projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add address type to mgmt blacklist messages
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
eb939922 48static bool enable_le;
e6100a25 49
1da177e4
LT		 50/* Handle HCI Event packets */
51
a9de9248 52static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 53{
a9de9248 54 __u8 status = *((__u8 *) skb->data);
1da177e4 55
a9de9248 56 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 57
e6d465cb
AG		 58 if (status) {
59 hci_dev_lock(hdev);
60 mgmt_stop_discovery_failed(hdev, status);
61 hci_dev_unlock(hdev);
a9de9248 62 return;
e6d465cb 63 }
1da177e4 64
89352e7d
AG		 65 clear_bit(HCI_INQUIRY, &hdev->flags);
66
56e5cb86 67 hci_dev_lock(hdev);
ff9ef578 68 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 69 hci_dev_unlock(hdev);
6bd57416 70
23bb5763 71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 72
73 hci_conn_check_pending(hdev);
74}
6bd57416 75
a9de9248
MH		 76static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
77{
78 __u8 status = *((__u8 *) skb->data);
6bd57416 79
a9de9248 80 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 81
a9de9248
MH		 82 if (status)
83 return;
1da177e4 84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
89{
90 BT_DBG("%s", hdev->name);
91}
92
93static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
94{
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
97
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
99
100 if (rp->status)
101 return;
102
103 hci_dev_lock(hdev);
104
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
106 if (conn) {
107 if (rp->role)
108 conn->link_mode &= ~HCI_LM_MASTER;
109 else
110 conn->link_mode |= HCI_LM_MASTER;
1da177e4 111 }
a9de9248
MH		 112
113 hci_dev_unlock(hdev);
1da177e4
LT		 114}
115
e4e8e37c
MH		 116static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
117{
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
120
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
122
123 if (rp->status)
124 return;
125
126 hci_dev_lock(hdev);
127
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
129 if (conn)
130 conn->link_policy = __le16_to_cpu(rp->policy);
131
132 hci_dev_unlock(hdev);
133}
134
a9de9248 135static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 136{
a9de9248 137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 138 struct hci_conn *conn;
04837f64 139 void *sent;
1da177e4 140
a9de9248 141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 142
a9de9248
MH		 143 if (rp->status)
144 return;
1da177e4 145
a9de9248
MH		 146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
147 if (!sent)
148 return;
1da177e4 149
a9de9248 150 hci_dev_lock(hdev);
1da177e4 151
a9de9248 152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 153 if (conn)
83985319 154 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 155
a9de9248
MH		 156 hci_dev_unlock(hdev);
157}
1da177e4 158
e4e8e37c
MH		 159static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
160{
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
162
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
164
165 if (rp->status)
166 return;
167
168 hdev->link_policy = __le16_to_cpu(rp->policy);
169}
170
171static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
172{
173 __u8 status = *((__u8 *) skb->data);
174 void *sent;
175
176 BT_DBG("%s status 0x%x", hdev->name, status);
177
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
179 if (!sent)
180 return;
181
182 if (!status)
183 hdev->link_policy = get_unaligned_le16(sent);
184
23bb5763 185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 186}
187
a9de9248
MH		 188static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
189{
190 __u8 status = *((__u8 *) skb->data);
04837f64 191
a9de9248 192 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 193
10572132
GP		 194 clear_bit(HCI_RESET, &hdev->flags);
195
23bb5763 196 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 197
7005ff17 198 /* Reset all flags, except persistent ones */
95947a39
HG		 199 hdev->dev_flags &= BIT(HCI_MGMT) | BIT(HCI_SETUP) | BIT(HCI_AUTO_OFF) |
200 BIT(HCI_LINK_KEYS) | BIT(HCI_DEBUG_KEYS);
a9de9248 201}
04837f64 202
a9de9248
MH		 203static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
204{
205 __u8 status = *((__u8 *) skb->data);
206 void *sent;
04837f64 207
a9de9248 208 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 209
a9de9248
MH		 210 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
211 if (!sent)
212 return;
04837f64 213
56e5cb86
JH		 214 hci_dev_lock(hdev);
215
a8b2d5c2 216 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 217 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 218
56e5cb86
JH		 219 if (status == 0)
220 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 221
56e5cb86 222 hci_dev_unlock(hdev);
a9de9248
MH		 223}
224
225static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
226{
227 struct hci_rp_read_local_name *rp = (void *) skb->data;
228
229 BT_DBG("%s status 0x%x", hdev->name, rp->status);
230
231 if (rp->status)
232 return;
233
1f6c6378 234 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 235}
236
237static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
238{
239 __u8 status = *((__u8 *) skb->data);
240 void *sent;
241
242 BT_DBG("%s status 0x%x", hdev->name, status);
243
244 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
245 if (!sent)
246 return;
247
248 if (!status) {
249 __u8 param = *((__u8 *) sent);
250
251 if (param == AUTH_ENABLED)
252 set_bit(HCI_AUTH, &hdev->flags);
253 else
254 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 255 }
a9de9248 256
23bb5763 257 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 258}
259
a9de9248 260static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 261{
a9de9248 262 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 263 void *sent;
264
a9de9248 265 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 266
a9de9248
MH		 267 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
268 if (!sent)
269 return;
1da177e4 270
a9de9248
MH		 271 if (!status) {
272 __u8 param = *((__u8 *) sent);
273
274 if (param)
275 set_bit(HCI_ENCRYPT, &hdev->flags);
276 else
277 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 }
1da177e4 279
23bb5763 280 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 281}
1da177e4 282
a9de9248
MH		 283static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
284{
36f7fc7e
JH		 285 __u8 param, status = *((__u8 *) skb->data);
286 int old_pscan, old_iscan;
a9de9248 287 void *sent;
1da177e4 288
a9de9248 289 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 290
a9de9248
MH		 291 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
292 if (!sent)
293 return;
1da177e4 294
36f7fc7e
JH		 295 param = *((__u8 *) sent);
296
56e5cb86
JH		 297 hci_dev_lock(hdev);
298
2d7cee58 299 if (status != 0) {
744cf19e 300 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 301 hdev->discov_timeout = 0;
302 goto done;
303 }
304
36f7fc7e
JH		 305 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
306 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
307
308 if (param & SCAN_INQUIRY) {
309 set_bit(HCI_ISCAN, &hdev->flags);
310 if (!old_iscan)
744cf19e 311 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 312 if (hdev->discov_timeout > 0) {
313 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
314 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 to);
316 }
36f7fc7e 317 } else if (old_iscan)
744cf19e 318 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 319
320 if (param & SCAN_PAGE) {
321 set_bit(HCI_PSCAN, &hdev->flags);
322 if (!old_pscan)
744cf19e 323 mgmt_connectable(hdev, 1);
36f7fc7e 324 } else if (old_pscan)
744cf19e 325 mgmt_connectable(hdev, 0);
1da177e4 326
36f7fc7e 327done:
56e5cb86 328 hci_dev_unlock(hdev);
23bb5763 329 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 335
a9de9248 336 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 337
a9de9248
MH		 338 if (rp->status)
339 return;
1da177e4 340
a9de9248 341 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 342
a9de9248
MH		 343 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
344 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345}
1da177e4 346
a9de9248
MH		 347static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
348{
349 __u8 status = *((__u8 *) skb->data);
350 void *sent;
1da177e4 351
a9de9248 352 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 353
f383f275
MH		 354 if (status)
355 return;
356
a9de9248
MH		 357 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
358 if (!sent)
359 return;
1da177e4 360
f383f275 361 memcpy(hdev->dev_class, sent, 3);
a9de9248 362}
1da177e4 363
a9de9248
MH		 364static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
365{
366 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 __u16 setting;
368
369 BT_DBG("%s status 0x%x", hdev->name, rp->status);
370
371 if (rp->status)
372 return;
373
374 setting = __le16_to_cpu(rp->voice_setting);
375
f383f275 376 if (hdev->voice_setting == setting)
a9de9248
MH		 377 return;
378
379 hdev->voice_setting = setting;
380
381 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382
3c54711c 383 if (hdev->notify)
a9de9248 384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 385}
386
387static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
388{
389 __u8 status = *((__u8 *) skb->data);
f383f275 390 __u16 setting;
a9de9248
MH		 391 void *sent;
392
393 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 394
f383f275
MH		 395 if (status)
396 return;
397
a9de9248
MH		 398 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
399 if (!sent)
400 return;
1da177e4 401
f383f275 402 setting = get_unaligned_le16(sent);
1da177e4 403
f383f275
MH		 404 if (hdev->voice_setting == setting)
405 return;
406
407 hdev->voice_setting = setting;
1da177e4 408
f383f275 409 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 410
3c54711c 411 if (hdev->notify)
f383f275 412 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 413}
414
a9de9248 415static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 416{
a9de9248 417 __u8 status = *((__u8 *) skb->data);
1da177e4 418
a9de9248 419 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 420
23bb5763 421 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 422}
1143e5a6 423
333140b5
MH		 424static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
425{
426 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
427
428 BT_DBG("%s status 0x%x", hdev->name, rp->status);
429
430 if (rp->status)
431 return;
432
84bde9d6
JH		 433 if (rp->mode)
434 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
435 else
436 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 437}
438
439static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
440{
441 __u8 status = *((__u8 *) skb->data);
442 void *sent;
443
444 BT_DBG("%s status 0x%x", hdev->name, status);
445
446 if (status)
447 return;
448
449 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
450 if (!sent)
451 return;
452
84bde9d6
JH		 453 if (*((u8 *) sent))
454 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
455 else
456 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 457}
458
d5859e22
JH		 459static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
460{
461 if (hdev->features[6] & LMP_EXT_INQ)
462 return 2;
463
464 if (hdev->features[3] & LMP_RSSI_INQ)
465 return 1;
466
467 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
468 hdev->lmp_subver == 0x0757)
469 return 1;
470
471 if (hdev->manufacturer == 15) {
472 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
473 return 1;
474 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
475 return 1;
476 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
477 return 1;
478 }
479
480 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
481 hdev->lmp_subver == 0x1805)
482 return 1;
483
484 return 0;
485}
486
487static void hci_setup_inquiry_mode(struct hci_dev *hdev)
488{
489 u8 mode;
490
491 mode = hci_get_inquiry_mode(hdev);
492
493 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
494}
495
496static void hci_setup_event_mask(struct hci_dev *hdev)
497{
498 /* The second byte is 0xff instead of 0x9f (two reserved bits
499 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
500 * command otherwise */
501 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
502
6de6c18d
VT		 503 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
504 * any event mask for pre 1.2 devices */
5a13b095 505 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 506 return;
507
508 events[4] |= 0x01; /* Flow Specification Complete */
509 events[4] |= 0x02; /* Inquiry Result with RSSI */
510 events[4] |= 0x04; /* Read Remote Extended Features Complete */
511 events[5] |= 0x08; /* Synchronous Connection Complete */
512 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 513
514 if (hdev->features[3] & LMP_RSSI_INQ)
515 events[4] |= 0x04; /* Inquiry Result with RSSI */
516
517 if (hdev->features[5] & LMP_SNIFF_SUBR)
518 events[5] |= 0x20; /* Sniff Subrating */
519
520 if (hdev->features[5] & LMP_PAUSE_ENC)
521 events[5] |= 0x80; /* Encryption Key Refresh Complete */
522
523 if (hdev->features[6] & LMP_EXT_INQ)
524 events[5] |= 0x40; /* Extended Inquiry Result */
525
526 if (hdev->features[6] & LMP_NO_FLUSH)
527 events[7] |= 0x01; /* Enhanced Flush Complete */
528
529 if (hdev->features[7] & LMP_LSTO)
530 events[6] |= 0x80; /* Link Supervision Timeout Changed */
531
532 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
533 events[6] |= 0x01; /* IO Capability Request */
534 events[6] |= 0x02; /* IO Capability Response */
535 events[6] |= 0x04; /* User Confirmation Request */
536 events[6] |= 0x08; /* User Passkey Request */
537 events[6] |= 0x10; /* Remote OOB Data Request */
538 events[6] |= 0x20; /* Simple Pairing Complete */
539 events[7] |= 0x04; /* User Passkey Notification */
540 events[7] |= 0x08; /* Keypress Notification */
541 events[7] |= 0x10; /* Remote Host Supported
542 * Features Notification */
543 }
544
545 if (hdev->features[4] & LMP_LE)
546 events[7] |= 0x20; /* LE Meta-Event */
547
548 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
549}
550
e6100a25
AG		 551static void hci_set_le_support(struct hci_dev *hdev)
552{
553 struct hci_cp_write_le_host_supported cp;
554
555 memset(&cp, 0, sizeof(cp));
556
557 if (enable_le) {
558 cp.le = 1;
559 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
560 }
561
562 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
563}
564
d5859e22
JH		 565static void hci_setup(struct hci_dev *hdev)
566{
e61ef499
AE		 567 if (hdev->dev_type != HCI_BREDR)
568 return;
569
d5859e22
JH		 570 hci_setup_event_mask(hdev);
571
d095c1eb 572 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 573 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
574
575 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
576 u8 mode = 0x01;
577 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
578 }
579
580 if (hdev->features[3] & LMP_RSSI_INQ)
581 hci_setup_inquiry_mode(hdev);
582
583 if (hdev->features[7] & LMP_INQ_TX_PWR)
584 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 585
586 if (hdev->features[7] & LMP_EXTFEATURES) {
587 struct hci_cp_read_local_ext_features cp;
588
589 cp.page = 0x01;
590 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
591 sizeof(cp), &cp);
592 }
e6100a25
AG		 593
594 if (hdev->features[4] & LMP_LE)
595 hci_set_le_support(hdev);
d5859e22
JH		 596}
597
a9de9248
MH		 598static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
599{
600 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 601
a9de9248 602 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 603
a9de9248
MH		 604 if (rp->status)
605 return;
1143e5a6 606
a9de9248 607 hdev->hci_ver = rp->hci_ver;
e4e8e37c 608 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 609 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 610 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 611 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 612
a9de9248
MH		 613 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
614 hdev->manufacturer,
615 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 616
617 if (test_bit(HCI_INIT, &hdev->flags))
618 hci_setup(hdev);
619}
620
621static void hci_setup_link_policy(struct hci_dev *hdev)
622{
623 u16 link_policy = 0;
624
625 if (hdev->features[0] & LMP_RSWITCH)
626 link_policy |= HCI_LP_RSWITCH;
627 if (hdev->features[0] & LMP_HOLD)
628 link_policy |= HCI_LP_HOLD;
629 if (hdev->features[0] & LMP_SNIFF)
630 link_policy |= HCI_LP_SNIFF;
631 if (hdev->features[1] & LMP_PARK)
632 link_policy |= HCI_LP_PARK;
633
634 link_policy = cpu_to_le16(link_policy);
635 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
636 sizeof(link_policy), &link_policy);
a9de9248 637}
1da177e4 638
a9de9248
MH		 639static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
640{
641 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 642
a9de9248 643 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 644
a9de9248 645 if (rp->status)
d5859e22 646 goto done;
1da177e4 647
a9de9248 648 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 649
650 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
651 hci_setup_link_policy(hdev);
652
653done:
654 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 655}
1da177e4 656
a9de9248
MH		 657static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
658{
659 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 660
a9de9248 661 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 662
a9de9248
MH		 663 if (rp->status)
664 return;
5b7f9909 665
a9de9248 666 memcpy(hdev->features, rp->features, 8);
5b7f9909 667
a9de9248
MH		 668 /* Adjust default settings according to features
669 * supported by device. */
1da177e4 670
a9de9248
MH		 671 if (hdev->features[0] & LMP_3SLOT)
672 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 673
a9de9248
MH		 674 if (hdev->features[0] & LMP_5SLOT)
675 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 676
a9de9248
MH		 677 if (hdev->features[1] & LMP_HV2) {
678 hdev->pkt_type |= (HCI_HV2);
679 hdev->esco_type |= (ESCO_HV2);
680 }
1da177e4 681
a9de9248
MH		 682 if (hdev->features[1] & LMP_HV3) {
683 hdev->pkt_type |= (HCI_HV3);
684 hdev->esco_type |= (ESCO_HV3);
685 }
1da177e4 686
a9de9248
MH		 687 if (hdev->features[3] & LMP_ESCO)
688 hdev->esco_type |= (ESCO_EV3);
da1f5198 689
a9de9248
MH		 690 if (hdev->features[4] & LMP_EV4)
691 hdev->esco_type |= (ESCO_EV4);
da1f5198 692
a9de9248
MH		 693 if (hdev->features[4] & LMP_EV5)
694 hdev->esco_type |= (ESCO_EV5);
1da177e4 695
efc7688b
MH		 696 if (hdev->features[5] & LMP_EDR_ESCO_2M)
697 hdev->esco_type |= (ESCO_2EV3);
698
699 if (hdev->features[5] & LMP_EDR_ESCO_3M)
700 hdev->esco_type |= (ESCO_3EV3);
701
702 if (hdev->features[5] & LMP_EDR_3S_ESCO)
703 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
704
a9de9248
MH		 705 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
706 hdev->features[0], hdev->features[1],
707 hdev->features[2], hdev->features[3],
708 hdev->features[4], hdev->features[5],
709 hdev->features[6], hdev->features[7]);
710}
1da177e4 711
971e3a4b
AG		 712static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
713 struct sk_buff *skb)
714{
715 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
716
717 BT_DBG("%s status 0x%x", hdev->name, rp->status);
718
719 if (rp->status)
720 return;
721
b5b32b65
AG		 722 switch (rp->page) {
723 case 0:
724 memcpy(hdev->features, rp->features, 8);
725 break;
726 case 1:
727 memcpy(hdev->host_features, rp->features, 8);
728 break;
729 }
971e3a4b
AG		 730
731 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
732}
733
1e89cffb
AE		 734static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
735 struct sk_buff *skb)
736{
737 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
738
739 BT_DBG("%s status 0x%x", hdev->name, rp->status);
740
741 if (rp->status)
742 return;
743
744 hdev->flow_ctl_mode = rp->mode;
745
746 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
747}
748
a9de9248
MH		 749static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
750{
751 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 752
a9de9248 753 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 754
a9de9248
MH		 755 if (rp->status)
756 return;
1da177e4 757
a9de9248
MH		 758 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
759 hdev->sco_mtu = rp->sco_mtu;
760 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
761 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
762
763 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
764 hdev->sco_mtu = 64;
765 hdev->sco_pkts = 8;
1da177e4 766 }
a9de9248
MH		 767
768 hdev->acl_cnt = hdev->acl_pkts;
769 hdev->sco_cnt = hdev->sco_pkts;
770
771 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
772 hdev->acl_mtu, hdev->acl_pkts,
773 hdev->sco_mtu, hdev->sco_pkts);
774}
775
776static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
777{
778 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
779
780 BT_DBG("%s status 0x%x", hdev->name, rp->status);
781
782 if (!rp->status)
783 bacpy(&hdev->bdaddr, &rp->bdaddr);
784
23bb5763
JH		 785 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
786}
787
350ee4cf
AE		 788static void hci_cc_read_data_block_size(struct hci_dev *hdev,
789 struct sk_buff *skb)
790{
791 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
792
793 BT_DBG("%s status 0x%x", hdev->name, rp->status);
794
795 if (rp->status)
796 return;
797
798 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
799 hdev->block_len = __le16_to_cpu(rp->block_len);
800 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
801
802 hdev->block_cnt = hdev->num_blocks;
803
804 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
805 hdev->block_cnt, hdev->block_len);
806
807 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
808}
809
23bb5763
JH		 810static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
811{
812 __u8 status = *((__u8 *) skb->data);
813
814 BT_DBG("%s status 0x%x", hdev->name, status);
815
816 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 817}
818
928abaa7
AE		 819static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
820 struct sk_buff *skb)
821{
822 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
823
824 BT_DBG("%s status 0x%x", hdev->name, rp->status);
825
826 if (rp->status)
827 return;
828
829 hdev->amp_status = rp->amp_status;
830 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
831 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
832 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
833 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
834 hdev->amp_type = rp->amp_type;
835 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
836 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
837 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
838 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
839
840 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
841}
842
b0916ea0
JH		 843static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
844 struct sk_buff *skb)
845{
846 __u8 status = *((__u8 *) skb->data);
847
848 BT_DBG("%s status 0x%x", hdev->name, status);
849
850 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
851}
852
d5859e22
JH		 853static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
854{
855 __u8 status = *((__u8 *) skb->data);
856
857 BT_DBG("%s status 0x%x", hdev->name, status);
858
859 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
860}
861
862static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
863 struct sk_buff *skb)
864{
865 __u8 status = *((__u8 *) skb->data);
866
867 BT_DBG("%s status 0x%x", hdev->name, status);
868
869 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
870}
871
872static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
873 struct sk_buff *skb)
874{
875 __u8 status = *((__u8 *) skb->data);
876
877 BT_DBG("%s status 0x%x", hdev->name, status);
878
879 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
880}
881
882static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
883{
884 __u8 status = *((__u8 *) skb->data);
885
886 BT_DBG("%s status 0x%x", hdev->name, status);
887
888 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
889}
890
980e1a53
JH		 891static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
892{
893 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
894 struct hci_cp_pin_code_reply *cp;
895 struct hci_conn *conn;
896
897 BT_DBG("%s status 0x%x", hdev->name, rp->status);
898
56e5cb86
JH		 899 hci_dev_lock(hdev);
900
a8b2d5c2 901 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 902 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 903
904 if (rp->status != 0)
56e5cb86 905 goto unlock;
980e1a53
JH		 906
907 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
908 if (!cp)
56e5cb86 909 goto unlock;
980e1a53
JH		 910
911 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
912 if (conn)
913 conn->pin_length = cp->pin_len;
56e5cb86
JH		 914
915unlock:
916 hci_dev_unlock(hdev);
980e1a53
JH		 917}
918
919static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
920{
921 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
922
923 BT_DBG("%s status 0x%x", hdev->name, rp->status);
924
56e5cb86
JH		 925 hci_dev_lock(hdev);
926
a8b2d5c2 927 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 928 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 929 rp->status);
56e5cb86
JH		 930
931 hci_dev_unlock(hdev);
980e1a53 932}
56e5cb86 933
6ed58ec5
VT		 934static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
935 struct sk_buff *skb)
936{
937 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
938
939 BT_DBG("%s status 0x%x", hdev->name, rp->status);
940
941 if (rp->status)
942 return;
943
944 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
945 hdev->le_pkts = rp->le_max_pkt;
946
947 hdev->le_cnt = hdev->le_pkts;
948
949 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
950
951 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
952}
980e1a53 953
a5c29683
JH		 954static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
955{
956 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
957
958 BT_DBG("%s status 0x%x", hdev->name, rp->status);
959
56e5cb86
JH		 960 hci_dev_lock(hdev);
961
a8b2d5c2 962 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 963 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
964 0, rp->status);
56e5cb86
JH		 965
966 hci_dev_unlock(hdev);
a5c29683
JH		 967}
968
969static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
970 struct sk_buff *skb)
971{
972 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
973
974 BT_DBG("%s status 0x%x", hdev->name, rp->status);
975
56e5cb86
JH		 976 hci_dev_lock(hdev);
977
a8b2d5c2 978 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 979 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 980 ACL_LINK, 0,
a5c29683 981 rp->status);
56e5cb86
JH		 982
983 hci_dev_unlock(hdev);
a5c29683
JH		 984}
985
1143d458
BG		 986static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
987{
988 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
989
990 BT_DBG("%s status 0x%x", hdev->name, rp->status);
991
992 hci_dev_lock(hdev);
993
a8b2d5c2 994 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df
JH		 995 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
996 0, rp->status);
1143d458
BG		 997
998 hci_dev_unlock(hdev);
999}
1000
1001static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1002 struct sk_buff *skb)
1003{
1004 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1005
1006 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1007
1008 hci_dev_lock(hdev);
1009
a8b2d5c2 1010 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1011 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
272d90df 1012 ACL_LINK, 0,
1143d458
BG		 1013 rp->status);
1014
1015 hci_dev_unlock(hdev);
1016}
1017
c35938b2
SJ		 1018static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1019 struct sk_buff *skb)
1020{
1021 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1022
1023 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1024
56e5cb86 1025 hci_dev_lock(hdev);
744cf19e 1026 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1027 rp->randomizer, rp->status);
56e5cb86 1028 hci_dev_unlock(hdev);
c35938b2
SJ		 1029}
1030
07f7fa5d
AG		 1031static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1032{
1033 __u8 status = *((__u8 *) skb->data);
1034
1035 BT_DBG("%s status 0x%x", hdev->name, status);
7ba8b4be
AG		 1036
1037 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1038
1039 if (status) {
1040 hci_dev_lock(hdev);
1041 mgmt_start_discovery_failed(hdev, status);
1042 hci_dev_unlock(hdev);
1043 return;
1044 }
07f7fa5d
AG		 1045}
1046
eb9d91f5
AG		 1047static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1048 struct sk_buff *skb)
1049{
1050 struct hci_cp_le_set_scan_enable *cp;
1051 __u8 status = *((__u8 *) skb->data);
1052
1053 BT_DBG("%s status 0x%x", hdev->name, status);
1054
eb9d91f5
AG		 1055 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1056 if (!cp)
1057 return;
1058
68a8aea4
AE		 1059 switch (cp->enable) {
1060 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1061 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1062
3fd24153
AG		 1063 if (status) {
1064 hci_dev_lock(hdev);
1065 mgmt_start_discovery_failed(hdev, status);
1066 hci_dev_unlock(hdev);
7ba8b4be 1067 return;
3fd24153 1068 }
7ba8b4be 1069
d23264a8
AG		 1070 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1071
db323f2f 1072 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1073
1074 hci_dev_lock(hdev);
eb9d91f5 1075 hci_adv_entries_clear(hdev);
c599008f 1076 hci_discovery_set_state(hdev, DISCOVERY_LE_SCAN);
a8f13c8c 1077 hci_dev_unlock(hdev);
68a8aea4
AE		 1078 break;
1079
1080 case LE_SCANNING_DISABLED:
7ba8b4be
AG		 1081 if (status)
1082 return;
1083
d23264a8
AG		 1084 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1085
c599008f
AG		 1086 hci_dev_lock(hdev);
1087 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1088 hci_dev_unlock(hdev);
1089
d084329e 1090 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
68a8aea4
AE		 1091 break;
1092
1093 default:
1094 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1095 break;
35815085 1096 }
eb9d91f5
AG		 1097}
1098
a7a595f6
VCG		 1099static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1100{
1101 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1102
1103 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1104
1105 if (rp->status)
1106 return;
1107
1108 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1109}
1110
1111static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1112{
1113 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1114
1115 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1116
1117 if (rp->status)
1118 return;
1119
1120 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1121}
1122
f9b49306
AG		 1123static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1124 struct sk_buff *skb)
1125{
1126 struct hci_cp_read_local_ext_features cp;
1127 __u8 status = *((__u8 *) skb->data);
1128
1129 BT_DBG("%s status 0x%x", hdev->name, status);
1130
1131 if (status)
1132 return;
1133
1134 cp.page = 0x01;
1135 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1136}
1137
a9de9248
MH		 1138static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1139{
1140 BT_DBG("%s status 0x%x", hdev->name, status);
1141
1142 if (status) {
23bb5763 1143 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1144 hci_conn_check_pending(hdev);
56e5cb86 1145 hci_dev_lock(hdev);
a8b2d5c2 1146 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1147 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1148 hci_dev_unlock(hdev);
314b2381
JH		 1149 return;
1150 }
1151
89352e7d
AG		 1152 set_bit(HCI_INQUIRY, &hdev->flags);
1153
56e5cb86 1154 hci_dev_lock(hdev);
30dc78e1 1155 hci_discovery_set_state(hdev, DISCOVERY_INQUIRY);
56e5cb86 1156 hci_dev_unlock(hdev);
1da177e4
LT		 1157}
1158
1da177e4
LT		 1159static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1160{
a9de9248 1161 struct hci_cp_create_conn *cp;
1da177e4 1162 struct hci_conn *conn;
1da177e4 1163
a9de9248
MH		 1164 BT_DBG("%s status 0x%x", hdev->name, status);
1165
1166 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1167 if (!cp)
1168 return;
1169
1170 hci_dev_lock(hdev);
1171
1172 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1173
a9de9248 1174 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1175
1176 if (status) {
1177 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1178 if (status != 0x0c || conn->attempt > 2) {
1179 conn->state = BT_CLOSED;
1180 hci_proto_connect_cfm(conn, status);
1181 hci_conn_del(conn);
1182 } else
1183 conn->state = BT_CONNECT2;
1da177e4
LT		 1184 }
1185 } else {
1186 if (!conn) {
1187 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1188 if (conn) {
a0c808b3 1189 conn->out = true;
1da177e4
LT		 1190 conn->link_mode |= HCI_LM_MASTER;
1191 } else
893ef971 1192 BT_ERR("No memory for new connection");
1da177e4
LT		 1193 }
1194 }
1195
1196 hci_dev_unlock(hdev);
1197}
1198
a9de9248 1199static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1200{
a9de9248
MH		 1201 struct hci_cp_add_sco *cp;
1202 struct hci_conn *acl, *sco;
1203 __u16 handle;
1da177e4 1204
b6a0dc82
MH		 1205 BT_DBG("%s status 0x%x", hdev->name, status);
1206
a9de9248
MH		 1207 if (!status)
1208 return;
1da177e4 1209
a9de9248
MH		 1210 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1211 if (!cp)
1212 return;
1da177e4 1213
a9de9248 1214 handle = __le16_to_cpu(cp->handle);
1da177e4 1215
a9de9248 1216 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1217
a9de9248 1218 hci_dev_lock(hdev);
1da177e4 1219
a9de9248 1220 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1221 if (acl) {
1222 sco = acl->link;
1223 if (sco) {
1224 sco->state = BT_CLOSED;
1da177e4 1225
5a08ecce
AE		 1226 hci_proto_connect_cfm(sco, status);
1227 hci_conn_del(sco);
1228 }
a9de9248 1229 }
1da177e4 1230
a9de9248
MH		 1231 hci_dev_unlock(hdev);
1232}
1da177e4 1233
f8558555
MH		 1234static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1235{
1236 struct hci_cp_auth_requested *cp;
1237 struct hci_conn *conn;
1238
1239 BT_DBG("%s status 0x%x", hdev->name, status);
1240
1241 if (!status)
1242 return;
1243
1244 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1245 if (!cp)
1246 return;
1247
1248 hci_dev_lock(hdev);
1249
1250 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1251 if (conn) {
1252 if (conn->state == BT_CONFIG) {
1253 hci_proto_connect_cfm(conn, status);
1254 hci_conn_put(conn);
1255 }
1256 }
1257
1258 hci_dev_unlock(hdev);
1259}
1260
1261static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1262{
1263 struct hci_cp_set_conn_encrypt *cp;
1264 struct hci_conn *conn;
1265
1266 BT_DBG("%s status 0x%x", hdev->name, status);
1267
1268 if (!status)
1269 return;
1270
1271 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1272 if (!cp)
1273 return;
1274
1275 hci_dev_lock(hdev);
1276
1277 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1278 if (conn) {
1279 if (conn->state == BT_CONFIG) {
1280 hci_proto_connect_cfm(conn, status);
1281 hci_conn_put(conn);
1282 }
1283 }
1284
1285 hci_dev_unlock(hdev);
1286}
1287
127178d2 1288static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1289 struct hci_conn *conn)
392599b9 1290{
392599b9
JH		 1291 if (conn->state != BT_CONFIG || !conn->out)
1292 return 0;
1293
765c2a96 1294 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1295 return 0;
1296
1297 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1298 * devices with sec_level HIGH or if MITM protection is requested */
aa64a8b5 1299 if (!hci_conn_ssp_enabled(conn) &&
e9bf2bf0
VCG		 1300 conn->pending_sec_level != BT_SECURITY_HIGH &&
1301 !(conn->auth_type & 0x01))
392599b9
JH		 1302 return 0;
1303
392599b9
JH		 1304 return 1;
1305}
1306
30dc78e1
JH		 1307static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1308{
1309 struct hci_cp_remote_name_req cp;
1310
1311 memset(&cp, 0, sizeof(cp));
1312
1313 bacpy(&cp.bdaddr, &e->data.bdaddr);
1314 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1315 cp.pscan_mode = e->data.pscan_mode;
1316 cp.clock_offset = e->data.clock_offset;
1317
1318 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1319}
1320
b644ba33 1321static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1322{
1323 struct discovery_state *discov = &hdev->discovery;
1324 struct inquiry_entry *e;
1325
b644ba33
JH		 1326 if (list_empty(&discov->resolve))
1327 return false;
1328
1329 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1330 if (hci_resolve_name(hdev, e) == 0) {
1331 e->name_state = NAME_PENDING;
1332 return true;
1333 }
1334
1335 return false;
1336}
1337
1338static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1339 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1340{
1341 struct discovery_state *discov = &hdev->discovery;
1342 struct inquiry_entry *e;
1343
1344 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1345 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1346 name, name_len, conn->dev_class);
1347
1348 if (discov->state == DISCOVERY_STOPPED)
1349 return;
1350
30dc78e1
JH		 1351 if (discov->state == DISCOVERY_STOPPING)
1352 goto discov_complete;
1353
1354 if (discov->state != DISCOVERY_RESOLVING)
1355 return;
1356
1357 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1358 if (e) {
1359 e->name_state = NAME_KNOWN;
1360 list_del(&e->list);
b644ba33
JH		 1361 if (name)
1362 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1363 e->data.rssi, name, name_len);
30dc78e1
JH		 1364 }
1365
b644ba33 1366 if (hci_resolve_next_name(hdev))
30dc78e1 1367 return;
30dc78e1
JH		 1368
1369discov_complete:
1370 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1371}
1372
a9de9248
MH		 1373static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1374{
127178d2
JH		 1375 struct hci_cp_remote_name_req *cp;
1376 struct hci_conn *conn;
1377
a9de9248 1378 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1379
1380 /* If successful wait for the name req complete event before
1381 * checking for the need to do authentication */
1382 if (!status)
1383 return;
1384
1385 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1386 if (!cp)
1387 return;
1388
1389 hci_dev_lock(hdev);
1390
b644ba33
JH		 1391 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1392
a8b2d5c2 1393 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1394 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1395
79c6c70c
JH		 1396 if (!conn)
1397 goto unlock;
1398
1399 if (!hci_outgoing_auth_needed(hdev, conn))
1400 goto unlock;
1401
51a8efd7 1402 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1403 struct hci_cp_auth_requested cp;
1404 cp.handle = __cpu_to_le16(conn->handle);
1405 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1406 }
1407
79c6c70c 1408unlock:
127178d2 1409 hci_dev_unlock(hdev);
a9de9248 1410}
1da177e4 1411
769be974
MH		 1412static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1413{
1414 struct hci_cp_read_remote_features *cp;
1415 struct hci_conn *conn;
1416
1417 BT_DBG("%s status 0x%x", hdev->name, status);
1418
1419 if (!status)
1420 return;
1421
1422 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1423 if (!cp)
1424 return;
1425
1426 hci_dev_lock(hdev);
1427
1428 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1429 if (conn) {
1430 if (conn->state == BT_CONFIG) {
769be974
MH		 1431 hci_proto_connect_cfm(conn, status);
1432 hci_conn_put(conn);
1433 }
1434 }
1435
1436 hci_dev_unlock(hdev);
1437}
1438
1439static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1440{
1441 struct hci_cp_read_remote_ext_features *cp;
1442 struct hci_conn *conn;
1443
1444 BT_DBG("%s status 0x%x", hdev->name, status);
1445
1446 if (!status)
1447 return;
1448
1449 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1450 if (!cp)
1451 return;
1452
1453 hci_dev_lock(hdev);
1454
1455 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1456 if (conn) {
1457 if (conn->state == BT_CONFIG) {
769be974
MH		 1458 hci_proto_connect_cfm(conn, status);
1459 hci_conn_put(conn);
1460 }
1461 }
1462
1463 hci_dev_unlock(hdev);
1464}
1465
a9de9248
MH		 1466static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1467{
b6a0dc82
MH		 1468 struct hci_cp_setup_sync_conn *cp;
1469 struct hci_conn *acl, *sco;
1470 __u16 handle;
1471
a9de9248 1472 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1473
1474 if (!status)
1475 return;
1476
1477 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1478 if (!cp)
1479 return;
1480
1481 handle = __le16_to_cpu(cp->handle);
1482
1483 BT_DBG("%s handle %d", hdev->name, handle);
1484
1485 hci_dev_lock(hdev);
1486
1487 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1488 if (acl) {
1489 sco = acl->link;
1490 if (sco) {
1491 sco->state = BT_CLOSED;
b6a0dc82 1492
5a08ecce
AE		 1493 hci_proto_connect_cfm(sco, status);
1494 hci_conn_del(sco);
1495 }
b6a0dc82
MH		 1496 }
1497
1498 hci_dev_unlock(hdev);
1da177e4
LT		 1499}
1500
a9de9248 1501static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1502{
a9de9248
MH		 1503 struct hci_cp_sniff_mode *cp;
1504 struct hci_conn *conn;
1da177e4 1505
a9de9248 1506 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1507
a9de9248
MH		 1508 if (!status)
1509 return;
04837f64 1510
a9de9248
MH		 1511 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1512 if (!cp)
1513 return;
04837f64 1514
a9de9248 1515 hci_dev_lock(hdev);
04837f64 1516
a9de9248 1517 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1518 if (conn) {
51a8efd7 1519 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1520
51a8efd7 1521 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1522 hci_sco_setup(conn, status);
1523 }
1524
a9de9248
MH		 1525 hci_dev_unlock(hdev);
1526}
04837f64 1527
a9de9248
MH		 1528static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1529{
1530 struct hci_cp_exit_sniff_mode *cp;
1531 struct hci_conn *conn;
04837f64 1532
a9de9248 1533 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1534
a9de9248
MH		 1535 if (!status)
1536 return;
04837f64 1537
a9de9248
MH		 1538 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1539 if (!cp)
1540 return;
04837f64 1541
a9de9248 1542 hci_dev_lock(hdev);
1da177e4 1543
a9de9248 1544 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1545 if (conn) {
51a8efd7 1546 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1547
51a8efd7 1548 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1549 hci_sco_setup(conn, status);
1550 }
1551
a9de9248 1552 hci_dev_unlock(hdev);
1da177e4
LT		 1553}
1554
88c3df13
JH		 1555static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1556{
1557 struct hci_cp_disconnect *cp;
1558 struct hci_conn *conn;
1559
1560 if (!status)
1561 return;
1562
1563 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1564 if (!cp)
1565 return;
1566
1567 hci_dev_lock(hdev);
1568
1569 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1570 if (conn)
1571 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1572 conn->dst_type, status);
1573
1574 hci_dev_unlock(hdev);
1575}
1576
fcd89c09
VT		 1577static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1578{
1579 struct hci_cp_le_create_conn *cp;
1580 struct hci_conn *conn;
1581
1582 BT_DBG("%s status 0x%x", hdev->name, status);
1583
1584 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1585 if (!cp)
1586 return;
1587
1588 hci_dev_lock(hdev);
1589
1590 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1591
1592 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1593 conn);
1594
1595 if (status) {
1596 if (conn && conn->state == BT_CONNECT) {
1597 conn->state = BT_CLOSED;
1598 hci_proto_connect_cfm(conn, status);
1599 hci_conn_del(conn);
1600 }
1601 } else {
1602 if (!conn) {
1603 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1604 if (conn) {
1605 conn->dst_type = cp->peer_addr_type;
a0c808b3 1606 conn->out = true;
29b7988a 1607 } else {
fcd89c09 1608 BT_ERR("No memory for new connection");
29b7988a 1609 }
fcd89c09
VT		 1610 }
1611 }
1612
1613 hci_dev_unlock(hdev);
1614}
1615
a7a595f6
VCG		 1616static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1617{
1618 BT_DBG("%s status 0x%x", hdev->name, status);
1619}
1620
1da177e4
LT		 1621static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1622{
1623 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1624 struct discovery_state *discov = &hdev->discovery;
1625 struct inquiry_entry *e;
1da177e4
LT		 1626
1627 BT_DBG("%s status %d", hdev->name, status);
1628
23bb5763 1629 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1630
a9de9248 1631 hci_conn_check_pending(hdev);
89352e7d
AG		 1632
1633 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1634 return;
1635
a8b2d5c2 1636 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1637 return;
1638
56e5cb86 1639 hci_dev_lock(hdev);
30dc78e1
JH		 1640
1641 if (discov->state != DISCOVERY_INQUIRY)
1642 goto unlock;
1643
1644 if (list_empty(&discov->resolve)) {
1645 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1646 goto unlock;
1647 }
1648
1649 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1650 if (e && hci_resolve_name(hdev, e) == 0) {
1651 e->name_state = NAME_PENDING;
1652 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1653 } else {
1654 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1655 }
1656
1657unlock:
56e5cb86 1658 hci_dev_unlock(hdev);
1da177e4
LT		 1659}
1660
1da177e4
LT		 1661static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1662{
45bb4bf0 1663 struct inquiry_data data;
a9de9248 1664 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1665 int num_rsp = *((__u8 *) skb->data);
1666
1667 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1668
45bb4bf0
MH		 1669 if (!num_rsp)
1670 return;
1671
1da177e4 1672 hci_dev_lock(hdev);
45bb4bf0 1673
e17acd40 1674 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1675 bool name_known;
1676
1da177e4
LT		 1677 bacpy(&data.bdaddr, &info->bdaddr);
1678 data.pscan_rep_mode = info->pscan_rep_mode;
1679 data.pscan_period_mode = info->pscan_period_mode;
1680 data.pscan_mode = info->pscan_mode;
1681 memcpy(data.dev_class, info->dev_class, 3);
1682 data.clock_offset = info->clock_offset;
1683 data.rssi = 0x00;
41a96212 1684 data.ssp_mode = 0x00;
3175405b
JH		 1685
1686 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1687 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1688 info->dev_class, 0, !name_known,
1689 NULL, 0);
1da177e4 1690 }
45bb4bf0 1691
1da177e4
LT		 1692 hci_dev_unlock(hdev);
1693}
1694
1da177e4
LT		 1695static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1696{
a9de9248
MH		 1697 struct hci_ev_conn_complete *ev = (void *) skb->data;
1698 struct hci_conn *conn;
1da177e4
LT		 1699
1700 BT_DBG("%s", hdev->name);
1701
1702 hci_dev_lock(hdev);
1703
1704 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1705 if (!conn) {
1706 if (ev->link_type != SCO_LINK)
1707 goto unlock;
1708
1709 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1710 if (!conn)
1711 goto unlock;
1712
1713 conn->type = SCO_LINK;
1714 }
1da177e4
LT		 1715
1716 if (!ev->status) {
1717 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1718
1719 if (conn->type == ACL_LINK) {
1720 conn->state = BT_CONFIG;
1721 hci_conn_hold(conn);
052b30b0 1722 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1723 } else
1724 conn->state = BT_CONNECTED;
1da177e4 1725
9eba32b8 1726 hci_conn_hold_device(conn);
7d0db0a3
MH		 1727 hci_conn_add_sysfs(conn);
1728
1da177e4
LT		 1729 if (test_bit(HCI_AUTH, &hdev->flags))
1730 conn->link_mode |= HCI_LM_AUTH;
1731
1732 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1733 conn->link_mode |= HCI_LM_ENCRYPT;
1734
04837f64
MH		 1735 /* Get remote features */
1736 if (conn->type == ACL_LINK) {
1737 struct hci_cp_read_remote_features cp;
1738 cp.handle = ev->handle;
769be974
MH		 1739 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1740 sizeof(cp), &cp);
04837f64
MH		 1741 }
1742
1da177e4 1743 /* Set packet type for incoming connection */
d095c1eb 1744 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1745 struct hci_cp_change_conn_ptype cp;
1746 cp.handle = ev->handle;
a8746417
MH		 1747 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1748 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1749 sizeof(cp), &cp);
1da177e4 1750 }
17d5c04c 1751 } else {
1da177e4 1752 conn->state = BT_CLOSED;
17d5c04c 1753 if (conn->type == ACL_LINK)
744cf19e 1754 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1755 conn->dst_type, ev->status);
17d5c04c 1756 }
1da177e4 1757
e73439d8
MH		 1758 if (conn->type == ACL_LINK)
1759 hci_sco_setup(conn, ev->status);
1da177e4 1760
769be974
MH		 1761 if (ev->status) {
1762 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1763 hci_conn_del(conn);
c89b6e6b
MH		 1764 } else if (ev->link_type != ACL_LINK)
1765 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1766
a9de9248 1767unlock:
1da177e4 1768 hci_dev_unlock(hdev);
1da177e4 1769
a9de9248 1770 hci_conn_check_pending(hdev);
1da177e4
LT		 1771}
1772
a9de9248 1773static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1774{
a9de9248
MH		 1775 struct hci_ev_conn_request *ev = (void *) skb->data;
1776 int mask = hdev->link_mode;
1da177e4 1777
a9de9248
MH		 1778 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1779 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1780
a9de9248 1781 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1782
138d22ef
SJ		 1783 if ((mask & HCI_LM_ACCEPT) &&
1784 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1785 /* Connection accepted */
c7bdd502 1786 struct inquiry_entry *ie;
1da177e4 1787 struct hci_conn *conn;
1da177e4 1788
a9de9248 1789 hci_dev_lock(hdev);
b6a0dc82 1790
cc11b9c1
AE		 1791 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1792 if (ie)
c7bdd502
MH		 1793 memcpy(ie->data.dev_class, ev->dev_class, 3);
1794
a9de9248
MH		 1795 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1796 if (!conn) {
cc11b9c1
AE		 1797 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1798 if (!conn) {
893ef971 1799 BT_ERR("No memory for new connection");
a9de9248
MH		 1800 hci_dev_unlock(hdev);
1801 return;
1da177e4
LT		 1802 }
1803 }
b6a0dc82 1804
a9de9248
MH		 1805 memcpy(conn->dev_class, ev->dev_class, 3);
1806 conn->state = BT_CONNECT;
b6a0dc82 1807
a9de9248 1808 hci_dev_unlock(hdev);
1da177e4 1809
b6a0dc82
MH		 1810 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1811 struct hci_cp_accept_conn_req cp;
1da177e4 1812
b6a0dc82
MH		 1813 bacpy(&cp.bdaddr, &ev->bdaddr);
1814
1815 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1816 cp.role = 0x00; /* Become master */
1817 else
1818 cp.role = 0x01; /* Remain slave */
1819
1820 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1821 sizeof(cp), &cp);
1822 } else {
1823 struct hci_cp_accept_sync_conn_req cp;
1824
1825 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1826 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1827
1828 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1829 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1830 cp.max_latency = cpu_to_le16(0xffff);
1831 cp.content_format = cpu_to_le16(hdev->voice_setting);
1832 cp.retrans_effort = 0xff;
1da177e4 1833
b6a0dc82
MH		 1834 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1835 sizeof(cp), &cp);
1836 }
a9de9248
MH		 1837 } else {
1838 /* Connection rejected */
1839 struct hci_cp_reject_conn_req cp;
1da177e4 1840
a9de9248 1841 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1842 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1843 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1844 }
1da177e4
LT		 1845}
1846
a9de9248 1847static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1848{
a9de9248 1849 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1850 struct hci_conn *conn;
1851
1852 BT_DBG("%s status %d", hdev->name, ev->status);
1853
1854 hci_dev_lock(hdev);
1855
1856 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1857 if (!conn)
1858 goto unlock;
7d0db0a3 1859
37d9ef76
JH		 1860 if (ev->status == 0)
1861 conn->state = BT_CLOSED;
04837f64 1862
b644ba33
JH		 1863 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1864 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76 1865 if (ev->status != 0)
88c3df13
JH		 1866 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1867 conn->dst_type, ev->status);
37d9ef76 1868 else
afc747a6 1869 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1870 conn->dst_type);
37d9ef76 1871 }
f7520543 1872
37d9ef76
JH		 1873 if (ev->status == 0) {
1874 hci_proto_disconn_cfm(conn, ev->reason);
1875 hci_conn_del(conn);
1876 }
f7520543
JH		 1877
1878unlock:
04837f64
MH		 1879 hci_dev_unlock(hdev);
1880}
1881
1da177e4
LT		 1882static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1883{
a9de9248 1884 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1885 struct hci_conn *conn;
1da177e4
LT		 1886
1887 BT_DBG("%s status %d", hdev->name, ev->status);
1888
1889 hci_dev_lock(hdev);
1890
04837f64 1891 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1892 if (!conn)
1893 goto unlock;
1894
1895 if (!ev->status) {
aa64a8b5
JH		 1896 if (!hci_conn_ssp_enabled(conn) &&
1897 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1898 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1899 } else {
d7556e20
WR		 1900 conn->link_mode |= HCI_LM_AUTH;
1901 conn->sec_level = conn->pending_sec_level;
2a611692 1902 }
d7556e20 1903 } else {
744cf19e 1904 mgmt_auth_failed(hdev, &conn->dst, ev->status);
d7556e20 1905 }
1da177e4 1906
51a8efd7
JH		 1907 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1908 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1909
d7556e20 1910 if (conn->state == BT_CONFIG) {
aa64a8b5 1911 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1912 struct hci_cp_set_conn_encrypt cp;
1913 cp.handle = ev->handle;
1914 cp.encrypt = 0x01;
1915 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1916 &cp);
052b30b0 1917 } else {
d7556e20
WR		 1918 conn->state = BT_CONNECTED;
1919 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1920 hci_conn_put(conn);
1921 }
d7556e20
WR		 1922 } else {
1923 hci_auth_cfm(conn, ev->status);
052b30b0 1924
d7556e20
WR		 1925 hci_conn_hold(conn);
1926 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1927 hci_conn_put(conn);
1928 }
1929
51a8efd7 1930 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1931 if (!ev->status) {
1932 struct hci_cp_set_conn_encrypt cp;
1933 cp.handle = ev->handle;
1934 cp.encrypt = 0x01;
1935 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1936 &cp);
1937 } else {
51a8efd7 1938 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1939 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1940 }
1941 }
1942
d7556e20 1943unlock:
1da177e4
LT		 1944 hci_dev_unlock(hdev);
1945}
1946
a9de9248 1947static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1948{
127178d2
JH		 1949 struct hci_ev_remote_name *ev = (void *) skb->data;
1950 struct hci_conn *conn;
1951
a9de9248 1952 BT_DBG("%s", hdev->name);
1da177e4 1953
a9de9248 1954 hci_conn_check_pending(hdev);
127178d2
JH		 1955
1956 hci_dev_lock(hdev);
1957
b644ba33 1958 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1959
b644ba33
JH		 1960 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1961 goto check_auth;
a88a9652 1962
b644ba33
JH		 1963 if (ev->status == 0)
1964 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1965 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1966 else
1967 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1968
1969check_auth:
79c6c70c
JH		 1970 if (!conn)
1971 goto unlock;
1972
1973 if (!hci_outgoing_auth_needed(hdev, conn))
1974 goto unlock;
1975
51a8efd7 1976 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1977 struct hci_cp_auth_requested cp;
1978 cp.handle = __cpu_to_le16(conn->handle);
1979 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1980 }
1981
79c6c70c 1982unlock:
127178d2 1983 hci_dev_unlock(hdev);
a9de9248
MH		 1984}
1985
1986static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1987{
1988 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1989 struct hci_conn *conn;
1990
1991 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1992
1993 hci_dev_lock(hdev);
1994
04837f64 1995 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1996 if (conn) {
1997 if (!ev->status) {
ae293196
MH		 1998 if (ev->encrypt) {
1999 /* Encryption implies authentication */
2000 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2001 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2002 conn->sec_level = conn->pending_sec_level;
ae293196 2003 } else
1da177e4
LT		 2004 conn->link_mode &= ~HCI_LM_ENCRYPT;
2005 }
2006
51a8efd7 2007 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2008
f8558555
MH		 2009 if (conn->state == BT_CONFIG) {
2010 if (!ev->status)
2011 conn->state = BT_CONNECTED;
2012
2013 hci_proto_connect_cfm(conn, ev->status);
2014 hci_conn_put(conn);
2015 } else
2016 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2017 }
2018
2019 hci_dev_unlock(hdev);
2020}
2021
a9de9248 2022static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2023{
a9de9248 2024 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2025 struct hci_conn *conn;
1da177e4
LT		 2026
2027 BT_DBG("%s status %d", hdev->name, ev->status);
2028
2029 hci_dev_lock(hdev);
2030
04837f64 2031 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2032 if (conn) {
2033 if (!ev->status)
2034 conn->link_mode |= HCI_LM_SECURE;
2035
51a8efd7 2036 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2037
2038 hci_key_change_cfm(conn, ev->status);
2039 }
2040
2041 hci_dev_unlock(hdev);
2042}
2043
a9de9248 2044static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2045{
a9de9248
MH		 2046 struct hci_ev_remote_features *ev = (void *) skb->data;
2047 struct hci_conn *conn;
2048
2049 BT_DBG("%s status %d", hdev->name, ev->status);
2050
a9de9248
MH		 2051 hci_dev_lock(hdev);
2052
2053 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2054 if (!conn)
2055 goto unlock;
769be974 2056
ccd556fe
JH		 2057 if (!ev->status)
2058 memcpy(conn->features, ev->features, 8);
2059
2060 if (conn->state != BT_CONFIG)
2061 goto unlock;
2062
2063 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2064 struct hci_cp_read_remote_ext_features cp;
2065 cp.handle = ev->handle;
2066 cp.page = 0x01;
2067 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2068 sizeof(cp), &cp);
392599b9
JH		 2069 goto unlock;
2070 }
2071
127178d2
JH		 2072 if (!ev->status) {
2073 struct hci_cp_remote_name_req cp;
2074 memset(&cp, 0, sizeof(cp));
2075 bacpy(&cp.bdaddr, &conn->dst);
2076 cp.pscan_rep_mode = 0x02;
2077 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2078 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2079 mgmt_device_connected(hdev, &conn->dst, conn->type,
2080 conn->dst_type, NULL, 0,
2081 conn->dev_class);
392599b9 2082
127178d2 2083 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2084 conn->state = BT_CONNECTED;
2085 hci_proto_connect_cfm(conn, ev->status);
2086 hci_conn_put(conn);
769be974 2087 }
a9de9248 2088
ccd556fe 2089unlock:
a9de9248 2090 hci_dev_unlock(hdev);
1da177e4
LT		 2091}
2092
a9de9248 2093static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2094{
a9de9248 2095 BT_DBG("%s", hdev->name);
1da177e4
LT		 2096}
2097
a9de9248 2098static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2099{
a9de9248 2100 BT_DBG("%s", hdev->name);
1da177e4
LT		 2101}
2102
a9de9248
MH		 2103static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2104{
2105 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2106 __u16 opcode;
2107
2108 skb_pull(skb, sizeof(*ev));
2109
2110 opcode = __le16_to_cpu(ev->opcode);
2111
2112 switch (opcode) {
2113 case HCI_OP_INQUIRY_CANCEL:
2114 hci_cc_inquiry_cancel(hdev, skb);
2115 break;
2116
2117 case HCI_OP_EXIT_PERIODIC_INQ:
2118 hci_cc_exit_periodic_inq(hdev, skb);
2119 break;
2120
2121 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2122 hci_cc_remote_name_req_cancel(hdev, skb);
2123 break;
2124
2125 case HCI_OP_ROLE_DISCOVERY:
2126 hci_cc_role_discovery(hdev, skb);
2127 break;
2128
e4e8e37c
MH		 2129 case HCI_OP_READ_LINK_POLICY:
2130 hci_cc_read_link_policy(hdev, skb);
2131 break;
2132
a9de9248
MH		 2133 case HCI_OP_WRITE_LINK_POLICY:
2134 hci_cc_write_link_policy(hdev, skb);
2135 break;
2136
e4e8e37c
MH		 2137 case HCI_OP_READ_DEF_LINK_POLICY:
2138 hci_cc_read_def_link_policy(hdev, skb);
2139 break;
2140
2141 case HCI_OP_WRITE_DEF_LINK_POLICY:
2142 hci_cc_write_def_link_policy(hdev, skb);
2143 break;
2144
a9de9248
MH		 2145 case HCI_OP_RESET:
2146 hci_cc_reset(hdev, skb);
2147 break;
2148
2149 case HCI_OP_WRITE_LOCAL_NAME:
2150 hci_cc_write_local_name(hdev, skb);
2151 break;
2152
2153 case HCI_OP_READ_LOCAL_NAME:
2154 hci_cc_read_local_name(hdev, skb);
2155 break;
2156
2157 case HCI_OP_WRITE_AUTH_ENABLE:
2158 hci_cc_write_auth_enable(hdev, skb);
2159 break;
2160
2161 case HCI_OP_WRITE_ENCRYPT_MODE:
2162 hci_cc_write_encrypt_mode(hdev, skb);
2163 break;
2164
2165 case HCI_OP_WRITE_SCAN_ENABLE:
2166 hci_cc_write_scan_enable(hdev, skb);
2167 break;
2168
2169 case HCI_OP_READ_CLASS_OF_DEV:
2170 hci_cc_read_class_of_dev(hdev, skb);
2171 break;
2172
2173 case HCI_OP_WRITE_CLASS_OF_DEV:
2174 hci_cc_write_class_of_dev(hdev, skb);
2175 break;
2176
2177 case HCI_OP_READ_VOICE_SETTING:
2178 hci_cc_read_voice_setting(hdev, skb);
2179 break;
2180
2181 case HCI_OP_WRITE_VOICE_SETTING:
2182 hci_cc_write_voice_setting(hdev, skb);
2183 break;
2184
2185 case HCI_OP_HOST_BUFFER_SIZE:
2186 hci_cc_host_buffer_size(hdev, skb);
2187 break;
2188
333140b5
MH		 2189 case HCI_OP_READ_SSP_MODE:
2190 hci_cc_read_ssp_mode(hdev, skb);
2191 break;
2192
2193 case HCI_OP_WRITE_SSP_MODE:
2194 hci_cc_write_ssp_mode(hdev, skb);
2195 break;
2196
a9de9248
MH		 2197 case HCI_OP_READ_LOCAL_VERSION:
2198 hci_cc_read_local_version(hdev, skb);
2199 break;
2200
2201 case HCI_OP_READ_LOCAL_COMMANDS:
2202 hci_cc_read_local_commands(hdev, skb);
2203 break;
2204
2205 case HCI_OP_READ_LOCAL_FEATURES:
2206 hci_cc_read_local_features(hdev, skb);
2207 break;
2208
971e3a4b
AG		 2209 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2210 hci_cc_read_local_ext_features(hdev, skb);
2211 break;
2212
a9de9248
MH		 2213 case HCI_OP_READ_BUFFER_SIZE:
2214 hci_cc_read_buffer_size(hdev, skb);
2215 break;
2216
2217 case HCI_OP_READ_BD_ADDR:
2218 hci_cc_read_bd_addr(hdev, skb);
2219 break;
2220
350ee4cf
AE		 2221 case HCI_OP_READ_DATA_BLOCK_SIZE:
2222 hci_cc_read_data_block_size(hdev, skb);
2223 break;
2224
23bb5763
JH		 2225 case HCI_OP_WRITE_CA_TIMEOUT:
2226 hci_cc_write_ca_timeout(hdev, skb);
2227 break;
2228
1e89cffb
AE		 2229 case HCI_OP_READ_FLOW_CONTROL_MODE:
2230 hci_cc_read_flow_control_mode(hdev, skb);
2231 break;
2232
928abaa7
AE		 2233 case HCI_OP_READ_LOCAL_AMP_INFO:
2234 hci_cc_read_local_amp_info(hdev, skb);
2235 break;
2236
b0916ea0
JH		 2237 case HCI_OP_DELETE_STORED_LINK_KEY:
2238 hci_cc_delete_stored_link_key(hdev, skb);
2239 break;
2240
d5859e22
JH		 2241 case HCI_OP_SET_EVENT_MASK:
2242 hci_cc_set_event_mask(hdev, skb);
2243 break;
2244
2245 case HCI_OP_WRITE_INQUIRY_MODE:
2246 hci_cc_write_inquiry_mode(hdev, skb);
2247 break;
2248
2249 case HCI_OP_READ_INQ_RSP_TX_POWER:
2250 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2251 break;
2252
2253 case HCI_OP_SET_EVENT_FLT:
2254 hci_cc_set_event_flt(hdev, skb);
2255 break;
2256
980e1a53
JH		 2257 case HCI_OP_PIN_CODE_REPLY:
2258 hci_cc_pin_code_reply(hdev, skb);
2259 break;
2260
2261 case HCI_OP_PIN_CODE_NEG_REPLY:
2262 hci_cc_pin_code_neg_reply(hdev, skb);
2263 break;
2264
c35938b2
SJ		 2265 case HCI_OP_READ_LOCAL_OOB_DATA:
2266 hci_cc_read_local_oob_data_reply(hdev, skb);
2267 break;
2268
6ed58ec5
VT		 2269 case HCI_OP_LE_READ_BUFFER_SIZE:
2270 hci_cc_le_read_buffer_size(hdev, skb);
2271 break;
2272
a5c29683
JH		 2273 case HCI_OP_USER_CONFIRM_REPLY:
2274 hci_cc_user_confirm_reply(hdev, skb);
2275 break;
2276
2277 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2278 hci_cc_user_confirm_neg_reply(hdev, skb);
2279 break;
2280
1143d458
BG		 2281 case HCI_OP_USER_PASSKEY_REPLY:
2282 hci_cc_user_passkey_reply(hdev, skb);
2283 break;
2284
2285 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2286 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2287
2288 case HCI_OP_LE_SET_SCAN_PARAM:
2289 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2290 break;
2291
eb9d91f5
AG		 2292 case HCI_OP_LE_SET_SCAN_ENABLE:
2293 hci_cc_le_set_scan_enable(hdev, skb);
2294 break;
2295
a7a595f6
VCG		 2296 case HCI_OP_LE_LTK_REPLY:
2297 hci_cc_le_ltk_reply(hdev, skb);
2298 break;
2299
2300 case HCI_OP_LE_LTK_NEG_REPLY:
2301 hci_cc_le_ltk_neg_reply(hdev, skb);
2302 break;
2303
f9b49306
AG		 2304 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2305 hci_cc_write_le_host_supported(hdev, skb);
2306 break;
2307
a9de9248
MH		 2308 default:
2309 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2310 break;
2311 }
2312
6bd32326
VT		 2313 if (ev->opcode != HCI_OP_NOP)
2314 del_timer(&hdev->cmd_timer);
2315
a9de9248
MH		 2316 if (ev->ncmd) {
2317 atomic_set(&hdev->cmd_cnt, 1);
2318 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2319 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2320 }
2321}
2322
2323static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2324{
2325 struct hci_ev_cmd_status *ev = (void *) skb->data;
2326 __u16 opcode;
2327
2328 skb_pull(skb, sizeof(*ev));
2329
2330 opcode = __le16_to_cpu(ev->opcode);
2331
2332 switch (opcode) {
2333 case HCI_OP_INQUIRY:
2334 hci_cs_inquiry(hdev, ev->status);
2335 break;
2336
2337 case HCI_OP_CREATE_CONN:
2338 hci_cs_create_conn(hdev, ev->status);
2339 break;
2340
2341 case HCI_OP_ADD_SCO:
2342 hci_cs_add_sco(hdev, ev->status);
2343 break;
2344
f8558555
MH		 2345 case HCI_OP_AUTH_REQUESTED:
2346 hci_cs_auth_requested(hdev, ev->status);
2347 break;
2348
2349 case HCI_OP_SET_CONN_ENCRYPT:
2350 hci_cs_set_conn_encrypt(hdev, ev->status);
2351 break;
2352
a9de9248
MH		 2353 case HCI_OP_REMOTE_NAME_REQ:
2354 hci_cs_remote_name_req(hdev, ev->status);
2355 break;
2356
769be974
MH		 2357 case HCI_OP_READ_REMOTE_FEATURES:
2358 hci_cs_read_remote_features(hdev, ev->status);
2359 break;
2360
2361 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2362 hci_cs_read_remote_ext_features(hdev, ev->status);
2363 break;
2364
a9de9248
MH		 2365 case HCI_OP_SETUP_SYNC_CONN:
2366 hci_cs_setup_sync_conn(hdev, ev->status);
2367 break;
2368
2369 case HCI_OP_SNIFF_MODE:
2370 hci_cs_sniff_mode(hdev, ev->status);
2371 break;
2372
2373 case HCI_OP_EXIT_SNIFF_MODE:
2374 hci_cs_exit_sniff_mode(hdev, ev->status);
2375 break;
2376
8962ee74 2377 case HCI_OP_DISCONNECT:
88c3df13 2378 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2379 break;
2380
fcd89c09
VT		 2381 case HCI_OP_LE_CREATE_CONN:
2382 hci_cs_le_create_conn(hdev, ev->status);
2383 break;
2384
a7a595f6
VCG		 2385 case HCI_OP_LE_START_ENC:
2386 hci_cs_le_start_enc(hdev, ev->status);
2387 break;
2388
a9de9248
MH		 2389 default:
2390 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2391 break;
2392 }
2393
6bd32326
VT		 2394 if (ev->opcode != HCI_OP_NOP)
2395 del_timer(&hdev->cmd_timer);
2396
10572132 2397 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2398 atomic_set(&hdev->cmd_cnt, 1);
2399 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2400 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2401 }
2402}
2403
2404static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2405{
2406 struct hci_ev_role_change *ev = (void *) skb->data;
2407 struct hci_conn *conn;
2408
2409 BT_DBG("%s status %d", hdev->name, ev->status);
2410
2411 hci_dev_lock(hdev);
2412
2413 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2414 if (conn) {
2415 if (!ev->status) {
2416 if (ev->role)
2417 conn->link_mode &= ~HCI_LM_MASTER;
2418 else
2419 conn->link_mode |= HCI_LM_MASTER;
2420 }
2421
51a8efd7 2422 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2423
2424 hci_role_switch_cfm(conn, ev->status, ev->role);
2425 }
2426
2427 hci_dev_unlock(hdev);
2428}
2429
2430static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2431{
2432 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2433 int i;
2434
32ac5b9b
AE		 2435 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2436 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2437 return;
2438 }
2439
c5993de8
AE		 2440 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2441 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2442 BT_DBG("%s bad parameters", hdev->name);
2443 return;
2444 }
2445
c5993de8
AE		 2446 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2447
613a1c0c
AE		 2448 for (i = 0; i < ev->num_hndl; i++) {
2449 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2450 struct hci_conn *conn;
2451 __u16 handle, count;
2452
613a1c0c
AE		 2453 handle = __le16_to_cpu(info->handle);
2454 count = __le16_to_cpu(info->count);
a9de9248
MH		 2455
2456 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2457 if (!conn)
2458 continue;
2459
2460 conn->sent -= count;
2461
2462 switch (conn->type) {
2463 case ACL_LINK:
2464 hdev->acl_cnt += count;
2465 if (hdev->acl_cnt > hdev->acl_pkts)
2466 hdev->acl_cnt = hdev->acl_pkts;
2467 break;
2468
2469 case LE_LINK:
2470 if (hdev->le_pkts) {
2471 hdev->le_cnt += count;
2472 if (hdev->le_cnt > hdev->le_pkts)
2473 hdev->le_cnt = hdev->le_pkts;
2474 } else {
70f23020
AE		 2475 hdev->acl_cnt += count;
2476 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2477 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2478 }
f4280918
AE		 2479 break;
2480
2481 case SCO_LINK:
2482 hdev->sco_cnt += count;
2483 if (hdev->sco_cnt > hdev->sco_pkts)
2484 hdev->sco_cnt = hdev->sco_pkts;
2485 break;
2486
2487 default:
2488 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2489 break;
a9de9248
MH		 2490 }
2491 }
2492
3eff45ea 2493 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2494}
2495
25e89e99
AE		 2496static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2497 struct sk_buff *skb)
2498{
2499 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2500 int i;
2501
2502 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2503 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2504 return;
2505 }
2506
2507 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2508 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2509 BT_DBG("%s bad parameters", hdev->name);
2510 return;
2511 }
2512
2513 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2514 ev->num_hndl);
2515
2516 for (i = 0; i < ev->num_hndl; i++) {
2517 struct hci_comp_blocks_info *info = &ev->handles[i];
2518 struct hci_conn *conn;
2519 __u16 handle, block_count;
2520
2521 handle = __le16_to_cpu(info->handle);
2522 block_count = __le16_to_cpu(info->blocks);
2523
2524 conn = hci_conn_hash_lookup_handle(hdev, handle);
2525 if (!conn)
2526 continue;
2527
2528 conn->sent -= block_count;
2529
2530 switch (conn->type) {
2531 case ACL_LINK:
2532 hdev->block_cnt += block_count;
2533 if (hdev->block_cnt > hdev->num_blocks)
2534 hdev->block_cnt = hdev->num_blocks;
2535 break;
2536
2537 default:
2538 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2539 break;
2540 }
2541 }
2542
2543 queue_work(hdev->workqueue, &hdev->tx_work);
2544}
2545
a9de9248 2546static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2547{
a9de9248 2548 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2549 struct hci_conn *conn;
2550
2551 BT_DBG("%s status %d", hdev->name, ev->status);
2552
2553 hci_dev_lock(hdev);
2554
2555 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2556 if (conn) {
2557 conn->mode = ev->mode;
2558 conn->interval = __le16_to_cpu(ev->interval);
2559
51a8efd7 2560 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2561 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2562 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2563 else
58a681ef 2564 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2565 }
e73439d8 2566
51a8efd7 2567 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2568 hci_sco_setup(conn, ev->status);
04837f64
MH		 2569 }
2570
2571 hci_dev_unlock(hdev);
2572}
2573
a9de9248
MH		 2574static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2575{
052b30b0
MH		 2576 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2577 struct hci_conn *conn;
2578
a9de9248 2579 BT_DBG("%s", hdev->name);
052b30b0
MH		 2580
2581 hci_dev_lock(hdev);
2582
2583 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2584 if (!conn)
2585 goto unlock;
2586
2587 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2588 hci_conn_hold(conn);
2589 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2590 hci_conn_put(conn);
2591 }
2592
a8b2d5c2 2593 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2594 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2595 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2596 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2597 u8 secure;
2598
2599 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2600 secure = 1;
2601 else
2602 secure = 0;
2603
744cf19e 2604 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2605 }
980e1a53 2606
b6f98044 2607unlock:
052b30b0 2608 hci_dev_unlock(hdev);
a9de9248
MH		 2609}
2610
2611static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2612{
55ed8ca1
JH		 2613 struct hci_ev_link_key_req *ev = (void *) skb->data;
2614 struct hci_cp_link_key_reply cp;
2615 struct hci_conn *conn;
2616 struct link_key *key;
2617
a9de9248 2618 BT_DBG("%s", hdev->name);
55ed8ca1 2619
a8b2d5c2 2620 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2621 return;
2622
2623 hci_dev_lock(hdev);
2624
2625 key = hci_find_link_key(hdev, &ev->bdaddr);
2626 if (!key) {
2627 BT_DBG("%s link key not found for %s", hdev->name,
2628 batostr(&ev->bdaddr));
2629 goto not_found;
2630 }
2631
2632 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2633 batostr(&ev->bdaddr));
2634
a8b2d5c2 2635 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2636 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2637 BT_DBG("%s ignoring debug key", hdev->name);
2638 goto not_found;
2639 }
2640
2641 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2642 if (conn) {
2643 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2644 conn->auth_type != 0xff &&
2645 (conn->auth_type & 0x01)) {
2646 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2647 goto not_found;
2648 }
55ed8ca1 2649
60b83f57
WR		 2650 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2651 conn->pending_sec_level == BT_SECURITY_HIGH) {
2652 BT_DBG("%s ignoring key unauthenticated for high \
2653 security", hdev->name);
2654 goto not_found;
2655 }
2656
2657 conn->key_type = key->type;
2658 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2659 }
2660
2661 bacpy(&cp.bdaddr, &ev->bdaddr);
2662 memcpy(cp.link_key, key->val, 16);
2663
2664 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2665
2666 hci_dev_unlock(hdev);
2667
2668 return;
2669
2670not_found:
2671 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2672 hci_dev_unlock(hdev);
a9de9248
MH		 2673}
2674
2675static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2676{
052b30b0
MH		 2677 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2678 struct hci_conn *conn;
55ed8ca1 2679 u8 pin_len = 0;
052b30b0 2680
a9de9248 2681 BT_DBG("%s", hdev->name);
052b30b0
MH		 2682
2683 hci_dev_lock(hdev);
2684
2685 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2686 if (conn) {
2687 hci_conn_hold(conn);
2688 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2689 pin_len = conn->pin_length;
13d39315
WR		 2690
2691 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2692 conn->key_type = ev->key_type;
2693
052b30b0
MH		 2694 hci_conn_put(conn);
2695 }
2696
a8b2d5c2 2697 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2698 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2699 ev->key_type, pin_len);
2700
052b30b0 2701 hci_dev_unlock(hdev);
a9de9248
MH		 2702}
2703
1da177e4
LT		 2704static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2705{
a9de9248 2706 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2707 struct hci_conn *conn;
1da177e4
LT		 2708
2709 BT_DBG("%s status %d", hdev->name, ev->status);
2710
2711 hci_dev_lock(hdev);
2712
04837f64 2713 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2714 if (conn && !ev->status) {
2715 struct inquiry_entry *ie;
2716
cc11b9c1
AE		 2717 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2718 if (ie) {
1da177e4
LT		 2719 ie->data.clock_offset = ev->clock_offset;
2720 ie->timestamp = jiffies;
2721 }
2722 }
2723
2724 hci_dev_unlock(hdev);
2725}
2726
a8746417
MH		 2727static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2728{
2729 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2730 struct hci_conn *conn;
2731
2732 BT_DBG("%s status %d", hdev->name, ev->status);
2733
2734 hci_dev_lock(hdev);
2735
2736 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2737 if (conn && !ev->status)
2738 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2739
2740 hci_dev_unlock(hdev);
2741}
2742
85a1e930
MH		 2743static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2744{
a9de9248 2745 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2746 struct inquiry_entry *ie;
2747
2748 BT_DBG("%s", hdev->name);
2749
2750 hci_dev_lock(hdev);
2751
cc11b9c1
AE		 2752 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2753 if (ie) {
85a1e930
MH		 2754 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2755 ie->timestamp = jiffies;
2756 }
2757
2758 hci_dev_unlock(hdev);
2759}
2760
a9de9248
MH		 2761static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2762{
2763 struct inquiry_data data;
2764 int num_rsp = *((__u8 *) skb->data);
3175405b 2765 bool name_known;
a9de9248
MH		 2766
2767 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2768
2769 if (!num_rsp)
2770 return;
2771
2772 hci_dev_lock(hdev);
2773
2774 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2775 struct inquiry_info_with_rssi_and_pscan_mode *info;
2776 info = (void *) (skb->data + 1);
a9de9248 2777
e17acd40 2778 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2779 bacpy(&data.bdaddr, &info->bdaddr);
2780 data.pscan_rep_mode = info->pscan_rep_mode;
2781 data.pscan_period_mode = info->pscan_period_mode;
2782 data.pscan_mode = info->pscan_mode;
2783 memcpy(data.dev_class, info->dev_class, 3);
2784 data.clock_offset = info->clock_offset;
2785 data.rssi = info->rssi;
41a96212 2786 data.ssp_mode = 0x00;
3175405b
JH		 2787
2788 name_known = hci_inquiry_cache_update(hdev, &data,
2789 false);
48264f06 2790 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2791 info->dev_class, info->rssi,
7d262f86 2792 !name_known, NULL, 0);
a9de9248
MH		 2793 }
2794 } else {
2795 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2796
e17acd40 2797 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2798 bacpy(&data.bdaddr, &info->bdaddr);
2799 data.pscan_rep_mode = info->pscan_rep_mode;
2800 data.pscan_period_mode = info->pscan_period_mode;
2801 data.pscan_mode = 0x00;
2802 memcpy(data.dev_class, info->dev_class, 3);
2803 data.clock_offset = info->clock_offset;
2804 data.rssi = info->rssi;
41a96212 2805 data.ssp_mode = 0x00;
3175405b
JH		 2806 name_known = hci_inquiry_cache_update(hdev, &data,
2807 false);
48264f06 2808 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2809 info->dev_class, info->rssi,
7d262f86 2810 !name_known, NULL, 0);
a9de9248
MH		 2811 }
2812 }
2813
2814 hci_dev_unlock(hdev);
2815}
2816
2817static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2818{
41a96212
MH		 2819 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2820 struct hci_conn *conn;
2821
a9de9248 2822 BT_DBG("%s", hdev->name);
41a96212 2823
41a96212
MH		 2824 hci_dev_lock(hdev);
2825
2826 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2827 if (!conn)
2828 goto unlock;
41a96212 2829
ccd556fe
JH		 2830 if (!ev->status && ev->page == 0x01) {
2831 struct inquiry_entry *ie;
41a96212 2832
cc11b9c1
AE		 2833 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2834 if (ie)
ccd556fe 2835 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2836
58a681ef
JH		 2837 if (ev->features[0] & 0x01)
2838 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2839 }
2840
2841 if (conn->state != BT_CONFIG)
2842 goto unlock;
2843
127178d2
JH		 2844 if (!ev->status) {
2845 struct hci_cp_remote_name_req cp;
2846 memset(&cp, 0, sizeof(cp));
2847 bacpy(&cp.bdaddr, &conn->dst);
2848 cp.pscan_rep_mode = 0x02;
2849 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2850 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2851 mgmt_device_connected(hdev, &conn->dst, conn->type,
2852 conn->dst_type, NULL, 0,
2853 conn->dev_class);
392599b9 2854
127178d2 2855 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2856 conn->state = BT_CONNECTED;
2857 hci_proto_connect_cfm(conn, ev->status);
2858 hci_conn_put(conn);
41a96212
MH		 2859 }
2860
ccd556fe 2861unlock:
41a96212 2862 hci_dev_unlock(hdev);
a9de9248
MH		 2863}
2864
2865static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2866{
b6a0dc82
MH		 2867 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2868 struct hci_conn *conn;
2869
2870 BT_DBG("%s status %d", hdev->name, ev->status);
2871
2872 hci_dev_lock(hdev);
2873
2874 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2875 if (!conn) {
2876 if (ev->link_type == ESCO_LINK)
2877 goto unlock;
2878
2879 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2880 if (!conn)
2881 goto unlock;
2882
2883 conn->type = SCO_LINK;
2884 }
b6a0dc82 2885
732547f9
MH		 2886 switch (ev->status) {
2887 case 0x00:
b6a0dc82
MH		 2888 conn->handle = __le16_to_cpu(ev->handle);
2889 conn->state = BT_CONNECTED;
7d0db0a3 2890
9eba32b8 2891 hci_conn_hold_device(conn);
7d0db0a3 2892 hci_conn_add_sysfs(conn);
732547f9
MH		 2893 break;
2894
705e5711 2895 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2896 case 0x1c: /* SCO interval rejected */
1038a00b 2897 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2898 case 0x1f: /* Unspecified error */
2899 if (conn->out && conn->attempt < 2) {
2900 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2901 (hdev->esco_type & EDR_ESCO_MASK);
2902 hci_setup_sync(conn, conn->link->handle);
2903 goto unlock;
2904 }
2905 /* fall through */
2906
2907 default:
b6a0dc82 2908 conn->state = BT_CLOSED;
732547f9
MH		 2909 break;
2910 }
b6a0dc82
MH		 2911
2912 hci_proto_connect_cfm(conn, ev->status);
2913 if (ev->status)
2914 hci_conn_del(conn);
2915
2916unlock:
2917 hci_dev_unlock(hdev);
a9de9248
MH		 2918}
2919
2920static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2921{
2922 BT_DBG("%s", hdev->name);
2923}
2924
04837f64
MH		 2925static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2926{
a9de9248 2927 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2928
2929 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2930}
2931
a9de9248 2932static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2933{
a9de9248
MH		 2934 struct inquiry_data data;
2935 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2936 int num_rsp = *((__u8 *) skb->data);
1da177e4 2937
a9de9248 2938 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2939
a9de9248
MH		 2940 if (!num_rsp)
2941 return;
1da177e4 2942
a9de9248
MH		 2943 hci_dev_lock(hdev);
2944
e17acd40 2945 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2946 bool name_known;
2947
a9de9248 2948 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2949 data.pscan_rep_mode = info->pscan_rep_mode;
2950 data.pscan_period_mode = info->pscan_period_mode;
2951 data.pscan_mode = 0x00;
a9de9248 2952 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2953 data.clock_offset = info->clock_offset;
2954 data.rssi = info->rssi;
41a96212 2955 data.ssp_mode = 0x01;
561aafbc 2956
a8b2d5c2 2957 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2958 name_known = eir_has_data_type(info->data,
2959 sizeof(info->data),
2960 EIR_NAME_COMPLETE);
561aafbc
JH		 2961 else
2962 name_known = true;
2963
3175405b 2964 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2965 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2966 info->dev_class, info->rssi,
7d262f86
AG		 2967 !name_known, info->data,
2968 sizeof(info->data));
a9de9248
MH		 2969 }
2970
2971 hci_dev_unlock(hdev);
2972}
1da177e4 2973
17fa4b9d
JH		 2974static inline u8 hci_get_auth_req(struct hci_conn *conn)
2975{
2976 /* If remote requests dedicated bonding follow that lead */
2977 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2978 /* If both remote and local IO capabilities allow MITM
2979 * protection then require it, otherwise don't */
2980 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2981 return 0x02;
2982 else
2983 return 0x03;
2984 }
2985
2986 /* If remote requests no-bonding follow that lead */
2987 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2988 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2989
2990 return conn->auth_type;
2991}
2992
0493684e
MH		 2993static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2994{
2995 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2996 struct hci_conn *conn;
2997
2998 BT_DBG("%s", hdev->name);
2999
3000 hci_dev_lock(hdev);
3001
3002 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3003 if (!conn)
3004 goto unlock;
3005
3006 hci_conn_hold(conn);
3007
a8b2d5c2 3008 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3009 goto unlock;
3010
a8b2d5c2 3011 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 3012 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3013 struct hci_cp_io_capability_reply cp;
3014
3015 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3016 /* Change the IO capability from KeyboardDisplay
3017 * to DisplayYesNo as it is not supported by BT spec. */
3018 cp.capability = (conn->io_capability == 0x04) ?
3019 0x01 : conn->io_capability;
7cbc9bd9
JH		 3020 conn->auth_type = hci_get_auth_req(conn);
3021 cp.authentication = conn->auth_type;
17fa4b9d 3022
58a681ef 3023 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 3024 hci_find_remote_oob_data(hdev, &conn->dst))
3025 cp.oob_data = 0x01;
3026 else
3027 cp.oob_data = 0x00;
3028
17fa4b9d
JH		 3029 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3030 sizeof(cp), &cp);
03b555e1
JH		 3031 } else {
3032 struct hci_cp_io_capability_neg_reply cp;
3033
3034 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3035 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3036
03b555e1
JH		 3037 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3038 sizeof(cp), &cp);
3039 }
3040
3041unlock:
3042 hci_dev_unlock(hdev);
3043}
3044
3045static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3046{
3047 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3048 struct hci_conn *conn;
3049
3050 BT_DBG("%s", hdev->name);
3051
3052 hci_dev_lock(hdev);
3053
3054 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3055 if (!conn)
3056 goto unlock;
3057
03b555e1 3058 conn->remote_cap = ev->capability;
03b555e1 3059 conn->remote_auth = ev->authentication;
58a681ef
JH		 3060 if (ev->oob_data)
3061 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3062
3063unlock:
0493684e
MH		 3064 hci_dev_unlock(hdev);
3065}
3066
a5c29683
JH		 3067static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3068 struct sk_buff *skb)
3069{
3070 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3071 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3072 struct hci_conn *conn;
a5c29683
JH		 3073
3074 BT_DBG("%s", hdev->name);
3075
3076 hci_dev_lock(hdev);
3077
a8b2d5c2 3078 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3079 goto unlock;
a5c29683 3080
7a828908
JH		 3081 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3082 if (!conn)
3083 goto unlock;
3084
3085 loc_mitm = (conn->auth_type & 0x01);
3086 rem_mitm = (conn->remote_auth & 0x01);
3087
3088 /* If we require MITM but the remote device can't provide that
3089 * (it has NoInputNoOutput) then reject the confirmation
3090 * request. The only exception is when we're dedicated bonding
3091 * initiators (connect_cfm_cb set) since then we always have the MITM
3092 * bit set. */
3093 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3094 BT_DBG("Rejecting request: remote device can't provide MITM");
3095 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3096 sizeof(ev->bdaddr), &ev->bdaddr);
3097 goto unlock;
3098 }
3099
3100 /* If no side requires MITM protection; auto-accept */
3101 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3102 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3103
3104 /* If we're not the initiators request authorization to
3105 * proceed from user space (mgmt_user_confirm with
3106 * confirm_hint set to 1). */
51a8efd7 3107 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3108 BT_DBG("Confirming auto-accept as acceptor");
3109 confirm_hint = 1;
3110 goto confirm;
3111 }
3112
9f61656a
JH		 3113 BT_DBG("Auto-accept of user confirmation with %ums delay",
3114 hdev->auto_accept_delay);
3115
3116 if (hdev->auto_accept_delay > 0) {
3117 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3118 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3119 goto unlock;
3120 }
3121
7a828908
JH		 3122 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3123 sizeof(ev->bdaddr), &ev->bdaddr);
3124 goto unlock;
3125 }
3126
55bc1a37 3127confirm:
272d90df 3128 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
55bc1a37 3129 confirm_hint);
7a828908
JH		 3130
3131unlock:
a5c29683
JH		 3132 hci_dev_unlock(hdev);
3133}
3134
1143d458
BG		 3135static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3136 struct sk_buff *skb)
3137{
3138 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3139
3140 BT_DBG("%s", hdev->name);
3141
3142 hci_dev_lock(hdev);
3143
a8b2d5c2 3144 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3145 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3146
3147 hci_dev_unlock(hdev);
3148}
3149
0493684e
MH		 3150static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3151{
3152 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3153 struct hci_conn *conn;
3154
3155 BT_DBG("%s", hdev->name);
3156
3157 hci_dev_lock(hdev);
3158
3159 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3160 if (!conn)
3161 goto unlock;
3162
3163 /* To avoid duplicate auth_failed events to user space we check
3164 * the HCI_CONN_AUTH_PEND flag which will be set if we
3165 * initiated the authentication. A traditional auth_complete
3166 * event gets always produced as initiator and is also mapped to
3167 * the mgmt_auth_failed event */
51a8efd7 3168 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
744cf19e 3169 mgmt_auth_failed(hdev, &conn->dst, ev->status);
0493684e 3170
2a611692
JH		 3171 hci_conn_put(conn);
3172
3173unlock:
0493684e
MH		 3174 hci_dev_unlock(hdev);
3175}
3176
41a96212
MH		 3177static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3178{
3179 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3180 struct inquiry_entry *ie;
3181
3182 BT_DBG("%s", hdev->name);
3183
3184 hci_dev_lock(hdev);
3185
cc11b9c1
AE		 3186 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3187 if (ie)
41a96212
MH		 3188 ie->data.ssp_mode = (ev->features[0] & 0x01);
3189
3190 hci_dev_unlock(hdev);
3191}
3192
2763eda6
SJ		 3193static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3194 struct sk_buff *skb)
3195{
3196 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3197 struct oob_data *data;
3198
3199 BT_DBG("%s", hdev->name);
3200
3201 hci_dev_lock(hdev);
3202
a8b2d5c2 3203 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3204 goto unlock;
3205
2763eda6
SJ		 3206 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3207 if (data) {
3208 struct hci_cp_remote_oob_data_reply cp;
3209
3210 bacpy(&cp.bdaddr, &ev->bdaddr);
3211 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3212 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3213
3214 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3215 &cp);
3216 } else {
3217 struct hci_cp_remote_oob_data_neg_reply cp;
3218
3219 bacpy(&cp.bdaddr, &ev->bdaddr);
3220 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3221 &cp);
3222 }
3223
e1ba1f15 3224unlock:
2763eda6
SJ		 3225 hci_dev_unlock(hdev);
3226}
3227
fcd89c09
VT		 3228static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3229{
3230 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3231 struct hci_conn *conn;
3232
3233 BT_DBG("%s status %d", hdev->name, ev->status);
3234
3235 hci_dev_lock(hdev);
3236
3237 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3238 if (!conn) {
3239 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3240 if (!conn) {
3241 BT_ERR("No memory for new connection");
3242 hci_dev_unlock(hdev);
3243 return;
3244 }
29b7988a
AG		 3245
3246 conn->dst_type = ev->bdaddr_type;
b62f328b 3247 }
fcd89c09
VT		 3248
3249 if (ev->status) {
48264f06
JH		 3250 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3251 conn->dst_type, ev->status);
fcd89c09
VT		 3252 hci_proto_connect_cfm(conn, ev->status);
3253 conn->state = BT_CLOSED;
3254 hci_conn_del(conn);
3255 goto unlock;
3256 }
3257
b644ba33
JH		 3258 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3259 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3260 conn->dst_type, NULL, 0, 0);
83bc71b4 3261
7b5c0d52 3262 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3263 conn->handle = __le16_to_cpu(ev->handle);
3264 conn->state = BT_CONNECTED;
3265
3266 hci_conn_hold_device(conn);
3267 hci_conn_add_sysfs(conn);
3268
3269 hci_proto_connect_cfm(conn, ev->status);
3270
3271unlock:
3272 hci_dev_unlock(hdev);
3273}
3274
9aa04c91
AG		 3275static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3276 struct sk_buff *skb)
3277{
e95beb41
AG		 3278 u8 num_reports = skb->data[0];
3279 void *ptr = &skb->data[1];
3c9e9195 3280 s8 rssi;
9aa04c91
AG		 3281
3282 hci_dev_lock(hdev);
3283
e95beb41
AG		 3284 while (num_reports--) {
3285 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3286
9aa04c91 3287 hci_add_adv_entry(hdev, ev);
e95beb41 3288
3c9e9195
AG		 3289 rssi = ev->data[ev->length];
3290 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3291 NULL, rssi, 0, ev->data, ev->length);
3292
e95beb41 3293 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3294 }
3295
3296 hci_dev_unlock(hdev);
3297}
3298
a7a595f6
VCG		 3299static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3300 struct sk_buff *skb)
3301{
3302 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3303 struct hci_cp_le_ltk_reply cp;
bea710fe 3304 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3305 struct hci_conn *conn;
c9839a11 3306 struct smp_ltk *ltk;
a7a595f6
VCG		 3307
3308 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3309
3310 hci_dev_lock(hdev);
3311
3312 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3313 if (conn == NULL)
3314 goto not_found;
a7a595f6 3315
bea710fe
VCG		 3316 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3317 if (ltk == NULL)
3318 goto not_found;
3319
3320 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3321 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3322
3323 if (ltk->authenticated)
3324 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3325
3326 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3327
c9839a11
VCG		 3328 if (ltk->type & HCI_SMP_STK) {
3329 list_del(&ltk->list);
3330 kfree(ltk);
3331 }
3332
a7a595f6 3333 hci_dev_unlock(hdev);
bea710fe
VCG		 3334
3335 return;
3336
3337not_found:
3338 neg.handle = ev->handle;
3339 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3340 hci_dev_unlock(hdev);
a7a595f6
VCG		 3341}
3342
fcd89c09
VT		 3343static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3344{
3345 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3346
3347 skb_pull(skb, sizeof(*le_ev));
3348
3349 switch (le_ev->subevent) {
3350 case HCI_EV_LE_CONN_COMPLETE:
3351 hci_le_conn_complete_evt(hdev, skb);
3352 break;
3353
9aa04c91
AG		 3354 case HCI_EV_LE_ADVERTISING_REPORT:
3355 hci_le_adv_report_evt(hdev, skb);
3356 break;
3357
a7a595f6
VCG		 3358 case HCI_EV_LE_LTK_REQ:
3359 hci_le_ltk_request_evt(hdev, skb);
3360 break;
3361
fcd89c09
VT		 3362 default:
3363 break;
3364 }
3365}
3366
a9de9248
MH		 3367void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3368{
3369 struct hci_event_hdr *hdr = (void *) skb->data;
3370 __u8 event = hdr->evt;
3371
3372 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3373
3374 switch (event) {
1da177e4
LT		 3375 case HCI_EV_INQUIRY_COMPLETE:
3376 hci_inquiry_complete_evt(hdev, skb);
3377 break;
3378
3379 case HCI_EV_INQUIRY_RESULT:
3380 hci_inquiry_result_evt(hdev, skb);
3381 break;
3382
a9de9248
MH		 3383 case HCI_EV_CONN_COMPLETE:
3384 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3385 break;
3386
1da177e4
LT		 3387 case HCI_EV_CONN_REQUEST:
3388 hci_conn_request_evt(hdev, skb);
3389 break;
3390
1da177e4
LT		 3391 case HCI_EV_DISCONN_COMPLETE:
3392 hci_disconn_complete_evt(hdev, skb);
3393 break;
3394
1da177e4
LT		 3395 case HCI_EV_AUTH_COMPLETE:
3396 hci_auth_complete_evt(hdev, skb);
3397 break;
3398
a9de9248
MH		 3399 case HCI_EV_REMOTE_NAME:
3400 hci_remote_name_evt(hdev, skb);
3401 break;
3402
1da177e4
LT		 3403 case HCI_EV_ENCRYPT_CHANGE:
3404 hci_encrypt_change_evt(hdev, skb);
3405 break;
3406
a9de9248
MH		 3407 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3408 hci_change_link_key_complete_evt(hdev, skb);
3409 break;
3410
3411 case HCI_EV_REMOTE_FEATURES:
3412 hci_remote_features_evt(hdev, skb);
3413 break;
3414
3415 case HCI_EV_REMOTE_VERSION:
3416 hci_remote_version_evt(hdev, skb);
3417 break;
3418
3419 case HCI_EV_QOS_SETUP_COMPLETE:
3420 hci_qos_setup_complete_evt(hdev, skb);
3421 break;
3422
3423 case HCI_EV_CMD_COMPLETE:
3424 hci_cmd_complete_evt(hdev, skb);
3425 break;
3426
3427 case HCI_EV_CMD_STATUS:
3428 hci_cmd_status_evt(hdev, skb);
3429 break;
3430
3431 case HCI_EV_ROLE_CHANGE:
3432 hci_role_change_evt(hdev, skb);
3433 break;
3434
3435 case HCI_EV_NUM_COMP_PKTS:
3436 hci_num_comp_pkts_evt(hdev, skb);
3437 break;
3438
3439 case HCI_EV_MODE_CHANGE:
3440 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3441 break;
3442
3443 case HCI_EV_PIN_CODE_REQ:
3444 hci_pin_code_request_evt(hdev, skb);
3445 break;
3446
3447 case HCI_EV_LINK_KEY_REQ:
3448 hci_link_key_request_evt(hdev, skb);
3449 break;
3450
3451 case HCI_EV_LINK_KEY_NOTIFY:
3452 hci_link_key_notify_evt(hdev, skb);
3453 break;
3454
3455 case HCI_EV_CLOCK_OFFSET:
3456 hci_clock_offset_evt(hdev, skb);
3457 break;
3458
a8746417
MH		 3459 case HCI_EV_PKT_TYPE_CHANGE:
3460 hci_pkt_type_change_evt(hdev, skb);
3461 break;
3462
85a1e930
MH		 3463 case HCI_EV_PSCAN_REP_MODE:
3464 hci_pscan_rep_mode_evt(hdev, skb);
3465 break;
3466
a9de9248
MH		 3467 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3468 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3469 break;
3470
a9de9248
MH		 3471 case HCI_EV_REMOTE_EXT_FEATURES:
3472 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3473 break;
3474
a9de9248
MH		 3475 case HCI_EV_SYNC_CONN_COMPLETE:
3476 hci_sync_conn_complete_evt(hdev, skb);
3477 break;
1da177e4 3478
a9de9248
MH		 3479 case HCI_EV_SYNC_CONN_CHANGED:
3480 hci_sync_conn_changed_evt(hdev, skb);
3481 break;
1da177e4 3482
a9de9248
MH		 3483 case HCI_EV_SNIFF_SUBRATE:
3484 hci_sniff_subrate_evt(hdev, skb);
3485 break;
1da177e4 3486
a9de9248
MH		 3487 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3488 hci_extended_inquiry_result_evt(hdev, skb);
3489 break;
1da177e4 3490
0493684e
MH		 3491 case HCI_EV_IO_CAPA_REQUEST:
3492 hci_io_capa_request_evt(hdev, skb);
3493 break;
3494
03b555e1
JH		 3495 case HCI_EV_IO_CAPA_REPLY:
3496 hci_io_capa_reply_evt(hdev, skb);
3497 break;
3498
a5c29683
JH		 3499 case HCI_EV_USER_CONFIRM_REQUEST:
3500 hci_user_confirm_request_evt(hdev, skb);
3501 break;
3502
1143d458
BG		 3503 case HCI_EV_USER_PASSKEY_REQUEST:
3504 hci_user_passkey_request_evt(hdev, skb);
3505 break;
3506
0493684e
MH		 3507 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3508 hci_simple_pair_complete_evt(hdev, skb);
3509 break;
3510
41a96212
MH		 3511 case HCI_EV_REMOTE_HOST_FEATURES:
3512 hci_remote_host_features_evt(hdev, skb);
3513 break;
3514
fcd89c09
VT		 3515 case HCI_EV_LE_META:
3516 hci_le_meta_evt(hdev, skb);
3517 break;
3518
2763eda6
SJ		 3519 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3520 hci_remote_oob_data_request_evt(hdev, skb);
3521 break;
3522
25e89e99
AE		 3523 case HCI_EV_NUM_COMP_BLOCKS:
3524 hci_num_comp_blocks_evt(hdev, skb);
3525 break;
3526
a9de9248
MH		 3527 default:
3528 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3529 break;
3530 }
3531
3532 kfree_skb(skb);
3533 hdev->stat.evt_rx++;
3534}
3535
3536/* Generate internal stack event */
3537void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3538{
3539 struct hci_event_hdr *hdr;
3540 struct hci_ev_stack_internal *ev;
3541 struct sk_buff *skb;
3542
3543 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3544 if (!skb)
3545 return;
3546
3547 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3548 hdr->evt = HCI_EV_STACK_INTERNAL;
3549 hdr->plen = sizeof(*ev) + dlen;
3550
3551 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3552 ev->type = type;
3553 memcpy(ev->data, data, dlen);
3554
576c7d85 3555 bt_cb(skb)->incoming = 1;
a61bbcf2 3556 __net_timestamp(skb);
576c7d85 3557
0d48d939 3558 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 3559 skb->dev = (void *) hdev;
eec8d2bc 3560 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 3561 kfree_skb(skb);
3562}
e6100a25 3563
669bb396 3564module_param(enable_le, bool, 0644);
e6100a25 3565MODULE_PARM_DESC(enable_le, "Enable LE support");
kernel source for telekom puls (alcatel/mediatek)