projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix HCI request framework
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <asm/unaligned.h>
28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
f0d6a0ea 31#include <net/bluetooth/mgmt.h>
8e2a0d92 32#include <net/bluetooth/a2mp.h>
903e4541 33#include <net/bluetooth/amp.h>
1da177e4 34
1da177e4
LT		 35/* Handle HCI Event packets */
36
a9de9248 37static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 38{
a9de9248 39 __u8 status = *((__u8 *) skb->data);
1da177e4 40
9f1db00c 41 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 42
e6d465cb
AG		 43 if (status) {
44 hci_dev_lock(hdev);
45 mgmt_stop_discovery_failed(hdev, status);
46 hci_dev_unlock(hdev);
a9de9248 47 return;
e6d465cb 48 }
1da177e4 49
89352e7d
AG		 50 clear_bit(HCI_INQUIRY, &hdev->flags);
51
56e5cb86 52 hci_dev_lock(hdev);
ff9ef578 53 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 54 hci_dev_unlock(hdev);
6bd57416 55
a9de9248
MH		 56 hci_conn_check_pending(hdev);
57}
6bd57416 58
4d93483b
AG		 59static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
60{
61 __u8 status = *((__u8 *) skb->data);
62
9f1db00c 63 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 64
65 if (status)
66 return;
67
68 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 69}
70
a9de9248
MH		 71static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
72{
73 __u8 status = *((__u8 *) skb->data);
6bd57416 74
9f1db00c 75 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 76
a9de9248
MH		 77 if (status)
78 return;
1da177e4 79
ae854a70
AG		 80 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
81
a9de9248
MH		 82 hci_conn_check_pending(hdev);
83}
84
807deac2
GP		 85static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
86 struct sk_buff *skb)
a9de9248
MH		 87{
88 BT_DBG("%s", hdev->name);
89}
90
91static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
92{
93 struct hci_rp_role_discovery *rp = (void *) skb->data;
94 struct hci_conn *conn;
95
9f1db00c 96 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 97
98 if (rp->status)
99 return;
100
101 hci_dev_lock(hdev);
102
103 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
104 if (conn) {
105 if (rp->role)
106 conn->link_mode &= ~HCI_LM_MASTER;
107 else
108 conn->link_mode |= HCI_LM_MASTER;
1da177e4 109 }
a9de9248
MH		 110
111 hci_dev_unlock(hdev);
1da177e4
LT		 112}
113
e4e8e37c
MH		 114static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
115{
116 struct hci_rp_read_link_policy *rp = (void *) skb->data;
117 struct hci_conn *conn;
118
9f1db00c 119 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 120
121 if (rp->status)
122 return;
123
124 hci_dev_lock(hdev);
125
126 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
127 if (conn)
128 conn->link_policy = __le16_to_cpu(rp->policy);
129
130 hci_dev_unlock(hdev);
131}
132
a9de9248 133static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 134{
a9de9248 135 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 136 struct hci_conn *conn;
04837f64 137 void *sent;
1da177e4 138
9f1db00c 139 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 140
a9de9248
MH		 141 if (rp->status)
142 return;
1da177e4 143
a9de9248
MH		 144 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
145 if (!sent)
146 return;
1da177e4 147
a9de9248 148 hci_dev_lock(hdev);
1da177e4 149
a9de9248 150 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 151 if (conn)
83985319 152 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 153
a9de9248
MH		 154 hci_dev_unlock(hdev);
155}
1da177e4 156
807deac2
GP		 157static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
158 struct sk_buff *skb)
e4e8e37c
MH		 159{
160 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
161
9f1db00c 162 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 163
164 if (rp->status)
165 return;
166
167 hdev->link_policy = __le16_to_cpu(rp->policy);
168}
169
807deac2
GP		 170static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
171 struct sk_buff *skb)
e4e8e37c
MH		 172{
173 __u8 status = *((__u8 *) skb->data);
174 void *sent;
175
9f1db00c 176 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 177
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
179 if (!sent)
180 return;
181
182 if (!status)
183 hdev->link_policy = get_unaligned_le16(sent);
e4e8e37c
MH		 184}
185
a9de9248
MH		 186static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
187{
188 __u8 status = *((__u8 *) skb->data);
04837f64 189
9f1db00c 190 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 191
10572132
GP		 192 clear_bit(HCI_RESET, &hdev->flags);
193
a297e97c 194 /* Reset all non-persistent flags */
2cc6fb00 195 hdev->dev_flags &= ~HCI_PERSISTENT_MASK;
69775ff6
AG		 196
197 hdev->discovery.state = DISCOVERY_STOPPED;
bbaf444a
JH		 198 hdev->inq_tx_power = HCI_TX_POWER_INVALID;
199 hdev->adv_tx_power = HCI_TX_POWER_INVALID;
3f0f524b
JH		 200
201 memset(hdev->adv_data, 0, sizeof(hdev->adv_data));
202 hdev->adv_data_len = 0;
a9de9248 203}
04837f64 204
a9de9248
MH		 205static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
206{
207 __u8 status = *((__u8 *) skb->data);
208 void *sent;
04837f64 209
9f1db00c 210 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 211
a9de9248
MH		 212 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
213 if (!sent)
214 return;
04837f64 215
56e5cb86
JH		 216 hci_dev_lock(hdev);
217
f51d5b24
JH		 218 if (test_bit(HCI_MGMT, &hdev->dev_flags))
219 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 220 else if (!status)
221 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 222
56e5cb86 223 hci_dev_unlock(hdev);
a9de9248
MH		 224}
225
226static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
227{
228 struct hci_rp_read_local_name *rp = (void *) skb->data;
229
9f1db00c 230 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 231
232 if (rp->status)
233 return;
234
db99b5fc
JH		 235 if (test_bit(HCI_SETUP, &hdev->dev_flags))
236 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 237}
238
239static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
240{
241 __u8 status = *((__u8 *) skb->data);
242 void *sent;
243
9f1db00c 244 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 245
246 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
247 if (!sent)
248 return;
249
250 if (!status) {
251 __u8 param = *((__u8 *) sent);
252
253 if (param == AUTH_ENABLED)
254 set_bit(HCI_AUTH, &hdev->flags);
255 else
256 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 257 }
a9de9248 258
33ef95ed
JH		 259 if (test_bit(HCI_MGMT, &hdev->dev_flags))
260 mgmt_auth_enable_complete(hdev, status);
1da177e4
LT		 261}
262
a9de9248 263static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 264{
a9de9248 265 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 266 void *sent;
267
9f1db00c 268 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 269
a9de9248
MH		 270 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
271 if (!sent)
272 return;
1da177e4 273
a9de9248
MH		 274 if (!status) {
275 __u8 param = *((__u8 *) sent);
276
277 if (param)
278 set_bit(HCI_ENCRYPT, &hdev->flags);
279 else
280 clear_bit(HCI_ENCRYPT, &hdev->flags);
281 }
a9de9248 282}
1da177e4 283
a9de9248
MH		 284static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
285{
36f7fc7e
JH		 286 __u8 param, status = *((__u8 *) skb->data);
287 int old_pscan, old_iscan;
a9de9248 288 void *sent;
1da177e4 289
9f1db00c 290 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 291
a9de9248
MH		 292 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
293 if (!sent)
294 return;
1da177e4 295
36f7fc7e
JH		 296 param = *((__u8 *) sent);
297
56e5cb86
JH		 298 hci_dev_lock(hdev);
299
fa1bd918 300 if (status) {
744cf19e 301 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 302 hdev->discov_timeout = 0;
303 goto done;
304 }
305
36f7fc7e
JH		 306 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
307 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
308
309 if (param & SCAN_INQUIRY) {
310 set_bit(HCI_ISCAN, &hdev->flags);
311 if (!old_iscan)
744cf19e 312 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 313 if (hdev->discov_timeout > 0) {
314 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
315 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 316 to);
16ab91ab 317 }
36f7fc7e 318 } else if (old_iscan)
744cf19e 319 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 320
321 if (param & SCAN_PAGE) {
322 set_bit(HCI_PSCAN, &hdev->flags);
323 if (!old_pscan)
744cf19e 324 mgmt_connectable(hdev, 1);
36f7fc7e 325 } else if (old_pscan)
744cf19e 326 mgmt_connectable(hdev, 0);
1da177e4 327
36f7fc7e 328done:
56e5cb86 329 hci_dev_unlock(hdev);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 335
9f1db00c 336 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 337
a9de9248
MH		 338 if (rp->status)
339 return;
1da177e4 340
a9de9248 341 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 342
a9de9248 343 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 344 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 345}
1da177e4 346
a9de9248
MH		 347static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
348{
349 __u8 status = *((__u8 *) skb->data);
350 void *sent;
1da177e4 351
9f1db00c 352 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 353
a9de9248
MH		 354 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
355 if (!sent)
356 return;
1da177e4 357
7f9a903c
MH		 358 hci_dev_lock(hdev);
359
360 if (status == 0)
361 memcpy(hdev->dev_class, sent, 3);
362
363 if (test_bit(HCI_MGMT, &hdev->dev_flags))
364 mgmt_set_class_of_dev_complete(hdev, sent, status);
365
366 hci_dev_unlock(hdev);
a9de9248 367}
1da177e4 368
a9de9248
MH		 369static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
370{
371 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
372 __u16 setting;
373
9f1db00c 374 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 375
376 if (rp->status)
377 return;
378
379 setting = __le16_to_cpu(rp->voice_setting);
380
f383f275 381 if (hdev->voice_setting == setting)
a9de9248
MH		 382 return;
383
384 hdev->voice_setting = setting;
385
9f1db00c 386 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 387
3c54711c 388 if (hdev->notify)
a9de9248 389 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 390}
391
8fc9ced3
GP		 392static void hci_cc_write_voice_setting(struct hci_dev *hdev,
393 struct sk_buff *skb)
a9de9248
MH		 394{
395 __u8 status = *((__u8 *) skb->data);
f383f275 396 __u16 setting;
a9de9248
MH		 397 void *sent;
398
9f1db00c 399 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 400
f383f275
MH		 401 if (status)
402 return;
403
a9de9248
MH		 404 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
405 if (!sent)
406 return;
1da177e4 407
f383f275 408 setting = get_unaligned_le16(sent);
1da177e4 409
f383f275
MH		 410 if (hdev->voice_setting == setting)
411 return;
412
413 hdev->voice_setting = setting;
1da177e4 414
9f1db00c 415 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 416
3c54711c 417 if (hdev->notify)
f383f275 418 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 419}
420
333140b5
MH		 421static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
422{
423 __u8 status = *((__u8 *) skb->data);
5ed8eb2f 424 struct hci_cp_write_ssp_mode *sent;
333140b5 425
9f1db00c 426 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 427
333140b5
MH		 428 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
429 if (!sent)
430 return;
431
5ed8eb2f
JH		 432 if (!status) {
433 if (sent->mode)
434 hdev->host_features[0] |= LMP_HOST_SSP;
435 else
436 hdev->host_features[0] &= ~LMP_HOST_SSP;
437 }
438
ed2c4ee3 439 if (test_bit(HCI_MGMT, &hdev->dev_flags))
5ed8eb2f 440 mgmt_ssp_enable_complete(hdev, sent->mode, status);
c0ecddc2 441 else if (!status) {
5ed8eb2f 442 if (sent->mode)
c0ecddc2
JH		 443 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
444 else
445 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
446 }
333140b5
MH		 447}
448
a9de9248
MH		 449static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
450{
451 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 452
9f1db00c 453 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 454
a9de9248 455 if (rp->status)
42c6b129 456 return;
1143e5a6 457
a9de9248 458 hdev->hci_ver = rp->hci_ver;
e4e8e37c 459 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 460 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 461 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 462 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 463
9f1db00c 464 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 465 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 466}
467
8fc9ced3
GP		 468static void hci_cc_read_local_commands(struct hci_dev *hdev,
469 struct sk_buff *skb)
a9de9248
MH		 470{
471 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 472
9f1db00c 473 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 474
2177bab5
JH		 475 if (!rp->status)
476 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
a9de9248 477}
1da177e4 478
8fc9ced3
GP		 479static void hci_cc_read_local_features(struct hci_dev *hdev,
480 struct sk_buff *skb)
a9de9248
MH		 481{
482 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 483
9f1db00c 484 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 485
a9de9248
MH		 486 if (rp->status)
487 return;
5b7f9909 488
a9de9248 489 memcpy(hdev->features, rp->features, 8);
5b7f9909 490
a9de9248
MH		 491 /* Adjust default settings according to features
492 * supported by device. */
1da177e4 493
a9de9248
MH		 494 if (hdev->features[0] & LMP_3SLOT)
495 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 496
a9de9248
MH		 497 if (hdev->features[0] & LMP_5SLOT)
498 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 499
a9de9248
MH		 500 if (hdev->features[1] & LMP_HV2) {
501 hdev->pkt_type |= (HCI_HV2);
502 hdev->esco_type |= (ESCO_HV2);
503 }
1da177e4 504
a9de9248
MH		 505 if (hdev->features[1] & LMP_HV3) {
506 hdev->pkt_type |= (HCI_HV3);
507 hdev->esco_type |= (ESCO_HV3);
508 }
1da177e4 509
45db810f 510 if (lmp_esco_capable(hdev))
a9de9248 511 hdev->esco_type |= (ESCO_EV3);
da1f5198 512
a9de9248
MH		 513 if (hdev->features[4] & LMP_EV4)
514 hdev->esco_type |= (ESCO_EV4);
da1f5198 515
a9de9248
MH		 516 if (hdev->features[4] & LMP_EV5)
517 hdev->esco_type |= (ESCO_EV5);
1da177e4 518
efc7688b
MH		 519 if (hdev->features[5] & LMP_EDR_ESCO_2M)
520 hdev->esco_type |= (ESCO_2EV3);
521
522 if (hdev->features[5] & LMP_EDR_ESCO_3M)
523 hdev->esco_type |= (ESCO_3EV3);
524
525 if (hdev->features[5] & LMP_EDR_3S_ESCO)
526 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
527
a9de9248 528 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
807deac2
GP		 529 hdev->features[0], hdev->features[1],
530 hdev->features[2], hdev->features[3],
531 hdev->features[4], hdev->features[5],
532 hdev->features[6], hdev->features[7]);
a9de9248 533}
1da177e4 534
971e3a4b 535static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 536 struct sk_buff *skb)
971e3a4b
AG		 537{
538 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
539
9f1db00c 540 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 541
542 if (rp->status)
42c6b129 543 return;
971e3a4b 544
b5b32b65
AG		 545 switch (rp->page) {
546 case 0:
547 memcpy(hdev->features, rp->features, 8);
548 break;
549 case 1:
550 memcpy(hdev->host_features, rp->features, 8);
551 break;
552 }
971e3a4b
AG		 553}
554
1e89cffb 555static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 556 struct sk_buff *skb)
1e89cffb
AE		 557{
558 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
559
9f1db00c 560 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb 561
42c6b129
JH		 562 if (!rp->status)
563 hdev->flow_ctl_mode = rp->mode;
1e89cffb
AE		 564}
565
a9de9248
MH		 566static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
567{
568 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 569
9f1db00c 570 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 571
a9de9248
MH		 572 if (rp->status)
573 return;
1da177e4 574
a9de9248
MH		 575 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
576 hdev->sco_mtu = rp->sco_mtu;
577 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
578 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
579
580 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
581 hdev->sco_mtu = 64;
582 hdev->sco_pkts = 8;
1da177e4 583 }
a9de9248
MH		 584
585 hdev->acl_cnt = hdev->acl_pkts;
586 hdev->sco_cnt = hdev->sco_pkts;
587
807deac2
GP		 588 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
589 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 590}
591
592static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
593{
594 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
595
9f1db00c 596 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 597
598 if (!rp->status)
599 bacpy(&hdev->bdaddr, &rp->bdaddr);
23bb5763
JH		 600}
601
f332ec66
JH		 602static void hci_cc_read_page_scan_activity(struct hci_dev *hdev,
603 struct sk_buff *skb)
604{
605 struct hci_rp_read_page_scan_activity *rp = (void *) skb->data;
606
607 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
608
609 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status) {
610 hdev->page_scan_interval = __le16_to_cpu(rp->interval);
611 hdev->page_scan_window = __le16_to_cpu(rp->window);
612 }
613}
614
4a3ee763
JH		 615static void hci_cc_write_page_scan_activity(struct hci_dev *hdev,
616 struct sk_buff *skb)
617{
618 u8 status = *((u8 *) skb->data);
619 struct hci_cp_write_page_scan_activity *sent;
620
621 BT_DBG("%s status 0x%2.2x", hdev->name, status);
622
623 if (status)
624 return;
625
626 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY);
627 if (!sent)
628 return;
629
630 hdev->page_scan_interval = __le16_to_cpu(sent->interval);
631 hdev->page_scan_window = __le16_to_cpu(sent->window);
632}
633
f332ec66
JH		 634static void hci_cc_read_page_scan_type(struct hci_dev *hdev,
635 struct sk_buff *skb)
636{
637 struct hci_rp_read_page_scan_type *rp = (void *) skb->data;
638
639 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
640
641 if (test_bit(HCI_INIT, &hdev->flags) && !rp->status)
642 hdev->page_scan_type = rp->type;
643}
644
4a3ee763
JH		 645static void hci_cc_write_page_scan_type(struct hci_dev *hdev,
646 struct sk_buff *skb)
647{
648 u8 status = *((u8 *) skb->data);
649 u8 *type;
650
651 BT_DBG("%s status 0x%2.2x", hdev->name, status);
652
653 if (status)
654 return;
655
656 type = hci_sent_cmd_data(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE);
657 if (type)
658 hdev->page_scan_type = *type;
659}
660
350ee4cf 661static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 662 struct sk_buff *skb)
350ee4cf
AE		 663{
664 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
665
9f1db00c 666 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 667
668 if (rp->status)
669 return;
670
671 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
672 hdev->block_len = __le16_to_cpu(rp->block_len);
673 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
674
675 hdev->block_cnt = hdev->num_blocks;
676
677 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 678 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 679}
680
928abaa7 681static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 682 struct sk_buff *skb)
928abaa7
AE		 683{
684 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
685
9f1db00c 686 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 687
688 if (rp->status)
8e2a0d92 689 goto a2mp_rsp;
928abaa7
AE		 690
691 hdev->amp_status = rp->amp_status;
692 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
693 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
694 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
695 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
696 hdev->amp_type = rp->amp_type;
697 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
698 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
699 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
700 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
701
8e2a0d92
AE		 702a2mp_rsp:
703 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 704}
705
903e4541
AE		 706static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
707 struct sk_buff *skb)
708{
709 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
710 struct amp_assoc *assoc = &hdev->loc_assoc;
711 size_t rem_len, frag_len;
712
713 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
714
715 if (rp->status)
716 goto a2mp_rsp;
717
718 frag_len = skb->len - sizeof(*rp);
719 rem_len = __le16_to_cpu(rp->rem_len);
720
721 if (rem_len > frag_len) {
2e430be3 722 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 723
724 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
725 assoc->offset += frag_len;
726
727 /* Read other fragments */
728 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
729
730 return;
731 }
732
733 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
734 assoc->len = assoc->offset + rem_len;
735 assoc->offset = 0;
736
737a2mp_rsp:
738 /* Send A2MP Rsp when all fragments are received */
739 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 740 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 741}
742
d5859e22 743static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 744 struct sk_buff *skb)
d5859e22 745{
91c4e9b1 746 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 747
9f1db00c 748 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 749
750 if (!rp->status)
751 hdev->inq_tx_power = rp->tx_power;
d5859e22
JH		 752}
753
980e1a53
JH		 754static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
755{
756 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
757 struct hci_cp_pin_code_reply *cp;
758 struct hci_conn *conn;
759
9f1db00c 760 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 761
56e5cb86
JH		 762 hci_dev_lock(hdev);
763
a8b2d5c2 764 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 765 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 766
fa1bd918 767 if (rp->status)
56e5cb86 768 goto unlock;
980e1a53
JH		 769
770 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
771 if (!cp)
56e5cb86 772 goto unlock;
980e1a53
JH		 773
774 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
775 if (conn)
776 conn->pin_length = cp->pin_len;
56e5cb86
JH		 777
778unlock:
779 hci_dev_unlock(hdev);
980e1a53
JH		 780}
781
782static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
783{
784 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
785
9f1db00c 786 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 787
56e5cb86
JH		 788 hci_dev_lock(hdev);
789
a8b2d5c2 790 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 791 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 792 rp->status);
56e5cb86
JH		 793
794 hci_dev_unlock(hdev);
980e1a53 795}
56e5cb86 796
6ed58ec5
VT		 797static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
798 struct sk_buff *skb)
799{
800 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
801
9f1db00c 802 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 803
804 if (rp->status)
805 return;
806
807 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
808 hdev->le_pkts = rp->le_max_pkt;
809
810 hdev->le_cnt = hdev->le_pkts;
811
812 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
6ed58ec5 813}
980e1a53 814
60e77321
JH		 815static void hci_cc_le_read_local_features(struct hci_dev *hdev,
816 struct sk_buff *skb)
817{
818 struct hci_rp_le_read_local_features *rp = (void *) skb->data;
819
820 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
821
822 if (!rp->status)
823 memcpy(hdev->le_features, rp->features, 8);
60e77321
JH		 824}
825
8fa19098
JH		 826static void hci_cc_le_read_adv_tx_power(struct hci_dev *hdev,
827 struct sk_buff *skb)
828{
829 struct hci_rp_le_read_adv_tx_power *rp = (void *) skb->data;
830
831 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
832
04b4edcb 833 if (!rp->status)
8fa19098 834 hdev->adv_tx_power = rp->tx_power;
8fa19098
JH		 835}
836
a5c29683
JH		 837static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
838{
839 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
840
9f1db00c 841 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 842
56e5cb86
JH		 843 hci_dev_lock(hdev);
844
a8b2d5c2 845 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 846 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
847 rp->status);
56e5cb86
JH		 848
849 hci_dev_unlock(hdev);
a5c29683
JH		 850}
851
852static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 853 struct sk_buff *skb)
a5c29683
JH		 854{
855 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
856
9f1db00c 857 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 858
56e5cb86
JH		 859 hci_dev_lock(hdev);
860
a8b2d5c2 861 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 862 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 863 ACL_LINK, 0, rp->status);
56e5cb86
JH		 864
865 hci_dev_unlock(hdev);
a5c29683
JH		 866}
867
1143d458
BG		 868static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
869{
870 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
871
9f1db00c 872 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 873
874 hci_dev_lock(hdev);
875
a8b2d5c2 876 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 877 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 878 0, rp->status);
1143d458
BG		 879
880 hci_dev_unlock(hdev);
881}
882
883static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 884 struct sk_buff *skb)
1143d458
BG		 885{
886 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
887
9f1db00c 888 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 889
890 hci_dev_lock(hdev);
891
a8b2d5c2 892 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 893 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 894 ACL_LINK, 0, rp->status);
1143d458
BG		 895
896 hci_dev_unlock(hdev);
897}
898
c35938b2 899static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 900 struct sk_buff *skb)
c35938b2
SJ		 901{
902 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
903
9f1db00c 904 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 905
56e5cb86 906 hci_dev_lock(hdev);
744cf19e 907 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 908 rp->randomizer, rp->status);
56e5cb86 909 hci_dev_unlock(hdev);
c35938b2
SJ		 910}
911
c1d5dc4a
JH		 912static void hci_cc_le_set_adv_enable(struct hci_dev *hdev, struct sk_buff *skb)
913{
914 __u8 *sent, status = *((__u8 *) skb->data);
915
916 BT_DBG("%s status 0x%2.2x", hdev->name, status);
917
918 sent = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_ADV_ENABLE);
919 if (!sent)
920 return;
921
922 hci_dev_lock(hdev);
923
924 if (!status) {
925 if (*sent)
926 set_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
927 else
928 clear_bit(HCI_LE_PERIPHERAL, &hdev->dev_flags);
929 }
930
04b4edcb
JH		 931 if (!test_bit(HCI_INIT, &hdev->flags)) {
932 struct hci_request req;
c1d5dc4a 933
04b4edcb
JH		 934 hci_req_init(&req, hdev);
935 hci_update_ad(&req);
936 hci_req_run(&req, NULL);
937 }
938
939 hci_dev_unlock(hdev);
c1d5dc4a
JH		 940}
941
07f7fa5d
AG		 942static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
943{
944 __u8 status = *((__u8 *) skb->data);
945
9f1db00c 946 BT_DBG("%s status 0x%2.2x", hdev->name, status);
7ba8b4be 947
3fd24153
AG		 948 if (status) {
949 hci_dev_lock(hdev);
950 mgmt_start_discovery_failed(hdev, status);
951 hci_dev_unlock(hdev);
952 return;
953 }
07f7fa5d
AG		 954}
955
eb9d91f5 956static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 957 struct sk_buff *skb)
eb9d91f5
AG		 958{
959 struct hci_cp_le_set_scan_enable *cp;
960 __u8 status = *((__u8 *) skb->data);
961
9f1db00c 962 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 963
eb9d91f5
AG		 964 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
965 if (!cp)
966 return;
967
68a8aea4
AE		 968 switch (cp->enable) {
969 case LE_SCANNING_ENABLED:
3fd24153
AG		 970 if (status) {
971 hci_dev_lock(hdev);
972 mgmt_start_discovery_failed(hdev, status);
973 hci_dev_unlock(hdev);
7ba8b4be 974 return;
3fd24153 975 }
7ba8b4be 976
d23264a8
AG		 977 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
978
a8f13c8c 979 hci_dev_lock(hdev);
343f935b 980 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 981 hci_dev_unlock(hdev);
68a8aea4
AE		 982 break;
983
984 case LE_SCANNING_DISABLED:
c9ecc48e
AG		 985 if (status) {
986 hci_dev_lock(hdev);
987 mgmt_stop_discovery_failed(hdev, status);
988 hci_dev_unlock(hdev);
7ba8b4be 989 return;
c9ecc48e 990 }
7ba8b4be 991
d23264a8
AG		 992 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
993
bc3dd33c
AG		 994 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
995 hdev->discovery.state == DISCOVERY_FINDING) {
5e0452c0
AG		 996 mgmt_interleaved_discovery(hdev);
997 } else {
998 hci_dev_lock(hdev);
999 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1000 hci_dev_unlock(hdev);
1001 }
1002
68a8aea4
AE		 1003 break;
1004
1005 default:
1006 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1007 break;
35815085 1008 }
eb9d91f5
AG		 1009}
1010
cf1d081f
JH		 1011static void hci_cc_le_read_white_list_size(struct hci_dev *hdev,
1012 struct sk_buff *skb)
1013{
1014 struct hci_rp_le_read_white_list_size *rp = (void *) skb->data;
1015
1016 BT_DBG("%s status 0x%2.2x size %u", hdev->name, rp->status, rp->size);
1017
1018 if (!rp->status)
1019 hdev->le_white_list_size = rp->size;
cf1d081f
JH		 1020}
1021
9b008c04
JH		 1022static void hci_cc_le_read_supported_states(struct hci_dev *hdev,
1023 struct sk_buff *skb)
1024{
1025 struct hci_rp_le_read_supported_states *rp = (void *) skb->data;
1026
1027 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1028
1029 if (!rp->status)
1030 memcpy(hdev->le_states, rp->le_states, 8);
9b008c04
JH		 1031}
1032
6039aa73
GP		 1033static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1034 struct sk_buff *skb)
f9b49306 1035{
06199cf8 1036 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 1037 __u8 status = *((__u8 *) skb->data);
1038
9f1db00c 1039 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1040
06199cf8 1041 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1042 if (!sent)
f9b49306
AG		 1043 return;
1044
8f984dfa
JH		 1045 if (!status) {
1046 if (sent->le)
1047 hdev->host_features[0] |= LMP_HOST_LE;
1048 else
1049 hdev->host_features[0] &= ~LMP_HOST_LE;
53b2caab
JH		 1050
1051 if (sent->simul)
1052 hdev->host_features[0] |= LMP_HOST_LE_BREDR;
1053 else
1054 hdev->host_features[0] &= ~LMP_HOST_LE_BREDR;
8f984dfa
JH		 1055 }
1056
1057 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
807deac2 1058 !test_bit(HCI_INIT, &hdev->flags))
8f984dfa 1059 mgmt_le_enable_complete(hdev, sent->le, status);
f9b49306
AG		 1060}
1061
93c284ee
AE		 1062static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1063 struct sk_buff *skb)
1064{
1065 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1066
1067 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1068 hdev->name, rp->status, rp->phy_handle);
1069
1070 if (rp->status)
1071 return;
1072
1073 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1074}
1075
6039aa73 1076static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1077{
9f1db00c 1078 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1079
1080 if (status) {
a9de9248 1081 hci_conn_check_pending(hdev);
56e5cb86 1082 hci_dev_lock(hdev);
a8b2d5c2 1083 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1084 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1085 hci_dev_unlock(hdev);
314b2381
JH		 1086 return;
1087 }
1088
89352e7d
AG		 1089 set_bit(HCI_INQUIRY, &hdev->flags);
1090
56e5cb86 1091 hci_dev_lock(hdev);
343f935b 1092 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1093 hci_dev_unlock(hdev);
1da177e4
LT		 1094}
1095
6039aa73 1096static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1097{
a9de9248 1098 struct hci_cp_create_conn *cp;
1da177e4 1099 struct hci_conn *conn;
1da177e4 1100
9f1db00c 1101 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1102
1103 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1104 if (!cp)
1105 return;
1106
1107 hci_dev_lock(hdev);
1108
1109 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1110
6ed93dc6 1111 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1112
1113 if (status) {
1114 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1115 if (status != 0x0c || conn->attempt > 2) {
1116 conn->state = BT_CLOSED;
1117 hci_proto_connect_cfm(conn, status);
1118 hci_conn_del(conn);
1119 } else
1120 conn->state = BT_CONNECT2;
1da177e4
LT		 1121 }
1122 } else {
1123 if (!conn) {
1124 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1125 if (conn) {
a0c808b3 1126 conn->out = true;
1da177e4
LT		 1127 conn->link_mode |= HCI_LM_MASTER;
1128 } else
893ef971 1129 BT_ERR("No memory for new connection");
1da177e4
LT		 1130 }
1131 }
1132
1133 hci_dev_unlock(hdev);
1134}
1135
a9de9248 1136static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1137{
a9de9248
MH		 1138 struct hci_cp_add_sco *cp;
1139 struct hci_conn *acl, *sco;
1140 __u16 handle;
1da177e4 1141
9f1db00c 1142 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1143
a9de9248
MH		 1144 if (!status)
1145 return;
1da177e4 1146
a9de9248
MH		 1147 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1148 if (!cp)
1149 return;
1da177e4 1150
a9de9248 1151 handle = __le16_to_cpu(cp->handle);
1da177e4 1152
9f1db00c 1153 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1154
a9de9248 1155 hci_dev_lock(hdev);
1da177e4 1156
a9de9248 1157 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1158 if (acl) {
1159 sco = acl->link;
1160 if (sco) {
1161 sco->state = BT_CLOSED;
1da177e4 1162
5a08ecce
AE		 1163 hci_proto_connect_cfm(sco, status);
1164 hci_conn_del(sco);
1165 }
a9de9248 1166 }
1da177e4 1167
a9de9248
MH		 1168 hci_dev_unlock(hdev);
1169}
1da177e4 1170
f8558555
MH		 1171static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1172{
1173 struct hci_cp_auth_requested *cp;
1174 struct hci_conn *conn;
1175
9f1db00c 1176 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1177
1178 if (!status)
1179 return;
1180
1181 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1182 if (!cp)
1183 return;
1184
1185 hci_dev_lock(hdev);
1186
1187 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1188 if (conn) {
1189 if (conn->state == BT_CONFIG) {
1190 hci_proto_connect_cfm(conn, status);
1191 hci_conn_put(conn);
1192 }
1193 }
1194
1195 hci_dev_unlock(hdev);
1196}
1197
1198static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1199{
1200 struct hci_cp_set_conn_encrypt *cp;
1201 struct hci_conn *conn;
1202
9f1db00c 1203 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1204
1205 if (!status)
1206 return;
1207
1208 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1209 if (!cp)
1210 return;
1211
1212 hci_dev_lock(hdev);
1213
1214 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1215 if (conn) {
1216 if (conn->state == BT_CONFIG) {
1217 hci_proto_connect_cfm(conn, status);
1218 hci_conn_put(conn);
1219 }
1220 }
1221
1222 hci_dev_unlock(hdev);
1223}
1224
127178d2 1225static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1226 struct hci_conn *conn)
392599b9 1227{
392599b9
JH		 1228 if (conn->state != BT_CONFIG || !conn->out)
1229 return 0;
1230
765c2a96 1231 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1232 return 0;
1233
1234 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1235 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1236 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1237 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1238 return 0;
1239
392599b9
JH		 1240 return 1;
1241}
1242
6039aa73 1243static int hci_resolve_name(struct hci_dev *hdev,
04124681 1244 struct inquiry_entry *e)
30dc78e1
JH		 1245{
1246 struct hci_cp_remote_name_req cp;
1247
1248 memset(&cp, 0, sizeof(cp));
1249
1250 bacpy(&cp.bdaddr, &e->data.bdaddr);
1251 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1252 cp.pscan_mode = e->data.pscan_mode;
1253 cp.clock_offset = e->data.clock_offset;
1254
1255 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1256}
1257
b644ba33 1258static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1259{
1260 struct discovery_state *discov = &hdev->discovery;
1261 struct inquiry_entry *e;
1262
b644ba33
JH		 1263 if (list_empty(&discov->resolve))
1264 return false;
1265
1266 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1267 if (!e)
1268 return false;
1269
b644ba33
JH		 1270 if (hci_resolve_name(hdev, e) == 0) {
1271 e->name_state = NAME_PENDING;
1272 return true;
1273 }
1274
1275 return false;
1276}
1277
1278static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1279 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1280{
1281 struct discovery_state *discov = &hdev->discovery;
1282 struct inquiry_entry *e;
1283
1284 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1285 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1286 name_len, conn->dev_class);
b644ba33
JH		 1287
1288 if (discov->state == DISCOVERY_STOPPED)
1289 return;
1290
30dc78e1
JH		 1291 if (discov->state == DISCOVERY_STOPPING)
1292 goto discov_complete;
1293
1294 if (discov->state != DISCOVERY_RESOLVING)
1295 return;
1296
1297 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1298 /* If the device was not found in a list of found devices names of which
1299 * are pending. there is no need to continue resolving a next name as it
1300 * will be done upon receiving another Remote Name Request Complete
1301 * Event */
1302 if (!e)
1303 return;
1304
1305 list_del(&e->list);
1306 if (name) {
30dc78e1 1307 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1308 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1309 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1310 } else {
1311 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1312 }
1313
b644ba33 1314 if (hci_resolve_next_name(hdev))
30dc78e1 1315 return;
30dc78e1
JH		 1316
1317discov_complete:
1318 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1319}
1320
a9de9248
MH		 1321static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1322{
127178d2
JH		 1323 struct hci_cp_remote_name_req *cp;
1324 struct hci_conn *conn;
1325
9f1db00c 1326 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1327
1328 /* If successful wait for the name req complete event before
1329 * checking for the need to do authentication */
1330 if (!status)
1331 return;
1332
1333 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1334 if (!cp)
1335 return;
1336
1337 hci_dev_lock(hdev);
1338
b644ba33
JH		 1339 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1340
a8b2d5c2 1341 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1342 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1343
79c6c70c
JH		 1344 if (!conn)
1345 goto unlock;
1346
1347 if (!hci_outgoing_auth_needed(hdev, conn))
1348 goto unlock;
1349
51a8efd7 1350 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1351 struct hci_cp_auth_requested cp;
1352 cp.handle = __cpu_to_le16(conn->handle);
1353 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1354 }
1355
79c6c70c 1356unlock:
127178d2 1357 hci_dev_unlock(hdev);
a9de9248 1358}
1da177e4 1359
769be974
MH		 1360static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1361{
1362 struct hci_cp_read_remote_features *cp;
1363 struct hci_conn *conn;
1364
9f1db00c 1365 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1366
1367 if (!status)
1368 return;
1369
1370 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1371 if (!cp)
1372 return;
1373
1374 hci_dev_lock(hdev);
1375
1376 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1377 if (conn) {
1378 if (conn->state == BT_CONFIG) {
769be974
MH		 1379 hci_proto_connect_cfm(conn, status);
1380 hci_conn_put(conn);
1381 }
1382 }
1383
1384 hci_dev_unlock(hdev);
1385}
1386
1387static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1388{
1389 struct hci_cp_read_remote_ext_features *cp;
1390 struct hci_conn *conn;
1391
9f1db00c 1392 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1393
1394 if (!status)
1395 return;
1396
1397 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1398 if (!cp)
1399 return;
1400
1401 hci_dev_lock(hdev);
1402
1403 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1404 if (conn) {
1405 if (conn->state == BT_CONFIG) {
769be974
MH		 1406 hci_proto_connect_cfm(conn, status);
1407 hci_conn_put(conn);
1408 }
1409 }
1410
1411 hci_dev_unlock(hdev);
1412}
1413
a9de9248
MH		 1414static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1415{
b6a0dc82
MH		 1416 struct hci_cp_setup_sync_conn *cp;
1417 struct hci_conn *acl, *sco;
1418 __u16 handle;
1419
9f1db00c 1420 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1421
1422 if (!status)
1423 return;
1424
1425 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1426 if (!cp)
1427 return;
1428
1429 handle = __le16_to_cpu(cp->handle);
1430
9f1db00c 1431 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1432
1433 hci_dev_lock(hdev);
1434
1435 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1436 if (acl) {
1437 sco = acl->link;
1438 if (sco) {
1439 sco->state = BT_CLOSED;
b6a0dc82 1440
5a08ecce
AE		 1441 hci_proto_connect_cfm(sco, status);
1442 hci_conn_del(sco);
1443 }
b6a0dc82
MH		 1444 }
1445
1446 hci_dev_unlock(hdev);
1da177e4
LT		 1447}
1448
a9de9248 1449static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1450{
a9de9248
MH		 1451 struct hci_cp_sniff_mode *cp;
1452 struct hci_conn *conn;
1da177e4 1453
9f1db00c 1454 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1455
a9de9248
MH		 1456 if (!status)
1457 return;
04837f64 1458
a9de9248
MH		 1459 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1460 if (!cp)
1461 return;
04837f64 1462
a9de9248 1463 hci_dev_lock(hdev);
04837f64 1464
a9de9248 1465 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1466 if (conn) {
51a8efd7 1467 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1468
51a8efd7 1469 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1470 hci_sco_setup(conn, status);
1471 }
1472
a9de9248
MH		 1473 hci_dev_unlock(hdev);
1474}
04837f64 1475
a9de9248
MH		 1476static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1477{
1478 struct hci_cp_exit_sniff_mode *cp;
1479 struct hci_conn *conn;
04837f64 1480
9f1db00c 1481 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1482
a9de9248
MH		 1483 if (!status)
1484 return;
04837f64 1485
a9de9248
MH		 1486 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1487 if (!cp)
1488 return;
04837f64 1489
a9de9248 1490 hci_dev_lock(hdev);
1da177e4 1491
a9de9248 1492 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1493 if (conn) {
51a8efd7 1494 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1495
51a8efd7 1496 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1497 hci_sco_setup(conn, status);
1498 }
1499
a9de9248 1500 hci_dev_unlock(hdev);
1da177e4
LT		 1501}
1502
88c3df13
JH		 1503static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1504{
1505 struct hci_cp_disconnect *cp;
1506 struct hci_conn *conn;
1507
1508 if (!status)
1509 return;
1510
1511 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1512 if (!cp)
1513 return;
1514
1515 hci_dev_lock(hdev);
1516
1517 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1518 if (conn)
1519 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1520 conn->dst_type, status);
88c3df13
JH		 1521
1522 hci_dev_unlock(hdev);
1523}
1524
fcd89c09
VT		 1525static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1526{
fcd89c09
VT		 1527 struct hci_conn *conn;
1528
9f1db00c 1529 BT_DBG("%s status 0x%2.2x", hdev->name, status);
fcd89c09 1530
f00a06ac
AG		 1531 if (status) {
1532 hci_dev_lock(hdev);
fcd89c09 1533
0c95ab78 1534 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
f00a06ac
AG		 1535 if (!conn) {
1536 hci_dev_unlock(hdev);
1537 return;
1538 }
fcd89c09 1539
6ed93dc6 1540 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
fcd89c09 1541
f00a06ac 1542 conn->state = BT_CLOSED;
0c95ab78 1543 mgmt_connect_failed(hdev, &conn->dst, conn->type,
f00a06ac
AG		 1544 conn->dst_type, status);
1545 hci_proto_connect_cfm(conn, status);
1546 hci_conn_del(conn);
fcd89c09 1547
f00a06ac
AG		 1548 hci_dev_unlock(hdev);
1549 }
fcd89c09
VT		 1550}
1551
a02226d6
AE		 1552static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1553{
93c284ee
AE		 1554 struct hci_cp_create_phy_link *cp;
1555
a02226d6 1556 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee 1557
93c284ee
AE		 1558 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1559 if (!cp)
1560 return;
1561
e58917b9
AE		 1562 hci_dev_lock(hdev);
1563
1564 if (status) {
1565 struct hci_conn *hcon;
1566
1567 hcon = hci_conn_hash_lookup_handle(hdev, cp->phy_handle);
1568 if (hcon)
1569 hci_conn_del(hcon);
1570 } else {
1571 amp_write_remote_assoc(hdev, cp->phy_handle);
1572 }
1573
1574 hci_dev_unlock(hdev);
a02226d6
AE		 1575}
1576
0b26ab9d
AE		 1577static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1578{
1579 struct hci_cp_accept_phy_link *cp;
1580
1581 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1582
1583 if (status)
1584 return;
1585
1586 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1587 if (!cp)
1588 return;
1589
1590 amp_write_remote_assoc(hdev, cp->phy_handle);
1591}
1592
6039aa73 1593static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1594{
1595 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1596 struct discovery_state *discov = &hdev->discovery;
1597 struct inquiry_entry *e;
1da177e4 1598
9f1db00c 1599 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1600
a9de9248 1601 hci_conn_check_pending(hdev);
89352e7d
AG		 1602
1603 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1604 return;
1605
a8b2d5c2 1606 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1607 return;
1608
56e5cb86 1609 hci_dev_lock(hdev);
30dc78e1 1610
343f935b 1611 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1612 goto unlock;
1613
1614 if (list_empty(&discov->resolve)) {
1615 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1616 goto unlock;
1617 }
1618
1619 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1620 if (e && hci_resolve_name(hdev, e) == 0) {
1621 e->name_state = NAME_PENDING;
1622 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1623 } else {
1624 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1625 }
1626
1627unlock:
56e5cb86 1628 hci_dev_unlock(hdev);
1da177e4
LT		 1629}
1630
6039aa73 1631static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1632{
45bb4bf0 1633 struct inquiry_data data;
a9de9248 1634 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1635 int num_rsp = *((__u8 *) skb->data);
1636
1637 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1638
45bb4bf0
MH		 1639 if (!num_rsp)
1640 return;
1641
1519cc17
AG		 1642 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1643 return;
1644
1da177e4 1645 hci_dev_lock(hdev);
45bb4bf0 1646
e17acd40 1647 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1648 bool name_known, ssp;
3175405b 1649
1da177e4
LT		 1650 bacpy(&data.bdaddr, &info->bdaddr);
1651 data.pscan_rep_mode = info->pscan_rep_mode;
1652 data.pscan_period_mode = info->pscan_period_mode;
1653 data.pscan_mode = info->pscan_mode;
1654 memcpy(data.dev_class, info->dev_class, 3);
1655 data.clock_offset = info->clock_offset;
1656 data.rssi = 0x00;
41a96212 1657 data.ssp_mode = 0x00;
3175405b 1658
388fc8fa 1659 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1660 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1661 info->dev_class, 0, !name_known, ssp, NULL,
1662 0);
1da177e4 1663 }
45bb4bf0 1664
1da177e4
LT		 1665 hci_dev_unlock(hdev);
1666}
1667
6039aa73 1668static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1669{
a9de9248
MH		 1670 struct hci_ev_conn_complete *ev = (void *) skb->data;
1671 struct hci_conn *conn;
1da177e4
LT		 1672
1673 BT_DBG("%s", hdev->name);
1674
1675 hci_dev_lock(hdev);
1676
1677 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1678 if (!conn) {
1679 if (ev->link_type != SCO_LINK)
1680 goto unlock;
1681
1682 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1683 if (!conn)
1684 goto unlock;
1685
1686 conn->type = SCO_LINK;
1687 }
1da177e4
LT		 1688
1689 if (!ev->status) {
1690 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1691
1692 if (conn->type == ACL_LINK) {
1693 conn->state = BT_CONFIG;
1694 hci_conn_hold(conn);
a9ea3ed9
SJ		 1695
1696 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1697 !hci_find_link_key(hdev, &ev->bdaddr))
1698 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1699 else
1700 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1701 } else
1702 conn->state = BT_CONNECTED;
1da177e4 1703
9eba32b8 1704 hci_conn_hold_device(conn);
7d0db0a3
MH		 1705 hci_conn_add_sysfs(conn);
1706
1da177e4
LT		 1707 if (test_bit(HCI_AUTH, &hdev->flags))
1708 conn->link_mode |= HCI_LM_AUTH;
1709
1710 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1711 conn->link_mode |= HCI_LM_ENCRYPT;
1712
04837f64
MH		 1713 /* Get remote features */
1714 if (conn->type == ACL_LINK) {
1715 struct hci_cp_read_remote_features cp;
1716 cp.handle = ev->handle;
769be974 1717 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1718 sizeof(cp), &cp);
04837f64
MH		 1719 }
1720
1da177e4 1721 /* Set packet type for incoming connection */
d095c1eb 1722 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1723 struct hci_cp_change_conn_ptype cp;
1724 cp.handle = ev->handle;
a8746417 1725 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1726 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1727 &cp);
1da177e4 1728 }
17d5c04c 1729 } else {
1da177e4 1730 conn->state = BT_CLOSED;
17d5c04c 1731 if (conn->type == ACL_LINK)
744cf19e 1732 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1733 conn->dst_type, ev->status);
17d5c04c 1734 }
1da177e4 1735
e73439d8
MH		 1736 if (conn->type == ACL_LINK)
1737 hci_sco_setup(conn, ev->status);
1da177e4 1738
769be974
MH		 1739 if (ev->status) {
1740 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1741 hci_conn_del(conn);
c89b6e6b
MH		 1742 } else if (ev->link_type != ACL_LINK)
1743 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1744
a9de9248 1745unlock:
1da177e4 1746 hci_dev_unlock(hdev);
1da177e4 1747
a9de9248 1748 hci_conn_check_pending(hdev);
1da177e4
LT		 1749}
1750
20714bfe
FD		 1751void hci_conn_accept(struct hci_conn *conn, int mask)
1752{
1753 struct hci_dev *hdev = conn->hdev;
1754
1755 BT_DBG("conn %p", conn);
1756
1757 conn->state = BT_CONFIG;
1758
1759 if (!lmp_esco_capable(hdev)) {
1760 struct hci_cp_accept_conn_req cp;
1761
1762 bacpy(&cp.bdaddr, &conn->dst);
1763
1764 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1765 cp.role = 0x00; /* Become master */
1766 else
1767 cp.role = 0x01; /* Remain slave */
1768
1769 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
1770 } else /* lmp_esco_capable(hdev)) */ {
1771 struct hci_cp_accept_sync_conn_req cp;
1772
1773 bacpy(&cp.bdaddr, &conn->dst);
1774 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1775
1776 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1777 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1778 cp.max_latency = __constant_cpu_to_le16(0xffff);
1779 cp.content_format = cpu_to_le16(hdev->voice_setting);
1780 cp.retrans_effort = 0xff;
1781
1782 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1783 sizeof(cp), &cp);
1784 }
1785}
1786
6039aa73 1787static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1788{
a9de9248
MH		 1789 struct hci_ev_conn_request *ev = (void *) skb->data;
1790 int mask = hdev->link_mode;
20714bfe 1791 __u8 flags = 0;
1da177e4 1792
6ed93dc6 1793 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1794 ev->link_type);
1da177e4 1795
20714bfe
FD		 1796 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type,
1797 &flags);
1da177e4 1798
138d22ef 1799 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1800 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1801 /* Connection accepted */
c7bdd502 1802 struct inquiry_entry *ie;
1da177e4 1803 struct hci_conn *conn;
1da177e4 1804
a9de9248 1805 hci_dev_lock(hdev);
b6a0dc82 1806
cc11b9c1
AE		 1807 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1808 if (ie)
c7bdd502
MH		 1809 memcpy(ie->data.dev_class, ev->dev_class, 3);
1810
8fc9ced3
GP		 1811 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1812 &ev->bdaddr);
a9de9248 1813 if (!conn) {
cc11b9c1
AE		 1814 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1815 if (!conn) {
893ef971 1816 BT_ERR("No memory for new connection");
a9de9248
MH		 1817 hci_dev_unlock(hdev);
1818 return;
1da177e4
LT		 1819 }
1820 }
b6a0dc82 1821
a9de9248 1822 memcpy(conn->dev_class, ev->dev_class, 3);
b6a0dc82 1823
a9de9248 1824 hci_dev_unlock(hdev);
1da177e4 1825
20714bfe
FD		 1826 if (ev->link_type == ACL_LINK ||
1827 (!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
b6a0dc82 1828 struct hci_cp_accept_conn_req cp;
20714bfe 1829 conn->state = BT_CONNECT;
1da177e4 1830
b6a0dc82
MH		 1831 bacpy(&cp.bdaddr, &ev->bdaddr);
1832
1833 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1834 cp.role = 0x00; /* Become master */
1835 else
1836 cp.role = 0x01; /* Remain slave */
1837
04124681
GP		 1838 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1839 &cp);
20714bfe 1840 } else if (!(flags & HCI_PROTO_DEFER)) {
b6a0dc82 1841 struct hci_cp_accept_sync_conn_req cp;
20714bfe 1842 conn->state = BT_CONNECT;
b6a0dc82
MH		 1843
1844 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1845 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1846
82781e63
AE		 1847 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1848 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1849 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1850 cp.content_format = cpu_to_le16(hdev->voice_setting);
1851 cp.retrans_effort = 0xff;
1da177e4 1852
b6a0dc82 1853 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1854 sizeof(cp), &cp);
20714bfe
FD		 1855 } else {
1856 conn->state = BT_CONNECT2;
1857 hci_proto_connect_cfm(conn, 0);
1858 hci_conn_put(conn);
b6a0dc82 1859 }
a9de9248
MH		 1860 } else {
1861 /* Connection rejected */
1862 struct hci_cp_reject_conn_req cp;
1da177e4 1863
a9de9248 1864 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1865 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1866 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1867 }
1da177e4
LT		 1868}
1869
f0d6a0ea
MA		 1870static u8 hci_to_mgmt_reason(u8 err)
1871{
1872 switch (err) {
1873 case HCI_ERROR_CONNECTION_TIMEOUT:
1874 return MGMT_DEV_DISCONN_TIMEOUT;
1875 case HCI_ERROR_REMOTE_USER_TERM:
1876 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1877 case HCI_ERROR_REMOTE_POWER_OFF:
1878 return MGMT_DEV_DISCONN_REMOTE;
1879 case HCI_ERROR_LOCAL_HOST_TERM:
1880 return MGMT_DEV_DISCONN_LOCAL_HOST;
1881 default:
1882 return MGMT_DEV_DISCONN_UNKNOWN;
1883 }
1884}
1885
6039aa73 1886static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1887{
a9de9248 1888 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1889 struct hci_conn *conn;
1890
9f1db00c 1891 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1892
1893 hci_dev_lock(hdev);
1894
1895 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1896 if (!conn)
1897 goto unlock;
7d0db0a3 1898
37d9ef76
JH		 1899 if (ev->status == 0)
1900 conn->state = BT_CLOSED;
04837f64 1901
b644ba33 1902 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 1903 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 1904 if (ev->status) {
88c3df13 1905 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 1906 conn->dst_type, ev->status);
f0d6a0ea
MA		 1907 } else {
1908 u8 reason = hci_to_mgmt_reason(ev->reason);
1909
afc747a6 1910 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 1911 conn->dst_type, reason);
1912 }
37d9ef76 1913 }
f7520543 1914
37d9ef76 1915 if (ev->status == 0) {
6ec5bcad
VA		 1916 if (conn->type == ACL_LINK && conn->flush_key)
1917 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 1918 hci_proto_disconn_cfm(conn, ev->reason);
1919 hci_conn_del(conn);
1920 }
f7520543
JH		 1921
1922unlock:
04837f64
MH		 1923 hci_dev_unlock(hdev);
1924}
1925
6039aa73 1926static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1927{
a9de9248 1928 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1929 struct hci_conn *conn;
1da177e4 1930
9f1db00c 1931 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 1932
1933 hci_dev_lock(hdev);
1934
04837f64 1935 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1936 if (!conn)
1937 goto unlock;
1938
1939 if (!ev->status) {
aa64a8b5 1940 if (!hci_conn_ssp_enabled(conn) &&
807deac2 1941 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1942 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1943 } else {
d7556e20
WR		 1944 conn->link_mode |= HCI_LM_AUTH;
1945 conn->sec_level = conn->pending_sec_level;
2a611692 1946 }
d7556e20 1947 } else {
bab73cb6 1948 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 1949 ev->status);
d7556e20 1950 }
1da177e4 1951
51a8efd7
JH		 1952 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1953 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1954
d7556e20 1955 if (conn->state == BT_CONFIG) {
aa64a8b5 1956 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1957 struct hci_cp_set_conn_encrypt cp;
1958 cp.handle = ev->handle;
1959 cp.encrypt = 0x01;
1960 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1961 &cp);
052b30b0 1962 } else {
d7556e20
WR		 1963 conn->state = BT_CONNECTED;
1964 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1965 hci_conn_put(conn);
1966 }
d7556e20
WR		 1967 } else {
1968 hci_auth_cfm(conn, ev->status);
052b30b0 1969
d7556e20
WR		 1970 hci_conn_hold(conn);
1971 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1972 hci_conn_put(conn);
1973 }
1974
51a8efd7 1975 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1976 if (!ev->status) {
1977 struct hci_cp_set_conn_encrypt cp;
1978 cp.handle = ev->handle;
1979 cp.encrypt = 0x01;
1980 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 1981 &cp);
d7556e20 1982 } else {
51a8efd7 1983 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1984 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1985 }
1986 }
1987
d7556e20 1988unlock:
1da177e4
LT		 1989 hci_dev_unlock(hdev);
1990}
1991
6039aa73 1992static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1993{
127178d2
JH		 1994 struct hci_ev_remote_name *ev = (void *) skb->data;
1995 struct hci_conn *conn;
1996
a9de9248 1997 BT_DBG("%s", hdev->name);
1da177e4 1998
a9de9248 1999 hci_conn_check_pending(hdev);
127178d2
JH		 2000
2001 hci_dev_lock(hdev);
2002
b644ba33 2003 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 2004
b644ba33
JH		 2005 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2006 goto check_auth;
a88a9652 2007
b644ba33
JH		 2008 if (ev->status == 0)
2009 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 2010 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 2011 else
2012 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2013
2014check_auth:
79c6c70c
JH		 2015 if (!conn)
2016 goto unlock;
2017
2018 if (!hci_outgoing_auth_needed(hdev, conn))
2019 goto unlock;
2020
51a8efd7 2021 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 2022 struct hci_cp_auth_requested cp;
2023 cp.handle = __cpu_to_le16(conn->handle);
2024 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2025 }
2026
79c6c70c 2027unlock:
127178d2 2028 hci_dev_unlock(hdev);
a9de9248
MH		 2029}
2030
6039aa73 2031static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2032{
2033 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2034 struct hci_conn *conn;
2035
9f1db00c 2036 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2037
2038 hci_dev_lock(hdev);
2039
04837f64 2040 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2041 if (conn) {
2042 if (!ev->status) {
ae293196
MH		 2043 if (ev->encrypt) {
2044 /* Encryption implies authentication */
2045 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2046 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2047 conn->sec_level = conn->pending_sec_level;
ae293196 2048 } else
1da177e4
LT		 2049 conn->link_mode &= ~HCI_LM_ENCRYPT;
2050 }
2051
51a8efd7 2052 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2053
a7d7723a 2054 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 2055 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
a7d7723a
GP		 2056 hci_conn_put(conn);
2057 goto unlock;
2058 }
2059
f8558555
MH		 2060 if (conn->state == BT_CONFIG) {
2061 if (!ev->status)
2062 conn->state = BT_CONNECTED;
2063
2064 hci_proto_connect_cfm(conn, ev->status);
2065 hci_conn_put(conn);
2066 } else
2067 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2068 }
2069
a7d7723a 2070unlock:
1da177e4
LT		 2071 hci_dev_unlock(hdev);
2072}
2073
6039aa73
GP		 2074static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2075 struct sk_buff *skb)
1da177e4 2076{
a9de9248 2077 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2078 struct hci_conn *conn;
1da177e4 2079
9f1db00c 2080 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2081
2082 hci_dev_lock(hdev);
2083
04837f64 2084 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2085 if (conn) {
2086 if (!ev->status)
2087 conn->link_mode |= HCI_LM_SECURE;
2088
51a8efd7 2089 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2090
2091 hci_key_change_cfm(conn, ev->status);
2092 }
2093
2094 hci_dev_unlock(hdev);
2095}
2096
6039aa73
GP		 2097static void hci_remote_features_evt(struct hci_dev *hdev,
2098 struct sk_buff *skb)
1da177e4 2099{
a9de9248
MH		 2100 struct hci_ev_remote_features *ev = (void *) skb->data;
2101 struct hci_conn *conn;
2102
9f1db00c 2103 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2104
a9de9248
MH		 2105 hci_dev_lock(hdev);
2106
2107 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2108 if (!conn)
2109 goto unlock;
769be974 2110
ccd556fe
JH		 2111 if (!ev->status)
2112 memcpy(conn->features, ev->features, 8);
2113
2114 if (conn->state != BT_CONFIG)
2115 goto unlock;
2116
2117 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2118 struct hci_cp_read_remote_ext_features cp;
2119 cp.handle = ev->handle;
2120 cp.page = 0x01;
2121 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2122 sizeof(cp), &cp);
392599b9
JH		 2123 goto unlock;
2124 }
2125
671267bf 2126 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2127 struct hci_cp_remote_name_req cp;
2128 memset(&cp, 0, sizeof(cp));
2129 bacpy(&cp.bdaddr, &conn->dst);
2130 cp.pscan_rep_mode = 0x02;
2131 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2132 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2133 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2134 conn->dst_type, 0, NULL, 0,
2135 conn->dev_class);
392599b9 2136
127178d2 2137 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2138 conn->state = BT_CONNECTED;
2139 hci_proto_connect_cfm(conn, ev->status);
2140 hci_conn_put(conn);
769be974 2141 }
a9de9248 2142
ccd556fe 2143unlock:
a9de9248 2144 hci_dev_unlock(hdev);
1da177e4
LT		 2145}
2146
6039aa73 2147static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2148{
2149 struct hci_ev_cmd_complete *ev = (void *) skb->data;
9238f36a 2150 u8 status = skb->data[sizeof(*ev)];
a9de9248
MH		 2151 __u16 opcode;
2152
2153 skb_pull(skb, sizeof(*ev));
2154
2155 opcode = __le16_to_cpu(ev->opcode);
2156
2157 switch (opcode) {
2158 case HCI_OP_INQUIRY_CANCEL:
2159 hci_cc_inquiry_cancel(hdev, skb);
2160 break;
2161
4d93483b
AG		 2162 case HCI_OP_PERIODIC_INQ:
2163 hci_cc_periodic_inq(hdev, skb);
2164 break;
2165
a9de9248
MH		 2166 case HCI_OP_EXIT_PERIODIC_INQ:
2167 hci_cc_exit_periodic_inq(hdev, skb);
2168 break;
2169
2170 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2171 hci_cc_remote_name_req_cancel(hdev, skb);
2172 break;
2173
2174 case HCI_OP_ROLE_DISCOVERY:
2175 hci_cc_role_discovery(hdev, skb);
2176 break;
2177
e4e8e37c
MH		 2178 case HCI_OP_READ_LINK_POLICY:
2179 hci_cc_read_link_policy(hdev, skb);
2180 break;
2181
a9de9248
MH		 2182 case HCI_OP_WRITE_LINK_POLICY:
2183 hci_cc_write_link_policy(hdev, skb);
2184 break;
2185
e4e8e37c
MH		 2186 case HCI_OP_READ_DEF_LINK_POLICY:
2187 hci_cc_read_def_link_policy(hdev, skb);
2188 break;
2189
2190 case HCI_OP_WRITE_DEF_LINK_POLICY:
2191 hci_cc_write_def_link_policy(hdev, skb);
2192 break;
2193
a9de9248
MH		 2194 case HCI_OP_RESET:
2195 hci_cc_reset(hdev, skb);
2196 break;
2197
2198 case HCI_OP_WRITE_LOCAL_NAME:
2199 hci_cc_write_local_name(hdev, skb);
2200 break;
2201
2202 case HCI_OP_READ_LOCAL_NAME:
2203 hci_cc_read_local_name(hdev, skb);
2204 break;
2205
2206 case HCI_OP_WRITE_AUTH_ENABLE:
2207 hci_cc_write_auth_enable(hdev, skb);
2208 break;
2209
2210 case HCI_OP_WRITE_ENCRYPT_MODE:
2211 hci_cc_write_encrypt_mode(hdev, skb);
2212 break;
2213
2214 case HCI_OP_WRITE_SCAN_ENABLE:
2215 hci_cc_write_scan_enable(hdev, skb);
2216 break;
2217
2218 case HCI_OP_READ_CLASS_OF_DEV:
2219 hci_cc_read_class_of_dev(hdev, skb);
2220 break;
2221
2222 case HCI_OP_WRITE_CLASS_OF_DEV:
2223 hci_cc_write_class_of_dev(hdev, skb);
2224 break;
2225
2226 case HCI_OP_READ_VOICE_SETTING:
2227 hci_cc_read_voice_setting(hdev, skb);
2228 break;
2229
2230 case HCI_OP_WRITE_VOICE_SETTING:
2231 hci_cc_write_voice_setting(hdev, skb);
2232 break;
2233
333140b5
MH		 2234 case HCI_OP_WRITE_SSP_MODE:
2235 hci_cc_write_ssp_mode(hdev, skb);
2236 break;
2237
a9de9248
MH		 2238 case HCI_OP_READ_LOCAL_VERSION:
2239 hci_cc_read_local_version(hdev, skb);
2240 break;
2241
2242 case HCI_OP_READ_LOCAL_COMMANDS:
2243 hci_cc_read_local_commands(hdev, skb);
2244 break;
2245
2246 case HCI_OP_READ_LOCAL_FEATURES:
2247 hci_cc_read_local_features(hdev, skb);
2248 break;
2249
971e3a4b
AG		 2250 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2251 hci_cc_read_local_ext_features(hdev, skb);
2252 break;
2253
a9de9248
MH		 2254 case HCI_OP_READ_BUFFER_SIZE:
2255 hci_cc_read_buffer_size(hdev, skb);
2256 break;
2257
2258 case HCI_OP_READ_BD_ADDR:
2259 hci_cc_read_bd_addr(hdev, skb);
2260 break;
2261
f332ec66
JH		 2262 case HCI_OP_READ_PAGE_SCAN_ACTIVITY:
2263 hci_cc_read_page_scan_activity(hdev, skb);
2264 break;
2265
4a3ee763
JH		 2266 case HCI_OP_WRITE_PAGE_SCAN_ACTIVITY:
2267 hci_cc_write_page_scan_activity(hdev, skb);
2268 break;
2269
f332ec66
JH		 2270 case HCI_OP_READ_PAGE_SCAN_TYPE:
2271 hci_cc_read_page_scan_type(hdev, skb);
2272 break;
2273
4a3ee763
JH		 2274 case HCI_OP_WRITE_PAGE_SCAN_TYPE:
2275 hci_cc_write_page_scan_type(hdev, skb);
2276 break;
2277
350ee4cf
AE		 2278 case HCI_OP_READ_DATA_BLOCK_SIZE:
2279 hci_cc_read_data_block_size(hdev, skb);
2280 break;
2281
1e89cffb
AE		 2282 case HCI_OP_READ_FLOW_CONTROL_MODE:
2283 hci_cc_read_flow_control_mode(hdev, skb);
2284 break;
2285
928abaa7
AE		 2286 case HCI_OP_READ_LOCAL_AMP_INFO:
2287 hci_cc_read_local_amp_info(hdev, skb);
2288 break;
2289
903e4541
AE		 2290 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2291 hci_cc_read_local_amp_assoc(hdev, skb);
2292 break;
2293
d5859e22
JH		 2294 case HCI_OP_READ_INQ_RSP_TX_POWER:
2295 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2296 break;
2297
980e1a53
JH		 2298 case HCI_OP_PIN_CODE_REPLY:
2299 hci_cc_pin_code_reply(hdev, skb);
2300 break;
2301
2302 case HCI_OP_PIN_CODE_NEG_REPLY:
2303 hci_cc_pin_code_neg_reply(hdev, skb);
2304 break;
2305
c35938b2
SJ		 2306 case HCI_OP_READ_LOCAL_OOB_DATA:
2307 hci_cc_read_local_oob_data_reply(hdev, skb);
2308 break;
2309
6ed58ec5
VT		 2310 case HCI_OP_LE_READ_BUFFER_SIZE:
2311 hci_cc_le_read_buffer_size(hdev, skb);
2312 break;
2313
60e77321
JH		 2314 case HCI_OP_LE_READ_LOCAL_FEATURES:
2315 hci_cc_le_read_local_features(hdev, skb);
2316 break;
2317
8fa19098
JH		 2318 case HCI_OP_LE_READ_ADV_TX_POWER:
2319 hci_cc_le_read_adv_tx_power(hdev, skb);
2320 break;
2321
a5c29683
JH		 2322 case HCI_OP_USER_CONFIRM_REPLY:
2323 hci_cc_user_confirm_reply(hdev, skb);
2324 break;
2325
2326 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2327 hci_cc_user_confirm_neg_reply(hdev, skb);
2328 break;
2329
1143d458
BG		 2330 case HCI_OP_USER_PASSKEY_REPLY:
2331 hci_cc_user_passkey_reply(hdev, skb);
2332 break;
2333
2334 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2335 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2336 break;
07f7fa5d
AG		 2337
2338 case HCI_OP_LE_SET_SCAN_PARAM:
2339 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2340 break;
2341
c1d5dc4a
JH		 2342 case HCI_OP_LE_SET_ADV_ENABLE:
2343 hci_cc_le_set_adv_enable(hdev, skb);
2344 break;
2345
eb9d91f5
AG		 2346 case HCI_OP_LE_SET_SCAN_ENABLE:
2347 hci_cc_le_set_scan_enable(hdev, skb);
2348 break;
2349
cf1d081f
JH		 2350 case HCI_OP_LE_READ_WHITE_LIST_SIZE:
2351 hci_cc_le_read_white_list_size(hdev, skb);
2352 break;
2353
9b008c04
JH		 2354 case HCI_OP_LE_READ_SUPPORTED_STATES:
2355 hci_cc_le_read_supported_states(hdev, skb);
2356 break;
2357
f9b49306
AG		 2358 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2359 hci_cc_write_le_host_supported(hdev, skb);
2360 break;
2361
93c284ee
AE		 2362 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2363 hci_cc_write_remote_amp_assoc(hdev, skb);
2364 break;
2365
a9de9248 2366 default:
9f1db00c 2367 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2368 break;
2369 }
2370
ad82cdd1 2371 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2372 del_timer(&hdev->cmd_timer);
2373
ad82cdd1 2374 hci_req_cmd_complete(hdev, opcode, status);
9238f36a 2375
dbccd791 2376 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2377 atomic_set(&hdev->cmd_cnt, 1);
2378 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2379 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2380 }
2381}
2382
6039aa73 2383static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2384{
2385 struct hci_ev_cmd_status *ev = (void *) skb->data;
2386 __u16 opcode;
2387
2388 skb_pull(skb, sizeof(*ev));
2389
2390 opcode = __le16_to_cpu(ev->opcode);
2391
2392 switch (opcode) {
2393 case HCI_OP_INQUIRY:
2394 hci_cs_inquiry(hdev, ev->status);
2395 break;
2396
2397 case HCI_OP_CREATE_CONN:
2398 hci_cs_create_conn(hdev, ev->status);
2399 break;
2400
2401 case HCI_OP_ADD_SCO:
2402 hci_cs_add_sco(hdev, ev->status);
2403 break;
2404
f8558555
MH		 2405 case HCI_OP_AUTH_REQUESTED:
2406 hci_cs_auth_requested(hdev, ev->status);
2407 break;
2408
2409 case HCI_OP_SET_CONN_ENCRYPT:
2410 hci_cs_set_conn_encrypt(hdev, ev->status);
2411 break;
2412
a9de9248
MH		 2413 case HCI_OP_REMOTE_NAME_REQ:
2414 hci_cs_remote_name_req(hdev, ev->status);
2415 break;
2416
769be974
MH		 2417 case HCI_OP_READ_REMOTE_FEATURES:
2418 hci_cs_read_remote_features(hdev, ev->status);
2419 break;
2420
2421 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2422 hci_cs_read_remote_ext_features(hdev, ev->status);
2423 break;
2424
a9de9248
MH		 2425 case HCI_OP_SETUP_SYNC_CONN:
2426 hci_cs_setup_sync_conn(hdev, ev->status);
2427 break;
2428
2429 case HCI_OP_SNIFF_MODE:
2430 hci_cs_sniff_mode(hdev, ev->status);
2431 break;
2432
2433 case HCI_OP_EXIT_SNIFF_MODE:
2434 hci_cs_exit_sniff_mode(hdev, ev->status);
2435 break;
2436
8962ee74 2437 case HCI_OP_DISCONNECT:
88c3df13 2438 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2439 break;
2440
fcd89c09
VT		 2441 case HCI_OP_LE_CREATE_CONN:
2442 hci_cs_le_create_conn(hdev, ev->status);
2443 break;
2444
a02226d6
AE		 2445 case HCI_OP_CREATE_PHY_LINK:
2446 hci_cs_create_phylink(hdev, ev->status);
2447 break;
2448
0b26ab9d
AE		 2449 case HCI_OP_ACCEPT_PHY_LINK:
2450 hci_cs_accept_phylink(hdev, ev->status);
2451 break;
2452
a9de9248 2453 default:
9f1db00c 2454 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2455 break;
2456 }
2457
ad82cdd1 2458 if (opcode != HCI_OP_NOP)
6bd32326
VT		 2459 del_timer(&hdev->cmd_timer);
2460
33720450 2461 hci_req_cmd_complete(hdev, opcode, ev->status);
9238f36a 2462
10572132 2463 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2464 atomic_set(&hdev->cmd_cnt, 1);
2465 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2466 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2467 }
2468}
2469
6039aa73 2470static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2471{
2472 struct hci_ev_role_change *ev = (void *) skb->data;
2473 struct hci_conn *conn;
2474
9f1db00c 2475 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2476
2477 hci_dev_lock(hdev);
2478
2479 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2480 if (conn) {
2481 if (!ev->status) {
2482 if (ev->role)
2483 conn->link_mode &= ~HCI_LM_MASTER;
2484 else
2485 conn->link_mode |= HCI_LM_MASTER;
2486 }
2487
51a8efd7 2488 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2489
2490 hci_role_switch_cfm(conn, ev->status, ev->role);
2491 }
2492
2493 hci_dev_unlock(hdev);
2494}
2495
6039aa73 2496static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2497{
2498 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2499 int i;
2500
32ac5b9b
AE		 2501 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2502 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2503 return;
2504 }
2505
c5993de8 2506 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2507 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2508 BT_DBG("%s bad parameters", hdev->name);
2509 return;
2510 }
2511
c5993de8
AE		 2512 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2513
613a1c0c
AE		 2514 for (i = 0; i < ev->num_hndl; i++) {
2515 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2516 struct hci_conn *conn;
2517 __u16 handle, count;
2518
613a1c0c
AE		 2519 handle = __le16_to_cpu(info->handle);
2520 count = __le16_to_cpu(info->count);
a9de9248
MH		 2521
2522 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2523 if (!conn)
2524 continue;
2525
2526 conn->sent -= count;
2527
2528 switch (conn->type) {
2529 case ACL_LINK:
2530 hdev->acl_cnt += count;
2531 if (hdev->acl_cnt > hdev->acl_pkts)
2532 hdev->acl_cnt = hdev->acl_pkts;
2533 break;
2534
2535 case LE_LINK:
2536 if (hdev->le_pkts) {
2537 hdev->le_cnt += count;
2538 if (hdev->le_cnt > hdev->le_pkts)
2539 hdev->le_cnt = hdev->le_pkts;
2540 } else {
70f23020
AE		 2541 hdev->acl_cnt += count;
2542 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2543 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2544 }
f4280918
AE		 2545 break;
2546
2547 case SCO_LINK:
2548 hdev->sco_cnt += count;
2549 if (hdev->sco_cnt > hdev->sco_pkts)
2550 hdev->sco_cnt = hdev->sco_pkts;
2551 break;
2552
2553 default:
2554 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2555 break;
a9de9248
MH		 2556 }
2557 }
2558
3eff45ea 2559 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2560}
2561
76ef7cf7
AE		 2562static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2563 __u16 handle)
2564{
2565 struct hci_chan *chan;
2566
2567 switch (hdev->dev_type) {
2568 case HCI_BREDR:
2569 return hci_conn_hash_lookup_handle(hdev, handle);
2570 case HCI_AMP:
2571 chan = hci_chan_lookup_handle(hdev, handle);
2572 if (chan)
2573 return chan->conn;
2574 break;
2575 default:
2576 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2577 break;
2578 }
2579
2580 return NULL;
2581}
2582
6039aa73 2583static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2584{
2585 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2586 int i;
2587
2588 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2589 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2590 return;
2591 }
2592
2593 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2594 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2595 BT_DBG("%s bad parameters", hdev->name);
2596 return;
2597 }
2598
2599 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2600 ev->num_hndl);
25e89e99
AE		 2601
2602 for (i = 0; i < ev->num_hndl; i++) {
2603 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2604 struct hci_conn *conn = NULL;
25e89e99
AE		 2605 __u16 handle, block_count;
2606
2607 handle = __le16_to_cpu(info->handle);
2608 block_count = __le16_to_cpu(info->blocks);
2609
76ef7cf7 2610 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2611 if (!conn)
2612 continue;
2613
2614 conn->sent -= block_count;
2615
2616 switch (conn->type) {
2617 case ACL_LINK:
bd1eb66b 2618 case AMP_LINK:
25e89e99
AE		 2619 hdev->block_cnt += block_count;
2620 if (hdev->block_cnt > hdev->num_blocks)
2621 hdev->block_cnt = hdev->num_blocks;
2622 break;
2623
2624 default:
2625 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2626 break;
2627 }
2628 }
2629
2630 queue_work(hdev->workqueue, &hdev->tx_work);
2631}
2632
6039aa73 2633static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2634{
a9de9248 2635 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2636 struct hci_conn *conn;
2637
9f1db00c 2638 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2639
2640 hci_dev_lock(hdev);
2641
2642 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2643 if (conn) {
2644 conn->mode = ev->mode;
2645 conn->interval = __le16_to_cpu(ev->interval);
2646
8fc9ced3
GP		 2647 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2648 &conn->flags)) {
a9de9248 2649 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2650 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2651 else
58a681ef 2652 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2653 }
e73439d8 2654
51a8efd7 2655 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2656 hci_sco_setup(conn, ev->status);
04837f64
MH		 2657 }
2658
2659 hci_dev_unlock(hdev);
2660}
2661
6039aa73 2662static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2663{
052b30b0
MH		 2664 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2665 struct hci_conn *conn;
2666
a9de9248 2667 BT_DBG("%s", hdev->name);
052b30b0
MH		 2668
2669 hci_dev_lock(hdev);
2670
2671 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2672 if (!conn)
2673 goto unlock;
2674
2675 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2676 hci_conn_hold(conn);
2677 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2678 hci_conn_put(conn);
2679 }
2680
a8b2d5c2 2681 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2682 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2683 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2684 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2685 u8 secure;
2686
2687 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2688 secure = 1;
2689 else
2690 secure = 0;
2691
744cf19e 2692 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2693 }
980e1a53 2694
b6f98044 2695unlock:
052b30b0 2696 hci_dev_unlock(hdev);
a9de9248
MH		 2697}
2698
6039aa73 2699static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2700{
55ed8ca1
JH		 2701 struct hci_ev_link_key_req *ev = (void *) skb->data;
2702 struct hci_cp_link_key_reply cp;
2703 struct hci_conn *conn;
2704 struct link_key *key;
2705
a9de9248 2706 BT_DBG("%s", hdev->name);
55ed8ca1 2707
a8b2d5c2 2708 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2709 return;
2710
2711 hci_dev_lock(hdev);
2712
2713 key = hci_find_link_key(hdev, &ev->bdaddr);
2714 if (!key) {
6ed93dc6
AE		 2715 BT_DBG("%s link key not found for %pMR", hdev->name,
2716 &ev->bdaddr);
55ed8ca1
JH		 2717 goto not_found;
2718 }
2719
6ed93dc6
AE		 2720 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2721 &ev->bdaddr);
55ed8ca1 2722
a8b2d5c2 2723 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2724 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2725 BT_DBG("%s ignoring debug key", hdev->name);
2726 goto not_found;
2727 }
2728
2729 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2730 if (conn) {
2731 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2732 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2733 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2734 goto not_found;
2735 }
55ed8ca1 2736
60b83f57 2737 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2738 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2739 BT_DBG("%s ignoring key unauthenticated for high security",
2740 hdev->name);
60b83f57
WR		 2741 goto not_found;
2742 }
2743
2744 conn->key_type = key->type;
2745 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2746 }
2747
2748 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2749 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2750
2751 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2752
2753 hci_dev_unlock(hdev);
2754
2755 return;
2756
2757not_found:
2758 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2759 hci_dev_unlock(hdev);
a9de9248
MH		 2760}
2761
6039aa73 2762static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2763{
052b30b0
MH		 2764 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2765 struct hci_conn *conn;
55ed8ca1 2766 u8 pin_len = 0;
052b30b0 2767
a9de9248 2768 BT_DBG("%s", hdev->name);
052b30b0
MH		 2769
2770 hci_dev_lock(hdev);
2771
2772 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2773 if (conn) {
2774 hci_conn_hold(conn);
2775 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2776 pin_len = conn->pin_length;
13d39315
WR		 2777
2778 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2779 conn->key_type = ev->key_type;
2780
052b30b0
MH		 2781 hci_conn_put(conn);
2782 }
2783
a8b2d5c2 2784 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2785 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2786 ev->key_type, pin_len);
55ed8ca1 2787
052b30b0 2788 hci_dev_unlock(hdev);
a9de9248
MH		 2789}
2790
6039aa73 2791static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2792{
a9de9248 2793 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2794 struct hci_conn *conn;
1da177e4 2795
9f1db00c 2796 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2797
2798 hci_dev_lock(hdev);
2799
04837f64 2800 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2801 if (conn && !ev->status) {
2802 struct inquiry_entry *ie;
2803
cc11b9c1
AE		 2804 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2805 if (ie) {
1da177e4
LT		 2806 ie->data.clock_offset = ev->clock_offset;
2807 ie->timestamp = jiffies;
2808 }
2809 }
2810
2811 hci_dev_unlock(hdev);
2812}
2813
6039aa73 2814static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2815{
2816 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2817 struct hci_conn *conn;
2818
9f1db00c 2819 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2820
2821 hci_dev_lock(hdev);
2822
2823 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2824 if (conn && !ev->status)
2825 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2826
2827 hci_dev_unlock(hdev);
2828}
2829
6039aa73 2830static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2831{
a9de9248 2832 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2833 struct inquiry_entry *ie;
2834
2835 BT_DBG("%s", hdev->name);
2836
2837 hci_dev_lock(hdev);
2838
cc11b9c1
AE		 2839 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2840 if (ie) {
85a1e930
MH		 2841 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2842 ie->timestamp = jiffies;
2843 }
2844
2845 hci_dev_unlock(hdev);
2846}
2847
6039aa73
GP		 2848static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2849 struct sk_buff *skb)
a9de9248
MH		 2850{
2851 struct inquiry_data data;
2852 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2853 bool name_known, ssp;
a9de9248
MH		 2854
2855 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2856
2857 if (!num_rsp)
2858 return;
2859
1519cc17
AG		 2860 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2861 return;
2862
a9de9248
MH		 2863 hci_dev_lock(hdev);
2864
2865 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2866 struct inquiry_info_with_rssi_and_pscan_mode *info;
2867 info = (void *) (skb->data + 1);
a9de9248 2868
e17acd40 2869 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2870 bacpy(&data.bdaddr, &info->bdaddr);
2871 data.pscan_rep_mode = info->pscan_rep_mode;
2872 data.pscan_period_mode = info->pscan_period_mode;
2873 data.pscan_mode = info->pscan_mode;
2874 memcpy(data.dev_class, info->dev_class, 3);
2875 data.clock_offset = info->clock_offset;
2876 data.rssi = info->rssi;
41a96212 2877 data.ssp_mode = 0x00;
3175405b
JH		 2878
2879 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2880 false, &ssp);
48264f06 2881 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2882 info->dev_class, info->rssi,
2883 !name_known, ssp, NULL, 0);
a9de9248
MH		 2884 }
2885 } else {
2886 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2887
e17acd40 2888 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2889 bacpy(&data.bdaddr, &info->bdaddr);
2890 data.pscan_rep_mode = info->pscan_rep_mode;
2891 data.pscan_period_mode = info->pscan_period_mode;
2892 data.pscan_mode = 0x00;
2893 memcpy(data.dev_class, info->dev_class, 3);
2894 data.clock_offset = info->clock_offset;
2895 data.rssi = info->rssi;
41a96212 2896 data.ssp_mode = 0x00;
3175405b 2897 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2898 false, &ssp);
48264f06 2899 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2900 info->dev_class, info->rssi,
2901 !name_known, ssp, NULL, 0);
a9de9248
MH		 2902 }
2903 }
2904
2905 hci_dev_unlock(hdev);
2906}
2907
6039aa73
GP		 2908static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2909 struct sk_buff *skb)
a9de9248 2910{
41a96212
MH		 2911 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2912 struct hci_conn *conn;
2913
a9de9248 2914 BT_DBG("%s", hdev->name);
41a96212 2915
41a96212
MH		 2916 hci_dev_lock(hdev);
2917
2918 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2919 if (!conn)
2920 goto unlock;
41a96212 2921
ccd556fe
JH		 2922 if (!ev->status && ev->page == 0x01) {
2923 struct inquiry_entry *ie;
41a96212 2924
cc11b9c1
AE		 2925 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2926 if (ie)
02b7cc62 2927 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 2928
02b7cc62 2929 if (ev->features[0] & LMP_HOST_SSP)
58a681ef 2930 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2931 }
2932
2933 if (conn->state != BT_CONFIG)
2934 goto unlock;
2935
671267bf 2936 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2937 struct hci_cp_remote_name_req cp;
2938 memset(&cp, 0, sizeof(cp));
2939 bacpy(&cp.bdaddr, &conn->dst);
2940 cp.pscan_rep_mode = 0x02;
2941 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2942 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2943 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2944 conn->dst_type, 0, NULL, 0,
2945 conn->dev_class);
392599b9 2946
127178d2 2947 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2948 conn->state = BT_CONNECTED;
2949 hci_proto_connect_cfm(conn, ev->status);
2950 hci_conn_put(conn);
41a96212
MH		 2951 }
2952
ccd556fe 2953unlock:
41a96212 2954 hci_dev_unlock(hdev);
a9de9248
MH		 2955}
2956
6039aa73
GP		 2957static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
2958 struct sk_buff *skb)
a9de9248 2959{
b6a0dc82
MH		 2960 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2961 struct hci_conn *conn;
2962
9f1db00c 2963 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 2964
2965 hci_dev_lock(hdev);
2966
2967 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2968 if (!conn) {
2969 if (ev->link_type == ESCO_LINK)
2970 goto unlock;
2971
2972 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2973 if (!conn)
2974 goto unlock;
2975
2976 conn->type = SCO_LINK;
2977 }
b6a0dc82 2978
732547f9
MH		 2979 switch (ev->status) {
2980 case 0x00:
b6a0dc82
MH		 2981 conn->handle = __le16_to_cpu(ev->handle);
2982 conn->state = BT_CONNECTED;
7d0db0a3 2983
9eba32b8 2984 hci_conn_hold_device(conn);
7d0db0a3 2985 hci_conn_add_sysfs(conn);
732547f9
MH		 2986 break;
2987
705e5711 2988 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2989 case 0x1c: /* SCO interval rejected */
1038a00b 2990 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2991 case 0x1f: /* Unspecified error */
2992 if (conn->out && conn->attempt < 2) {
2993 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2994 (hdev->esco_type & EDR_ESCO_MASK);
2995 hci_setup_sync(conn, conn->link->handle);
2996 goto unlock;
2997 }
2998 /* fall through */
2999
3000 default:
b6a0dc82 3001 conn->state = BT_CLOSED;
732547f9
MH		 3002 break;
3003 }
b6a0dc82
MH		 3004
3005 hci_proto_connect_cfm(conn, ev->status);
3006 if (ev->status)
3007 hci_conn_del(conn);
3008
3009unlock:
3010 hci_dev_unlock(hdev);
a9de9248
MH		 3011}
3012
6039aa73
GP		 3013static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3014 struct sk_buff *skb)
1da177e4 3015{
a9de9248
MH		 3016 struct inquiry_data data;
3017 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3018 int num_rsp = *((__u8 *) skb->data);
9d939d94 3019 size_t eir_len;
1da177e4 3020
a9de9248 3021 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 3022
a9de9248
MH		 3023 if (!num_rsp)
3024 return;
1da177e4 3025
1519cc17
AG		 3026 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3027 return;
3028
a9de9248
MH		 3029 hci_dev_lock(hdev);
3030
e17acd40 3031 for (; num_rsp; num_rsp--, info++) {
388fc8fa 3032 bool name_known, ssp;
561aafbc 3033
a9de9248 3034 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 3035 data.pscan_rep_mode = info->pscan_rep_mode;
3036 data.pscan_period_mode = info->pscan_period_mode;
3037 data.pscan_mode = 0x00;
a9de9248 3038 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 3039 data.clock_offset = info->clock_offset;
3040 data.rssi = info->rssi;
41a96212 3041 data.ssp_mode = 0x01;
561aafbc 3042
a8b2d5c2 3043 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 3044 name_known = eir_has_data_type(info->data,
04124681
GP		 3045 sizeof(info->data),
3046 EIR_NAME_COMPLETE);
561aafbc
JH		 3047 else
3048 name_known = true;
3049
388fc8fa 3050 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 3051 &ssp);
9d939d94 3052 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 3053 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 3054 info->dev_class, info->rssi, !name_known,
9d939d94 3055 ssp, info->data, eir_len);
a9de9248
MH		 3056 }
3057
3058 hci_dev_unlock(hdev);
3059}
1da177e4 3060
1c2e0041
JH		 3061static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3062 struct sk_buff *skb)
3063{
3064 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3065 struct hci_conn *conn;
3066
9f1db00c 3067 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3068 __le16_to_cpu(ev->handle));
3069
3070 hci_dev_lock(hdev);
3071
3072 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3073 if (!conn)
3074 goto unlock;
3075
3076 if (!ev->status)
3077 conn->sec_level = conn->pending_sec_level;
3078
3079 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3080
3081 if (ev->status && conn->state == BT_CONNECTED) {
bed71748 3082 hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
1c2e0041
JH		 3083 hci_conn_put(conn);
3084 goto unlock;
3085 }
3086
3087 if (conn->state == BT_CONFIG) {
3088 if (!ev->status)
3089 conn->state = BT_CONNECTED;
3090
3091 hci_proto_connect_cfm(conn, ev->status);
3092 hci_conn_put(conn);
3093 } else {
3094 hci_auth_cfm(conn, ev->status);
3095
3096 hci_conn_hold(conn);
3097 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3098 hci_conn_put(conn);
3099 }
3100
3101unlock:
3102 hci_dev_unlock(hdev);
3103}
3104
6039aa73 3105static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3106{
3107 /* If remote requests dedicated bonding follow that lead */
3108 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3109 /* If both remote and local IO capabilities allow MITM
3110 * protection then require it, otherwise don't */
3111 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3112 return 0x02;
3113 else
3114 return 0x03;
3115 }
3116
3117 /* If remote requests no-bonding follow that lead */
3118 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 3119 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3120
3121 return conn->auth_type;
3122}
3123
6039aa73 3124static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3125{
3126 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3127 struct hci_conn *conn;
3128
3129 BT_DBG("%s", hdev->name);
3130
3131 hci_dev_lock(hdev);
3132
3133 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3134 if (!conn)
3135 goto unlock;
3136
3137 hci_conn_hold(conn);
3138
a8b2d5c2 3139 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3140 goto unlock;
3141
a8b2d5c2 3142 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3143 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3144 struct hci_cp_io_capability_reply cp;
3145
3146 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3147 /* Change the IO capability from KeyboardDisplay
3148 * to DisplayYesNo as it is not supported by BT spec. */
3149 cp.capability = (conn->io_capability == 0x04) ?
3150 0x01 : conn->io_capability;
7cbc9bd9
JH		 3151 conn->auth_type = hci_get_auth_req(conn);
3152 cp.authentication = conn->auth_type;
17fa4b9d 3153
8fc9ced3
GP		 3154 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3155 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3156 cp.oob_data = 0x01;
3157 else
3158 cp.oob_data = 0x00;
3159
17fa4b9d 3160 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3161 sizeof(cp), &cp);
03b555e1
JH		 3162 } else {
3163 struct hci_cp_io_capability_neg_reply cp;
3164
3165 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3166 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3167
03b555e1 3168 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3169 sizeof(cp), &cp);
03b555e1
JH		 3170 }
3171
3172unlock:
3173 hci_dev_unlock(hdev);
3174}
3175
6039aa73 3176static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3177{
3178 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3179 struct hci_conn *conn;
3180
3181 BT_DBG("%s", hdev->name);
3182
3183 hci_dev_lock(hdev);
3184
3185 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3186 if (!conn)
3187 goto unlock;
3188
03b555e1 3189 conn->remote_cap = ev->capability;
03b555e1 3190 conn->remote_auth = ev->authentication;
58a681ef
JH		 3191 if (ev->oob_data)
3192 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3193
3194unlock:
0493684e
MH		 3195 hci_dev_unlock(hdev);
3196}
3197
6039aa73
GP		 3198static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3199 struct sk_buff *skb)
a5c29683
JH		 3200{
3201 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3202 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3203 struct hci_conn *conn;
a5c29683
JH		 3204
3205 BT_DBG("%s", hdev->name);
3206
3207 hci_dev_lock(hdev);
3208
a8b2d5c2 3209 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3210 goto unlock;
a5c29683 3211
7a828908
JH		 3212 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3213 if (!conn)
3214 goto unlock;
3215
3216 loc_mitm = (conn->auth_type & 0x01);
3217 rem_mitm = (conn->remote_auth & 0x01);
3218
3219 /* If we require MITM but the remote device can't provide that
3220 * (it has NoInputNoOutput) then reject the confirmation
3221 * request. The only exception is when we're dedicated bonding
3222 * initiators (connect_cfm_cb set) since then we always have the MITM
3223 * bit set. */
3224 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3225 BT_DBG("Rejecting request: remote device can't provide MITM");
3226 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3227 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3228 goto unlock;
3229 }
3230
3231 /* If no side requires MITM protection; auto-accept */
3232 if ((!loc_mitm || conn->remote_cap == 0x03) &&
807deac2 3233 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3234
3235 /* If we're not the initiators request authorization to
3236 * proceed from user space (mgmt_user_confirm with
3237 * confirm_hint set to 1). */
51a8efd7 3238 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3239 BT_DBG("Confirming auto-accept as acceptor");
3240 confirm_hint = 1;
3241 goto confirm;
3242 }
3243
9f61656a 3244 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3245 hdev->auto_accept_delay);
9f61656a
JH		 3246
3247 if (hdev->auto_accept_delay > 0) {
3248 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3249 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3250 goto unlock;
3251 }
3252
7a828908 3253 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3254 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3255 goto unlock;
3256 }
3257
55bc1a37 3258confirm:
272d90df 3259 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3260 confirm_hint);
7a828908
JH		 3261
3262unlock:
a5c29683
JH		 3263 hci_dev_unlock(hdev);
3264}
3265
6039aa73
GP		 3266static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3267 struct sk_buff *skb)
1143d458
BG		 3268{
3269 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3270
3271 BT_DBG("%s", hdev->name);
3272
a8b2d5c2 3273 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3274 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3275}
3276
92a25256
JH		 3277static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3278 struct sk_buff *skb)
3279{
3280 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3281 struct hci_conn *conn;
3282
3283 BT_DBG("%s", hdev->name);
3284
3285 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3286 if (!conn)
3287 return;
3288
3289 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3290 conn->passkey_entered = 0;
3291
3292 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3293 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3294 conn->dst_type, conn->passkey_notify,
3295 conn->passkey_entered);
3296}
3297
3298static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3299{
3300 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3301 struct hci_conn *conn;
3302
3303 BT_DBG("%s", hdev->name);
3304
3305 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3306 if (!conn)
3307 return;
3308
3309 switch (ev->type) {
3310 case HCI_KEYPRESS_STARTED:
3311 conn->passkey_entered = 0;
3312 return;
3313
3314 case HCI_KEYPRESS_ENTERED:
3315 conn->passkey_entered++;
3316 break;
3317
3318 case HCI_KEYPRESS_ERASED:
3319 conn->passkey_entered--;
3320 break;
3321
3322 case HCI_KEYPRESS_CLEARED:
3323 conn->passkey_entered = 0;
3324 break;
3325
3326 case HCI_KEYPRESS_COMPLETED:
3327 return;
3328 }
3329
3330 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3331 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3332 conn->dst_type, conn->passkey_notify,
3333 conn->passkey_entered);
3334}
3335
6039aa73
GP		 3336static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3337 struct sk_buff *skb)
0493684e
MH		 3338{
3339 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3340 struct hci_conn *conn;
3341
3342 BT_DBG("%s", hdev->name);
3343
3344 hci_dev_lock(hdev);
3345
3346 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3347 if (!conn)
3348 goto unlock;
3349
3350 /* To avoid duplicate auth_failed events to user space we check
3351 * the HCI_CONN_AUTH_PEND flag which will be set if we
3352 * initiated the authentication. A traditional auth_complete
3353 * event gets always produced as initiator and is also mapped to
3354 * the mgmt_auth_failed event */
fa1bd918 3355 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3356 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3357 ev->status);
0493684e 3358
2a611692
JH		 3359 hci_conn_put(conn);
3360
3361unlock:
0493684e
MH		 3362 hci_dev_unlock(hdev);
3363}
3364
6039aa73
GP		 3365static void hci_remote_host_features_evt(struct hci_dev *hdev,
3366 struct sk_buff *skb)
41a96212
MH		 3367{
3368 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3369 struct inquiry_entry *ie;
3370
3371 BT_DBG("%s", hdev->name);
3372
3373 hci_dev_lock(hdev);
3374
cc11b9c1
AE		 3375 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3376 if (ie)
02b7cc62 3377 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3378
3379 hci_dev_unlock(hdev);
3380}
3381
6039aa73
GP		 3382static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3383 struct sk_buff *skb)
2763eda6
SJ		 3384{
3385 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3386 struct oob_data *data;
3387
3388 BT_DBG("%s", hdev->name);
3389
3390 hci_dev_lock(hdev);
3391
a8b2d5c2 3392 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3393 goto unlock;
3394
2763eda6
SJ		 3395 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3396 if (data) {
3397 struct hci_cp_remote_oob_data_reply cp;
3398
3399 bacpy(&cp.bdaddr, &ev->bdaddr);
3400 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3401 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3402
3403 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3404 &cp);
2763eda6
SJ		 3405 } else {
3406 struct hci_cp_remote_oob_data_neg_reply cp;
3407
3408 bacpy(&cp.bdaddr, &ev->bdaddr);
3409 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3410 &cp);
2763eda6
SJ		 3411 }
3412
e1ba1f15 3413unlock:
2763eda6
SJ		 3414 hci_dev_unlock(hdev);
3415}
3416
d5e91192
AE		 3417static void hci_phy_link_complete_evt(struct hci_dev *hdev,
3418 struct sk_buff *skb)
3419{
3420 struct hci_ev_phy_link_complete *ev = (void *) skb->data;
3421 struct hci_conn *hcon, *bredr_hcon;
3422
3423 BT_DBG("%s handle 0x%2.2x status 0x%2.2x", hdev->name, ev->phy_handle,
3424 ev->status);
3425
3426 hci_dev_lock(hdev);
3427
3428 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3429 if (!hcon) {
3430 hci_dev_unlock(hdev);
3431 return;
3432 }
3433
3434 if (ev->status) {
3435 hci_conn_del(hcon);
3436 hci_dev_unlock(hdev);
3437 return;
3438 }
3439
3440 bredr_hcon = hcon->amp_mgr->l2cap_conn->hcon;
3441
3442 hcon->state = BT_CONNECTED;
3443 bacpy(&hcon->dst, &bredr_hcon->dst);
3444
3445 hci_conn_hold(hcon);
3446 hcon->disc_timeout = HCI_DISCONN_TIMEOUT;
3447 hci_conn_put(hcon);
3448
3449 hci_conn_hold_device(hcon);
3450 hci_conn_add_sysfs(hcon);
3451
cf70ff22 3452 amp_physical_cfm(bredr_hcon, hcon);
d5e91192 3453
cf70ff22 3454 hci_dev_unlock(hdev);
d5e91192
AE		 3455}
3456
27695fb4
AE		 3457static void hci_loglink_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3458{
3459 struct hci_ev_logical_link_complete *ev = (void *) skb->data;
3460 struct hci_conn *hcon;
3461 struct hci_chan *hchan;
3462 struct amp_mgr *mgr;
3463
3464 BT_DBG("%s log_handle 0x%4.4x phy_handle 0x%2.2x status 0x%2.2x",
3465 hdev->name, le16_to_cpu(ev->handle), ev->phy_handle,
3466 ev->status);
3467
3468 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3469 if (!hcon)
3470 return;
3471
3472 /* Create AMP hchan */
3473 hchan = hci_chan_create(hcon);
3474 if (!hchan)
3475 return;
3476
3477 hchan->handle = le16_to_cpu(ev->handle);
3478
3479 BT_DBG("hcon %p mgr %p hchan %p", hcon, hcon->amp_mgr, hchan);
3480
3481 mgr = hcon->amp_mgr;
3482 if (mgr && mgr->bredr_chan) {
3483 struct l2cap_chan *bredr_chan = mgr->bredr_chan;
3484
3485 l2cap_chan_lock(bredr_chan);
3486
3487 bredr_chan->conn->mtu = hdev->block_mtu;
3488 l2cap_logical_cfm(bredr_chan, hchan, 0);
3489 hci_conn_hold(hcon);
3490
3491 l2cap_chan_unlock(bredr_chan);
3492 }
3493}
3494
606e2a10
AE		 3495static void hci_disconn_loglink_complete_evt(struct hci_dev *hdev,
3496 struct sk_buff *skb)
3497{
3498 struct hci_ev_disconn_logical_link_complete *ev = (void *) skb->data;
3499 struct hci_chan *hchan;
3500
3501 BT_DBG("%s log handle 0x%4.4x status 0x%2.2x", hdev->name,
3502 le16_to_cpu(ev->handle), ev->status);
3503
3504 if (ev->status)
3505 return;
3506
3507 hci_dev_lock(hdev);
3508
3509 hchan = hci_chan_lookup_handle(hdev, le16_to_cpu(ev->handle));
3510 if (!hchan)
3511 goto unlock;
3512
3513 amp_destroy_logical_link(hchan, ev->reason);
3514
3515unlock:
3516 hci_dev_unlock(hdev);
3517}
3518
9eef6b3a
AE		 3519static void hci_disconn_phylink_complete_evt(struct hci_dev *hdev,
3520 struct sk_buff *skb)
3521{
3522 struct hci_ev_disconn_phy_link_complete *ev = (void *) skb->data;
3523 struct hci_conn *hcon;
3524
3525 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
3526
3527 if (ev->status)
3528 return;
3529
3530 hci_dev_lock(hdev);
3531
3532 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3533 if (hcon) {
3534 hcon->state = BT_CLOSED;
3535 hci_conn_del(hcon);
3536 }
3537
3538 hci_dev_unlock(hdev);
3539}
3540
6039aa73 3541static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3542{
3543 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3544 struct hci_conn *conn;
3545
9f1db00c 3546 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3547
3548 hci_dev_lock(hdev);
3549
b47a09b3 3550 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3551 if (!conn) {
3552 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3553 if (!conn) {
3554 BT_ERR("No memory for new connection");
230fd16a 3555 goto unlock;
b62f328b 3556 }
29b7988a
AG		 3557
3558 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3559
3560 if (ev->role == LE_CONN_ROLE_MASTER) {
3561 conn->out = true;
3562 conn->link_mode |= HCI_LM_MASTER;
3563 }
b62f328b 3564 }
fcd89c09 3565
cd17decb
AG		 3566 if (ev->status) {
3567 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3568 conn->dst_type, ev->status);
3569 hci_proto_connect_cfm(conn, ev->status);
3570 conn->state = BT_CLOSED;
3571 hci_conn_del(conn);
3572 goto unlock;
3573 }
3574
b644ba33
JH		 3575 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3576 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3577 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3578
7b5c0d52 3579 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3580 conn->handle = __le16_to_cpu(ev->handle);
3581 conn->state = BT_CONNECTED;
3582
3583 hci_conn_hold_device(conn);
3584 hci_conn_add_sysfs(conn);
3585
3586 hci_proto_connect_cfm(conn, ev->status);
3587
3588unlock:
3589 hci_dev_unlock(hdev);
3590}
3591
6039aa73 3592static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3593{
e95beb41
AG		 3594 u8 num_reports = skb->data[0];
3595 void *ptr = &skb->data[1];
3c9e9195 3596 s8 rssi;
9aa04c91 3597
e95beb41
AG		 3598 while (num_reports--) {
3599 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3600
3c9e9195
AG		 3601 rssi = ev->data[ev->length];
3602 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3603 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3604
e95beb41 3605 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91 3606 }
9aa04c91
AG		 3607}
3608
6039aa73 3609static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3610{
3611 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3612 struct hci_cp_le_ltk_reply cp;
bea710fe 3613 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3614 struct hci_conn *conn;
c9839a11 3615 struct smp_ltk *ltk;
a7a595f6 3616
9f1db00c 3617 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3618
3619 hci_dev_lock(hdev);
3620
3621 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3622 if (conn == NULL)
3623 goto not_found;
a7a595f6 3624
bea710fe
VCG		 3625 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3626 if (ltk == NULL)
3627 goto not_found;
3628
3629 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3630 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3631
3632 if (ltk->authenticated)
3633 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3634
3635 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3636
c9839a11
VCG		 3637 if (ltk->type & HCI_SMP_STK) {
3638 list_del(&ltk->list);
3639 kfree(ltk);
3640 }
3641
a7a595f6 3642 hci_dev_unlock(hdev);
bea710fe
VCG		 3643
3644 return;
3645
3646not_found:
3647 neg.handle = ev->handle;
3648 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3649 hci_dev_unlock(hdev);
a7a595f6
VCG		 3650}
3651
6039aa73 3652static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3653{
3654 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3655
3656 skb_pull(skb, sizeof(*le_ev));
3657
3658 switch (le_ev->subevent) {
3659 case HCI_EV_LE_CONN_COMPLETE:
3660 hci_le_conn_complete_evt(hdev, skb);
3661 break;
3662
9aa04c91
AG		 3663 case HCI_EV_LE_ADVERTISING_REPORT:
3664 hci_le_adv_report_evt(hdev, skb);
3665 break;
3666
a7a595f6
VCG		 3667 case HCI_EV_LE_LTK_REQ:
3668 hci_le_ltk_request_evt(hdev, skb);
3669 break;
3670
fcd89c09
VT		 3671 default:
3672 break;
3673 }
3674}
3675
9495b2ee
AE		 3676static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3677{
3678 struct hci_ev_channel_selected *ev = (void *) skb->data;
3679 struct hci_conn *hcon;
3680
3681 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3682
3683 skb_pull(skb, sizeof(*ev));
3684
3685 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3686 if (!hcon)
3687 return;
3688
3689 amp_read_loc_assoc_final_data(hdev, hcon);
3690}
3691
a9de9248
MH		 3692void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3693{
3694 struct hci_event_hdr *hdr = (void *) skb->data;
3695 __u8 event = hdr->evt;
3696
3697 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3698
3699 switch (event) {
1da177e4
LT		 3700 case HCI_EV_INQUIRY_COMPLETE:
3701 hci_inquiry_complete_evt(hdev, skb);
3702 break;
3703
3704 case HCI_EV_INQUIRY_RESULT:
3705 hci_inquiry_result_evt(hdev, skb);
3706 break;
3707
a9de9248
MH		 3708 case HCI_EV_CONN_COMPLETE:
3709 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3710 break;
3711
1da177e4
LT		 3712 case HCI_EV_CONN_REQUEST:
3713 hci_conn_request_evt(hdev, skb);
3714 break;
3715
1da177e4
LT		 3716 case HCI_EV_DISCONN_COMPLETE:
3717 hci_disconn_complete_evt(hdev, skb);
3718 break;
3719
1da177e4
LT		 3720 case HCI_EV_AUTH_COMPLETE:
3721 hci_auth_complete_evt(hdev, skb);
3722 break;
3723
a9de9248
MH		 3724 case HCI_EV_REMOTE_NAME:
3725 hci_remote_name_evt(hdev, skb);
3726 break;
3727
1da177e4
LT		 3728 case HCI_EV_ENCRYPT_CHANGE:
3729 hci_encrypt_change_evt(hdev, skb);
3730 break;
3731
a9de9248
MH		 3732 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3733 hci_change_link_key_complete_evt(hdev, skb);
3734 break;
3735
3736 case HCI_EV_REMOTE_FEATURES:
3737 hci_remote_features_evt(hdev, skb);
3738 break;
3739
a9de9248
MH		 3740 case HCI_EV_CMD_COMPLETE:
3741 hci_cmd_complete_evt(hdev, skb);
3742 break;
3743
3744 case HCI_EV_CMD_STATUS:
3745 hci_cmd_status_evt(hdev, skb);
3746 break;
3747
3748 case HCI_EV_ROLE_CHANGE:
3749 hci_role_change_evt(hdev, skb);
3750 break;
3751
3752 case HCI_EV_NUM_COMP_PKTS:
3753 hci_num_comp_pkts_evt(hdev, skb);
3754 break;
3755
3756 case HCI_EV_MODE_CHANGE:
3757 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3758 break;
3759
3760 case HCI_EV_PIN_CODE_REQ:
3761 hci_pin_code_request_evt(hdev, skb);
3762 break;
3763
3764 case HCI_EV_LINK_KEY_REQ:
3765 hci_link_key_request_evt(hdev, skb);
3766 break;
3767
3768 case HCI_EV_LINK_KEY_NOTIFY:
3769 hci_link_key_notify_evt(hdev, skb);
3770 break;
3771
3772 case HCI_EV_CLOCK_OFFSET:
3773 hci_clock_offset_evt(hdev, skb);
3774 break;
3775
a8746417
MH		 3776 case HCI_EV_PKT_TYPE_CHANGE:
3777 hci_pkt_type_change_evt(hdev, skb);
3778 break;
3779
85a1e930
MH		 3780 case HCI_EV_PSCAN_REP_MODE:
3781 hci_pscan_rep_mode_evt(hdev, skb);
3782 break;
3783
a9de9248
MH		 3784 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3785 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3786 break;
3787
a9de9248
MH		 3788 case HCI_EV_REMOTE_EXT_FEATURES:
3789 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3790 break;
3791
a9de9248
MH		 3792 case HCI_EV_SYNC_CONN_COMPLETE:
3793 hci_sync_conn_complete_evt(hdev, skb);
3794 break;
1da177e4 3795
a9de9248
MH		 3796 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3797 hci_extended_inquiry_result_evt(hdev, skb);
3798 break;
1da177e4 3799
1c2e0041
JH		 3800 case HCI_EV_KEY_REFRESH_COMPLETE:
3801 hci_key_refresh_complete_evt(hdev, skb);
3802 break;
3803
0493684e
MH		 3804 case HCI_EV_IO_CAPA_REQUEST:
3805 hci_io_capa_request_evt(hdev, skb);
3806 break;
3807
03b555e1
JH		 3808 case HCI_EV_IO_CAPA_REPLY:
3809 hci_io_capa_reply_evt(hdev, skb);
3810 break;
3811
a5c29683
JH		 3812 case HCI_EV_USER_CONFIRM_REQUEST:
3813 hci_user_confirm_request_evt(hdev, skb);
3814 break;
3815
1143d458
BG		 3816 case HCI_EV_USER_PASSKEY_REQUEST:
3817 hci_user_passkey_request_evt(hdev, skb);
3818 break;
3819
92a25256
JH		 3820 case HCI_EV_USER_PASSKEY_NOTIFY:
3821 hci_user_passkey_notify_evt(hdev, skb);
3822 break;
3823
3824 case HCI_EV_KEYPRESS_NOTIFY:
3825 hci_keypress_notify_evt(hdev, skb);
3826 break;
3827
0493684e
MH		 3828 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3829 hci_simple_pair_complete_evt(hdev, skb);
3830 break;
3831
41a96212
MH		 3832 case HCI_EV_REMOTE_HOST_FEATURES:
3833 hci_remote_host_features_evt(hdev, skb);
3834 break;
3835
fcd89c09
VT		 3836 case HCI_EV_LE_META:
3837 hci_le_meta_evt(hdev, skb);
3838 break;
3839
9495b2ee
AE		 3840 case HCI_EV_CHANNEL_SELECTED:
3841 hci_chan_selected_evt(hdev, skb);
3842 break;
3843
2763eda6
SJ		 3844 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3845 hci_remote_oob_data_request_evt(hdev, skb);
3846 break;
3847
d5e91192
AE		 3848 case HCI_EV_PHY_LINK_COMPLETE:
3849 hci_phy_link_complete_evt(hdev, skb);
3850 break;
3851
27695fb4
AE		 3852 case HCI_EV_LOGICAL_LINK_COMPLETE:
3853 hci_loglink_complete_evt(hdev, skb);
3854 break;
3855
606e2a10
AE		 3856 case HCI_EV_DISCONN_LOGICAL_LINK_COMPLETE:
3857 hci_disconn_loglink_complete_evt(hdev, skb);
3858 break;
3859
9eef6b3a
AE		 3860 case HCI_EV_DISCONN_PHY_LINK_COMPLETE:
3861 hci_disconn_phylink_complete_evt(hdev, skb);
3862 break;
3863
25e89e99
AE		 3864 case HCI_EV_NUM_COMP_BLOCKS:
3865 hci_num_comp_blocks_evt(hdev, skb);
3866 break;
3867
a9de9248 3868 default:
9f1db00c 3869 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3870 break;
3871 }
3872
3873 kfree_skb(skb);
3874 hdev->stat.evt_rx++;
3875}
kernel source for telekom puls (alcatel/mediatek)