name, ev->status);
2528 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2529 if (conn && !ev->status)
2530 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2532 hci_dev_unlock(hdev);
2535 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2537 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2538 struct inquiry_entry *ie;
2540 BT_DBG("%s", hdev->name);
2544 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2546 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2547 ie->timestamp = jiffies;
2550 hci_dev_unlock(hdev);
2553 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2555 struct inquiry_data data;
2556 int num_rsp = *((__u8 *) skb->data);
2559 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2566 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2567 struct inquiry_info_with_rssi_and_pscan_mode *info;
2568 info = (void *) (skb->data + 1);
2570 for (; num_rsp; num_rsp--, info++) {
2571 bacpy(&data.bdaddr, &info->bdaddr);
2572 data.pscan_rep_mode = info->pscan_rep_mode;
2573 data.pscan_period_mode = info->pscan_period_mode;
2574 data.pscan_mode = info->pscan_mode;
2575 memcpy(data.dev_class, info->dev_class, 3);
2576 data.clock_offset = info->clock_offset;
2577 data.rssi = info->rssi;
2578 data.ssp_mode = 0x00;
2580 name_known = hci_inquiry_cache_update(hdev, &data,
2582 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2583 info->dev_class, info->rssi,
2587 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2589 for (; num_rsp; num_rsp--, info++) {
2590 bacpy(&data.bdaddr, &info->bdaddr);
2591 data.pscan_rep_mode = info->pscan_rep_mode;
2592 data.pscan_period_mode = info->pscan_period_mode;
2593 data.pscan_mode = 0x00;
2594 memcpy(data.dev_class, info->dev_class, 3);
2595 data.clock_offset = info->clock_offset;
2596 data.rssi = info->rssi;
2597 data.ssp_mode = 0x00;
2598 name_known = hci_inquiry_cache_update(hdev, &data,
2600 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2601 info->dev_class, info->rssi,
2606 hci_dev_unlock(hdev);
2609 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2611 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2612 struct hci_conn *conn;
2614 BT_DBG("%s", hdev->name);
2618 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2622 if (!ev->status && ev->page == 0x01) {
2623 struct inquiry_entry *ie;
2625 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2627 ie->data.ssp_mode = (ev->features[0] & 0x01);
2629 conn->ssp_mode = (ev->features[0] & 0x01);
2632 if (conn->state != BT_CONFIG)
2636 struct hci_cp_remote_name_req cp;
2637 memset(&cp, 0, sizeof(cp));
2638 bacpy(&cp.bdaddr, &conn->dst);
2639 cp.pscan_rep_mode = 0x02;
2640 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2643 if (!hci_outgoing_auth_needed(hdev, conn)) {
2644 conn->state = BT_CONNECTED;
2645 hci_proto_connect_cfm(conn, ev->status);
2650 hci_dev_unlock(hdev);
2653 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2655 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2656 struct hci_conn *conn;
2658 BT_DBG("%s status %d", hdev->name, ev->status);
2662 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2664 if (ev->link_type == ESCO_LINK)
2667 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2671 conn->type = SCO_LINK;
2674 switch (ev->status) {
2676 conn->handle = __le16_to_cpu(ev->handle);
2677 conn->state = BT_CONNECTED;
2679 hci_conn_hold_device(conn);
2680 hci_conn_add_sysfs(conn);
2683 case 0x11: /* Unsupported Feature or Parameter Value */
2684 case 0x1c: /* SCO interval rejected */
2685 case 0x1a: /* Unsupported Remote Feature */
2686 case 0x1f: /* Unspecified error */
2687 if (conn->out && conn->attempt < 2) {
2688 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2689 (hdev->esco_type & EDR_ESCO_MASK);
2690 hci_setup_sync(conn, conn->link->handle);
2696 conn->state = BT_CLOSED;
2700 hci_proto_connect_cfm(conn, ev->status);
2705 hci_dev_unlock(hdev);
2708 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2710 BT_DBG("%s", hdev->name);
2713 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2715 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2717 BT_DBG("%s status %d", hdev->name, ev->status);
2720 static inline bool eir_has_complete_name(u8 *data, size_t data_len)
2725 for (parsed = 0; parsed < data_len - 1; parsed += field_len) {
2726 field_len = data[0];
2731 parsed += field_len + 1;
2733 if (parsed > data_len)
2736 if (data[1] == EIR_NAME_COMPLETE)
2739 data += field_len + 1;
2745 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2747 struct inquiry_data data;
2748 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2749 int num_rsp = *((__u8 *) skb->data);
2751 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2758 for (; num_rsp; num_rsp--, info++) {
2761 bacpy(&data.bdaddr, &info->bdaddr);
2762 data.pscan_rep_mode = info->pscan_rep_mode;
2763 data.pscan_period_mode = info->pscan_period_mode;
2764 data.pscan_mode = 0x00;
2765 memcpy(data.dev_class, info->dev_class, 3);
2766 data.clock_offset = info->clock_offset;
2767 data.rssi = info->rssi;
2768 data.ssp_mode = 0x01;
2770 if (test_bit(HCI_MGMT, &hdev->flags))
2771 name_known = eir_has_complete_name(info->data,
2772 sizeof(info->data));
2776 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
2777 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2778 info->dev_class, info->rssi,
2779 !name_known, info->data);
2782 hci_dev_unlock(hdev);
2785 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2787 /* If remote requests dedicated bonding follow that lead */
2788 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2789 /* If both remote and local IO capabilities allow MITM
2790 * protection then require it, otherwise don't */
2791 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2797 /* If remote requests no-bonding follow that lead */
2798 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2799 return conn->remote_auth | (conn->auth_type & 0x01);
2801 return conn->auth_type;
2804 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2806 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2807 struct hci_conn *conn;
2809 BT_DBG("%s", hdev->name);
2813 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2817 hci_conn_hold(conn);
2819 if (!test_bit(HCI_MGMT, &hdev->flags))
2822 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2823 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2824 struct hci_cp_io_capability_reply cp;
2826 bacpy(&cp.bdaddr, &ev->bdaddr);
2827 cp.capability = conn->io_capability;
2828 conn->auth_type = hci_get_auth_req(conn);
2829 cp.authentication = conn->auth_type;
2831 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2832 hci_find_remote_oob_data(hdev, &conn->dst))
2837 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2840 struct hci_cp_io_capability_neg_reply cp;
2842 bacpy(&cp.bdaddr, &ev->bdaddr);
2843 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
2845 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2850 hci_dev_unlock(hdev);
2853 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2855 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2856 struct hci_conn *conn;
2858 BT_DBG("%s", hdev->name);
2862 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2866 conn->remote_cap = ev->capability;
2867 conn->remote_oob = ev->oob_data;
2868 conn->remote_auth = ev->authentication;
2871 hci_dev_unlock(hdev);
2874 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2875 struct sk_buff *skb)
2877 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2878 int loc_mitm, rem_mitm, confirm_hint = 0;
2879 struct hci_conn *conn;
2881 BT_DBG("%s", hdev->name);
2885 if (!test_bit(HCI_MGMT, &hdev->flags))
2888 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2892 loc_mitm = (conn->auth_type & 0x01);
2893 rem_mitm = (conn->remote_auth & 0x01);
2895 /* If we require MITM but the remote device can't provide that
2896 * (it has NoInputNoOutput) then reject the confirmation
2897 * request. The only exception is when we're dedicated bonding
2898 * initiators (connect_cfm_cb set) since then we always have the MITM
2900 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2901 BT_DBG("Rejecting request: remote device can't provide MITM");
2902 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2903 sizeof(ev->bdaddr), &ev->bdaddr);
2907 /* If no side requires MITM protection; auto-accept */
2908 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2909 (!rem_mitm || conn->io_capability == 0x03)) {
2911 /* If we're not the initiators request authorization to
2912 * proceed from user space (mgmt_user_confirm with
2913 * confirm_hint set to 1). */
2914 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2915 BT_DBG("Confirming auto-accept as acceptor");
2920 BT_DBG("Auto-accept of user confirmation with %ums delay",
2921 hdev->auto_accept_delay);
2923 if (hdev->auto_accept_delay > 0) {
2924 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2925 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2929 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2930 sizeof(ev->bdaddr), &ev->bdaddr);
2935 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
2939 hci_dev_unlock(hdev);
2942 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
2943 struct sk_buff *skb)
2945 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
2947 BT_DBG("%s", hdev->name);
2951 if (test_bit(HCI_MGMT, &hdev->flags))
2952 mgmt_user_passkey_request(hdev, &ev->bdaddr);
2954 hci_dev_unlock(hdev);
2957 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2959 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2960 struct hci_conn *conn;
2962 BT_DBG("%s", hdev->name);
2966 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2970 /* To avoid duplicate auth_failed events to user space we check
2971 * the HCI_CONN_AUTH_PEND flag which will be set if we
2972 * initiated the authentication. A traditional auth_complete
2973 * event gets always produced as initiator and is also mapped to
2974 * the mgmt_auth_failed event */
2975 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2976 mgmt_auth_failed(hdev, &conn->dst, ev->status);
2981 hci_dev_unlock(hdev);
2984 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2986 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2987 struct inquiry_entry *ie;
2989 BT_DBG("%s", hdev->name);
2993 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2995 ie->data.ssp_mode = (ev->features[0] & 0x01);
2997 hci_dev_unlock(hdev);
3000 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3001 struct sk_buff *skb)
3003 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3004 struct oob_data *data;
3006 BT_DBG("%s", hdev->name);
3010 if (!test_bit(HCI_MGMT, &hdev->flags))
3013 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3015 struct hci_cp_remote_oob_data_reply cp;
3017 bacpy(&cp.bdaddr, &ev->bdaddr);
3018 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3019 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3021 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3024 struct hci_cp_remote_oob_data_neg_reply cp;
3026 bacpy(&cp.bdaddr, &ev->bdaddr);
3027 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3032 hci_dev_unlock(hdev);
3035 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3037 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3038 struct hci_conn *conn;
3040 BT_DBG("%s status %d", hdev->name, ev->status);
3044 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
3046 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3048 BT_ERR("No memory for new connection");
3049 hci_dev_unlock(hdev);
3053 conn->dst_type = ev->bdaddr_type;
3057 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3058 conn->dst_type, ev->status);
3059 hci_proto_connect_cfm(conn, ev->status);
3060 conn->state = BT_CLOSED;
3065 mgmt_connected(hdev, &ev->bdaddr, conn->type, conn->dst_type);
3067 conn->sec_level = BT_SECURITY_LOW;
3068 conn->handle = __le16_to_cpu(ev->handle);
3069 conn->state = BT_CONNECTED;
3071 hci_conn_hold_device(conn);
3072 hci_conn_add_sysfs(conn);
3074 hci_proto_connect_cfm(conn, ev->status);
3077 hci_dev_unlock(hdev);
3080 static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3081 struct sk_buff *skb)
3083 u8 num_reports = skb->data[0];
3084 void *ptr = &skb->data[1];
3088 while (num_reports--) {
3089 struct hci_ev_le_advertising_info *ev = ptr;
3091 hci_add_adv_entry(hdev, ev);
3093 ptr += sizeof(*ev) + ev->length + 1;
3096 hci_dev_unlock(hdev);
3099 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3100 struct sk_buff *skb)
3102 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3103 struct hci_cp_le_ltk_reply cp;
3104 struct hci_cp_le_ltk_neg_reply neg;
3105 struct hci_conn *conn;
3106 struct link_key *ltk;
3108 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3112 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3116 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3120 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3121 cp.handle = cpu_to_le16(conn->handle);
3122 conn->pin_length = ltk->pin_len;
3124 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3126 hci_dev_unlock(hdev);
3131 neg.handle = ev->handle;
3132 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3133 hci_dev_unlock(hdev);
3136 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3138 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3140 skb_pull(skb, sizeof(*le_ev));
3142 switch (le_ev->subevent) {
3143 case HCI_EV_LE_CONN_COMPLETE:
3144 hci_le_conn_complete_evt(hdev, skb);
3147 case HCI_EV_LE_ADVERTISING_REPORT:
3148 hci_le_adv_report_evt(hdev, skb);
3151 case HCI_EV_LE_LTK_REQ:
3152 hci_le_ltk_request_evt(hdev, skb);
3160 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3162 struct hci_event_hdr *hdr = (void *) skb->data;
3163 __u8 event = hdr->evt;
3165 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3168 case HCI_EV_INQUIRY_COMPLETE:
3169 hci_inquiry_complete_evt(hdev, skb);
3172 case HCI_EV_INQUIRY_RESULT:
3173 hci_inquiry_result_evt(hdev, skb);
3176 case HCI_EV_CONN_COMPLETE:
3177 hci_conn_complete_evt(hdev, skb);
3180 case HCI_EV_CONN_REQUEST:
3181 hci_conn_request_evt(hdev, skb);
3184 case HCI_EV_DISCONN_COMPLETE:
3185 hci_disconn_complete_evt(hdev, skb);
3188 case HCI_EV_AUTH_COMPLETE:
3189 hci_auth_complete_evt(hdev, skb);
3192 case HCI_EV_REMOTE_NAME:
3193 hci_remote_name_evt(hdev, skb);
3196 case HCI_EV_ENCRYPT_CHANGE:
3197 hci_encrypt_change_evt(hdev, skb);
3200 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3201 hci_change_link_key_complete_evt(hdev, skb);
3204 case HCI_EV_REMOTE_FEATURES:
3205 hci_remote_features_evt(hdev, skb);
3208 case HCI_EV_REMOTE_VERSION:
3209 hci_remote_version_evt(hdev, skb);
3212 case HCI_EV_QOS_SETUP_COMPLETE:
3213 hci_qos_setup_complete_evt(hdev, skb);
3216 case HCI_EV_CMD_COMPLETE:
3217 hci_cmd_complete_evt(hdev, skb);
3220 case HCI_EV_CMD_STATUS:
3221 hci_cmd_status_evt(hdev, skb);
3224 case HCI_EV_ROLE_CHANGE:
3225 hci_role_change_evt(hdev, skb);
3228 case HCI_EV_NUM_COMP_PKTS:
3229 hci_num_comp_pkts_evt(hdev, skb);
3232 case HCI_EV_MODE_CHANGE:
3233 hci_mode_change_evt(hdev, skb);
3236 case HCI_EV_PIN_CODE_REQ:
3237 hci_pin_code_request_evt(hdev, skb);
3240 case HCI_EV_LINK_KEY_REQ:
3241 hci_link_key_request_evt(hdev, skb);
3244 case HCI_EV_LINK_KEY_NOTIFY:
3245 hci_link_key_notify_evt(hdev, skb);
3248 case HCI_EV_CLOCK_OFFSET:
3249 hci_clock_offset_evt(hdev, skb);
3252 case HCI_EV_PKT_TYPE_CHANGE:
3253 hci_pkt_type_change_evt(hdev, skb);
3256 case HCI_EV_PSCAN_REP_MODE:
3257 hci_pscan_rep_mode_evt(hdev, skb);
3260 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3261 hci_inquiry_result_with_rssi_evt(hdev, skb);
3264 case HCI_EV_REMOTE_EXT_FEATURES:
3265 hci_remote_ext_features_evt(hdev, skb);
3268 case HCI_EV_SYNC_CONN_COMPLETE:
3269 hci_sync_conn_complete_evt(hdev, skb);
3272 case HCI_EV_SYNC_CONN_CHANGED:
3273 hci_sync_conn_changed_evt(hdev, skb);
3276 case HCI_EV_SNIFF_SUBRATE:
3277 hci_sniff_subrate_evt(hdev, skb);
3280 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3281 hci_extended_inquiry_result_evt(hdev, skb);
3284 case HCI_EV_IO_CAPA_REQUEST:
3285 hci_io_capa_request_evt(hdev, skb);
3288 case HCI_EV_IO_CAPA_REPLY:
3289 hci_io_capa_reply_evt(hdev, skb);
3292 case HCI_EV_USER_CONFIRM_REQUEST:
3293 hci_user_confirm_request_evt(hdev, skb);
3296 case HCI_EV_USER_PASSKEY_REQUEST:
3297 hci_user_passkey_request_evt(hdev, skb);
3300 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3301 hci_simple_pair_complete_evt(hdev, skb);
3304 case HCI_EV_REMOTE_HOST_FEATURES:
3305 hci_remote_host_features_evt(hdev, skb);
3308 case HCI_EV_LE_META:
3309 hci_le_meta_evt(hdev, skb);
3312 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3313 hci_remote_oob_data_request_evt(hdev, skb);
3317 BT_DBG("%s event 0x%x", hdev->name, event);
3322 hdev->stat.evt_rx++;
3325 /* Generate internal stack event */
3326 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3328 struct hci_event_hdr *hdr;
3329 struct hci_ev_stack_internal *ev;
3330 struct sk_buff *skb;
3332 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3336 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3337 hdr->evt = HCI_EV_STACK_INTERNAL;
3338 hdr->plen = sizeof(*ev) + dlen;
3340 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3342 memcpy(ev->data, data, dlen);
3344 bt_cb(skb)->incoming = 1;
3345 __net_timestamp(skb);
3347 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
3348 skb->dev = (void *) hdev;
3349 hci_send_to_sock(hdev, skb, NULL);
3353 module_param(enable_le, bool, 0644);
3354 MODULE_PARM_DESC(enable_le, "Enable LE support");
projects / karo-tx-linux.git / blob