projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add support for resuming socket when SMP is finished
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
1da177e4
LT		 48/* Handle HCI Event packets */
49
a9de9248 50static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 51{
a9de9248 52 __u8 status = *((__u8 *) skb->data);
1da177e4 53
a9de9248 54 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 55
a9de9248
MH		 56 if (status)
57 return;
1da177e4 58
314b2381
JH		 59 if (test_bit(HCI_MGMT, &hdev->flags) &&
60 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
61 mgmt_discovering(hdev->id, 0);
6bd57416 62
23bb5763 63 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 64
65 hci_conn_check_pending(hdev);
66}
6bd57416 67
a9de9248
MH		 68static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
69{
70 __u8 status = *((__u8 *) skb->data);
6bd57416 71
a9de9248 72 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 73
a9de9248
MH		 74 if (status)
75 return;
1da177e4 76
314b2381
JH		 77 if (test_bit(HCI_MGMT, &hdev->flags) &&
78 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
79 mgmt_discovering(hdev->id, 0);
a9de9248
MH		 80
81 hci_conn_check_pending(hdev);
82}
83
84static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
85{
86 BT_DBG("%s", hdev->name);
87}
88
89static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
90{
91 struct hci_rp_role_discovery *rp = (void *) skb->data;
92 struct hci_conn *conn;
93
94 BT_DBG("%s status 0x%x", hdev->name, rp->status);
95
96 if (rp->status)
97 return;
98
99 hci_dev_lock(hdev);
100
101 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
102 if (conn) {
103 if (rp->role)
104 conn->link_mode &= ~HCI_LM_MASTER;
105 else
106 conn->link_mode |= HCI_LM_MASTER;
1da177e4 107 }
a9de9248
MH		 108
109 hci_dev_unlock(hdev);
1da177e4
LT		 110}
111
e4e8e37c
MH		 112static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
113{
114 struct hci_rp_read_link_policy *rp = (void *) skb->data;
115 struct hci_conn *conn;
116
117 BT_DBG("%s status 0x%x", hdev->name, rp->status);
118
119 if (rp->status)
120 return;
121
122 hci_dev_lock(hdev);
123
124 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
125 if (conn)
126 conn->link_policy = __le16_to_cpu(rp->policy);
127
128 hci_dev_unlock(hdev);
129}
130
a9de9248 131static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 132{
a9de9248 133 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 134 struct hci_conn *conn;
04837f64 135 void *sent;
1da177e4 136
a9de9248 137 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 138
a9de9248
MH		 139 if (rp->status)
140 return;
1da177e4 141
a9de9248
MH		 142 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
143 if (!sent)
144 return;
1da177e4 145
a9de9248 146 hci_dev_lock(hdev);
1da177e4 147
a9de9248 148 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 149 if (conn)
83985319 150 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 151
a9de9248
MH		 152 hci_dev_unlock(hdev);
153}
1da177e4 154
e4e8e37c
MH		 155static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
156{
157 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
158
159 BT_DBG("%s status 0x%x", hdev->name, rp->status);
160
161 if (rp->status)
162 return;
163
164 hdev->link_policy = __le16_to_cpu(rp->policy);
165}
166
167static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
168{
169 __u8 status = *((__u8 *) skb->data);
170 void *sent;
171
172 BT_DBG("%s status 0x%x", hdev->name, status);
173
174 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
175 if (!sent)
176 return;
177
178 if (!status)
179 hdev->link_policy = get_unaligned_le16(sent);
180
23bb5763 181 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 182}
183
a9de9248
MH		 184static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
185{
186 __u8 status = *((__u8 *) skb->data);
04837f64 187
a9de9248 188 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 189
10572132
GP		 190 clear_bit(HCI_RESET, &hdev->flags);
191
23bb5763 192 hci_req_complete(hdev, HCI_OP_RESET, status);
a9de9248 193}
04837f64 194
a9de9248
MH		 195static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
196{
197 __u8 status = *((__u8 *) skb->data);
198 void *sent;
04837f64 199
a9de9248 200 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 201
a9de9248
MH		 202 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
203 if (!sent)
204 return;
04837f64 205
b312b161
JH		 206 if (test_bit(HCI_MGMT, &hdev->flags))
207 mgmt_set_local_name_complete(hdev->id, sent, status);
208
209 if (status)
210 return;
211
1f6c6378 212 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 213}
214
215static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
216{
217 struct hci_rp_read_local_name *rp = (void *) skb->data;
218
219 BT_DBG("%s status 0x%x", hdev->name, rp->status);
220
221 if (rp->status)
222 return;
223
1f6c6378 224 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 225}
226
227static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
228{
229 __u8 status = *((__u8 *) skb->data);
230 void *sent;
231
232 BT_DBG("%s status 0x%x", hdev->name, status);
233
234 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
235 if (!sent)
236 return;
237
238 if (!status) {
239 __u8 param = *((__u8 *) sent);
240
241 if (param == AUTH_ENABLED)
242 set_bit(HCI_AUTH, &hdev->flags);
243 else
244 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 245 }
a9de9248 246
23bb5763 247 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 248}
249
a9de9248 250static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 251{
a9de9248 252 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 253 void *sent;
254
a9de9248 255 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 256
a9de9248
MH		 257 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
258 if (!sent)
259 return;
1da177e4 260
a9de9248
MH		 261 if (!status) {
262 __u8 param = *((__u8 *) sent);
263
264 if (param)
265 set_bit(HCI_ENCRYPT, &hdev->flags);
266 else
267 clear_bit(HCI_ENCRYPT, &hdev->flags);
268 }
1da177e4 269
23bb5763 270 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 271}
1da177e4 272
a9de9248
MH		 273static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
274{
275 __u8 status = *((__u8 *) skb->data);
276 void *sent;
1da177e4 277
a9de9248 278 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 279
a9de9248
MH		 280 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
281 if (!sent)
282 return;
1da177e4 283
a9de9248
MH		 284 if (!status) {
285 __u8 param = *((__u8 *) sent);
9fbcbb45 286 int old_pscan, old_iscan;
1da177e4 287
9fbcbb45
JH		 288 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
289 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
1da177e4 290
73f22f62 291 if (param & SCAN_INQUIRY) {
a9de9248 292 set_bit(HCI_ISCAN, &hdev->flags);
9fbcbb45
JH		 293 if (!old_iscan)
294 mgmt_discoverable(hdev->id, 1);
295 } else if (old_iscan)
73f22f62 296 mgmt_discoverable(hdev->id, 0);
1da177e4 297
9fbcbb45 298 if (param & SCAN_PAGE) {
a9de9248 299 set_bit(HCI_PSCAN, &hdev->flags);
9fbcbb45
JH		 300 if (!old_pscan)
301 mgmt_connectable(hdev->id, 1);
302 } else if (old_pscan)
303 mgmt_connectable(hdev->id, 0);
a9de9248 304 }
1da177e4 305
23bb5763 306 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 307}
1da177e4 308
a9de9248
MH		 309static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
310{
311 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 312
a9de9248 313 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 314
a9de9248
MH		 315 if (rp->status)
316 return;
1da177e4 317
a9de9248 318 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 319
a9de9248
MH		 320 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
321 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
322}
1da177e4 323
a9de9248
MH		 324static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
325{
326 __u8 status = *((__u8 *) skb->data);
327 void *sent;
1da177e4 328
a9de9248 329 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 330
f383f275
MH		 331 if (status)
332 return;
333
a9de9248
MH		 334 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
335 if (!sent)
336 return;
1da177e4 337
f383f275 338 memcpy(hdev->dev_class, sent, 3);
a9de9248 339}
1da177e4 340
a9de9248
MH		 341static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
342{
343 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
344 __u16 setting;
345
346 BT_DBG("%s status 0x%x", hdev->name, rp->status);
347
348 if (rp->status)
349 return;
350
351 setting = __le16_to_cpu(rp->voice_setting);
352
f383f275 353 if (hdev->voice_setting == setting)
a9de9248
MH		 354 return;
355
356 hdev->voice_setting = setting;
357
358 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
359
360 if (hdev->notify) {
361 tasklet_disable(&hdev->tx_task);
362 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
363 tasklet_enable(&hdev->tx_task);
364 }
365}
366
367static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
368{
369 __u8 status = *((__u8 *) skb->data);
f383f275 370 __u16 setting;
a9de9248
MH		 371 void *sent;
372
373 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 374
f383f275
MH		 375 if (status)
376 return;
377
a9de9248
MH		 378 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
379 if (!sent)
380 return;
1da177e4 381
f383f275 382 setting = get_unaligned_le16(sent);
1da177e4 383
f383f275
MH		 384 if (hdev->voice_setting == setting)
385 return;
386
387 hdev->voice_setting = setting;
1da177e4 388
f383f275 389 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 390
f383f275
MH		 391 if (hdev->notify) {
392 tasklet_disable(&hdev->tx_task);
393 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
394 tasklet_enable(&hdev->tx_task);
1da177e4
LT		 395 }
396}
397
a9de9248 398static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 399{
a9de9248 400 __u8 status = *((__u8 *) skb->data);
1da177e4 401
a9de9248 402 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 403
23bb5763 404 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 405}
1143e5a6 406
333140b5
MH		 407static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
408{
409 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
410
411 BT_DBG("%s status 0x%x", hdev->name, rp->status);
412
413 if (rp->status)
414 return;
415
416 hdev->ssp_mode = rp->mode;
417}
418
419static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
420{
421 __u8 status = *((__u8 *) skb->data);
422 void *sent;
423
424 BT_DBG("%s status 0x%x", hdev->name, status);
425
426 if (status)
427 return;
428
429 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
430 if (!sent)
431 return;
432
433 hdev->ssp_mode = *((__u8 *) sent);
434}
435
d5859e22
JH		 436static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
437{
438 if (hdev->features[6] & LMP_EXT_INQ)
439 return 2;
440
441 if (hdev->features[3] & LMP_RSSI_INQ)
442 return 1;
443
444 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
445 hdev->lmp_subver == 0x0757)
446 return 1;
447
448 if (hdev->manufacturer == 15) {
449 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
450 return 1;
451 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
452 return 1;
453 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
454 return 1;
455 }
456
457 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
458 hdev->lmp_subver == 0x1805)
459 return 1;
460
461 return 0;
462}
463
464static void hci_setup_inquiry_mode(struct hci_dev *hdev)
465{
466 u8 mode;
467
468 mode = hci_get_inquiry_mode(hdev);
469
470 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
471}
472
473static void hci_setup_event_mask(struct hci_dev *hdev)
474{
475 /* The second byte is 0xff instead of 0x9f (two reserved bits
476 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
477 * command otherwise */
478 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
479
6de6c18d
VT		 480 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
481 * any event mask for pre 1.2 devices */
482 if (hdev->lmp_ver <= 1)
483 return;
484
485 events[4] |= 0x01; /* Flow Specification Complete */
486 events[4] |= 0x02; /* Inquiry Result with RSSI */
487 events[4] |= 0x04; /* Read Remote Extended Features Complete */
488 events[5] |= 0x08; /* Synchronous Connection Complete */
489 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 490
491 if (hdev->features[3] & LMP_RSSI_INQ)
492 events[4] |= 0x04; /* Inquiry Result with RSSI */
493
494 if (hdev->features[5] & LMP_SNIFF_SUBR)
495 events[5] |= 0x20; /* Sniff Subrating */
496
497 if (hdev->features[5] & LMP_PAUSE_ENC)
498 events[5] |= 0x80; /* Encryption Key Refresh Complete */
499
500 if (hdev->features[6] & LMP_EXT_INQ)
501 events[5] |= 0x40; /* Extended Inquiry Result */
502
503 if (hdev->features[6] & LMP_NO_FLUSH)
504 events[7] |= 0x01; /* Enhanced Flush Complete */
505
506 if (hdev->features[7] & LMP_LSTO)
507 events[6] |= 0x80; /* Link Supervision Timeout Changed */
508
509 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
510 events[6] |= 0x01; /* IO Capability Request */
511 events[6] |= 0x02; /* IO Capability Response */
512 events[6] |= 0x04; /* User Confirmation Request */
513 events[6] |= 0x08; /* User Passkey Request */
514 events[6] |= 0x10; /* Remote OOB Data Request */
515 events[6] |= 0x20; /* Simple Pairing Complete */
516 events[7] |= 0x04; /* User Passkey Notification */
517 events[7] |= 0x08; /* Keypress Notification */
518 events[7] |= 0x10; /* Remote Host Supported
519 * Features Notification */
520 }
521
522 if (hdev->features[4] & LMP_LE)
523 events[7] |= 0x20; /* LE Meta-Event */
524
525 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
526}
527
528static void hci_setup(struct hci_dev *hdev)
529{
530 hci_setup_event_mask(hdev);
531
532 if (hdev->lmp_ver > 1)
533 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
534
535 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
536 u8 mode = 0x01;
537 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
538 }
539
540 if (hdev->features[3] & LMP_RSSI_INQ)
541 hci_setup_inquiry_mode(hdev);
542
543 if (hdev->features[7] & LMP_INQ_TX_PWR)
544 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
545}
546
a9de9248
MH		 547static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
548{
549 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 550
a9de9248 551 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 552
a9de9248
MH		 553 if (rp->status)
554 return;
1143e5a6 555
a9de9248 556 hdev->hci_ver = rp->hci_ver;
e4e8e37c 557 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 558 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 559 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 560 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 561
a9de9248
MH		 562 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
563 hdev->manufacturer,
564 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 565
566 if (test_bit(HCI_INIT, &hdev->flags))
567 hci_setup(hdev);
568}
569
570static void hci_setup_link_policy(struct hci_dev *hdev)
571{
572 u16 link_policy = 0;
573
574 if (hdev->features[0] & LMP_RSWITCH)
575 link_policy |= HCI_LP_RSWITCH;
576 if (hdev->features[0] & LMP_HOLD)
577 link_policy |= HCI_LP_HOLD;
578 if (hdev->features[0] & LMP_SNIFF)
579 link_policy |= HCI_LP_SNIFF;
580 if (hdev->features[1] & LMP_PARK)
581 link_policy |= HCI_LP_PARK;
582
583 link_policy = cpu_to_le16(link_policy);
584 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
585 sizeof(link_policy), &link_policy);
a9de9248 586}
1da177e4 587
a9de9248
MH		 588static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
589{
590 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 591
a9de9248 592 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 593
a9de9248 594 if (rp->status)
d5859e22 595 goto done;
1da177e4 596
a9de9248 597 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 598
599 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
600 hci_setup_link_policy(hdev);
601
602done:
603 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 604}
1da177e4 605
a9de9248
MH		 606static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
607{
608 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 609
a9de9248 610 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 611
a9de9248
MH		 612 if (rp->status)
613 return;
5b7f9909 614
a9de9248 615 memcpy(hdev->features, rp->features, 8);
5b7f9909 616
a9de9248
MH		 617 /* Adjust default settings according to features
618 * supported by device. */
1da177e4 619
a9de9248
MH		 620 if (hdev->features[0] & LMP_3SLOT)
621 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 622
a9de9248
MH		 623 if (hdev->features[0] & LMP_5SLOT)
624 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 625
a9de9248
MH		 626 if (hdev->features[1] & LMP_HV2) {
627 hdev->pkt_type |= (HCI_HV2);
628 hdev->esco_type |= (ESCO_HV2);
629 }
1da177e4 630
a9de9248
MH		 631 if (hdev->features[1] & LMP_HV3) {
632 hdev->pkt_type |= (HCI_HV3);
633 hdev->esco_type |= (ESCO_HV3);
634 }
1da177e4 635
a9de9248
MH		 636 if (hdev->features[3] & LMP_ESCO)
637 hdev->esco_type |= (ESCO_EV3);
da1f5198 638
a9de9248
MH		 639 if (hdev->features[4] & LMP_EV4)
640 hdev->esco_type |= (ESCO_EV4);
da1f5198 641
a9de9248
MH		 642 if (hdev->features[4] & LMP_EV5)
643 hdev->esco_type |= (ESCO_EV5);
1da177e4 644
efc7688b
MH		 645 if (hdev->features[5] & LMP_EDR_ESCO_2M)
646 hdev->esco_type |= (ESCO_2EV3);
647
648 if (hdev->features[5] & LMP_EDR_ESCO_3M)
649 hdev->esco_type |= (ESCO_3EV3);
650
651 if (hdev->features[5] & LMP_EDR_3S_ESCO)
652 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
653
a9de9248
MH		 654 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
655 hdev->features[0], hdev->features[1],
656 hdev->features[2], hdev->features[3],
657 hdev->features[4], hdev->features[5],
658 hdev->features[6], hdev->features[7]);
659}
1da177e4 660
a9de9248
MH		 661static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
662{
663 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 664
a9de9248 665 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 666
a9de9248
MH		 667 if (rp->status)
668 return;
1da177e4 669
a9de9248
MH		 670 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
671 hdev->sco_mtu = rp->sco_mtu;
672 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
673 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
674
675 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
676 hdev->sco_mtu = 64;
677 hdev->sco_pkts = 8;
1da177e4 678 }
a9de9248
MH		 679
680 hdev->acl_cnt = hdev->acl_pkts;
681 hdev->sco_cnt = hdev->sco_pkts;
682
683 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
684 hdev->acl_mtu, hdev->acl_pkts,
685 hdev->sco_mtu, hdev->sco_pkts);
686}
687
688static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
689{
690 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
691
692 BT_DBG("%s status 0x%x", hdev->name, rp->status);
693
694 if (!rp->status)
695 bacpy(&hdev->bdaddr, &rp->bdaddr);
696
23bb5763
JH		 697 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
698}
699
700static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
701{
702 __u8 status = *((__u8 *) skb->data);
703
704 BT_DBG("%s status 0x%x", hdev->name, status);
705
706 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 707}
708
b0916ea0
JH		 709static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
710 struct sk_buff *skb)
711{
712 __u8 status = *((__u8 *) skb->data);
713
714 BT_DBG("%s status 0x%x", hdev->name, status);
715
716 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
717}
718
d5859e22
JH		 719static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
720{
721 __u8 status = *((__u8 *) skb->data);
722
723 BT_DBG("%s status 0x%x", hdev->name, status);
724
725 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
726}
727
728static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
729 struct sk_buff *skb)
730{
731 __u8 status = *((__u8 *) skb->data);
732
733 BT_DBG("%s status 0x%x", hdev->name, status);
734
735 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
736}
737
738static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
739 struct sk_buff *skb)
740{
741 __u8 status = *((__u8 *) skb->data);
742
743 BT_DBG("%s status 0x%x", hdev->name, status);
744
745 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
746}
747
748static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
749{
750 __u8 status = *((__u8 *) skb->data);
751
752 BT_DBG("%s status 0x%x", hdev->name, status);
753
754 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
755}
756
980e1a53
JH		 757static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
758{
759 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
760 struct hci_cp_pin_code_reply *cp;
761 struct hci_conn *conn;
762
763 BT_DBG("%s status 0x%x", hdev->name, rp->status);
764
765 if (test_bit(HCI_MGMT, &hdev->flags))
766 mgmt_pin_code_reply_complete(hdev->id, &rp->bdaddr, rp->status);
767
768 if (rp->status != 0)
769 return;
770
771 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
772 if (!cp)
773 return;
774
775 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
776 if (conn)
777 conn->pin_length = cp->pin_len;
778}
779
780static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
781{
782 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
783
784 BT_DBG("%s status 0x%x", hdev->name, rp->status);
785
786 if (test_bit(HCI_MGMT, &hdev->flags))
787 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
788 rp->status);
789}
6ed58ec5
VT		 790static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
791 struct sk_buff *skb)
792{
793 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
794
795 BT_DBG("%s status 0x%x", hdev->name, rp->status);
796
797 if (rp->status)
798 return;
799
800 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
801 hdev->le_pkts = rp->le_max_pkt;
802
803 hdev->le_cnt = hdev->le_pkts;
804
805 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
806
807 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
808}
980e1a53 809
a5c29683
JH		 810static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
811{
812 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
813
814 BT_DBG("%s status 0x%x", hdev->name, rp->status);
815
816 if (test_bit(HCI_MGMT, &hdev->flags))
817 mgmt_user_confirm_reply_complete(hdev->id, &rp->bdaddr,
818 rp->status);
819}
820
821static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
822 struct sk_buff *skb)
823{
824 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
825
826 BT_DBG("%s status 0x%x", hdev->name, rp->status);
827
828 if (test_bit(HCI_MGMT, &hdev->flags))
829 mgmt_user_confirm_neg_reply_complete(hdev->id, &rp->bdaddr,
830 rp->status);
831}
832
c35938b2
SJ		 833static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
834 struct sk_buff *skb)
835{
836 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
837
838 BT_DBG("%s status 0x%x", hdev->name, rp->status);
839
840 mgmt_read_local_oob_data_reply_complete(hdev->id, rp->hash,
841 rp->randomizer, rp->status);
842}
843
eb9d91f5
AG		 844static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
845 struct sk_buff *skb)
846{
847 struct hci_cp_le_set_scan_enable *cp;
848 __u8 status = *((__u8 *) skb->data);
849
850 BT_DBG("%s status 0x%x", hdev->name, status);
851
852 if (status)
853 return;
854
855 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
856 if (!cp)
857 return;
858
859 hci_dev_lock(hdev);
860
35815085
AG		 861 if (cp->enable == 0x01) {
862 del_timer(&hdev->adv_timer);
eb9d91f5 863 hci_adv_entries_clear(hdev);
35815085
AG		 864 } else if (cp->enable == 0x00) {
865 mod_timer(&hdev->adv_timer, jiffies + ADV_CLEAR_TIMEOUT);
866 }
eb9d91f5
AG		 867
868 hci_dev_unlock(hdev);
869}
870
a7a595f6
VCG		 871static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
872{
873 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
874
875 BT_DBG("%s status 0x%x", hdev->name, rp->status);
876
877 if (rp->status)
878 return;
879
880 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
881}
882
883static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
884{
885 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
886
887 BT_DBG("%s status 0x%x", hdev->name, rp->status);
888
889 if (rp->status)
890 return;
891
892 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
893}
894
a9de9248
MH		 895static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
896{
897 BT_DBG("%s status 0x%x", hdev->name, status);
898
899 if (status) {
23bb5763 900 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 901 hci_conn_check_pending(hdev);
314b2381
JH		 902 return;
903 }
904
905 if (test_bit(HCI_MGMT, &hdev->flags) &&
906 !test_and_set_bit(HCI_INQUIRY,
907 &hdev->flags))
908 mgmt_discovering(hdev->id, 1);
1da177e4
LT		 909}
910
1da177e4
LT		 911static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
912{
a9de9248 913 struct hci_cp_create_conn *cp;
1da177e4 914 struct hci_conn *conn;
1da177e4 915
a9de9248
MH		 916 BT_DBG("%s status 0x%x", hdev->name, status);
917
918 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 919 if (!cp)
920 return;
921
922 hci_dev_lock(hdev);
923
924 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
925
a9de9248 926 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 927
928 if (status) {
929 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 930 if (status != 0x0c || conn->attempt > 2) {
931 conn->state = BT_CLOSED;
932 hci_proto_connect_cfm(conn, status);
933 hci_conn_del(conn);
934 } else
935 conn->state = BT_CONNECT2;
1da177e4
LT		 936 }
937 } else {
938 if (!conn) {
939 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
940 if (conn) {
941 conn->out = 1;
942 conn->link_mode |= HCI_LM_MASTER;
943 } else
893ef971 944 BT_ERR("No memory for new connection");
1da177e4
LT		 945 }
946 }
947
948 hci_dev_unlock(hdev);
949}
950
a9de9248 951static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 952{
a9de9248
MH		 953 struct hci_cp_add_sco *cp;
954 struct hci_conn *acl, *sco;
955 __u16 handle;
1da177e4 956
b6a0dc82
MH		 957 BT_DBG("%s status 0x%x", hdev->name, status);
958
a9de9248
MH		 959 if (!status)
960 return;
1da177e4 961
a9de9248
MH		 962 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
963 if (!cp)
964 return;
1da177e4 965
a9de9248 966 handle = __le16_to_cpu(cp->handle);
1da177e4 967
a9de9248 968 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 969
a9de9248 970 hci_dev_lock(hdev);
1da177e4 971
a9de9248 972 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 973 if (acl) {
974 sco = acl->link;
975 if (sco) {
976 sco->state = BT_CLOSED;
1da177e4 977
5a08ecce
AE		 978 hci_proto_connect_cfm(sco, status);
979 hci_conn_del(sco);
980 }
a9de9248 981 }
1da177e4 982
a9de9248
MH		 983 hci_dev_unlock(hdev);
984}
1da177e4 985
f8558555
MH		 986static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
987{
988 struct hci_cp_auth_requested *cp;
989 struct hci_conn *conn;
990
991 BT_DBG("%s status 0x%x", hdev->name, status);
992
993 if (!status)
994 return;
995
996 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
997 if (!cp)
998 return;
999
1000 hci_dev_lock(hdev);
1001
1002 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1003 if (conn) {
1004 if (conn->state == BT_CONFIG) {
1005 hci_proto_connect_cfm(conn, status);
1006 hci_conn_put(conn);
1007 }
1008 }
1009
1010 hci_dev_unlock(hdev);
1011}
1012
1013static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1014{
1015 struct hci_cp_set_conn_encrypt *cp;
1016 struct hci_conn *conn;
1017
1018 BT_DBG("%s status 0x%x", hdev->name, status);
1019
1020 if (!status)
1021 return;
1022
1023 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1024 if (!cp)
1025 return;
1026
1027 hci_dev_lock(hdev);
1028
1029 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1030 if (conn) {
1031 if (conn->state == BT_CONFIG) {
1032 hci_proto_connect_cfm(conn, status);
1033 hci_conn_put(conn);
1034 }
1035 }
1036
1037 hci_dev_unlock(hdev);
1038}
1039
127178d2 1040static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1041 struct hci_conn *conn)
392599b9 1042{
392599b9
JH		 1043 if (conn->state != BT_CONFIG || !conn->out)
1044 return 0;
1045
765c2a96 1046 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1047 return 0;
1048
1049 /* Only request authentication for SSP connections or non-SSP
1050 * devices with sec_level HIGH */
1051 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
765c2a96 1052 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1053 return 0;
1054
392599b9
JH		 1055 return 1;
1056}
1057
a9de9248
MH		 1058static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1059{
127178d2
JH		 1060 struct hci_cp_remote_name_req *cp;
1061 struct hci_conn *conn;
1062
a9de9248 1063 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1064
1065 /* If successful wait for the name req complete event before
1066 * checking for the need to do authentication */
1067 if (!status)
1068 return;
1069
1070 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1071 if (!cp)
1072 return;
1073
1074 hci_dev_lock(hdev);
1075
1076 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
79c6c70c
JH		 1077 if (!conn)
1078 goto unlock;
1079
1080 if (!hci_outgoing_auth_needed(hdev, conn))
1081 goto unlock;
1082
1083 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
127178d2
JH		 1084 struct hci_cp_auth_requested cp;
1085 cp.handle = __cpu_to_le16(conn->handle);
1086 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1087 }
1088
79c6c70c 1089unlock:
127178d2 1090 hci_dev_unlock(hdev);
a9de9248 1091}
1da177e4 1092
769be974
MH		 1093static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1094{
1095 struct hci_cp_read_remote_features *cp;
1096 struct hci_conn *conn;
1097
1098 BT_DBG("%s status 0x%x", hdev->name, status);
1099
1100 if (!status)
1101 return;
1102
1103 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1104 if (!cp)
1105 return;
1106
1107 hci_dev_lock(hdev);
1108
1109 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1110 if (conn) {
1111 if (conn->state == BT_CONFIG) {
769be974
MH		 1112 hci_proto_connect_cfm(conn, status);
1113 hci_conn_put(conn);
1114 }
1115 }
1116
1117 hci_dev_unlock(hdev);
1118}
1119
1120static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1121{
1122 struct hci_cp_read_remote_ext_features *cp;
1123 struct hci_conn *conn;
1124
1125 BT_DBG("%s status 0x%x", hdev->name, status);
1126
1127 if (!status)
1128 return;
1129
1130 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1131 if (!cp)
1132 return;
1133
1134 hci_dev_lock(hdev);
1135
1136 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1137 if (conn) {
1138 if (conn->state == BT_CONFIG) {
769be974
MH		 1139 hci_proto_connect_cfm(conn, status);
1140 hci_conn_put(conn);
1141 }
1142 }
1143
1144 hci_dev_unlock(hdev);
1145}
1146
a9de9248
MH		 1147static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1148{
b6a0dc82
MH		 1149 struct hci_cp_setup_sync_conn *cp;
1150 struct hci_conn *acl, *sco;
1151 __u16 handle;
1152
a9de9248 1153 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1154
1155 if (!status)
1156 return;
1157
1158 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1159 if (!cp)
1160 return;
1161
1162 handle = __le16_to_cpu(cp->handle);
1163
1164 BT_DBG("%s handle %d", hdev->name, handle);
1165
1166 hci_dev_lock(hdev);
1167
1168 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1169 if (acl) {
1170 sco = acl->link;
1171 if (sco) {
1172 sco->state = BT_CLOSED;
b6a0dc82 1173
5a08ecce
AE		 1174 hci_proto_connect_cfm(sco, status);
1175 hci_conn_del(sco);
1176 }
b6a0dc82
MH		 1177 }
1178
1179 hci_dev_unlock(hdev);
1da177e4
LT		 1180}
1181
a9de9248 1182static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1183{
a9de9248
MH		 1184 struct hci_cp_sniff_mode *cp;
1185 struct hci_conn *conn;
1da177e4 1186
a9de9248 1187 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1188
a9de9248
MH		 1189 if (!status)
1190 return;
04837f64 1191
a9de9248
MH		 1192 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1193 if (!cp)
1194 return;
04837f64 1195
a9de9248 1196 hci_dev_lock(hdev);
04837f64 1197
a9de9248 1198 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1199 if (conn) {
a9de9248 1200 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
04837f64 1201
e73439d8
MH		 1202 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1203 hci_sco_setup(conn, status);
1204 }
1205
a9de9248
MH		 1206 hci_dev_unlock(hdev);
1207}
04837f64 1208
a9de9248
MH		 1209static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1210{
1211 struct hci_cp_exit_sniff_mode *cp;
1212 struct hci_conn *conn;
04837f64 1213
a9de9248 1214 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1215
a9de9248
MH		 1216 if (!status)
1217 return;
04837f64 1218
a9de9248
MH		 1219 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1220 if (!cp)
1221 return;
04837f64 1222
a9de9248 1223 hci_dev_lock(hdev);
1da177e4 1224
a9de9248 1225 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1226 if (conn) {
a9de9248 1227 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1da177e4 1228
e73439d8
MH		 1229 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1230 hci_sco_setup(conn, status);
1231 }
1232
a9de9248 1233 hci_dev_unlock(hdev);
1da177e4
LT		 1234}
1235
fcd89c09
VT		 1236static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1237{
1238 struct hci_cp_le_create_conn *cp;
1239 struct hci_conn *conn;
1240
1241 BT_DBG("%s status 0x%x", hdev->name, status);
1242
1243 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1244 if (!cp)
1245 return;
1246
1247 hci_dev_lock(hdev);
1248
1249 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1250
1251 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1252 conn);
1253
1254 if (status) {
1255 if (conn && conn->state == BT_CONNECT) {
1256 conn->state = BT_CLOSED;
1257 hci_proto_connect_cfm(conn, status);
1258 hci_conn_del(conn);
1259 }
1260 } else {
1261 if (!conn) {
1262 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1263 if (conn) {
1264 conn->dst_type = cp->peer_addr_type;
fcd89c09 1265 conn->out = 1;
29b7988a 1266 } else {
fcd89c09 1267 BT_ERR("No memory for new connection");
29b7988a 1268 }
fcd89c09
VT		 1269 }
1270 }
1271
1272 hci_dev_unlock(hdev);
1273}
1274
a7a595f6
VCG		 1275static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1276{
1277 BT_DBG("%s status 0x%x", hdev->name, status);
1278}
1279
1da177e4
LT		 1280static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1281{
1282 __u8 status = *((__u8 *) skb->data);
1283
1284 BT_DBG("%s status %d", hdev->name, status);
1285
314b2381
JH		 1286 if (test_bit(HCI_MGMT, &hdev->flags) &&
1287 test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1288 mgmt_discovering(hdev->id, 0);
6bd57416 1289
23bb5763 1290 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1291
a9de9248 1292 hci_conn_check_pending(hdev);
1da177e4
LT		 1293}
1294
1da177e4
LT		 1295static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1296{
45bb4bf0 1297 struct inquiry_data data;
a9de9248 1298 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1299 int num_rsp = *((__u8 *) skb->data);
1300
1301 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1302
45bb4bf0
MH		 1303 if (!num_rsp)
1304 return;
1305
1da177e4 1306 hci_dev_lock(hdev);
45bb4bf0 1307
314b2381
JH		 1308 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
1309
1310 if (test_bit(HCI_MGMT, &hdev->flags))
1311 mgmt_discovering(hdev->id, 1);
1312 }
1313
e17acd40 1314 for (; num_rsp; num_rsp--, info++) {
1da177e4
LT		 1315 bacpy(&data.bdaddr, &info->bdaddr);
1316 data.pscan_rep_mode = info->pscan_rep_mode;
1317 data.pscan_period_mode = info->pscan_period_mode;
1318 data.pscan_mode = info->pscan_mode;
1319 memcpy(data.dev_class, info->dev_class, 3);
1320 data.clock_offset = info->clock_offset;
1321 data.rssi = 0x00;
41a96212 1322 data.ssp_mode = 0x00;
1da177e4 1323 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 1324 mgmt_device_found(hdev->id, &info->bdaddr, info->dev_class, 0,
1325 NULL);
1da177e4 1326 }
45bb4bf0 1327
1da177e4
LT		 1328 hci_dev_unlock(hdev);
1329}
1330
1da177e4
LT		 1331static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1332{
a9de9248
MH		 1333 struct hci_ev_conn_complete *ev = (void *) skb->data;
1334 struct hci_conn *conn;
1da177e4
LT		 1335
1336 BT_DBG("%s", hdev->name);
1337
1338 hci_dev_lock(hdev);
1339
1340 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1341 if (!conn) {
1342 if (ev->link_type != SCO_LINK)
1343 goto unlock;
1344
1345 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1346 if (!conn)
1347 goto unlock;
1348
1349 conn->type = SCO_LINK;
1350 }
1da177e4
LT		 1351
1352 if (!ev->status) {
1353 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1354
1355 if (conn->type == ACL_LINK) {
1356 conn->state = BT_CONFIG;
1357 hci_conn_hold(conn);
052b30b0 1358 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
f7520543 1359 mgmt_connected(hdev->id, &ev->bdaddr);
769be974
MH		 1360 } else
1361 conn->state = BT_CONNECTED;
1da177e4 1362
9eba32b8 1363 hci_conn_hold_device(conn);
7d0db0a3
MH		 1364 hci_conn_add_sysfs(conn);
1365
1da177e4
LT		 1366 if (test_bit(HCI_AUTH, &hdev->flags))
1367 conn->link_mode |= HCI_LM_AUTH;
1368
1369 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1370 conn->link_mode |= HCI_LM_ENCRYPT;
1371
04837f64
MH		 1372 /* Get remote features */
1373 if (conn->type == ACL_LINK) {
1374 struct hci_cp_read_remote_features cp;
1375 cp.handle = ev->handle;
769be974
MH		 1376 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1377 sizeof(cp), &cp);
04837f64
MH		 1378 }
1379
1da177e4 1380 /* Set packet type for incoming connection */
a8746417 1381 if (!conn->out && hdev->hci_ver < 3) {
1da177e4
LT		 1382 struct hci_cp_change_conn_ptype cp;
1383 cp.handle = ev->handle;
a8746417
MH		 1384 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1385 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1386 sizeof(cp), &cp);
1da177e4 1387 }
17d5c04c 1388 } else {
1da177e4 1389 conn->state = BT_CLOSED;
17d5c04c
JH		 1390 if (conn->type == ACL_LINK)
1391 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1392 }
1da177e4 1393
e73439d8
MH		 1394 if (conn->type == ACL_LINK)
1395 hci_sco_setup(conn, ev->status);
1da177e4 1396
769be974
MH		 1397 if (ev->status) {
1398 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1399 hci_conn_del(conn);
c89b6e6b
MH		 1400 } else if (ev->link_type != ACL_LINK)
1401 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1402
a9de9248 1403unlock:
1da177e4 1404 hci_dev_unlock(hdev);
1da177e4 1405
a9de9248 1406 hci_conn_check_pending(hdev);
1da177e4
LT		 1407}
1408
a9de9248 1409static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1410{
a9de9248
MH		 1411 struct hci_ev_conn_request *ev = (void *) skb->data;
1412 int mask = hdev->link_mode;
1da177e4 1413
a9de9248
MH		 1414 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1415 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1416
a9de9248 1417 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1418
138d22ef
SJ		 1419 if ((mask & HCI_LM_ACCEPT) &&
1420 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1421 /* Connection accepted */
c7bdd502 1422 struct inquiry_entry *ie;
1da177e4 1423 struct hci_conn *conn;
1da177e4 1424
a9de9248 1425 hci_dev_lock(hdev);
b6a0dc82 1426
cc11b9c1
AE		 1427 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1428 if (ie)
c7bdd502
MH		 1429 memcpy(ie->data.dev_class, ev->dev_class, 3);
1430
a9de9248
MH		 1431 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1432 if (!conn) {
cc11b9c1
AE		 1433 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1434 if (!conn) {
893ef971 1435 BT_ERR("No memory for new connection");
a9de9248
MH		 1436 hci_dev_unlock(hdev);
1437 return;
1da177e4
LT		 1438 }
1439 }
b6a0dc82 1440
a9de9248
MH		 1441 memcpy(conn->dev_class, ev->dev_class, 3);
1442 conn->state = BT_CONNECT;
b6a0dc82 1443
a9de9248 1444 hci_dev_unlock(hdev);
1da177e4 1445
b6a0dc82
MH		 1446 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1447 struct hci_cp_accept_conn_req cp;
1da177e4 1448
b6a0dc82
MH		 1449 bacpy(&cp.bdaddr, &ev->bdaddr);
1450
1451 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1452 cp.role = 0x00; /* Become master */
1453 else
1454 cp.role = 0x01; /* Remain slave */
1455
1456 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1457 sizeof(cp), &cp);
1458 } else {
1459 struct hci_cp_accept_sync_conn_req cp;
1460
1461 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1462 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1463
1464 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1465 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1466 cp.max_latency = cpu_to_le16(0xffff);
1467 cp.content_format = cpu_to_le16(hdev->voice_setting);
1468 cp.retrans_effort = 0xff;
1da177e4 1469
b6a0dc82
MH		 1470 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1471 sizeof(cp), &cp);
1472 }
a9de9248
MH		 1473 } else {
1474 /* Connection rejected */
1475 struct hci_cp_reject_conn_req cp;
1da177e4 1476
a9de9248
MH		 1477 bacpy(&cp.bdaddr, &ev->bdaddr);
1478 cp.reason = 0x0f;
1479 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1480 }
1da177e4
LT		 1481}
1482
a9de9248 1483static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1484{
a9de9248 1485 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1486 struct hci_conn *conn;
1487
1488 BT_DBG("%s status %d", hdev->name, ev->status);
1489
8962ee74
JH		 1490 if (ev->status) {
1491 mgmt_disconnect_failed(hdev->id);
a9de9248 1492 return;
8962ee74 1493 }
a9de9248 1494
04837f64
MH		 1495 hci_dev_lock(hdev);
1496
1497 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1498 if (!conn)
1499 goto unlock;
7d0db0a3 1500
f7520543 1501 conn->state = BT_CLOSED;
04837f64 1502
83bc71b4 1503 if (conn->type == ACL_LINK || conn->type == LE_LINK)
f7520543
JH		 1504 mgmt_disconnected(hdev->id, &conn->dst);
1505
1506 hci_proto_disconn_cfm(conn, ev->reason);
1507 hci_conn_del(conn);
1508
1509unlock:
04837f64
MH		 1510 hci_dev_unlock(hdev);
1511}
1512
1da177e4
LT		 1513static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1514{
a9de9248 1515 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1516 struct hci_conn *conn;
1da177e4
LT		 1517
1518 BT_DBG("%s status %d", hdev->name, ev->status);
1519
1520 hci_dev_lock(hdev);
1521
04837f64 1522 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1523 if (!conn)
1524 goto unlock;
1525
1526 if (!ev->status) {
1527 if (!(conn->ssp_mode > 0 && hdev->ssp_mode > 0) &&
1528 test_bit(HCI_CONN_REAUTH_PEND, &conn->pend)) {
1529 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1530 } else {
d7556e20
WR		 1531 conn->link_mode |= HCI_LM_AUTH;
1532 conn->sec_level = conn->pending_sec_level;
2a611692 1533 }
d7556e20
WR		 1534 } else {
1535 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
1536 }
1da177e4 1537
d7556e20
WR		 1538 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1539 clear_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1da177e4 1540
d7556e20
WR		 1541 if (conn->state == BT_CONFIG) {
1542 if (!ev->status && hdev->ssp_mode > 0 && conn->ssp_mode > 0) {
1543 struct hci_cp_set_conn_encrypt cp;
1544 cp.handle = ev->handle;
1545 cp.encrypt = 0x01;
1546 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1547 &cp);
052b30b0 1548 } else {
d7556e20
WR		 1549 conn->state = BT_CONNECTED;
1550 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1551 hci_conn_put(conn);
1552 }
d7556e20
WR		 1553 } else {
1554 hci_auth_cfm(conn, ev->status);
052b30b0 1555
d7556e20
WR		 1556 hci_conn_hold(conn);
1557 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1558 hci_conn_put(conn);
1559 }
1560
1561 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1562 if (!ev->status) {
1563 struct hci_cp_set_conn_encrypt cp;
1564 cp.handle = ev->handle;
1565 cp.encrypt = 0x01;
1566 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1567 &cp);
1568 } else {
1569 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1570 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1571 }
1572 }
1573
d7556e20 1574unlock:
1da177e4
LT		 1575 hci_dev_unlock(hdev);
1576}
1577
a9de9248 1578static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1579{
127178d2
JH		 1580 struct hci_ev_remote_name *ev = (void *) skb->data;
1581 struct hci_conn *conn;
1582
a9de9248 1583 BT_DBG("%s", hdev->name);
1da177e4 1584
a9de9248 1585 hci_conn_check_pending(hdev);
127178d2
JH		 1586
1587 hci_dev_lock(hdev);
1588
a88a9652
JH		 1589 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1590 mgmt_remote_name(hdev->id, &ev->bdaddr, ev->name);
1591
127178d2 1592 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
79c6c70c
JH		 1593 if (!conn)
1594 goto unlock;
1595
1596 if (!hci_outgoing_auth_needed(hdev, conn))
1597 goto unlock;
1598
1599 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
127178d2
JH		 1600 struct hci_cp_auth_requested cp;
1601 cp.handle = __cpu_to_le16(conn->handle);
1602 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1603 }
1604
79c6c70c 1605unlock:
127178d2 1606 hci_dev_unlock(hdev);
a9de9248
MH		 1607}
1608
1609static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1610{
1611 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1612 struct hci_conn *conn;
1613
1614 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1615
1616 hci_dev_lock(hdev);
1617
04837f64 1618 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1619 if (conn) {
1620 if (!ev->status) {
ae293196
MH		 1621 if (ev->encrypt) {
1622 /* Encryption implies authentication */
1623 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1624 conn->link_mode |= HCI_LM_ENCRYPT;
ae293196 1625 } else
1da177e4
LT		 1626 conn->link_mode &= ~HCI_LM_ENCRYPT;
1627 }
1628
1629 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1630
f8558555
MH		 1631 if (conn->state == BT_CONFIG) {
1632 if (!ev->status)
1633 conn->state = BT_CONNECTED;
1634
1635 hci_proto_connect_cfm(conn, ev->status);
1636 hci_conn_put(conn);
1637 } else
1638 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1639 }
1640
1641 hci_dev_unlock(hdev);
1642}
1643
a9de9248 1644static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1645{
a9de9248 1646 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1647 struct hci_conn *conn;
1da177e4
LT		 1648
1649 BT_DBG("%s status %d", hdev->name, ev->status);
1650
1651 hci_dev_lock(hdev);
1652
04837f64 1653 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1654 if (conn) {
1655 if (!ev->status)
1656 conn->link_mode |= HCI_LM_SECURE;
1657
1658 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1659
1660 hci_key_change_cfm(conn, ev->status);
1661 }
1662
1663 hci_dev_unlock(hdev);
1664}
1665
a9de9248 1666static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1667{
a9de9248
MH		 1668 struct hci_ev_remote_features *ev = (void *) skb->data;
1669 struct hci_conn *conn;
1670
1671 BT_DBG("%s status %d", hdev->name, ev->status);
1672
a9de9248
MH		 1673 hci_dev_lock(hdev);
1674
1675 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 1676 if (!conn)
1677 goto unlock;
769be974 1678
ccd556fe
JH		 1679 if (!ev->status)
1680 memcpy(conn->features, ev->features, 8);
1681
1682 if (conn->state != BT_CONFIG)
1683 goto unlock;
1684
1685 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1686 struct hci_cp_read_remote_ext_features cp;
1687 cp.handle = ev->handle;
1688 cp.page = 0x01;
1689 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 1690 sizeof(cp), &cp);
392599b9
JH		 1691 goto unlock;
1692 }
1693
127178d2
JH		 1694 if (!ev->status) {
1695 struct hci_cp_remote_name_req cp;
1696 memset(&cp, 0, sizeof(cp));
1697 bacpy(&cp.bdaddr, &conn->dst);
1698 cp.pscan_rep_mode = 0x02;
1699 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1700 }
392599b9 1701
127178d2 1702 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 1703 conn->state = BT_CONNECTED;
1704 hci_proto_connect_cfm(conn, ev->status);
1705 hci_conn_put(conn);
769be974 1706 }
a9de9248 1707
ccd556fe 1708unlock:
a9de9248 1709 hci_dev_unlock(hdev);
1da177e4
LT		 1710}
1711
a9de9248 1712static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1713{
a9de9248 1714 BT_DBG("%s", hdev->name);
1da177e4
LT		 1715}
1716
a9de9248 1717static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1718{
a9de9248 1719 BT_DBG("%s", hdev->name);
1da177e4
LT		 1720}
1721
a9de9248
MH		 1722static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1723{
1724 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1725 __u16 opcode;
1726
1727 skb_pull(skb, sizeof(*ev));
1728
1729 opcode = __le16_to_cpu(ev->opcode);
1730
1731 switch (opcode) {
1732 case HCI_OP_INQUIRY_CANCEL:
1733 hci_cc_inquiry_cancel(hdev, skb);
1734 break;
1735
1736 case HCI_OP_EXIT_PERIODIC_INQ:
1737 hci_cc_exit_periodic_inq(hdev, skb);
1738 break;
1739
1740 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1741 hci_cc_remote_name_req_cancel(hdev, skb);
1742 break;
1743
1744 case HCI_OP_ROLE_DISCOVERY:
1745 hci_cc_role_discovery(hdev, skb);
1746 break;
1747
e4e8e37c
MH		 1748 case HCI_OP_READ_LINK_POLICY:
1749 hci_cc_read_link_policy(hdev, skb);
1750 break;
1751
a9de9248
MH		 1752 case HCI_OP_WRITE_LINK_POLICY:
1753 hci_cc_write_link_policy(hdev, skb);
1754 break;
1755
e4e8e37c
MH		 1756 case HCI_OP_READ_DEF_LINK_POLICY:
1757 hci_cc_read_def_link_policy(hdev, skb);
1758 break;
1759
1760 case HCI_OP_WRITE_DEF_LINK_POLICY:
1761 hci_cc_write_def_link_policy(hdev, skb);
1762 break;
1763
a9de9248
MH		 1764 case HCI_OP_RESET:
1765 hci_cc_reset(hdev, skb);
1766 break;
1767
1768 case HCI_OP_WRITE_LOCAL_NAME:
1769 hci_cc_write_local_name(hdev, skb);
1770 break;
1771
1772 case HCI_OP_READ_LOCAL_NAME:
1773 hci_cc_read_local_name(hdev, skb);
1774 break;
1775
1776 case HCI_OP_WRITE_AUTH_ENABLE:
1777 hci_cc_write_auth_enable(hdev, skb);
1778 break;
1779
1780 case HCI_OP_WRITE_ENCRYPT_MODE:
1781 hci_cc_write_encrypt_mode(hdev, skb);
1782 break;
1783
1784 case HCI_OP_WRITE_SCAN_ENABLE:
1785 hci_cc_write_scan_enable(hdev, skb);
1786 break;
1787
1788 case HCI_OP_READ_CLASS_OF_DEV:
1789 hci_cc_read_class_of_dev(hdev, skb);
1790 break;
1791
1792 case HCI_OP_WRITE_CLASS_OF_DEV:
1793 hci_cc_write_class_of_dev(hdev, skb);
1794 break;
1795
1796 case HCI_OP_READ_VOICE_SETTING:
1797 hci_cc_read_voice_setting(hdev, skb);
1798 break;
1799
1800 case HCI_OP_WRITE_VOICE_SETTING:
1801 hci_cc_write_voice_setting(hdev, skb);
1802 break;
1803
1804 case HCI_OP_HOST_BUFFER_SIZE:
1805 hci_cc_host_buffer_size(hdev, skb);
1806 break;
1807
333140b5
MH		 1808 case HCI_OP_READ_SSP_MODE:
1809 hci_cc_read_ssp_mode(hdev, skb);
1810 break;
1811
1812 case HCI_OP_WRITE_SSP_MODE:
1813 hci_cc_write_ssp_mode(hdev, skb);
1814 break;
1815
a9de9248
MH		 1816 case HCI_OP_READ_LOCAL_VERSION:
1817 hci_cc_read_local_version(hdev, skb);
1818 break;
1819
1820 case HCI_OP_READ_LOCAL_COMMANDS:
1821 hci_cc_read_local_commands(hdev, skb);
1822 break;
1823
1824 case HCI_OP_READ_LOCAL_FEATURES:
1825 hci_cc_read_local_features(hdev, skb);
1826 break;
1827
1828 case HCI_OP_READ_BUFFER_SIZE:
1829 hci_cc_read_buffer_size(hdev, skb);
1830 break;
1831
1832 case HCI_OP_READ_BD_ADDR:
1833 hci_cc_read_bd_addr(hdev, skb);
1834 break;
1835
23bb5763
JH		 1836 case HCI_OP_WRITE_CA_TIMEOUT:
1837 hci_cc_write_ca_timeout(hdev, skb);
1838 break;
1839
b0916ea0
JH		 1840 case HCI_OP_DELETE_STORED_LINK_KEY:
1841 hci_cc_delete_stored_link_key(hdev, skb);
1842 break;
1843
d5859e22
JH		 1844 case HCI_OP_SET_EVENT_MASK:
1845 hci_cc_set_event_mask(hdev, skb);
1846 break;
1847
1848 case HCI_OP_WRITE_INQUIRY_MODE:
1849 hci_cc_write_inquiry_mode(hdev, skb);
1850 break;
1851
1852 case HCI_OP_READ_INQ_RSP_TX_POWER:
1853 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1854 break;
1855
1856 case HCI_OP_SET_EVENT_FLT:
1857 hci_cc_set_event_flt(hdev, skb);
1858 break;
1859
980e1a53
JH		 1860 case HCI_OP_PIN_CODE_REPLY:
1861 hci_cc_pin_code_reply(hdev, skb);
1862 break;
1863
1864 case HCI_OP_PIN_CODE_NEG_REPLY:
1865 hci_cc_pin_code_neg_reply(hdev, skb);
1866 break;
1867
c35938b2
SJ		 1868 case HCI_OP_READ_LOCAL_OOB_DATA:
1869 hci_cc_read_local_oob_data_reply(hdev, skb);
1870 break;
1871
6ed58ec5
VT		 1872 case HCI_OP_LE_READ_BUFFER_SIZE:
1873 hci_cc_le_read_buffer_size(hdev, skb);
1874 break;
1875
a5c29683
JH		 1876 case HCI_OP_USER_CONFIRM_REPLY:
1877 hci_cc_user_confirm_reply(hdev, skb);
1878 break;
1879
1880 case HCI_OP_USER_CONFIRM_NEG_REPLY:
1881 hci_cc_user_confirm_neg_reply(hdev, skb);
1882 break;
1883
eb9d91f5
AG		 1884 case HCI_OP_LE_SET_SCAN_ENABLE:
1885 hci_cc_le_set_scan_enable(hdev, skb);
1886 break;
1887
a7a595f6
VCG		 1888 case HCI_OP_LE_LTK_REPLY:
1889 hci_cc_le_ltk_reply(hdev, skb);
1890 break;
1891
1892 case HCI_OP_LE_LTK_NEG_REPLY:
1893 hci_cc_le_ltk_neg_reply(hdev, skb);
1894 break;
1895
a9de9248
MH		 1896 default:
1897 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1898 break;
1899 }
1900
6bd32326
VT		 1901 if (ev->opcode != HCI_OP_NOP)
1902 del_timer(&hdev->cmd_timer);
1903
a9de9248
MH		 1904 if (ev->ncmd) {
1905 atomic_set(&hdev->cmd_cnt, 1);
1906 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1907 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1908 }
1909}
1910
1911static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1912{
1913 struct hci_ev_cmd_status *ev = (void *) skb->data;
1914 __u16 opcode;
1915
1916 skb_pull(skb, sizeof(*ev));
1917
1918 opcode = __le16_to_cpu(ev->opcode);
1919
1920 switch (opcode) {
1921 case HCI_OP_INQUIRY:
1922 hci_cs_inquiry(hdev, ev->status);
1923 break;
1924
1925 case HCI_OP_CREATE_CONN:
1926 hci_cs_create_conn(hdev, ev->status);
1927 break;
1928
1929 case HCI_OP_ADD_SCO:
1930 hci_cs_add_sco(hdev, ev->status);
1931 break;
1932
f8558555
MH		 1933 case HCI_OP_AUTH_REQUESTED:
1934 hci_cs_auth_requested(hdev, ev->status);
1935 break;
1936
1937 case HCI_OP_SET_CONN_ENCRYPT:
1938 hci_cs_set_conn_encrypt(hdev, ev->status);
1939 break;
1940
a9de9248
MH		 1941 case HCI_OP_REMOTE_NAME_REQ:
1942 hci_cs_remote_name_req(hdev, ev->status);
1943 break;
1944
769be974
MH		 1945 case HCI_OP_READ_REMOTE_FEATURES:
1946 hci_cs_read_remote_features(hdev, ev->status);
1947 break;
1948
1949 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1950 hci_cs_read_remote_ext_features(hdev, ev->status);
1951 break;
1952
a9de9248
MH		 1953 case HCI_OP_SETUP_SYNC_CONN:
1954 hci_cs_setup_sync_conn(hdev, ev->status);
1955 break;
1956
1957 case HCI_OP_SNIFF_MODE:
1958 hci_cs_sniff_mode(hdev, ev->status);
1959 break;
1960
1961 case HCI_OP_EXIT_SNIFF_MODE:
1962 hci_cs_exit_sniff_mode(hdev, ev->status);
1963 break;
1964
8962ee74
JH		 1965 case HCI_OP_DISCONNECT:
1966 if (ev->status != 0)
1967 mgmt_disconnect_failed(hdev->id);
1968 break;
1969
fcd89c09
VT		 1970 case HCI_OP_LE_CREATE_CONN:
1971 hci_cs_le_create_conn(hdev, ev->status);
1972 break;
1973
a7a595f6
VCG		 1974 case HCI_OP_LE_START_ENC:
1975 hci_cs_le_start_enc(hdev, ev->status);
1976 break;
1977
a9de9248
MH		 1978 default:
1979 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1980 break;
1981 }
1982
6bd32326
VT		 1983 if (ev->opcode != HCI_OP_NOP)
1984 del_timer(&hdev->cmd_timer);
1985
10572132 1986 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 1987 atomic_set(&hdev->cmd_cnt, 1);
1988 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1989 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1990 }
1991}
1992
1993static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1994{
1995 struct hci_ev_role_change *ev = (void *) skb->data;
1996 struct hci_conn *conn;
1997
1998 BT_DBG("%s status %d", hdev->name, ev->status);
1999
2000 hci_dev_lock(hdev);
2001
2002 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2003 if (conn) {
2004 if (!ev->status) {
2005 if (ev->role)
2006 conn->link_mode &= ~HCI_LM_MASTER;
2007 else
2008 conn->link_mode |= HCI_LM_MASTER;
2009 }
2010
2011 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
2012
2013 hci_role_switch_cfm(conn, ev->status, ev->role);
2014 }
2015
2016 hci_dev_unlock(hdev);
2017}
2018
2019static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2020{
2021 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2022 __le16 *ptr;
2023 int i;
2024
2025 skb_pull(skb, sizeof(*ev));
2026
2027 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2028
2029 if (skb->len < ev->num_hndl * 4) {
2030 BT_DBG("%s bad parameters", hdev->name);
2031 return;
2032 }
2033
2034 tasklet_disable(&hdev->tx_task);
2035
2036 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
2037 struct hci_conn *conn;
2038 __u16 handle, count;
2039
83985319
HH		 2040 handle = get_unaligned_le16(ptr++);
2041 count = get_unaligned_le16(ptr++);
a9de9248
MH		 2042
2043 conn = hci_conn_hash_lookup_handle(hdev, handle);
2044 if (conn) {
2045 conn->sent -= count;
2046
2047 if (conn->type == ACL_LINK) {
70f23020
AE		 2048 hdev->acl_cnt += count;
2049 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2050 hdev->acl_cnt = hdev->acl_pkts;
6ed58ec5
VT		 2051 } else if (conn->type == LE_LINK) {
2052 if (hdev->le_pkts) {
2053 hdev->le_cnt += count;
2054 if (hdev->le_cnt > hdev->le_pkts)
2055 hdev->le_cnt = hdev->le_pkts;
2056 } else {
2057 hdev->acl_cnt += count;
2058 if (hdev->acl_cnt > hdev->acl_pkts)
2059 hdev->acl_cnt = hdev->acl_pkts;
2060 }
a9de9248 2061 } else {
70f23020
AE		 2062 hdev->sco_cnt += count;
2063 if (hdev->sco_cnt > hdev->sco_pkts)
a9de9248
MH		 2064 hdev->sco_cnt = hdev->sco_pkts;
2065 }
2066 }
2067 }
2068
c78ae283 2069 tasklet_schedule(&hdev->tx_task);
a9de9248
MH		 2070
2071 tasklet_enable(&hdev->tx_task);
2072}
2073
2074static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2075{
a9de9248 2076 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2077 struct hci_conn *conn;
2078
2079 BT_DBG("%s status %d", hdev->name, ev->status);
2080
2081 hci_dev_lock(hdev);
2082
2083 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2084 if (conn) {
2085 conn->mode = ev->mode;
2086 conn->interval = __le16_to_cpu(ev->interval);
2087
2088 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2089 if (conn->mode == HCI_CM_ACTIVE)
2090 conn->power_save = 1;
2091 else
2092 conn->power_save = 0;
2093 }
e73439d8
MH		 2094
2095 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2096 hci_sco_setup(conn, ev->status);
04837f64
MH		 2097 }
2098
2099 hci_dev_unlock(hdev);
2100}
2101
a9de9248
MH		 2102static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2103{
052b30b0
MH		 2104 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2105 struct hci_conn *conn;
2106
a9de9248 2107 BT_DBG("%s", hdev->name);
052b30b0
MH		 2108
2109 hci_dev_lock(hdev);
2110
2111 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3d7a9d1c 2112 if (conn && conn->state == BT_CONNECTED) {
052b30b0
MH		 2113 hci_conn_hold(conn);
2114 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2115 hci_conn_put(conn);
2116 }
2117
03b555e1
JH		 2118 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2119 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2120 sizeof(ev->bdaddr), &ev->bdaddr);
582fbe9e 2121 else if (test_bit(HCI_MGMT, &hdev->flags)) {
a770bb5a
WR		 2122 u8 secure;
2123
2124 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2125 secure = 1;
2126 else
2127 secure = 0;
2128
2129 mgmt_pin_code_request(hdev->id, &ev->bdaddr, secure);
2130 }
980e1a53 2131
052b30b0 2132 hci_dev_unlock(hdev);
a9de9248
MH		 2133}
2134
2135static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2136{
55ed8ca1
JH		 2137 struct hci_ev_link_key_req *ev = (void *) skb->data;
2138 struct hci_cp_link_key_reply cp;
2139 struct hci_conn *conn;
2140 struct link_key *key;
2141
a9de9248 2142 BT_DBG("%s", hdev->name);
55ed8ca1
JH		 2143
2144 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2145 return;
2146
2147 hci_dev_lock(hdev);
2148
2149 key = hci_find_link_key(hdev, &ev->bdaddr);
2150 if (!key) {
2151 BT_DBG("%s link key not found for %s", hdev->name,
2152 batostr(&ev->bdaddr));
2153 goto not_found;
2154 }
2155
2156 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2157 batostr(&ev->bdaddr));
2158
b6020ba0
WR		 2159 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2160 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2161 BT_DBG("%s ignoring debug key", hdev->name);
2162 goto not_found;
2163 }
2164
2165 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2166 if (conn) {
2167 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2168 conn->auth_type != 0xff &&
2169 (conn->auth_type & 0x01)) {
2170 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2171 goto not_found;
2172 }
55ed8ca1 2173
60b83f57
WR		 2174 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2175 conn->pending_sec_level == BT_SECURITY_HIGH) {
2176 BT_DBG("%s ignoring key unauthenticated for high \
2177 security", hdev->name);
2178 goto not_found;
2179 }
2180
2181 conn->key_type = key->type;
2182 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2183 }
2184
2185 bacpy(&cp.bdaddr, &ev->bdaddr);
2186 memcpy(cp.link_key, key->val, 16);
2187
2188 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2189
2190 hci_dev_unlock(hdev);
2191
2192 return;
2193
2194not_found:
2195 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2196 hci_dev_unlock(hdev);
a9de9248
MH		 2197}
2198
2199static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2200{
052b30b0
MH		 2201 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2202 struct hci_conn *conn;
55ed8ca1 2203 u8 pin_len = 0;
052b30b0 2204
a9de9248 2205 BT_DBG("%s", hdev->name);
052b30b0
MH		 2206
2207 hci_dev_lock(hdev);
2208
2209 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2210 if (conn) {
2211 hci_conn_hold(conn);
2212 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2213 pin_len = conn->pin_length;
13d39315
WR		 2214
2215 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2216 conn->key_type = ev->key_type;
2217
052b30b0
MH		 2218 hci_conn_put(conn);
2219 }
2220
55ed8ca1 2221 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
d25e28ab 2222 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2223 ev->key_type, pin_len);
2224
052b30b0 2225 hci_dev_unlock(hdev);
a9de9248
MH		 2226}
2227
1da177e4
LT		 2228static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2229{
a9de9248 2230 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2231 struct hci_conn *conn;
1da177e4
LT		 2232
2233 BT_DBG("%s status %d", hdev->name, ev->status);
2234
2235 hci_dev_lock(hdev);
2236
04837f64 2237 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2238 if (conn && !ev->status) {
2239 struct inquiry_entry *ie;
2240
cc11b9c1
AE		 2241 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2242 if (ie) {
1da177e4
LT		 2243 ie->data.clock_offset = ev->clock_offset;
2244 ie->timestamp = jiffies;
2245 }
2246 }
2247
2248 hci_dev_unlock(hdev);
2249}
2250
a8746417
MH		 2251static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2252{
2253 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2254 struct hci_conn *conn;
2255
2256 BT_DBG("%s status %d", hdev->name, ev->status);
2257
2258 hci_dev_lock(hdev);
2259
2260 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2261 if (conn && !ev->status)
2262 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2263
2264 hci_dev_unlock(hdev);
2265}
2266
85a1e930
MH		 2267static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2268{
a9de9248 2269 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2270 struct inquiry_entry *ie;
2271
2272 BT_DBG("%s", hdev->name);
2273
2274 hci_dev_lock(hdev);
2275
cc11b9c1
AE		 2276 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2277 if (ie) {
85a1e930
MH		 2278 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2279 ie->timestamp = jiffies;
2280 }
2281
2282 hci_dev_unlock(hdev);
2283}
2284
a9de9248
MH		 2285static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2286{
2287 struct inquiry_data data;
2288 int num_rsp = *((__u8 *) skb->data);
2289
2290 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2291
2292 if (!num_rsp)
2293 return;
2294
2295 hci_dev_lock(hdev);
2296
314b2381
JH		 2297 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
2298
2299 if (test_bit(HCI_MGMT, &hdev->flags))
2300 mgmt_discovering(hdev->id, 1);
2301 }
2302
a9de9248 2303 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2304 struct inquiry_info_with_rssi_and_pscan_mode *info;
2305 info = (void *) (skb->data + 1);
a9de9248 2306
e17acd40 2307 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2308 bacpy(&data.bdaddr, &info->bdaddr);
2309 data.pscan_rep_mode = info->pscan_rep_mode;
2310 data.pscan_period_mode = info->pscan_period_mode;
2311 data.pscan_mode = info->pscan_mode;
2312 memcpy(data.dev_class, info->dev_class, 3);
2313 data.clock_offset = info->clock_offset;
2314 data.rssi = info->rssi;
41a96212 2315 data.ssp_mode = 0x00;
a9de9248 2316 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 2317 mgmt_device_found(hdev->id, &info->bdaddr,
2318 info->dev_class, info->rssi,
2319 NULL);
a9de9248
MH		 2320 }
2321 } else {
2322 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2323
e17acd40 2324 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2325 bacpy(&data.bdaddr, &info->bdaddr);
2326 data.pscan_rep_mode = info->pscan_rep_mode;
2327 data.pscan_period_mode = info->pscan_period_mode;
2328 data.pscan_mode = 0x00;
2329 memcpy(data.dev_class, info->dev_class, 3);
2330 data.clock_offset = info->clock_offset;
2331 data.rssi = info->rssi;
41a96212 2332 data.ssp_mode = 0x00;
a9de9248 2333 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 2334 mgmt_device_found(hdev->id, &info->bdaddr,
2335 info->dev_class, info->rssi,
2336 NULL);
a9de9248
MH		 2337 }
2338 }
2339
2340 hci_dev_unlock(hdev);
2341}
2342
2343static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2344{
41a96212
MH		 2345 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2346 struct hci_conn *conn;
2347
a9de9248 2348 BT_DBG("%s", hdev->name);
41a96212 2349
41a96212
MH		 2350 hci_dev_lock(hdev);
2351
2352 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2353 if (!conn)
2354 goto unlock;
41a96212 2355
ccd556fe
JH		 2356 if (!ev->status && ev->page == 0x01) {
2357 struct inquiry_entry *ie;
41a96212 2358
cc11b9c1
AE		 2359 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2360 if (ie)
ccd556fe 2361 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2362
ccd556fe
JH		 2363 conn->ssp_mode = (ev->features[0] & 0x01);
2364 }
2365
2366 if (conn->state != BT_CONFIG)
2367 goto unlock;
2368
127178d2
JH		 2369 if (!ev->status) {
2370 struct hci_cp_remote_name_req cp;
2371 memset(&cp, 0, sizeof(cp));
2372 bacpy(&cp.bdaddr, &conn->dst);
2373 cp.pscan_rep_mode = 0x02;
2374 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2375 }
392599b9 2376
127178d2 2377 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2378 conn->state = BT_CONNECTED;
2379 hci_proto_connect_cfm(conn, ev->status);
2380 hci_conn_put(conn);
41a96212
MH		 2381 }
2382
ccd556fe 2383unlock:
41a96212 2384 hci_dev_unlock(hdev);
a9de9248
MH		 2385}
2386
2387static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2388{
b6a0dc82
MH		 2389 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2390 struct hci_conn *conn;
2391
2392 BT_DBG("%s status %d", hdev->name, ev->status);
2393
2394 hci_dev_lock(hdev);
2395
2396 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2397 if (!conn) {
2398 if (ev->link_type == ESCO_LINK)
2399 goto unlock;
2400
2401 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2402 if (!conn)
2403 goto unlock;
2404
2405 conn->type = SCO_LINK;
2406 }
b6a0dc82 2407
732547f9
MH		 2408 switch (ev->status) {
2409 case 0x00:
b6a0dc82
MH		 2410 conn->handle = __le16_to_cpu(ev->handle);
2411 conn->state = BT_CONNECTED;
7d0db0a3 2412
9eba32b8 2413 hci_conn_hold_device(conn);
7d0db0a3 2414 hci_conn_add_sysfs(conn);
732547f9
MH		 2415 break;
2416
705e5711 2417 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2418 case 0x1c: /* SCO interval rejected */
1038a00b 2419 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2420 case 0x1f: /* Unspecified error */
2421 if (conn->out && conn->attempt < 2) {
2422 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2423 (hdev->esco_type & EDR_ESCO_MASK);
2424 hci_setup_sync(conn, conn->link->handle);
2425 goto unlock;
2426 }
2427 /* fall through */
2428
2429 default:
b6a0dc82 2430 conn->state = BT_CLOSED;
732547f9
MH		 2431 break;
2432 }
b6a0dc82
MH		 2433
2434 hci_proto_connect_cfm(conn, ev->status);
2435 if (ev->status)
2436 hci_conn_del(conn);
2437
2438unlock:
2439 hci_dev_unlock(hdev);
a9de9248
MH		 2440}
2441
2442static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2443{
2444 BT_DBG("%s", hdev->name);
2445}
2446
04837f64
MH		 2447static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2448{
a9de9248 2449 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2450
2451 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2452}
2453
a9de9248 2454static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2455{
a9de9248
MH		 2456 struct inquiry_data data;
2457 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2458 int num_rsp = *((__u8 *) skb->data);
1da177e4 2459
a9de9248 2460 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2461
a9de9248
MH		 2462 if (!num_rsp)
2463 return;
1da177e4 2464
314b2381
JH		 2465 if (!test_and_set_bit(HCI_INQUIRY, &hdev->flags)) {
2466
2467 if (test_bit(HCI_MGMT, &hdev->flags))
2468 mgmt_discovering(hdev->id, 1);
2469 }
2470
a9de9248
MH		 2471 hci_dev_lock(hdev);
2472
e17acd40 2473 for (; num_rsp; num_rsp--, info++) {
a9de9248 2474 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2475 data.pscan_rep_mode = info->pscan_rep_mode;
2476 data.pscan_period_mode = info->pscan_period_mode;
2477 data.pscan_mode = 0x00;
a9de9248 2478 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2479 data.clock_offset = info->clock_offset;
2480 data.rssi = info->rssi;
41a96212 2481 data.ssp_mode = 0x01;
a9de9248 2482 hci_inquiry_cache_update(hdev, &data);
e17acd40
JH		 2483 mgmt_device_found(hdev->id, &info->bdaddr, info->dev_class,
2484 info->rssi, info->data);
a9de9248
MH		 2485 }
2486
2487 hci_dev_unlock(hdev);
2488}
1da177e4 2489
17fa4b9d
JH		 2490static inline u8 hci_get_auth_req(struct hci_conn *conn)
2491{
2492 /* If remote requests dedicated bonding follow that lead */
2493 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2494 /* If both remote and local IO capabilities allow MITM
2495 * protection then require it, otherwise don't */
2496 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2497 return 0x02;
2498 else
2499 return 0x03;
2500 }
2501
2502 /* If remote requests no-bonding follow that lead */
2503 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2504 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2505
2506 return conn->auth_type;
2507}
2508
0493684e
MH		 2509static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2510{
2511 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2512 struct hci_conn *conn;
2513
2514 BT_DBG("%s", hdev->name);
2515
2516 hci_dev_lock(hdev);
2517
2518 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 2519 if (!conn)
2520 goto unlock;
2521
2522 hci_conn_hold(conn);
2523
2524 if (!test_bit(HCI_MGMT, &hdev->flags))
2525 goto unlock;
2526
2527 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2528 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 2529 struct hci_cp_io_capability_reply cp;
2530
2531 bacpy(&cp.bdaddr, &ev->bdaddr);
2532 cp.capability = conn->io_capability;
7cbc9bd9
JH		 2533 conn->auth_type = hci_get_auth_req(conn);
2534 cp.authentication = conn->auth_type;
17fa4b9d 2535
ce85ee13
SJ		 2536 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2537 hci_find_remote_oob_data(hdev, &conn->dst))
2538 cp.oob_data = 0x01;
2539 else
2540 cp.oob_data = 0x00;
2541
17fa4b9d
JH		 2542 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2543 sizeof(cp), &cp);
03b555e1
JH		 2544 } else {
2545 struct hci_cp_io_capability_neg_reply cp;
2546
2547 bacpy(&cp.bdaddr, &ev->bdaddr);
be77159c 2548 cp.reason = 0x18; /* Pairing not allowed */
0493684e 2549
03b555e1
JH		 2550 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2551 sizeof(cp), &cp);
2552 }
2553
2554unlock:
2555 hci_dev_unlock(hdev);
2556}
2557
2558static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2559{
2560 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2561 struct hci_conn *conn;
2562
2563 BT_DBG("%s", hdev->name);
2564
2565 hci_dev_lock(hdev);
2566
2567 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2568 if (!conn)
2569 goto unlock;
2570
03b555e1
JH		 2571 conn->remote_cap = ev->capability;
2572 conn->remote_oob = ev->oob_data;
2573 conn->remote_auth = ev->authentication;
2574
2575unlock:
0493684e
MH		 2576 hci_dev_unlock(hdev);
2577}
2578
a5c29683
JH		 2579static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2580 struct sk_buff *skb)
2581{
2582 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 2583 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 2584 struct hci_conn *conn;
a5c29683
JH		 2585
2586 BT_DBG("%s", hdev->name);
2587
2588 hci_dev_lock(hdev);
2589
7a828908
JH		 2590 if (!test_bit(HCI_MGMT, &hdev->flags))
2591 goto unlock;
a5c29683 2592
7a828908
JH		 2593 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2594 if (!conn)
2595 goto unlock;
2596
2597 loc_mitm = (conn->auth_type & 0x01);
2598 rem_mitm = (conn->remote_auth & 0x01);
2599
2600 /* If we require MITM but the remote device can't provide that
2601 * (it has NoInputNoOutput) then reject the confirmation
2602 * request. The only exception is when we're dedicated bonding
2603 * initiators (connect_cfm_cb set) since then we always have the MITM
2604 * bit set. */
2605 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2606 BT_DBG("Rejecting request: remote device can't provide MITM");
2607 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2608 sizeof(ev->bdaddr), &ev->bdaddr);
2609 goto unlock;
2610 }
2611
2612 /* If no side requires MITM protection; auto-accept */
2613 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2614 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 2615
2616 /* If we're not the initiators request authorization to
2617 * proceed from user space (mgmt_user_confirm with
2618 * confirm_hint set to 1). */
2619 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2620 BT_DBG("Confirming auto-accept as acceptor");
2621 confirm_hint = 1;
2622 goto confirm;
2623 }
2624
9f61656a
JH		 2625 BT_DBG("Auto-accept of user confirmation with %ums delay",
2626 hdev->auto_accept_delay);
2627
2628 if (hdev->auto_accept_delay > 0) {
2629 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2630 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2631 goto unlock;
2632 }
2633
7a828908
JH		 2634 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2635 sizeof(ev->bdaddr), &ev->bdaddr);
2636 goto unlock;
2637 }
2638
55bc1a37
JH		 2639confirm:
2640 mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey,
2641 confirm_hint);
7a828908
JH		 2642
2643unlock:
a5c29683
JH		 2644 hci_dev_unlock(hdev);
2645}
2646
0493684e
MH		 2647static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2648{
2649 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2650 struct hci_conn *conn;
2651
2652 BT_DBG("%s", hdev->name);
2653
2654 hci_dev_lock(hdev);
2655
2656 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 2657 if (!conn)
2658 goto unlock;
2659
2660 /* To avoid duplicate auth_failed events to user space we check
2661 * the HCI_CONN_AUTH_PEND flag which will be set if we
2662 * initiated the authentication. A traditional auth_complete
2663 * event gets always produced as initiator and is also mapped to
2664 * the mgmt_auth_failed event */
2665 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2666 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
0493684e 2667
2a611692
JH		 2668 hci_conn_put(conn);
2669
2670unlock:
0493684e
MH		 2671 hci_dev_unlock(hdev);
2672}
2673
41a96212
MH		 2674static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2675{
2676 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2677 struct inquiry_entry *ie;
2678
2679 BT_DBG("%s", hdev->name);
2680
2681 hci_dev_lock(hdev);
2682
cc11b9c1
AE		 2683 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2684 if (ie)
41a96212
MH		 2685 ie->data.ssp_mode = (ev->features[0] & 0x01);
2686
2687 hci_dev_unlock(hdev);
2688}
2689
2763eda6
SJ		 2690static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2691 struct sk_buff *skb)
2692{
2693 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2694 struct oob_data *data;
2695
2696 BT_DBG("%s", hdev->name);
2697
2698 hci_dev_lock(hdev);
2699
e1ba1f15
SJ		 2700 if (!test_bit(HCI_MGMT, &hdev->flags))
2701 goto unlock;
2702
2763eda6
SJ		 2703 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2704 if (data) {
2705 struct hci_cp_remote_oob_data_reply cp;
2706
2707 bacpy(&cp.bdaddr, &ev->bdaddr);
2708 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2709 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2710
2711 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2712 &cp);
2713 } else {
2714 struct hci_cp_remote_oob_data_neg_reply cp;
2715
2716 bacpy(&cp.bdaddr, &ev->bdaddr);
2717 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2718 &cp);
2719 }
2720
e1ba1f15 2721unlock:
2763eda6
SJ		 2722 hci_dev_unlock(hdev);
2723}
2724
fcd89c09
VT		 2725static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2726{
2727 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2728 struct hci_conn *conn;
2729
2730 BT_DBG("%s status %d", hdev->name, ev->status);
2731
2732 hci_dev_lock(hdev);
2733
2734 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 2735 if (!conn) {
2736 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2737 if (!conn) {
2738 BT_ERR("No memory for new connection");
2739 hci_dev_unlock(hdev);
2740 return;
2741 }
29b7988a
AG		 2742
2743 conn->dst_type = ev->bdaddr_type;
b62f328b 2744 }
fcd89c09
VT		 2745
2746 if (ev->status) {
83bc71b4 2747 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
fcd89c09
VT		 2748 hci_proto_connect_cfm(conn, ev->status);
2749 conn->state = BT_CLOSED;
2750 hci_conn_del(conn);
2751 goto unlock;
2752 }
2753
83bc71b4
VCG		 2754 mgmt_connected(hdev->id, &ev->bdaddr);
2755
fcd89c09
VT		 2756 conn->handle = __le16_to_cpu(ev->handle);
2757 conn->state = BT_CONNECTED;
2758
2759 hci_conn_hold_device(conn);
2760 hci_conn_add_sysfs(conn);
2761
2762 hci_proto_connect_cfm(conn, ev->status);
2763
2764unlock:
2765 hci_dev_unlock(hdev);
2766}
2767
9aa04c91
AG		 2768static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
2769 struct sk_buff *skb)
2770{
2771 struct hci_ev_le_advertising_info *ev;
2772 u8 num_reports;
2773
2774 num_reports = skb->data[0];
2775 ev = (void *) &skb->data[1];
2776
2777 hci_dev_lock(hdev);
2778
2779 hci_add_adv_entry(hdev, ev);
2780
2781 while (--num_reports) {
2782 ev = (void *) (ev->data + ev->length + 1);
2783 hci_add_adv_entry(hdev, ev);
2784 }
2785
2786 hci_dev_unlock(hdev);
2787}
2788
a7a595f6
VCG		 2789static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
2790 struct sk_buff *skb)
2791{
2792 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
2793 struct hci_cp_le_ltk_reply cp;
2794 struct hci_conn *conn;
2795
2796 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
2797
2798 hci_dev_lock(hdev);
2799
2800 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2801
2802 memset(&cp, 0, sizeof(cp));
2803 cp.handle = cpu_to_le16(conn->handle);
2804 memcpy(cp.ltk, conn->ltk, sizeof(conn->ltk));
2805
2806 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
2807
2808 hci_dev_unlock(hdev);
2809}
2810
fcd89c09
VT		 2811static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2812{
2813 struct hci_ev_le_meta *le_ev = (void *) skb->data;
2814
2815 skb_pull(skb, sizeof(*le_ev));
2816
2817 switch (le_ev->subevent) {
2818 case HCI_EV_LE_CONN_COMPLETE:
2819 hci_le_conn_complete_evt(hdev, skb);
2820 break;
2821
9aa04c91
AG		 2822 case HCI_EV_LE_ADVERTISING_REPORT:
2823 hci_le_adv_report_evt(hdev, skb);
2824 break;
2825
a7a595f6
VCG		 2826 case HCI_EV_LE_LTK_REQ:
2827 hci_le_ltk_request_evt(hdev, skb);
2828 break;
2829
fcd89c09
VT		 2830 default:
2831 break;
2832 }
2833}
2834
a9de9248
MH		 2835void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2836{
2837 struct hci_event_hdr *hdr = (void *) skb->data;
2838 __u8 event = hdr->evt;
2839
2840 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2841
2842 switch (event) {
1da177e4
LT		 2843 case HCI_EV_INQUIRY_COMPLETE:
2844 hci_inquiry_complete_evt(hdev, skb);
2845 break;
2846
2847 case HCI_EV_INQUIRY_RESULT:
2848 hci_inquiry_result_evt(hdev, skb);
2849 break;
2850
a9de9248
MH		 2851 case HCI_EV_CONN_COMPLETE:
2852 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 2853 break;
2854
1da177e4
LT		 2855 case HCI_EV_CONN_REQUEST:
2856 hci_conn_request_evt(hdev, skb);
2857 break;
2858
1da177e4
LT		 2859 case HCI_EV_DISCONN_COMPLETE:
2860 hci_disconn_complete_evt(hdev, skb);
2861 break;
2862
1da177e4
LT		 2863 case HCI_EV_AUTH_COMPLETE:
2864 hci_auth_complete_evt(hdev, skb);
2865 break;
2866
a9de9248
MH		 2867 case HCI_EV_REMOTE_NAME:
2868 hci_remote_name_evt(hdev, skb);
2869 break;
2870
1da177e4
LT		 2871 case HCI_EV_ENCRYPT_CHANGE:
2872 hci_encrypt_change_evt(hdev, skb);
2873 break;
2874
a9de9248
MH		 2875 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2876 hci_change_link_key_complete_evt(hdev, skb);
2877 break;
2878
2879 case HCI_EV_REMOTE_FEATURES:
2880 hci_remote_features_evt(hdev, skb);
2881 break;
2882
2883 case HCI_EV_REMOTE_VERSION:
2884 hci_remote_version_evt(hdev, skb);
2885 break;
2886
2887 case HCI_EV_QOS_SETUP_COMPLETE:
2888 hci_qos_setup_complete_evt(hdev, skb);
2889 break;
2890
2891 case HCI_EV_CMD_COMPLETE:
2892 hci_cmd_complete_evt(hdev, skb);
2893 break;
2894
2895 case HCI_EV_CMD_STATUS:
2896 hci_cmd_status_evt(hdev, skb);
2897 break;
2898
2899 case HCI_EV_ROLE_CHANGE:
2900 hci_role_change_evt(hdev, skb);
2901 break;
2902
2903 case HCI_EV_NUM_COMP_PKTS:
2904 hci_num_comp_pkts_evt(hdev, skb);
2905 break;
2906
2907 case HCI_EV_MODE_CHANGE:
2908 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 2909 break;
2910
2911 case HCI_EV_PIN_CODE_REQ:
2912 hci_pin_code_request_evt(hdev, skb);
2913 break;
2914
2915 case HCI_EV_LINK_KEY_REQ:
2916 hci_link_key_request_evt(hdev, skb);
2917 break;
2918
2919 case HCI_EV_LINK_KEY_NOTIFY:
2920 hci_link_key_notify_evt(hdev, skb);
2921 break;
2922
2923 case HCI_EV_CLOCK_OFFSET:
2924 hci_clock_offset_evt(hdev, skb);
2925 break;
2926
a8746417
MH		 2927 case HCI_EV_PKT_TYPE_CHANGE:
2928 hci_pkt_type_change_evt(hdev, skb);
2929 break;
2930
85a1e930
MH		 2931 case HCI_EV_PSCAN_REP_MODE:
2932 hci_pscan_rep_mode_evt(hdev, skb);
2933 break;
2934
a9de9248
MH		 2935 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2936 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 2937 break;
2938
a9de9248
MH		 2939 case HCI_EV_REMOTE_EXT_FEATURES:
2940 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 2941 break;
2942
a9de9248
MH		 2943 case HCI_EV_SYNC_CONN_COMPLETE:
2944 hci_sync_conn_complete_evt(hdev, skb);
2945 break;
1da177e4 2946
a9de9248
MH		 2947 case HCI_EV_SYNC_CONN_CHANGED:
2948 hci_sync_conn_changed_evt(hdev, skb);
2949 break;
1da177e4 2950
a9de9248
MH		 2951 case HCI_EV_SNIFF_SUBRATE:
2952 hci_sniff_subrate_evt(hdev, skb);
2953 break;
1da177e4 2954
a9de9248
MH		 2955 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2956 hci_extended_inquiry_result_evt(hdev, skb);
2957 break;
1da177e4 2958
0493684e
MH		 2959 case HCI_EV_IO_CAPA_REQUEST:
2960 hci_io_capa_request_evt(hdev, skb);
2961 break;
2962
03b555e1
JH		 2963 case HCI_EV_IO_CAPA_REPLY:
2964 hci_io_capa_reply_evt(hdev, skb);
2965 break;
2966
a5c29683
JH		 2967 case HCI_EV_USER_CONFIRM_REQUEST:
2968 hci_user_confirm_request_evt(hdev, skb);
2969 break;
2970
0493684e
MH		 2971 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2972 hci_simple_pair_complete_evt(hdev, skb);
2973 break;
2974
41a96212
MH		 2975 case HCI_EV_REMOTE_HOST_FEATURES:
2976 hci_remote_host_features_evt(hdev, skb);
2977 break;
2978
fcd89c09
VT		 2979 case HCI_EV_LE_META:
2980 hci_le_meta_evt(hdev, skb);
2981 break;
2982
2763eda6
SJ		 2983 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
2984 hci_remote_oob_data_request_evt(hdev, skb);
2985 break;
2986
a9de9248
MH		 2987 default:
2988 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 2989 break;
2990 }
2991
2992 kfree_skb(skb);
2993 hdev->stat.evt_rx++;
2994}
2995
2996/* Generate internal stack event */
2997void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2998{
2999 struct hci_event_hdr *hdr;
3000 struct hci_ev_stack_internal *ev;
3001 struct sk_buff *skb;
3002
3003 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3004 if (!skb)
3005 return;
3006
3007 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3008 hdr->evt = HCI_EV_STACK_INTERNAL;
3009 hdr->plen = sizeof(*ev) + dlen;
3010
3011 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3012 ev->type = type;
3013 memcpy(ev->data, data, dlen);
3014
576c7d85 3015 bt_cb(skb)->incoming = 1;
a61bbcf2 3016 __net_timestamp(skb);
576c7d85 3017
0d48d939 3018 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 3019 skb->dev = (void *) hdev;
eec8d2bc 3020 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 3021 kfree_skb(skb);
3022}
kernel source for telekom puls (alcatel/mediatek)