projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: AMP: Handle number of compl blocks for AMP_LINK
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
8c520a59 27#include <linux/export.h>
1da177e4
LT		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
f0d6a0ea 32#include <net/bluetooth/mgmt.h>
8e2a0d92 33#include <net/bluetooth/a2mp.h>
903e4541 34#include <net/bluetooth/amp.h>
1da177e4 35
1da177e4
LT		 36/* Handle HCI Event packets */
37
a9de9248 38static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 39{
a9de9248 40 __u8 status = *((__u8 *) skb->data);
1da177e4 41
9f1db00c 42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 43
e6d465cb
AG		 44 if (status) {
45 hci_dev_lock(hdev);
46 mgmt_stop_discovery_failed(hdev, status);
47 hci_dev_unlock(hdev);
a9de9248 48 return;
e6d465cb 49 }
1da177e4 50
89352e7d
AG		 51 clear_bit(HCI_INQUIRY, &hdev->flags);
52
56e5cb86 53 hci_dev_lock(hdev);
ff9ef578 54 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 55 hci_dev_unlock(hdev);
6bd57416 56
23bb5763 57 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 58
59 hci_conn_check_pending(hdev);
60}
6bd57416 61
4d93483b
AG		 62static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
63{
64 __u8 status = *((__u8 *) skb->data);
65
9f1db00c 66 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 67
68 if (status)
69 return;
70
71 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 72}
73
a9de9248
MH		 74static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
75{
76 __u8 status = *((__u8 *) skb->data);
6bd57416 77
9f1db00c 78 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 79
a9de9248
MH		 80 if (status)
81 return;
1da177e4 82
ae854a70
AG		 83 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
807deac2
GP		 88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
89 struct sk_buff *skb)
a9de9248
MH		 90{
91 BT_DBG("%s", hdev->name);
92}
93
94static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95{
96 struct hci_rp_role_discovery *rp = (void *) skb->data;
97 struct hci_conn *conn;
98
9f1db00c 99 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 100
101 if (rp->status)
102 return;
103
104 hci_dev_lock(hdev);
105
106 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
107 if (conn) {
108 if (rp->role)
109 conn->link_mode &= ~HCI_LM_MASTER;
110 else
111 conn->link_mode |= HCI_LM_MASTER;
1da177e4 112 }
a9de9248
MH		 113
114 hci_dev_unlock(hdev);
1da177e4
LT		 115}
116
e4e8e37c
MH		 117static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118{
119 struct hci_rp_read_link_policy *rp = (void *) skb->data;
120 struct hci_conn *conn;
121
9f1db00c 122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 123
124 if (rp->status)
125 return;
126
127 hci_dev_lock(hdev);
128
129 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 if (conn)
131 conn->link_policy = __le16_to_cpu(rp->policy);
132
133 hci_dev_unlock(hdev);
134}
135
a9de9248 136static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 137{
a9de9248 138 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 139 struct hci_conn *conn;
04837f64 140 void *sent;
1da177e4 141
9f1db00c 142 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 143
a9de9248
MH		 144 if (rp->status)
145 return;
1da177e4 146
a9de9248
MH		 147 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
148 if (!sent)
149 return;
1da177e4 150
a9de9248 151 hci_dev_lock(hdev);
1da177e4 152
a9de9248 153 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 154 if (conn)
83985319 155 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 156
a9de9248
MH		 157 hci_dev_unlock(hdev);
158}
1da177e4 159
807deac2
GP		 160static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
161 struct sk_buff *skb)
e4e8e37c
MH		 162{
163 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
164
9f1db00c 165 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 166
167 if (rp->status)
168 return;
169
170 hdev->link_policy = __le16_to_cpu(rp->policy);
171}
172
807deac2
GP		 173static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
174 struct sk_buff *skb)
e4e8e37c
MH		 175{
176 __u8 status = *((__u8 *) skb->data);
177 void *sent;
178
9f1db00c 179 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 180
181 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
182 if (!sent)
183 return;
184
185 if (!status)
186 hdev->link_policy = get_unaligned_le16(sent);
187
23bb5763 188 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 189}
190
a9de9248
MH		 191static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
192{
193 __u8 status = *((__u8 *) skb->data);
04837f64 194
9f1db00c 195 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 196
10572132
GP		 197 clear_bit(HCI_RESET, &hdev->flags);
198
23bb5763 199 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 200
a297e97c 201 /* Reset all non-persistent flags */
ae854a70
AG		 202 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
203 BIT(HCI_PERIODIC_INQ));
69775ff6
AG		 204
205 hdev->discovery.state = DISCOVERY_STOPPED;
a9de9248 206}
04837f64 207
a9de9248
MH		 208static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
209{
210 __u8 status = *((__u8 *) skb->data);
211 void *sent;
04837f64 212
9f1db00c 213 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 214
a9de9248
MH		 215 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
216 if (!sent)
217 return;
04837f64 218
56e5cb86
JH		 219 hci_dev_lock(hdev);
220
f51d5b24
JH		 221 if (test_bit(HCI_MGMT, &hdev->dev_flags))
222 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 223 else if (!status)
224 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 225
56e5cb86 226 hci_dev_unlock(hdev);
3159d384
JH		 227
228 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
a9de9248
MH		 229}
230
231static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
232{
233 struct hci_rp_read_local_name *rp = (void *) skb->data;
234
9f1db00c 235 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 236
237 if (rp->status)
238 return;
239
db99b5fc
JH		 240 if (test_bit(HCI_SETUP, &hdev->dev_flags))
241 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 242}
243
244static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
245{
246 __u8 status = *((__u8 *) skb->data);
247 void *sent;
248
9f1db00c 249 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 250
251 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
252 if (!sent)
253 return;
254
255 if (!status) {
256 __u8 param = *((__u8 *) sent);
257
258 if (param == AUTH_ENABLED)
259 set_bit(HCI_AUTH, &hdev->flags);
260 else
261 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 262 }
a9de9248 263
33ef95ed
JH		 264 if (test_bit(HCI_MGMT, &hdev->dev_flags))
265 mgmt_auth_enable_complete(hdev, status);
266
23bb5763 267 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 268}
269
a9de9248 270static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 271{
a9de9248 272 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 273 void *sent;
274
9f1db00c 275 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 276
a9de9248
MH		 277 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
278 if (!sent)
279 return;
1da177e4 280
a9de9248
MH		 281 if (!status) {
282 __u8 param = *((__u8 *) sent);
283
284 if (param)
285 set_bit(HCI_ENCRYPT, &hdev->flags);
286 else
287 clear_bit(HCI_ENCRYPT, &hdev->flags);
288 }
1da177e4 289
23bb5763 290 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 291}
1da177e4 292
a9de9248
MH		 293static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
294{
36f7fc7e
JH		 295 __u8 param, status = *((__u8 *) skb->data);
296 int old_pscan, old_iscan;
a9de9248 297 void *sent;
1da177e4 298
9f1db00c 299 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 300
a9de9248
MH		 301 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
302 if (!sent)
303 return;
1da177e4 304
36f7fc7e
JH		 305 param = *((__u8 *) sent);
306
56e5cb86
JH		 307 hci_dev_lock(hdev);
308
fa1bd918 309 if (status) {
744cf19e 310 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 311 hdev->discov_timeout = 0;
312 goto done;
313 }
314
36f7fc7e
JH		 315 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
316 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
317
318 if (param & SCAN_INQUIRY) {
319 set_bit(HCI_ISCAN, &hdev->flags);
320 if (!old_iscan)
744cf19e 321 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 322 if (hdev->discov_timeout > 0) {
323 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
324 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 325 to);
16ab91ab 326 }
36f7fc7e 327 } else if (old_iscan)
744cf19e 328 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 329
330 if (param & SCAN_PAGE) {
331 set_bit(HCI_PSCAN, &hdev->flags);
332 if (!old_pscan)
744cf19e 333 mgmt_connectable(hdev, 1);
36f7fc7e 334 } else if (old_pscan)
744cf19e 335 mgmt_connectable(hdev, 0);
1da177e4 336
36f7fc7e 337done:
56e5cb86 338 hci_dev_unlock(hdev);
23bb5763 339 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 340}
1da177e4 341
a9de9248
MH		 342static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
343{
344 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 345
9f1db00c 346 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 347
a9de9248
MH		 348 if (rp->status)
349 return;
1da177e4 350
a9de9248 351 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 352
a9de9248 353 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 354 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 355}
1da177e4 356
a9de9248
MH		 357static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
358{
359 __u8 status = *((__u8 *) skb->data);
360 void *sent;
1da177e4 361
9f1db00c 362 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 363
a9de9248
MH		 364 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
365 if (!sent)
366 return;
1da177e4 367
7f9a903c
MH		 368 hci_dev_lock(hdev);
369
370 if (status == 0)
371 memcpy(hdev->dev_class, sent, 3);
372
373 if (test_bit(HCI_MGMT, &hdev->dev_flags))
374 mgmt_set_class_of_dev_complete(hdev, sent, status);
375
376 hci_dev_unlock(hdev);
a9de9248 377}
1da177e4 378
a9de9248
MH		 379static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
380{
381 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
382 __u16 setting;
383
9f1db00c 384 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 385
386 if (rp->status)
387 return;
388
389 setting = __le16_to_cpu(rp->voice_setting);
390
f383f275 391 if (hdev->voice_setting == setting)
a9de9248
MH		 392 return;
393
394 hdev->voice_setting = setting;
395
9f1db00c 396 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 397
3c54711c 398 if (hdev->notify)
a9de9248 399 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 400}
401
8fc9ced3
GP		 402static void hci_cc_write_voice_setting(struct hci_dev *hdev,
403 struct sk_buff *skb)
a9de9248
MH		 404{
405 __u8 status = *((__u8 *) skb->data);
f383f275 406 __u16 setting;
a9de9248
MH		 407 void *sent;
408
9f1db00c 409 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 410
f383f275
MH		 411 if (status)
412 return;
413
a9de9248
MH		 414 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
415 if (!sent)
416 return;
1da177e4 417
f383f275 418 setting = get_unaligned_le16(sent);
1da177e4 419
f383f275
MH		 420 if (hdev->voice_setting == setting)
421 return;
422
423 hdev->voice_setting = setting;
1da177e4 424
9f1db00c 425 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 426
3c54711c 427 if (hdev->notify)
f383f275 428 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 429}
430
a9de9248 431static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 432{
a9de9248 433 __u8 status = *((__u8 *) skb->data);
1da177e4 434
9f1db00c 435 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 436
23bb5763 437 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 438}
1143e5a6 439
333140b5
MH		 440static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
441{
442 __u8 status = *((__u8 *) skb->data);
443 void *sent;
444
9f1db00c 445 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 446
333140b5
MH		 447 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 if (!sent)
449 return;
450
ed2c4ee3 451 if (test_bit(HCI_MGMT, &hdev->dev_flags))
c0ecddc2
JH		 452 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status);
453 else if (!status) {
454 if (*((u8 *) sent))
455 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
456 else
457 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
458 }
333140b5
MH		 459}
460
d5859e22
JH		 461static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
462{
463 if (hdev->features[6] & LMP_EXT_INQ)
464 return 2;
465
466 if (hdev->features[3] & LMP_RSSI_INQ)
467 return 1;
468
469 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
807deac2 470 hdev->lmp_subver == 0x0757)
d5859e22
JH		 471 return 1;
472
473 if (hdev->manufacturer == 15) {
474 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
475 return 1;
476 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
477 return 1;
478 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
479 return 1;
480 }
481
482 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
807deac2 483 hdev->lmp_subver == 0x1805)
d5859e22
JH		 484 return 1;
485
486 return 0;
487}
488
489static void hci_setup_inquiry_mode(struct hci_dev *hdev)
490{
491 u8 mode;
492
493 mode = hci_get_inquiry_mode(hdev);
494
495 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
496}
497
498static void hci_setup_event_mask(struct hci_dev *hdev)
499{
500 /* The second byte is 0xff instead of 0x9f (two reserved bits
501 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
502 * command otherwise */
503 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
504
6de6c18d
VT		 505 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
506 * any event mask for pre 1.2 devices */
5a13b095 507 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 508 return;
509
510 events[4] |= 0x01; /* Flow Specification Complete */
511 events[4] |= 0x02; /* Inquiry Result with RSSI */
512 events[4] |= 0x04; /* Read Remote Extended Features Complete */
513 events[5] |= 0x08; /* Synchronous Connection Complete */
514 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 515
516 if (hdev->features[3] & LMP_RSSI_INQ)
a24299e6 517 events[4] |= 0x02; /* Inquiry Result with RSSI */
d5859e22 518
999dcd10 519 if (lmp_sniffsubr_capable(hdev))
d5859e22
JH		 520 events[5] |= 0x20; /* Sniff Subrating */
521
522 if (hdev->features[5] & LMP_PAUSE_ENC)
523 events[5] |= 0x80; /* Encryption Key Refresh Complete */
524
525 if (hdev->features[6] & LMP_EXT_INQ)
526 events[5] |= 0x40; /* Extended Inquiry Result */
527
c58e810e 528 if (lmp_no_flush_capable(hdev))
d5859e22
JH		 529 events[7] |= 0x01; /* Enhanced Flush Complete */
530
531 if (hdev->features[7] & LMP_LSTO)
532 events[6] |= 0x80; /* Link Supervision Timeout Changed */
533
9a1a1996 534 if (lmp_ssp_capable(hdev)) {
d5859e22
JH		 535 events[6] |= 0x01; /* IO Capability Request */
536 events[6] |= 0x02; /* IO Capability Response */
537 events[6] |= 0x04; /* User Confirmation Request */
538 events[6] |= 0x08; /* User Passkey Request */
539 events[6] |= 0x10; /* Remote OOB Data Request */
540 events[6] |= 0x20; /* Simple Pairing Complete */
541 events[7] |= 0x04; /* User Passkey Notification */
542 events[7] |= 0x08; /* Keypress Notification */
543 events[7] |= 0x10; /* Remote Host Supported
544 * Features Notification */
545 }
546
c383ddc4 547 if (lmp_le_capable(hdev))
d5859e22
JH		 548 events[7] |= 0x20; /* LE Meta-Event */
549
550 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
551}
552
553static void hci_setup(struct hci_dev *hdev)
554{
e61ef499
AE		 555 if (hdev->dev_type != HCI_BREDR)
556 return;
557
d5859e22
JH		 558 hci_setup_event_mask(hdev);
559
d095c1eb 560 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 561 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
562
6d3c730f 563 if (lmp_ssp_capable(hdev)) {
54d04dbb
JH		 564 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
565 u8 mode = 0x01;
566 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
04124681 567 sizeof(mode), &mode);
54d04dbb
JH		 568 } else {
569 struct hci_cp_write_eir cp;
570
571 memset(hdev->eir, 0, sizeof(hdev->eir));
572 memset(&cp, 0, sizeof(cp));
573
574 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
575 }
d5859e22
JH		 576 }
577
578 if (hdev->features[3] & LMP_RSSI_INQ)
579 hci_setup_inquiry_mode(hdev);
580
581 if (hdev->features[7] & LMP_INQ_TX_PWR)
582 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 583
584 if (hdev->features[7] & LMP_EXTFEATURES) {
585 struct hci_cp_read_local_ext_features cp;
586
587 cp.page = 0x01;
04124681
GP		 588 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
589 &cp);
971e3a4b 590 }
e6100a25 591
47990ea0
JH		 592 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
593 u8 enable = 1;
04124681
GP		 594 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
595 &enable);
47990ea0 596 }
d5859e22
JH		 597}
598
a9de9248
MH		 599static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
600{
601 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 602
9f1db00c 603 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 604
a9de9248 605 if (rp->status)
28b8df77 606 goto done;
1143e5a6 607
a9de9248 608 hdev->hci_ver = rp->hci_ver;
e4e8e37c 609 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 610 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 611 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 612 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 613
9f1db00c 614 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 615 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 616
617 if (test_bit(HCI_INIT, &hdev->flags))
618 hci_setup(hdev);
28b8df77
AE		 619
620done:
621 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
d5859e22
JH		 622}
623
624static void hci_setup_link_policy(struct hci_dev *hdev)
625{
035100c8 626 struct hci_cp_write_def_link_policy cp;
d5859e22
JH		 627 u16 link_policy = 0;
628
9f92ebf6 629 if (lmp_rswitch_capable(hdev))
d5859e22
JH		 630 link_policy |= HCI_LP_RSWITCH;
631 if (hdev->features[0] & LMP_HOLD)
632 link_policy |= HCI_LP_HOLD;
6eded100 633 if (lmp_sniff_capable(hdev))
d5859e22
JH		 634 link_policy |= HCI_LP_SNIFF;
635 if (hdev->features[1] & LMP_PARK)
636 link_policy |= HCI_LP_PARK;
637
035100c8
AE		 638 cp.policy = cpu_to_le16(link_policy);
639 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
a9de9248 640}
1da177e4 641
8fc9ced3
GP		 642static void hci_cc_read_local_commands(struct hci_dev *hdev,
643 struct sk_buff *skb)
a9de9248
MH		 644{
645 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 646
9f1db00c 647 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 648
a9de9248 649 if (rp->status)
d5859e22 650 goto done;
1da177e4 651
a9de9248 652 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 653
654 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
655 hci_setup_link_policy(hdev);
656
657done:
658 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 659}
1da177e4 660
8fc9ced3
GP		 661static void hci_cc_read_local_features(struct hci_dev *hdev,
662 struct sk_buff *skb)
a9de9248
MH		 663{
664 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 665
9f1db00c 666 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 667
a9de9248
MH		 668 if (rp->status)
669 return;
5b7f9909 670
a9de9248 671 memcpy(hdev->features, rp->features, 8);
5b7f9909 672
a9de9248
MH		 673 /* Adjust default settings according to features
674 * supported by device. */
1da177e4 675
a9de9248
MH		 676 if (hdev->features[0] & LMP_3SLOT)
677 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 678
a9de9248
MH		 679 if (hdev->features[0] & LMP_5SLOT)
680 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 681
a9de9248
MH		 682 if (hdev->features[1] & LMP_HV2) {
683 hdev->pkt_type |= (HCI_HV2);
684 hdev->esco_type |= (ESCO_HV2);
685 }
1da177e4 686
a9de9248
MH		 687 if (hdev->features[1] & LMP_HV3) {
688 hdev->pkt_type |= (HCI_HV3);
689 hdev->esco_type |= (ESCO_HV3);
690 }
1da177e4 691
45db810f 692 if (lmp_esco_capable(hdev))
a9de9248 693 hdev->esco_type |= (ESCO_EV3);
da1f5198 694
a9de9248
MH		 695 if (hdev->features[4] & LMP_EV4)
696 hdev->esco_type |= (ESCO_EV4);
da1f5198 697
a9de9248
MH		 698 if (hdev->features[4] & LMP_EV5)
699 hdev->esco_type |= (ESCO_EV5);
1da177e4 700
efc7688b
MH		 701 if (hdev->features[5] & LMP_EDR_ESCO_2M)
702 hdev->esco_type |= (ESCO_2EV3);
703
704 if (hdev->features[5] & LMP_EDR_ESCO_3M)
705 hdev->esco_type |= (ESCO_3EV3);
706
707 if (hdev->features[5] & LMP_EDR_3S_ESCO)
708 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
709
a9de9248 710 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
807deac2
GP		 711 hdev->features[0], hdev->features[1],
712 hdev->features[2], hdev->features[3],
713 hdev->features[4], hdev->features[5],
714 hdev->features[6], hdev->features[7]);
a9de9248 715}
1da177e4 716
8f984dfa
JH		 717static void hci_set_le_support(struct hci_dev *hdev)
718{
719 struct hci_cp_write_le_host_supported cp;
720
721 memset(&cp, 0, sizeof(cp));
722
9d42820f 723 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
8f984dfa
JH		 724 cp.le = 1;
725 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
726 }
727
728 if (cp.le != !!(hdev->host_features[0] & LMP_HOST_LE))
04124681
GP		 729 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
730 &cp);
8f984dfa
JH		 731}
732
971e3a4b 733static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 734 struct sk_buff *skb)
971e3a4b
AG		 735{
736 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
737
9f1db00c 738 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 739
740 if (rp->status)
8f984dfa 741 goto done;
971e3a4b 742
b5b32b65
AG		 743 switch (rp->page) {
744 case 0:
745 memcpy(hdev->features, rp->features, 8);
746 break;
747 case 1:
748 memcpy(hdev->host_features, rp->features, 8);
749 break;
750 }
971e3a4b 751
c383ddc4 752 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
8f984dfa
JH		 753 hci_set_le_support(hdev);
754
755done:
971e3a4b
AG		 756 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
757}
758
1e89cffb 759static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 760 struct sk_buff *skb)
1e89cffb
AE		 761{
762 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
763
9f1db00c 764 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb
AE		 765
766 if (rp->status)
767 return;
768
769 hdev->flow_ctl_mode = rp->mode;
770
771 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
772}
773
a9de9248
MH		 774static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
775{
776 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 777
9f1db00c 778 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 779
a9de9248
MH		 780 if (rp->status)
781 return;
1da177e4 782
a9de9248
MH		 783 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
784 hdev->sco_mtu = rp->sco_mtu;
785 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
786 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
787
788 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
789 hdev->sco_mtu = 64;
790 hdev->sco_pkts = 8;
1da177e4 791 }
a9de9248
MH		 792
793 hdev->acl_cnt = hdev->acl_pkts;
794 hdev->sco_cnt = hdev->sco_pkts;
795
807deac2
GP		 796 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
797 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 798}
799
800static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
801{
802 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
803
9f1db00c 804 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 805
806 if (!rp->status)
807 bacpy(&hdev->bdaddr, &rp->bdaddr);
808
23bb5763
JH		 809 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
810}
811
350ee4cf 812static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 813 struct sk_buff *skb)
350ee4cf
AE		 814{
815 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
816
9f1db00c 817 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 818
819 if (rp->status)
820 return;
821
822 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
823 hdev->block_len = __le16_to_cpu(rp->block_len);
824 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
825
826 hdev->block_cnt = hdev->num_blocks;
827
828 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 829 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 830
831 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
832}
833
23bb5763
JH		 834static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
835{
836 __u8 status = *((__u8 *) skb->data);
837
9f1db00c 838 BT_DBG("%s status 0x%2.2x", hdev->name, status);
23bb5763
JH		 839
840 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 841}
842
928abaa7 843static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 844 struct sk_buff *skb)
928abaa7
AE		 845{
846 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
847
9f1db00c 848 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 849
850 if (rp->status)
8e2a0d92 851 goto a2mp_rsp;
928abaa7
AE		 852
853 hdev->amp_status = rp->amp_status;
854 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
855 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
856 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
857 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
858 hdev->amp_type = rp->amp_type;
859 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
860 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
861 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
862 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
863
864 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
8e2a0d92
AE		 865
866a2mp_rsp:
867 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 868}
869
903e4541
AE		 870static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
871 struct sk_buff *skb)
872{
873 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
874 struct amp_assoc *assoc = &hdev->loc_assoc;
875 size_t rem_len, frag_len;
876
877 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
878
879 if (rp->status)
880 goto a2mp_rsp;
881
882 frag_len = skb->len - sizeof(*rp);
883 rem_len = __le16_to_cpu(rp->rem_len);
884
885 if (rem_len > frag_len) {
2e430be3 886 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 887
888 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
889 assoc->offset += frag_len;
890
891 /* Read other fragments */
892 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
893
894 return;
895 }
896
897 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
898 assoc->len = assoc->offset + rem_len;
899 assoc->offset = 0;
900
901a2mp_rsp:
902 /* Send A2MP Rsp when all fragments are received */
903 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 904 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 905}
906
b0916ea0 907static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
807deac2 908 struct sk_buff *skb)
b0916ea0
JH		 909{
910 __u8 status = *((__u8 *) skb->data);
911
9f1db00c 912 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b0916ea0
JH		 913
914 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
915}
916
d5859e22
JH		 917static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
918{
919 __u8 status = *((__u8 *) skb->data);
920
9f1db00c 921 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 922
923 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
924}
925
926static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
807deac2 927 struct sk_buff *skb)
d5859e22
JH		 928{
929 __u8 status = *((__u8 *) skb->data);
930
9f1db00c 931 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 932
933 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
934}
935
936static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 937 struct sk_buff *skb)
d5859e22 938{
91c4e9b1 939 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 940
9f1db00c 941 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 942
943 if (!rp->status)
944 hdev->inq_tx_power = rp->tx_power;
d5859e22 945
91c4e9b1 946 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
d5859e22
JH		 947}
948
949static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
950{
951 __u8 status = *((__u8 *) skb->data);
952
9f1db00c 953 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 954
955 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
956}
957
980e1a53
JH		 958static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
959{
960 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
961 struct hci_cp_pin_code_reply *cp;
962 struct hci_conn *conn;
963
9f1db00c 964 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 965
56e5cb86
JH		 966 hci_dev_lock(hdev);
967
a8b2d5c2 968 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 969 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 970
fa1bd918 971 if (rp->status)
56e5cb86 972 goto unlock;
980e1a53
JH		 973
974 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
975 if (!cp)
56e5cb86 976 goto unlock;
980e1a53
JH		 977
978 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
979 if (conn)
980 conn->pin_length = cp->pin_len;
56e5cb86
JH		 981
982unlock:
983 hci_dev_unlock(hdev);
980e1a53
JH		 984}
985
986static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
987{
988 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
989
9f1db00c 990 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 991
56e5cb86
JH		 992 hci_dev_lock(hdev);
993
a8b2d5c2 994 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 995 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 996 rp->status);
56e5cb86
JH		 997
998 hci_dev_unlock(hdev);
980e1a53 999}
56e5cb86 1000
6ed58ec5
VT		 1001static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1002 struct sk_buff *skb)
1003{
1004 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1005
9f1db00c 1006 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 1007
1008 if (rp->status)
1009 return;
1010
1011 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1012 hdev->le_pkts = rp->le_max_pkt;
1013
1014 hdev->le_cnt = hdev->le_pkts;
1015
1016 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1017
1018 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1019}
980e1a53 1020
a5c29683
JH		 1021static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1022{
1023 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1024
9f1db00c 1025 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1026
56e5cb86
JH		 1027 hci_dev_lock(hdev);
1028
a8b2d5c2 1029 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 1030 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1031 rp->status);
56e5cb86
JH		 1032
1033 hci_dev_unlock(hdev);
a5c29683
JH		 1034}
1035
1036static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 1037 struct sk_buff *skb)
a5c29683
JH		 1038{
1039 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1040
9f1db00c 1041 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1042
56e5cb86
JH		 1043 hci_dev_lock(hdev);
1044
a8b2d5c2 1045 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 1046 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1047 ACL_LINK, 0, rp->status);
56e5cb86
JH		 1048
1049 hci_dev_unlock(hdev);
a5c29683
JH		 1050}
1051
1143d458
BG		 1052static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1053{
1054 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1055
9f1db00c 1056 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1057
1058 hci_dev_lock(hdev);
1059
a8b2d5c2 1060 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 1061 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 1062 0, rp->status);
1143d458
BG		 1063
1064 hci_dev_unlock(hdev);
1065}
1066
1067static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 1068 struct sk_buff *skb)
1143d458
BG		 1069{
1070 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1071
9f1db00c 1072 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1073
1074 hci_dev_lock(hdev);
1075
a8b2d5c2 1076 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1077 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1078 ACL_LINK, 0, rp->status);
1143d458
BG		 1079
1080 hci_dev_unlock(hdev);
1081}
1082
c35938b2 1083static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 1084 struct sk_buff *skb)
c35938b2
SJ		 1085{
1086 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1087
9f1db00c 1088 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 1089
56e5cb86 1090 hci_dev_lock(hdev);
744cf19e 1091 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1092 rp->randomizer, rp->status);
56e5cb86 1093 hci_dev_unlock(hdev);
c35938b2
SJ		 1094}
1095
07f7fa5d
AG		 1096static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1097{
1098 __u8 status = *((__u8 *) skb->data);
1099
9f1db00c 1100 BT_DBG("%s status 0x%2.2x", hdev->name, status);
7ba8b4be
AG		 1101
1102 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1103
1104 if (status) {
1105 hci_dev_lock(hdev);
1106 mgmt_start_discovery_failed(hdev, status);
1107 hci_dev_unlock(hdev);
1108 return;
1109 }
07f7fa5d
AG		 1110}
1111
eb9d91f5 1112static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 1113 struct sk_buff *skb)
eb9d91f5
AG		 1114{
1115 struct hci_cp_le_set_scan_enable *cp;
1116 __u8 status = *((__u8 *) skb->data);
1117
9f1db00c 1118 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 1119
eb9d91f5
AG		 1120 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1121 if (!cp)
1122 return;
1123
68a8aea4
AE		 1124 switch (cp->enable) {
1125 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1126 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1127
3fd24153
AG		 1128 if (status) {
1129 hci_dev_lock(hdev);
1130 mgmt_start_discovery_failed(hdev, status);
1131 hci_dev_unlock(hdev);
7ba8b4be 1132 return;
3fd24153 1133 }
7ba8b4be 1134
d23264a8
AG		 1135 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1136
a8f13c8c 1137 hci_dev_lock(hdev);
343f935b 1138 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 1139 hci_dev_unlock(hdev);
68a8aea4
AE		 1140 break;
1141
1142 case LE_SCANNING_DISABLED:
c9ecc48e
AG		 1143 if (status) {
1144 hci_dev_lock(hdev);
1145 mgmt_stop_discovery_failed(hdev, status);
1146 hci_dev_unlock(hdev);
7ba8b4be 1147 return;
c9ecc48e 1148 }
7ba8b4be 1149
d23264a8
AG		 1150 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1151
bc3dd33c
AG		 1152 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1153 hdev->discovery.state == DISCOVERY_FINDING) {
5e0452c0
AG		 1154 mgmt_interleaved_discovery(hdev);
1155 } else {
1156 hci_dev_lock(hdev);
1157 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1158 hci_dev_unlock(hdev);
1159 }
1160
68a8aea4
AE		 1161 break;
1162
1163 default:
1164 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1165 break;
35815085 1166 }
eb9d91f5
AG		 1167}
1168
a7a595f6
VCG		 1169static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1170{
1171 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1172
9f1db00c 1173 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1174
1175 if (rp->status)
1176 return;
1177
1178 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1179}
1180
1181static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1182{
1183 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1184
9f1db00c 1185 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1186
1187 if (rp->status)
1188 return;
1189
1190 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1191}
1192
6039aa73
GP		 1193static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1194 struct sk_buff *skb)
f9b49306 1195{
06199cf8 1196 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 1197 __u8 status = *((__u8 *) skb->data);
1198
9f1db00c 1199 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1200
06199cf8 1201 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1202 if (!sent)
f9b49306
AG		 1203 return;
1204
8f984dfa
JH		 1205 if (!status) {
1206 if (sent->le)
1207 hdev->host_features[0] |= LMP_HOST_LE;
1208 else
1209 hdev->host_features[0] &= ~LMP_HOST_LE;
1210 }
1211
1212 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
807deac2 1213 !test_bit(HCI_INIT, &hdev->flags))
8f984dfa
JH		 1214 mgmt_le_enable_complete(hdev, sent->le, status);
1215
1216 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
f9b49306
AG		 1217}
1218
93c284ee
AE		 1219static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1220 struct sk_buff *skb)
1221{
1222 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1223
1224 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1225 hdev->name, rp->status, rp->phy_handle);
1226
1227 if (rp->status)
1228 return;
1229
1230 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1231}
1232
6039aa73 1233static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1234{
9f1db00c 1235 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1236
1237 if (status) {
23bb5763 1238 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1239 hci_conn_check_pending(hdev);
56e5cb86 1240 hci_dev_lock(hdev);
a8b2d5c2 1241 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1242 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1243 hci_dev_unlock(hdev);
314b2381
JH		 1244 return;
1245 }
1246
89352e7d
AG		 1247 set_bit(HCI_INQUIRY, &hdev->flags);
1248
56e5cb86 1249 hci_dev_lock(hdev);
343f935b 1250 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1251 hci_dev_unlock(hdev);
1da177e4
LT		 1252}
1253
6039aa73 1254static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1255{
a9de9248 1256 struct hci_cp_create_conn *cp;
1da177e4 1257 struct hci_conn *conn;
1da177e4 1258
9f1db00c 1259 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1260
1261 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1262 if (!cp)
1263 return;
1264
1265 hci_dev_lock(hdev);
1266
1267 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1268
6ed93dc6 1269 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1270
1271 if (status) {
1272 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1273 if (status != 0x0c || conn->attempt > 2) {
1274 conn->state = BT_CLOSED;
1275 hci_proto_connect_cfm(conn, status);
1276 hci_conn_del(conn);
1277 } else
1278 conn->state = BT_CONNECT2;
1da177e4
LT		 1279 }
1280 } else {
1281 if (!conn) {
1282 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1283 if (conn) {
a0c808b3 1284 conn->out = true;
1da177e4
LT		 1285 conn->link_mode |= HCI_LM_MASTER;
1286 } else
893ef971 1287 BT_ERR("No memory for new connection");
1da177e4
LT		 1288 }
1289 }
1290
1291 hci_dev_unlock(hdev);
1292}
1293
a9de9248 1294static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1295{
a9de9248
MH		 1296 struct hci_cp_add_sco *cp;
1297 struct hci_conn *acl, *sco;
1298 __u16 handle;
1da177e4 1299
9f1db00c 1300 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1301
a9de9248
MH		 1302 if (!status)
1303 return;
1da177e4 1304
a9de9248
MH		 1305 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1306 if (!cp)
1307 return;
1da177e4 1308
a9de9248 1309 handle = __le16_to_cpu(cp->handle);
1da177e4 1310
9f1db00c 1311 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1312
a9de9248 1313 hci_dev_lock(hdev);
1da177e4 1314
a9de9248 1315 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1316 if (acl) {
1317 sco = acl->link;
1318 if (sco) {
1319 sco->state = BT_CLOSED;
1da177e4 1320
5a08ecce
AE		 1321 hci_proto_connect_cfm(sco, status);
1322 hci_conn_del(sco);
1323 }
a9de9248 1324 }
1da177e4 1325
a9de9248
MH		 1326 hci_dev_unlock(hdev);
1327}
1da177e4 1328
f8558555
MH		 1329static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1330{
1331 struct hci_cp_auth_requested *cp;
1332 struct hci_conn *conn;
1333
9f1db00c 1334 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1335
1336 if (!status)
1337 return;
1338
1339 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1340 if (!cp)
1341 return;
1342
1343 hci_dev_lock(hdev);
1344
1345 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1346 if (conn) {
1347 if (conn->state == BT_CONFIG) {
1348 hci_proto_connect_cfm(conn, status);
1349 hci_conn_put(conn);
1350 }
1351 }
1352
1353 hci_dev_unlock(hdev);
1354}
1355
1356static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1357{
1358 struct hci_cp_set_conn_encrypt *cp;
1359 struct hci_conn *conn;
1360
9f1db00c 1361 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1362
1363 if (!status)
1364 return;
1365
1366 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1367 if (!cp)
1368 return;
1369
1370 hci_dev_lock(hdev);
1371
1372 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1373 if (conn) {
1374 if (conn->state == BT_CONFIG) {
1375 hci_proto_connect_cfm(conn, status);
1376 hci_conn_put(conn);
1377 }
1378 }
1379
1380 hci_dev_unlock(hdev);
1381}
1382
127178d2 1383static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1384 struct hci_conn *conn)
392599b9 1385{
392599b9
JH		 1386 if (conn->state != BT_CONFIG || !conn->out)
1387 return 0;
1388
765c2a96 1389 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1390 return 0;
1391
1392 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1393 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1394 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1395 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1396 return 0;
1397
392599b9
JH		 1398 return 1;
1399}
1400
6039aa73 1401static int hci_resolve_name(struct hci_dev *hdev,
04124681 1402 struct inquiry_entry *e)
30dc78e1
JH		 1403{
1404 struct hci_cp_remote_name_req cp;
1405
1406 memset(&cp, 0, sizeof(cp));
1407
1408 bacpy(&cp.bdaddr, &e->data.bdaddr);
1409 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1410 cp.pscan_mode = e->data.pscan_mode;
1411 cp.clock_offset = e->data.clock_offset;
1412
1413 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1414}
1415
b644ba33 1416static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1417{
1418 struct discovery_state *discov = &hdev->discovery;
1419 struct inquiry_entry *e;
1420
b644ba33
JH		 1421 if (list_empty(&discov->resolve))
1422 return false;
1423
1424 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1425 if (!e)
1426 return false;
1427
b644ba33
JH		 1428 if (hci_resolve_name(hdev, e) == 0) {
1429 e->name_state = NAME_PENDING;
1430 return true;
1431 }
1432
1433 return false;
1434}
1435
1436static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1437 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1438{
1439 struct discovery_state *discov = &hdev->discovery;
1440 struct inquiry_entry *e;
1441
1442 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1443 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1444 name_len, conn->dev_class);
b644ba33
JH		 1445
1446 if (discov->state == DISCOVERY_STOPPED)
1447 return;
1448
30dc78e1
JH		 1449 if (discov->state == DISCOVERY_STOPPING)
1450 goto discov_complete;
1451
1452 if (discov->state != DISCOVERY_RESOLVING)
1453 return;
1454
1455 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1456 /* If the device was not found in a list of found devices names of which
1457 * are pending. there is no need to continue resolving a next name as it
1458 * will be done upon receiving another Remote Name Request Complete
1459 * Event */
1460 if (!e)
1461 return;
1462
1463 list_del(&e->list);
1464 if (name) {
30dc78e1 1465 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1466 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1467 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1468 } else {
1469 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1470 }
1471
b644ba33 1472 if (hci_resolve_next_name(hdev))
30dc78e1 1473 return;
30dc78e1
JH		 1474
1475discov_complete:
1476 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1477}
1478
a9de9248
MH		 1479static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1480{
127178d2
JH		 1481 struct hci_cp_remote_name_req *cp;
1482 struct hci_conn *conn;
1483
9f1db00c 1484 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1485
1486 /* If successful wait for the name req complete event before
1487 * checking for the need to do authentication */
1488 if (!status)
1489 return;
1490
1491 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1492 if (!cp)
1493 return;
1494
1495 hci_dev_lock(hdev);
1496
b644ba33
JH		 1497 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1498
a8b2d5c2 1499 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1500 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1501
79c6c70c
JH		 1502 if (!conn)
1503 goto unlock;
1504
1505 if (!hci_outgoing_auth_needed(hdev, conn))
1506 goto unlock;
1507
51a8efd7 1508 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1509 struct hci_cp_auth_requested cp;
1510 cp.handle = __cpu_to_le16(conn->handle);
1511 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1512 }
1513
79c6c70c 1514unlock:
127178d2 1515 hci_dev_unlock(hdev);
a9de9248 1516}
1da177e4 1517
769be974
MH		 1518static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1519{
1520 struct hci_cp_read_remote_features *cp;
1521 struct hci_conn *conn;
1522
9f1db00c 1523 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1524
1525 if (!status)
1526 return;
1527
1528 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1529 if (!cp)
1530 return;
1531
1532 hci_dev_lock(hdev);
1533
1534 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1535 if (conn) {
1536 if (conn->state == BT_CONFIG) {
769be974
MH		 1537 hci_proto_connect_cfm(conn, status);
1538 hci_conn_put(conn);
1539 }
1540 }
1541
1542 hci_dev_unlock(hdev);
1543}
1544
1545static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1546{
1547 struct hci_cp_read_remote_ext_features *cp;
1548 struct hci_conn *conn;
1549
9f1db00c 1550 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1551
1552 if (!status)
1553 return;
1554
1555 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1556 if (!cp)
1557 return;
1558
1559 hci_dev_lock(hdev);
1560
1561 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1562 if (conn) {
1563 if (conn->state == BT_CONFIG) {
769be974
MH		 1564 hci_proto_connect_cfm(conn, status);
1565 hci_conn_put(conn);
1566 }
1567 }
1568
1569 hci_dev_unlock(hdev);
1570}
1571
a9de9248
MH		 1572static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1573{
b6a0dc82
MH		 1574 struct hci_cp_setup_sync_conn *cp;
1575 struct hci_conn *acl, *sco;
1576 __u16 handle;
1577
9f1db00c 1578 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1579
1580 if (!status)
1581 return;
1582
1583 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1584 if (!cp)
1585 return;
1586
1587 handle = __le16_to_cpu(cp->handle);
1588
9f1db00c 1589 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1590
1591 hci_dev_lock(hdev);
1592
1593 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1594 if (acl) {
1595 sco = acl->link;
1596 if (sco) {
1597 sco->state = BT_CLOSED;
b6a0dc82 1598
5a08ecce
AE		 1599 hci_proto_connect_cfm(sco, status);
1600 hci_conn_del(sco);
1601 }
b6a0dc82
MH		 1602 }
1603
1604 hci_dev_unlock(hdev);
1da177e4
LT		 1605}
1606
a9de9248 1607static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1608{
a9de9248
MH		 1609 struct hci_cp_sniff_mode *cp;
1610 struct hci_conn *conn;
1da177e4 1611
9f1db00c 1612 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1613
a9de9248
MH		 1614 if (!status)
1615 return;
04837f64 1616
a9de9248
MH		 1617 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1618 if (!cp)
1619 return;
04837f64 1620
a9de9248 1621 hci_dev_lock(hdev);
04837f64 1622
a9de9248 1623 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1624 if (conn) {
51a8efd7 1625 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1626
51a8efd7 1627 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1628 hci_sco_setup(conn, status);
1629 }
1630
a9de9248
MH		 1631 hci_dev_unlock(hdev);
1632}
04837f64 1633
a9de9248
MH		 1634static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1635{
1636 struct hci_cp_exit_sniff_mode *cp;
1637 struct hci_conn *conn;
04837f64 1638
9f1db00c 1639 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1640
a9de9248
MH		 1641 if (!status)
1642 return;
04837f64 1643
a9de9248
MH		 1644 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1645 if (!cp)
1646 return;
04837f64 1647
a9de9248 1648 hci_dev_lock(hdev);
1da177e4 1649
a9de9248 1650 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1651 if (conn) {
51a8efd7 1652 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1653
51a8efd7 1654 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1655 hci_sco_setup(conn, status);
1656 }
1657
a9de9248 1658 hci_dev_unlock(hdev);
1da177e4
LT		 1659}
1660
88c3df13
JH		 1661static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1662{
1663 struct hci_cp_disconnect *cp;
1664 struct hci_conn *conn;
1665
1666 if (!status)
1667 return;
1668
1669 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1670 if (!cp)
1671 return;
1672
1673 hci_dev_lock(hdev);
1674
1675 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1676 if (conn)
1677 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1678 conn->dst_type, status);
88c3df13
JH		 1679
1680 hci_dev_unlock(hdev);
1681}
1682
fcd89c09
VT		 1683static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1684{
fcd89c09
VT		 1685 struct hci_conn *conn;
1686
9f1db00c 1687 BT_DBG("%s status 0x%2.2x", hdev->name, status);
fcd89c09 1688
f00a06ac
AG		 1689 if (status) {
1690 hci_dev_lock(hdev);
fcd89c09 1691
0c95ab78 1692 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
f00a06ac
AG		 1693 if (!conn) {
1694 hci_dev_unlock(hdev);
1695 return;
1696 }
fcd89c09 1697
6ed93dc6 1698 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
fcd89c09 1699
f00a06ac 1700 conn->state = BT_CLOSED;
0c95ab78 1701 mgmt_connect_failed(hdev, &conn->dst, conn->type,
f00a06ac
AG		 1702 conn->dst_type, status);
1703 hci_proto_connect_cfm(conn, status);
1704 hci_conn_del(conn);
fcd89c09 1705
f00a06ac
AG		 1706 hci_dev_unlock(hdev);
1707 }
fcd89c09
VT		 1708}
1709
a7a595f6
VCG		 1710static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1711{
9f1db00c 1712 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a7a595f6
VCG		 1713}
1714
a02226d6
AE		 1715static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1716{
93c284ee
AE		 1717 struct hci_cp_create_phy_link *cp;
1718
a02226d6 1719 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee
AE		 1720
1721 if (status)
1722 return;
1723
1724 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1725 if (!cp)
1726 return;
1727
1728 amp_write_remote_assoc(hdev, cp->phy_handle);
a02226d6
AE		 1729}
1730
0b26ab9d
AE		 1731static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1732{
1733 struct hci_cp_accept_phy_link *cp;
1734
1735 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1736
1737 if (status)
1738 return;
1739
1740 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1741 if (!cp)
1742 return;
1743
1744 amp_write_remote_assoc(hdev, cp->phy_handle);
1745}
1746
6039aa73 1747static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1748{
1749 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1750 struct discovery_state *discov = &hdev->discovery;
1751 struct inquiry_entry *e;
1da177e4 1752
9f1db00c 1753 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1754
23bb5763 1755 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1756
a9de9248 1757 hci_conn_check_pending(hdev);
89352e7d
AG		 1758
1759 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1760 return;
1761
a8b2d5c2 1762 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1763 return;
1764
56e5cb86 1765 hci_dev_lock(hdev);
30dc78e1 1766
343f935b 1767 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1768 goto unlock;
1769
1770 if (list_empty(&discov->resolve)) {
1771 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1772 goto unlock;
1773 }
1774
1775 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1776 if (e && hci_resolve_name(hdev, e) == 0) {
1777 e->name_state = NAME_PENDING;
1778 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1779 } else {
1780 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1781 }
1782
1783unlock:
56e5cb86 1784 hci_dev_unlock(hdev);
1da177e4
LT		 1785}
1786
6039aa73 1787static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1788{
45bb4bf0 1789 struct inquiry_data data;
a9de9248 1790 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1791 int num_rsp = *((__u8 *) skb->data);
1792
1793 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1794
45bb4bf0
MH		 1795 if (!num_rsp)
1796 return;
1797
1519cc17
AG		 1798 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1799 return;
1800
1da177e4 1801 hci_dev_lock(hdev);
45bb4bf0 1802
e17acd40 1803 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1804 bool name_known, ssp;
3175405b 1805
1da177e4
LT		 1806 bacpy(&data.bdaddr, &info->bdaddr);
1807 data.pscan_rep_mode = info->pscan_rep_mode;
1808 data.pscan_period_mode = info->pscan_period_mode;
1809 data.pscan_mode = info->pscan_mode;
1810 memcpy(data.dev_class, info->dev_class, 3);
1811 data.clock_offset = info->clock_offset;
1812 data.rssi = 0x00;
41a96212 1813 data.ssp_mode = 0x00;
3175405b 1814
388fc8fa 1815 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1816 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1817 info->dev_class, 0, !name_known, ssp, NULL,
1818 0);
1da177e4 1819 }
45bb4bf0 1820
1da177e4
LT		 1821 hci_dev_unlock(hdev);
1822}
1823
6039aa73 1824static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1825{
a9de9248
MH		 1826 struct hci_ev_conn_complete *ev = (void *) skb->data;
1827 struct hci_conn *conn;
1da177e4
LT		 1828
1829 BT_DBG("%s", hdev->name);
1830
1831 hci_dev_lock(hdev);
1832
1833 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1834 if (!conn) {
1835 if (ev->link_type != SCO_LINK)
1836 goto unlock;
1837
1838 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1839 if (!conn)
1840 goto unlock;
1841
1842 conn->type = SCO_LINK;
1843 }
1da177e4
LT		 1844
1845 if (!ev->status) {
1846 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1847
1848 if (conn->type == ACL_LINK) {
1849 conn->state = BT_CONFIG;
1850 hci_conn_hold(conn);
a9ea3ed9
SJ		 1851
1852 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1853 !hci_find_link_key(hdev, &ev->bdaddr))
1854 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1855 else
1856 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1857 } else
1858 conn->state = BT_CONNECTED;
1da177e4 1859
9eba32b8 1860 hci_conn_hold_device(conn);
7d0db0a3
MH		 1861 hci_conn_add_sysfs(conn);
1862
1da177e4
LT		 1863 if (test_bit(HCI_AUTH, &hdev->flags))
1864 conn->link_mode |= HCI_LM_AUTH;
1865
1866 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1867 conn->link_mode |= HCI_LM_ENCRYPT;
1868
04837f64
MH		 1869 /* Get remote features */
1870 if (conn->type == ACL_LINK) {
1871 struct hci_cp_read_remote_features cp;
1872 cp.handle = ev->handle;
769be974 1873 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1874 sizeof(cp), &cp);
04837f64
MH		 1875 }
1876
1da177e4 1877 /* Set packet type for incoming connection */
d095c1eb 1878 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1879 struct hci_cp_change_conn_ptype cp;
1880 cp.handle = ev->handle;
a8746417 1881 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1882 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1883 &cp);
1da177e4 1884 }
17d5c04c 1885 } else {
1da177e4 1886 conn->state = BT_CLOSED;
17d5c04c 1887 if (conn->type == ACL_LINK)
744cf19e 1888 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1889 conn->dst_type, ev->status);
17d5c04c 1890 }
1da177e4 1891
e73439d8
MH		 1892 if (conn->type == ACL_LINK)
1893 hci_sco_setup(conn, ev->status);
1da177e4 1894
769be974
MH		 1895 if (ev->status) {
1896 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1897 hci_conn_del(conn);
c89b6e6b
MH		 1898 } else if (ev->link_type != ACL_LINK)
1899 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1900
a9de9248 1901unlock:
1da177e4 1902 hci_dev_unlock(hdev);
1da177e4 1903
a9de9248 1904 hci_conn_check_pending(hdev);
1da177e4
LT		 1905}
1906
6039aa73 1907static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1908{
a9de9248
MH		 1909 struct hci_ev_conn_request *ev = (void *) skb->data;
1910 int mask = hdev->link_mode;
1da177e4 1911
6ed93dc6 1912 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1913 ev->link_type);
1da177e4 1914
a9de9248 1915 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1916
138d22ef 1917 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1918 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1919 /* Connection accepted */
c7bdd502 1920 struct inquiry_entry *ie;
1da177e4 1921 struct hci_conn *conn;
1da177e4 1922
a9de9248 1923 hci_dev_lock(hdev);
b6a0dc82 1924
cc11b9c1
AE		 1925 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1926 if (ie)
c7bdd502
MH		 1927 memcpy(ie->data.dev_class, ev->dev_class, 3);
1928
8fc9ced3
GP		 1929 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1930 &ev->bdaddr);
a9de9248 1931 if (!conn) {
cc11b9c1
AE		 1932 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1933 if (!conn) {
893ef971 1934 BT_ERR("No memory for new connection");
a9de9248
MH		 1935 hci_dev_unlock(hdev);
1936 return;
1da177e4
LT		 1937 }
1938 }
b6a0dc82 1939
a9de9248
MH		 1940 memcpy(conn->dev_class, ev->dev_class, 3);
1941 conn->state = BT_CONNECT;
b6a0dc82 1942
a9de9248 1943 hci_dev_unlock(hdev);
1da177e4 1944
b6a0dc82
MH		 1945 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1946 struct hci_cp_accept_conn_req cp;
1da177e4 1947
b6a0dc82
MH		 1948 bacpy(&cp.bdaddr, &ev->bdaddr);
1949
1950 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1951 cp.role = 0x00; /* Become master */
1952 else
1953 cp.role = 0x01; /* Remain slave */
1954
04124681
GP		 1955 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1956 &cp);
b6a0dc82
MH		 1957 } else {
1958 struct hci_cp_accept_sync_conn_req cp;
1959
1960 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1961 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1962
82781e63
AE		 1963 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1964 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1965 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1966 cp.content_format = cpu_to_le16(hdev->voice_setting);
1967 cp.retrans_effort = 0xff;
1da177e4 1968
b6a0dc82 1969 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1970 sizeof(cp), &cp);
b6a0dc82 1971 }
a9de9248
MH		 1972 } else {
1973 /* Connection rejected */
1974 struct hci_cp_reject_conn_req cp;
1da177e4 1975
a9de9248 1976 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1977 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1978 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1979 }
1da177e4
LT		 1980}
1981
f0d6a0ea
MA		 1982static u8 hci_to_mgmt_reason(u8 err)
1983{
1984 switch (err) {
1985 case HCI_ERROR_CONNECTION_TIMEOUT:
1986 return MGMT_DEV_DISCONN_TIMEOUT;
1987 case HCI_ERROR_REMOTE_USER_TERM:
1988 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1989 case HCI_ERROR_REMOTE_POWER_OFF:
1990 return MGMT_DEV_DISCONN_REMOTE;
1991 case HCI_ERROR_LOCAL_HOST_TERM:
1992 return MGMT_DEV_DISCONN_LOCAL_HOST;
1993 default:
1994 return MGMT_DEV_DISCONN_UNKNOWN;
1995 }
1996}
1997
6039aa73 1998static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1999{
a9de9248 2000 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 2001 struct hci_conn *conn;
2002
9f1db00c 2003 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2004
2005 hci_dev_lock(hdev);
2006
2007 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 2008 if (!conn)
2009 goto unlock;
7d0db0a3 2010
37d9ef76
JH		 2011 if (ev->status == 0)
2012 conn->state = BT_CLOSED;
04837f64 2013
b644ba33 2014 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 2015 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 2016 if (ev->status) {
88c3df13 2017 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 2018 conn->dst_type, ev->status);
f0d6a0ea
MA		 2019 } else {
2020 u8 reason = hci_to_mgmt_reason(ev->reason);
2021
afc747a6 2022 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 2023 conn->dst_type, reason);
2024 }
37d9ef76 2025 }
f7520543 2026
37d9ef76 2027 if (ev->status == 0) {
6ec5bcad
VA		 2028 if (conn->type == ACL_LINK && conn->flush_key)
2029 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 2030 hci_proto_disconn_cfm(conn, ev->reason);
2031 hci_conn_del(conn);
2032 }
f7520543
JH		 2033
2034unlock:
04837f64
MH		 2035 hci_dev_unlock(hdev);
2036}
2037
6039aa73 2038static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2039{
a9de9248 2040 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 2041 struct hci_conn *conn;
1da177e4 2042
9f1db00c 2043 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2044
2045 hci_dev_lock(hdev);
2046
04837f64 2047 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 2048 if (!conn)
2049 goto unlock;
2050
2051 if (!ev->status) {
aa64a8b5 2052 if (!hci_conn_ssp_enabled(conn) &&
807deac2 2053 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 2054 BT_INFO("re-auth of legacy device is not possible.");
2a611692 2055 } else {
d7556e20
WR		 2056 conn->link_mode |= HCI_LM_AUTH;
2057 conn->sec_level = conn->pending_sec_level;
2a611692 2058 }
d7556e20 2059 } else {
bab73cb6 2060 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 2061 ev->status);
d7556e20 2062 }
1da177e4 2063
51a8efd7
JH		 2064 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2065 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 2066
d7556e20 2067 if (conn->state == BT_CONFIG) {
aa64a8b5 2068 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 2069 struct hci_cp_set_conn_encrypt cp;
2070 cp.handle = ev->handle;
2071 cp.encrypt = 0x01;
2072 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2073 &cp);
052b30b0 2074 } else {
d7556e20
WR		 2075 conn->state = BT_CONNECTED;
2076 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 2077 hci_conn_put(conn);
2078 }
d7556e20
WR		 2079 } else {
2080 hci_auth_cfm(conn, ev->status);
052b30b0 2081
d7556e20
WR		 2082 hci_conn_hold(conn);
2083 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2084 hci_conn_put(conn);
2085 }
2086
51a8efd7 2087 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 2088 if (!ev->status) {
2089 struct hci_cp_set_conn_encrypt cp;
2090 cp.handle = ev->handle;
2091 cp.encrypt = 0x01;
2092 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2093 &cp);
d7556e20 2094 } else {
51a8efd7 2095 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 2096 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 2097 }
2098 }
2099
d7556e20 2100unlock:
1da177e4
LT		 2101 hci_dev_unlock(hdev);
2102}
2103
6039aa73 2104static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2105{
127178d2
JH		 2106 struct hci_ev_remote_name *ev = (void *) skb->data;
2107 struct hci_conn *conn;
2108
a9de9248 2109 BT_DBG("%s", hdev->name);
1da177e4 2110
a9de9248 2111 hci_conn_check_pending(hdev);
127178d2
JH		 2112
2113 hci_dev_lock(hdev);
2114
b644ba33 2115 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 2116
b644ba33
JH		 2117 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2118 goto check_auth;
a88a9652 2119
b644ba33
JH		 2120 if (ev->status == 0)
2121 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 2122 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 2123 else
2124 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2125
2126check_auth:
79c6c70c
JH		 2127 if (!conn)
2128 goto unlock;
2129
2130 if (!hci_outgoing_auth_needed(hdev, conn))
2131 goto unlock;
2132
51a8efd7 2133 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 2134 struct hci_cp_auth_requested cp;
2135 cp.handle = __cpu_to_le16(conn->handle);
2136 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2137 }
2138
79c6c70c 2139unlock:
127178d2 2140 hci_dev_unlock(hdev);
a9de9248
MH		 2141}
2142
6039aa73 2143static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2144{
2145 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2146 struct hci_conn *conn;
2147
9f1db00c 2148 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2149
2150 hci_dev_lock(hdev);
2151
04837f64 2152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2153 if (conn) {
2154 if (!ev->status) {
ae293196
MH		 2155 if (ev->encrypt) {
2156 /* Encryption implies authentication */
2157 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2158 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2159 conn->sec_level = conn->pending_sec_level;
ae293196 2160 } else
1da177e4
LT		 2161 conn->link_mode &= ~HCI_LM_ENCRYPT;
2162 }
2163
51a8efd7 2164 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2165
a7d7723a 2166 if (ev->status && conn->state == BT_CONNECTED) {
d839c813 2167 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
a7d7723a
GP		 2168 hci_conn_put(conn);
2169 goto unlock;
2170 }
2171
f8558555
MH		 2172 if (conn->state == BT_CONFIG) {
2173 if (!ev->status)
2174 conn->state = BT_CONNECTED;
2175
2176 hci_proto_connect_cfm(conn, ev->status);
2177 hci_conn_put(conn);
2178 } else
2179 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2180 }
2181
a7d7723a 2182unlock:
1da177e4
LT		 2183 hci_dev_unlock(hdev);
2184}
2185
6039aa73
GP		 2186static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2187 struct sk_buff *skb)
1da177e4 2188{
a9de9248 2189 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2190 struct hci_conn *conn;
1da177e4 2191
9f1db00c 2192 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2193
2194 hci_dev_lock(hdev);
2195
04837f64 2196 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2197 if (conn) {
2198 if (!ev->status)
2199 conn->link_mode |= HCI_LM_SECURE;
2200
51a8efd7 2201 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2202
2203 hci_key_change_cfm(conn, ev->status);
2204 }
2205
2206 hci_dev_unlock(hdev);
2207}
2208
6039aa73
GP		 2209static void hci_remote_features_evt(struct hci_dev *hdev,
2210 struct sk_buff *skb)
1da177e4 2211{
a9de9248
MH		 2212 struct hci_ev_remote_features *ev = (void *) skb->data;
2213 struct hci_conn *conn;
2214
9f1db00c 2215 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2216
a9de9248
MH		 2217 hci_dev_lock(hdev);
2218
2219 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2220 if (!conn)
2221 goto unlock;
769be974 2222
ccd556fe
JH		 2223 if (!ev->status)
2224 memcpy(conn->features, ev->features, 8);
2225
2226 if (conn->state != BT_CONFIG)
2227 goto unlock;
2228
2229 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2230 struct hci_cp_read_remote_ext_features cp;
2231 cp.handle = ev->handle;
2232 cp.page = 0x01;
2233 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2234 sizeof(cp), &cp);
392599b9
JH		 2235 goto unlock;
2236 }
2237
671267bf 2238 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2239 struct hci_cp_remote_name_req cp;
2240 memset(&cp, 0, sizeof(cp));
2241 bacpy(&cp.bdaddr, &conn->dst);
2242 cp.pscan_rep_mode = 0x02;
2243 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2244 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2245 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2246 conn->dst_type, 0, NULL, 0,
2247 conn->dev_class);
392599b9 2248
127178d2 2249 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2250 conn->state = BT_CONNECTED;
2251 hci_proto_connect_cfm(conn, ev->status);
2252 hci_conn_put(conn);
769be974 2253 }
a9de9248 2254
ccd556fe 2255unlock:
a9de9248 2256 hci_dev_unlock(hdev);
1da177e4
LT		 2257}
2258
6039aa73 2259static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2260{
a9de9248 2261 BT_DBG("%s", hdev->name);
1da177e4
LT		 2262}
2263
6039aa73
GP		 2264static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2265 struct sk_buff *skb)
1da177e4 2266{
a9de9248 2267 BT_DBG("%s", hdev->name);
1da177e4
LT		 2268}
2269
6039aa73 2270static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2271{
2272 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2273 __u16 opcode;
2274
2275 skb_pull(skb, sizeof(*ev));
2276
2277 opcode = __le16_to_cpu(ev->opcode);
2278
2279 switch (opcode) {
2280 case HCI_OP_INQUIRY_CANCEL:
2281 hci_cc_inquiry_cancel(hdev, skb);
2282 break;
2283
4d93483b
AG		 2284 case HCI_OP_PERIODIC_INQ:
2285 hci_cc_periodic_inq(hdev, skb);
2286 break;
2287
a9de9248
MH		 2288 case HCI_OP_EXIT_PERIODIC_INQ:
2289 hci_cc_exit_periodic_inq(hdev, skb);
2290 break;
2291
2292 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2293 hci_cc_remote_name_req_cancel(hdev, skb);
2294 break;
2295
2296 case HCI_OP_ROLE_DISCOVERY:
2297 hci_cc_role_discovery(hdev, skb);
2298 break;
2299
e4e8e37c
MH		 2300 case HCI_OP_READ_LINK_POLICY:
2301 hci_cc_read_link_policy(hdev, skb);
2302 break;
2303
a9de9248
MH		 2304 case HCI_OP_WRITE_LINK_POLICY:
2305 hci_cc_write_link_policy(hdev, skb);
2306 break;
2307
e4e8e37c
MH		 2308 case HCI_OP_READ_DEF_LINK_POLICY:
2309 hci_cc_read_def_link_policy(hdev, skb);
2310 break;
2311
2312 case HCI_OP_WRITE_DEF_LINK_POLICY:
2313 hci_cc_write_def_link_policy(hdev, skb);
2314 break;
2315
a9de9248
MH		 2316 case HCI_OP_RESET:
2317 hci_cc_reset(hdev, skb);
2318 break;
2319
2320 case HCI_OP_WRITE_LOCAL_NAME:
2321 hci_cc_write_local_name(hdev, skb);
2322 break;
2323
2324 case HCI_OP_READ_LOCAL_NAME:
2325 hci_cc_read_local_name(hdev, skb);
2326 break;
2327
2328 case HCI_OP_WRITE_AUTH_ENABLE:
2329 hci_cc_write_auth_enable(hdev, skb);
2330 break;
2331
2332 case HCI_OP_WRITE_ENCRYPT_MODE:
2333 hci_cc_write_encrypt_mode(hdev, skb);
2334 break;
2335
2336 case HCI_OP_WRITE_SCAN_ENABLE:
2337 hci_cc_write_scan_enable(hdev, skb);
2338 break;
2339
2340 case HCI_OP_READ_CLASS_OF_DEV:
2341 hci_cc_read_class_of_dev(hdev, skb);
2342 break;
2343
2344 case HCI_OP_WRITE_CLASS_OF_DEV:
2345 hci_cc_write_class_of_dev(hdev, skb);
2346 break;
2347
2348 case HCI_OP_READ_VOICE_SETTING:
2349 hci_cc_read_voice_setting(hdev, skb);
2350 break;
2351
2352 case HCI_OP_WRITE_VOICE_SETTING:
2353 hci_cc_write_voice_setting(hdev, skb);
2354 break;
2355
2356 case HCI_OP_HOST_BUFFER_SIZE:
2357 hci_cc_host_buffer_size(hdev, skb);
2358 break;
2359
333140b5
MH		 2360 case HCI_OP_WRITE_SSP_MODE:
2361 hci_cc_write_ssp_mode(hdev, skb);
2362 break;
2363
a9de9248
MH		 2364 case HCI_OP_READ_LOCAL_VERSION:
2365 hci_cc_read_local_version(hdev, skb);
2366 break;
2367
2368 case HCI_OP_READ_LOCAL_COMMANDS:
2369 hci_cc_read_local_commands(hdev, skb);
2370 break;
2371
2372 case HCI_OP_READ_LOCAL_FEATURES:
2373 hci_cc_read_local_features(hdev, skb);
2374 break;
2375
971e3a4b
AG		 2376 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2377 hci_cc_read_local_ext_features(hdev, skb);
2378 break;
2379
a9de9248
MH		 2380 case HCI_OP_READ_BUFFER_SIZE:
2381 hci_cc_read_buffer_size(hdev, skb);
2382 break;
2383
2384 case HCI_OP_READ_BD_ADDR:
2385 hci_cc_read_bd_addr(hdev, skb);
2386 break;
2387
350ee4cf
AE		 2388 case HCI_OP_READ_DATA_BLOCK_SIZE:
2389 hci_cc_read_data_block_size(hdev, skb);
2390 break;
2391
23bb5763
JH		 2392 case HCI_OP_WRITE_CA_TIMEOUT:
2393 hci_cc_write_ca_timeout(hdev, skb);
2394 break;
2395
1e89cffb
AE		 2396 case HCI_OP_READ_FLOW_CONTROL_MODE:
2397 hci_cc_read_flow_control_mode(hdev, skb);
2398 break;
2399
928abaa7
AE		 2400 case HCI_OP_READ_LOCAL_AMP_INFO:
2401 hci_cc_read_local_amp_info(hdev, skb);
2402 break;
2403
903e4541
AE		 2404 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2405 hci_cc_read_local_amp_assoc(hdev, skb);
2406 break;
2407
b0916ea0
JH		 2408 case HCI_OP_DELETE_STORED_LINK_KEY:
2409 hci_cc_delete_stored_link_key(hdev, skb);
2410 break;
2411
d5859e22
JH		 2412 case HCI_OP_SET_EVENT_MASK:
2413 hci_cc_set_event_mask(hdev, skb);
2414 break;
2415
2416 case HCI_OP_WRITE_INQUIRY_MODE:
2417 hci_cc_write_inquiry_mode(hdev, skb);
2418 break;
2419
2420 case HCI_OP_READ_INQ_RSP_TX_POWER:
2421 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2422 break;
2423
2424 case HCI_OP_SET_EVENT_FLT:
2425 hci_cc_set_event_flt(hdev, skb);
2426 break;
2427
980e1a53
JH		 2428 case HCI_OP_PIN_CODE_REPLY:
2429 hci_cc_pin_code_reply(hdev, skb);
2430 break;
2431
2432 case HCI_OP_PIN_CODE_NEG_REPLY:
2433 hci_cc_pin_code_neg_reply(hdev, skb);
2434 break;
2435
c35938b2
SJ		 2436 case HCI_OP_READ_LOCAL_OOB_DATA:
2437 hci_cc_read_local_oob_data_reply(hdev, skb);
2438 break;
2439
6ed58ec5
VT		 2440 case HCI_OP_LE_READ_BUFFER_SIZE:
2441 hci_cc_le_read_buffer_size(hdev, skb);
2442 break;
2443
a5c29683
JH		 2444 case HCI_OP_USER_CONFIRM_REPLY:
2445 hci_cc_user_confirm_reply(hdev, skb);
2446 break;
2447
2448 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2449 hci_cc_user_confirm_neg_reply(hdev, skb);
2450 break;
2451
1143d458
BG		 2452 case HCI_OP_USER_PASSKEY_REPLY:
2453 hci_cc_user_passkey_reply(hdev, skb);
2454 break;
2455
2456 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2457 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2458 break;
07f7fa5d
AG		 2459
2460 case HCI_OP_LE_SET_SCAN_PARAM:
2461 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2462 break;
2463
eb9d91f5
AG		 2464 case HCI_OP_LE_SET_SCAN_ENABLE:
2465 hci_cc_le_set_scan_enable(hdev, skb);
2466 break;
2467
a7a595f6
VCG		 2468 case HCI_OP_LE_LTK_REPLY:
2469 hci_cc_le_ltk_reply(hdev, skb);
2470 break;
2471
2472 case HCI_OP_LE_LTK_NEG_REPLY:
2473 hci_cc_le_ltk_neg_reply(hdev, skb);
2474 break;
2475
f9b49306
AG		 2476 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2477 hci_cc_write_le_host_supported(hdev, skb);
2478 break;
2479
93c284ee
AE		 2480 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2481 hci_cc_write_remote_amp_assoc(hdev, skb);
2482 break;
2483
a9de9248 2484 default:
9f1db00c 2485 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2486 break;
2487 }
2488
6bd32326
VT		 2489 if (ev->opcode != HCI_OP_NOP)
2490 del_timer(&hdev->cmd_timer);
2491
a9de9248
MH		 2492 if (ev->ncmd) {
2493 atomic_set(&hdev->cmd_cnt, 1);
2494 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2495 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2496 }
2497}
2498
6039aa73 2499static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2500{
2501 struct hci_ev_cmd_status *ev = (void *) skb->data;
2502 __u16 opcode;
2503
2504 skb_pull(skb, sizeof(*ev));
2505
2506 opcode = __le16_to_cpu(ev->opcode);
2507
2508 switch (opcode) {
2509 case HCI_OP_INQUIRY:
2510 hci_cs_inquiry(hdev, ev->status);
2511 break;
2512
2513 case HCI_OP_CREATE_CONN:
2514 hci_cs_create_conn(hdev, ev->status);
2515 break;
2516
2517 case HCI_OP_ADD_SCO:
2518 hci_cs_add_sco(hdev, ev->status);
2519 break;
2520
f8558555
MH		 2521 case HCI_OP_AUTH_REQUESTED:
2522 hci_cs_auth_requested(hdev, ev->status);
2523 break;
2524
2525 case HCI_OP_SET_CONN_ENCRYPT:
2526 hci_cs_set_conn_encrypt(hdev, ev->status);
2527 break;
2528
a9de9248
MH		 2529 case HCI_OP_REMOTE_NAME_REQ:
2530 hci_cs_remote_name_req(hdev, ev->status);
2531 break;
2532
769be974
MH		 2533 case HCI_OP_READ_REMOTE_FEATURES:
2534 hci_cs_read_remote_features(hdev, ev->status);
2535 break;
2536
2537 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2538 hci_cs_read_remote_ext_features(hdev, ev->status);
2539 break;
2540
a9de9248
MH		 2541 case HCI_OP_SETUP_SYNC_CONN:
2542 hci_cs_setup_sync_conn(hdev, ev->status);
2543 break;
2544
2545 case HCI_OP_SNIFF_MODE:
2546 hci_cs_sniff_mode(hdev, ev->status);
2547 break;
2548
2549 case HCI_OP_EXIT_SNIFF_MODE:
2550 hci_cs_exit_sniff_mode(hdev, ev->status);
2551 break;
2552
8962ee74 2553 case HCI_OP_DISCONNECT:
88c3df13 2554 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2555 break;
2556
fcd89c09
VT		 2557 case HCI_OP_LE_CREATE_CONN:
2558 hci_cs_le_create_conn(hdev, ev->status);
2559 break;
2560
a7a595f6
VCG		 2561 case HCI_OP_LE_START_ENC:
2562 hci_cs_le_start_enc(hdev, ev->status);
2563 break;
2564
a02226d6
AE		 2565 case HCI_OP_CREATE_PHY_LINK:
2566 hci_cs_create_phylink(hdev, ev->status);
2567 break;
2568
0b26ab9d
AE		 2569 case HCI_OP_ACCEPT_PHY_LINK:
2570 hci_cs_accept_phylink(hdev, ev->status);
2571 break;
2572
a9de9248 2573 default:
9f1db00c 2574 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2575 break;
2576 }
2577
6bd32326
VT		 2578 if (ev->opcode != HCI_OP_NOP)
2579 del_timer(&hdev->cmd_timer);
2580
10572132 2581 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2582 atomic_set(&hdev->cmd_cnt, 1);
2583 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2584 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2585 }
2586}
2587
6039aa73 2588static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2589{
2590 struct hci_ev_role_change *ev = (void *) skb->data;
2591 struct hci_conn *conn;
2592
9f1db00c 2593 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2594
2595 hci_dev_lock(hdev);
2596
2597 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2598 if (conn) {
2599 if (!ev->status) {
2600 if (ev->role)
2601 conn->link_mode &= ~HCI_LM_MASTER;
2602 else
2603 conn->link_mode |= HCI_LM_MASTER;
2604 }
2605
51a8efd7 2606 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2607
2608 hci_role_switch_cfm(conn, ev->status, ev->role);
2609 }
2610
2611 hci_dev_unlock(hdev);
2612}
2613
6039aa73 2614static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2615{
2616 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2617 int i;
2618
32ac5b9b
AE		 2619 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2620 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2621 return;
2622 }
2623
c5993de8 2624 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2625 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2626 BT_DBG("%s bad parameters", hdev->name);
2627 return;
2628 }
2629
c5993de8
AE		 2630 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2631
613a1c0c
AE		 2632 for (i = 0; i < ev->num_hndl; i++) {
2633 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2634 struct hci_conn *conn;
2635 __u16 handle, count;
2636
613a1c0c
AE		 2637 handle = __le16_to_cpu(info->handle);
2638 count = __le16_to_cpu(info->count);
a9de9248
MH		 2639
2640 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2641 if (!conn)
2642 continue;
2643
2644 conn->sent -= count;
2645
2646 switch (conn->type) {
2647 case ACL_LINK:
2648 hdev->acl_cnt += count;
2649 if (hdev->acl_cnt > hdev->acl_pkts)
2650 hdev->acl_cnt = hdev->acl_pkts;
2651 break;
2652
2653 case LE_LINK:
2654 if (hdev->le_pkts) {
2655 hdev->le_cnt += count;
2656 if (hdev->le_cnt > hdev->le_pkts)
2657 hdev->le_cnt = hdev->le_pkts;
2658 } else {
70f23020
AE		 2659 hdev->acl_cnt += count;
2660 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2661 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2662 }
f4280918
AE		 2663 break;
2664
2665 case SCO_LINK:
2666 hdev->sco_cnt += count;
2667 if (hdev->sco_cnt > hdev->sco_pkts)
2668 hdev->sco_cnt = hdev->sco_pkts;
2669 break;
2670
2671 default:
2672 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2673 break;
a9de9248
MH		 2674 }
2675 }
2676
3eff45ea 2677 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2678}
2679
76ef7cf7
AE		 2680static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2681 __u16 handle)
2682{
2683 struct hci_chan *chan;
2684
2685 switch (hdev->dev_type) {
2686 case HCI_BREDR:
2687 return hci_conn_hash_lookup_handle(hdev, handle);
2688 case HCI_AMP:
2689 chan = hci_chan_lookup_handle(hdev, handle);
2690 if (chan)
2691 return chan->conn;
2692 break;
2693 default:
2694 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2695 break;
2696 }
2697
2698 return NULL;
2699}
2700
6039aa73 2701static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2702{
2703 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2704 int i;
2705
2706 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2707 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2708 return;
2709 }
2710
2711 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2712 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2713 BT_DBG("%s bad parameters", hdev->name);
2714 return;
2715 }
2716
2717 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2718 ev->num_hndl);
25e89e99
AE		 2719
2720 for (i = 0; i < ev->num_hndl; i++) {
2721 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2722 struct hci_conn *conn = NULL;
25e89e99
AE		 2723 __u16 handle, block_count;
2724
2725 handle = __le16_to_cpu(info->handle);
2726 block_count = __le16_to_cpu(info->blocks);
2727
76ef7cf7 2728 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2729 if (!conn)
2730 continue;
2731
2732 conn->sent -= block_count;
2733
2734 switch (conn->type) {
2735 case ACL_LINK:
2736 hdev->block_cnt += block_count;
2737 if (hdev->block_cnt > hdev->num_blocks)
2738 hdev->block_cnt = hdev->num_blocks;
2739 break;
2740
2741 default:
2742 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2743 break;
2744 }
2745 }
2746
2747 queue_work(hdev->workqueue, &hdev->tx_work);
2748}
2749
6039aa73 2750static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2751{
a9de9248 2752 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2753 struct hci_conn *conn;
2754
9f1db00c 2755 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2756
2757 hci_dev_lock(hdev);
2758
2759 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2760 if (conn) {
2761 conn->mode = ev->mode;
2762 conn->interval = __le16_to_cpu(ev->interval);
2763
8fc9ced3
GP		 2764 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2765 &conn->flags)) {
a9de9248 2766 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2767 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2768 else
58a681ef 2769 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2770 }
e73439d8 2771
51a8efd7 2772 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2773 hci_sco_setup(conn, ev->status);
04837f64
MH		 2774 }
2775
2776 hci_dev_unlock(hdev);
2777}
2778
6039aa73 2779static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2780{
052b30b0
MH		 2781 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2782 struct hci_conn *conn;
2783
a9de9248 2784 BT_DBG("%s", hdev->name);
052b30b0
MH		 2785
2786 hci_dev_lock(hdev);
2787
2788 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2789 if (!conn)
2790 goto unlock;
2791
2792 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2793 hci_conn_hold(conn);
2794 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2795 hci_conn_put(conn);
2796 }
2797
a8b2d5c2 2798 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2799 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2800 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2801 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2802 u8 secure;
2803
2804 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2805 secure = 1;
2806 else
2807 secure = 0;
2808
744cf19e 2809 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2810 }
980e1a53 2811
b6f98044 2812unlock:
052b30b0 2813 hci_dev_unlock(hdev);
a9de9248
MH		 2814}
2815
6039aa73 2816static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2817{
55ed8ca1
JH		 2818 struct hci_ev_link_key_req *ev = (void *) skb->data;
2819 struct hci_cp_link_key_reply cp;
2820 struct hci_conn *conn;
2821 struct link_key *key;
2822
a9de9248 2823 BT_DBG("%s", hdev->name);
55ed8ca1 2824
a8b2d5c2 2825 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2826 return;
2827
2828 hci_dev_lock(hdev);
2829
2830 key = hci_find_link_key(hdev, &ev->bdaddr);
2831 if (!key) {
6ed93dc6
AE		 2832 BT_DBG("%s link key not found for %pMR", hdev->name,
2833 &ev->bdaddr);
55ed8ca1
JH		 2834 goto not_found;
2835 }
2836
6ed93dc6
AE		 2837 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2838 &ev->bdaddr);
55ed8ca1 2839
a8b2d5c2 2840 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2841 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2842 BT_DBG("%s ignoring debug key", hdev->name);
2843 goto not_found;
2844 }
2845
2846 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2847 if (conn) {
2848 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2849 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2850 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2851 goto not_found;
2852 }
55ed8ca1 2853
60b83f57 2854 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2855 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2856 BT_DBG("%s ignoring key unauthenticated for high security",
2857 hdev->name);
60b83f57
WR		 2858 goto not_found;
2859 }
2860
2861 conn->key_type = key->type;
2862 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2863 }
2864
2865 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2866 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2867
2868 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2869
2870 hci_dev_unlock(hdev);
2871
2872 return;
2873
2874not_found:
2875 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2876 hci_dev_unlock(hdev);
a9de9248
MH		 2877}
2878
6039aa73 2879static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2880{
052b30b0
MH		 2881 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2882 struct hci_conn *conn;
55ed8ca1 2883 u8 pin_len = 0;
052b30b0 2884
a9de9248 2885 BT_DBG("%s", hdev->name);
052b30b0
MH		 2886
2887 hci_dev_lock(hdev);
2888
2889 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2890 if (conn) {
2891 hci_conn_hold(conn);
2892 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2893 pin_len = conn->pin_length;
13d39315
WR		 2894
2895 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2896 conn->key_type = ev->key_type;
2897
052b30b0
MH		 2898 hci_conn_put(conn);
2899 }
2900
a8b2d5c2 2901 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2902 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2903 ev->key_type, pin_len);
55ed8ca1 2904
052b30b0 2905 hci_dev_unlock(hdev);
a9de9248
MH		 2906}
2907
6039aa73 2908static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2909{
a9de9248 2910 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2911 struct hci_conn *conn;
1da177e4 2912
9f1db00c 2913 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2914
2915 hci_dev_lock(hdev);
2916
04837f64 2917 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2918 if (conn && !ev->status) {
2919 struct inquiry_entry *ie;
2920
cc11b9c1
AE		 2921 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2922 if (ie) {
1da177e4
LT		 2923 ie->data.clock_offset = ev->clock_offset;
2924 ie->timestamp = jiffies;
2925 }
2926 }
2927
2928 hci_dev_unlock(hdev);
2929}
2930
6039aa73 2931static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2932{
2933 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2934 struct hci_conn *conn;
2935
9f1db00c 2936 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2937
2938 hci_dev_lock(hdev);
2939
2940 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2941 if (conn && !ev->status)
2942 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2943
2944 hci_dev_unlock(hdev);
2945}
2946
6039aa73 2947static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2948{
a9de9248 2949 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2950 struct inquiry_entry *ie;
2951
2952 BT_DBG("%s", hdev->name);
2953
2954 hci_dev_lock(hdev);
2955
cc11b9c1
AE		 2956 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2957 if (ie) {
85a1e930
MH		 2958 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2959 ie->timestamp = jiffies;
2960 }
2961
2962 hci_dev_unlock(hdev);
2963}
2964
6039aa73
GP		 2965static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2966 struct sk_buff *skb)
a9de9248
MH		 2967{
2968 struct inquiry_data data;
2969 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2970 bool name_known, ssp;
a9de9248
MH		 2971
2972 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2973
2974 if (!num_rsp)
2975 return;
2976
1519cc17
AG		 2977 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2978 return;
2979
a9de9248
MH		 2980 hci_dev_lock(hdev);
2981
2982 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2983 struct inquiry_info_with_rssi_and_pscan_mode *info;
2984 info = (void *) (skb->data + 1);
a9de9248 2985
e17acd40 2986 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2987 bacpy(&data.bdaddr, &info->bdaddr);
2988 data.pscan_rep_mode = info->pscan_rep_mode;
2989 data.pscan_period_mode = info->pscan_period_mode;
2990 data.pscan_mode = info->pscan_mode;
2991 memcpy(data.dev_class, info->dev_class, 3);
2992 data.clock_offset = info->clock_offset;
2993 data.rssi = info->rssi;
41a96212 2994 data.ssp_mode = 0x00;
3175405b
JH		 2995
2996 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2997 false, &ssp);
48264f06 2998 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2999 info->dev_class, info->rssi,
3000 !name_known, ssp, NULL, 0);
a9de9248
MH		 3001 }
3002 } else {
3003 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
3004
e17acd40 3005 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 3006 bacpy(&data.bdaddr, &info->bdaddr);
3007 data.pscan_rep_mode = info->pscan_rep_mode;
3008 data.pscan_period_mode = info->pscan_period_mode;
3009 data.pscan_mode = 0x00;
3010 memcpy(data.dev_class, info->dev_class, 3);
3011 data.clock_offset = info->clock_offset;
3012 data.rssi = info->rssi;
41a96212 3013 data.ssp_mode = 0x00;
3175405b 3014 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 3015 false, &ssp);
48264f06 3016 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 3017 info->dev_class, info->rssi,
3018 !name_known, ssp, NULL, 0);
a9de9248
MH		 3019 }
3020 }
3021
3022 hci_dev_unlock(hdev);
3023}
3024
6039aa73
GP		 3025static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3026 struct sk_buff *skb)
a9de9248 3027{
41a96212
MH		 3028 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
3029 struct hci_conn *conn;
3030
a9de9248 3031 BT_DBG("%s", hdev->name);
41a96212 3032
41a96212
MH		 3033 hci_dev_lock(hdev);
3034
3035 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 3036 if (!conn)
3037 goto unlock;
41a96212 3038
ccd556fe
JH		 3039 if (!ev->status && ev->page == 0x01) {
3040 struct inquiry_entry *ie;
41a96212 3041
cc11b9c1
AE		 3042 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3043 if (ie)
02b7cc62 3044 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 3045
02b7cc62 3046 if (ev->features[0] & LMP_HOST_SSP)
58a681ef 3047 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 3048 }
3049
3050 if (conn->state != BT_CONFIG)
3051 goto unlock;
3052
671267bf 3053 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 3054 struct hci_cp_remote_name_req cp;
3055 memset(&cp, 0, sizeof(cp));
3056 bacpy(&cp.bdaddr, &conn->dst);
3057 cp.pscan_rep_mode = 0x02;
3058 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 3059 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3060 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 3061 conn->dst_type, 0, NULL, 0,
3062 conn->dev_class);
392599b9 3063
127178d2 3064 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 3065 conn->state = BT_CONNECTED;
3066 hci_proto_connect_cfm(conn, ev->status);
3067 hci_conn_put(conn);
41a96212
MH		 3068 }
3069
ccd556fe 3070unlock:
41a96212 3071 hci_dev_unlock(hdev);
a9de9248
MH		 3072}
3073
6039aa73
GP		 3074static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3075 struct sk_buff *skb)
a9de9248 3076{
b6a0dc82
MH		 3077 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3078 struct hci_conn *conn;
3079
9f1db00c 3080 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 3081
3082 hci_dev_lock(hdev);
3083
3084 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 3085 if (!conn) {
3086 if (ev->link_type == ESCO_LINK)
3087 goto unlock;
3088
3089 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3090 if (!conn)
3091 goto unlock;
3092
3093 conn->type = SCO_LINK;
3094 }
b6a0dc82 3095
732547f9
MH		 3096 switch (ev->status) {
3097 case 0x00:
b6a0dc82
MH		 3098 conn->handle = __le16_to_cpu(ev->handle);
3099 conn->state = BT_CONNECTED;
7d0db0a3 3100
9eba32b8 3101 hci_conn_hold_device(conn);
7d0db0a3 3102 hci_conn_add_sysfs(conn);
732547f9
MH		 3103 break;
3104
705e5711 3105 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 3106 case 0x1c: /* SCO interval rejected */
1038a00b 3107 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 3108 case 0x1f: /* Unspecified error */
3109 if (conn->out && conn->attempt < 2) {
3110 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3111 (hdev->esco_type & EDR_ESCO_MASK);
3112 hci_setup_sync(conn, conn->link->handle);
3113 goto unlock;
3114 }
3115 /* fall through */
3116
3117 default:
b6a0dc82 3118 conn->state = BT_CLOSED;
732547f9
MH		 3119 break;
3120 }
b6a0dc82
MH		 3121
3122 hci_proto_connect_cfm(conn, ev->status);
3123 if (ev->status)
3124 hci_conn_del(conn);
3125
3126unlock:
3127 hci_dev_unlock(hdev);
a9de9248
MH		 3128}
3129
6039aa73 3130static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 3131{
3132 BT_DBG("%s", hdev->name);
3133}
3134
6039aa73 3135static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 3136{
a9de9248 3137 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64 3138
9f1db00c 3139 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 3140}
3141
6039aa73
GP		 3142static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3143 struct sk_buff *skb)
1da177e4 3144{
a9de9248
MH		 3145 struct inquiry_data data;
3146 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3147 int num_rsp = *((__u8 *) skb->data);
9d939d94 3148 size_t eir_len;
1da177e4 3149
a9de9248 3150 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 3151
a9de9248
MH		 3152 if (!num_rsp)
3153 return;
1da177e4 3154
1519cc17
AG		 3155 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3156 return;
3157
a9de9248
MH		 3158 hci_dev_lock(hdev);
3159
e17acd40 3160 for (; num_rsp; num_rsp--, info++) {
388fc8fa 3161 bool name_known, ssp;
561aafbc 3162
a9de9248 3163 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 3164 data.pscan_rep_mode = info->pscan_rep_mode;
3165 data.pscan_period_mode = info->pscan_period_mode;
3166 data.pscan_mode = 0x00;
a9de9248 3167 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 3168 data.clock_offset = info->clock_offset;
3169 data.rssi = info->rssi;
41a96212 3170 data.ssp_mode = 0x01;
561aafbc 3171
a8b2d5c2 3172 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 3173 name_known = eir_has_data_type(info->data,
04124681
GP		 3174 sizeof(info->data),
3175 EIR_NAME_COMPLETE);
561aafbc
JH		 3176 else
3177 name_known = true;
3178
388fc8fa 3179 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 3180 &ssp);
9d939d94 3181 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 3182 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 3183 info->dev_class, info->rssi, !name_known,
9d939d94 3184 ssp, info->data, eir_len);
a9de9248
MH		 3185 }
3186
3187 hci_dev_unlock(hdev);
3188}
1da177e4 3189
1c2e0041
JH		 3190static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3191 struct sk_buff *skb)
3192{
3193 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3194 struct hci_conn *conn;
3195
9f1db00c 3196 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3197 __le16_to_cpu(ev->handle));
3198
3199 hci_dev_lock(hdev);
3200
3201 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3202 if (!conn)
3203 goto unlock;
3204
3205 if (!ev->status)
3206 conn->sec_level = conn->pending_sec_level;
3207
3208 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3209
3210 if (ev->status && conn->state == BT_CONNECTED) {
3211 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3212 hci_conn_put(conn);
3213 goto unlock;
3214 }
3215
3216 if (conn->state == BT_CONFIG) {
3217 if (!ev->status)
3218 conn->state = BT_CONNECTED;
3219
3220 hci_proto_connect_cfm(conn, ev->status);
3221 hci_conn_put(conn);
3222 } else {
3223 hci_auth_cfm(conn, ev->status);
3224
3225 hci_conn_hold(conn);
3226 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3227 hci_conn_put(conn);
3228 }
3229
3230unlock:
3231 hci_dev_unlock(hdev);
3232}
3233
6039aa73 3234static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3235{
3236 /* If remote requests dedicated bonding follow that lead */
3237 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3238 /* If both remote and local IO capabilities allow MITM
3239 * protection then require it, otherwise don't */
3240 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3241 return 0x02;
3242 else
3243 return 0x03;
3244 }
3245
3246 /* If remote requests no-bonding follow that lead */
3247 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 3248 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3249
3250 return conn->auth_type;
3251}
3252
6039aa73 3253static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3254{
3255 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3256 struct hci_conn *conn;
3257
3258 BT_DBG("%s", hdev->name);
3259
3260 hci_dev_lock(hdev);
3261
3262 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3263 if (!conn)
3264 goto unlock;
3265
3266 hci_conn_hold(conn);
3267
a8b2d5c2 3268 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3269 goto unlock;
3270
a8b2d5c2 3271 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3272 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3273 struct hci_cp_io_capability_reply cp;
3274
3275 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3276 /* Change the IO capability from KeyboardDisplay
3277 * to DisplayYesNo as it is not supported by BT spec. */
3278 cp.capability = (conn->io_capability == 0x04) ?
3279 0x01 : conn->io_capability;
7cbc9bd9
JH		 3280 conn->auth_type = hci_get_auth_req(conn);
3281 cp.authentication = conn->auth_type;
17fa4b9d 3282
8fc9ced3
GP		 3283 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3284 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3285 cp.oob_data = 0x01;
3286 else
3287 cp.oob_data = 0x00;
3288
17fa4b9d 3289 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3290 sizeof(cp), &cp);
03b555e1
JH		 3291 } else {
3292 struct hci_cp_io_capability_neg_reply cp;
3293
3294 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3295 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3296
03b555e1 3297 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3298 sizeof(cp), &cp);
03b555e1
JH		 3299 }
3300
3301unlock:
3302 hci_dev_unlock(hdev);
3303}
3304
6039aa73 3305static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3306{
3307 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3308 struct hci_conn *conn;
3309
3310 BT_DBG("%s", hdev->name);
3311
3312 hci_dev_lock(hdev);
3313
3314 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3315 if (!conn)
3316 goto unlock;
3317
03b555e1 3318 conn->remote_cap = ev->capability;
03b555e1 3319 conn->remote_auth = ev->authentication;
58a681ef
JH		 3320 if (ev->oob_data)
3321 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3322
3323unlock:
0493684e
MH		 3324 hci_dev_unlock(hdev);
3325}
3326
6039aa73
GP		 3327static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3328 struct sk_buff *skb)
a5c29683
JH		 3329{
3330 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3331 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3332 struct hci_conn *conn;
a5c29683
JH		 3333
3334 BT_DBG("%s", hdev->name);
3335
3336 hci_dev_lock(hdev);
3337
a8b2d5c2 3338 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3339 goto unlock;
a5c29683 3340
7a828908
JH		 3341 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3342 if (!conn)
3343 goto unlock;
3344
3345 loc_mitm = (conn->auth_type & 0x01);
3346 rem_mitm = (conn->remote_auth & 0x01);
3347
3348 /* If we require MITM but the remote device can't provide that
3349 * (it has NoInputNoOutput) then reject the confirmation
3350 * request. The only exception is when we're dedicated bonding
3351 * initiators (connect_cfm_cb set) since then we always have the MITM
3352 * bit set. */
3353 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3354 BT_DBG("Rejecting request: remote device can't provide MITM");
3355 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3356 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3357 goto unlock;
3358 }
3359
3360 /* If no side requires MITM protection; auto-accept */
3361 if ((!loc_mitm || conn->remote_cap == 0x03) &&
807deac2 3362 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3363
3364 /* If we're not the initiators request authorization to
3365 * proceed from user space (mgmt_user_confirm with
3366 * confirm_hint set to 1). */
51a8efd7 3367 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3368 BT_DBG("Confirming auto-accept as acceptor");
3369 confirm_hint = 1;
3370 goto confirm;
3371 }
3372
9f61656a 3373 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3374 hdev->auto_accept_delay);
9f61656a
JH		 3375
3376 if (hdev->auto_accept_delay > 0) {
3377 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3378 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3379 goto unlock;
3380 }
3381
7a828908 3382 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3383 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3384 goto unlock;
3385 }
3386
55bc1a37 3387confirm:
272d90df 3388 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3389 confirm_hint);
7a828908
JH		 3390
3391unlock:
a5c29683
JH		 3392 hci_dev_unlock(hdev);
3393}
3394
6039aa73
GP		 3395static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3396 struct sk_buff *skb)
1143d458
BG		 3397{
3398 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3399
3400 BT_DBG("%s", hdev->name);
3401
a8b2d5c2 3402 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3403 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3404}
3405
92a25256
JH		 3406static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3407 struct sk_buff *skb)
3408{
3409 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3410 struct hci_conn *conn;
3411
3412 BT_DBG("%s", hdev->name);
3413
3414 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3415 if (!conn)
3416 return;
3417
3418 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3419 conn->passkey_entered = 0;
3420
3421 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3422 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3423 conn->dst_type, conn->passkey_notify,
3424 conn->passkey_entered);
3425}
3426
3427static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3428{
3429 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3430 struct hci_conn *conn;
3431
3432 BT_DBG("%s", hdev->name);
3433
3434 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3435 if (!conn)
3436 return;
3437
3438 switch (ev->type) {
3439 case HCI_KEYPRESS_STARTED:
3440 conn->passkey_entered = 0;
3441 return;
3442
3443 case HCI_KEYPRESS_ENTERED:
3444 conn->passkey_entered++;
3445 break;
3446
3447 case HCI_KEYPRESS_ERASED:
3448 conn->passkey_entered--;
3449 break;
3450
3451 case HCI_KEYPRESS_CLEARED:
3452 conn->passkey_entered = 0;
3453 break;
3454
3455 case HCI_KEYPRESS_COMPLETED:
3456 return;
3457 }
3458
3459 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3460 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3461 conn->dst_type, conn->passkey_notify,
3462 conn->passkey_entered);
3463}
3464
6039aa73
GP		 3465static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3466 struct sk_buff *skb)
0493684e
MH		 3467{
3468 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3469 struct hci_conn *conn;
3470
3471 BT_DBG("%s", hdev->name);
3472
3473 hci_dev_lock(hdev);
3474
3475 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3476 if (!conn)
3477 goto unlock;
3478
3479 /* To avoid duplicate auth_failed events to user space we check
3480 * the HCI_CONN_AUTH_PEND flag which will be set if we
3481 * initiated the authentication. A traditional auth_complete
3482 * event gets always produced as initiator and is also mapped to
3483 * the mgmt_auth_failed event */
fa1bd918 3484 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3485 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3486 ev->status);
0493684e 3487
2a611692
JH		 3488 hci_conn_put(conn);
3489
3490unlock:
0493684e
MH		 3491 hci_dev_unlock(hdev);
3492}
3493
6039aa73
GP		 3494static void hci_remote_host_features_evt(struct hci_dev *hdev,
3495 struct sk_buff *skb)
41a96212
MH		 3496{
3497 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3498 struct inquiry_entry *ie;
3499
3500 BT_DBG("%s", hdev->name);
3501
3502 hci_dev_lock(hdev);
3503
cc11b9c1
AE		 3504 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3505 if (ie)
02b7cc62 3506 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3507
3508 hci_dev_unlock(hdev);
3509}
3510
6039aa73
GP		 3511static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3512 struct sk_buff *skb)
2763eda6
SJ		 3513{
3514 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3515 struct oob_data *data;
3516
3517 BT_DBG("%s", hdev->name);
3518
3519 hci_dev_lock(hdev);
3520
a8b2d5c2 3521 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3522 goto unlock;
3523
2763eda6
SJ		 3524 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3525 if (data) {
3526 struct hci_cp_remote_oob_data_reply cp;
3527
3528 bacpy(&cp.bdaddr, &ev->bdaddr);
3529 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3530 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3531
3532 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3533 &cp);
2763eda6
SJ		 3534 } else {
3535 struct hci_cp_remote_oob_data_neg_reply cp;
3536
3537 bacpy(&cp.bdaddr, &ev->bdaddr);
3538 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3539 &cp);
2763eda6
SJ		 3540 }
3541
e1ba1f15 3542unlock:
2763eda6
SJ		 3543 hci_dev_unlock(hdev);
3544}
3545
6039aa73 3546static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3547{
3548 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3549 struct hci_conn *conn;
3550
9f1db00c 3551 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3552
3553 hci_dev_lock(hdev);
3554
b47a09b3 3555 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3556 if (!conn) {
3557 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3558 if (!conn) {
3559 BT_ERR("No memory for new connection");
230fd16a 3560 goto unlock;
b62f328b 3561 }
29b7988a
AG		 3562
3563 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3564
3565 if (ev->role == LE_CONN_ROLE_MASTER) {
3566 conn->out = true;
3567 conn->link_mode |= HCI_LM_MASTER;
3568 }
b62f328b 3569 }
fcd89c09 3570
cd17decb
AG		 3571 if (ev->status) {
3572 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3573 conn->dst_type, ev->status);
3574 hci_proto_connect_cfm(conn, ev->status);
3575 conn->state = BT_CLOSED;
3576 hci_conn_del(conn);
3577 goto unlock;
3578 }
3579
b644ba33
JH		 3580 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3581 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3582 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3583
7b5c0d52 3584 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3585 conn->handle = __le16_to_cpu(ev->handle);
3586 conn->state = BT_CONNECTED;
3587
3588 hci_conn_hold_device(conn);
3589 hci_conn_add_sysfs(conn);
3590
3591 hci_proto_connect_cfm(conn, ev->status);
3592
3593unlock:
3594 hci_dev_unlock(hdev);
3595}
3596
6039aa73 3597static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3598{
e95beb41
AG		 3599 u8 num_reports = skb->data[0];
3600 void *ptr = &skb->data[1];
3c9e9195 3601 s8 rssi;
9aa04c91
AG		 3602
3603 hci_dev_lock(hdev);
3604
e95beb41
AG		 3605 while (num_reports--) {
3606 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3607
3c9e9195
AG		 3608 rssi = ev->data[ev->length];
3609 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3610 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3611
e95beb41 3612 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3613 }
3614
3615 hci_dev_unlock(hdev);
3616}
3617
6039aa73 3618static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3619{
3620 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3621 struct hci_cp_le_ltk_reply cp;
bea710fe 3622 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3623 struct hci_conn *conn;
c9839a11 3624 struct smp_ltk *ltk;
a7a595f6 3625
9f1db00c 3626 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3627
3628 hci_dev_lock(hdev);
3629
3630 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3631 if (conn == NULL)
3632 goto not_found;
a7a595f6 3633
bea710fe
VCG		 3634 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3635 if (ltk == NULL)
3636 goto not_found;
3637
3638 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3639 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3640
3641 if (ltk->authenticated)
3642 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3643
3644 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3645
c9839a11
VCG		 3646 if (ltk->type & HCI_SMP_STK) {
3647 list_del(&ltk->list);
3648 kfree(ltk);
3649 }
3650
a7a595f6 3651 hci_dev_unlock(hdev);
bea710fe
VCG		 3652
3653 return;
3654
3655not_found:
3656 neg.handle = ev->handle;
3657 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3658 hci_dev_unlock(hdev);
a7a595f6
VCG		 3659}
3660
6039aa73 3661static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3662{
3663 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3664
3665 skb_pull(skb, sizeof(*le_ev));
3666
3667 switch (le_ev->subevent) {
3668 case HCI_EV_LE_CONN_COMPLETE:
3669 hci_le_conn_complete_evt(hdev, skb);
3670 break;
3671
9aa04c91
AG		 3672 case HCI_EV_LE_ADVERTISING_REPORT:
3673 hci_le_adv_report_evt(hdev, skb);
3674 break;
3675
a7a595f6
VCG		 3676 case HCI_EV_LE_LTK_REQ:
3677 hci_le_ltk_request_evt(hdev, skb);
3678 break;
3679
fcd89c09
VT		 3680 default:
3681 break;
3682 }
3683}
3684
9495b2ee
AE		 3685static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3686{
3687 struct hci_ev_channel_selected *ev = (void *) skb->data;
3688 struct hci_conn *hcon;
3689
3690 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3691
3692 skb_pull(skb, sizeof(*ev));
3693
3694 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3695 if (!hcon)
3696 return;
3697
3698 amp_read_loc_assoc_final_data(hdev, hcon);
3699}
3700
a9de9248
MH		 3701void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3702{
3703 struct hci_event_hdr *hdr = (void *) skb->data;
3704 __u8 event = hdr->evt;
3705
3706 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3707
3708 switch (event) {
1da177e4
LT		 3709 case HCI_EV_INQUIRY_COMPLETE:
3710 hci_inquiry_complete_evt(hdev, skb);
3711 break;
3712
3713 case HCI_EV_INQUIRY_RESULT:
3714 hci_inquiry_result_evt(hdev, skb);
3715 break;
3716
a9de9248
MH		 3717 case HCI_EV_CONN_COMPLETE:
3718 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3719 break;
3720
1da177e4
LT		 3721 case HCI_EV_CONN_REQUEST:
3722 hci_conn_request_evt(hdev, skb);
3723 break;
3724
1da177e4
LT		 3725 case HCI_EV_DISCONN_COMPLETE:
3726 hci_disconn_complete_evt(hdev, skb);
3727 break;
3728
1da177e4
LT		 3729 case HCI_EV_AUTH_COMPLETE:
3730 hci_auth_complete_evt(hdev, skb);
3731 break;
3732
a9de9248
MH		 3733 case HCI_EV_REMOTE_NAME:
3734 hci_remote_name_evt(hdev, skb);
3735 break;
3736
1da177e4
LT		 3737 case HCI_EV_ENCRYPT_CHANGE:
3738 hci_encrypt_change_evt(hdev, skb);
3739 break;
3740
a9de9248
MH		 3741 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3742 hci_change_link_key_complete_evt(hdev, skb);
3743 break;
3744
3745 case HCI_EV_REMOTE_FEATURES:
3746 hci_remote_features_evt(hdev, skb);
3747 break;
3748
3749 case HCI_EV_REMOTE_VERSION:
3750 hci_remote_version_evt(hdev, skb);
3751 break;
3752
3753 case HCI_EV_QOS_SETUP_COMPLETE:
3754 hci_qos_setup_complete_evt(hdev, skb);
3755 break;
3756
3757 case HCI_EV_CMD_COMPLETE:
3758 hci_cmd_complete_evt(hdev, skb);
3759 break;
3760
3761 case HCI_EV_CMD_STATUS:
3762 hci_cmd_status_evt(hdev, skb);
3763 break;
3764
3765 case HCI_EV_ROLE_CHANGE:
3766 hci_role_change_evt(hdev, skb);
3767 break;
3768
3769 case HCI_EV_NUM_COMP_PKTS:
3770 hci_num_comp_pkts_evt(hdev, skb);
3771 break;
3772
3773 case HCI_EV_MODE_CHANGE:
3774 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3775 break;
3776
3777 case HCI_EV_PIN_CODE_REQ:
3778 hci_pin_code_request_evt(hdev, skb);
3779 break;
3780
3781 case HCI_EV_LINK_KEY_REQ:
3782 hci_link_key_request_evt(hdev, skb);
3783 break;
3784
3785 case HCI_EV_LINK_KEY_NOTIFY:
3786 hci_link_key_notify_evt(hdev, skb);
3787 break;
3788
3789 case HCI_EV_CLOCK_OFFSET:
3790 hci_clock_offset_evt(hdev, skb);
3791 break;
3792
a8746417
MH		 3793 case HCI_EV_PKT_TYPE_CHANGE:
3794 hci_pkt_type_change_evt(hdev, skb);
3795 break;
3796
85a1e930
MH		 3797 case HCI_EV_PSCAN_REP_MODE:
3798 hci_pscan_rep_mode_evt(hdev, skb);
3799 break;
3800
a9de9248
MH		 3801 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3802 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3803 break;
3804
a9de9248
MH		 3805 case HCI_EV_REMOTE_EXT_FEATURES:
3806 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3807 break;
3808
a9de9248
MH		 3809 case HCI_EV_SYNC_CONN_COMPLETE:
3810 hci_sync_conn_complete_evt(hdev, skb);
3811 break;
1da177e4 3812
a9de9248
MH		 3813 case HCI_EV_SYNC_CONN_CHANGED:
3814 hci_sync_conn_changed_evt(hdev, skb);
3815 break;
1da177e4 3816
a9de9248
MH		 3817 case HCI_EV_SNIFF_SUBRATE:
3818 hci_sniff_subrate_evt(hdev, skb);
3819 break;
1da177e4 3820
a9de9248
MH		 3821 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3822 hci_extended_inquiry_result_evt(hdev, skb);
3823 break;
1da177e4 3824
1c2e0041
JH		 3825 case HCI_EV_KEY_REFRESH_COMPLETE:
3826 hci_key_refresh_complete_evt(hdev, skb);
3827 break;
3828
0493684e
MH		 3829 case HCI_EV_IO_CAPA_REQUEST:
3830 hci_io_capa_request_evt(hdev, skb);
3831 break;
3832
03b555e1
JH		 3833 case HCI_EV_IO_CAPA_REPLY:
3834 hci_io_capa_reply_evt(hdev, skb);
3835 break;
3836
a5c29683
JH		 3837 case HCI_EV_USER_CONFIRM_REQUEST:
3838 hci_user_confirm_request_evt(hdev, skb);
3839 break;
3840
1143d458
BG		 3841 case HCI_EV_USER_PASSKEY_REQUEST:
3842 hci_user_passkey_request_evt(hdev, skb);
3843 break;
3844
92a25256
JH		 3845 case HCI_EV_USER_PASSKEY_NOTIFY:
3846 hci_user_passkey_notify_evt(hdev, skb);
3847 break;
3848
3849 case HCI_EV_KEYPRESS_NOTIFY:
3850 hci_keypress_notify_evt(hdev, skb);
3851 break;
3852
0493684e
MH		 3853 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3854 hci_simple_pair_complete_evt(hdev, skb);
3855 break;
3856
41a96212
MH		 3857 case HCI_EV_REMOTE_HOST_FEATURES:
3858 hci_remote_host_features_evt(hdev, skb);
3859 break;
3860
fcd89c09
VT		 3861 case HCI_EV_LE_META:
3862 hci_le_meta_evt(hdev, skb);
3863 break;
3864
9495b2ee
AE		 3865 case HCI_EV_CHANNEL_SELECTED:
3866 hci_chan_selected_evt(hdev, skb);
3867 break;
3868
2763eda6
SJ		 3869 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3870 hci_remote_oob_data_request_evt(hdev, skb);
3871 break;
3872
25e89e99
AE		 3873 case HCI_EV_NUM_COMP_BLOCKS:
3874 hci_num_comp_blocks_evt(hdev, skb);
3875 break;
3876
a9de9248 3877 default:
9f1db00c 3878 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3879 break;
3880 }
3881
3882 kfree_skb(skb);
3883 hdev->stat.evt_rx++;
3884}
kernel source for telekom puls (alcatel/mediatek)