projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: ath3k: Add support for VAIO VPCEH [0489:e027]
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
23b3b133 38#define MGMT_REVISION 2
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
225 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
a38528f1 256 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
476e44cb 329 int err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
476e44cb 350 count = 0;
8035ded4 351 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 352 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 353 continue;
354
bb4b2a9a
AE		 355 if (!mgmt_valid_hdev(d))
356 continue;
357
476e44cb 358 rp->index[count++] = cpu_to_le16(d->id);
faba42eb
JH		 359 BT_DBG("Added hci%u", d->id);
360 }
361
476e44cb
JH		 362 rp->num_controllers = cpu_to_le16(count);
363 rp_len = sizeof(*rp) + (2 * count);
364
faba42eb
JH		 365 read_unlock(&hci_dev_list_lock);
366
aee9b218 367 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 368 rp_len);
faba42eb 369
a38528f1
JH		 370 kfree(rp);
371
372 return err;
faba42eb
JH		 373}
374
69ab39ea
JH		 375static u32 get_supported_settings(struct hci_dev *hdev)
376{
377 u32 settings = 0;
378
379 settings |= MGMT_SETTING_POWERED;
380 settings |= MGMT_SETTING_CONNECTABLE;
381 settings |= MGMT_SETTING_FAST_CONNECTABLE;
382 settings |= MGMT_SETTING_DISCOVERABLE;
383 settings |= MGMT_SETTING_PAIRABLE;
384
9a1a1996 385 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 386 settings |= MGMT_SETTING_SSP;
387
ed3fa31f 388 if (lmp_bredr_capable(hdev)) {
69ab39ea
JH		 389 settings |= MGMT_SETTING_BREDR;
390 settings |= MGMT_SETTING_LINK_SECURITY;
391 }
392
d7b7e796
MH		 393 if (enable_hs)
394 settings |= MGMT_SETTING_HS;
395
c383ddc4 396 if (lmp_le_capable(hdev))
9d42820f 397 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 398
399 return settings;
400}
401
402static u32 get_current_settings(struct hci_dev *hdev)
403{
404 u32 settings = 0;
405
f1f0eb02 406 if (hdev_is_powered(hdev))
f0d4b78a
MH		 407 settings |= MGMT_SETTING_POWERED;
408
5e5282bb 409 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 410 settings |= MGMT_SETTING_CONNECTABLE;
411
5e5282bb 412 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 413 settings |= MGMT_SETTING_DISCOVERABLE;
414
a8b2d5c2 415 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 416 settings |= MGMT_SETTING_PAIRABLE;
417
ed3fa31f 418 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 419 settings |= MGMT_SETTING_BREDR;
420
06199cf8 421 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 422 settings |= MGMT_SETTING_LE;
423
47990ea0 424 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 425 settings |= MGMT_SETTING_LINK_SECURITY;
426
84bde9d6 427 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 428 settings |= MGMT_SETTING_SSP;
429
6d80dfd0
JH		 430 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
431 settings |= MGMT_SETTING_HS;
432
69ab39ea
JH		 433 return settings;
434}
435
ef580372
JH		 436#define PNP_INFO_SVCLASS_ID 0x1200
437
438static u8 bluetooth_base_uuid[] = {
439 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
440 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
441};
442
443static u16 get_uuid16(u8 *uuid128)
444{
445 u32 val;
446 int i;
447
448 for (i = 0; i < 12; i++) {
449 if (bluetooth_base_uuid[i] != uuid128[i])
450 return 0;
451 }
452
3e9fb6d8 453 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 454 if (val > 0xffff)
455 return 0;
456
457 return (u16) val;
458}
459
460static void create_eir(struct hci_dev *hdev, u8 *data)
461{
462 u8 *ptr = data;
463 u16 eir_len = 0;
464 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
465 int i, truncated = 0;
466 struct bt_uuid *uuid;
467 size_t name_len;
468
469 name_len = strlen(hdev->dev_name);
470
471 if (name_len > 0) {
472 /* EIR Data type */
473 if (name_len > 48) {
474 name_len = 48;
475 ptr[1] = EIR_NAME_SHORT;
476 } else
477 ptr[1] = EIR_NAME_COMPLETE;
478
479 /* EIR Data length */
480 ptr[0] = name_len + 1;
481
482 memcpy(ptr + 2, hdev->dev_name, name_len);
483
484 eir_len += (name_len + 2);
485 ptr += (name_len + 2);
486 }
487
91c4e9b1
MH		 488 if (hdev->inq_tx_power) {
489 ptr[0] = 2;
490 ptr[1] = EIR_TX_POWER;
491 ptr[2] = (u8) hdev->inq_tx_power;
492
493 eir_len += 3;
494 ptr += 3;
495 }
496
2b9be137
MH		 497 if (hdev->devid_source > 0) {
498 ptr[0] = 9;
499 ptr[1] = EIR_DEVICE_ID;
500
501 put_unaligned_le16(hdev->devid_source, ptr + 2);
502 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
503 put_unaligned_le16(hdev->devid_product, ptr + 6);
504 put_unaligned_le16(hdev->devid_version, ptr + 8);
505
506 eir_len += 10;
507 ptr += 10;
508 }
509
ef580372
JH		 510 memset(uuid16_list, 0, sizeof(uuid16_list));
511
512 /* Group all UUID16 types */
513 list_for_each_entry(uuid, &hdev->uuids, list) {
514 u16 uuid16;
515
516 uuid16 = get_uuid16(uuid->uuid);
517 if (uuid16 == 0)
518 return;
519
520 if (uuid16 < 0x1100)
521 continue;
522
523 if (uuid16 == PNP_INFO_SVCLASS_ID)
524 continue;
525
526 /* Stop if not enough space to put next UUID */
527 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
528 truncated = 1;
529 break;
530 }
531
532 /* Check for duplicates */
533 for (i = 0; uuid16_list[i] != 0; i++)
534 if (uuid16_list[i] == uuid16)
535 break;
536
537 if (uuid16_list[i] == 0) {
538 uuid16_list[i] = uuid16;
539 eir_len += sizeof(u16);
540 }
541 }
542
543 if (uuid16_list[0] != 0) {
544 u8 *length = ptr;
545
546 /* EIR Data type */
547 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
548
549 ptr += 2;
550 eir_len += 2;
551
552 for (i = 0; uuid16_list[i] != 0; i++) {
553 *ptr++ = (uuid16_list[i] & 0x00ff);
554 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
555 }
556
557 /* EIR Data length */
558 *length = (i * sizeof(u16)) + 1;
559 }
560}
561
562static int update_eir(struct hci_dev *hdev)
563{
564 struct hci_cp_write_eir cp;
565
504c8dcd 566 if (!hdev_is_powered(hdev))
7770c4aa
JH		 567 return 0;
568
ef580372
JH		 569 if (!(hdev->features[6] & LMP_EXT_INQ))
570 return 0;
571
84bde9d6 572 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 573 return 0;
574
a8b2d5c2 575 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 576 return 0;
577
578 memset(&cp, 0, sizeof(cp));
579
580 create_eir(hdev, cp.data);
581
582 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
583 return 0;
584
585 memcpy(hdev->eir, cp.data, sizeof(cp.data));
586
587 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
588}
589
590static u8 get_service_classes(struct hci_dev *hdev)
591{
592 struct bt_uuid *uuid;
593 u8 val = 0;
594
595 list_for_each_entry(uuid, &hdev->uuids, list)
596 val |= uuid->svc_hint;
597
598 return val;
599}
600
601static int update_class(struct hci_dev *hdev)
602{
603 u8 cod[3];
c95f0ba7 604 int err;
ef580372
JH		 605
606 BT_DBG("%s", hdev->name);
607
504c8dcd 608 if (!hdev_is_powered(hdev))
7770c4aa
JH		 609 return 0;
610
a8b2d5c2 611 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 612 return 0;
613
614 cod[0] = hdev->minor_class;
615 cod[1] = hdev->major_class;
616 cod[2] = get_service_classes(hdev);
617
618 if (memcmp(cod, hdev->dev_class, 3) == 0)
619 return 0;
620
c95f0ba7
JH		 621 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
622 if (err == 0)
623 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
624
625 return err;
ef580372
JH		 626}
627
7d78525d
JH		 628static void service_cache_off(struct work_struct *work)
629{
630 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 631 service_cache.work);
7d78525d 632
a8b2d5c2 633 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 634 return;
635
636 hci_dev_lock(hdev);
637
638 update_eir(hdev);
639 update_class(hdev);
640
641 hci_dev_unlock(hdev);
642}
643
6a919082 644static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 645{
4f87da80 646 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 647 return;
648
4f87da80 649 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 650
4f87da80
JH		 651 /* Non-mgmt controlled devices get this bit set
652 * implicitly so that pairing works for them, however
653 * for mgmt we require user-space to explicitly enable
654 * it
655 */
656 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 657}
658
0f4e68cf 659static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 660 void *data, u16 data_len)
0381101f 661{
a38528f1 662 struct mgmt_rp_read_info rp;
f7b64e69 663
bdb6d971 664 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 665
09fd0de5 666 hci_dev_lock(hdev);
f7b64e69 667
dc4fe30b
JH		 668 memset(&rp, 0, sizeof(rp));
669
69ab39ea 670 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 671
69ab39ea 672 rp.version = hdev->hci_ver;
eb55ef07 673 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 674
675 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
676 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 677
a38528f1 678 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 679
dc4fe30b 680 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 681 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 682
09fd0de5 683 hci_dev_unlock(hdev);
0381101f 684
bdb6d971 685 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 686 sizeof(rp));
0381101f
JH		 687}
688
eec8d2bc
JH		 689static void mgmt_pending_free(struct pending_cmd *cmd)
690{
691 sock_put(cmd->sk);
c68fb7ff 692 kfree(cmd->param);
eec8d2bc
JH		 693 kfree(cmd);
694}
695
366a0336 696static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 697 struct hci_dev *hdev, void *data,
698 u16 len)
eec8d2bc
JH		 699{
700 struct pending_cmd *cmd;
701
12b94565 702 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 703 if (!cmd)
366a0336 704 return NULL;
eec8d2bc
JH		 705
706 cmd->opcode = opcode;
2e58ef3e 707 cmd->index = hdev->id;
eec8d2bc 708
12b94565 709 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 710 if (!cmd->param) {
eec8d2bc 711 kfree(cmd);
366a0336 712 return NULL;
eec8d2bc
JH		 713 }
714
8fce6357
SJ		 715 if (data)
716 memcpy(cmd->param, data, len);
eec8d2bc
JH		 717
718 cmd->sk = sk;
719 sock_hold(sk);
720
2e58ef3e 721 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 722
366a0336 723 return cmd;
eec8d2bc
JH		 724}
725
744cf19e 726static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 727 void (*cb)(struct pending_cmd *cmd,
728 void *data),
04124681 729 void *data)
eec8d2bc
JH		 730{
731 struct list_head *p, *n;
732
2e58ef3e 733 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 734 struct pending_cmd *cmd;
735
736 cmd = list_entry(p, struct pending_cmd, list);
737
b24752fe 738 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 739 continue;
740
eec8d2bc
JH		 741 cb(cmd, data);
742 }
743}
744
2e58ef3e 745static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 746{
8035ded4 747 struct pending_cmd *cmd;
eec8d2bc 748
2e58ef3e 749 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 750 if (cmd->opcode == opcode)
751 return cmd;
eec8d2bc
JH		 752 }
753
754 return NULL;
755}
756
a664b5bc 757static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 758{
73f22f62
JH		 759 list_del(&cmd->list);
760 mgmt_pending_free(cmd);
761}
762
69ab39ea 763static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 764{
69ab39ea 765 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 766
aee9b218 767 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 768 sizeof(settings));
8680570b
JH		 769}
770
bdb6d971 771static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 772 u16 len)
eec8d2bc 773{
650f726d 774 struct mgmt_mode *cp = data;
366a0336 775 struct pending_cmd *cmd;
4b34ee78 776 int err;
eec8d2bc 777
bdb6d971 778 BT_DBG("request for %s", hdev->name);
eec8d2bc 779
09fd0de5 780 hci_dev_lock(hdev);
eec8d2bc 781
f0d4b78a
MH		 782 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
783 cancel_delayed_work(&hdev->power_off);
784
785 if (cp->val) {
786 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
787 mgmt_powered(hdev, 1);
788 goto failed;
789 }
790 }
791
4b34ee78 792 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 793 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 794 goto failed;
795 }
796
2e58ef3e 797 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 798 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 799 MGMT_STATUS_BUSY);
eec8d2bc
JH		 800 goto failed;
801 }
802
2e58ef3e 803 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 804 if (!cmd) {
805 err = -ENOMEM;
eec8d2bc 806 goto failed;
366a0336 807 }
eec8d2bc 808
72a734ec 809 if (cp->val)
7f971041 810 schedule_work(&hdev->power_on);
eec8d2bc 811 else
80b7ab33 812 schedule_work(&hdev->power_off.work);
eec8d2bc 813
366a0336 814 err = 0;
eec8d2bc
JH		 815
816failed:
09fd0de5 817 hci_dev_unlock(hdev);
366a0336 818 return err;
eec8d2bc
JH		 819}
820
04124681
GP		 821static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
822 struct sock *skip_sk)
beadb2bd
JH		 823{
824 struct sk_buff *skb;
825 struct mgmt_hdr *hdr;
826
790eff44 827 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 828 if (!skb)
829 return -ENOMEM;
830
831 hdr = (void *) skb_put(skb, sizeof(*hdr));
832 hdr->opcode = cpu_to_le16(event);
833 if (hdev)
834 hdr->index = cpu_to_le16(hdev->id);
835 else
836 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
837 hdr->len = cpu_to_le16(data_len);
838
839 if (data)
840 memcpy(skb_put(skb, data_len), data, data_len);
841
97e0bdeb
MH		 842 /* Time stamp */
843 __net_timestamp(skb);
844
beadb2bd
JH		 845 hci_send_to_control(skb, skip_sk);
846 kfree_skb(skb);
847
848 return 0;
849}
850
851static int new_settings(struct hci_dev *hdev, struct sock *skip)
852{
853 __le32 ev;
854
855 ev = cpu_to_le32(get_current_settings(hdev));
856
857 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
858}
859
bdb6d971 860static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 861 u16 len)
73f22f62 862{
650f726d 863 struct mgmt_cp_set_discoverable *cp = data;
366a0336 864 struct pending_cmd *cmd;
5e5282bb 865 u16 timeout;
73f22f62
JH		 866 u8 scan;
867 int err;
868
bdb6d971 869 BT_DBG("request for %s", hdev->name);
73f22f62 870
1f350c87 871 timeout = __le16_to_cpu(cp->timeout);
24c54a90 872 if (!cp->val && timeout > 0)
bdb6d971 873 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 874 MGMT_STATUS_INVALID_PARAMS);
73f22f62 875
09fd0de5 876 hci_dev_lock(hdev);
73f22f62 877
5e5282bb 878 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 879 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 880 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 881 goto failed;
882 }
883
2e58ef3e 884 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 885 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 886 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 887 MGMT_STATUS_BUSY);
73f22f62
JH		 888 goto failed;
889 }
890
5e5282bb 891 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 892 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 893 MGMT_STATUS_REJECTED);
5e5282bb
JH		 894 goto failed;
895 }
896
897 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 898 bool changed = false;
899
900 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
901 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
902 changed = true;
903 }
904
5e5282bb 905 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 906 if (err < 0)
907 goto failed;
908
909 if (changed)
910 err = new_settings(hdev, sk);
911
5e5282bb
JH		 912 goto failed;
913 }
914
915 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 916 if (hdev->discov_timeout > 0) {
917 cancel_delayed_work(&hdev->discov_off);
918 hdev->discov_timeout = 0;
919 }
920
921 if (cp->val && timeout > 0) {
922 hdev->discov_timeout = timeout;
923 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
924 msecs_to_jiffies(hdev->discov_timeout * 1000));
925 }
926
69ab39ea 927 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 928 goto failed;
929 }
930
2e58ef3e 931 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 932 if (!cmd) {
933 err = -ENOMEM;
73f22f62 934 goto failed;
366a0336 935 }
73f22f62
JH		 936
937 scan = SCAN_PAGE;
938
72a734ec 939 if (cp->val)
73f22f62 940 scan |= SCAN_INQUIRY;
16ab91ab 941 else
e0f9309f 942 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 943
944 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
945 if (err < 0)
a664b5bc 946 mgmt_pending_remove(cmd);
73f22f62 947
16ab91ab 948 if (cp->val)
5e5282bb 949 hdev->discov_timeout = timeout;
16ab91ab 950
73f22f62 951failed:
09fd0de5 952 hci_dev_unlock(hdev);
73f22f62
JH		 953 return err;
954}
955
bdb6d971 956static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 957 u16 len)
9fbcbb45 958{
650f726d 959 struct mgmt_mode *cp = data;
366a0336 960 struct pending_cmd *cmd;
9fbcbb45
JH		 961 u8 scan;
962 int err;
963
bdb6d971 964 BT_DBG("request for %s", hdev->name);
9fbcbb45 965
09fd0de5 966 hci_dev_lock(hdev);
9fbcbb45 967
4b34ee78 968 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 969 bool changed = false;
970
971 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
972 changed = true;
973
6bf0e469 974 if (cp->val) {
5e5282bb 975 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 976 } else {
5e5282bb
JH		 977 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
978 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
979 }
0224d2fa 980
5e5282bb 981 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 982 if (err < 0)
983 goto failed;
984
985 if (changed)
986 err = new_settings(hdev, sk);
987
9fbcbb45
JH		 988 goto failed;
989 }
990
2e58ef3e 991 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 992 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 993 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 994 MGMT_STATUS_BUSY);
9fbcbb45
JH		 995 goto failed;
996 }
997
5e5282bb 998 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 999 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1000 goto failed;
1001 }
1002
2e58ef3e 1003 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1004 if (!cmd) {
1005 err = -ENOMEM;
9fbcbb45 1006 goto failed;
366a0336 1007 }
9fbcbb45 1008
6bf0e469 1009 if (cp->val) {
9fbcbb45 1010 scan = SCAN_PAGE;
6bf0e469 1011 } else {
9fbcbb45
JH		 1012 scan = 0;
1013
df2c6c5e 1014 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1015 hdev->discov_timeout > 0)
df2c6c5e
JH		 1016 cancel_delayed_work(&hdev->discov_off);
1017 }
1018
9fbcbb45
JH		 1019 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1020 if (err < 0)
a664b5bc 1021 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1022
1023failed:
09fd0de5 1024 hci_dev_unlock(hdev);
9fbcbb45
JH		 1025 return err;
1026}
1027
bdb6d971 1028static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1029 u16 len)
c542a06c 1030{
650f726d 1031 struct mgmt_mode *cp = data;
c542a06c
JH		 1032 int err;
1033
bdb6d971 1034 BT_DBG("request for %s", hdev->name);
c542a06c 1035
09fd0de5 1036 hci_dev_lock(hdev);
c542a06c
JH		 1037
1038 if (cp->val)
a8b2d5c2 1039 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1040 else
a8b2d5c2 1041 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1042
69ab39ea 1043 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1044 if (err < 0)
1045 goto failed;
1046
beadb2bd 1047 err = new_settings(hdev, sk);
c542a06c
JH		 1048
1049failed:
09fd0de5 1050 hci_dev_unlock(hdev);
c542a06c
JH		 1051 return err;
1052}
1053
04124681
GP		 1054static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1055 u16 len)
33ef95ed
JH		 1056{
1057 struct mgmt_mode *cp = data;
1058 struct pending_cmd *cmd;
816a11d5 1059 u8 val;
33ef95ed
JH		 1060 int err;
1061
bdb6d971 1062 BT_DBG("request for %s", hdev->name);
33ef95ed 1063
33ef95ed
JH		 1064 hci_dev_lock(hdev);
1065
4b34ee78 1066 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1067 bool changed = false;
1068
1069 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1070 &hdev->dev_flags)) {
47990ea0
JH		 1071 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1072 changed = true;
1073 }
1074
1075 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1076 if (err < 0)
1077 goto failed;
1078
1079 if (changed)
1080 err = new_settings(hdev, sk);
1081
33ef95ed
JH		 1082 goto failed;
1083 }
1084
1085 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1086 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1087 MGMT_STATUS_BUSY);
33ef95ed
JH		 1088 goto failed;
1089 }
1090
1091 val = !!cp->val;
1092
1093 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1094 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1095 goto failed;
1096 }
1097
1098 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1099 if (!cmd) {
1100 err = -ENOMEM;
1101 goto failed;
1102 }
1103
1104 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1105 if (err < 0) {
1106 mgmt_pending_remove(cmd);
1107 goto failed;
1108 }
1109
1110failed:
1111 hci_dev_unlock(hdev);
33ef95ed
JH		 1112 return err;
1113}
1114
bdb6d971 1115static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1116{
1117 struct mgmt_mode *cp = data;
1118 struct pending_cmd *cmd;
816a11d5 1119 u8 val;
ed2c4ee3
JH		 1120 int err;
1121
bdb6d971 1122 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1123
ed2c4ee3
JH		 1124 hci_dev_lock(hdev);
1125
9a1a1996 1126 if (!lmp_ssp_capable(hdev)) {
bdb6d971 1127 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
04124681 1128 MGMT_STATUS_NOT_SUPPORTED);
6c8f12c1
JH		 1129 goto failed;
1130 }
1131
c0ecddc2
JH		 1132 val = !!cp->val;
1133
4b34ee78 1134 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1135 bool changed = false;
1136
1137 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1138 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1139 changed = true;
1140 }
1141
1142 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1143 if (err < 0)
1144 goto failed;
1145
1146 if (changed)
1147 err = new_settings(hdev, sk);
1148
ed2c4ee3
JH		 1149 goto failed;
1150 }
1151
1152 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1153 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1154 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1155 goto failed;
1156 }
1157
ed2c4ee3
JH		 1158 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1159 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1160 goto failed;
1161 }
1162
1163 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1164 if (!cmd) {
1165 err = -ENOMEM;
1166 goto failed;
1167 }
1168
1169 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1170 if (err < 0) {
1171 mgmt_pending_remove(cmd);
1172 goto failed;
1173 }
1174
1175failed:
1176 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1177 return err;
1178}
1179
bdb6d971 1180static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1181{
1182 struct mgmt_mode *cp = data;
6d80dfd0 1183
bdb6d971 1184 BT_DBG("request for %s", hdev->name);
6d80dfd0 1185
bdb6d971
JH		 1186 if (!enable_hs)
1187 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1188 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0
JH		 1189
1190 if (cp->val)
1191 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1192 else
1193 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1194
bdb6d971 1195 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1196}
1197
bdb6d971 1198static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1199{
1200 struct mgmt_mode *cp = data;
1201 struct hci_cp_write_le_host_supported hci_cp;
1202 struct pending_cmd *cmd;
06199cf8 1203 int err;
0b60eba1 1204 u8 val, enabled;
06199cf8 1205
bdb6d971 1206 BT_DBG("request for %s", hdev->name);
06199cf8 1207
1de028ce
JH		 1208 hci_dev_lock(hdev);
1209
c383ddc4 1210 if (!lmp_le_capable(hdev)) {
bdb6d971 1211 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1212 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1213 goto unlock;
06199cf8
JH		 1214 }
1215
1216 val = !!cp->val;
0b60eba1 1217 enabled = !!(hdev->host_features[0] & LMP_HOST_LE);
06199cf8 1218
0b60eba1 1219 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1220 bool changed = false;
1221
1222 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1223 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1224 changed = true;
1225 }
1226
1227 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1228 if (err < 0)
1de028ce 1229 goto unlock;
06199cf8
JH		 1230
1231 if (changed)
1232 err = new_settings(hdev, sk);
1233
1de028ce 1234 goto unlock;
06199cf8
JH		 1235 }
1236
1237 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1238 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1239 MGMT_STATUS_BUSY);
1de028ce 1240 goto unlock;
06199cf8
JH		 1241 }
1242
1243 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1244 if (!cmd) {
1245 err = -ENOMEM;
1de028ce 1246 goto unlock;
06199cf8
JH		 1247 }
1248
1249 memset(&hci_cp, 0, sizeof(hci_cp));
1250
1251 if (val) {
1252 hci_cp.le = val;
1253 hci_cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
1254 }
1255
04124681
GP		 1256 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1257 &hci_cp);
0c01bc48 1258 if (err < 0)
06199cf8 1259 mgmt_pending_remove(cmd);
06199cf8 1260
1de028ce
JH		 1261unlock:
1262 hci_dev_unlock(hdev);
06199cf8
JH		 1263 return err;
1264}
1265
bdb6d971 1266static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1267{
650f726d 1268 struct mgmt_cp_add_uuid *cp = data;
90e70454 1269 struct pending_cmd *cmd;
2aeb9a1a 1270 struct bt_uuid *uuid;
2aeb9a1a
JH		 1271 int err;
1272
bdb6d971 1273 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1274
09fd0de5 1275 hci_dev_lock(hdev);
2aeb9a1a 1276
c95f0ba7 1277 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1278 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1279 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1280 goto failed;
1281 }
1282
92c4c204 1283 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1284 if (!uuid) {
1285 err = -ENOMEM;
1286 goto failed;
1287 }
1288
1289 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1290 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1291
1292 list_add(&uuid->list, &hdev->uuids);
1293
1aff6f09
JH		 1294 err = update_class(hdev);
1295 if (err < 0)
1296 goto failed;
1297
80a1e1db
JH		 1298 err = update_eir(hdev);
1299 if (err < 0)
1300 goto failed;
1301
90e70454 1302 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1303 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1304 hdev->dev_class, 3);
90e70454
JH		 1305 goto failed;
1306 }
1307
1308 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1309 if (!cmd)
90e70454 1310 err = -ENOMEM;
2aeb9a1a
JH		 1311
1312failed:
09fd0de5 1313 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1314 return err;
1315}
1316
24b78d0f
JH		 1317static bool enable_service_cache(struct hci_dev *hdev)
1318{
1319 if (!hdev_is_powered(hdev))
1320 return false;
1321
1322 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
17b02e62 1323 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT);
24b78d0f
JH		 1324 return true;
1325 }
1326
1327 return false;
1328}
1329
bdb6d971 1330static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1331 u16 len)
2aeb9a1a 1332{
650f726d 1333 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1334 struct pending_cmd *cmd;
2aeb9a1a 1335 struct list_head *p, *n;
2aeb9a1a 1336 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1337 int err, found;
1338
bdb6d971 1339 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1340
09fd0de5 1341 hci_dev_lock(hdev);
2aeb9a1a 1342
c95f0ba7 1343 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1344 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1345 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1346 goto unlock;
1347 }
1348
2aeb9a1a
JH		 1349 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1350 err = hci_uuids_clear(hdev);
4004b6d9 1351
24b78d0f 1352 if (enable_service_cache(hdev)) {
bdb6d971 1353 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1354 0, hdev->dev_class, 3);
24b78d0f
JH		 1355 goto unlock;
1356 }
4004b6d9 1357
9246a869 1358 goto update_class;
2aeb9a1a
JH		 1359 }
1360
1361 found = 0;
1362
1363 list_for_each_safe(p, n, &hdev->uuids) {
1364 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1365
1366 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1367 continue;
1368
1369 list_del(&match->list);
1370 found++;
1371 }
1372
1373 if (found == 0) {
bdb6d971 1374 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1375 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1376 goto unlock;
1377 }
1378
9246a869 1379update_class:
1aff6f09
JH		 1380 err = update_class(hdev);
1381 if (err < 0)
1382 goto unlock;
1383
80a1e1db
JH		 1384 err = update_eir(hdev);
1385 if (err < 0)
1386 goto unlock;
1387
90e70454 1388 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1389 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1390 hdev->dev_class, 3);
90e70454
JH		 1391 goto unlock;
1392 }
1393
1394 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1395 if (!cmd)
90e70454 1396 err = -ENOMEM;
2aeb9a1a
JH		 1397
1398unlock:
09fd0de5 1399 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1400 return err;
1401}
1402
bdb6d971 1403static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1404 u16 len)
1aff6f09 1405{
650f726d 1406 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1407 struct pending_cmd *cmd;
1aff6f09
JH		 1408 int err;
1409
bdb6d971 1410 BT_DBG("request for %s", hdev->name);
1aff6f09 1411
09fd0de5 1412 hci_dev_lock(hdev);
1aff6f09 1413
c95f0ba7 1414 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1415 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
04124681 1416 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1417 goto unlock;
1418 }
1419
932f5ff5
JH		 1420 hdev->major_class = cp->major;
1421 hdev->minor_class = cp->minor;
1422
b5235a65 1423 if (!hdev_is_powered(hdev)) {
bdb6d971 1424 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1425 hdev->dev_class, 3);
b5235a65
JH		 1426 goto unlock;
1427 }
1428
a8b2d5c2 1429 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1430 hci_dev_unlock(hdev);
1431 cancel_delayed_work_sync(&hdev->service_cache);
1432 hci_dev_lock(hdev);
14c0b608 1433 update_eir(hdev);
7d78525d 1434 }
14c0b608 1435
1aff6f09 1436 err = update_class(hdev);
90e70454
JH		 1437 if (err < 0)
1438 goto unlock;
1aff6f09 1439
90e70454 1440 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1441 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1442 hdev->dev_class, 3);
90e70454
JH		 1443 goto unlock;
1444 }
1445
1446 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1447 if (!cmd)
90e70454 1448 err = -ENOMEM;
1aff6f09 1449
b5235a65 1450unlock:
09fd0de5 1451 hci_dev_unlock(hdev);
1aff6f09
JH		 1452 return err;
1453}
1454
bdb6d971 1455static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1456 u16 len)
55ed8ca1 1457{
650f726d 1458 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1459 u16 key_count, expected_len;
a492cd52 1460 int i;
55ed8ca1 1461
1f350c87 1462 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1463
86742e1e
JH		 1464 expected_len = sizeof(*cp) + key_count *
1465 sizeof(struct mgmt_link_key_info);
a492cd52 1466 if (expected_len != len) {
86742e1e 1467 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1468 len, expected_len);
bdb6d971 1469 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1470 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1471 }
1472
bdb6d971 1473 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1474 key_count);
55ed8ca1 1475
09fd0de5 1476 hci_dev_lock(hdev);
55ed8ca1
JH		 1477
1478 hci_link_keys_clear(hdev);
1479
a8b2d5c2 1480 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1481
1482 if (cp->debug_keys)
a8b2d5c2 1483 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1484 else
a8b2d5c2 1485 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1486
a492cd52 1487 for (i = 0; i < key_count; i++) {
86742e1e 1488 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1489
d753fdc4 1490 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1491 key->type, key->pin_len);
55ed8ca1
JH		 1492 }
1493
bdb6d971 1494 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1495
09fd0de5 1496 hci_dev_unlock(hdev);
55ed8ca1 1497
a492cd52 1498 return 0;
55ed8ca1
JH		 1499}
1500
b1078ad0 1501static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1502 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1503{
1504 struct mgmt_ev_device_unpaired ev;
1505
1506 bacpy(&ev.addr.bdaddr, bdaddr);
1507 ev.addr.type = addr_type;
1508
1509 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1510 skip_sk);
b1078ad0
JH		 1511}
1512
bdb6d971 1513static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1514 u16 len)
55ed8ca1 1515{
124f6e35
JH		 1516 struct mgmt_cp_unpair_device *cp = data;
1517 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1518 struct hci_cp_disconnect dc;
1519 struct pending_cmd *cmd;
55ed8ca1 1520 struct hci_conn *conn;
55ed8ca1
JH		 1521 int err;
1522
09fd0de5 1523 hci_dev_lock(hdev);
55ed8ca1 1524
a8a1d19e 1525 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1526 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1527 rp.addr.type = cp->addr.type;
a8a1d19e 1528
86a8cfc6 1529 if (!hdev_is_powered(hdev)) {
bdb6d971 1530 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1531 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1532 goto unlock;
1533 }
1534
591f47f3 1535 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1536 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1537 else
1538 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1539
55ed8ca1 1540 if (err < 0) {
bdb6d971 1541 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1542 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1543 goto unlock;
1544 }
1545
86a8cfc6 1546 if (cp->disconnect) {
591f47f3 1547 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1548 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1549 &cp->addr.bdaddr);
86a8cfc6
JH		 1550 else
1551 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1552 &cp->addr.bdaddr);
86a8cfc6
JH		 1553 } else {
1554 conn = NULL;
1555 }
124f6e35 1556
a8a1d19e 1557 if (!conn) {
bdb6d971 1558 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1559 &rp, sizeof(rp));
b1078ad0 1560 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1561 goto unlock;
1562 }
55ed8ca1 1563
124f6e35 1564 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1565 sizeof(*cp));
a8a1d19e
JH		 1566 if (!cmd) {
1567 err = -ENOMEM;
1568 goto unlock;
55ed8ca1
JH		 1569 }
1570
eb55ef07 1571 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1572 dc.reason = 0x13; /* Remote User Terminated Connection */
1573 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1574 if (err < 0)
1575 mgmt_pending_remove(cmd);
1576
55ed8ca1 1577unlock:
09fd0de5 1578 hci_dev_unlock(hdev);
55ed8ca1
JH		 1579 return err;
1580}
1581
bdb6d971 1582static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1583 u16 len)
8962ee74 1584{
650f726d 1585 struct mgmt_cp_disconnect *cp = data;
8962ee74 1586 struct hci_cp_disconnect dc;
366a0336 1587 struct pending_cmd *cmd;
8962ee74 1588 struct hci_conn *conn;
8962ee74
JH		 1589 int err;
1590
1591 BT_DBG("");
1592
09fd0de5 1593 hci_dev_lock(hdev);
8962ee74
JH		 1594
1595 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1596 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1597 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1598 goto failed;
1599 }
1600
2e58ef3e 1601 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1602 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1603 MGMT_STATUS_BUSY);
8962ee74
JH		 1604 goto failed;
1605 }
1606
591f47f3 1607 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1608 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1609 &cp->addr.bdaddr);
88c3df13
JH		 1610 else
1611 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1612
f960727e 1613 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
bdb6d971 1614 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1615 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1616 goto failed;
1617 }
1618
2e58ef3e 1619 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1620 if (!cmd) {
1621 err = -ENOMEM;
8962ee74 1622 goto failed;
366a0336 1623 }
8962ee74 1624
eb55ef07 1625 dc.handle = cpu_to_le16(conn->handle);
3701f944 1626 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1627
1628 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1629 if (err < 0)
a664b5bc 1630 mgmt_pending_remove(cmd);
8962ee74
JH		 1631
1632failed:
09fd0de5 1633 hci_dev_unlock(hdev);
8962ee74
JH		 1634 return err;
1635}
1636
57c1477c 1637static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1638{
1639 switch (link_type) {
1640 case LE_LINK:
48264f06
JH		 1641 switch (addr_type) {
1642 case ADDR_LE_DEV_PUBLIC:
591f47f3 1643 return BDADDR_LE_PUBLIC;
0ed09148 1644
48264f06 1645 default:
0ed09148 1646 /* Fallback to LE Random address type */
591f47f3 1647 return BDADDR_LE_RANDOM;
48264f06 1648 }
0ed09148 1649
4c659c39 1650 default:
0ed09148 1651 /* Fallback to BR/EDR type */
591f47f3 1652 return BDADDR_BREDR;
4c659c39
JH		 1653 }
1654}
1655
04124681
GP		 1656static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1657 u16 data_len)
2784eb41 1658{
2784eb41 1659 struct mgmt_rp_get_connections *rp;
8035ded4 1660 struct hci_conn *c;
a38528f1 1661 size_t rp_len;
60fc5fb6
JH		 1662 int err;
1663 u16 i;
2784eb41
JH		 1664
1665 BT_DBG("");
1666
09fd0de5 1667 hci_dev_lock(hdev);
2784eb41 1668
5f97c1df 1669 if (!hdev_is_powered(hdev)) {
bdb6d971 1670 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1671 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1672 goto unlock;
1673 }
1674
60fc5fb6 1675 i = 0;
b644ba33
JH		 1676 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1677 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1678 i++;
2784eb41
JH		 1679 }
1680
60fc5fb6 1681 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1682 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1683 if (!rp) {
2784eb41
JH		 1684 err = -ENOMEM;
1685 goto unlock;
1686 }
1687
2784eb41 1688 i = 0;
4c659c39 1689 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1690 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1691 continue;
4c659c39 1692 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1693 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1694 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1695 continue;
1696 i++;
1697 }
1698
eb55ef07 1699 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1700
4c659c39
JH		 1701 /* Recalculate length in case of filtered SCO connections, etc */
1702 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1703
bdb6d971 1704 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1705 rp_len);
2784eb41 1706
a38528f1 1707 kfree(rp);
5f97c1df
JH		 1708
1709unlock:
09fd0de5 1710 hci_dev_unlock(hdev);
2784eb41
JH		 1711 return err;
1712}
1713
bdb6d971 1714static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1715 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1716{
1717 struct pending_cmd *cmd;
1718 int err;
1719
2e58ef3e 1720 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1721 sizeof(*cp));
96d97a67
WR		 1722 if (!cmd)
1723 return -ENOMEM;
1724
d8457698 1725 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1726 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1727 if (err < 0)
1728 mgmt_pending_remove(cmd);
1729
1730 return err;
1731}
1732
bdb6d971 1733static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1734 u16 len)
980e1a53 1735{
96d97a67 1736 struct hci_conn *conn;
650f726d 1737 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1738 struct hci_cp_pin_code_reply reply;
366a0336 1739 struct pending_cmd *cmd;
980e1a53
JH		 1740 int err;
1741
1742 BT_DBG("");
1743
09fd0de5 1744 hci_dev_lock(hdev);
980e1a53 1745
4b34ee78 1746 if (!hdev_is_powered(hdev)) {
bdb6d971 1747 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1748 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1749 goto failed;
1750 }
1751
d8457698 1752 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1753 if (!conn) {
bdb6d971 1754 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1755 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1756 goto failed;
1757 }
1758
1759 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1760 struct mgmt_cp_pin_code_neg_reply ncp;
1761
1762 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1763
1764 BT_ERR("PIN code is not 16 bytes long");
1765
bdb6d971 1766 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1767 if (err >= 0)
bdb6d971 1768 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1769 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1770
1771 goto failed;
1772 }
1773
00abfe44 1774 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1775 if (!cmd) {
1776 err = -ENOMEM;
980e1a53 1777 goto failed;
366a0336 1778 }
980e1a53 1779
d8457698 1780 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1781 reply.pin_len = cp->pin_len;
24718ca5 1782 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1783
1784 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1785 if (err < 0)
a664b5bc 1786 mgmt_pending_remove(cmd);
980e1a53
JH		 1787
1788failed:
09fd0de5 1789 hci_dev_unlock(hdev);
980e1a53
JH		 1790 return err;
1791}
1792
04124681
GP		 1793static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1794 u16 len)
17fa4b9d 1795{
650f726d 1796 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1797
1798 BT_DBG("");
1799
09fd0de5 1800 hci_dev_lock(hdev);
17fa4b9d
JH		 1801
1802 hdev->io_capability = cp->io_capability;
1803
1804 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1805 hdev->io_capability);
17fa4b9d 1806
09fd0de5 1807 hci_dev_unlock(hdev);
17fa4b9d 1808
04124681
GP		 1809 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1810 0);
17fa4b9d
JH		 1811}
1812
6039aa73 1813static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1814{
1815 struct hci_dev *hdev = conn->hdev;
8035ded4 1816 struct pending_cmd *cmd;
e9a416b5 1817
2e58ef3e 1818 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1819 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1820 continue;
1821
e9a416b5
JH		 1822 if (cmd->user_data != conn)
1823 continue;
1824
1825 return cmd;
1826 }
1827
1828 return NULL;
1829}
1830
1831static void pairing_complete(struct pending_cmd *cmd, u8 status)
1832{
1833 struct mgmt_rp_pair_device rp;
1834 struct hci_conn *conn = cmd->user_data;
1835
ba4e564f 1836 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1837 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1838
aee9b218 1839 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1840 &rp, sizeof(rp));
e9a416b5
JH		 1841
1842 /* So we don't get further callbacks for this connection */
1843 conn->connect_cfm_cb = NULL;
1844 conn->security_cfm_cb = NULL;
1845 conn->disconn_cfm_cb = NULL;
1846
1847 hci_conn_put(conn);
1848
a664b5bc 1849 mgmt_pending_remove(cmd);
e9a416b5
JH		 1850}
1851
1852static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1853{
1854 struct pending_cmd *cmd;
1855
1856 BT_DBG("status %u", status);
1857
1858 cmd = find_pairing(conn);
56e5cb86 1859 if (!cmd)
e9a416b5 1860 BT_DBG("Unable to find a pending command");
56e5cb86 1861 else
e211326c 1862 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1863}
1864
4c47d739
VA		 1865static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1866{
1867 struct pending_cmd *cmd;
1868
1869 BT_DBG("status %u", status);
1870
1871 if (!status)
1872 return;
1873
1874 cmd = find_pairing(conn);
1875 if (!cmd)
1876 BT_DBG("Unable to find a pending command");
1877 else
1878 pairing_complete(cmd, mgmt_status(status));
1879}
1880
bdb6d971 1881static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1882 u16 len)
e9a416b5 1883{
650f726d 1884 struct mgmt_cp_pair_device *cp = data;
1425acb7 1885 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1886 struct pending_cmd *cmd;
1887 u8 sec_level, auth_type;
1888 struct hci_conn *conn;
e9a416b5
JH		 1889 int err;
1890
1891 BT_DBG("");
1892
09fd0de5 1893 hci_dev_lock(hdev);
e9a416b5 1894
5f97c1df 1895 if (!hdev_is_powered(hdev)) {
bdb6d971 1896 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1897 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1898 goto unlock;
1899 }
1900
c908df36
VCG		 1901 sec_level = BT_SECURITY_MEDIUM;
1902 if (cp->io_cap == 0x03)
e9a416b5 1903 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1904 else
e9a416b5 1905 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1906
591f47f3 1907 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1908 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1909 cp->addr.type, sec_level, auth_type);
7a512d01 1910 else
b12f62cf
AG		 1911 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1912 cp->addr.type, sec_level, auth_type);
7a512d01 1913
1425acb7
JH		 1914 memset(&rp, 0, sizeof(rp));
1915 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1916 rp.addr.type = cp->addr.type;
1917
30e76272 1918 if (IS_ERR(conn)) {
489dc48e
AK		 1919 int status;
1920
1921 if (PTR_ERR(conn) == -EBUSY)
1922 status = MGMT_STATUS_BUSY;
1923 else
1924 status = MGMT_STATUS_CONNECT_FAILED;
1925
bdb6d971 1926 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 1927 status, &rp,
04124681 1928 sizeof(rp));
e9a416b5
JH		 1929 goto unlock;
1930 }
1931
1932 if (conn->connect_cfm_cb) {
1933 hci_conn_put(conn);
bdb6d971 1934 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1935 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1936 goto unlock;
1937 }
1938
2e58ef3e 1939 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1940 if (!cmd) {
1941 err = -ENOMEM;
1942 hci_conn_put(conn);
1943 goto unlock;
1944 }
1945
7a512d01 1946 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 1947 if (cp->addr.type == BDADDR_BREDR)
7a512d01 1948 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 1949 else
1950 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 1951
e9a416b5
JH		 1952 conn->security_cfm_cb = pairing_complete_cb;
1953 conn->disconn_cfm_cb = pairing_complete_cb;
1954 conn->io_capability = cp->io_cap;
1955 cmd->user_data = conn;
1956
1957 if (conn->state == BT_CONNECTED &&
8ce8e2b5 1958 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 1959 pairing_complete(cmd, 0);
1960
1961 err = 0;
1962
1963unlock:
09fd0de5 1964 hci_dev_unlock(hdev);
e9a416b5
JH		 1965 return err;
1966}
1967
04124681
GP		 1968static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1969 u16 len)
28424707 1970{
0f4e68cf 1971 struct mgmt_addr_info *addr = data;
28424707
JH		 1972 struct pending_cmd *cmd;
1973 struct hci_conn *conn;
1974 int err;
1975
1976 BT_DBG("");
1977
28424707
JH		 1978 hci_dev_lock(hdev);
1979
5f97c1df 1980 if (!hdev_is_powered(hdev)) {
bdb6d971 1981 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1982 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1983 goto unlock;
1984 }
1985
28424707
JH		 1986 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1987 if (!cmd) {
bdb6d971 1988 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1989 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 1990 goto unlock;
1991 }
1992
1993 conn = cmd->user_data;
1994
1995 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 1996 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1997 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 1998 goto unlock;
1999 }
2000
2001 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2002
bdb6d971 2003 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2004 addr, sizeof(*addr));
28424707
JH		 2005unlock:
2006 hci_dev_unlock(hdev);
28424707
JH		 2007 return err;
2008}
2009
bdb6d971 2010static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2011 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2012 u16 hci_op, __le32 passkey)
a5c29683 2013{
a5c29683 2014 struct pending_cmd *cmd;
0df4c185 2015 struct hci_conn *conn;
a5c29683
JH		 2016 int err;
2017
09fd0de5 2018 hci_dev_lock(hdev);
08ba5382 2019
4b34ee78 2020 if (!hdev_is_powered(hdev)) {
bdb6d971 2021 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2022 MGMT_STATUS_NOT_POWERED);
0df4c185 2023 goto done;
a5c29683
JH		 2024 }
2025
591f47f3 2026 if (type == BDADDR_BREDR)
272d90df
JH		 2027 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2028 else
47c15e2b 2029 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2030
2031 if (!conn) {
bdb6d971 2032 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2033 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2034 goto done;
2035 }
47c15e2b 2036
591f47f3 2037 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2038 /* Continue with pairing via SMP */
5fe57d9e
BG		 2039 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2040
2041 if (!err)
bdb6d971 2042 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2043 MGMT_STATUS_SUCCESS);
5fe57d9e 2044 else
bdb6d971 2045 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2046 MGMT_STATUS_FAILED);
47c15e2b 2047
47c15e2b
BG		 2048 goto done;
2049 }
2050
0df4c185 2051 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2052 if (!cmd) {
2053 err = -ENOMEM;
0df4c185 2054 goto done;
a5c29683
JH		 2055 }
2056
0df4c185 2057 /* Continue with pairing via HCI */
604086b7
BG		 2058 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2059 struct hci_cp_user_passkey_reply cp;
2060
2061 bacpy(&cp.bdaddr, bdaddr);
2062 cp.passkey = passkey;
2063 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2064 } else
2065 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2066
a664b5bc
JH		 2067 if (err < 0)
2068 mgmt_pending_remove(cmd);
a5c29683 2069
0df4c185 2070done:
09fd0de5 2071 hci_dev_unlock(hdev);
a5c29683
JH		 2072 return err;
2073}
2074
afeb019d
JK		 2075static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2076 void *data, u16 len)
2077{
2078 struct mgmt_cp_pin_code_neg_reply *cp = data;
2079
2080 BT_DBG("");
2081
2082 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2083 MGMT_OP_PIN_CODE_NEG_REPLY,
2084 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2085}
2086
04124681
GP		 2087static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2088 u16 len)
0df4c185 2089{
650f726d 2090 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2091
2092 BT_DBG("");
2093
2094 if (len != sizeof(*cp))
bdb6d971 2095 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2096 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2097
bdb6d971 2098 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2099 MGMT_OP_USER_CONFIRM_REPLY,
2100 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2101}
2102
bdb6d971 2103static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2104 void *data, u16 len)
0df4c185 2105{
c9c2659f 2106 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2107
2108 BT_DBG("");
2109
bdb6d971 2110 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2111 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2112 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2113}
2114
04124681
GP		 2115static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2116 u16 len)
604086b7 2117{
650f726d 2118 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2119
2120 BT_DBG("");
2121
bdb6d971 2122 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2123 MGMT_OP_USER_PASSKEY_REPLY,
2124 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2125}
2126
bdb6d971 2127static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2128 void *data, u16 len)
604086b7 2129{
650f726d 2130 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2131
2132 BT_DBG("");
2133
bdb6d971 2134 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2135 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2136 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2137}
2138
2b4bf397
JH		 2139static int update_name(struct hci_dev *hdev, const char *name)
2140{
2141 struct hci_cp_write_local_name cp;
2142
2143 memcpy(cp.name, name, sizeof(cp.name));
2144
2145 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2146}
2147
bdb6d971 2148static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2149 u16 len)
b312b161 2150{
2b4bf397 2151 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2152 struct pending_cmd *cmd;
2153 int err;
2154
2155 BT_DBG("");
2156
09fd0de5 2157 hci_dev_lock(hdev);
b312b161 2158
2b4bf397 2159 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2160
b5235a65 2161 if (!hdev_is_powered(hdev)) {
2b4bf397 2162 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2163
2164 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2165 data, len);
28cc7bde
JH		 2166 if (err < 0)
2167 goto failed;
2168
2169 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2170 sk);
28cc7bde 2171
b5235a65
JH		 2172 goto failed;
2173 }
2174
28cc7bde 2175 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2176 if (!cmd) {
2177 err = -ENOMEM;
2178 goto failed;
2179 }
2180
2b4bf397 2181 err = update_name(hdev, cp->name);
b312b161
JH		 2182 if (err < 0)
2183 mgmt_pending_remove(cmd);
2184
2185failed:
09fd0de5 2186 hci_dev_unlock(hdev);
b312b161
JH		 2187 return err;
2188}
2189
0f4e68cf 2190static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2191 void *data, u16 data_len)
c35938b2 2192{
c35938b2
SJ		 2193 struct pending_cmd *cmd;
2194 int err;
2195
bdb6d971 2196 BT_DBG("%s", hdev->name);
c35938b2 2197
09fd0de5 2198 hci_dev_lock(hdev);
c35938b2 2199
4b34ee78 2200 if (!hdev_is_powered(hdev)) {
bdb6d971 2201 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2202 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2203 goto unlock;
2204 }
2205
9a1a1996 2206 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2207 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2208 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2209 goto unlock;
2210 }
2211
2e58ef3e 2212 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2213 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2214 MGMT_STATUS_BUSY);
c35938b2
SJ		 2215 goto unlock;
2216 }
2217
2e58ef3e 2218 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2219 if (!cmd) {
2220 err = -ENOMEM;
2221 goto unlock;
2222 }
2223
2224 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2225 if (err < 0)
2226 mgmt_pending_remove(cmd);
2227
2228unlock:
09fd0de5 2229 hci_dev_unlock(hdev);
c35938b2
SJ		 2230 return err;
2231}
2232
bdb6d971 2233static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2234 void *data, u16 len)
2763eda6 2235{
650f726d 2236 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2237 u8 status;
2763eda6
SJ		 2238 int err;
2239
bdb6d971 2240 BT_DBG("%s ", hdev->name);
2763eda6 2241
09fd0de5 2242 hci_dev_lock(hdev);
2763eda6 2243
5f97c1df 2244 if (!hdev_is_powered(hdev)) {
bdb6d971 2245 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA,
04124681
GP		 2246 MGMT_STATUS_NOT_POWERED, &cp->addr,
2247 sizeof(cp->addr));
5f97c1df
JH		 2248 goto unlock;
2249 }
2250
664ce4cc 2251 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2252 cp->randomizer);
2763eda6 2253 if (err < 0)
bf1e3541 2254 status = MGMT_STATUS_FAILED;
2763eda6 2255 else
bf1e3541
JH		 2256 status = 0;
2257
bdb6d971 2258 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2259 &cp->addr, sizeof(cp->addr));
2763eda6 2260
5f97c1df 2261unlock:
09fd0de5 2262 hci_dev_unlock(hdev);
2763eda6
SJ		 2263 return err;
2264}
2265
bdb6d971 2266static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2267 void *data, u16 len)
2763eda6 2268{
650f726d 2269 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2270 u8 status;
2763eda6
SJ		 2271 int err;
2272
bdb6d971 2273 BT_DBG("%s", hdev->name);
2763eda6 2274
09fd0de5 2275 hci_dev_lock(hdev);
2763eda6 2276
5f97c1df 2277 if (!hdev_is_powered(hdev)) {
bdb6d971 2278 err = cmd_complete(sk, hdev->id,
04124681
GP		 2279 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2280 MGMT_STATUS_NOT_POWERED, &cp->addr,
2281 sizeof(cp->addr));
5f97c1df
JH		 2282 goto unlock;
2283 }
2284
664ce4cc 2285 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2286 if (err < 0)
bf1e3541 2287 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2288 else
bf1e3541
JH		 2289 status = 0;
2290
bdb6d971 2291 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2292 status, &cp->addr, sizeof(cp->addr));
2763eda6 2293
5f97c1df 2294unlock:
09fd0de5 2295 hci_dev_unlock(hdev);
2763eda6
SJ		 2296 return err;
2297}
2298
5e0452c0
AG		 2299int mgmt_interleaved_discovery(struct hci_dev *hdev)
2300{
2301 int err;
2302
2303 BT_DBG("%s", hdev->name);
2304
2305 hci_dev_lock(hdev);
2306
2307 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2308 if (err < 0)
2309 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2310
2311 hci_dev_unlock(hdev);
2312
2313 return err;
2314}
2315
bdb6d971 2316static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2317 void *data, u16 len)
14a53664 2318{
650f726d 2319 struct mgmt_cp_start_discovery *cp = data;
14a53664 2320 struct pending_cmd *cmd;
14a53664
JH		 2321 int err;
2322
bdb6d971 2323 BT_DBG("%s", hdev->name);
14a53664 2324
09fd0de5 2325 hci_dev_lock(hdev);
14a53664 2326
4b34ee78 2327 if (!hdev_is_powered(hdev)) {
bdb6d971 2328 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2329 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2330 goto failed;
2331 }
2332
642be6c7
AG		 2333 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2334 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2335 MGMT_STATUS_BUSY);
2336 goto failed;
2337 }
2338
ff9ef578 2339 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2340 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2341 MGMT_STATUS_BUSY);
ff9ef578
JH		 2342 goto failed;
2343 }
2344
2e58ef3e 2345 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2346 if (!cmd) {
2347 err = -ENOMEM;
2348 goto failed;
2349 }
2350
4aab14e5
AG		 2351 hdev->discovery.type = cp->type;
2352
2353 switch (hdev->discovery.type) {
f39799f5 2354 case DISCOV_TYPE_BREDR:
8b90129c
AG		 2355 if (lmp_bredr_capable(hdev))
2356 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2357 else
2358 err = -ENOTSUPP;
f39799f5
AG		 2359 break;
2360
2361 case DISCOV_TYPE_LE:
8b90129c
AG		 2362 if (lmp_host_le_capable(hdev))
2363 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681 2364 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
8b90129c
AG		 2365 else
2366 err = -ENOTSUPP;
f39799f5
AG		 2367 break;
2368
5e0452c0 2369 case DISCOV_TYPE_INTERLEAVED:
426c189a
AG		 2370 if (lmp_host_le_capable(hdev) && lmp_bredr_capable(hdev))
2371 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681
GP		 2372 LE_SCAN_WIN,
2373 LE_SCAN_TIMEOUT_BREDR_LE);
426c189a
AG		 2374 else
2375 err = -ENOTSUPP;
5e0452c0
AG		 2376 break;
2377
f39799f5 2378 default:
3fd24153 2379 err = -EINVAL;
f39799f5 2380 }
3fd24153 2381
14a53664
JH		 2382 if (err < 0)
2383 mgmt_pending_remove(cmd);
ff9ef578
JH		 2384 else
2385 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2386
2387failed:
09fd0de5 2388 hci_dev_unlock(hdev);
14a53664
JH		 2389 return err;
2390}
2391
bdb6d971 2392static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2393 u16 len)
14a53664 2394{
d930650b 2395 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2396 struct pending_cmd *cmd;
30dc78e1
JH		 2397 struct hci_cp_remote_name_req_cancel cp;
2398 struct inquiry_entry *e;
14a53664
JH		 2399 int err;
2400
bdb6d971 2401 BT_DBG("%s", hdev->name);
14a53664 2402
09fd0de5 2403 hci_dev_lock(hdev);
14a53664 2404
30dc78e1 2405 if (!hci_discovery_active(hdev)) {
bdb6d971 2406 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2407 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2408 sizeof(mgmt_cp->type));
d930650b
JH		 2409 goto unlock;
2410 }
2411
2412 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2413 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2414 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2415 sizeof(mgmt_cp->type));
30dc78e1 2416 goto unlock;
ff9ef578
JH		 2417 }
2418
2e58ef3e 2419 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2420 if (!cmd) {
2421 err = -ENOMEM;
30dc78e1
JH		 2422 goto unlock;
2423 }
2424
e0d9727e
AG		 2425 switch (hdev->discovery.state) {
2426 case DISCOVERY_FINDING:
c9ecc48e
AG		 2427 if (test_bit(HCI_INQUIRY, &hdev->flags))
2428 err = hci_cancel_inquiry(hdev);
2429 else
2430 err = hci_cancel_le_scan(hdev);
2431
e0d9727e
AG		 2432 break;
2433
2434 case DISCOVERY_RESOLVING:
2435 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2436 NAME_PENDING);
e0d9727e 2437 if (!e) {
30dc78e1 2438 mgmt_pending_remove(cmd);
e0d9727e
AG		 2439 err = cmd_complete(sk, hdev->id,
2440 MGMT_OP_STOP_DISCOVERY, 0,
2441 &mgmt_cp->type,
2442 sizeof(mgmt_cp->type));
2443 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2444 goto unlock;
2445 }
30dc78e1 2446
e0d9727e
AG		 2447 bacpy(&cp.bdaddr, &e->data.bdaddr);
2448 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2449 sizeof(cp), &cp);
2450
2451 break;
2452
2453 default:
2454 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2455 err = -EFAULT;
14a53664
JH		 2456 }
2457
14a53664
JH		 2458 if (err < 0)
2459 mgmt_pending_remove(cmd);
ff9ef578
JH		 2460 else
2461 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2462
30dc78e1 2463unlock:
09fd0de5 2464 hci_dev_unlock(hdev);
14a53664
JH		 2465 return err;
2466}
2467
bdb6d971 2468static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2469 u16 len)
561aafbc 2470{
650f726d 2471 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2472 struct inquiry_entry *e;
561aafbc
JH		 2473 int err;
2474
bdb6d971 2475 BT_DBG("%s", hdev->name);
561aafbc 2476
561aafbc
JH		 2477 hci_dev_lock(hdev);
2478
30dc78e1 2479 if (!hci_discovery_active(hdev)) {
bdb6d971 2480 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2481 MGMT_STATUS_FAILED);
30dc78e1
JH		 2482 goto failed;
2483 }
2484
a198e7b1 2485 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2486 if (!e) {
bdb6d971 2487 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2488 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2489 goto failed;
2490 }
2491
2492 if (cp->name_known) {
2493 e->name_state = NAME_KNOWN;
2494 list_del(&e->list);
2495 } else {
2496 e->name_state = NAME_NEEDED;
a3d4e20a 2497 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2498 }
2499
2500 err = 0;
2501
2502failed:
2503 hci_dev_unlock(hdev);
561aafbc
JH		 2504 return err;
2505}
2506
bdb6d971 2507static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2508 u16 len)
7fbec224 2509{
650f726d 2510 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2511 u8 status;
7fbec224
AJ		 2512 int err;
2513
bdb6d971 2514 BT_DBG("%s", hdev->name);
7fbec224 2515
09fd0de5 2516 hci_dev_lock(hdev);
5e762444 2517
88c1fe4b 2518 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2519 if (err < 0)
f0eeea8b 2520 status = MGMT_STATUS_FAILED;
7fbec224 2521 else
f0eeea8b
JH		 2522 status = 0;
2523
bdb6d971 2524 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2525 &cp->addr, sizeof(cp->addr));
5e762444 2526
09fd0de5 2527 hci_dev_unlock(hdev);
7fbec224
AJ		 2528
2529 return err;
2530}
2531
bdb6d971 2532static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2533 u16 len)
7fbec224 2534{
650f726d 2535 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2536 u8 status;
7fbec224
AJ		 2537 int err;
2538
bdb6d971 2539 BT_DBG("%s", hdev->name);
7fbec224 2540
09fd0de5 2541 hci_dev_lock(hdev);
5e762444 2542
88c1fe4b 2543 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2544 if (err < 0)
f0eeea8b 2545 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2546 else
f0eeea8b
JH		 2547 status = 0;
2548
bdb6d971 2549 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2550 &cp->addr, sizeof(cp->addr));
5e762444 2551
09fd0de5 2552 hci_dev_unlock(hdev);
7fbec224
AJ		 2553
2554 return err;
2555}
2556
cdbaccca
MH		 2557static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2558 u16 len)
2559{
2560 struct mgmt_cp_set_device_id *cp = data;
2561 int err;
c72d4b8a 2562 __u16 source;
cdbaccca
MH		 2563
2564 BT_DBG("%s", hdev->name);
2565
c72d4b8a
SJ		 2566 source = __le16_to_cpu(cp->source);
2567
2568 if (source > 0x0002)
2569 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2570 MGMT_STATUS_INVALID_PARAMS);
2571
cdbaccca
MH		 2572 hci_dev_lock(hdev);
2573
c72d4b8a 2574 hdev->devid_source = source;
cdbaccca
MH		 2575 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2576 hdev->devid_product = __le16_to_cpu(cp->product);
2577 hdev->devid_version = __le16_to_cpu(cp->version);
2578
2579 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2580
2581 update_eir(hdev);
2582
2583 hci_dev_unlock(hdev);
2584
2585 return err;
2586}
2587
bdb6d971 2588static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2589 void *data, u16 len)
f6422ec6 2590{
650f726d 2591 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2592 struct hci_cp_write_page_scan_activity acp;
2593 u8 type;
2594 int err;
2595
bdb6d971 2596 BT_DBG("%s", hdev->name);
f6422ec6 2597
5400c044 2598 if (!hdev_is_powered(hdev))
bdb6d971 2599 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2600 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2601
2602 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2603 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2604 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2605
2606 hci_dev_lock(hdev);
2607
f7c6869c 2608 if (cp->val) {
f6422ec6 2609 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8 2610
83ce9a06
JH		 2611 /* 160 msec page scan interval */
2612 acp.interval = __constant_cpu_to_le16(0x0100);
f6422ec6
AJ		 2613 } else {
2614 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2615
2616 /* default 1.28 sec page scan */
2617 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2618 }
2619
76ec9de8
AE		 2620 /* default 11.25 msec page scan window */
2621 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2622
04124681
GP		 2623 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2624 &acp);
f6422ec6 2625 if (err < 0) {
bdb6d971 2626 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2627 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2628 goto done;
2629 }
2630
2631 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2632 if (err < 0) {
bdb6d971 2633 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2634 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2635 goto done;
2636 }
2637
bdb6d971 2638 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2639 NULL, 0);
f6422ec6
AJ		 2640done:
2641 hci_dev_unlock(hdev);
f6422ec6
AJ		 2642 return err;
2643}
2644
bdb6d971 2645static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2646 void *cp_data, u16 len)
346af67b 2647{
346af67b
VCG		 2648 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2649 u16 key_count, expected_len;
2650 int i;
2651
1f350c87 2652 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2653
2654 expected_len = sizeof(*cp) + key_count *
2655 sizeof(struct mgmt_ltk_info);
2656 if (expected_len != len) {
2657 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2658 len, expected_len);
bdb6d971 2659 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2660 EINVAL);
346af67b
VCG		 2661 }
2662
bdb6d971 2663 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2664
2665 hci_dev_lock(hdev);
2666
2667 hci_smp_ltks_clear(hdev);
2668
2669 for (i = 0; i < key_count; i++) {
2670 struct mgmt_ltk_info *key = &cp->keys[i];
2671 u8 type;
2672
2673 if (key->master)
2674 type = HCI_SMP_LTK;
2675 else
2676 type = HCI_SMP_LTK_SLAVE;
2677
4596fde5 2678 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2679 bdaddr_to_le(key->addr.type),
04124681
GP		 2680 type, 0, key->authenticated, key->val,
2681 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2682 }
2683
2684 hci_dev_unlock(hdev);
346af67b
VCG		 2685
2686 return 0;
2687}
2688
2e3c35ea 2689static const struct mgmt_handler {
04124681
GP		 2690 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2691 u16 data_len);
be22b54e
JH		 2692 bool var_len;
2693 size_t data_len;
0f4e68cf
JH		 2694} mgmt_handlers[] = {
2695 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2696 { read_version, false, MGMT_READ_VERSION_SIZE },
2697 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2698 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2699 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2700 { set_powered, false, MGMT_SETTING_SIZE },
2701 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2702 { set_connectable, false, MGMT_SETTING_SIZE },
2703 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2704 { set_pairable, false, MGMT_SETTING_SIZE },
2705 { set_link_security, false, MGMT_SETTING_SIZE },
2706 { set_ssp, false, MGMT_SETTING_SIZE },
2707 { set_hs, false, MGMT_SETTING_SIZE },
2708 { set_le, false, MGMT_SETTING_SIZE },
2709 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2710 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2711 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2712 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2713 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2714 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2715 { disconnect, false, MGMT_DISCONNECT_SIZE },
2716 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2717 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2718 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2719 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2720 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2721 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2722 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2723 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2724 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2725 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2726 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2727 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2728 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2729 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2730 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2731 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2732 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2733 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2734 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2735 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2736};
2737
2738
0381101f
JH		 2739int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2740{
650f726d
VCG		 2741 void *buf;
2742 u8 *cp;
0381101f 2743 struct mgmt_hdr *hdr;
4e51eae9 2744 u16 opcode, index, len;
bdb6d971 2745 struct hci_dev *hdev = NULL;
2e3c35ea 2746 const struct mgmt_handler *handler;
0381101f
JH		 2747 int err;
2748
2749 BT_DBG("got %zu bytes", msglen);
2750
2751 if (msglen < sizeof(*hdr))
2752 return -EINVAL;
2753
e63a15ec 2754 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2755 if (!buf)
2756 return -ENOMEM;
2757
2758 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2759 err = -EFAULT;
2760 goto done;
2761 }
2762
650f726d 2763 hdr = buf;
1f350c87
MH		 2764 opcode = __le16_to_cpu(hdr->opcode);
2765 index = __le16_to_cpu(hdr->index);
2766 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2767
2768 if (len != msglen - sizeof(*hdr)) {
2769 err = -EINVAL;
2770 goto done;
2771 }
2772
0f4e68cf 2773 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2774 hdev = hci_dev_get(index);
2775 if (!hdev) {
2776 err = cmd_status(sk, index, opcode,
04124681 2777 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2778 goto done;
2779 }
2780 }
2781
0f4e68cf 2782 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2783 mgmt_handlers[opcode].func == NULL) {
0381101f 2784 BT_DBG("Unknown op %u", opcode);
ca69b795 2785 err = cmd_status(sk, index, opcode,
04124681 2786 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2787 goto done;
2788 }
2789
2790 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2791 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2792 err = cmd_status(sk, index, opcode,
04124681 2793 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2794 goto done;
0381101f
JH		 2795 }
2796
be22b54e
JH		 2797 handler = &mgmt_handlers[opcode];
2798
2799 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2800 (!handler->var_len && len != handler->data_len)) {
be22b54e 2801 err = cmd_status(sk, index, opcode,
04124681 2802 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2803 goto done;
2804 }
2805
0f4e68cf
JH		 2806 if (hdev)
2807 mgmt_init_hdev(sk, hdev);
2808
2809 cp = buf + sizeof(*hdr);
2810
be22b54e 2811 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2812 if (err < 0)
2813 goto done;
2814
0381101f
JH		 2815 err = msglen;
2816
2817done:
bdb6d971
JH		 2818 if (hdev)
2819 hci_dev_put(hdev);
2820
0381101f
JH		 2821 kfree(buf);
2822 return err;
2823}
c71e97bf 2824
b24752fe
JH		 2825static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2826{
2827 u8 *status = data;
2828
2829 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2830 mgmt_pending_remove(cmd);
2831}
2832
744cf19e 2833int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2834{
bb4b2a9a
AE		 2835 if (!mgmt_valid_hdev(hdev))
2836 return -ENOTSUPP;
2837
744cf19e 2838 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2839}
2840
744cf19e 2841int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2842{
5f159032 2843 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2844
bb4b2a9a
AE		 2845 if (!mgmt_valid_hdev(hdev))
2846 return -ENOTSUPP;
2847
744cf19e 2848 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2849
744cf19e 2850 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2851}
2852
73f22f62 2853struct cmd_lookup {
eec8d2bc 2854 struct sock *sk;
69ab39ea 2855 struct hci_dev *hdev;
90e70454 2856 u8 mgmt_status;
eec8d2bc
JH		 2857};
2858
69ab39ea 2859static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2860{
73f22f62 2861 struct cmd_lookup *match = data;
eec8d2bc 2862
69ab39ea 2863 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2864
2865 list_del(&cmd->list);
2866
2867 if (match->sk == NULL) {
2868 match->sk = cmd->sk;
2869 sock_hold(match->sk);
2870 }
2871
2872 mgmt_pending_free(cmd);
c71e97bf 2873}
5add6af8 2874
744cf19e 2875int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2876{
76a7f3a4 2877 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2878 int err;
5add6af8 2879
5e5282bb
JH		 2880 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2881 return 0;
2882
69ab39ea 2883 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2884
5e5282bb
JH		 2885 if (powered) {
2886 u8 scan = 0;
2887
2888 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2889 scan |= SCAN_PAGE;
2890 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2891 scan |= SCAN_INQUIRY;
2892
2893 if (scan)
2894 hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
504c8dcd 2895
3d1cbdd6
AK		 2896 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
2897 u8 ssp = 1;
2898
2899 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
2900 }
2901
562fcc24
AK		 2902 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
2903 struct hci_cp_write_le_host_supported cp;
2904
2905 cp.le = 1;
2906 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
2907
2908 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED,
2909 sizeof(cp), &cp);
2910 }
2911
504c8dcd 2912 update_class(hdev);
2b4bf397 2913 update_name(hdev, hdev->dev_name);
504c8dcd 2914 update_eir(hdev);
5e5282bb 2915 } else {
d4f68526 2916 u8 status = MGMT_STATUS_NOT_POWERED;
744cf19e 2917 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2918 }
2919
beadb2bd 2920 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 2921
2922 if (match.sk)
2923 sock_put(match.sk);
2924
7bb895d6 2925 return err;
5add6af8 2926}
73f22f62 2927
744cf19e 2928int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2929{
76a7f3a4 2930 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2931 bool changed = false;
2932 int err = 0;
73f22f62 2933
5e5282bb
JH		 2934 if (discoverable) {
2935 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2936 changed = true;
2937 } else {
2938 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2939 changed = true;
2940 }
73f22f62 2941
ed9b5f2f 2942 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 2943 &match);
ed9b5f2f 2944
beadb2bd
JH		 2945 if (changed)
2946 err = new_settings(hdev, match.sk);
5e5282bb 2947
73f22f62
JH		 2948 if (match.sk)
2949 sock_put(match.sk);
2950
7bb895d6 2951 return err;
73f22f62 2952}
9fbcbb45 2953
744cf19e 2954int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2955{
76a7f3a4 2956 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2957 bool changed = false;
2958 int err = 0;
9fbcbb45 2959
5e5282bb
JH		 2960 if (connectable) {
2961 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2962 changed = true;
2963 } else {
2964 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2965 changed = true;
2966 }
9fbcbb45 2967
ed9b5f2f 2968 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 2969 &match);
ed9b5f2f 2970
beadb2bd
JH		 2971 if (changed)
2972 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 2973
2974 if (match.sk)
2975 sock_put(match.sk);
2976
7bb895d6 2977 return err;
9fbcbb45 2978}
55ed8ca1 2979
744cf19e 2980int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 2981{
ca69b795
JH		 2982 u8 mgmt_err = mgmt_status(status);
2983
2d7cee58 2984 if (scan & SCAN_PAGE)
744cf19e 2985 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 2986 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2987
2988 if (scan & SCAN_INQUIRY)
744cf19e 2989 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 2990 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 2991
2992 return 0;
2993}
2994
53168e5b
CC		 2995int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2996 bool persistent)
55ed8ca1 2997{
86742e1e 2998 struct mgmt_ev_new_link_key ev;
55ed8ca1 2999
a492cd52 3000 memset(&ev, 0, sizeof(ev));
55ed8ca1 3001
a492cd52 3002 ev.store_hint = persistent;
d753fdc4 3003 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3004 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3005 ev.key.type = key->type;
9b3b4460 3006 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3007 ev.key.pin_len = key->pin_len;
55ed8ca1 3008
744cf19e 3009 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3010}
f7520543 3011
346af67b
VCG		 3012int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3013{
3014 struct mgmt_ev_new_long_term_key ev;
3015
3016 memset(&ev, 0, sizeof(ev));
3017
3018 ev.store_hint = persistent;
3019 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3020 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3021 ev.key.authenticated = key->authenticated;
3022 ev.key.enc_size = key->enc_size;
3023 ev.key.ediv = key->ediv;
3024
3025 if (key->type == HCI_SMP_LTK)
3026 ev.key.master = 1;
3027
3028 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3029 memcpy(ev.key.val, key->val, sizeof(key->val));
3030
04124681
GP		 3031 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3032 NULL);
346af67b
VCG		 3033}
3034
afc747a6 3035int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3036 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3037 u8 *dev_class)
f7520543 3038{
b644ba33
JH		 3039 char buf[512];
3040 struct mgmt_ev_device_connected *ev = (void *) buf;
3041 u16 eir_len = 0;
f7520543 3042
b644ba33 3043 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3044 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3045
c95f0ba7 3046 ev->flags = __cpu_to_le32(flags);
08c79b61 3047
b644ba33
JH		 3048 if (name_len > 0)
3049 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3050 name, name_len);
b644ba33
JH		 3051
3052 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3053 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3054 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3055
eb55ef07 3056 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3057
3058 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3059 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3060}
3061
8962ee74
JH		 3062static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3063{
c68fb7ff 3064 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3065 struct sock **sk = data;
a38528f1 3066 struct mgmt_rp_disconnect rp;
8962ee74 3067
88c3df13
JH		 3068 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3069 rp.addr.type = cp->addr.type;
8962ee74 3070
aee9b218 3071 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3072 sizeof(rp));
8962ee74
JH		 3073
3074 *sk = cmd->sk;
3075 sock_hold(*sk);
3076
a664b5bc 3077 mgmt_pending_remove(cmd);
8962ee74
JH		 3078}
3079
124f6e35 3080static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3081{
b1078ad0 3082 struct hci_dev *hdev = data;
124f6e35
JH		 3083 struct mgmt_cp_unpair_device *cp = cmd->param;
3084 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3085
3086 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3087 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3088 rp.addr.type = cp->addr.type;
a8a1d19e 3089
b1078ad0
JH		 3090 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3091
aee9b218 3092 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3093
3094 mgmt_pending_remove(cmd);
3095}
3096
afc747a6 3097int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3098 u8 link_type, u8 addr_type, u8 reason)
f7520543 3099{
f0d6a0ea 3100 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3101 struct sock *sk = NULL;
3102 int err;
3103
744cf19e 3104 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3105
f0d6a0ea
MA		 3106 bacpy(&ev.addr.bdaddr, bdaddr);
3107 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3108 ev.reason = reason;
f7520543 3109
afc747a6 3110 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3111 sk);
8962ee74
JH		 3112
3113 if (sk)
d97dcb66 3114 sock_put(sk);
8962ee74 3115
124f6e35 3116 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3117 hdev);
a8a1d19e 3118
8962ee74
JH		 3119 return err;
3120}
3121
88c3df13 3122int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3123 u8 link_type, u8 addr_type, u8 status)
8962ee74 3124{
88c3df13 3125 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3126 struct pending_cmd *cmd;
3127 int err;
3128
2e58ef3e 3129 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3130 if (!cmd)
3131 return -ENOENT;
3132
88c3df13 3133 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3134 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3135
88c3df13 3136 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3137 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3138
a664b5bc 3139 mgmt_pending_remove(cmd);
8962ee74 3140
b1078ad0 3141 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
8ce8e2b5 3142 hdev);
8962ee74 3143 return err;
f7520543 3144}
17d5c04c 3145
48264f06 3146int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3147 u8 addr_type, u8 status)
17d5c04c
JH		 3148{
3149 struct mgmt_ev_connect_failed ev;
3150
4c659c39 3151 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3152 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3153 ev.status = mgmt_status(status);
17d5c04c 3154
744cf19e 3155 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3156}
980e1a53 3157
744cf19e 3158int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3159{
3160 struct mgmt_ev_pin_code_request ev;
3161
d8457698 3162 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3163 ev.addr.type = BDADDR_BREDR;
a770bb5a 3164 ev.secure = secure;
980e1a53 3165
744cf19e 3166 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3167 NULL);
980e1a53
JH		 3168}
3169
744cf19e 3170int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3171 u8 status)
980e1a53
JH		 3172{
3173 struct pending_cmd *cmd;
ac56fb13 3174 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3175 int err;
3176
2e58ef3e 3177 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3178 if (!cmd)
3179 return -ENOENT;
3180
d8457698 3181 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3182 rp.addr.type = BDADDR_BREDR;
ac56fb13 3183
aee9b218 3184 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3185 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3186
a664b5bc 3187 mgmt_pending_remove(cmd);
980e1a53
JH		 3188
3189 return err;
3190}
3191
744cf19e 3192int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3193 u8 status)
980e1a53
JH		 3194{
3195 struct pending_cmd *cmd;
ac56fb13 3196 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3197 int err;
3198
2e58ef3e 3199 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3200 if (!cmd)
3201 return -ENOENT;
3202
d8457698 3203 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3204 rp.addr.type = BDADDR_BREDR;
ac56fb13 3205
aee9b218 3206 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3207 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3208
a664b5bc 3209 mgmt_pending_remove(cmd);
980e1a53
JH		 3210
3211 return err;
3212}
a5c29683 3213
744cf19e 3214int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3215 u8 link_type, u8 addr_type, __le32 value,
3216 u8 confirm_hint)
a5c29683
JH		 3217{
3218 struct mgmt_ev_user_confirm_request ev;
3219
744cf19e 3220 BT_DBG("%s", hdev->name);
a5c29683 3221
272d90df 3222 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3223 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3224 ev.confirm_hint = confirm_hint;
78e8098e 3225 ev.value = value;
a5c29683 3226
744cf19e 3227 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3228 NULL);
a5c29683
JH		 3229}
3230
272d90df 3231int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3232 u8 link_type, u8 addr_type)
604086b7
BG		 3233{
3234 struct mgmt_ev_user_passkey_request ev;
3235
3236 BT_DBG("%s", hdev->name);
3237
272d90df 3238 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3239 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3240
3241 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3242 NULL);
604086b7
BG		 3243}
3244
0df4c185 3245static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3246 u8 link_type, u8 addr_type, u8 status,
3247 u8 opcode)
a5c29683
JH		 3248{
3249 struct pending_cmd *cmd;
3250 struct mgmt_rp_user_confirm_reply rp;
3251 int err;
3252
2e58ef3e 3253 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3254 if (!cmd)
3255 return -ENOENT;
3256
272d90df 3257 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3258 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3259 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3260 &rp, sizeof(rp));
a5c29683 3261
a664b5bc 3262 mgmt_pending_remove(cmd);
a5c29683
JH		 3263
3264 return err;
3265}
3266
744cf19e 3267int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3268 u8 link_type, u8 addr_type, u8 status)
a5c29683 3269{
272d90df 3270 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3271 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3272}
3273
272d90df 3274int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3275 u8 link_type, u8 addr_type, u8 status)
a5c29683 3276{
272d90df 3277 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3278 status,
3279 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3280}
2a611692 3281
604086b7 3282int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3283 u8 link_type, u8 addr_type, u8 status)
604086b7 3284{
272d90df 3285 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3286 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3287}
3288
272d90df 3289int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3290 u8 link_type, u8 addr_type, u8 status)
604086b7 3291{
272d90df 3292 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3293 status,
3294 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3295}
3296
92a25256
JH		 3297int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3298 u8 link_type, u8 addr_type, u32 passkey,
3299 u8 entered)
3300{
3301 struct mgmt_ev_passkey_notify ev;
3302
3303 BT_DBG("%s", hdev->name);
3304
3305 bacpy(&ev.addr.bdaddr, bdaddr);
3306 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3307 ev.passkey = __cpu_to_le32(passkey);
3308 ev.entered = entered;
3309
3310 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3311}
3312
bab73cb6 3313int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3314 u8 addr_type, u8 status)
2a611692
JH		 3315{
3316 struct mgmt_ev_auth_failed ev;
3317
bab73cb6 3318 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3319 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3320 ev.status = mgmt_status(status);
2a611692 3321
744cf19e 3322 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3323}
b312b161 3324
33ef95ed
JH		 3325int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3326{
3327 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3328 bool changed = false;
3329 int err = 0;
33ef95ed
JH		 3330
3331 if (status) {
3332 u8 mgmt_err = mgmt_status(status);
3333 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3334 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3335 return 0;
3336 }
3337
47990ea0
JH		 3338 if (test_bit(HCI_AUTH, &hdev->flags)) {
3339 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3340 changed = true;
3341 } else {
3342 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3343 changed = true;
3344 }
3345
33ef95ed 3346 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3347 &match);
33ef95ed 3348
47990ea0
JH		 3349 if (changed)
3350 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3351
3352 if (match.sk)
3353 sock_put(match.sk);
3354
3355 return err;
3356}
3357
cacaf52f
JH		 3358static int clear_eir(struct hci_dev *hdev)
3359{
3360 struct hci_cp_write_eir cp;
3361
3362 if (!(hdev->features[6] & LMP_EXT_INQ))
3363 return 0;
3364
c80da27e
JH		 3365 memset(hdev->eir, 0, sizeof(hdev->eir));
3366
cacaf52f
JH		 3367 memset(&cp, 0, sizeof(cp));
3368
3369 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3370}
3371
c0ecddc2 3372int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3373{
3374 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3375 bool changed = false;
3376 int err = 0;
ed2c4ee3
JH		 3377
3378 if (status) {
3379 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3380
3381 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3382 &hdev->dev_flags))
c0ecddc2
JH		 3383 err = new_settings(hdev, NULL);
3384
04124681
GP		 3385 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3386 &mgmt_err);
c0ecddc2
JH		 3387
3388 return err;
3389 }
3390
3391 if (enable) {
3392 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3393 changed = true;
3394 } else {
3395 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3396 changed = true;
ed2c4ee3
JH		 3397 }
3398
3399 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3400
c0ecddc2
JH		 3401 if (changed)
3402 err = new_settings(hdev, match.sk);
ed2c4ee3 3403
5fc6ebb1 3404 if (match.sk)
ed2c4ee3
JH		 3405 sock_put(match.sk);
3406
5fc6ebb1
JH		 3407 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3408 update_eir(hdev);
3409 else
3410 clear_eir(hdev);
cacaf52f 3411
ed2c4ee3
JH		 3412 return err;
3413}
3414
90e70454
JH		 3415static void class_rsp(struct pending_cmd *cmd, void *data)
3416{
3417 struct cmd_lookup *match = data;
3418
3419 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3420 match->hdev->dev_class, 3);
90e70454
JH		 3421
3422 list_del(&cmd->list);
3423
3424 if (match->sk == NULL) {
3425 match->sk = cmd->sk;
3426 sock_hold(match->sk);
3427 }
3428
3429 mgmt_pending_free(cmd);
3430}
3431
7f9a903c 3432int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3433 u8 status)
7f9a903c 3434{
90e70454
JH		 3435 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3436 int err = 0;
7f9a903c 3437
c95f0ba7
JH		 3438 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3439
90e70454
JH		 3440 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3441 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3442 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3443
3444 if (!status)
04124681
GP		 3445 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3446 3, NULL);
90e70454
JH		 3447
3448 if (match.sk)
3449 sock_put(match.sk);
7f9a903c
MH		 3450
3451 return err;
3452}
3453
744cf19e 3454int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3455{
3456 struct pending_cmd *cmd;
3457 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3458 bool changed = false;
3459 int err = 0;
3460
3461 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3462 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3463 changed = true;
3464 }
b312b161
JH		 3465
3466 memset(&ev, 0, sizeof(ev));
3467 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3468 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3469
2e58ef3e 3470 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3471 if (!cmd)
3472 goto send_event;
3473
7bdaae4a
JH		 3474 /* Always assume that either the short or the complete name has
3475 * changed if there was a pending mgmt command */
3476 changed = true;
3477
b312b161 3478 if (status) {
744cf19e 3479 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3480 mgmt_status(status));
b312b161
JH		 3481 goto failed;
3482 }
3483
aee9b218 3484 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3485 sizeof(ev));
b312b161
JH		 3486 if (err < 0)
3487 goto failed;
3488
3489send_event:
28cc7bde
JH		 3490 if (changed)
3491 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3492 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3493
f51d5b24 3494 update_eir(hdev);
b312b161
JH		 3495
3496failed:
3497 if (cmd)
3498 mgmt_pending_remove(cmd);
3499 return err;
3500}
c35938b2 3501
744cf19e 3502int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3503 u8 *randomizer, u8 status)
c35938b2
SJ		 3504{
3505 struct pending_cmd *cmd;
3506 int err;
3507
744cf19e 3508 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3509
2e58ef3e 3510 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3511 if (!cmd)
3512 return -ENOENT;
3513
3514 if (status) {
04124681
GP		 3515 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3516 mgmt_status(status));
c35938b2
SJ		 3517 } else {
3518 struct mgmt_rp_read_local_oob_data rp;
3519
3520 memcpy(rp.hash, hash, sizeof(rp.hash));
3521 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3522
744cf19e 3523 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3524 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3525 sizeof(rp));
c35938b2
SJ		 3526 }
3527
3528 mgmt_pending_remove(cmd);
3529
3530 return err;
3531}
e17acd40 3532
06199cf8
JH		 3533int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3534{
3535 struct cmd_lookup match = { NULL, hdev };
3536 bool changed = false;
3537 int err = 0;
3538
3539 if (status) {
3540 u8 mgmt_err = mgmt_status(status);
3541
3542 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3543 &hdev->dev_flags))
d97dcb66 3544 err = new_settings(hdev, NULL);
06199cf8 3545
d97dcb66
SJ		 3546 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3547 &mgmt_err);
06199cf8
JH		 3548
3549 return err;
3550 }
3551
3552 if (enable) {
3553 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3554 changed = true;
3555 } else {
3556 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3557 changed = true;
3558 }
3559
3560 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3561
3562 if (changed)
3563 err = new_settings(hdev, match.sk);
3564
3565 if (match.sk)
3566 sock_put(match.sk);
3567
3568 return err;
3569}
3570
48264f06 3571int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3572 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3573 ssp, u8 *eir, u16 eir_len)
e17acd40 3574{
e319d2e7
JH		 3575 char buf[512];
3576 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3577 size_t ev_size;
e17acd40 3578
1dc06093
JH		 3579 /* Leave 5 bytes for a potential CoD field */
3580 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3581 return -EINVAL;
3582
1dc06093
JH		 3583 memset(buf, 0, sizeof(buf));
3584
e319d2e7 3585 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3586 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3587 ev->rssi = rssi;
9a395a80 3588 if (cfm_name)
33cef264 3589 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3590 if (!ssp)
33cef264 3591 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3592
1dc06093 3593 if (eir_len > 0)
e319d2e7 3594 memcpy(ev->eir, eir, eir_len);
e17acd40 3595
1dc06093
JH		 3596 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3597 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3598 dev_class, 3);
1dc06093 3599
eb55ef07 3600 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3601 ev_size = sizeof(*ev) + eir_len;
f8523598 3602
e319d2e7 3603 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3604}
a88a9652 3605
b644ba33 3606int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3607 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3608{
b644ba33
JH		 3609 struct mgmt_ev_device_found *ev;
3610 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3611 u16 eir_len;
a88a9652 3612
b644ba33 3613 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3614
b644ba33
JH		 3615 memset(buf, 0, sizeof(buf));
3616
3617 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3618 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3619 ev->rssi = rssi;
3620
3621 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3622 name_len);
b644ba33 3623
eb55ef07 3624 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3625
053c7e0c 3626 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3627 sizeof(*ev) + eir_len, NULL);
a88a9652 3628}
314b2381 3629
7a135109 3630int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3631{
3632 struct pending_cmd *cmd;
f808e166 3633 u8 type;
164a6e78
JH		 3634 int err;
3635
203159d4
AG		 3636 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3637
2e58ef3e 3638 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3639 if (!cmd)
3640 return -ENOENT;
3641
f808e166
JH		 3642 type = hdev->discovery.type;
3643
3644 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3645 &type, sizeof(type));
164a6e78
JH		 3646 mgmt_pending_remove(cmd);
3647
3648 return err;
3649}
3650
e6d465cb
AG		 3651int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3652{
3653 struct pending_cmd *cmd;
3654 int err;
3655
3656 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3657 if (!cmd)
3658 return -ENOENT;
3659
d930650b 3660 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3661 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3662 mgmt_pending_remove(cmd);
3663
3664 return err;
3665}
3666
744cf19e 3667int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3668{
f963e8e9 3669 struct mgmt_ev_discovering ev;
164a6e78
JH		 3670 struct pending_cmd *cmd;
3671
343fb145
AG		 3672 BT_DBG("%s discovering %u", hdev->name, discovering);
3673
164a6e78 3674 if (discovering)
2e58ef3e 3675 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3676 else
2e58ef3e 3677 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3678
3679 if (cmd != NULL) {
f808e166
JH		 3680 u8 type = hdev->discovery.type;
3681
04124681
GP		 3682 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3683 sizeof(type));
164a6e78
JH		 3684 mgmt_pending_remove(cmd);
3685 }
3686
f963e8e9
JH		 3687 memset(&ev, 0, sizeof(ev));
3688 ev.type = hdev->discovery.type;
3689 ev.discovering = discovering;
3690
3691 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3692}
5e762444 3693
88c1fe4b 3694int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3695{
3696 struct pending_cmd *cmd;
3697 struct mgmt_ev_device_blocked ev;
3698
2e58ef3e 3699 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3700
88c1fe4b
JH		 3701 bacpy(&ev.addr.bdaddr, bdaddr);
3702 ev.addr.type = type;
5e762444 3703
744cf19e 3704 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3705 cmd ? cmd->sk : NULL);
5e762444
AJ		 3706}
3707
88c1fe4b 3708int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3709{
3710 struct pending_cmd *cmd;
3711 struct mgmt_ev_device_unblocked ev;
3712
2e58ef3e 3713 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3714
88c1fe4b
JH		 3715 bacpy(&ev.addr.bdaddr, bdaddr);
3716 ev.addr.type = type;
5e762444 3717
744cf19e 3718 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3719 cmd ? cmd->sk : NULL);
5e762444 3720}
d7b7e796
MH		 3721
3722module_param(enable_hs, bool, 0644);
3723MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
kernel source for telekom puls (alcatel/mediatek)