projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add setting of the LE event mask
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
8c520a59 27#include <linux/export.h>
1da177e4
LT		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
f0d6a0ea 32#include <net/bluetooth/mgmt.h>
8e2a0d92 33#include <net/bluetooth/a2mp.h>
903e4541 34#include <net/bluetooth/amp.h>
1da177e4 35
1da177e4
LT		 36/* Handle HCI Event packets */
37
a9de9248 38static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 39{
a9de9248 40 __u8 status = *((__u8 *) skb->data);
1da177e4 41
9f1db00c 42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 43
e6d465cb
AG		 44 if (status) {
45 hci_dev_lock(hdev);
46 mgmt_stop_discovery_failed(hdev, status);
47 hci_dev_unlock(hdev);
a9de9248 48 return;
e6d465cb 49 }
1da177e4 50
89352e7d
AG		 51 clear_bit(HCI_INQUIRY, &hdev->flags);
52
56e5cb86 53 hci_dev_lock(hdev);
ff9ef578 54 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 55 hci_dev_unlock(hdev);
6bd57416 56
23bb5763 57 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 58
59 hci_conn_check_pending(hdev);
60}
6bd57416 61
4d93483b
AG		 62static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
63{
64 __u8 status = *((__u8 *) skb->data);
65
9f1db00c 66 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 67
68 if (status)
69 return;
70
71 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 72}
73
a9de9248
MH		 74static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
75{
76 __u8 status = *((__u8 *) skb->data);
6bd57416 77
9f1db00c 78 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 79
a9de9248
MH		 80 if (status)
81 return;
1da177e4 82
ae854a70
AG		 83 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
807deac2
GP		 88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
89 struct sk_buff *skb)
a9de9248
MH		 90{
91 BT_DBG("%s", hdev->name);
92}
93
94static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95{
96 struct hci_rp_role_discovery *rp = (void *) skb->data;
97 struct hci_conn *conn;
98
9f1db00c 99 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 100
101 if (rp->status)
102 return;
103
104 hci_dev_lock(hdev);
105
106 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
107 if (conn) {
108 if (rp->role)
109 conn->link_mode &= ~HCI_LM_MASTER;
110 else
111 conn->link_mode |= HCI_LM_MASTER;
1da177e4 112 }
a9de9248
MH		 113
114 hci_dev_unlock(hdev);
1da177e4
LT		 115}
116
e4e8e37c
MH		 117static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118{
119 struct hci_rp_read_link_policy *rp = (void *) skb->data;
120 struct hci_conn *conn;
121
9f1db00c 122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 123
124 if (rp->status)
125 return;
126
127 hci_dev_lock(hdev);
128
129 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 if (conn)
131 conn->link_policy = __le16_to_cpu(rp->policy);
132
133 hci_dev_unlock(hdev);
134}
135
a9de9248 136static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 137{
a9de9248 138 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 139 struct hci_conn *conn;
04837f64 140 void *sent;
1da177e4 141
9f1db00c 142 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 143
a9de9248
MH		 144 if (rp->status)
145 return;
1da177e4 146
a9de9248
MH		 147 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
148 if (!sent)
149 return;
1da177e4 150
a9de9248 151 hci_dev_lock(hdev);
1da177e4 152
a9de9248 153 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 154 if (conn)
83985319 155 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 156
a9de9248
MH		 157 hci_dev_unlock(hdev);
158}
1da177e4 159
807deac2
GP		 160static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
161 struct sk_buff *skb)
e4e8e37c
MH		 162{
163 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
164
9f1db00c 165 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 166
167 if (rp->status)
168 return;
169
170 hdev->link_policy = __le16_to_cpu(rp->policy);
171}
172
807deac2
GP		 173static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
174 struct sk_buff *skb)
e4e8e37c
MH		 175{
176 __u8 status = *((__u8 *) skb->data);
177 void *sent;
178
9f1db00c 179 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 180
181 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
182 if (!sent)
183 return;
184
185 if (!status)
186 hdev->link_policy = get_unaligned_le16(sent);
187
23bb5763 188 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 189}
190
a9de9248
MH		 191static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
192{
193 __u8 status = *((__u8 *) skb->data);
04837f64 194
9f1db00c 195 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 196
10572132
GP		 197 clear_bit(HCI_RESET, &hdev->flags);
198
23bb5763 199 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 200
a297e97c 201 /* Reset all non-persistent flags */
ae854a70
AG		 202 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
203 BIT(HCI_PERIODIC_INQ));
69775ff6
AG		 204
205 hdev->discovery.state = DISCOVERY_STOPPED;
a9de9248 206}
04837f64 207
a9de9248
MH		 208static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
209{
210 __u8 status = *((__u8 *) skb->data);
211 void *sent;
04837f64 212
9f1db00c 213 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 214
a9de9248
MH		 215 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
216 if (!sent)
217 return;
04837f64 218
56e5cb86
JH		 219 hci_dev_lock(hdev);
220
f51d5b24
JH		 221 if (test_bit(HCI_MGMT, &hdev->dev_flags))
222 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 223 else if (!status)
224 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 225
56e5cb86 226 hci_dev_unlock(hdev);
3159d384
JH		 227
228 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
a9de9248
MH		 229}
230
231static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
232{
233 struct hci_rp_read_local_name *rp = (void *) skb->data;
234
9f1db00c 235 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 236
237 if (rp->status)
238 return;
239
db99b5fc
JH		 240 if (test_bit(HCI_SETUP, &hdev->dev_flags))
241 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 242}
243
244static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
245{
246 __u8 status = *((__u8 *) skb->data);
247 void *sent;
248
9f1db00c 249 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 250
251 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
252 if (!sent)
253 return;
254
255 if (!status) {
256 __u8 param = *((__u8 *) sent);
257
258 if (param == AUTH_ENABLED)
259 set_bit(HCI_AUTH, &hdev->flags);
260 else
261 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 262 }
a9de9248 263
33ef95ed
JH		 264 if (test_bit(HCI_MGMT, &hdev->dev_flags))
265 mgmt_auth_enable_complete(hdev, status);
266
23bb5763 267 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 268}
269
a9de9248 270static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 271{
a9de9248 272 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 273 void *sent;
274
9f1db00c 275 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 276
a9de9248
MH		 277 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
278 if (!sent)
279 return;
1da177e4 280
a9de9248
MH		 281 if (!status) {
282 __u8 param = *((__u8 *) sent);
283
284 if (param)
285 set_bit(HCI_ENCRYPT, &hdev->flags);
286 else
287 clear_bit(HCI_ENCRYPT, &hdev->flags);
288 }
1da177e4 289
23bb5763 290 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 291}
1da177e4 292
a9de9248
MH		 293static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
294{
36f7fc7e
JH		 295 __u8 param, status = *((__u8 *) skb->data);
296 int old_pscan, old_iscan;
a9de9248 297 void *sent;
1da177e4 298
9f1db00c 299 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 300
a9de9248
MH		 301 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
302 if (!sent)
303 return;
1da177e4 304
36f7fc7e
JH		 305 param = *((__u8 *) sent);
306
56e5cb86
JH		 307 hci_dev_lock(hdev);
308
fa1bd918 309 if (status) {
744cf19e 310 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 311 hdev->discov_timeout = 0;
312 goto done;
313 }
314
36f7fc7e
JH		 315 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
316 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
317
318 if (param & SCAN_INQUIRY) {
319 set_bit(HCI_ISCAN, &hdev->flags);
320 if (!old_iscan)
744cf19e 321 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 322 if (hdev->discov_timeout > 0) {
323 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
324 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 325 to);
16ab91ab 326 }
36f7fc7e 327 } else if (old_iscan)
744cf19e 328 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 329
330 if (param & SCAN_PAGE) {
331 set_bit(HCI_PSCAN, &hdev->flags);
332 if (!old_pscan)
744cf19e 333 mgmt_connectable(hdev, 1);
36f7fc7e 334 } else if (old_pscan)
744cf19e 335 mgmt_connectable(hdev, 0);
1da177e4 336
36f7fc7e 337done:
56e5cb86 338 hci_dev_unlock(hdev);
23bb5763 339 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 340}
1da177e4 341
a9de9248
MH		 342static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
343{
344 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 345
9f1db00c 346 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 347
a9de9248
MH		 348 if (rp->status)
349 return;
1da177e4 350
a9de9248 351 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 352
a9de9248 353 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 354 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 355}
1da177e4 356
a9de9248
MH		 357static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
358{
359 __u8 status = *((__u8 *) skb->data);
360 void *sent;
1da177e4 361
9f1db00c 362 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 363
a9de9248
MH		 364 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
365 if (!sent)
366 return;
1da177e4 367
7f9a903c
MH		 368 hci_dev_lock(hdev);
369
370 if (status == 0)
371 memcpy(hdev->dev_class, sent, 3);
372
373 if (test_bit(HCI_MGMT, &hdev->dev_flags))
374 mgmt_set_class_of_dev_complete(hdev, sent, status);
375
376 hci_dev_unlock(hdev);
a9de9248 377}
1da177e4 378
a9de9248
MH		 379static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
380{
381 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
382 __u16 setting;
383
9f1db00c 384 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 385
386 if (rp->status)
387 return;
388
389 setting = __le16_to_cpu(rp->voice_setting);
390
f383f275 391 if (hdev->voice_setting == setting)
a9de9248
MH		 392 return;
393
394 hdev->voice_setting = setting;
395
9f1db00c 396 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 397
3c54711c 398 if (hdev->notify)
a9de9248 399 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 400}
401
8fc9ced3
GP		 402static void hci_cc_write_voice_setting(struct hci_dev *hdev,
403 struct sk_buff *skb)
a9de9248
MH		 404{
405 __u8 status = *((__u8 *) skb->data);
f383f275 406 __u16 setting;
a9de9248
MH		 407 void *sent;
408
9f1db00c 409 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 410
f383f275
MH		 411 if (status)
412 return;
413
a9de9248
MH		 414 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
415 if (!sent)
416 return;
1da177e4 417
f383f275 418 setting = get_unaligned_le16(sent);
1da177e4 419
f383f275
MH		 420 if (hdev->voice_setting == setting)
421 return;
422
423 hdev->voice_setting = setting;
1da177e4 424
9f1db00c 425 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 426
3c54711c 427 if (hdev->notify)
f383f275 428 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 429}
430
a9de9248 431static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 432{
a9de9248 433 __u8 status = *((__u8 *) skb->data);
1da177e4 434
9f1db00c 435 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 436
23bb5763 437 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 438}
1143e5a6 439
333140b5
MH		 440static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
441{
442 __u8 status = *((__u8 *) skb->data);
443 void *sent;
444
9f1db00c 445 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 446
333140b5
MH		 447 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 if (!sent)
449 return;
450
ed2c4ee3 451 if (test_bit(HCI_MGMT, &hdev->dev_flags))
c0ecddc2
JH		 452 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status);
453 else if (!status) {
454 if (*((u8 *) sent))
455 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
456 else
457 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
458 }
333140b5
MH		 459}
460
d5859e22
JH		 461static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
462{
463 if (hdev->features[6] & LMP_EXT_INQ)
464 return 2;
465
466 if (hdev->features[3] & LMP_RSSI_INQ)
467 return 1;
468
469 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
807deac2 470 hdev->lmp_subver == 0x0757)
d5859e22
JH		 471 return 1;
472
473 if (hdev->manufacturer == 15) {
474 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
475 return 1;
476 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
477 return 1;
478 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
479 return 1;
480 }
481
482 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
807deac2 483 hdev->lmp_subver == 0x1805)
d5859e22
JH		 484 return 1;
485
486 return 0;
487}
488
489static void hci_setup_inquiry_mode(struct hci_dev *hdev)
490{
491 u8 mode;
492
493 mode = hci_get_inquiry_mode(hdev);
494
495 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
496}
497
498static void hci_setup_event_mask(struct hci_dev *hdev)
499{
500 /* The second byte is 0xff instead of 0x9f (two reserved bits
501 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
502 * command otherwise */
503 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
504
6de6c18d
VT		 505 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
506 * any event mask for pre 1.2 devices */
5a13b095 507 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 508 return;
509
e1171e8d
JH		 510 if (lmp_bredr_capable(hdev)) {
511 events[4] |= 0x01; /* Flow Specification Complete */
512 events[4] |= 0x02; /* Inquiry Result with RSSI */
513 events[4] |= 0x04; /* Read Remote Extended Features Complete */
514 events[5] |= 0x08; /* Synchronous Connection Complete */
515 events[5] |= 0x10; /* Synchronous Connection Changed */
516 }
d5859e22
JH		 517
518 if (hdev->features[3] & LMP_RSSI_INQ)
a24299e6 519 events[4] |= 0x02; /* Inquiry Result with RSSI */
d5859e22 520
999dcd10 521 if (lmp_sniffsubr_capable(hdev))
d5859e22
JH		 522 events[5] |= 0x20; /* Sniff Subrating */
523
524 if (hdev->features[5] & LMP_PAUSE_ENC)
525 events[5] |= 0x80; /* Encryption Key Refresh Complete */
526
527 if (hdev->features[6] & LMP_EXT_INQ)
528 events[5] |= 0x40; /* Extended Inquiry Result */
529
c58e810e 530 if (lmp_no_flush_capable(hdev))
d5859e22
JH		 531 events[7] |= 0x01; /* Enhanced Flush Complete */
532
533 if (hdev->features[7] & LMP_LSTO)
534 events[6] |= 0x80; /* Link Supervision Timeout Changed */
535
9a1a1996 536 if (lmp_ssp_capable(hdev)) {
d5859e22
JH		 537 events[6] |= 0x01; /* IO Capability Request */
538 events[6] |= 0x02; /* IO Capability Response */
539 events[6] |= 0x04; /* User Confirmation Request */
540 events[6] |= 0x08; /* User Passkey Request */
541 events[6] |= 0x10; /* Remote OOB Data Request */
542 events[6] |= 0x20; /* Simple Pairing Complete */
543 events[7] |= 0x04; /* User Passkey Notification */
544 events[7] |= 0x08; /* Keypress Notification */
545 events[7] |= 0x10; /* Remote Host Supported
546 * Features Notification */
547 }
548
c383ddc4 549 if (lmp_le_capable(hdev))
d5859e22
JH		 550 events[7] |= 0x20; /* LE Meta-Event */
551
552 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
e36b04c8
JH		 553
554 if (lmp_le_capable(hdev)) {
555 memset(events, 0, sizeof(events));
556 events[0] = 0x1f;
557 hci_send_cmd(hdev, HCI_OP_LE_SET_EVENT_MASK,
558 sizeof(events), events);
559 }
d5859e22
JH		 560}
561
e1171e8d
JH		 562static void bredr_init(struct hci_dev *hdev)
563{
564 struct hci_cp_delete_stored_link_key cp;
565 __le16 param;
566 __u8 flt_type;
567
568 /* Read Buffer Size (ACL mtu, max pkt, etc.) */
569 hci_send_cmd(hdev, HCI_OP_READ_BUFFER_SIZE, 0, NULL);
570
571 /* Read Class of Device */
572 hci_send_cmd(hdev, HCI_OP_READ_CLASS_OF_DEV, 0, NULL);
573
574 /* Read Local Name */
575 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_NAME, 0, NULL);
576
577 /* Read Voice Setting */
578 hci_send_cmd(hdev, HCI_OP_READ_VOICE_SETTING, 0, NULL);
579
580 /* Clear Event Filters */
581 flt_type = HCI_FLT_CLEAR_ALL;
582 hci_send_cmd(hdev, HCI_OP_SET_EVENT_FLT, 1, &flt_type);
583
584 /* Connection accept timeout ~20 secs */
585 param = __constant_cpu_to_le16(0x7d00);
586 hci_send_cmd(hdev, HCI_OP_WRITE_CA_TIMEOUT, 2, &param);
587
588 bacpy(&cp.bdaddr, BDADDR_ANY);
589 cp.delete_all = 1;
590 hci_send_cmd(hdev, HCI_OP_DELETE_STORED_LINK_KEY, sizeof(cp), &cp);
591}
592
593static void le_init(struct hci_dev *hdev)
594{
595 /* Read LE Buffer Size */
596 hci_send_cmd(hdev, HCI_OP_LE_READ_BUFFER_SIZE, 0, NULL);
597}
598
d5859e22
JH		 599static void hci_setup(struct hci_dev *hdev)
600{
e61ef499
AE		 601 if (hdev->dev_type != HCI_BREDR)
602 return;
603
e1171e8d
JH		 604 /* Read BD Address */
605 hci_send_cmd(hdev, HCI_OP_READ_BD_ADDR, 0, NULL);
606
607 if (lmp_bredr_capable(hdev))
608 bredr_init(hdev);
609
610 if (lmp_le_capable(hdev))
611 le_init(hdev);
612
d5859e22
JH		 613 hci_setup_event_mask(hdev);
614
d095c1eb 615 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 616 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
617
6d3c730f 618 if (lmp_ssp_capable(hdev)) {
54d04dbb
JH		 619 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
620 u8 mode = 0x01;
621 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
04124681 622 sizeof(mode), &mode);
54d04dbb
JH		 623 } else {
624 struct hci_cp_write_eir cp;
625
626 memset(hdev->eir, 0, sizeof(hdev->eir));
627 memset(&cp, 0, sizeof(cp));
628
629 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
630 }
d5859e22
JH		 631 }
632
633 if (hdev->features[3] & LMP_RSSI_INQ)
634 hci_setup_inquiry_mode(hdev);
635
636 if (hdev->features[7] & LMP_INQ_TX_PWR)
637 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 638
639 if (hdev->features[7] & LMP_EXTFEATURES) {
640 struct hci_cp_read_local_ext_features cp;
641
642 cp.page = 0x01;
04124681
GP		 643 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
644 &cp);
971e3a4b 645 }
e6100a25 646
47990ea0
JH		 647 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
648 u8 enable = 1;
04124681
GP		 649 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
650 &enable);
47990ea0 651 }
d5859e22
JH		 652}
653
a9de9248
MH		 654static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
655{
656 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 657
9f1db00c 658 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 659
a9de9248 660 if (rp->status)
28b8df77 661 goto done;
1143e5a6 662
a9de9248 663 hdev->hci_ver = rp->hci_ver;
e4e8e37c 664 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 665 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 666 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 667 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 668
9f1db00c 669 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 670 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 671
672 if (test_bit(HCI_INIT, &hdev->flags))
673 hci_setup(hdev);
28b8df77
AE		 674
675done:
676 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
d5859e22
JH		 677}
678
679static void hci_setup_link_policy(struct hci_dev *hdev)
680{
035100c8 681 struct hci_cp_write_def_link_policy cp;
d5859e22
JH		 682 u16 link_policy = 0;
683
9f92ebf6 684 if (lmp_rswitch_capable(hdev))
d5859e22
JH		 685 link_policy |= HCI_LP_RSWITCH;
686 if (hdev->features[0] & LMP_HOLD)
687 link_policy |= HCI_LP_HOLD;
6eded100 688 if (lmp_sniff_capable(hdev))
d5859e22
JH		 689 link_policy |= HCI_LP_SNIFF;
690 if (hdev->features[1] & LMP_PARK)
691 link_policy |= HCI_LP_PARK;
692
035100c8
AE		 693 cp.policy = cpu_to_le16(link_policy);
694 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
a9de9248 695}
1da177e4 696
8fc9ced3
GP		 697static void hci_cc_read_local_commands(struct hci_dev *hdev,
698 struct sk_buff *skb)
a9de9248
MH		 699{
700 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 701
9f1db00c 702 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 703
a9de9248 704 if (rp->status)
d5859e22 705 goto done;
1da177e4 706
a9de9248 707 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 708
709 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
710 hci_setup_link_policy(hdev);
711
712done:
713 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 714}
1da177e4 715
8fc9ced3
GP		 716static void hci_cc_read_local_features(struct hci_dev *hdev,
717 struct sk_buff *skb)
a9de9248
MH		 718{
719 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 720
9f1db00c 721 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 722
a9de9248
MH		 723 if (rp->status)
724 return;
5b7f9909 725
a9de9248 726 memcpy(hdev->features, rp->features, 8);
5b7f9909 727
a9de9248
MH		 728 /* Adjust default settings according to features
729 * supported by device. */
1da177e4 730
a9de9248
MH		 731 if (hdev->features[0] & LMP_3SLOT)
732 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 733
a9de9248
MH		 734 if (hdev->features[0] & LMP_5SLOT)
735 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 736
a9de9248
MH		 737 if (hdev->features[1] & LMP_HV2) {
738 hdev->pkt_type |= (HCI_HV2);
739 hdev->esco_type |= (ESCO_HV2);
740 }
1da177e4 741
a9de9248
MH		 742 if (hdev->features[1] & LMP_HV3) {
743 hdev->pkt_type |= (HCI_HV3);
744 hdev->esco_type |= (ESCO_HV3);
745 }
1da177e4 746
45db810f 747 if (lmp_esco_capable(hdev))
a9de9248 748 hdev->esco_type |= (ESCO_EV3);
da1f5198 749
a9de9248
MH		 750 if (hdev->features[4] & LMP_EV4)
751 hdev->esco_type |= (ESCO_EV4);
da1f5198 752
a9de9248
MH		 753 if (hdev->features[4] & LMP_EV5)
754 hdev->esco_type |= (ESCO_EV5);
1da177e4 755
efc7688b
MH		 756 if (hdev->features[5] & LMP_EDR_ESCO_2M)
757 hdev->esco_type |= (ESCO_2EV3);
758
759 if (hdev->features[5] & LMP_EDR_ESCO_3M)
760 hdev->esco_type |= (ESCO_3EV3);
761
762 if (hdev->features[5] & LMP_EDR_3S_ESCO)
763 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
764
a9de9248 765 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
807deac2
GP		 766 hdev->features[0], hdev->features[1],
767 hdev->features[2], hdev->features[3],
768 hdev->features[4], hdev->features[5],
769 hdev->features[6], hdev->features[7]);
a9de9248 770}
1da177e4 771
8f984dfa
JH		 772static void hci_set_le_support(struct hci_dev *hdev)
773{
774 struct hci_cp_write_le_host_supported cp;
775
776 memset(&cp, 0, sizeof(cp));
777
9d42820f 778 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
8f984dfa
JH		 779 cp.le = 1;
780 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
781 }
782
783 if (cp.le != !!(hdev->host_features[0] & LMP_HOST_LE))
04124681
GP		 784 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
785 &cp);
8f984dfa
JH		 786}
787
971e3a4b 788static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 789 struct sk_buff *skb)
971e3a4b
AG		 790{
791 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
792
9f1db00c 793 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 794
795 if (rp->status)
8f984dfa 796 goto done;
971e3a4b 797
b5b32b65
AG		 798 switch (rp->page) {
799 case 0:
800 memcpy(hdev->features, rp->features, 8);
801 break;
802 case 1:
803 memcpy(hdev->host_features, rp->features, 8);
804 break;
805 }
971e3a4b 806
c383ddc4 807 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
8f984dfa
JH		 808 hci_set_le_support(hdev);
809
810done:
971e3a4b
AG		 811 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
812}
813
1e89cffb 814static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 815 struct sk_buff *skb)
1e89cffb
AE		 816{
817 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
818
9f1db00c 819 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb
AE		 820
821 if (rp->status)
822 return;
823
824 hdev->flow_ctl_mode = rp->mode;
825
826 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
827}
828
a9de9248
MH		 829static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
830{
831 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 832
9f1db00c 833 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 834
a9de9248
MH		 835 if (rp->status)
836 return;
1da177e4 837
a9de9248
MH		 838 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
839 hdev->sco_mtu = rp->sco_mtu;
840 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
841 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
842
843 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
844 hdev->sco_mtu = 64;
845 hdev->sco_pkts = 8;
1da177e4 846 }
a9de9248
MH		 847
848 hdev->acl_cnt = hdev->acl_pkts;
849 hdev->sco_cnt = hdev->sco_pkts;
850
807deac2
GP		 851 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
852 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 853}
854
855static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
856{
857 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
858
9f1db00c 859 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 860
861 if (!rp->status)
862 bacpy(&hdev->bdaddr, &rp->bdaddr);
863
23bb5763
JH		 864 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
865}
866
350ee4cf 867static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 868 struct sk_buff *skb)
350ee4cf
AE		 869{
870 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
871
9f1db00c 872 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 873
874 if (rp->status)
875 return;
876
877 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
878 hdev->block_len = __le16_to_cpu(rp->block_len);
879 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
880
881 hdev->block_cnt = hdev->num_blocks;
882
883 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 884 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 885
886 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
887}
888
23bb5763
JH		 889static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
890{
891 __u8 status = *((__u8 *) skb->data);
892
9f1db00c 893 BT_DBG("%s status 0x%2.2x", hdev->name, status);
23bb5763
JH		 894
895 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 896}
897
928abaa7 898static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 899 struct sk_buff *skb)
928abaa7
AE		 900{
901 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
902
9f1db00c 903 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 904
905 if (rp->status)
8e2a0d92 906 goto a2mp_rsp;
928abaa7
AE		 907
908 hdev->amp_status = rp->amp_status;
909 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
910 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
911 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
912 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
913 hdev->amp_type = rp->amp_type;
914 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
915 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
916 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
917 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
918
919 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
8e2a0d92
AE		 920
921a2mp_rsp:
922 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 923}
924
903e4541
AE		 925static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
926 struct sk_buff *skb)
927{
928 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
929 struct amp_assoc *assoc = &hdev->loc_assoc;
930 size_t rem_len, frag_len;
931
932 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
933
934 if (rp->status)
935 goto a2mp_rsp;
936
937 frag_len = skb->len - sizeof(*rp);
938 rem_len = __le16_to_cpu(rp->rem_len);
939
940 if (rem_len > frag_len) {
2e430be3 941 BT_DBG("frag_len %zu rem_len %zu", frag_len, rem_len);
903e4541
AE		 942
943 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
944 assoc->offset += frag_len;
945
946 /* Read other fragments */
947 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
948
949 return;
950 }
951
952 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
953 assoc->len = assoc->offset + rem_len;
954 assoc->offset = 0;
955
956a2mp_rsp:
957 /* Send A2MP Rsp when all fragments are received */
958 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 959 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 960}
961
b0916ea0 962static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
807deac2 963 struct sk_buff *skb)
b0916ea0
JH		 964{
965 __u8 status = *((__u8 *) skb->data);
966
9f1db00c 967 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b0916ea0
JH		 968
969 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
970}
971
d5859e22
JH		 972static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
973{
974 __u8 status = *((__u8 *) skb->data);
975
9f1db00c 976 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 977
978 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
979}
980
981static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
807deac2 982 struct sk_buff *skb)
d5859e22
JH		 983{
984 __u8 status = *((__u8 *) skb->data);
985
9f1db00c 986 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 987
988 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
989}
990
991static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 992 struct sk_buff *skb)
d5859e22 993{
91c4e9b1 994 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 995
9f1db00c 996 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 997
998 if (!rp->status)
999 hdev->inq_tx_power = rp->tx_power;
d5859e22 1000
91c4e9b1 1001 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
d5859e22
JH		 1002}
1003
1004static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
1005{
1006 __u8 status = *((__u8 *) skb->data);
1007
9f1db00c 1008 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 1009
1010 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
1011}
1012
980e1a53
JH		 1013static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
1014{
1015 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
1016 struct hci_cp_pin_code_reply *cp;
1017 struct hci_conn *conn;
1018
9f1db00c 1019 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 1020
56e5cb86
JH		 1021 hci_dev_lock(hdev);
1022
a8b2d5c2 1023 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 1024 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 1025
fa1bd918 1026 if (rp->status)
56e5cb86 1027 goto unlock;
980e1a53
JH		 1028
1029 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
1030 if (!cp)
56e5cb86 1031 goto unlock;
980e1a53
JH		 1032
1033 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1034 if (conn)
1035 conn->pin_length = cp->pin_len;
56e5cb86
JH		 1036
1037unlock:
1038 hci_dev_unlock(hdev);
980e1a53
JH		 1039}
1040
1041static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1042{
1043 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
1044
9f1db00c 1045 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 1046
56e5cb86
JH		 1047 hci_dev_lock(hdev);
1048
a8b2d5c2 1049 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 1050 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 1051 rp->status);
56e5cb86
JH		 1052
1053 hci_dev_unlock(hdev);
980e1a53 1054}
56e5cb86 1055
6ed58ec5
VT		 1056static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1057 struct sk_buff *skb)
1058{
1059 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1060
9f1db00c 1061 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 1062
1063 if (rp->status)
1064 return;
1065
1066 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1067 hdev->le_pkts = rp->le_max_pkt;
1068
1069 hdev->le_cnt = hdev->le_pkts;
1070
1071 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1072
1073 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1074}
980e1a53 1075
e36b04c8
JH		 1076static void hci_cc_le_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
1077{
1078 __u8 status = *((__u8 *) skb->data);
1079
1080 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1081
1082 hci_req_complete(hdev, HCI_OP_LE_SET_EVENT_MASK, status);
1083}
1084
a5c29683
JH		 1085static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1086{
1087 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1088
9f1db00c 1089 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1090
56e5cb86
JH		 1091 hci_dev_lock(hdev);
1092
a8b2d5c2 1093 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 1094 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1095 rp->status);
56e5cb86
JH		 1096
1097 hci_dev_unlock(hdev);
a5c29683
JH		 1098}
1099
1100static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 1101 struct sk_buff *skb)
a5c29683
JH		 1102{
1103 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1104
9f1db00c 1105 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1106
56e5cb86
JH		 1107 hci_dev_lock(hdev);
1108
a8b2d5c2 1109 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 1110 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1111 ACL_LINK, 0, rp->status);
56e5cb86
JH		 1112
1113 hci_dev_unlock(hdev);
a5c29683
JH		 1114}
1115
1143d458
BG		 1116static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1117{
1118 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1119
9f1db00c 1120 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1121
1122 hci_dev_lock(hdev);
1123
a8b2d5c2 1124 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 1125 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 1126 0, rp->status);
1143d458
BG		 1127
1128 hci_dev_unlock(hdev);
1129}
1130
1131static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 1132 struct sk_buff *skb)
1143d458
BG		 1133{
1134 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1135
9f1db00c 1136 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1137
1138 hci_dev_lock(hdev);
1139
a8b2d5c2 1140 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1141 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1142 ACL_LINK, 0, rp->status);
1143d458
BG		 1143
1144 hci_dev_unlock(hdev);
1145}
1146
c35938b2 1147static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 1148 struct sk_buff *skb)
c35938b2
SJ		 1149{
1150 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1151
9f1db00c 1152 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 1153
56e5cb86 1154 hci_dev_lock(hdev);
744cf19e 1155 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1156 rp->randomizer, rp->status);
56e5cb86 1157 hci_dev_unlock(hdev);
c35938b2
SJ		 1158}
1159
07f7fa5d
AG		 1160static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1161{
1162 __u8 status = *((__u8 *) skb->data);
1163
9f1db00c 1164 BT_DBG("%s status 0x%2.2x", hdev->name, status);
7ba8b4be
AG		 1165
1166 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1167
1168 if (status) {
1169 hci_dev_lock(hdev);
1170 mgmt_start_discovery_failed(hdev, status);
1171 hci_dev_unlock(hdev);
1172 return;
1173 }
07f7fa5d
AG		 1174}
1175
eb9d91f5 1176static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 1177 struct sk_buff *skb)
eb9d91f5
AG		 1178{
1179 struct hci_cp_le_set_scan_enable *cp;
1180 __u8 status = *((__u8 *) skb->data);
1181
9f1db00c 1182 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 1183
eb9d91f5
AG		 1184 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1185 if (!cp)
1186 return;
1187
68a8aea4
AE		 1188 switch (cp->enable) {
1189 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1190 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1191
3fd24153
AG		 1192 if (status) {
1193 hci_dev_lock(hdev);
1194 mgmt_start_discovery_failed(hdev, status);
1195 hci_dev_unlock(hdev);
7ba8b4be 1196 return;
3fd24153 1197 }
7ba8b4be 1198
d23264a8
AG		 1199 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1200
a8f13c8c 1201 hci_dev_lock(hdev);
343f935b 1202 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 1203 hci_dev_unlock(hdev);
68a8aea4
AE		 1204 break;
1205
1206 case LE_SCANNING_DISABLED:
c9ecc48e
AG		 1207 if (status) {
1208 hci_dev_lock(hdev);
1209 mgmt_stop_discovery_failed(hdev, status);
1210 hci_dev_unlock(hdev);
7ba8b4be 1211 return;
c9ecc48e 1212 }
7ba8b4be 1213
d23264a8
AG		 1214 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1215
bc3dd33c
AG		 1216 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1217 hdev->discovery.state == DISCOVERY_FINDING) {
5e0452c0
AG		 1218 mgmt_interleaved_discovery(hdev);
1219 } else {
1220 hci_dev_lock(hdev);
1221 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1222 hci_dev_unlock(hdev);
1223 }
1224
68a8aea4
AE		 1225 break;
1226
1227 default:
1228 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1229 break;
35815085 1230 }
eb9d91f5
AG		 1231}
1232
a7a595f6
VCG		 1233static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1234{
1235 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1236
9f1db00c 1237 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1238
1239 if (rp->status)
1240 return;
1241
1242 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1243}
1244
1245static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1246{
1247 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1248
9f1db00c 1249 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1250
1251 if (rp->status)
1252 return;
1253
1254 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1255}
1256
6039aa73
GP		 1257static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1258 struct sk_buff *skb)
f9b49306 1259{
06199cf8 1260 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 1261 __u8 status = *((__u8 *) skb->data);
1262
9f1db00c 1263 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1264
06199cf8 1265 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1266 if (!sent)
f9b49306
AG		 1267 return;
1268
8f984dfa
JH		 1269 if (!status) {
1270 if (sent->le)
1271 hdev->host_features[0] |= LMP_HOST_LE;
1272 else
1273 hdev->host_features[0] &= ~LMP_HOST_LE;
1274 }
1275
1276 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
807deac2 1277 !test_bit(HCI_INIT, &hdev->flags))
8f984dfa
JH		 1278 mgmt_le_enable_complete(hdev, sent->le, status);
1279
1280 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
f9b49306
AG		 1281}
1282
93c284ee
AE		 1283static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1284 struct sk_buff *skb)
1285{
1286 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1287
1288 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1289 hdev->name, rp->status, rp->phy_handle);
1290
1291 if (rp->status)
1292 return;
1293
1294 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1295}
1296
6039aa73 1297static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1298{
9f1db00c 1299 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1300
1301 if (status) {
23bb5763 1302 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1303 hci_conn_check_pending(hdev);
56e5cb86 1304 hci_dev_lock(hdev);
a8b2d5c2 1305 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1306 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1307 hci_dev_unlock(hdev);
314b2381
JH		 1308 return;
1309 }
1310
89352e7d
AG		 1311 set_bit(HCI_INQUIRY, &hdev->flags);
1312
56e5cb86 1313 hci_dev_lock(hdev);
343f935b 1314 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1315 hci_dev_unlock(hdev);
1da177e4
LT		 1316}
1317
6039aa73 1318static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1319{
a9de9248 1320 struct hci_cp_create_conn *cp;
1da177e4 1321 struct hci_conn *conn;
1da177e4 1322
9f1db00c 1323 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1324
1325 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1326 if (!cp)
1327 return;
1328
1329 hci_dev_lock(hdev);
1330
1331 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1332
6ed93dc6 1333 BT_DBG("%s bdaddr %pMR hcon %p", hdev->name, &cp->bdaddr, conn);
1da177e4
LT		 1334
1335 if (status) {
1336 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1337 if (status != 0x0c || conn->attempt > 2) {
1338 conn->state = BT_CLOSED;
1339 hci_proto_connect_cfm(conn, status);
1340 hci_conn_del(conn);
1341 } else
1342 conn->state = BT_CONNECT2;
1da177e4
LT		 1343 }
1344 } else {
1345 if (!conn) {
1346 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1347 if (conn) {
a0c808b3 1348 conn->out = true;
1da177e4
LT		 1349 conn->link_mode |= HCI_LM_MASTER;
1350 } else
893ef971 1351 BT_ERR("No memory for new connection");
1da177e4
LT		 1352 }
1353 }
1354
1355 hci_dev_unlock(hdev);
1356}
1357
a9de9248 1358static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1359{
a9de9248
MH		 1360 struct hci_cp_add_sco *cp;
1361 struct hci_conn *acl, *sco;
1362 __u16 handle;
1da177e4 1363
9f1db00c 1364 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1365
a9de9248
MH		 1366 if (!status)
1367 return;
1da177e4 1368
a9de9248
MH		 1369 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1370 if (!cp)
1371 return;
1da177e4 1372
a9de9248 1373 handle = __le16_to_cpu(cp->handle);
1da177e4 1374
9f1db00c 1375 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1376
a9de9248 1377 hci_dev_lock(hdev);
1da177e4 1378
a9de9248 1379 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1380 if (acl) {
1381 sco = acl->link;
1382 if (sco) {
1383 sco->state = BT_CLOSED;
1da177e4 1384
5a08ecce
AE		 1385 hci_proto_connect_cfm(sco, status);
1386 hci_conn_del(sco);
1387 }
a9de9248 1388 }
1da177e4 1389
a9de9248
MH		 1390 hci_dev_unlock(hdev);
1391}
1da177e4 1392
f8558555
MH		 1393static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1394{
1395 struct hci_cp_auth_requested *cp;
1396 struct hci_conn *conn;
1397
9f1db00c 1398 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1399
1400 if (!status)
1401 return;
1402
1403 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1404 if (!cp)
1405 return;
1406
1407 hci_dev_lock(hdev);
1408
1409 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1410 if (conn) {
1411 if (conn->state == BT_CONFIG) {
1412 hci_proto_connect_cfm(conn, status);
1413 hci_conn_put(conn);
1414 }
1415 }
1416
1417 hci_dev_unlock(hdev);
1418}
1419
1420static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1421{
1422 struct hci_cp_set_conn_encrypt *cp;
1423 struct hci_conn *conn;
1424
9f1db00c 1425 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1426
1427 if (!status)
1428 return;
1429
1430 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1431 if (!cp)
1432 return;
1433
1434 hci_dev_lock(hdev);
1435
1436 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1437 if (conn) {
1438 if (conn->state == BT_CONFIG) {
1439 hci_proto_connect_cfm(conn, status);
1440 hci_conn_put(conn);
1441 }
1442 }
1443
1444 hci_dev_unlock(hdev);
1445}
1446
127178d2 1447static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1448 struct hci_conn *conn)
392599b9 1449{
392599b9
JH		 1450 if (conn->state != BT_CONFIG || !conn->out)
1451 return 0;
1452
765c2a96 1453 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1454 return 0;
1455
1456 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1457 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1458 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1459 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1460 return 0;
1461
392599b9
JH		 1462 return 1;
1463}
1464
6039aa73 1465static int hci_resolve_name(struct hci_dev *hdev,
04124681 1466 struct inquiry_entry *e)
30dc78e1
JH		 1467{
1468 struct hci_cp_remote_name_req cp;
1469
1470 memset(&cp, 0, sizeof(cp));
1471
1472 bacpy(&cp.bdaddr, &e->data.bdaddr);
1473 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1474 cp.pscan_mode = e->data.pscan_mode;
1475 cp.clock_offset = e->data.clock_offset;
1476
1477 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1478}
1479
b644ba33 1480static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1481{
1482 struct discovery_state *discov = &hdev->discovery;
1483 struct inquiry_entry *e;
1484
b644ba33
JH		 1485 if (list_empty(&discov->resolve))
1486 return false;
1487
1488 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1489 if (!e)
1490 return false;
1491
b644ba33
JH		 1492 if (hci_resolve_name(hdev, e) == 0) {
1493 e->name_state = NAME_PENDING;
1494 return true;
1495 }
1496
1497 return false;
1498}
1499
1500static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1501 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1502{
1503 struct discovery_state *discov = &hdev->discovery;
1504 struct inquiry_entry *e;
1505
1506 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1507 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1508 name_len, conn->dev_class);
b644ba33
JH		 1509
1510 if (discov->state == DISCOVERY_STOPPED)
1511 return;
1512
30dc78e1
JH		 1513 if (discov->state == DISCOVERY_STOPPING)
1514 goto discov_complete;
1515
1516 if (discov->state != DISCOVERY_RESOLVING)
1517 return;
1518
1519 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1520 /* If the device was not found in a list of found devices names of which
1521 * are pending. there is no need to continue resolving a next name as it
1522 * will be done upon receiving another Remote Name Request Complete
1523 * Event */
1524 if (!e)
1525 return;
1526
1527 list_del(&e->list);
1528 if (name) {
30dc78e1 1529 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1530 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1531 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1532 } else {
1533 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1534 }
1535
b644ba33 1536 if (hci_resolve_next_name(hdev))
30dc78e1 1537 return;
30dc78e1
JH		 1538
1539discov_complete:
1540 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1541}
1542
a9de9248
MH		 1543static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1544{
127178d2
JH		 1545 struct hci_cp_remote_name_req *cp;
1546 struct hci_conn *conn;
1547
9f1db00c 1548 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1549
1550 /* If successful wait for the name req complete event before
1551 * checking for the need to do authentication */
1552 if (!status)
1553 return;
1554
1555 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1556 if (!cp)
1557 return;
1558
1559 hci_dev_lock(hdev);
1560
b644ba33
JH		 1561 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1562
a8b2d5c2 1563 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1564 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1565
79c6c70c
JH		 1566 if (!conn)
1567 goto unlock;
1568
1569 if (!hci_outgoing_auth_needed(hdev, conn))
1570 goto unlock;
1571
51a8efd7 1572 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1573 struct hci_cp_auth_requested cp;
1574 cp.handle = __cpu_to_le16(conn->handle);
1575 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1576 }
1577
79c6c70c 1578unlock:
127178d2 1579 hci_dev_unlock(hdev);
a9de9248 1580}
1da177e4 1581
769be974
MH		 1582static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1583{
1584 struct hci_cp_read_remote_features *cp;
1585 struct hci_conn *conn;
1586
9f1db00c 1587 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1588
1589 if (!status)
1590 return;
1591
1592 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1593 if (!cp)
1594 return;
1595
1596 hci_dev_lock(hdev);
1597
1598 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1599 if (conn) {
1600 if (conn->state == BT_CONFIG) {
769be974
MH		 1601 hci_proto_connect_cfm(conn, status);
1602 hci_conn_put(conn);
1603 }
1604 }
1605
1606 hci_dev_unlock(hdev);
1607}
1608
1609static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1610{
1611 struct hci_cp_read_remote_ext_features *cp;
1612 struct hci_conn *conn;
1613
9f1db00c 1614 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1615
1616 if (!status)
1617 return;
1618
1619 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1620 if (!cp)
1621 return;
1622
1623 hci_dev_lock(hdev);
1624
1625 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1626 if (conn) {
1627 if (conn->state == BT_CONFIG) {
769be974
MH		 1628 hci_proto_connect_cfm(conn, status);
1629 hci_conn_put(conn);
1630 }
1631 }
1632
1633 hci_dev_unlock(hdev);
1634}
1635
a9de9248
MH		 1636static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1637{
b6a0dc82
MH		 1638 struct hci_cp_setup_sync_conn *cp;
1639 struct hci_conn *acl, *sco;
1640 __u16 handle;
1641
9f1db00c 1642 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1643
1644 if (!status)
1645 return;
1646
1647 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1648 if (!cp)
1649 return;
1650
1651 handle = __le16_to_cpu(cp->handle);
1652
9f1db00c 1653 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1654
1655 hci_dev_lock(hdev);
1656
1657 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1658 if (acl) {
1659 sco = acl->link;
1660 if (sco) {
1661 sco->state = BT_CLOSED;
b6a0dc82 1662
5a08ecce
AE		 1663 hci_proto_connect_cfm(sco, status);
1664 hci_conn_del(sco);
1665 }
b6a0dc82
MH		 1666 }
1667
1668 hci_dev_unlock(hdev);
1da177e4
LT		 1669}
1670
a9de9248 1671static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1672{
a9de9248
MH		 1673 struct hci_cp_sniff_mode *cp;
1674 struct hci_conn *conn;
1da177e4 1675
9f1db00c 1676 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1677
a9de9248
MH		 1678 if (!status)
1679 return;
04837f64 1680
a9de9248
MH		 1681 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1682 if (!cp)
1683 return;
04837f64 1684
a9de9248 1685 hci_dev_lock(hdev);
04837f64 1686
a9de9248 1687 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1688 if (conn) {
51a8efd7 1689 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1690
51a8efd7 1691 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1692 hci_sco_setup(conn, status);
1693 }
1694
a9de9248
MH		 1695 hci_dev_unlock(hdev);
1696}
04837f64 1697
a9de9248
MH		 1698static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1699{
1700 struct hci_cp_exit_sniff_mode *cp;
1701 struct hci_conn *conn;
04837f64 1702
9f1db00c 1703 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1704
a9de9248
MH		 1705 if (!status)
1706 return;
04837f64 1707
a9de9248
MH		 1708 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1709 if (!cp)
1710 return;
04837f64 1711
a9de9248 1712 hci_dev_lock(hdev);
1da177e4 1713
a9de9248 1714 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1715 if (conn) {
51a8efd7 1716 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1717
51a8efd7 1718 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1719 hci_sco_setup(conn, status);
1720 }
1721
a9de9248 1722 hci_dev_unlock(hdev);
1da177e4
LT		 1723}
1724
88c3df13
JH		 1725static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1726{
1727 struct hci_cp_disconnect *cp;
1728 struct hci_conn *conn;
1729
1730 if (!status)
1731 return;
1732
1733 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1734 if (!cp)
1735 return;
1736
1737 hci_dev_lock(hdev);
1738
1739 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1740 if (conn)
1741 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1742 conn->dst_type, status);
88c3df13
JH		 1743
1744 hci_dev_unlock(hdev);
1745}
1746
fcd89c09
VT		 1747static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1748{
fcd89c09
VT		 1749 struct hci_conn *conn;
1750
9f1db00c 1751 BT_DBG("%s status 0x%2.2x", hdev->name, status);
fcd89c09 1752
f00a06ac
AG		 1753 if (status) {
1754 hci_dev_lock(hdev);
fcd89c09 1755
0c95ab78 1756 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
f00a06ac
AG		 1757 if (!conn) {
1758 hci_dev_unlock(hdev);
1759 return;
1760 }
fcd89c09 1761
6ed93dc6 1762 BT_DBG("%s bdaddr %pMR conn %p", hdev->name, &conn->dst, conn);
fcd89c09 1763
f00a06ac 1764 conn->state = BT_CLOSED;
0c95ab78 1765 mgmt_connect_failed(hdev, &conn->dst, conn->type,
f00a06ac
AG		 1766 conn->dst_type, status);
1767 hci_proto_connect_cfm(conn, status);
1768 hci_conn_del(conn);
fcd89c09 1769
f00a06ac
AG		 1770 hci_dev_unlock(hdev);
1771 }
fcd89c09
VT		 1772}
1773
a7a595f6
VCG		 1774static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1775{
9f1db00c 1776 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a7a595f6
VCG		 1777}
1778
a02226d6
AE		 1779static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1780{
93c284ee
AE		 1781 struct hci_cp_create_phy_link *cp;
1782
a02226d6 1783 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee
AE		 1784
1785 if (status)
1786 return;
1787
1788 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1789 if (!cp)
1790 return;
1791
1792 amp_write_remote_assoc(hdev, cp->phy_handle);
a02226d6
AE		 1793}
1794
0b26ab9d
AE		 1795static void hci_cs_accept_phylink(struct hci_dev *hdev, u8 status)
1796{
1797 struct hci_cp_accept_phy_link *cp;
1798
1799 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1800
1801 if (status)
1802 return;
1803
1804 cp = hci_sent_cmd_data(hdev, HCI_OP_ACCEPT_PHY_LINK);
1805 if (!cp)
1806 return;
1807
1808 amp_write_remote_assoc(hdev, cp->phy_handle);
1809}
1810
6039aa73 1811static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1812{
1813 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1814 struct discovery_state *discov = &hdev->discovery;
1815 struct inquiry_entry *e;
1da177e4 1816
9f1db00c 1817 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1818
23bb5763 1819 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1820
a9de9248 1821 hci_conn_check_pending(hdev);
89352e7d
AG		 1822
1823 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1824 return;
1825
a8b2d5c2 1826 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1827 return;
1828
56e5cb86 1829 hci_dev_lock(hdev);
30dc78e1 1830
343f935b 1831 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1832 goto unlock;
1833
1834 if (list_empty(&discov->resolve)) {
1835 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1836 goto unlock;
1837 }
1838
1839 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1840 if (e && hci_resolve_name(hdev, e) == 0) {
1841 e->name_state = NAME_PENDING;
1842 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1843 } else {
1844 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1845 }
1846
1847unlock:
56e5cb86 1848 hci_dev_unlock(hdev);
1da177e4
LT		 1849}
1850
6039aa73 1851static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1852{
45bb4bf0 1853 struct inquiry_data data;
a9de9248 1854 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1855 int num_rsp = *((__u8 *) skb->data);
1856
1857 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1858
45bb4bf0
MH		 1859 if (!num_rsp)
1860 return;
1861
1519cc17
AG		 1862 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1863 return;
1864
1da177e4 1865 hci_dev_lock(hdev);
45bb4bf0 1866
e17acd40 1867 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1868 bool name_known, ssp;
3175405b 1869
1da177e4
LT		 1870 bacpy(&data.bdaddr, &info->bdaddr);
1871 data.pscan_rep_mode = info->pscan_rep_mode;
1872 data.pscan_period_mode = info->pscan_period_mode;
1873 data.pscan_mode = info->pscan_mode;
1874 memcpy(data.dev_class, info->dev_class, 3);
1875 data.clock_offset = info->clock_offset;
1876 data.rssi = 0x00;
41a96212 1877 data.ssp_mode = 0x00;
3175405b 1878
388fc8fa 1879 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1880 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1881 info->dev_class, 0, !name_known, ssp, NULL,
1882 0);
1da177e4 1883 }
45bb4bf0 1884
1da177e4
LT		 1885 hci_dev_unlock(hdev);
1886}
1887
6039aa73 1888static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1889{
a9de9248
MH		 1890 struct hci_ev_conn_complete *ev = (void *) skb->data;
1891 struct hci_conn *conn;
1da177e4
LT		 1892
1893 BT_DBG("%s", hdev->name);
1894
1895 hci_dev_lock(hdev);
1896
1897 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1898 if (!conn) {
1899 if (ev->link_type != SCO_LINK)
1900 goto unlock;
1901
1902 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1903 if (!conn)
1904 goto unlock;
1905
1906 conn->type = SCO_LINK;
1907 }
1da177e4
LT		 1908
1909 if (!ev->status) {
1910 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1911
1912 if (conn->type == ACL_LINK) {
1913 conn->state = BT_CONFIG;
1914 hci_conn_hold(conn);
a9ea3ed9
SJ		 1915
1916 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1917 !hci_find_link_key(hdev, &ev->bdaddr))
1918 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1919 else
1920 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1921 } else
1922 conn->state = BT_CONNECTED;
1da177e4 1923
9eba32b8 1924 hci_conn_hold_device(conn);
7d0db0a3
MH		 1925 hci_conn_add_sysfs(conn);
1926
1da177e4
LT		 1927 if (test_bit(HCI_AUTH, &hdev->flags))
1928 conn->link_mode |= HCI_LM_AUTH;
1929
1930 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1931 conn->link_mode |= HCI_LM_ENCRYPT;
1932
04837f64
MH		 1933 /* Get remote features */
1934 if (conn->type == ACL_LINK) {
1935 struct hci_cp_read_remote_features cp;
1936 cp.handle = ev->handle;
769be974 1937 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1938 sizeof(cp), &cp);
04837f64
MH		 1939 }
1940
1da177e4 1941 /* Set packet type for incoming connection */
d095c1eb 1942 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1943 struct hci_cp_change_conn_ptype cp;
1944 cp.handle = ev->handle;
a8746417 1945 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1946 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1947 &cp);
1da177e4 1948 }
17d5c04c 1949 } else {
1da177e4 1950 conn->state = BT_CLOSED;
17d5c04c 1951 if (conn->type == ACL_LINK)
744cf19e 1952 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1953 conn->dst_type, ev->status);
17d5c04c 1954 }
1da177e4 1955
e73439d8
MH		 1956 if (conn->type == ACL_LINK)
1957 hci_sco_setup(conn, ev->status);
1da177e4 1958
769be974
MH		 1959 if (ev->status) {
1960 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1961 hci_conn_del(conn);
c89b6e6b
MH		 1962 } else if (ev->link_type != ACL_LINK)
1963 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1964
a9de9248 1965unlock:
1da177e4 1966 hci_dev_unlock(hdev);
1da177e4 1967
a9de9248 1968 hci_conn_check_pending(hdev);
1da177e4
LT		 1969}
1970
6039aa73 1971static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1972{
a9de9248
MH		 1973 struct hci_ev_conn_request *ev = (void *) skb->data;
1974 int mask = hdev->link_mode;
1da177e4 1975
6ed93dc6 1976 BT_DBG("%s bdaddr %pMR type 0x%x", hdev->name, &ev->bdaddr,
807deac2 1977 ev->link_type);
1da177e4 1978
a9de9248 1979 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1980
138d22ef 1981 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1982 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1983 /* Connection accepted */
c7bdd502 1984 struct inquiry_entry *ie;
1da177e4 1985 struct hci_conn *conn;
1da177e4 1986
a9de9248 1987 hci_dev_lock(hdev);
b6a0dc82 1988
cc11b9c1
AE		 1989 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1990 if (ie)
c7bdd502
MH		 1991 memcpy(ie->data.dev_class, ev->dev_class, 3);
1992
8fc9ced3
GP		 1993 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1994 &ev->bdaddr);
a9de9248 1995 if (!conn) {
cc11b9c1
AE		 1996 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1997 if (!conn) {
893ef971 1998 BT_ERR("No memory for new connection");
a9de9248
MH		 1999 hci_dev_unlock(hdev);
2000 return;
1da177e4
LT		 2001 }
2002 }
b6a0dc82 2003
a9de9248
MH		 2004 memcpy(conn->dev_class, ev->dev_class, 3);
2005 conn->state = BT_CONNECT;
b6a0dc82 2006
a9de9248 2007 hci_dev_unlock(hdev);
1da177e4 2008
b6a0dc82
MH		 2009 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
2010 struct hci_cp_accept_conn_req cp;
1da177e4 2011
b6a0dc82
MH		 2012 bacpy(&cp.bdaddr, &ev->bdaddr);
2013
2014 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
2015 cp.role = 0x00; /* Become master */
2016 else
2017 cp.role = 0x01; /* Remain slave */
2018
04124681
GP		 2019 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
2020 &cp);
b6a0dc82
MH		 2021 } else {
2022 struct hci_cp_accept_sync_conn_req cp;
2023
2024 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 2025 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 2026
82781e63
AE		 2027 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2028 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
2029 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 2030 cp.content_format = cpu_to_le16(hdev->voice_setting);
2031 cp.retrans_effort = 0xff;
1da177e4 2032
b6a0dc82 2033 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 2034 sizeof(cp), &cp);
b6a0dc82 2035 }
a9de9248
MH		 2036 } else {
2037 /* Connection rejected */
2038 struct hci_cp_reject_conn_req cp;
1da177e4 2039
a9de9248 2040 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 2041 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 2042 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 2043 }
1da177e4
LT		 2044}
2045
f0d6a0ea
MA		 2046static u8 hci_to_mgmt_reason(u8 err)
2047{
2048 switch (err) {
2049 case HCI_ERROR_CONNECTION_TIMEOUT:
2050 return MGMT_DEV_DISCONN_TIMEOUT;
2051 case HCI_ERROR_REMOTE_USER_TERM:
2052 case HCI_ERROR_REMOTE_LOW_RESOURCES:
2053 case HCI_ERROR_REMOTE_POWER_OFF:
2054 return MGMT_DEV_DISCONN_REMOTE;
2055 case HCI_ERROR_LOCAL_HOST_TERM:
2056 return MGMT_DEV_DISCONN_LOCAL_HOST;
2057 default:
2058 return MGMT_DEV_DISCONN_UNKNOWN;
2059 }
2060}
2061
6039aa73 2062static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2063{
a9de9248 2064 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 2065 struct hci_conn *conn;
2066
9f1db00c 2067 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2068
2069 hci_dev_lock(hdev);
2070
2071 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 2072 if (!conn)
2073 goto unlock;
7d0db0a3 2074
37d9ef76
JH		 2075 if (ev->status == 0)
2076 conn->state = BT_CLOSED;
04837f64 2077
b644ba33 2078 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 2079 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 2080 if (ev->status) {
88c3df13 2081 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 2082 conn->dst_type, ev->status);
f0d6a0ea
MA		 2083 } else {
2084 u8 reason = hci_to_mgmt_reason(ev->reason);
2085
afc747a6 2086 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 2087 conn->dst_type, reason);
2088 }
37d9ef76 2089 }
f7520543 2090
37d9ef76 2091 if (ev->status == 0) {
6ec5bcad
VA		 2092 if (conn->type == ACL_LINK && conn->flush_key)
2093 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 2094 hci_proto_disconn_cfm(conn, ev->reason);
2095 hci_conn_del(conn);
2096 }
f7520543
JH		 2097
2098unlock:
04837f64
MH		 2099 hci_dev_unlock(hdev);
2100}
2101
6039aa73 2102static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2103{
a9de9248 2104 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 2105 struct hci_conn *conn;
1da177e4 2106
9f1db00c 2107 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2108
2109 hci_dev_lock(hdev);
2110
04837f64 2111 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 2112 if (!conn)
2113 goto unlock;
2114
2115 if (!ev->status) {
aa64a8b5 2116 if (!hci_conn_ssp_enabled(conn) &&
807deac2 2117 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 2118 BT_INFO("re-auth of legacy device is not possible.");
2a611692 2119 } else {
d7556e20
WR		 2120 conn->link_mode |= HCI_LM_AUTH;
2121 conn->sec_level = conn->pending_sec_level;
2a611692 2122 }
d7556e20 2123 } else {
bab73cb6 2124 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 2125 ev->status);
d7556e20 2126 }
1da177e4 2127
51a8efd7
JH		 2128 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2129 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 2130
d7556e20 2131 if (conn->state == BT_CONFIG) {
aa64a8b5 2132 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 2133 struct hci_cp_set_conn_encrypt cp;
2134 cp.handle = ev->handle;
2135 cp.encrypt = 0x01;
2136 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2137 &cp);
052b30b0 2138 } else {
d7556e20
WR		 2139 conn->state = BT_CONNECTED;
2140 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 2141 hci_conn_put(conn);
2142 }
d7556e20
WR		 2143 } else {
2144 hci_auth_cfm(conn, ev->status);
052b30b0 2145
d7556e20
WR		 2146 hci_conn_hold(conn);
2147 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2148 hci_conn_put(conn);
2149 }
2150
51a8efd7 2151 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 2152 if (!ev->status) {
2153 struct hci_cp_set_conn_encrypt cp;
2154 cp.handle = ev->handle;
2155 cp.encrypt = 0x01;
2156 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2157 &cp);
d7556e20 2158 } else {
51a8efd7 2159 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 2160 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 2161 }
2162 }
2163
d7556e20 2164unlock:
1da177e4
LT		 2165 hci_dev_unlock(hdev);
2166}
2167
6039aa73 2168static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2169{
127178d2
JH		 2170 struct hci_ev_remote_name *ev = (void *) skb->data;
2171 struct hci_conn *conn;
2172
a9de9248 2173 BT_DBG("%s", hdev->name);
1da177e4 2174
a9de9248 2175 hci_conn_check_pending(hdev);
127178d2
JH		 2176
2177 hci_dev_lock(hdev);
2178
b644ba33 2179 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 2180
b644ba33
JH		 2181 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2182 goto check_auth;
a88a9652 2183
b644ba33
JH		 2184 if (ev->status == 0)
2185 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 2186 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 2187 else
2188 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2189
2190check_auth:
79c6c70c
JH		 2191 if (!conn)
2192 goto unlock;
2193
2194 if (!hci_outgoing_auth_needed(hdev, conn))
2195 goto unlock;
2196
51a8efd7 2197 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 2198 struct hci_cp_auth_requested cp;
2199 cp.handle = __cpu_to_le16(conn->handle);
2200 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2201 }
2202
79c6c70c 2203unlock:
127178d2 2204 hci_dev_unlock(hdev);
a9de9248
MH		 2205}
2206
6039aa73 2207static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2208{
2209 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2210 struct hci_conn *conn;
2211
9f1db00c 2212 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2213
2214 hci_dev_lock(hdev);
2215
04837f64 2216 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2217 if (conn) {
2218 if (!ev->status) {
ae293196
MH		 2219 if (ev->encrypt) {
2220 /* Encryption implies authentication */
2221 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2222 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2223 conn->sec_level = conn->pending_sec_level;
ae293196 2224 } else
1da177e4
LT		 2225 conn->link_mode &= ~HCI_LM_ENCRYPT;
2226 }
2227
51a8efd7 2228 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2229
a7d7723a 2230 if (ev->status && conn->state == BT_CONNECTED) {
d839c813 2231 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
a7d7723a
GP		 2232 hci_conn_put(conn);
2233 goto unlock;
2234 }
2235
f8558555
MH		 2236 if (conn->state == BT_CONFIG) {
2237 if (!ev->status)
2238 conn->state = BT_CONNECTED;
2239
2240 hci_proto_connect_cfm(conn, ev->status);
2241 hci_conn_put(conn);
2242 } else
2243 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2244 }
2245
a7d7723a 2246unlock:
1da177e4
LT		 2247 hci_dev_unlock(hdev);
2248}
2249
6039aa73
GP		 2250static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2251 struct sk_buff *skb)
1da177e4 2252{
a9de9248 2253 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2254 struct hci_conn *conn;
1da177e4 2255
9f1db00c 2256 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2257
2258 hci_dev_lock(hdev);
2259
04837f64 2260 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2261 if (conn) {
2262 if (!ev->status)
2263 conn->link_mode |= HCI_LM_SECURE;
2264
51a8efd7 2265 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2266
2267 hci_key_change_cfm(conn, ev->status);
2268 }
2269
2270 hci_dev_unlock(hdev);
2271}
2272
6039aa73
GP		 2273static void hci_remote_features_evt(struct hci_dev *hdev,
2274 struct sk_buff *skb)
1da177e4 2275{
a9de9248
MH		 2276 struct hci_ev_remote_features *ev = (void *) skb->data;
2277 struct hci_conn *conn;
2278
9f1db00c 2279 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2280
a9de9248
MH		 2281 hci_dev_lock(hdev);
2282
2283 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2284 if (!conn)
2285 goto unlock;
769be974 2286
ccd556fe
JH		 2287 if (!ev->status)
2288 memcpy(conn->features, ev->features, 8);
2289
2290 if (conn->state != BT_CONFIG)
2291 goto unlock;
2292
2293 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2294 struct hci_cp_read_remote_ext_features cp;
2295 cp.handle = ev->handle;
2296 cp.page = 0x01;
2297 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2298 sizeof(cp), &cp);
392599b9
JH		 2299 goto unlock;
2300 }
2301
671267bf 2302 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2303 struct hci_cp_remote_name_req cp;
2304 memset(&cp, 0, sizeof(cp));
2305 bacpy(&cp.bdaddr, &conn->dst);
2306 cp.pscan_rep_mode = 0x02;
2307 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2308 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2309 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2310 conn->dst_type, 0, NULL, 0,
2311 conn->dev_class);
392599b9 2312
127178d2 2313 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2314 conn->state = BT_CONNECTED;
2315 hci_proto_connect_cfm(conn, ev->status);
2316 hci_conn_put(conn);
769be974 2317 }
a9de9248 2318
ccd556fe 2319unlock:
a9de9248 2320 hci_dev_unlock(hdev);
1da177e4
LT		 2321}
2322
6039aa73 2323static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2324{
a9de9248 2325 BT_DBG("%s", hdev->name);
1da177e4
LT		 2326}
2327
6039aa73
GP		 2328static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2329 struct sk_buff *skb)
1da177e4 2330{
a9de9248 2331 BT_DBG("%s", hdev->name);
1da177e4
LT		 2332}
2333
6039aa73 2334static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2335{
2336 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2337 __u16 opcode;
2338
2339 skb_pull(skb, sizeof(*ev));
2340
2341 opcode = __le16_to_cpu(ev->opcode);
2342
2343 switch (opcode) {
2344 case HCI_OP_INQUIRY_CANCEL:
2345 hci_cc_inquiry_cancel(hdev, skb);
2346 break;
2347
4d93483b
AG		 2348 case HCI_OP_PERIODIC_INQ:
2349 hci_cc_periodic_inq(hdev, skb);
2350 break;
2351
a9de9248
MH		 2352 case HCI_OP_EXIT_PERIODIC_INQ:
2353 hci_cc_exit_periodic_inq(hdev, skb);
2354 break;
2355
2356 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2357 hci_cc_remote_name_req_cancel(hdev, skb);
2358 break;
2359
2360 case HCI_OP_ROLE_DISCOVERY:
2361 hci_cc_role_discovery(hdev, skb);
2362 break;
2363
e4e8e37c
MH		 2364 case HCI_OP_READ_LINK_POLICY:
2365 hci_cc_read_link_policy(hdev, skb);
2366 break;
2367
a9de9248
MH		 2368 case HCI_OP_WRITE_LINK_POLICY:
2369 hci_cc_write_link_policy(hdev, skb);
2370 break;
2371
e4e8e37c
MH		 2372 case HCI_OP_READ_DEF_LINK_POLICY:
2373 hci_cc_read_def_link_policy(hdev, skb);
2374 break;
2375
2376 case HCI_OP_WRITE_DEF_LINK_POLICY:
2377 hci_cc_write_def_link_policy(hdev, skb);
2378 break;
2379
a9de9248
MH		 2380 case HCI_OP_RESET:
2381 hci_cc_reset(hdev, skb);
2382 break;
2383
2384 case HCI_OP_WRITE_LOCAL_NAME:
2385 hci_cc_write_local_name(hdev, skb);
2386 break;
2387
2388 case HCI_OP_READ_LOCAL_NAME:
2389 hci_cc_read_local_name(hdev, skb);
2390 break;
2391
2392 case HCI_OP_WRITE_AUTH_ENABLE:
2393 hci_cc_write_auth_enable(hdev, skb);
2394 break;
2395
2396 case HCI_OP_WRITE_ENCRYPT_MODE:
2397 hci_cc_write_encrypt_mode(hdev, skb);
2398 break;
2399
2400 case HCI_OP_WRITE_SCAN_ENABLE:
2401 hci_cc_write_scan_enable(hdev, skb);
2402 break;
2403
2404 case HCI_OP_READ_CLASS_OF_DEV:
2405 hci_cc_read_class_of_dev(hdev, skb);
2406 break;
2407
2408 case HCI_OP_WRITE_CLASS_OF_DEV:
2409 hci_cc_write_class_of_dev(hdev, skb);
2410 break;
2411
2412 case HCI_OP_READ_VOICE_SETTING:
2413 hci_cc_read_voice_setting(hdev, skb);
2414 break;
2415
2416 case HCI_OP_WRITE_VOICE_SETTING:
2417 hci_cc_write_voice_setting(hdev, skb);
2418 break;
2419
2420 case HCI_OP_HOST_BUFFER_SIZE:
2421 hci_cc_host_buffer_size(hdev, skb);
2422 break;
2423
333140b5
MH		 2424 case HCI_OP_WRITE_SSP_MODE:
2425 hci_cc_write_ssp_mode(hdev, skb);
2426 break;
2427
a9de9248
MH		 2428 case HCI_OP_READ_LOCAL_VERSION:
2429 hci_cc_read_local_version(hdev, skb);
2430 break;
2431
2432 case HCI_OP_READ_LOCAL_COMMANDS:
2433 hci_cc_read_local_commands(hdev, skb);
2434 break;
2435
2436 case HCI_OP_READ_LOCAL_FEATURES:
2437 hci_cc_read_local_features(hdev, skb);
2438 break;
2439
971e3a4b
AG		 2440 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2441 hci_cc_read_local_ext_features(hdev, skb);
2442 break;
2443
a9de9248
MH		 2444 case HCI_OP_READ_BUFFER_SIZE:
2445 hci_cc_read_buffer_size(hdev, skb);
2446 break;
2447
2448 case HCI_OP_READ_BD_ADDR:
2449 hci_cc_read_bd_addr(hdev, skb);
2450 break;
2451
350ee4cf
AE		 2452 case HCI_OP_READ_DATA_BLOCK_SIZE:
2453 hci_cc_read_data_block_size(hdev, skb);
2454 break;
2455
23bb5763
JH		 2456 case HCI_OP_WRITE_CA_TIMEOUT:
2457 hci_cc_write_ca_timeout(hdev, skb);
2458 break;
2459
1e89cffb
AE		 2460 case HCI_OP_READ_FLOW_CONTROL_MODE:
2461 hci_cc_read_flow_control_mode(hdev, skb);
2462 break;
2463
928abaa7
AE		 2464 case HCI_OP_READ_LOCAL_AMP_INFO:
2465 hci_cc_read_local_amp_info(hdev, skb);
2466 break;
2467
903e4541
AE		 2468 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2469 hci_cc_read_local_amp_assoc(hdev, skb);
2470 break;
2471
b0916ea0
JH		 2472 case HCI_OP_DELETE_STORED_LINK_KEY:
2473 hci_cc_delete_stored_link_key(hdev, skb);
2474 break;
2475
d5859e22
JH		 2476 case HCI_OP_SET_EVENT_MASK:
2477 hci_cc_set_event_mask(hdev, skb);
2478 break;
2479
2480 case HCI_OP_WRITE_INQUIRY_MODE:
2481 hci_cc_write_inquiry_mode(hdev, skb);
2482 break;
2483
2484 case HCI_OP_READ_INQ_RSP_TX_POWER:
2485 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2486 break;
2487
2488 case HCI_OP_SET_EVENT_FLT:
2489 hci_cc_set_event_flt(hdev, skb);
2490 break;
2491
980e1a53
JH		 2492 case HCI_OP_PIN_CODE_REPLY:
2493 hci_cc_pin_code_reply(hdev, skb);
2494 break;
2495
2496 case HCI_OP_PIN_CODE_NEG_REPLY:
2497 hci_cc_pin_code_neg_reply(hdev, skb);
2498 break;
2499
c35938b2
SJ		 2500 case HCI_OP_READ_LOCAL_OOB_DATA:
2501 hci_cc_read_local_oob_data_reply(hdev, skb);
2502 break;
2503
6ed58ec5
VT		 2504 case HCI_OP_LE_READ_BUFFER_SIZE:
2505 hci_cc_le_read_buffer_size(hdev, skb);
2506 break;
2507
e36b04c8
JH		 2508 case HCI_OP_LE_SET_EVENT_MASK:
2509 hci_cc_le_set_event_mask(hdev, skb);
2510 break;
2511
a5c29683
JH		 2512 case HCI_OP_USER_CONFIRM_REPLY:
2513 hci_cc_user_confirm_reply(hdev, skb);
2514 break;
2515
2516 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2517 hci_cc_user_confirm_neg_reply(hdev, skb);
2518 break;
2519
1143d458
BG		 2520 case HCI_OP_USER_PASSKEY_REPLY:
2521 hci_cc_user_passkey_reply(hdev, skb);
2522 break;
2523
2524 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2525 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2526 break;
07f7fa5d
AG		 2527
2528 case HCI_OP_LE_SET_SCAN_PARAM:
2529 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2530 break;
2531
eb9d91f5
AG		 2532 case HCI_OP_LE_SET_SCAN_ENABLE:
2533 hci_cc_le_set_scan_enable(hdev, skb);
2534 break;
2535
a7a595f6
VCG		 2536 case HCI_OP_LE_LTK_REPLY:
2537 hci_cc_le_ltk_reply(hdev, skb);
2538 break;
2539
2540 case HCI_OP_LE_LTK_NEG_REPLY:
2541 hci_cc_le_ltk_neg_reply(hdev, skb);
2542 break;
2543
f9b49306
AG		 2544 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2545 hci_cc_write_le_host_supported(hdev, skb);
2546 break;
2547
93c284ee
AE		 2548 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2549 hci_cc_write_remote_amp_assoc(hdev, skb);
2550 break;
2551
a9de9248 2552 default:
9f1db00c 2553 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2554 break;
2555 }
2556
6bd32326
VT		 2557 if (ev->opcode != HCI_OP_NOP)
2558 del_timer(&hdev->cmd_timer);
2559
a9de9248
MH		 2560 if (ev->ncmd) {
2561 atomic_set(&hdev->cmd_cnt, 1);
2562 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2563 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2564 }
2565}
2566
6039aa73 2567static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2568{
2569 struct hci_ev_cmd_status *ev = (void *) skb->data;
2570 __u16 opcode;
2571
2572 skb_pull(skb, sizeof(*ev));
2573
2574 opcode = __le16_to_cpu(ev->opcode);
2575
2576 switch (opcode) {
2577 case HCI_OP_INQUIRY:
2578 hci_cs_inquiry(hdev, ev->status);
2579 break;
2580
2581 case HCI_OP_CREATE_CONN:
2582 hci_cs_create_conn(hdev, ev->status);
2583 break;
2584
2585 case HCI_OP_ADD_SCO:
2586 hci_cs_add_sco(hdev, ev->status);
2587 break;
2588
f8558555
MH		 2589 case HCI_OP_AUTH_REQUESTED:
2590 hci_cs_auth_requested(hdev, ev->status);
2591 break;
2592
2593 case HCI_OP_SET_CONN_ENCRYPT:
2594 hci_cs_set_conn_encrypt(hdev, ev->status);
2595 break;
2596
a9de9248
MH		 2597 case HCI_OP_REMOTE_NAME_REQ:
2598 hci_cs_remote_name_req(hdev, ev->status);
2599 break;
2600
769be974
MH		 2601 case HCI_OP_READ_REMOTE_FEATURES:
2602 hci_cs_read_remote_features(hdev, ev->status);
2603 break;
2604
2605 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2606 hci_cs_read_remote_ext_features(hdev, ev->status);
2607 break;
2608
a9de9248
MH		 2609 case HCI_OP_SETUP_SYNC_CONN:
2610 hci_cs_setup_sync_conn(hdev, ev->status);
2611 break;
2612
2613 case HCI_OP_SNIFF_MODE:
2614 hci_cs_sniff_mode(hdev, ev->status);
2615 break;
2616
2617 case HCI_OP_EXIT_SNIFF_MODE:
2618 hci_cs_exit_sniff_mode(hdev, ev->status);
2619 break;
2620
8962ee74 2621 case HCI_OP_DISCONNECT:
88c3df13 2622 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2623 break;
2624
fcd89c09
VT		 2625 case HCI_OP_LE_CREATE_CONN:
2626 hci_cs_le_create_conn(hdev, ev->status);
2627 break;
2628
a7a595f6
VCG		 2629 case HCI_OP_LE_START_ENC:
2630 hci_cs_le_start_enc(hdev, ev->status);
2631 break;
2632
a02226d6
AE		 2633 case HCI_OP_CREATE_PHY_LINK:
2634 hci_cs_create_phylink(hdev, ev->status);
2635 break;
2636
0b26ab9d
AE		 2637 case HCI_OP_ACCEPT_PHY_LINK:
2638 hci_cs_accept_phylink(hdev, ev->status);
2639 break;
2640
a9de9248 2641 default:
9f1db00c 2642 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2643 break;
2644 }
2645
6bd32326
VT		 2646 if (ev->opcode != HCI_OP_NOP)
2647 del_timer(&hdev->cmd_timer);
2648
10572132 2649 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2650 atomic_set(&hdev->cmd_cnt, 1);
2651 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2652 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2653 }
2654}
2655
6039aa73 2656static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2657{
2658 struct hci_ev_role_change *ev = (void *) skb->data;
2659 struct hci_conn *conn;
2660
9f1db00c 2661 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2662
2663 hci_dev_lock(hdev);
2664
2665 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2666 if (conn) {
2667 if (!ev->status) {
2668 if (ev->role)
2669 conn->link_mode &= ~HCI_LM_MASTER;
2670 else
2671 conn->link_mode |= HCI_LM_MASTER;
2672 }
2673
51a8efd7 2674 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2675
2676 hci_role_switch_cfm(conn, ev->status, ev->role);
2677 }
2678
2679 hci_dev_unlock(hdev);
2680}
2681
6039aa73 2682static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2683{
2684 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2685 int i;
2686
32ac5b9b
AE		 2687 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2688 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2689 return;
2690 }
2691
c5993de8 2692 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2693 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2694 BT_DBG("%s bad parameters", hdev->name);
2695 return;
2696 }
2697
c5993de8
AE		 2698 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2699
613a1c0c
AE		 2700 for (i = 0; i < ev->num_hndl; i++) {
2701 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2702 struct hci_conn *conn;
2703 __u16 handle, count;
2704
613a1c0c
AE		 2705 handle = __le16_to_cpu(info->handle);
2706 count = __le16_to_cpu(info->count);
a9de9248
MH		 2707
2708 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2709 if (!conn)
2710 continue;
2711
2712 conn->sent -= count;
2713
2714 switch (conn->type) {
2715 case ACL_LINK:
2716 hdev->acl_cnt += count;
2717 if (hdev->acl_cnt > hdev->acl_pkts)
2718 hdev->acl_cnt = hdev->acl_pkts;
2719 break;
2720
2721 case LE_LINK:
2722 if (hdev->le_pkts) {
2723 hdev->le_cnt += count;
2724 if (hdev->le_cnt > hdev->le_pkts)
2725 hdev->le_cnt = hdev->le_pkts;
2726 } else {
70f23020
AE		 2727 hdev->acl_cnt += count;
2728 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2729 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2730 }
f4280918
AE		 2731 break;
2732
2733 case SCO_LINK:
2734 hdev->sco_cnt += count;
2735 if (hdev->sco_cnt > hdev->sco_pkts)
2736 hdev->sco_cnt = hdev->sco_pkts;
2737 break;
2738
2739 default:
2740 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2741 break;
a9de9248
MH		 2742 }
2743 }
2744
3eff45ea 2745 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2746}
2747
76ef7cf7
AE		 2748static struct hci_conn *__hci_conn_lookup_handle(struct hci_dev *hdev,
2749 __u16 handle)
2750{
2751 struct hci_chan *chan;
2752
2753 switch (hdev->dev_type) {
2754 case HCI_BREDR:
2755 return hci_conn_hash_lookup_handle(hdev, handle);
2756 case HCI_AMP:
2757 chan = hci_chan_lookup_handle(hdev, handle);
2758 if (chan)
2759 return chan->conn;
2760 break;
2761 default:
2762 BT_ERR("%s unknown dev_type %d", hdev->name, hdev->dev_type);
2763 break;
2764 }
2765
2766 return NULL;
2767}
2768
6039aa73 2769static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2770{
2771 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2772 int i;
2773
2774 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2775 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2776 return;
2777 }
2778
2779 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2780 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2781 BT_DBG("%s bad parameters", hdev->name);
2782 return;
2783 }
2784
2785 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2786 ev->num_hndl);
25e89e99
AE		 2787
2788 for (i = 0; i < ev->num_hndl; i++) {
2789 struct hci_comp_blocks_info *info = &ev->handles[i];
76ef7cf7 2790 struct hci_conn *conn = NULL;
25e89e99
AE		 2791 __u16 handle, block_count;
2792
2793 handle = __le16_to_cpu(info->handle);
2794 block_count = __le16_to_cpu(info->blocks);
2795
76ef7cf7 2796 conn = __hci_conn_lookup_handle(hdev, handle);
25e89e99
AE		 2797 if (!conn)
2798 continue;
2799
2800 conn->sent -= block_count;
2801
2802 switch (conn->type) {
2803 case ACL_LINK:
bd1eb66b 2804 case AMP_LINK:
25e89e99
AE		 2805 hdev->block_cnt += block_count;
2806 if (hdev->block_cnt > hdev->num_blocks)
2807 hdev->block_cnt = hdev->num_blocks;
2808 break;
2809
2810 default:
2811 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2812 break;
2813 }
2814 }
2815
2816 queue_work(hdev->workqueue, &hdev->tx_work);
2817}
2818
6039aa73 2819static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2820{
a9de9248 2821 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2822 struct hci_conn *conn;
2823
9f1db00c 2824 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2825
2826 hci_dev_lock(hdev);
2827
2828 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2829 if (conn) {
2830 conn->mode = ev->mode;
2831 conn->interval = __le16_to_cpu(ev->interval);
2832
8fc9ced3
GP		 2833 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2834 &conn->flags)) {
a9de9248 2835 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2836 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2837 else
58a681ef 2838 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2839 }
e73439d8 2840
51a8efd7 2841 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2842 hci_sco_setup(conn, ev->status);
04837f64
MH		 2843 }
2844
2845 hci_dev_unlock(hdev);
2846}
2847
6039aa73 2848static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2849{
052b30b0
MH		 2850 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2851 struct hci_conn *conn;
2852
a9de9248 2853 BT_DBG("%s", hdev->name);
052b30b0
MH		 2854
2855 hci_dev_lock(hdev);
2856
2857 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2858 if (!conn)
2859 goto unlock;
2860
2861 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2862 hci_conn_hold(conn);
2863 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2864 hci_conn_put(conn);
2865 }
2866
a8b2d5c2 2867 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2868 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2869 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2870 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2871 u8 secure;
2872
2873 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2874 secure = 1;
2875 else
2876 secure = 0;
2877
744cf19e 2878 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2879 }
980e1a53 2880
b6f98044 2881unlock:
052b30b0 2882 hci_dev_unlock(hdev);
a9de9248
MH		 2883}
2884
6039aa73 2885static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2886{
55ed8ca1
JH		 2887 struct hci_ev_link_key_req *ev = (void *) skb->data;
2888 struct hci_cp_link_key_reply cp;
2889 struct hci_conn *conn;
2890 struct link_key *key;
2891
a9de9248 2892 BT_DBG("%s", hdev->name);
55ed8ca1 2893
a8b2d5c2 2894 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2895 return;
2896
2897 hci_dev_lock(hdev);
2898
2899 key = hci_find_link_key(hdev, &ev->bdaddr);
2900 if (!key) {
6ed93dc6
AE		 2901 BT_DBG("%s link key not found for %pMR", hdev->name,
2902 &ev->bdaddr);
55ed8ca1
JH		 2903 goto not_found;
2904 }
2905
6ed93dc6
AE		 2906 BT_DBG("%s found key type %u for %pMR", hdev->name, key->type,
2907 &ev->bdaddr);
55ed8ca1 2908
a8b2d5c2 2909 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2910 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2911 BT_DBG("%s ignoring debug key", hdev->name);
2912 goto not_found;
2913 }
2914
2915 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2916 if (conn) {
2917 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2918 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2919 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2920 goto not_found;
2921 }
55ed8ca1 2922
60b83f57 2923 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2924 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2925 BT_DBG("%s ignoring key unauthenticated for high security",
2926 hdev->name);
60b83f57
WR		 2927 goto not_found;
2928 }
2929
2930 conn->key_type = key->type;
2931 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2932 }
2933
2934 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2935 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2936
2937 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2938
2939 hci_dev_unlock(hdev);
2940
2941 return;
2942
2943not_found:
2944 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2945 hci_dev_unlock(hdev);
a9de9248
MH		 2946}
2947
6039aa73 2948static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2949{
052b30b0
MH		 2950 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2951 struct hci_conn *conn;
55ed8ca1 2952 u8 pin_len = 0;
052b30b0 2953
a9de9248 2954 BT_DBG("%s", hdev->name);
052b30b0
MH		 2955
2956 hci_dev_lock(hdev);
2957
2958 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2959 if (conn) {
2960 hci_conn_hold(conn);
2961 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2962 pin_len = conn->pin_length;
13d39315
WR		 2963
2964 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2965 conn->key_type = ev->key_type;
2966
052b30b0
MH		 2967 hci_conn_put(conn);
2968 }
2969
a8b2d5c2 2970 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2971 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2972 ev->key_type, pin_len);
55ed8ca1 2973
052b30b0 2974 hci_dev_unlock(hdev);
a9de9248
MH		 2975}
2976
6039aa73 2977static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2978{
a9de9248 2979 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2980 struct hci_conn *conn;
1da177e4 2981
9f1db00c 2982 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2983
2984 hci_dev_lock(hdev);
2985
04837f64 2986 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2987 if (conn && !ev->status) {
2988 struct inquiry_entry *ie;
2989
cc11b9c1
AE		 2990 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2991 if (ie) {
1da177e4
LT		 2992 ie->data.clock_offset = ev->clock_offset;
2993 ie->timestamp = jiffies;
2994 }
2995 }
2996
2997 hci_dev_unlock(hdev);
2998}
2999
6039aa73 3000static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 3001{
3002 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
3003 struct hci_conn *conn;
3004
9f1db00c 3005 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 3006
3007 hci_dev_lock(hdev);
3008
3009 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3010 if (conn && !ev->status)
3011 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
3012
3013 hci_dev_unlock(hdev);
3014}
3015
6039aa73 3016static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 3017{
a9de9248 3018 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 3019 struct inquiry_entry *ie;
3020
3021 BT_DBG("%s", hdev->name);
3022
3023 hci_dev_lock(hdev);
3024
cc11b9c1
AE		 3025 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3026 if (ie) {
85a1e930
MH		 3027 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
3028 ie->timestamp = jiffies;
3029 }
3030
3031 hci_dev_unlock(hdev);
3032}
3033
6039aa73
GP		 3034static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
3035 struct sk_buff *skb)
a9de9248
MH		 3036{
3037 struct inquiry_data data;
3038 int num_rsp = *((__u8 *) skb->data);
388fc8fa 3039 bool name_known, ssp;
a9de9248
MH		 3040
3041 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
3042
3043 if (!num_rsp)
3044 return;
3045
1519cc17
AG		 3046 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3047 return;
3048
a9de9248
MH		 3049 hci_dev_lock(hdev);
3050
3051 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 3052 struct inquiry_info_with_rssi_and_pscan_mode *info;
3053 info = (void *) (skb->data + 1);
a9de9248 3054
e17acd40 3055 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 3056 bacpy(&data.bdaddr, &info->bdaddr);
3057 data.pscan_rep_mode = info->pscan_rep_mode;
3058 data.pscan_period_mode = info->pscan_period_mode;
3059 data.pscan_mode = info->pscan_mode;
3060 memcpy(data.dev_class, info->dev_class, 3);
3061 data.clock_offset = info->clock_offset;
3062 data.rssi = info->rssi;
41a96212 3063 data.ssp_mode = 0x00;
3175405b
JH		 3064
3065 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 3066 false, &ssp);
48264f06 3067 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 3068 info->dev_class, info->rssi,
3069 !name_known, ssp, NULL, 0);
a9de9248
MH		 3070 }
3071 } else {
3072 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
3073
e17acd40 3074 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 3075 bacpy(&data.bdaddr, &info->bdaddr);
3076 data.pscan_rep_mode = info->pscan_rep_mode;
3077 data.pscan_period_mode = info->pscan_period_mode;
3078 data.pscan_mode = 0x00;
3079 memcpy(data.dev_class, info->dev_class, 3);
3080 data.clock_offset = info->clock_offset;
3081 data.rssi = info->rssi;
41a96212 3082 data.ssp_mode = 0x00;
3175405b 3083 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 3084 false, &ssp);
48264f06 3085 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 3086 info->dev_class, info->rssi,
3087 !name_known, ssp, NULL, 0);
a9de9248
MH		 3088 }
3089 }
3090
3091 hci_dev_unlock(hdev);
3092}
3093
6039aa73
GP		 3094static void hci_remote_ext_features_evt(struct hci_dev *hdev,
3095 struct sk_buff *skb)
a9de9248 3096{
41a96212
MH		 3097 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
3098 struct hci_conn *conn;
3099
a9de9248 3100 BT_DBG("%s", hdev->name);
41a96212 3101
41a96212
MH		 3102 hci_dev_lock(hdev);
3103
3104 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 3105 if (!conn)
3106 goto unlock;
41a96212 3107
ccd556fe
JH		 3108 if (!ev->status && ev->page == 0x01) {
3109 struct inquiry_entry *ie;
41a96212 3110
cc11b9c1
AE		 3111 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3112 if (ie)
02b7cc62 3113 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 3114
02b7cc62 3115 if (ev->features[0] & LMP_HOST_SSP)
58a681ef 3116 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 3117 }
3118
3119 if (conn->state != BT_CONFIG)
3120 goto unlock;
3121
671267bf 3122 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 3123 struct hci_cp_remote_name_req cp;
3124 memset(&cp, 0, sizeof(cp));
3125 bacpy(&cp.bdaddr, &conn->dst);
3126 cp.pscan_rep_mode = 0x02;
3127 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 3128 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3129 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 3130 conn->dst_type, 0, NULL, 0,
3131 conn->dev_class);
392599b9 3132
127178d2 3133 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 3134 conn->state = BT_CONNECTED;
3135 hci_proto_connect_cfm(conn, ev->status);
3136 hci_conn_put(conn);
41a96212
MH		 3137 }
3138
ccd556fe 3139unlock:
41a96212 3140 hci_dev_unlock(hdev);
a9de9248
MH		 3141}
3142
6039aa73
GP		 3143static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3144 struct sk_buff *skb)
a9de9248 3145{
b6a0dc82
MH		 3146 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3147 struct hci_conn *conn;
3148
9f1db00c 3149 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 3150
3151 hci_dev_lock(hdev);
3152
3153 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 3154 if (!conn) {
3155 if (ev->link_type == ESCO_LINK)
3156 goto unlock;
3157
3158 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3159 if (!conn)
3160 goto unlock;
3161
3162 conn->type = SCO_LINK;
3163 }
b6a0dc82 3164
732547f9
MH		 3165 switch (ev->status) {
3166 case 0x00:
b6a0dc82
MH		 3167 conn->handle = __le16_to_cpu(ev->handle);
3168 conn->state = BT_CONNECTED;
7d0db0a3 3169
9eba32b8 3170 hci_conn_hold_device(conn);
7d0db0a3 3171 hci_conn_add_sysfs(conn);
732547f9
MH		 3172 break;
3173
705e5711 3174 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 3175 case 0x1c: /* SCO interval rejected */
1038a00b 3176 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 3177 case 0x1f: /* Unspecified error */
3178 if (conn->out && conn->attempt < 2) {
3179 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3180 (hdev->esco_type & EDR_ESCO_MASK);
3181 hci_setup_sync(conn, conn->link->handle);
3182 goto unlock;
3183 }
3184 /* fall through */
3185
3186 default:
b6a0dc82 3187 conn->state = BT_CLOSED;
732547f9
MH		 3188 break;
3189 }
b6a0dc82
MH		 3190
3191 hci_proto_connect_cfm(conn, ev->status);
3192 if (ev->status)
3193 hci_conn_del(conn);
3194
3195unlock:
3196 hci_dev_unlock(hdev);
a9de9248
MH		 3197}
3198
6039aa73 3199static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 3200{
3201 BT_DBG("%s", hdev->name);
3202}
3203
6039aa73 3204static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 3205{
a9de9248 3206 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64 3207
9f1db00c 3208 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 3209}
3210
6039aa73
GP		 3211static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3212 struct sk_buff *skb)
1da177e4 3213{
a9de9248
MH		 3214 struct inquiry_data data;
3215 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3216 int num_rsp = *((__u8 *) skb->data);
9d939d94 3217 size_t eir_len;
1da177e4 3218
a9de9248 3219 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 3220
a9de9248
MH		 3221 if (!num_rsp)
3222 return;
1da177e4 3223
1519cc17
AG		 3224 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3225 return;
3226
a9de9248
MH		 3227 hci_dev_lock(hdev);
3228
e17acd40 3229 for (; num_rsp; num_rsp--, info++) {
388fc8fa 3230 bool name_known, ssp;
561aafbc 3231
a9de9248 3232 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 3233 data.pscan_rep_mode = info->pscan_rep_mode;
3234 data.pscan_period_mode = info->pscan_period_mode;
3235 data.pscan_mode = 0x00;
a9de9248 3236 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 3237 data.clock_offset = info->clock_offset;
3238 data.rssi = info->rssi;
41a96212 3239 data.ssp_mode = 0x01;
561aafbc 3240
a8b2d5c2 3241 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 3242 name_known = eir_has_data_type(info->data,
04124681
GP		 3243 sizeof(info->data),
3244 EIR_NAME_COMPLETE);
561aafbc
JH		 3245 else
3246 name_known = true;
3247
388fc8fa 3248 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 3249 &ssp);
9d939d94 3250 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 3251 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 3252 info->dev_class, info->rssi, !name_known,
9d939d94 3253 ssp, info->data, eir_len);
a9de9248
MH		 3254 }
3255
3256 hci_dev_unlock(hdev);
3257}
1da177e4 3258
1c2e0041
JH		 3259static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3260 struct sk_buff *skb)
3261{
3262 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3263 struct hci_conn *conn;
3264
9f1db00c 3265 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3266 __le16_to_cpu(ev->handle));
3267
3268 hci_dev_lock(hdev);
3269
3270 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3271 if (!conn)
3272 goto unlock;
3273
3274 if (!ev->status)
3275 conn->sec_level = conn->pending_sec_level;
3276
3277 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3278
3279 if (ev->status && conn->state == BT_CONNECTED) {
3280 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3281 hci_conn_put(conn);
3282 goto unlock;
3283 }
3284
3285 if (conn->state == BT_CONFIG) {
3286 if (!ev->status)
3287 conn->state = BT_CONNECTED;
3288
3289 hci_proto_connect_cfm(conn, ev->status);
3290 hci_conn_put(conn);
3291 } else {
3292 hci_auth_cfm(conn, ev->status);
3293
3294 hci_conn_hold(conn);
3295 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3296 hci_conn_put(conn);
3297 }
3298
3299unlock:
3300 hci_dev_unlock(hdev);
3301}
3302
6039aa73 3303static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3304{
3305 /* If remote requests dedicated bonding follow that lead */
3306 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3307 /* If both remote and local IO capabilities allow MITM
3308 * protection then require it, otherwise don't */
3309 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3310 return 0x02;
3311 else
3312 return 0x03;
3313 }
3314
3315 /* If remote requests no-bonding follow that lead */
3316 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 3317 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3318
3319 return conn->auth_type;
3320}
3321
6039aa73 3322static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3323{
3324 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3325 struct hci_conn *conn;
3326
3327 BT_DBG("%s", hdev->name);
3328
3329 hci_dev_lock(hdev);
3330
3331 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3332 if (!conn)
3333 goto unlock;
3334
3335 hci_conn_hold(conn);
3336
a8b2d5c2 3337 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3338 goto unlock;
3339
a8b2d5c2 3340 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3341 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3342 struct hci_cp_io_capability_reply cp;
3343
3344 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3345 /* Change the IO capability from KeyboardDisplay
3346 * to DisplayYesNo as it is not supported by BT spec. */
3347 cp.capability = (conn->io_capability == 0x04) ?
3348 0x01 : conn->io_capability;
7cbc9bd9
JH		 3349 conn->auth_type = hci_get_auth_req(conn);
3350 cp.authentication = conn->auth_type;
17fa4b9d 3351
8fc9ced3
GP		 3352 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3353 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3354 cp.oob_data = 0x01;
3355 else
3356 cp.oob_data = 0x00;
3357
17fa4b9d 3358 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3359 sizeof(cp), &cp);
03b555e1
JH		 3360 } else {
3361 struct hci_cp_io_capability_neg_reply cp;
3362
3363 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3364 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3365
03b555e1 3366 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3367 sizeof(cp), &cp);
03b555e1
JH		 3368 }
3369
3370unlock:
3371 hci_dev_unlock(hdev);
3372}
3373
6039aa73 3374static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3375{
3376 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3377 struct hci_conn *conn;
3378
3379 BT_DBG("%s", hdev->name);
3380
3381 hci_dev_lock(hdev);
3382
3383 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3384 if (!conn)
3385 goto unlock;
3386
03b555e1 3387 conn->remote_cap = ev->capability;
03b555e1 3388 conn->remote_auth = ev->authentication;
58a681ef
JH		 3389 if (ev->oob_data)
3390 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3391
3392unlock:
0493684e
MH		 3393 hci_dev_unlock(hdev);
3394}
3395
6039aa73
GP		 3396static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3397 struct sk_buff *skb)
a5c29683
JH		 3398{
3399 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3400 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3401 struct hci_conn *conn;
a5c29683
JH		 3402
3403 BT_DBG("%s", hdev->name);
3404
3405 hci_dev_lock(hdev);
3406
a8b2d5c2 3407 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3408 goto unlock;
a5c29683 3409
7a828908
JH		 3410 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3411 if (!conn)
3412 goto unlock;
3413
3414 loc_mitm = (conn->auth_type & 0x01);
3415 rem_mitm = (conn->remote_auth & 0x01);
3416
3417 /* If we require MITM but the remote device can't provide that
3418 * (it has NoInputNoOutput) then reject the confirmation
3419 * request. The only exception is when we're dedicated bonding
3420 * initiators (connect_cfm_cb set) since then we always have the MITM
3421 * bit set. */
3422 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3423 BT_DBG("Rejecting request: remote device can't provide MITM");
3424 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3425 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3426 goto unlock;
3427 }
3428
3429 /* If no side requires MITM protection; auto-accept */
3430 if ((!loc_mitm || conn->remote_cap == 0x03) &&
807deac2 3431 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3432
3433 /* If we're not the initiators request authorization to
3434 * proceed from user space (mgmt_user_confirm with
3435 * confirm_hint set to 1). */
51a8efd7 3436 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3437 BT_DBG("Confirming auto-accept as acceptor");
3438 confirm_hint = 1;
3439 goto confirm;
3440 }
3441
9f61656a 3442 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3443 hdev->auto_accept_delay);
9f61656a
JH		 3444
3445 if (hdev->auto_accept_delay > 0) {
3446 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3447 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3448 goto unlock;
3449 }
3450
7a828908 3451 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3452 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3453 goto unlock;
3454 }
3455
55bc1a37 3456confirm:
272d90df 3457 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3458 confirm_hint);
7a828908
JH		 3459
3460unlock:
a5c29683
JH		 3461 hci_dev_unlock(hdev);
3462}
3463
6039aa73
GP		 3464static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3465 struct sk_buff *skb)
1143d458
BG		 3466{
3467 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3468
3469 BT_DBG("%s", hdev->name);
3470
a8b2d5c2 3471 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3472 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3473}
3474
92a25256
JH		 3475static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3476 struct sk_buff *skb)
3477{
3478 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3479 struct hci_conn *conn;
3480
3481 BT_DBG("%s", hdev->name);
3482
3483 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3484 if (!conn)
3485 return;
3486
3487 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3488 conn->passkey_entered = 0;
3489
3490 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3491 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3492 conn->dst_type, conn->passkey_notify,
3493 conn->passkey_entered);
3494}
3495
3496static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3497{
3498 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3499 struct hci_conn *conn;
3500
3501 BT_DBG("%s", hdev->name);
3502
3503 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3504 if (!conn)
3505 return;
3506
3507 switch (ev->type) {
3508 case HCI_KEYPRESS_STARTED:
3509 conn->passkey_entered = 0;
3510 return;
3511
3512 case HCI_KEYPRESS_ENTERED:
3513 conn->passkey_entered++;
3514 break;
3515
3516 case HCI_KEYPRESS_ERASED:
3517 conn->passkey_entered--;
3518 break;
3519
3520 case HCI_KEYPRESS_CLEARED:
3521 conn->passkey_entered = 0;
3522 break;
3523
3524 case HCI_KEYPRESS_COMPLETED:
3525 return;
3526 }
3527
3528 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3529 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3530 conn->dst_type, conn->passkey_notify,
3531 conn->passkey_entered);
3532}
3533
6039aa73
GP		 3534static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3535 struct sk_buff *skb)
0493684e
MH		 3536{
3537 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3538 struct hci_conn *conn;
3539
3540 BT_DBG("%s", hdev->name);
3541
3542 hci_dev_lock(hdev);
3543
3544 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3545 if (!conn)
3546 goto unlock;
3547
3548 /* To avoid duplicate auth_failed events to user space we check
3549 * the HCI_CONN_AUTH_PEND flag which will be set if we
3550 * initiated the authentication. A traditional auth_complete
3551 * event gets always produced as initiator and is also mapped to
3552 * the mgmt_auth_failed event */
fa1bd918 3553 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3554 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3555 ev->status);
0493684e 3556
2a611692
JH		 3557 hci_conn_put(conn);
3558
3559unlock:
0493684e
MH		 3560 hci_dev_unlock(hdev);
3561}
3562
6039aa73
GP		 3563static void hci_remote_host_features_evt(struct hci_dev *hdev,
3564 struct sk_buff *skb)
41a96212
MH		 3565{
3566 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3567 struct inquiry_entry *ie;
3568
3569 BT_DBG("%s", hdev->name);
3570
3571 hci_dev_lock(hdev);
3572
cc11b9c1
AE		 3573 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3574 if (ie)
02b7cc62 3575 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3576
3577 hci_dev_unlock(hdev);
3578}
3579
6039aa73
GP		 3580static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3581 struct sk_buff *skb)
2763eda6
SJ		 3582{
3583 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3584 struct oob_data *data;
3585
3586 BT_DBG("%s", hdev->name);
3587
3588 hci_dev_lock(hdev);
3589
a8b2d5c2 3590 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3591 goto unlock;
3592
2763eda6
SJ		 3593 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3594 if (data) {
3595 struct hci_cp_remote_oob_data_reply cp;
3596
3597 bacpy(&cp.bdaddr, &ev->bdaddr);
3598 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3599 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3600
3601 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3602 &cp);
2763eda6
SJ		 3603 } else {
3604 struct hci_cp_remote_oob_data_neg_reply cp;
3605
3606 bacpy(&cp.bdaddr, &ev->bdaddr);
3607 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3608 &cp);
2763eda6
SJ		 3609 }
3610
e1ba1f15 3611unlock:
2763eda6
SJ		 3612 hci_dev_unlock(hdev);
3613}
3614
6039aa73 3615static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3616{
3617 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3618 struct hci_conn *conn;
3619
9f1db00c 3620 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3621
3622 hci_dev_lock(hdev);
3623
b47a09b3 3624 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3625 if (!conn) {
3626 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3627 if (!conn) {
3628 BT_ERR("No memory for new connection");
230fd16a 3629 goto unlock;
b62f328b 3630 }
29b7988a
AG		 3631
3632 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3633
3634 if (ev->role == LE_CONN_ROLE_MASTER) {
3635 conn->out = true;
3636 conn->link_mode |= HCI_LM_MASTER;
3637 }
b62f328b 3638 }
fcd89c09 3639
cd17decb
AG		 3640 if (ev->status) {
3641 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3642 conn->dst_type, ev->status);
3643 hci_proto_connect_cfm(conn, ev->status);
3644 conn->state = BT_CLOSED;
3645 hci_conn_del(conn);
3646 goto unlock;
3647 }
3648
b644ba33
JH		 3649 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3650 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3651 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3652
7b5c0d52 3653 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3654 conn->handle = __le16_to_cpu(ev->handle);
3655 conn->state = BT_CONNECTED;
3656
3657 hci_conn_hold_device(conn);
3658 hci_conn_add_sysfs(conn);
3659
3660 hci_proto_connect_cfm(conn, ev->status);
3661
3662unlock:
3663 hci_dev_unlock(hdev);
3664}
3665
6039aa73 3666static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3667{
e95beb41
AG		 3668 u8 num_reports = skb->data[0];
3669 void *ptr = &skb->data[1];
3c9e9195 3670 s8 rssi;
9aa04c91
AG		 3671
3672 hci_dev_lock(hdev);
3673
e95beb41
AG		 3674 while (num_reports--) {
3675 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3676
3c9e9195
AG		 3677 rssi = ev->data[ev->length];
3678 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3679 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3680
e95beb41 3681 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3682 }
3683
3684 hci_dev_unlock(hdev);
3685}
3686
6039aa73 3687static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3688{
3689 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3690 struct hci_cp_le_ltk_reply cp;
bea710fe 3691 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3692 struct hci_conn *conn;
c9839a11 3693 struct smp_ltk *ltk;
a7a595f6 3694
9f1db00c 3695 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3696
3697 hci_dev_lock(hdev);
3698
3699 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3700 if (conn == NULL)
3701 goto not_found;
a7a595f6 3702
bea710fe
VCG		 3703 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3704 if (ltk == NULL)
3705 goto not_found;
3706
3707 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3708 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3709
3710 if (ltk->authenticated)
3711 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3712
3713 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3714
c9839a11
VCG		 3715 if (ltk->type & HCI_SMP_STK) {
3716 list_del(&ltk->list);
3717 kfree(ltk);
3718 }
3719
a7a595f6 3720 hci_dev_unlock(hdev);
bea710fe
VCG		 3721
3722 return;
3723
3724not_found:
3725 neg.handle = ev->handle;
3726 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3727 hci_dev_unlock(hdev);
a7a595f6
VCG		 3728}
3729
6039aa73 3730static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3731{
3732 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3733
3734 skb_pull(skb, sizeof(*le_ev));
3735
3736 switch (le_ev->subevent) {
3737 case HCI_EV_LE_CONN_COMPLETE:
3738 hci_le_conn_complete_evt(hdev, skb);
3739 break;
3740
9aa04c91
AG		 3741 case HCI_EV_LE_ADVERTISING_REPORT:
3742 hci_le_adv_report_evt(hdev, skb);
3743 break;
3744
a7a595f6
VCG		 3745 case HCI_EV_LE_LTK_REQ:
3746 hci_le_ltk_request_evt(hdev, skb);
3747 break;
3748
fcd89c09
VT		 3749 default:
3750 break;
3751 }
3752}
3753
9495b2ee
AE		 3754static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3755{
3756 struct hci_ev_channel_selected *ev = (void *) skb->data;
3757 struct hci_conn *hcon;
3758
3759 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3760
3761 skb_pull(skb, sizeof(*ev));
3762
3763 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3764 if (!hcon)
3765 return;
3766
3767 amp_read_loc_assoc_final_data(hdev, hcon);
3768}
3769
a9de9248
MH		 3770void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3771{
3772 struct hci_event_hdr *hdr = (void *) skb->data;
3773 __u8 event = hdr->evt;
3774
3775 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3776
3777 switch (event) {
1da177e4
LT		 3778 case HCI_EV_INQUIRY_COMPLETE:
3779 hci_inquiry_complete_evt(hdev, skb);
3780 break;
3781
3782 case HCI_EV_INQUIRY_RESULT:
3783 hci_inquiry_result_evt(hdev, skb);
3784 break;
3785
a9de9248
MH		 3786 case HCI_EV_CONN_COMPLETE:
3787 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3788 break;
3789
1da177e4
LT		 3790 case HCI_EV_CONN_REQUEST:
3791 hci_conn_request_evt(hdev, skb);
3792 break;
3793
1da177e4
LT		 3794 case HCI_EV_DISCONN_COMPLETE:
3795 hci_disconn_complete_evt(hdev, skb);
3796 break;
3797
1da177e4
LT		 3798 case HCI_EV_AUTH_COMPLETE:
3799 hci_auth_complete_evt(hdev, skb);
3800 break;
3801
a9de9248
MH		 3802 case HCI_EV_REMOTE_NAME:
3803 hci_remote_name_evt(hdev, skb);
3804 break;
3805
1da177e4
LT		 3806 case HCI_EV_ENCRYPT_CHANGE:
3807 hci_encrypt_change_evt(hdev, skb);
3808 break;
3809
a9de9248
MH		 3810 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3811 hci_change_link_key_complete_evt(hdev, skb);
3812 break;
3813
3814 case HCI_EV_REMOTE_FEATURES:
3815 hci_remote_features_evt(hdev, skb);
3816 break;
3817
3818 case HCI_EV_REMOTE_VERSION:
3819 hci_remote_version_evt(hdev, skb);
3820 break;
3821
3822 case HCI_EV_QOS_SETUP_COMPLETE:
3823 hci_qos_setup_complete_evt(hdev, skb);
3824 break;
3825
3826 case HCI_EV_CMD_COMPLETE:
3827 hci_cmd_complete_evt(hdev, skb);
3828 break;
3829
3830 case HCI_EV_CMD_STATUS:
3831 hci_cmd_status_evt(hdev, skb);
3832 break;
3833
3834 case HCI_EV_ROLE_CHANGE:
3835 hci_role_change_evt(hdev, skb);
3836 break;
3837
3838 case HCI_EV_NUM_COMP_PKTS:
3839 hci_num_comp_pkts_evt(hdev, skb);
3840 break;
3841
3842 case HCI_EV_MODE_CHANGE:
3843 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3844 break;
3845
3846 case HCI_EV_PIN_CODE_REQ:
3847 hci_pin_code_request_evt(hdev, skb);
3848 break;
3849
3850 case HCI_EV_LINK_KEY_REQ:
3851 hci_link_key_request_evt(hdev, skb);
3852 break;
3853
3854 case HCI_EV_LINK_KEY_NOTIFY:
3855 hci_link_key_notify_evt(hdev, skb);
3856 break;
3857
3858 case HCI_EV_CLOCK_OFFSET:
3859 hci_clock_offset_evt(hdev, skb);
3860 break;
3861
a8746417
MH		 3862 case HCI_EV_PKT_TYPE_CHANGE:
3863 hci_pkt_type_change_evt(hdev, skb);
3864 break;
3865
85a1e930
MH		 3866 case HCI_EV_PSCAN_REP_MODE:
3867 hci_pscan_rep_mode_evt(hdev, skb);
3868 break;
3869
a9de9248
MH		 3870 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3871 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3872 break;
3873
a9de9248
MH		 3874 case HCI_EV_REMOTE_EXT_FEATURES:
3875 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3876 break;
3877
a9de9248
MH		 3878 case HCI_EV_SYNC_CONN_COMPLETE:
3879 hci_sync_conn_complete_evt(hdev, skb);
3880 break;
1da177e4 3881
a9de9248
MH		 3882 case HCI_EV_SYNC_CONN_CHANGED:
3883 hci_sync_conn_changed_evt(hdev, skb);
3884 break;
1da177e4 3885
a9de9248
MH		 3886 case HCI_EV_SNIFF_SUBRATE:
3887 hci_sniff_subrate_evt(hdev, skb);
3888 break;
1da177e4 3889
a9de9248
MH		 3890 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3891 hci_extended_inquiry_result_evt(hdev, skb);
3892 break;
1da177e4 3893
1c2e0041
JH		 3894 case HCI_EV_KEY_REFRESH_COMPLETE:
3895 hci_key_refresh_complete_evt(hdev, skb);
3896 break;
3897
0493684e
MH		 3898 case HCI_EV_IO_CAPA_REQUEST:
3899 hci_io_capa_request_evt(hdev, skb);
3900 break;
3901
03b555e1
JH		 3902 case HCI_EV_IO_CAPA_REPLY:
3903 hci_io_capa_reply_evt(hdev, skb);
3904 break;
3905
a5c29683
JH		 3906 case HCI_EV_USER_CONFIRM_REQUEST:
3907 hci_user_confirm_request_evt(hdev, skb);
3908 break;
3909
1143d458
BG		 3910 case HCI_EV_USER_PASSKEY_REQUEST:
3911 hci_user_passkey_request_evt(hdev, skb);
3912 break;
3913
92a25256
JH		 3914 case HCI_EV_USER_PASSKEY_NOTIFY:
3915 hci_user_passkey_notify_evt(hdev, skb);
3916 break;
3917
3918 case HCI_EV_KEYPRESS_NOTIFY:
3919 hci_keypress_notify_evt(hdev, skb);
3920 break;
3921
0493684e
MH		 3922 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3923 hci_simple_pair_complete_evt(hdev, skb);
3924 break;
3925
41a96212
MH		 3926 case HCI_EV_REMOTE_HOST_FEATURES:
3927 hci_remote_host_features_evt(hdev, skb);
3928 break;
3929
fcd89c09
VT		 3930 case HCI_EV_LE_META:
3931 hci_le_meta_evt(hdev, skb);
3932 break;
3933
9495b2ee
AE		 3934 case HCI_EV_CHANNEL_SELECTED:
3935 hci_chan_selected_evt(hdev, skb);
3936 break;
3937
2763eda6
SJ		 3938 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3939 hci_remote_oob_data_request_evt(hdev, skb);
3940 break;
3941
25e89e99
AE		 3942 case HCI_EV_NUM_COMP_BLOCKS:
3943 hci_num_comp_blocks_evt(hdev, skb);
3944 break;
3945
a9de9248 3946 default:
9f1db00c 3947 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3948 break;
3949 }
3950
3951 kfree_skb(skb);
3952 hdev->stat.evt_rx++;
3953}
kernel source for telekom puls (alcatel/mediatek)