projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add new structures for handling SMP Long Term Keys
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
eb939922 48static bool enable_le;
e6100a25 49
1da177e4
LT		 50/* Handle HCI Event packets */
51
a9de9248 52static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 53{
a9de9248 54 __u8 status = *((__u8 *) skb->data);
1da177e4 55
a9de9248 56 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 57
e6d465cb
AG		 58 if (status) {
59 hci_dev_lock(hdev);
60 mgmt_stop_discovery_failed(hdev, status);
61 hci_dev_unlock(hdev);
a9de9248 62 return;
e6d465cb 63 }
1da177e4 64
89352e7d
AG		 65 clear_bit(HCI_INQUIRY, &hdev->flags);
66
56e5cb86 67 hci_dev_lock(hdev);
ff9ef578 68 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 69 hci_dev_unlock(hdev);
6bd57416 70
23bb5763 71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 72
73 hci_conn_check_pending(hdev);
74}
6bd57416 75
a9de9248
MH		 76static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
77{
78 __u8 status = *((__u8 *) skb->data);
6bd57416 79
a9de9248 80 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 81
a9de9248
MH		 82 if (status)
83 return;
1da177e4 84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
89{
90 BT_DBG("%s", hdev->name);
91}
92
93static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
94{
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
97
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
99
100 if (rp->status)
101 return;
102
103 hci_dev_lock(hdev);
104
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
106 if (conn) {
107 if (rp->role)
108 conn->link_mode &= ~HCI_LM_MASTER;
109 else
110 conn->link_mode |= HCI_LM_MASTER;
1da177e4 111 }
a9de9248
MH		 112
113 hci_dev_unlock(hdev);
1da177e4
LT		 114}
115
e4e8e37c
MH		 116static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
117{
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
120
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
122
123 if (rp->status)
124 return;
125
126 hci_dev_lock(hdev);
127
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
129 if (conn)
130 conn->link_policy = __le16_to_cpu(rp->policy);
131
132 hci_dev_unlock(hdev);
133}
134
a9de9248 135static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 136{
a9de9248 137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 138 struct hci_conn *conn;
04837f64 139 void *sent;
1da177e4 140
a9de9248 141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 142
a9de9248
MH		 143 if (rp->status)
144 return;
1da177e4 145
a9de9248
MH		 146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
147 if (!sent)
148 return;
1da177e4 149
a9de9248 150 hci_dev_lock(hdev);
1da177e4 151
a9de9248 152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 153 if (conn)
83985319 154 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 155
a9de9248
MH		 156 hci_dev_unlock(hdev);
157}
1da177e4 158
e4e8e37c
MH		 159static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
160{
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
162
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
164
165 if (rp->status)
166 return;
167
168 hdev->link_policy = __le16_to_cpu(rp->policy);
169}
170
171static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
172{
173 __u8 status = *((__u8 *) skb->data);
174 void *sent;
175
176 BT_DBG("%s status 0x%x", hdev->name, status);
177
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
179 if (!sent)
180 return;
181
182 if (!status)
183 hdev->link_policy = get_unaligned_le16(sent);
184
23bb5763 185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 186}
187
a9de9248
MH		 188static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
189{
190 __u8 status = *((__u8 *) skb->data);
04837f64 191
a9de9248 192 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 193
10572132
GP		 194 clear_bit(HCI_RESET, &hdev->flags);
195
23bb5763 196 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 197
7005ff17 198 /* Reset all flags, except persistent ones */
95947a39
HG		 199 hdev->dev_flags &= BIT(HCI_MGMT) | BIT(HCI_SETUP) | BIT(HCI_AUTO_OFF) |
200 BIT(HCI_LINK_KEYS) | BIT(HCI_DEBUG_KEYS);
a9de9248 201}
04837f64 202
a9de9248
MH		 203static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
204{
205 __u8 status = *((__u8 *) skb->data);
206 void *sent;
04837f64 207
a9de9248 208 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 209
a9de9248
MH		 210 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
211 if (!sent)
212 return;
04837f64 213
56e5cb86
JH		 214 hci_dev_lock(hdev);
215
a8b2d5c2 216 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 217 mgmt_set_local_name_complete(hdev, sent, status);
b312b161 218
56e5cb86
JH		 219 if (status == 0)
220 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
b312b161 221
56e5cb86 222 hci_dev_unlock(hdev);
a9de9248
MH		 223}
224
225static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
226{
227 struct hci_rp_read_local_name *rp = (void *) skb->data;
228
229 BT_DBG("%s status 0x%x", hdev->name, rp->status);
230
231 if (rp->status)
232 return;
233
1f6c6378 234 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 235}
236
237static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
238{
239 __u8 status = *((__u8 *) skb->data);
240 void *sent;
241
242 BT_DBG("%s status 0x%x", hdev->name, status);
243
244 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
245 if (!sent)
246 return;
247
248 if (!status) {
249 __u8 param = *((__u8 *) sent);
250
251 if (param == AUTH_ENABLED)
252 set_bit(HCI_AUTH, &hdev->flags);
253 else
254 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 255 }
a9de9248 256
23bb5763 257 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 258}
259
a9de9248 260static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 261{
a9de9248 262 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 263 void *sent;
264
a9de9248 265 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 266
a9de9248
MH		 267 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
268 if (!sent)
269 return;
1da177e4 270
a9de9248
MH		 271 if (!status) {
272 __u8 param = *((__u8 *) sent);
273
274 if (param)
275 set_bit(HCI_ENCRYPT, &hdev->flags);
276 else
277 clear_bit(HCI_ENCRYPT, &hdev->flags);
278 }
1da177e4 279
23bb5763 280 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 281}
1da177e4 282
a9de9248
MH		 283static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
284{
36f7fc7e
JH		 285 __u8 param, status = *((__u8 *) skb->data);
286 int old_pscan, old_iscan;
a9de9248 287 void *sent;
1da177e4 288
a9de9248 289 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 290
a9de9248
MH		 291 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
292 if (!sent)
293 return;
1da177e4 294
36f7fc7e
JH		 295 param = *((__u8 *) sent);
296
56e5cb86
JH		 297 hci_dev_lock(hdev);
298
2d7cee58 299 if (status != 0) {
744cf19e 300 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 301 hdev->discov_timeout = 0;
302 goto done;
303 }
304
36f7fc7e
JH		 305 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
306 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
307
308 if (param & SCAN_INQUIRY) {
309 set_bit(HCI_ISCAN, &hdev->flags);
310 if (!old_iscan)
744cf19e 311 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 312 if (hdev->discov_timeout > 0) {
313 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
314 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
315 to);
316 }
36f7fc7e 317 } else if (old_iscan)
744cf19e 318 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 319
320 if (param & SCAN_PAGE) {
321 set_bit(HCI_PSCAN, &hdev->flags);
322 if (!old_pscan)
744cf19e 323 mgmt_connectable(hdev, 1);
36f7fc7e 324 } else if (old_pscan)
744cf19e 325 mgmt_connectable(hdev, 0);
1da177e4 326
36f7fc7e 327done:
56e5cb86 328 hci_dev_unlock(hdev);
23bb5763 329 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 330}
1da177e4 331
a9de9248
MH		 332static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
333{
334 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 335
a9de9248 336 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 337
a9de9248
MH		 338 if (rp->status)
339 return;
1da177e4 340
a9de9248 341 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 342
a9de9248
MH		 343 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
344 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
345}
1da177e4 346
a9de9248
MH		 347static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
348{
349 __u8 status = *((__u8 *) skb->data);
350 void *sent;
1da177e4 351
a9de9248 352 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 353
f383f275
MH		 354 if (status)
355 return;
356
a9de9248
MH		 357 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
358 if (!sent)
359 return;
1da177e4 360
f383f275 361 memcpy(hdev->dev_class, sent, 3);
a9de9248 362}
1da177e4 363
a9de9248
MH		 364static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
365{
366 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
367 __u16 setting;
368
369 BT_DBG("%s status 0x%x", hdev->name, rp->status);
370
371 if (rp->status)
372 return;
373
374 setting = __le16_to_cpu(rp->voice_setting);
375
f383f275 376 if (hdev->voice_setting == setting)
a9de9248
MH		 377 return;
378
379 hdev->voice_setting = setting;
380
381 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
382
3c54711c 383 if (hdev->notify)
a9de9248 384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 385}
386
387static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
388{
389 __u8 status = *((__u8 *) skb->data);
f383f275 390 __u16 setting;
a9de9248
MH		 391 void *sent;
392
393 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 394
f383f275
MH		 395 if (status)
396 return;
397
a9de9248
MH		 398 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
399 if (!sent)
400 return;
1da177e4 401
f383f275 402 setting = get_unaligned_le16(sent);
1da177e4 403
f383f275
MH		 404 if (hdev->voice_setting == setting)
405 return;
406
407 hdev->voice_setting = setting;
1da177e4 408
f383f275 409 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 410
3c54711c 411 if (hdev->notify)
f383f275 412 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 413}
414
a9de9248 415static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 416{
a9de9248 417 __u8 status = *((__u8 *) skb->data);
1da177e4 418
a9de9248 419 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 420
23bb5763 421 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 422}
1143e5a6 423
333140b5
MH		 424static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
425{
426 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
427
428 BT_DBG("%s status 0x%x", hdev->name, rp->status);
429
430 if (rp->status)
431 return;
432
84bde9d6
JH		 433 if (rp->mode)
434 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
435 else
436 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 437}
438
439static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
440{
441 __u8 status = *((__u8 *) skb->data);
442 void *sent;
443
444 BT_DBG("%s status 0x%x", hdev->name, status);
445
446 if (status)
447 return;
448
449 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
450 if (!sent)
451 return;
452
84bde9d6
JH		 453 if (*((u8 *) sent))
454 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
455 else
456 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
333140b5
MH		 457}
458
d5859e22
JH		 459static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
460{
461 if (hdev->features[6] & LMP_EXT_INQ)
462 return 2;
463
464 if (hdev->features[3] & LMP_RSSI_INQ)
465 return 1;
466
467 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
468 hdev->lmp_subver == 0x0757)
469 return 1;
470
471 if (hdev->manufacturer == 15) {
472 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
473 return 1;
474 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
475 return 1;
476 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
477 return 1;
478 }
479
480 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
481 hdev->lmp_subver == 0x1805)
482 return 1;
483
484 return 0;
485}
486
487static void hci_setup_inquiry_mode(struct hci_dev *hdev)
488{
489 u8 mode;
490
491 mode = hci_get_inquiry_mode(hdev);
492
493 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
494}
495
496static void hci_setup_event_mask(struct hci_dev *hdev)
497{
498 /* The second byte is 0xff instead of 0x9f (two reserved bits
499 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
500 * command otherwise */
501 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
502
6de6c18d
VT		 503 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
504 * any event mask for pre 1.2 devices */
5a13b095 505 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 506 return;
507
508 events[4] |= 0x01; /* Flow Specification Complete */
509 events[4] |= 0x02; /* Inquiry Result with RSSI */
510 events[4] |= 0x04; /* Read Remote Extended Features Complete */
511 events[5] |= 0x08; /* Synchronous Connection Complete */
512 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 513
514 if (hdev->features[3] & LMP_RSSI_INQ)
515 events[4] |= 0x04; /* Inquiry Result with RSSI */
516
517 if (hdev->features[5] & LMP_SNIFF_SUBR)
518 events[5] |= 0x20; /* Sniff Subrating */
519
520 if (hdev->features[5] & LMP_PAUSE_ENC)
521 events[5] |= 0x80; /* Encryption Key Refresh Complete */
522
523 if (hdev->features[6] & LMP_EXT_INQ)
524 events[5] |= 0x40; /* Extended Inquiry Result */
525
526 if (hdev->features[6] & LMP_NO_FLUSH)
527 events[7] |= 0x01; /* Enhanced Flush Complete */
528
529 if (hdev->features[7] & LMP_LSTO)
530 events[6] |= 0x80; /* Link Supervision Timeout Changed */
531
532 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
533 events[6] |= 0x01; /* IO Capability Request */
534 events[6] |= 0x02; /* IO Capability Response */
535 events[6] |= 0x04; /* User Confirmation Request */
536 events[6] |= 0x08; /* User Passkey Request */
537 events[6] |= 0x10; /* Remote OOB Data Request */
538 events[6] |= 0x20; /* Simple Pairing Complete */
539 events[7] |= 0x04; /* User Passkey Notification */
540 events[7] |= 0x08; /* Keypress Notification */
541 events[7] |= 0x10; /* Remote Host Supported
542 * Features Notification */
543 }
544
545 if (hdev->features[4] & LMP_LE)
546 events[7] |= 0x20; /* LE Meta-Event */
547
548 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
549}
550
e6100a25
AG		 551static void hci_set_le_support(struct hci_dev *hdev)
552{
553 struct hci_cp_write_le_host_supported cp;
554
555 memset(&cp, 0, sizeof(cp));
556
557 if (enable_le) {
558 cp.le = 1;
559 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
560 }
561
562 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
563}
564
d5859e22
JH		 565static void hci_setup(struct hci_dev *hdev)
566{
e61ef499
AE		 567 if (hdev->dev_type != HCI_BREDR)
568 return;
569
d5859e22
JH		 570 hci_setup_event_mask(hdev);
571
d095c1eb 572 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 573 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
574
575 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
576 u8 mode = 0x01;
577 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
578 }
579
580 if (hdev->features[3] & LMP_RSSI_INQ)
581 hci_setup_inquiry_mode(hdev);
582
583 if (hdev->features[7] & LMP_INQ_TX_PWR)
584 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 585
586 if (hdev->features[7] & LMP_EXTFEATURES) {
587 struct hci_cp_read_local_ext_features cp;
588
589 cp.page = 0x01;
590 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
591 sizeof(cp), &cp);
592 }
e6100a25
AG		 593
594 if (hdev->features[4] & LMP_LE)
595 hci_set_le_support(hdev);
d5859e22
JH		 596}
597
a9de9248
MH		 598static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
599{
600 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 601
a9de9248 602 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 603
a9de9248
MH		 604 if (rp->status)
605 return;
1143e5a6 606
a9de9248 607 hdev->hci_ver = rp->hci_ver;
e4e8e37c 608 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 609 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 610 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 611 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 612
a9de9248
MH		 613 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
614 hdev->manufacturer,
615 hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 616
617 if (test_bit(HCI_INIT, &hdev->flags))
618 hci_setup(hdev);
619}
620
621static void hci_setup_link_policy(struct hci_dev *hdev)
622{
623 u16 link_policy = 0;
624
625 if (hdev->features[0] & LMP_RSWITCH)
626 link_policy |= HCI_LP_RSWITCH;
627 if (hdev->features[0] & LMP_HOLD)
628 link_policy |= HCI_LP_HOLD;
629 if (hdev->features[0] & LMP_SNIFF)
630 link_policy |= HCI_LP_SNIFF;
631 if (hdev->features[1] & LMP_PARK)
632 link_policy |= HCI_LP_PARK;
633
634 link_policy = cpu_to_le16(link_policy);
635 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
636 sizeof(link_policy), &link_policy);
a9de9248 637}
1da177e4 638
a9de9248
MH		 639static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
640{
641 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 642
a9de9248 643 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 644
a9de9248 645 if (rp->status)
d5859e22 646 goto done;
1da177e4 647
a9de9248 648 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 649
650 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
651 hci_setup_link_policy(hdev);
652
653done:
654 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 655}
1da177e4 656
a9de9248
MH		 657static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
658{
659 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 660
a9de9248 661 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 662
a9de9248
MH		 663 if (rp->status)
664 return;
5b7f9909 665
a9de9248 666 memcpy(hdev->features, rp->features, 8);
5b7f9909 667
a9de9248
MH		 668 /* Adjust default settings according to features
669 * supported by device. */
1da177e4 670
a9de9248
MH		 671 if (hdev->features[0] & LMP_3SLOT)
672 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 673
a9de9248
MH		 674 if (hdev->features[0] & LMP_5SLOT)
675 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 676
a9de9248
MH		 677 if (hdev->features[1] & LMP_HV2) {
678 hdev->pkt_type |= (HCI_HV2);
679 hdev->esco_type |= (ESCO_HV2);
680 }
1da177e4 681
a9de9248
MH		 682 if (hdev->features[1] & LMP_HV3) {
683 hdev->pkt_type |= (HCI_HV3);
684 hdev->esco_type |= (ESCO_HV3);
685 }
1da177e4 686
a9de9248
MH		 687 if (hdev->features[3] & LMP_ESCO)
688 hdev->esco_type |= (ESCO_EV3);
da1f5198 689
a9de9248
MH		 690 if (hdev->features[4] & LMP_EV4)
691 hdev->esco_type |= (ESCO_EV4);
da1f5198 692
a9de9248
MH		 693 if (hdev->features[4] & LMP_EV5)
694 hdev->esco_type |= (ESCO_EV5);
1da177e4 695
efc7688b
MH		 696 if (hdev->features[5] & LMP_EDR_ESCO_2M)
697 hdev->esco_type |= (ESCO_2EV3);
698
699 if (hdev->features[5] & LMP_EDR_ESCO_3M)
700 hdev->esco_type |= (ESCO_3EV3);
701
702 if (hdev->features[5] & LMP_EDR_3S_ESCO)
703 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
704
a9de9248
MH		 705 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
706 hdev->features[0], hdev->features[1],
707 hdev->features[2], hdev->features[3],
708 hdev->features[4], hdev->features[5],
709 hdev->features[6], hdev->features[7]);
710}
1da177e4 711
971e3a4b
AG		 712static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
713 struct sk_buff *skb)
714{
715 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
716
717 BT_DBG("%s status 0x%x", hdev->name, rp->status);
718
719 if (rp->status)
720 return;
721
b5b32b65
AG		 722 switch (rp->page) {
723 case 0:
724 memcpy(hdev->features, rp->features, 8);
725 break;
726 case 1:
727 memcpy(hdev->host_features, rp->features, 8);
728 break;
729 }
971e3a4b
AG		 730
731 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
732}
733
1e89cffb
AE		 734static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
735 struct sk_buff *skb)
736{
737 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
738
739 BT_DBG("%s status 0x%x", hdev->name, rp->status);
740
741 if (rp->status)
742 return;
743
744 hdev->flow_ctl_mode = rp->mode;
745
746 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
747}
748
a9de9248
MH		 749static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
750{
751 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 752
a9de9248 753 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 754
a9de9248
MH		 755 if (rp->status)
756 return;
1da177e4 757
a9de9248
MH		 758 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
759 hdev->sco_mtu = rp->sco_mtu;
760 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
761 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
762
763 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
764 hdev->sco_mtu = 64;
765 hdev->sco_pkts = 8;
1da177e4 766 }
a9de9248
MH		 767
768 hdev->acl_cnt = hdev->acl_pkts;
769 hdev->sco_cnt = hdev->sco_pkts;
770
771 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
772 hdev->acl_mtu, hdev->acl_pkts,
773 hdev->sco_mtu, hdev->sco_pkts);
774}
775
776static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
777{
778 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
779
780 BT_DBG("%s status 0x%x", hdev->name, rp->status);
781
782 if (!rp->status)
783 bacpy(&hdev->bdaddr, &rp->bdaddr);
784
23bb5763
JH		 785 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
786}
787
350ee4cf
AE		 788static void hci_cc_read_data_block_size(struct hci_dev *hdev,
789 struct sk_buff *skb)
790{
791 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
792
793 BT_DBG("%s status 0x%x", hdev->name, rp->status);
794
795 if (rp->status)
796 return;
797
798 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
799 hdev->block_len = __le16_to_cpu(rp->block_len);
800 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
801
802 hdev->block_cnt = hdev->num_blocks;
803
804 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
805 hdev->block_cnt, hdev->block_len);
806
807 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
808}
809
23bb5763
JH		 810static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
811{
812 __u8 status = *((__u8 *) skb->data);
813
814 BT_DBG("%s status 0x%x", hdev->name, status);
815
816 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 817}
818
928abaa7
AE		 819static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
820 struct sk_buff *skb)
821{
822 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
823
824 BT_DBG("%s status 0x%x", hdev->name, rp->status);
825
826 if (rp->status)
827 return;
828
829 hdev->amp_status = rp->amp_status;
830 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
831 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
832 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
833 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
834 hdev->amp_type = rp->amp_type;
835 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
836 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
837 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
838 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
839
840 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
841}
842
b0916ea0
JH		 843static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
844 struct sk_buff *skb)
845{
846 __u8 status = *((__u8 *) skb->data);
847
848 BT_DBG("%s status 0x%x", hdev->name, status);
849
850 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
851}
852
d5859e22
JH		 853static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
854{
855 __u8 status = *((__u8 *) skb->data);
856
857 BT_DBG("%s status 0x%x", hdev->name, status);
858
859 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
860}
861
862static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
863 struct sk_buff *skb)
864{
865 __u8 status = *((__u8 *) skb->data);
866
867 BT_DBG("%s status 0x%x", hdev->name, status);
868
869 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
870}
871
872static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
873 struct sk_buff *skb)
874{
875 __u8 status = *((__u8 *) skb->data);
876
877 BT_DBG("%s status 0x%x", hdev->name, status);
878
879 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
880}
881
882static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
883{
884 __u8 status = *((__u8 *) skb->data);
885
886 BT_DBG("%s status 0x%x", hdev->name, status);
887
888 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
889}
890
980e1a53
JH		 891static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
892{
893 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
894 struct hci_cp_pin_code_reply *cp;
895 struct hci_conn *conn;
896
897 BT_DBG("%s status 0x%x", hdev->name, rp->status);
898
56e5cb86
JH		 899 hci_dev_lock(hdev);
900
a8b2d5c2 901 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 902 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53
JH		 903
904 if (rp->status != 0)
56e5cb86 905 goto unlock;
980e1a53
JH		 906
907 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
908 if (!cp)
56e5cb86 909 goto unlock;
980e1a53
JH		 910
911 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
912 if (conn)
913 conn->pin_length = cp->pin_len;
56e5cb86
JH		 914
915unlock:
916 hci_dev_unlock(hdev);
980e1a53
JH		 917}
918
919static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
920{
921 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
922
923 BT_DBG("%s status 0x%x", hdev->name, rp->status);
924
56e5cb86
JH		 925 hci_dev_lock(hdev);
926
a8b2d5c2 927 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 928 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
980e1a53 929 rp->status);
56e5cb86
JH		 930
931 hci_dev_unlock(hdev);
980e1a53 932}
56e5cb86 933
6ed58ec5
VT		 934static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
935 struct sk_buff *skb)
936{
937 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
938
939 BT_DBG("%s status 0x%x", hdev->name, rp->status);
940
941 if (rp->status)
942 return;
943
944 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
945 hdev->le_pkts = rp->le_max_pkt;
946
947 hdev->le_cnt = hdev->le_pkts;
948
949 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
950
951 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
952}
980e1a53 953
a5c29683
JH		 954static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
955{
956 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
957
958 BT_DBG("%s status 0x%x", hdev->name, rp->status);
959
56e5cb86
JH		 960 hci_dev_lock(hdev);
961
a8b2d5c2 962 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 963 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
a5c29683 964 rp->status);
56e5cb86
JH		 965
966 hci_dev_unlock(hdev);
a5c29683
JH		 967}
968
969static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
970 struct sk_buff *skb)
971{
972 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
973
974 BT_DBG("%s status 0x%x", hdev->name, rp->status);
975
56e5cb86
JH		 976 hci_dev_lock(hdev);
977
a8b2d5c2 978 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 979 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
a5c29683 980 rp->status);
56e5cb86
JH		 981
982 hci_dev_unlock(hdev);
a5c29683
JH		 983}
984
1143d458
BG		 985static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
986{
987 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
988
989 BT_DBG("%s status 0x%x", hdev->name, rp->status);
990
991 hci_dev_lock(hdev);
992
a8b2d5c2 993 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 994 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
995 rp->status);
996
997 hci_dev_unlock(hdev);
998}
999
1000static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
1001 struct sk_buff *skb)
1002{
1003 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1004
1005 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1006
1007 hci_dev_lock(hdev);
1008
a8b2d5c2 1009 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 1010 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
1011 rp->status);
1012
1013 hci_dev_unlock(hdev);
1014}
1015
c35938b2
SJ		 1016static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
1017 struct sk_buff *skb)
1018{
1019 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1020
1021 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1022
56e5cb86 1023 hci_dev_lock(hdev);
744cf19e 1024 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1025 rp->randomizer, rp->status);
56e5cb86 1026 hci_dev_unlock(hdev);
c35938b2
SJ		 1027}
1028
07f7fa5d
AG		 1029static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1030{
1031 __u8 status = *((__u8 *) skb->data);
1032
1033 BT_DBG("%s status 0x%x", hdev->name, status);
1034}
1035
eb9d91f5
AG		 1036static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
1037 struct sk_buff *skb)
1038{
1039 struct hci_cp_le_set_scan_enable *cp;
1040 __u8 status = *((__u8 *) skb->data);
1041
1042 BT_DBG("%s status 0x%x", hdev->name, status);
1043
1044 if (status)
1045 return;
1046
1047 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1048 if (!cp)
1049 return;
1050
68a8aea4
AE		 1051 switch (cp->enable) {
1052 case LE_SCANNING_ENABLED:
d23264a8
AG		 1053 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1054
db323f2f 1055 cancel_delayed_work_sync(&hdev->adv_work);
a8f13c8c
AG		 1056
1057 hci_dev_lock(hdev);
eb9d91f5 1058 hci_adv_entries_clear(hdev);
a8f13c8c 1059 hci_dev_unlock(hdev);
68a8aea4
AE		 1060 break;
1061
1062 case LE_SCANNING_DISABLED:
d23264a8
AG		 1063 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1064
d084329e 1065 schedule_delayed_work(&hdev->adv_work, ADV_CLEAR_TIMEOUT);
68a8aea4
AE		 1066 break;
1067
1068 default:
1069 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1070 break;
35815085 1071 }
eb9d91f5
AG		 1072}
1073
a7a595f6
VCG		 1074static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1075{
1076 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1077
1078 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1079
1080 if (rp->status)
1081 return;
1082
1083 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1084}
1085
1086static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1087{
1088 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1089
1090 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1091
1092 if (rp->status)
1093 return;
1094
1095 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1096}
1097
f9b49306
AG		 1098static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1099 struct sk_buff *skb)
1100{
1101 struct hci_cp_read_local_ext_features cp;
1102 __u8 status = *((__u8 *) skb->data);
1103
1104 BT_DBG("%s status 0x%x", hdev->name, status);
1105
1106 if (status)
1107 return;
1108
1109 cp.page = 0x01;
1110 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1111}
1112
a9de9248
MH		 1113static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1114{
1115 BT_DBG("%s status 0x%x", hdev->name, status);
1116
1117 if (status) {
23bb5763 1118 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1119 hci_conn_check_pending(hdev);
56e5cb86 1120 hci_dev_lock(hdev);
a8b2d5c2 1121 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1122 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1123 hci_dev_unlock(hdev);
314b2381
JH		 1124 return;
1125 }
1126
89352e7d
AG		 1127 set_bit(HCI_INQUIRY, &hdev->flags);
1128
56e5cb86 1129 hci_dev_lock(hdev);
30dc78e1 1130 hci_discovery_set_state(hdev, DISCOVERY_INQUIRY);
56e5cb86 1131 hci_dev_unlock(hdev);
1da177e4
LT		 1132}
1133
1da177e4
LT		 1134static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1135{
a9de9248 1136 struct hci_cp_create_conn *cp;
1da177e4 1137 struct hci_conn *conn;
1da177e4 1138
a9de9248
MH		 1139 BT_DBG("%s status 0x%x", hdev->name, status);
1140
1141 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1142 if (!cp)
1143 return;
1144
1145 hci_dev_lock(hdev);
1146
1147 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1148
a9de9248 1149 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1150
1151 if (status) {
1152 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1153 if (status != 0x0c || conn->attempt > 2) {
1154 conn->state = BT_CLOSED;
1155 hci_proto_connect_cfm(conn, status);
1156 hci_conn_del(conn);
1157 } else
1158 conn->state = BT_CONNECT2;
1da177e4
LT		 1159 }
1160 } else {
1161 if (!conn) {
1162 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1163 if (conn) {
a0c808b3 1164 conn->out = true;
1da177e4
LT		 1165 conn->link_mode |= HCI_LM_MASTER;
1166 } else
893ef971 1167 BT_ERR("No memory for new connection");
1da177e4
LT		 1168 }
1169 }
1170
1171 hci_dev_unlock(hdev);
1172}
1173
a9de9248 1174static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1175{
a9de9248
MH		 1176 struct hci_cp_add_sco *cp;
1177 struct hci_conn *acl, *sco;
1178 __u16 handle;
1da177e4 1179
b6a0dc82
MH		 1180 BT_DBG("%s status 0x%x", hdev->name, status);
1181
a9de9248
MH		 1182 if (!status)
1183 return;
1da177e4 1184
a9de9248
MH		 1185 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1186 if (!cp)
1187 return;
1da177e4 1188
a9de9248 1189 handle = __le16_to_cpu(cp->handle);
1da177e4 1190
a9de9248 1191 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 1192
a9de9248 1193 hci_dev_lock(hdev);
1da177e4 1194
a9de9248 1195 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1196 if (acl) {
1197 sco = acl->link;
1198 if (sco) {
1199 sco->state = BT_CLOSED;
1da177e4 1200
5a08ecce
AE		 1201 hci_proto_connect_cfm(sco, status);
1202 hci_conn_del(sco);
1203 }
a9de9248 1204 }
1da177e4 1205
a9de9248
MH		 1206 hci_dev_unlock(hdev);
1207}
1da177e4 1208
f8558555
MH		 1209static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1210{
1211 struct hci_cp_auth_requested *cp;
1212 struct hci_conn *conn;
1213
1214 BT_DBG("%s status 0x%x", hdev->name, status);
1215
1216 if (!status)
1217 return;
1218
1219 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1220 if (!cp)
1221 return;
1222
1223 hci_dev_lock(hdev);
1224
1225 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1226 if (conn) {
1227 if (conn->state == BT_CONFIG) {
1228 hci_proto_connect_cfm(conn, status);
1229 hci_conn_put(conn);
1230 }
1231 }
1232
1233 hci_dev_unlock(hdev);
1234}
1235
1236static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1237{
1238 struct hci_cp_set_conn_encrypt *cp;
1239 struct hci_conn *conn;
1240
1241 BT_DBG("%s status 0x%x", hdev->name, status);
1242
1243 if (!status)
1244 return;
1245
1246 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1247 if (!cp)
1248 return;
1249
1250 hci_dev_lock(hdev);
1251
1252 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1253 if (conn) {
1254 if (conn->state == BT_CONFIG) {
1255 hci_proto_connect_cfm(conn, status);
1256 hci_conn_put(conn);
1257 }
1258 }
1259
1260 hci_dev_unlock(hdev);
1261}
1262
127178d2 1263static int hci_outgoing_auth_needed(struct hci_dev *hdev,
138d22ef 1264 struct hci_conn *conn)
392599b9 1265{
392599b9
JH		 1266 if (conn->state != BT_CONFIG || !conn->out)
1267 return 0;
1268
765c2a96 1269 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1270 return 0;
1271
1272 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1273 * devices with sec_level HIGH or if MITM protection is requested */
aa64a8b5 1274 if (!hci_conn_ssp_enabled(conn) &&
e9bf2bf0
VCG		 1275 conn->pending_sec_level != BT_SECURITY_HIGH &&
1276 !(conn->auth_type & 0x01))
392599b9
JH		 1277 return 0;
1278
392599b9
JH		 1279 return 1;
1280}
1281
30dc78e1
JH		 1282static inline int hci_resolve_name(struct hci_dev *hdev, struct inquiry_entry *e)
1283{
1284 struct hci_cp_remote_name_req cp;
1285
1286 memset(&cp, 0, sizeof(cp));
1287
1288 bacpy(&cp.bdaddr, &e->data.bdaddr);
1289 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1290 cp.pscan_mode = e->data.pscan_mode;
1291 cp.clock_offset = e->data.clock_offset;
1292
1293 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1294}
1295
b644ba33 1296static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1297{
1298 struct discovery_state *discov = &hdev->discovery;
1299 struct inquiry_entry *e;
1300
b644ba33
JH		 1301 if (list_empty(&discov->resolve))
1302 return false;
1303
1304 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1305 if (hci_resolve_name(hdev, e) == 0) {
1306 e->name_state = NAME_PENDING;
1307 return true;
1308 }
1309
1310 return false;
1311}
1312
1313static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
1314 bdaddr_t *bdaddr, u8 *name, u8 name_len)
1315{
1316 struct discovery_state *discov = &hdev->discovery;
1317 struct inquiry_entry *e;
1318
1319 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
1320 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00,
1321 name, name_len, conn->dev_class);
1322
1323 if (discov->state == DISCOVERY_STOPPED)
1324 return;
1325
30dc78e1
JH		 1326 if (discov->state == DISCOVERY_STOPPING)
1327 goto discov_complete;
1328
1329 if (discov->state != DISCOVERY_RESOLVING)
1330 return;
1331
1332 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
1333 if (e) {
1334 e->name_state = NAME_KNOWN;
1335 list_del(&e->list);
b644ba33
JH		 1336 if (name)
1337 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1338 e->data.rssi, name, name_len);
30dc78e1
JH		 1339 }
1340
b644ba33 1341 if (hci_resolve_next_name(hdev))
30dc78e1 1342 return;
30dc78e1
JH		 1343
1344discov_complete:
1345 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1346}
1347
a9de9248
MH		 1348static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1349{
127178d2
JH		 1350 struct hci_cp_remote_name_req *cp;
1351 struct hci_conn *conn;
1352
a9de9248 1353 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 1354
1355 /* If successful wait for the name req complete event before
1356 * checking for the need to do authentication */
1357 if (!status)
1358 return;
1359
1360 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1361 if (!cp)
1362 return;
1363
1364 hci_dev_lock(hdev);
1365
b644ba33
JH		 1366 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1367
a8b2d5c2 1368 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1369 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1370
79c6c70c
JH		 1371 if (!conn)
1372 goto unlock;
1373
1374 if (!hci_outgoing_auth_needed(hdev, conn))
1375 goto unlock;
1376
51a8efd7 1377 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1378 struct hci_cp_auth_requested cp;
1379 cp.handle = __cpu_to_le16(conn->handle);
1380 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1381 }
1382
79c6c70c 1383unlock:
127178d2 1384 hci_dev_unlock(hdev);
a9de9248 1385}
1da177e4 1386
769be974
MH		 1387static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1388{
1389 struct hci_cp_read_remote_features *cp;
1390 struct hci_conn *conn;
1391
1392 BT_DBG("%s status 0x%x", hdev->name, status);
1393
1394 if (!status)
1395 return;
1396
1397 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1398 if (!cp)
1399 return;
1400
1401 hci_dev_lock(hdev);
1402
1403 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1404 if (conn) {
1405 if (conn->state == BT_CONFIG) {
769be974
MH		 1406 hci_proto_connect_cfm(conn, status);
1407 hci_conn_put(conn);
1408 }
1409 }
1410
1411 hci_dev_unlock(hdev);
1412}
1413
1414static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1415{
1416 struct hci_cp_read_remote_ext_features *cp;
1417 struct hci_conn *conn;
1418
1419 BT_DBG("%s status 0x%x", hdev->name, status);
1420
1421 if (!status)
1422 return;
1423
1424 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1425 if (!cp)
1426 return;
1427
1428 hci_dev_lock(hdev);
1429
1430 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1431 if (conn) {
1432 if (conn->state == BT_CONFIG) {
769be974
MH		 1433 hci_proto_connect_cfm(conn, status);
1434 hci_conn_put(conn);
1435 }
1436 }
1437
1438 hci_dev_unlock(hdev);
1439}
1440
a9de9248
MH		 1441static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1442{
b6a0dc82
MH		 1443 struct hci_cp_setup_sync_conn *cp;
1444 struct hci_conn *acl, *sco;
1445 __u16 handle;
1446
a9de9248 1447 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 1448
1449 if (!status)
1450 return;
1451
1452 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1453 if (!cp)
1454 return;
1455
1456 handle = __le16_to_cpu(cp->handle);
1457
1458 BT_DBG("%s handle %d", hdev->name, handle);
1459
1460 hci_dev_lock(hdev);
1461
1462 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1463 if (acl) {
1464 sco = acl->link;
1465 if (sco) {
1466 sco->state = BT_CLOSED;
b6a0dc82 1467
5a08ecce
AE		 1468 hci_proto_connect_cfm(sco, status);
1469 hci_conn_del(sco);
1470 }
b6a0dc82
MH		 1471 }
1472
1473 hci_dev_unlock(hdev);
1da177e4
LT		 1474}
1475
a9de9248 1476static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1477{
a9de9248
MH		 1478 struct hci_cp_sniff_mode *cp;
1479 struct hci_conn *conn;
1da177e4 1480
a9de9248 1481 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1482
a9de9248
MH		 1483 if (!status)
1484 return;
04837f64 1485
a9de9248
MH		 1486 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1487 if (!cp)
1488 return;
04837f64 1489
a9de9248 1490 hci_dev_lock(hdev);
04837f64 1491
a9de9248 1492 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1493 if (conn) {
51a8efd7 1494 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1495
51a8efd7 1496 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1497 hci_sco_setup(conn, status);
1498 }
1499
a9de9248
MH		 1500 hci_dev_unlock(hdev);
1501}
04837f64 1502
a9de9248
MH		 1503static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1504{
1505 struct hci_cp_exit_sniff_mode *cp;
1506 struct hci_conn *conn;
04837f64 1507
a9de9248 1508 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 1509
a9de9248
MH		 1510 if (!status)
1511 return;
04837f64 1512
a9de9248
MH		 1513 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1514 if (!cp)
1515 return;
04837f64 1516
a9de9248 1517 hci_dev_lock(hdev);
1da177e4 1518
a9de9248 1519 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1520 if (conn) {
51a8efd7 1521 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1522
51a8efd7 1523 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1524 hci_sco_setup(conn, status);
1525 }
1526
a9de9248 1527 hci_dev_unlock(hdev);
1da177e4
LT		 1528}
1529
fcd89c09
VT		 1530static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1531{
1532 struct hci_cp_le_create_conn *cp;
1533 struct hci_conn *conn;
1534
1535 BT_DBG("%s status 0x%x", hdev->name, status);
1536
1537 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1538 if (!cp)
1539 return;
1540
1541 hci_dev_lock(hdev);
1542
1543 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1544
1545 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1546 conn);
1547
1548 if (status) {
1549 if (conn && conn->state == BT_CONNECT) {
1550 conn->state = BT_CLOSED;
1551 hci_proto_connect_cfm(conn, status);
1552 hci_conn_del(conn);
1553 }
1554 } else {
1555 if (!conn) {
1556 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
29b7988a
AG		 1557 if (conn) {
1558 conn->dst_type = cp->peer_addr_type;
a0c808b3 1559 conn->out = true;
29b7988a 1560 } else {
fcd89c09 1561 BT_ERR("No memory for new connection");
29b7988a 1562 }
fcd89c09
VT		 1563 }
1564 }
1565
1566 hci_dev_unlock(hdev);
1567}
1568
a7a595f6
VCG		 1569static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1570{
1571 BT_DBG("%s status 0x%x", hdev->name, status);
1572}
1573
1da177e4
LT		 1574static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1575{
1576 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1577 struct discovery_state *discov = &hdev->discovery;
1578 struct inquiry_entry *e;
1da177e4
LT		 1579
1580 BT_DBG("%s status %d", hdev->name, status);
1581
23bb5763 1582 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1583
a9de9248 1584 hci_conn_check_pending(hdev);
89352e7d
AG		 1585
1586 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1587 return;
1588
a8b2d5c2 1589 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1590 return;
1591
56e5cb86 1592 hci_dev_lock(hdev);
30dc78e1
JH		 1593
1594 if (discov->state != DISCOVERY_INQUIRY)
1595 goto unlock;
1596
1597 if (list_empty(&discov->resolve)) {
1598 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1599 goto unlock;
1600 }
1601
1602 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1603 if (e && hci_resolve_name(hdev, e) == 0) {
1604 e->name_state = NAME_PENDING;
1605 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1606 } else {
1607 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1608 }
1609
1610unlock:
56e5cb86 1611 hci_dev_unlock(hdev);
1da177e4
LT		 1612}
1613
1da177e4
LT		 1614static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1615{
45bb4bf0 1616 struct inquiry_data data;
a9de9248 1617 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1618 int num_rsp = *((__u8 *) skb->data);
1619
1620 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1621
45bb4bf0
MH		 1622 if (!num_rsp)
1623 return;
1624
1da177e4 1625 hci_dev_lock(hdev);
45bb4bf0 1626
e17acd40 1627 for (; num_rsp; num_rsp--, info++) {
3175405b
JH		 1628 bool name_known;
1629
1da177e4
LT		 1630 bacpy(&data.bdaddr, &info->bdaddr);
1631 data.pscan_rep_mode = info->pscan_rep_mode;
1632 data.pscan_period_mode = info->pscan_period_mode;
1633 data.pscan_mode = info->pscan_mode;
1634 memcpy(data.dev_class, info->dev_class, 3);
1635 data.clock_offset = info->clock_offset;
1636 data.rssi = 0x00;
41a96212 1637 data.ssp_mode = 0x00;
3175405b
JH		 1638
1639 name_known = hci_inquiry_cache_update(hdev, &data, false);
48264f06 1640 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
7d262f86
AG		 1641 info->dev_class, 0, !name_known,
1642 NULL, 0);
1da177e4 1643 }
45bb4bf0 1644
1da177e4
LT		 1645 hci_dev_unlock(hdev);
1646}
1647
1da177e4
LT		 1648static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1649{
a9de9248
MH		 1650 struct hci_ev_conn_complete *ev = (void *) skb->data;
1651 struct hci_conn *conn;
1da177e4
LT		 1652
1653 BT_DBG("%s", hdev->name);
1654
1655 hci_dev_lock(hdev);
1656
1657 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1658 if (!conn) {
1659 if (ev->link_type != SCO_LINK)
1660 goto unlock;
1661
1662 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1663 if (!conn)
1664 goto unlock;
1665
1666 conn->type = SCO_LINK;
1667 }
1da177e4
LT		 1668
1669 if (!ev->status) {
1670 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1671
1672 if (conn->type == ACL_LINK) {
1673 conn->state = BT_CONFIG;
1674 hci_conn_hold(conn);
052b30b0 1675 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1676 } else
1677 conn->state = BT_CONNECTED;
1da177e4 1678
9eba32b8 1679 hci_conn_hold_device(conn);
7d0db0a3
MH		 1680 hci_conn_add_sysfs(conn);
1681
1da177e4
LT		 1682 if (test_bit(HCI_AUTH, &hdev->flags))
1683 conn->link_mode |= HCI_LM_AUTH;
1684
1685 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1686 conn->link_mode |= HCI_LM_ENCRYPT;
1687
04837f64
MH		 1688 /* Get remote features */
1689 if (conn->type == ACL_LINK) {
1690 struct hci_cp_read_remote_features cp;
1691 cp.handle = ev->handle;
769be974
MH		 1692 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1693 sizeof(cp), &cp);
04837f64
MH		 1694 }
1695
1da177e4 1696 /* Set packet type for incoming connection */
d095c1eb 1697 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1698 struct hci_cp_change_conn_ptype cp;
1699 cp.handle = ev->handle;
a8746417
MH		 1700 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1701 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1702 sizeof(cp), &cp);
1da177e4 1703 }
17d5c04c 1704 } else {
1da177e4 1705 conn->state = BT_CLOSED;
17d5c04c 1706 if (conn->type == ACL_LINK)
744cf19e 1707 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
48264f06 1708 conn->dst_type, ev->status);
17d5c04c 1709 }
1da177e4 1710
e73439d8
MH		 1711 if (conn->type == ACL_LINK)
1712 hci_sco_setup(conn, ev->status);
1da177e4 1713
769be974
MH		 1714 if (ev->status) {
1715 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1716 hci_conn_del(conn);
c89b6e6b
MH		 1717 } else if (ev->link_type != ACL_LINK)
1718 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1719
a9de9248 1720unlock:
1da177e4 1721 hci_dev_unlock(hdev);
1da177e4 1722
a9de9248 1723 hci_conn_check_pending(hdev);
1da177e4
LT		 1724}
1725
a9de9248 1726static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1727{
a9de9248
MH		 1728 struct hci_ev_conn_request *ev = (void *) skb->data;
1729 int mask = hdev->link_mode;
1da177e4 1730
a9de9248
MH		 1731 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1732 batostr(&ev->bdaddr), ev->link_type);
1da177e4 1733
a9de9248 1734 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1735
138d22ef
SJ		 1736 if ((mask & HCI_LM_ACCEPT) &&
1737 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1738 /* Connection accepted */
c7bdd502 1739 struct inquiry_entry *ie;
1da177e4 1740 struct hci_conn *conn;
1da177e4 1741
a9de9248 1742 hci_dev_lock(hdev);
b6a0dc82 1743
cc11b9c1
AE		 1744 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1745 if (ie)
c7bdd502
MH		 1746 memcpy(ie->data.dev_class, ev->dev_class, 3);
1747
a9de9248
MH		 1748 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1749 if (!conn) {
cc11b9c1
AE		 1750 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1751 if (!conn) {
893ef971 1752 BT_ERR("No memory for new connection");
a9de9248
MH		 1753 hci_dev_unlock(hdev);
1754 return;
1da177e4
LT		 1755 }
1756 }
b6a0dc82 1757
a9de9248
MH		 1758 memcpy(conn->dev_class, ev->dev_class, 3);
1759 conn->state = BT_CONNECT;
b6a0dc82 1760
a9de9248 1761 hci_dev_unlock(hdev);
1da177e4 1762
b6a0dc82
MH		 1763 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1764 struct hci_cp_accept_conn_req cp;
1da177e4 1765
b6a0dc82
MH		 1766 bacpy(&cp.bdaddr, &ev->bdaddr);
1767
1768 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1769 cp.role = 0x00; /* Become master */
1770 else
1771 cp.role = 0x01; /* Remain slave */
1772
1773 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1774 sizeof(cp), &cp);
1775 } else {
1776 struct hci_cp_accept_sync_conn_req cp;
1777
1778 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1779 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1780
1781 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1782 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1783 cp.max_latency = cpu_to_le16(0xffff);
1784 cp.content_format = cpu_to_le16(hdev->voice_setting);
1785 cp.retrans_effort = 0xff;
1da177e4 1786
b6a0dc82
MH		 1787 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1788 sizeof(cp), &cp);
1789 }
a9de9248
MH		 1790 } else {
1791 /* Connection rejected */
1792 struct hci_cp_reject_conn_req cp;
1da177e4 1793
a9de9248 1794 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1795 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1796 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1797 }
1da177e4
LT		 1798}
1799
a9de9248 1800static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1801{
a9de9248 1802 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1803 struct hci_conn *conn;
1804
1805 BT_DBG("%s status %d", hdev->name, ev->status);
1806
1807 hci_dev_lock(hdev);
1808
1809 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1810 if (!conn)
1811 goto unlock;
7d0db0a3 1812
37d9ef76
JH		 1813 if (ev->status == 0)
1814 conn->state = BT_CLOSED;
04837f64 1815
b644ba33
JH		 1816 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1817 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
37d9ef76
JH		 1818 if (ev->status != 0)
1819 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1820 else
afc747a6 1821 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
48264f06 1822 conn->dst_type);
37d9ef76 1823 }
f7520543 1824
37d9ef76
JH		 1825 if (ev->status == 0) {
1826 hci_proto_disconn_cfm(conn, ev->reason);
1827 hci_conn_del(conn);
1828 }
f7520543
JH		 1829
1830unlock:
04837f64
MH		 1831 hci_dev_unlock(hdev);
1832}
1833
1da177e4
LT		 1834static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1835{
a9de9248 1836 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1837 struct hci_conn *conn;
1da177e4
LT		 1838
1839 BT_DBG("%s status %d", hdev->name, ev->status);
1840
1841 hci_dev_lock(hdev);
1842
04837f64 1843 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 1844 if (!conn)
1845 goto unlock;
1846
1847 if (!ev->status) {
aa64a8b5
JH		 1848 if (!hci_conn_ssp_enabled(conn) &&
1849 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 1850 BT_INFO("re-auth of legacy device is not possible.");
2a611692 1851 } else {
d7556e20
WR		 1852 conn->link_mode |= HCI_LM_AUTH;
1853 conn->sec_level = conn->pending_sec_level;
2a611692 1854 }
d7556e20 1855 } else {
744cf19e 1856 mgmt_auth_failed(hdev, &conn->dst, ev->status);
d7556e20 1857 }
1da177e4 1858
51a8efd7
JH		 1859 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1860 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 1861
d7556e20 1862 if (conn->state == BT_CONFIG) {
aa64a8b5 1863 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 1864 struct hci_cp_set_conn_encrypt cp;
1865 cp.handle = ev->handle;
1866 cp.encrypt = 0x01;
1867 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1868 &cp);
052b30b0 1869 } else {
d7556e20
WR		 1870 conn->state = BT_CONNECTED;
1871 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 1872 hci_conn_put(conn);
1873 }
d7556e20
WR		 1874 } else {
1875 hci_auth_cfm(conn, ev->status);
052b30b0 1876
d7556e20
WR		 1877 hci_conn_hold(conn);
1878 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1879 hci_conn_put(conn);
1880 }
1881
51a8efd7 1882 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 1883 if (!ev->status) {
1884 struct hci_cp_set_conn_encrypt cp;
1885 cp.handle = ev->handle;
1886 cp.encrypt = 0x01;
1887 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1888 &cp);
1889 } else {
51a8efd7 1890 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 1891 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 1892 }
1893 }
1894
d7556e20 1895unlock:
1da177e4
LT		 1896 hci_dev_unlock(hdev);
1897}
1898
a9de9248 1899static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1900{
127178d2
JH		 1901 struct hci_ev_remote_name *ev = (void *) skb->data;
1902 struct hci_conn *conn;
1903
a9de9248 1904 BT_DBG("%s", hdev->name);
1da177e4 1905
a9de9248 1906 hci_conn_check_pending(hdev);
127178d2
JH		 1907
1908 hci_dev_lock(hdev);
1909
b644ba33 1910 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 1911
b644ba33
JH		 1912 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
1913 goto check_auth;
a88a9652 1914
b644ba33
JH		 1915 if (ev->status == 0)
1916 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
1917 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
1918 else
1919 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
1920
1921check_auth:
79c6c70c
JH		 1922 if (!conn)
1923 goto unlock;
1924
1925 if (!hci_outgoing_auth_needed(hdev, conn))
1926 goto unlock;
1927
51a8efd7 1928 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1929 struct hci_cp_auth_requested cp;
1930 cp.handle = __cpu_to_le16(conn->handle);
1931 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1932 }
1933
79c6c70c 1934unlock:
127178d2 1935 hci_dev_unlock(hdev);
a9de9248
MH		 1936}
1937
1938static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1939{
1940 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1941 struct hci_conn *conn;
1942
1943 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1944
1945 hci_dev_lock(hdev);
1946
04837f64 1947 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1948 if (conn) {
1949 if (!ev->status) {
ae293196
MH		 1950 if (ev->encrypt) {
1951 /* Encryption implies authentication */
1952 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1953 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 1954 conn->sec_level = conn->pending_sec_level;
ae293196 1955 } else
1da177e4
LT		 1956 conn->link_mode &= ~HCI_LM_ENCRYPT;
1957 }
1958
51a8efd7 1959 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 1960
f8558555
MH		 1961 if (conn->state == BT_CONFIG) {
1962 if (!ev->status)
1963 conn->state = BT_CONNECTED;
1964
1965 hci_proto_connect_cfm(conn, ev->status);
1966 hci_conn_put(conn);
1967 } else
1968 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1969 }
1970
1971 hci_dev_unlock(hdev);
1972}
1973
a9de9248 1974static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1975{
a9de9248 1976 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1977 struct hci_conn *conn;
1da177e4
LT		 1978
1979 BT_DBG("%s status %d", hdev->name, ev->status);
1980
1981 hci_dev_lock(hdev);
1982
04837f64 1983 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1984 if (conn) {
1985 if (!ev->status)
1986 conn->link_mode |= HCI_LM_SECURE;
1987
51a8efd7 1988 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 1989
1990 hci_key_change_cfm(conn, ev->status);
1991 }
1992
1993 hci_dev_unlock(hdev);
1994}
1995
a9de9248 1996static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1997{
a9de9248
MH		 1998 struct hci_ev_remote_features *ev = (void *) skb->data;
1999 struct hci_conn *conn;
2000
2001 BT_DBG("%s status %d", hdev->name, ev->status);
2002
a9de9248
MH		 2003 hci_dev_lock(hdev);
2004
2005 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2006 if (!conn)
2007 goto unlock;
769be974 2008
ccd556fe
JH		 2009 if (!ev->status)
2010 memcpy(conn->features, ev->features, 8);
2011
2012 if (conn->state != BT_CONFIG)
2013 goto unlock;
2014
2015 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2016 struct hci_cp_read_remote_ext_features cp;
2017 cp.handle = ev->handle;
2018 cp.page = 0x01;
2019 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 2020 sizeof(cp), &cp);
392599b9
JH		 2021 goto unlock;
2022 }
2023
127178d2
JH		 2024 if (!ev->status) {
2025 struct hci_cp_remote_name_req cp;
2026 memset(&cp, 0, sizeof(cp));
2027 bacpy(&cp.bdaddr, &conn->dst);
2028 cp.pscan_rep_mode = 0x02;
2029 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2030 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2031 mgmt_device_connected(hdev, &conn->dst, conn->type,
2032 conn->dst_type, NULL, 0,
2033 conn->dev_class);
392599b9 2034
127178d2 2035 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2036 conn->state = BT_CONNECTED;
2037 hci_proto_connect_cfm(conn, ev->status);
2038 hci_conn_put(conn);
769be974 2039 }
a9de9248 2040
ccd556fe 2041unlock:
a9de9248 2042 hci_dev_unlock(hdev);
1da177e4
LT		 2043}
2044
a9de9248 2045static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2046{
a9de9248 2047 BT_DBG("%s", hdev->name);
1da177e4
LT		 2048}
2049
a9de9248 2050static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2051{
a9de9248 2052 BT_DBG("%s", hdev->name);
1da177e4
LT		 2053}
2054
a9de9248
MH		 2055static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2056{
2057 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2058 __u16 opcode;
2059
2060 skb_pull(skb, sizeof(*ev));
2061
2062 opcode = __le16_to_cpu(ev->opcode);
2063
2064 switch (opcode) {
2065 case HCI_OP_INQUIRY_CANCEL:
2066 hci_cc_inquiry_cancel(hdev, skb);
2067 break;
2068
2069 case HCI_OP_EXIT_PERIODIC_INQ:
2070 hci_cc_exit_periodic_inq(hdev, skb);
2071 break;
2072
2073 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2074 hci_cc_remote_name_req_cancel(hdev, skb);
2075 break;
2076
2077 case HCI_OP_ROLE_DISCOVERY:
2078 hci_cc_role_discovery(hdev, skb);
2079 break;
2080
e4e8e37c
MH		 2081 case HCI_OP_READ_LINK_POLICY:
2082 hci_cc_read_link_policy(hdev, skb);
2083 break;
2084
a9de9248
MH		 2085 case HCI_OP_WRITE_LINK_POLICY:
2086 hci_cc_write_link_policy(hdev, skb);
2087 break;
2088
e4e8e37c
MH		 2089 case HCI_OP_READ_DEF_LINK_POLICY:
2090 hci_cc_read_def_link_policy(hdev, skb);
2091 break;
2092
2093 case HCI_OP_WRITE_DEF_LINK_POLICY:
2094 hci_cc_write_def_link_policy(hdev, skb);
2095 break;
2096
a9de9248
MH		 2097 case HCI_OP_RESET:
2098 hci_cc_reset(hdev, skb);
2099 break;
2100
2101 case HCI_OP_WRITE_LOCAL_NAME:
2102 hci_cc_write_local_name(hdev, skb);
2103 break;
2104
2105 case HCI_OP_READ_LOCAL_NAME:
2106 hci_cc_read_local_name(hdev, skb);
2107 break;
2108
2109 case HCI_OP_WRITE_AUTH_ENABLE:
2110 hci_cc_write_auth_enable(hdev, skb);
2111 break;
2112
2113 case HCI_OP_WRITE_ENCRYPT_MODE:
2114 hci_cc_write_encrypt_mode(hdev, skb);
2115 break;
2116
2117 case HCI_OP_WRITE_SCAN_ENABLE:
2118 hci_cc_write_scan_enable(hdev, skb);
2119 break;
2120
2121 case HCI_OP_READ_CLASS_OF_DEV:
2122 hci_cc_read_class_of_dev(hdev, skb);
2123 break;
2124
2125 case HCI_OP_WRITE_CLASS_OF_DEV:
2126 hci_cc_write_class_of_dev(hdev, skb);
2127 break;
2128
2129 case HCI_OP_READ_VOICE_SETTING:
2130 hci_cc_read_voice_setting(hdev, skb);
2131 break;
2132
2133 case HCI_OP_WRITE_VOICE_SETTING:
2134 hci_cc_write_voice_setting(hdev, skb);
2135 break;
2136
2137 case HCI_OP_HOST_BUFFER_SIZE:
2138 hci_cc_host_buffer_size(hdev, skb);
2139 break;
2140
333140b5
MH		 2141 case HCI_OP_READ_SSP_MODE:
2142 hci_cc_read_ssp_mode(hdev, skb);
2143 break;
2144
2145 case HCI_OP_WRITE_SSP_MODE:
2146 hci_cc_write_ssp_mode(hdev, skb);
2147 break;
2148
a9de9248
MH		 2149 case HCI_OP_READ_LOCAL_VERSION:
2150 hci_cc_read_local_version(hdev, skb);
2151 break;
2152
2153 case HCI_OP_READ_LOCAL_COMMANDS:
2154 hci_cc_read_local_commands(hdev, skb);
2155 break;
2156
2157 case HCI_OP_READ_LOCAL_FEATURES:
2158 hci_cc_read_local_features(hdev, skb);
2159 break;
2160
971e3a4b
AG		 2161 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2162 hci_cc_read_local_ext_features(hdev, skb);
2163 break;
2164
a9de9248
MH		 2165 case HCI_OP_READ_BUFFER_SIZE:
2166 hci_cc_read_buffer_size(hdev, skb);
2167 break;
2168
2169 case HCI_OP_READ_BD_ADDR:
2170 hci_cc_read_bd_addr(hdev, skb);
2171 break;
2172
350ee4cf
AE		 2173 case HCI_OP_READ_DATA_BLOCK_SIZE:
2174 hci_cc_read_data_block_size(hdev, skb);
2175 break;
2176
23bb5763
JH		 2177 case HCI_OP_WRITE_CA_TIMEOUT:
2178 hci_cc_write_ca_timeout(hdev, skb);
2179 break;
2180
1e89cffb
AE		 2181 case HCI_OP_READ_FLOW_CONTROL_MODE:
2182 hci_cc_read_flow_control_mode(hdev, skb);
2183 break;
2184
928abaa7
AE		 2185 case HCI_OP_READ_LOCAL_AMP_INFO:
2186 hci_cc_read_local_amp_info(hdev, skb);
2187 break;
2188
b0916ea0
JH		 2189 case HCI_OP_DELETE_STORED_LINK_KEY:
2190 hci_cc_delete_stored_link_key(hdev, skb);
2191 break;
2192
d5859e22
JH		 2193 case HCI_OP_SET_EVENT_MASK:
2194 hci_cc_set_event_mask(hdev, skb);
2195 break;
2196
2197 case HCI_OP_WRITE_INQUIRY_MODE:
2198 hci_cc_write_inquiry_mode(hdev, skb);
2199 break;
2200
2201 case HCI_OP_READ_INQ_RSP_TX_POWER:
2202 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2203 break;
2204
2205 case HCI_OP_SET_EVENT_FLT:
2206 hci_cc_set_event_flt(hdev, skb);
2207 break;
2208
980e1a53
JH		 2209 case HCI_OP_PIN_CODE_REPLY:
2210 hci_cc_pin_code_reply(hdev, skb);
2211 break;
2212
2213 case HCI_OP_PIN_CODE_NEG_REPLY:
2214 hci_cc_pin_code_neg_reply(hdev, skb);
2215 break;
2216
c35938b2
SJ		 2217 case HCI_OP_READ_LOCAL_OOB_DATA:
2218 hci_cc_read_local_oob_data_reply(hdev, skb);
2219 break;
2220
6ed58ec5
VT		 2221 case HCI_OP_LE_READ_BUFFER_SIZE:
2222 hci_cc_le_read_buffer_size(hdev, skb);
2223 break;
2224
a5c29683
JH		 2225 case HCI_OP_USER_CONFIRM_REPLY:
2226 hci_cc_user_confirm_reply(hdev, skb);
2227 break;
2228
2229 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2230 hci_cc_user_confirm_neg_reply(hdev, skb);
2231 break;
2232
1143d458
BG		 2233 case HCI_OP_USER_PASSKEY_REPLY:
2234 hci_cc_user_passkey_reply(hdev, skb);
2235 break;
2236
2237 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2238 hci_cc_user_passkey_neg_reply(hdev, skb);
07f7fa5d
AG		 2239
2240 case HCI_OP_LE_SET_SCAN_PARAM:
2241 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2242 break;
2243
eb9d91f5
AG		 2244 case HCI_OP_LE_SET_SCAN_ENABLE:
2245 hci_cc_le_set_scan_enable(hdev, skb);
2246 break;
2247
a7a595f6
VCG		 2248 case HCI_OP_LE_LTK_REPLY:
2249 hci_cc_le_ltk_reply(hdev, skb);
2250 break;
2251
2252 case HCI_OP_LE_LTK_NEG_REPLY:
2253 hci_cc_le_ltk_neg_reply(hdev, skb);
2254 break;
2255
f9b49306
AG		 2256 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2257 hci_cc_write_le_host_supported(hdev, skb);
2258 break;
2259
a9de9248
MH		 2260 default:
2261 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2262 break;
2263 }
2264
6bd32326
VT		 2265 if (ev->opcode != HCI_OP_NOP)
2266 del_timer(&hdev->cmd_timer);
2267
a9de9248
MH		 2268 if (ev->ncmd) {
2269 atomic_set(&hdev->cmd_cnt, 1);
2270 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2271 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2272 }
2273}
2274
2275static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2276{
2277 struct hci_ev_cmd_status *ev = (void *) skb->data;
2278 __u16 opcode;
2279
2280 skb_pull(skb, sizeof(*ev));
2281
2282 opcode = __le16_to_cpu(ev->opcode);
2283
2284 switch (opcode) {
2285 case HCI_OP_INQUIRY:
2286 hci_cs_inquiry(hdev, ev->status);
2287 break;
2288
2289 case HCI_OP_CREATE_CONN:
2290 hci_cs_create_conn(hdev, ev->status);
2291 break;
2292
2293 case HCI_OP_ADD_SCO:
2294 hci_cs_add_sco(hdev, ev->status);
2295 break;
2296
f8558555
MH		 2297 case HCI_OP_AUTH_REQUESTED:
2298 hci_cs_auth_requested(hdev, ev->status);
2299 break;
2300
2301 case HCI_OP_SET_CONN_ENCRYPT:
2302 hci_cs_set_conn_encrypt(hdev, ev->status);
2303 break;
2304
a9de9248
MH		 2305 case HCI_OP_REMOTE_NAME_REQ:
2306 hci_cs_remote_name_req(hdev, ev->status);
2307 break;
2308
769be974
MH		 2309 case HCI_OP_READ_REMOTE_FEATURES:
2310 hci_cs_read_remote_features(hdev, ev->status);
2311 break;
2312
2313 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2314 hci_cs_read_remote_ext_features(hdev, ev->status);
2315 break;
2316
a9de9248
MH		 2317 case HCI_OP_SETUP_SYNC_CONN:
2318 hci_cs_setup_sync_conn(hdev, ev->status);
2319 break;
2320
2321 case HCI_OP_SNIFF_MODE:
2322 hci_cs_sniff_mode(hdev, ev->status);
2323 break;
2324
2325 case HCI_OP_EXIT_SNIFF_MODE:
2326 hci_cs_exit_sniff_mode(hdev, ev->status);
2327 break;
2328
8962ee74
JH		 2329 case HCI_OP_DISCONNECT:
2330 if (ev->status != 0)
37d9ef76 2331 mgmt_disconnect_failed(hdev, NULL, ev->status);
8962ee74
JH		 2332 break;
2333
fcd89c09
VT		 2334 case HCI_OP_LE_CREATE_CONN:
2335 hci_cs_le_create_conn(hdev, ev->status);
2336 break;
2337
a7a595f6
VCG		 2338 case HCI_OP_LE_START_ENC:
2339 hci_cs_le_start_enc(hdev, ev->status);
2340 break;
2341
a9de9248
MH		 2342 default:
2343 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2344 break;
2345 }
2346
6bd32326
VT		 2347 if (ev->opcode != HCI_OP_NOP)
2348 del_timer(&hdev->cmd_timer);
2349
10572132 2350 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2351 atomic_set(&hdev->cmd_cnt, 1);
2352 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2353 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2354 }
2355}
2356
2357static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2358{
2359 struct hci_ev_role_change *ev = (void *) skb->data;
2360 struct hci_conn *conn;
2361
2362 BT_DBG("%s status %d", hdev->name, ev->status);
2363
2364 hci_dev_lock(hdev);
2365
2366 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2367 if (conn) {
2368 if (!ev->status) {
2369 if (ev->role)
2370 conn->link_mode &= ~HCI_LM_MASTER;
2371 else
2372 conn->link_mode |= HCI_LM_MASTER;
2373 }
2374
51a8efd7 2375 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2376
2377 hci_role_switch_cfm(conn, ev->status, ev->role);
2378 }
2379
2380 hci_dev_unlock(hdev);
2381}
2382
2383static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2384{
2385 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2386 int i;
2387
32ac5b9b
AE		 2388 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2389 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2390 return;
2391 }
2392
c5993de8
AE		 2393 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2394 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2395 BT_DBG("%s bad parameters", hdev->name);
2396 return;
2397 }
2398
c5993de8
AE		 2399 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2400
613a1c0c
AE		 2401 for (i = 0; i < ev->num_hndl; i++) {
2402 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2403 struct hci_conn *conn;
2404 __u16 handle, count;
2405
613a1c0c
AE		 2406 handle = __le16_to_cpu(info->handle);
2407 count = __le16_to_cpu(info->count);
a9de9248
MH		 2408
2409 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2410 if (!conn)
2411 continue;
2412
2413 conn->sent -= count;
2414
2415 switch (conn->type) {
2416 case ACL_LINK:
2417 hdev->acl_cnt += count;
2418 if (hdev->acl_cnt > hdev->acl_pkts)
2419 hdev->acl_cnt = hdev->acl_pkts;
2420 break;
2421
2422 case LE_LINK:
2423 if (hdev->le_pkts) {
2424 hdev->le_cnt += count;
2425 if (hdev->le_cnt > hdev->le_pkts)
2426 hdev->le_cnt = hdev->le_pkts;
2427 } else {
70f23020
AE		 2428 hdev->acl_cnt += count;
2429 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2430 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2431 }
f4280918
AE		 2432 break;
2433
2434 case SCO_LINK:
2435 hdev->sco_cnt += count;
2436 if (hdev->sco_cnt > hdev->sco_pkts)
2437 hdev->sco_cnt = hdev->sco_pkts;
2438 break;
2439
2440 default:
2441 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2442 break;
a9de9248
MH		 2443 }
2444 }
2445
3eff45ea 2446 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2447}
2448
25e89e99
AE		 2449static inline void hci_num_comp_blocks_evt(struct hci_dev *hdev,
2450 struct sk_buff *skb)
2451{
2452 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2453 int i;
2454
2455 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2456 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2457 return;
2458 }
2459
2460 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
2461 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
2462 BT_DBG("%s bad parameters", hdev->name);
2463 return;
2464 }
2465
2466 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
2467 ev->num_hndl);
2468
2469 for (i = 0; i < ev->num_hndl; i++) {
2470 struct hci_comp_blocks_info *info = &ev->handles[i];
2471 struct hci_conn *conn;
2472 __u16 handle, block_count;
2473
2474 handle = __le16_to_cpu(info->handle);
2475 block_count = __le16_to_cpu(info->blocks);
2476
2477 conn = hci_conn_hash_lookup_handle(hdev, handle);
2478 if (!conn)
2479 continue;
2480
2481 conn->sent -= block_count;
2482
2483 switch (conn->type) {
2484 case ACL_LINK:
2485 hdev->block_cnt += block_count;
2486 if (hdev->block_cnt > hdev->num_blocks)
2487 hdev->block_cnt = hdev->num_blocks;
2488 break;
2489
2490 default:
2491 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2492 break;
2493 }
2494 }
2495
2496 queue_work(hdev->workqueue, &hdev->tx_work);
2497}
2498
a9de9248 2499static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2500{
a9de9248 2501 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2502 struct hci_conn *conn;
2503
2504 BT_DBG("%s status %d", hdev->name, ev->status);
2505
2506 hci_dev_lock(hdev);
2507
2508 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2509 if (conn) {
2510 conn->mode = ev->mode;
2511 conn->interval = __le16_to_cpu(ev->interval);
2512
51a8efd7 2513 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
a9de9248 2514 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2515 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2516 else
58a681ef 2517 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2518 }
e73439d8 2519
51a8efd7 2520 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2521 hci_sco_setup(conn, ev->status);
04837f64
MH		 2522 }
2523
2524 hci_dev_unlock(hdev);
2525}
2526
a9de9248
MH		 2527static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2528{
052b30b0
MH		 2529 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2530 struct hci_conn *conn;
2531
a9de9248 2532 BT_DBG("%s", hdev->name);
052b30b0
MH		 2533
2534 hci_dev_lock(hdev);
2535
2536 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2537 if (!conn)
2538 goto unlock;
2539
2540 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2541 hci_conn_hold(conn);
2542 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2543 hci_conn_put(conn);
2544 }
2545
a8b2d5c2 2546 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1
JH		 2547 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2548 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2549 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2550 u8 secure;
2551
2552 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2553 secure = 1;
2554 else
2555 secure = 0;
2556
744cf19e 2557 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2558 }
980e1a53 2559
b6f98044 2560unlock:
052b30b0 2561 hci_dev_unlock(hdev);
a9de9248
MH		 2562}
2563
2564static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2565{
55ed8ca1
JH		 2566 struct hci_ev_link_key_req *ev = (void *) skb->data;
2567 struct hci_cp_link_key_reply cp;
2568 struct hci_conn *conn;
2569 struct link_key *key;
2570
a9de9248 2571 BT_DBG("%s", hdev->name);
55ed8ca1 2572
a8b2d5c2 2573 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2574 return;
2575
2576 hci_dev_lock(hdev);
2577
2578 key = hci_find_link_key(hdev, &ev->bdaddr);
2579 if (!key) {
2580 BT_DBG("%s link key not found for %s", hdev->name,
2581 batostr(&ev->bdaddr));
2582 goto not_found;
2583 }
2584
2585 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2586 batostr(&ev->bdaddr));
2587
a8b2d5c2 2588 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
b6020ba0 2589 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2590 BT_DBG("%s ignoring debug key", hdev->name);
2591 goto not_found;
2592 }
2593
2594 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2595 if (conn) {
2596 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2597 conn->auth_type != 0xff &&
2598 (conn->auth_type & 0x01)) {
2599 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2600 goto not_found;
2601 }
55ed8ca1 2602
60b83f57
WR		 2603 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2604 conn->pending_sec_level == BT_SECURITY_HIGH) {
2605 BT_DBG("%s ignoring key unauthenticated for high \
2606 security", hdev->name);
2607 goto not_found;
2608 }
2609
2610 conn->key_type = key->type;
2611 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2612 }
2613
2614 bacpy(&cp.bdaddr, &ev->bdaddr);
2615 memcpy(cp.link_key, key->val, 16);
2616
2617 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2618
2619 hci_dev_unlock(hdev);
2620
2621 return;
2622
2623not_found:
2624 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2625 hci_dev_unlock(hdev);
a9de9248
MH		 2626}
2627
2628static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2629{
052b30b0
MH		 2630 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2631 struct hci_conn *conn;
55ed8ca1 2632 u8 pin_len = 0;
052b30b0 2633
a9de9248 2634 BT_DBG("%s", hdev->name);
052b30b0
MH		 2635
2636 hci_dev_lock(hdev);
2637
2638 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2639 if (conn) {
2640 hci_conn_hold(conn);
2641 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2642 pin_len = conn->pin_length;
13d39315
WR		 2643
2644 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2645 conn->key_type = ev->key_type;
2646
052b30b0
MH		 2647 hci_conn_put(conn);
2648 }
2649
a8b2d5c2 2650 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2651 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
55ed8ca1
JH		 2652 ev->key_type, pin_len);
2653
052b30b0 2654 hci_dev_unlock(hdev);
a9de9248
MH		 2655}
2656
1da177e4
LT		 2657static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2658{
a9de9248 2659 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2660 struct hci_conn *conn;
1da177e4
LT		 2661
2662 BT_DBG("%s status %d", hdev->name, ev->status);
2663
2664 hci_dev_lock(hdev);
2665
04837f64 2666 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2667 if (conn && !ev->status) {
2668 struct inquiry_entry *ie;
2669
cc11b9c1
AE		 2670 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2671 if (ie) {
1da177e4
LT		 2672 ie->data.clock_offset = ev->clock_offset;
2673 ie->timestamp = jiffies;
2674 }
2675 }
2676
2677 hci_dev_unlock(hdev);
2678}
2679
a8746417
MH		 2680static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2681{
2682 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2683 struct hci_conn *conn;
2684
2685 BT_DBG("%s status %d", hdev->name, ev->status);
2686
2687 hci_dev_lock(hdev);
2688
2689 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2690 if (conn && !ev->status)
2691 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2692
2693 hci_dev_unlock(hdev);
2694}
2695
85a1e930
MH		 2696static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2697{
a9de9248 2698 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2699 struct inquiry_entry *ie;
2700
2701 BT_DBG("%s", hdev->name);
2702
2703 hci_dev_lock(hdev);
2704
cc11b9c1
AE		 2705 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2706 if (ie) {
85a1e930
MH		 2707 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2708 ie->timestamp = jiffies;
2709 }
2710
2711 hci_dev_unlock(hdev);
2712}
2713
a9de9248
MH		 2714static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2715{
2716 struct inquiry_data data;
2717 int num_rsp = *((__u8 *) skb->data);
3175405b 2718 bool name_known;
a9de9248
MH		 2719
2720 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2721
2722 if (!num_rsp)
2723 return;
2724
2725 hci_dev_lock(hdev);
2726
2727 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2728 struct inquiry_info_with_rssi_and_pscan_mode *info;
2729 info = (void *) (skb->data + 1);
a9de9248 2730
e17acd40 2731 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2732 bacpy(&data.bdaddr, &info->bdaddr);
2733 data.pscan_rep_mode = info->pscan_rep_mode;
2734 data.pscan_period_mode = info->pscan_period_mode;
2735 data.pscan_mode = info->pscan_mode;
2736 memcpy(data.dev_class, info->dev_class, 3);
2737 data.clock_offset = info->clock_offset;
2738 data.rssi = info->rssi;
41a96212 2739 data.ssp_mode = 0x00;
3175405b
JH		 2740
2741 name_known = hci_inquiry_cache_update(hdev, &data,
2742 false);
48264f06 2743 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2744 info->dev_class, info->rssi,
7d262f86 2745 !name_known, NULL, 0);
a9de9248
MH		 2746 }
2747 } else {
2748 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2749
e17acd40 2750 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2751 bacpy(&data.bdaddr, &info->bdaddr);
2752 data.pscan_rep_mode = info->pscan_rep_mode;
2753 data.pscan_period_mode = info->pscan_period_mode;
2754 data.pscan_mode = 0x00;
2755 memcpy(data.dev_class, info->dev_class, 3);
2756 data.clock_offset = info->clock_offset;
2757 data.rssi = info->rssi;
41a96212 2758 data.ssp_mode = 0x00;
3175405b
JH		 2759 name_known = hci_inquiry_cache_update(hdev, &data,
2760 false);
48264f06 2761 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
e17acd40 2762 info->dev_class, info->rssi,
7d262f86 2763 !name_known, NULL, 0);
a9de9248
MH		 2764 }
2765 }
2766
2767 hci_dev_unlock(hdev);
2768}
2769
2770static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2771{
41a96212
MH		 2772 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2773 struct hci_conn *conn;
2774
a9de9248 2775 BT_DBG("%s", hdev->name);
41a96212 2776
41a96212
MH		 2777 hci_dev_lock(hdev);
2778
2779 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2780 if (!conn)
2781 goto unlock;
41a96212 2782
ccd556fe
JH		 2783 if (!ev->status && ev->page == 0x01) {
2784 struct inquiry_entry *ie;
41a96212 2785
cc11b9c1
AE		 2786 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2787 if (ie)
ccd556fe 2788 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 2789
58a681ef
JH		 2790 if (ev->features[0] & 0x01)
2791 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 2792 }
2793
2794 if (conn->state != BT_CONFIG)
2795 goto unlock;
2796
127178d2
JH		 2797 if (!ev->status) {
2798 struct hci_cp_remote_name_req cp;
2799 memset(&cp, 0, sizeof(cp));
2800 bacpy(&cp.bdaddr, &conn->dst);
2801 cp.pscan_rep_mode = 0x02;
2802 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2803 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2804 mgmt_device_connected(hdev, &conn->dst, conn->type,
2805 conn->dst_type, NULL, 0,
2806 conn->dev_class);
392599b9 2807
127178d2 2808 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2809 conn->state = BT_CONNECTED;
2810 hci_proto_connect_cfm(conn, ev->status);
2811 hci_conn_put(conn);
41a96212
MH		 2812 }
2813
ccd556fe 2814unlock:
41a96212 2815 hci_dev_unlock(hdev);
a9de9248
MH		 2816}
2817
2818static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2819{
b6a0dc82
MH		 2820 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2821 struct hci_conn *conn;
2822
2823 BT_DBG("%s status %d", hdev->name, ev->status);
2824
2825 hci_dev_lock(hdev);
2826
2827 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 2828 if (!conn) {
2829 if (ev->link_type == ESCO_LINK)
2830 goto unlock;
2831
2832 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2833 if (!conn)
2834 goto unlock;
2835
2836 conn->type = SCO_LINK;
2837 }
b6a0dc82 2838
732547f9
MH		 2839 switch (ev->status) {
2840 case 0x00:
b6a0dc82
MH		 2841 conn->handle = __le16_to_cpu(ev->handle);
2842 conn->state = BT_CONNECTED;
7d0db0a3 2843
9eba32b8 2844 hci_conn_hold_device(conn);
7d0db0a3 2845 hci_conn_add_sysfs(conn);
732547f9
MH		 2846 break;
2847
705e5711 2848 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 2849 case 0x1c: /* SCO interval rejected */
1038a00b 2850 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 2851 case 0x1f: /* Unspecified error */
2852 if (conn->out && conn->attempt < 2) {
2853 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2854 (hdev->esco_type & EDR_ESCO_MASK);
2855 hci_setup_sync(conn, conn->link->handle);
2856 goto unlock;
2857 }
2858 /* fall through */
2859
2860 default:
b6a0dc82 2861 conn->state = BT_CLOSED;
732547f9
MH		 2862 break;
2863 }
b6a0dc82
MH		 2864
2865 hci_proto_connect_cfm(conn, ev->status);
2866 if (ev->status)
2867 hci_conn_del(conn);
2868
2869unlock:
2870 hci_dev_unlock(hdev);
a9de9248
MH		 2871}
2872
2873static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2874{
2875 BT_DBG("%s", hdev->name);
2876}
2877
04837f64
MH		 2878static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2879{
a9de9248 2880 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 2881
2882 BT_DBG("%s status %d", hdev->name, ev->status);
04837f64
MH		 2883}
2884
a9de9248 2885static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2886{
a9de9248
MH		 2887 struct inquiry_data data;
2888 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2889 int num_rsp = *((__u8 *) skb->data);
1da177e4 2890
a9de9248 2891 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 2892
a9de9248
MH		 2893 if (!num_rsp)
2894 return;
1da177e4 2895
a9de9248
MH		 2896 hci_dev_lock(hdev);
2897
e17acd40 2898 for (; num_rsp; num_rsp--, info++) {
561aafbc
JH		 2899 bool name_known;
2900
a9de9248 2901 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 2902 data.pscan_rep_mode = info->pscan_rep_mode;
2903 data.pscan_period_mode = info->pscan_period_mode;
2904 data.pscan_mode = 0x00;
a9de9248 2905 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 2906 data.clock_offset = info->clock_offset;
2907 data.rssi = info->rssi;
41a96212 2908 data.ssp_mode = 0x01;
561aafbc 2909
a8b2d5c2 2910 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930
JH		 2911 name_known = eir_has_data_type(info->data,
2912 sizeof(info->data),
2913 EIR_NAME_COMPLETE);
561aafbc
JH		 2914 else
2915 name_known = true;
2916
3175405b 2917 name_known = hci_inquiry_cache_update(hdev, &data, name_known);
48264f06 2918 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
561aafbc 2919 info->dev_class, info->rssi,
7d262f86
AG		 2920 !name_known, info->data,
2921 sizeof(info->data));
a9de9248
MH		 2922 }
2923
2924 hci_dev_unlock(hdev);
2925}
1da177e4 2926
17fa4b9d
JH		 2927static inline u8 hci_get_auth_req(struct hci_conn *conn)
2928{
2929 /* If remote requests dedicated bonding follow that lead */
2930 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2931 /* If both remote and local IO capabilities allow MITM
2932 * protection then require it, otherwise don't */
2933 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2934 return 0x02;
2935 else
2936 return 0x03;
2937 }
2938
2939 /* If remote requests no-bonding follow that lead */
2940 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 2941 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 2942
2943 return conn->auth_type;
2944}
2945
0493684e
MH		 2946static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2947{
2948 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2949 struct hci_conn *conn;
2950
2951 BT_DBG("%s", hdev->name);
2952
2953 hci_dev_lock(hdev);
2954
2955 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 2956 if (!conn)
2957 goto unlock;
2958
2959 hci_conn_hold(conn);
2960
a8b2d5c2 2961 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 2962 goto unlock;
2963
a8b2d5c2 2964 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
03b555e1 2965 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 2966 struct hci_cp_io_capability_reply cp;
2967
2968 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 2969 /* Change the IO capability from KeyboardDisplay
2970 * to DisplayYesNo as it is not supported by BT spec. */
2971 cp.capability = (conn->io_capability == 0x04) ?
2972 0x01 : conn->io_capability;
7cbc9bd9
JH		 2973 conn->auth_type = hci_get_auth_req(conn);
2974 cp.authentication = conn->auth_type;
17fa4b9d 2975
58a681ef 2976 if ((conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)) &&
ce85ee13
SJ		 2977 hci_find_remote_oob_data(hdev, &conn->dst))
2978 cp.oob_data = 0x01;
2979 else
2980 cp.oob_data = 0x00;
2981
17fa4b9d
JH		 2982 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2983 sizeof(cp), &cp);
03b555e1
JH		 2984 } else {
2985 struct hci_cp_io_capability_neg_reply cp;
2986
2987 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 2988 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 2989
03b555e1
JH		 2990 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2991 sizeof(cp), &cp);
2992 }
2993
2994unlock:
2995 hci_dev_unlock(hdev);
2996}
2997
2998static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2999{
3000 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3001 struct hci_conn *conn;
3002
3003 BT_DBG("%s", hdev->name);
3004
3005 hci_dev_lock(hdev);
3006
3007 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3008 if (!conn)
3009 goto unlock;
3010
03b555e1 3011 conn->remote_cap = ev->capability;
03b555e1 3012 conn->remote_auth = ev->authentication;
58a681ef
JH		 3013 if (ev->oob_data)
3014 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3015
3016unlock:
0493684e
MH		 3017 hci_dev_unlock(hdev);
3018}
3019
a5c29683
JH		 3020static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
3021 struct sk_buff *skb)
3022{
3023 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3024 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3025 struct hci_conn *conn;
a5c29683
JH		 3026
3027 BT_DBG("%s", hdev->name);
3028
3029 hci_dev_lock(hdev);
3030
a8b2d5c2 3031 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3032 goto unlock;
a5c29683 3033
7a828908
JH		 3034 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3035 if (!conn)
3036 goto unlock;
3037
3038 loc_mitm = (conn->auth_type & 0x01);
3039 rem_mitm = (conn->remote_auth & 0x01);
3040
3041 /* If we require MITM but the remote device can't provide that
3042 * (it has NoInputNoOutput) then reject the confirmation
3043 * request. The only exception is when we're dedicated bonding
3044 * initiators (connect_cfm_cb set) since then we always have the MITM
3045 * bit set. */
3046 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3047 BT_DBG("Rejecting request: remote device can't provide MITM");
3048 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3049 sizeof(ev->bdaddr), &ev->bdaddr);
3050 goto unlock;
3051 }
3052
3053 /* If no side requires MITM protection; auto-accept */
3054 if ((!loc_mitm || conn->remote_cap == 0x03) &&
3055 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3056
3057 /* If we're not the initiators request authorization to
3058 * proceed from user space (mgmt_user_confirm with
3059 * confirm_hint set to 1). */
51a8efd7 3060 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3061 BT_DBG("Confirming auto-accept as acceptor");
3062 confirm_hint = 1;
3063 goto confirm;
3064 }
3065
9f61656a
JH		 3066 BT_DBG("Auto-accept of user confirmation with %ums delay",
3067 hdev->auto_accept_delay);
3068
3069 if (hdev->auto_accept_delay > 0) {
3070 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3071 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3072 goto unlock;
3073 }
3074
7a828908
JH		 3075 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
3076 sizeof(ev->bdaddr), &ev->bdaddr);
3077 goto unlock;
3078 }
3079
55bc1a37 3080confirm:
744cf19e 3081 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
55bc1a37 3082 confirm_hint);
7a828908
JH		 3083
3084unlock:
a5c29683
JH		 3085 hci_dev_unlock(hdev);
3086}
3087
1143d458
BG		 3088static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
3089 struct sk_buff *skb)
3090{
3091 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3092
3093 BT_DBG("%s", hdev->name);
3094
3095 hci_dev_lock(hdev);
3096
a8b2d5c2 3097 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458
BG		 3098 mgmt_user_passkey_request(hdev, &ev->bdaddr);
3099
3100 hci_dev_unlock(hdev);
3101}
3102
0493684e
MH		 3103static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3104{
3105 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3106 struct hci_conn *conn;
3107
3108 BT_DBG("%s", hdev->name);
3109
3110 hci_dev_lock(hdev);
3111
3112 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3113 if (!conn)
3114 goto unlock;
3115
3116 /* To avoid duplicate auth_failed events to user space we check
3117 * the HCI_CONN_AUTH_PEND flag which will be set if we
3118 * initiated the authentication. A traditional auth_complete
3119 * event gets always produced as initiator and is also mapped to
3120 * the mgmt_auth_failed event */
51a8efd7 3121 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0)
744cf19e 3122 mgmt_auth_failed(hdev, &conn->dst, ev->status);
0493684e 3123
2a611692
JH		 3124 hci_conn_put(conn);
3125
3126unlock:
0493684e
MH		 3127 hci_dev_unlock(hdev);
3128}
3129
41a96212
MH		 3130static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
3131{
3132 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3133 struct inquiry_entry *ie;
3134
3135 BT_DBG("%s", hdev->name);
3136
3137 hci_dev_lock(hdev);
3138
cc11b9c1
AE		 3139 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3140 if (ie)
41a96212
MH		 3141 ie->data.ssp_mode = (ev->features[0] & 0x01);
3142
3143 hci_dev_unlock(hdev);
3144}
3145
2763eda6
SJ		 3146static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3147 struct sk_buff *skb)
3148{
3149 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3150 struct oob_data *data;
3151
3152 BT_DBG("%s", hdev->name);
3153
3154 hci_dev_lock(hdev);
3155
a8b2d5c2 3156 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3157 goto unlock;
3158
2763eda6
SJ		 3159 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3160 if (data) {
3161 struct hci_cp_remote_oob_data_reply cp;
3162
3163 bacpy(&cp.bdaddr, &ev->bdaddr);
3164 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3165 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3166
3167 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
3168 &cp);
3169 } else {
3170 struct hci_cp_remote_oob_data_neg_reply cp;
3171
3172 bacpy(&cp.bdaddr, &ev->bdaddr);
3173 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
3174 &cp);
3175 }
3176
e1ba1f15 3177unlock:
2763eda6
SJ		 3178 hci_dev_unlock(hdev);
3179}
3180
fcd89c09
VT		 3181static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3182{
3183 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3184 struct hci_conn *conn;
3185
3186 BT_DBG("%s status %d", hdev->name, ev->status);
3187
3188 hci_dev_lock(hdev);
3189
3190 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
b62f328b
VT		 3191 if (!conn) {
3192 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3193 if (!conn) {
3194 BT_ERR("No memory for new connection");
3195 hci_dev_unlock(hdev);
3196 return;
3197 }
29b7988a
AG		 3198
3199 conn->dst_type = ev->bdaddr_type;
b62f328b 3200 }
fcd89c09
VT		 3201
3202 if (ev->status) {
48264f06
JH		 3203 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
3204 conn->dst_type, ev->status);
fcd89c09
VT		 3205 hci_proto_connect_cfm(conn, ev->status);
3206 conn->state = BT_CLOSED;
3207 hci_conn_del(conn);
3208 goto unlock;
3209 }
3210
b644ba33
JH		 3211 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3212 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3213 conn->dst_type, NULL, 0, 0);
83bc71b4 3214
7b5c0d52 3215 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3216 conn->handle = __le16_to_cpu(ev->handle);
3217 conn->state = BT_CONNECTED;
3218
3219 hci_conn_hold_device(conn);
3220 hci_conn_add_sysfs(conn);
3221
3222 hci_proto_connect_cfm(conn, ev->status);
3223
3224unlock:
3225 hci_dev_unlock(hdev);
3226}
3227
9aa04c91
AG		 3228static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
3229 struct sk_buff *skb)
3230{
e95beb41
AG		 3231 u8 num_reports = skb->data[0];
3232 void *ptr = &skb->data[1];
3c9e9195 3233 s8 rssi;
9aa04c91
AG		 3234
3235 hci_dev_lock(hdev);
3236
e95beb41
AG		 3237 while (num_reports--) {
3238 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3239
9aa04c91 3240 hci_add_adv_entry(hdev, ev);
e95beb41 3241
3c9e9195
AG		 3242 rssi = ev->data[ev->length];
3243 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
3244 NULL, rssi, 0, ev->data, ev->length);
3245
e95beb41 3246 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3247 }
3248
3249 hci_dev_unlock(hdev);
3250}
3251
a7a595f6
VCG		 3252static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
3253 struct sk_buff *skb)
3254{
3255 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3256 struct hci_cp_le_ltk_reply cp;
bea710fe 3257 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3258 struct hci_conn *conn;
bea710fe 3259 struct link_key *ltk;
a7a595f6
VCG		 3260
3261 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3262
3263 hci_dev_lock(hdev);
3264
3265 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3266 if (conn == NULL)
3267 goto not_found;
a7a595f6 3268
bea710fe
VCG		 3269 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3270 if (ltk == NULL)
3271 goto not_found;
3272
3273 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3274 cp.handle = cpu_to_le16(conn->handle);
726b4ffc 3275 conn->pin_length = ltk->pin_len;
a7a595f6
VCG		 3276
3277 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3278
3279 hci_dev_unlock(hdev);
bea710fe
VCG		 3280
3281 return;
3282
3283not_found:
3284 neg.handle = ev->handle;
3285 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3286 hci_dev_unlock(hdev);
a7a595f6
VCG		 3287}
3288
fcd89c09
VT		 3289static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3290{
3291 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3292
3293 skb_pull(skb, sizeof(*le_ev));
3294
3295 switch (le_ev->subevent) {
3296 case HCI_EV_LE_CONN_COMPLETE:
3297 hci_le_conn_complete_evt(hdev, skb);
3298 break;
3299
9aa04c91
AG		 3300 case HCI_EV_LE_ADVERTISING_REPORT:
3301 hci_le_adv_report_evt(hdev, skb);
3302 break;
3303
a7a595f6
VCG		 3304 case HCI_EV_LE_LTK_REQ:
3305 hci_le_ltk_request_evt(hdev, skb);
3306 break;
3307
fcd89c09
VT		 3308 default:
3309 break;
3310 }
3311}
3312
a9de9248
MH		 3313void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3314{
3315 struct hci_event_hdr *hdr = (void *) skb->data;
3316 __u8 event = hdr->evt;
3317
3318 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3319
3320 switch (event) {
1da177e4
LT		 3321 case HCI_EV_INQUIRY_COMPLETE:
3322 hci_inquiry_complete_evt(hdev, skb);
3323 break;
3324
3325 case HCI_EV_INQUIRY_RESULT:
3326 hci_inquiry_result_evt(hdev, skb);
3327 break;
3328
a9de9248
MH		 3329 case HCI_EV_CONN_COMPLETE:
3330 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3331 break;
3332
1da177e4
LT		 3333 case HCI_EV_CONN_REQUEST:
3334 hci_conn_request_evt(hdev, skb);
3335 break;
3336
1da177e4
LT		 3337 case HCI_EV_DISCONN_COMPLETE:
3338 hci_disconn_complete_evt(hdev, skb);
3339 break;
3340
1da177e4
LT		 3341 case HCI_EV_AUTH_COMPLETE:
3342 hci_auth_complete_evt(hdev, skb);
3343 break;
3344
a9de9248
MH		 3345 case HCI_EV_REMOTE_NAME:
3346 hci_remote_name_evt(hdev, skb);
3347 break;
3348
1da177e4
LT		 3349 case HCI_EV_ENCRYPT_CHANGE:
3350 hci_encrypt_change_evt(hdev, skb);
3351 break;
3352
a9de9248
MH		 3353 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3354 hci_change_link_key_complete_evt(hdev, skb);
3355 break;
3356
3357 case HCI_EV_REMOTE_FEATURES:
3358 hci_remote_features_evt(hdev, skb);
3359 break;
3360
3361 case HCI_EV_REMOTE_VERSION:
3362 hci_remote_version_evt(hdev, skb);
3363 break;
3364
3365 case HCI_EV_QOS_SETUP_COMPLETE:
3366 hci_qos_setup_complete_evt(hdev, skb);
3367 break;
3368
3369 case HCI_EV_CMD_COMPLETE:
3370 hci_cmd_complete_evt(hdev, skb);
3371 break;
3372
3373 case HCI_EV_CMD_STATUS:
3374 hci_cmd_status_evt(hdev, skb);
3375 break;
3376
3377 case HCI_EV_ROLE_CHANGE:
3378 hci_role_change_evt(hdev, skb);
3379 break;
3380
3381 case HCI_EV_NUM_COMP_PKTS:
3382 hci_num_comp_pkts_evt(hdev, skb);
3383 break;
3384
3385 case HCI_EV_MODE_CHANGE:
3386 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3387 break;
3388
3389 case HCI_EV_PIN_CODE_REQ:
3390 hci_pin_code_request_evt(hdev, skb);
3391 break;
3392
3393 case HCI_EV_LINK_KEY_REQ:
3394 hci_link_key_request_evt(hdev, skb);
3395 break;
3396
3397 case HCI_EV_LINK_KEY_NOTIFY:
3398 hci_link_key_notify_evt(hdev, skb);
3399 break;
3400
3401 case HCI_EV_CLOCK_OFFSET:
3402 hci_clock_offset_evt(hdev, skb);
3403 break;
3404
a8746417
MH		 3405 case HCI_EV_PKT_TYPE_CHANGE:
3406 hci_pkt_type_change_evt(hdev, skb);
3407 break;
3408
85a1e930
MH		 3409 case HCI_EV_PSCAN_REP_MODE:
3410 hci_pscan_rep_mode_evt(hdev, skb);
3411 break;
3412
a9de9248
MH		 3413 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3414 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3415 break;
3416
a9de9248
MH		 3417 case HCI_EV_REMOTE_EXT_FEATURES:
3418 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3419 break;
3420
a9de9248
MH		 3421 case HCI_EV_SYNC_CONN_COMPLETE:
3422 hci_sync_conn_complete_evt(hdev, skb);
3423 break;
1da177e4 3424
a9de9248
MH		 3425 case HCI_EV_SYNC_CONN_CHANGED:
3426 hci_sync_conn_changed_evt(hdev, skb);
3427 break;
1da177e4 3428
a9de9248
MH		 3429 case HCI_EV_SNIFF_SUBRATE:
3430 hci_sniff_subrate_evt(hdev, skb);
3431 break;
1da177e4 3432
a9de9248
MH		 3433 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3434 hci_extended_inquiry_result_evt(hdev, skb);
3435 break;
1da177e4 3436
0493684e
MH		 3437 case HCI_EV_IO_CAPA_REQUEST:
3438 hci_io_capa_request_evt(hdev, skb);
3439 break;
3440
03b555e1
JH		 3441 case HCI_EV_IO_CAPA_REPLY:
3442 hci_io_capa_reply_evt(hdev, skb);
3443 break;
3444
a5c29683
JH		 3445 case HCI_EV_USER_CONFIRM_REQUEST:
3446 hci_user_confirm_request_evt(hdev, skb);
3447 break;
3448
1143d458
BG		 3449 case HCI_EV_USER_PASSKEY_REQUEST:
3450 hci_user_passkey_request_evt(hdev, skb);
3451 break;
3452
0493684e
MH		 3453 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3454 hci_simple_pair_complete_evt(hdev, skb);
3455 break;
3456
41a96212
MH		 3457 case HCI_EV_REMOTE_HOST_FEATURES:
3458 hci_remote_host_features_evt(hdev, skb);
3459 break;
3460
fcd89c09
VT		 3461 case HCI_EV_LE_META:
3462 hci_le_meta_evt(hdev, skb);
3463 break;
3464
2763eda6
SJ		 3465 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3466 hci_remote_oob_data_request_evt(hdev, skb);
3467 break;
3468
25e89e99
AE		 3469 case HCI_EV_NUM_COMP_BLOCKS:
3470 hci_num_comp_blocks_evt(hdev, skb);
3471 break;
3472
a9de9248
MH		 3473 default:
3474 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 3475 break;
3476 }
3477
3478 kfree_skb(skb);
3479 hdev->stat.evt_rx++;
3480}
3481
3482/* Generate internal stack event */
3483void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3484{
3485 struct hci_event_hdr *hdr;
3486 struct hci_ev_stack_internal *ev;
3487 struct sk_buff *skb;
3488
3489 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3490 if (!skb)
3491 return;
3492
3493 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3494 hdr->evt = HCI_EV_STACK_INTERNAL;
3495 hdr->plen = sizeof(*ev) + dlen;
3496
3497 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3498 ev->type = type;
3499 memcpy(ev->data, data, dlen);
3500
576c7d85 3501 bt_cb(skb)->incoming = 1;
a61bbcf2 3502 __net_timestamp(skb);
576c7d85 3503
0d48d939 3504 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4 3505 skb->dev = (void *) hdev;
eec8d2bc 3506 hci_send_to_sock(hdev, skb, NULL);
1da177e4
LT		 3507 kfree_skb(skb);
3508}
e6100a25 3509
669bb396 3510module_param(enable_le, bool, 0644);
e6100a25 3511MODULE_PARM_DESC(enable_le, "Enable LE support");
kernel source for telekom puls (alcatel/mediatek)