projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Update mgmt_disconnect to match latest API
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
eb939922 48static bool enable_le;
e6100a25 49
1da177e4
LT		 50/* Handle HCI Event packets */
51
a9de9248 52static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 53{
a9de9248 54 __u8 status = *((__u8 *) skb->data);
1da177e4 55
a9de9248 56 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 57
e6d465cb
AG		 58 if (status) {
59 hci_dev_lock(hdev);
60 mgmt_stop_discovery_failed(hdev, status);
61 hci_dev_unlock(hdev);
a9de9248 62 return;
e6d465cb 63 }
1da177e4 64
89352e7d
AG		 65 clear_bit(HCI_INQUIRY, &hdev->flags);
66
56e5cb86 67 hci_dev_lock(hdev);
ff9ef578 68 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 69 hci_dev_unlock(hdev);
6bd57416 70
23bb5763 71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 72
73 hci_conn_check_pending(hdev);
74}
6bd57416 75
a9de9248
MH		 76static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
77{
78 __u8 status = *((__u8 *) skb->data);
6bd57416 79
a9de9248 80 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 81
a9de9248
MH		 82 if (status)
83 return;
1da177e4 84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
89{
90 BT_DBG("%s", hdev->name);
91}
92
93static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
94{
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
97
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
99
100 if (rp->status)
101 return;
102
103 hci_dev_lock(hdev);
104
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
106 if (conn) {
107 if (rp->role)
108 conn->link_mode &= ~HCI_LM_MASTER;
109 else
110 conn->link_mode |= HCI_LM_MASTER;
1da177e4 111 }
a9de9248
MH		 112
113 hci_dev_unlock(hdev);
1da177e4
LT		 114}
115
e4e8e37c
MH		 116static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
117{
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
120
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
122
123 if (rp->status)
124 return;
125
126 hci_dev_lock(hdev);
127
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
129 if (conn)
130 conn->link_policy = __le16_to_cpu(rp->policy);
131
132 hci_dev_unlock(hdev);
133}
134
a9de9248 135static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 136{
a9de9248 137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 138 struct hci_conn *conn;
04837f64 139 void *sent;
1da177e4 140
a9de9248 141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 142
a9de9248
MH		 143 if (rp->status)
144 return;
1da177e4 145
a9de9248
MH		 146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
147 if (!sent)
148 return;
1da177e4 149
a9de9248 150 hci_dev_lock(hdev);
1da177e4 151
a9de9248 152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 153 if (conn)
83985319 154 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 155
a9de9248
MH		 156 hci_dev_unlock(hdev);
157}
1da177e4 158
e4e8e37c
MH		 159static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
160{
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
162
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
164
165 if (rp->status)
166 return;
167
168 hdev->link_policy = __le16_to_cpu(rp->policy);
169}
170
171static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
172{
173 __u8 status = *((__u8 *) skb->data);
174 void *sent;
175
176 BT_DBG("%s status 0x%x", hdev->name, status);
177
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
179 if (!sent)
180 return;
181
182 if (!status)
183 hdev->link_policy = get_unaligned_le16(sent);
184
23bb5763 185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 186}
187
a9de9248
MH		 188static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
189{
190 __u8 status = *((__u8 *) skb->data);
04837f64 191
a9de9248 192 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 193
10572132
GP		 194 clear_bit(HCI_RESET, &hdev->flags);
195
23bb5763 196 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 197
7005ff17 198 /* Reset all flags, except persistent ones */
95947a39
HG		 199 hdev->dev_flags &= BIT(HCI_MGMT) | BIT(HCI_SETUP) | BIT(HCI_AUTO_OFF) |
200 BIT(HCI_LINK_KEYS) | BIT(HCI_DEBUG_KEYS);
a9de9248 201}
04837f64 202
a9de9248
MH		 203static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
204{
205 __u8 status = *((__u8 *) skb->data);
206 void *sent;
04837f64 207
a9de9248 208 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 209
a9de9248
MH		 210 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
211 if (!sent)
212 return;
04837f64 213
56e5cb86
JH		 214 hci_dev_lock(hdev);
215
a8b2d5c2 216 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 217 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 218
56e5cb86
JH		 219 if (status == 0)
220 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 221
56e5cb86 222 hci_dev_unlock(hdev);
a9de9248
MH		 223}
224
225static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
226{
227 struct hci_rp_read_local_name *rp = (void *) skb->data;
228
229 BT_DBG("%s status 0x%x", hdev->name, rp->status);
230
231 if (rp->status)
232 return;
233
1f6c6378 234 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 235}
236
237static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
238{
239 __u8 status = *((__u8 *) skb->data);
240 void *sent;
241
242 BT_DBG("%s status 0x%x", hdev->name, status);
243
244 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
245 if (!sent)
246 return;
247
248 if (!status) {
249 __u8 param = *((__u8 *) sent);
250
251 if (param == AUTH_ENABLED)
252 set_bit(HCI_AUTH, &hdev->flags);
253 else
254 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 255 }
a9de9248 256
23bb5763 257 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 258}
259
a9de9248 260static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 261{
a9de9248 262 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 263 void *sent;
264
a9de9248 265 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 266
a9de9248
MH		 267 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
268 if (!sent)
269 return;
1da177e4 270
a9de9248
MH		 271 if (!status) {
272 __u8 param = *((__u8 *) sent);
273
274 if (param)
275 set_bit(HCI_ENCRYPT, &hdev->flags);
276 else
277 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 }
1da177e4 279
23bb5763 280 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 281}
1da177e4 282
a9de9248
MH		 283static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
284{
36f7fc7e
JH		 285 __u8 param, status = *((__u8 *) skb->data);
286 int old_pscan, old_iscan;
a9de9248 287 void *sent;
1da177e4 288
a9de9248 289 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 290
a9de9248
MH		 291 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
292 if (!sent)
293 return;
1da177e4 294
36f7fc7e
JH		 295 param = *((__u8 *) sent);
296
56e5cb86
JH		 297 hci_dev_lock(hdev);
298
2d7cee58 299 if (status != 0) {
744cf19e 300 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 301 hdev->discov_timeout = 0;
302 goto done;
303 }
304
36f7fc7e
JH		 305 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
306 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
307
308 if (param & SCAN_INQUIRY) {
309 set_bit(HCI_ISCAN, &hdev->flags);
310 if (!old_iscan)
744cf19e 311 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 312 if (hdev->discov_timeout > 0) {
313 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
314 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 to);
316 }
36f7fc7e 317 } else if (old_iscan)
744cf19e 318 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 319
320 if (param & SCAN_PAGE) {
321 set_bit(HCI_PSCAN, &hdev->flags);
322 if (!old_pscan)
744cf19e 323 mgmt_connectable(hdev, 1);
36f7fc7e 324 } else if (old_pscan)
744cf19e 325 mgmt_connectable(hdev, 0);
1da177e4 326
36f7fc7e 327done:
56e5cb86 328 hci_dev_unlock(hdev);
23bb5763 329 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 335
a9de9248 336 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 337
a9de9248
MH		 338 if (rp->status)
339 return;
1da177e4 340
a9de9248 341 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 342
a9de9248
MH		 343 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
344 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345}
1da177e4 346
a9de9248
MH		 347static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
348{
349 __u8 status = *((__u8 *) skb->data);
350 void *sent;
1da177e4 351
a9de9248 352 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 353
f383f275
MH		 354 if (status)
355 return;
356
a9de9248
MH		 357 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
358 if (!sent)
359 return;
1da177e4 360
f383f275 361 memcpy(hdev->dev_class, sent, 3);
a9de9248 362}
1da177e4 363
a9de9248
MH		 364static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
365{
366 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 __u16 setting;
368
369 BT_DBG("%s status 0x%x", hdev->name, rp->status);
370
371 if (rp->status)
372 return;
373
374 setting = __le16_to_cpu(rp->voice_setting);
375
f383f275 376 if (hdev->voice_setting == setting)
a9de9248
MH		 377 return;
378
379 hdev->voice_setting = setting;
380
381 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382
3c54711c 383 if (hdev->notify)
a9de9248 384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 385}
386
387static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
388{
389 __u8 status = *((__u8 *) skb->data);
f383f275 390 __u16 setting;
a9de9248
MH		 391 void *sent;
392
393 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 394
f383f275
MH		 395 if (status)
396 return;
397
a9de9248
MH		 398 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
399 if (!sent)
400 return;
1da177e4 401
f383f275 402 setting = get_unaligned_le16(sent);
1da177e4 403
f383f275
MH		 404 if (hdev->voice_setting == setting)
405 return;
406
407 hdev->voice_setting = setting;
1da177e4 408
f383f275 409 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 410
3c54711c 411 if (hdev->notify)
f383f275 412 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 413}
414
a9de9248 415static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 416{
a9de9248 417 __u8 status = *((__u8 *) skb->data);
1da177e4 418
a9de9248 419 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 420
23bb5763 421 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 422}
1143e5a6 423
333140b5
MH		 424static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
425{
426 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
427
428 BT_DBG("%s status 0x%x", hdev->name, rp->status);
429
430 if (rp->status)
431 return;
432
84bde9d6
JH		 433 if (rp->mode)
434 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
435 else
436 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 437}
438
439static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
440{
441 __u8 status = *((__u8 *) skb->data);
442 void *sent;
443
444 BT_DBG("%s status 0x%x", hdev->name, status);
445
446 if (status)
447 return;
448
449 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
450 if (!sent)
451 return;
452
84bde9d6
JH		 453 if (*((u8 *) sent))
454 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
455 else
456 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 457}
458
d5859e22
JH		 459static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
460{
461 if (hdev->features[6] & LMP_EXT_INQ)
462 return 2;
463
464 if (hdev->features[3] & LMP_RSSI_INQ)
465 return 1;
466
467 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
468 hdev->lmp_subver == 0x0757)
469 return 1;
470
471 if (hdev->manufacturer == 15) {
472 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
473 return 1;
474 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
475 return 1;
476 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
477 return 1;
478 }
479
480 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
481 hdev->lmp_subver == 0x1805)
482 return 1;
483
484 return 0;
485}
486
487static void hci_setup_inquiry_mode(struct hci_dev *hdev)
488{
489 u8 mode;
490
491 mode = hci_get_inquiry_mode(hdev);
492
493 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
494}
495
496static void hci_setup_event_mask(struct hci_dev *hdev)
497{
498 /* The second byte is 0xff instead of 0x9f (two reserved bits
499 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
500 * command otherwise */
501 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
502
6de6c18d
VT		 503 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
504 * any event mask for pre 1.2 devices */
5a13b095 505 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 506 return;
507
508 events[4] |= 0x01; /* Flow Specification Complete */
509 events[4] |= 0x02; /* Inquiry Result with RSSI */
510 events[4] |= 0x04; /* Read Remote Extended Features Complete */
511 events[5] |= 0x08; /* Synchronous Connection Complete */
512 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 513
514 if (hdev->features[3] & LMP_RSSI_INQ)
515 events[4] |= 0x04; /* Inquiry Result with RSSI */
516
517 if (hdev->features[5] & LMP_SNIFF_SUBR)
518 events[5] |= 0x20; /* Sniff Subrating */
519
520 if (hdev->features[5] & LMP_PAUSE_ENC)
521 events[5] |= 0x80; /* Encryption Key Refresh Complete */
522
523 if (hdev->features[6] & LMP_EXT_INQ)
524 events[5] |= 0x40; /* Extended Inquiry Result */
525
526 if (hdev->features[6] & LMP_NO_FLUSH)
527 events[7] |= 0x01; /* Enhanced Flush Complete */
528
529 if (hdev->features[7] & LMP_LSTO)
530 events[6] |= 0x80; /* Link Supervision Timeout Changed */
531
532 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
533 events[6] |= 0x01; /* IO Capability Request */
534 events[6] |= 0x02; /* IO Capability Response */
535 events[6] |= 0x04; /* User Confirmation Request */
536 events[6] |= 0x08; /* User Passkey Request */
537 events[6] |= 0x10; /* Remote OOB Data Request */
538 events[6] |= 0x20; /* Simple Pairing Complete */
539 events[7] |= 0x04; /* User Passkey Notification */
540 events[7] |= 0x08; /* Keypress Notification */
541 events[7] |= 0x10; /* Remote Host Supported
542 * Features Notification */
543 }
544
545 if (hdev->features[4] & LMP_LE)
546 events[7] |= 0x20; /* LE Meta-Event */
547
548 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
549}
550
e6100a25
AG		 551static void hci_set_le_support(struct hci_dev *hdev)
552{
553 struct hci_cp_write_le_host_supported cp;
554
555 memset(&cp, 0, sizeof(cp));
556
557 if (enable_le) {
558 cp.le = 1;
559 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
560 }
561
562 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
563}
564
d5859e22
JH		 565static void hci_setup(struct hci_dev *hdev)
566{
e61ef499
AE		 567 if (hdev->dev_type != HCI_BREDR)
568 return;
569
d5859e22
JH		 570 hci_setup_event_mask(hdev);
571
d095c1eb 572 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 573 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
574
575 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
576 u8 mode = 0x01;
577 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
578 }
579
580 if (hdev->features[3] & LMP_RSSI_INQ)
581 hci_setup_inquiry_mode(hdev);
582
583 if (hdev->features[7] & LMP_INQ_TX_PWR)
584 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 585
586 if (hdev->features[7] & LMP_EXTFEATURES) {
587 struct hci_cp_read_local_ext_features cp;
588
589 cp.page = 0x01;
590 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
591 sizeof(cp), &cp);
592 }
e6100a25
AG		 593
594 if (hdev->features[4] & LMP_LE)
595 hci_set_le_support(hdev);
d5859e22
JH		 596}
597
a9de9248
MH		 598static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
599{
600 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 601
a9de9248 602 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 603
a9de9248
MH		 604 if (rp->status)
605 return;
1143e5a6 606
a9de9248 607 hdev->hci_ver = rp->hci_ver;
e4e8e37c 608 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 609 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 610 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 611 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 612
a9de9248
MH		 613 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
614 hdev->manufacturer,
615 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 616
617 if (test_bit(HCI_INIT, &hdev->flags))
618 hci_setup(hdev);
619}
620
621static void hci_setup_link_policy(struct hci_dev *hdev)
622{
623 u16 link_policy = 0;
624
625 if (hdev->features[0] & LMP_RSWITCH)
626 link_policy |= HCI_LP_RSWITCH;
627 if (hdev->features[0] & LMP_HOLD)
628 link_policy |= HCI_LP_HOLD;
629 if (hdev->features[0] & LMP_SNIFF)
630 link_policy |= HCI_LP_SNIFF;
631 if (hdev->features[1] & LMP_PARK)
632 link_policy |= HCI_LP_PARK;
633
634 link_policy = cpu_to_le16(link_policy);
635 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
636 sizeof(link_policy), &link_policy);
a9de9248 637}
1da177e4 638
a9de9248
MH		 639static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
640{
641 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 642
a9de9248 643 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 644
a9de9248 645 if (rp->status)
d5859e22 646 goto done;
1da177e4 647
a9de9248 648 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 649
650 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
651 hci_setup_link_policy(hdev);
652
653done:
654 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 655}
1da177e4 656
a9de9248
MH		 657static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
658{
659 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 660
a9de9248 661 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 662
a9de9248
MH		 663 if (rp->status)
664 return;
5b7f9909 665
a9de9248 666 memcpy(hdev->features, rp->features, 8);
5b7f9909 667
a9de9248
MH		 668 /* Adjust default settings according to features
669 * supported by device. */
1da177e4 670
a9de9248
MH		 671 if (hdev->features[0] & LMP_3SLOT)
672 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 673
a9de9248
MH		 674 if (hdev->features[0] & LMP_5SLOT)
675 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 676
a9de9248
MH		 677 if (hdev->features[1] & LMP_HV2) {
678 hdev->pkt_type |= (HCI_HV2);
679 hdev->esco_type |= (ESCO_HV2);
680 }
1da177e4 681
a9de9248
MH		 682 if (hdev->features[1] & LMP_HV3) {
683 hdev->pkt_type |= (HCI_HV3);
684 hdev->esco_type |= (ESCO_HV3);
685 }
1da177e4 686
a9de9248
MH		 687 if (hdev->features[3] & LMP_ESCO)
688 hdev->esco_type |= (ESCO_EV3);
da1f5198 689
a9de9248
MH		 690 if (hdev->features[4] & LMP_EV4)
691 hdev->esco_type |= (ESCO_EV4);
da1f5198 692
a9de9248
MH		 693 if (hdev->features[4] & LMP_EV5)
694 hdev->esco_type |= (ESCO_EV5);
1da177e4 695
efc7688b
MH		 696 if (hdev->features[5] & LMP_EDR_ESCO_2M)
697 hdev->esco_type |= (ESCO_2EV3);
698
699 if (hdev->features[5] & LMP_EDR_ESCO_3M)
700 hdev->esco_type |= (ESCO_3EV3);
701
702 if (hdev->features[5] & LMP_EDR_3S_ESCO)
703 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
704
a9de9248
MH		 705 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
706 hdev->features[0], hdev->features[1],
707 hdev->features[2], hdev->features[3],
708 hdev->features[4], hdev->features[5],
709 hdev->features[6], hdev->features[7]);
710}
1da177e4 711
971e3a4b
AG		 712static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
713 struct sk_buff *skb)
714{
715 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
716
717 BT_DBG("%s status 0x%x", hdev->name, rp->status);
718
719 if (rp->status)
720 return;
721
b5b32b65
AG		 722 switch (rp->page) {
723 case 0:
724 memcpy(hdev->features, rp->features, 8);
725 break;
726 case 1:
727 memcpy(hdev->host_features, rp->features, 8);
728 break;
729 }
971e3a4b
AG		 730
731 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
732}
733
1e89cffb
AE		 734static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
735 struct sk_buff *skb)
736{
737 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
738
739 BT_DBG("%s status 0x%x", hdev->name, rp->status);
740
741 if (rp->status)
742 return;
743
744 hdev->flow_ctl_mode = rp->mode;
745
746 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
747}
748
a9de9248
MH		 749static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
750{
751 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 752
a9de9248 753 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 754
a9de9248
MH		 755 if (rp->status)
756 return;
1da177e4 757
a9de9248
MH		 758 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
759 hdev->sco_mtu = rp->sco_mtu;
760 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
761 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
762
763 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
764 hdev->sco_mtu = 64;
765 hdev->sco_pkts = 8;
1da177e4 766 }
a9de9248
MH		 767
768 hdev->acl_cnt = hdev->acl_pkts;
769 hdev->sco_cnt = hdev->sco_pkts;
770
771 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
772 hdev->acl_mtu, hdev->acl_pkts,
773 hdev->sco_mtu, hdev->sco_pkts);
774}
775
776static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
777{
778 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
779
780 BT_DBG("%s status 0x%x", hdev->name, rp->status);
781
782 if (!rp->status)
783 bacpy(&hdev->bdaddr, &rp->bdaddr);
784
23bb5763
JH		 785 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
786}
787
350ee4cf
AE		 788static void hci_cc_read_data_block_size(struct hci_dev *hdev,
789 struct sk_buff *skb)
790{
791 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
792
793 BT_DBG("%s status 0x%x", hdev->name, rp->status);
794
795 if (rp->status)
796 return;
797
798 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
799 hdev->block_len = __le16_to_cpu(rp->block_len);
800 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
801
802 hdev->block_cnt = hdev->num_blocks;
803
804 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
805 hdev->block_cnt, hdev->block_len);
806
807 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
808}
809
23bb5763
JH		 810static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
811{
812 __u8 status = *((__u8 *) skb->data);
813
814 BT_DBG("%s status 0x%x", hdev->name, status);
815
816 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 817}
818
928abaa7
AE		 819static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
820 struct sk_buff *skb)
821{
822 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
823
824 BT_DBG("%s status 0x%x", hdev->name, rp->status);
825
826 if (rp->status)
827 return;
828
829 hdev->amp_status = rp->amp_status;
830 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
831 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
832 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
833 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
834 hdev->amp_type = rp->amp_type;
835 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
836 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
837 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
838 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
839
840 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
841}
842
b0916ea0
JH		 843static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
844 struct sk_buff *skb)
845{
846 __u8 status = *((__u8 *) skb->data);
847
848 BT_DBG("%s status 0x%x", hdev->name, status);
849
850 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
851}
852
d5859e22
JH		 853static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
854{
855 __u8 status = *((__u8 *) skb->data);
856
857 BT_DBG("%s status 0x%x", hdev->name, status);
858
859 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
860}
861
862static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
863 struct sk_buff *skb)
864{
865 __u8 status = *((__u8 *) skb->data);
866
867 BT_DBG("%s status 0x%x", hdev->name, status);
868
869 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
870}
871
872static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
873 struct sk_buff *skb)
874{
875 __u8 status = *((__u8 *) skb->data);
876
877 BT_DBG("%s status 0x%x", hdev->name, status);
878
879 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
880}
881
882static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
883{
884 __u8 status = *((__u8 *) skb->data);
885
886 BT_DBG("%s status 0x%x", hdev->name, status);
887
888 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
889}
890
980e1a53
JH		 891static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
892{
893 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
894 struct hci_cp_pin_code_reply *cp;
895 struct hci_conn *conn;
896
897 BT_DBG("%s status 0x%x", hdev->name, rp->status);
898
56e5cb86
JH		 899 hci_dev_lock(hdev);
900
a8b2d5c2 901 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 902 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 903
904 if (rp->status != 0)
56e5cb86 905 goto unlock;
980e1a53
JH		 906
907 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
908 if (!cp)
56e5cb86 909 goto unlock;
980e1a53
JH		 910
911 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
912 if (conn)
913 conn->pin_length = cp->pin_len;
56e5cb86
JH		 914
915unlock:
916 hci_dev_unlock(hdev);
980e1a53
JH		 917}
918
919static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
920{
921 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
922
923 BT_DBG("%s status 0x%x", hdev->name, rp->status);
924
56e5cb86
JH		 925 hci_dev_lock(hdev);
926
a8b2d5c2 927 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 928 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 929 rp->status);
56e5cb86
JH		 930
931 hci_dev_unlock(hdev);
980e1a53 932}
56e5cb86 933
6ed58ec5
VT		 934static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
935 struct sk_buff *skb)
936{
937 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
938
939 BT_DBG("%s status 0x%x", hdev->name, rp->status);
940
941 if (rp->status)
942 return;
943
944 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
945 hdev->le_pkts = rp->le_max_pkt;
946
947 hdev->le_cnt = hdev->le_pkts;
948
949 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
950
951 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
952}
980e1a53 953
a5c29683
JH		 954static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
955{
956 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
957
958 BT_DBG("%s status 0x%x", hdev->name, rp->status);
959
56e5cb86
JH		 960 hci_dev_lock(hdev);
961
a8b2d5c2 962 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 963 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
a5c29683 964 rp->status);
56e5cb86
JH		 965
966 hci_dev_unlock(hdev);
a5c29683
JH		 967}
968
969static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
970 struct sk_buff *skb)
971{
972 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
973
974 BT_DBG("%s status 0x%x", hdev->name, rp->status);
975
56e5cb86
JH		 976 hci_dev_lock(hdev);
977
a8b2d5c2 978 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 979 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
a5c29683 980 rp->status);
56e5cb86
JH		 981
982 hci_dev_unlock(hdev);
a5c29683
JH		 983}
984
1143d458
BG		 985static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
986{
987 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
988
989 BT_DBG("%s status 0x%x", hdev->name, rp->status);
990
991 hci_dev_lock(hdev);
992
a8b2d5c2 993 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 994 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
995 rp->status);
996
997 hci_dev_unlock(hdev);
998}
999
1000static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1001 struct sk_buff *skb)
1002{
1003 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1004
1005 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1006
1007 hci_dev_lock(hdev);
1008
a8b2d5c2 1009 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 1010 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1011 rp->status);
1012
1013 hci_dev_unlock(hdev);
1014}
1015
c35938b2
SJ		 1016static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1017 struct sk_buff *skb)
1018{
1019 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1020
1021 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1022
56e5cb86 1023 hci_dev_lock(hdev);
744cf19e 1024 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1025 rp->randomizer, rp->status);
56e5cb86 1026 hci_dev_unlock(hdev);
c35938b2
SJ		 1027}
1028
07f7fa5d
AG		 1029static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1030{
1031 __u8 status = *((__u8 *) skb->data);
1032
1033 BT_DBG("%s status 0x%x", hdev->name, status);
7ba8b4be
AG		 1034
1035 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1036
1037 if (status) {
1038 hci_dev_lock(hdev);
1039 mgmt_start_discovery_failed(hdev, status);
1040 hci_dev_unlock(hdev);
1041 return;
1042 }
07f7fa5d
AG		 1043}
1044
eb9d91f5
AG		 1045static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1046 struct sk_buff *skb)
1047{
1048 struct hci_cp_le_set_scan_enable *cp;
1049 __u8 status = *((__u8 *) skb->data);
1050
1051 BT_DBG("%s status 0x%x", hdev->name, status);
1052
eb9d91f5
AG		 1053 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1054 if (!cp)
1055 return;
1056
68a8aea4
AE		 1057 switch (cp->enable) {
1058 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1059 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1060
3fd24153
AG		 1061 if (status) {
1062 hci_dev_lock(hdev);
1063 mgmt_start_discovery_failed(hdev, status);
1064 hci_dev_unlock(hdev);
7ba8b4be 1065 return;
3fd24153 1066 }
7ba8b4be 1067
d23264a8
AG		 1068 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1069
db323f2f 1070 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1071
1072 hci_dev_lock(hdev);
eb9d91f5 1073 hci_adv_entries_clear(hdev);
c599008f 1074 hci_discovery_set_state(hdev, DISCOVERY_LE_SCAN);
a8f13c8c 1075 hci_dev_unlock(hdev);
68a8aea4
AE		 1076 break;
1077
1078 case LE_SCANNING_DISABLED:
7ba8b4be
AG		 1079 if (status)
1080 return;
1081
d23264a8
AG		 1082 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1083
c599008f
AG		 1084 hci_dev_lock(hdev);
1085 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1086 hci_dev_unlock(hdev);
1087
d084329e 1088 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
68a8aea4
AE		 1089 break;
1090
1091 default:
1092 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1093 break;
35815085 1094 }
eb9d91f5
AG		 1095}
1096
a7a595f6
VCG		 1097static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1098{
1099 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1100
1101 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1102
1103 if (rp->status)
1104 return;
1105
1106 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1107}
1108
1109static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1110{
1111 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1112
1113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1114
1115 if (rp->status)
1116 return;
1117
1118 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1119}
1120
f9b49306
AG		 1121static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1122 struct sk_buff *skb)
1123{
1124 struct hci_cp_read_local_ext_features cp;
1125 __u8 status = *((__u8 *) skb->data);
1126
1127 BT_DBG("%s status 0x%x", hdev->name, status);
1128
1129 if (status)
1130 return;
1131
1132 cp.page = 0x01;
1133 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1134}
1135
a9de9248
MH		 1136static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1137{
1138 BT_DBG("%s status 0x%x", hdev->name, status);
1139
1140 if (status) {
23bb5763 1141 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1142 hci_conn_check_pending(hdev);
56e5cb86 1143 hci_dev_lock(hdev);
a8b2d5c2 1144 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1145 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1146 hci_dev_unlock(hdev);
314b2381
JH		 1147 return;
1148 }
1149
89352e7d
AG		 1150 set_bit(HCI_INQUIRY, &hdev->flags);
1151
56e5cb86 1152 hci_dev_lock(hdev);
30dc78e1 1153 hci_discovery_set_state(hdev, DISCOVERY_INQUIRY);
56e5cb86 1154 hci_dev_unlock(hdev);
1da177e4
LT		 1155}
1156
1da177e4
LT		 1157static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1158{
a9de9248 1159 struct hci_cp_create_conn *cp;
1da177e4 1160 struct hci_conn *conn;
1da177e4 1161
a9de9248
MH		 1162 BT_DBG("%s status 0x%x", hdev->name, status);
1163
1164 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1165 if (!cp)
1166 return;
1167
1168 hci_dev_lock(hdev);
1169
1170 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1171
a9de9248 1172 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1173
1174 if (status) {
1175 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1176 if (status != 0x0c || conn->attempt > 2) {
1177 conn->state = BT_CLOSED;
1178 hci_proto_connect_cfm(conn, status);
1179 hci_conn_del(conn);
1180 } else
1181 conn->state = BT_CONNECT2;
1da177e4
LT		 1182 }
1183 } else {
1184 if (!conn) {
1185 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1186 if (conn) {
a0c808b3 1187 conn->out = true;
1da177e4
LT		 1188 conn->link_mode |= HCI_LM_MASTER;
1189 } else
893ef971 1190 BT_ERR("No memory for new connection");
1da177e4
LT		 1191 }
1192 }
1193
1194 hci_dev_unlock(hdev);
1195}
1196
a9de9248 1197static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1198{
a9de9248
MH		 1199 struct hci_cp_add_sco *cp;
1200 struct hci_conn *acl, *sco;
1201 __u16 handle;
1da177e4 1202
b6a0dc82
MH		 1203 BT_DBG("%s status 0x%x", hdev->name, status);
1204
a9de9248
MH		 1205 if (!status)
1206 return;
1da177e4 1207
a9de9248
MH		 1208 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1209 if (!cp)
1210 return;
1da177e4 1211
a9de9248 1212 handle = __le16_to_cpu(cp->handle);
1da177e4 1213
a9de9248 1214 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1215
a9de9248 1216 hci_dev_lock(hdev);
1da177e4 1217
a9de9248 1218 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1219 if (acl) {
1220 sco = acl->link;
1221 if (sco) {
1222 sco->state = BT_CLOSED;
1da177e4 1223
5a08ecce
AE		 1224 hci_proto_connect_cfm(sco, status);
1225 hci_conn_del(sco);
1226 }
a9de9248 1227 }
1da177e4 1228
a9de9248
MH		 1229 hci_dev_unlock(hdev);
1230}
1da177e4 1231
f8558555
MH		 1232static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1233{
1234 struct hci_cp_auth_requested *cp;
1235 struct hci_conn *conn;
1236
1237 BT_DBG("%s status 0x%x", hdev->name, status);
1238
1239 if (!status)
1240 return;
1241
1242 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1243 if (!cp)
1244 return;
1245
1246 hci_dev_lock(hdev);
1247
1248 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1249 if (conn) {
1250 if (conn->state == BT_CONFIG) {
1251 hci_proto_connect_cfm(conn, status);
1252 hci_conn_put(conn);
1253 }
1254 }
1255
1256 hci_dev_unlock(hdev);
1257}
1258
1259static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1260{
1261 struct hci_cp_set_conn_encrypt *cp;
1262 struct hci_conn *conn;
1263
1264 BT_DBG("%s status 0x%x", hdev->name, status);
1265
1266 if (!status)
1267 return;
1268
1269 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1270 if (!cp)
1271 return;
1272
1273 hci_dev_lock(hdev);
1274
1275 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1276 if (conn) {
1277 if (conn->state == BT_CONFIG) {
1278 hci_proto_connect_cfm(conn, status);
1279 hci_conn_put(conn);
1280 }
1281 }
1282
1283 hci_dev_unlock(hdev);
1284}
1285
127178d2 1286static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1287 struct hci_conn *conn)
392599b9 1288{
392599b9
JH		 1289 if (conn->state != BT_CONFIG || !conn->out)
1290 return 0;
1291
765c2a96 1292 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1293 return 0;
1294
1295 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1296 * devices with sec_level HIGH or if MITM protection is requested */
aa64a8b5 1297 if (!hci_conn_ssp_enabled(conn) &&
e9bf2bf0
VCG		 1298 conn->pending_sec_level != BT_SECURITY_HIGH &&
1299 !(conn->auth_type & 0x01))
392599b9
JH		 1300 return 0;
1301
392599b9
JH		 1302 return 1;
1303}
1304
30dc78e1
JH		 1305static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1306{
1307 struct hci_cp_remote_name_req cp;
1308
1309 memset(&cp, 0, sizeof(cp));
1310
1311 bacpy(&cp.bdaddr, &e->data.bdaddr);
1312 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1313 cp.pscan_mode = e->data.pscan_mode;
1314 cp.clock_offset = e->data.clock_offset;
1315
1316 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1317}
1318
b644ba33 1319static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1320{
1321 struct discovery_state *discov = &hdev->discovery;
1322 struct inquiry_entry *e;
1323
b644ba33
JH		 1324 if (list_empty(&discov->resolve))
1325 return false;
1326
1327 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1328 if (hci_resolve_name(hdev, e) == 0) {
1329 e->name_state = NAME_PENDING;
1330 return true;
1331 }
1332
1333 return false;
1334}
1335
1336static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1337 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1338{
1339 struct discovery_state *discov = &hdev->discovery;
1340 struct inquiry_entry *e;
1341
1342 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1343 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1344 name, name_len, conn->dev_class);
1345
1346 if (discov->state == DISCOVERY_STOPPED)
1347 return;
1348
30dc78e1
JH		 1349 if (discov->state == DISCOVERY_STOPPING)
1350 goto discov_complete;
1351
1352 if (discov->state != DISCOVERY_RESOLVING)
1353 return;
1354
1355 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1356 if (e) {
1357 e->name_state = NAME_KNOWN;
1358 list_del(&e->list);
b644ba33
JH		 1359 if (name)
1360 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1361 e->data.rssi, name, name_len);
30dc78e1
JH		 1362 }
1363
b644ba33 1364 if (hci_resolve_next_name(hdev))
30dc78e1 1365 return;
30dc78e1
JH		 1366
1367discov_complete:
1368 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1369}
1370
a9de9248
MH		 1371static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1372{
127178d2
JH		 1373 struct hci_cp_remote_name_req *cp;
1374 struct hci_conn *conn;
1375
a9de9248 1376 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1377
1378 /* If successful wait for the name req complete event before
1379 * checking for the need to do authentication */
1380 if (!status)
1381 return;
1382
1383 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1384 if (!cp)
1385 return;
1386
1387 hci_dev_lock(hdev);
1388
b644ba33
JH		 1389 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1390
a8b2d5c2 1391 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1392 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1393
79c6c70c
JH		 1394 if (!conn)
1395 goto unlock;
1396
1397 if (!hci_outgoing_auth_needed(hdev, conn))
1398 goto unlock;
1399
51a8efd7 1400 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1401 struct hci_cp_auth_requested cp;
1402 cp.handle = __cpu_to_le16(conn->handle);
1403 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1404 }
1405
79c6c70c 1406unlock:
127178d2 1407 hci_dev_unlock(hdev);
a9de9248 1408}
1da177e4 1409
769be974
MH		 1410static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1411{
1412 struct hci_cp_read_remote_features *cp;
1413 struct hci_conn *conn;
1414
1415 BT_DBG("%s status 0x%x", hdev->name, status);
1416
1417 if (!status)
1418 return;
1419
1420 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1421 if (!cp)
1422 return;
1423
1424 hci_dev_lock(hdev);
1425
1426 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1427 if (conn) {
1428 if (conn->state == BT_CONFIG) {
769be974
MH		 1429 hci_proto_connect_cfm(conn, status);
1430 hci_conn_put(conn);
1431 }
1432 }
1433
1434 hci_dev_unlock(hdev);
1435}
1436
1437static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1438{
1439 struct hci_cp_read_remote_ext_features *cp;
1440 struct hci_conn *conn;
1441
1442 BT_DBG("%s status 0x%x", hdev->name, status);
1443
1444 if (!status)
1445 return;
1446
1447 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1448 if (!cp)
1449 return;
1450
1451 hci_dev_lock(hdev);
1452
1453 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1454 if (conn) {
1455 if (conn->state == BT_CONFIG) {
769be974
MH		 1456 hci_proto_connect_cfm(conn, status);
1457 hci_conn_put(conn);
1458 }
1459 }
1460
1461 hci_dev_unlock(hdev);
1462}
1463
a9de9248
MH		 1464static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1465{
b6a0dc82
MH		 1466 struct hci_cp_setup_sync_conn *cp;
1467 struct hci_conn *acl, *sco;
1468 __u16 handle;
1469
a9de9248 1470 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1471
1472 if (!status)
1473 return;
1474
1475 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1476 if (!cp)
1477 return;
1478
1479 handle = __le16_to_cpu(cp->handle);
1480
1481 BT_DBG("%s handle %d", hdev->name, handle);
1482
1483 hci_dev_lock(hdev);
1484
1485 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1486 if (acl) {
1487 sco = acl->link;
1488 if (sco) {
1489 sco->state = BT_CLOSED;
b6a0dc82 1490
5a08ecce
AE		 1491 hci_proto_connect_cfm(sco, status);
1492 hci_conn_del(sco);
1493 }
b6a0dc82
MH		 1494 }
1495
1496 hci_dev_unlock(hdev);
1da177e4
LT		 1497}
1498
a9de9248 1499static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1500{
a9de9248
MH		 1501 struct hci_cp_sniff_mode *cp;
1502 struct hci_conn *conn;
1da177e4 1503
a9de9248 1504 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1505
a9de9248
MH		 1506 if (!status)
1507 return;
04837f64 1508
a9de9248
MH		 1509 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1510 if (!cp)
1511 return;
04837f64 1512
a9de9248 1513 hci_dev_lock(hdev);
04837f64 1514
a9de9248 1515 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1516 if (conn) {
51a8efd7 1517 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1518
51a8efd7 1519 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1520 hci_sco_setup(conn, status);
1521 }
1522
a9de9248
MH		 1523 hci_dev_unlock(hdev);
1524}
04837f64 1525
a9de9248
MH		 1526static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1527{
1528 struct hci_cp_exit_sniff_mode *cp;
1529 struct hci_conn *conn;
04837f64 1530
a9de9248 1531 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1532
a9de9248
MH		 1533 if (!status)
1534 return;
04837f64 1535
a9de9248
MH		 1536 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1537 if (!cp)
1538 return;
04837f64 1539
a9de9248 1540 hci_dev_lock(hdev);
1da177e4 1541
a9de9248 1542 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1543 if (conn) {
51a8efd7 1544 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1545
51a8efd7 1546 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1547 hci_sco_setup(conn, status);
1548 }
1549
a9de9248 1550 hci_dev_unlock(hdev);
1da177e4
LT		 1551}
1552
88c3df13
JH		 1553static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1554{
1555 struct hci_cp_disconnect *cp;
1556 struct hci_conn *conn;
1557
1558 if (!status)
1559 return;
1560
1561 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1562 if (!cp)
1563 return;
1564
1565 hci_dev_lock(hdev);
1566
1567 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1568 if (conn)
1569 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1570 conn->dst_type, status);
1571
1572 hci_dev_unlock(hdev);
1573}
1574
fcd89c09
VT		 1575static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1576{
1577 struct hci_cp_le_create_conn *cp;
1578 struct hci_conn *conn;
1579
1580 BT_DBG("%s status 0x%x", hdev->name, status);
1581
1582 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1583 if (!cp)
1584 return;
1585
1586 hci_dev_lock(hdev);
1587
1588 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1589
1590 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1591 conn);
1592
1593 if (status) {
1594 if (conn && conn->state == BT_CONNECT) {
1595 conn->state = BT_CLOSED;
1596 hci_proto_connect_cfm(conn, status);
1597 hci_conn_del(conn);
1598 }
1599 } else {
1600 if (!conn) {
1601 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1602 if (conn) {
1603 conn->dst_type = cp->peer_addr_type;
a0c808b3 1604 conn->out = true;
29b7988a 1605 } else {
fcd89c09 1606 BT_ERR("No memory for new connection");
29b7988a 1607 }
fcd89c09
VT		 1608 }
1609 }
1610
1611 hci_dev_unlock(hdev);
1612}
1613
a7a595f6
VCG		 1614static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1615{
1616 BT_DBG("%s status 0x%x", hdev->name, status);
1617}
1618
1da177e4
LT		 1619static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1620{
1621 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1622 struct discovery_state *discov = &hdev->discovery;
1623 struct inquiry_entry *e;
1da177e4
LT		 1624
1625 BT_DBG("%s status %d", hdev->name, status);
1626
23bb5763 1627 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1628
a9de9248 1629 hci_conn_check_pending(hdev);
89352e7d
AG		 1630
1631 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1632 return;
1633
a8b2d5c2 1634 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1635 return;
1636
56e5cb86 1637 hci_dev_lock(hdev);
30dc78e1
JH		 1638
1639 if (discov->state != DISCOVERY_INQUIRY)
1640 goto unlock;
1641
1642 if (list_empty(&discov->resolve)) {
1643 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1644 goto unlock;
1645 }
1646
1647 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1648 if (e && hci_resolve_name(hdev, e) == 0) {
1649 e->name_state = NAME_PENDING;
1650 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1651 } else {
1652 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1653 }
1654
1655unlock:
56e5cb86 1656 hci_dev_unlock(hdev);
1da177e4
LT		 1657}
1658
1da177e4
LT		 1659static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1660{
45bb4bf0 1661 struct inquiry_data data;
a9de9248 1662 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1663 int num_rsp = *((__u8 *) skb->data);
1664
1665 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1666
45bb4bf0
MH		 1667 if (!num_rsp)
1668 return;
1669
1da177e4 1670 hci_dev_lock(hdev);
45bb4bf0 1671
e17acd40 1672 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1673 bool name_known;
1674
1da177e4
LT		 1675 bacpy(&data.bdaddr, &info->bdaddr);
1676 data.pscan_rep_mode = info->pscan_rep_mode;
1677 data.pscan_period_mode = info->pscan_period_mode;
1678 data.pscan_mode = info->pscan_mode;
1679 memcpy(data.dev_class, info->dev_class, 3);
1680 data.clock_offset = info->clock_offset;
1681 data.rssi = 0x00;
41a96212 1682 data.ssp_mode = 0x00;
3175405b
JH		 1683
1684 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1685 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1686 info->dev_class, 0, !name_known,
1687 NULL, 0);
1da177e4 1688 }
45bb4bf0 1689
1da177e4
LT		 1690 hci_dev_unlock(hdev);
1691}
1692
1da177e4
LT		 1693static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1694{
a9de9248
MH		 1695 struct hci_ev_conn_complete *ev = (void *) skb->data;
1696 struct hci_conn *conn;
1da177e4
LT		 1697
1698 BT_DBG("%s", hdev->name);
1699
1700 hci_dev_lock(hdev);
1701
1702 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1703 if (!conn) {
1704 if (ev->link_type != SCO_LINK)
1705 goto unlock;
1706
1707 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1708 if (!conn)
1709 goto unlock;
1710
1711 conn->type = SCO_LINK;
1712 }
1da177e4
LT		 1713
1714 if (!ev->status) {
1715 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1716
1717 if (conn->type == ACL_LINK) {
1718 conn->state = BT_CONFIG;
1719 hci_conn_hold(conn);
052b30b0 1720 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1721 } else
1722 conn->state = BT_CONNECTED;
1da177e4 1723
9eba32b8 1724 hci_conn_hold_device(conn);
7d0db0a3
MH		 1725 hci_conn_add_sysfs(conn);
1726
1da177e4
LT		 1727 if (test_bit(HCI_AUTH, &hdev->flags))
1728 conn->link_mode |= HCI_LM_AUTH;
1729
1730 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1731 conn->link_mode |= HCI_LM_ENCRYPT;
1732
04837f64
MH		 1733 /* Get remote features */
1734 if (conn->type == ACL_LINK) {
1735 struct hci_cp_read_remote_features cp;
1736 cp.handle = ev->handle;
769be974
MH		 1737 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1738 sizeof(cp), &cp);
04837f64
MH		 1739 }
1740
1da177e4 1741 /* Set packet type for incoming connection */
d095c1eb 1742 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1743 struct hci_cp_change_conn_ptype cp;
1744 cp.handle = ev->handle;
a8746417
MH		 1745 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1746 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1747 sizeof(cp), &cp);
1da177e4 1748 }
17d5c04c 1749 } else {
1da177e4 1750 conn->state = BT_CLOSED;
17d5c04c 1751 if (conn->type == ACL_LINK)
744cf19e 1752 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1753 conn->dst_type, ev->status);
17d5c04c 1754 }
1da177e4 1755
e73439d8
MH		 1756 if (conn->type == ACL_LINK)
1757 hci_sco_setup(conn, ev->status);
1da177e4 1758
769be974
MH		 1759 if (ev->status) {
1760 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1761 hci_conn_del(conn);
c89b6e6b
MH		 1762 } else if (ev->link_type != ACL_LINK)
1763 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1764
a9de9248 1765unlock:
1da177e4 1766 hci_dev_unlock(hdev);
1da177e4 1767
a9de9248 1768 hci_conn_check_pending(hdev);
1da177e4
LT		 1769}
1770
a9de9248 1771static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1772{
a9de9248
MH		 1773 struct hci_ev_conn_request *ev = (void *) skb->data;
1774 int mask = hdev->link_mode;
1da177e4 1775
a9de9248
MH		 1776 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1777 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1778
a9de9248 1779 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1780
138d22ef
SJ		 1781 if ((mask & HCI_LM_ACCEPT) &&
1782 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1783 /* Connection accepted */
c7bdd502 1784 struct inquiry_entry *ie;
1da177e4 1785 struct hci_conn *conn;
1da177e4 1786
a9de9248 1787 hci_dev_lock(hdev);
b6a0dc82 1788
cc11b9c1
AE		 1789 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1790 if (ie)
c7bdd502
MH		 1791 memcpy(ie->data.dev_class, ev->dev_class, 3);
1792
a9de9248
MH		 1793 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1794 if (!conn) {
cc11b9c1
AE		 1795 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1796 if (!conn) {
893ef971 1797 BT_ERR("No memory for new connection");
a9de9248
MH		 1798 hci_dev_unlock(hdev);
1799 return;
1da177e4
LT		 1800 }
1801 }
b6a0dc82 1802
a9de9248
MH		 1803 memcpy(conn->dev_class, ev->dev_class, 3);
1804 conn->state = BT_CONNECT;
b6a0dc82 1805
a9de9248 1806 hci_dev_unlock(hdev);
1da177e4 1807
b6a0dc82
MH		 1808 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1809 struct hci_cp_accept_conn_req cp;
1da177e4 1810
b6a0dc82
MH		 1811 bacpy(&cp.bdaddr, &ev->bdaddr);
1812
1813 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1814 cp.role = 0x00; /* Become master */
1815 else
1816 cp.role = 0x01; /* Remain slave */
1817
1818 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1819 sizeof(cp), &cp);
1820 } else {
1821 struct hci_cp_accept_sync_conn_req cp;
1822
1823 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1824 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1825
1826 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1827 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1828 cp.max_latency = cpu_to_le16(0xffff);
1829 cp.content_format = cpu_to_le16(hdev->voice_setting);
1830 cp.retrans_effort = 0xff;
1da177e4 1831
b6a0dc82
MH		 1832 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1833 sizeof(cp), &cp);
1834 }
a9de9248
MH		 1835 } else {
1836 /* Connection rejected */
1837 struct hci_cp_reject_conn_req cp;
1da177e4 1838
a9de9248 1839 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1840 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1841 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1842 }
1da177e4
LT		 1843}
1844
a9de9248 1845static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1846{
a9de9248 1847 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1848 struct hci_conn *conn;
1849
1850 BT_DBG("%s status %d", hdev->name, ev->status);
1851
1852 hci_dev_lock(hdev);
1853
1854 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1855 if (!conn)
1856 goto unlock;
7d0db0a3 1857
37d9ef76
JH		 1858 if (ev->status == 0)
1859 conn->state = BT_CLOSED;
04837f64 1860
b644ba33
JH		 1861 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1862 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76 1863 if (ev->status != 0)
88c3df13
JH		 1864 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1865 conn->dst_type, ev->status);
37d9ef76 1866 else
afc747a6 1867 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1868 conn->dst_type);
37d9ef76 1869 }
f7520543 1870
37d9ef76
JH		 1871 if (ev->status == 0) {
1872 hci_proto_disconn_cfm(conn, ev->reason);
1873 hci_conn_del(conn);
1874 }
f7520543
JH		 1875
1876unlock:
04837f64
MH		 1877 hci_dev_unlock(hdev);
1878}
1879
1da177e4
LT		 1880static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1881{
a9de9248 1882 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1883 struct hci_conn *conn;
1da177e4
LT		 1884
1885 BT_DBG("%s status %d", hdev->name, ev->status);
1886
1887 hci_dev_lock(hdev);
1888
04837f64 1889 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1890 if (!conn)
1891 goto unlock;
1892
1893 if (!ev->status) {
aa64a8b5
JH		 1894 if (!hci_conn_ssp_enabled(conn) &&
1895 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1896 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1897 } else {
d7556e20
WR		 1898 conn->link_mode |= HCI_LM_AUTH;
1899 conn->sec_level = conn->pending_sec_level;
2a611692 1900 }
d7556e20 1901 } else {
744cf19e 1902 mgmt_auth_failed(hdev, &conn->dst, ev->status);
d7556e20 1903 }
1da177e4 1904
51a8efd7
JH		 1905 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1906 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1907
d7556e20 1908 if (conn->state == BT_CONFIG) {
aa64a8b5 1909 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1910 struct hci_cp_set_conn_encrypt cp;
1911 cp.handle = ev->handle;
1912 cp.encrypt = 0x01;
1913 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1914 &cp);
052b30b0 1915 } else {
d7556e20
WR		 1916 conn->state = BT_CONNECTED;
1917 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1918 hci_conn_put(conn);
1919 }
d7556e20
WR		 1920 } else {
1921 hci_auth_cfm(conn, ev->status);
052b30b0 1922
d7556e20
WR		 1923 hci_conn_hold(conn);
1924 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1925 hci_conn_put(conn);
1926 }
1927
51a8efd7 1928 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1929 if (!ev->status) {
1930 struct hci_cp_set_conn_encrypt cp;
1931 cp.handle = ev->handle;
1932 cp.encrypt = 0x01;
1933 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1934 &cp);
1935 } else {
51a8efd7 1936 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1937 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1938 }
1939 }
1940
d7556e20 1941unlock:
1da177e4
LT		 1942 hci_dev_unlock(hdev);
1943}
1944
a9de9248 1945static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1946{
127178d2
JH		 1947 struct hci_ev_remote_name *ev = (void *) skb->data;
1948 struct hci_conn *conn;
1949
a9de9248 1950 BT_DBG("%s", hdev->name);
1da177e4 1951
a9de9248 1952 hci_conn_check_pending(hdev);
127178d2
JH		 1953
1954 hci_dev_lock(hdev);
1955
b644ba33 1956 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1957
b644ba33
JH		 1958 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1959 goto check_auth;
a88a9652 1960
b644ba33
JH		 1961 if (ev->status == 0)
1962 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1963 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1964 else
1965 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1966
1967check_auth:
79c6c70c
JH		 1968 if (!conn)
1969 goto unlock;
1970
1971 if (!hci_outgoing_auth_needed(hdev, conn))
1972 goto unlock;
1973
51a8efd7 1974 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1975 struct hci_cp_auth_requested cp;
1976 cp.handle = __cpu_to_le16(conn->handle);
1977 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1978 }
1979
79c6c70c 1980unlock:
127178d2 1981 hci_dev_unlock(hdev);
a9de9248
MH		 1982}
1983
1984static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1985{
1986 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1987 struct hci_conn *conn;
1988
1989 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1990
1991 hci_dev_lock(hdev);
1992
04837f64 1993 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1994 if (conn) {
1995 if (!ev->status) {
ae293196
MH		 1996 if (ev->encrypt) {
1997 /* Encryption implies authentication */
1998 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1999 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2000 conn->sec_level = conn->pending_sec_level;
ae293196 2001 } else
1da177e4
LT		 2002 conn->link_mode &= ~HCI_LM_ENCRYPT;
2003 }
2004
51a8efd7 2005 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2006
f8558555
MH		 2007 if (conn->state == BT_CONFIG) {
2008 if (!ev->status)
2009 conn->state = BT_CONNECTED;
2010
2011 hci_proto_connect_cfm(conn, ev->status);
2012 hci_conn_put(conn);
2013 } else
2014 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2015 }
2016
2017 hci_dev_unlock(hdev);
2018}
2019
a9de9248 2020static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2021{
a9de9248 2022 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2023 struct hci_conn *conn;
1da177e4
LT		 2024
2025 BT_DBG("%s status %d", hdev->name, ev->status);
2026
2027 hci_dev_lock(hdev);
2028
04837f64 2029 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2030 if (conn) {
2031 if (!ev->status)
2032 conn->link_mode |= HCI_LM_SECURE;
2033
51a8efd7 2034 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2035
2036 hci_key_change_cfm(conn, ev->status);
2037 }
2038
2039 hci_dev_unlock(hdev);
2040}
2041
a9de9248 2042static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2043{
a9de9248
MH		 2044 struct hci_ev_remote_features *ev = (void *) skb->data;
2045 struct hci_conn *conn;
2046
2047 BT_DBG("%s status %d", hdev->name, ev->status);
2048
a9de9248
MH		 2049 hci_dev_lock(hdev);
2050
2051 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2052 if (!conn)
2053 goto unlock;
769be974 2054
ccd556fe
JH		 2055 if (!ev->status)
2056 memcpy(conn->features, ev->features, 8);
2057
2058 if (conn->state != BT_CONFIG)
2059 goto unlock;
2060
2061 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2062 struct hci_cp_read_remote_ext_features cp;
2063 cp.handle = ev->handle;
2064 cp.page = 0x01;
2065 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2066 sizeof(cp), &cp);
392599b9
JH		 2067 goto unlock;
2068 }
2069
127178d2
JH		 2070 if (!ev->status) {
2071 struct hci_cp_remote_name_req cp;
2072 memset(&cp, 0, sizeof(cp));
2073 bacpy(&cp.bdaddr, &conn->dst);
2074 cp.pscan_rep_mode = 0x02;
2075 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2076 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2077 mgmt_device_connected(hdev, &conn->dst, conn->type,
2078 conn->dst_type, NULL, 0,
2079 conn->dev_class);
392599b9 2080
127178d2 2081 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2082 conn->state = BT_CONNECTED;
2083 hci_proto_connect_cfm(conn, ev->status);
2084 hci_conn_put(conn);
769be974 2085 }
a9de9248 2086
ccd556fe 2087unlock:
a9de9248 2088 hci_dev_unlock(hdev);
1da177e4
LT		 2089}
2090
a9de9248 2091static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2092{
a9de9248 2093 BT_DBG("%s", hdev->name);
1da177e4
LT		 2094}
2095
a9de9248 2096static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2097{
a9de9248 2098 BT_DBG("%s", hdev->name);
1da177e4
LT		 2099}
2100
a9de9248
MH		 2101static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2102{
2103 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2104 __u16 opcode;
2105
2106 skb_pull(skb, sizeof(*ev));
2107
2108 opcode = __le16_to_cpu(ev->opcode);
2109
2110 switch (opcode) {
2111 case HCI_OP_INQUIRY_CANCEL:
2112 hci_cc_inquiry_cancel(hdev, skb);
2113 break;
2114
2115 case HCI_OP_EXIT_PERIODIC_INQ:
2116 hci_cc_exit_periodic_inq(hdev, skb);
2117 break;
2118
2119 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2120 hci_cc_remote_name_req_cancel(hdev, skb);
2121 break;
2122
2123 case HCI_OP_ROLE_DISCOVERY:
2124 hci_cc_role_discovery(hdev, skb);
2125 break;
2126
e4e8e37c
MH		 2127 case HCI_OP_READ_LINK_POLICY:
2128 hci_cc_read_link_policy(hdev, skb);
2129 break;
2130
a9de9248
MH		 2131 case HCI_OP_WRITE_LINK_POLICY:
2132 hci_cc_write_link_policy(hdev, skb);
2133 break;
2134
e4e8e37c
MH		 2135 case HCI_OP_READ_DEF_LINK_POLICY:
2136 hci_cc_read_def_link_policy(hdev, skb);
2137 break;
2138
2139 case HCI_OP_WRITE_DEF_LINK_POLICY:
2140 hci_cc_write_def_link_policy(hdev, skb);
2141 break;
2142
a9de9248
MH		 2143 case HCI_OP_RESET:
2144 hci_cc_reset(hdev, skb);
2145 break;
2146
2147 case HCI_OP_WRITE_LOCAL_NAME:
2148 hci_cc_write_local_name(hdev, skb);
2149 break;
2150
2151 case HCI_OP_READ_LOCAL_NAME:
2152 hci_cc_read_local_name(hdev, skb);
2153 break;
2154
2155 case HCI_OP_WRITE_AUTH_ENABLE:
2156 hci_cc_write_auth_enable(hdev, skb);
2157 break;
2158
2159 case HCI_OP_WRITE_ENCRYPT_MODE:
2160 hci_cc_write_encrypt_mode(hdev, skb);
2161 break;
2162
2163 case HCI_OP_WRITE_SCAN_ENABLE:
2164 hci_cc_write_scan_enable(hdev, skb);
2165 break;
2166
2167 case HCI_OP_READ_CLASS_OF_DEV:
2168 hci_cc_read_class_of_dev(hdev, skb);
2169 break;
2170
2171 case HCI_OP_WRITE_CLASS_OF_DEV:
2172 hci_cc_write_class_of_dev(hdev, skb);
2173 break;
2174
2175 case HCI_OP_READ_VOICE_SETTING:
2176 hci_cc_read_voice_setting(hdev, skb);
2177 break;
2178
2179 case HCI_OP_WRITE_VOICE_SETTING:
2180 hci_cc_write_voice_setting(hdev, skb);
2181 break;
2182
2183 case HCI_OP_HOST_BUFFER_SIZE:
2184 hci_cc_host_buffer_size(hdev, skb);
2185 break;
2186
333140b5
MH		 2187 case HCI_OP_READ_SSP_MODE:
2188 hci_cc_read_ssp_mode(hdev, skb);
2189 break;
2190
2191 case HCI_OP_WRITE_SSP_MODE:
2192 hci_cc_write_ssp_mode(hdev, skb);
2193 break;
2194
a9de9248
MH		 2195 case HCI_OP_READ_LOCAL_VERSION:
2196 hci_cc_read_local_version(hdev, skb);
2197 break;
2198
2199 case HCI_OP_READ_LOCAL_COMMANDS:
2200 hci_cc_read_local_commands(hdev, skb);
2201 break;
2202
2203 case HCI_OP_READ_LOCAL_FEATURES:
2204 hci_cc_read_local_features(hdev, skb);
2205 break;
2206
971e3a4b
AG		 2207 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2208 hci_cc_read_local_ext_features(hdev, skb);
2209 break;
2210
a9de9248
MH		 2211 case HCI_OP_READ_BUFFER_SIZE:
2212 hci_cc_read_buffer_size(hdev, skb);
2213 break;
2214
2215 case HCI_OP_READ_BD_ADDR:
2216 hci_cc_read_bd_addr(hdev, skb);
2217 break;
2218
350ee4cf
AE		 2219 case HCI_OP_READ_DATA_BLOCK_SIZE:
2220 hci_cc_read_data_block_size(hdev, skb);
2221 break;
2222
23bb5763
JH		 2223 case HCI_OP_WRITE_CA_TIMEOUT:
2224 hci_cc_write_ca_timeout(hdev, skb);
2225 break;
2226
1e89cffb
AE		 2227 case HCI_OP_READ_FLOW_CONTROL_MODE:
2228 hci_cc_read_flow_control_mode(hdev, skb);
2229 break;
2230
928abaa7
AE		 2231 case HCI_OP_READ_LOCAL_AMP_INFO:
2232 hci_cc_read_local_amp_info(hdev, skb);
2233 break;
2234
b0916ea0
JH		 2235 case HCI_OP_DELETE_STORED_LINK_KEY:
2236 hci_cc_delete_stored_link_key(hdev, skb);
2237 break;
2238
d5859e22
JH		 2239 case HCI_OP_SET_EVENT_MASK:
2240 hci_cc_set_event_mask(hdev, skb);
2241 break;
2242
2243 case HCI_OP_WRITE_INQUIRY_MODE:
2244 hci_cc_write_inquiry_mode(hdev, skb);
2245 break;
2246
2247 case HCI_OP_READ_INQ_RSP_TX_POWER:
2248 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2249 break;
2250
2251 case HCI_OP_SET_EVENT_FLT:
2252 hci_cc_set_event_flt(hdev, skb);
2253 break;
2254
980e1a53
JH		 2255 case HCI_OP_PIN_CODE_REPLY:
2256 hci_cc_pin_code_reply(hdev, skb);
2257 break;
2258
2259 case HCI_OP_PIN_CODE_NEG_REPLY:
2260 hci_cc_pin_code_neg_reply(hdev, skb);
2261 break;
2262
c35938b2
SJ		 2263 case HCI_OP_READ_LOCAL_OOB_DATA:
2264 hci_cc_read_local_oob_data_reply(hdev, skb);
2265 break;
2266
6ed58ec5
VT		 2267 case HCI_OP_LE_READ_BUFFER_SIZE:
2268 hci_cc_le_read_buffer_size(hdev, skb);
2269 break;
2270
a5c29683
JH		 2271 case HCI_OP_USER_CONFIRM_REPLY:
2272 hci_cc_user_confirm_reply(hdev, skb);
2273 break;
2274
2275 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2276 hci_cc_user_confirm_neg_reply(hdev, skb);
2277 break;
2278
1143d458
BG		 2279 case HCI_OP_USER_PASSKEY_REPLY:
2280 hci_cc_user_passkey_reply(hdev, skb);
2281 break;
2282
2283 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2284 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2285
2286 case HCI_OP_LE_SET_SCAN_PARAM:
2287 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2288 break;
2289
eb9d91f5
AG		 2290 case HCI_OP_LE_SET_SCAN_ENABLE:
2291 hci_cc_le_set_scan_enable(hdev, skb);
2292 break;
2293
a7a595f6
VCG		 2294 case HCI_OP_LE_LTK_REPLY:
2295 hci_cc_le_ltk_reply(hdev, skb);
2296 break;
2297
2298 case HCI_OP_LE_LTK_NEG_REPLY:
2299 hci_cc_le_ltk_neg_reply(hdev, skb);
2300 break;
2301
f9b49306
AG		 2302 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2303 hci_cc_write_le_host_supported(hdev, skb);
2304 break;
2305
a9de9248
MH		 2306 default:
2307 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2308 break;
2309 }
2310
6bd32326
VT		 2311 if (ev->opcode != HCI_OP_NOP)
2312 del_timer(&hdev->cmd_timer);
2313
a9de9248
MH		 2314 if (ev->ncmd) {
2315 atomic_set(&hdev->cmd_cnt, 1);
2316 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2317 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2318 }
2319}
2320
2321static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2322{
2323 struct hci_ev_cmd_status *ev = (void *) skb->data;
2324 __u16 opcode;
2325
2326 skb_pull(skb, sizeof(*ev));
2327
2328 opcode = __le16_to_cpu(ev->opcode);
2329
2330 switch (opcode) {
2331 case HCI_OP_INQUIRY:
2332 hci_cs_inquiry(hdev, ev->status);
2333 break;
2334
2335 case HCI_OP_CREATE_CONN:
2336 hci_cs_create_conn(hdev, ev->status);
2337 break;
2338
2339 case HCI_OP_ADD_SCO:
2340 hci_cs_add_sco(hdev, ev->status);
2341 break;
2342
f8558555
MH		 2343 case HCI_OP_AUTH_REQUESTED:
2344 hci_cs_auth_requested(hdev, ev->status);
2345 break;
2346
2347 case HCI_OP_SET_CONN_ENCRYPT:
2348 hci_cs_set_conn_encrypt(hdev, ev->status);
2349 break;
2350
a9de9248
MH		 2351 case HCI_OP_REMOTE_NAME_REQ:
2352 hci_cs_remote_name_req(hdev, ev->status);
2353 break;
2354
769be974
MH		 2355 case HCI_OP_READ_REMOTE_FEATURES:
2356 hci_cs_read_remote_features(hdev, ev->status);
2357 break;
2358
2359 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2360 hci_cs_read_remote_ext_features(hdev, ev->status);
2361 break;
2362
a9de9248
MH		 2363 case HCI_OP_SETUP_SYNC_CONN:
2364 hci_cs_setup_sync_conn(hdev, ev->status);
2365 break;
2366
2367 case HCI_OP_SNIFF_MODE:
2368 hci_cs_sniff_mode(hdev, ev->status);
2369 break;
2370
2371 case HCI_OP_EXIT_SNIFF_MODE:
2372 hci_cs_exit_sniff_mode(hdev, ev->status);
2373 break;
2374
8962ee74 2375 case HCI_OP_DISCONNECT:
88c3df13 2376 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2377 break;
2378
fcd89c09
VT		 2379 case HCI_OP_LE_CREATE_CONN:
2380 hci_cs_le_create_conn(hdev, ev->status);
2381 break;
2382
a7a595f6
VCG		 2383 case HCI_OP_LE_START_ENC:
2384 hci_cs_le_start_enc(hdev, ev->status);
2385 break;
2386
a9de9248
MH		 2387 default:
2388 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2389 break;
2390 }
2391
6bd32326
VT		 2392 if (ev->opcode != HCI_OP_NOP)
2393 del_timer(&hdev->cmd_timer);
2394
10572132 2395 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2396 atomic_set(&hdev->cmd_cnt, 1);
2397 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2398 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2399 }
2400}
2401
2402static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2403{
2404 struct hci_ev_role_change *ev = (void *) skb->data;
2405 struct hci_conn *conn;
2406
2407 BT_DBG("%s status %d", hdev->name, ev->status);
2408
2409 hci_dev_lock(hdev);
2410
2411 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2412 if (conn) {
2413 if (!ev->status) {
2414 if (ev->role)
2415 conn->link_mode &= ~HCI_LM_MASTER;
2416 else
2417 conn->link_mode |= HCI_LM_MASTER;
2418 }
2419
51a8efd7 2420 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2421
2422 hci_role_switch_cfm(conn, ev->status, ev->role);
2423 }
2424
2425 hci_dev_unlock(hdev);
2426}
2427
2428static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2429{
2430 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2431 int i;
2432
32ac5b9b
AE		 2433 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2434 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2435 return;
2436 }
2437
c5993de8
AE		 2438 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2439 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2440 BT_DBG("%s bad parameters", hdev->name);
2441 return;
2442 }
2443
c5993de8
AE		 2444 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2445
613a1c0c
AE		 2446 for (i = 0; i < ev->num_hndl; i++) {
2447 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2448 struct hci_conn *conn;
2449 __u16 handle, count;
2450
613a1c0c
AE		 2451 handle = __le16_to_cpu(info->handle);
2452 count = __le16_to_cpu(info->count);
a9de9248
MH		 2453
2454 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2455 if (!conn)
2456 continue;
2457
2458 conn->sent -= count;
2459
2460 switch (conn->type) {
2461 case ACL_LINK:
2462 hdev->acl_cnt += count;
2463 if (hdev->acl_cnt > hdev->acl_pkts)
2464 hdev->acl_cnt = hdev->acl_pkts;
2465 break;
2466
2467 case LE_LINK:
2468 if (hdev->le_pkts) {
2469 hdev->le_cnt += count;
2470 if (hdev->le_cnt > hdev->le_pkts)
2471 hdev->le_cnt = hdev->le_pkts;
2472 } else {
70f23020
AE		 2473 hdev->acl_cnt += count;
2474 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2475 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2476 }
f4280918
AE		 2477 break;
2478
2479 case SCO_LINK:
2480 hdev->sco_cnt += count;
2481 if (hdev->sco_cnt > hdev->sco_pkts)
2482 hdev->sco_cnt = hdev->sco_pkts;
2483 break;
2484
2485 default:
2486 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2487 break;
a9de9248
MH		 2488 }
2489 }
2490
3eff45ea 2491 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2492}
2493
25e89e99
AE		 2494static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2495 struct sk_buff *skb)
2496{
2497 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2498 int i;
2499
2500 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2501 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2502 return;
2503 }
2504
2505 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2506 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2507 BT_DBG("%s bad parameters", hdev->name);
2508 return;
2509 }
2510
2511 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2512 ev->num_hndl);
2513
2514 for (i = 0; i < ev->num_hndl; i++) {
2515 struct hci_comp_blocks_info *info = &ev->handles[i];
2516 struct hci_conn *conn;
2517 __u16 handle, block_count;
2518
2519 handle = __le16_to_cpu(info->handle);
2520 block_count = __le16_to_cpu(info->blocks);
2521
2522 conn = hci_conn_hash_lookup_handle(hdev, handle);
2523 if (!conn)
2524 continue;
2525
2526 conn->sent -= block_count;
2527
2528 switch (conn->type) {
2529 case ACL_LINK:
2530 hdev->block_cnt += block_count;
2531 if (hdev->block_cnt > hdev->num_blocks)
2532 hdev->block_cnt = hdev->num_blocks;
2533 break;
2534
2535 default:
2536 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2537 break;
2538 }
2539 }
2540
2541 queue_work(hdev->workqueue, &hdev->tx_work);
2542}
2543
a9de9248 2544static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2545{
a9de9248 2546 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2547 struct hci_conn *conn;
2548
2549 BT_DBG("%s status %d", hdev->name, ev->status);
2550
2551 hci_dev_lock(hdev);
2552
2553 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2554 if (conn) {
2555 conn->mode = ev->mode;
2556 conn->interval = __le16_to_cpu(ev->interval);
2557
51a8efd7 2558 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2559 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2560 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2561 else
58a681ef 2562 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2563 }
e73439d8 2564
51a8efd7 2565 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2566 hci_sco_setup(conn, ev->status);
04837f64
MH		 2567 }
2568
2569 hci_dev_unlock(hdev);
2570}
2571
a9de9248
MH		 2572static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2573{
052b30b0
MH		 2574 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2575 struct hci_conn *conn;
2576
a9de9248 2577 BT_DBG("%s", hdev->name);
052b30b0
MH		 2578
2579 hci_dev_lock(hdev);
2580
2581 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2582 if (!conn)
2583 goto unlock;
2584
2585 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2586 hci_conn_hold(conn);
2587 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2588 hci_conn_put(conn);
2589 }
2590
a8b2d5c2 2591 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2592 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2593 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2594 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2595 u8 secure;
2596
2597 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2598 secure = 1;
2599 else
2600 secure = 0;
2601
744cf19e 2602 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2603 }
980e1a53 2604
b6f98044 2605unlock:
052b30b0 2606 hci_dev_unlock(hdev);
a9de9248
MH		 2607}
2608
2609static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2610{
55ed8ca1
JH		 2611 struct hci_ev_link_key_req *ev = (void *) skb->data;
2612 struct hci_cp_link_key_reply cp;
2613 struct hci_conn *conn;
2614 struct link_key *key;
2615
a9de9248 2616 BT_DBG("%s", hdev->name);
55ed8ca1 2617
a8b2d5c2 2618 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2619 return;
2620
2621 hci_dev_lock(hdev);
2622
2623 key = hci_find_link_key(hdev, &ev->bdaddr);
2624 if (!key) {
2625 BT_DBG("%s link key not found for %s", hdev->name,
2626 batostr(&ev->bdaddr));
2627 goto not_found;
2628 }
2629
2630 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2631 batostr(&ev->bdaddr));
2632
a8b2d5c2 2633 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2634 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2635 BT_DBG("%s ignoring debug key", hdev->name);
2636 goto not_found;
2637 }
2638
2639 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2640 if (conn) {
2641 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2642 conn->auth_type != 0xff &&
2643 (conn->auth_type & 0x01)) {
2644 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2645 goto not_found;
2646 }
55ed8ca1 2647
60b83f57
WR		 2648 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2649 conn->pending_sec_level == BT_SECURITY_HIGH) {
2650 BT_DBG("%s ignoring key unauthenticated for high \
2651 security", hdev->name);
2652 goto not_found;
2653 }
2654
2655 conn->key_type = key->type;
2656 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2657 }
2658
2659 bacpy(&cp.bdaddr, &ev->bdaddr);
2660 memcpy(cp.link_key, key->val, 16);
2661
2662 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2663
2664 hci_dev_unlock(hdev);
2665
2666 return;
2667
2668not_found:
2669 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2670 hci_dev_unlock(hdev);
a9de9248
MH		 2671}
2672
2673static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2674{
052b30b0
MH		 2675 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2676 struct hci_conn *conn;
55ed8ca1 2677 u8 pin_len = 0;
052b30b0 2678
a9de9248 2679 BT_DBG("%s", hdev->name);
052b30b0
MH		 2680
2681 hci_dev_lock(hdev);
2682
2683 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2684 if (conn) {
2685 hci_conn_hold(conn);
2686 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2687 pin_len = conn->pin_length;
13d39315
WR		 2688
2689 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2690 conn->key_type = ev->key_type;
2691
052b30b0
MH		 2692 hci_conn_put(conn);
2693 }
2694
a8b2d5c2 2695 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2696 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2697 ev->key_type, pin_len);
2698
052b30b0 2699 hci_dev_unlock(hdev);
a9de9248
MH		 2700}
2701
1da177e4
LT		 2702static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2703{
a9de9248 2704 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2705 struct hci_conn *conn;
1da177e4
LT		 2706
2707 BT_DBG("%s status %d", hdev->name, ev->status);
2708
2709 hci_dev_lock(hdev);
2710
04837f64 2711 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2712 if (conn && !ev->status) {
2713 struct inquiry_entry *ie;
2714
cc11b9c1
AE		 2715 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2716 if (ie) {
1da177e4
LT		 2717 ie->data.clock_offset = ev->clock_offset;
2718 ie->timestamp = jiffies;
2719 }
2720 }
2721
2722 hci_dev_unlock(hdev);
2723}
2724
a8746417
MH		 2725static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2726{
2727 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2728 struct hci_conn *conn;
2729
2730 BT_DBG("%s status %d", hdev->name, ev->status);
2731
2732 hci_dev_lock(hdev);
2733
2734 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2735 if (conn && !ev->status)
2736 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2737
2738 hci_dev_unlock(hdev);
2739}
2740
85a1e930
MH		 2741static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2742{
a9de9248 2743 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2744 struct inquiry_entry *ie;
2745
2746 BT_DBG("%s", hdev->name);
2747
2748 hci_dev_lock(hdev);
2749
cc11b9c1
AE		 2750 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2751 if (ie) {
85a1e930
MH		 2752 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2753 ie->timestamp = jiffies;
2754 }
2755
2756 hci_dev_unlock(hdev);
2757}
2758
a9de9248
MH		 2759static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2760{
2761 struct inquiry_data data;
2762 int num_rsp = *((__u8 *) skb->data);
3175405b 2763 bool name_known;
a9de9248
MH		 2764
2765 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2766
2767 if (!num_rsp)
2768 return;
2769
2770 hci_dev_lock(hdev);
2771
2772 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2773 struct inquiry_info_with_rssi_and_pscan_mode *info;
2774 info = (void *) (skb->data + 1);
a9de9248 2775
e17acd40 2776 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2777 bacpy(&data.bdaddr, &info->bdaddr);
2778 data.pscan_rep_mode = info->pscan_rep_mode;
2779 data.pscan_period_mode = info->pscan_period_mode;
2780 data.pscan_mode = info->pscan_mode;
2781 memcpy(data.dev_class, info->dev_class, 3);
2782 data.clock_offset = info->clock_offset;
2783 data.rssi = info->rssi;
41a96212 2784 data.ssp_mode = 0x00;
3175405b
JH		 2785
2786 name_known = hci_inquiry_cache_update(hdev, &data,
2787 false);
48264f06 2788 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2789 info->dev_class, info->rssi,
7d262f86 2790 !name_known, NULL, 0);
a9de9248
MH		 2791 }
2792 } else {
2793 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2794
e17acd40 2795 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2796 bacpy(&data.bdaddr, &info->bdaddr);
2797 data.pscan_rep_mode = info->pscan_rep_mode;
2798 data.pscan_period_mode = info->pscan_period_mode;
2799 data.pscan_mode = 0x00;
2800 memcpy(data.dev_class, info->dev_class, 3);
2801 data.clock_offset = info->clock_offset;
2802 data.rssi = info->rssi;
41a96212 2803 data.ssp_mode = 0x00;
3175405b
JH		 2804 name_known = hci_inquiry_cache_update(hdev, &data,
2805 false);
48264f06 2806 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2807 info->dev_class, info->rssi,
7d262f86 2808 !name_known, NULL, 0);
a9de9248
MH		 2809 }
2810 }
2811
2812 hci_dev_unlock(hdev);
2813}
2814
2815static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2816{
41a96212
MH		 2817 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2818 struct hci_conn *conn;
2819
a9de9248 2820 BT_DBG("%s", hdev->name);
41a96212 2821
41a96212
MH		 2822 hci_dev_lock(hdev);
2823
2824 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2825 if (!conn)
2826 goto unlock;
41a96212 2827
ccd556fe
JH		 2828 if (!ev->status && ev->page == 0x01) {
2829 struct inquiry_entry *ie;
41a96212 2830
cc11b9c1
AE		 2831 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2832 if (ie)
ccd556fe 2833 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2834
58a681ef
JH		 2835 if (ev->features[0] & 0x01)
2836 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2837 }
2838
2839 if (conn->state != BT_CONFIG)
2840 goto unlock;
2841
127178d2
JH		 2842 if (!ev->status) {
2843 struct hci_cp_remote_name_req cp;
2844 memset(&cp, 0, sizeof(cp));
2845 bacpy(&cp.bdaddr, &conn->dst);
2846 cp.pscan_rep_mode = 0x02;
2847 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2848 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2849 mgmt_device_connected(hdev, &conn->dst, conn->type,
2850 conn->dst_type, NULL, 0,
2851 conn->dev_class);
392599b9 2852
127178d2 2853 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2854 conn->state = BT_CONNECTED;
2855 hci_proto_connect_cfm(conn, ev->status);
2856 hci_conn_put(conn);
41a96212
MH		 2857 }
2858
ccd556fe 2859unlock:
41a96212 2860 hci_dev_unlock(hdev);
a9de9248
MH		 2861}
2862
2863static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2864{
b6a0dc82
MH		 2865 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2866 struct hci_conn *conn;
2867
2868 BT_DBG("%s status %d", hdev->name, ev->status);
2869
2870 hci_dev_lock(hdev);
2871
2872 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2873 if (!conn) {
2874 if (ev->link_type == ESCO_LINK)
2875 goto unlock;
2876
2877 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2878 if (!conn)
2879 goto unlock;
2880
2881 conn->type = SCO_LINK;
2882 }
b6a0dc82 2883
732547f9
MH		 2884 switch (ev->status) {
2885 case 0x00:
b6a0dc82
MH		 2886 conn->handle = __le16_to_cpu(ev->handle);
2887 conn->state = BT_CONNECTED;
7d0db0a3 2888
9eba32b8 2889 hci_conn_hold_device(conn);
7d0db0a3 2890 hci_conn_add_sysfs(conn);
732547f9
MH		 2891 break;
2892
705e5711 2893 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2894 case 0x1c: /* SCO interval rejected */
1038a00b 2895 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2896 case 0x1f: /* Unspecified error */
2897 if (conn->out && conn->attempt < 2) {
2898 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2899 (hdev->esco_type & EDR_ESCO_MASK);
2900 hci_setup_sync(conn, conn->link->handle);
2901 goto unlock;
2902 }
2903 /* fall through */
2904
2905 default:
b6a0dc82 2906 conn->state = BT_CLOSED;
732547f9
MH		 2907 break;
2908 }
b6a0dc82
MH		 2909
2910 hci_proto_connect_cfm(conn, ev->status);
2911 if (ev->status)
2912 hci_conn_del(conn);
2913
2914unlock:
2915 hci_dev_unlock(hdev);
a9de9248
MH		 2916}
2917
2918static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2919{
2920 BT_DBG("%s", hdev->name);
2921}
2922
04837f64
MH		 2923static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2924{
a9de9248 2925 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2926
2927 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2928}
2929
a9de9248 2930static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2931{
a9de9248
MH		 2932 struct inquiry_data data;
2933 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2934 int num_rsp = *((__u8 *) skb->data);
1da177e4 2935
a9de9248 2936 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2937
a9de9248
MH		 2938 if (!num_rsp)
2939 return;
1da177e4 2940
a9de9248
MH		 2941 hci_dev_lock(hdev);
2942
e17acd40 2943 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2944 bool name_known;
2945
a9de9248 2946 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2947 data.pscan_rep_mode = info->pscan_rep_mode;
2948 data.pscan_period_mode = info->pscan_period_mode;
2949 data.pscan_mode = 0x00;
a9de9248 2950 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2951 data.clock_offset = info->clock_offset;
2952 data.rssi = info->rssi;
41a96212 2953 data.ssp_mode = 0x01;
561aafbc 2954
a8b2d5c2 2955 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2956 name_known = eir_has_data_type(info->data,
2957 sizeof(info->data),
2958 EIR_NAME_COMPLETE);
561aafbc
JH		 2959 else
2960 name_known = true;
2961
3175405b 2962 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2963 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2964 info->dev_class, info->rssi,
7d262f86
AG		 2965 !name_known, info->data,
2966 sizeof(info->data));
a9de9248
MH		 2967 }
2968
2969 hci_dev_unlock(hdev);
2970}
1da177e4 2971
17fa4b9d
JH		 2972static inline u8 hci_get_auth_req(struct hci_conn *conn)
2973{
2974 /* If remote requests dedicated bonding follow that lead */
2975 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2976 /* If both remote and local IO capabilities allow MITM
2977 * protection then require it, otherwise don't */
2978 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2979 return 0x02;
2980 else
2981 return 0x03;
2982 }
2983
2984 /* If remote requests no-bonding follow that lead */
2985 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2986 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2987
2988 return conn->auth_type;
2989}
2990
0493684e
MH		 2991static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2992{
2993 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2994 struct hci_conn *conn;
2995
2996 BT_DBG("%s", hdev->name);
2997
2998 hci_dev_lock(hdev);
2999
3000 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3001 if (!conn)
3002 goto unlock;
3003
3004 hci_conn_hold(conn);
3005
a8b2d5c2 3006 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3007 goto unlock;
3008
a8b2d5c2 3009 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 3010 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3011 struct hci_cp_io_capability_reply cp;
3012
3013 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3014 /* Change the IO capability from KeyboardDisplay
3015 * to DisplayYesNo as it is not supported by BT spec. */
3016 cp.capability = (conn->io_capability == 0x04) ?
3017 0x01 : conn->io_capability;
7cbc9bd9
JH		 3018 conn->auth_type = hci_get_auth_req(conn);
3019 cp.authentication = conn->auth_type;
17fa4b9d 3020
58a681ef 3021 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 3022 hci_find_remote_oob_data(hdev, &conn->dst))
3023 cp.oob_data = 0x01;
3024 else
3025 cp.oob_data = 0x00;
3026
17fa4b9d
JH		 3027 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
3028 sizeof(cp), &cp);
03b555e1
JH		 3029 } else {
3030 struct hci_cp_io_capability_neg_reply cp;
3031
3032 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3033 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3034
03b555e1
JH		 3035 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
3036 sizeof(cp), &cp);
3037 }
3038
3039unlock:
3040 hci_dev_unlock(hdev);
3041}
3042
3043static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
3044{
3045 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3046 struct hci_conn *conn;
3047
3048 BT_DBG("%s", hdev->name);
3049
3050 hci_dev_lock(hdev);
3051
3052 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3053 if (!conn)
3054 goto unlock;
3055
03b555e1 3056 conn->remote_cap = ev->capability;
03b555e1 3057 conn->remote_auth = ev->authentication;
58a681ef
JH		 3058 if (ev->oob_data)
3059 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3060
3061unlock:
0493684e
MH		 3062 hci_dev_unlock(hdev);
3063}
3064
a5c29683
JH		 3065static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3066 struct sk_buff *skb)
3067{
3068 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3069 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3070 struct hci_conn *conn;
a5c29683
JH		 3071
3072 BT_DBG("%s", hdev->name);
3073
3074 hci_dev_lock(hdev);
3075
a8b2d5c2 3076 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3077 goto unlock;
a5c29683 3078
7a828908
JH		 3079 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3080 if (!conn)
3081 goto unlock;
3082
3083 loc_mitm = (conn->auth_type & 0x01);
3084 rem_mitm = (conn->remote_auth & 0x01);
3085
3086 /* If we require MITM but the remote device can't provide that
3087 * (it has NoInputNoOutput) then reject the confirmation
3088 * request. The only exception is when we're dedicated bonding
3089 * initiators (connect_cfm_cb set) since then we always have the MITM
3090 * bit set. */
3091 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3092 BT_DBG("Rejecting request: remote device can't provide MITM");
3093 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3094 sizeof(ev->bdaddr), &ev->bdaddr);
3095 goto unlock;
3096 }
3097
3098 /* If no side requires MITM protection; auto-accept */
3099 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3100 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3101
3102 /* If we're not the initiators request authorization to
3103 * proceed from user space (mgmt_user_confirm with
3104 * confirm_hint set to 1). */
51a8efd7 3105 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3106 BT_DBG("Confirming auto-accept as acceptor");
3107 confirm_hint = 1;
3108 goto confirm;
3109 }
3110
9f61656a
JH		 3111 BT_DBG("Auto-accept of user confirmation with %ums delay",
3112 hdev->auto_accept_delay);
3113
3114 if (hdev->auto_accept_delay > 0) {
3115 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3116 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3117 goto unlock;
3118 }
3119
7a828908
JH		 3120 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3121 sizeof(ev->bdaddr), &ev->bdaddr);
3122 goto unlock;
3123 }
3124
55bc1a37 3125confirm:
744cf19e 3126 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
55bc1a37 3127 confirm_hint);
7a828908
JH		 3128
3129unlock:
a5c29683
JH		 3130 hci_dev_unlock(hdev);
3131}
3132
1143d458
BG		 3133static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3134 struct sk_buff *skb)
3135{
3136 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3137
3138 BT_DBG("%s", hdev->name);
3139
3140 hci_dev_lock(hdev);
3141
a8b2d5c2 3142 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 3143 mgmt_user_passkey_request(hdev, &ev->bdaddr);
3144
3145 hci_dev_unlock(hdev);
3146}
3147
0493684e
MH		 3148static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3149{
3150 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3151 struct hci_conn *conn;
3152
3153 BT_DBG("%s", hdev->name);
3154
3155 hci_dev_lock(hdev);
3156
3157 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3158 if (!conn)
3159 goto unlock;
3160
3161 /* To avoid duplicate auth_failed events to user space we check
3162 * the HCI_CONN_AUTH_PEND flag which will be set if we
3163 * initiated the authentication. A traditional auth_complete
3164 * event gets always produced as initiator and is also mapped to
3165 * the mgmt_auth_failed event */
51a8efd7 3166 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
744cf19e 3167 mgmt_auth_failed(hdev, &conn->dst, ev->status);
0493684e 3168
2a611692
JH		 3169 hci_conn_put(conn);
3170
3171unlock:
0493684e
MH		 3172 hci_dev_unlock(hdev);
3173}
3174
41a96212
MH		 3175static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3176{
3177 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3178 struct inquiry_entry *ie;
3179
3180 BT_DBG("%s", hdev->name);
3181
3182 hci_dev_lock(hdev);
3183
cc11b9c1
AE		 3184 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3185 if (ie)
41a96212
MH		 3186 ie->data.ssp_mode = (ev->features[0] & 0x01);
3187
3188 hci_dev_unlock(hdev);
3189}
3190
2763eda6
SJ		 3191static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3192 struct sk_buff *skb)
3193{
3194 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3195 struct oob_data *data;
3196
3197 BT_DBG("%s", hdev->name);
3198
3199 hci_dev_lock(hdev);
3200
a8b2d5c2 3201 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3202 goto unlock;
3203
2763eda6
SJ		 3204 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3205 if (data) {
3206 struct hci_cp_remote_oob_data_reply cp;
3207
3208 bacpy(&cp.bdaddr, &ev->bdaddr);
3209 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3210 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3211
3212 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3213 &cp);
3214 } else {
3215 struct hci_cp_remote_oob_data_neg_reply cp;
3216
3217 bacpy(&cp.bdaddr, &ev->bdaddr);
3218 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3219 &cp);
3220 }
3221
e1ba1f15 3222unlock:
2763eda6
SJ		 3223 hci_dev_unlock(hdev);
3224}
3225
fcd89c09
VT		 3226static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3227{
3228 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3229 struct hci_conn *conn;
3230
3231 BT_DBG("%s status %d", hdev->name, ev->status);
3232
3233 hci_dev_lock(hdev);
3234
3235 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3236 if (!conn) {
3237 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3238 if (!conn) {
3239 BT_ERR("No memory for new connection");
3240 hci_dev_unlock(hdev);
3241 return;
3242 }
29b7988a
AG		 3243
3244 conn->dst_type = ev->bdaddr_type;
b62f328b 3245 }
fcd89c09
VT		 3246
3247 if (ev->status) {
48264f06
JH		 3248 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3249 conn->dst_type, ev->status);
fcd89c09
VT		 3250 hci_proto_connect_cfm(conn, ev->status);
3251 conn->state = BT_CLOSED;
3252 hci_conn_del(conn);
3253 goto unlock;
3254 }
3255
b644ba33
JH		 3256 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3257 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3258 conn->dst_type, NULL, 0, 0);
83bc71b4 3259
7b5c0d52 3260 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3261 conn->handle = __le16_to_cpu(ev->handle);
3262 conn->state = BT_CONNECTED;
3263
3264 hci_conn_hold_device(conn);
3265 hci_conn_add_sysfs(conn);
3266
3267 hci_proto_connect_cfm(conn, ev->status);
3268
3269unlock:
3270 hci_dev_unlock(hdev);
3271}
3272
9aa04c91
AG		 3273static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3274 struct sk_buff *skb)
3275{
e95beb41
AG		 3276 u8 num_reports = skb->data[0];
3277 void *ptr = &skb->data[1];
3c9e9195 3278 s8 rssi;
9aa04c91
AG		 3279
3280 hci_dev_lock(hdev);
3281
e95beb41
AG		 3282 while (num_reports--) {
3283 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3284
9aa04c91 3285 hci_add_adv_entry(hdev, ev);
e95beb41 3286
3c9e9195
AG		 3287 rssi = ev->data[ev->length];
3288 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3289 NULL, rssi, 0, ev->data, ev->length);
3290
e95beb41 3291 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3292 }
3293
3294 hci_dev_unlock(hdev);
3295}
3296
a7a595f6
VCG		 3297static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3298 struct sk_buff *skb)
3299{
3300 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3301 struct hci_cp_le_ltk_reply cp;
bea710fe 3302 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3303 struct hci_conn *conn;
c9839a11 3304 struct smp_ltk *ltk;
a7a595f6
VCG		 3305
3306 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3307
3308 hci_dev_lock(hdev);
3309
3310 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3311 if (conn == NULL)
3312 goto not_found;
a7a595f6 3313
bea710fe
VCG		 3314 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3315 if (ltk == NULL)
3316 goto not_found;
3317
3318 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3319 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3320
3321 if (ltk->authenticated)
3322 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3323
3324 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3325
c9839a11
VCG		 3326 if (ltk->type & HCI_SMP_STK) {
3327 list_del(&ltk->list);
3328 kfree(ltk);
3329 }
3330
a7a595f6 3331 hci_dev_unlock(hdev);
bea710fe
VCG		 3332
3333 return;
3334
3335not_found:
3336 neg.handle = ev->handle;
3337 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3338 hci_dev_unlock(hdev);
a7a595f6
VCG		 3339}
3340
fcd89c09
VT		 3341static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3342{
3343 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3344
3345 skb_pull(skb, sizeof(*le_ev));
3346
3347 switch (le_ev->subevent) {
3348 case HCI_EV_LE_CONN_COMPLETE:
3349 hci_le_conn_complete_evt(hdev, skb);
3350 break;
3351
9aa04c91
AG		 3352 case HCI_EV_LE_ADVERTISING_REPORT:
3353 hci_le_adv_report_evt(hdev, skb);
3354 break;
3355
a7a595f6
VCG		 3356 case HCI_EV_LE_LTK_REQ:
3357 hci_le_ltk_request_evt(hdev, skb);
3358 break;
3359
fcd89c09
VT		 3360 default:
3361 break;
3362 }
3363}
3364
a9de9248
MH		 3365void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3366{
3367 struct hci_event_hdr *hdr = (void *) skb->data;
3368 __u8 event = hdr->evt;
3369
3370 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3371
3372 switch (event) {
1da177e4
LT		 3373 case HCI_EV_INQUIRY_COMPLETE:
3374 hci_inquiry_complete_evt(hdev, skb);
3375 break;
3376
3377 case HCI_EV_INQUIRY_RESULT:
3378 hci_inquiry_result_evt(hdev, skb);
3379 break;
3380
a9de9248
MH		 3381 case HCI_EV_CONN_COMPLETE:
3382 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3383 break;
3384
1da177e4
LT		 3385 case HCI_EV_CONN_REQUEST:
3386 hci_conn_request_evt(hdev, skb);
3387 break;
3388
1da177e4
LT		 3389 case HCI_EV_DISCONN_COMPLETE:
3390 hci_disconn_complete_evt(hdev, skb);
3391 break;
3392
1da177e4
LT		 3393 case HCI_EV_AUTH_COMPLETE:
3394 hci_auth_complete_evt(hdev, skb);
3395 break;
3396
a9de9248
MH		 3397 case HCI_EV_REMOTE_NAME:
3398 hci_remote_name_evt(hdev, skb);
3399 break;
3400
1da177e4
LT		 3401 case HCI_EV_ENCRYPT_CHANGE:
3402 hci_encrypt_change_evt(hdev, skb);
3403 break;
3404
a9de9248
MH		 3405 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3406 hci_change_link_key_complete_evt(hdev, skb);
3407 break;
3408
3409 case HCI_EV_REMOTE_FEATURES:
3410 hci_remote_features_evt(hdev, skb);
3411 break;
3412
3413 case HCI_EV_REMOTE_VERSION:
3414 hci_remote_version_evt(hdev, skb);
3415 break;
3416
3417 case HCI_EV_QOS_SETUP_COMPLETE:
3418 hci_qos_setup_complete_evt(hdev, skb);
3419 break;
3420
3421 case HCI_EV_CMD_COMPLETE:
3422 hci_cmd_complete_evt(hdev, skb);
3423 break;
3424
3425 case HCI_EV_CMD_STATUS:
3426 hci_cmd_status_evt(hdev, skb);
3427 break;
3428
3429 case HCI_EV_ROLE_CHANGE:
3430 hci_role_change_evt(hdev, skb);
3431 break;
3432
3433 case HCI_EV_NUM_COMP_PKTS:
3434 hci_num_comp_pkts_evt(hdev, skb);
3435 break;
3436
3437 case HCI_EV_MODE_CHANGE:
3438 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3439 break;
3440
3441 case HCI_EV_PIN_CODE_REQ:
3442 hci_pin_code_request_evt(hdev, skb);
3443 break;
3444
3445 case HCI_EV_LINK_KEY_REQ:
3446 hci_link_key_request_evt(hdev, skb);
3447 break;
3448
3449 case HCI_EV_LINK_KEY_NOTIFY:
3450 hci_link_key_notify_evt(hdev, skb);
3451 break;
3452
3453 case HCI_EV_CLOCK_OFFSET:
3454 hci_clock_offset_evt(hdev, skb);
3455 break;
3456
a8746417
MH		 3457 case HCI_EV_PKT_TYPE_CHANGE:
3458 hci_pkt_type_change_evt(hdev, skb);
3459 break;
3460
85a1e930
MH		 3461 case HCI_EV_PSCAN_REP_MODE:
3462 hci_pscan_rep_mode_evt(hdev, skb);
3463 break;
3464
a9de9248
MH		 3465 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3466 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3467 break;
3468
a9de9248
MH		 3469 case HCI_EV_REMOTE_EXT_FEATURES:
3470 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3471 break;
3472
a9de9248
MH		 3473 case HCI_EV_SYNC_CONN_COMPLETE:
3474 hci_sync_conn_complete_evt(hdev, skb);
3475 break;
1da177e4 3476
a9de9248
MH		 3477 case HCI_EV_SYNC_CONN_CHANGED:
3478 hci_sync_conn_changed_evt(hdev, skb);
3479 break;
1da177e4 3480
a9de9248
MH		 3481 case HCI_EV_SNIFF_SUBRATE:
3482 hci_sniff_subrate_evt(hdev, skb);
3483 break;
1da177e4 3484
a9de9248
MH		 3485 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3486 hci_extended_inquiry_result_evt(hdev, skb);
3487 break;
1da177e4 3488
0493684e
MH		 3489 case HCI_EV_IO_CAPA_REQUEST:
3490 hci_io_capa_request_evt(hdev, skb);
3491 break;
3492
03b555e1
JH		 3493 case HCI_EV_IO_CAPA_REPLY:
3494 hci_io_capa_reply_evt(hdev, skb);
3495 break;
3496
a5c29683
JH		 3497 case HCI_EV_USER_CONFIRM_REQUEST:
3498 hci_user_confirm_request_evt(hdev, skb);
3499 break;
3500
1143d458
BG		 3501 case HCI_EV_USER_PASSKEY_REQUEST:
3502 hci_user_passkey_request_evt(hdev, skb);
3503 break;
3504
0493684e
MH		 3505 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3506 hci_simple_pair_complete_evt(hdev, skb);
3507 break;
3508
41a96212
MH		 3509 case HCI_EV_REMOTE_HOST_FEATURES:
3510 hci_remote_host_features_evt(hdev, skb);
3511 break;
3512
fcd89c09
VT		 3513 case HCI_EV_LE_META:
3514 hci_le_meta_evt(hdev, skb);
3515 break;
3516
2763eda6
SJ		 3517 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3518 hci_remote_oob_data_request_evt(hdev, skb);
3519 break;
3520
25e89e99
AE		 3521 case HCI_EV_NUM_COMP_BLOCKS:
3522 hci_num_comp_blocks_evt(hdev, skb);
3523 break;
3524
a9de9248
MH		 3525 default:
3526 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3527 break;
3528 }
3529
3530 kfree_skb(skb);
3531 hdev->stat.evt_rx++;
3532}
3533
3534/* Generate internal stack event */
3535void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3536{
3537 struct hci_event_hdr *hdr;
3538 struct hci_ev_stack_internal *ev;
3539 struct sk_buff *skb;
3540
3541 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3542 if (!skb)
3543 return;
3544
3545 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3546 hdr->evt = HCI_EV_STACK_INTERNAL;
3547 hdr->plen = sizeof(*ev) + dlen;
3548
3549 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3550 ev->type = type;
3551 memcpy(ev->data, data, dlen);
3552
576c7d85 3553 bt_cb(skb)->incoming = 1;
a61bbcf2 3554 __net_timestamp(skb);
576c7d85 3555
0d48d939 3556 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 3557 skb->dev = (void *) hdev;
eec8d2bc 3558 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 3559 kfree_skb(skb);
3560}
e6100a25 3561
669bb396 3562module_param(enable_le, bool, 0644);
e6100a25 3563MODULE_PARM_DESC(enable_le, "Enable LE support");
kernel source for telekom puls (alcatel/mediatek)