projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: mgmt: Fix Set SSP supported check
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
1da177e4
LT		 38#include <net/sock.h>
39
40#include <asm/system.h>
70f23020 41#include <linux/uaccess.h>
1da177e4
LT		 42#include <asm/unaligned.h>
43
44#include <net/bluetooth/bluetooth.h>
45#include <net/bluetooth/hci_core.h>
46
1da177e4
LT		 47/* Handle HCI Event packets */
48
a9de9248 49static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 50{
a9de9248 51 __u8 status = *((__u8 *) skb->data);
1da177e4 52
a9de9248 53 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 54
e6d465cb
AG		 55 if (status) {
56 hci_dev_lock(hdev);
57 mgmt_stop_discovery_failed(hdev, status);
58 hci_dev_unlock(hdev);
a9de9248 59 return;
e6d465cb 60 }
1da177e4 61
89352e7d
AG		 62 clear_bit(HCI_INQUIRY, &hdev->flags);
63
56e5cb86 64 hci_dev_lock(hdev);
ff9ef578 65 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 66 hci_dev_unlock(hdev);
6bd57416 67
23bb5763 68 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 69
70 hci_conn_check_pending(hdev);
71}
6bd57416 72
a9de9248
MH		 73static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
74{
75 __u8 status = *((__u8 *) skb->data);
6bd57416 76
a9de9248 77 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 78
a9de9248
MH		 79 if (status)
80 return;
1da177e4 81
a9de9248
MH		 82 hci_conn_check_pending(hdev);
83}
84
85static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 BT_DBG("%s", hdev->name);
88}
89
90static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
91{
92 struct hci_rp_role_discovery *rp = (void *) skb->data;
93 struct hci_conn *conn;
94
95 BT_DBG("%s status 0x%x", hdev->name, rp->status);
96
97 if (rp->status)
98 return;
99
100 hci_dev_lock(hdev);
101
102 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
103 if (conn) {
104 if (rp->role)
105 conn->link_mode &= ~HCI_LM_MASTER;
106 else
107 conn->link_mode |= HCI_LM_MASTER;
1da177e4 108 }
a9de9248
MH		 109
110 hci_dev_unlock(hdev);
1da177e4
LT		 111}
112
e4e8e37c
MH		 113static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
114{
115 struct hci_rp_read_link_policy *rp = (void *) skb->data;
116 struct hci_conn *conn;
117
118 BT_DBG("%s status 0x%x", hdev->name, rp->status);
119
120 if (rp->status)
121 return;
122
123 hci_dev_lock(hdev);
124
125 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
126 if (conn)
127 conn->link_policy = __le16_to_cpu(rp->policy);
128
129 hci_dev_unlock(hdev);
130}
131
a9de9248 132static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 133{
a9de9248 134 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 135 struct hci_conn *conn;
04837f64 136 void *sent;
1da177e4 137
a9de9248 138 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 139
a9de9248
MH		 140 if (rp->status)
141 return;
1da177e4 142
a9de9248
MH		 143 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144 if (!sent)
145 return;
1da177e4 146
a9de9248 147 hci_dev_lock(hdev);
1da177e4 148
a9de9248 149 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 150 if (conn)
83985319 151 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 152
a9de9248
MH		 153 hci_dev_unlock(hdev);
154}
1da177e4 155
e4e8e37c
MH		 156static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
157{
158 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
159
160 BT_DBG("%s status 0x%x", hdev->name, rp->status);
161
162 if (rp->status)
163 return;
164
165 hdev->link_policy = __le16_to_cpu(rp->policy);
166}
167
168static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
169{
170 __u8 status = *((__u8 *) skb->data);
171 void *sent;
172
173 BT_DBG("%s status 0x%x", hdev->name, status);
174
175 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
176 if (!sent)
177 return;
178
179 if (!status)
180 hdev->link_policy = get_unaligned_le16(sent);
181
23bb5763 182 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 183}
184
a9de9248
MH		 185static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
186{
187 __u8 status = *((__u8 *) skb->data);
04837f64 188
a9de9248 189 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 190
10572132
GP		 191 clear_bit(HCI_RESET, &hdev->flags);
192
23bb5763 193 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 194
a297e97c
JH		 195 /* Reset all non-persistent flags */
196 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN));
a9de9248 197}
04837f64 198
a9de9248
MH		 199static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
200{
201 __u8 status = *((__u8 *) skb->data);
202 void *sent;
04837f64 203
a9de9248 204 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 205
a9de9248
MH		 206 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
207 if (!sent)
208 return;
04837f64 209
56e5cb86
JH		 210 hci_dev_lock(hdev);
211
a8b2d5c2 212 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 213 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 214
56e5cb86
JH		 215 if (status == 0)
216 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 217
56e5cb86 218 hci_dev_unlock(hdev);
a9de9248
MH		 219}
220
221static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
222{
223 struct hci_rp_read_local_name *rp = (void *) skb->data;
224
225 BT_DBG("%s status 0x%x", hdev->name, rp->status);
226
227 if (rp->status)
228 return;
229
1f6c6378 230 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 231}
232
233static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
234{
235 __u8 status = *((__u8 *) skb->data);
236 void *sent;
237
238 BT_DBG("%s status 0x%x", hdev->name, status);
239
240 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
241 if (!sent)
242 return;
243
244 if (!status) {
245 __u8 param = *((__u8 *) sent);
246
247 if (param == AUTH_ENABLED)
248 set_bit(HCI_AUTH, &hdev->flags);
249 else
250 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 251 }
a9de9248 252
33ef95ed
JH		 253 if (test_bit(HCI_MGMT, &hdev->dev_flags))
254 mgmt_auth_enable_complete(hdev, status);
255
23bb5763 256 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 257}
258
a9de9248 259static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 260{
a9de9248 261 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 262 void *sent;
263
a9de9248 264 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 265
a9de9248
MH		 266 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
267 if (!sent)
268 return;
1da177e4 269
a9de9248
MH		 270 if (!status) {
271 __u8 param = *((__u8 *) sent);
272
273 if (param)
274 set_bit(HCI_ENCRYPT, &hdev->flags);
275 else
276 clear_bit(HCI_ENCRYPT, &hdev->flags);
277 }
1da177e4 278
23bb5763 279 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 280}
1da177e4 281
a9de9248
MH		 282static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283{
36f7fc7e
JH		 284 __u8 param, status = *((__u8 *) skb->data);
285 int old_pscan, old_iscan;
a9de9248 286 void *sent;
1da177e4 287
a9de9248 288 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 289
a9de9248
MH		 290 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
291 if (!sent)
292 return;
1da177e4 293
36f7fc7e
JH		 294 param = *((__u8 *) sent);
295
56e5cb86
JH		 296 hci_dev_lock(hdev);
297
2d7cee58 298 if (status != 0) {
744cf19e 299 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 300 hdev->discov_timeout = 0;
301 goto done;
302 }
303
36f7fc7e
JH		 304 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
305 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306
307 if (param & SCAN_INQUIRY) {
308 set_bit(HCI_ISCAN, &hdev->flags);
309 if (!old_iscan)
744cf19e 310 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 311 if (hdev->discov_timeout > 0) {
312 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
313 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
314 to);
315 }
36f7fc7e 316 } else if (old_iscan)
744cf19e 317 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 318
319 if (param & SCAN_PAGE) {
320 set_bit(HCI_PSCAN, &hdev->flags);
321 if (!old_pscan)
744cf19e 322 mgmt_connectable(hdev, 1);
36f7fc7e 323 } else if (old_pscan)
744cf19e 324 mgmt_connectable(hdev, 0);
1da177e4 325
36f7fc7e 326done:
56e5cb86 327 hci_dev_unlock(hdev);
23bb5763 328 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 329}
1da177e4 330
a9de9248
MH		 331static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332{
333 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 334
a9de9248 335 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 336
a9de9248
MH		 337 if (rp->status)
338 return;
1da177e4 339
a9de9248 340 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 341
a9de9248
MH		 342 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
343 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
344}
1da177e4 345
a9de9248
MH		 346static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347{
348 __u8 status = *((__u8 *) skb->data);
349 void *sent;
1da177e4 350
a9de9248 351 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 352
f383f275
MH		 353 if (status)
354 return;
355
a9de9248
MH		 356 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
357 if (!sent)
358 return;
1da177e4 359
f383f275 360 memcpy(hdev->dev_class, sent, 3);
a9de9248 361}
1da177e4 362
a9de9248
MH		 363static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364{
365 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
366 __u16 setting;
367
368 BT_DBG("%s status 0x%x", hdev->name, rp->status);
369
370 if (rp->status)
371 return;
372
373 setting = __le16_to_cpu(rp->voice_setting);
374
f383f275 375 if (hdev->voice_setting == setting)
a9de9248
MH		 376 return;
377
378 hdev->voice_setting = setting;
379
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
381
3c54711c 382 if (hdev->notify)
a9de9248 383 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 384}
385
386static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387{
388 __u8 status = *((__u8 *) skb->data);
f383f275 389 __u16 setting;
a9de9248
MH		 390 void *sent;
391
392 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 393
f383f275
MH		 394 if (status)
395 return;
396
a9de9248
MH		 397 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
398 if (!sent)
399 return;
1da177e4 400
f383f275 401 setting = get_unaligned_le16(sent);
1da177e4 402
f383f275
MH		 403 if (hdev->voice_setting == setting)
404 return;
405
406 hdev->voice_setting = setting;
1da177e4 407
f383f275 408 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 409
3c54711c 410 if (hdev->notify)
f383f275 411 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 412}
413
a9de9248 414static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 415{
a9de9248 416 __u8 status = *((__u8 *) skb->data);
1da177e4 417
a9de9248 418 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 419
23bb5763 420 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 421}
1143e5a6 422
333140b5
MH		 423static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424{
425 __u8 status = *((__u8 *) skb->data);
426 void *sent;
427
428 BT_DBG("%s status 0x%x", hdev->name, status);
429
333140b5
MH		 430 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
431 if (!sent)
432 return;
433
ed2c4ee3 434 if (test_bit(HCI_MGMT, &hdev->dev_flags))
c0ecddc2
JH		 435 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status);
436 else if (!status) {
437 if (*((u8 *) sent))
438 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
439 else
440 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
441 }
333140b5
MH		 442}
443
d5859e22
JH		 444static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
445{
446 if (hdev->features[6] & LMP_EXT_INQ)
447 return 2;
448
449 if (hdev->features[3] & LMP_RSSI_INQ)
450 return 1;
451
452 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
453 hdev->lmp_subver == 0x0757)
454 return 1;
455
456 if (hdev->manufacturer == 15) {
457 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
458 return 1;
459 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
460 return 1;
461 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
462 return 1;
463 }
464
465 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
466 hdev->lmp_subver == 0x1805)
467 return 1;
468
469 return 0;
470}
471
472static void hci_setup_inquiry_mode(struct hci_dev *hdev)
473{
474 u8 mode;
475
476 mode = hci_get_inquiry_mode(hdev);
477
478 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
479}
480
481static void hci_setup_event_mask(struct hci_dev *hdev)
482{
483 /* The second byte is 0xff instead of 0x9f (two reserved bits
484 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
485 * command otherwise */
486 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
487
6de6c18d
VT		 488 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
489 * any event mask for pre 1.2 devices */
5a13b095 490 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 491 return;
492
493 events[4] |= 0x01; /* Flow Specification Complete */
494 events[4] |= 0x02; /* Inquiry Result with RSSI */
495 events[4] |= 0x04; /* Read Remote Extended Features Complete */
496 events[5] |= 0x08; /* Synchronous Connection Complete */
497 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 498
499 if (hdev->features[3] & LMP_RSSI_INQ)
500 events[4] |= 0x04; /* Inquiry Result with RSSI */
501
502 if (hdev->features[5] & LMP_SNIFF_SUBR)
503 events[5] |= 0x20; /* Sniff Subrating */
504
505 if (hdev->features[5] & LMP_PAUSE_ENC)
506 events[5] |= 0x80; /* Encryption Key Refresh Complete */
507
508 if (hdev->features[6] & LMP_EXT_INQ)
509 events[5] |= 0x40; /* Extended Inquiry Result */
510
511 if (hdev->features[6] & LMP_NO_FLUSH)
512 events[7] |= 0x01; /* Enhanced Flush Complete */
513
514 if (hdev->features[7] & LMP_LSTO)
515 events[6] |= 0x80; /* Link Supervision Timeout Changed */
516
517 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
518 events[6] |= 0x01; /* IO Capability Request */
519 events[6] |= 0x02; /* IO Capability Response */
520 events[6] |= 0x04; /* User Confirmation Request */
521 events[6] |= 0x08; /* User Passkey Request */
522 events[6] |= 0x10; /* Remote OOB Data Request */
523 events[6] |= 0x20; /* Simple Pairing Complete */
524 events[7] |= 0x04; /* User Passkey Notification */
525 events[7] |= 0x08; /* Keypress Notification */
526 events[7] |= 0x10; /* Remote Host Supported
527 * Features Notification */
528 }
529
530 if (hdev->features[4] & LMP_LE)
531 events[7] |= 0x20; /* LE Meta-Event */
532
533 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
534}
535
e6100a25
AG		 536static void hci_set_le_support(struct hci_dev *hdev)
537{
538 struct hci_cp_write_le_host_supported cp;
539
540 memset(&cp, 0, sizeof(cp));
541
542 if (enable_le) {
543 cp.le = 1;
544 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
545 }
546
547 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
548}
549
d5859e22
JH		 550static void hci_setup(struct hci_dev *hdev)
551{
e61ef499
AE		 552 if (hdev->dev_type != HCI_BREDR)
553 return;
554
d5859e22
JH		 555 hci_setup_event_mask(hdev);
556
d095c1eb 557 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 558 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
559
54d04dbb
JH		 560 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
561 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
562 u8 mode = 0x01;
563 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
564 sizeof(mode), &mode);
565 } else {
566 struct hci_cp_write_eir cp;
567
568 memset(hdev->eir, 0, sizeof(hdev->eir));
569 memset(&cp, 0, sizeof(cp));
570
571 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
572 }
d5859e22
JH		 573 }
574
575 if (hdev->features[3] & LMP_RSSI_INQ)
576 hci_setup_inquiry_mode(hdev);
577
578 if (hdev->features[7] & LMP_INQ_TX_PWR)
579 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 580
581 if (hdev->features[7] & LMP_EXTFEATURES) {
582 struct hci_cp_read_local_ext_features cp;
583
584 cp.page = 0x01;
585 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
586 sizeof(cp), &cp);
587 }
e6100a25 588
47990ea0
JH		 589 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
590 u8 enable = 1;
591 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE,
592 sizeof(enable), &enable);
593 }
594
e6100a25
AG		 595 if (hdev->features[4] & LMP_LE)
596 hci_set_le_support(hdev);
d5859e22
JH		 597}
598
a9de9248
MH		 599static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
600{
601 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 602
a9de9248 603 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 604
a9de9248
MH		 605 if (rp->status)
606 return;
1143e5a6 607
a9de9248 608 hdev->hci_ver = rp->hci_ver;
e4e8e37c 609 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 610 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 611 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 612 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 613
a9de9248
MH		 614 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
615 hdev->manufacturer,
616 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 617
618 if (test_bit(HCI_INIT, &hdev->flags))
619 hci_setup(hdev);
620}
621
622static void hci_setup_link_policy(struct hci_dev *hdev)
623{
624 u16 link_policy = 0;
625
626 if (hdev->features[0] & LMP_RSWITCH)
627 link_policy |= HCI_LP_RSWITCH;
628 if (hdev->features[0] & LMP_HOLD)
629 link_policy |= HCI_LP_HOLD;
630 if (hdev->features[0] & LMP_SNIFF)
631 link_policy |= HCI_LP_SNIFF;
632 if (hdev->features[1] & LMP_PARK)
633 link_policy |= HCI_LP_PARK;
634
635 link_policy = cpu_to_le16(link_policy);
636 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
637 sizeof(link_policy), &link_policy);
a9de9248 638}
1da177e4 639
a9de9248
MH		 640static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
641{
642 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 643
a9de9248 644 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 645
a9de9248 646 if (rp->status)
d5859e22 647 goto done;
1da177e4 648
a9de9248 649 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 650
651 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
652 hci_setup_link_policy(hdev);
653
654done:
655 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 656}
1da177e4 657
a9de9248
MH		 658static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
659{
660 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 661
a9de9248 662 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 663
a9de9248
MH		 664 if (rp->status)
665 return;
5b7f9909 666
a9de9248 667 memcpy(hdev->features, rp->features, 8);
5b7f9909 668
a9de9248
MH		 669 /* Adjust default settings according to features
670 * supported by device. */
1da177e4 671
a9de9248
MH		 672 if (hdev->features[0] & LMP_3SLOT)
673 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 674
a9de9248
MH		 675 if (hdev->features[0] & LMP_5SLOT)
676 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 677
a9de9248
MH		 678 if (hdev->features[1] & LMP_HV2) {
679 hdev->pkt_type |= (HCI_HV2);
680 hdev->esco_type |= (ESCO_HV2);
681 }
1da177e4 682
a9de9248
MH		 683 if (hdev->features[1] & LMP_HV3) {
684 hdev->pkt_type |= (HCI_HV3);
685 hdev->esco_type |= (ESCO_HV3);
686 }
1da177e4 687
a9de9248
MH		 688 if (hdev->features[3] & LMP_ESCO)
689 hdev->esco_type |= (ESCO_EV3);
da1f5198 690
a9de9248
MH		 691 if (hdev->features[4] & LMP_EV4)
692 hdev->esco_type |= (ESCO_EV4);
da1f5198 693
a9de9248
MH		 694 if (hdev->features[4] & LMP_EV5)
695 hdev->esco_type |= (ESCO_EV5);
1da177e4 696
efc7688b
MH		 697 if (hdev->features[5] & LMP_EDR_ESCO_2M)
698 hdev->esco_type |= (ESCO_2EV3);
699
700 if (hdev->features[5] & LMP_EDR_ESCO_3M)
701 hdev->esco_type |= (ESCO_3EV3);
702
703 if (hdev->features[5] & LMP_EDR_3S_ESCO)
704 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
705
a9de9248
MH		 706 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
707 hdev->features[0], hdev->features[1],
708 hdev->features[2], hdev->features[3],
709 hdev->features[4], hdev->features[5],
710 hdev->features[6], hdev->features[7]);
711}
1da177e4 712
971e3a4b
AG		 713static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
714 struct sk_buff *skb)
715{
716 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
717
718 BT_DBG("%s status 0x%x", hdev->name, rp->status);
719
720 if (rp->status)
721 return;
722
b5b32b65
AG		 723 switch (rp->page) {
724 case 0:
725 memcpy(hdev->features, rp->features, 8);
726 break;
727 case 1:
728 memcpy(hdev->host_features, rp->features, 8);
729 break;
730 }
971e3a4b
AG		 731
732 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
733}
734
1e89cffb
AE		 735static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
736 struct sk_buff *skb)
737{
738 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
739
740 BT_DBG("%s status 0x%x", hdev->name, rp->status);
741
742 if (rp->status)
743 return;
744
745 hdev->flow_ctl_mode = rp->mode;
746
747 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
748}
749
a9de9248
MH		 750static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
751{
752 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 753
a9de9248 754 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 755
a9de9248
MH		 756 if (rp->status)
757 return;
1da177e4 758
a9de9248
MH		 759 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
760 hdev->sco_mtu = rp->sco_mtu;
761 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
762 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
763
764 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
765 hdev->sco_mtu = 64;
766 hdev->sco_pkts = 8;
1da177e4 767 }
a9de9248
MH		 768
769 hdev->acl_cnt = hdev->acl_pkts;
770 hdev->sco_cnt = hdev->sco_pkts;
771
772 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
773 hdev->acl_mtu, hdev->acl_pkts,
774 hdev->sco_mtu, hdev->sco_pkts);
775}
776
777static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
778{
779 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
780
781 BT_DBG("%s status 0x%x", hdev->name, rp->status);
782
783 if (!rp->status)
784 bacpy(&hdev->bdaddr, &rp->bdaddr);
785
23bb5763
JH		 786 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
787}
788
350ee4cf
AE		 789static void hci_cc_read_data_block_size(struct hci_dev *hdev,
790 struct sk_buff *skb)
791{
792 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
793
794 BT_DBG("%s status 0x%x", hdev->name, rp->status);
795
796 if (rp->status)
797 return;
798
799 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
800 hdev->block_len = __le16_to_cpu(rp->block_len);
801 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
802
803 hdev->block_cnt = hdev->num_blocks;
804
805 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
806 hdev->block_cnt, hdev->block_len);
807
808 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
809}
810
23bb5763
JH		 811static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
812{
813 __u8 status = *((__u8 *) skb->data);
814
815 BT_DBG("%s status 0x%x", hdev->name, status);
816
817 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 818}
819
928abaa7
AE		 820static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
821 struct sk_buff *skb)
822{
823 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
824
825 BT_DBG("%s status 0x%x", hdev->name, rp->status);
826
827 if (rp->status)
828 return;
829
830 hdev->amp_status = rp->amp_status;
831 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
832 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
833 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
834 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
835 hdev->amp_type = rp->amp_type;
836 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
837 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
838 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
839 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
840
841 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
842}
843
b0916ea0
JH		 844static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
845 struct sk_buff *skb)
846{
847 __u8 status = *((__u8 *) skb->data);
848
849 BT_DBG("%s status 0x%x", hdev->name, status);
850
851 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
852}
853
d5859e22
JH		 854static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
855{
856 __u8 status = *((__u8 *) skb->data);
857
858 BT_DBG("%s status 0x%x", hdev->name, status);
859
860 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
861}
862
863static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
864 struct sk_buff *skb)
865{
866 __u8 status = *((__u8 *) skb->data);
867
868 BT_DBG("%s status 0x%x", hdev->name, status);
869
870 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
871}
872
873static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
874 struct sk_buff *skb)
875{
876 __u8 status = *((__u8 *) skb->data);
877
878 BT_DBG("%s status 0x%x", hdev->name, status);
879
880 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
881}
882
883static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
884{
885 __u8 status = *((__u8 *) skb->data);
886
887 BT_DBG("%s status 0x%x", hdev->name, status);
888
889 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
890}
891
980e1a53
JH		 892static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
893{
894 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
895 struct hci_cp_pin_code_reply *cp;
896 struct hci_conn *conn;
897
898 BT_DBG("%s status 0x%x", hdev->name, rp->status);
899
56e5cb86
JH		 900 hci_dev_lock(hdev);
901
a8b2d5c2 902 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 903 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 904
905 if (rp->status != 0)
56e5cb86 906 goto unlock;
980e1a53
JH		 907
908 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
909 if (!cp)
56e5cb86 910 goto unlock;
980e1a53
JH		 911
912 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
913 if (conn)
914 conn->pin_length = cp->pin_len;
56e5cb86
JH		 915
916unlock:
917 hci_dev_unlock(hdev);
980e1a53
JH		 918}
919
920static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
921{
922 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
923
924 BT_DBG("%s status 0x%x", hdev->name, rp->status);
925
56e5cb86
JH		 926 hci_dev_lock(hdev);
927
a8b2d5c2 928 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 929 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 930 rp->status);
56e5cb86
JH		 931
932 hci_dev_unlock(hdev);
980e1a53 933}
56e5cb86 934
6ed58ec5
VT		 935static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
936 struct sk_buff *skb)
937{
938 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
939
940 BT_DBG("%s status 0x%x", hdev->name, rp->status);
941
942 if (rp->status)
943 return;
944
945 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
946 hdev->le_pkts = rp->le_max_pkt;
947
948 hdev->le_cnt = hdev->le_pkts;
949
950 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
951
952 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
953}
980e1a53 954
a5c29683
JH		 955static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
956{
957 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
958
959 BT_DBG("%s status 0x%x", hdev->name, rp->status);
960
56e5cb86
JH		 961 hci_dev_lock(hdev);
962
a8b2d5c2 963 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 964 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
965 0, rp->status);
56e5cb86
JH		 966
967 hci_dev_unlock(hdev);
a5c29683
JH		 968}
969
970static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
971 struct sk_buff *skb)
972{
973 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
974
975 BT_DBG("%s status 0x%x", hdev->name, rp->status);
976
56e5cb86
JH		 977 hci_dev_lock(hdev);
978
a8b2d5c2 979 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 980 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 981 ACL_LINK, 0,
a5c29683 982 rp->status);
56e5cb86
JH		 983
984 hci_dev_unlock(hdev);
a5c29683
JH		 985}
986
1143d458
BG		 987static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
988{
989 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
990
991 BT_DBG("%s status 0x%x", hdev->name, rp->status);
992
993 hci_dev_lock(hdev);
994
a8b2d5c2 995 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 996 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
997 0, rp->status);
1143d458
BG		 998
999 hci_dev_unlock(hdev);
1000}
1001
1002static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1003 struct sk_buff *skb)
1004{
1005 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1006
1007 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1008
1009 hci_dev_lock(hdev);
1010
a8b2d5c2 1011 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1012 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 1013 ACL_LINK, 0,
1143d458
BG		 1014 rp->status);
1015
1016 hci_dev_unlock(hdev);
1017}
1018
c35938b2
SJ		 1019static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1020 struct sk_buff *skb)
1021{
1022 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1023
1024 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1025
56e5cb86 1026 hci_dev_lock(hdev);
744cf19e 1027 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1028 rp->randomizer, rp->status);
56e5cb86 1029 hci_dev_unlock(hdev);
c35938b2
SJ		 1030}
1031
07f7fa5d
AG		 1032static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1033{
1034 __u8 status = *((__u8 *) skb->data);
1035
1036 BT_DBG("%s status 0x%x", hdev->name, status);
7ba8b4be
AG		 1037
1038 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1039
1040 if (status) {
1041 hci_dev_lock(hdev);
1042 mgmt_start_discovery_failed(hdev, status);
1043 hci_dev_unlock(hdev);
1044 return;
1045 }
07f7fa5d
AG		 1046}
1047
eb9d91f5
AG		 1048static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1049 struct sk_buff *skb)
1050{
1051 struct hci_cp_le_set_scan_enable *cp;
1052 __u8 status = *((__u8 *) skb->data);
1053
1054 BT_DBG("%s status 0x%x", hdev->name, status);
1055
eb9d91f5
AG		 1056 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1057 if (!cp)
1058 return;
1059
68a8aea4
AE		 1060 switch (cp->enable) {
1061 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1062 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1063
3fd24153
AG		 1064 if (status) {
1065 hci_dev_lock(hdev);
1066 mgmt_start_discovery_failed(hdev, status);
1067 hci_dev_unlock(hdev);
7ba8b4be 1068 return;
3fd24153 1069 }
7ba8b4be 1070
d23264a8
AG		 1071 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1072
db323f2f 1073 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1074
1075 hci_dev_lock(hdev);
eb9d91f5 1076 hci_adv_entries_clear(hdev);
343f935b 1077 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 1078 hci_dev_unlock(hdev);
68a8aea4
AE		 1079 break;
1080
1081 case LE_SCANNING_DISABLED:
7ba8b4be
AG		 1082 if (status)
1083 return;
1084
d23264a8
AG		 1085 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1086
d084329e 1087 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
5e0452c0
AG		 1088
1089 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED) {
1090 mgmt_interleaved_discovery(hdev);
1091 } else {
1092 hci_dev_lock(hdev);
1093 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1094 hci_dev_unlock(hdev);
1095 }
1096
68a8aea4
AE		 1097 break;
1098
1099 default:
1100 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1101 break;
35815085 1102 }
eb9d91f5
AG		 1103}
1104
a7a595f6
VCG		 1105static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1106{
1107 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1108
1109 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1110
1111 if (rp->status)
1112 return;
1113
1114 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1115}
1116
1117static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1118{
1119 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1120
1121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1122
1123 if (rp->status)
1124 return;
1125
1126 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1127}
1128
f9b49306
AG		 1129static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1130 struct sk_buff *skb)
1131{
1132 struct hci_cp_read_local_ext_features cp;
1133 __u8 status = *((__u8 *) skb->data);
1134
1135 BT_DBG("%s status 0x%x", hdev->name, status);
1136
1137 if (status)
1138 return;
1139
1140 cp.page = 0x01;
1141 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1142}
1143
a9de9248
MH		 1144static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1145{
1146 BT_DBG("%s status 0x%x", hdev->name, status);
1147
1148 if (status) {
23bb5763 1149 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1150 hci_conn_check_pending(hdev);
56e5cb86 1151 hci_dev_lock(hdev);
a8b2d5c2 1152 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1153 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1154 hci_dev_unlock(hdev);
314b2381
JH		 1155 return;
1156 }
1157
89352e7d
AG		 1158 set_bit(HCI_INQUIRY, &hdev->flags);
1159
56e5cb86 1160 hci_dev_lock(hdev);
343f935b 1161 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1162 hci_dev_unlock(hdev);
1da177e4
LT		 1163}
1164
1da177e4
LT		 1165static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1166{
a9de9248 1167 struct hci_cp_create_conn *cp;
1da177e4 1168 struct hci_conn *conn;
1da177e4 1169
a9de9248
MH		 1170 BT_DBG("%s status 0x%x", hdev->name, status);
1171
1172 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1173 if (!cp)
1174 return;
1175
1176 hci_dev_lock(hdev);
1177
1178 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1179
a9de9248 1180 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1181
1182 if (status) {
1183 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1184 if (status != 0x0c || conn->attempt > 2) {
1185 conn->state = BT_CLOSED;
1186 hci_proto_connect_cfm(conn, status);
1187 hci_conn_del(conn);
1188 } else
1189 conn->state = BT_CONNECT2;
1da177e4
LT		 1190 }
1191 } else {
1192 if (!conn) {
1193 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1194 if (conn) {
a0c808b3 1195 conn->out = true;
1da177e4
LT		 1196 conn->link_mode |= HCI_LM_MASTER;
1197 } else
893ef971 1198 BT_ERR("No memory for new connection");
1da177e4
LT		 1199 }
1200 }
1201
1202 hci_dev_unlock(hdev);
1203}
1204
a9de9248 1205static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1206{
a9de9248
MH		 1207 struct hci_cp_add_sco *cp;
1208 struct hci_conn *acl, *sco;
1209 __u16 handle;
1da177e4 1210
b6a0dc82
MH		 1211 BT_DBG("%s status 0x%x", hdev->name, status);
1212
a9de9248
MH		 1213 if (!status)
1214 return;
1da177e4 1215
a9de9248
MH		 1216 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1217 if (!cp)
1218 return;
1da177e4 1219
a9de9248 1220 handle = __le16_to_cpu(cp->handle);
1da177e4 1221
a9de9248 1222 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1223
a9de9248 1224 hci_dev_lock(hdev);
1da177e4 1225
a9de9248 1226 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1227 if (acl) {
1228 sco = acl->link;
1229 if (sco) {
1230 sco->state = BT_CLOSED;
1da177e4 1231
5a08ecce
AE		 1232 hci_proto_connect_cfm(sco, status);
1233 hci_conn_del(sco);
1234 }
a9de9248 1235 }
1da177e4 1236
a9de9248
MH		 1237 hci_dev_unlock(hdev);
1238}
1da177e4 1239
f8558555
MH		 1240static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1241{
1242 struct hci_cp_auth_requested *cp;
1243 struct hci_conn *conn;
1244
1245 BT_DBG("%s status 0x%x", hdev->name, status);
1246
1247 if (!status)
1248 return;
1249
1250 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1251 if (!cp)
1252 return;
1253
1254 hci_dev_lock(hdev);
1255
1256 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1257 if (conn) {
1258 if (conn->state == BT_CONFIG) {
1259 hci_proto_connect_cfm(conn, status);
1260 hci_conn_put(conn);
1261 }
1262 }
1263
1264 hci_dev_unlock(hdev);
1265}
1266
1267static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1268{
1269 struct hci_cp_set_conn_encrypt *cp;
1270 struct hci_conn *conn;
1271
1272 BT_DBG("%s status 0x%x", hdev->name, status);
1273
1274 if (!status)
1275 return;
1276
1277 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1278 if (!cp)
1279 return;
1280
1281 hci_dev_lock(hdev);
1282
1283 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1284 if (conn) {
1285 if (conn->state == BT_CONFIG) {
1286 hci_proto_connect_cfm(conn, status);
1287 hci_conn_put(conn);
1288 }
1289 }
1290
1291 hci_dev_unlock(hdev);
1292}
1293
127178d2 1294static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1295 struct hci_conn *conn)
392599b9 1296{
392599b9
JH		 1297 if (conn->state != BT_CONFIG || !conn->out)
1298 return 0;
1299
765c2a96 1300 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1301 return 0;
1302
1303 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1304 * devices with sec_level HIGH or if MITM protection is requested */
aa64a8b5 1305 if (!hci_conn_ssp_enabled(conn) &&
e9bf2bf0
VCG		 1306 conn->pending_sec_level != BT_SECURITY_HIGH &&
1307 !(conn->auth_type & 0x01))
392599b9
JH		 1308 return 0;
1309
392599b9
JH		 1310 return 1;
1311}
1312
30dc78e1
JH		 1313static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1314{
1315 struct hci_cp_remote_name_req cp;
1316
1317 memset(&cp, 0, sizeof(cp));
1318
1319 bacpy(&cp.bdaddr, &e->data.bdaddr);
1320 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1321 cp.pscan_mode = e->data.pscan_mode;
1322 cp.clock_offset = e->data.clock_offset;
1323
1324 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1325}
1326
b644ba33 1327static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1328{
1329 struct discovery_state *discov = &hdev->discovery;
1330 struct inquiry_entry *e;
1331
b644ba33
JH		 1332 if (list_empty(&discov->resolve))
1333 return false;
1334
1335 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1336 if (hci_resolve_name(hdev, e) == 0) {
1337 e->name_state = NAME_PENDING;
1338 return true;
1339 }
1340
1341 return false;
1342}
1343
1344static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1345 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1346{
1347 struct discovery_state *discov = &hdev->discovery;
1348 struct inquiry_entry *e;
1349
1350 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1351 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1352 name, name_len, conn->dev_class);
1353
1354 if (discov->state == DISCOVERY_STOPPED)
1355 return;
1356
30dc78e1
JH		 1357 if (discov->state == DISCOVERY_STOPPING)
1358 goto discov_complete;
1359
1360 if (discov->state != DISCOVERY_RESOLVING)
1361 return;
1362
1363 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1364 if (e) {
1365 e->name_state = NAME_KNOWN;
1366 list_del(&e->list);
b644ba33
JH		 1367 if (name)
1368 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1369 e->data.rssi, name, name_len);
30dc78e1
JH		 1370 }
1371
b644ba33 1372 if (hci_resolve_next_name(hdev))
30dc78e1 1373 return;
30dc78e1
JH		 1374
1375discov_complete:
1376 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1377}
1378
a9de9248
MH		 1379static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1380{
127178d2
JH		 1381 struct hci_cp_remote_name_req *cp;
1382 struct hci_conn *conn;
1383
a9de9248 1384 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1385
1386 /* If successful wait for the name req complete event before
1387 * checking for the need to do authentication */
1388 if (!status)
1389 return;
1390
1391 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1392 if (!cp)
1393 return;
1394
1395 hci_dev_lock(hdev);
1396
b644ba33
JH		 1397 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1398
a8b2d5c2 1399 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1400 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1401
79c6c70c
JH		 1402 if (!conn)
1403 goto unlock;
1404
1405 if (!hci_outgoing_auth_needed(hdev, conn))
1406 goto unlock;
1407
51a8efd7 1408 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1409 struct hci_cp_auth_requested cp;
1410 cp.handle = __cpu_to_le16(conn->handle);
1411 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1412 }
1413
79c6c70c 1414unlock:
127178d2 1415 hci_dev_unlock(hdev);
a9de9248 1416}
1da177e4 1417
769be974
MH		 1418static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1419{
1420 struct hci_cp_read_remote_features *cp;
1421 struct hci_conn *conn;
1422
1423 BT_DBG("%s status 0x%x", hdev->name, status);
1424
1425 if (!status)
1426 return;
1427
1428 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1429 if (!cp)
1430 return;
1431
1432 hci_dev_lock(hdev);
1433
1434 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1435 if (conn) {
1436 if (conn->state == BT_CONFIG) {
769be974
MH		 1437 hci_proto_connect_cfm(conn, status);
1438 hci_conn_put(conn);
1439 }
1440 }
1441
1442 hci_dev_unlock(hdev);
1443}
1444
1445static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1446{
1447 struct hci_cp_read_remote_ext_features *cp;
1448 struct hci_conn *conn;
1449
1450 BT_DBG("%s status 0x%x", hdev->name, status);
1451
1452 if (!status)
1453 return;
1454
1455 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1456 if (!cp)
1457 return;
1458
1459 hci_dev_lock(hdev);
1460
1461 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1462 if (conn) {
1463 if (conn->state == BT_CONFIG) {
769be974
MH		 1464 hci_proto_connect_cfm(conn, status);
1465 hci_conn_put(conn);
1466 }
1467 }
1468
1469 hci_dev_unlock(hdev);
1470}
1471
a9de9248
MH		 1472static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1473{
b6a0dc82
MH		 1474 struct hci_cp_setup_sync_conn *cp;
1475 struct hci_conn *acl, *sco;
1476 __u16 handle;
1477
a9de9248 1478 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1479
1480 if (!status)
1481 return;
1482
1483 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1484 if (!cp)
1485 return;
1486
1487 handle = __le16_to_cpu(cp->handle);
1488
1489 BT_DBG("%s handle %d", hdev->name, handle);
1490
1491 hci_dev_lock(hdev);
1492
1493 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1494 if (acl) {
1495 sco = acl->link;
1496 if (sco) {
1497 sco->state = BT_CLOSED;
b6a0dc82 1498
5a08ecce
AE		 1499 hci_proto_connect_cfm(sco, status);
1500 hci_conn_del(sco);
1501 }
b6a0dc82
MH		 1502 }
1503
1504 hci_dev_unlock(hdev);
1da177e4
LT		 1505}
1506
a9de9248 1507static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1508{
a9de9248
MH		 1509 struct hci_cp_sniff_mode *cp;
1510 struct hci_conn *conn;
1da177e4 1511
a9de9248 1512 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1513
a9de9248
MH		 1514 if (!status)
1515 return;
04837f64 1516
a9de9248
MH		 1517 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1518 if (!cp)
1519 return;
04837f64 1520
a9de9248 1521 hci_dev_lock(hdev);
04837f64 1522
a9de9248 1523 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1524 if (conn) {
51a8efd7 1525 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1526
51a8efd7 1527 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1528 hci_sco_setup(conn, status);
1529 }
1530
a9de9248
MH		 1531 hci_dev_unlock(hdev);
1532}
04837f64 1533
a9de9248
MH		 1534static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1535{
1536 struct hci_cp_exit_sniff_mode *cp;
1537 struct hci_conn *conn;
04837f64 1538
a9de9248 1539 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1540
a9de9248
MH		 1541 if (!status)
1542 return;
04837f64 1543
a9de9248
MH		 1544 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1545 if (!cp)
1546 return;
04837f64 1547
a9de9248 1548 hci_dev_lock(hdev);
1da177e4 1549
a9de9248 1550 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1551 if (conn) {
51a8efd7 1552 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1553
51a8efd7 1554 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1555 hci_sco_setup(conn, status);
1556 }
1557
a9de9248 1558 hci_dev_unlock(hdev);
1da177e4
LT		 1559}
1560
88c3df13
JH		 1561static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1562{
1563 struct hci_cp_disconnect *cp;
1564 struct hci_conn *conn;
1565
1566 if (!status)
1567 return;
1568
1569 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1570 if (!cp)
1571 return;
1572
1573 hci_dev_lock(hdev);
1574
1575 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1576 if (conn)
1577 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1578 conn->dst_type, status);
1579
1580 hci_dev_unlock(hdev);
1581}
1582
fcd89c09
VT		 1583static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1584{
1585 struct hci_cp_le_create_conn *cp;
1586 struct hci_conn *conn;
1587
1588 BT_DBG("%s status 0x%x", hdev->name, status);
1589
1590 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1591 if (!cp)
1592 return;
1593
1594 hci_dev_lock(hdev);
1595
1596 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1597
1598 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1599 conn);
1600
1601 if (status) {
1602 if (conn && conn->state == BT_CONNECT) {
1603 conn->state = BT_CLOSED;
1604 hci_proto_connect_cfm(conn, status);
1605 hci_conn_del(conn);
1606 }
1607 } else {
1608 if (!conn) {
1609 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1610 if (conn) {
1611 conn->dst_type = cp->peer_addr_type;
a0c808b3 1612 conn->out = true;
29b7988a 1613 } else {
fcd89c09 1614 BT_ERR("No memory for new connection");
29b7988a 1615 }
fcd89c09
VT		 1616 }
1617 }
1618
1619 hci_dev_unlock(hdev);
1620}
1621
a7a595f6
VCG		 1622static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1623{
1624 BT_DBG("%s status 0x%x", hdev->name, status);
1625}
1626
1da177e4
LT		 1627static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1628{
1629 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1630 struct discovery_state *discov = &hdev->discovery;
1631 struct inquiry_entry *e;
1da177e4
LT		 1632
1633 BT_DBG("%s status %d", hdev->name, status);
1634
23bb5763 1635 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1636
a9de9248 1637 hci_conn_check_pending(hdev);
89352e7d
AG		 1638
1639 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1640 return;
1641
a8b2d5c2 1642 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1643 return;
1644
56e5cb86 1645 hci_dev_lock(hdev);
30dc78e1 1646
343f935b 1647 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1648 goto unlock;
1649
1650 if (list_empty(&discov->resolve)) {
1651 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1652 goto unlock;
1653 }
1654
1655 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1656 if (e && hci_resolve_name(hdev, e) == 0) {
1657 e->name_state = NAME_PENDING;
1658 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1659 } else {
1660 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1661 }
1662
1663unlock:
56e5cb86 1664 hci_dev_unlock(hdev);
1da177e4
LT		 1665}
1666
1da177e4
LT		 1667static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1668{
45bb4bf0 1669 struct inquiry_data data;
a9de9248 1670 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1671 int num_rsp = *((__u8 *) skb->data);
1672
1673 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1674
45bb4bf0
MH		 1675 if (!num_rsp)
1676 return;
1677
1da177e4 1678 hci_dev_lock(hdev);
45bb4bf0 1679
e17acd40 1680 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1681 bool name_known;
1682
1da177e4
LT		 1683 bacpy(&data.bdaddr, &info->bdaddr);
1684 data.pscan_rep_mode = info->pscan_rep_mode;
1685 data.pscan_period_mode = info->pscan_period_mode;
1686 data.pscan_mode = info->pscan_mode;
1687 memcpy(data.dev_class, info->dev_class, 3);
1688 data.clock_offset = info->clock_offset;
1689 data.rssi = 0x00;
41a96212 1690 data.ssp_mode = 0x00;
3175405b
JH		 1691
1692 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1693 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1694 info->dev_class, 0, !name_known,
1695 NULL, 0);
1da177e4 1696 }
45bb4bf0 1697
1da177e4
LT		 1698 hci_dev_unlock(hdev);
1699}
1700
1da177e4
LT		 1701static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1702{
a9de9248
MH		 1703 struct hci_ev_conn_complete *ev = (void *) skb->data;
1704 struct hci_conn *conn;
1da177e4
LT		 1705
1706 BT_DBG("%s", hdev->name);
1707
1708 hci_dev_lock(hdev);
1709
1710 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1711 if (!conn) {
1712 if (ev->link_type != SCO_LINK)
1713 goto unlock;
1714
1715 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1716 if (!conn)
1717 goto unlock;
1718
1719 conn->type = SCO_LINK;
1720 }
1da177e4
LT		 1721
1722 if (!ev->status) {
1723 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1724
1725 if (conn->type == ACL_LINK) {
1726 conn->state = BT_CONFIG;
1727 hci_conn_hold(conn);
052b30b0 1728 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1729 } else
1730 conn->state = BT_CONNECTED;
1da177e4 1731
9eba32b8 1732 hci_conn_hold_device(conn);
7d0db0a3
MH		 1733 hci_conn_add_sysfs(conn);
1734
1da177e4
LT		 1735 if (test_bit(HCI_AUTH, &hdev->flags))
1736 conn->link_mode |= HCI_LM_AUTH;
1737
1738 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1739 conn->link_mode |= HCI_LM_ENCRYPT;
1740
04837f64
MH		 1741 /* Get remote features */
1742 if (conn->type == ACL_LINK) {
1743 struct hci_cp_read_remote_features cp;
1744 cp.handle = ev->handle;
769be974
MH		 1745 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1746 sizeof(cp), &cp);
04837f64
MH		 1747 }
1748
1da177e4 1749 /* Set packet type for incoming connection */
d095c1eb 1750 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1751 struct hci_cp_change_conn_ptype cp;
1752 cp.handle = ev->handle;
a8746417
MH		 1753 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1754 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1755 sizeof(cp), &cp);
1da177e4 1756 }
17d5c04c 1757 } else {
1da177e4 1758 conn->state = BT_CLOSED;
17d5c04c 1759 if (conn->type == ACL_LINK)
744cf19e 1760 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1761 conn->dst_type, ev->status);
17d5c04c 1762 }
1da177e4 1763
e73439d8
MH		 1764 if (conn->type == ACL_LINK)
1765 hci_sco_setup(conn, ev->status);
1da177e4 1766
769be974
MH		 1767 if (ev->status) {
1768 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1769 hci_conn_del(conn);
c89b6e6b
MH		 1770 } else if (ev->link_type != ACL_LINK)
1771 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1772
a9de9248 1773unlock:
1da177e4 1774 hci_dev_unlock(hdev);
1da177e4 1775
a9de9248 1776 hci_conn_check_pending(hdev);
1da177e4
LT		 1777}
1778
a9de9248 1779static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1780{
a9de9248
MH		 1781 struct hci_ev_conn_request *ev = (void *) skb->data;
1782 int mask = hdev->link_mode;
1da177e4 1783
a9de9248
MH		 1784 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1785 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1786
a9de9248 1787 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1788
138d22ef
SJ		 1789 if ((mask & HCI_LM_ACCEPT) &&
1790 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1791 /* Connection accepted */
c7bdd502 1792 struct inquiry_entry *ie;
1da177e4 1793 struct hci_conn *conn;
1da177e4 1794
a9de9248 1795 hci_dev_lock(hdev);
b6a0dc82 1796
cc11b9c1
AE		 1797 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1798 if (ie)
c7bdd502
MH		 1799 memcpy(ie->data.dev_class, ev->dev_class, 3);
1800
a9de9248
MH		 1801 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1802 if (!conn) {
cc11b9c1
AE		 1803 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1804 if (!conn) {
893ef971 1805 BT_ERR("No memory for new connection");
a9de9248
MH		 1806 hci_dev_unlock(hdev);
1807 return;
1da177e4
LT		 1808 }
1809 }
b6a0dc82 1810
a9de9248
MH		 1811 memcpy(conn->dev_class, ev->dev_class, 3);
1812 conn->state = BT_CONNECT;
b6a0dc82 1813
a9de9248 1814 hci_dev_unlock(hdev);
1da177e4 1815
b6a0dc82
MH		 1816 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1817 struct hci_cp_accept_conn_req cp;
1da177e4 1818
b6a0dc82
MH		 1819 bacpy(&cp.bdaddr, &ev->bdaddr);
1820
1821 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1822 cp.role = 0x00; /* Become master */
1823 else
1824 cp.role = 0x01; /* Remain slave */
1825
1826 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1827 sizeof(cp), &cp);
1828 } else {
1829 struct hci_cp_accept_sync_conn_req cp;
1830
1831 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1832 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1833
1834 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1835 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1836 cp.max_latency = cpu_to_le16(0xffff);
1837 cp.content_format = cpu_to_le16(hdev->voice_setting);
1838 cp.retrans_effort = 0xff;
1da177e4 1839
b6a0dc82
MH		 1840 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1841 sizeof(cp), &cp);
1842 }
a9de9248
MH		 1843 } else {
1844 /* Connection rejected */
1845 struct hci_cp_reject_conn_req cp;
1da177e4 1846
a9de9248 1847 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1848 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1849 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1850 }
1da177e4
LT		 1851}
1852
a9de9248 1853static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1854{
a9de9248 1855 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1856 struct hci_conn *conn;
1857
1858 BT_DBG("%s status %d", hdev->name, ev->status);
1859
1860 hci_dev_lock(hdev);
1861
1862 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1863 if (!conn)
1864 goto unlock;
7d0db0a3 1865
37d9ef76
JH		 1866 if (ev->status == 0)
1867 conn->state = BT_CLOSED;
04837f64 1868
b644ba33
JH		 1869 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1870 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76 1871 if (ev->status != 0)
88c3df13
JH		 1872 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1873 conn->dst_type, ev->status);
37d9ef76 1874 else
afc747a6 1875 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1876 conn->dst_type);
37d9ef76 1877 }
f7520543 1878
37d9ef76
JH		 1879 if (ev->status == 0) {
1880 hci_proto_disconn_cfm(conn, ev->reason);
1881 hci_conn_del(conn);
1882 }
f7520543
JH		 1883
1884unlock:
04837f64
MH		 1885 hci_dev_unlock(hdev);
1886}
1887
1da177e4
LT		 1888static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1889{
a9de9248 1890 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1891 struct hci_conn *conn;
1da177e4
LT		 1892
1893 BT_DBG("%s status %d", hdev->name, ev->status);
1894
1895 hci_dev_lock(hdev);
1896
04837f64 1897 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1898 if (!conn)
1899 goto unlock;
1900
1901 if (!ev->status) {
aa64a8b5
JH		 1902 if (!hci_conn_ssp_enabled(conn) &&
1903 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1904 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1905 } else {
d7556e20
WR		 1906 conn->link_mode |= HCI_LM_AUTH;
1907 conn->sec_level = conn->pending_sec_level;
2a611692 1908 }
d7556e20 1909 } else {
bab73cb6
JH		 1910 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
1911 ev->status);
d7556e20 1912 }
1da177e4 1913
51a8efd7
JH		 1914 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1915 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1916
d7556e20 1917 if (conn->state == BT_CONFIG) {
aa64a8b5 1918 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1919 struct hci_cp_set_conn_encrypt cp;
1920 cp.handle = ev->handle;
1921 cp.encrypt = 0x01;
1922 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1923 &cp);
052b30b0 1924 } else {
d7556e20
WR		 1925 conn->state = BT_CONNECTED;
1926 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1927 hci_conn_put(conn);
1928 }
d7556e20
WR		 1929 } else {
1930 hci_auth_cfm(conn, ev->status);
052b30b0 1931
d7556e20
WR		 1932 hci_conn_hold(conn);
1933 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1934 hci_conn_put(conn);
1935 }
1936
51a8efd7 1937 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1938 if (!ev->status) {
1939 struct hci_cp_set_conn_encrypt cp;
1940 cp.handle = ev->handle;
1941 cp.encrypt = 0x01;
1942 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1943 &cp);
1944 } else {
51a8efd7 1945 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1946 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1947 }
1948 }
1949
d7556e20 1950unlock:
1da177e4
LT		 1951 hci_dev_unlock(hdev);
1952}
1953
a9de9248 1954static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1955{
127178d2
JH		 1956 struct hci_ev_remote_name *ev = (void *) skb->data;
1957 struct hci_conn *conn;
1958
a9de9248 1959 BT_DBG("%s", hdev->name);
1da177e4 1960
a9de9248 1961 hci_conn_check_pending(hdev);
127178d2
JH		 1962
1963 hci_dev_lock(hdev);
1964
b644ba33 1965 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1966
b644ba33
JH		 1967 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1968 goto check_auth;
a88a9652 1969
b644ba33
JH		 1970 if (ev->status == 0)
1971 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1972 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1973 else
1974 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1975
1976check_auth:
79c6c70c
JH		 1977 if (!conn)
1978 goto unlock;
1979
1980 if (!hci_outgoing_auth_needed(hdev, conn))
1981 goto unlock;
1982
51a8efd7 1983 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1984 struct hci_cp_auth_requested cp;
1985 cp.handle = __cpu_to_le16(conn->handle);
1986 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1987 }
1988
79c6c70c 1989unlock:
127178d2 1990 hci_dev_unlock(hdev);
a9de9248
MH		 1991}
1992
1993static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1994{
1995 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1996 struct hci_conn *conn;
1997
1998 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1999
2000 hci_dev_lock(hdev);
2001
04837f64 2002 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2003 if (conn) {
2004 if (!ev->status) {
ae293196
MH		 2005 if (ev->encrypt) {
2006 /* Encryption implies authentication */
2007 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2008 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2009 conn->sec_level = conn->pending_sec_level;
ae293196 2010 } else
1da177e4
LT		 2011 conn->link_mode &= ~HCI_LM_ENCRYPT;
2012 }
2013
51a8efd7 2014 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2015
f8558555
MH		 2016 if (conn->state == BT_CONFIG) {
2017 if (!ev->status)
2018 conn->state = BT_CONNECTED;
2019
2020 hci_proto_connect_cfm(conn, ev->status);
2021 hci_conn_put(conn);
2022 } else
2023 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2024 }
2025
2026 hci_dev_unlock(hdev);
2027}
2028
a9de9248 2029static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2030{
a9de9248 2031 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2032 struct hci_conn *conn;
1da177e4
LT		 2033
2034 BT_DBG("%s status %d", hdev->name, ev->status);
2035
2036 hci_dev_lock(hdev);
2037
04837f64 2038 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2039 if (conn) {
2040 if (!ev->status)
2041 conn->link_mode |= HCI_LM_SECURE;
2042
51a8efd7 2043 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2044
2045 hci_key_change_cfm(conn, ev->status);
2046 }
2047
2048 hci_dev_unlock(hdev);
2049}
2050
a9de9248 2051static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2052{
a9de9248
MH		 2053 struct hci_ev_remote_features *ev = (void *) skb->data;
2054 struct hci_conn *conn;
2055
2056 BT_DBG("%s status %d", hdev->name, ev->status);
2057
a9de9248
MH		 2058 hci_dev_lock(hdev);
2059
2060 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2061 if (!conn)
2062 goto unlock;
769be974 2063
ccd556fe
JH		 2064 if (!ev->status)
2065 memcpy(conn->features, ev->features, 8);
2066
2067 if (conn->state != BT_CONFIG)
2068 goto unlock;
2069
2070 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2071 struct hci_cp_read_remote_ext_features cp;
2072 cp.handle = ev->handle;
2073 cp.page = 0x01;
2074 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2075 sizeof(cp), &cp);
392599b9
JH		 2076 goto unlock;
2077 }
2078
127178d2
JH		 2079 if (!ev->status) {
2080 struct hci_cp_remote_name_req cp;
2081 memset(&cp, 0, sizeof(cp));
2082 bacpy(&cp.bdaddr, &conn->dst);
2083 cp.pscan_rep_mode = 0x02;
2084 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2085 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2086 mgmt_device_connected(hdev, &conn->dst, conn->type,
2087 conn->dst_type, NULL, 0,
2088 conn->dev_class);
392599b9 2089
127178d2 2090 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2091 conn->state = BT_CONNECTED;
2092 hci_proto_connect_cfm(conn, ev->status);
2093 hci_conn_put(conn);
769be974 2094 }
a9de9248 2095
ccd556fe 2096unlock:
a9de9248 2097 hci_dev_unlock(hdev);
1da177e4
LT		 2098}
2099
a9de9248 2100static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2101{
a9de9248 2102 BT_DBG("%s", hdev->name);
1da177e4
LT		 2103}
2104
a9de9248 2105static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2106{
a9de9248 2107 BT_DBG("%s", hdev->name);
1da177e4
LT		 2108}
2109
a9de9248
MH		 2110static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2111{
2112 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2113 __u16 opcode;
2114
2115 skb_pull(skb, sizeof(*ev));
2116
2117 opcode = __le16_to_cpu(ev->opcode);
2118
2119 switch (opcode) {
2120 case HCI_OP_INQUIRY_CANCEL:
2121 hci_cc_inquiry_cancel(hdev, skb);
2122 break;
2123
2124 case HCI_OP_EXIT_PERIODIC_INQ:
2125 hci_cc_exit_periodic_inq(hdev, skb);
2126 break;
2127
2128 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2129 hci_cc_remote_name_req_cancel(hdev, skb);
2130 break;
2131
2132 case HCI_OP_ROLE_DISCOVERY:
2133 hci_cc_role_discovery(hdev, skb);
2134 break;
2135
e4e8e37c
MH		 2136 case HCI_OP_READ_LINK_POLICY:
2137 hci_cc_read_link_policy(hdev, skb);
2138 break;
2139
a9de9248
MH		 2140 case HCI_OP_WRITE_LINK_POLICY:
2141 hci_cc_write_link_policy(hdev, skb);
2142 break;
2143
e4e8e37c
MH		 2144 case HCI_OP_READ_DEF_LINK_POLICY:
2145 hci_cc_read_def_link_policy(hdev, skb);
2146 break;
2147
2148 case HCI_OP_WRITE_DEF_LINK_POLICY:
2149 hci_cc_write_def_link_policy(hdev, skb);
2150 break;
2151
a9de9248
MH		 2152 case HCI_OP_RESET:
2153 hci_cc_reset(hdev, skb);
2154 break;
2155
2156 case HCI_OP_WRITE_LOCAL_NAME:
2157 hci_cc_write_local_name(hdev, skb);
2158 break;
2159
2160 case HCI_OP_READ_LOCAL_NAME:
2161 hci_cc_read_local_name(hdev, skb);
2162 break;
2163
2164 case HCI_OP_WRITE_AUTH_ENABLE:
2165 hci_cc_write_auth_enable(hdev, skb);
2166 break;
2167
2168 case HCI_OP_WRITE_ENCRYPT_MODE:
2169 hci_cc_write_encrypt_mode(hdev, skb);
2170 break;
2171
2172 case HCI_OP_WRITE_SCAN_ENABLE:
2173 hci_cc_write_scan_enable(hdev, skb);
2174 break;
2175
2176 case HCI_OP_READ_CLASS_OF_DEV:
2177 hci_cc_read_class_of_dev(hdev, skb);
2178 break;
2179
2180 case HCI_OP_WRITE_CLASS_OF_DEV:
2181 hci_cc_write_class_of_dev(hdev, skb);
2182 break;
2183
2184 case HCI_OP_READ_VOICE_SETTING:
2185 hci_cc_read_voice_setting(hdev, skb);
2186 break;
2187
2188 case HCI_OP_WRITE_VOICE_SETTING:
2189 hci_cc_write_voice_setting(hdev, skb);
2190 break;
2191
2192 case HCI_OP_HOST_BUFFER_SIZE:
2193 hci_cc_host_buffer_size(hdev, skb);
2194 break;
2195
333140b5
MH		 2196 case HCI_OP_WRITE_SSP_MODE:
2197 hci_cc_write_ssp_mode(hdev, skb);
2198 break;
2199
a9de9248
MH		 2200 case HCI_OP_READ_LOCAL_VERSION:
2201 hci_cc_read_local_version(hdev, skb);
2202 break;
2203
2204 case HCI_OP_READ_LOCAL_COMMANDS:
2205 hci_cc_read_local_commands(hdev, skb);
2206 break;
2207
2208 case HCI_OP_READ_LOCAL_FEATURES:
2209 hci_cc_read_local_features(hdev, skb);
2210 break;
2211
971e3a4b
AG		 2212 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2213 hci_cc_read_local_ext_features(hdev, skb);
2214 break;
2215
a9de9248
MH		 2216 case HCI_OP_READ_BUFFER_SIZE:
2217 hci_cc_read_buffer_size(hdev, skb);
2218 break;
2219
2220 case HCI_OP_READ_BD_ADDR:
2221 hci_cc_read_bd_addr(hdev, skb);
2222 break;
2223
350ee4cf
AE		 2224 case HCI_OP_READ_DATA_BLOCK_SIZE:
2225 hci_cc_read_data_block_size(hdev, skb);
2226 break;
2227
23bb5763
JH		 2228 case HCI_OP_WRITE_CA_TIMEOUT:
2229 hci_cc_write_ca_timeout(hdev, skb);
2230 break;
2231
1e89cffb
AE		 2232 case HCI_OP_READ_FLOW_CONTROL_MODE:
2233 hci_cc_read_flow_control_mode(hdev, skb);
2234 break;
2235
928abaa7
AE		 2236 case HCI_OP_READ_LOCAL_AMP_INFO:
2237 hci_cc_read_local_amp_info(hdev, skb);
2238 break;
2239
b0916ea0
JH		 2240 case HCI_OP_DELETE_STORED_LINK_KEY:
2241 hci_cc_delete_stored_link_key(hdev, skb);
2242 break;
2243
d5859e22
JH		 2244 case HCI_OP_SET_EVENT_MASK:
2245 hci_cc_set_event_mask(hdev, skb);
2246 break;
2247
2248 case HCI_OP_WRITE_INQUIRY_MODE:
2249 hci_cc_write_inquiry_mode(hdev, skb);
2250 break;
2251
2252 case HCI_OP_READ_INQ_RSP_TX_POWER:
2253 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2254 break;
2255
2256 case HCI_OP_SET_EVENT_FLT:
2257 hci_cc_set_event_flt(hdev, skb);
2258 break;
2259
980e1a53
JH		 2260 case HCI_OP_PIN_CODE_REPLY:
2261 hci_cc_pin_code_reply(hdev, skb);
2262 break;
2263
2264 case HCI_OP_PIN_CODE_NEG_REPLY:
2265 hci_cc_pin_code_neg_reply(hdev, skb);
2266 break;
2267
c35938b2
SJ		 2268 case HCI_OP_READ_LOCAL_OOB_DATA:
2269 hci_cc_read_local_oob_data_reply(hdev, skb);
2270 break;
2271
6ed58ec5
VT		 2272 case HCI_OP_LE_READ_BUFFER_SIZE:
2273 hci_cc_le_read_buffer_size(hdev, skb);
2274 break;
2275
a5c29683
JH		 2276 case HCI_OP_USER_CONFIRM_REPLY:
2277 hci_cc_user_confirm_reply(hdev, skb);
2278 break;
2279
2280 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2281 hci_cc_user_confirm_neg_reply(hdev, skb);
2282 break;
2283
1143d458
BG		 2284 case HCI_OP_USER_PASSKEY_REPLY:
2285 hci_cc_user_passkey_reply(hdev, skb);
2286 break;
2287
2288 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2289 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2290
2291 case HCI_OP_LE_SET_SCAN_PARAM:
2292 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2293 break;
2294
eb9d91f5
AG		 2295 case HCI_OP_LE_SET_SCAN_ENABLE:
2296 hci_cc_le_set_scan_enable(hdev, skb);
2297 break;
2298
a7a595f6
VCG		 2299 case HCI_OP_LE_LTK_REPLY:
2300 hci_cc_le_ltk_reply(hdev, skb);
2301 break;
2302
2303 case HCI_OP_LE_LTK_NEG_REPLY:
2304 hci_cc_le_ltk_neg_reply(hdev, skb);
2305 break;
2306
f9b49306
AG		 2307 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2308 hci_cc_write_le_host_supported(hdev, skb);
2309 break;
2310
a9de9248
MH		 2311 default:
2312 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2313 break;
2314 }
2315
6bd32326
VT		 2316 if (ev->opcode != HCI_OP_NOP)
2317 del_timer(&hdev->cmd_timer);
2318
a9de9248
MH		 2319 if (ev->ncmd) {
2320 atomic_set(&hdev->cmd_cnt, 1);
2321 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2322 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2323 }
2324}
2325
2326static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2327{
2328 struct hci_ev_cmd_status *ev = (void *) skb->data;
2329 __u16 opcode;
2330
2331 skb_pull(skb, sizeof(*ev));
2332
2333 opcode = __le16_to_cpu(ev->opcode);
2334
2335 switch (opcode) {
2336 case HCI_OP_INQUIRY:
2337 hci_cs_inquiry(hdev, ev->status);
2338 break;
2339
2340 case HCI_OP_CREATE_CONN:
2341 hci_cs_create_conn(hdev, ev->status);
2342 break;
2343
2344 case HCI_OP_ADD_SCO:
2345 hci_cs_add_sco(hdev, ev->status);
2346 break;
2347
f8558555
MH		 2348 case HCI_OP_AUTH_REQUESTED:
2349 hci_cs_auth_requested(hdev, ev->status);
2350 break;
2351
2352 case HCI_OP_SET_CONN_ENCRYPT:
2353 hci_cs_set_conn_encrypt(hdev, ev->status);
2354 break;
2355
a9de9248
MH		 2356 case HCI_OP_REMOTE_NAME_REQ:
2357 hci_cs_remote_name_req(hdev, ev->status);
2358 break;
2359
769be974
MH		 2360 case HCI_OP_READ_REMOTE_FEATURES:
2361 hci_cs_read_remote_features(hdev, ev->status);
2362 break;
2363
2364 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2365 hci_cs_read_remote_ext_features(hdev, ev->status);
2366 break;
2367
a9de9248
MH		 2368 case HCI_OP_SETUP_SYNC_CONN:
2369 hci_cs_setup_sync_conn(hdev, ev->status);
2370 break;
2371
2372 case HCI_OP_SNIFF_MODE:
2373 hci_cs_sniff_mode(hdev, ev->status);
2374 break;
2375
2376 case HCI_OP_EXIT_SNIFF_MODE:
2377 hci_cs_exit_sniff_mode(hdev, ev->status);
2378 break;
2379
8962ee74 2380 case HCI_OP_DISCONNECT:
88c3df13 2381 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2382 break;
2383
fcd89c09
VT		 2384 case HCI_OP_LE_CREATE_CONN:
2385 hci_cs_le_create_conn(hdev, ev->status);
2386 break;
2387
a7a595f6
VCG		 2388 case HCI_OP_LE_START_ENC:
2389 hci_cs_le_start_enc(hdev, ev->status);
2390 break;
2391
a9de9248
MH		 2392 default:
2393 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2394 break;
2395 }
2396
6bd32326
VT		 2397 if (ev->opcode != HCI_OP_NOP)
2398 del_timer(&hdev->cmd_timer);
2399
10572132 2400 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2401 atomic_set(&hdev->cmd_cnt, 1);
2402 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2403 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2404 }
2405}
2406
2407static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2408{
2409 struct hci_ev_role_change *ev = (void *) skb->data;
2410 struct hci_conn *conn;
2411
2412 BT_DBG("%s status %d", hdev->name, ev->status);
2413
2414 hci_dev_lock(hdev);
2415
2416 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2417 if (conn) {
2418 if (!ev->status) {
2419 if (ev->role)
2420 conn->link_mode &= ~HCI_LM_MASTER;
2421 else
2422 conn->link_mode |= HCI_LM_MASTER;
2423 }
2424
51a8efd7 2425 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2426
2427 hci_role_switch_cfm(conn, ev->status, ev->role);
2428 }
2429
2430 hci_dev_unlock(hdev);
2431}
2432
2433static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2434{
2435 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2436 int i;
2437
32ac5b9b
AE		 2438 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2439 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2440 return;
2441 }
2442
c5993de8
AE		 2443 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2444 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2445 BT_DBG("%s bad parameters", hdev->name);
2446 return;
2447 }
2448
c5993de8
AE		 2449 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2450
613a1c0c
AE		 2451 for (i = 0; i < ev->num_hndl; i++) {
2452 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2453 struct hci_conn *conn;
2454 __u16 handle, count;
2455
613a1c0c
AE		 2456 handle = __le16_to_cpu(info->handle);
2457 count = __le16_to_cpu(info->count);
a9de9248
MH		 2458
2459 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2460 if (!conn)
2461 continue;
2462
2463 conn->sent -= count;
2464
2465 switch (conn->type) {
2466 case ACL_LINK:
2467 hdev->acl_cnt += count;
2468 if (hdev->acl_cnt > hdev->acl_pkts)
2469 hdev->acl_cnt = hdev->acl_pkts;
2470 break;
2471
2472 case LE_LINK:
2473 if (hdev->le_pkts) {
2474 hdev->le_cnt += count;
2475 if (hdev->le_cnt > hdev->le_pkts)
2476 hdev->le_cnt = hdev->le_pkts;
2477 } else {
70f23020
AE		 2478 hdev->acl_cnt += count;
2479 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2480 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2481 }
f4280918
AE		 2482 break;
2483
2484 case SCO_LINK:
2485 hdev->sco_cnt += count;
2486 if (hdev->sco_cnt > hdev->sco_pkts)
2487 hdev->sco_cnt = hdev->sco_pkts;
2488 break;
2489
2490 default:
2491 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2492 break;
a9de9248
MH		 2493 }
2494 }
2495
3eff45ea 2496 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2497}
2498
25e89e99
AE		 2499static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2500 struct sk_buff *skb)
2501{
2502 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2503 int i;
2504
2505 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2506 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2507 return;
2508 }
2509
2510 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2511 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2512 BT_DBG("%s bad parameters", hdev->name);
2513 return;
2514 }
2515
2516 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2517 ev->num_hndl);
2518
2519 for (i = 0; i < ev->num_hndl; i++) {
2520 struct hci_comp_blocks_info *info = &ev->handles[i];
2521 struct hci_conn *conn;
2522 __u16 handle, block_count;
2523
2524 handle = __le16_to_cpu(info->handle);
2525 block_count = __le16_to_cpu(info->blocks);
2526
2527 conn = hci_conn_hash_lookup_handle(hdev, handle);
2528 if (!conn)
2529 continue;
2530
2531 conn->sent -= block_count;
2532
2533 switch (conn->type) {
2534 case ACL_LINK:
2535 hdev->block_cnt += block_count;
2536 if (hdev->block_cnt > hdev->num_blocks)
2537 hdev->block_cnt = hdev->num_blocks;
2538 break;
2539
2540 default:
2541 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2542 break;
2543 }
2544 }
2545
2546 queue_work(hdev->workqueue, &hdev->tx_work);
2547}
2548
a9de9248 2549static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2550{
a9de9248 2551 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2552 struct hci_conn *conn;
2553
2554 BT_DBG("%s status %d", hdev->name, ev->status);
2555
2556 hci_dev_lock(hdev);
2557
2558 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2559 if (conn) {
2560 conn->mode = ev->mode;
2561 conn->interval = __le16_to_cpu(ev->interval);
2562
51a8efd7 2563 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2564 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2565 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2566 else
58a681ef 2567 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2568 }
e73439d8 2569
51a8efd7 2570 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2571 hci_sco_setup(conn, ev->status);
04837f64
MH		 2572 }
2573
2574 hci_dev_unlock(hdev);
2575}
2576
a9de9248
MH		 2577static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2578{
052b30b0
MH		 2579 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2580 struct hci_conn *conn;
2581
a9de9248 2582 BT_DBG("%s", hdev->name);
052b30b0
MH		 2583
2584 hci_dev_lock(hdev);
2585
2586 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2587 if (!conn)
2588 goto unlock;
2589
2590 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2591 hci_conn_hold(conn);
2592 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2593 hci_conn_put(conn);
2594 }
2595
a8b2d5c2 2596 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2597 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2598 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2599 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2600 u8 secure;
2601
2602 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2603 secure = 1;
2604 else
2605 secure = 0;
2606
744cf19e 2607 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2608 }
980e1a53 2609
b6f98044 2610unlock:
052b30b0 2611 hci_dev_unlock(hdev);
a9de9248
MH		 2612}
2613
2614static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2615{
55ed8ca1
JH		 2616 struct hci_ev_link_key_req *ev = (void *) skb->data;
2617 struct hci_cp_link_key_reply cp;
2618 struct hci_conn *conn;
2619 struct link_key *key;
2620
a9de9248 2621 BT_DBG("%s", hdev->name);
55ed8ca1 2622
a8b2d5c2 2623 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2624 return;
2625
2626 hci_dev_lock(hdev);
2627
2628 key = hci_find_link_key(hdev, &ev->bdaddr);
2629 if (!key) {
2630 BT_DBG("%s link key not found for %s", hdev->name,
2631 batostr(&ev->bdaddr));
2632 goto not_found;
2633 }
2634
2635 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2636 batostr(&ev->bdaddr));
2637
a8b2d5c2 2638 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2639 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2640 BT_DBG("%s ignoring debug key", hdev->name);
2641 goto not_found;
2642 }
2643
2644 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2645 if (conn) {
2646 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2647 conn->auth_type != 0xff &&
2648 (conn->auth_type & 0x01)) {
2649 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2650 goto not_found;
2651 }
55ed8ca1 2652
60b83f57
WR		 2653 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2654 conn->pending_sec_level == BT_SECURITY_HIGH) {
2655 BT_DBG("%s ignoring key unauthenticated for high \
2656 security", hdev->name);
2657 goto not_found;
2658 }
2659
2660 conn->key_type = key->type;
2661 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2662 }
2663
2664 bacpy(&cp.bdaddr, &ev->bdaddr);
2665 memcpy(cp.link_key, key->val, 16);
2666
2667 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2668
2669 hci_dev_unlock(hdev);
2670
2671 return;
2672
2673not_found:
2674 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2675 hci_dev_unlock(hdev);
a9de9248
MH		 2676}
2677
2678static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2679{
052b30b0
MH		 2680 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2681 struct hci_conn *conn;
55ed8ca1 2682 u8 pin_len = 0;
052b30b0 2683
a9de9248 2684 BT_DBG("%s", hdev->name);
052b30b0
MH		 2685
2686 hci_dev_lock(hdev);
2687
2688 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2689 if (conn) {
2690 hci_conn_hold(conn);
2691 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2692 pin_len = conn->pin_length;
13d39315
WR		 2693
2694 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2695 conn->key_type = ev->key_type;
2696
052b30b0
MH		 2697 hci_conn_put(conn);
2698 }
2699
a8b2d5c2 2700 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2701 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2702 ev->key_type, pin_len);
2703
052b30b0 2704 hci_dev_unlock(hdev);
a9de9248
MH		 2705}
2706
1da177e4
LT		 2707static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2708{
a9de9248 2709 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2710 struct hci_conn *conn;
1da177e4
LT		 2711
2712 BT_DBG("%s status %d", hdev->name, ev->status);
2713
2714 hci_dev_lock(hdev);
2715
04837f64 2716 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2717 if (conn && !ev->status) {
2718 struct inquiry_entry *ie;
2719
cc11b9c1
AE		 2720 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2721 if (ie) {
1da177e4
LT		 2722 ie->data.clock_offset = ev->clock_offset;
2723 ie->timestamp = jiffies;
2724 }
2725 }
2726
2727 hci_dev_unlock(hdev);
2728}
2729
a8746417
MH		 2730static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2731{
2732 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2733 struct hci_conn *conn;
2734
2735 BT_DBG("%s status %d", hdev->name, ev->status);
2736
2737 hci_dev_lock(hdev);
2738
2739 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2740 if (conn && !ev->status)
2741 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2742
2743 hci_dev_unlock(hdev);
2744}
2745
85a1e930
MH		 2746static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2747{
a9de9248 2748 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2749 struct inquiry_entry *ie;
2750
2751 BT_DBG("%s", hdev->name);
2752
2753 hci_dev_lock(hdev);
2754
cc11b9c1
AE		 2755 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2756 if (ie) {
85a1e930
MH		 2757 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2758 ie->timestamp = jiffies;
2759 }
2760
2761 hci_dev_unlock(hdev);
2762}
2763
a9de9248
MH		 2764static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2765{
2766 struct inquiry_data data;
2767 int num_rsp = *((__u8 *) skb->data);
3175405b 2768 bool name_known;
a9de9248
MH		 2769
2770 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2771
2772 if (!num_rsp)
2773 return;
2774
2775 hci_dev_lock(hdev);
2776
2777 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2778 struct inquiry_info_with_rssi_and_pscan_mode *info;
2779 info = (void *) (skb->data + 1);
a9de9248 2780
e17acd40 2781 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2782 bacpy(&data.bdaddr, &info->bdaddr);
2783 data.pscan_rep_mode = info->pscan_rep_mode;
2784 data.pscan_period_mode = info->pscan_period_mode;
2785 data.pscan_mode = info->pscan_mode;
2786 memcpy(data.dev_class, info->dev_class, 3);
2787 data.clock_offset = info->clock_offset;
2788 data.rssi = info->rssi;
41a96212 2789 data.ssp_mode = 0x00;
3175405b
JH		 2790
2791 name_known = hci_inquiry_cache_update(hdev, &data,
2792 false);
48264f06 2793 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2794 info->dev_class, info->rssi,
7d262f86 2795 !name_known, NULL, 0);
a9de9248
MH		 2796 }
2797 } else {
2798 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2799
e17acd40 2800 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2801 bacpy(&data.bdaddr, &info->bdaddr);
2802 data.pscan_rep_mode = info->pscan_rep_mode;
2803 data.pscan_period_mode = info->pscan_period_mode;
2804 data.pscan_mode = 0x00;
2805 memcpy(data.dev_class, info->dev_class, 3);
2806 data.clock_offset = info->clock_offset;
2807 data.rssi = info->rssi;
41a96212 2808 data.ssp_mode = 0x00;
3175405b
JH		 2809 name_known = hci_inquiry_cache_update(hdev, &data,
2810 false);
48264f06 2811 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2812 info->dev_class, info->rssi,
7d262f86 2813 !name_known, NULL, 0);
a9de9248
MH		 2814 }
2815 }
2816
2817 hci_dev_unlock(hdev);
2818}
2819
2820static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2821{
41a96212
MH		 2822 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2823 struct hci_conn *conn;
2824
a9de9248 2825 BT_DBG("%s", hdev->name);
41a96212 2826
41a96212
MH		 2827 hci_dev_lock(hdev);
2828
2829 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2830 if (!conn)
2831 goto unlock;
41a96212 2832
ccd556fe
JH		 2833 if (!ev->status && ev->page == 0x01) {
2834 struct inquiry_entry *ie;
41a96212 2835
cc11b9c1
AE		 2836 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2837 if (ie)
ccd556fe 2838 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2839
58a681ef
JH		 2840 if (ev->features[0] & 0x01)
2841 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2842 }
2843
2844 if (conn->state != BT_CONFIG)
2845 goto unlock;
2846
127178d2
JH		 2847 if (!ev->status) {
2848 struct hci_cp_remote_name_req cp;
2849 memset(&cp, 0, sizeof(cp));
2850 bacpy(&cp.bdaddr, &conn->dst);
2851 cp.pscan_rep_mode = 0x02;
2852 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2853 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2854 mgmt_device_connected(hdev, &conn->dst, conn->type,
2855 conn->dst_type, NULL, 0,
2856 conn->dev_class);
392599b9 2857
127178d2 2858 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2859 conn->state = BT_CONNECTED;
2860 hci_proto_connect_cfm(conn, ev->status);
2861 hci_conn_put(conn);
41a96212
MH		 2862 }
2863
ccd556fe 2864unlock:
41a96212 2865 hci_dev_unlock(hdev);
a9de9248
MH		 2866}
2867
2868static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2869{
b6a0dc82
MH		 2870 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2871 struct hci_conn *conn;
2872
2873 BT_DBG("%s status %d", hdev->name, ev->status);
2874
2875 hci_dev_lock(hdev);
2876
2877 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2878 if (!conn) {
2879 if (ev->link_type == ESCO_LINK)
2880 goto unlock;
2881
2882 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2883 if (!conn)
2884 goto unlock;
2885
2886 conn->type = SCO_LINK;
2887 }
b6a0dc82 2888
732547f9
MH		 2889 switch (ev->status) {
2890 case 0x00:
b6a0dc82
MH		 2891 conn->handle = __le16_to_cpu(ev->handle);
2892 conn->state = BT_CONNECTED;
7d0db0a3 2893
9eba32b8 2894 hci_conn_hold_device(conn);
7d0db0a3 2895 hci_conn_add_sysfs(conn);
732547f9
MH		 2896 break;
2897
705e5711 2898 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2899 case 0x1c: /* SCO interval rejected */
1038a00b 2900 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2901 case 0x1f: /* Unspecified error */
2902 if (conn->out && conn->attempt < 2) {
2903 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2904 (hdev->esco_type & EDR_ESCO_MASK);
2905 hci_setup_sync(conn, conn->link->handle);
2906 goto unlock;
2907 }
2908 /* fall through */
2909
2910 default:
b6a0dc82 2911 conn->state = BT_CLOSED;
732547f9
MH		 2912 break;
2913 }
b6a0dc82
MH		 2914
2915 hci_proto_connect_cfm(conn, ev->status);
2916 if (ev->status)
2917 hci_conn_del(conn);
2918
2919unlock:
2920 hci_dev_unlock(hdev);
a9de9248
MH		 2921}
2922
2923static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2924{
2925 BT_DBG("%s", hdev->name);
2926}
2927
04837f64
MH		 2928static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2929{
a9de9248 2930 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2931
2932 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2933}
2934
a9de9248 2935static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2936{
a9de9248
MH		 2937 struct inquiry_data data;
2938 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2939 int num_rsp = *((__u8 *) skb->data);
1da177e4 2940
a9de9248 2941 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2942
a9de9248
MH		 2943 if (!num_rsp)
2944 return;
1da177e4 2945
a9de9248
MH		 2946 hci_dev_lock(hdev);
2947
e17acd40 2948 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2949 bool name_known;
2950
a9de9248 2951 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2952 data.pscan_rep_mode = info->pscan_rep_mode;
2953 data.pscan_period_mode = info->pscan_period_mode;
2954 data.pscan_mode = 0x00;
a9de9248 2955 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2956 data.clock_offset = info->clock_offset;
2957 data.rssi = info->rssi;
41a96212 2958 data.ssp_mode = 0x01;
561aafbc 2959
a8b2d5c2 2960 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2961 name_known = eir_has_data_type(info->data,
2962 sizeof(info->data),
2963 EIR_NAME_COMPLETE);
561aafbc
JH		 2964 else
2965 name_known = true;
2966
3175405b 2967 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2968 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2969 info->dev_class, info->rssi,
7d262f86
AG		 2970 !name_known, info->data,
2971 sizeof(info->data));
a9de9248
MH		 2972 }
2973
2974 hci_dev_unlock(hdev);
2975}
1da177e4 2976
17fa4b9d
JH		 2977static inline u8 hci_get_auth_req(struct hci_conn *conn)
2978{
2979 /* If remote requests dedicated bonding follow that lead */
2980 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2981 /* If both remote and local IO capabilities allow MITM
2982 * protection then require it, otherwise don't */
2983 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2984 return 0x02;
2985 else
2986 return 0x03;
2987 }
2988
2989 /* If remote requests no-bonding follow that lead */
2990 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2991 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2992
2993 return conn->auth_type;
2994}
2995
0493684e
MH		 2996static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2997{
2998 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2999 struct hci_conn *conn;
3000
3001 BT_DBG("%s", hdev->name);
3002
3003 hci_dev_lock(hdev);
3004
3005 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3006 if (!conn)
3007 goto unlock;
3008
3009 hci_conn_hold(conn);
3010
a8b2d5c2 3011 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3012 goto unlock;
3013
a8b2d5c2 3014 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 3015 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3016 struct hci_cp_io_capability_reply cp;
3017
3018 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3019 /* Change the IO capability from KeyboardDisplay
3020 * to DisplayYesNo as it is not supported by BT spec. */
3021 cp.capability = (conn->io_capability == 0x04) ?
3022 0x01 : conn->io_capability;
7cbc9bd9
JH		 3023 conn->auth_type = hci_get_auth_req(conn);
3024 cp.authentication = conn->auth_type;
17fa4b9d 3025
58a681ef 3026 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 3027 hci_find_remote_oob_data(hdev, &conn->dst))
3028 cp.oob_data = 0x01;
3029 else
3030 cp.oob_data = 0x00;
3031
17fa4b9d
JH		 3032 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3033 sizeof(cp), &cp);
03b555e1
JH		 3034 } else {
3035 struct hci_cp_io_capability_neg_reply cp;
3036
3037 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3038 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3039
03b555e1
JH		 3040 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3041 sizeof(cp), &cp);
3042 }
3043
3044unlock:
3045 hci_dev_unlock(hdev);
3046}
3047
3048static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3049{
3050 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3051 struct hci_conn *conn;
3052
3053 BT_DBG("%s", hdev->name);
3054
3055 hci_dev_lock(hdev);
3056
3057 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3058 if (!conn)
3059 goto unlock;
3060
03b555e1 3061 conn->remote_cap = ev->capability;
03b555e1 3062 conn->remote_auth = ev->authentication;
58a681ef
JH		 3063 if (ev->oob_data)
3064 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3065
3066unlock:
0493684e
MH		 3067 hci_dev_unlock(hdev);
3068}
3069
a5c29683
JH		 3070static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3071 struct sk_buff *skb)
3072{
3073 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3074 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3075 struct hci_conn *conn;
a5c29683
JH		 3076
3077 BT_DBG("%s", hdev->name);
3078
3079 hci_dev_lock(hdev);
3080
a8b2d5c2 3081 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3082 goto unlock;
a5c29683 3083
7a828908
JH		 3084 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3085 if (!conn)
3086 goto unlock;
3087
3088 loc_mitm = (conn->auth_type & 0x01);
3089 rem_mitm = (conn->remote_auth & 0x01);
3090
3091 /* If we require MITM but the remote device can't provide that
3092 * (it has NoInputNoOutput) then reject the confirmation
3093 * request. The only exception is when we're dedicated bonding
3094 * initiators (connect_cfm_cb set) since then we always have the MITM
3095 * bit set. */
3096 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3097 BT_DBG("Rejecting request: remote device can't provide MITM");
3098 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3099 sizeof(ev->bdaddr), &ev->bdaddr);
3100 goto unlock;
3101 }
3102
3103 /* If no side requires MITM protection; auto-accept */
3104 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3105 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3106
3107 /* If we're not the initiators request authorization to
3108 * proceed from user space (mgmt_user_confirm with
3109 * confirm_hint set to 1). */
51a8efd7 3110 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3111 BT_DBG("Confirming auto-accept as acceptor");
3112 confirm_hint = 1;
3113 goto confirm;
3114 }
3115
9f61656a
JH		 3116 BT_DBG("Auto-accept of user confirmation with %ums delay",
3117 hdev->auto_accept_delay);
3118
3119 if (hdev->auto_accept_delay > 0) {
3120 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3121 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3122 goto unlock;
3123 }
3124
7a828908
JH		 3125 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3126 sizeof(ev->bdaddr), &ev->bdaddr);
3127 goto unlock;
3128 }
3129
55bc1a37 3130confirm:
272d90df 3131 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
55bc1a37 3132 confirm_hint);
7a828908
JH		 3133
3134unlock:
a5c29683
JH		 3135 hci_dev_unlock(hdev);
3136}
3137
1143d458
BG		 3138static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3139 struct sk_buff *skb)
3140{
3141 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3142
3143 BT_DBG("%s", hdev->name);
3144
3145 hci_dev_lock(hdev);
3146
a8b2d5c2 3147 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3148 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3149
3150 hci_dev_unlock(hdev);
3151}
3152
0493684e
MH		 3153static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3154{
3155 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3156 struct hci_conn *conn;
3157
3158 BT_DBG("%s", hdev->name);
3159
3160 hci_dev_lock(hdev);
3161
3162 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3163 if (!conn)
3164 goto unlock;
3165
3166 /* To avoid duplicate auth_failed events to user space we check
3167 * the HCI_CONN_AUTH_PEND flag which will be set if we
3168 * initiated the authentication. A traditional auth_complete
3169 * event gets always produced as initiator and is also mapped to
3170 * the mgmt_auth_failed event */
51a8efd7 3171 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
bab73cb6
JH		 3172 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3173 ev->status);
0493684e 3174
2a611692
JH		 3175 hci_conn_put(conn);
3176
3177unlock:
0493684e
MH		 3178 hci_dev_unlock(hdev);
3179}
3180
41a96212
MH		 3181static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3182{
3183 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3184 struct inquiry_entry *ie;
3185
3186 BT_DBG("%s", hdev->name);
3187
3188 hci_dev_lock(hdev);
3189
cc11b9c1
AE		 3190 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3191 if (ie)
41a96212
MH		 3192 ie->data.ssp_mode = (ev->features[0] & 0x01);
3193
3194 hci_dev_unlock(hdev);
3195}
3196
2763eda6
SJ		 3197static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3198 struct sk_buff *skb)
3199{
3200 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3201 struct oob_data *data;
3202
3203 BT_DBG("%s", hdev->name);
3204
3205 hci_dev_lock(hdev);
3206
a8b2d5c2 3207 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3208 goto unlock;
3209
2763eda6
SJ		 3210 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3211 if (data) {
3212 struct hci_cp_remote_oob_data_reply cp;
3213
3214 bacpy(&cp.bdaddr, &ev->bdaddr);
3215 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3216 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3217
3218 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3219 &cp);
3220 } else {
3221 struct hci_cp_remote_oob_data_neg_reply cp;
3222
3223 bacpy(&cp.bdaddr, &ev->bdaddr);
3224 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3225 &cp);
3226 }
3227
e1ba1f15 3228unlock:
2763eda6
SJ		 3229 hci_dev_unlock(hdev);
3230}
3231
fcd89c09
VT		 3232static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3233{
3234 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3235 struct hci_conn *conn;
3236
3237 BT_DBG("%s status %d", hdev->name, ev->status);
3238
3239 hci_dev_lock(hdev);
3240
3241 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3242 if (!conn) {
3243 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3244 if (!conn) {
3245 BT_ERR("No memory for new connection");
3246 hci_dev_unlock(hdev);
3247 return;
3248 }
29b7988a
AG		 3249
3250 conn->dst_type = ev->bdaddr_type;
b62f328b 3251 }
fcd89c09
VT		 3252
3253 if (ev->status) {
48264f06
JH		 3254 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3255 conn->dst_type, ev->status);
fcd89c09
VT		 3256 hci_proto_connect_cfm(conn, ev->status);
3257 conn->state = BT_CLOSED;
3258 hci_conn_del(conn);
3259 goto unlock;
3260 }
3261
b644ba33
JH		 3262 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3263 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3264 conn->dst_type, NULL, 0, 0);
83bc71b4 3265
7b5c0d52 3266 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3267 conn->handle = __le16_to_cpu(ev->handle);
3268 conn->state = BT_CONNECTED;
3269
3270 hci_conn_hold_device(conn);
3271 hci_conn_add_sysfs(conn);
3272
3273 hci_proto_connect_cfm(conn, ev->status);
3274
3275unlock:
3276 hci_dev_unlock(hdev);
3277}
3278
9aa04c91
AG		 3279static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3280 struct sk_buff *skb)
3281{
e95beb41
AG		 3282 u8 num_reports = skb->data[0];
3283 void *ptr = &skb->data[1];
3c9e9195 3284 s8 rssi;
9aa04c91
AG		 3285
3286 hci_dev_lock(hdev);
3287
e95beb41
AG		 3288 while (num_reports--) {
3289 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3290
9aa04c91 3291 hci_add_adv_entry(hdev, ev);
e95beb41 3292
3c9e9195
AG		 3293 rssi = ev->data[ev->length];
3294 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3295 NULL, rssi, 0, ev->data, ev->length);
3296
e95beb41 3297 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3298 }
3299
3300 hci_dev_unlock(hdev);
3301}
3302
a7a595f6
VCG		 3303static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3304 struct sk_buff *skb)
3305{
3306 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3307 struct hci_cp_le_ltk_reply cp;
bea710fe 3308 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3309 struct hci_conn *conn;
c9839a11 3310 struct smp_ltk *ltk;
a7a595f6
VCG		 3311
3312 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3313
3314 hci_dev_lock(hdev);
3315
3316 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3317 if (conn == NULL)
3318 goto not_found;
a7a595f6 3319
bea710fe
VCG		 3320 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3321 if (ltk == NULL)
3322 goto not_found;
3323
3324 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3325 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3326
3327 if (ltk->authenticated)
3328 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3329
3330 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3331
c9839a11
VCG		 3332 if (ltk->type & HCI_SMP_STK) {
3333 list_del(&ltk->list);
3334 kfree(ltk);
3335 }
3336
a7a595f6 3337 hci_dev_unlock(hdev);
bea710fe
VCG		 3338
3339 return;
3340
3341not_found:
3342 neg.handle = ev->handle;
3343 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3344 hci_dev_unlock(hdev);
a7a595f6
VCG		 3345}
3346
fcd89c09
VT		 3347static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3348{
3349 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3350
3351 skb_pull(skb, sizeof(*le_ev));
3352
3353 switch (le_ev->subevent) {
3354 case HCI_EV_LE_CONN_COMPLETE:
3355 hci_le_conn_complete_evt(hdev, skb);
3356 break;
3357
9aa04c91
AG		 3358 case HCI_EV_LE_ADVERTISING_REPORT:
3359 hci_le_adv_report_evt(hdev, skb);
3360 break;
3361
a7a595f6
VCG		 3362 case HCI_EV_LE_LTK_REQ:
3363 hci_le_ltk_request_evt(hdev, skb);
3364 break;
3365
fcd89c09
VT		 3366 default:
3367 break;
3368 }
3369}
3370
a9de9248
MH		 3371void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3372{
3373 struct hci_event_hdr *hdr = (void *) skb->data;
3374 __u8 event = hdr->evt;
3375
3376 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3377
3378 switch (event) {
1da177e4
LT		 3379 case HCI_EV_INQUIRY_COMPLETE:
3380 hci_inquiry_complete_evt(hdev, skb);
3381 break;
3382
3383 case HCI_EV_INQUIRY_RESULT:
3384 hci_inquiry_result_evt(hdev, skb);
3385 break;
3386
a9de9248
MH		 3387 case HCI_EV_CONN_COMPLETE:
3388 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3389 break;
3390
1da177e4
LT		 3391 case HCI_EV_CONN_REQUEST:
3392 hci_conn_request_evt(hdev, skb);
3393 break;
3394
1da177e4
LT		 3395 case HCI_EV_DISCONN_COMPLETE:
3396 hci_disconn_complete_evt(hdev, skb);
3397 break;
3398
1da177e4
LT		 3399 case HCI_EV_AUTH_COMPLETE:
3400 hci_auth_complete_evt(hdev, skb);
3401 break;
3402
a9de9248
MH		 3403 case HCI_EV_REMOTE_NAME:
3404 hci_remote_name_evt(hdev, skb);
3405 break;
3406
1da177e4
LT		 3407 case HCI_EV_ENCRYPT_CHANGE:
3408 hci_encrypt_change_evt(hdev, skb);
3409 break;
3410
a9de9248
MH		 3411 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3412 hci_change_link_key_complete_evt(hdev, skb);
3413 break;
3414
3415 case HCI_EV_REMOTE_FEATURES:
3416 hci_remote_features_evt(hdev, skb);
3417 break;
3418
3419 case HCI_EV_REMOTE_VERSION:
3420 hci_remote_version_evt(hdev, skb);
3421 break;
3422
3423 case HCI_EV_QOS_SETUP_COMPLETE:
3424 hci_qos_setup_complete_evt(hdev, skb);
3425 break;
3426
3427 case HCI_EV_CMD_COMPLETE:
3428 hci_cmd_complete_evt(hdev, skb);
3429 break;
3430
3431 case HCI_EV_CMD_STATUS:
3432 hci_cmd_status_evt(hdev, skb);
3433 break;
3434
3435 case HCI_EV_ROLE_CHANGE:
3436 hci_role_change_evt(hdev, skb);
3437 break;
3438
3439 case HCI_EV_NUM_COMP_PKTS:
3440 hci_num_comp_pkts_evt(hdev, skb);
3441 break;
3442
3443 case HCI_EV_MODE_CHANGE:
3444 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3445 break;
3446
3447 case HCI_EV_PIN_CODE_REQ:
3448 hci_pin_code_request_evt(hdev, skb);
3449 break;
3450
3451 case HCI_EV_LINK_KEY_REQ:
3452 hci_link_key_request_evt(hdev, skb);
3453 break;
3454
3455 case HCI_EV_LINK_KEY_NOTIFY:
3456 hci_link_key_notify_evt(hdev, skb);
3457 break;
3458
3459 case HCI_EV_CLOCK_OFFSET:
3460 hci_clock_offset_evt(hdev, skb);
3461 break;
3462
a8746417
MH		 3463 case HCI_EV_PKT_TYPE_CHANGE:
3464 hci_pkt_type_change_evt(hdev, skb);
3465 break;
3466
85a1e930
MH		 3467 case HCI_EV_PSCAN_REP_MODE:
3468 hci_pscan_rep_mode_evt(hdev, skb);
3469 break;
3470
a9de9248
MH		 3471 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3472 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3473 break;
3474
a9de9248
MH		 3475 case HCI_EV_REMOTE_EXT_FEATURES:
3476 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3477 break;
3478
a9de9248
MH		 3479 case HCI_EV_SYNC_CONN_COMPLETE:
3480 hci_sync_conn_complete_evt(hdev, skb);
3481 break;
1da177e4 3482
a9de9248
MH		 3483 case HCI_EV_SYNC_CONN_CHANGED:
3484 hci_sync_conn_changed_evt(hdev, skb);
3485 break;
1da177e4 3486
a9de9248
MH		 3487 case HCI_EV_SNIFF_SUBRATE:
3488 hci_sniff_subrate_evt(hdev, skb);
3489 break;
1da177e4 3490
a9de9248
MH		 3491 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3492 hci_extended_inquiry_result_evt(hdev, skb);
3493 break;
1da177e4 3494
0493684e
MH		 3495 case HCI_EV_IO_CAPA_REQUEST:
3496 hci_io_capa_request_evt(hdev, skb);
3497 break;
3498
03b555e1
JH		 3499 case HCI_EV_IO_CAPA_REPLY:
3500 hci_io_capa_reply_evt(hdev, skb);
3501 break;
3502
a5c29683
JH		 3503 case HCI_EV_USER_CONFIRM_REQUEST:
3504 hci_user_confirm_request_evt(hdev, skb);
3505 break;
3506
1143d458
BG		 3507 case HCI_EV_USER_PASSKEY_REQUEST:
3508 hci_user_passkey_request_evt(hdev, skb);
3509 break;
3510
0493684e
MH		 3511 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3512 hci_simple_pair_complete_evt(hdev, skb);
3513 break;
3514
41a96212
MH		 3515 case HCI_EV_REMOTE_HOST_FEATURES:
3516 hci_remote_host_features_evt(hdev, skb);
3517 break;
3518
fcd89c09
VT		 3519 case HCI_EV_LE_META:
3520 hci_le_meta_evt(hdev, skb);
3521 break;
3522
2763eda6
SJ		 3523 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3524 hci_remote_oob_data_request_evt(hdev, skb);
3525 break;
3526
25e89e99
AE		 3527 case HCI_EV_NUM_COMP_BLOCKS:
3528 hci_num_comp_blocks_evt(hdev, skb);
3529 break;
3530
a9de9248
MH		 3531 default:
3532 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3533 break;
3534 }
3535
3536 kfree_skb(skb);
3537 hdev->stat.evt_rx++;
3538}
kernel source for telekom puls (alcatel/mediatek)