projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Remove unneeded hci_cc_read_ssp_mode function
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
1da177e4
LT		 38#include <net/sock.h>
39
40#include <asm/system.h>
70f23020 41#include <linux/uaccess.h>
1da177e4
LT		 42#include <asm/unaligned.h>
43
44#include <net/bluetooth/bluetooth.h>
45#include <net/bluetooth/hci_core.h>
46
1da177e4
LT		 47/* Handle HCI Event packets */
48
a9de9248 49static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 50{
a9de9248 51 __u8 status = *((__u8 *) skb->data);
1da177e4 52
a9de9248 53 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 54
e6d465cb
AG		 55 if (status) {
56 hci_dev_lock(hdev);
57 mgmt_stop_discovery_failed(hdev, status);
58 hci_dev_unlock(hdev);
a9de9248 59 return;
e6d465cb 60 }
1da177e4 61
89352e7d
AG		 62 clear_bit(HCI_INQUIRY, &hdev->flags);
63
56e5cb86 64 hci_dev_lock(hdev);
ff9ef578 65 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 66 hci_dev_unlock(hdev);
6bd57416 67
23bb5763 68 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 69
70 hci_conn_check_pending(hdev);
71}
6bd57416 72
a9de9248
MH		 73static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
74{
75 __u8 status = *((__u8 *) skb->data);
6bd57416 76
a9de9248 77 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 78
a9de9248
MH		 79 if (status)
80 return;
1da177e4 81
a9de9248
MH		 82 hci_conn_check_pending(hdev);
83}
84
85static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 BT_DBG("%s", hdev->name);
88}
89
90static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
91{
92 struct hci_rp_role_discovery *rp = (void *) skb->data;
93 struct hci_conn *conn;
94
95 BT_DBG("%s status 0x%x", hdev->name, rp->status);
96
97 if (rp->status)
98 return;
99
100 hci_dev_lock(hdev);
101
102 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
103 if (conn) {
104 if (rp->role)
105 conn->link_mode &= ~HCI_LM_MASTER;
106 else
107 conn->link_mode |= HCI_LM_MASTER;
1da177e4 108 }
a9de9248
MH		 109
110 hci_dev_unlock(hdev);
1da177e4
LT		 111}
112
e4e8e37c
MH		 113static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
114{
115 struct hci_rp_read_link_policy *rp = (void *) skb->data;
116 struct hci_conn *conn;
117
118 BT_DBG("%s status 0x%x", hdev->name, rp->status);
119
120 if (rp->status)
121 return;
122
123 hci_dev_lock(hdev);
124
125 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
126 if (conn)
127 conn->link_policy = __le16_to_cpu(rp->policy);
128
129 hci_dev_unlock(hdev);
130}
131
a9de9248 132static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 133{
a9de9248 134 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 135 struct hci_conn *conn;
04837f64 136 void *sent;
1da177e4 137
a9de9248 138 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 139
a9de9248
MH		 140 if (rp->status)
141 return;
1da177e4 142
a9de9248
MH		 143 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144 if (!sent)
145 return;
1da177e4 146
a9de9248 147 hci_dev_lock(hdev);
1da177e4 148
a9de9248 149 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 150 if (conn)
83985319 151 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 152
a9de9248
MH		 153 hci_dev_unlock(hdev);
154}
1da177e4 155
e4e8e37c
MH		 156static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
157{
158 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
159
160 BT_DBG("%s status 0x%x", hdev->name, rp->status);
161
162 if (rp->status)
163 return;
164
165 hdev->link_policy = __le16_to_cpu(rp->policy);
166}
167
168static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
169{
170 __u8 status = *((__u8 *) skb->data);
171 void *sent;
172
173 BT_DBG("%s status 0x%x", hdev->name, status);
174
175 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
176 if (!sent)
177 return;
178
179 if (!status)
180 hdev->link_policy = get_unaligned_le16(sent);
181
23bb5763 182 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 183}
184
a9de9248
MH		 185static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
186{
187 __u8 status = *((__u8 *) skb->data);
04837f64 188
a9de9248 189 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 190
10572132
GP		 191 clear_bit(HCI_RESET, &hdev->flags);
192
23bb5763 193 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 194
a297e97c
JH		 195 /* Reset all non-persistent flags */
196 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN));
a9de9248 197}
04837f64 198
a9de9248
MH		 199static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
200{
201 __u8 status = *((__u8 *) skb->data);
202 void *sent;
04837f64 203
a9de9248 204 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 205
a9de9248
MH		 206 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
207 if (!sent)
208 return;
04837f64 209
56e5cb86
JH		 210 hci_dev_lock(hdev);
211
a8b2d5c2 212 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 213 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 214
56e5cb86
JH		 215 if (status == 0)
216 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 217
56e5cb86 218 hci_dev_unlock(hdev);
a9de9248
MH		 219}
220
221static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
222{
223 struct hci_rp_read_local_name *rp = (void *) skb->data;
224
225 BT_DBG("%s status 0x%x", hdev->name, rp->status);
226
227 if (rp->status)
228 return;
229
1f6c6378 230 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 231}
232
233static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
234{
235 __u8 status = *((__u8 *) skb->data);
236 void *sent;
237
238 BT_DBG("%s status 0x%x", hdev->name, status);
239
240 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
241 if (!sent)
242 return;
243
244 if (!status) {
245 __u8 param = *((__u8 *) sent);
246
247 if (param == AUTH_ENABLED)
248 set_bit(HCI_AUTH, &hdev->flags);
249 else
250 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 251 }
a9de9248 252
33ef95ed
JH		 253 if (test_bit(HCI_MGMT, &hdev->dev_flags))
254 mgmt_auth_enable_complete(hdev, status);
255
23bb5763 256 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 257}
258
a9de9248 259static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 260{
a9de9248 261 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 262 void *sent;
263
a9de9248 264 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 265
a9de9248
MH		 266 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
267 if (!sent)
268 return;
1da177e4 269
a9de9248
MH		 270 if (!status) {
271 __u8 param = *((__u8 *) sent);
272
273 if (param)
274 set_bit(HCI_ENCRYPT, &hdev->flags);
275 else
276 clear_bit(HCI_ENCRYPT, &hdev->flags);
277 }
1da177e4 278
23bb5763 279 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 280}
1da177e4 281
a9de9248
MH		 282static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283{
36f7fc7e
JH		 284 __u8 param, status = *((__u8 *) skb->data);
285 int old_pscan, old_iscan;
a9de9248 286 void *sent;
1da177e4 287
a9de9248 288 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 289
a9de9248
MH		 290 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
291 if (!sent)
292 return;
1da177e4 293
36f7fc7e
JH		 294 param = *((__u8 *) sent);
295
56e5cb86
JH		 296 hci_dev_lock(hdev);
297
2d7cee58 298 if (status != 0) {
744cf19e 299 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 300 hdev->discov_timeout = 0;
301 goto done;
302 }
303
36f7fc7e
JH		 304 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
305 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306
307 if (param & SCAN_INQUIRY) {
308 set_bit(HCI_ISCAN, &hdev->flags);
309 if (!old_iscan)
744cf19e 310 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 311 if (hdev->discov_timeout > 0) {
312 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
313 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
314 to);
315 }
36f7fc7e 316 } else if (old_iscan)
744cf19e 317 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 318
319 if (param & SCAN_PAGE) {
320 set_bit(HCI_PSCAN, &hdev->flags);
321 if (!old_pscan)
744cf19e 322 mgmt_connectable(hdev, 1);
36f7fc7e 323 } else if (old_pscan)
744cf19e 324 mgmt_connectable(hdev, 0);
1da177e4 325
36f7fc7e 326done:
56e5cb86 327 hci_dev_unlock(hdev);
23bb5763 328 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 329}
1da177e4 330
a9de9248
MH		 331static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332{
333 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 334
a9de9248 335 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 336
a9de9248
MH		 337 if (rp->status)
338 return;
1da177e4 339
a9de9248 340 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 341
a9de9248
MH		 342 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
343 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
344}
1da177e4 345
a9de9248
MH		 346static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347{
348 __u8 status = *((__u8 *) skb->data);
349 void *sent;
1da177e4 350
a9de9248 351 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 352
f383f275
MH		 353 if (status)
354 return;
355
a9de9248
MH		 356 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
357 if (!sent)
358 return;
1da177e4 359
f383f275 360 memcpy(hdev->dev_class, sent, 3);
a9de9248 361}
1da177e4 362
a9de9248
MH		 363static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364{
365 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
366 __u16 setting;
367
368 BT_DBG("%s status 0x%x", hdev->name, rp->status);
369
370 if (rp->status)
371 return;
372
373 setting = __le16_to_cpu(rp->voice_setting);
374
f383f275 375 if (hdev->voice_setting == setting)
a9de9248
MH		 376 return;
377
378 hdev->voice_setting = setting;
379
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
381
3c54711c 382 if (hdev->notify)
a9de9248 383 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 384}
385
386static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387{
388 __u8 status = *((__u8 *) skb->data);
f383f275 389 __u16 setting;
a9de9248
MH		 390 void *sent;
391
392 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 393
f383f275
MH		 394 if (status)
395 return;
396
a9de9248
MH		 397 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
398 if (!sent)
399 return;
1da177e4 400
f383f275 401 setting = get_unaligned_le16(sent);
1da177e4 402
f383f275
MH		 403 if (hdev->voice_setting == setting)
404 return;
405
406 hdev->voice_setting = setting;
1da177e4 407
f383f275 408 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 409
3c54711c 410 if (hdev->notify)
f383f275 411 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 412}
413
a9de9248 414static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 415{
a9de9248 416 __u8 status = *((__u8 *) skb->data);
1da177e4 417
a9de9248 418 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 419
23bb5763 420 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 421}
1143e5a6 422
333140b5
MH		 423static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424{
425 __u8 status = *((__u8 *) skb->data);
426 void *sent;
427
428 BT_DBG("%s status 0x%x", hdev->name, status);
429
430 if (status)
ed2c4ee3 431 goto done;
333140b5
MH		 432
433 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
434 if (!sent)
435 return;
436
84bde9d6
JH		 437 if (*((u8 *) sent))
438 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
439 else
440 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
ed2c4ee3
JH		 441
442done:
443 if (test_bit(HCI_MGMT, &hdev->dev_flags))
444 mgmt_ssp_enable_complete(hdev, status);
333140b5
MH		 445}
446
d5859e22
JH		 447static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
448{
449 if (hdev->features[6] & LMP_EXT_INQ)
450 return 2;
451
452 if (hdev->features[3] & LMP_RSSI_INQ)
453 return 1;
454
455 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
456 hdev->lmp_subver == 0x0757)
457 return 1;
458
459 if (hdev->manufacturer == 15) {
460 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
461 return 1;
462 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
463 return 1;
464 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
465 return 1;
466 }
467
468 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
469 hdev->lmp_subver == 0x1805)
470 return 1;
471
472 return 0;
473}
474
475static void hci_setup_inquiry_mode(struct hci_dev *hdev)
476{
477 u8 mode;
478
479 mode = hci_get_inquiry_mode(hdev);
480
481 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
482}
483
484static void hci_setup_event_mask(struct hci_dev *hdev)
485{
486 /* The second byte is 0xff instead of 0x9f (two reserved bits
487 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
488 * command otherwise */
489 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
490
6de6c18d
VT		 491 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
492 * any event mask for pre 1.2 devices */
5a13b095 493 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 494 return;
495
496 events[4] |= 0x01; /* Flow Specification Complete */
497 events[4] |= 0x02; /* Inquiry Result with RSSI */
498 events[4] |= 0x04; /* Read Remote Extended Features Complete */
499 events[5] |= 0x08; /* Synchronous Connection Complete */
500 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 501
502 if (hdev->features[3] & LMP_RSSI_INQ)
503 events[4] |= 0x04; /* Inquiry Result with RSSI */
504
505 if (hdev->features[5] & LMP_SNIFF_SUBR)
506 events[5] |= 0x20; /* Sniff Subrating */
507
508 if (hdev->features[5] & LMP_PAUSE_ENC)
509 events[5] |= 0x80; /* Encryption Key Refresh Complete */
510
511 if (hdev->features[6] & LMP_EXT_INQ)
512 events[5] |= 0x40; /* Extended Inquiry Result */
513
514 if (hdev->features[6] & LMP_NO_FLUSH)
515 events[7] |= 0x01; /* Enhanced Flush Complete */
516
517 if (hdev->features[7] & LMP_LSTO)
518 events[6] |= 0x80; /* Link Supervision Timeout Changed */
519
520 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
521 events[6] |= 0x01; /* IO Capability Request */
522 events[6] |= 0x02; /* IO Capability Response */
523 events[6] |= 0x04; /* User Confirmation Request */
524 events[6] |= 0x08; /* User Passkey Request */
525 events[6] |= 0x10; /* Remote OOB Data Request */
526 events[6] |= 0x20; /* Simple Pairing Complete */
527 events[7] |= 0x04; /* User Passkey Notification */
528 events[7] |= 0x08; /* Keypress Notification */
529 events[7] |= 0x10; /* Remote Host Supported
530 * Features Notification */
531 }
532
533 if (hdev->features[4] & LMP_LE)
534 events[7] |= 0x20; /* LE Meta-Event */
535
536 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
537}
538
e6100a25
AG		 539static void hci_set_le_support(struct hci_dev *hdev)
540{
541 struct hci_cp_write_le_host_supported cp;
542
543 memset(&cp, 0, sizeof(cp));
544
545 if (enable_le) {
546 cp.le = 1;
547 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
548 }
549
550 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
551}
552
d5859e22
JH		 553static void hci_setup(struct hci_dev *hdev)
554{
e61ef499
AE		 555 if (hdev->dev_type != HCI_BREDR)
556 return;
557
d5859e22
JH		 558 hci_setup_event_mask(hdev);
559
d095c1eb 560 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 561 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
562
563 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
564 u8 mode = 0x01;
565 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
566 }
567
568 if (hdev->features[3] & LMP_RSSI_INQ)
569 hci_setup_inquiry_mode(hdev);
570
571 if (hdev->features[7] & LMP_INQ_TX_PWR)
572 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 573
574 if (hdev->features[7] & LMP_EXTFEATURES) {
575 struct hci_cp_read_local_ext_features cp;
576
577 cp.page = 0x01;
578 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
579 sizeof(cp), &cp);
580 }
e6100a25 581
47990ea0
JH		 582 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
583 u8 enable = 1;
584 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE,
585 sizeof(enable), &enable);
586 }
587
e6100a25
AG		 588 if (hdev->features[4] & LMP_LE)
589 hci_set_le_support(hdev);
d5859e22
JH		 590}
591
a9de9248
MH		 592static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
593{
594 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 595
a9de9248 596 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 597
a9de9248
MH		 598 if (rp->status)
599 return;
1143e5a6 600
a9de9248 601 hdev->hci_ver = rp->hci_ver;
e4e8e37c 602 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 603 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 604 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 605 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 606
a9de9248
MH		 607 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
608 hdev->manufacturer,
609 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 610
611 if (test_bit(HCI_INIT, &hdev->flags))
612 hci_setup(hdev);
613}
614
615static void hci_setup_link_policy(struct hci_dev *hdev)
616{
617 u16 link_policy = 0;
618
619 if (hdev->features[0] & LMP_RSWITCH)
620 link_policy |= HCI_LP_RSWITCH;
621 if (hdev->features[0] & LMP_HOLD)
622 link_policy |= HCI_LP_HOLD;
623 if (hdev->features[0] & LMP_SNIFF)
624 link_policy |= HCI_LP_SNIFF;
625 if (hdev->features[1] & LMP_PARK)
626 link_policy |= HCI_LP_PARK;
627
628 link_policy = cpu_to_le16(link_policy);
629 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
630 sizeof(link_policy), &link_policy);
a9de9248 631}
1da177e4 632
a9de9248
MH		 633static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
634{
635 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 636
a9de9248 637 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 638
a9de9248 639 if (rp->status)
d5859e22 640 goto done;
1da177e4 641
a9de9248 642 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 643
644 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
645 hci_setup_link_policy(hdev);
646
647done:
648 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 649}
1da177e4 650
a9de9248
MH		 651static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
652{
653 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 654
a9de9248 655 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 656
a9de9248
MH		 657 if (rp->status)
658 return;
5b7f9909 659
a9de9248 660 memcpy(hdev->features, rp->features, 8);
5b7f9909 661
a9de9248
MH		 662 /* Adjust default settings according to features
663 * supported by device. */
1da177e4 664
a9de9248
MH		 665 if (hdev->features[0] & LMP_3SLOT)
666 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 667
a9de9248
MH		 668 if (hdev->features[0] & LMP_5SLOT)
669 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 670
a9de9248
MH		 671 if (hdev->features[1] & LMP_HV2) {
672 hdev->pkt_type |= (HCI_HV2);
673 hdev->esco_type |= (ESCO_HV2);
674 }
1da177e4 675
a9de9248
MH		 676 if (hdev->features[1] & LMP_HV3) {
677 hdev->pkt_type |= (HCI_HV3);
678 hdev->esco_type |= (ESCO_HV3);
679 }
1da177e4 680
a9de9248
MH		 681 if (hdev->features[3] & LMP_ESCO)
682 hdev->esco_type |= (ESCO_EV3);
da1f5198 683
a9de9248
MH		 684 if (hdev->features[4] & LMP_EV4)
685 hdev->esco_type |= (ESCO_EV4);
da1f5198 686
a9de9248
MH		 687 if (hdev->features[4] & LMP_EV5)
688 hdev->esco_type |= (ESCO_EV5);
1da177e4 689
efc7688b
MH		 690 if (hdev->features[5] & LMP_EDR_ESCO_2M)
691 hdev->esco_type |= (ESCO_2EV3);
692
693 if (hdev->features[5] & LMP_EDR_ESCO_3M)
694 hdev->esco_type |= (ESCO_3EV3);
695
696 if (hdev->features[5] & LMP_EDR_3S_ESCO)
697 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
698
a9de9248
MH		 699 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
700 hdev->features[0], hdev->features[1],
701 hdev->features[2], hdev->features[3],
702 hdev->features[4], hdev->features[5],
703 hdev->features[6], hdev->features[7]);
704}
1da177e4 705
971e3a4b
AG		 706static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
707 struct sk_buff *skb)
708{
709 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
710
711 BT_DBG("%s status 0x%x", hdev->name, rp->status);
712
713 if (rp->status)
714 return;
715
b5b32b65
AG		 716 switch (rp->page) {
717 case 0:
718 memcpy(hdev->features, rp->features, 8);
719 break;
720 case 1:
721 memcpy(hdev->host_features, rp->features, 8);
722 break;
723 }
971e3a4b
AG		 724
725 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
726}
727
1e89cffb
AE		 728static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
729 struct sk_buff *skb)
730{
731 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
732
733 BT_DBG("%s status 0x%x", hdev->name, rp->status);
734
735 if (rp->status)
736 return;
737
738 hdev->flow_ctl_mode = rp->mode;
739
740 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
741}
742
a9de9248
MH		 743static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
744{
745 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 746
a9de9248 747 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 748
a9de9248
MH		 749 if (rp->status)
750 return;
1da177e4 751
a9de9248
MH		 752 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
753 hdev->sco_mtu = rp->sco_mtu;
754 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
755 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
756
757 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
758 hdev->sco_mtu = 64;
759 hdev->sco_pkts = 8;
1da177e4 760 }
a9de9248
MH		 761
762 hdev->acl_cnt = hdev->acl_pkts;
763 hdev->sco_cnt = hdev->sco_pkts;
764
765 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
766 hdev->acl_mtu, hdev->acl_pkts,
767 hdev->sco_mtu, hdev->sco_pkts);
768}
769
770static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
771{
772 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
773
774 BT_DBG("%s status 0x%x", hdev->name, rp->status);
775
776 if (!rp->status)
777 bacpy(&hdev->bdaddr, &rp->bdaddr);
778
23bb5763
JH		 779 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
780}
781
350ee4cf
AE		 782static void hci_cc_read_data_block_size(struct hci_dev *hdev,
783 struct sk_buff *skb)
784{
785 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
786
787 BT_DBG("%s status 0x%x", hdev->name, rp->status);
788
789 if (rp->status)
790 return;
791
792 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
793 hdev->block_len = __le16_to_cpu(rp->block_len);
794 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
795
796 hdev->block_cnt = hdev->num_blocks;
797
798 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
799 hdev->block_cnt, hdev->block_len);
800
801 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
802}
803
23bb5763
JH		 804static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
805{
806 __u8 status = *((__u8 *) skb->data);
807
808 BT_DBG("%s status 0x%x", hdev->name, status);
809
810 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 811}
812
928abaa7
AE		 813static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
814 struct sk_buff *skb)
815{
816 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
817
818 BT_DBG("%s status 0x%x", hdev->name, rp->status);
819
820 if (rp->status)
821 return;
822
823 hdev->amp_status = rp->amp_status;
824 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
825 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
826 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
827 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
828 hdev->amp_type = rp->amp_type;
829 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
830 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
831 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
832 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
833
834 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
835}
836
b0916ea0
JH		 837static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
838 struct sk_buff *skb)
839{
840 __u8 status = *((__u8 *) skb->data);
841
842 BT_DBG("%s status 0x%x", hdev->name, status);
843
844 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
845}
846
d5859e22
JH		 847static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
848{
849 __u8 status = *((__u8 *) skb->data);
850
851 BT_DBG("%s status 0x%x", hdev->name, status);
852
853 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
854}
855
856static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
857 struct sk_buff *skb)
858{
859 __u8 status = *((__u8 *) skb->data);
860
861 BT_DBG("%s status 0x%x", hdev->name, status);
862
863 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
864}
865
866static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
867 struct sk_buff *skb)
868{
869 __u8 status = *((__u8 *) skb->data);
870
871 BT_DBG("%s status 0x%x", hdev->name, status);
872
873 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
874}
875
876static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
877{
878 __u8 status = *((__u8 *) skb->data);
879
880 BT_DBG("%s status 0x%x", hdev->name, status);
881
882 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
883}
884
980e1a53
JH		 885static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
886{
887 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
888 struct hci_cp_pin_code_reply *cp;
889 struct hci_conn *conn;
890
891 BT_DBG("%s status 0x%x", hdev->name, rp->status);
892
56e5cb86
JH		 893 hci_dev_lock(hdev);
894
a8b2d5c2 895 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 896 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 897
898 if (rp->status != 0)
56e5cb86 899 goto unlock;
980e1a53
JH		 900
901 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
902 if (!cp)
56e5cb86 903 goto unlock;
980e1a53
JH		 904
905 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
906 if (conn)
907 conn->pin_length = cp->pin_len;
56e5cb86
JH		 908
909unlock:
910 hci_dev_unlock(hdev);
980e1a53
JH		 911}
912
913static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
914{
915 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
916
917 BT_DBG("%s status 0x%x", hdev->name, rp->status);
918
56e5cb86
JH		 919 hci_dev_lock(hdev);
920
a8b2d5c2 921 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 922 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 923 rp->status);
56e5cb86
JH		 924
925 hci_dev_unlock(hdev);
980e1a53 926}
56e5cb86 927
6ed58ec5
VT		 928static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
929 struct sk_buff *skb)
930{
931 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
932
933 BT_DBG("%s status 0x%x", hdev->name, rp->status);
934
935 if (rp->status)
936 return;
937
938 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
939 hdev->le_pkts = rp->le_max_pkt;
940
941 hdev->le_cnt = hdev->le_pkts;
942
943 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
944
945 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
946}
980e1a53 947
a5c29683
JH		 948static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
949{
950 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
951
952 BT_DBG("%s status 0x%x", hdev->name, rp->status);
953
56e5cb86
JH		 954 hci_dev_lock(hdev);
955
a8b2d5c2 956 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 957 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
958 0, rp->status);
56e5cb86
JH		 959
960 hci_dev_unlock(hdev);
a5c29683
JH		 961}
962
963static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
964 struct sk_buff *skb)
965{
966 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
967
968 BT_DBG("%s status 0x%x", hdev->name, rp->status);
969
56e5cb86
JH		 970 hci_dev_lock(hdev);
971
a8b2d5c2 972 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 973 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 974 ACL_LINK, 0,
a5c29683 975 rp->status);
56e5cb86
JH		 976
977 hci_dev_unlock(hdev);
a5c29683
JH		 978}
979
1143d458
BG		 980static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
981{
982 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
983
984 BT_DBG("%s status 0x%x", hdev->name, rp->status);
985
986 hci_dev_lock(hdev);
987
a8b2d5c2 988 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 989 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
990 0, rp->status);
1143d458
BG		 991
992 hci_dev_unlock(hdev);
993}
994
995static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
996 struct sk_buff *skb)
997{
998 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
999
1000 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1001
1002 hci_dev_lock(hdev);
1003
a8b2d5c2 1004 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1005 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 1006 ACL_LINK, 0,
1143d458
BG		 1007 rp->status);
1008
1009 hci_dev_unlock(hdev);
1010}
1011
c35938b2
SJ		 1012static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1013 struct sk_buff *skb)
1014{
1015 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1016
1017 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1018
56e5cb86 1019 hci_dev_lock(hdev);
744cf19e 1020 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1021 rp->randomizer, rp->status);
56e5cb86 1022 hci_dev_unlock(hdev);
c35938b2
SJ		 1023}
1024
07f7fa5d
AG		 1025static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1026{
1027 __u8 status = *((__u8 *) skb->data);
1028
1029 BT_DBG("%s status 0x%x", hdev->name, status);
7ba8b4be
AG		 1030
1031 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1032
1033 if (status) {
1034 hci_dev_lock(hdev);
1035 mgmt_start_discovery_failed(hdev, status);
1036 hci_dev_unlock(hdev);
1037 return;
1038 }
07f7fa5d
AG		 1039}
1040
eb9d91f5
AG		 1041static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1042 struct sk_buff *skb)
1043{
1044 struct hci_cp_le_set_scan_enable *cp;
1045 __u8 status = *((__u8 *) skb->data);
1046
1047 BT_DBG("%s status 0x%x", hdev->name, status);
1048
eb9d91f5
AG		 1049 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1050 if (!cp)
1051 return;
1052
68a8aea4
AE		 1053 switch (cp->enable) {
1054 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1055 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1056
3fd24153
AG		 1057 if (status) {
1058 hci_dev_lock(hdev);
1059 mgmt_start_discovery_failed(hdev, status);
1060 hci_dev_unlock(hdev);
7ba8b4be 1061 return;
3fd24153 1062 }
7ba8b4be 1063
d23264a8
AG		 1064 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1065
db323f2f 1066 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1067
1068 hci_dev_lock(hdev);
eb9d91f5 1069 hci_adv_entries_clear(hdev);
343f935b 1070 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 1071 hci_dev_unlock(hdev);
68a8aea4
AE		 1072 break;
1073
1074 case LE_SCANNING_DISABLED:
7ba8b4be
AG		 1075 if (status)
1076 return;
1077
d23264a8
AG		 1078 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1079
d084329e 1080 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
5e0452c0
AG		 1081
1082 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED) {
1083 mgmt_interleaved_discovery(hdev);
1084 } else {
1085 hci_dev_lock(hdev);
1086 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1087 hci_dev_unlock(hdev);
1088 }
1089
68a8aea4
AE		 1090 break;
1091
1092 default:
1093 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1094 break;
35815085 1095 }
eb9d91f5
AG		 1096}
1097
a7a595f6
VCG		 1098static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1099{
1100 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1101
1102 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1103
1104 if (rp->status)
1105 return;
1106
1107 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1108}
1109
1110static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1111{
1112 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1113
1114 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1115
1116 if (rp->status)
1117 return;
1118
1119 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1120}
1121
f9b49306
AG		 1122static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1123 struct sk_buff *skb)
1124{
1125 struct hci_cp_read_local_ext_features cp;
1126 __u8 status = *((__u8 *) skb->data);
1127
1128 BT_DBG("%s status 0x%x", hdev->name, status);
1129
1130 if (status)
1131 return;
1132
1133 cp.page = 0x01;
1134 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1135}
1136
a9de9248
MH		 1137static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1138{
1139 BT_DBG("%s status 0x%x", hdev->name, status);
1140
1141 if (status) {
23bb5763 1142 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1143 hci_conn_check_pending(hdev);
56e5cb86 1144 hci_dev_lock(hdev);
a8b2d5c2 1145 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1146 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1147 hci_dev_unlock(hdev);
314b2381
JH		 1148 return;
1149 }
1150
89352e7d
AG		 1151 set_bit(HCI_INQUIRY, &hdev->flags);
1152
56e5cb86 1153 hci_dev_lock(hdev);
343f935b 1154 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1155 hci_dev_unlock(hdev);
1da177e4
LT		 1156}
1157
1da177e4
LT		 1158static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1159{
a9de9248 1160 struct hci_cp_create_conn *cp;
1da177e4 1161 struct hci_conn *conn;
1da177e4 1162
a9de9248
MH		 1163 BT_DBG("%s status 0x%x", hdev->name, status);
1164
1165 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1166 if (!cp)
1167 return;
1168
1169 hci_dev_lock(hdev);
1170
1171 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1172
a9de9248 1173 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1174
1175 if (status) {
1176 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1177 if (status != 0x0c || conn->attempt > 2) {
1178 conn->state = BT_CLOSED;
1179 hci_proto_connect_cfm(conn, status);
1180 hci_conn_del(conn);
1181 } else
1182 conn->state = BT_CONNECT2;
1da177e4
LT		 1183 }
1184 } else {
1185 if (!conn) {
1186 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1187 if (conn) {
a0c808b3 1188 conn->out = true;
1da177e4
LT		 1189 conn->link_mode |= HCI_LM_MASTER;
1190 } else
893ef971 1191 BT_ERR("No memory for new connection");
1da177e4
LT		 1192 }
1193 }
1194
1195 hci_dev_unlock(hdev);
1196}
1197
a9de9248 1198static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1199{
a9de9248
MH		 1200 struct hci_cp_add_sco *cp;
1201 struct hci_conn *acl, *sco;
1202 __u16 handle;
1da177e4 1203
b6a0dc82
MH		 1204 BT_DBG("%s status 0x%x", hdev->name, status);
1205
a9de9248
MH		 1206 if (!status)
1207 return;
1da177e4 1208
a9de9248
MH		 1209 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1210 if (!cp)
1211 return;
1da177e4 1212
a9de9248 1213 handle = __le16_to_cpu(cp->handle);
1da177e4 1214
a9de9248 1215 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1216
a9de9248 1217 hci_dev_lock(hdev);
1da177e4 1218
a9de9248 1219 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1220 if (acl) {
1221 sco = acl->link;
1222 if (sco) {
1223 sco->state = BT_CLOSED;
1da177e4 1224
5a08ecce
AE		 1225 hci_proto_connect_cfm(sco, status);
1226 hci_conn_del(sco);
1227 }
a9de9248 1228 }
1da177e4 1229
a9de9248
MH		 1230 hci_dev_unlock(hdev);
1231}
1da177e4 1232
f8558555
MH		 1233static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1234{
1235 struct hci_cp_auth_requested *cp;
1236 struct hci_conn *conn;
1237
1238 BT_DBG("%s status 0x%x", hdev->name, status);
1239
1240 if (!status)
1241 return;
1242
1243 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1244 if (!cp)
1245 return;
1246
1247 hci_dev_lock(hdev);
1248
1249 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1250 if (conn) {
1251 if (conn->state == BT_CONFIG) {
1252 hci_proto_connect_cfm(conn, status);
1253 hci_conn_put(conn);
1254 }
1255 }
1256
1257 hci_dev_unlock(hdev);
1258}
1259
1260static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1261{
1262 struct hci_cp_set_conn_encrypt *cp;
1263 struct hci_conn *conn;
1264
1265 BT_DBG("%s status 0x%x", hdev->name, status);
1266
1267 if (!status)
1268 return;
1269
1270 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1271 if (!cp)
1272 return;
1273
1274 hci_dev_lock(hdev);
1275
1276 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1277 if (conn) {
1278 if (conn->state == BT_CONFIG) {
1279 hci_proto_connect_cfm(conn, status);
1280 hci_conn_put(conn);
1281 }
1282 }
1283
1284 hci_dev_unlock(hdev);
1285}
1286
127178d2 1287static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1288 struct hci_conn *conn)
392599b9 1289{
392599b9
JH		 1290 if (conn->state != BT_CONFIG || !conn->out)
1291 return 0;
1292
765c2a96 1293 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1294 return 0;
1295
1296 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1297 * devices with sec_level HIGH or if MITM protection is requested */
aa64a8b5 1298 if (!hci_conn_ssp_enabled(conn) &&
e9bf2bf0
VCG		 1299 conn->pending_sec_level != BT_SECURITY_HIGH &&
1300 !(conn->auth_type & 0x01))
392599b9
JH		 1301 return 0;
1302
392599b9
JH		 1303 return 1;
1304}
1305
30dc78e1
JH		 1306static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1307{
1308 struct hci_cp_remote_name_req cp;
1309
1310 memset(&cp, 0, sizeof(cp));
1311
1312 bacpy(&cp.bdaddr, &e->data.bdaddr);
1313 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1314 cp.pscan_mode = e->data.pscan_mode;
1315 cp.clock_offset = e->data.clock_offset;
1316
1317 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1318}
1319
b644ba33 1320static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1321{
1322 struct discovery_state *discov = &hdev->discovery;
1323 struct inquiry_entry *e;
1324
b644ba33
JH		 1325 if (list_empty(&discov->resolve))
1326 return false;
1327
1328 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1329 if (hci_resolve_name(hdev, e) == 0) {
1330 e->name_state = NAME_PENDING;
1331 return true;
1332 }
1333
1334 return false;
1335}
1336
1337static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1338 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1339{
1340 struct discovery_state *discov = &hdev->discovery;
1341 struct inquiry_entry *e;
1342
1343 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1344 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1345 name, name_len, conn->dev_class);
1346
1347 if (discov->state == DISCOVERY_STOPPED)
1348 return;
1349
30dc78e1
JH		 1350 if (discov->state == DISCOVERY_STOPPING)
1351 goto discov_complete;
1352
1353 if (discov->state != DISCOVERY_RESOLVING)
1354 return;
1355
1356 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1357 if (e) {
1358 e->name_state = NAME_KNOWN;
1359 list_del(&e->list);
b644ba33
JH		 1360 if (name)
1361 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1362 e->data.rssi, name, name_len);
30dc78e1
JH		 1363 }
1364
b644ba33 1365 if (hci_resolve_next_name(hdev))
30dc78e1 1366 return;
30dc78e1
JH		 1367
1368discov_complete:
1369 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1370}
1371
a9de9248
MH		 1372static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1373{
127178d2
JH		 1374 struct hci_cp_remote_name_req *cp;
1375 struct hci_conn *conn;
1376
a9de9248 1377 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1378
1379 /* If successful wait for the name req complete event before
1380 * checking for the need to do authentication */
1381 if (!status)
1382 return;
1383
1384 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1385 if (!cp)
1386 return;
1387
1388 hci_dev_lock(hdev);
1389
b644ba33
JH		 1390 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1391
a8b2d5c2 1392 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1393 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1394
79c6c70c
JH		 1395 if (!conn)
1396 goto unlock;
1397
1398 if (!hci_outgoing_auth_needed(hdev, conn))
1399 goto unlock;
1400
51a8efd7 1401 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1402 struct hci_cp_auth_requested cp;
1403 cp.handle = __cpu_to_le16(conn->handle);
1404 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1405 }
1406
79c6c70c 1407unlock:
127178d2 1408 hci_dev_unlock(hdev);
a9de9248 1409}
1da177e4 1410
769be974
MH		 1411static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1412{
1413 struct hci_cp_read_remote_features *cp;
1414 struct hci_conn *conn;
1415
1416 BT_DBG("%s status 0x%x", hdev->name, status);
1417
1418 if (!status)
1419 return;
1420
1421 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1422 if (!cp)
1423 return;
1424
1425 hci_dev_lock(hdev);
1426
1427 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1428 if (conn) {
1429 if (conn->state == BT_CONFIG) {
769be974
MH		 1430 hci_proto_connect_cfm(conn, status);
1431 hci_conn_put(conn);
1432 }
1433 }
1434
1435 hci_dev_unlock(hdev);
1436}
1437
1438static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1439{
1440 struct hci_cp_read_remote_ext_features *cp;
1441 struct hci_conn *conn;
1442
1443 BT_DBG("%s status 0x%x", hdev->name, status);
1444
1445 if (!status)
1446 return;
1447
1448 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1449 if (!cp)
1450 return;
1451
1452 hci_dev_lock(hdev);
1453
1454 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1455 if (conn) {
1456 if (conn->state == BT_CONFIG) {
769be974
MH		 1457 hci_proto_connect_cfm(conn, status);
1458 hci_conn_put(conn);
1459 }
1460 }
1461
1462 hci_dev_unlock(hdev);
1463}
1464
a9de9248
MH		 1465static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1466{
b6a0dc82
MH		 1467 struct hci_cp_setup_sync_conn *cp;
1468 struct hci_conn *acl, *sco;
1469 __u16 handle;
1470
a9de9248 1471 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1472
1473 if (!status)
1474 return;
1475
1476 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1477 if (!cp)
1478 return;
1479
1480 handle = __le16_to_cpu(cp->handle);
1481
1482 BT_DBG("%s handle %d", hdev->name, handle);
1483
1484 hci_dev_lock(hdev);
1485
1486 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1487 if (acl) {
1488 sco = acl->link;
1489 if (sco) {
1490 sco->state = BT_CLOSED;
b6a0dc82 1491
5a08ecce
AE		 1492 hci_proto_connect_cfm(sco, status);
1493 hci_conn_del(sco);
1494 }
b6a0dc82
MH		 1495 }
1496
1497 hci_dev_unlock(hdev);
1da177e4
LT		 1498}
1499
a9de9248 1500static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1501{
a9de9248
MH		 1502 struct hci_cp_sniff_mode *cp;
1503 struct hci_conn *conn;
1da177e4 1504
a9de9248 1505 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1506
a9de9248
MH		 1507 if (!status)
1508 return;
04837f64 1509
a9de9248
MH		 1510 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1511 if (!cp)
1512 return;
04837f64 1513
a9de9248 1514 hci_dev_lock(hdev);
04837f64 1515
a9de9248 1516 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1517 if (conn) {
51a8efd7 1518 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1519
51a8efd7 1520 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1521 hci_sco_setup(conn, status);
1522 }
1523
a9de9248
MH		 1524 hci_dev_unlock(hdev);
1525}
04837f64 1526
a9de9248
MH		 1527static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1528{
1529 struct hci_cp_exit_sniff_mode *cp;
1530 struct hci_conn *conn;
04837f64 1531
a9de9248 1532 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1533
a9de9248
MH		 1534 if (!status)
1535 return;
04837f64 1536
a9de9248
MH		 1537 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1538 if (!cp)
1539 return;
04837f64 1540
a9de9248 1541 hci_dev_lock(hdev);
1da177e4 1542
a9de9248 1543 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1544 if (conn) {
51a8efd7 1545 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1546
51a8efd7 1547 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1548 hci_sco_setup(conn, status);
1549 }
1550
a9de9248 1551 hci_dev_unlock(hdev);
1da177e4
LT		 1552}
1553
88c3df13
JH		 1554static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1555{
1556 struct hci_cp_disconnect *cp;
1557 struct hci_conn *conn;
1558
1559 if (!status)
1560 return;
1561
1562 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1563 if (!cp)
1564 return;
1565
1566 hci_dev_lock(hdev);
1567
1568 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1569 if (conn)
1570 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1571 conn->dst_type, status);
1572
1573 hci_dev_unlock(hdev);
1574}
1575
fcd89c09
VT		 1576static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1577{
1578 struct hci_cp_le_create_conn *cp;
1579 struct hci_conn *conn;
1580
1581 BT_DBG("%s status 0x%x", hdev->name, status);
1582
1583 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1584 if (!cp)
1585 return;
1586
1587 hci_dev_lock(hdev);
1588
1589 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1590
1591 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1592 conn);
1593
1594 if (status) {
1595 if (conn && conn->state == BT_CONNECT) {
1596 conn->state = BT_CLOSED;
1597 hci_proto_connect_cfm(conn, status);
1598 hci_conn_del(conn);
1599 }
1600 } else {
1601 if (!conn) {
1602 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1603 if (conn) {
1604 conn->dst_type = cp->peer_addr_type;
a0c808b3 1605 conn->out = true;
29b7988a 1606 } else {
fcd89c09 1607 BT_ERR("No memory for new connection");
29b7988a 1608 }
fcd89c09
VT		 1609 }
1610 }
1611
1612 hci_dev_unlock(hdev);
1613}
1614
a7a595f6
VCG		 1615static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1616{
1617 BT_DBG("%s status 0x%x", hdev->name, status);
1618}
1619
1da177e4
LT		 1620static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1621{
1622 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1623 struct discovery_state *discov = &hdev->discovery;
1624 struct inquiry_entry *e;
1da177e4
LT		 1625
1626 BT_DBG("%s status %d", hdev->name, status);
1627
23bb5763 1628 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1629
a9de9248 1630 hci_conn_check_pending(hdev);
89352e7d
AG		 1631
1632 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1633 return;
1634
a8b2d5c2 1635 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1636 return;
1637
56e5cb86 1638 hci_dev_lock(hdev);
30dc78e1 1639
343f935b 1640 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1641 goto unlock;
1642
1643 if (list_empty(&discov->resolve)) {
1644 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1645 goto unlock;
1646 }
1647
1648 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1649 if (e && hci_resolve_name(hdev, e) == 0) {
1650 e->name_state = NAME_PENDING;
1651 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1652 } else {
1653 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1654 }
1655
1656unlock:
56e5cb86 1657 hci_dev_unlock(hdev);
1da177e4
LT		 1658}
1659
1da177e4
LT		 1660static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1661{
45bb4bf0 1662 struct inquiry_data data;
a9de9248 1663 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1664 int num_rsp = *((__u8 *) skb->data);
1665
1666 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1667
45bb4bf0
MH		 1668 if (!num_rsp)
1669 return;
1670
1da177e4 1671 hci_dev_lock(hdev);
45bb4bf0 1672
e17acd40 1673 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1674 bool name_known;
1675
1da177e4
LT		 1676 bacpy(&data.bdaddr, &info->bdaddr);
1677 data.pscan_rep_mode = info->pscan_rep_mode;
1678 data.pscan_period_mode = info->pscan_period_mode;
1679 data.pscan_mode = info->pscan_mode;
1680 memcpy(data.dev_class, info->dev_class, 3);
1681 data.clock_offset = info->clock_offset;
1682 data.rssi = 0x00;
41a96212 1683 data.ssp_mode = 0x00;
3175405b
JH		 1684
1685 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1686 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1687 info->dev_class, 0, !name_known,
1688 NULL, 0);
1da177e4 1689 }
45bb4bf0 1690
1da177e4
LT		 1691 hci_dev_unlock(hdev);
1692}
1693
1da177e4
LT		 1694static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1695{
a9de9248
MH		 1696 struct hci_ev_conn_complete *ev = (void *) skb->data;
1697 struct hci_conn *conn;
1da177e4
LT		 1698
1699 BT_DBG("%s", hdev->name);
1700
1701 hci_dev_lock(hdev);
1702
1703 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1704 if (!conn) {
1705 if (ev->link_type != SCO_LINK)
1706 goto unlock;
1707
1708 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1709 if (!conn)
1710 goto unlock;
1711
1712 conn->type = SCO_LINK;
1713 }
1da177e4
LT		 1714
1715 if (!ev->status) {
1716 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1717
1718 if (conn->type == ACL_LINK) {
1719 conn->state = BT_CONFIG;
1720 hci_conn_hold(conn);
052b30b0 1721 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1722 } else
1723 conn->state = BT_CONNECTED;
1da177e4 1724
9eba32b8 1725 hci_conn_hold_device(conn);
7d0db0a3
MH		 1726 hci_conn_add_sysfs(conn);
1727
1da177e4
LT		 1728 if (test_bit(HCI_AUTH, &hdev->flags))
1729 conn->link_mode |= HCI_LM_AUTH;
1730
1731 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1732 conn->link_mode |= HCI_LM_ENCRYPT;
1733
04837f64
MH		 1734 /* Get remote features */
1735 if (conn->type == ACL_LINK) {
1736 struct hci_cp_read_remote_features cp;
1737 cp.handle = ev->handle;
769be974
MH		 1738 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1739 sizeof(cp), &cp);
04837f64
MH		 1740 }
1741
1da177e4 1742 /* Set packet type for incoming connection */
d095c1eb 1743 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1744 struct hci_cp_change_conn_ptype cp;
1745 cp.handle = ev->handle;
a8746417
MH		 1746 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1747 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1748 sizeof(cp), &cp);
1da177e4 1749 }
17d5c04c 1750 } else {
1da177e4 1751 conn->state = BT_CLOSED;
17d5c04c 1752 if (conn->type == ACL_LINK)
744cf19e 1753 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1754 conn->dst_type, ev->status);
17d5c04c 1755 }
1da177e4 1756
e73439d8
MH		 1757 if (conn->type == ACL_LINK)
1758 hci_sco_setup(conn, ev->status);
1da177e4 1759
769be974
MH		 1760 if (ev->status) {
1761 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1762 hci_conn_del(conn);
c89b6e6b
MH		 1763 } else if (ev->link_type != ACL_LINK)
1764 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1765
a9de9248 1766unlock:
1da177e4 1767 hci_dev_unlock(hdev);
1da177e4 1768
a9de9248 1769 hci_conn_check_pending(hdev);
1da177e4
LT		 1770}
1771
a9de9248 1772static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1773{
a9de9248
MH		 1774 struct hci_ev_conn_request *ev = (void *) skb->data;
1775 int mask = hdev->link_mode;
1da177e4 1776
a9de9248
MH		 1777 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1778 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1779
a9de9248 1780 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1781
138d22ef
SJ		 1782 if ((mask & HCI_LM_ACCEPT) &&
1783 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1784 /* Connection accepted */
c7bdd502 1785 struct inquiry_entry *ie;
1da177e4 1786 struct hci_conn *conn;
1da177e4 1787
a9de9248 1788 hci_dev_lock(hdev);
b6a0dc82 1789
cc11b9c1
AE		 1790 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1791 if (ie)
c7bdd502
MH		 1792 memcpy(ie->data.dev_class, ev->dev_class, 3);
1793
a9de9248
MH		 1794 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1795 if (!conn) {
cc11b9c1
AE		 1796 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1797 if (!conn) {
893ef971 1798 BT_ERR("No memory for new connection");
a9de9248
MH		 1799 hci_dev_unlock(hdev);
1800 return;
1da177e4
LT		 1801 }
1802 }
b6a0dc82 1803
a9de9248
MH		 1804 memcpy(conn->dev_class, ev->dev_class, 3);
1805 conn->state = BT_CONNECT;
b6a0dc82 1806
a9de9248 1807 hci_dev_unlock(hdev);
1da177e4 1808
b6a0dc82
MH		 1809 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1810 struct hci_cp_accept_conn_req cp;
1da177e4 1811
b6a0dc82
MH		 1812 bacpy(&cp.bdaddr, &ev->bdaddr);
1813
1814 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1815 cp.role = 0x00; /* Become master */
1816 else
1817 cp.role = 0x01; /* Remain slave */
1818
1819 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1820 sizeof(cp), &cp);
1821 } else {
1822 struct hci_cp_accept_sync_conn_req cp;
1823
1824 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1825 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1826
1827 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1828 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1829 cp.max_latency = cpu_to_le16(0xffff);
1830 cp.content_format = cpu_to_le16(hdev->voice_setting);
1831 cp.retrans_effort = 0xff;
1da177e4 1832
b6a0dc82
MH		 1833 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1834 sizeof(cp), &cp);
1835 }
a9de9248
MH		 1836 } else {
1837 /* Connection rejected */
1838 struct hci_cp_reject_conn_req cp;
1da177e4 1839
a9de9248 1840 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1841 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1842 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1843 }
1da177e4
LT		 1844}
1845
a9de9248 1846static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1847{
a9de9248 1848 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1849 struct hci_conn *conn;
1850
1851 BT_DBG("%s status %d", hdev->name, ev->status);
1852
1853 hci_dev_lock(hdev);
1854
1855 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1856 if (!conn)
1857 goto unlock;
7d0db0a3 1858
37d9ef76
JH		 1859 if (ev->status == 0)
1860 conn->state = BT_CLOSED;
04837f64 1861
b644ba33
JH		 1862 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1863 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76 1864 if (ev->status != 0)
88c3df13
JH		 1865 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1866 conn->dst_type, ev->status);
37d9ef76 1867 else
afc747a6 1868 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1869 conn->dst_type);
37d9ef76 1870 }
f7520543 1871
37d9ef76
JH		 1872 if (ev->status == 0) {
1873 hci_proto_disconn_cfm(conn, ev->reason);
1874 hci_conn_del(conn);
1875 }
f7520543
JH		 1876
1877unlock:
04837f64
MH		 1878 hci_dev_unlock(hdev);
1879}
1880
1da177e4
LT		 1881static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1882{
a9de9248 1883 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1884 struct hci_conn *conn;
1da177e4
LT		 1885
1886 BT_DBG("%s status %d", hdev->name, ev->status);
1887
1888 hci_dev_lock(hdev);
1889
04837f64 1890 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1891 if (!conn)
1892 goto unlock;
1893
1894 if (!ev->status) {
aa64a8b5
JH		 1895 if (!hci_conn_ssp_enabled(conn) &&
1896 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1897 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1898 } else {
d7556e20
WR		 1899 conn->link_mode |= HCI_LM_AUTH;
1900 conn->sec_level = conn->pending_sec_level;
2a611692 1901 }
d7556e20 1902 } else {
bab73cb6
JH		 1903 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
1904 ev->status);
d7556e20 1905 }
1da177e4 1906
51a8efd7
JH		 1907 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1908 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1909
d7556e20 1910 if (conn->state == BT_CONFIG) {
aa64a8b5 1911 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1912 struct hci_cp_set_conn_encrypt cp;
1913 cp.handle = ev->handle;
1914 cp.encrypt = 0x01;
1915 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1916 &cp);
052b30b0 1917 } else {
d7556e20
WR		 1918 conn->state = BT_CONNECTED;
1919 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1920 hci_conn_put(conn);
1921 }
d7556e20
WR		 1922 } else {
1923 hci_auth_cfm(conn, ev->status);
052b30b0 1924
d7556e20
WR		 1925 hci_conn_hold(conn);
1926 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1927 hci_conn_put(conn);
1928 }
1929
51a8efd7 1930 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1931 if (!ev->status) {
1932 struct hci_cp_set_conn_encrypt cp;
1933 cp.handle = ev->handle;
1934 cp.encrypt = 0x01;
1935 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1936 &cp);
1937 } else {
51a8efd7 1938 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1939 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1940 }
1941 }
1942
d7556e20 1943unlock:
1da177e4
LT		 1944 hci_dev_unlock(hdev);
1945}
1946
a9de9248 1947static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1948{
127178d2
JH		 1949 struct hci_ev_remote_name *ev = (void *) skb->data;
1950 struct hci_conn *conn;
1951
a9de9248 1952 BT_DBG("%s", hdev->name);
1da177e4 1953
a9de9248 1954 hci_conn_check_pending(hdev);
127178d2
JH		 1955
1956 hci_dev_lock(hdev);
1957
b644ba33 1958 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1959
b644ba33
JH		 1960 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1961 goto check_auth;
a88a9652 1962
b644ba33
JH		 1963 if (ev->status == 0)
1964 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1965 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1966 else
1967 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1968
1969check_auth:
79c6c70c
JH		 1970 if (!conn)
1971 goto unlock;
1972
1973 if (!hci_outgoing_auth_needed(hdev, conn))
1974 goto unlock;
1975
51a8efd7 1976 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1977 struct hci_cp_auth_requested cp;
1978 cp.handle = __cpu_to_le16(conn->handle);
1979 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1980 }
1981
79c6c70c 1982unlock:
127178d2 1983 hci_dev_unlock(hdev);
a9de9248
MH		 1984}
1985
1986static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1987{
1988 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1989 struct hci_conn *conn;
1990
1991 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1992
1993 hci_dev_lock(hdev);
1994
04837f64 1995 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1996 if (conn) {
1997 if (!ev->status) {
ae293196
MH		 1998 if (ev->encrypt) {
1999 /* Encryption implies authentication */
2000 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2001 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2002 conn->sec_level = conn->pending_sec_level;
ae293196 2003 } else
1da177e4
LT		 2004 conn->link_mode &= ~HCI_LM_ENCRYPT;
2005 }
2006
51a8efd7 2007 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2008
f8558555
MH		 2009 if (conn->state == BT_CONFIG) {
2010 if (!ev->status)
2011 conn->state = BT_CONNECTED;
2012
2013 hci_proto_connect_cfm(conn, ev->status);
2014 hci_conn_put(conn);
2015 } else
2016 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2017 }
2018
2019 hci_dev_unlock(hdev);
2020}
2021
a9de9248 2022static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2023{
a9de9248 2024 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2025 struct hci_conn *conn;
1da177e4
LT		 2026
2027 BT_DBG("%s status %d", hdev->name, ev->status);
2028
2029 hci_dev_lock(hdev);
2030
04837f64 2031 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2032 if (conn) {
2033 if (!ev->status)
2034 conn->link_mode |= HCI_LM_SECURE;
2035
51a8efd7 2036 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2037
2038 hci_key_change_cfm(conn, ev->status);
2039 }
2040
2041 hci_dev_unlock(hdev);
2042}
2043
a9de9248 2044static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2045{
a9de9248
MH		 2046 struct hci_ev_remote_features *ev = (void *) skb->data;
2047 struct hci_conn *conn;
2048
2049 BT_DBG("%s status %d", hdev->name, ev->status);
2050
a9de9248
MH		 2051 hci_dev_lock(hdev);
2052
2053 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2054 if (!conn)
2055 goto unlock;
769be974 2056
ccd556fe
JH		 2057 if (!ev->status)
2058 memcpy(conn->features, ev->features, 8);
2059
2060 if (conn->state != BT_CONFIG)
2061 goto unlock;
2062
2063 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2064 struct hci_cp_read_remote_ext_features cp;
2065 cp.handle = ev->handle;
2066 cp.page = 0x01;
2067 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2068 sizeof(cp), &cp);
392599b9
JH		 2069 goto unlock;
2070 }
2071
127178d2
JH		 2072 if (!ev->status) {
2073 struct hci_cp_remote_name_req cp;
2074 memset(&cp, 0, sizeof(cp));
2075 bacpy(&cp.bdaddr, &conn->dst);
2076 cp.pscan_rep_mode = 0x02;
2077 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2078 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2079 mgmt_device_connected(hdev, &conn->dst, conn->type,
2080 conn->dst_type, NULL, 0,
2081 conn->dev_class);
392599b9 2082
127178d2 2083 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2084 conn->state = BT_CONNECTED;
2085 hci_proto_connect_cfm(conn, ev->status);
2086 hci_conn_put(conn);
769be974 2087 }
a9de9248 2088
ccd556fe 2089unlock:
a9de9248 2090 hci_dev_unlock(hdev);
1da177e4
LT		 2091}
2092
a9de9248 2093static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2094{
a9de9248 2095 BT_DBG("%s", hdev->name);
1da177e4
LT		 2096}
2097
a9de9248 2098static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2099{
a9de9248 2100 BT_DBG("%s", hdev->name);
1da177e4
LT		 2101}
2102
a9de9248
MH		 2103static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2104{
2105 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2106 __u16 opcode;
2107
2108 skb_pull(skb, sizeof(*ev));
2109
2110 opcode = __le16_to_cpu(ev->opcode);
2111
2112 switch (opcode) {
2113 case HCI_OP_INQUIRY_CANCEL:
2114 hci_cc_inquiry_cancel(hdev, skb);
2115 break;
2116
2117 case HCI_OP_EXIT_PERIODIC_INQ:
2118 hci_cc_exit_periodic_inq(hdev, skb);
2119 break;
2120
2121 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2122 hci_cc_remote_name_req_cancel(hdev, skb);
2123 break;
2124
2125 case HCI_OP_ROLE_DISCOVERY:
2126 hci_cc_role_discovery(hdev, skb);
2127 break;
2128
e4e8e37c
MH		 2129 case HCI_OP_READ_LINK_POLICY:
2130 hci_cc_read_link_policy(hdev, skb);
2131 break;
2132
a9de9248
MH		 2133 case HCI_OP_WRITE_LINK_POLICY:
2134 hci_cc_write_link_policy(hdev, skb);
2135 break;
2136
e4e8e37c
MH		 2137 case HCI_OP_READ_DEF_LINK_POLICY:
2138 hci_cc_read_def_link_policy(hdev, skb);
2139 break;
2140
2141 case HCI_OP_WRITE_DEF_LINK_POLICY:
2142 hci_cc_write_def_link_policy(hdev, skb);
2143 break;
2144
a9de9248
MH		 2145 case HCI_OP_RESET:
2146 hci_cc_reset(hdev, skb);
2147 break;
2148
2149 case HCI_OP_WRITE_LOCAL_NAME:
2150 hci_cc_write_local_name(hdev, skb);
2151 break;
2152
2153 case HCI_OP_READ_LOCAL_NAME:
2154 hci_cc_read_local_name(hdev, skb);
2155 break;
2156
2157 case HCI_OP_WRITE_AUTH_ENABLE:
2158 hci_cc_write_auth_enable(hdev, skb);
2159 break;
2160
2161 case HCI_OP_WRITE_ENCRYPT_MODE:
2162 hci_cc_write_encrypt_mode(hdev, skb);
2163 break;
2164
2165 case HCI_OP_WRITE_SCAN_ENABLE:
2166 hci_cc_write_scan_enable(hdev, skb);
2167 break;
2168
2169 case HCI_OP_READ_CLASS_OF_DEV:
2170 hci_cc_read_class_of_dev(hdev, skb);
2171 break;
2172
2173 case HCI_OP_WRITE_CLASS_OF_DEV:
2174 hci_cc_write_class_of_dev(hdev, skb);
2175 break;
2176
2177 case HCI_OP_READ_VOICE_SETTING:
2178 hci_cc_read_voice_setting(hdev, skb);
2179 break;
2180
2181 case HCI_OP_WRITE_VOICE_SETTING:
2182 hci_cc_write_voice_setting(hdev, skb);
2183 break;
2184
2185 case HCI_OP_HOST_BUFFER_SIZE:
2186 hci_cc_host_buffer_size(hdev, skb);
2187 break;
2188
333140b5
MH		 2189 case HCI_OP_WRITE_SSP_MODE:
2190 hci_cc_write_ssp_mode(hdev, skb);
2191 break;
2192
a9de9248
MH		 2193 case HCI_OP_READ_LOCAL_VERSION:
2194 hci_cc_read_local_version(hdev, skb);
2195 break;
2196
2197 case HCI_OP_READ_LOCAL_COMMANDS:
2198 hci_cc_read_local_commands(hdev, skb);
2199 break;
2200
2201 case HCI_OP_READ_LOCAL_FEATURES:
2202 hci_cc_read_local_features(hdev, skb);
2203 break;
2204
971e3a4b
AG		 2205 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2206 hci_cc_read_local_ext_features(hdev, skb);
2207 break;
2208
a9de9248
MH		 2209 case HCI_OP_READ_BUFFER_SIZE:
2210 hci_cc_read_buffer_size(hdev, skb);
2211 break;
2212
2213 case HCI_OP_READ_BD_ADDR:
2214 hci_cc_read_bd_addr(hdev, skb);
2215 break;
2216
350ee4cf
AE		 2217 case HCI_OP_READ_DATA_BLOCK_SIZE:
2218 hci_cc_read_data_block_size(hdev, skb);
2219 break;
2220
23bb5763
JH		 2221 case HCI_OP_WRITE_CA_TIMEOUT:
2222 hci_cc_write_ca_timeout(hdev, skb);
2223 break;
2224
1e89cffb
AE		 2225 case HCI_OP_READ_FLOW_CONTROL_MODE:
2226 hci_cc_read_flow_control_mode(hdev, skb);
2227 break;
2228
928abaa7
AE		 2229 case HCI_OP_READ_LOCAL_AMP_INFO:
2230 hci_cc_read_local_amp_info(hdev, skb);
2231 break;
2232
b0916ea0
JH		 2233 case HCI_OP_DELETE_STORED_LINK_KEY:
2234 hci_cc_delete_stored_link_key(hdev, skb);
2235 break;
2236
d5859e22
JH		 2237 case HCI_OP_SET_EVENT_MASK:
2238 hci_cc_set_event_mask(hdev, skb);
2239 break;
2240
2241 case HCI_OP_WRITE_INQUIRY_MODE:
2242 hci_cc_write_inquiry_mode(hdev, skb);
2243 break;
2244
2245 case HCI_OP_READ_INQ_RSP_TX_POWER:
2246 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2247 break;
2248
2249 case HCI_OP_SET_EVENT_FLT:
2250 hci_cc_set_event_flt(hdev, skb);
2251 break;
2252
980e1a53
JH		 2253 case HCI_OP_PIN_CODE_REPLY:
2254 hci_cc_pin_code_reply(hdev, skb);
2255 break;
2256
2257 case HCI_OP_PIN_CODE_NEG_REPLY:
2258 hci_cc_pin_code_neg_reply(hdev, skb);
2259 break;
2260
c35938b2
SJ		 2261 case HCI_OP_READ_LOCAL_OOB_DATA:
2262 hci_cc_read_local_oob_data_reply(hdev, skb);
2263 break;
2264
6ed58ec5
VT		 2265 case HCI_OP_LE_READ_BUFFER_SIZE:
2266 hci_cc_le_read_buffer_size(hdev, skb);
2267 break;
2268
a5c29683
JH		 2269 case HCI_OP_USER_CONFIRM_REPLY:
2270 hci_cc_user_confirm_reply(hdev, skb);
2271 break;
2272
2273 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2274 hci_cc_user_confirm_neg_reply(hdev, skb);
2275 break;
2276
1143d458
BG		 2277 case HCI_OP_USER_PASSKEY_REPLY:
2278 hci_cc_user_passkey_reply(hdev, skb);
2279 break;
2280
2281 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2282 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2283
2284 case HCI_OP_LE_SET_SCAN_PARAM:
2285 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2286 break;
2287
eb9d91f5
AG		 2288 case HCI_OP_LE_SET_SCAN_ENABLE:
2289 hci_cc_le_set_scan_enable(hdev, skb);
2290 break;
2291
a7a595f6
VCG		 2292 case HCI_OP_LE_LTK_REPLY:
2293 hci_cc_le_ltk_reply(hdev, skb);
2294 break;
2295
2296 case HCI_OP_LE_LTK_NEG_REPLY:
2297 hci_cc_le_ltk_neg_reply(hdev, skb);
2298 break;
2299
f9b49306
AG		 2300 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2301 hci_cc_write_le_host_supported(hdev, skb);
2302 break;
2303
a9de9248
MH		 2304 default:
2305 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2306 break;
2307 }
2308
6bd32326
VT		 2309 if (ev->opcode != HCI_OP_NOP)
2310 del_timer(&hdev->cmd_timer);
2311
a9de9248
MH		 2312 if (ev->ncmd) {
2313 atomic_set(&hdev->cmd_cnt, 1);
2314 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2315 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2316 }
2317}
2318
2319static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2320{
2321 struct hci_ev_cmd_status *ev = (void *) skb->data;
2322 __u16 opcode;
2323
2324 skb_pull(skb, sizeof(*ev));
2325
2326 opcode = __le16_to_cpu(ev->opcode);
2327
2328 switch (opcode) {
2329 case HCI_OP_INQUIRY:
2330 hci_cs_inquiry(hdev, ev->status);
2331 break;
2332
2333 case HCI_OP_CREATE_CONN:
2334 hci_cs_create_conn(hdev, ev->status);
2335 break;
2336
2337 case HCI_OP_ADD_SCO:
2338 hci_cs_add_sco(hdev, ev->status);
2339 break;
2340
f8558555
MH		 2341 case HCI_OP_AUTH_REQUESTED:
2342 hci_cs_auth_requested(hdev, ev->status);
2343 break;
2344
2345 case HCI_OP_SET_CONN_ENCRYPT:
2346 hci_cs_set_conn_encrypt(hdev, ev->status);
2347 break;
2348
a9de9248
MH		 2349 case HCI_OP_REMOTE_NAME_REQ:
2350 hci_cs_remote_name_req(hdev, ev->status);
2351 break;
2352
769be974
MH		 2353 case HCI_OP_READ_REMOTE_FEATURES:
2354 hci_cs_read_remote_features(hdev, ev->status);
2355 break;
2356
2357 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2358 hci_cs_read_remote_ext_features(hdev, ev->status);
2359 break;
2360
a9de9248
MH		 2361 case HCI_OP_SETUP_SYNC_CONN:
2362 hci_cs_setup_sync_conn(hdev, ev->status);
2363 break;
2364
2365 case HCI_OP_SNIFF_MODE:
2366 hci_cs_sniff_mode(hdev, ev->status);
2367 break;
2368
2369 case HCI_OP_EXIT_SNIFF_MODE:
2370 hci_cs_exit_sniff_mode(hdev, ev->status);
2371 break;
2372
8962ee74 2373 case HCI_OP_DISCONNECT:
88c3df13 2374 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2375 break;
2376
fcd89c09
VT		 2377 case HCI_OP_LE_CREATE_CONN:
2378 hci_cs_le_create_conn(hdev, ev->status);
2379 break;
2380
a7a595f6
VCG		 2381 case HCI_OP_LE_START_ENC:
2382 hci_cs_le_start_enc(hdev, ev->status);
2383 break;
2384
a9de9248
MH		 2385 default:
2386 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2387 break;
2388 }
2389
6bd32326
VT		 2390 if (ev->opcode != HCI_OP_NOP)
2391 del_timer(&hdev->cmd_timer);
2392
10572132 2393 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2394 atomic_set(&hdev->cmd_cnt, 1);
2395 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2396 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2397 }
2398}
2399
2400static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2401{
2402 struct hci_ev_role_change *ev = (void *) skb->data;
2403 struct hci_conn *conn;
2404
2405 BT_DBG("%s status %d", hdev->name, ev->status);
2406
2407 hci_dev_lock(hdev);
2408
2409 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2410 if (conn) {
2411 if (!ev->status) {
2412 if (ev->role)
2413 conn->link_mode &= ~HCI_LM_MASTER;
2414 else
2415 conn->link_mode |= HCI_LM_MASTER;
2416 }
2417
51a8efd7 2418 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2419
2420 hci_role_switch_cfm(conn, ev->status, ev->role);
2421 }
2422
2423 hci_dev_unlock(hdev);
2424}
2425
2426static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2427{
2428 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2429 int i;
2430
32ac5b9b
AE		 2431 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2432 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2433 return;
2434 }
2435
c5993de8
AE		 2436 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2437 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2438 BT_DBG("%s bad parameters", hdev->name);
2439 return;
2440 }
2441
c5993de8
AE		 2442 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2443
613a1c0c
AE		 2444 for (i = 0; i < ev->num_hndl; i++) {
2445 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2446 struct hci_conn *conn;
2447 __u16 handle, count;
2448
613a1c0c
AE		 2449 handle = __le16_to_cpu(info->handle);
2450 count = __le16_to_cpu(info->count);
a9de9248
MH		 2451
2452 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2453 if (!conn)
2454 continue;
2455
2456 conn->sent -= count;
2457
2458 switch (conn->type) {
2459 case ACL_LINK:
2460 hdev->acl_cnt += count;
2461 if (hdev->acl_cnt > hdev->acl_pkts)
2462 hdev->acl_cnt = hdev->acl_pkts;
2463 break;
2464
2465 case LE_LINK:
2466 if (hdev->le_pkts) {
2467 hdev->le_cnt += count;
2468 if (hdev->le_cnt > hdev->le_pkts)
2469 hdev->le_cnt = hdev->le_pkts;
2470 } else {
70f23020
AE		 2471 hdev->acl_cnt += count;
2472 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2473 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2474 }
f4280918
AE		 2475 break;
2476
2477 case SCO_LINK:
2478 hdev->sco_cnt += count;
2479 if (hdev->sco_cnt > hdev->sco_pkts)
2480 hdev->sco_cnt = hdev->sco_pkts;
2481 break;
2482
2483 default:
2484 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2485 break;
a9de9248
MH		 2486 }
2487 }
2488
3eff45ea 2489 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2490}
2491
25e89e99
AE		 2492static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2493 struct sk_buff *skb)
2494{
2495 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2496 int i;
2497
2498 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2499 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2500 return;
2501 }
2502
2503 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2504 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2505 BT_DBG("%s bad parameters", hdev->name);
2506 return;
2507 }
2508
2509 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2510 ev->num_hndl);
2511
2512 for (i = 0; i < ev->num_hndl; i++) {
2513 struct hci_comp_blocks_info *info = &ev->handles[i];
2514 struct hci_conn *conn;
2515 __u16 handle, block_count;
2516
2517 handle = __le16_to_cpu(info->handle);
2518 block_count = __le16_to_cpu(info->blocks);
2519
2520 conn = hci_conn_hash_lookup_handle(hdev, handle);
2521 if (!conn)
2522 continue;
2523
2524 conn->sent -= block_count;
2525
2526 switch (conn->type) {
2527 case ACL_LINK:
2528 hdev->block_cnt += block_count;
2529 if (hdev->block_cnt > hdev->num_blocks)
2530 hdev->block_cnt = hdev->num_blocks;
2531 break;
2532
2533 default:
2534 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2535 break;
2536 }
2537 }
2538
2539 queue_work(hdev->workqueue, &hdev->tx_work);
2540}
2541
a9de9248 2542static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2543{
a9de9248 2544 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2545 struct hci_conn *conn;
2546
2547 BT_DBG("%s status %d", hdev->name, ev->status);
2548
2549 hci_dev_lock(hdev);
2550
2551 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2552 if (conn) {
2553 conn->mode = ev->mode;
2554 conn->interval = __le16_to_cpu(ev->interval);
2555
51a8efd7 2556 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2557 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2558 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2559 else
58a681ef 2560 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2561 }
e73439d8 2562
51a8efd7 2563 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2564 hci_sco_setup(conn, ev->status);
04837f64
MH		 2565 }
2566
2567 hci_dev_unlock(hdev);
2568}
2569
a9de9248
MH		 2570static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2571{
052b30b0
MH		 2572 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2573 struct hci_conn *conn;
2574
a9de9248 2575 BT_DBG("%s", hdev->name);
052b30b0
MH		 2576
2577 hci_dev_lock(hdev);
2578
2579 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2580 if (!conn)
2581 goto unlock;
2582
2583 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2584 hci_conn_hold(conn);
2585 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2586 hci_conn_put(conn);
2587 }
2588
a8b2d5c2 2589 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2590 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2591 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2592 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2593 u8 secure;
2594
2595 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2596 secure = 1;
2597 else
2598 secure = 0;
2599
744cf19e 2600 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2601 }
980e1a53 2602
b6f98044 2603unlock:
052b30b0 2604 hci_dev_unlock(hdev);
a9de9248
MH		 2605}
2606
2607static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2608{
55ed8ca1
JH		 2609 struct hci_ev_link_key_req *ev = (void *) skb->data;
2610 struct hci_cp_link_key_reply cp;
2611 struct hci_conn *conn;
2612 struct link_key *key;
2613
a9de9248 2614 BT_DBG("%s", hdev->name);
55ed8ca1 2615
a8b2d5c2 2616 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2617 return;
2618
2619 hci_dev_lock(hdev);
2620
2621 key = hci_find_link_key(hdev, &ev->bdaddr);
2622 if (!key) {
2623 BT_DBG("%s link key not found for %s", hdev->name,
2624 batostr(&ev->bdaddr));
2625 goto not_found;
2626 }
2627
2628 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2629 batostr(&ev->bdaddr));
2630
a8b2d5c2 2631 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2632 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2633 BT_DBG("%s ignoring debug key", hdev->name);
2634 goto not_found;
2635 }
2636
2637 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2638 if (conn) {
2639 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2640 conn->auth_type != 0xff &&
2641 (conn->auth_type & 0x01)) {
2642 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2643 goto not_found;
2644 }
55ed8ca1 2645
60b83f57
WR		 2646 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2647 conn->pending_sec_level == BT_SECURITY_HIGH) {
2648 BT_DBG("%s ignoring key unauthenticated for high \
2649 security", hdev->name);
2650 goto not_found;
2651 }
2652
2653 conn->key_type = key->type;
2654 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2655 }
2656
2657 bacpy(&cp.bdaddr, &ev->bdaddr);
2658 memcpy(cp.link_key, key->val, 16);
2659
2660 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2661
2662 hci_dev_unlock(hdev);
2663
2664 return;
2665
2666not_found:
2667 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2668 hci_dev_unlock(hdev);
a9de9248
MH		 2669}
2670
2671static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2672{
052b30b0
MH		 2673 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2674 struct hci_conn *conn;
55ed8ca1 2675 u8 pin_len = 0;
052b30b0 2676
a9de9248 2677 BT_DBG("%s", hdev->name);
052b30b0
MH		 2678
2679 hci_dev_lock(hdev);
2680
2681 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2682 if (conn) {
2683 hci_conn_hold(conn);
2684 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2685 pin_len = conn->pin_length;
13d39315
WR		 2686
2687 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2688 conn->key_type = ev->key_type;
2689
052b30b0
MH		 2690 hci_conn_put(conn);
2691 }
2692
a8b2d5c2 2693 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2694 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2695 ev->key_type, pin_len);
2696
052b30b0 2697 hci_dev_unlock(hdev);
a9de9248
MH		 2698}
2699
1da177e4
LT		 2700static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2701{
a9de9248 2702 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2703 struct hci_conn *conn;
1da177e4
LT		 2704
2705 BT_DBG("%s status %d", hdev->name, ev->status);
2706
2707 hci_dev_lock(hdev);
2708
04837f64 2709 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2710 if (conn && !ev->status) {
2711 struct inquiry_entry *ie;
2712
cc11b9c1
AE		 2713 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2714 if (ie) {
1da177e4
LT		 2715 ie->data.clock_offset = ev->clock_offset;
2716 ie->timestamp = jiffies;
2717 }
2718 }
2719
2720 hci_dev_unlock(hdev);
2721}
2722
a8746417
MH		 2723static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2724{
2725 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2726 struct hci_conn *conn;
2727
2728 BT_DBG("%s status %d", hdev->name, ev->status);
2729
2730 hci_dev_lock(hdev);
2731
2732 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2733 if (conn && !ev->status)
2734 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2735
2736 hci_dev_unlock(hdev);
2737}
2738
85a1e930
MH		 2739static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2740{
a9de9248 2741 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2742 struct inquiry_entry *ie;
2743
2744 BT_DBG("%s", hdev->name);
2745
2746 hci_dev_lock(hdev);
2747
cc11b9c1
AE		 2748 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2749 if (ie) {
85a1e930
MH		 2750 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2751 ie->timestamp = jiffies;
2752 }
2753
2754 hci_dev_unlock(hdev);
2755}
2756
a9de9248
MH		 2757static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2758{
2759 struct inquiry_data data;
2760 int num_rsp = *((__u8 *) skb->data);
3175405b 2761 bool name_known;
a9de9248
MH		 2762
2763 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2764
2765 if (!num_rsp)
2766 return;
2767
2768 hci_dev_lock(hdev);
2769
2770 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2771 struct inquiry_info_with_rssi_and_pscan_mode *info;
2772 info = (void *) (skb->data + 1);
a9de9248 2773
e17acd40 2774 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2775 bacpy(&data.bdaddr, &info->bdaddr);
2776 data.pscan_rep_mode = info->pscan_rep_mode;
2777 data.pscan_period_mode = info->pscan_period_mode;
2778 data.pscan_mode = info->pscan_mode;
2779 memcpy(data.dev_class, info->dev_class, 3);
2780 data.clock_offset = info->clock_offset;
2781 data.rssi = info->rssi;
41a96212 2782 data.ssp_mode = 0x00;
3175405b
JH		 2783
2784 name_known = hci_inquiry_cache_update(hdev, &data,
2785 false);
48264f06 2786 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2787 info->dev_class, info->rssi,
7d262f86 2788 !name_known, NULL, 0);
a9de9248
MH		 2789 }
2790 } else {
2791 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2792
e17acd40 2793 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2794 bacpy(&data.bdaddr, &info->bdaddr);
2795 data.pscan_rep_mode = info->pscan_rep_mode;
2796 data.pscan_period_mode = info->pscan_period_mode;
2797 data.pscan_mode = 0x00;
2798 memcpy(data.dev_class, info->dev_class, 3);
2799 data.clock_offset = info->clock_offset;
2800 data.rssi = info->rssi;
41a96212 2801 data.ssp_mode = 0x00;
3175405b
JH		 2802 name_known = hci_inquiry_cache_update(hdev, &data,
2803 false);
48264f06 2804 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2805 info->dev_class, info->rssi,
7d262f86 2806 !name_known, NULL, 0);
a9de9248
MH		 2807 }
2808 }
2809
2810 hci_dev_unlock(hdev);
2811}
2812
2813static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2814{
41a96212
MH		 2815 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2816 struct hci_conn *conn;
2817
a9de9248 2818 BT_DBG("%s", hdev->name);
41a96212 2819
41a96212
MH		 2820 hci_dev_lock(hdev);
2821
2822 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2823 if (!conn)
2824 goto unlock;
41a96212 2825
ccd556fe
JH		 2826 if (!ev->status && ev->page == 0x01) {
2827 struct inquiry_entry *ie;
41a96212 2828
cc11b9c1
AE		 2829 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2830 if (ie)
ccd556fe 2831 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2832
58a681ef
JH		 2833 if (ev->features[0] & 0x01)
2834 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2835 }
2836
2837 if (conn->state != BT_CONFIG)
2838 goto unlock;
2839
127178d2
JH		 2840 if (!ev->status) {
2841 struct hci_cp_remote_name_req cp;
2842 memset(&cp, 0, sizeof(cp));
2843 bacpy(&cp.bdaddr, &conn->dst);
2844 cp.pscan_rep_mode = 0x02;
2845 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2846 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2847 mgmt_device_connected(hdev, &conn->dst, conn->type,
2848 conn->dst_type, NULL, 0,
2849 conn->dev_class);
392599b9 2850
127178d2 2851 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2852 conn->state = BT_CONNECTED;
2853 hci_proto_connect_cfm(conn, ev->status);
2854 hci_conn_put(conn);
41a96212
MH		 2855 }
2856
ccd556fe 2857unlock:
41a96212 2858 hci_dev_unlock(hdev);
a9de9248
MH		 2859}
2860
2861static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2862{
b6a0dc82
MH		 2863 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2864 struct hci_conn *conn;
2865
2866 BT_DBG("%s status %d", hdev->name, ev->status);
2867
2868 hci_dev_lock(hdev);
2869
2870 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2871 if (!conn) {
2872 if (ev->link_type == ESCO_LINK)
2873 goto unlock;
2874
2875 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2876 if (!conn)
2877 goto unlock;
2878
2879 conn->type = SCO_LINK;
2880 }
b6a0dc82 2881
732547f9
MH		 2882 switch (ev->status) {
2883 case 0x00:
b6a0dc82
MH		 2884 conn->handle = __le16_to_cpu(ev->handle);
2885 conn->state = BT_CONNECTED;
7d0db0a3 2886
9eba32b8 2887 hci_conn_hold_device(conn);
7d0db0a3 2888 hci_conn_add_sysfs(conn);
732547f9
MH		 2889 break;
2890
705e5711 2891 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2892 case 0x1c: /* SCO interval rejected */
1038a00b 2893 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2894 case 0x1f: /* Unspecified error */
2895 if (conn->out && conn->attempt < 2) {
2896 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2897 (hdev->esco_type & EDR_ESCO_MASK);
2898 hci_setup_sync(conn, conn->link->handle);
2899 goto unlock;
2900 }
2901 /* fall through */
2902
2903 default:
b6a0dc82 2904 conn->state = BT_CLOSED;
732547f9
MH		 2905 break;
2906 }
b6a0dc82
MH		 2907
2908 hci_proto_connect_cfm(conn, ev->status);
2909 if (ev->status)
2910 hci_conn_del(conn);
2911
2912unlock:
2913 hci_dev_unlock(hdev);
a9de9248
MH		 2914}
2915
2916static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2917{
2918 BT_DBG("%s", hdev->name);
2919}
2920
04837f64
MH		 2921static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2922{
a9de9248 2923 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2924
2925 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2926}
2927
a9de9248 2928static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2929{
a9de9248
MH		 2930 struct inquiry_data data;
2931 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2932 int num_rsp = *((__u8 *) skb->data);
1da177e4 2933
a9de9248 2934 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2935
a9de9248
MH		 2936 if (!num_rsp)
2937 return;
1da177e4 2938
a9de9248
MH		 2939 hci_dev_lock(hdev);
2940
e17acd40 2941 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2942 bool name_known;
2943
a9de9248 2944 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2945 data.pscan_rep_mode = info->pscan_rep_mode;
2946 data.pscan_period_mode = info->pscan_period_mode;
2947 data.pscan_mode = 0x00;
a9de9248 2948 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2949 data.clock_offset = info->clock_offset;
2950 data.rssi = info->rssi;
41a96212 2951 data.ssp_mode = 0x01;
561aafbc 2952
a8b2d5c2 2953 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2954 name_known = eir_has_data_type(info->data,
2955 sizeof(info->data),
2956 EIR_NAME_COMPLETE);
561aafbc
JH		 2957 else
2958 name_known = true;
2959
3175405b 2960 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2961 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2962 info->dev_class, info->rssi,
7d262f86
AG		 2963 !name_known, info->data,
2964 sizeof(info->data));
a9de9248
MH		 2965 }
2966
2967 hci_dev_unlock(hdev);
2968}
1da177e4 2969
17fa4b9d
JH		 2970static inline u8 hci_get_auth_req(struct hci_conn *conn)
2971{
2972 /* If remote requests dedicated bonding follow that lead */
2973 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2974 /* If both remote and local IO capabilities allow MITM
2975 * protection then require it, otherwise don't */
2976 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2977 return 0x02;
2978 else
2979 return 0x03;
2980 }
2981
2982 /* If remote requests no-bonding follow that lead */
2983 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2984 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2985
2986 return conn->auth_type;
2987}
2988
0493684e
MH		 2989static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2990{
2991 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2992 struct hci_conn *conn;
2993
2994 BT_DBG("%s", hdev->name);
2995
2996 hci_dev_lock(hdev);
2997
2998 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 2999 if (!conn)
3000 goto unlock;
3001
3002 hci_conn_hold(conn);
3003
a8b2d5c2 3004 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3005 goto unlock;
3006
a8b2d5c2 3007 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 3008 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3009 struct hci_cp_io_capability_reply cp;
3010
3011 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3012 /* Change the IO capability from KeyboardDisplay
3013 * to DisplayYesNo as it is not supported by BT spec. */
3014 cp.capability = (conn->io_capability == 0x04) ?
3015 0x01 : conn->io_capability;
7cbc9bd9
JH		 3016 conn->auth_type = hci_get_auth_req(conn);
3017 cp.authentication = conn->auth_type;
17fa4b9d 3018
58a681ef 3019 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 3020 hci_find_remote_oob_data(hdev, &conn->dst))
3021 cp.oob_data = 0x01;
3022 else
3023 cp.oob_data = 0x00;
3024
17fa4b9d
JH		 3025 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3026 sizeof(cp), &cp);
03b555e1
JH		 3027 } else {
3028 struct hci_cp_io_capability_neg_reply cp;
3029
3030 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3031 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3032
03b555e1
JH		 3033 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3034 sizeof(cp), &cp);
3035 }
3036
3037unlock:
3038 hci_dev_unlock(hdev);
3039}
3040
3041static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3042{
3043 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3044 struct hci_conn *conn;
3045
3046 BT_DBG("%s", hdev->name);
3047
3048 hci_dev_lock(hdev);
3049
3050 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3051 if (!conn)
3052 goto unlock;
3053
03b555e1 3054 conn->remote_cap = ev->capability;
03b555e1 3055 conn->remote_auth = ev->authentication;
58a681ef
JH		 3056 if (ev->oob_data)
3057 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3058
3059unlock:
0493684e
MH		 3060 hci_dev_unlock(hdev);
3061}
3062
a5c29683
JH		 3063static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3064 struct sk_buff *skb)
3065{
3066 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3067 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3068 struct hci_conn *conn;
a5c29683
JH		 3069
3070 BT_DBG("%s", hdev->name);
3071
3072 hci_dev_lock(hdev);
3073
a8b2d5c2 3074 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3075 goto unlock;
a5c29683 3076
7a828908
JH		 3077 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3078 if (!conn)
3079 goto unlock;
3080
3081 loc_mitm = (conn->auth_type & 0x01);
3082 rem_mitm = (conn->remote_auth & 0x01);
3083
3084 /* If we require MITM but the remote device can't provide that
3085 * (it has NoInputNoOutput) then reject the confirmation
3086 * request. The only exception is when we're dedicated bonding
3087 * initiators (connect_cfm_cb set) since then we always have the MITM
3088 * bit set. */
3089 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3090 BT_DBG("Rejecting request: remote device can't provide MITM");
3091 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3092 sizeof(ev->bdaddr), &ev->bdaddr);
3093 goto unlock;
3094 }
3095
3096 /* If no side requires MITM protection; auto-accept */
3097 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3098 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3099
3100 /* If we're not the initiators request authorization to
3101 * proceed from user space (mgmt_user_confirm with
3102 * confirm_hint set to 1). */
51a8efd7 3103 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3104 BT_DBG("Confirming auto-accept as acceptor");
3105 confirm_hint = 1;
3106 goto confirm;
3107 }
3108
9f61656a
JH		 3109 BT_DBG("Auto-accept of user confirmation with %ums delay",
3110 hdev->auto_accept_delay);
3111
3112 if (hdev->auto_accept_delay > 0) {
3113 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3114 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3115 goto unlock;
3116 }
3117
7a828908
JH		 3118 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3119 sizeof(ev->bdaddr), &ev->bdaddr);
3120 goto unlock;
3121 }
3122
55bc1a37 3123confirm:
272d90df 3124 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
55bc1a37 3125 confirm_hint);
7a828908
JH		 3126
3127unlock:
a5c29683
JH		 3128 hci_dev_unlock(hdev);
3129}
3130
1143d458
BG		 3131static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3132 struct sk_buff *skb)
3133{
3134 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3135
3136 BT_DBG("%s", hdev->name);
3137
3138 hci_dev_lock(hdev);
3139
a8b2d5c2 3140 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3141 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3142
3143 hci_dev_unlock(hdev);
3144}
3145
0493684e
MH		 3146static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3147{
3148 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3149 struct hci_conn *conn;
3150
3151 BT_DBG("%s", hdev->name);
3152
3153 hci_dev_lock(hdev);
3154
3155 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3156 if (!conn)
3157 goto unlock;
3158
3159 /* To avoid duplicate auth_failed events to user space we check
3160 * the HCI_CONN_AUTH_PEND flag which will be set if we
3161 * initiated the authentication. A traditional auth_complete
3162 * event gets always produced as initiator and is also mapped to
3163 * the mgmt_auth_failed event */
51a8efd7 3164 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
bab73cb6
JH		 3165 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3166 ev->status);
0493684e 3167
2a611692
JH		 3168 hci_conn_put(conn);
3169
3170unlock:
0493684e
MH		 3171 hci_dev_unlock(hdev);
3172}
3173
41a96212
MH		 3174static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3175{
3176 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3177 struct inquiry_entry *ie;
3178
3179 BT_DBG("%s", hdev->name);
3180
3181 hci_dev_lock(hdev);
3182
cc11b9c1
AE		 3183 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3184 if (ie)
41a96212
MH		 3185 ie->data.ssp_mode = (ev->features[0] & 0x01);
3186
3187 hci_dev_unlock(hdev);
3188}
3189
2763eda6
SJ		 3190static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3191 struct sk_buff *skb)
3192{
3193 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3194 struct oob_data *data;
3195
3196 BT_DBG("%s", hdev->name);
3197
3198 hci_dev_lock(hdev);
3199
a8b2d5c2 3200 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3201 goto unlock;
3202
2763eda6
SJ		 3203 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3204 if (data) {
3205 struct hci_cp_remote_oob_data_reply cp;
3206
3207 bacpy(&cp.bdaddr, &ev->bdaddr);
3208 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3209 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3210
3211 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3212 &cp);
3213 } else {
3214 struct hci_cp_remote_oob_data_neg_reply cp;
3215
3216 bacpy(&cp.bdaddr, &ev->bdaddr);
3217 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3218 &cp);
3219 }
3220
e1ba1f15 3221unlock:
2763eda6
SJ		 3222 hci_dev_unlock(hdev);
3223}
3224
fcd89c09
VT		 3225static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3226{
3227 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3228 struct hci_conn *conn;
3229
3230 BT_DBG("%s status %d", hdev->name, ev->status);
3231
3232 hci_dev_lock(hdev);
3233
3234 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3235 if (!conn) {
3236 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3237 if (!conn) {
3238 BT_ERR("No memory for new connection");
3239 hci_dev_unlock(hdev);
3240 return;
3241 }
29b7988a
AG		 3242
3243 conn->dst_type = ev->bdaddr_type;
b62f328b 3244 }
fcd89c09
VT		 3245
3246 if (ev->status) {
48264f06
JH		 3247 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3248 conn->dst_type, ev->status);
fcd89c09
VT		 3249 hci_proto_connect_cfm(conn, ev->status);
3250 conn->state = BT_CLOSED;
3251 hci_conn_del(conn);
3252 goto unlock;
3253 }
3254
b644ba33
JH		 3255 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3256 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3257 conn->dst_type, NULL, 0, 0);
83bc71b4 3258
7b5c0d52 3259 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3260 conn->handle = __le16_to_cpu(ev->handle);
3261 conn->state = BT_CONNECTED;
3262
3263 hci_conn_hold_device(conn);
3264 hci_conn_add_sysfs(conn);
3265
3266 hci_proto_connect_cfm(conn, ev->status);
3267
3268unlock:
3269 hci_dev_unlock(hdev);
3270}
3271
9aa04c91
AG		 3272static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3273 struct sk_buff *skb)
3274{
e95beb41
AG		 3275 u8 num_reports = skb->data[0];
3276 void *ptr = &skb->data[1];
3c9e9195 3277 s8 rssi;
9aa04c91
AG		 3278
3279 hci_dev_lock(hdev);
3280
e95beb41
AG		 3281 while (num_reports--) {
3282 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3283
9aa04c91 3284 hci_add_adv_entry(hdev, ev);
e95beb41 3285
3c9e9195
AG		 3286 rssi = ev->data[ev->length];
3287 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3288 NULL, rssi, 0, ev->data, ev->length);
3289
e95beb41 3290 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3291 }
3292
3293 hci_dev_unlock(hdev);
3294}
3295
a7a595f6
VCG		 3296static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3297 struct sk_buff *skb)
3298{
3299 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3300 struct hci_cp_le_ltk_reply cp;
bea710fe 3301 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3302 struct hci_conn *conn;
c9839a11 3303 struct smp_ltk *ltk;
a7a595f6
VCG		 3304
3305 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3306
3307 hci_dev_lock(hdev);
3308
3309 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3310 if (conn == NULL)
3311 goto not_found;
a7a595f6 3312
bea710fe
VCG		 3313 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3314 if (ltk == NULL)
3315 goto not_found;
3316
3317 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3318 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3319
3320 if (ltk->authenticated)
3321 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3322
3323 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3324
c9839a11
VCG		 3325 if (ltk->type & HCI_SMP_STK) {
3326 list_del(&ltk->list);
3327 kfree(ltk);
3328 }
3329
a7a595f6 3330 hci_dev_unlock(hdev);
bea710fe
VCG		 3331
3332 return;
3333
3334not_found:
3335 neg.handle = ev->handle;
3336 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3337 hci_dev_unlock(hdev);
a7a595f6
VCG		 3338}
3339
fcd89c09
VT		 3340static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3341{
3342 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3343
3344 skb_pull(skb, sizeof(*le_ev));
3345
3346 switch (le_ev->subevent) {
3347 case HCI_EV_LE_CONN_COMPLETE:
3348 hci_le_conn_complete_evt(hdev, skb);
3349 break;
3350
9aa04c91
AG		 3351 case HCI_EV_LE_ADVERTISING_REPORT:
3352 hci_le_adv_report_evt(hdev, skb);
3353 break;
3354
a7a595f6
VCG		 3355 case HCI_EV_LE_LTK_REQ:
3356 hci_le_ltk_request_evt(hdev, skb);
3357 break;
3358
fcd89c09
VT		 3359 default:
3360 break;
3361 }
3362}
3363
a9de9248
MH		 3364void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3365{
3366 struct hci_event_hdr *hdr = (void *) skb->data;
3367 __u8 event = hdr->evt;
3368
3369 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3370
3371 switch (event) {
1da177e4
LT		 3372 case HCI_EV_INQUIRY_COMPLETE:
3373 hci_inquiry_complete_evt(hdev, skb);
3374 break;
3375
3376 case HCI_EV_INQUIRY_RESULT:
3377 hci_inquiry_result_evt(hdev, skb);
3378 break;
3379
a9de9248
MH		 3380 case HCI_EV_CONN_COMPLETE:
3381 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3382 break;
3383
1da177e4
LT		 3384 case HCI_EV_CONN_REQUEST:
3385 hci_conn_request_evt(hdev, skb);
3386 break;
3387
1da177e4
LT		 3388 case HCI_EV_DISCONN_COMPLETE:
3389 hci_disconn_complete_evt(hdev, skb);
3390 break;
3391
1da177e4
LT		 3392 case HCI_EV_AUTH_COMPLETE:
3393 hci_auth_complete_evt(hdev, skb);
3394 break;
3395
a9de9248
MH		 3396 case HCI_EV_REMOTE_NAME:
3397 hci_remote_name_evt(hdev, skb);
3398 break;
3399
1da177e4
LT		 3400 case HCI_EV_ENCRYPT_CHANGE:
3401 hci_encrypt_change_evt(hdev, skb);
3402 break;
3403
a9de9248
MH		 3404 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3405 hci_change_link_key_complete_evt(hdev, skb);
3406 break;
3407
3408 case HCI_EV_REMOTE_FEATURES:
3409 hci_remote_features_evt(hdev, skb);
3410 break;
3411
3412 case HCI_EV_REMOTE_VERSION:
3413 hci_remote_version_evt(hdev, skb);
3414 break;
3415
3416 case HCI_EV_QOS_SETUP_COMPLETE:
3417 hci_qos_setup_complete_evt(hdev, skb);
3418 break;
3419
3420 case HCI_EV_CMD_COMPLETE:
3421 hci_cmd_complete_evt(hdev, skb);
3422 break;
3423
3424 case HCI_EV_CMD_STATUS:
3425 hci_cmd_status_evt(hdev, skb);
3426 break;
3427
3428 case HCI_EV_ROLE_CHANGE:
3429 hci_role_change_evt(hdev, skb);
3430 break;
3431
3432 case HCI_EV_NUM_COMP_PKTS:
3433 hci_num_comp_pkts_evt(hdev, skb);
3434 break;
3435
3436 case HCI_EV_MODE_CHANGE:
3437 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3438 break;
3439
3440 case HCI_EV_PIN_CODE_REQ:
3441 hci_pin_code_request_evt(hdev, skb);
3442 break;
3443
3444 case HCI_EV_LINK_KEY_REQ:
3445 hci_link_key_request_evt(hdev, skb);
3446 break;
3447
3448 case HCI_EV_LINK_KEY_NOTIFY:
3449 hci_link_key_notify_evt(hdev, skb);
3450 break;
3451
3452 case HCI_EV_CLOCK_OFFSET:
3453 hci_clock_offset_evt(hdev, skb);
3454 break;
3455
a8746417
MH		 3456 case HCI_EV_PKT_TYPE_CHANGE:
3457 hci_pkt_type_change_evt(hdev, skb);
3458 break;
3459
85a1e930
MH		 3460 case HCI_EV_PSCAN_REP_MODE:
3461 hci_pscan_rep_mode_evt(hdev, skb);
3462 break;
3463
a9de9248
MH		 3464 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3465 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3466 break;
3467
a9de9248
MH		 3468 case HCI_EV_REMOTE_EXT_FEATURES:
3469 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3470 break;
3471
a9de9248
MH		 3472 case HCI_EV_SYNC_CONN_COMPLETE:
3473 hci_sync_conn_complete_evt(hdev, skb);
3474 break;
1da177e4 3475
a9de9248
MH		 3476 case HCI_EV_SYNC_CONN_CHANGED:
3477 hci_sync_conn_changed_evt(hdev, skb);
3478 break;
1da177e4 3479
a9de9248
MH		 3480 case HCI_EV_SNIFF_SUBRATE:
3481 hci_sniff_subrate_evt(hdev, skb);
3482 break;
1da177e4 3483
a9de9248
MH		 3484 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3485 hci_extended_inquiry_result_evt(hdev, skb);
3486 break;
1da177e4 3487
0493684e
MH		 3488 case HCI_EV_IO_CAPA_REQUEST:
3489 hci_io_capa_request_evt(hdev, skb);
3490 break;
3491
03b555e1
JH		 3492 case HCI_EV_IO_CAPA_REPLY:
3493 hci_io_capa_reply_evt(hdev, skb);
3494 break;
3495
a5c29683
JH		 3496 case HCI_EV_USER_CONFIRM_REQUEST:
3497 hci_user_confirm_request_evt(hdev, skb);
3498 break;
3499
1143d458
BG		 3500 case HCI_EV_USER_PASSKEY_REQUEST:
3501 hci_user_passkey_request_evt(hdev, skb);
3502 break;
3503
0493684e
MH		 3504 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3505 hci_simple_pair_complete_evt(hdev, skb);
3506 break;
3507
41a96212
MH		 3508 case HCI_EV_REMOTE_HOST_FEATURES:
3509 hci_remote_host_features_evt(hdev, skb);
3510 break;
3511
fcd89c09
VT		 3512 case HCI_EV_LE_META:
3513 hci_le_meta_evt(hdev, skb);
3514 break;
3515
2763eda6
SJ		 3516 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3517 hci_remote_oob_data_request_evt(hdev, skb);
3518 break;
3519
25e89e99
AE		 3520 case HCI_EV_NUM_COMP_BLOCKS:
3521 hci_num_comp_blocks_evt(hdev, skb);
3522 break;
3523
a9de9248
MH		 3524 default:
3525 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3526 break;
3527 }
3528
3529 kfree_skb(skb);
3530 hdev->stat.evt_rx++;
3531}
kernel source for telekom puls (alcatel/mediatek)