projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: A2MP: Add fallback to normal l2cap init sequence
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
8c520a59 27#include <linux/export.h>
1da177e4
LT		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
f0d6a0ea 32#include <net/bluetooth/mgmt.h>
8e2a0d92 33#include <net/bluetooth/a2mp.h>
903e4541 34#include <net/bluetooth/amp.h>
1da177e4 35
1da177e4
LT		 36/* Handle HCI Event packets */
37
a9de9248 38static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 39{
a9de9248 40 __u8 status = *((__u8 *) skb->data);
1da177e4 41
9f1db00c 42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 43
e6d465cb
AG		 44 if (status) {
45 hci_dev_lock(hdev);
46 mgmt_stop_discovery_failed(hdev, status);
47 hci_dev_unlock(hdev);
a9de9248 48 return;
e6d465cb 49 }
1da177e4 50
89352e7d
AG		 51 clear_bit(HCI_INQUIRY, &hdev->flags);
52
56e5cb86 53 hci_dev_lock(hdev);
ff9ef578 54 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 55 hci_dev_unlock(hdev);
6bd57416 56
23bb5763 57 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 58
59 hci_conn_check_pending(hdev);
60}
6bd57416 61
4d93483b
AG		 62static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
63{
64 __u8 status = *((__u8 *) skb->data);
65
9f1db00c 66 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 67
68 if (status)
69 return;
70
71 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 72}
73
a9de9248
MH		 74static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
75{
76 __u8 status = *((__u8 *) skb->data);
6bd57416 77
9f1db00c 78 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 79
a9de9248
MH		 80 if (status)
81 return;
1da177e4 82
ae854a70
AG		 83 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
807deac2
GP		 88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
89 struct sk_buff *skb)
a9de9248
MH		 90{
91 BT_DBG("%s", hdev->name);
92}
93
94static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95{
96 struct hci_rp_role_discovery *rp = (void *) skb->data;
97 struct hci_conn *conn;
98
9f1db00c 99 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 100
101 if (rp->status)
102 return;
103
104 hci_dev_lock(hdev);
105
106 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
107 if (conn) {
108 if (rp->role)
109 conn->link_mode &= ~HCI_LM_MASTER;
110 else
111 conn->link_mode |= HCI_LM_MASTER;
1da177e4 112 }
a9de9248
MH		 113
114 hci_dev_unlock(hdev);
1da177e4
LT		 115}
116
e4e8e37c
MH		 117static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118{
119 struct hci_rp_read_link_policy *rp = (void *) skb->data;
120 struct hci_conn *conn;
121
9f1db00c 122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 123
124 if (rp->status)
125 return;
126
127 hci_dev_lock(hdev);
128
129 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 if (conn)
131 conn->link_policy = __le16_to_cpu(rp->policy);
132
133 hci_dev_unlock(hdev);
134}
135
a9de9248 136static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 137{
a9de9248 138 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 139 struct hci_conn *conn;
04837f64 140 void *sent;
1da177e4 141
9f1db00c 142 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 143
a9de9248
MH		 144 if (rp->status)
145 return;
1da177e4 146
a9de9248
MH		 147 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
148 if (!sent)
149 return;
1da177e4 150
a9de9248 151 hci_dev_lock(hdev);
1da177e4 152
a9de9248 153 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 154 if (conn)
83985319 155 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 156
a9de9248
MH		 157 hci_dev_unlock(hdev);
158}
1da177e4 159
807deac2
GP		 160static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
161 struct sk_buff *skb)
e4e8e37c
MH		 162{
163 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
164
9f1db00c 165 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 166
167 if (rp->status)
168 return;
169
170 hdev->link_policy = __le16_to_cpu(rp->policy);
171}
172
807deac2
GP		 173static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
174 struct sk_buff *skb)
e4e8e37c
MH		 175{
176 __u8 status = *((__u8 *) skb->data);
177 void *sent;
178
9f1db00c 179 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 180
181 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
182 if (!sent)
183 return;
184
185 if (!status)
186 hdev->link_policy = get_unaligned_le16(sent);
187
23bb5763 188 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 189}
190
a9de9248
MH		 191static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
192{
193 __u8 status = *((__u8 *) skb->data);
04837f64 194
9f1db00c 195 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 196
10572132
GP		 197 clear_bit(HCI_RESET, &hdev->flags);
198
23bb5763 199 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 200
a297e97c 201 /* Reset all non-persistent flags */
ae854a70
AG		 202 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
203 BIT(HCI_PERIODIC_INQ));
69775ff6
AG		 204
205 hdev->discovery.state = DISCOVERY_STOPPED;
a9de9248 206}
04837f64 207
a9de9248
MH		 208static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
209{
210 __u8 status = *((__u8 *) skb->data);
211 void *sent;
04837f64 212
9f1db00c 213 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 214
a9de9248
MH		 215 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
216 if (!sent)
217 return;
04837f64 218
56e5cb86
JH		 219 hci_dev_lock(hdev);
220
f51d5b24
JH		 221 if (test_bit(HCI_MGMT, &hdev->dev_flags))
222 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 223 else if (!status)
224 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 225
56e5cb86 226 hci_dev_unlock(hdev);
3159d384
JH		 227
228 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
a9de9248
MH		 229}
230
231static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
232{
233 struct hci_rp_read_local_name *rp = (void *) skb->data;
234
9f1db00c 235 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 236
237 if (rp->status)
238 return;
239
db99b5fc
JH		 240 if (test_bit(HCI_SETUP, &hdev->dev_flags))
241 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 242}
243
244static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
245{
246 __u8 status = *((__u8 *) skb->data);
247 void *sent;
248
9f1db00c 249 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 250
251 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
252 if (!sent)
253 return;
254
255 if (!status) {
256 __u8 param = *((__u8 *) sent);
257
258 if (param == AUTH_ENABLED)
259 set_bit(HCI_AUTH, &hdev->flags);
260 else
261 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 262 }
a9de9248 263
33ef95ed
JH		 264 if (test_bit(HCI_MGMT, &hdev->dev_flags))
265 mgmt_auth_enable_complete(hdev, status);
266
23bb5763 267 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 268}
269
a9de9248 270static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 271{
a9de9248 272 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 273 void *sent;
274
9f1db00c 275 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 276
a9de9248
MH		 277 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
278 if (!sent)
279 return;
1da177e4 280
a9de9248
MH		 281 if (!status) {
282 __u8 param = *((__u8 *) sent);
283
284 if (param)
285 set_bit(HCI_ENCRYPT, &hdev->flags);
286 else
287 clear_bit(HCI_ENCRYPT, &hdev->flags);
288 }
1da177e4 289
23bb5763 290 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 291}
1da177e4 292
a9de9248
MH		 293static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
294{
36f7fc7e
JH		 295 __u8 param, status = *((__u8 *) skb->data);
296 int old_pscan, old_iscan;
a9de9248 297 void *sent;
1da177e4 298
9f1db00c 299 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 300
a9de9248
MH		 301 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
302 if (!sent)
303 return;
1da177e4 304
36f7fc7e
JH		 305 param = *((__u8 *) sent);
306
56e5cb86
JH		 307 hci_dev_lock(hdev);
308
fa1bd918 309 if (status) {
744cf19e 310 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 311 hdev->discov_timeout = 0;
312 goto done;
313 }
314
36f7fc7e
JH		 315 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
316 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
317
318 if (param & SCAN_INQUIRY) {
319 set_bit(HCI_ISCAN, &hdev->flags);
320 if (!old_iscan)
744cf19e 321 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 322 if (hdev->discov_timeout > 0) {
323 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
324 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 325 to);
16ab91ab 326 }
36f7fc7e 327 } else if (old_iscan)
744cf19e 328 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 329
330 if (param & SCAN_PAGE) {
331 set_bit(HCI_PSCAN, &hdev->flags);
332 if (!old_pscan)
744cf19e 333 mgmt_connectable(hdev, 1);
36f7fc7e 334 } else if (old_pscan)
744cf19e 335 mgmt_connectable(hdev, 0);
1da177e4 336
36f7fc7e 337done:
56e5cb86 338 hci_dev_unlock(hdev);
23bb5763 339 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 340}
1da177e4 341
a9de9248
MH		 342static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
343{
344 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 345
9f1db00c 346 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 347
a9de9248
MH		 348 if (rp->status)
349 return;
1da177e4 350
a9de9248 351 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 352
a9de9248 353 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 354 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 355}
1da177e4 356
a9de9248
MH		 357static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
358{
359 __u8 status = *((__u8 *) skb->data);
360 void *sent;
1da177e4 361
9f1db00c 362 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 363
a9de9248
MH		 364 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
365 if (!sent)
366 return;
1da177e4 367
7f9a903c
MH		 368 hci_dev_lock(hdev);
369
370 if (status == 0)
371 memcpy(hdev->dev_class, sent, 3);
372
373 if (test_bit(HCI_MGMT, &hdev->dev_flags))
374 mgmt_set_class_of_dev_complete(hdev, sent, status);
375
376 hci_dev_unlock(hdev);
a9de9248 377}
1da177e4 378
a9de9248
MH		 379static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
380{
381 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
382 __u16 setting;
383
9f1db00c 384 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 385
386 if (rp->status)
387 return;
388
389 setting = __le16_to_cpu(rp->voice_setting);
390
f383f275 391 if (hdev->voice_setting == setting)
a9de9248
MH		 392 return;
393
394 hdev->voice_setting = setting;
395
9f1db00c 396 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 397
3c54711c 398 if (hdev->notify)
a9de9248 399 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 400}
401
8fc9ced3
GP		 402static void hci_cc_write_voice_setting(struct hci_dev *hdev,
403 struct sk_buff *skb)
a9de9248
MH		 404{
405 __u8 status = *((__u8 *) skb->data);
f383f275 406 __u16 setting;
a9de9248
MH		 407 void *sent;
408
9f1db00c 409 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 410
f383f275
MH		 411 if (status)
412 return;
413
a9de9248
MH		 414 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
415 if (!sent)
416 return;
1da177e4 417
f383f275 418 setting = get_unaligned_le16(sent);
1da177e4 419
f383f275
MH		 420 if (hdev->voice_setting == setting)
421 return;
422
423 hdev->voice_setting = setting;
1da177e4 424
9f1db00c 425 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 426
3c54711c 427 if (hdev->notify)
f383f275 428 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 429}
430
a9de9248 431static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 432{
a9de9248 433 __u8 status = *((__u8 *) skb->data);
1da177e4 434
9f1db00c 435 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 436
23bb5763 437 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 438}
1143e5a6 439
333140b5
MH		 440static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
441{
442 __u8 status = *((__u8 *) skb->data);
443 void *sent;
444
9f1db00c 445 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 446
333140b5
MH		 447 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 if (!sent)
449 return;
450
ed2c4ee3 451 if (test_bit(HCI_MGMT, &hdev->dev_flags))
c0ecddc2
JH		 452 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status);
453 else if (!status) {
454 if (*((u8 *) sent))
455 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
456 else
457 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
458 }
333140b5
MH		 459}
460
d5859e22
JH		 461static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
462{
463 if (hdev->features[6] & LMP_EXT_INQ)
464 return 2;
465
466 if (hdev->features[3] & LMP_RSSI_INQ)
467 return 1;
468
469 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
807deac2 470 hdev->lmp_subver == 0x0757)
d5859e22
JH		 471 return 1;
472
473 if (hdev->manufacturer == 15) {
474 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
475 return 1;
476 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
477 return 1;
478 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
479 return 1;
480 }
481
482 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
807deac2 483 hdev->lmp_subver == 0x1805)
d5859e22
JH		 484 return 1;
485
486 return 0;
487}
488
489static void hci_setup_inquiry_mode(struct hci_dev *hdev)
490{
491 u8 mode;
492
493 mode = hci_get_inquiry_mode(hdev);
494
495 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
496}
497
498static void hci_setup_event_mask(struct hci_dev *hdev)
499{
500 /* The second byte is 0xff instead of 0x9f (two reserved bits
501 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
502 * command otherwise */
503 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
504
6de6c18d
VT		 505 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
506 * any event mask for pre 1.2 devices */
5a13b095 507 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 508 return;
509
510 events[4] |= 0x01; /* Flow Specification Complete */
511 events[4] |= 0x02; /* Inquiry Result with RSSI */
512 events[4] |= 0x04; /* Read Remote Extended Features Complete */
513 events[5] |= 0x08; /* Synchronous Connection Complete */
514 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 515
516 if (hdev->features[3] & LMP_RSSI_INQ)
a24299e6 517 events[4] |= 0x02; /* Inquiry Result with RSSI */
d5859e22 518
999dcd10 519 if (lmp_sniffsubr_capable(hdev))
d5859e22
JH		 520 events[5] |= 0x20; /* Sniff Subrating */
521
522 if (hdev->features[5] & LMP_PAUSE_ENC)
523 events[5] |= 0x80; /* Encryption Key Refresh Complete */
524
525 if (hdev->features[6] & LMP_EXT_INQ)
526 events[5] |= 0x40; /* Extended Inquiry Result */
527
c58e810e 528 if (lmp_no_flush_capable(hdev))
d5859e22
JH		 529 events[7] |= 0x01; /* Enhanced Flush Complete */
530
531 if (hdev->features[7] & LMP_LSTO)
532 events[6] |= 0x80; /* Link Supervision Timeout Changed */
533
9a1a1996 534 if (lmp_ssp_capable(hdev)) {
d5859e22
JH		 535 events[6] |= 0x01; /* IO Capability Request */
536 events[6] |= 0x02; /* IO Capability Response */
537 events[6] |= 0x04; /* User Confirmation Request */
538 events[6] |= 0x08; /* User Passkey Request */
539 events[6] |= 0x10; /* Remote OOB Data Request */
540 events[6] |= 0x20; /* Simple Pairing Complete */
541 events[7] |= 0x04; /* User Passkey Notification */
542 events[7] |= 0x08; /* Keypress Notification */
543 events[7] |= 0x10; /* Remote Host Supported
544 * Features Notification */
545 }
546
c383ddc4 547 if (lmp_le_capable(hdev))
d5859e22
JH		 548 events[7] |= 0x20; /* LE Meta-Event */
549
550 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
551}
552
553static void hci_setup(struct hci_dev *hdev)
554{
e61ef499
AE		 555 if (hdev->dev_type != HCI_BREDR)
556 return;
557
d5859e22
JH		 558 hci_setup_event_mask(hdev);
559
d095c1eb 560 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 561 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
562
6d3c730f 563 if (lmp_ssp_capable(hdev)) {
54d04dbb
JH		 564 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
565 u8 mode = 0x01;
566 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
04124681 567 sizeof(mode), &mode);
54d04dbb
JH		 568 } else {
569 struct hci_cp_write_eir cp;
570
571 memset(hdev->eir, 0, sizeof(hdev->eir));
572 memset(&cp, 0, sizeof(cp));
573
574 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
575 }
d5859e22
JH		 576 }
577
578 if (hdev->features[3] & LMP_RSSI_INQ)
579 hci_setup_inquiry_mode(hdev);
580
581 if (hdev->features[7] & LMP_INQ_TX_PWR)
582 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 583
584 if (hdev->features[7] & LMP_EXTFEATURES) {
585 struct hci_cp_read_local_ext_features cp;
586
587 cp.page = 0x01;
04124681
GP		 588 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
589 &cp);
971e3a4b 590 }
e6100a25 591
47990ea0
JH		 592 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
593 u8 enable = 1;
04124681
GP		 594 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
595 &enable);
47990ea0 596 }
d5859e22
JH		 597}
598
a9de9248
MH		 599static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
600{
601 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 602
9f1db00c 603 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 604
a9de9248 605 if (rp->status)
28b8df77 606 goto done;
1143e5a6 607
a9de9248 608 hdev->hci_ver = rp->hci_ver;
e4e8e37c 609 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 610 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 611 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 612 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 613
9f1db00c 614 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 615 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 616
617 if (test_bit(HCI_INIT, &hdev->flags))
618 hci_setup(hdev);
28b8df77
AE		 619
620done:
621 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
d5859e22
JH		 622}
623
624static void hci_setup_link_policy(struct hci_dev *hdev)
625{
035100c8 626 struct hci_cp_write_def_link_policy cp;
d5859e22
JH		 627 u16 link_policy = 0;
628
9f92ebf6 629 if (lmp_rswitch_capable(hdev))
d5859e22
JH		 630 link_policy |= HCI_LP_RSWITCH;
631 if (hdev->features[0] & LMP_HOLD)
632 link_policy |= HCI_LP_HOLD;
6eded100 633 if (lmp_sniff_capable(hdev))
d5859e22
JH		 634 link_policy |= HCI_LP_SNIFF;
635 if (hdev->features[1] & LMP_PARK)
636 link_policy |= HCI_LP_PARK;
637
035100c8
AE		 638 cp.policy = cpu_to_le16(link_policy);
639 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
a9de9248 640}
1da177e4 641
8fc9ced3
GP		 642static void hci_cc_read_local_commands(struct hci_dev *hdev,
643 struct sk_buff *skb)
a9de9248
MH		 644{
645 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 646
9f1db00c 647 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 648
a9de9248 649 if (rp->status)
d5859e22 650 goto done;
1da177e4 651
a9de9248 652 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 653
654 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
655 hci_setup_link_policy(hdev);
656
657done:
658 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 659}
1da177e4 660
8fc9ced3
GP		 661static void hci_cc_read_local_features(struct hci_dev *hdev,
662 struct sk_buff *skb)
a9de9248
MH		 663{
664 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 665
9f1db00c 666 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 667
a9de9248
MH		 668 if (rp->status)
669 return;
5b7f9909 670
a9de9248 671 memcpy(hdev->features, rp->features, 8);
5b7f9909 672
a9de9248
MH		 673 /* Adjust default settings according to features
674 * supported by device. */
1da177e4 675
a9de9248
MH		 676 if (hdev->features[0] & LMP_3SLOT)
677 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 678
a9de9248
MH		 679 if (hdev->features[0] & LMP_5SLOT)
680 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 681
a9de9248
MH		 682 if (hdev->features[1] & LMP_HV2) {
683 hdev->pkt_type |= (HCI_HV2);
684 hdev->esco_type |= (ESCO_HV2);
685 }
1da177e4 686
a9de9248
MH		 687 if (hdev->features[1] & LMP_HV3) {
688 hdev->pkt_type |= (HCI_HV3);
689 hdev->esco_type |= (ESCO_HV3);
690 }
1da177e4 691
45db810f 692 if (lmp_esco_capable(hdev))
a9de9248 693 hdev->esco_type |= (ESCO_EV3);
da1f5198 694
a9de9248
MH		 695 if (hdev->features[4] & LMP_EV4)
696 hdev->esco_type |= (ESCO_EV4);
da1f5198 697
a9de9248
MH		 698 if (hdev->features[4] & LMP_EV5)
699 hdev->esco_type |= (ESCO_EV5);
1da177e4 700
efc7688b
MH		 701 if (hdev->features[5] & LMP_EDR_ESCO_2M)
702 hdev->esco_type |= (ESCO_2EV3);
703
704 if (hdev->features[5] & LMP_EDR_ESCO_3M)
705 hdev->esco_type |= (ESCO_3EV3);
706
707 if (hdev->features[5] & LMP_EDR_3S_ESCO)
708 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
709
a9de9248 710 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
807deac2
GP		 711 hdev->features[0], hdev->features[1],
712 hdev->features[2], hdev->features[3],
713 hdev->features[4], hdev->features[5],
714 hdev->features[6], hdev->features[7]);
a9de9248 715}
1da177e4 716
8f984dfa
JH		 717static void hci_set_le_support(struct hci_dev *hdev)
718{
719 struct hci_cp_write_le_host_supported cp;
720
721 memset(&cp, 0, sizeof(cp));
722
9d42820f 723 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
8f984dfa
JH		 724 cp.le = 1;
725 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
726 }
727
728 if (cp.le != !!(hdev->host_features[0] & LMP_HOST_LE))
04124681
GP		 729 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
730 &cp);
8f984dfa
JH		 731}
732
971e3a4b 733static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 734 struct sk_buff *skb)
971e3a4b
AG		 735{
736 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
737
9f1db00c 738 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 739
740 if (rp->status)
8f984dfa 741 goto done;
971e3a4b 742
b5b32b65
AG		 743 switch (rp->page) {
744 case 0:
745 memcpy(hdev->features, rp->features, 8);
746 break;
747 case 1:
748 memcpy(hdev->host_features, rp->features, 8);
749 break;
750 }
971e3a4b 751
c383ddc4 752 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
8f984dfa
JH		 753 hci_set_le_support(hdev);
754
755done:
971e3a4b
AG		 756 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
757}
758
1e89cffb 759static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 760 struct sk_buff *skb)
1e89cffb
AE		 761{
762 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
763
9f1db00c 764 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb
AE		 765
766 if (rp->status)
767 return;
768
769 hdev->flow_ctl_mode = rp->mode;
770
771 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
772}
773
a9de9248
MH		 774static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
775{
776 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 777
9f1db00c 778 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 779
a9de9248
MH		 780 if (rp->status)
781 return;
1da177e4 782
a9de9248
MH		 783 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
784 hdev->sco_mtu = rp->sco_mtu;
785 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
786 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
787
788 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
789 hdev->sco_mtu = 64;
790 hdev->sco_pkts = 8;
1da177e4 791 }
a9de9248
MH		 792
793 hdev->acl_cnt = hdev->acl_pkts;
794 hdev->sco_cnt = hdev->sco_pkts;
795
807deac2
GP		 796 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
797 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 798}
799
800static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
801{
802 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
803
9f1db00c 804 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 805
806 if (!rp->status)
807 bacpy(&hdev->bdaddr, &rp->bdaddr);
808
23bb5763
JH		 809 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
810}
811
350ee4cf 812static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 813 struct sk_buff *skb)
350ee4cf
AE		 814{
815 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
816
9f1db00c 817 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 818
819 if (rp->status)
820 return;
821
822 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
823 hdev->block_len = __le16_to_cpu(rp->block_len);
824 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
825
826 hdev->block_cnt = hdev->num_blocks;
827
828 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 829 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 830
831 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
832}
833
23bb5763
JH		 834static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
835{
836 __u8 status = *((__u8 *) skb->data);
837
9f1db00c 838 BT_DBG("%s status 0x%2.2x", hdev->name, status);
23bb5763
JH		 839
840 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 841}
842
928abaa7 843static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 844 struct sk_buff *skb)
928abaa7
AE		 845{
846 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
847
9f1db00c 848 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 849
850 if (rp->status)
8e2a0d92 851 goto a2mp_rsp;
928abaa7
AE		 852
853 hdev->amp_status = rp->amp_status;
854 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
855 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
856 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
857 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
858 hdev->amp_type = rp->amp_type;
859 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
860 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
861 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
862 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
863
864 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
8e2a0d92
AE		 865
866a2mp_rsp:
867 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 868}
869
903e4541
AE		 870static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
871 struct sk_buff *skb)
872{
873 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
874 struct amp_assoc *assoc = &hdev->loc_assoc;
875 size_t rem_len, frag_len;
876
877 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
878
879 if (rp->status)
880 goto a2mp_rsp;
881
882 frag_len = skb->len - sizeof(*rp);
883 rem_len = __le16_to_cpu(rp->rem_len);
884
885 if (rem_len > frag_len) {
886 BT_DBG("frag_len %d rem_len %d", frag_len, rem_len);
887
888 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
889 assoc->offset += frag_len;
890
891 /* Read other fragments */
892 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
893
894 return;
895 }
896
897 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
898 assoc->len = assoc->offset + rem_len;
899 assoc->offset = 0;
900
901a2mp_rsp:
902 /* Send A2MP Rsp when all fragments are received */
903 a2mp_send_getampassoc_rsp(hdev, rp->status);
904}
905
b0916ea0 906static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
807deac2 907 struct sk_buff *skb)
b0916ea0
JH		 908{
909 __u8 status = *((__u8 *) skb->data);
910
9f1db00c 911 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b0916ea0
JH		 912
913 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
914}
915
d5859e22
JH		 916static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
917{
918 __u8 status = *((__u8 *) skb->data);
919
9f1db00c 920 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 921
922 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
923}
924
925static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
807deac2 926 struct sk_buff *skb)
d5859e22
JH		 927{
928 __u8 status = *((__u8 *) skb->data);
929
9f1db00c 930 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 931
932 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
933}
934
935static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 936 struct sk_buff *skb)
d5859e22 937{
91c4e9b1 938 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 939
9f1db00c 940 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 941
942 if (!rp->status)
943 hdev->inq_tx_power = rp->tx_power;
d5859e22 944
91c4e9b1 945 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
d5859e22
JH		 946}
947
948static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
949{
950 __u8 status = *((__u8 *) skb->data);
951
9f1db00c 952 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 953
954 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
955}
956
980e1a53
JH		 957static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
958{
959 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
960 struct hci_cp_pin_code_reply *cp;
961 struct hci_conn *conn;
962
9f1db00c 963 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 964
56e5cb86
JH		 965 hci_dev_lock(hdev);
966
a8b2d5c2 967 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 968 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 969
fa1bd918 970 if (rp->status)
56e5cb86 971 goto unlock;
980e1a53
JH		 972
973 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
974 if (!cp)
56e5cb86 975 goto unlock;
980e1a53
JH		 976
977 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
978 if (conn)
979 conn->pin_length = cp->pin_len;
56e5cb86
JH		 980
981unlock:
982 hci_dev_unlock(hdev);
980e1a53
JH		 983}
984
985static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
986{
987 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
988
9f1db00c 989 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 990
56e5cb86
JH		 991 hci_dev_lock(hdev);
992
a8b2d5c2 993 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 994 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 995 rp->status);
56e5cb86
JH		 996
997 hci_dev_unlock(hdev);
980e1a53 998}
56e5cb86 999
6ed58ec5
VT		 1000static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1001 struct sk_buff *skb)
1002{
1003 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1004
9f1db00c 1005 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 1006
1007 if (rp->status)
1008 return;
1009
1010 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1011 hdev->le_pkts = rp->le_max_pkt;
1012
1013 hdev->le_cnt = hdev->le_pkts;
1014
1015 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1016
1017 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1018}
980e1a53 1019
a5c29683
JH		 1020static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1021{
1022 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1023
9f1db00c 1024 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1025
56e5cb86
JH		 1026 hci_dev_lock(hdev);
1027
a8b2d5c2 1028 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 1029 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1030 rp->status);
56e5cb86
JH		 1031
1032 hci_dev_unlock(hdev);
a5c29683
JH		 1033}
1034
1035static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 1036 struct sk_buff *skb)
a5c29683
JH		 1037{
1038 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1039
9f1db00c 1040 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1041
56e5cb86
JH		 1042 hci_dev_lock(hdev);
1043
a8b2d5c2 1044 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 1045 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1046 ACL_LINK, 0, rp->status);
56e5cb86
JH		 1047
1048 hci_dev_unlock(hdev);
a5c29683
JH		 1049}
1050
1143d458
BG		 1051static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1052{
1053 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1054
9f1db00c 1055 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1056
1057 hci_dev_lock(hdev);
1058
a8b2d5c2 1059 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 1060 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 1061 0, rp->status);
1143d458
BG		 1062
1063 hci_dev_unlock(hdev);
1064}
1065
1066static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 1067 struct sk_buff *skb)
1143d458
BG		 1068{
1069 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1070
9f1db00c 1071 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1072
1073 hci_dev_lock(hdev);
1074
a8b2d5c2 1075 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1076 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1077 ACL_LINK, 0, rp->status);
1143d458
BG		 1078
1079 hci_dev_unlock(hdev);
1080}
1081
c35938b2 1082static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 1083 struct sk_buff *skb)
c35938b2
SJ		 1084{
1085 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1086
9f1db00c 1087 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 1088
56e5cb86 1089 hci_dev_lock(hdev);
744cf19e 1090 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1091 rp->randomizer, rp->status);
56e5cb86 1092 hci_dev_unlock(hdev);
c35938b2
SJ		 1093}
1094
07f7fa5d
AG		 1095static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1096{
1097 __u8 status = *((__u8 *) skb->data);
1098
9f1db00c 1099 BT_DBG("%s status 0x%2.2x", hdev->name, status);
7ba8b4be
AG		 1100
1101 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1102
1103 if (status) {
1104 hci_dev_lock(hdev);
1105 mgmt_start_discovery_failed(hdev, status);
1106 hci_dev_unlock(hdev);
1107 return;
1108 }
07f7fa5d
AG		 1109}
1110
eb9d91f5 1111static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 1112 struct sk_buff *skb)
eb9d91f5
AG		 1113{
1114 struct hci_cp_le_set_scan_enable *cp;
1115 __u8 status = *((__u8 *) skb->data);
1116
9f1db00c 1117 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 1118
eb9d91f5
AG		 1119 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1120 if (!cp)
1121 return;
1122
68a8aea4
AE		 1123 switch (cp->enable) {
1124 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1125 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1126
3fd24153
AG		 1127 if (status) {
1128 hci_dev_lock(hdev);
1129 mgmt_start_discovery_failed(hdev, status);
1130 hci_dev_unlock(hdev);
7ba8b4be 1131 return;
3fd24153 1132 }
7ba8b4be 1133
d23264a8
AG		 1134 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1135
a8f13c8c 1136 hci_dev_lock(hdev);
343f935b 1137 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 1138 hci_dev_unlock(hdev);
68a8aea4
AE		 1139 break;
1140
1141 case LE_SCANNING_DISABLED:
c9ecc48e
AG		 1142 if (status) {
1143 hci_dev_lock(hdev);
1144 mgmt_stop_discovery_failed(hdev, status);
1145 hci_dev_unlock(hdev);
7ba8b4be 1146 return;
c9ecc48e 1147 }
7ba8b4be 1148
d23264a8
AG		 1149 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1150
bc3dd33c
AG		 1151 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1152 hdev->discovery.state == DISCOVERY_FINDING) {
5e0452c0
AG		 1153 mgmt_interleaved_discovery(hdev);
1154 } else {
1155 hci_dev_lock(hdev);
1156 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1157 hci_dev_unlock(hdev);
1158 }
1159
68a8aea4
AE		 1160 break;
1161
1162 default:
1163 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1164 break;
35815085 1165 }
eb9d91f5
AG		 1166}
1167
a7a595f6
VCG		 1168static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1169{
1170 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1171
9f1db00c 1172 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1173
1174 if (rp->status)
1175 return;
1176
1177 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1178}
1179
1180static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1181{
1182 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1183
9f1db00c 1184 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1185
1186 if (rp->status)
1187 return;
1188
1189 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1190}
1191
6039aa73
GP		 1192static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1193 struct sk_buff *skb)
f9b49306 1194{
06199cf8 1195 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 1196 __u8 status = *((__u8 *) skb->data);
1197
9f1db00c 1198 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1199
06199cf8 1200 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1201 if (!sent)
f9b49306
AG		 1202 return;
1203
8f984dfa
JH		 1204 if (!status) {
1205 if (sent->le)
1206 hdev->host_features[0] |= LMP_HOST_LE;
1207 else
1208 hdev->host_features[0] &= ~LMP_HOST_LE;
1209 }
1210
1211 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
807deac2 1212 !test_bit(HCI_INIT, &hdev->flags))
8f984dfa
JH		 1213 mgmt_le_enable_complete(hdev, sent->le, status);
1214
1215 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
f9b49306
AG		 1216}
1217
93c284ee
AE		 1218static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1219 struct sk_buff *skb)
1220{
1221 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1222
1223 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1224 hdev->name, rp->status, rp->phy_handle);
1225
1226 if (rp->status)
1227 return;
1228
1229 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1230}
1231
6039aa73 1232static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1233{
9f1db00c 1234 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1235
1236 if (status) {
23bb5763 1237 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1238 hci_conn_check_pending(hdev);
56e5cb86 1239 hci_dev_lock(hdev);
a8b2d5c2 1240 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1241 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1242 hci_dev_unlock(hdev);
314b2381
JH		 1243 return;
1244 }
1245
89352e7d
AG		 1246 set_bit(HCI_INQUIRY, &hdev->flags);
1247
56e5cb86 1248 hci_dev_lock(hdev);
343f935b 1249 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1250 hci_dev_unlock(hdev);
1da177e4
LT		 1251}
1252
6039aa73 1253static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1254{
a9de9248 1255 struct hci_cp_create_conn *cp;
1da177e4 1256 struct hci_conn *conn;
1da177e4 1257
9f1db00c 1258 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1259
1260 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1261 if (!cp)
1262 return;
1263
1264 hci_dev_lock(hdev);
1265
1266 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1267
9f1db00c 1268 BT_DBG("%s bdaddr %s hcon %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1269
1270 if (status) {
1271 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1272 if (status != 0x0c || conn->attempt > 2) {
1273 conn->state = BT_CLOSED;
1274 hci_proto_connect_cfm(conn, status);
1275 hci_conn_del(conn);
1276 } else
1277 conn->state = BT_CONNECT2;
1da177e4
LT		 1278 }
1279 } else {
1280 if (!conn) {
1281 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1282 if (conn) {
a0c808b3 1283 conn->out = true;
1da177e4
LT		 1284 conn->link_mode |= HCI_LM_MASTER;
1285 } else
893ef971 1286 BT_ERR("No memory for new connection");
1da177e4
LT		 1287 }
1288 }
1289
1290 hci_dev_unlock(hdev);
1291}
1292
a9de9248 1293static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1294{
a9de9248
MH		 1295 struct hci_cp_add_sco *cp;
1296 struct hci_conn *acl, *sco;
1297 __u16 handle;
1da177e4 1298
9f1db00c 1299 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1300
a9de9248
MH		 1301 if (!status)
1302 return;
1da177e4 1303
a9de9248
MH		 1304 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1305 if (!cp)
1306 return;
1da177e4 1307
a9de9248 1308 handle = __le16_to_cpu(cp->handle);
1da177e4 1309
9f1db00c 1310 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1311
a9de9248 1312 hci_dev_lock(hdev);
1da177e4 1313
a9de9248 1314 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1315 if (acl) {
1316 sco = acl->link;
1317 if (sco) {
1318 sco->state = BT_CLOSED;
1da177e4 1319
5a08ecce
AE		 1320 hci_proto_connect_cfm(sco, status);
1321 hci_conn_del(sco);
1322 }
a9de9248 1323 }
1da177e4 1324
a9de9248
MH		 1325 hci_dev_unlock(hdev);
1326}
1da177e4 1327
f8558555
MH		 1328static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1329{
1330 struct hci_cp_auth_requested *cp;
1331 struct hci_conn *conn;
1332
9f1db00c 1333 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1334
1335 if (!status)
1336 return;
1337
1338 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1339 if (!cp)
1340 return;
1341
1342 hci_dev_lock(hdev);
1343
1344 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1345 if (conn) {
1346 if (conn->state == BT_CONFIG) {
1347 hci_proto_connect_cfm(conn, status);
1348 hci_conn_put(conn);
1349 }
1350 }
1351
1352 hci_dev_unlock(hdev);
1353}
1354
1355static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1356{
1357 struct hci_cp_set_conn_encrypt *cp;
1358 struct hci_conn *conn;
1359
9f1db00c 1360 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1361
1362 if (!status)
1363 return;
1364
1365 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1366 if (!cp)
1367 return;
1368
1369 hci_dev_lock(hdev);
1370
1371 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1372 if (conn) {
1373 if (conn->state == BT_CONFIG) {
1374 hci_proto_connect_cfm(conn, status);
1375 hci_conn_put(conn);
1376 }
1377 }
1378
1379 hci_dev_unlock(hdev);
1380}
1381
127178d2 1382static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1383 struct hci_conn *conn)
392599b9 1384{
392599b9
JH		 1385 if (conn->state != BT_CONFIG || !conn->out)
1386 return 0;
1387
765c2a96 1388 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1389 return 0;
1390
1391 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1392 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1393 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1394 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1395 return 0;
1396
392599b9
JH		 1397 return 1;
1398}
1399
6039aa73 1400static int hci_resolve_name(struct hci_dev *hdev,
04124681 1401 struct inquiry_entry *e)
30dc78e1
JH		 1402{
1403 struct hci_cp_remote_name_req cp;
1404
1405 memset(&cp, 0, sizeof(cp));
1406
1407 bacpy(&cp.bdaddr, &e->data.bdaddr);
1408 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1409 cp.pscan_mode = e->data.pscan_mode;
1410 cp.clock_offset = e->data.clock_offset;
1411
1412 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1413}
1414
b644ba33 1415static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1416{
1417 struct discovery_state *discov = &hdev->discovery;
1418 struct inquiry_entry *e;
1419
b644ba33
JH		 1420 if (list_empty(&discov->resolve))
1421 return false;
1422
1423 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1424 if (!e)
1425 return false;
1426
b644ba33
JH		 1427 if (hci_resolve_name(hdev, e) == 0) {
1428 e->name_state = NAME_PENDING;
1429 return true;
1430 }
1431
1432 return false;
1433}
1434
1435static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1436 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1437{
1438 struct discovery_state *discov = &hdev->discovery;
1439 struct inquiry_entry *e;
1440
1441 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1442 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1443 name_len, conn->dev_class);
b644ba33
JH		 1444
1445 if (discov->state == DISCOVERY_STOPPED)
1446 return;
1447
30dc78e1
JH		 1448 if (discov->state == DISCOVERY_STOPPING)
1449 goto discov_complete;
1450
1451 if (discov->state != DISCOVERY_RESOLVING)
1452 return;
1453
1454 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1455 /* If the device was not found in a list of found devices names of which
1456 * are pending. there is no need to continue resolving a next name as it
1457 * will be done upon receiving another Remote Name Request Complete
1458 * Event */
1459 if (!e)
1460 return;
1461
1462 list_del(&e->list);
1463 if (name) {
30dc78e1 1464 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1465 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1466 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1467 } else {
1468 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1469 }
1470
b644ba33 1471 if (hci_resolve_next_name(hdev))
30dc78e1 1472 return;
30dc78e1
JH		 1473
1474discov_complete:
1475 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1476}
1477
a9de9248
MH		 1478static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1479{
127178d2
JH		 1480 struct hci_cp_remote_name_req *cp;
1481 struct hci_conn *conn;
1482
9f1db00c 1483 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1484
1485 /* If successful wait for the name req complete event before
1486 * checking for the need to do authentication */
1487 if (!status)
1488 return;
1489
1490 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1491 if (!cp)
1492 return;
1493
1494 hci_dev_lock(hdev);
1495
b644ba33
JH		 1496 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1497
a8b2d5c2 1498 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1499 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1500
79c6c70c
JH		 1501 if (!conn)
1502 goto unlock;
1503
1504 if (!hci_outgoing_auth_needed(hdev, conn))
1505 goto unlock;
1506
51a8efd7 1507 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1508 struct hci_cp_auth_requested cp;
1509 cp.handle = __cpu_to_le16(conn->handle);
1510 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1511 }
1512
79c6c70c 1513unlock:
127178d2 1514 hci_dev_unlock(hdev);
a9de9248 1515}
1da177e4 1516
769be974
MH		 1517static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1518{
1519 struct hci_cp_read_remote_features *cp;
1520 struct hci_conn *conn;
1521
9f1db00c 1522 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1523
1524 if (!status)
1525 return;
1526
1527 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1528 if (!cp)
1529 return;
1530
1531 hci_dev_lock(hdev);
1532
1533 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1534 if (conn) {
1535 if (conn->state == BT_CONFIG) {
769be974
MH		 1536 hci_proto_connect_cfm(conn, status);
1537 hci_conn_put(conn);
1538 }
1539 }
1540
1541 hci_dev_unlock(hdev);
1542}
1543
1544static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1545{
1546 struct hci_cp_read_remote_ext_features *cp;
1547 struct hci_conn *conn;
1548
9f1db00c 1549 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1550
1551 if (!status)
1552 return;
1553
1554 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1555 if (!cp)
1556 return;
1557
1558 hci_dev_lock(hdev);
1559
1560 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1561 if (conn) {
1562 if (conn->state == BT_CONFIG) {
769be974
MH		 1563 hci_proto_connect_cfm(conn, status);
1564 hci_conn_put(conn);
1565 }
1566 }
1567
1568 hci_dev_unlock(hdev);
1569}
1570
a9de9248
MH		 1571static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1572{
b6a0dc82
MH		 1573 struct hci_cp_setup_sync_conn *cp;
1574 struct hci_conn *acl, *sco;
1575 __u16 handle;
1576
9f1db00c 1577 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1578
1579 if (!status)
1580 return;
1581
1582 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1583 if (!cp)
1584 return;
1585
1586 handle = __le16_to_cpu(cp->handle);
1587
9f1db00c 1588 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1589
1590 hci_dev_lock(hdev);
1591
1592 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1593 if (acl) {
1594 sco = acl->link;
1595 if (sco) {
1596 sco->state = BT_CLOSED;
b6a0dc82 1597
5a08ecce
AE		 1598 hci_proto_connect_cfm(sco, status);
1599 hci_conn_del(sco);
1600 }
b6a0dc82
MH		 1601 }
1602
1603 hci_dev_unlock(hdev);
1da177e4
LT		 1604}
1605
a9de9248 1606static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1607{
a9de9248
MH		 1608 struct hci_cp_sniff_mode *cp;
1609 struct hci_conn *conn;
1da177e4 1610
9f1db00c 1611 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1612
a9de9248
MH		 1613 if (!status)
1614 return;
04837f64 1615
a9de9248
MH		 1616 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1617 if (!cp)
1618 return;
04837f64 1619
a9de9248 1620 hci_dev_lock(hdev);
04837f64 1621
a9de9248 1622 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1623 if (conn) {
51a8efd7 1624 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1625
51a8efd7 1626 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1627 hci_sco_setup(conn, status);
1628 }
1629
a9de9248
MH		 1630 hci_dev_unlock(hdev);
1631}
04837f64 1632
a9de9248
MH		 1633static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1634{
1635 struct hci_cp_exit_sniff_mode *cp;
1636 struct hci_conn *conn;
04837f64 1637
9f1db00c 1638 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1639
a9de9248
MH		 1640 if (!status)
1641 return;
04837f64 1642
a9de9248
MH		 1643 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1644 if (!cp)
1645 return;
04837f64 1646
a9de9248 1647 hci_dev_lock(hdev);
1da177e4 1648
a9de9248 1649 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1650 if (conn) {
51a8efd7 1651 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1652
51a8efd7 1653 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1654 hci_sco_setup(conn, status);
1655 }
1656
a9de9248 1657 hci_dev_unlock(hdev);
1da177e4
LT		 1658}
1659
88c3df13
JH		 1660static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1661{
1662 struct hci_cp_disconnect *cp;
1663 struct hci_conn *conn;
1664
1665 if (!status)
1666 return;
1667
1668 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1669 if (!cp)
1670 return;
1671
1672 hci_dev_lock(hdev);
1673
1674 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1675 if (conn)
1676 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1677 conn->dst_type, status);
88c3df13
JH		 1678
1679 hci_dev_unlock(hdev);
1680}
1681
fcd89c09
VT		 1682static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1683{
fcd89c09
VT		 1684 struct hci_conn *conn;
1685
9f1db00c 1686 BT_DBG("%s status 0x%2.2x", hdev->name, status);
fcd89c09 1687
f00a06ac
AG		 1688 if (status) {
1689 hci_dev_lock(hdev);
fcd89c09 1690
0c95ab78 1691 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
f00a06ac
AG		 1692 if (!conn) {
1693 hci_dev_unlock(hdev);
1694 return;
1695 }
fcd89c09 1696
0c95ab78 1697 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&conn->dst),
f00a06ac 1698 conn);
fcd89c09 1699
f00a06ac 1700 conn->state = BT_CLOSED;
0c95ab78 1701 mgmt_connect_failed(hdev, &conn->dst, conn->type,
f00a06ac
AG		 1702 conn->dst_type, status);
1703 hci_proto_connect_cfm(conn, status);
1704 hci_conn_del(conn);
fcd89c09 1705
f00a06ac
AG		 1706 hci_dev_unlock(hdev);
1707 }
fcd89c09
VT		 1708}
1709
a7a595f6
VCG		 1710static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1711{
9f1db00c 1712 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a7a595f6
VCG		 1713}
1714
a02226d6
AE		 1715static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1716{
93c284ee
AE		 1717 struct hci_cp_create_phy_link *cp;
1718
a02226d6 1719 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee
AE		 1720
1721 if (status)
1722 return;
1723
1724 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1725 if (!cp)
1726 return;
1727
1728 amp_write_remote_assoc(hdev, cp->phy_handle);
a02226d6
AE		 1729}
1730
6039aa73 1731static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1732{
1733 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1734 struct discovery_state *discov = &hdev->discovery;
1735 struct inquiry_entry *e;
1da177e4 1736
9f1db00c 1737 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1738
23bb5763 1739 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1740
a9de9248 1741 hci_conn_check_pending(hdev);
89352e7d
AG		 1742
1743 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1744 return;
1745
a8b2d5c2 1746 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1747 return;
1748
56e5cb86 1749 hci_dev_lock(hdev);
30dc78e1 1750
343f935b 1751 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1752 goto unlock;
1753
1754 if (list_empty(&discov->resolve)) {
1755 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1756 goto unlock;
1757 }
1758
1759 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1760 if (e && hci_resolve_name(hdev, e) == 0) {
1761 e->name_state = NAME_PENDING;
1762 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1763 } else {
1764 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1765 }
1766
1767unlock:
56e5cb86 1768 hci_dev_unlock(hdev);
1da177e4
LT		 1769}
1770
6039aa73 1771static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1772{
45bb4bf0 1773 struct inquiry_data data;
a9de9248 1774 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1775 int num_rsp = *((__u8 *) skb->data);
1776
1777 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1778
45bb4bf0
MH		 1779 if (!num_rsp)
1780 return;
1781
1519cc17
AG		 1782 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1783 return;
1784
1da177e4 1785 hci_dev_lock(hdev);
45bb4bf0 1786
e17acd40 1787 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1788 bool name_known, ssp;
3175405b 1789
1da177e4
LT		 1790 bacpy(&data.bdaddr, &info->bdaddr);
1791 data.pscan_rep_mode = info->pscan_rep_mode;
1792 data.pscan_period_mode = info->pscan_period_mode;
1793 data.pscan_mode = info->pscan_mode;
1794 memcpy(data.dev_class, info->dev_class, 3);
1795 data.clock_offset = info->clock_offset;
1796 data.rssi = 0x00;
41a96212 1797 data.ssp_mode = 0x00;
3175405b 1798
388fc8fa 1799 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1800 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1801 info->dev_class, 0, !name_known, ssp, NULL,
1802 0);
1da177e4 1803 }
45bb4bf0 1804
1da177e4
LT		 1805 hci_dev_unlock(hdev);
1806}
1807
6039aa73 1808static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1809{
a9de9248
MH		 1810 struct hci_ev_conn_complete *ev = (void *) skb->data;
1811 struct hci_conn *conn;
1da177e4
LT		 1812
1813 BT_DBG("%s", hdev->name);
1814
1815 hci_dev_lock(hdev);
1816
1817 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1818 if (!conn) {
1819 if (ev->link_type != SCO_LINK)
1820 goto unlock;
1821
1822 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1823 if (!conn)
1824 goto unlock;
1825
1826 conn->type = SCO_LINK;
1827 }
1da177e4
LT		 1828
1829 if (!ev->status) {
1830 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1831
1832 if (conn->type == ACL_LINK) {
1833 conn->state = BT_CONFIG;
1834 hci_conn_hold(conn);
a9ea3ed9
SJ		 1835
1836 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1837 !hci_find_link_key(hdev, &ev->bdaddr))
1838 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1839 else
1840 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1841 } else
1842 conn->state = BT_CONNECTED;
1da177e4 1843
9eba32b8 1844 hci_conn_hold_device(conn);
7d0db0a3
MH		 1845 hci_conn_add_sysfs(conn);
1846
1da177e4
LT		 1847 if (test_bit(HCI_AUTH, &hdev->flags))
1848 conn->link_mode |= HCI_LM_AUTH;
1849
1850 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1851 conn->link_mode |= HCI_LM_ENCRYPT;
1852
04837f64
MH		 1853 /* Get remote features */
1854 if (conn->type == ACL_LINK) {
1855 struct hci_cp_read_remote_features cp;
1856 cp.handle = ev->handle;
769be974 1857 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1858 sizeof(cp), &cp);
04837f64
MH		 1859 }
1860
1da177e4 1861 /* Set packet type for incoming connection */
d095c1eb 1862 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1863 struct hci_cp_change_conn_ptype cp;
1864 cp.handle = ev->handle;
a8746417 1865 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1866 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1867 &cp);
1da177e4 1868 }
17d5c04c 1869 } else {
1da177e4 1870 conn->state = BT_CLOSED;
17d5c04c 1871 if (conn->type == ACL_LINK)
744cf19e 1872 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1873 conn->dst_type, ev->status);
17d5c04c 1874 }
1da177e4 1875
e73439d8
MH		 1876 if (conn->type == ACL_LINK)
1877 hci_sco_setup(conn, ev->status);
1da177e4 1878
769be974
MH		 1879 if (ev->status) {
1880 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1881 hci_conn_del(conn);
c89b6e6b
MH		 1882 } else if (ev->link_type != ACL_LINK)
1883 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1884
a9de9248 1885unlock:
1da177e4 1886 hci_dev_unlock(hdev);
1da177e4 1887
a9de9248 1888 hci_conn_check_pending(hdev);
1da177e4
LT		 1889}
1890
6039aa73 1891static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1892{
a9de9248
MH		 1893 struct hci_ev_conn_request *ev = (void *) skb->data;
1894 int mask = hdev->link_mode;
1da177e4 1895
807deac2
GP		 1896 BT_DBG("%s bdaddr %s type 0x%x", hdev->name, batostr(&ev->bdaddr),
1897 ev->link_type);
1da177e4 1898
a9de9248 1899 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1900
138d22ef 1901 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1902 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1903 /* Connection accepted */
c7bdd502 1904 struct inquiry_entry *ie;
1da177e4 1905 struct hci_conn *conn;
1da177e4 1906
a9de9248 1907 hci_dev_lock(hdev);
b6a0dc82 1908
cc11b9c1
AE		 1909 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1910 if (ie)
c7bdd502
MH		 1911 memcpy(ie->data.dev_class, ev->dev_class, 3);
1912
8fc9ced3
GP		 1913 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1914 &ev->bdaddr);
a9de9248 1915 if (!conn) {
cc11b9c1
AE		 1916 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1917 if (!conn) {
893ef971 1918 BT_ERR("No memory for new connection");
a9de9248
MH		 1919 hci_dev_unlock(hdev);
1920 return;
1da177e4
LT		 1921 }
1922 }
b6a0dc82 1923
a9de9248
MH		 1924 memcpy(conn->dev_class, ev->dev_class, 3);
1925 conn->state = BT_CONNECT;
b6a0dc82 1926
a9de9248 1927 hci_dev_unlock(hdev);
1da177e4 1928
b6a0dc82
MH		 1929 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1930 struct hci_cp_accept_conn_req cp;
1da177e4 1931
b6a0dc82
MH		 1932 bacpy(&cp.bdaddr, &ev->bdaddr);
1933
1934 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1935 cp.role = 0x00; /* Become master */
1936 else
1937 cp.role = 0x01; /* Remain slave */
1938
04124681
GP		 1939 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1940 &cp);
b6a0dc82
MH		 1941 } else {
1942 struct hci_cp_accept_sync_conn_req cp;
1943
1944 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1945 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1946
82781e63
AE		 1947 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1948 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1949 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1950 cp.content_format = cpu_to_le16(hdev->voice_setting);
1951 cp.retrans_effort = 0xff;
1da177e4 1952
b6a0dc82 1953 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1954 sizeof(cp), &cp);
b6a0dc82 1955 }
a9de9248
MH		 1956 } else {
1957 /* Connection rejected */
1958 struct hci_cp_reject_conn_req cp;
1da177e4 1959
a9de9248 1960 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1961 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1962 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1963 }
1da177e4
LT		 1964}
1965
f0d6a0ea
MA		 1966static u8 hci_to_mgmt_reason(u8 err)
1967{
1968 switch (err) {
1969 case HCI_ERROR_CONNECTION_TIMEOUT:
1970 return MGMT_DEV_DISCONN_TIMEOUT;
1971 case HCI_ERROR_REMOTE_USER_TERM:
1972 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1973 case HCI_ERROR_REMOTE_POWER_OFF:
1974 return MGMT_DEV_DISCONN_REMOTE;
1975 case HCI_ERROR_LOCAL_HOST_TERM:
1976 return MGMT_DEV_DISCONN_LOCAL_HOST;
1977 default:
1978 return MGMT_DEV_DISCONN_UNKNOWN;
1979 }
1980}
1981
6039aa73 1982static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1983{
a9de9248 1984 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1985 struct hci_conn *conn;
1986
9f1db00c 1987 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1988
1989 hci_dev_lock(hdev);
1990
1991 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1992 if (!conn)
1993 goto unlock;
7d0db0a3 1994
37d9ef76
JH		 1995 if (ev->status == 0)
1996 conn->state = BT_CLOSED;
04837f64 1997
b644ba33 1998 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 1999 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 2000 if (ev->status) {
88c3df13 2001 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 2002 conn->dst_type, ev->status);
f0d6a0ea
MA		 2003 } else {
2004 u8 reason = hci_to_mgmt_reason(ev->reason);
2005
afc747a6 2006 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 2007 conn->dst_type, reason);
2008 }
37d9ef76 2009 }
f7520543 2010
37d9ef76 2011 if (ev->status == 0) {
6ec5bcad
VA		 2012 if (conn->type == ACL_LINK && conn->flush_key)
2013 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 2014 hci_proto_disconn_cfm(conn, ev->reason);
2015 hci_conn_del(conn);
2016 }
f7520543
JH		 2017
2018unlock:
04837f64
MH		 2019 hci_dev_unlock(hdev);
2020}
2021
6039aa73 2022static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2023{
a9de9248 2024 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 2025 struct hci_conn *conn;
1da177e4 2026
9f1db00c 2027 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2028
2029 hci_dev_lock(hdev);
2030
04837f64 2031 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 2032 if (!conn)
2033 goto unlock;
2034
2035 if (!ev->status) {
aa64a8b5 2036 if (!hci_conn_ssp_enabled(conn) &&
807deac2 2037 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 2038 BT_INFO("re-auth of legacy device is not possible.");
2a611692 2039 } else {
d7556e20
WR		 2040 conn->link_mode |= HCI_LM_AUTH;
2041 conn->sec_level = conn->pending_sec_level;
2a611692 2042 }
d7556e20 2043 } else {
bab73cb6 2044 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 2045 ev->status);
d7556e20 2046 }
1da177e4 2047
51a8efd7
JH		 2048 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2049 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 2050
d7556e20 2051 if (conn->state == BT_CONFIG) {
aa64a8b5 2052 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 2053 struct hci_cp_set_conn_encrypt cp;
2054 cp.handle = ev->handle;
2055 cp.encrypt = 0x01;
2056 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2057 &cp);
052b30b0 2058 } else {
d7556e20
WR		 2059 conn->state = BT_CONNECTED;
2060 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 2061 hci_conn_put(conn);
2062 }
d7556e20
WR		 2063 } else {
2064 hci_auth_cfm(conn, ev->status);
052b30b0 2065
d7556e20
WR		 2066 hci_conn_hold(conn);
2067 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2068 hci_conn_put(conn);
2069 }
2070
51a8efd7 2071 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 2072 if (!ev->status) {
2073 struct hci_cp_set_conn_encrypt cp;
2074 cp.handle = ev->handle;
2075 cp.encrypt = 0x01;
2076 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2077 &cp);
d7556e20 2078 } else {
51a8efd7 2079 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 2080 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 2081 }
2082 }
2083
d7556e20 2084unlock:
1da177e4
LT		 2085 hci_dev_unlock(hdev);
2086}
2087
6039aa73 2088static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2089{
127178d2
JH		 2090 struct hci_ev_remote_name *ev = (void *) skb->data;
2091 struct hci_conn *conn;
2092
a9de9248 2093 BT_DBG("%s", hdev->name);
1da177e4 2094
a9de9248 2095 hci_conn_check_pending(hdev);
127178d2
JH		 2096
2097 hci_dev_lock(hdev);
2098
b644ba33 2099 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 2100
b644ba33
JH		 2101 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2102 goto check_auth;
a88a9652 2103
b644ba33
JH		 2104 if (ev->status == 0)
2105 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 2106 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 2107 else
2108 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2109
2110check_auth:
79c6c70c
JH		 2111 if (!conn)
2112 goto unlock;
2113
2114 if (!hci_outgoing_auth_needed(hdev, conn))
2115 goto unlock;
2116
51a8efd7 2117 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 2118 struct hci_cp_auth_requested cp;
2119 cp.handle = __cpu_to_le16(conn->handle);
2120 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2121 }
2122
79c6c70c 2123unlock:
127178d2 2124 hci_dev_unlock(hdev);
a9de9248
MH		 2125}
2126
6039aa73 2127static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2128{
2129 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2130 struct hci_conn *conn;
2131
9f1db00c 2132 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2133
2134 hci_dev_lock(hdev);
2135
04837f64 2136 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2137 if (conn) {
2138 if (!ev->status) {
ae293196
MH		 2139 if (ev->encrypt) {
2140 /* Encryption implies authentication */
2141 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2142 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2143 conn->sec_level = conn->pending_sec_level;
ae293196 2144 } else
1da177e4
LT		 2145 conn->link_mode &= ~HCI_LM_ENCRYPT;
2146 }
2147
51a8efd7 2148 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2149
a7d7723a 2150 if (ev->status && conn->state == BT_CONNECTED) {
d839c813 2151 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
a7d7723a
GP		 2152 hci_conn_put(conn);
2153 goto unlock;
2154 }
2155
f8558555
MH		 2156 if (conn->state == BT_CONFIG) {
2157 if (!ev->status)
2158 conn->state = BT_CONNECTED;
2159
2160 hci_proto_connect_cfm(conn, ev->status);
2161 hci_conn_put(conn);
2162 } else
2163 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2164 }
2165
a7d7723a 2166unlock:
1da177e4
LT		 2167 hci_dev_unlock(hdev);
2168}
2169
6039aa73
GP		 2170static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2171 struct sk_buff *skb)
1da177e4 2172{
a9de9248 2173 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2174 struct hci_conn *conn;
1da177e4 2175
9f1db00c 2176 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2177
2178 hci_dev_lock(hdev);
2179
04837f64 2180 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2181 if (conn) {
2182 if (!ev->status)
2183 conn->link_mode |= HCI_LM_SECURE;
2184
51a8efd7 2185 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2186
2187 hci_key_change_cfm(conn, ev->status);
2188 }
2189
2190 hci_dev_unlock(hdev);
2191}
2192
6039aa73
GP		 2193static void hci_remote_features_evt(struct hci_dev *hdev,
2194 struct sk_buff *skb)
1da177e4 2195{
a9de9248
MH		 2196 struct hci_ev_remote_features *ev = (void *) skb->data;
2197 struct hci_conn *conn;
2198
9f1db00c 2199 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2200
a9de9248
MH		 2201 hci_dev_lock(hdev);
2202
2203 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2204 if (!conn)
2205 goto unlock;
769be974 2206
ccd556fe
JH		 2207 if (!ev->status)
2208 memcpy(conn->features, ev->features, 8);
2209
2210 if (conn->state != BT_CONFIG)
2211 goto unlock;
2212
2213 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2214 struct hci_cp_read_remote_ext_features cp;
2215 cp.handle = ev->handle;
2216 cp.page = 0x01;
2217 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2218 sizeof(cp), &cp);
392599b9
JH		 2219 goto unlock;
2220 }
2221
671267bf 2222 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2223 struct hci_cp_remote_name_req cp;
2224 memset(&cp, 0, sizeof(cp));
2225 bacpy(&cp.bdaddr, &conn->dst);
2226 cp.pscan_rep_mode = 0x02;
2227 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2228 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2229 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2230 conn->dst_type, 0, NULL, 0,
2231 conn->dev_class);
392599b9 2232
127178d2 2233 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2234 conn->state = BT_CONNECTED;
2235 hci_proto_connect_cfm(conn, ev->status);
2236 hci_conn_put(conn);
769be974 2237 }
a9de9248 2238
ccd556fe 2239unlock:
a9de9248 2240 hci_dev_unlock(hdev);
1da177e4
LT		 2241}
2242
6039aa73 2243static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2244{
a9de9248 2245 BT_DBG("%s", hdev->name);
1da177e4
LT		 2246}
2247
6039aa73
GP		 2248static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2249 struct sk_buff *skb)
1da177e4 2250{
a9de9248 2251 BT_DBG("%s", hdev->name);
1da177e4
LT		 2252}
2253
6039aa73 2254static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2255{
2256 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2257 __u16 opcode;
2258
2259 skb_pull(skb, sizeof(*ev));
2260
2261 opcode = __le16_to_cpu(ev->opcode);
2262
2263 switch (opcode) {
2264 case HCI_OP_INQUIRY_CANCEL:
2265 hci_cc_inquiry_cancel(hdev, skb);
2266 break;
2267
4d93483b
AG		 2268 case HCI_OP_PERIODIC_INQ:
2269 hci_cc_periodic_inq(hdev, skb);
2270 break;
2271
a9de9248
MH		 2272 case HCI_OP_EXIT_PERIODIC_INQ:
2273 hci_cc_exit_periodic_inq(hdev, skb);
2274 break;
2275
2276 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2277 hci_cc_remote_name_req_cancel(hdev, skb);
2278 break;
2279
2280 case HCI_OP_ROLE_DISCOVERY:
2281 hci_cc_role_discovery(hdev, skb);
2282 break;
2283
e4e8e37c
MH		 2284 case HCI_OP_READ_LINK_POLICY:
2285 hci_cc_read_link_policy(hdev, skb);
2286 break;
2287
a9de9248
MH		 2288 case HCI_OP_WRITE_LINK_POLICY:
2289 hci_cc_write_link_policy(hdev, skb);
2290 break;
2291
e4e8e37c
MH		 2292 case HCI_OP_READ_DEF_LINK_POLICY:
2293 hci_cc_read_def_link_policy(hdev, skb);
2294 break;
2295
2296 case HCI_OP_WRITE_DEF_LINK_POLICY:
2297 hci_cc_write_def_link_policy(hdev, skb);
2298 break;
2299
a9de9248
MH		 2300 case HCI_OP_RESET:
2301 hci_cc_reset(hdev, skb);
2302 break;
2303
2304 case HCI_OP_WRITE_LOCAL_NAME:
2305 hci_cc_write_local_name(hdev, skb);
2306 break;
2307
2308 case HCI_OP_READ_LOCAL_NAME:
2309 hci_cc_read_local_name(hdev, skb);
2310 break;
2311
2312 case HCI_OP_WRITE_AUTH_ENABLE:
2313 hci_cc_write_auth_enable(hdev, skb);
2314 break;
2315
2316 case HCI_OP_WRITE_ENCRYPT_MODE:
2317 hci_cc_write_encrypt_mode(hdev, skb);
2318 break;
2319
2320 case HCI_OP_WRITE_SCAN_ENABLE:
2321 hci_cc_write_scan_enable(hdev, skb);
2322 break;
2323
2324 case HCI_OP_READ_CLASS_OF_DEV:
2325 hci_cc_read_class_of_dev(hdev, skb);
2326 break;
2327
2328 case HCI_OP_WRITE_CLASS_OF_DEV:
2329 hci_cc_write_class_of_dev(hdev, skb);
2330 break;
2331
2332 case HCI_OP_READ_VOICE_SETTING:
2333 hci_cc_read_voice_setting(hdev, skb);
2334 break;
2335
2336 case HCI_OP_WRITE_VOICE_SETTING:
2337 hci_cc_write_voice_setting(hdev, skb);
2338 break;
2339
2340 case HCI_OP_HOST_BUFFER_SIZE:
2341 hci_cc_host_buffer_size(hdev, skb);
2342 break;
2343
333140b5
MH		 2344 case HCI_OP_WRITE_SSP_MODE:
2345 hci_cc_write_ssp_mode(hdev, skb);
2346 break;
2347
a9de9248
MH		 2348 case HCI_OP_READ_LOCAL_VERSION:
2349 hci_cc_read_local_version(hdev, skb);
2350 break;
2351
2352 case HCI_OP_READ_LOCAL_COMMANDS:
2353 hci_cc_read_local_commands(hdev, skb);
2354 break;
2355
2356 case HCI_OP_READ_LOCAL_FEATURES:
2357 hci_cc_read_local_features(hdev, skb);
2358 break;
2359
971e3a4b
AG		 2360 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2361 hci_cc_read_local_ext_features(hdev, skb);
2362 break;
2363
a9de9248
MH		 2364 case HCI_OP_READ_BUFFER_SIZE:
2365 hci_cc_read_buffer_size(hdev, skb);
2366 break;
2367
2368 case HCI_OP_READ_BD_ADDR:
2369 hci_cc_read_bd_addr(hdev, skb);
2370 break;
2371
350ee4cf
AE		 2372 case HCI_OP_READ_DATA_BLOCK_SIZE:
2373 hci_cc_read_data_block_size(hdev, skb);
2374 break;
2375
23bb5763
JH		 2376 case HCI_OP_WRITE_CA_TIMEOUT:
2377 hci_cc_write_ca_timeout(hdev, skb);
2378 break;
2379
1e89cffb
AE		 2380 case HCI_OP_READ_FLOW_CONTROL_MODE:
2381 hci_cc_read_flow_control_mode(hdev, skb);
2382 break;
2383
928abaa7
AE		 2384 case HCI_OP_READ_LOCAL_AMP_INFO:
2385 hci_cc_read_local_amp_info(hdev, skb);
2386 break;
2387
903e4541
AE		 2388 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2389 hci_cc_read_local_amp_assoc(hdev, skb);
2390 break;
2391
b0916ea0
JH		 2392 case HCI_OP_DELETE_STORED_LINK_KEY:
2393 hci_cc_delete_stored_link_key(hdev, skb);
2394 break;
2395
d5859e22
JH		 2396 case HCI_OP_SET_EVENT_MASK:
2397 hci_cc_set_event_mask(hdev, skb);
2398 break;
2399
2400 case HCI_OP_WRITE_INQUIRY_MODE:
2401 hci_cc_write_inquiry_mode(hdev, skb);
2402 break;
2403
2404 case HCI_OP_READ_INQ_RSP_TX_POWER:
2405 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2406 break;
2407
2408 case HCI_OP_SET_EVENT_FLT:
2409 hci_cc_set_event_flt(hdev, skb);
2410 break;
2411
980e1a53
JH		 2412 case HCI_OP_PIN_CODE_REPLY:
2413 hci_cc_pin_code_reply(hdev, skb);
2414 break;
2415
2416 case HCI_OP_PIN_CODE_NEG_REPLY:
2417 hci_cc_pin_code_neg_reply(hdev, skb);
2418 break;
2419
c35938b2
SJ		 2420 case HCI_OP_READ_LOCAL_OOB_DATA:
2421 hci_cc_read_local_oob_data_reply(hdev, skb);
2422 break;
2423
6ed58ec5
VT		 2424 case HCI_OP_LE_READ_BUFFER_SIZE:
2425 hci_cc_le_read_buffer_size(hdev, skb);
2426 break;
2427
a5c29683
JH		 2428 case HCI_OP_USER_CONFIRM_REPLY:
2429 hci_cc_user_confirm_reply(hdev, skb);
2430 break;
2431
2432 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2433 hci_cc_user_confirm_neg_reply(hdev, skb);
2434 break;
2435
1143d458
BG		 2436 case HCI_OP_USER_PASSKEY_REPLY:
2437 hci_cc_user_passkey_reply(hdev, skb);
2438 break;
2439
2440 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2441 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2442 break;
07f7fa5d
AG		 2443
2444 case HCI_OP_LE_SET_SCAN_PARAM:
2445 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2446 break;
2447
eb9d91f5
AG		 2448 case HCI_OP_LE_SET_SCAN_ENABLE:
2449 hci_cc_le_set_scan_enable(hdev, skb);
2450 break;
2451
a7a595f6
VCG		 2452 case HCI_OP_LE_LTK_REPLY:
2453 hci_cc_le_ltk_reply(hdev, skb);
2454 break;
2455
2456 case HCI_OP_LE_LTK_NEG_REPLY:
2457 hci_cc_le_ltk_neg_reply(hdev, skb);
2458 break;
2459
f9b49306
AG		 2460 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2461 hci_cc_write_le_host_supported(hdev, skb);
2462 break;
2463
93c284ee
AE		 2464 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2465 hci_cc_write_remote_amp_assoc(hdev, skb);
2466 break;
2467
a9de9248 2468 default:
9f1db00c 2469 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2470 break;
2471 }
2472
6bd32326
VT		 2473 if (ev->opcode != HCI_OP_NOP)
2474 del_timer(&hdev->cmd_timer);
2475
a9de9248
MH		 2476 if (ev->ncmd) {
2477 atomic_set(&hdev->cmd_cnt, 1);
2478 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2479 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2480 }
2481}
2482
6039aa73 2483static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2484{
2485 struct hci_ev_cmd_status *ev = (void *) skb->data;
2486 __u16 opcode;
2487
2488 skb_pull(skb, sizeof(*ev));
2489
2490 opcode = __le16_to_cpu(ev->opcode);
2491
2492 switch (opcode) {
2493 case HCI_OP_INQUIRY:
2494 hci_cs_inquiry(hdev, ev->status);
2495 break;
2496
2497 case HCI_OP_CREATE_CONN:
2498 hci_cs_create_conn(hdev, ev->status);
2499 break;
2500
2501 case HCI_OP_ADD_SCO:
2502 hci_cs_add_sco(hdev, ev->status);
2503 break;
2504
f8558555
MH		 2505 case HCI_OP_AUTH_REQUESTED:
2506 hci_cs_auth_requested(hdev, ev->status);
2507 break;
2508
2509 case HCI_OP_SET_CONN_ENCRYPT:
2510 hci_cs_set_conn_encrypt(hdev, ev->status);
2511 break;
2512
a9de9248
MH		 2513 case HCI_OP_REMOTE_NAME_REQ:
2514 hci_cs_remote_name_req(hdev, ev->status);
2515 break;
2516
769be974
MH		 2517 case HCI_OP_READ_REMOTE_FEATURES:
2518 hci_cs_read_remote_features(hdev, ev->status);
2519 break;
2520
2521 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2522 hci_cs_read_remote_ext_features(hdev, ev->status);
2523 break;
2524
a9de9248
MH		 2525 case HCI_OP_SETUP_SYNC_CONN:
2526 hci_cs_setup_sync_conn(hdev, ev->status);
2527 break;
2528
2529 case HCI_OP_SNIFF_MODE:
2530 hci_cs_sniff_mode(hdev, ev->status);
2531 break;
2532
2533 case HCI_OP_EXIT_SNIFF_MODE:
2534 hci_cs_exit_sniff_mode(hdev, ev->status);
2535 break;
2536
8962ee74 2537 case HCI_OP_DISCONNECT:
88c3df13 2538 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2539 break;
2540
fcd89c09
VT		 2541 case HCI_OP_LE_CREATE_CONN:
2542 hci_cs_le_create_conn(hdev, ev->status);
2543 break;
2544
a7a595f6
VCG		 2545 case HCI_OP_LE_START_ENC:
2546 hci_cs_le_start_enc(hdev, ev->status);
2547 break;
2548
a02226d6
AE		 2549 case HCI_OP_CREATE_PHY_LINK:
2550 hci_cs_create_phylink(hdev, ev->status);
2551 break;
2552
a9de9248 2553 default:
9f1db00c 2554 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2555 break;
2556 }
2557
6bd32326
VT		 2558 if (ev->opcode != HCI_OP_NOP)
2559 del_timer(&hdev->cmd_timer);
2560
10572132 2561 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2562 atomic_set(&hdev->cmd_cnt, 1);
2563 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2564 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2565 }
2566}
2567
6039aa73 2568static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2569{
2570 struct hci_ev_role_change *ev = (void *) skb->data;
2571 struct hci_conn *conn;
2572
9f1db00c 2573 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2574
2575 hci_dev_lock(hdev);
2576
2577 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2578 if (conn) {
2579 if (!ev->status) {
2580 if (ev->role)
2581 conn->link_mode &= ~HCI_LM_MASTER;
2582 else
2583 conn->link_mode |= HCI_LM_MASTER;
2584 }
2585
51a8efd7 2586 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2587
2588 hci_role_switch_cfm(conn, ev->status, ev->role);
2589 }
2590
2591 hci_dev_unlock(hdev);
2592}
2593
6039aa73 2594static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2595{
2596 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2597 int i;
2598
32ac5b9b
AE		 2599 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2600 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2601 return;
2602 }
2603
c5993de8 2604 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2605 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2606 BT_DBG("%s bad parameters", hdev->name);
2607 return;
2608 }
2609
c5993de8
AE		 2610 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2611
613a1c0c
AE		 2612 for (i = 0; i < ev->num_hndl; i++) {
2613 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2614 struct hci_conn *conn;
2615 __u16 handle, count;
2616
613a1c0c
AE		 2617 handle = __le16_to_cpu(info->handle);
2618 count = __le16_to_cpu(info->count);
a9de9248
MH		 2619
2620 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2621 if (!conn)
2622 continue;
2623
2624 conn->sent -= count;
2625
2626 switch (conn->type) {
2627 case ACL_LINK:
2628 hdev->acl_cnt += count;
2629 if (hdev->acl_cnt > hdev->acl_pkts)
2630 hdev->acl_cnt = hdev->acl_pkts;
2631 break;
2632
2633 case LE_LINK:
2634 if (hdev->le_pkts) {
2635 hdev->le_cnt += count;
2636 if (hdev->le_cnt > hdev->le_pkts)
2637 hdev->le_cnt = hdev->le_pkts;
2638 } else {
70f23020
AE		 2639 hdev->acl_cnt += count;
2640 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2641 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2642 }
f4280918
AE		 2643 break;
2644
2645 case SCO_LINK:
2646 hdev->sco_cnt += count;
2647 if (hdev->sco_cnt > hdev->sco_pkts)
2648 hdev->sco_cnt = hdev->sco_pkts;
2649 break;
2650
2651 default:
2652 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2653 break;
a9de9248
MH		 2654 }
2655 }
2656
3eff45ea 2657 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2658}
2659
6039aa73 2660static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2661{
2662 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2663 int i;
2664
2665 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2666 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2667 return;
2668 }
2669
2670 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2671 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2672 BT_DBG("%s bad parameters", hdev->name);
2673 return;
2674 }
2675
2676 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2677 ev->num_hndl);
25e89e99
AE		 2678
2679 for (i = 0; i < ev->num_hndl; i++) {
2680 struct hci_comp_blocks_info *info = &ev->handles[i];
2681 struct hci_conn *conn;
2682 __u16 handle, block_count;
2683
2684 handle = __le16_to_cpu(info->handle);
2685 block_count = __le16_to_cpu(info->blocks);
2686
2687 conn = hci_conn_hash_lookup_handle(hdev, handle);
2688 if (!conn)
2689 continue;
2690
2691 conn->sent -= block_count;
2692
2693 switch (conn->type) {
2694 case ACL_LINK:
2695 hdev->block_cnt += block_count;
2696 if (hdev->block_cnt > hdev->num_blocks)
2697 hdev->block_cnt = hdev->num_blocks;
2698 break;
2699
2700 default:
2701 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2702 break;
2703 }
2704 }
2705
2706 queue_work(hdev->workqueue, &hdev->tx_work);
2707}
2708
6039aa73 2709static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2710{
a9de9248 2711 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2712 struct hci_conn *conn;
2713
9f1db00c 2714 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2715
2716 hci_dev_lock(hdev);
2717
2718 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2719 if (conn) {
2720 conn->mode = ev->mode;
2721 conn->interval = __le16_to_cpu(ev->interval);
2722
8fc9ced3
GP		 2723 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2724 &conn->flags)) {
a9de9248 2725 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2726 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2727 else
58a681ef 2728 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2729 }
e73439d8 2730
51a8efd7 2731 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2732 hci_sco_setup(conn, ev->status);
04837f64
MH		 2733 }
2734
2735 hci_dev_unlock(hdev);
2736}
2737
6039aa73 2738static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2739{
052b30b0
MH		 2740 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2741 struct hci_conn *conn;
2742
a9de9248 2743 BT_DBG("%s", hdev->name);
052b30b0
MH		 2744
2745 hci_dev_lock(hdev);
2746
2747 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2748 if (!conn)
2749 goto unlock;
2750
2751 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2752 hci_conn_hold(conn);
2753 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2754 hci_conn_put(conn);
2755 }
2756
a8b2d5c2 2757 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2758 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2759 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2760 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2761 u8 secure;
2762
2763 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2764 secure = 1;
2765 else
2766 secure = 0;
2767
744cf19e 2768 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2769 }
980e1a53 2770
b6f98044 2771unlock:
052b30b0 2772 hci_dev_unlock(hdev);
a9de9248
MH		 2773}
2774
6039aa73 2775static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2776{
55ed8ca1
JH		 2777 struct hci_ev_link_key_req *ev = (void *) skb->data;
2778 struct hci_cp_link_key_reply cp;
2779 struct hci_conn *conn;
2780 struct link_key *key;
2781
a9de9248 2782 BT_DBG("%s", hdev->name);
55ed8ca1 2783
a8b2d5c2 2784 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2785 return;
2786
2787 hci_dev_lock(hdev);
2788
2789 key = hci_find_link_key(hdev, &ev->bdaddr);
2790 if (!key) {
2791 BT_DBG("%s link key not found for %s", hdev->name,
807deac2 2792 batostr(&ev->bdaddr));
55ed8ca1
JH		 2793 goto not_found;
2794 }
2795
2796 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
807deac2 2797 batostr(&ev->bdaddr));
55ed8ca1 2798
a8b2d5c2 2799 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2800 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2801 BT_DBG("%s ignoring debug key", hdev->name);
2802 goto not_found;
2803 }
2804
2805 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2806 if (conn) {
2807 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2808 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2809 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2810 goto not_found;
2811 }
55ed8ca1 2812
60b83f57 2813 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2814 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2815 BT_DBG("%s ignoring key unauthenticated for high security",
2816 hdev->name);
60b83f57
WR		 2817 goto not_found;
2818 }
2819
2820 conn->key_type = key->type;
2821 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2822 }
2823
2824 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2825 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2826
2827 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2828
2829 hci_dev_unlock(hdev);
2830
2831 return;
2832
2833not_found:
2834 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2835 hci_dev_unlock(hdev);
a9de9248
MH		 2836}
2837
6039aa73 2838static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2839{
052b30b0
MH		 2840 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2841 struct hci_conn *conn;
55ed8ca1 2842 u8 pin_len = 0;
052b30b0 2843
a9de9248 2844 BT_DBG("%s", hdev->name);
052b30b0
MH		 2845
2846 hci_dev_lock(hdev);
2847
2848 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2849 if (conn) {
2850 hci_conn_hold(conn);
2851 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2852 pin_len = conn->pin_length;
13d39315
WR		 2853
2854 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2855 conn->key_type = ev->key_type;
2856
052b30b0
MH		 2857 hci_conn_put(conn);
2858 }
2859
a8b2d5c2 2860 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2861 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2862 ev->key_type, pin_len);
55ed8ca1 2863
052b30b0 2864 hci_dev_unlock(hdev);
a9de9248
MH		 2865}
2866
6039aa73 2867static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2868{
a9de9248 2869 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2870 struct hci_conn *conn;
1da177e4 2871
9f1db00c 2872 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2873
2874 hci_dev_lock(hdev);
2875
04837f64 2876 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2877 if (conn && !ev->status) {
2878 struct inquiry_entry *ie;
2879
cc11b9c1
AE		 2880 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2881 if (ie) {
1da177e4
LT		 2882 ie->data.clock_offset = ev->clock_offset;
2883 ie->timestamp = jiffies;
2884 }
2885 }
2886
2887 hci_dev_unlock(hdev);
2888}
2889
6039aa73 2890static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2891{
2892 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2893 struct hci_conn *conn;
2894
9f1db00c 2895 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2896
2897 hci_dev_lock(hdev);
2898
2899 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2900 if (conn && !ev->status)
2901 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2902
2903 hci_dev_unlock(hdev);
2904}
2905
6039aa73 2906static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2907{
a9de9248 2908 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2909 struct inquiry_entry *ie;
2910
2911 BT_DBG("%s", hdev->name);
2912
2913 hci_dev_lock(hdev);
2914
cc11b9c1
AE		 2915 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2916 if (ie) {
85a1e930
MH		 2917 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2918 ie->timestamp = jiffies;
2919 }
2920
2921 hci_dev_unlock(hdev);
2922}
2923
6039aa73
GP		 2924static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2925 struct sk_buff *skb)
a9de9248
MH		 2926{
2927 struct inquiry_data data;
2928 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2929 bool name_known, ssp;
a9de9248
MH		 2930
2931 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2932
2933 if (!num_rsp)
2934 return;
2935
1519cc17
AG		 2936 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2937 return;
2938
a9de9248
MH		 2939 hci_dev_lock(hdev);
2940
2941 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2942 struct inquiry_info_with_rssi_and_pscan_mode *info;
2943 info = (void *) (skb->data + 1);
a9de9248 2944
e17acd40 2945 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2946 bacpy(&data.bdaddr, &info->bdaddr);
2947 data.pscan_rep_mode = info->pscan_rep_mode;
2948 data.pscan_period_mode = info->pscan_period_mode;
2949 data.pscan_mode = info->pscan_mode;
2950 memcpy(data.dev_class, info->dev_class, 3);
2951 data.clock_offset = info->clock_offset;
2952 data.rssi = info->rssi;
41a96212 2953 data.ssp_mode = 0x00;
3175405b
JH		 2954
2955 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2956 false, &ssp);
48264f06 2957 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2958 info->dev_class, info->rssi,
2959 !name_known, ssp, NULL, 0);
a9de9248
MH		 2960 }
2961 } else {
2962 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2963
e17acd40 2964 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2965 bacpy(&data.bdaddr, &info->bdaddr);
2966 data.pscan_rep_mode = info->pscan_rep_mode;
2967 data.pscan_period_mode = info->pscan_period_mode;
2968 data.pscan_mode = 0x00;
2969 memcpy(data.dev_class, info->dev_class, 3);
2970 data.clock_offset = info->clock_offset;
2971 data.rssi = info->rssi;
41a96212 2972 data.ssp_mode = 0x00;
3175405b 2973 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2974 false, &ssp);
48264f06 2975 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2976 info->dev_class, info->rssi,
2977 !name_known, ssp, NULL, 0);
a9de9248
MH		 2978 }
2979 }
2980
2981 hci_dev_unlock(hdev);
2982}
2983
6039aa73
GP		 2984static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2985 struct sk_buff *skb)
a9de9248 2986{
41a96212
MH		 2987 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2988 struct hci_conn *conn;
2989
a9de9248 2990 BT_DBG("%s", hdev->name);
41a96212 2991
41a96212
MH		 2992 hci_dev_lock(hdev);
2993
2994 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2995 if (!conn)
2996 goto unlock;
41a96212 2997
ccd556fe
JH		 2998 if (!ev->status && ev->page == 0x01) {
2999 struct inquiry_entry *ie;
41a96212 3000
cc11b9c1
AE		 3001 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3002 if (ie)
02b7cc62 3003 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 3004
02b7cc62 3005 if (ev->features[0] & LMP_HOST_SSP)
58a681ef 3006 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 3007 }
3008
3009 if (conn->state != BT_CONFIG)
3010 goto unlock;
3011
671267bf 3012 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 3013 struct hci_cp_remote_name_req cp;
3014 memset(&cp, 0, sizeof(cp));
3015 bacpy(&cp.bdaddr, &conn->dst);
3016 cp.pscan_rep_mode = 0x02;
3017 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 3018 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3019 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 3020 conn->dst_type, 0, NULL, 0,
3021 conn->dev_class);
392599b9 3022
127178d2 3023 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 3024 conn->state = BT_CONNECTED;
3025 hci_proto_connect_cfm(conn, ev->status);
3026 hci_conn_put(conn);
41a96212
MH		 3027 }
3028
ccd556fe 3029unlock:
41a96212 3030 hci_dev_unlock(hdev);
a9de9248
MH		 3031}
3032
6039aa73
GP		 3033static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3034 struct sk_buff *skb)
a9de9248 3035{
b6a0dc82
MH		 3036 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3037 struct hci_conn *conn;
3038
9f1db00c 3039 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 3040
3041 hci_dev_lock(hdev);
3042
3043 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 3044 if (!conn) {
3045 if (ev->link_type == ESCO_LINK)
3046 goto unlock;
3047
3048 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3049 if (!conn)
3050 goto unlock;
3051
3052 conn->type = SCO_LINK;
3053 }
b6a0dc82 3054
732547f9
MH		 3055 switch (ev->status) {
3056 case 0x00:
b6a0dc82
MH		 3057 conn->handle = __le16_to_cpu(ev->handle);
3058 conn->state = BT_CONNECTED;
7d0db0a3 3059
9eba32b8 3060 hci_conn_hold_device(conn);
7d0db0a3 3061 hci_conn_add_sysfs(conn);
732547f9
MH		 3062 break;
3063
705e5711 3064 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 3065 case 0x1c: /* SCO interval rejected */
1038a00b 3066 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 3067 case 0x1f: /* Unspecified error */
3068 if (conn->out && conn->attempt < 2) {
3069 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3070 (hdev->esco_type & EDR_ESCO_MASK);
3071 hci_setup_sync(conn, conn->link->handle);
3072 goto unlock;
3073 }
3074 /* fall through */
3075
3076 default:
b6a0dc82 3077 conn->state = BT_CLOSED;
732547f9
MH		 3078 break;
3079 }
b6a0dc82
MH		 3080
3081 hci_proto_connect_cfm(conn, ev->status);
3082 if (ev->status)
3083 hci_conn_del(conn);
3084
3085unlock:
3086 hci_dev_unlock(hdev);
a9de9248
MH		 3087}
3088
6039aa73 3089static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 3090{
3091 BT_DBG("%s", hdev->name);
3092}
3093
6039aa73 3094static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 3095{
a9de9248 3096 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64 3097
9f1db00c 3098 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 3099}
3100
6039aa73
GP		 3101static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3102 struct sk_buff *skb)
1da177e4 3103{
a9de9248
MH		 3104 struct inquiry_data data;
3105 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3106 int num_rsp = *((__u8 *) skb->data);
9d939d94 3107 size_t eir_len;
1da177e4 3108
a9de9248 3109 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 3110
a9de9248
MH		 3111 if (!num_rsp)
3112 return;
1da177e4 3113
1519cc17
AG		 3114 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3115 return;
3116
a9de9248
MH		 3117 hci_dev_lock(hdev);
3118
e17acd40 3119 for (; num_rsp; num_rsp--, info++) {
388fc8fa 3120 bool name_known, ssp;
561aafbc 3121
a9de9248 3122 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 3123 data.pscan_rep_mode = info->pscan_rep_mode;
3124 data.pscan_period_mode = info->pscan_period_mode;
3125 data.pscan_mode = 0x00;
a9de9248 3126 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 3127 data.clock_offset = info->clock_offset;
3128 data.rssi = info->rssi;
41a96212 3129 data.ssp_mode = 0x01;
561aafbc 3130
a8b2d5c2 3131 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 3132 name_known = eir_has_data_type(info->data,
04124681
GP		 3133 sizeof(info->data),
3134 EIR_NAME_COMPLETE);
561aafbc
JH		 3135 else
3136 name_known = true;
3137
388fc8fa 3138 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 3139 &ssp);
9d939d94 3140 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 3141 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 3142 info->dev_class, info->rssi, !name_known,
9d939d94 3143 ssp, info->data, eir_len);
a9de9248
MH		 3144 }
3145
3146 hci_dev_unlock(hdev);
3147}
1da177e4 3148
1c2e0041
JH		 3149static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3150 struct sk_buff *skb)
3151{
3152 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3153 struct hci_conn *conn;
3154
9f1db00c 3155 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3156 __le16_to_cpu(ev->handle));
3157
3158 hci_dev_lock(hdev);
3159
3160 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3161 if (!conn)
3162 goto unlock;
3163
3164 if (!ev->status)
3165 conn->sec_level = conn->pending_sec_level;
3166
3167 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3168
3169 if (ev->status && conn->state == BT_CONNECTED) {
3170 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3171 hci_conn_put(conn);
3172 goto unlock;
3173 }
3174
3175 if (conn->state == BT_CONFIG) {
3176 if (!ev->status)
3177 conn->state = BT_CONNECTED;
3178
3179 hci_proto_connect_cfm(conn, ev->status);
3180 hci_conn_put(conn);
3181 } else {
3182 hci_auth_cfm(conn, ev->status);
3183
3184 hci_conn_hold(conn);
3185 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3186 hci_conn_put(conn);
3187 }
3188
3189unlock:
3190 hci_dev_unlock(hdev);
3191}
3192
6039aa73 3193static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3194{
3195 /* If remote requests dedicated bonding follow that lead */
3196 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3197 /* If both remote and local IO capabilities allow MITM
3198 * protection then require it, otherwise don't */
3199 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3200 return 0x02;
3201 else
3202 return 0x03;
3203 }
3204
3205 /* If remote requests no-bonding follow that lead */
3206 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 3207 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3208
3209 return conn->auth_type;
3210}
3211
6039aa73 3212static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3213{
3214 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3215 struct hci_conn *conn;
3216
3217 BT_DBG("%s", hdev->name);
3218
3219 hci_dev_lock(hdev);
3220
3221 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3222 if (!conn)
3223 goto unlock;
3224
3225 hci_conn_hold(conn);
3226
a8b2d5c2 3227 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3228 goto unlock;
3229
a8b2d5c2 3230 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3231 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3232 struct hci_cp_io_capability_reply cp;
3233
3234 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3235 /* Change the IO capability from KeyboardDisplay
3236 * to DisplayYesNo as it is not supported by BT spec. */
3237 cp.capability = (conn->io_capability == 0x04) ?
3238 0x01 : conn->io_capability;
7cbc9bd9
JH		 3239 conn->auth_type = hci_get_auth_req(conn);
3240 cp.authentication = conn->auth_type;
17fa4b9d 3241
8fc9ced3
GP		 3242 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3243 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3244 cp.oob_data = 0x01;
3245 else
3246 cp.oob_data = 0x00;
3247
17fa4b9d 3248 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3249 sizeof(cp), &cp);
03b555e1
JH		 3250 } else {
3251 struct hci_cp_io_capability_neg_reply cp;
3252
3253 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3254 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3255
03b555e1 3256 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3257 sizeof(cp), &cp);
03b555e1
JH		 3258 }
3259
3260unlock:
3261 hci_dev_unlock(hdev);
3262}
3263
6039aa73 3264static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3265{
3266 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3267 struct hci_conn *conn;
3268
3269 BT_DBG("%s", hdev->name);
3270
3271 hci_dev_lock(hdev);
3272
3273 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3274 if (!conn)
3275 goto unlock;
3276
03b555e1 3277 conn->remote_cap = ev->capability;
03b555e1 3278 conn->remote_auth = ev->authentication;
58a681ef
JH		 3279 if (ev->oob_data)
3280 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3281
3282unlock:
0493684e
MH		 3283 hci_dev_unlock(hdev);
3284}
3285
6039aa73
GP		 3286static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3287 struct sk_buff *skb)
a5c29683
JH		 3288{
3289 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3290 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3291 struct hci_conn *conn;
a5c29683
JH		 3292
3293 BT_DBG("%s", hdev->name);
3294
3295 hci_dev_lock(hdev);
3296
a8b2d5c2 3297 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3298 goto unlock;
a5c29683 3299
7a828908
JH		 3300 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3301 if (!conn)
3302 goto unlock;
3303
3304 loc_mitm = (conn->auth_type & 0x01);
3305 rem_mitm = (conn->remote_auth & 0x01);
3306
3307 /* If we require MITM but the remote device can't provide that
3308 * (it has NoInputNoOutput) then reject the confirmation
3309 * request. The only exception is when we're dedicated bonding
3310 * initiators (connect_cfm_cb set) since then we always have the MITM
3311 * bit set. */
3312 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3313 BT_DBG("Rejecting request: remote device can't provide MITM");
3314 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3315 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3316 goto unlock;
3317 }
3318
3319 /* If no side requires MITM protection; auto-accept */
3320 if ((!loc_mitm || conn->remote_cap == 0x03) &&
807deac2 3321 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3322
3323 /* If we're not the initiators request authorization to
3324 * proceed from user space (mgmt_user_confirm with
3325 * confirm_hint set to 1). */
51a8efd7 3326 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3327 BT_DBG("Confirming auto-accept as acceptor");
3328 confirm_hint = 1;
3329 goto confirm;
3330 }
3331
9f61656a 3332 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3333 hdev->auto_accept_delay);
9f61656a
JH		 3334
3335 if (hdev->auto_accept_delay > 0) {
3336 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3337 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3338 goto unlock;
3339 }
3340
7a828908 3341 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3342 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3343 goto unlock;
3344 }
3345
55bc1a37 3346confirm:
272d90df 3347 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3348 confirm_hint);
7a828908
JH		 3349
3350unlock:
a5c29683
JH		 3351 hci_dev_unlock(hdev);
3352}
3353
6039aa73
GP		 3354static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3355 struct sk_buff *skb)
1143d458
BG		 3356{
3357 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3358
3359 BT_DBG("%s", hdev->name);
3360
a8b2d5c2 3361 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3362 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3363}
3364
92a25256
JH		 3365static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3366 struct sk_buff *skb)
3367{
3368 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3369 struct hci_conn *conn;
3370
3371 BT_DBG("%s", hdev->name);
3372
3373 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3374 if (!conn)
3375 return;
3376
3377 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3378 conn->passkey_entered = 0;
3379
3380 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3381 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3382 conn->dst_type, conn->passkey_notify,
3383 conn->passkey_entered);
3384}
3385
3386static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3387{
3388 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3389 struct hci_conn *conn;
3390
3391 BT_DBG("%s", hdev->name);
3392
3393 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3394 if (!conn)
3395 return;
3396
3397 switch (ev->type) {
3398 case HCI_KEYPRESS_STARTED:
3399 conn->passkey_entered = 0;
3400 return;
3401
3402 case HCI_KEYPRESS_ENTERED:
3403 conn->passkey_entered++;
3404 break;
3405
3406 case HCI_KEYPRESS_ERASED:
3407 conn->passkey_entered--;
3408 break;
3409
3410 case HCI_KEYPRESS_CLEARED:
3411 conn->passkey_entered = 0;
3412 break;
3413
3414 case HCI_KEYPRESS_COMPLETED:
3415 return;
3416 }
3417
3418 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3419 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3420 conn->dst_type, conn->passkey_notify,
3421 conn->passkey_entered);
3422}
3423
6039aa73
GP		 3424static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3425 struct sk_buff *skb)
0493684e
MH		 3426{
3427 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3428 struct hci_conn *conn;
3429
3430 BT_DBG("%s", hdev->name);
3431
3432 hci_dev_lock(hdev);
3433
3434 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3435 if (!conn)
3436 goto unlock;
3437
3438 /* To avoid duplicate auth_failed events to user space we check
3439 * the HCI_CONN_AUTH_PEND flag which will be set if we
3440 * initiated the authentication. A traditional auth_complete
3441 * event gets always produced as initiator and is also mapped to
3442 * the mgmt_auth_failed event */
fa1bd918 3443 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3444 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3445 ev->status);
0493684e 3446
2a611692
JH		 3447 hci_conn_put(conn);
3448
3449unlock:
0493684e
MH		 3450 hci_dev_unlock(hdev);
3451}
3452
6039aa73
GP		 3453static void hci_remote_host_features_evt(struct hci_dev *hdev,
3454 struct sk_buff *skb)
41a96212
MH		 3455{
3456 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3457 struct inquiry_entry *ie;
3458
3459 BT_DBG("%s", hdev->name);
3460
3461 hci_dev_lock(hdev);
3462
cc11b9c1
AE		 3463 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3464 if (ie)
02b7cc62 3465 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3466
3467 hci_dev_unlock(hdev);
3468}
3469
6039aa73
GP		 3470static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3471 struct sk_buff *skb)
2763eda6
SJ		 3472{
3473 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3474 struct oob_data *data;
3475
3476 BT_DBG("%s", hdev->name);
3477
3478 hci_dev_lock(hdev);
3479
a8b2d5c2 3480 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3481 goto unlock;
3482
2763eda6
SJ		 3483 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3484 if (data) {
3485 struct hci_cp_remote_oob_data_reply cp;
3486
3487 bacpy(&cp.bdaddr, &ev->bdaddr);
3488 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3489 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3490
3491 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3492 &cp);
2763eda6
SJ		 3493 } else {
3494 struct hci_cp_remote_oob_data_neg_reply cp;
3495
3496 bacpy(&cp.bdaddr, &ev->bdaddr);
3497 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3498 &cp);
2763eda6
SJ		 3499 }
3500
e1ba1f15 3501unlock:
2763eda6
SJ		 3502 hci_dev_unlock(hdev);
3503}
3504
6039aa73 3505static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3506{
3507 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3508 struct hci_conn *conn;
3509
9f1db00c 3510 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3511
3512 hci_dev_lock(hdev);
3513
b47a09b3 3514 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3515 if (!conn) {
3516 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3517 if (!conn) {
3518 BT_ERR("No memory for new connection");
230fd16a 3519 goto unlock;
b62f328b 3520 }
29b7988a
AG		 3521
3522 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3523
3524 if (ev->role == LE_CONN_ROLE_MASTER) {
3525 conn->out = true;
3526 conn->link_mode |= HCI_LM_MASTER;
3527 }
b62f328b 3528 }
fcd89c09 3529
cd17decb
AG		 3530 if (ev->status) {
3531 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3532 conn->dst_type, ev->status);
3533 hci_proto_connect_cfm(conn, ev->status);
3534 conn->state = BT_CLOSED;
3535 hci_conn_del(conn);
3536 goto unlock;
3537 }
3538
b644ba33
JH		 3539 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3540 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3541 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3542
7b5c0d52 3543 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3544 conn->handle = __le16_to_cpu(ev->handle);
3545 conn->state = BT_CONNECTED;
3546
3547 hci_conn_hold_device(conn);
3548 hci_conn_add_sysfs(conn);
3549
3550 hci_proto_connect_cfm(conn, ev->status);
3551
3552unlock:
3553 hci_dev_unlock(hdev);
3554}
3555
6039aa73 3556static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3557{
e95beb41
AG		 3558 u8 num_reports = skb->data[0];
3559 void *ptr = &skb->data[1];
3c9e9195 3560 s8 rssi;
9aa04c91
AG		 3561
3562 hci_dev_lock(hdev);
3563
e95beb41
AG		 3564 while (num_reports--) {
3565 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3566
3c9e9195
AG		 3567 rssi = ev->data[ev->length];
3568 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3569 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3570
e95beb41 3571 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3572 }
3573
3574 hci_dev_unlock(hdev);
3575}
3576
6039aa73 3577static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3578{
3579 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3580 struct hci_cp_le_ltk_reply cp;
bea710fe 3581 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3582 struct hci_conn *conn;
c9839a11 3583 struct smp_ltk *ltk;
a7a595f6 3584
9f1db00c 3585 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3586
3587 hci_dev_lock(hdev);
3588
3589 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3590 if (conn == NULL)
3591 goto not_found;
a7a595f6 3592
bea710fe
VCG		 3593 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3594 if (ltk == NULL)
3595 goto not_found;
3596
3597 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3598 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3599
3600 if (ltk->authenticated)
3601 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3602
3603 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3604
c9839a11
VCG		 3605 if (ltk->type & HCI_SMP_STK) {
3606 list_del(&ltk->list);
3607 kfree(ltk);
3608 }
3609
a7a595f6 3610 hci_dev_unlock(hdev);
bea710fe
VCG		 3611
3612 return;
3613
3614not_found:
3615 neg.handle = ev->handle;
3616 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3617 hci_dev_unlock(hdev);
a7a595f6
VCG		 3618}
3619
6039aa73 3620static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3621{
3622 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3623
3624 skb_pull(skb, sizeof(*le_ev));
3625
3626 switch (le_ev->subevent) {
3627 case HCI_EV_LE_CONN_COMPLETE:
3628 hci_le_conn_complete_evt(hdev, skb);
3629 break;
3630
9aa04c91
AG		 3631 case HCI_EV_LE_ADVERTISING_REPORT:
3632 hci_le_adv_report_evt(hdev, skb);
3633 break;
3634
a7a595f6
VCG		 3635 case HCI_EV_LE_LTK_REQ:
3636 hci_le_ltk_request_evt(hdev, skb);
3637 break;
3638
fcd89c09
VT		 3639 default:
3640 break;
3641 }
3642}
3643
a9de9248
MH		 3644void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3645{
3646 struct hci_event_hdr *hdr = (void *) skb->data;
3647 __u8 event = hdr->evt;
3648
3649 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3650
3651 switch (event) {
1da177e4
LT		 3652 case HCI_EV_INQUIRY_COMPLETE:
3653 hci_inquiry_complete_evt(hdev, skb);
3654 break;
3655
3656 case HCI_EV_INQUIRY_RESULT:
3657 hci_inquiry_result_evt(hdev, skb);
3658 break;
3659
a9de9248
MH		 3660 case HCI_EV_CONN_COMPLETE:
3661 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3662 break;
3663
1da177e4
LT		 3664 case HCI_EV_CONN_REQUEST:
3665 hci_conn_request_evt(hdev, skb);
3666 break;
3667
1da177e4
LT		 3668 case HCI_EV_DISCONN_COMPLETE:
3669 hci_disconn_complete_evt(hdev, skb);
3670 break;
3671
1da177e4
LT		 3672 case HCI_EV_AUTH_COMPLETE:
3673 hci_auth_complete_evt(hdev, skb);
3674 break;
3675
a9de9248
MH		 3676 case HCI_EV_REMOTE_NAME:
3677 hci_remote_name_evt(hdev, skb);
3678 break;
3679
1da177e4
LT		 3680 case HCI_EV_ENCRYPT_CHANGE:
3681 hci_encrypt_change_evt(hdev, skb);
3682 break;
3683
a9de9248
MH		 3684 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3685 hci_change_link_key_complete_evt(hdev, skb);
3686 break;
3687
3688 case HCI_EV_REMOTE_FEATURES:
3689 hci_remote_features_evt(hdev, skb);
3690 break;
3691
3692 case HCI_EV_REMOTE_VERSION:
3693 hci_remote_version_evt(hdev, skb);
3694 break;
3695
3696 case HCI_EV_QOS_SETUP_COMPLETE:
3697 hci_qos_setup_complete_evt(hdev, skb);
3698 break;
3699
3700 case HCI_EV_CMD_COMPLETE:
3701 hci_cmd_complete_evt(hdev, skb);
3702 break;
3703
3704 case HCI_EV_CMD_STATUS:
3705 hci_cmd_status_evt(hdev, skb);
3706 break;
3707
3708 case HCI_EV_ROLE_CHANGE:
3709 hci_role_change_evt(hdev, skb);
3710 break;
3711
3712 case HCI_EV_NUM_COMP_PKTS:
3713 hci_num_comp_pkts_evt(hdev, skb);
3714 break;
3715
3716 case HCI_EV_MODE_CHANGE:
3717 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3718 break;
3719
3720 case HCI_EV_PIN_CODE_REQ:
3721 hci_pin_code_request_evt(hdev, skb);
3722 break;
3723
3724 case HCI_EV_LINK_KEY_REQ:
3725 hci_link_key_request_evt(hdev, skb);
3726 break;
3727
3728 case HCI_EV_LINK_KEY_NOTIFY:
3729 hci_link_key_notify_evt(hdev, skb);
3730 break;
3731
3732 case HCI_EV_CLOCK_OFFSET:
3733 hci_clock_offset_evt(hdev, skb);
3734 break;
3735
a8746417
MH		 3736 case HCI_EV_PKT_TYPE_CHANGE:
3737 hci_pkt_type_change_evt(hdev, skb);
3738 break;
3739
85a1e930
MH		 3740 case HCI_EV_PSCAN_REP_MODE:
3741 hci_pscan_rep_mode_evt(hdev, skb);
3742 break;
3743
a9de9248
MH		 3744 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3745 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3746 break;
3747
a9de9248
MH		 3748 case HCI_EV_REMOTE_EXT_FEATURES:
3749 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3750 break;
3751
a9de9248
MH		 3752 case HCI_EV_SYNC_CONN_COMPLETE:
3753 hci_sync_conn_complete_evt(hdev, skb);
3754 break;
1da177e4 3755
a9de9248
MH		 3756 case HCI_EV_SYNC_CONN_CHANGED:
3757 hci_sync_conn_changed_evt(hdev, skb);
3758 break;
1da177e4 3759
a9de9248
MH		 3760 case HCI_EV_SNIFF_SUBRATE:
3761 hci_sniff_subrate_evt(hdev, skb);
3762 break;
1da177e4 3763
a9de9248
MH		 3764 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3765 hci_extended_inquiry_result_evt(hdev, skb);
3766 break;
1da177e4 3767
1c2e0041
JH		 3768 case HCI_EV_KEY_REFRESH_COMPLETE:
3769 hci_key_refresh_complete_evt(hdev, skb);
3770 break;
3771
0493684e
MH		 3772 case HCI_EV_IO_CAPA_REQUEST:
3773 hci_io_capa_request_evt(hdev, skb);
3774 break;
3775
03b555e1
JH		 3776 case HCI_EV_IO_CAPA_REPLY:
3777 hci_io_capa_reply_evt(hdev, skb);
3778 break;
3779
a5c29683
JH		 3780 case HCI_EV_USER_CONFIRM_REQUEST:
3781 hci_user_confirm_request_evt(hdev, skb);
3782 break;
3783
1143d458
BG		 3784 case HCI_EV_USER_PASSKEY_REQUEST:
3785 hci_user_passkey_request_evt(hdev, skb);
3786 break;
3787
92a25256
JH		 3788 case HCI_EV_USER_PASSKEY_NOTIFY:
3789 hci_user_passkey_notify_evt(hdev, skb);
3790 break;
3791
3792 case HCI_EV_KEYPRESS_NOTIFY:
3793 hci_keypress_notify_evt(hdev, skb);
3794 break;
3795
0493684e
MH		 3796 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3797 hci_simple_pair_complete_evt(hdev, skb);
3798 break;
3799
41a96212
MH		 3800 case HCI_EV_REMOTE_HOST_FEATURES:
3801 hci_remote_host_features_evt(hdev, skb);
3802 break;
3803
fcd89c09
VT		 3804 case HCI_EV_LE_META:
3805 hci_le_meta_evt(hdev, skb);
3806 break;
3807
2763eda6
SJ		 3808 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3809 hci_remote_oob_data_request_evt(hdev, skb);
3810 break;
3811
25e89e99
AE		 3812 case HCI_EV_NUM_COMP_BLOCKS:
3813 hci_num_comp_blocks_evt(hdev, skb);
3814 break;
3815
a9de9248 3816 default:
9f1db00c 3817 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3818 break;
3819 }
3820
3821 kfree_skb(skb);
3822 hdev->stat.evt_rx++;
3823}
kernel source for telekom puls (alcatel/mediatek)