projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Convert hdev->ssp_mode to a flag
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
eb939922 48static bool enable_le;
e6100a25 49
1da177e4
LT		 50/* Handle HCI Event packets */
51
a9de9248 52static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 53{
a9de9248 54 __u8 status = *((__u8 *) skb->data);
1da177e4 55
a9de9248 56 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 57
e6d465cb
AG		 58 if (status) {
59 hci_dev_lock(hdev);
60 mgmt_stop_discovery_failed(hdev, status);
61 hci_dev_unlock(hdev);
a9de9248 62 return;
e6d465cb 63 }
1da177e4 64
89352e7d
AG		 65 clear_bit(HCI_INQUIRY, &hdev->flags);
66
56e5cb86 67 hci_dev_lock(hdev);
ff9ef578 68 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 69 hci_dev_unlock(hdev);
6bd57416 70
23bb5763 71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 72
73 hci_conn_check_pending(hdev);
74}
6bd57416 75
a9de9248
MH		 76static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
77{
78 __u8 status = *((__u8 *) skb->data);
6bd57416 79
a9de9248 80 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 81
a9de9248
MH		 82 if (status)
83 return;
1da177e4 84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
89{
90 BT_DBG("%s", hdev->name);
91}
92
93static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
94{
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
97
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
99
100 if (rp->status)
101 return;
102
103 hci_dev_lock(hdev);
104
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
106 if (conn) {
107 if (rp->role)
108 conn->link_mode &= ~HCI_LM_MASTER;
109 else
110 conn->link_mode |= HCI_LM_MASTER;
1da177e4 111 }
a9de9248
MH		 112
113 hci_dev_unlock(hdev);
1da177e4
LT		 114}
115
e4e8e37c
MH		 116static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
117{
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
120
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
122
123 if (rp->status)
124 return;
125
126 hci_dev_lock(hdev);
127
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
129 if (conn)
130 conn->link_policy = __le16_to_cpu(rp->policy);
131
132 hci_dev_unlock(hdev);
133}
134
a9de9248 135static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 136{
a9de9248 137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 138 struct hci_conn *conn;
04837f64 139 void *sent;
1da177e4 140
a9de9248 141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 142
a9de9248
MH		 143 if (rp->status)
144 return;
1da177e4 145
a9de9248
MH		 146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
147 if (!sent)
148 return;
1da177e4 149
a9de9248 150 hci_dev_lock(hdev);
1da177e4 151
a9de9248 152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 153 if (conn)
83985319 154 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 155
a9de9248
MH		 156 hci_dev_unlock(hdev);
157}
1da177e4 158
e4e8e37c
MH		 159static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
160{
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
162
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
164
165 if (rp->status)
166 return;
167
168 hdev->link_policy = __le16_to_cpu(rp->policy);
169}
170
171static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
172{
173 __u8 status = *((__u8 *) skb->data);
174 void *sent;
175
176 BT_DBG("%s status 0x%x", hdev->name, status);
177
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
179 if (!sent)
180 return;
181
182 if (!status)
183 hdev->link_policy = get_unaligned_le16(sent);
184
23bb5763 185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 186}
187
a9de9248
MH		 188static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
189{
190 __u8 status = *((__u8 *) skb->data);
04837f64 191
a9de9248 192 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 193
10572132
GP		 194 clear_bit(HCI_RESET, &hdev->flags);
195
23bb5763 196 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 197
7005ff17
JH		 198 /* Reset all flags, except persistent ones */
199 hdev->dev_flags &= BIT(HCI_MGMT) | BIT(HCI_SETUP) | BIT(HCI_AUTO_OFF);
a9de9248 200}
04837f64 201
a9de9248
MH		 202static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
203{
204 __u8 status = *((__u8 *) skb->data);
205 void *sent;
04837f64 206
a9de9248 207 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 208
a9de9248
MH		 209 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
210 if (!sent)
211 return;
04837f64 212
56e5cb86
JH		 213 hci_dev_lock(hdev);
214
a8b2d5c2 215 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 216 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 217
56e5cb86
JH		 218 if (status == 0)
219 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 220
56e5cb86 221 hci_dev_unlock(hdev);
a9de9248
MH		 222}
223
224static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
225{
226 struct hci_rp_read_local_name *rp = (void *) skb->data;
227
228 BT_DBG("%s status 0x%x", hdev->name, rp->status);
229
230 if (rp->status)
231 return;
232
1f6c6378 233 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 234}
235
236static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
237{
238 __u8 status = *((__u8 *) skb->data);
239 void *sent;
240
241 BT_DBG("%s status 0x%x", hdev->name, status);
242
243 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
244 if (!sent)
245 return;
246
247 if (!status) {
248 __u8 param = *((__u8 *) sent);
249
250 if (param == AUTH_ENABLED)
251 set_bit(HCI_AUTH, &hdev->flags);
252 else
253 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 254 }
a9de9248 255
23bb5763 256 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 257}
258
a9de9248 259static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 260{
a9de9248 261 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 262 void *sent;
263
a9de9248 264 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 265
a9de9248
MH		 266 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
267 if (!sent)
268 return;
1da177e4 269
a9de9248
MH		 270 if (!status) {
271 __u8 param = *((__u8 *) sent);
272
273 if (param)
274 set_bit(HCI_ENCRYPT, &hdev->flags);
275 else
276 clear_bit(HCI_ENCRYPT, &hdev->flags);
277 }
1da177e4 278
23bb5763 279 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 280}
1da177e4 281
a9de9248
MH		 282static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
283{
36f7fc7e
JH		 284 __u8 param, status = *((__u8 *) skb->data);
285 int old_pscan, old_iscan;
a9de9248 286 void *sent;
1da177e4 287
a9de9248 288 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 289
a9de9248
MH		 290 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
291 if (!sent)
292 return;
1da177e4 293
36f7fc7e
JH		 294 param = *((__u8 *) sent);
295
56e5cb86
JH		 296 hci_dev_lock(hdev);
297
2d7cee58 298 if (status != 0) {
744cf19e 299 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 300 hdev->discov_timeout = 0;
301 goto done;
302 }
303
36f7fc7e
JH		 304 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
305 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
306
307 if (param & SCAN_INQUIRY) {
308 set_bit(HCI_ISCAN, &hdev->flags);
309 if (!old_iscan)
744cf19e 310 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 311 if (hdev->discov_timeout > 0) {
312 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
313 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
314 to);
315 }
36f7fc7e 316 } else if (old_iscan)
744cf19e 317 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 318
319 if (param & SCAN_PAGE) {
320 set_bit(HCI_PSCAN, &hdev->flags);
321 if (!old_pscan)
744cf19e 322 mgmt_connectable(hdev, 1);
36f7fc7e 323 } else if (old_pscan)
744cf19e 324 mgmt_connectable(hdev, 0);
1da177e4 325
36f7fc7e 326done:
56e5cb86 327 hci_dev_unlock(hdev);
23bb5763 328 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 329}
1da177e4 330
a9de9248
MH		 331static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
332{
333 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 334
a9de9248 335 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 336
a9de9248
MH		 337 if (rp->status)
338 return;
1da177e4 339
a9de9248 340 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 341
a9de9248
MH		 342 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
343 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
344}
1da177e4 345
a9de9248
MH		 346static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
347{
348 __u8 status = *((__u8 *) skb->data);
349 void *sent;
1da177e4 350
a9de9248 351 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 352
f383f275
MH		 353 if (status)
354 return;
355
a9de9248
MH		 356 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
357 if (!sent)
358 return;
1da177e4 359
f383f275 360 memcpy(hdev->dev_class, sent, 3);
a9de9248 361}
1da177e4 362
a9de9248
MH		 363static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
364{
365 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
366 __u16 setting;
367
368 BT_DBG("%s status 0x%x", hdev->name, rp->status);
369
370 if (rp->status)
371 return;
372
373 setting = __le16_to_cpu(rp->voice_setting);
374
f383f275 375 if (hdev->voice_setting == setting)
a9de9248
MH		 376 return;
377
378 hdev->voice_setting = setting;
379
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
381
3c54711c 382 if (hdev->notify)
a9de9248 383 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 384}
385
386static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
387{
388 __u8 status = *((__u8 *) skb->data);
f383f275 389 __u16 setting;
a9de9248
MH		 390 void *sent;
391
392 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 393
f383f275
MH		 394 if (status)
395 return;
396
a9de9248
MH		 397 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
398 if (!sent)
399 return;
1da177e4 400
f383f275 401 setting = get_unaligned_le16(sent);
1da177e4 402
f383f275
MH		 403 if (hdev->voice_setting == setting)
404 return;
405
406 hdev->voice_setting = setting;
1da177e4 407
f383f275 408 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 409
3c54711c 410 if (hdev->notify)
f383f275 411 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 412}
413
a9de9248 414static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 415{
a9de9248 416 __u8 status = *((__u8 *) skb->data);
1da177e4 417
a9de9248 418 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 419
23bb5763 420 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 421}
1143e5a6 422
333140b5
MH		 423static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
424{
425 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
426
427 BT_DBG("%s status 0x%x", hdev->name, rp->status);
428
429 if (rp->status)
430 return;
431
84bde9d6
JH		 432 if (rp->mode)
433 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
434 else
435 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 436}
437
438static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
439{
440 __u8 status = *((__u8 *) skb->data);
441 void *sent;
442
443 BT_DBG("%s status 0x%x", hdev->name, status);
444
445 if (status)
446 return;
447
448 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
449 if (!sent)
450 return;
451
84bde9d6
JH		 452 if (*((u8 *) sent))
453 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
454 else
455 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 456}
457
d5859e22
JH		 458static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
459{
460 if (hdev->features[6] & LMP_EXT_INQ)
461 return 2;
462
463 if (hdev->features[3] & LMP_RSSI_INQ)
464 return 1;
465
466 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
467 hdev->lmp_subver == 0x0757)
468 return 1;
469
470 if (hdev->manufacturer == 15) {
471 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
472 return 1;
473 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
474 return 1;
475 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
476 return 1;
477 }
478
479 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
480 hdev->lmp_subver == 0x1805)
481 return 1;
482
483 return 0;
484}
485
486static void hci_setup_inquiry_mode(struct hci_dev *hdev)
487{
488 u8 mode;
489
490 mode = hci_get_inquiry_mode(hdev);
491
492 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
493}
494
495static void hci_setup_event_mask(struct hci_dev *hdev)
496{
497 /* The second byte is 0xff instead of 0x9f (two reserved bits
498 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
499 * command otherwise */
500 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
501
6de6c18d
VT		 502 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
503 * any event mask for pre 1.2 devices */
5a13b095 504 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 505 return;
506
507 events[4] |= 0x01; /* Flow Specification Complete */
508 events[4] |= 0x02; /* Inquiry Result with RSSI */
509 events[4] |= 0x04; /* Read Remote Extended Features Complete */
510 events[5] |= 0x08; /* Synchronous Connection Complete */
511 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 512
513 if (hdev->features[3] & LMP_RSSI_INQ)
514 events[4] |= 0x04; /* Inquiry Result with RSSI */
515
516 if (hdev->features[5] & LMP_SNIFF_SUBR)
517 events[5] |= 0x20; /* Sniff Subrating */
518
519 if (hdev->features[5] & LMP_PAUSE_ENC)
520 events[5] |= 0x80; /* Encryption Key Refresh Complete */
521
522 if (hdev->features[6] & LMP_EXT_INQ)
523 events[5] |= 0x40; /* Extended Inquiry Result */
524
525 if (hdev->features[6] & LMP_NO_FLUSH)
526 events[7] |= 0x01; /* Enhanced Flush Complete */
527
528 if (hdev->features[7] & LMP_LSTO)
529 events[6] |= 0x80; /* Link Supervision Timeout Changed */
530
531 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
532 events[6] |= 0x01; /* IO Capability Request */
533 events[6] |= 0x02; /* IO Capability Response */
534 events[6] |= 0x04; /* User Confirmation Request */
535 events[6] |= 0x08; /* User Passkey Request */
536 events[6] |= 0x10; /* Remote OOB Data Request */
537 events[6] |= 0x20; /* Simple Pairing Complete */
538 events[7] |= 0x04; /* User Passkey Notification */
539 events[7] |= 0x08; /* Keypress Notification */
540 events[7] |= 0x10; /* Remote Host Supported
541 * Features Notification */
542 }
543
544 if (hdev->features[4] & LMP_LE)
545 events[7] |= 0x20; /* LE Meta-Event */
546
547 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
548}
549
e6100a25
AG		 550static void hci_set_le_support(struct hci_dev *hdev)
551{
552 struct hci_cp_write_le_host_supported cp;
553
554 memset(&cp, 0, sizeof(cp));
555
556 if (enable_le) {
557 cp.le = 1;
558 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
559 }
560
561 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
562}
563
d5859e22
JH		 564static void hci_setup(struct hci_dev *hdev)
565{
e61ef499
AE		 566 if (hdev->dev_type != HCI_BREDR)
567 return;
568
d5859e22
JH		 569 hci_setup_event_mask(hdev);
570
d095c1eb 571 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 572 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
573
574 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
575 u8 mode = 0x01;
576 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
577 }
578
579 if (hdev->features[3] & LMP_RSSI_INQ)
580 hci_setup_inquiry_mode(hdev);
581
582 if (hdev->features[7] & LMP_INQ_TX_PWR)
583 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 584
585 if (hdev->features[7] & LMP_EXTFEATURES) {
586 struct hci_cp_read_local_ext_features cp;
587
588 cp.page = 0x01;
589 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
590 sizeof(cp), &cp);
591 }
e6100a25
AG		 592
593 if (hdev->features[4] & LMP_LE)
594 hci_set_le_support(hdev);
d5859e22
JH		 595}
596
a9de9248
MH		 597static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
598{
599 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 600
a9de9248 601 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 602
a9de9248
MH		 603 if (rp->status)
604 return;
1143e5a6 605
a9de9248 606 hdev->hci_ver = rp->hci_ver;
e4e8e37c 607 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 608 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 609 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 610 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 611
a9de9248
MH		 612 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
613 hdev->manufacturer,
614 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 615
616 if (test_bit(HCI_INIT, &hdev->flags))
617 hci_setup(hdev);
618}
619
620static void hci_setup_link_policy(struct hci_dev *hdev)
621{
622 u16 link_policy = 0;
623
624 if (hdev->features[0] & LMP_RSWITCH)
625 link_policy |= HCI_LP_RSWITCH;
626 if (hdev->features[0] & LMP_HOLD)
627 link_policy |= HCI_LP_HOLD;
628 if (hdev->features[0] & LMP_SNIFF)
629 link_policy |= HCI_LP_SNIFF;
630 if (hdev->features[1] & LMP_PARK)
631 link_policy |= HCI_LP_PARK;
632
633 link_policy = cpu_to_le16(link_policy);
634 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
635 sizeof(link_policy), &link_policy);
a9de9248 636}
1da177e4 637
a9de9248
MH		 638static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
639{
640 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 641
a9de9248 642 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 643
a9de9248 644 if (rp->status)
d5859e22 645 goto done;
1da177e4 646
a9de9248 647 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 648
649 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
650 hci_setup_link_policy(hdev);
651
652done:
653 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 654}
1da177e4 655
a9de9248
MH		 656static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
657{
658 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 659
a9de9248 660 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 661
a9de9248
MH		 662 if (rp->status)
663 return;
5b7f9909 664
a9de9248 665 memcpy(hdev->features, rp->features, 8);
5b7f9909 666
a9de9248
MH		 667 /* Adjust default settings according to features
668 * supported by device. */
1da177e4 669
a9de9248
MH		 670 if (hdev->features[0] & LMP_3SLOT)
671 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 672
a9de9248
MH		 673 if (hdev->features[0] & LMP_5SLOT)
674 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 675
a9de9248
MH		 676 if (hdev->features[1] & LMP_HV2) {
677 hdev->pkt_type |= (HCI_HV2);
678 hdev->esco_type |= (ESCO_HV2);
679 }
1da177e4 680
a9de9248
MH		 681 if (hdev->features[1] & LMP_HV3) {
682 hdev->pkt_type |= (HCI_HV3);
683 hdev->esco_type |= (ESCO_HV3);
684 }
1da177e4 685
a9de9248
MH		 686 if (hdev->features[3] & LMP_ESCO)
687 hdev->esco_type |= (ESCO_EV3);
da1f5198 688
a9de9248
MH		 689 if (hdev->features[4] & LMP_EV4)
690 hdev->esco_type |= (ESCO_EV4);
da1f5198 691
a9de9248
MH		 692 if (hdev->features[4] & LMP_EV5)
693 hdev->esco_type |= (ESCO_EV5);
1da177e4 694
efc7688b
MH		 695 if (hdev->features[5] & LMP_EDR_ESCO_2M)
696 hdev->esco_type |= (ESCO_2EV3);
697
698 if (hdev->features[5] & LMP_EDR_ESCO_3M)
699 hdev->esco_type |= (ESCO_3EV3);
700
701 if (hdev->features[5] & LMP_EDR_3S_ESCO)
702 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
703
a9de9248
MH		 704 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
705 hdev->features[0], hdev->features[1],
706 hdev->features[2], hdev->features[3],
707 hdev->features[4], hdev->features[5],
708 hdev->features[6], hdev->features[7]);
709}
1da177e4 710
971e3a4b
AG		 711static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
712 struct sk_buff *skb)
713{
714 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
715
716 BT_DBG("%s status 0x%x", hdev->name, rp->status);
717
718 if (rp->status)
719 return;
720
b5b32b65
AG		 721 switch (rp->page) {
722 case 0:
723 memcpy(hdev->features, rp->features, 8);
724 break;
725 case 1:
726 memcpy(hdev->host_features, rp->features, 8);
727 break;
728 }
971e3a4b
AG		 729
730 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
731}
732
1e89cffb
AE		 733static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
734 struct sk_buff *skb)
735{
736 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
737
738 BT_DBG("%s status 0x%x", hdev->name, rp->status);
739
740 if (rp->status)
741 return;
742
743 hdev->flow_ctl_mode = rp->mode;
744
745 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
746}
747
a9de9248
MH		 748static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
749{
750 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 751
a9de9248 752 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 753
a9de9248
MH		 754 if (rp->status)
755 return;
1da177e4 756
a9de9248
MH		 757 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
758 hdev->sco_mtu = rp->sco_mtu;
759 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
760 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
761
762 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
763 hdev->sco_mtu = 64;
764 hdev->sco_pkts = 8;
1da177e4 765 }
a9de9248
MH		 766
767 hdev->acl_cnt = hdev->acl_pkts;
768 hdev->sco_cnt = hdev->sco_pkts;
769
770 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
771 hdev->acl_mtu, hdev->acl_pkts,
772 hdev->sco_mtu, hdev->sco_pkts);
773}
774
775static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
776{
777 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
778
779 BT_DBG("%s status 0x%x", hdev->name, rp->status);
780
781 if (!rp->status)
782 bacpy(&hdev->bdaddr, &rp->bdaddr);
783
23bb5763
JH		 784 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
785}
786
350ee4cf
AE		 787static void hci_cc_read_data_block_size(struct hci_dev *hdev,
788 struct sk_buff *skb)
789{
790 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
791
792 BT_DBG("%s status 0x%x", hdev->name, rp->status);
793
794 if (rp->status)
795 return;
796
797 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
798 hdev->block_len = __le16_to_cpu(rp->block_len);
799 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
800
801 hdev->block_cnt = hdev->num_blocks;
802
803 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
804 hdev->block_cnt, hdev->block_len);
805
806 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
807}
808
23bb5763
JH		 809static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
810{
811 __u8 status = *((__u8 *) skb->data);
812
813 BT_DBG("%s status 0x%x", hdev->name, status);
814
815 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 816}
817
928abaa7
AE		 818static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
819 struct sk_buff *skb)
820{
821 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
822
823 BT_DBG("%s status 0x%x", hdev->name, rp->status);
824
825 if (rp->status)
826 return;
827
828 hdev->amp_status = rp->amp_status;
829 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
830 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
831 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
832 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
833 hdev->amp_type = rp->amp_type;
834 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
835 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
836 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
837 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
838
839 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
840}
841
b0916ea0
JH		 842static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
843 struct sk_buff *skb)
844{
845 __u8 status = *((__u8 *) skb->data);
846
847 BT_DBG("%s status 0x%x", hdev->name, status);
848
849 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
850}
851
d5859e22
JH		 852static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
853{
854 __u8 status = *((__u8 *) skb->data);
855
856 BT_DBG("%s status 0x%x", hdev->name, status);
857
858 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
859}
860
861static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
862 struct sk_buff *skb)
863{
864 __u8 status = *((__u8 *) skb->data);
865
866 BT_DBG("%s status 0x%x", hdev->name, status);
867
868 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
869}
870
871static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
872 struct sk_buff *skb)
873{
874 __u8 status = *((__u8 *) skb->data);
875
876 BT_DBG("%s status 0x%x", hdev->name, status);
877
878 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
879}
880
881static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
882{
883 __u8 status = *((__u8 *) skb->data);
884
885 BT_DBG("%s status 0x%x", hdev->name, status);
886
887 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
888}
889
980e1a53
JH		 890static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
891{
892 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
893 struct hci_cp_pin_code_reply *cp;
894 struct hci_conn *conn;
895
896 BT_DBG("%s status 0x%x", hdev->name, rp->status);
897
56e5cb86
JH		 898 hci_dev_lock(hdev);
899
a8b2d5c2 900 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 901 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 902
903 if (rp->status != 0)
56e5cb86 904 goto unlock;
980e1a53
JH		 905
906 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
907 if (!cp)
56e5cb86 908 goto unlock;
980e1a53
JH		 909
910 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
911 if (conn)
912 conn->pin_length = cp->pin_len;
56e5cb86
JH		 913
914unlock:
915 hci_dev_unlock(hdev);
980e1a53
JH		 916}
917
918static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
919{
920 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
921
922 BT_DBG("%s status 0x%x", hdev->name, rp->status);
923
56e5cb86
JH		 924 hci_dev_lock(hdev);
925
a8b2d5c2 926 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 927 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 928 rp->status);
56e5cb86
JH		 929
930 hci_dev_unlock(hdev);
980e1a53 931}
56e5cb86 932
6ed58ec5
VT		 933static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
934 struct sk_buff *skb)
935{
936 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
937
938 BT_DBG("%s status 0x%x", hdev->name, rp->status);
939
940 if (rp->status)
941 return;
942
943 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
944 hdev->le_pkts = rp->le_max_pkt;
945
946 hdev->le_cnt = hdev->le_pkts;
947
948 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
949
950 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
951}
980e1a53 952
a5c29683
JH		 953static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
954{
955 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
956
957 BT_DBG("%s status 0x%x", hdev->name, rp->status);
958
56e5cb86
JH		 959 hci_dev_lock(hdev);
960
a8b2d5c2 961 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 962 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
a5c29683 963 rp->status);
56e5cb86
JH		 964
965 hci_dev_unlock(hdev);
a5c29683
JH		 966}
967
968static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
969 struct sk_buff *skb)
970{
971 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
972
973 BT_DBG("%s status 0x%x", hdev->name, rp->status);
974
56e5cb86
JH		 975 hci_dev_lock(hdev);
976
a8b2d5c2 977 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 978 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
a5c29683 979 rp->status);
56e5cb86
JH		 980
981 hci_dev_unlock(hdev);
a5c29683
JH		 982}
983
1143d458
BG		 984static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
985{
986 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
987
988 BT_DBG("%s status 0x%x", hdev->name, rp->status);
989
990 hci_dev_lock(hdev);
991
a8b2d5c2 992 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 993 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
994 rp->status);
995
996 hci_dev_unlock(hdev);
997}
998
999static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1000 struct sk_buff *skb)
1001{
1002 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1003
1004 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1005
1006 hci_dev_lock(hdev);
1007
a8b2d5c2 1008 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 1009 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1010 rp->status);
1011
1012 hci_dev_unlock(hdev);
1013}
1014
c35938b2
SJ		 1015static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1016 struct sk_buff *skb)
1017{
1018 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1019
1020 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1021
56e5cb86 1022 hci_dev_lock(hdev);
744cf19e 1023 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1024 rp->randomizer, rp->status);
56e5cb86 1025 hci_dev_unlock(hdev);
c35938b2
SJ		 1026}
1027
07f7fa5d
AG		 1028static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1029{
1030 __u8 status = *((__u8 *) skb->data);
1031
1032 BT_DBG("%s status 0x%x", hdev->name, status);
1033}
1034
eb9d91f5
AG		 1035static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1036 struct sk_buff *skb)
1037{
1038 struct hci_cp_le_set_scan_enable *cp;
1039 __u8 status = *((__u8 *) skb->data);
1040
1041 BT_DBG("%s status 0x%x", hdev->name, status);
1042
1043 if (status)
1044 return;
1045
1046 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1047 if (!cp)
1048 return;
1049
68a8aea4
AE		 1050 switch (cp->enable) {
1051 case LE_SCANNING_ENABLED:
d23264a8
AG		 1052 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1053
db323f2f 1054 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1055
1056 hci_dev_lock(hdev);
eb9d91f5 1057 hci_adv_entries_clear(hdev);
a8f13c8c 1058 hci_dev_unlock(hdev);
68a8aea4
AE		 1059 break;
1060
1061 case LE_SCANNING_DISABLED:
d23264a8
AG		 1062 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1063
d084329e 1064 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
68a8aea4
AE		 1065 break;
1066
1067 default:
1068 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1069 break;
35815085 1070 }
eb9d91f5
AG		 1071}
1072
a7a595f6
VCG		 1073static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1074{
1075 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1076
1077 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1078
1079 if (rp->status)
1080 return;
1081
1082 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1083}
1084
1085static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1086{
1087 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1088
1089 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1090
1091 if (rp->status)
1092 return;
1093
1094 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1095}
1096
f9b49306
AG		 1097static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1098 struct sk_buff *skb)
1099{
1100 struct hci_cp_read_local_ext_features cp;
1101 __u8 status = *((__u8 *) skb->data);
1102
1103 BT_DBG("%s status 0x%x", hdev->name, status);
1104
1105 if (status)
1106 return;
1107
1108 cp.page = 0x01;
1109 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1110}
1111
a9de9248
MH		 1112static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1113{
1114 BT_DBG("%s status 0x%x", hdev->name, status);
1115
1116 if (status) {
23bb5763 1117 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1118 hci_conn_check_pending(hdev);
56e5cb86 1119 hci_dev_lock(hdev);
a8b2d5c2 1120 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1121 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1122 hci_dev_unlock(hdev);
314b2381
JH		 1123 return;
1124 }
1125
89352e7d
AG		 1126 set_bit(HCI_INQUIRY, &hdev->flags);
1127
56e5cb86 1128 hci_dev_lock(hdev);
30dc78e1 1129 hci_discovery_set_state(hdev, DISCOVERY_INQUIRY);
56e5cb86 1130 hci_dev_unlock(hdev);
1da177e4
LT		 1131}
1132
1da177e4
LT		 1133static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1134{
a9de9248 1135 struct hci_cp_create_conn *cp;
1da177e4 1136 struct hci_conn *conn;
1da177e4 1137
a9de9248
MH		 1138 BT_DBG("%s status 0x%x", hdev->name, status);
1139
1140 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1141 if (!cp)
1142 return;
1143
1144 hci_dev_lock(hdev);
1145
1146 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1147
a9de9248 1148 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1149
1150 if (status) {
1151 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1152 if (status != 0x0c || conn->attempt > 2) {
1153 conn->state = BT_CLOSED;
1154 hci_proto_connect_cfm(conn, status);
1155 hci_conn_del(conn);
1156 } else
1157 conn->state = BT_CONNECT2;
1da177e4
LT		 1158 }
1159 } else {
1160 if (!conn) {
1161 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1162 if (conn) {
a0c808b3 1163 conn->out = true;
1da177e4
LT		 1164 conn->link_mode |= HCI_LM_MASTER;
1165 } else
893ef971 1166 BT_ERR("No memory for new connection");
1da177e4
LT		 1167 }
1168 }
1169
1170 hci_dev_unlock(hdev);
1171}
1172
a9de9248 1173static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1174{
a9de9248
MH		 1175 struct hci_cp_add_sco *cp;
1176 struct hci_conn *acl, *sco;
1177 __u16 handle;
1da177e4 1178
b6a0dc82
MH		 1179 BT_DBG("%s status 0x%x", hdev->name, status);
1180
a9de9248
MH		 1181 if (!status)
1182 return;
1da177e4 1183
a9de9248
MH		 1184 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1185 if (!cp)
1186 return;
1da177e4 1187
a9de9248 1188 handle = __le16_to_cpu(cp->handle);
1da177e4 1189
a9de9248 1190 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1191
a9de9248 1192 hci_dev_lock(hdev);
1da177e4 1193
a9de9248 1194 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1195 if (acl) {
1196 sco = acl->link;
1197 if (sco) {
1198 sco->state = BT_CLOSED;
1da177e4 1199
5a08ecce
AE		 1200 hci_proto_connect_cfm(sco, status);
1201 hci_conn_del(sco);
1202 }
a9de9248 1203 }
1da177e4 1204
a9de9248
MH		 1205 hci_dev_unlock(hdev);
1206}
1da177e4 1207
f8558555
MH		 1208static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1209{
1210 struct hci_cp_auth_requested *cp;
1211 struct hci_conn *conn;
1212
1213 BT_DBG("%s status 0x%x", hdev->name, status);
1214
1215 if (!status)
1216 return;
1217
1218 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1219 if (!cp)
1220 return;
1221
1222 hci_dev_lock(hdev);
1223
1224 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1225 if (conn) {
1226 if (conn->state == BT_CONFIG) {
1227 hci_proto_connect_cfm(conn, status);
1228 hci_conn_put(conn);
1229 }
1230 }
1231
1232 hci_dev_unlock(hdev);
1233}
1234
1235static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1236{
1237 struct hci_cp_set_conn_encrypt *cp;
1238 struct hci_conn *conn;
1239
1240 BT_DBG("%s status 0x%x", hdev->name, status);
1241
1242 if (!status)
1243 return;
1244
1245 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1246 if (!cp)
1247 return;
1248
1249 hci_dev_lock(hdev);
1250
1251 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1252 if (conn) {
1253 if (conn->state == BT_CONFIG) {
1254 hci_proto_connect_cfm(conn, status);
1255 hci_conn_put(conn);
1256 }
1257 }
1258
1259 hci_dev_unlock(hdev);
1260}
1261
127178d2 1262static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1263 struct hci_conn *conn)
392599b9 1264{
392599b9
JH		 1265 if (conn->state != BT_CONFIG || !conn->out)
1266 return 0;
1267
765c2a96 1268 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1269 return 0;
1270
1271 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1272 * devices with sec_level HIGH or if MITM protection is requested */
84bde9d6 1273 if (!(test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
58a681ef 1274 test_bit(HCI_CONN_SSP_ENABLED, &conn->flags)) &&
e9bf2bf0
VCG		 1275 conn->pending_sec_level != BT_SECURITY_HIGH &&
1276 !(conn->auth_type & 0x01))
392599b9
JH		 1277 return 0;
1278
392599b9
JH		 1279 return 1;
1280}
1281
30dc78e1
JH		 1282static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1283{
1284 struct hci_cp_remote_name_req cp;
1285
1286 memset(&cp, 0, sizeof(cp));
1287
1288 bacpy(&cp.bdaddr, &e->data.bdaddr);
1289 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1290 cp.pscan_mode = e->data.pscan_mode;
1291 cp.clock_offset = e->data.clock_offset;
1292
1293 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1294}
1295
b644ba33 1296static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1297{
1298 struct discovery_state *discov = &hdev->discovery;
1299 struct inquiry_entry *e;
1300
b644ba33
JH		 1301 if (list_empty(&discov->resolve))
1302 return false;
1303
1304 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1305 if (hci_resolve_name(hdev, e) == 0) {
1306 e->name_state = NAME_PENDING;
1307 return true;
1308 }
1309
1310 return false;
1311}
1312
1313static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1314 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1315{
1316 struct discovery_state *discov = &hdev->discovery;
1317 struct inquiry_entry *e;
1318
1319 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1320 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1321 name, name_len, conn->dev_class);
1322
1323 if (discov->state == DISCOVERY_STOPPED)
1324 return;
1325
30dc78e1
JH		 1326 if (discov->state == DISCOVERY_STOPPING)
1327 goto discov_complete;
1328
1329 if (discov->state != DISCOVERY_RESOLVING)
1330 return;
1331
1332 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1333 if (e) {
1334 e->name_state = NAME_KNOWN;
1335 list_del(&e->list);
b644ba33
JH		 1336 if (name)
1337 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1338 e->data.rssi, name, name_len);
30dc78e1
JH		 1339 }
1340
b644ba33 1341 if (hci_resolve_next_name(hdev))
30dc78e1 1342 return;
30dc78e1
JH		 1343
1344discov_complete:
1345 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1346}
1347
a9de9248
MH		 1348static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1349{
127178d2
JH		 1350 struct hci_cp_remote_name_req *cp;
1351 struct hci_conn *conn;
1352
a9de9248 1353 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1354
1355 /* If successful wait for the name req complete event before
1356 * checking for the need to do authentication */
1357 if (!status)
1358 return;
1359
1360 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1361 if (!cp)
1362 return;
1363
1364 hci_dev_lock(hdev);
1365
b644ba33
JH		 1366 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1367
a8b2d5c2 1368 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1369 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1370
79c6c70c
JH		 1371 if (!conn)
1372 goto unlock;
1373
1374 if (!hci_outgoing_auth_needed(hdev, conn))
1375 goto unlock;
1376
51a8efd7 1377 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1378 struct hci_cp_auth_requested cp;
1379 cp.handle = __cpu_to_le16(conn->handle);
1380 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1381 }
1382
79c6c70c 1383unlock:
127178d2 1384 hci_dev_unlock(hdev);
a9de9248 1385}
1da177e4 1386
769be974
MH		 1387static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1388{
1389 struct hci_cp_read_remote_features *cp;
1390 struct hci_conn *conn;
1391
1392 BT_DBG("%s status 0x%x", hdev->name, status);
1393
1394 if (!status)
1395 return;
1396
1397 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1398 if (!cp)
1399 return;
1400
1401 hci_dev_lock(hdev);
1402
1403 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1404 if (conn) {
1405 if (conn->state == BT_CONFIG) {
769be974
MH		 1406 hci_proto_connect_cfm(conn, status);
1407 hci_conn_put(conn);
1408 }
1409 }
1410
1411 hci_dev_unlock(hdev);
1412}
1413
1414static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1415{
1416 struct hci_cp_read_remote_ext_features *cp;
1417 struct hci_conn *conn;
1418
1419 BT_DBG("%s status 0x%x", hdev->name, status);
1420
1421 if (!status)
1422 return;
1423
1424 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1425 if (!cp)
1426 return;
1427
1428 hci_dev_lock(hdev);
1429
1430 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1431 if (conn) {
1432 if (conn->state == BT_CONFIG) {
769be974
MH		 1433 hci_proto_connect_cfm(conn, status);
1434 hci_conn_put(conn);
1435 }
1436 }
1437
1438 hci_dev_unlock(hdev);
1439}
1440
a9de9248
MH		 1441static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1442{
b6a0dc82
MH		 1443 struct hci_cp_setup_sync_conn *cp;
1444 struct hci_conn *acl, *sco;
1445 __u16 handle;
1446
a9de9248 1447 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1448
1449 if (!status)
1450 return;
1451
1452 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1453 if (!cp)
1454 return;
1455
1456 handle = __le16_to_cpu(cp->handle);
1457
1458 BT_DBG("%s handle %d", hdev->name, handle);
1459
1460 hci_dev_lock(hdev);
1461
1462 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1463 if (acl) {
1464 sco = acl->link;
1465 if (sco) {
1466 sco->state = BT_CLOSED;
b6a0dc82 1467
5a08ecce
AE		 1468 hci_proto_connect_cfm(sco, status);
1469 hci_conn_del(sco);
1470 }
b6a0dc82
MH		 1471 }
1472
1473 hci_dev_unlock(hdev);
1da177e4
LT		 1474}
1475
a9de9248 1476static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1477{
a9de9248
MH		 1478 struct hci_cp_sniff_mode *cp;
1479 struct hci_conn *conn;
1da177e4 1480
a9de9248 1481 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1482
a9de9248
MH		 1483 if (!status)
1484 return;
04837f64 1485
a9de9248
MH		 1486 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1487 if (!cp)
1488 return;
04837f64 1489
a9de9248 1490 hci_dev_lock(hdev);
04837f64 1491
a9de9248 1492 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1493 if (conn) {
51a8efd7 1494 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1495
51a8efd7 1496 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1497 hci_sco_setup(conn, status);
1498 }
1499
a9de9248
MH		 1500 hci_dev_unlock(hdev);
1501}
04837f64 1502
a9de9248
MH		 1503static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1504{
1505 struct hci_cp_exit_sniff_mode *cp;
1506 struct hci_conn *conn;
04837f64 1507
a9de9248 1508 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1509
a9de9248
MH		 1510 if (!status)
1511 return;
04837f64 1512
a9de9248
MH		 1513 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1514 if (!cp)
1515 return;
04837f64 1516
a9de9248 1517 hci_dev_lock(hdev);
1da177e4 1518
a9de9248 1519 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1520 if (conn) {
51a8efd7 1521 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1522
51a8efd7 1523 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1524 hci_sco_setup(conn, status);
1525 }
1526
a9de9248 1527 hci_dev_unlock(hdev);
1da177e4
LT		 1528}
1529
fcd89c09
VT		 1530static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1531{
1532 struct hci_cp_le_create_conn *cp;
1533 struct hci_conn *conn;
1534
1535 BT_DBG("%s status 0x%x", hdev->name, status);
1536
1537 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1538 if (!cp)
1539 return;
1540
1541 hci_dev_lock(hdev);
1542
1543 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1544
1545 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1546 conn);
1547
1548 if (status) {
1549 if (conn && conn->state == BT_CONNECT) {
1550 conn->state = BT_CLOSED;
1551 hci_proto_connect_cfm(conn, status);
1552 hci_conn_del(conn);
1553 }
1554 } else {
1555 if (!conn) {
1556 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1557 if (conn) {
1558 conn->dst_type = cp->peer_addr_type;
a0c808b3 1559 conn->out = true;
29b7988a 1560 } else {
fcd89c09 1561 BT_ERR("No memory for new connection");
29b7988a 1562 }
fcd89c09
VT		 1563 }
1564 }
1565
1566 hci_dev_unlock(hdev);
1567}
1568
a7a595f6
VCG		 1569static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1570{
1571 BT_DBG("%s status 0x%x", hdev->name, status);
1572}
1573
1da177e4
LT		 1574static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1575{
1576 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1577 struct discovery_state *discov = &hdev->discovery;
1578 struct inquiry_entry *e;
1da177e4
LT		 1579
1580 BT_DBG("%s status %d", hdev->name, status);
1581
23bb5763 1582 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1583
a9de9248 1584 hci_conn_check_pending(hdev);
89352e7d
AG		 1585
1586 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1587 return;
1588
a8b2d5c2 1589 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1590 return;
1591
56e5cb86 1592 hci_dev_lock(hdev);
30dc78e1
JH		 1593
1594 if (discov->state != DISCOVERY_INQUIRY)
1595 goto unlock;
1596
1597 if (list_empty(&discov->resolve)) {
1598 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1599 goto unlock;
1600 }
1601
1602 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1603 if (e && hci_resolve_name(hdev, e) == 0) {
1604 e->name_state = NAME_PENDING;
1605 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1606 } else {
1607 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1608 }
1609
1610unlock:
56e5cb86 1611 hci_dev_unlock(hdev);
1da177e4
LT		 1612}
1613
1da177e4
LT		 1614static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1615{
45bb4bf0 1616 struct inquiry_data data;
a9de9248 1617 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1618 int num_rsp = *((__u8 *) skb->data);
1619
1620 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1621
45bb4bf0
MH		 1622 if (!num_rsp)
1623 return;
1624
1da177e4 1625 hci_dev_lock(hdev);
45bb4bf0 1626
e17acd40 1627 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1628 bool name_known;
1629
1da177e4
LT		 1630 bacpy(&data.bdaddr, &info->bdaddr);
1631 data.pscan_rep_mode = info->pscan_rep_mode;
1632 data.pscan_period_mode = info->pscan_period_mode;
1633 data.pscan_mode = info->pscan_mode;
1634 memcpy(data.dev_class, info->dev_class, 3);
1635 data.clock_offset = info->clock_offset;
1636 data.rssi = 0x00;
41a96212 1637 data.ssp_mode = 0x00;
3175405b
JH		 1638
1639 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1640 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1641 info->dev_class, 0, !name_known,
1642 NULL, 0);
1da177e4 1643 }
45bb4bf0 1644
1da177e4
LT		 1645 hci_dev_unlock(hdev);
1646}
1647
1da177e4
LT		 1648static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1649{
a9de9248
MH		 1650 struct hci_ev_conn_complete *ev = (void *) skb->data;
1651 struct hci_conn *conn;
1da177e4
LT		 1652
1653 BT_DBG("%s", hdev->name);
1654
1655 hci_dev_lock(hdev);
1656
1657 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1658 if (!conn) {
1659 if (ev->link_type != SCO_LINK)
1660 goto unlock;
1661
1662 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1663 if (!conn)
1664 goto unlock;
1665
1666 conn->type = SCO_LINK;
1667 }
1da177e4
LT		 1668
1669 if (!ev->status) {
1670 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1671
1672 if (conn->type == ACL_LINK) {
1673 conn->state = BT_CONFIG;
1674 hci_conn_hold(conn);
052b30b0 1675 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1676 } else
1677 conn->state = BT_CONNECTED;
1da177e4 1678
9eba32b8 1679 hci_conn_hold_device(conn);
7d0db0a3
MH		 1680 hci_conn_add_sysfs(conn);
1681
1da177e4
LT		 1682 if (test_bit(HCI_AUTH, &hdev->flags))
1683 conn->link_mode |= HCI_LM_AUTH;
1684
1685 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1686 conn->link_mode |= HCI_LM_ENCRYPT;
1687
04837f64
MH		 1688 /* Get remote features */
1689 if (conn->type == ACL_LINK) {
1690 struct hci_cp_read_remote_features cp;
1691 cp.handle = ev->handle;
769be974
MH		 1692 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1693 sizeof(cp), &cp);
04837f64
MH		 1694 }
1695
1da177e4 1696 /* Set packet type for incoming connection */
d095c1eb 1697 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1698 struct hci_cp_change_conn_ptype cp;
1699 cp.handle = ev->handle;
a8746417
MH		 1700 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1701 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1702 sizeof(cp), &cp);
1da177e4 1703 }
17d5c04c 1704 } else {
1da177e4 1705 conn->state = BT_CLOSED;
17d5c04c 1706 if (conn->type == ACL_LINK)
744cf19e 1707 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1708 conn->dst_type, ev->status);
17d5c04c 1709 }
1da177e4 1710
e73439d8
MH		 1711 if (conn->type == ACL_LINK)
1712 hci_sco_setup(conn, ev->status);
1da177e4 1713
769be974
MH		 1714 if (ev->status) {
1715 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1716 hci_conn_del(conn);
c89b6e6b
MH		 1717 } else if (ev->link_type != ACL_LINK)
1718 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1719
a9de9248 1720unlock:
1da177e4 1721 hci_dev_unlock(hdev);
1da177e4 1722
a9de9248 1723 hci_conn_check_pending(hdev);
1da177e4
LT		 1724}
1725
a9de9248 1726static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1727{
a9de9248
MH		 1728 struct hci_ev_conn_request *ev = (void *) skb->data;
1729 int mask = hdev->link_mode;
1da177e4 1730
a9de9248
MH		 1731 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1732 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1733
a9de9248 1734 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1735
138d22ef
SJ		 1736 if ((mask & HCI_LM_ACCEPT) &&
1737 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1738 /* Connection accepted */
c7bdd502 1739 struct inquiry_entry *ie;
1da177e4 1740 struct hci_conn *conn;
1da177e4 1741
a9de9248 1742 hci_dev_lock(hdev);
b6a0dc82 1743
cc11b9c1
AE		 1744 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1745 if (ie)
c7bdd502
MH		 1746 memcpy(ie->data.dev_class, ev->dev_class, 3);
1747
a9de9248
MH		 1748 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1749 if (!conn) {
cc11b9c1
AE		 1750 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1751 if (!conn) {
893ef971 1752 BT_ERR("No memory for new connection");
a9de9248
MH		 1753 hci_dev_unlock(hdev);
1754 return;
1da177e4
LT		 1755 }
1756 }
b6a0dc82 1757
a9de9248
MH		 1758 memcpy(conn->dev_class, ev->dev_class, 3);
1759 conn->state = BT_CONNECT;
b6a0dc82 1760
a9de9248 1761 hci_dev_unlock(hdev);
1da177e4 1762
b6a0dc82
MH		 1763 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1764 struct hci_cp_accept_conn_req cp;
1da177e4 1765
b6a0dc82
MH		 1766 bacpy(&cp.bdaddr, &ev->bdaddr);
1767
1768 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1769 cp.role = 0x00; /* Become master */
1770 else
1771 cp.role = 0x01; /* Remain slave */
1772
1773 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1774 sizeof(cp), &cp);
1775 } else {
1776 struct hci_cp_accept_sync_conn_req cp;
1777
1778 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1779 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1780
1781 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1782 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1783 cp.max_latency = cpu_to_le16(0xffff);
1784 cp.content_format = cpu_to_le16(hdev->voice_setting);
1785 cp.retrans_effort = 0xff;
1da177e4 1786
b6a0dc82
MH		 1787 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1788 sizeof(cp), &cp);
1789 }
a9de9248
MH		 1790 } else {
1791 /* Connection rejected */
1792 struct hci_cp_reject_conn_req cp;
1da177e4 1793
a9de9248 1794 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1795 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1796 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1797 }
1da177e4
LT		 1798}
1799
a9de9248 1800static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1801{
a9de9248 1802 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1803 struct hci_conn *conn;
1804
1805 BT_DBG("%s status %d", hdev->name, ev->status);
1806
1807 hci_dev_lock(hdev);
1808
1809 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1810 if (!conn)
1811 goto unlock;
7d0db0a3 1812
37d9ef76
JH		 1813 if (ev->status == 0)
1814 conn->state = BT_CLOSED;
04837f64 1815
b644ba33
JH		 1816 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1817 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76
JH		 1818 if (ev->status != 0)
1819 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1820 else
afc747a6 1821 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1822 conn->dst_type);
37d9ef76 1823 }
f7520543 1824
37d9ef76
JH		 1825 if (ev->status == 0) {
1826 hci_proto_disconn_cfm(conn, ev->reason);
1827 hci_conn_del(conn);
1828 }
f7520543
JH		 1829
1830unlock:
04837f64
MH		 1831 hci_dev_unlock(hdev);
1832}
1833
1da177e4
LT		 1834static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1835{
a9de9248 1836 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1837 struct hci_conn *conn;
1da177e4
LT		 1838
1839 BT_DBG("%s status %d", hdev->name, ev->status);
1840
1841 hci_dev_lock(hdev);
1842
04837f64 1843 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1844 if (!conn)
1845 goto unlock;
1846
1847 if (!ev->status) {
58a681ef 1848 if (!(test_bit(HCI_CONN_SSP_ENABLED, &conn->flags) &&
84bde9d6 1849 test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) &&
51a8efd7 1850 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1851 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1852 } else {
d7556e20
WR		 1853 conn->link_mode |= HCI_LM_AUTH;
1854 conn->sec_level = conn->pending_sec_level;
2a611692 1855 }
d7556e20 1856 } else {
744cf19e 1857 mgmt_auth_failed(hdev, &conn->dst, ev->status);
d7556e20 1858 }
1da177e4 1859
51a8efd7
JH		 1860 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1861 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1862
d7556e20 1863 if (conn->state == BT_CONFIG) {
84bde9d6
JH		 1864 if (!ev->status &&
1865 test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) &&
58a681ef 1866 test_bit(HCI_CONN_SSP_ENABLED, &conn->flags)) {
d7556e20
WR		 1867 struct hci_cp_set_conn_encrypt cp;
1868 cp.handle = ev->handle;
1869 cp.encrypt = 0x01;
1870 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1871 &cp);
052b30b0 1872 } else {
d7556e20
WR		 1873 conn->state = BT_CONNECTED;
1874 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1875 hci_conn_put(conn);
1876 }
d7556e20
WR		 1877 } else {
1878 hci_auth_cfm(conn, ev->status);
052b30b0 1879
d7556e20
WR		 1880 hci_conn_hold(conn);
1881 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1882 hci_conn_put(conn);
1883 }
1884
51a8efd7 1885 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1886 if (!ev->status) {
1887 struct hci_cp_set_conn_encrypt cp;
1888 cp.handle = ev->handle;
1889 cp.encrypt = 0x01;
1890 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1891 &cp);
1892 } else {
51a8efd7 1893 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1894 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1895 }
1896 }
1897
d7556e20 1898unlock:
1da177e4
LT		 1899 hci_dev_unlock(hdev);
1900}
1901
a9de9248 1902static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1903{
127178d2
JH		 1904 struct hci_ev_remote_name *ev = (void *) skb->data;
1905 struct hci_conn *conn;
1906
a9de9248 1907 BT_DBG("%s", hdev->name);
1da177e4 1908
a9de9248 1909 hci_conn_check_pending(hdev);
127178d2
JH		 1910
1911 hci_dev_lock(hdev);
1912
b644ba33 1913 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1914
b644ba33
JH		 1915 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1916 goto check_auth;
a88a9652 1917
b644ba33
JH		 1918 if (ev->status == 0)
1919 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1920 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1921 else
1922 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1923
1924check_auth:
79c6c70c
JH		 1925 if (!conn)
1926 goto unlock;
1927
1928 if (!hci_outgoing_auth_needed(hdev, conn))
1929 goto unlock;
1930
51a8efd7 1931 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1932 struct hci_cp_auth_requested cp;
1933 cp.handle = __cpu_to_le16(conn->handle);
1934 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1935 }
1936
79c6c70c 1937unlock:
127178d2 1938 hci_dev_unlock(hdev);
a9de9248
MH		 1939}
1940
1941static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1942{
1943 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1944 struct hci_conn *conn;
1945
1946 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1947
1948 hci_dev_lock(hdev);
1949
04837f64 1950 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1951 if (conn) {
1952 if (!ev->status) {
ae293196
MH		 1953 if (ev->encrypt) {
1954 /* Encryption implies authentication */
1955 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1956 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 1957 conn->sec_level = conn->pending_sec_level;
ae293196 1958 } else
1da177e4
LT		 1959 conn->link_mode &= ~HCI_LM_ENCRYPT;
1960 }
1961
51a8efd7 1962 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 1963
f8558555
MH		 1964 if (conn->state == BT_CONFIG) {
1965 if (!ev->status)
1966 conn->state = BT_CONNECTED;
1967
1968 hci_proto_connect_cfm(conn, ev->status);
1969 hci_conn_put(conn);
1970 } else
1971 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1972 }
1973
1974 hci_dev_unlock(hdev);
1975}
1976
a9de9248 1977static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1978{
a9de9248 1979 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1980 struct hci_conn *conn;
1da177e4
LT		 1981
1982 BT_DBG("%s status %d", hdev->name, ev->status);
1983
1984 hci_dev_lock(hdev);
1985
04837f64 1986 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1987 if (conn) {
1988 if (!ev->status)
1989 conn->link_mode |= HCI_LM_SECURE;
1990
51a8efd7 1991 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 1992
1993 hci_key_change_cfm(conn, ev->status);
1994 }
1995
1996 hci_dev_unlock(hdev);
1997}
1998
a9de9248 1999static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2000{
a9de9248
MH		 2001 struct hci_ev_remote_features *ev = (void *) skb->data;
2002 struct hci_conn *conn;
2003
2004 BT_DBG("%s status %d", hdev->name, ev->status);
2005
a9de9248
MH		 2006 hci_dev_lock(hdev);
2007
2008 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2009 if (!conn)
2010 goto unlock;
769be974 2011
ccd556fe
JH		 2012 if (!ev->status)
2013 memcpy(conn->features, ev->features, 8);
2014
2015 if (conn->state != BT_CONFIG)
2016 goto unlock;
2017
2018 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2019 struct hci_cp_read_remote_ext_features cp;
2020 cp.handle = ev->handle;
2021 cp.page = 0x01;
2022 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2023 sizeof(cp), &cp);
392599b9
JH		 2024 goto unlock;
2025 }
2026
127178d2
JH		 2027 if (!ev->status) {
2028 struct hci_cp_remote_name_req cp;
2029 memset(&cp, 0, sizeof(cp));
2030 bacpy(&cp.bdaddr, &conn->dst);
2031 cp.pscan_rep_mode = 0x02;
2032 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2033 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2034 mgmt_device_connected(hdev, &conn->dst, conn->type,
2035 conn->dst_type, NULL, 0,
2036 conn->dev_class);
392599b9 2037
127178d2 2038 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2039 conn->state = BT_CONNECTED;
2040 hci_proto_connect_cfm(conn, ev->status);
2041 hci_conn_put(conn);
769be974 2042 }
a9de9248 2043
ccd556fe 2044unlock:
a9de9248 2045 hci_dev_unlock(hdev);
1da177e4
LT		 2046}
2047
a9de9248 2048static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2049{
a9de9248 2050 BT_DBG("%s", hdev->name);
1da177e4
LT		 2051}
2052
a9de9248 2053static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2054{
a9de9248 2055 BT_DBG("%s", hdev->name);
1da177e4
LT		 2056}
2057
a9de9248
MH		 2058static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2059{
2060 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2061 __u16 opcode;
2062
2063 skb_pull(skb, sizeof(*ev));
2064
2065 opcode = __le16_to_cpu(ev->opcode);
2066
2067 switch (opcode) {
2068 case HCI_OP_INQUIRY_CANCEL:
2069 hci_cc_inquiry_cancel(hdev, skb);
2070 break;
2071
2072 case HCI_OP_EXIT_PERIODIC_INQ:
2073 hci_cc_exit_periodic_inq(hdev, skb);
2074 break;
2075
2076 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2077 hci_cc_remote_name_req_cancel(hdev, skb);
2078 break;
2079
2080 case HCI_OP_ROLE_DISCOVERY:
2081 hci_cc_role_discovery(hdev, skb);
2082 break;
2083
e4e8e37c
MH		 2084 case HCI_OP_READ_LINK_POLICY:
2085 hci_cc_read_link_policy(hdev, skb);
2086 break;
2087
a9de9248
MH		 2088 case HCI_OP_WRITE_LINK_POLICY:
2089 hci_cc_write_link_policy(hdev, skb);
2090 break;
2091
e4e8e37c
MH		 2092 case HCI_OP_READ_DEF_LINK_POLICY:
2093 hci_cc_read_def_link_policy(hdev, skb);
2094 break;
2095
2096 case HCI_OP_WRITE_DEF_LINK_POLICY:
2097 hci_cc_write_def_link_policy(hdev, skb);
2098 break;
2099
a9de9248
MH		 2100 case HCI_OP_RESET:
2101 hci_cc_reset(hdev, skb);
2102 break;
2103
2104 case HCI_OP_WRITE_LOCAL_NAME:
2105 hci_cc_write_local_name(hdev, skb);
2106 break;
2107
2108 case HCI_OP_READ_LOCAL_NAME:
2109 hci_cc_read_local_name(hdev, skb);
2110 break;
2111
2112 case HCI_OP_WRITE_AUTH_ENABLE:
2113 hci_cc_write_auth_enable(hdev, skb);
2114 break;
2115
2116 case HCI_OP_WRITE_ENCRYPT_MODE:
2117 hci_cc_write_encrypt_mode(hdev, skb);
2118 break;
2119
2120 case HCI_OP_WRITE_SCAN_ENABLE:
2121 hci_cc_write_scan_enable(hdev, skb);
2122 break;
2123
2124 case HCI_OP_READ_CLASS_OF_DEV:
2125 hci_cc_read_class_of_dev(hdev, skb);
2126 break;
2127
2128 case HCI_OP_WRITE_CLASS_OF_DEV:
2129 hci_cc_write_class_of_dev(hdev, skb);
2130 break;
2131
2132 case HCI_OP_READ_VOICE_SETTING:
2133 hci_cc_read_voice_setting(hdev, skb);
2134 break;
2135
2136 case HCI_OP_WRITE_VOICE_SETTING:
2137 hci_cc_write_voice_setting(hdev, skb);
2138 break;
2139
2140 case HCI_OP_HOST_BUFFER_SIZE:
2141 hci_cc_host_buffer_size(hdev, skb);
2142 break;
2143
333140b5
MH		 2144 case HCI_OP_READ_SSP_MODE:
2145 hci_cc_read_ssp_mode(hdev, skb);
2146 break;
2147
2148 case HCI_OP_WRITE_SSP_MODE:
2149 hci_cc_write_ssp_mode(hdev, skb);
2150 break;
2151
a9de9248
MH		 2152 case HCI_OP_READ_LOCAL_VERSION:
2153 hci_cc_read_local_version(hdev, skb);
2154 break;
2155
2156 case HCI_OP_READ_LOCAL_COMMANDS:
2157 hci_cc_read_local_commands(hdev, skb);
2158 break;
2159
2160 case HCI_OP_READ_LOCAL_FEATURES:
2161 hci_cc_read_local_features(hdev, skb);
2162 break;
2163
971e3a4b
AG		 2164 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2165 hci_cc_read_local_ext_features(hdev, skb);
2166 break;
2167
a9de9248
MH		 2168 case HCI_OP_READ_BUFFER_SIZE:
2169 hci_cc_read_buffer_size(hdev, skb);
2170 break;
2171
2172 case HCI_OP_READ_BD_ADDR:
2173 hci_cc_read_bd_addr(hdev, skb);
2174 break;
2175
350ee4cf
AE		 2176 case HCI_OP_READ_DATA_BLOCK_SIZE:
2177 hci_cc_read_data_block_size(hdev, skb);
2178 break;
2179
23bb5763
JH		 2180 case HCI_OP_WRITE_CA_TIMEOUT:
2181 hci_cc_write_ca_timeout(hdev, skb);
2182 break;
2183
1e89cffb
AE		 2184 case HCI_OP_READ_FLOW_CONTROL_MODE:
2185 hci_cc_read_flow_control_mode(hdev, skb);
2186 break;
2187
928abaa7
AE		 2188 case HCI_OP_READ_LOCAL_AMP_INFO:
2189 hci_cc_read_local_amp_info(hdev, skb);
2190 break;
2191
b0916ea0
JH		 2192 case HCI_OP_DELETE_STORED_LINK_KEY:
2193 hci_cc_delete_stored_link_key(hdev, skb);
2194 break;
2195
d5859e22
JH		 2196 case HCI_OP_SET_EVENT_MASK:
2197 hci_cc_set_event_mask(hdev, skb);
2198 break;
2199
2200 case HCI_OP_WRITE_INQUIRY_MODE:
2201 hci_cc_write_inquiry_mode(hdev, skb);
2202 break;
2203
2204 case HCI_OP_READ_INQ_RSP_TX_POWER:
2205 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2206 break;
2207
2208 case HCI_OP_SET_EVENT_FLT:
2209 hci_cc_set_event_flt(hdev, skb);
2210 break;
2211
980e1a53
JH		 2212 case HCI_OP_PIN_CODE_REPLY:
2213 hci_cc_pin_code_reply(hdev, skb);
2214 break;
2215
2216 case HCI_OP_PIN_CODE_NEG_REPLY:
2217 hci_cc_pin_code_neg_reply(hdev, skb);
2218 break;
2219
c35938b2
SJ		 2220 case HCI_OP_READ_LOCAL_OOB_DATA:
2221 hci_cc_read_local_oob_data_reply(hdev, skb);
2222 break;
2223
6ed58ec5
VT		 2224 case HCI_OP_LE_READ_BUFFER_SIZE:
2225 hci_cc_le_read_buffer_size(hdev, skb);
2226 break;
2227
a5c29683
JH		 2228 case HCI_OP_USER_CONFIRM_REPLY:
2229 hci_cc_user_confirm_reply(hdev, skb);
2230 break;
2231
2232 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2233 hci_cc_user_confirm_neg_reply(hdev, skb);
2234 break;
2235
1143d458
BG		 2236 case HCI_OP_USER_PASSKEY_REPLY:
2237 hci_cc_user_passkey_reply(hdev, skb);
2238 break;
2239
2240 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2241 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2242
2243 case HCI_OP_LE_SET_SCAN_PARAM:
2244 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2245 break;
2246
eb9d91f5
AG		 2247 case HCI_OP_LE_SET_SCAN_ENABLE:
2248 hci_cc_le_set_scan_enable(hdev, skb);
2249 break;
2250
a7a595f6
VCG		 2251 case HCI_OP_LE_LTK_REPLY:
2252 hci_cc_le_ltk_reply(hdev, skb);
2253 break;
2254
2255 case HCI_OP_LE_LTK_NEG_REPLY:
2256 hci_cc_le_ltk_neg_reply(hdev, skb);
2257 break;
2258
f9b49306
AG		 2259 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2260 hci_cc_write_le_host_supported(hdev, skb);
2261 break;
2262
a9de9248
MH		 2263 default:
2264 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2265 break;
2266 }
2267
6bd32326
VT		 2268 if (ev->opcode != HCI_OP_NOP)
2269 del_timer(&hdev->cmd_timer);
2270
a9de9248
MH		 2271 if (ev->ncmd) {
2272 atomic_set(&hdev->cmd_cnt, 1);
2273 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2274 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2275 }
2276}
2277
2278static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2279{
2280 struct hci_ev_cmd_status *ev = (void *) skb->data;
2281 __u16 opcode;
2282
2283 skb_pull(skb, sizeof(*ev));
2284
2285 opcode = __le16_to_cpu(ev->opcode);
2286
2287 switch (opcode) {
2288 case HCI_OP_INQUIRY:
2289 hci_cs_inquiry(hdev, ev->status);
2290 break;
2291
2292 case HCI_OP_CREATE_CONN:
2293 hci_cs_create_conn(hdev, ev->status);
2294 break;
2295
2296 case HCI_OP_ADD_SCO:
2297 hci_cs_add_sco(hdev, ev->status);
2298 break;
2299
f8558555
MH		 2300 case HCI_OP_AUTH_REQUESTED:
2301 hci_cs_auth_requested(hdev, ev->status);
2302 break;
2303
2304 case HCI_OP_SET_CONN_ENCRYPT:
2305 hci_cs_set_conn_encrypt(hdev, ev->status);
2306 break;
2307
a9de9248
MH		 2308 case HCI_OP_REMOTE_NAME_REQ:
2309 hci_cs_remote_name_req(hdev, ev->status);
2310 break;
2311
769be974
MH		 2312 case HCI_OP_READ_REMOTE_FEATURES:
2313 hci_cs_read_remote_features(hdev, ev->status);
2314 break;
2315
2316 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2317 hci_cs_read_remote_ext_features(hdev, ev->status);
2318 break;
2319
a9de9248
MH		 2320 case HCI_OP_SETUP_SYNC_CONN:
2321 hci_cs_setup_sync_conn(hdev, ev->status);
2322 break;
2323
2324 case HCI_OP_SNIFF_MODE:
2325 hci_cs_sniff_mode(hdev, ev->status);
2326 break;
2327
2328 case HCI_OP_EXIT_SNIFF_MODE:
2329 hci_cs_exit_sniff_mode(hdev, ev->status);
2330 break;
2331
8962ee74
JH		 2332 case HCI_OP_DISCONNECT:
2333 if (ev->status != 0)
37d9ef76 2334 mgmt_disconnect_failed(hdev, NULL, ev->status);
8962ee74
JH		 2335 break;
2336
fcd89c09
VT		 2337 case HCI_OP_LE_CREATE_CONN:
2338 hci_cs_le_create_conn(hdev, ev->status);
2339 break;
2340
a7a595f6
VCG		 2341 case HCI_OP_LE_START_ENC:
2342 hci_cs_le_start_enc(hdev, ev->status);
2343 break;
2344
a9de9248
MH		 2345 default:
2346 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2347 break;
2348 }
2349
6bd32326
VT		 2350 if (ev->opcode != HCI_OP_NOP)
2351 del_timer(&hdev->cmd_timer);
2352
10572132 2353 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2354 atomic_set(&hdev->cmd_cnt, 1);
2355 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2356 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2357 }
2358}
2359
2360static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2361{
2362 struct hci_ev_role_change *ev = (void *) skb->data;
2363 struct hci_conn *conn;
2364
2365 BT_DBG("%s status %d", hdev->name, ev->status);
2366
2367 hci_dev_lock(hdev);
2368
2369 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2370 if (conn) {
2371 if (!ev->status) {
2372 if (ev->role)
2373 conn->link_mode &= ~HCI_LM_MASTER;
2374 else
2375 conn->link_mode |= HCI_LM_MASTER;
2376 }
2377
51a8efd7 2378 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2379
2380 hci_role_switch_cfm(conn, ev->status, ev->role);
2381 }
2382
2383 hci_dev_unlock(hdev);
2384}
2385
2386static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2387{
2388 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2389 int i;
2390
32ac5b9b
AE		 2391 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2392 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2393 return;
2394 }
2395
c5993de8
AE		 2396 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2397 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2398 BT_DBG("%s bad parameters", hdev->name);
2399 return;
2400 }
2401
c5993de8
AE		 2402 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2403
613a1c0c
AE		 2404 for (i = 0; i < ev->num_hndl; i++) {
2405 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2406 struct hci_conn *conn;
2407 __u16 handle, count;
2408
613a1c0c
AE		 2409 handle = __le16_to_cpu(info->handle);
2410 count = __le16_to_cpu(info->count);
a9de9248
MH		 2411
2412 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2413 if (!conn)
2414 continue;
2415
2416 conn->sent -= count;
2417
2418 switch (conn->type) {
2419 case ACL_LINK:
2420 hdev->acl_cnt += count;
2421 if (hdev->acl_cnt > hdev->acl_pkts)
2422 hdev->acl_cnt = hdev->acl_pkts;
2423 break;
2424
2425 case LE_LINK:
2426 if (hdev->le_pkts) {
2427 hdev->le_cnt += count;
2428 if (hdev->le_cnt > hdev->le_pkts)
2429 hdev->le_cnt = hdev->le_pkts;
2430 } else {
70f23020
AE		 2431 hdev->acl_cnt += count;
2432 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2433 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2434 }
f4280918
AE		 2435 break;
2436
2437 case SCO_LINK:
2438 hdev->sco_cnt += count;
2439 if (hdev->sco_cnt > hdev->sco_pkts)
2440 hdev->sco_cnt = hdev->sco_pkts;
2441 break;
2442
2443 default:
2444 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2445 break;
a9de9248
MH		 2446 }
2447 }
2448
3eff45ea 2449 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2450}
2451
25e89e99
AE		 2452static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2453 struct sk_buff *skb)
2454{
2455 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2456 int i;
2457
2458 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2459 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2460 return;
2461 }
2462
2463 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2464 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2465 BT_DBG("%s bad parameters", hdev->name);
2466 return;
2467 }
2468
2469 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2470 ev->num_hndl);
2471
2472 for (i = 0; i < ev->num_hndl; i++) {
2473 struct hci_comp_blocks_info *info = &ev->handles[i];
2474 struct hci_conn *conn;
2475 __u16 handle, block_count;
2476
2477 handle = __le16_to_cpu(info->handle);
2478 block_count = __le16_to_cpu(info->blocks);
2479
2480 conn = hci_conn_hash_lookup_handle(hdev, handle);
2481 if (!conn)
2482 continue;
2483
2484 conn->sent -= block_count;
2485
2486 switch (conn->type) {
2487 case ACL_LINK:
2488 hdev->block_cnt += block_count;
2489 if (hdev->block_cnt > hdev->num_blocks)
2490 hdev->block_cnt = hdev->num_blocks;
2491 break;
2492
2493 default:
2494 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2495 break;
2496 }
2497 }
2498
2499 queue_work(hdev->workqueue, &hdev->tx_work);
2500}
2501
a9de9248 2502static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2503{
a9de9248 2504 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2505 struct hci_conn *conn;
2506
2507 BT_DBG("%s status %d", hdev->name, ev->status);
2508
2509 hci_dev_lock(hdev);
2510
2511 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2512 if (conn) {
2513 conn->mode = ev->mode;
2514 conn->interval = __le16_to_cpu(ev->interval);
2515
51a8efd7 2516 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2517 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2518 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2519 else
58a681ef 2520 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2521 }
e73439d8 2522
51a8efd7 2523 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2524 hci_sco_setup(conn, ev->status);
04837f64
MH		 2525 }
2526
2527 hci_dev_unlock(hdev);
2528}
2529
a9de9248
MH		 2530static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2531{
052b30b0
MH		 2532 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2533 struct hci_conn *conn;
2534
a9de9248 2535 BT_DBG("%s", hdev->name);
052b30b0
MH		 2536
2537 hci_dev_lock(hdev);
2538
2539 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2540 if (!conn)
2541 goto unlock;
2542
2543 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2544 hci_conn_hold(conn);
2545 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2546 hci_conn_put(conn);
2547 }
2548
a8b2d5c2 2549 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2550 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2551 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2552 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2553 u8 secure;
2554
2555 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2556 secure = 1;
2557 else
2558 secure = 0;
2559
744cf19e 2560 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2561 }
980e1a53 2562
b6f98044 2563unlock:
052b30b0 2564 hci_dev_unlock(hdev);
a9de9248
MH		 2565}
2566
2567static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2568{
55ed8ca1
JH		 2569 struct hci_ev_link_key_req *ev = (void *) skb->data;
2570 struct hci_cp_link_key_reply cp;
2571 struct hci_conn *conn;
2572 struct link_key *key;
2573
a9de9248 2574 BT_DBG("%s", hdev->name);
55ed8ca1 2575
a8b2d5c2 2576 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2577 return;
2578
2579 hci_dev_lock(hdev);
2580
2581 key = hci_find_link_key(hdev, &ev->bdaddr);
2582 if (!key) {
2583 BT_DBG("%s link key not found for %s", hdev->name,
2584 batostr(&ev->bdaddr));
2585 goto not_found;
2586 }
2587
2588 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2589 batostr(&ev->bdaddr));
2590
a8b2d5c2 2591 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2592 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2593 BT_DBG("%s ignoring debug key", hdev->name);
2594 goto not_found;
2595 }
2596
2597 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2598 if (conn) {
2599 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2600 conn->auth_type != 0xff &&
2601 (conn->auth_type & 0x01)) {
2602 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2603 goto not_found;
2604 }
55ed8ca1 2605
60b83f57
WR		 2606 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2607 conn->pending_sec_level == BT_SECURITY_HIGH) {
2608 BT_DBG("%s ignoring key unauthenticated for high \
2609 security", hdev->name);
2610 goto not_found;
2611 }
2612
2613 conn->key_type = key->type;
2614 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2615 }
2616
2617 bacpy(&cp.bdaddr, &ev->bdaddr);
2618 memcpy(cp.link_key, key->val, 16);
2619
2620 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2621
2622 hci_dev_unlock(hdev);
2623
2624 return;
2625
2626not_found:
2627 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2628 hci_dev_unlock(hdev);
a9de9248
MH		 2629}
2630
2631static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2632{
052b30b0
MH		 2633 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2634 struct hci_conn *conn;
55ed8ca1 2635 u8 pin_len = 0;
052b30b0 2636
a9de9248 2637 BT_DBG("%s", hdev->name);
052b30b0
MH		 2638
2639 hci_dev_lock(hdev);
2640
2641 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2642 if (conn) {
2643 hci_conn_hold(conn);
2644 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2645 pin_len = conn->pin_length;
13d39315
WR		 2646
2647 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2648 conn->key_type = ev->key_type;
2649
052b30b0
MH		 2650 hci_conn_put(conn);
2651 }
2652
a8b2d5c2 2653 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2654 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2655 ev->key_type, pin_len);
2656
052b30b0 2657 hci_dev_unlock(hdev);
a9de9248
MH		 2658}
2659
1da177e4
LT		 2660static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2661{
a9de9248 2662 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2663 struct hci_conn *conn;
1da177e4
LT		 2664
2665 BT_DBG("%s status %d", hdev->name, ev->status);
2666
2667 hci_dev_lock(hdev);
2668
04837f64 2669 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2670 if (conn && !ev->status) {
2671 struct inquiry_entry *ie;
2672
cc11b9c1
AE		 2673 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2674 if (ie) {
1da177e4
LT		 2675 ie->data.clock_offset = ev->clock_offset;
2676 ie->timestamp = jiffies;
2677 }
2678 }
2679
2680 hci_dev_unlock(hdev);
2681}
2682
a8746417
MH		 2683static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2684{
2685 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2686 struct hci_conn *conn;
2687
2688 BT_DBG("%s status %d", hdev->name, ev->status);
2689
2690 hci_dev_lock(hdev);
2691
2692 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2693 if (conn && !ev->status)
2694 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2695
2696 hci_dev_unlock(hdev);
2697}
2698
85a1e930
MH		 2699static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2700{
a9de9248 2701 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2702 struct inquiry_entry *ie;
2703
2704 BT_DBG("%s", hdev->name);
2705
2706 hci_dev_lock(hdev);
2707
cc11b9c1
AE		 2708 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2709 if (ie) {
85a1e930
MH		 2710 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2711 ie->timestamp = jiffies;
2712 }
2713
2714 hci_dev_unlock(hdev);
2715}
2716
a9de9248
MH		 2717static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2718{
2719 struct inquiry_data data;
2720 int num_rsp = *((__u8 *) skb->data);
3175405b 2721 bool name_known;
a9de9248
MH		 2722
2723 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2724
2725 if (!num_rsp)
2726 return;
2727
2728 hci_dev_lock(hdev);
2729
2730 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2731 struct inquiry_info_with_rssi_and_pscan_mode *info;
2732 info = (void *) (skb->data + 1);
a9de9248 2733
e17acd40 2734 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2735 bacpy(&data.bdaddr, &info->bdaddr);
2736 data.pscan_rep_mode = info->pscan_rep_mode;
2737 data.pscan_period_mode = info->pscan_period_mode;
2738 data.pscan_mode = info->pscan_mode;
2739 memcpy(data.dev_class, info->dev_class, 3);
2740 data.clock_offset = info->clock_offset;
2741 data.rssi = info->rssi;
41a96212 2742 data.ssp_mode = 0x00;
3175405b
JH		 2743
2744 name_known = hci_inquiry_cache_update(hdev, &data,
2745 false);
48264f06 2746 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2747 info->dev_class, info->rssi,
7d262f86 2748 !name_known, NULL, 0);
a9de9248
MH		 2749 }
2750 } else {
2751 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2752
e17acd40 2753 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2754 bacpy(&data.bdaddr, &info->bdaddr);
2755 data.pscan_rep_mode = info->pscan_rep_mode;
2756 data.pscan_period_mode = info->pscan_period_mode;
2757 data.pscan_mode = 0x00;
2758 memcpy(data.dev_class, info->dev_class, 3);
2759 data.clock_offset = info->clock_offset;
2760 data.rssi = info->rssi;
41a96212 2761 data.ssp_mode = 0x00;
3175405b
JH		 2762 name_known = hci_inquiry_cache_update(hdev, &data,
2763 false);
48264f06 2764 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2765 info->dev_class, info->rssi,
7d262f86 2766 !name_known, NULL, 0);
a9de9248
MH		 2767 }
2768 }
2769
2770 hci_dev_unlock(hdev);
2771}
2772
2773static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2774{
41a96212
MH		 2775 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2776 struct hci_conn *conn;
2777
a9de9248 2778 BT_DBG("%s", hdev->name);
41a96212 2779
41a96212
MH		 2780 hci_dev_lock(hdev);
2781
2782 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2783 if (!conn)
2784 goto unlock;
41a96212 2785
ccd556fe
JH		 2786 if (!ev->status && ev->page == 0x01) {
2787 struct inquiry_entry *ie;
41a96212 2788
cc11b9c1
AE		 2789 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2790 if (ie)
ccd556fe 2791 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2792
58a681ef
JH		 2793 if (ev->features[0] & 0x01)
2794 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2795 }
2796
2797 if (conn->state != BT_CONFIG)
2798 goto unlock;
2799
127178d2
JH		 2800 if (!ev->status) {
2801 struct hci_cp_remote_name_req cp;
2802 memset(&cp, 0, sizeof(cp));
2803 bacpy(&cp.bdaddr, &conn->dst);
2804 cp.pscan_rep_mode = 0x02;
2805 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2806 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2807 mgmt_device_connected(hdev, &conn->dst, conn->type,
2808 conn->dst_type, NULL, 0,
2809 conn->dev_class);
392599b9 2810
127178d2 2811 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2812 conn->state = BT_CONNECTED;
2813 hci_proto_connect_cfm(conn, ev->status);
2814 hci_conn_put(conn);
41a96212
MH		 2815 }
2816
ccd556fe 2817unlock:
41a96212 2818 hci_dev_unlock(hdev);
a9de9248
MH		 2819}
2820
2821static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2822{
b6a0dc82
MH		 2823 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2824 struct hci_conn *conn;
2825
2826 BT_DBG("%s status %d", hdev->name, ev->status);
2827
2828 hci_dev_lock(hdev);
2829
2830 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2831 if (!conn) {
2832 if (ev->link_type == ESCO_LINK)
2833 goto unlock;
2834
2835 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2836 if (!conn)
2837 goto unlock;
2838
2839 conn->type = SCO_LINK;
2840 }
b6a0dc82 2841
732547f9
MH		 2842 switch (ev->status) {
2843 case 0x00:
b6a0dc82
MH		 2844 conn->handle = __le16_to_cpu(ev->handle);
2845 conn->state = BT_CONNECTED;
7d0db0a3 2846
9eba32b8 2847 hci_conn_hold_device(conn);
7d0db0a3 2848 hci_conn_add_sysfs(conn);
732547f9
MH		 2849 break;
2850
705e5711 2851 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2852 case 0x1c: /* SCO interval rejected */
1038a00b 2853 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2854 case 0x1f: /* Unspecified error */
2855 if (conn->out && conn->attempt < 2) {
2856 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2857 (hdev->esco_type & EDR_ESCO_MASK);
2858 hci_setup_sync(conn, conn->link->handle);
2859 goto unlock;
2860 }
2861 /* fall through */
2862
2863 default:
b6a0dc82 2864 conn->state = BT_CLOSED;
732547f9
MH		 2865 break;
2866 }
b6a0dc82
MH		 2867
2868 hci_proto_connect_cfm(conn, ev->status);
2869 if (ev->status)
2870 hci_conn_del(conn);
2871
2872unlock:
2873 hci_dev_unlock(hdev);
a9de9248
MH		 2874}
2875
2876static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2877{
2878 BT_DBG("%s", hdev->name);
2879}
2880
04837f64
MH		 2881static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2882{
a9de9248 2883 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2884
2885 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2886}
2887
a9de9248 2888static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2889{
a9de9248
MH		 2890 struct inquiry_data data;
2891 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2892 int num_rsp = *((__u8 *) skb->data);
1da177e4 2893
a9de9248 2894 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2895
a9de9248
MH		 2896 if (!num_rsp)
2897 return;
1da177e4 2898
a9de9248
MH		 2899 hci_dev_lock(hdev);
2900
e17acd40 2901 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2902 bool name_known;
2903
a9de9248 2904 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2905 data.pscan_rep_mode = info->pscan_rep_mode;
2906 data.pscan_period_mode = info->pscan_period_mode;
2907 data.pscan_mode = 0x00;
a9de9248 2908 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2909 data.clock_offset = info->clock_offset;
2910 data.rssi = info->rssi;
41a96212 2911 data.ssp_mode = 0x01;
561aafbc 2912
a8b2d5c2 2913 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2914 name_known = eir_has_data_type(info->data,
2915 sizeof(info->data),
2916 EIR_NAME_COMPLETE);
561aafbc
JH		 2917 else
2918 name_known = true;
2919
3175405b 2920 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2921 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2922 info->dev_class, info->rssi,
7d262f86
AG		 2923 !name_known, info->data,
2924 sizeof(info->data));
a9de9248
MH		 2925 }
2926
2927 hci_dev_unlock(hdev);
2928}
1da177e4 2929
17fa4b9d
JH		 2930static inline u8 hci_get_auth_req(struct hci_conn *conn)
2931{
2932 /* If remote requests dedicated bonding follow that lead */
2933 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2934 /* If both remote and local IO capabilities allow MITM
2935 * protection then require it, otherwise don't */
2936 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2937 return 0x02;
2938 else
2939 return 0x03;
2940 }
2941
2942 /* If remote requests no-bonding follow that lead */
2943 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2944 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2945
2946 return conn->auth_type;
2947}
2948
0493684e
MH		 2949static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2950{
2951 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2952 struct hci_conn *conn;
2953
2954 BT_DBG("%s", hdev->name);
2955
2956 hci_dev_lock(hdev);
2957
2958 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 2959 if (!conn)
2960 goto unlock;
2961
2962 hci_conn_hold(conn);
2963
a8b2d5c2 2964 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 2965 goto unlock;
2966
a8b2d5c2 2967 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 2968 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 2969 struct hci_cp_io_capability_reply cp;
2970
2971 bacpy(&cp.bdaddr, &ev->bdaddr);
2972 cp.capability = conn->io_capability;
7cbc9bd9
JH		 2973 conn->auth_type = hci_get_auth_req(conn);
2974 cp.authentication = conn->auth_type;
17fa4b9d 2975
58a681ef 2976 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 2977 hci_find_remote_oob_data(hdev, &conn->dst))
2978 cp.oob_data = 0x01;
2979 else
2980 cp.oob_data = 0x00;
2981
17fa4b9d
JH		 2982 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2983 sizeof(cp), &cp);
03b555e1
JH		 2984 } else {
2985 struct hci_cp_io_capability_neg_reply cp;
2986
2987 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 2988 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 2989
03b555e1
JH		 2990 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2991 sizeof(cp), &cp);
2992 }
2993
2994unlock:
2995 hci_dev_unlock(hdev);
2996}
2997
2998static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2999{
3000 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3001 struct hci_conn *conn;
3002
3003 BT_DBG("%s", hdev->name);
3004
3005 hci_dev_lock(hdev);
3006
3007 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3008 if (!conn)
3009 goto unlock;
3010
03b555e1 3011 conn->remote_cap = ev->capability;
03b555e1 3012 conn->remote_auth = ev->authentication;
58a681ef
JH		 3013 if (ev->oob_data)
3014 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3015
3016unlock:
0493684e
MH		 3017 hci_dev_unlock(hdev);
3018}
3019
a5c29683
JH		 3020static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3021 struct sk_buff *skb)
3022{
3023 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3024 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3025 struct hci_conn *conn;
a5c29683
JH		 3026
3027 BT_DBG("%s", hdev->name);
3028
3029 hci_dev_lock(hdev);
3030
a8b2d5c2 3031 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3032 goto unlock;
a5c29683 3033
7a828908
JH		 3034 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3035 if (!conn)
3036 goto unlock;
3037
3038 loc_mitm = (conn->auth_type & 0x01);
3039 rem_mitm = (conn->remote_auth & 0x01);
3040
3041 /* If we require MITM but the remote device can't provide that
3042 * (it has NoInputNoOutput) then reject the confirmation
3043 * request. The only exception is when we're dedicated bonding
3044 * initiators (connect_cfm_cb set) since then we always have the MITM
3045 * bit set. */
3046 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3047 BT_DBG("Rejecting request: remote device can't provide MITM");
3048 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3049 sizeof(ev->bdaddr), &ev->bdaddr);
3050 goto unlock;
3051 }
3052
3053 /* If no side requires MITM protection; auto-accept */
3054 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3055 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3056
3057 /* If we're not the initiators request authorization to
3058 * proceed from user space (mgmt_user_confirm with
3059 * confirm_hint set to 1). */
51a8efd7 3060 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3061 BT_DBG("Confirming auto-accept as acceptor");
3062 confirm_hint = 1;
3063 goto confirm;
3064 }
3065
9f61656a
JH		 3066 BT_DBG("Auto-accept of user confirmation with %ums delay",
3067 hdev->auto_accept_delay);
3068
3069 if (hdev->auto_accept_delay > 0) {
3070 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3071 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3072 goto unlock;
3073 }
3074
7a828908
JH		 3075 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3076 sizeof(ev->bdaddr), &ev->bdaddr);
3077 goto unlock;
3078 }
3079
55bc1a37 3080confirm:
744cf19e 3081 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
55bc1a37 3082 confirm_hint);
7a828908
JH		 3083
3084unlock:
a5c29683
JH		 3085 hci_dev_unlock(hdev);
3086}
3087
1143d458
BG		 3088static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3089 struct sk_buff *skb)
3090{
3091 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3092
3093 BT_DBG("%s", hdev->name);
3094
3095 hci_dev_lock(hdev);
3096
a8b2d5c2 3097 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 3098 mgmt_user_passkey_request(hdev, &ev->bdaddr);
3099
3100 hci_dev_unlock(hdev);
3101}
3102
0493684e
MH		 3103static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3104{
3105 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3106 struct hci_conn *conn;
3107
3108 BT_DBG("%s", hdev->name);
3109
3110 hci_dev_lock(hdev);
3111
3112 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3113 if (!conn)
3114 goto unlock;
3115
3116 /* To avoid duplicate auth_failed events to user space we check
3117 * the HCI_CONN_AUTH_PEND flag which will be set if we
3118 * initiated the authentication. A traditional auth_complete
3119 * event gets always produced as initiator and is also mapped to
3120 * the mgmt_auth_failed event */
51a8efd7 3121 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
744cf19e 3122 mgmt_auth_failed(hdev, &conn->dst, ev->status);
0493684e 3123
2a611692
JH		 3124 hci_conn_put(conn);
3125
3126unlock:
0493684e
MH		 3127 hci_dev_unlock(hdev);
3128}
3129
41a96212
MH		 3130static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3131{
3132 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3133 struct inquiry_entry *ie;
3134
3135 BT_DBG("%s", hdev->name);
3136
3137 hci_dev_lock(hdev);
3138
cc11b9c1
AE		 3139 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3140 if (ie)
41a96212
MH		 3141 ie->data.ssp_mode = (ev->features[0] & 0x01);
3142
3143 hci_dev_unlock(hdev);
3144}
3145
2763eda6
SJ		 3146static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3147 struct sk_buff *skb)
3148{
3149 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3150 struct oob_data *data;
3151
3152 BT_DBG("%s", hdev->name);
3153
3154 hci_dev_lock(hdev);
3155
a8b2d5c2 3156 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3157 goto unlock;
3158
2763eda6
SJ		 3159 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3160 if (data) {
3161 struct hci_cp_remote_oob_data_reply cp;
3162
3163 bacpy(&cp.bdaddr, &ev->bdaddr);
3164 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3165 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3166
3167 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3168 &cp);
3169 } else {
3170 struct hci_cp_remote_oob_data_neg_reply cp;
3171
3172 bacpy(&cp.bdaddr, &ev->bdaddr);
3173 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3174 &cp);
3175 }
3176
e1ba1f15 3177unlock:
2763eda6
SJ		 3178 hci_dev_unlock(hdev);
3179}
3180
fcd89c09
VT		 3181static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3182{
3183 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3184 struct hci_conn *conn;
3185
3186 BT_DBG("%s status %d", hdev->name, ev->status);
3187
3188 hci_dev_lock(hdev);
3189
3190 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3191 if (!conn) {
3192 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3193 if (!conn) {
3194 BT_ERR("No memory for new connection");
3195 hci_dev_unlock(hdev);
3196 return;
3197 }
29b7988a
AG		 3198
3199 conn->dst_type = ev->bdaddr_type;
b62f328b 3200 }
fcd89c09
VT		 3201
3202 if (ev->status) {
48264f06
JH		 3203 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3204 conn->dst_type, ev->status);
fcd89c09
VT		 3205 hci_proto_connect_cfm(conn, ev->status);
3206 conn->state = BT_CLOSED;
3207 hci_conn_del(conn);
3208 goto unlock;
3209 }
3210
b644ba33
JH		 3211 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3212 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3213 conn->dst_type, NULL, 0, 0);
83bc71b4 3214
7b5c0d52 3215 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3216 conn->handle = __le16_to_cpu(ev->handle);
3217 conn->state = BT_CONNECTED;
3218
3219 hci_conn_hold_device(conn);
3220 hci_conn_add_sysfs(conn);
3221
3222 hci_proto_connect_cfm(conn, ev->status);
3223
3224unlock:
3225 hci_dev_unlock(hdev);
3226}
3227
9aa04c91
AG		 3228static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3229 struct sk_buff *skb)
3230{
e95beb41
AG		 3231 u8 num_reports = skb->data[0];
3232 void *ptr = &skb->data[1];
3c9e9195 3233 s8 rssi;
9aa04c91
AG		 3234
3235 hci_dev_lock(hdev);
3236
e95beb41
AG		 3237 while (num_reports--) {
3238 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3239
9aa04c91 3240 hci_add_adv_entry(hdev, ev);
e95beb41 3241
3c9e9195
AG		 3242 rssi = ev->data[ev->length];
3243 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3244 NULL, rssi, 0, ev->data, ev->length);
3245
e95beb41 3246 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3247 }
3248
3249 hci_dev_unlock(hdev);
3250}
3251
a7a595f6
VCG		 3252static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3253 struct sk_buff *skb)
3254{
3255 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3256 struct hci_cp_le_ltk_reply cp;
bea710fe 3257 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3258 struct hci_conn *conn;
bea710fe 3259 struct link_key *ltk;
a7a595f6
VCG		 3260
3261 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3262
3263 hci_dev_lock(hdev);
3264
3265 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3266 if (conn == NULL)
3267 goto not_found;
a7a595f6 3268
bea710fe
VCG		 3269 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3270 if (ltk == NULL)
3271 goto not_found;
3272
3273 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3274 cp.handle = cpu_to_le16(conn->handle);
726b4ffc 3275 conn->pin_length = ltk->pin_len;
a7a595f6
VCG		 3276
3277 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3278
3279 hci_dev_unlock(hdev);
bea710fe
VCG		 3280
3281 return;
3282
3283not_found:
3284 neg.handle = ev->handle;
3285 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3286 hci_dev_unlock(hdev);
a7a595f6
VCG		 3287}
3288
fcd89c09
VT		 3289static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3290{
3291 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3292
3293 skb_pull(skb, sizeof(*le_ev));
3294
3295 switch (le_ev->subevent) {
3296 case HCI_EV_LE_CONN_COMPLETE:
3297 hci_le_conn_complete_evt(hdev, skb);
3298 break;
3299
9aa04c91
AG		 3300 case HCI_EV_LE_ADVERTISING_REPORT:
3301 hci_le_adv_report_evt(hdev, skb);
3302 break;
3303
a7a595f6
VCG		 3304 case HCI_EV_LE_LTK_REQ:
3305 hci_le_ltk_request_evt(hdev, skb);
3306 break;
3307
fcd89c09
VT		 3308 default:
3309 break;
3310 }
3311}
3312
a9de9248
MH		 3313void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3314{
3315 struct hci_event_hdr *hdr = (void *) skb->data;
3316 __u8 event = hdr->evt;
3317
3318 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3319
3320 switch (event) {
1da177e4
LT		 3321 case HCI_EV_INQUIRY_COMPLETE:
3322 hci_inquiry_complete_evt(hdev, skb);
3323 break;
3324
3325 case HCI_EV_INQUIRY_RESULT:
3326 hci_inquiry_result_evt(hdev, skb);
3327 break;
3328
a9de9248
MH		 3329 case HCI_EV_CONN_COMPLETE:
3330 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3331 break;
3332
1da177e4
LT		 3333 case HCI_EV_CONN_REQUEST:
3334 hci_conn_request_evt(hdev, skb);
3335 break;
3336
1da177e4
LT		 3337 case HCI_EV_DISCONN_COMPLETE:
3338 hci_disconn_complete_evt(hdev, skb);
3339 break;
3340
1da177e4
LT		 3341 case HCI_EV_AUTH_COMPLETE:
3342 hci_auth_complete_evt(hdev, skb);
3343 break;
3344
a9de9248
MH		 3345 case HCI_EV_REMOTE_NAME:
3346 hci_remote_name_evt(hdev, skb);
3347 break;
3348
1da177e4
LT		 3349 case HCI_EV_ENCRYPT_CHANGE:
3350 hci_encrypt_change_evt(hdev, skb);
3351 break;
3352
a9de9248
MH		 3353 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3354 hci_change_link_key_complete_evt(hdev, skb);
3355 break;
3356
3357 case HCI_EV_REMOTE_FEATURES:
3358 hci_remote_features_evt(hdev, skb);
3359 break;
3360
3361 case HCI_EV_REMOTE_VERSION:
3362 hci_remote_version_evt(hdev, skb);
3363 break;
3364
3365 case HCI_EV_QOS_SETUP_COMPLETE:
3366 hci_qos_setup_complete_evt(hdev, skb);
3367 break;
3368
3369 case HCI_EV_CMD_COMPLETE:
3370 hci_cmd_complete_evt(hdev, skb);
3371 break;
3372
3373 case HCI_EV_CMD_STATUS:
3374 hci_cmd_status_evt(hdev, skb);
3375 break;
3376
3377 case HCI_EV_ROLE_CHANGE:
3378 hci_role_change_evt(hdev, skb);
3379 break;
3380
3381 case HCI_EV_NUM_COMP_PKTS:
3382 hci_num_comp_pkts_evt(hdev, skb);
3383 break;
3384
3385 case HCI_EV_MODE_CHANGE:
3386 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3387 break;
3388
3389 case HCI_EV_PIN_CODE_REQ:
3390 hci_pin_code_request_evt(hdev, skb);
3391 break;
3392
3393 case HCI_EV_LINK_KEY_REQ:
3394 hci_link_key_request_evt(hdev, skb);
3395 break;
3396
3397 case HCI_EV_LINK_KEY_NOTIFY:
3398 hci_link_key_notify_evt(hdev, skb);
3399 break;
3400
3401 case HCI_EV_CLOCK_OFFSET:
3402 hci_clock_offset_evt(hdev, skb);
3403 break;
3404
a8746417
MH		 3405 case HCI_EV_PKT_TYPE_CHANGE:
3406 hci_pkt_type_change_evt(hdev, skb);
3407 break;
3408
85a1e930
MH		 3409 case HCI_EV_PSCAN_REP_MODE:
3410 hci_pscan_rep_mode_evt(hdev, skb);
3411 break;
3412
a9de9248
MH		 3413 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3414 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3415 break;
3416
a9de9248
MH		 3417 case HCI_EV_REMOTE_EXT_FEATURES:
3418 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3419 break;
3420
a9de9248
MH		 3421 case HCI_EV_SYNC_CONN_COMPLETE:
3422 hci_sync_conn_complete_evt(hdev, skb);
3423 break;
1da177e4 3424
a9de9248
MH		 3425 case HCI_EV_SYNC_CONN_CHANGED:
3426 hci_sync_conn_changed_evt(hdev, skb);
3427 break;
1da177e4 3428
a9de9248
MH		 3429 case HCI_EV_SNIFF_SUBRATE:
3430 hci_sniff_subrate_evt(hdev, skb);
3431 break;
1da177e4 3432
a9de9248
MH		 3433 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3434 hci_extended_inquiry_result_evt(hdev, skb);
3435 break;
1da177e4 3436
0493684e
MH		 3437 case HCI_EV_IO_CAPA_REQUEST:
3438 hci_io_capa_request_evt(hdev, skb);
3439 break;
3440
03b555e1
JH		 3441 case HCI_EV_IO_CAPA_REPLY:
3442 hci_io_capa_reply_evt(hdev, skb);
3443 break;
3444
a5c29683
JH		 3445 case HCI_EV_USER_CONFIRM_REQUEST:
3446 hci_user_confirm_request_evt(hdev, skb);
3447 break;
3448
1143d458
BG		 3449 case HCI_EV_USER_PASSKEY_REQUEST:
3450 hci_user_passkey_request_evt(hdev, skb);
3451 break;
3452
0493684e
MH		 3453 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3454 hci_simple_pair_complete_evt(hdev, skb);
3455 break;
3456
41a96212
MH		 3457 case HCI_EV_REMOTE_HOST_FEATURES:
3458 hci_remote_host_features_evt(hdev, skb);
3459 break;
3460
fcd89c09
VT		 3461 case HCI_EV_LE_META:
3462 hci_le_meta_evt(hdev, skb);
3463 break;
3464
2763eda6
SJ		 3465 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3466 hci_remote_oob_data_request_evt(hdev, skb);
3467 break;
3468
25e89e99
AE		 3469 case HCI_EV_NUM_COMP_BLOCKS:
3470 hci_num_comp_blocks_evt(hdev, skb);
3471 break;
3472
a9de9248
MH		 3473 default:
3474 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3475 break;
3476 }
3477
3478 kfree_skb(skb);
3479 hdev->stat.evt_rx++;
3480}
3481
3482/* Generate internal stack event */
3483void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3484{
3485 struct hci_event_hdr *hdr;
3486 struct hci_ev_stack_internal *ev;
3487 struct sk_buff *skb;
3488
3489 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3490 if (!skb)
3491 return;
3492
3493 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3494 hdr->evt = HCI_EV_STACK_INTERNAL;
3495 hdr->plen = sizeof(*ev) + dlen;
3496
3497 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3498 ev->type = type;
3499 memcpy(ev->data, data, dlen);
3500
576c7d85 3501 bt_cb(skb)->incoming = 1;
a61bbcf2 3502 __net_timestamp(skb);
576c7d85 3503
0d48d939 3504 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 3505 skb->dev = (void *) hdev;
eec8d2bc 3506 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 3507 kfree_skb(skb);
3508}
e6100a25 3509
669bb396 3510module_param(enable_le, bool, 0644);
e6100a25 3511MODULE_PARM_DESC(enable_le, "Enable LE support");
kernel source for telekom puls (alcatel/mediatek)