projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: mgmt: Fix New Settings event for connectable/discoverable
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
1da177e4
LT		 38#include <net/sock.h>
39
40#include <asm/system.h>
70f23020 41#include <linux/uaccess.h>
1da177e4
LT		 42#include <asm/unaligned.h>
43
44#include <net/bluetooth/bluetooth.h>
45#include <net/bluetooth/hci_core.h>
46
1da177e4
LT		 47/* Handle HCI Event packets */
48
a9de9248 49static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 50{
a9de9248 51 __u8 status = *((__u8 *) skb->data);
1da177e4 52
a9de9248 53 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 54
e6d465cb
AG		 55 if (status) {
56 hci_dev_lock(hdev);
57 mgmt_stop_discovery_failed(hdev, status);
58 hci_dev_unlock(hdev);
a9de9248 59 return;
e6d465cb 60 }
1da177e4 61
89352e7d
AG		 62 clear_bit(HCI_INQUIRY, &hdev->flags);
63
56e5cb86 64 hci_dev_lock(hdev);
ff9ef578 65 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 66 hci_dev_unlock(hdev);
6bd57416 67
23bb5763 68 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 69
70 hci_conn_check_pending(hdev);
71}
6bd57416 72
a9de9248
MH		 73static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
74{
75 __u8 status = *((__u8 *) skb->data);
6bd57416 76
a9de9248 77 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 78
a9de9248
MH		 79 if (status)
80 return;
1da177e4 81
a9de9248
MH		 82 hci_conn_check_pending(hdev);
83}
84
85static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 BT_DBG("%s", hdev->name);
88}
89
90static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
91{
92 struct hci_rp_role_discovery *rp = (void *) skb->data;
93 struct hci_conn *conn;
94
95 BT_DBG("%s status 0x%x", hdev->name, rp->status);
96
97 if (rp->status)
98 return;
99
100 hci_dev_lock(hdev);
101
102 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
103 if (conn) {
104 if (rp->role)
105 conn->link_mode &= ~HCI_LM_MASTER;
106 else
107 conn->link_mode |= HCI_LM_MASTER;
1da177e4 108 }
a9de9248
MH		 109
110 hci_dev_unlock(hdev);
1da177e4
LT		 111}
112
e4e8e37c
MH		 113static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
114{
115 struct hci_rp_read_link_policy *rp = (void *) skb->data;
116 struct hci_conn *conn;
117
118 BT_DBG("%s status 0x%x", hdev->name, rp->status);
119
120 if (rp->status)
121 return;
122
123 hci_dev_lock(hdev);
124
125 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
126 if (conn)
127 conn->link_policy = __le16_to_cpu(rp->policy);
128
129 hci_dev_unlock(hdev);
130}
131
a9de9248 132static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 133{
a9de9248 134 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 135 struct hci_conn *conn;
04837f64 136 void *sent;
1da177e4 137
a9de9248 138 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 139
a9de9248
MH		 140 if (rp->status)
141 return;
1da177e4 142
a9de9248
MH		 143 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144 if (!sent)
145 return;
1da177e4 146
a9de9248 147 hci_dev_lock(hdev);
1da177e4 148
a9de9248 149 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 150 if (conn)
83985319 151 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 152
a9de9248
MH		 153 hci_dev_unlock(hdev);
154}
1da177e4 155
e4e8e37c
MH		 156static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
157{
158 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
159
160 BT_DBG("%s status 0x%x", hdev->name, rp->status);
161
162 if (rp->status)
163 return;
164
165 hdev->link_policy = __le16_to_cpu(rp->policy);
166}
167
168static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
169{
170 __u8 status = *((__u8 *) skb->data);
171 void *sent;
172
173 BT_DBG("%s status 0x%x", hdev->name, status);
174
175 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
176 if (!sent)
177 return;
178
179 if (!status)
180 hdev->link_policy = get_unaligned_le16(sent);
181
23bb5763 182 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 183}
184
a9de9248
MH		 185static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
186{
187 __u8 status = *((__u8 *) skb->data);
04837f64 188
a9de9248 189 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 190
10572132
GP		 191 clear_bit(HCI_RESET, &hdev->flags);
192
23bb5763 193 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 194
7005ff17 195 /* Reset all flags, except persistent ones */
95947a39
HG		 196 hdev->dev_flags &= BIT(HCI_MGMT) | BIT(HCI_SETUP) | BIT(HCI_AUTO_OFF) |
197 BIT(HCI_LINK_KEYS) | BIT(HCI_DEBUG_KEYS);
a9de9248 198}
04837f64 199
a9de9248
MH		 200static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
201{
202 __u8 status = *((__u8 *) skb->data);
203 void *sent;
04837f64 204
a9de9248 205 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 206
a9de9248
MH		 207 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
208 if (!sent)
209 return;
04837f64 210
56e5cb86
JH		 211 hci_dev_lock(hdev);
212
a8b2d5c2 213 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 214 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 215
56e5cb86
JH		 216 if (status == 0)
217 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 218
56e5cb86 219 hci_dev_unlock(hdev);
a9de9248
MH		 220}
221
222static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
223{
224 struct hci_rp_read_local_name *rp = (void *) skb->data;
225
226 BT_DBG("%s status 0x%x", hdev->name, rp->status);
227
228 if (rp->status)
229 return;
230
1f6c6378 231 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 232}
233
234static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
235{
236 __u8 status = *((__u8 *) skb->data);
237 void *sent;
238
239 BT_DBG("%s status 0x%x", hdev->name, status);
240
241 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
242 if (!sent)
243 return;
244
245 if (!status) {
246 __u8 param = *((__u8 *) sent);
247
248 if (param == AUTH_ENABLED)
249 set_bit(HCI_AUTH, &hdev->flags);
250 else
251 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 252 }
a9de9248 253
33ef95ed
JH		 254 if (test_bit(HCI_MGMT, &hdev->dev_flags))
255 mgmt_auth_enable_complete(hdev, status);
256
23bb5763 257 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 258}
259
a9de9248 260static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 261{
a9de9248 262 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 263 void *sent;
264
a9de9248 265 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 266
a9de9248
MH		 267 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
268 if (!sent)
269 return;
1da177e4 270
a9de9248
MH		 271 if (!status) {
272 __u8 param = *((__u8 *) sent);
273
274 if (param)
275 set_bit(HCI_ENCRYPT, &hdev->flags);
276 else
277 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 }
1da177e4 279
23bb5763 280 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 281}
1da177e4 282
a9de9248
MH		 283static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
284{
36f7fc7e
JH		 285 __u8 param, status = *((__u8 *) skb->data);
286 int old_pscan, old_iscan;
a9de9248 287 void *sent;
1da177e4 288
a9de9248 289 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 290
a9de9248
MH		 291 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
292 if (!sent)
293 return;
1da177e4 294
36f7fc7e
JH		 295 param = *((__u8 *) sent);
296
56e5cb86
JH		 297 hci_dev_lock(hdev);
298
2d7cee58 299 if (status != 0) {
744cf19e 300 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 301 hdev->discov_timeout = 0;
302 goto done;
303 }
304
36f7fc7e
JH		 305 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
306 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
307
308 if (param & SCAN_INQUIRY) {
309 set_bit(HCI_ISCAN, &hdev->flags);
310 if (!old_iscan)
744cf19e 311 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 312 if (hdev->discov_timeout > 0) {
313 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
314 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 to);
316 }
36f7fc7e 317 } else if (old_iscan)
744cf19e 318 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 319
320 if (param & SCAN_PAGE) {
321 set_bit(HCI_PSCAN, &hdev->flags);
322 if (!old_pscan)
744cf19e 323 mgmt_connectable(hdev, 1);
36f7fc7e 324 } else if (old_pscan)
744cf19e 325 mgmt_connectable(hdev, 0);
1da177e4 326
36f7fc7e 327done:
56e5cb86 328 hci_dev_unlock(hdev);
23bb5763 329 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 335
a9de9248 336 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 337
a9de9248
MH		 338 if (rp->status)
339 return;
1da177e4 340
a9de9248 341 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 342
a9de9248
MH		 343 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
344 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345}
1da177e4 346
a9de9248
MH		 347static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
348{
349 __u8 status = *((__u8 *) skb->data);
350 void *sent;
1da177e4 351
a9de9248 352 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 353
f383f275
MH		 354 if (status)
355 return;
356
a9de9248
MH		 357 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
358 if (!sent)
359 return;
1da177e4 360
f383f275 361 memcpy(hdev->dev_class, sent, 3);
a9de9248 362}
1da177e4 363
a9de9248
MH		 364static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
365{
366 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 __u16 setting;
368
369 BT_DBG("%s status 0x%x", hdev->name, rp->status);
370
371 if (rp->status)
372 return;
373
374 setting = __le16_to_cpu(rp->voice_setting);
375
f383f275 376 if (hdev->voice_setting == setting)
a9de9248
MH		 377 return;
378
379 hdev->voice_setting = setting;
380
381 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382
3c54711c 383 if (hdev->notify)
a9de9248 384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 385}
386
387static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
388{
389 __u8 status = *((__u8 *) skb->data);
f383f275 390 __u16 setting;
a9de9248
MH		 391 void *sent;
392
393 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 394
f383f275
MH		 395 if (status)
396 return;
397
a9de9248
MH		 398 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
399 if (!sent)
400 return;
1da177e4 401
f383f275 402 setting = get_unaligned_le16(sent);
1da177e4 403
f383f275
MH		 404 if (hdev->voice_setting == setting)
405 return;
406
407 hdev->voice_setting = setting;
1da177e4 408
f383f275 409 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 410
3c54711c 411 if (hdev->notify)
f383f275 412 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 413}
414
a9de9248 415static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 416{
a9de9248 417 __u8 status = *((__u8 *) skb->data);
1da177e4 418
a9de9248 419 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 420
23bb5763 421 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 422}
1143e5a6 423
333140b5
MH		 424static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
425{
426 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
427
428 BT_DBG("%s status 0x%x", hdev->name, rp->status);
429
430 if (rp->status)
431 return;
432
84bde9d6
JH		 433 if (rp->mode)
434 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
435 else
436 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 437}
438
439static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
440{
441 __u8 status = *((__u8 *) skb->data);
442 void *sent;
443
444 BT_DBG("%s status 0x%x", hdev->name, status);
445
446 if (status)
ed2c4ee3 447 goto done;
333140b5
MH		 448
449 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
450 if (!sent)
451 return;
452
84bde9d6
JH		 453 if (*((u8 *) sent))
454 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
455 else
456 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
ed2c4ee3
JH		 457
458done:
459 if (test_bit(HCI_MGMT, &hdev->dev_flags))
460 mgmt_ssp_enable_complete(hdev, status);
333140b5
MH		 461}
462
d5859e22
JH		 463static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
464{
465 if (hdev->features[6] & LMP_EXT_INQ)
466 return 2;
467
468 if (hdev->features[3] & LMP_RSSI_INQ)
469 return 1;
470
471 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
472 hdev->lmp_subver == 0x0757)
473 return 1;
474
475 if (hdev->manufacturer == 15) {
476 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
477 return 1;
478 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
479 return 1;
480 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
481 return 1;
482 }
483
484 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
485 hdev->lmp_subver == 0x1805)
486 return 1;
487
488 return 0;
489}
490
491static void hci_setup_inquiry_mode(struct hci_dev *hdev)
492{
493 u8 mode;
494
495 mode = hci_get_inquiry_mode(hdev);
496
497 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
498}
499
500static void hci_setup_event_mask(struct hci_dev *hdev)
501{
502 /* The second byte is 0xff instead of 0x9f (two reserved bits
503 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
504 * command otherwise */
505 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
506
6de6c18d
VT		 507 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
508 * any event mask for pre 1.2 devices */
5a13b095 509 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 510 return;
511
512 events[4] |= 0x01; /* Flow Specification Complete */
513 events[4] |= 0x02; /* Inquiry Result with RSSI */
514 events[4] |= 0x04; /* Read Remote Extended Features Complete */
515 events[5] |= 0x08; /* Synchronous Connection Complete */
516 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 517
518 if (hdev->features[3] & LMP_RSSI_INQ)
519 events[4] |= 0x04; /* Inquiry Result with RSSI */
520
521 if (hdev->features[5] & LMP_SNIFF_SUBR)
522 events[5] |= 0x20; /* Sniff Subrating */
523
524 if (hdev->features[5] & LMP_PAUSE_ENC)
525 events[5] |= 0x80; /* Encryption Key Refresh Complete */
526
527 if (hdev->features[6] & LMP_EXT_INQ)
528 events[5] |= 0x40; /* Extended Inquiry Result */
529
530 if (hdev->features[6] & LMP_NO_FLUSH)
531 events[7] |= 0x01; /* Enhanced Flush Complete */
532
533 if (hdev->features[7] & LMP_LSTO)
534 events[6] |= 0x80; /* Link Supervision Timeout Changed */
535
536 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
537 events[6] |= 0x01; /* IO Capability Request */
538 events[6] |= 0x02; /* IO Capability Response */
539 events[6] |= 0x04; /* User Confirmation Request */
540 events[6] |= 0x08; /* User Passkey Request */
541 events[6] |= 0x10; /* Remote OOB Data Request */
542 events[6] |= 0x20; /* Simple Pairing Complete */
543 events[7] |= 0x04; /* User Passkey Notification */
544 events[7] |= 0x08; /* Keypress Notification */
545 events[7] |= 0x10; /* Remote Host Supported
546 * Features Notification */
547 }
548
549 if (hdev->features[4] & LMP_LE)
550 events[7] |= 0x20; /* LE Meta-Event */
551
552 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
553}
554
e6100a25
AG		 555static void hci_set_le_support(struct hci_dev *hdev)
556{
557 struct hci_cp_write_le_host_supported cp;
558
559 memset(&cp, 0, sizeof(cp));
560
561 if (enable_le) {
562 cp.le = 1;
563 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
564 }
565
566 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
567}
568
d5859e22
JH		 569static void hci_setup(struct hci_dev *hdev)
570{
e61ef499
AE		 571 if (hdev->dev_type != HCI_BREDR)
572 return;
573
d5859e22
JH		 574 hci_setup_event_mask(hdev);
575
d095c1eb 576 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 577 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
578
579 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
580 u8 mode = 0x01;
581 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
582 }
583
584 if (hdev->features[3] & LMP_RSSI_INQ)
585 hci_setup_inquiry_mode(hdev);
586
587 if (hdev->features[7] & LMP_INQ_TX_PWR)
588 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 589
590 if (hdev->features[7] & LMP_EXTFEATURES) {
591 struct hci_cp_read_local_ext_features cp;
592
593 cp.page = 0x01;
594 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
595 sizeof(cp), &cp);
596 }
e6100a25
AG		 597
598 if (hdev->features[4] & LMP_LE)
599 hci_set_le_support(hdev);
d5859e22
JH		 600}
601
a9de9248
MH		 602static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
603{
604 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 605
a9de9248 606 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 607
a9de9248
MH		 608 if (rp->status)
609 return;
1143e5a6 610
a9de9248 611 hdev->hci_ver = rp->hci_ver;
e4e8e37c 612 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 613 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 614 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 615 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 616
a9de9248
MH		 617 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
618 hdev->manufacturer,
619 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 620
621 if (test_bit(HCI_INIT, &hdev->flags))
622 hci_setup(hdev);
623}
624
625static void hci_setup_link_policy(struct hci_dev *hdev)
626{
627 u16 link_policy = 0;
628
629 if (hdev->features[0] & LMP_RSWITCH)
630 link_policy |= HCI_LP_RSWITCH;
631 if (hdev->features[0] & LMP_HOLD)
632 link_policy |= HCI_LP_HOLD;
633 if (hdev->features[0] & LMP_SNIFF)
634 link_policy |= HCI_LP_SNIFF;
635 if (hdev->features[1] & LMP_PARK)
636 link_policy |= HCI_LP_PARK;
637
638 link_policy = cpu_to_le16(link_policy);
639 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
640 sizeof(link_policy), &link_policy);
a9de9248 641}
1da177e4 642
a9de9248
MH		 643static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
644{
645 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 646
a9de9248 647 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 648
a9de9248 649 if (rp->status)
d5859e22 650 goto done;
1da177e4 651
a9de9248 652 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 653
654 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
655 hci_setup_link_policy(hdev);
656
657done:
658 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 659}
1da177e4 660
a9de9248
MH		 661static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
662{
663 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 664
a9de9248 665 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 666
a9de9248
MH		 667 if (rp->status)
668 return;
5b7f9909 669
a9de9248 670 memcpy(hdev->features, rp->features, 8);
5b7f9909 671
a9de9248
MH		 672 /* Adjust default settings according to features
673 * supported by device. */
1da177e4 674
a9de9248
MH		 675 if (hdev->features[0] & LMP_3SLOT)
676 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 677
a9de9248
MH		 678 if (hdev->features[0] & LMP_5SLOT)
679 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 680
a9de9248
MH		 681 if (hdev->features[1] & LMP_HV2) {
682 hdev->pkt_type |= (HCI_HV2);
683 hdev->esco_type |= (ESCO_HV2);
684 }
1da177e4 685
a9de9248
MH		 686 if (hdev->features[1] & LMP_HV3) {
687 hdev->pkt_type |= (HCI_HV3);
688 hdev->esco_type |= (ESCO_HV3);
689 }
1da177e4 690
a9de9248
MH		 691 if (hdev->features[3] & LMP_ESCO)
692 hdev->esco_type |= (ESCO_EV3);
da1f5198 693
a9de9248
MH		 694 if (hdev->features[4] & LMP_EV4)
695 hdev->esco_type |= (ESCO_EV4);
da1f5198 696
a9de9248
MH		 697 if (hdev->features[4] & LMP_EV5)
698 hdev->esco_type |= (ESCO_EV5);
1da177e4 699
efc7688b
MH		 700 if (hdev->features[5] & LMP_EDR_ESCO_2M)
701 hdev->esco_type |= (ESCO_2EV3);
702
703 if (hdev->features[5] & LMP_EDR_ESCO_3M)
704 hdev->esco_type |= (ESCO_3EV3);
705
706 if (hdev->features[5] & LMP_EDR_3S_ESCO)
707 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
708
a9de9248
MH		 709 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
710 hdev->features[0], hdev->features[1],
711 hdev->features[2], hdev->features[3],
712 hdev->features[4], hdev->features[5],
713 hdev->features[6], hdev->features[7]);
714}
1da177e4 715
971e3a4b
AG		 716static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
717 struct sk_buff *skb)
718{
719 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
720
721 BT_DBG("%s status 0x%x", hdev->name, rp->status);
722
723 if (rp->status)
724 return;
725
b5b32b65
AG		 726 switch (rp->page) {
727 case 0:
728 memcpy(hdev->features, rp->features, 8);
729 break;
730 case 1:
731 memcpy(hdev->host_features, rp->features, 8);
732 break;
733 }
971e3a4b
AG		 734
735 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
736}
737
1e89cffb
AE		 738static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
739 struct sk_buff *skb)
740{
741 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
742
743 BT_DBG("%s status 0x%x", hdev->name, rp->status);
744
745 if (rp->status)
746 return;
747
748 hdev->flow_ctl_mode = rp->mode;
749
750 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
751}
752
a9de9248
MH		 753static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
754{
755 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 756
a9de9248 757 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 758
a9de9248
MH		 759 if (rp->status)
760 return;
1da177e4 761
a9de9248
MH		 762 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
763 hdev->sco_mtu = rp->sco_mtu;
764 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
765 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
766
767 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
768 hdev->sco_mtu = 64;
769 hdev->sco_pkts = 8;
1da177e4 770 }
a9de9248
MH		 771
772 hdev->acl_cnt = hdev->acl_pkts;
773 hdev->sco_cnt = hdev->sco_pkts;
774
775 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
776 hdev->acl_mtu, hdev->acl_pkts,
777 hdev->sco_mtu, hdev->sco_pkts);
778}
779
780static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
781{
782 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
783
784 BT_DBG("%s status 0x%x", hdev->name, rp->status);
785
786 if (!rp->status)
787 bacpy(&hdev->bdaddr, &rp->bdaddr);
788
23bb5763
JH		 789 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
790}
791
350ee4cf
AE		 792static void hci_cc_read_data_block_size(struct hci_dev *hdev,
793 struct sk_buff *skb)
794{
795 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
796
797 BT_DBG("%s status 0x%x", hdev->name, rp->status);
798
799 if (rp->status)
800 return;
801
802 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
803 hdev->block_len = __le16_to_cpu(rp->block_len);
804 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
805
806 hdev->block_cnt = hdev->num_blocks;
807
808 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
809 hdev->block_cnt, hdev->block_len);
810
811 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
812}
813
23bb5763
JH		 814static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
815{
816 __u8 status = *((__u8 *) skb->data);
817
818 BT_DBG("%s status 0x%x", hdev->name, status);
819
820 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 821}
822
928abaa7
AE		 823static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
824 struct sk_buff *skb)
825{
826 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
827
828 BT_DBG("%s status 0x%x", hdev->name, rp->status);
829
830 if (rp->status)
831 return;
832
833 hdev->amp_status = rp->amp_status;
834 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
835 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
836 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
837 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
838 hdev->amp_type = rp->amp_type;
839 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
840 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
841 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
842 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
843
844 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
845}
846
b0916ea0
JH		 847static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
848 struct sk_buff *skb)
849{
850 __u8 status = *((__u8 *) skb->data);
851
852 BT_DBG("%s status 0x%x", hdev->name, status);
853
854 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
855}
856
d5859e22
JH		 857static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
858{
859 __u8 status = *((__u8 *) skb->data);
860
861 BT_DBG("%s status 0x%x", hdev->name, status);
862
863 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
864}
865
866static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
867 struct sk_buff *skb)
868{
869 __u8 status = *((__u8 *) skb->data);
870
871 BT_DBG("%s status 0x%x", hdev->name, status);
872
873 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
874}
875
876static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
877 struct sk_buff *skb)
878{
879 __u8 status = *((__u8 *) skb->data);
880
881 BT_DBG("%s status 0x%x", hdev->name, status);
882
883 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
884}
885
886static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
887{
888 __u8 status = *((__u8 *) skb->data);
889
890 BT_DBG("%s status 0x%x", hdev->name, status);
891
892 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
893}
894
980e1a53
JH		 895static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
896{
897 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
898 struct hci_cp_pin_code_reply *cp;
899 struct hci_conn *conn;
900
901 BT_DBG("%s status 0x%x", hdev->name, rp->status);
902
56e5cb86
JH		 903 hci_dev_lock(hdev);
904
a8b2d5c2 905 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 906 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 907
908 if (rp->status != 0)
56e5cb86 909 goto unlock;
980e1a53
JH		 910
911 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
912 if (!cp)
56e5cb86 913 goto unlock;
980e1a53
JH		 914
915 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
916 if (conn)
917 conn->pin_length = cp->pin_len;
56e5cb86
JH		 918
919unlock:
920 hci_dev_unlock(hdev);
980e1a53
JH		 921}
922
923static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
924{
925 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
926
927 BT_DBG("%s status 0x%x", hdev->name, rp->status);
928
56e5cb86
JH		 929 hci_dev_lock(hdev);
930
a8b2d5c2 931 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 932 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 933 rp->status);
56e5cb86
JH		 934
935 hci_dev_unlock(hdev);
980e1a53 936}
56e5cb86 937
6ed58ec5
VT		 938static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
939 struct sk_buff *skb)
940{
941 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
942
943 BT_DBG("%s status 0x%x", hdev->name, rp->status);
944
945 if (rp->status)
946 return;
947
948 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
949 hdev->le_pkts = rp->le_max_pkt;
950
951 hdev->le_cnt = hdev->le_pkts;
952
953 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
954
955 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
956}
980e1a53 957
a5c29683
JH		 958static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
959{
960 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
961
962 BT_DBG("%s status 0x%x", hdev->name, rp->status);
963
56e5cb86
JH		 964 hci_dev_lock(hdev);
965
a8b2d5c2 966 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 967 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
968 0, rp->status);
56e5cb86
JH		 969
970 hci_dev_unlock(hdev);
a5c29683
JH		 971}
972
973static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
974 struct sk_buff *skb)
975{
976 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
977
978 BT_DBG("%s status 0x%x", hdev->name, rp->status);
979
56e5cb86
JH		 980 hci_dev_lock(hdev);
981
a8b2d5c2 982 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 983 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 984 ACL_LINK, 0,
a5c29683 985 rp->status);
56e5cb86
JH		 986
987 hci_dev_unlock(hdev);
a5c29683
JH		 988}
989
1143d458
BG		 990static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
991{
992 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
993
994 BT_DBG("%s status 0x%x", hdev->name, rp->status);
995
996 hci_dev_lock(hdev);
997
a8b2d5c2 998 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 999 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
1000 0, rp->status);
1143d458
BG		 1001
1002 hci_dev_unlock(hdev);
1003}
1004
1005static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1006 struct sk_buff *skb)
1007{
1008 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1009
1010 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1011
1012 hci_dev_lock(hdev);
1013
a8b2d5c2 1014 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1015 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 1016 ACL_LINK, 0,
1143d458
BG		 1017 rp->status);
1018
1019 hci_dev_unlock(hdev);
1020}
1021
c35938b2
SJ		 1022static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1023 struct sk_buff *skb)
1024{
1025 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1026
1027 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1028
56e5cb86 1029 hci_dev_lock(hdev);
744cf19e 1030 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1031 rp->randomizer, rp->status);
56e5cb86 1032 hci_dev_unlock(hdev);
c35938b2
SJ		 1033}
1034
07f7fa5d
AG		 1035static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1036{
1037 __u8 status = *((__u8 *) skb->data);
1038
1039 BT_DBG("%s status 0x%x", hdev->name, status);
7ba8b4be
AG		 1040
1041 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1042
1043 if (status) {
1044 hci_dev_lock(hdev);
1045 mgmt_start_discovery_failed(hdev, status);
1046 hci_dev_unlock(hdev);
1047 return;
1048 }
07f7fa5d
AG		 1049}
1050
eb9d91f5
AG		 1051static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1052 struct sk_buff *skb)
1053{
1054 struct hci_cp_le_set_scan_enable *cp;
1055 __u8 status = *((__u8 *) skb->data);
1056
1057 BT_DBG("%s status 0x%x", hdev->name, status);
1058
eb9d91f5
AG		 1059 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1060 if (!cp)
1061 return;
1062
68a8aea4
AE		 1063 switch (cp->enable) {
1064 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1065 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1066
3fd24153
AG		 1067 if (status) {
1068 hci_dev_lock(hdev);
1069 mgmt_start_discovery_failed(hdev, status);
1070 hci_dev_unlock(hdev);
7ba8b4be 1071 return;
3fd24153 1072 }
7ba8b4be 1073
d23264a8
AG		 1074 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1075
db323f2f 1076 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1077
1078 hci_dev_lock(hdev);
eb9d91f5 1079 hci_adv_entries_clear(hdev);
343f935b 1080 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 1081 hci_dev_unlock(hdev);
68a8aea4
AE		 1082 break;
1083
1084 case LE_SCANNING_DISABLED:
7ba8b4be
AG		 1085 if (status)
1086 return;
1087
d23264a8
AG		 1088 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1089
d084329e 1090 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
5e0452c0
AG		 1091
1092 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED) {
1093 mgmt_interleaved_discovery(hdev);
1094 } else {
1095 hci_dev_lock(hdev);
1096 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1097 hci_dev_unlock(hdev);
1098 }
1099
68a8aea4
AE		 1100 break;
1101
1102 default:
1103 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1104 break;
35815085 1105 }
eb9d91f5
AG		 1106}
1107
a7a595f6
VCG		 1108static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1109{
1110 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1111
1112 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1113
1114 if (rp->status)
1115 return;
1116
1117 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1118}
1119
1120static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1121{
1122 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1123
1124 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1125
1126 if (rp->status)
1127 return;
1128
1129 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1130}
1131
f9b49306
AG		 1132static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1133 struct sk_buff *skb)
1134{
1135 struct hci_cp_read_local_ext_features cp;
1136 __u8 status = *((__u8 *) skb->data);
1137
1138 BT_DBG("%s status 0x%x", hdev->name, status);
1139
1140 if (status)
1141 return;
1142
1143 cp.page = 0x01;
1144 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1145}
1146
a9de9248
MH		 1147static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1148{
1149 BT_DBG("%s status 0x%x", hdev->name, status);
1150
1151 if (status) {
23bb5763 1152 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1153 hci_conn_check_pending(hdev);
56e5cb86 1154 hci_dev_lock(hdev);
a8b2d5c2 1155 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1156 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1157 hci_dev_unlock(hdev);
314b2381
JH		 1158 return;
1159 }
1160
89352e7d
AG		 1161 set_bit(HCI_INQUIRY, &hdev->flags);
1162
56e5cb86 1163 hci_dev_lock(hdev);
343f935b 1164 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1165 hci_dev_unlock(hdev);
1da177e4
LT		 1166}
1167
1da177e4
LT		 1168static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1169{
a9de9248 1170 struct hci_cp_create_conn *cp;
1da177e4 1171 struct hci_conn *conn;
1da177e4 1172
a9de9248
MH		 1173 BT_DBG("%s status 0x%x", hdev->name, status);
1174
1175 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1176 if (!cp)
1177 return;
1178
1179 hci_dev_lock(hdev);
1180
1181 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1182
a9de9248 1183 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1184
1185 if (status) {
1186 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1187 if (status != 0x0c || conn->attempt > 2) {
1188 conn->state = BT_CLOSED;
1189 hci_proto_connect_cfm(conn, status);
1190 hci_conn_del(conn);
1191 } else
1192 conn->state = BT_CONNECT2;
1da177e4
LT		 1193 }
1194 } else {
1195 if (!conn) {
1196 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1197 if (conn) {
a0c808b3 1198 conn->out = true;
1da177e4
LT		 1199 conn->link_mode |= HCI_LM_MASTER;
1200 } else
893ef971 1201 BT_ERR("No memory for new connection");
1da177e4
LT		 1202 }
1203 }
1204
1205 hci_dev_unlock(hdev);
1206}
1207
a9de9248 1208static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1209{
a9de9248
MH		 1210 struct hci_cp_add_sco *cp;
1211 struct hci_conn *acl, *sco;
1212 __u16 handle;
1da177e4 1213
b6a0dc82
MH		 1214 BT_DBG("%s status 0x%x", hdev->name, status);
1215
a9de9248
MH		 1216 if (!status)
1217 return;
1da177e4 1218
a9de9248
MH		 1219 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1220 if (!cp)
1221 return;
1da177e4 1222
a9de9248 1223 handle = __le16_to_cpu(cp->handle);
1da177e4 1224
a9de9248 1225 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1226
a9de9248 1227 hci_dev_lock(hdev);
1da177e4 1228
a9de9248 1229 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1230 if (acl) {
1231 sco = acl->link;
1232 if (sco) {
1233 sco->state = BT_CLOSED;
1da177e4 1234
5a08ecce
AE		 1235 hci_proto_connect_cfm(sco, status);
1236 hci_conn_del(sco);
1237 }
a9de9248 1238 }
1da177e4 1239
a9de9248
MH		 1240 hci_dev_unlock(hdev);
1241}
1da177e4 1242
f8558555
MH		 1243static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1244{
1245 struct hci_cp_auth_requested *cp;
1246 struct hci_conn *conn;
1247
1248 BT_DBG("%s status 0x%x", hdev->name, status);
1249
1250 if (!status)
1251 return;
1252
1253 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1254 if (!cp)
1255 return;
1256
1257 hci_dev_lock(hdev);
1258
1259 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1260 if (conn) {
1261 if (conn->state == BT_CONFIG) {
1262 hci_proto_connect_cfm(conn, status);
1263 hci_conn_put(conn);
1264 }
1265 }
1266
1267 hci_dev_unlock(hdev);
1268}
1269
1270static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1271{
1272 struct hci_cp_set_conn_encrypt *cp;
1273 struct hci_conn *conn;
1274
1275 BT_DBG("%s status 0x%x", hdev->name, status);
1276
1277 if (!status)
1278 return;
1279
1280 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1281 if (!cp)
1282 return;
1283
1284 hci_dev_lock(hdev);
1285
1286 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1287 if (conn) {
1288 if (conn->state == BT_CONFIG) {
1289 hci_proto_connect_cfm(conn, status);
1290 hci_conn_put(conn);
1291 }
1292 }
1293
1294 hci_dev_unlock(hdev);
1295}
1296
127178d2 1297static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1298 struct hci_conn *conn)
392599b9 1299{
392599b9
JH		 1300 if (conn->state != BT_CONFIG || !conn->out)
1301 return 0;
1302
765c2a96 1303 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1304 return 0;
1305
1306 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1307 * devices with sec_level HIGH or if MITM protection is requested */
aa64a8b5 1308 if (!hci_conn_ssp_enabled(conn) &&
e9bf2bf0
VCG		 1309 conn->pending_sec_level != BT_SECURITY_HIGH &&
1310 !(conn->auth_type & 0x01))
392599b9
JH		 1311 return 0;
1312
392599b9
JH		 1313 return 1;
1314}
1315
30dc78e1
JH		 1316static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1317{
1318 struct hci_cp_remote_name_req cp;
1319
1320 memset(&cp, 0, sizeof(cp));
1321
1322 bacpy(&cp.bdaddr, &e->data.bdaddr);
1323 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1324 cp.pscan_mode = e->data.pscan_mode;
1325 cp.clock_offset = e->data.clock_offset;
1326
1327 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1328}
1329
b644ba33 1330static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1331{
1332 struct discovery_state *discov = &hdev->discovery;
1333 struct inquiry_entry *e;
1334
b644ba33
JH		 1335 if (list_empty(&discov->resolve))
1336 return false;
1337
1338 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1339 if (hci_resolve_name(hdev, e) == 0) {
1340 e->name_state = NAME_PENDING;
1341 return true;
1342 }
1343
1344 return false;
1345}
1346
1347static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1348 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1349{
1350 struct discovery_state *discov = &hdev->discovery;
1351 struct inquiry_entry *e;
1352
1353 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1354 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1355 name, name_len, conn->dev_class);
1356
1357 if (discov->state == DISCOVERY_STOPPED)
1358 return;
1359
30dc78e1
JH		 1360 if (discov->state == DISCOVERY_STOPPING)
1361 goto discov_complete;
1362
1363 if (discov->state != DISCOVERY_RESOLVING)
1364 return;
1365
1366 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1367 if (e) {
1368 e->name_state = NAME_KNOWN;
1369 list_del(&e->list);
b644ba33
JH		 1370 if (name)
1371 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1372 e->data.rssi, name, name_len);
30dc78e1
JH		 1373 }
1374
b644ba33 1375 if (hci_resolve_next_name(hdev))
30dc78e1 1376 return;
30dc78e1
JH		 1377
1378discov_complete:
1379 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1380}
1381
a9de9248
MH		 1382static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1383{
127178d2
JH		 1384 struct hci_cp_remote_name_req *cp;
1385 struct hci_conn *conn;
1386
a9de9248 1387 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1388
1389 /* If successful wait for the name req complete event before
1390 * checking for the need to do authentication */
1391 if (!status)
1392 return;
1393
1394 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1395 if (!cp)
1396 return;
1397
1398 hci_dev_lock(hdev);
1399
b644ba33
JH		 1400 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1401
a8b2d5c2 1402 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1403 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1404
79c6c70c
JH		 1405 if (!conn)
1406 goto unlock;
1407
1408 if (!hci_outgoing_auth_needed(hdev, conn))
1409 goto unlock;
1410
51a8efd7 1411 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1412 struct hci_cp_auth_requested cp;
1413 cp.handle = __cpu_to_le16(conn->handle);
1414 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1415 }
1416
79c6c70c 1417unlock:
127178d2 1418 hci_dev_unlock(hdev);
a9de9248 1419}
1da177e4 1420
769be974
MH		 1421static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1422{
1423 struct hci_cp_read_remote_features *cp;
1424 struct hci_conn *conn;
1425
1426 BT_DBG("%s status 0x%x", hdev->name, status);
1427
1428 if (!status)
1429 return;
1430
1431 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1432 if (!cp)
1433 return;
1434
1435 hci_dev_lock(hdev);
1436
1437 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1438 if (conn) {
1439 if (conn->state == BT_CONFIG) {
769be974
MH		 1440 hci_proto_connect_cfm(conn, status);
1441 hci_conn_put(conn);
1442 }
1443 }
1444
1445 hci_dev_unlock(hdev);
1446}
1447
1448static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1449{
1450 struct hci_cp_read_remote_ext_features *cp;
1451 struct hci_conn *conn;
1452
1453 BT_DBG("%s status 0x%x", hdev->name, status);
1454
1455 if (!status)
1456 return;
1457
1458 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1459 if (!cp)
1460 return;
1461
1462 hci_dev_lock(hdev);
1463
1464 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1465 if (conn) {
1466 if (conn->state == BT_CONFIG) {
769be974
MH		 1467 hci_proto_connect_cfm(conn, status);
1468 hci_conn_put(conn);
1469 }
1470 }
1471
1472 hci_dev_unlock(hdev);
1473}
1474
a9de9248
MH		 1475static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1476{
b6a0dc82
MH		 1477 struct hci_cp_setup_sync_conn *cp;
1478 struct hci_conn *acl, *sco;
1479 __u16 handle;
1480
a9de9248 1481 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1482
1483 if (!status)
1484 return;
1485
1486 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1487 if (!cp)
1488 return;
1489
1490 handle = __le16_to_cpu(cp->handle);
1491
1492 BT_DBG("%s handle %d", hdev->name, handle);
1493
1494 hci_dev_lock(hdev);
1495
1496 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1497 if (acl) {
1498 sco = acl->link;
1499 if (sco) {
1500 sco->state = BT_CLOSED;
b6a0dc82 1501
5a08ecce
AE		 1502 hci_proto_connect_cfm(sco, status);
1503 hci_conn_del(sco);
1504 }
b6a0dc82
MH		 1505 }
1506
1507 hci_dev_unlock(hdev);
1da177e4
LT		 1508}
1509
a9de9248 1510static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1511{
a9de9248
MH		 1512 struct hci_cp_sniff_mode *cp;
1513 struct hci_conn *conn;
1da177e4 1514
a9de9248 1515 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1516
a9de9248
MH		 1517 if (!status)
1518 return;
04837f64 1519
a9de9248
MH		 1520 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1521 if (!cp)
1522 return;
04837f64 1523
a9de9248 1524 hci_dev_lock(hdev);
04837f64 1525
a9de9248 1526 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1527 if (conn) {
51a8efd7 1528 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1529
51a8efd7 1530 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1531 hci_sco_setup(conn, status);
1532 }
1533
a9de9248
MH		 1534 hci_dev_unlock(hdev);
1535}
04837f64 1536
a9de9248
MH		 1537static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1538{
1539 struct hci_cp_exit_sniff_mode *cp;
1540 struct hci_conn *conn;
04837f64 1541
a9de9248 1542 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1543
a9de9248
MH		 1544 if (!status)
1545 return;
04837f64 1546
a9de9248
MH		 1547 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1548 if (!cp)
1549 return;
04837f64 1550
a9de9248 1551 hci_dev_lock(hdev);
1da177e4 1552
a9de9248 1553 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1554 if (conn) {
51a8efd7 1555 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1556
51a8efd7 1557 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1558 hci_sco_setup(conn, status);
1559 }
1560
a9de9248 1561 hci_dev_unlock(hdev);
1da177e4
LT		 1562}
1563
88c3df13
JH		 1564static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1565{
1566 struct hci_cp_disconnect *cp;
1567 struct hci_conn *conn;
1568
1569 if (!status)
1570 return;
1571
1572 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1573 if (!cp)
1574 return;
1575
1576 hci_dev_lock(hdev);
1577
1578 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1579 if (conn)
1580 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1581 conn->dst_type, status);
1582
1583 hci_dev_unlock(hdev);
1584}
1585
fcd89c09
VT		 1586static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1587{
1588 struct hci_cp_le_create_conn *cp;
1589 struct hci_conn *conn;
1590
1591 BT_DBG("%s status 0x%x", hdev->name, status);
1592
1593 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1594 if (!cp)
1595 return;
1596
1597 hci_dev_lock(hdev);
1598
1599 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1600
1601 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1602 conn);
1603
1604 if (status) {
1605 if (conn && conn->state == BT_CONNECT) {
1606 conn->state = BT_CLOSED;
1607 hci_proto_connect_cfm(conn, status);
1608 hci_conn_del(conn);
1609 }
1610 } else {
1611 if (!conn) {
1612 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1613 if (conn) {
1614 conn->dst_type = cp->peer_addr_type;
a0c808b3 1615 conn->out = true;
29b7988a 1616 } else {
fcd89c09 1617 BT_ERR("No memory for new connection");
29b7988a 1618 }
fcd89c09
VT		 1619 }
1620 }
1621
1622 hci_dev_unlock(hdev);
1623}
1624
a7a595f6
VCG		 1625static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1626{
1627 BT_DBG("%s status 0x%x", hdev->name, status);
1628}
1629
1da177e4
LT		 1630static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1631{
1632 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1633 struct discovery_state *discov = &hdev->discovery;
1634 struct inquiry_entry *e;
1da177e4
LT		 1635
1636 BT_DBG("%s status %d", hdev->name, status);
1637
23bb5763 1638 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1639
a9de9248 1640 hci_conn_check_pending(hdev);
89352e7d
AG		 1641
1642 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1643 return;
1644
a8b2d5c2 1645 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1646 return;
1647
56e5cb86 1648 hci_dev_lock(hdev);
30dc78e1 1649
343f935b 1650 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1651 goto unlock;
1652
1653 if (list_empty(&discov->resolve)) {
1654 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1655 goto unlock;
1656 }
1657
1658 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1659 if (e && hci_resolve_name(hdev, e) == 0) {
1660 e->name_state = NAME_PENDING;
1661 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1662 } else {
1663 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1664 }
1665
1666unlock:
56e5cb86 1667 hci_dev_unlock(hdev);
1da177e4
LT		 1668}
1669
1da177e4
LT		 1670static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1671{
45bb4bf0 1672 struct inquiry_data data;
a9de9248 1673 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1674 int num_rsp = *((__u8 *) skb->data);
1675
1676 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1677
45bb4bf0
MH		 1678 if (!num_rsp)
1679 return;
1680
1da177e4 1681 hci_dev_lock(hdev);
45bb4bf0 1682
e17acd40 1683 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1684 bool name_known;
1685
1da177e4
LT		 1686 bacpy(&data.bdaddr, &info->bdaddr);
1687 data.pscan_rep_mode = info->pscan_rep_mode;
1688 data.pscan_period_mode = info->pscan_period_mode;
1689 data.pscan_mode = info->pscan_mode;
1690 memcpy(data.dev_class, info->dev_class, 3);
1691 data.clock_offset = info->clock_offset;
1692 data.rssi = 0x00;
41a96212 1693 data.ssp_mode = 0x00;
3175405b
JH		 1694
1695 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1696 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1697 info->dev_class, 0, !name_known,
1698 NULL, 0);
1da177e4 1699 }
45bb4bf0 1700
1da177e4
LT		 1701 hci_dev_unlock(hdev);
1702}
1703
1da177e4
LT		 1704static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1705{
a9de9248
MH		 1706 struct hci_ev_conn_complete *ev = (void *) skb->data;
1707 struct hci_conn *conn;
1da177e4
LT		 1708
1709 BT_DBG("%s", hdev->name);
1710
1711 hci_dev_lock(hdev);
1712
1713 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1714 if (!conn) {
1715 if (ev->link_type != SCO_LINK)
1716 goto unlock;
1717
1718 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1719 if (!conn)
1720 goto unlock;
1721
1722 conn->type = SCO_LINK;
1723 }
1da177e4
LT		 1724
1725 if (!ev->status) {
1726 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1727
1728 if (conn->type == ACL_LINK) {
1729 conn->state = BT_CONFIG;
1730 hci_conn_hold(conn);
052b30b0 1731 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1732 } else
1733 conn->state = BT_CONNECTED;
1da177e4 1734
9eba32b8 1735 hci_conn_hold_device(conn);
7d0db0a3
MH		 1736 hci_conn_add_sysfs(conn);
1737
1da177e4
LT		 1738 if (test_bit(HCI_AUTH, &hdev->flags))
1739 conn->link_mode |= HCI_LM_AUTH;
1740
1741 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1742 conn->link_mode |= HCI_LM_ENCRYPT;
1743
04837f64
MH		 1744 /* Get remote features */
1745 if (conn->type == ACL_LINK) {
1746 struct hci_cp_read_remote_features cp;
1747 cp.handle = ev->handle;
769be974
MH		 1748 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1749 sizeof(cp), &cp);
04837f64
MH		 1750 }
1751
1da177e4 1752 /* Set packet type for incoming connection */
d095c1eb 1753 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1754 struct hci_cp_change_conn_ptype cp;
1755 cp.handle = ev->handle;
a8746417
MH		 1756 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1757 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1758 sizeof(cp), &cp);
1da177e4 1759 }
17d5c04c 1760 } else {
1da177e4 1761 conn->state = BT_CLOSED;
17d5c04c 1762 if (conn->type == ACL_LINK)
744cf19e 1763 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1764 conn->dst_type, ev->status);
17d5c04c 1765 }
1da177e4 1766
e73439d8
MH		 1767 if (conn->type == ACL_LINK)
1768 hci_sco_setup(conn, ev->status);
1da177e4 1769
769be974
MH		 1770 if (ev->status) {
1771 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1772 hci_conn_del(conn);
c89b6e6b
MH		 1773 } else if (ev->link_type != ACL_LINK)
1774 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1775
a9de9248 1776unlock:
1da177e4 1777 hci_dev_unlock(hdev);
1da177e4 1778
a9de9248 1779 hci_conn_check_pending(hdev);
1da177e4
LT		 1780}
1781
a9de9248 1782static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1783{
a9de9248
MH		 1784 struct hci_ev_conn_request *ev = (void *) skb->data;
1785 int mask = hdev->link_mode;
1da177e4 1786
a9de9248
MH		 1787 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1788 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1789
a9de9248 1790 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1791
138d22ef
SJ		 1792 if ((mask & HCI_LM_ACCEPT) &&
1793 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1794 /* Connection accepted */
c7bdd502 1795 struct inquiry_entry *ie;
1da177e4 1796 struct hci_conn *conn;
1da177e4 1797
a9de9248 1798 hci_dev_lock(hdev);
b6a0dc82 1799
cc11b9c1
AE		 1800 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1801 if (ie)
c7bdd502
MH		 1802 memcpy(ie->data.dev_class, ev->dev_class, 3);
1803
a9de9248
MH		 1804 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1805 if (!conn) {
cc11b9c1
AE		 1806 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1807 if (!conn) {
893ef971 1808 BT_ERR("No memory for new connection");
a9de9248
MH		 1809 hci_dev_unlock(hdev);
1810 return;
1da177e4
LT		 1811 }
1812 }
b6a0dc82 1813
a9de9248
MH		 1814 memcpy(conn->dev_class, ev->dev_class, 3);
1815 conn->state = BT_CONNECT;
b6a0dc82 1816
a9de9248 1817 hci_dev_unlock(hdev);
1da177e4 1818
b6a0dc82
MH		 1819 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1820 struct hci_cp_accept_conn_req cp;
1da177e4 1821
b6a0dc82
MH		 1822 bacpy(&cp.bdaddr, &ev->bdaddr);
1823
1824 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1825 cp.role = 0x00; /* Become master */
1826 else
1827 cp.role = 0x01; /* Remain slave */
1828
1829 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1830 sizeof(cp), &cp);
1831 } else {
1832 struct hci_cp_accept_sync_conn_req cp;
1833
1834 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1835 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1836
1837 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1838 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1839 cp.max_latency = cpu_to_le16(0xffff);
1840 cp.content_format = cpu_to_le16(hdev->voice_setting);
1841 cp.retrans_effort = 0xff;
1da177e4 1842
b6a0dc82
MH		 1843 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1844 sizeof(cp), &cp);
1845 }
a9de9248
MH		 1846 } else {
1847 /* Connection rejected */
1848 struct hci_cp_reject_conn_req cp;
1da177e4 1849
a9de9248 1850 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1851 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1852 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1853 }
1da177e4
LT		 1854}
1855
a9de9248 1856static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1857{
a9de9248 1858 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1859 struct hci_conn *conn;
1860
1861 BT_DBG("%s status %d", hdev->name, ev->status);
1862
1863 hci_dev_lock(hdev);
1864
1865 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1866 if (!conn)
1867 goto unlock;
7d0db0a3 1868
37d9ef76
JH		 1869 if (ev->status == 0)
1870 conn->state = BT_CLOSED;
04837f64 1871
b644ba33
JH		 1872 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1873 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76 1874 if (ev->status != 0)
88c3df13
JH		 1875 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1876 conn->dst_type, ev->status);
37d9ef76 1877 else
afc747a6 1878 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1879 conn->dst_type);
37d9ef76 1880 }
f7520543 1881
37d9ef76
JH		 1882 if (ev->status == 0) {
1883 hci_proto_disconn_cfm(conn, ev->reason);
1884 hci_conn_del(conn);
1885 }
f7520543
JH		 1886
1887unlock:
04837f64
MH		 1888 hci_dev_unlock(hdev);
1889}
1890
1da177e4
LT		 1891static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1892{
a9de9248 1893 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1894 struct hci_conn *conn;
1da177e4
LT		 1895
1896 BT_DBG("%s status %d", hdev->name, ev->status);
1897
1898 hci_dev_lock(hdev);
1899
04837f64 1900 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1901 if (!conn)
1902 goto unlock;
1903
1904 if (!ev->status) {
aa64a8b5
JH		 1905 if (!hci_conn_ssp_enabled(conn) &&
1906 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1907 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1908 } else {
d7556e20
WR		 1909 conn->link_mode |= HCI_LM_AUTH;
1910 conn->sec_level = conn->pending_sec_level;
2a611692 1911 }
d7556e20 1912 } else {
bab73cb6
JH		 1913 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
1914 ev->status);
d7556e20 1915 }
1da177e4 1916
51a8efd7
JH		 1917 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1918 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1919
d7556e20 1920 if (conn->state == BT_CONFIG) {
aa64a8b5 1921 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1922 struct hci_cp_set_conn_encrypt cp;
1923 cp.handle = ev->handle;
1924 cp.encrypt = 0x01;
1925 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1926 &cp);
052b30b0 1927 } else {
d7556e20
WR		 1928 conn->state = BT_CONNECTED;
1929 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1930 hci_conn_put(conn);
1931 }
d7556e20
WR		 1932 } else {
1933 hci_auth_cfm(conn, ev->status);
052b30b0 1934
d7556e20
WR		 1935 hci_conn_hold(conn);
1936 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1937 hci_conn_put(conn);
1938 }
1939
51a8efd7 1940 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1941 if (!ev->status) {
1942 struct hci_cp_set_conn_encrypt cp;
1943 cp.handle = ev->handle;
1944 cp.encrypt = 0x01;
1945 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1946 &cp);
1947 } else {
51a8efd7 1948 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1949 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1950 }
1951 }
1952
d7556e20 1953unlock:
1da177e4
LT		 1954 hci_dev_unlock(hdev);
1955}
1956
a9de9248 1957static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1958{
127178d2
JH		 1959 struct hci_ev_remote_name *ev = (void *) skb->data;
1960 struct hci_conn *conn;
1961
a9de9248 1962 BT_DBG("%s", hdev->name);
1da177e4 1963
a9de9248 1964 hci_conn_check_pending(hdev);
127178d2
JH		 1965
1966 hci_dev_lock(hdev);
1967
b644ba33 1968 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1969
b644ba33
JH		 1970 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1971 goto check_auth;
a88a9652 1972
b644ba33
JH		 1973 if (ev->status == 0)
1974 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1975 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1976 else
1977 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1978
1979check_auth:
79c6c70c
JH		 1980 if (!conn)
1981 goto unlock;
1982
1983 if (!hci_outgoing_auth_needed(hdev, conn))
1984 goto unlock;
1985
51a8efd7 1986 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1987 struct hci_cp_auth_requested cp;
1988 cp.handle = __cpu_to_le16(conn->handle);
1989 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1990 }
1991
79c6c70c 1992unlock:
127178d2 1993 hci_dev_unlock(hdev);
a9de9248
MH		 1994}
1995
1996static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1997{
1998 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1999 struct hci_conn *conn;
2000
2001 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 2002
2003 hci_dev_lock(hdev);
2004
04837f64 2005 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2006 if (conn) {
2007 if (!ev->status) {
ae293196
MH		 2008 if (ev->encrypt) {
2009 /* Encryption implies authentication */
2010 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2011 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2012 conn->sec_level = conn->pending_sec_level;
ae293196 2013 } else
1da177e4
LT		 2014 conn->link_mode &= ~HCI_LM_ENCRYPT;
2015 }
2016
51a8efd7 2017 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2018
f8558555
MH		 2019 if (conn->state == BT_CONFIG) {
2020 if (!ev->status)
2021 conn->state = BT_CONNECTED;
2022
2023 hci_proto_connect_cfm(conn, ev->status);
2024 hci_conn_put(conn);
2025 } else
2026 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2027 }
2028
2029 hci_dev_unlock(hdev);
2030}
2031
a9de9248 2032static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2033{
a9de9248 2034 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2035 struct hci_conn *conn;
1da177e4
LT		 2036
2037 BT_DBG("%s status %d", hdev->name, ev->status);
2038
2039 hci_dev_lock(hdev);
2040
04837f64 2041 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2042 if (conn) {
2043 if (!ev->status)
2044 conn->link_mode |= HCI_LM_SECURE;
2045
51a8efd7 2046 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2047
2048 hci_key_change_cfm(conn, ev->status);
2049 }
2050
2051 hci_dev_unlock(hdev);
2052}
2053
a9de9248 2054static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2055{
a9de9248
MH		 2056 struct hci_ev_remote_features *ev = (void *) skb->data;
2057 struct hci_conn *conn;
2058
2059 BT_DBG("%s status %d", hdev->name, ev->status);
2060
a9de9248
MH		 2061 hci_dev_lock(hdev);
2062
2063 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2064 if (!conn)
2065 goto unlock;
769be974 2066
ccd556fe
JH		 2067 if (!ev->status)
2068 memcpy(conn->features, ev->features, 8);
2069
2070 if (conn->state != BT_CONFIG)
2071 goto unlock;
2072
2073 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2074 struct hci_cp_read_remote_ext_features cp;
2075 cp.handle = ev->handle;
2076 cp.page = 0x01;
2077 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2078 sizeof(cp), &cp);
392599b9
JH		 2079 goto unlock;
2080 }
2081
127178d2
JH		 2082 if (!ev->status) {
2083 struct hci_cp_remote_name_req cp;
2084 memset(&cp, 0, sizeof(cp));
2085 bacpy(&cp.bdaddr, &conn->dst);
2086 cp.pscan_rep_mode = 0x02;
2087 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2088 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2089 mgmt_device_connected(hdev, &conn->dst, conn->type,
2090 conn->dst_type, NULL, 0,
2091 conn->dev_class);
392599b9 2092
127178d2 2093 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2094 conn->state = BT_CONNECTED;
2095 hci_proto_connect_cfm(conn, ev->status);
2096 hci_conn_put(conn);
769be974 2097 }
a9de9248 2098
ccd556fe 2099unlock:
a9de9248 2100 hci_dev_unlock(hdev);
1da177e4
LT		 2101}
2102
a9de9248 2103static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2104{
a9de9248 2105 BT_DBG("%s", hdev->name);
1da177e4
LT		 2106}
2107
a9de9248 2108static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2109{
a9de9248 2110 BT_DBG("%s", hdev->name);
1da177e4
LT		 2111}
2112
a9de9248
MH		 2113static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2114{
2115 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2116 __u16 opcode;
2117
2118 skb_pull(skb, sizeof(*ev));
2119
2120 opcode = __le16_to_cpu(ev->opcode);
2121
2122 switch (opcode) {
2123 case HCI_OP_INQUIRY_CANCEL:
2124 hci_cc_inquiry_cancel(hdev, skb);
2125 break;
2126
2127 case HCI_OP_EXIT_PERIODIC_INQ:
2128 hci_cc_exit_periodic_inq(hdev, skb);
2129 break;
2130
2131 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2132 hci_cc_remote_name_req_cancel(hdev, skb);
2133 break;
2134
2135 case HCI_OP_ROLE_DISCOVERY:
2136 hci_cc_role_discovery(hdev, skb);
2137 break;
2138
e4e8e37c
MH		 2139 case HCI_OP_READ_LINK_POLICY:
2140 hci_cc_read_link_policy(hdev, skb);
2141 break;
2142
a9de9248
MH		 2143 case HCI_OP_WRITE_LINK_POLICY:
2144 hci_cc_write_link_policy(hdev, skb);
2145 break;
2146
e4e8e37c
MH		 2147 case HCI_OP_READ_DEF_LINK_POLICY:
2148 hci_cc_read_def_link_policy(hdev, skb);
2149 break;
2150
2151 case HCI_OP_WRITE_DEF_LINK_POLICY:
2152 hci_cc_write_def_link_policy(hdev, skb);
2153 break;
2154
a9de9248
MH		 2155 case HCI_OP_RESET:
2156 hci_cc_reset(hdev, skb);
2157 break;
2158
2159 case HCI_OP_WRITE_LOCAL_NAME:
2160 hci_cc_write_local_name(hdev, skb);
2161 break;
2162
2163 case HCI_OP_READ_LOCAL_NAME:
2164 hci_cc_read_local_name(hdev, skb);
2165 break;
2166
2167 case HCI_OP_WRITE_AUTH_ENABLE:
2168 hci_cc_write_auth_enable(hdev, skb);
2169 break;
2170
2171 case HCI_OP_WRITE_ENCRYPT_MODE:
2172 hci_cc_write_encrypt_mode(hdev, skb);
2173 break;
2174
2175 case HCI_OP_WRITE_SCAN_ENABLE:
2176 hci_cc_write_scan_enable(hdev, skb);
2177 break;
2178
2179 case HCI_OP_READ_CLASS_OF_DEV:
2180 hci_cc_read_class_of_dev(hdev, skb);
2181 break;
2182
2183 case HCI_OP_WRITE_CLASS_OF_DEV:
2184 hci_cc_write_class_of_dev(hdev, skb);
2185 break;
2186
2187 case HCI_OP_READ_VOICE_SETTING:
2188 hci_cc_read_voice_setting(hdev, skb);
2189 break;
2190
2191 case HCI_OP_WRITE_VOICE_SETTING:
2192 hci_cc_write_voice_setting(hdev, skb);
2193 break;
2194
2195 case HCI_OP_HOST_BUFFER_SIZE:
2196 hci_cc_host_buffer_size(hdev, skb);
2197 break;
2198
333140b5
MH		 2199 case HCI_OP_READ_SSP_MODE:
2200 hci_cc_read_ssp_mode(hdev, skb);
2201 break;
2202
2203 case HCI_OP_WRITE_SSP_MODE:
2204 hci_cc_write_ssp_mode(hdev, skb);
2205 break;
2206
a9de9248
MH		 2207 case HCI_OP_READ_LOCAL_VERSION:
2208 hci_cc_read_local_version(hdev, skb);
2209 break;
2210
2211 case HCI_OP_READ_LOCAL_COMMANDS:
2212 hci_cc_read_local_commands(hdev, skb);
2213 break;
2214
2215 case HCI_OP_READ_LOCAL_FEATURES:
2216 hci_cc_read_local_features(hdev, skb);
2217 break;
2218
971e3a4b
AG		 2219 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2220 hci_cc_read_local_ext_features(hdev, skb);
2221 break;
2222
a9de9248
MH		 2223 case HCI_OP_READ_BUFFER_SIZE:
2224 hci_cc_read_buffer_size(hdev, skb);
2225 break;
2226
2227 case HCI_OP_READ_BD_ADDR:
2228 hci_cc_read_bd_addr(hdev, skb);
2229 break;
2230
350ee4cf
AE		 2231 case HCI_OP_READ_DATA_BLOCK_SIZE:
2232 hci_cc_read_data_block_size(hdev, skb);
2233 break;
2234
23bb5763
JH		 2235 case HCI_OP_WRITE_CA_TIMEOUT:
2236 hci_cc_write_ca_timeout(hdev, skb);
2237 break;
2238
1e89cffb
AE		 2239 case HCI_OP_READ_FLOW_CONTROL_MODE:
2240 hci_cc_read_flow_control_mode(hdev, skb);
2241 break;
2242
928abaa7
AE		 2243 case HCI_OP_READ_LOCAL_AMP_INFO:
2244 hci_cc_read_local_amp_info(hdev, skb);
2245 break;
2246
b0916ea0
JH		 2247 case HCI_OP_DELETE_STORED_LINK_KEY:
2248 hci_cc_delete_stored_link_key(hdev, skb);
2249 break;
2250
d5859e22
JH		 2251 case HCI_OP_SET_EVENT_MASK:
2252 hci_cc_set_event_mask(hdev, skb);
2253 break;
2254
2255 case HCI_OP_WRITE_INQUIRY_MODE:
2256 hci_cc_write_inquiry_mode(hdev, skb);
2257 break;
2258
2259 case HCI_OP_READ_INQ_RSP_TX_POWER:
2260 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2261 break;
2262
2263 case HCI_OP_SET_EVENT_FLT:
2264 hci_cc_set_event_flt(hdev, skb);
2265 break;
2266
980e1a53
JH		 2267 case HCI_OP_PIN_CODE_REPLY:
2268 hci_cc_pin_code_reply(hdev, skb);
2269 break;
2270
2271 case HCI_OP_PIN_CODE_NEG_REPLY:
2272 hci_cc_pin_code_neg_reply(hdev, skb);
2273 break;
2274
c35938b2
SJ		 2275 case HCI_OP_READ_LOCAL_OOB_DATA:
2276 hci_cc_read_local_oob_data_reply(hdev, skb);
2277 break;
2278
6ed58ec5
VT		 2279 case HCI_OP_LE_READ_BUFFER_SIZE:
2280 hci_cc_le_read_buffer_size(hdev, skb);
2281 break;
2282
a5c29683
JH		 2283 case HCI_OP_USER_CONFIRM_REPLY:
2284 hci_cc_user_confirm_reply(hdev, skb);
2285 break;
2286
2287 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2288 hci_cc_user_confirm_neg_reply(hdev, skb);
2289 break;
2290
1143d458
BG		 2291 case HCI_OP_USER_PASSKEY_REPLY:
2292 hci_cc_user_passkey_reply(hdev, skb);
2293 break;
2294
2295 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2296 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2297
2298 case HCI_OP_LE_SET_SCAN_PARAM:
2299 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2300 break;
2301
eb9d91f5
AG		 2302 case HCI_OP_LE_SET_SCAN_ENABLE:
2303 hci_cc_le_set_scan_enable(hdev, skb);
2304 break;
2305
a7a595f6
VCG		 2306 case HCI_OP_LE_LTK_REPLY:
2307 hci_cc_le_ltk_reply(hdev, skb);
2308 break;
2309
2310 case HCI_OP_LE_LTK_NEG_REPLY:
2311 hci_cc_le_ltk_neg_reply(hdev, skb);
2312 break;
2313
f9b49306
AG		 2314 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2315 hci_cc_write_le_host_supported(hdev, skb);
2316 break;
2317
a9de9248
MH		 2318 default:
2319 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2320 break;
2321 }
2322
6bd32326
VT		 2323 if (ev->opcode != HCI_OP_NOP)
2324 del_timer(&hdev->cmd_timer);
2325
a9de9248
MH		 2326 if (ev->ncmd) {
2327 atomic_set(&hdev->cmd_cnt, 1);
2328 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2329 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2330 }
2331}
2332
2333static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2334{
2335 struct hci_ev_cmd_status *ev = (void *) skb->data;
2336 __u16 opcode;
2337
2338 skb_pull(skb, sizeof(*ev));
2339
2340 opcode = __le16_to_cpu(ev->opcode);
2341
2342 switch (opcode) {
2343 case HCI_OP_INQUIRY:
2344 hci_cs_inquiry(hdev, ev->status);
2345 break;
2346
2347 case HCI_OP_CREATE_CONN:
2348 hci_cs_create_conn(hdev, ev->status);
2349 break;
2350
2351 case HCI_OP_ADD_SCO:
2352 hci_cs_add_sco(hdev, ev->status);
2353 break;
2354
f8558555
MH		 2355 case HCI_OP_AUTH_REQUESTED:
2356 hci_cs_auth_requested(hdev, ev->status);
2357 break;
2358
2359 case HCI_OP_SET_CONN_ENCRYPT:
2360 hci_cs_set_conn_encrypt(hdev, ev->status);
2361 break;
2362
a9de9248
MH		 2363 case HCI_OP_REMOTE_NAME_REQ:
2364 hci_cs_remote_name_req(hdev, ev->status);
2365 break;
2366
769be974
MH		 2367 case HCI_OP_READ_REMOTE_FEATURES:
2368 hci_cs_read_remote_features(hdev, ev->status);
2369 break;
2370
2371 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2372 hci_cs_read_remote_ext_features(hdev, ev->status);
2373 break;
2374
a9de9248
MH		 2375 case HCI_OP_SETUP_SYNC_CONN:
2376 hci_cs_setup_sync_conn(hdev, ev->status);
2377 break;
2378
2379 case HCI_OP_SNIFF_MODE:
2380 hci_cs_sniff_mode(hdev, ev->status);
2381 break;
2382
2383 case HCI_OP_EXIT_SNIFF_MODE:
2384 hci_cs_exit_sniff_mode(hdev, ev->status);
2385 break;
2386
8962ee74 2387 case HCI_OP_DISCONNECT:
88c3df13 2388 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2389 break;
2390
fcd89c09
VT		 2391 case HCI_OP_LE_CREATE_CONN:
2392 hci_cs_le_create_conn(hdev, ev->status);
2393 break;
2394
a7a595f6
VCG		 2395 case HCI_OP_LE_START_ENC:
2396 hci_cs_le_start_enc(hdev, ev->status);
2397 break;
2398
a9de9248
MH		 2399 default:
2400 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2401 break;
2402 }
2403
6bd32326
VT		 2404 if (ev->opcode != HCI_OP_NOP)
2405 del_timer(&hdev->cmd_timer);
2406
10572132 2407 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2408 atomic_set(&hdev->cmd_cnt, 1);
2409 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2410 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2411 }
2412}
2413
2414static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2415{
2416 struct hci_ev_role_change *ev = (void *) skb->data;
2417 struct hci_conn *conn;
2418
2419 BT_DBG("%s status %d", hdev->name, ev->status);
2420
2421 hci_dev_lock(hdev);
2422
2423 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2424 if (conn) {
2425 if (!ev->status) {
2426 if (ev->role)
2427 conn->link_mode &= ~HCI_LM_MASTER;
2428 else
2429 conn->link_mode |= HCI_LM_MASTER;
2430 }
2431
51a8efd7 2432 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2433
2434 hci_role_switch_cfm(conn, ev->status, ev->role);
2435 }
2436
2437 hci_dev_unlock(hdev);
2438}
2439
2440static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2441{
2442 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2443 int i;
2444
32ac5b9b
AE		 2445 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2446 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2447 return;
2448 }
2449
c5993de8
AE		 2450 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2451 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2452 BT_DBG("%s bad parameters", hdev->name);
2453 return;
2454 }
2455
c5993de8
AE		 2456 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2457
613a1c0c
AE		 2458 for (i = 0; i < ev->num_hndl; i++) {
2459 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2460 struct hci_conn *conn;
2461 __u16 handle, count;
2462
613a1c0c
AE		 2463 handle = __le16_to_cpu(info->handle);
2464 count = __le16_to_cpu(info->count);
a9de9248
MH		 2465
2466 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2467 if (!conn)
2468 continue;
2469
2470 conn->sent -= count;
2471
2472 switch (conn->type) {
2473 case ACL_LINK:
2474 hdev->acl_cnt += count;
2475 if (hdev->acl_cnt > hdev->acl_pkts)
2476 hdev->acl_cnt = hdev->acl_pkts;
2477 break;
2478
2479 case LE_LINK:
2480 if (hdev->le_pkts) {
2481 hdev->le_cnt += count;
2482 if (hdev->le_cnt > hdev->le_pkts)
2483 hdev->le_cnt = hdev->le_pkts;
2484 } else {
70f23020
AE		 2485 hdev->acl_cnt += count;
2486 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2487 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2488 }
f4280918
AE		 2489 break;
2490
2491 case SCO_LINK:
2492 hdev->sco_cnt += count;
2493 if (hdev->sco_cnt > hdev->sco_pkts)
2494 hdev->sco_cnt = hdev->sco_pkts;
2495 break;
2496
2497 default:
2498 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2499 break;
a9de9248
MH		 2500 }
2501 }
2502
3eff45ea 2503 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2504}
2505
25e89e99
AE		 2506static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2507 struct sk_buff *skb)
2508{
2509 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2510 int i;
2511
2512 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2513 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2514 return;
2515 }
2516
2517 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2518 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2519 BT_DBG("%s bad parameters", hdev->name);
2520 return;
2521 }
2522
2523 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2524 ev->num_hndl);
2525
2526 for (i = 0; i < ev->num_hndl; i++) {
2527 struct hci_comp_blocks_info *info = &ev->handles[i];
2528 struct hci_conn *conn;
2529 __u16 handle, block_count;
2530
2531 handle = __le16_to_cpu(info->handle);
2532 block_count = __le16_to_cpu(info->blocks);
2533
2534 conn = hci_conn_hash_lookup_handle(hdev, handle);
2535 if (!conn)
2536 continue;
2537
2538 conn->sent -= block_count;
2539
2540 switch (conn->type) {
2541 case ACL_LINK:
2542 hdev->block_cnt += block_count;
2543 if (hdev->block_cnt > hdev->num_blocks)
2544 hdev->block_cnt = hdev->num_blocks;
2545 break;
2546
2547 default:
2548 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2549 break;
2550 }
2551 }
2552
2553 queue_work(hdev->workqueue, &hdev->tx_work);
2554}
2555
a9de9248 2556static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2557{
a9de9248 2558 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2559 struct hci_conn *conn;
2560
2561 BT_DBG("%s status %d", hdev->name, ev->status);
2562
2563 hci_dev_lock(hdev);
2564
2565 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2566 if (conn) {
2567 conn->mode = ev->mode;
2568 conn->interval = __le16_to_cpu(ev->interval);
2569
51a8efd7 2570 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2571 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2572 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2573 else
58a681ef 2574 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2575 }
e73439d8 2576
51a8efd7 2577 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2578 hci_sco_setup(conn, ev->status);
04837f64
MH		 2579 }
2580
2581 hci_dev_unlock(hdev);
2582}
2583
a9de9248
MH		 2584static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2585{
052b30b0
MH		 2586 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2587 struct hci_conn *conn;
2588
a9de9248 2589 BT_DBG("%s", hdev->name);
052b30b0
MH		 2590
2591 hci_dev_lock(hdev);
2592
2593 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2594 if (!conn)
2595 goto unlock;
2596
2597 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2598 hci_conn_hold(conn);
2599 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2600 hci_conn_put(conn);
2601 }
2602
a8b2d5c2 2603 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2604 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2605 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2606 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2607 u8 secure;
2608
2609 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2610 secure = 1;
2611 else
2612 secure = 0;
2613
744cf19e 2614 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2615 }
980e1a53 2616
b6f98044 2617unlock:
052b30b0 2618 hci_dev_unlock(hdev);
a9de9248
MH		 2619}
2620
2621static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2622{
55ed8ca1
JH		 2623 struct hci_ev_link_key_req *ev = (void *) skb->data;
2624 struct hci_cp_link_key_reply cp;
2625 struct hci_conn *conn;
2626 struct link_key *key;
2627
a9de9248 2628 BT_DBG("%s", hdev->name);
55ed8ca1 2629
a8b2d5c2 2630 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2631 return;
2632
2633 hci_dev_lock(hdev);
2634
2635 key = hci_find_link_key(hdev, &ev->bdaddr);
2636 if (!key) {
2637 BT_DBG("%s link key not found for %s", hdev->name,
2638 batostr(&ev->bdaddr));
2639 goto not_found;
2640 }
2641
2642 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2643 batostr(&ev->bdaddr));
2644
a8b2d5c2 2645 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2646 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2647 BT_DBG("%s ignoring debug key", hdev->name);
2648 goto not_found;
2649 }
2650
2651 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2652 if (conn) {
2653 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2654 conn->auth_type != 0xff &&
2655 (conn->auth_type & 0x01)) {
2656 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2657 goto not_found;
2658 }
55ed8ca1 2659
60b83f57
WR		 2660 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2661 conn->pending_sec_level == BT_SECURITY_HIGH) {
2662 BT_DBG("%s ignoring key unauthenticated for high \
2663 security", hdev->name);
2664 goto not_found;
2665 }
2666
2667 conn->key_type = key->type;
2668 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2669 }
2670
2671 bacpy(&cp.bdaddr, &ev->bdaddr);
2672 memcpy(cp.link_key, key->val, 16);
2673
2674 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2675
2676 hci_dev_unlock(hdev);
2677
2678 return;
2679
2680not_found:
2681 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2682 hci_dev_unlock(hdev);
a9de9248
MH		 2683}
2684
2685static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2686{
052b30b0
MH		 2687 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2688 struct hci_conn *conn;
55ed8ca1 2689 u8 pin_len = 0;
052b30b0 2690
a9de9248 2691 BT_DBG("%s", hdev->name);
052b30b0
MH		 2692
2693 hci_dev_lock(hdev);
2694
2695 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2696 if (conn) {
2697 hci_conn_hold(conn);
2698 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2699 pin_len = conn->pin_length;
13d39315
WR		 2700
2701 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2702 conn->key_type = ev->key_type;
2703
052b30b0
MH		 2704 hci_conn_put(conn);
2705 }
2706
a8b2d5c2 2707 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2708 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2709 ev->key_type, pin_len);
2710
052b30b0 2711 hci_dev_unlock(hdev);
a9de9248
MH		 2712}
2713
1da177e4
LT		 2714static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2715{
a9de9248 2716 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2717 struct hci_conn *conn;
1da177e4
LT		 2718
2719 BT_DBG("%s status %d", hdev->name, ev->status);
2720
2721 hci_dev_lock(hdev);
2722
04837f64 2723 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2724 if (conn && !ev->status) {
2725 struct inquiry_entry *ie;
2726
cc11b9c1
AE		 2727 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2728 if (ie) {
1da177e4
LT		 2729 ie->data.clock_offset = ev->clock_offset;
2730 ie->timestamp = jiffies;
2731 }
2732 }
2733
2734 hci_dev_unlock(hdev);
2735}
2736
a8746417
MH		 2737static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2738{
2739 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2740 struct hci_conn *conn;
2741
2742 BT_DBG("%s status %d", hdev->name, ev->status);
2743
2744 hci_dev_lock(hdev);
2745
2746 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2747 if (conn && !ev->status)
2748 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2749
2750 hci_dev_unlock(hdev);
2751}
2752
85a1e930
MH		 2753static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2754{
a9de9248 2755 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2756 struct inquiry_entry *ie;
2757
2758 BT_DBG("%s", hdev->name);
2759
2760 hci_dev_lock(hdev);
2761
cc11b9c1
AE		 2762 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2763 if (ie) {
85a1e930
MH		 2764 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2765 ie->timestamp = jiffies;
2766 }
2767
2768 hci_dev_unlock(hdev);
2769}
2770
a9de9248
MH		 2771static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2772{
2773 struct inquiry_data data;
2774 int num_rsp = *((__u8 *) skb->data);
3175405b 2775 bool name_known;
a9de9248
MH		 2776
2777 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2778
2779 if (!num_rsp)
2780 return;
2781
2782 hci_dev_lock(hdev);
2783
2784 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2785 struct inquiry_info_with_rssi_and_pscan_mode *info;
2786 info = (void *) (skb->data + 1);
a9de9248 2787
e17acd40 2788 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2789 bacpy(&data.bdaddr, &info->bdaddr);
2790 data.pscan_rep_mode = info->pscan_rep_mode;
2791 data.pscan_period_mode = info->pscan_period_mode;
2792 data.pscan_mode = info->pscan_mode;
2793 memcpy(data.dev_class, info->dev_class, 3);
2794 data.clock_offset = info->clock_offset;
2795 data.rssi = info->rssi;
41a96212 2796 data.ssp_mode = 0x00;
3175405b
JH		 2797
2798 name_known = hci_inquiry_cache_update(hdev, &data,
2799 false);
48264f06 2800 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2801 info->dev_class, info->rssi,
7d262f86 2802 !name_known, NULL, 0);
a9de9248
MH		 2803 }
2804 } else {
2805 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2806
e17acd40 2807 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2808 bacpy(&data.bdaddr, &info->bdaddr);
2809 data.pscan_rep_mode = info->pscan_rep_mode;
2810 data.pscan_period_mode = info->pscan_period_mode;
2811 data.pscan_mode = 0x00;
2812 memcpy(data.dev_class, info->dev_class, 3);
2813 data.clock_offset = info->clock_offset;
2814 data.rssi = info->rssi;
41a96212 2815 data.ssp_mode = 0x00;
3175405b
JH		 2816 name_known = hci_inquiry_cache_update(hdev, &data,
2817 false);
48264f06 2818 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2819 info->dev_class, info->rssi,
7d262f86 2820 !name_known, NULL, 0);
a9de9248
MH		 2821 }
2822 }
2823
2824 hci_dev_unlock(hdev);
2825}
2826
2827static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2828{
41a96212
MH		 2829 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2830 struct hci_conn *conn;
2831
a9de9248 2832 BT_DBG("%s", hdev->name);
41a96212 2833
41a96212
MH		 2834 hci_dev_lock(hdev);
2835
2836 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2837 if (!conn)
2838 goto unlock;
41a96212 2839
ccd556fe
JH		 2840 if (!ev->status && ev->page == 0x01) {
2841 struct inquiry_entry *ie;
41a96212 2842
cc11b9c1
AE		 2843 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2844 if (ie)
ccd556fe 2845 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2846
58a681ef
JH		 2847 if (ev->features[0] & 0x01)
2848 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2849 }
2850
2851 if (conn->state != BT_CONFIG)
2852 goto unlock;
2853
127178d2
JH		 2854 if (!ev->status) {
2855 struct hci_cp_remote_name_req cp;
2856 memset(&cp, 0, sizeof(cp));
2857 bacpy(&cp.bdaddr, &conn->dst);
2858 cp.pscan_rep_mode = 0x02;
2859 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2860 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2861 mgmt_device_connected(hdev, &conn->dst, conn->type,
2862 conn->dst_type, NULL, 0,
2863 conn->dev_class);
392599b9 2864
127178d2 2865 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2866 conn->state = BT_CONNECTED;
2867 hci_proto_connect_cfm(conn, ev->status);
2868 hci_conn_put(conn);
41a96212
MH		 2869 }
2870
ccd556fe 2871unlock:
41a96212 2872 hci_dev_unlock(hdev);
a9de9248
MH		 2873}
2874
2875static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2876{
b6a0dc82
MH		 2877 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2878 struct hci_conn *conn;
2879
2880 BT_DBG("%s status %d", hdev->name, ev->status);
2881
2882 hci_dev_lock(hdev);
2883
2884 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2885 if (!conn) {
2886 if (ev->link_type == ESCO_LINK)
2887 goto unlock;
2888
2889 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2890 if (!conn)
2891 goto unlock;
2892
2893 conn->type = SCO_LINK;
2894 }
b6a0dc82 2895
732547f9
MH		 2896 switch (ev->status) {
2897 case 0x00:
b6a0dc82
MH		 2898 conn->handle = __le16_to_cpu(ev->handle);
2899 conn->state = BT_CONNECTED;
7d0db0a3 2900
9eba32b8 2901 hci_conn_hold_device(conn);
7d0db0a3 2902 hci_conn_add_sysfs(conn);
732547f9
MH		 2903 break;
2904
705e5711 2905 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2906 case 0x1c: /* SCO interval rejected */
1038a00b 2907 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2908 case 0x1f: /* Unspecified error */
2909 if (conn->out && conn->attempt < 2) {
2910 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2911 (hdev->esco_type & EDR_ESCO_MASK);
2912 hci_setup_sync(conn, conn->link->handle);
2913 goto unlock;
2914 }
2915 /* fall through */
2916
2917 default:
b6a0dc82 2918 conn->state = BT_CLOSED;
732547f9
MH		 2919 break;
2920 }
b6a0dc82
MH		 2921
2922 hci_proto_connect_cfm(conn, ev->status);
2923 if (ev->status)
2924 hci_conn_del(conn);
2925
2926unlock:
2927 hci_dev_unlock(hdev);
a9de9248
MH		 2928}
2929
2930static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2931{
2932 BT_DBG("%s", hdev->name);
2933}
2934
04837f64
MH		 2935static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2936{
a9de9248 2937 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2938
2939 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2940}
2941
a9de9248 2942static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2943{
a9de9248
MH		 2944 struct inquiry_data data;
2945 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2946 int num_rsp = *((__u8 *) skb->data);
1da177e4 2947
a9de9248 2948 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2949
a9de9248
MH		 2950 if (!num_rsp)
2951 return;
1da177e4 2952
a9de9248
MH		 2953 hci_dev_lock(hdev);
2954
e17acd40 2955 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2956 bool name_known;
2957
a9de9248 2958 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2959 data.pscan_rep_mode = info->pscan_rep_mode;
2960 data.pscan_period_mode = info->pscan_period_mode;
2961 data.pscan_mode = 0x00;
a9de9248 2962 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2963 data.clock_offset = info->clock_offset;
2964 data.rssi = info->rssi;
41a96212 2965 data.ssp_mode = 0x01;
561aafbc 2966
a8b2d5c2 2967 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2968 name_known = eir_has_data_type(info->data,
2969 sizeof(info->data),
2970 EIR_NAME_COMPLETE);
561aafbc
JH		 2971 else
2972 name_known = true;
2973
3175405b 2974 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2975 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2976 info->dev_class, info->rssi,
7d262f86
AG		 2977 !name_known, info->data,
2978 sizeof(info->data));
a9de9248
MH		 2979 }
2980
2981 hci_dev_unlock(hdev);
2982}
1da177e4 2983
17fa4b9d
JH		 2984static inline u8 hci_get_auth_req(struct hci_conn *conn)
2985{
2986 /* If remote requests dedicated bonding follow that lead */
2987 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2988 /* If both remote and local IO capabilities allow MITM
2989 * protection then require it, otherwise don't */
2990 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2991 return 0x02;
2992 else
2993 return 0x03;
2994 }
2995
2996 /* If remote requests no-bonding follow that lead */
2997 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2998 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2999
3000 return conn->auth_type;
3001}
3002
0493684e
MH		 3003static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3004{
3005 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3006 struct hci_conn *conn;
3007
3008 BT_DBG("%s", hdev->name);
3009
3010 hci_dev_lock(hdev);
3011
3012 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3013 if (!conn)
3014 goto unlock;
3015
3016 hci_conn_hold(conn);
3017
a8b2d5c2 3018 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3019 goto unlock;
3020
a8b2d5c2 3021 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 3022 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3023 struct hci_cp_io_capability_reply cp;
3024
3025 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3026 /* Change the IO capability from KeyboardDisplay
3027 * to DisplayYesNo as it is not supported by BT spec. */
3028 cp.capability = (conn->io_capability == 0x04) ?
3029 0x01 : conn->io_capability;
7cbc9bd9
JH		 3030 conn->auth_type = hci_get_auth_req(conn);
3031 cp.authentication = conn->auth_type;
17fa4b9d 3032
58a681ef 3033 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 3034 hci_find_remote_oob_data(hdev, &conn->dst))
3035 cp.oob_data = 0x01;
3036 else
3037 cp.oob_data = 0x00;
3038
17fa4b9d
JH		 3039 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3040 sizeof(cp), &cp);
03b555e1
JH		 3041 } else {
3042 struct hci_cp_io_capability_neg_reply cp;
3043
3044 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3045 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3046
03b555e1
JH		 3047 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3048 sizeof(cp), &cp);
3049 }
3050
3051unlock:
3052 hci_dev_unlock(hdev);
3053}
3054
3055static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3056{
3057 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3058 struct hci_conn *conn;
3059
3060 BT_DBG("%s", hdev->name);
3061
3062 hci_dev_lock(hdev);
3063
3064 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3065 if (!conn)
3066 goto unlock;
3067
03b555e1 3068 conn->remote_cap = ev->capability;
03b555e1 3069 conn->remote_auth = ev->authentication;
58a681ef
JH		 3070 if (ev->oob_data)
3071 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3072
3073unlock:
0493684e
MH		 3074 hci_dev_unlock(hdev);
3075}
3076
a5c29683
JH		 3077static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3078 struct sk_buff *skb)
3079{
3080 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3081 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3082 struct hci_conn *conn;
a5c29683
JH		 3083
3084 BT_DBG("%s", hdev->name);
3085
3086 hci_dev_lock(hdev);
3087
a8b2d5c2 3088 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3089 goto unlock;
a5c29683 3090
7a828908
JH		 3091 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3092 if (!conn)
3093 goto unlock;
3094
3095 loc_mitm = (conn->auth_type & 0x01);
3096 rem_mitm = (conn->remote_auth & 0x01);
3097
3098 /* If we require MITM but the remote device can't provide that
3099 * (it has NoInputNoOutput) then reject the confirmation
3100 * request. The only exception is when we're dedicated bonding
3101 * initiators (connect_cfm_cb set) since then we always have the MITM
3102 * bit set. */
3103 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3104 BT_DBG("Rejecting request: remote device can't provide MITM");
3105 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3106 sizeof(ev->bdaddr), &ev->bdaddr);
3107 goto unlock;
3108 }
3109
3110 /* If no side requires MITM protection; auto-accept */
3111 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3112 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3113
3114 /* If we're not the initiators request authorization to
3115 * proceed from user space (mgmt_user_confirm with
3116 * confirm_hint set to 1). */
51a8efd7 3117 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3118 BT_DBG("Confirming auto-accept as acceptor");
3119 confirm_hint = 1;
3120 goto confirm;
3121 }
3122
9f61656a
JH		 3123 BT_DBG("Auto-accept of user confirmation with %ums delay",
3124 hdev->auto_accept_delay);
3125
3126 if (hdev->auto_accept_delay > 0) {
3127 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3128 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3129 goto unlock;
3130 }
3131
7a828908
JH		 3132 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3133 sizeof(ev->bdaddr), &ev->bdaddr);
3134 goto unlock;
3135 }
3136
55bc1a37 3137confirm:
272d90df 3138 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
55bc1a37 3139 confirm_hint);
7a828908
JH		 3140
3141unlock:
a5c29683
JH		 3142 hci_dev_unlock(hdev);
3143}
3144
1143d458
BG		 3145static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3146 struct sk_buff *skb)
3147{
3148 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3149
3150 BT_DBG("%s", hdev->name);
3151
3152 hci_dev_lock(hdev);
3153
a8b2d5c2 3154 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3155 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3156
3157 hci_dev_unlock(hdev);
3158}
3159
0493684e
MH		 3160static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3161{
3162 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3163 struct hci_conn *conn;
3164
3165 BT_DBG("%s", hdev->name);
3166
3167 hci_dev_lock(hdev);
3168
3169 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3170 if (!conn)
3171 goto unlock;
3172
3173 /* To avoid duplicate auth_failed events to user space we check
3174 * the HCI_CONN_AUTH_PEND flag which will be set if we
3175 * initiated the authentication. A traditional auth_complete
3176 * event gets always produced as initiator and is also mapped to
3177 * the mgmt_auth_failed event */
51a8efd7 3178 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
bab73cb6
JH		 3179 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3180 ev->status);
0493684e 3181
2a611692
JH		 3182 hci_conn_put(conn);
3183
3184unlock:
0493684e
MH		 3185 hci_dev_unlock(hdev);
3186}
3187
41a96212
MH		 3188static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3189{
3190 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3191 struct inquiry_entry *ie;
3192
3193 BT_DBG("%s", hdev->name);
3194
3195 hci_dev_lock(hdev);
3196
cc11b9c1
AE		 3197 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3198 if (ie)
41a96212
MH		 3199 ie->data.ssp_mode = (ev->features[0] & 0x01);
3200
3201 hci_dev_unlock(hdev);
3202}
3203
2763eda6
SJ		 3204static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3205 struct sk_buff *skb)
3206{
3207 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3208 struct oob_data *data;
3209
3210 BT_DBG("%s", hdev->name);
3211
3212 hci_dev_lock(hdev);
3213
a8b2d5c2 3214 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3215 goto unlock;
3216
2763eda6
SJ		 3217 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3218 if (data) {
3219 struct hci_cp_remote_oob_data_reply cp;
3220
3221 bacpy(&cp.bdaddr, &ev->bdaddr);
3222 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3223 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3224
3225 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3226 &cp);
3227 } else {
3228 struct hci_cp_remote_oob_data_neg_reply cp;
3229
3230 bacpy(&cp.bdaddr, &ev->bdaddr);
3231 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3232 &cp);
3233 }
3234
e1ba1f15 3235unlock:
2763eda6
SJ		 3236 hci_dev_unlock(hdev);
3237}
3238
fcd89c09
VT		 3239static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3240{
3241 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3242 struct hci_conn *conn;
3243
3244 BT_DBG("%s status %d", hdev->name, ev->status);
3245
3246 hci_dev_lock(hdev);
3247
3248 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3249 if (!conn) {
3250 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3251 if (!conn) {
3252 BT_ERR("No memory for new connection");
3253 hci_dev_unlock(hdev);
3254 return;
3255 }
29b7988a
AG		 3256
3257 conn->dst_type = ev->bdaddr_type;
b62f328b 3258 }
fcd89c09
VT		 3259
3260 if (ev->status) {
48264f06
JH		 3261 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3262 conn->dst_type, ev->status);
fcd89c09
VT		 3263 hci_proto_connect_cfm(conn, ev->status);
3264 conn->state = BT_CLOSED;
3265 hci_conn_del(conn);
3266 goto unlock;
3267 }
3268
b644ba33
JH		 3269 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3270 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3271 conn->dst_type, NULL, 0, 0);
83bc71b4 3272
7b5c0d52 3273 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3274 conn->handle = __le16_to_cpu(ev->handle);
3275 conn->state = BT_CONNECTED;
3276
3277 hci_conn_hold_device(conn);
3278 hci_conn_add_sysfs(conn);
3279
3280 hci_proto_connect_cfm(conn, ev->status);
3281
3282unlock:
3283 hci_dev_unlock(hdev);
3284}
3285
9aa04c91
AG		 3286static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3287 struct sk_buff *skb)
3288{
e95beb41
AG		 3289 u8 num_reports = skb->data[0];
3290 void *ptr = &skb->data[1];
3c9e9195 3291 s8 rssi;
9aa04c91
AG		 3292
3293 hci_dev_lock(hdev);
3294
e95beb41
AG		 3295 while (num_reports--) {
3296 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3297
9aa04c91 3298 hci_add_adv_entry(hdev, ev);
e95beb41 3299
3c9e9195
AG		 3300 rssi = ev->data[ev->length];
3301 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3302 NULL, rssi, 0, ev->data, ev->length);
3303
e95beb41 3304 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3305 }
3306
3307 hci_dev_unlock(hdev);
3308}
3309
a7a595f6
VCG		 3310static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3311 struct sk_buff *skb)
3312{
3313 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3314 struct hci_cp_le_ltk_reply cp;
bea710fe 3315 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3316 struct hci_conn *conn;
c9839a11 3317 struct smp_ltk *ltk;
a7a595f6
VCG		 3318
3319 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3320
3321 hci_dev_lock(hdev);
3322
3323 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3324 if (conn == NULL)
3325 goto not_found;
a7a595f6 3326
bea710fe
VCG		 3327 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3328 if (ltk == NULL)
3329 goto not_found;
3330
3331 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3332 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3333
3334 if (ltk->authenticated)
3335 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3336
3337 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3338
c9839a11
VCG		 3339 if (ltk->type & HCI_SMP_STK) {
3340 list_del(&ltk->list);
3341 kfree(ltk);
3342 }
3343
a7a595f6 3344 hci_dev_unlock(hdev);
bea710fe
VCG		 3345
3346 return;
3347
3348not_found:
3349 neg.handle = ev->handle;
3350 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3351 hci_dev_unlock(hdev);
a7a595f6
VCG		 3352}
3353
fcd89c09
VT		 3354static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3355{
3356 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3357
3358 skb_pull(skb, sizeof(*le_ev));
3359
3360 switch (le_ev->subevent) {
3361 case HCI_EV_LE_CONN_COMPLETE:
3362 hci_le_conn_complete_evt(hdev, skb);
3363 break;
3364
9aa04c91
AG		 3365 case HCI_EV_LE_ADVERTISING_REPORT:
3366 hci_le_adv_report_evt(hdev, skb);
3367 break;
3368
a7a595f6
VCG		 3369 case HCI_EV_LE_LTK_REQ:
3370 hci_le_ltk_request_evt(hdev, skb);
3371 break;
3372
fcd89c09
VT		 3373 default:
3374 break;
3375 }
3376}
3377
a9de9248
MH		 3378void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3379{
3380 struct hci_event_hdr *hdr = (void *) skb->data;
3381 __u8 event = hdr->evt;
3382
3383 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3384
3385 switch (event) {
1da177e4
LT		 3386 case HCI_EV_INQUIRY_COMPLETE:
3387 hci_inquiry_complete_evt(hdev, skb);
3388 break;
3389
3390 case HCI_EV_INQUIRY_RESULT:
3391 hci_inquiry_result_evt(hdev, skb);
3392 break;
3393
a9de9248
MH		 3394 case HCI_EV_CONN_COMPLETE:
3395 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3396 break;
3397
1da177e4
LT		 3398 case HCI_EV_CONN_REQUEST:
3399 hci_conn_request_evt(hdev, skb);
3400 break;
3401
1da177e4
LT		 3402 case HCI_EV_DISCONN_COMPLETE:
3403 hci_disconn_complete_evt(hdev, skb);
3404 break;
3405
1da177e4
LT		 3406 case HCI_EV_AUTH_COMPLETE:
3407 hci_auth_complete_evt(hdev, skb);
3408 break;
3409
a9de9248
MH		 3410 case HCI_EV_REMOTE_NAME:
3411 hci_remote_name_evt(hdev, skb);
3412 break;
3413
1da177e4
LT		 3414 case HCI_EV_ENCRYPT_CHANGE:
3415 hci_encrypt_change_evt(hdev, skb);
3416 break;
3417
a9de9248
MH		 3418 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3419 hci_change_link_key_complete_evt(hdev, skb);
3420 break;
3421
3422 case HCI_EV_REMOTE_FEATURES:
3423 hci_remote_features_evt(hdev, skb);
3424 break;
3425
3426 case HCI_EV_REMOTE_VERSION:
3427 hci_remote_version_evt(hdev, skb);
3428 break;
3429
3430 case HCI_EV_QOS_SETUP_COMPLETE:
3431 hci_qos_setup_complete_evt(hdev, skb);
3432 break;
3433
3434 case HCI_EV_CMD_COMPLETE:
3435 hci_cmd_complete_evt(hdev, skb);
3436 break;
3437
3438 case HCI_EV_CMD_STATUS:
3439 hci_cmd_status_evt(hdev, skb);
3440 break;
3441
3442 case HCI_EV_ROLE_CHANGE:
3443 hci_role_change_evt(hdev, skb);
3444 break;
3445
3446 case HCI_EV_NUM_COMP_PKTS:
3447 hci_num_comp_pkts_evt(hdev, skb);
3448 break;
3449
3450 case HCI_EV_MODE_CHANGE:
3451 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3452 break;
3453
3454 case HCI_EV_PIN_CODE_REQ:
3455 hci_pin_code_request_evt(hdev, skb);
3456 break;
3457
3458 case HCI_EV_LINK_KEY_REQ:
3459 hci_link_key_request_evt(hdev, skb);
3460 break;
3461
3462 case HCI_EV_LINK_KEY_NOTIFY:
3463 hci_link_key_notify_evt(hdev, skb);
3464 break;
3465
3466 case HCI_EV_CLOCK_OFFSET:
3467 hci_clock_offset_evt(hdev, skb);
3468 break;
3469
a8746417
MH		 3470 case HCI_EV_PKT_TYPE_CHANGE:
3471 hci_pkt_type_change_evt(hdev, skb);
3472 break;
3473
85a1e930
MH		 3474 case HCI_EV_PSCAN_REP_MODE:
3475 hci_pscan_rep_mode_evt(hdev, skb);
3476 break;
3477
a9de9248
MH		 3478 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3479 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3480 break;
3481
a9de9248
MH		 3482 case HCI_EV_REMOTE_EXT_FEATURES:
3483 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3484 break;
3485
a9de9248
MH		 3486 case HCI_EV_SYNC_CONN_COMPLETE:
3487 hci_sync_conn_complete_evt(hdev, skb);
3488 break;
1da177e4 3489
a9de9248
MH		 3490 case HCI_EV_SYNC_CONN_CHANGED:
3491 hci_sync_conn_changed_evt(hdev, skb);
3492 break;
1da177e4 3493
a9de9248
MH		 3494 case HCI_EV_SNIFF_SUBRATE:
3495 hci_sniff_subrate_evt(hdev, skb);
3496 break;
1da177e4 3497
a9de9248
MH		 3498 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3499 hci_extended_inquiry_result_evt(hdev, skb);
3500 break;
1da177e4 3501
0493684e
MH		 3502 case HCI_EV_IO_CAPA_REQUEST:
3503 hci_io_capa_request_evt(hdev, skb);
3504 break;
3505
03b555e1
JH		 3506 case HCI_EV_IO_CAPA_REPLY:
3507 hci_io_capa_reply_evt(hdev, skb);
3508 break;
3509
a5c29683
JH		 3510 case HCI_EV_USER_CONFIRM_REQUEST:
3511 hci_user_confirm_request_evt(hdev, skb);
3512 break;
3513
1143d458
BG		 3514 case HCI_EV_USER_PASSKEY_REQUEST:
3515 hci_user_passkey_request_evt(hdev, skb);
3516 break;
3517
0493684e
MH		 3518 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3519 hci_simple_pair_complete_evt(hdev, skb);
3520 break;
3521
41a96212
MH		 3522 case HCI_EV_REMOTE_HOST_FEATURES:
3523 hci_remote_host_features_evt(hdev, skb);
3524 break;
3525
fcd89c09
VT		 3526 case HCI_EV_LE_META:
3527 hci_le_meta_evt(hdev, skb);
3528 break;
3529
2763eda6
SJ		 3530 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3531 hci_remote_oob_data_request_evt(hdev, skb);
3532 break;
3533
25e89e99
AE		 3534 case HCI_EV_NUM_COMP_BLOCKS:
3535 hci_num_comp_blocks_evt(hdev, skb);
3536 break;
3537
a9de9248
MH		 3538 default:
3539 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3540 break;
3541 }
3542
3543 kfree_skb(skb);
3544 hdev->stat.evt_rx++;
3545}
kernel source for telekom puls (alcatel/mediatek)