projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Fix authentication request for L2CAP raw sockets
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
1da177e4
LT		 27#include <linux/module.h>
28
29#include <linux/types.h>
30#include <linux/errno.h>
31#include <linux/kernel.h>
1da177e4
LT		 32#include <linux/slab.h>
33#include <linux/poll.h>
34#include <linux/fcntl.h>
35#include <linux/init.h>
36#include <linux/skbuff.h>
37#include <linux/interrupt.h>
38#include <linux/notifier.h>
39#include <net/sock.h>
40
41#include <asm/system.h>
70f23020 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <asm/unaligned.h>
44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
47
1da177e4
LT		 48/* Handle HCI Event packets */
49
a9de9248 50static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 51{
a9de9248 52 __u8 status = *((__u8 *) skb->data);
1da177e4 53
a9de9248 54 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 55
a9de9248
MH		 56 if (status)
57 return;
1da177e4 58
a9de9248 59 clear_bit(HCI_INQUIRY, &hdev->flags);
6bd57416 60
23bb5763 61 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 62
63 hci_conn_check_pending(hdev);
64}
6bd57416 65
a9de9248
MH		 66static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67{
68 __u8 status = *((__u8 *) skb->data);
6bd57416 69
a9de9248 70 BT_DBG("%s status 0x%x", hdev->name, status);
6bd57416 71
a9de9248
MH		 72 if (status)
73 return;
1da177e4 74
a9de9248
MH		 75 clear_bit(HCI_INQUIRY, &hdev->flags);
76
77 hci_conn_check_pending(hdev);
78}
79
80static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
81{
82 BT_DBG("%s", hdev->name);
83}
84
85static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
86{
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
89
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
91
92 if (rp->status)
93 return;
94
95 hci_dev_lock(hdev);
96
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
98 if (conn) {
99 if (rp->role)
100 conn->link_mode &= ~HCI_LM_MASTER;
101 else
102 conn->link_mode |= HCI_LM_MASTER;
1da177e4 103 }
a9de9248
MH		 104
105 hci_dev_unlock(hdev);
1da177e4
LT		 106}
107
e4e8e37c
MH		 108static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
109{
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
112
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
114
115 if (rp->status)
116 return;
117
118 hci_dev_lock(hdev);
119
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
121 if (conn)
122 conn->link_policy = __le16_to_cpu(rp->policy);
123
124 hci_dev_unlock(hdev);
125}
126
a9de9248 127static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 128{
a9de9248 129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 130 struct hci_conn *conn;
04837f64 131 void *sent;
1da177e4 132
a9de9248 133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 134
a9de9248
MH		 135 if (rp->status)
136 return;
1da177e4 137
a9de9248
MH		 138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
139 if (!sent)
140 return;
1da177e4 141
a9de9248 142 hci_dev_lock(hdev);
1da177e4 143
a9de9248 144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 145 if (conn)
83985319 146 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 147
a9de9248
MH		 148 hci_dev_unlock(hdev);
149}
1da177e4 150
e4e8e37c
MH		 151static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
152{
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
154
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
156
157 if (rp->status)
158 return;
159
160 hdev->link_policy = __le16_to_cpu(rp->policy);
161}
162
163static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
164{
165 __u8 status = *((__u8 *) skb->data);
166 void *sent;
167
168 BT_DBG("%s status 0x%x", hdev->name, status);
169
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
171 if (!sent)
172 return;
173
174 if (!status)
175 hdev->link_policy = get_unaligned_le16(sent);
176
23bb5763 177 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 178}
179
a9de9248
MH		 180static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
181{
182 __u8 status = *((__u8 *) skb->data);
04837f64 183
a9de9248 184 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 185
23bb5763 186 hci_req_complete(hdev, HCI_OP_RESET, status);
a9de9248 187}
04837f64 188
a9de9248
MH		 189static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
190{
191 __u8 status = *((__u8 *) skb->data);
192 void *sent;
04837f64 193
a9de9248 194 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 195
f383f275
MH		 196 if (status)
197 return;
198
a9de9248
MH		 199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
200 if (!sent)
201 return;
04837f64 202
f383f275 203 memcpy(hdev->dev_name, sent, 248);
a9de9248
MH		 204}
205
206static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
207{
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
209
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
211
212 if (rp->status)
213 return;
214
215 memcpy(hdev->dev_name, rp->name, 248);
216}
217
218static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
219{
220 __u8 status = *((__u8 *) skb->data);
221 void *sent;
222
223 BT_DBG("%s status 0x%x", hdev->name, status);
224
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
226 if (!sent)
227 return;
228
229 if (!status) {
230 __u8 param = *((__u8 *) sent);
231
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
234 else
235 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 236 }
a9de9248 237
23bb5763 238 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 239}
240
a9de9248 241static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 242{
a9de9248 243 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 244 void *sent;
245
a9de9248 246 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 247
a9de9248
MH		 248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
249 if (!sent)
250 return;
1da177e4 251
a9de9248
MH		 252 if (!status) {
253 __u8 param = *((__u8 *) sent);
254
255 if (param)
256 set_bit(HCI_ENCRYPT, &hdev->flags);
257 else
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
259 }
1da177e4 260
23bb5763 261 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 262}
1da177e4 263
a9de9248
MH		 264static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
265{
266 __u8 status = *((__u8 *) skb->data);
267 void *sent;
1da177e4 268
a9de9248 269 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 270
a9de9248
MH		 271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
272 if (!sent)
273 return;
1da177e4 274
a9de9248
MH		 275 if (!status) {
276 __u8 param = *((__u8 *) sent);
1da177e4 277
a9de9248
MH		 278 clear_bit(HCI_PSCAN, &hdev->flags);
279 clear_bit(HCI_ISCAN, &hdev->flags);
1da177e4 280
a9de9248
MH		 281 if (param & SCAN_INQUIRY)
282 set_bit(HCI_ISCAN, &hdev->flags);
1da177e4 283
a9de9248
MH		 284 if (param & SCAN_PAGE)
285 set_bit(HCI_PSCAN, &hdev->flags);
286 }
1da177e4 287
23bb5763 288 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 289}
1da177e4 290
a9de9248
MH		 291static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
292{
293 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 294
a9de9248 295 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 296
a9de9248
MH		 297 if (rp->status)
298 return;
1da177e4 299
a9de9248 300 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 301
a9de9248
MH		 302 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
303 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
304}
1da177e4 305
a9de9248
MH		 306static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
307{
308 __u8 status = *((__u8 *) skb->data);
309 void *sent;
1da177e4 310
a9de9248 311 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 312
f383f275
MH		 313 if (status)
314 return;
315
a9de9248
MH		 316 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
317 if (!sent)
318 return;
1da177e4 319
f383f275 320 memcpy(hdev->dev_class, sent, 3);
a9de9248 321}
1da177e4 322
a9de9248
MH		 323static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
324{
325 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
326 __u16 setting;
327
328 BT_DBG("%s status 0x%x", hdev->name, rp->status);
329
330 if (rp->status)
331 return;
332
333 setting = __le16_to_cpu(rp->voice_setting);
334
f383f275 335 if (hdev->voice_setting == setting)
a9de9248
MH		 336 return;
337
338 hdev->voice_setting = setting;
339
340 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
341
342 if (hdev->notify) {
343 tasklet_disable(&hdev->tx_task);
344 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
345 tasklet_enable(&hdev->tx_task);
346 }
347}
348
349static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
350{
351 __u8 status = *((__u8 *) skb->data);
f383f275 352 __u16 setting;
a9de9248
MH		 353 void *sent;
354
355 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 356
f383f275
MH		 357 if (status)
358 return;
359
a9de9248
MH		 360 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
361 if (!sent)
362 return;
1da177e4 363
f383f275 364 setting = get_unaligned_le16(sent);
1da177e4 365
f383f275
MH		 366 if (hdev->voice_setting == setting)
367 return;
368
369 hdev->voice_setting = setting;
1da177e4 370
f383f275 371 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
1da177e4 372
f383f275
MH		 373 if (hdev->notify) {
374 tasklet_disable(&hdev->tx_task);
375 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
376 tasklet_enable(&hdev->tx_task);
1da177e4
LT		 377 }
378}
379
a9de9248 380static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 381{
a9de9248 382 __u8 status = *((__u8 *) skb->data);
1da177e4 383
a9de9248 384 BT_DBG("%s status 0x%x", hdev->name, status);
1da177e4 385
23bb5763 386 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 387}
1143e5a6 388
333140b5
MH		 389static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
390{
391 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
392
393 BT_DBG("%s status 0x%x", hdev->name, rp->status);
394
395 if (rp->status)
396 return;
397
398 hdev->ssp_mode = rp->mode;
399}
400
401static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
402{
403 __u8 status = *((__u8 *) skb->data);
404 void *sent;
405
406 BT_DBG("%s status 0x%x", hdev->name, status);
407
408 if (status)
409 return;
410
411 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
412 if (!sent)
413 return;
414
415 hdev->ssp_mode = *((__u8 *) sent);
416}
417
a9de9248
MH		 418static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
419{
420 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 421
a9de9248 422 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1143e5a6 423
a9de9248
MH		 424 if (rp->status)
425 return;
1143e5a6 426
a9de9248 427 hdev->hci_ver = rp->hci_ver;
e4e8e37c
MH		 428 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
429 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
1143e5a6 430
a9de9248
MH		 431 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
432 hdev->manufacturer,
433 hdev->hci_ver, hdev->hci_rev);
434}
1da177e4 435
a9de9248
MH		 436static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
437{
438 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 439
a9de9248 440 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 441
a9de9248
MH		 442 if (rp->status)
443 return;
1da177e4 444
a9de9248
MH		 445 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
446}
1da177e4 447
a9de9248
MH		 448static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
449{
450 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 451
a9de9248 452 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 453
a9de9248
MH		 454 if (rp->status)
455 return;
5b7f9909 456
a9de9248 457 memcpy(hdev->features, rp->features, 8);
5b7f9909 458
a9de9248
MH		 459 /* Adjust default settings according to features
460 * supported by device. */
1da177e4 461
a9de9248
MH		 462 if (hdev->features[0] & LMP_3SLOT)
463 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 464
a9de9248
MH		 465 if (hdev->features[0] & LMP_5SLOT)
466 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 467
a9de9248
MH		 468 if (hdev->features[1] & LMP_HV2) {
469 hdev->pkt_type |= (HCI_HV2);
470 hdev->esco_type |= (ESCO_HV2);
471 }
1da177e4 472
a9de9248
MH		 473 if (hdev->features[1] & LMP_HV3) {
474 hdev->pkt_type |= (HCI_HV3);
475 hdev->esco_type |= (ESCO_HV3);
476 }
1da177e4 477
a9de9248
MH		 478 if (hdev->features[3] & LMP_ESCO)
479 hdev->esco_type |= (ESCO_EV3);
da1f5198 480
a9de9248
MH		 481 if (hdev->features[4] & LMP_EV4)
482 hdev->esco_type |= (ESCO_EV4);
da1f5198 483
a9de9248
MH		 484 if (hdev->features[4] & LMP_EV5)
485 hdev->esco_type |= (ESCO_EV5);
1da177e4 486
efc7688b
MH		 487 if (hdev->features[5] & LMP_EDR_ESCO_2M)
488 hdev->esco_type |= (ESCO_2EV3);
489
490 if (hdev->features[5] & LMP_EDR_ESCO_3M)
491 hdev->esco_type |= (ESCO_3EV3);
492
493 if (hdev->features[5] & LMP_EDR_3S_ESCO)
494 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
495
a9de9248
MH		 496 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
497 hdev->features[0], hdev->features[1],
498 hdev->features[2], hdev->features[3],
499 hdev->features[4], hdev->features[5],
500 hdev->features[6], hdev->features[7]);
501}
1da177e4 502
a9de9248
MH		 503static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
504{
505 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 506
a9de9248 507 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1da177e4 508
a9de9248
MH		 509 if (rp->status)
510 return;
1da177e4 511
a9de9248
MH		 512 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
513 hdev->sco_mtu = rp->sco_mtu;
514 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
515 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
516
517 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
518 hdev->sco_mtu = 64;
519 hdev->sco_pkts = 8;
1da177e4 520 }
a9de9248
MH		 521
522 hdev->acl_cnt = hdev->acl_pkts;
523 hdev->sco_cnt = hdev->sco_pkts;
524
525 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
526 hdev->acl_mtu, hdev->acl_pkts,
527 hdev->sco_mtu, hdev->sco_pkts);
528}
529
530static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
531{
532 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
533
534 BT_DBG("%s status 0x%x", hdev->name, rp->status);
535
536 if (!rp->status)
537 bacpy(&hdev->bdaddr, &rp->bdaddr);
538
23bb5763
JH		 539 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
540}
541
542static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
543{
544 __u8 status = *((__u8 *) skb->data);
545
546 BT_DBG("%s status 0x%x", hdev->name, status);
547
548 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 549}
550
551static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
552{
553 BT_DBG("%s status 0x%x", hdev->name, status);
554
555 if (status) {
23bb5763 556 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248
MH		 557
558 hci_conn_check_pending(hdev);
559 } else
560 set_bit(HCI_INQUIRY, &hdev->flags);
1da177e4
LT		 561}
562
1da177e4
LT		 563static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
564{
a9de9248 565 struct hci_cp_create_conn *cp;
1da177e4 566 struct hci_conn *conn;
1da177e4 567
a9de9248
MH		 568 BT_DBG("%s status 0x%x", hdev->name, status);
569
570 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 571 if (!cp)
572 return;
573
574 hci_dev_lock(hdev);
575
576 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
577
a9de9248 578 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 579
580 if (status) {
581 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 582 if (status != 0x0c || conn->attempt > 2) {
583 conn->state = BT_CLOSED;
584 hci_proto_connect_cfm(conn, status);
585 hci_conn_del(conn);
586 } else
587 conn->state = BT_CONNECT2;
1da177e4
LT		 588 }
589 } else {
590 if (!conn) {
591 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
592 if (conn) {
593 conn->out = 1;
594 conn->link_mode |= HCI_LM_MASTER;
595 } else
893ef971 596 BT_ERR("No memory for new connection");
1da177e4
LT		 597 }
598 }
599
600 hci_dev_unlock(hdev);
601}
602
a9de9248 603static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 604{
a9de9248
MH		 605 struct hci_cp_add_sco *cp;
606 struct hci_conn *acl, *sco;
607 __u16 handle;
1da177e4 608
b6a0dc82
MH		 609 BT_DBG("%s status 0x%x", hdev->name, status);
610
a9de9248
MH		 611 if (!status)
612 return;
1da177e4 613
a9de9248
MH		 614 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
615 if (!cp)
616 return;
1da177e4 617
a9de9248 618 handle = __le16_to_cpu(cp->handle);
1da177e4 619
a9de9248 620 BT_DBG("%s handle %d", hdev->name, handle);
1da177e4 621
a9de9248 622 hci_dev_lock(hdev);
1da177e4 623
a9de9248
MH		 624 acl = hci_conn_hash_lookup_handle(hdev, handle);
625 if (acl && (sco = acl->link)) {
626 sco->state = BT_CLOSED;
1da177e4 627
a9de9248
MH		 628 hci_proto_connect_cfm(sco, status);
629 hci_conn_del(sco);
630 }
1da177e4 631
a9de9248
MH		 632 hci_dev_unlock(hdev);
633}
1da177e4 634
f8558555
MH		 635static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
636{
637 struct hci_cp_auth_requested *cp;
638 struct hci_conn *conn;
639
640 BT_DBG("%s status 0x%x", hdev->name, status);
641
642 if (!status)
643 return;
644
645 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
646 if (!cp)
647 return;
648
649 hci_dev_lock(hdev);
650
651 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
652 if (conn) {
653 if (conn->state == BT_CONFIG) {
654 hci_proto_connect_cfm(conn, status);
655 hci_conn_put(conn);
656 }
657 }
658
659 hci_dev_unlock(hdev);
660}
661
662static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
663{
664 struct hci_cp_set_conn_encrypt *cp;
665 struct hci_conn *conn;
666
667 BT_DBG("%s status 0x%x", hdev->name, status);
668
669 if (!status)
670 return;
671
672 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
673 if (!cp)
674 return;
675
676 hci_dev_lock(hdev);
677
678 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
679 if (conn) {
680 if (conn->state == BT_CONFIG) {
681 hci_proto_connect_cfm(conn, status);
682 hci_conn_put(conn);
683 }
684 }
685
686 hci_dev_unlock(hdev);
687}
688
127178d2 689static int hci_outgoing_auth_needed(struct hci_dev *hdev,
392599b9
JH		 690 struct hci_conn *conn)
691{
392599b9
JH		 692 if (conn->state != BT_CONFIG || !conn->out)
693 return 0;
694
695 if (conn->sec_level == BT_SECURITY_SDP)
696 return 0;
697
698 /* Only request authentication for SSP connections or non-SSP
699 * devices with sec_level HIGH */
700 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
701 conn->sec_level != BT_SECURITY_HIGH)
702 return 0;
703
392599b9
JH		 704 return 1;
705}
706
a9de9248
MH		 707static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
708{
127178d2
JH		 709 struct hci_cp_remote_name_req *cp;
710 struct hci_conn *conn;
711
a9de9248 712 BT_DBG("%s status 0x%x", hdev->name, status);
127178d2
JH		 713
714 /* If successful wait for the name req complete event before
715 * checking for the need to do authentication */
716 if (!status)
717 return;
718
719 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
720 if (!cp)
721 return;
722
723 hci_dev_lock(hdev);
724
725 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
726 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
727 struct hci_cp_auth_requested cp;
728 cp.handle = __cpu_to_le16(conn->handle);
729 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
730 }
731
732 hci_dev_unlock(hdev);
a9de9248 733}
1da177e4 734
769be974
MH		 735static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
736{
737 struct hci_cp_read_remote_features *cp;
738 struct hci_conn *conn;
739
740 BT_DBG("%s status 0x%x", hdev->name, status);
741
742 if (!status)
743 return;
744
745 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
746 if (!cp)
747 return;
748
749 hci_dev_lock(hdev);
750
751 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
752 if (conn) {
753 if (conn->state == BT_CONFIG) {
769be974
MH		 754 hci_proto_connect_cfm(conn, status);
755 hci_conn_put(conn);
756 }
757 }
758
759 hci_dev_unlock(hdev);
760}
761
762static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
763{
764 struct hci_cp_read_remote_ext_features *cp;
765 struct hci_conn *conn;
766
767 BT_DBG("%s status 0x%x", hdev->name, status);
768
769 if (!status)
770 return;
771
772 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
773 if (!cp)
774 return;
775
776 hci_dev_lock(hdev);
777
778 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
779 if (conn) {
780 if (conn->state == BT_CONFIG) {
769be974
MH		 781 hci_proto_connect_cfm(conn, status);
782 hci_conn_put(conn);
783 }
784 }
785
786 hci_dev_unlock(hdev);
787}
788
a9de9248
MH		 789static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
790{
b6a0dc82
MH		 791 struct hci_cp_setup_sync_conn *cp;
792 struct hci_conn *acl, *sco;
793 __u16 handle;
794
a9de9248 795 BT_DBG("%s status 0x%x", hdev->name, status);
b6a0dc82
MH		 796
797 if (!status)
798 return;
799
800 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
801 if (!cp)
802 return;
803
804 handle = __le16_to_cpu(cp->handle);
805
806 BT_DBG("%s handle %d", hdev->name, handle);
807
808 hci_dev_lock(hdev);
809
810 acl = hci_conn_hash_lookup_handle(hdev, handle);
811 if (acl && (sco = acl->link)) {
812 sco->state = BT_CLOSED;
813
814 hci_proto_connect_cfm(sco, status);
815 hci_conn_del(sco);
816 }
817
818 hci_dev_unlock(hdev);
1da177e4
LT		 819}
820
a9de9248 821static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 822{
a9de9248
MH		 823 struct hci_cp_sniff_mode *cp;
824 struct hci_conn *conn;
1da177e4 825
a9de9248 826 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 827
a9de9248
MH		 828 if (!status)
829 return;
04837f64 830
a9de9248
MH		 831 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
832 if (!cp)
833 return;
04837f64 834
a9de9248 835 hci_dev_lock(hdev);
04837f64 836
a9de9248 837 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 838 if (conn) {
a9de9248 839 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
04837f64 840
e73439d8
MH		 841 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
842 hci_sco_setup(conn, status);
843 }
844
a9de9248
MH		 845 hci_dev_unlock(hdev);
846}
04837f64 847
a9de9248
MH		 848static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
849{
850 struct hci_cp_exit_sniff_mode *cp;
851 struct hci_conn *conn;
04837f64 852
a9de9248 853 BT_DBG("%s status 0x%x", hdev->name, status);
04837f64 854
a9de9248
MH		 855 if (!status)
856 return;
04837f64 857
a9de9248
MH		 858 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
859 if (!cp)
860 return;
04837f64 861
a9de9248 862 hci_dev_lock(hdev);
1da177e4 863
a9de9248 864 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 865 if (conn) {
a9de9248 866 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1da177e4 867
e73439d8
MH		 868 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
869 hci_sco_setup(conn, status);
870 }
871
a9de9248 872 hci_dev_unlock(hdev);
1da177e4
LT		 873}
874
1da177e4
LT		 875static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
876{
877 __u8 status = *((__u8 *) skb->data);
878
879 BT_DBG("%s status %d", hdev->name, status);
880
881 clear_bit(HCI_INQUIRY, &hdev->flags);
6bd57416 882
23bb5763 883 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 884
a9de9248 885 hci_conn_check_pending(hdev);
1da177e4
LT		 886}
887
1da177e4
LT		 888static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
889{
45bb4bf0 890 struct inquiry_data data;
a9de9248 891 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 892 int num_rsp = *((__u8 *) skb->data);
893
894 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
895
45bb4bf0
MH		 896 if (!num_rsp)
897 return;
898
1da177e4 899 hci_dev_lock(hdev);
45bb4bf0 900
1da177e4 901 for (; num_rsp; num_rsp--) {
1da177e4
LT		 902 bacpy(&data.bdaddr, &info->bdaddr);
903 data.pscan_rep_mode = info->pscan_rep_mode;
904 data.pscan_period_mode = info->pscan_period_mode;
905 data.pscan_mode = info->pscan_mode;
906 memcpy(data.dev_class, info->dev_class, 3);
907 data.clock_offset = info->clock_offset;
908 data.rssi = 0x00;
41a96212 909 data.ssp_mode = 0x00;
1da177e4
LT		 910 info++;
911 hci_inquiry_cache_update(hdev, &data);
912 }
45bb4bf0 913
1da177e4
LT		 914 hci_dev_unlock(hdev);
915}
916
1da177e4
LT		 917static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
918{
a9de9248
MH		 919 struct hci_ev_conn_complete *ev = (void *) skb->data;
920 struct hci_conn *conn;
1da177e4
LT		 921
922 BT_DBG("%s", hdev->name);
923
924 hci_dev_lock(hdev);
925
926 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 927 if (!conn) {
928 if (ev->link_type != SCO_LINK)
929 goto unlock;
930
931 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
932 if (!conn)
933 goto unlock;
934
935 conn->type = SCO_LINK;
936 }
1da177e4
LT		 937
938 if (!ev->status) {
939 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 940
941 if (conn->type == ACL_LINK) {
942 conn->state = BT_CONFIG;
943 hci_conn_hold(conn);
052b30b0 944 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 945 } else
946 conn->state = BT_CONNECTED;
1da177e4 947
9eba32b8 948 hci_conn_hold_device(conn);
7d0db0a3
MH		 949 hci_conn_add_sysfs(conn);
950
1da177e4
LT		 951 if (test_bit(HCI_AUTH, &hdev->flags))
952 conn->link_mode |= HCI_LM_AUTH;
953
954 if (test_bit(HCI_ENCRYPT, &hdev->flags))
955 conn->link_mode |= HCI_LM_ENCRYPT;
956
04837f64
MH		 957 /* Get remote features */
958 if (conn->type == ACL_LINK) {
959 struct hci_cp_read_remote_features cp;
960 cp.handle = ev->handle;
769be974
MH		 961 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
962 sizeof(cp), &cp);
04837f64
MH		 963 }
964
1da177e4 965 /* Set packet type for incoming connection */
a8746417 966 if (!conn->out && hdev->hci_ver < 3) {
1da177e4
LT		 967 struct hci_cp_change_conn_ptype cp;
968 cp.handle = ev->handle;
a8746417
MH		 969 cp.pkt_type = cpu_to_le16(conn->pkt_type);
970 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
971 sizeof(cp), &cp);
1da177e4
LT		 972 }
973 } else
974 conn->state = BT_CLOSED;
975
e73439d8
MH		 976 if (conn->type == ACL_LINK)
977 hci_sco_setup(conn, ev->status);
1da177e4 978
769be974
MH		 979 if (ev->status) {
980 hci_proto_connect_cfm(conn, ev->status);
1da177e4 981 hci_conn_del(conn);
c89b6e6b
MH		 982 } else if (ev->link_type != ACL_LINK)
983 hci_proto_connect_cfm(conn, ev->status);
1da177e4 984
a9de9248 985unlock:
1da177e4 986 hci_dev_unlock(hdev);
1da177e4 987
a9de9248 988 hci_conn_check_pending(hdev);
1da177e4
LT		 989}
990
a9de9248 991static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 992{
a9de9248
MH		 993 struct hci_ev_conn_request *ev = (void *) skb->data;
994 int mask = hdev->link_mode;
1da177e4 995
a9de9248
MH		 996 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
997 batostr(&ev->bdaddr), ev->link_type);
1da177e4 998
a9de9248 999 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1000
f0358568 1001 if ((mask & HCI_LM_ACCEPT) && !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1002 /* Connection accepted */
c7bdd502 1003 struct inquiry_entry *ie;
1da177e4 1004 struct hci_conn *conn;
1da177e4 1005
a9de9248 1006 hci_dev_lock(hdev);
b6a0dc82 1007
cc11b9c1
AE		 1008 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1009 if (ie)
c7bdd502
MH		 1010 memcpy(ie->data.dev_class, ev->dev_class, 3);
1011
a9de9248
MH		 1012 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1013 if (!conn) {
cc11b9c1
AE		 1014 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1015 if (!conn) {
893ef971 1016 BT_ERR("No memory for new connection");
a9de9248
MH		 1017 hci_dev_unlock(hdev);
1018 return;
1da177e4
LT		 1019 }
1020 }
b6a0dc82 1021
a9de9248
MH		 1022 memcpy(conn->dev_class, ev->dev_class, 3);
1023 conn->state = BT_CONNECT;
b6a0dc82 1024
a9de9248 1025 hci_dev_unlock(hdev);
1da177e4 1026
b6a0dc82
MH		 1027 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1028 struct hci_cp_accept_conn_req cp;
1da177e4 1029
b6a0dc82
MH		 1030 bacpy(&cp.bdaddr, &ev->bdaddr);
1031
1032 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1033 cp.role = 0x00; /* Become master */
1034 else
1035 cp.role = 0x01; /* Remain slave */
1036
1037 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1038 sizeof(cp), &cp);
1039 } else {
1040 struct hci_cp_accept_sync_conn_req cp;
1041
1042 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1043 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82
MH		 1044
1045 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1046 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1047 cp.max_latency = cpu_to_le16(0xffff);
1048 cp.content_format = cpu_to_le16(hdev->voice_setting);
1049 cp.retrans_effort = 0xff;
1da177e4 1050
b6a0dc82
MH		 1051 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1052 sizeof(cp), &cp);
1053 }
a9de9248
MH		 1054 } else {
1055 /* Connection rejected */
1056 struct hci_cp_reject_conn_req cp;
1da177e4 1057
a9de9248
MH		 1058 bacpy(&cp.bdaddr, &ev->bdaddr);
1059 cp.reason = 0x0f;
1060 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1061 }
1da177e4
LT		 1062}
1063
a9de9248 1064static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1065{
a9de9248 1066 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1067 struct hci_conn *conn;
1068
1069 BT_DBG("%s status %d", hdev->name, ev->status);
1070
a9de9248
MH		 1071 if (ev->status)
1072 return;
1073
04837f64
MH		 1074 hci_dev_lock(hdev);
1075
1076 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1077 if (conn) {
a9de9248 1078 conn->state = BT_CLOSED;
7d0db0a3 1079
2950f21a 1080 hci_proto_disconn_cfm(conn, ev->reason);
a9de9248 1081 hci_conn_del(conn);
04837f64
MH		 1082 }
1083
1084 hci_dev_unlock(hdev);
1085}
1086
1da177e4
LT		 1087static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1088{
a9de9248 1089 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 1090 struct hci_conn *conn;
1da177e4
LT		 1091
1092 BT_DBG("%s status %d", hdev->name, ev->status);
1093
1094 hci_dev_lock(hdev);
1095
04837f64 1096 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1097 if (conn) {
1098 if (!ev->status)
1099 conn->link_mode |= HCI_LM_AUTH;
da213f41
JH		 1100 else
1101 conn->sec_level = BT_SECURITY_LOW;
1da177e4
LT		 1102
1103 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1104
f8558555
MH		 1105 if (conn->state == BT_CONFIG) {
1106 if (!ev->status && hdev->ssp_mode > 0 &&
1107 conn->ssp_mode > 0) {
1108 struct hci_cp_set_conn_encrypt cp;
1109 cp.handle = ev->handle;
1110 cp.encrypt = 0x01;
1111 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1112 sizeof(cp), &cp);
1113 } else {
1114 conn->state = BT_CONNECTED;
1115 hci_proto_connect_cfm(conn, ev->status);
1116 hci_conn_put(conn);
1117 }
052b30b0 1118 } else {
f8558555 1119 hci_auth_cfm(conn, ev->status);
1da177e4 1120
052b30b0
MH		 1121 hci_conn_hold(conn);
1122 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1123 hci_conn_put(conn);
1124 }
1125
1da177e4
LT		 1126 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1127 if (!ev->status) {
1128 struct hci_cp_set_conn_encrypt cp;
f8558555
MH		 1129 cp.handle = ev->handle;
1130 cp.encrypt = 0x01;
1131 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1132 sizeof(cp), &cp);
1da177e4
LT		 1133 } else {
1134 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1135 hci_encrypt_cfm(conn, ev->status, 0x00);
1136 }
1137 }
1138 }
1139
1140 hci_dev_unlock(hdev);
1141}
1142
a9de9248 1143static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1144{
127178d2
JH		 1145 struct hci_ev_remote_name *ev = (void *) skb->data;
1146 struct hci_conn *conn;
1147
a9de9248 1148 BT_DBG("%s", hdev->name);
1da177e4 1149
a9de9248 1150 hci_conn_check_pending(hdev);
127178d2
JH		 1151
1152 hci_dev_lock(hdev);
1153
1154 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1155 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1156 struct hci_cp_auth_requested cp;
1157 cp.handle = __cpu_to_le16(conn->handle);
1158 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1159 }
1160
1161 hci_dev_unlock(hdev);
a9de9248
MH		 1162}
1163
1164static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1165{
1166 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1167 struct hci_conn *conn;
1168
1169 BT_DBG("%s status %d", hdev->name, ev->status);
1da177e4
LT		 1170
1171 hci_dev_lock(hdev);
1172
04837f64 1173 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1174 if (conn) {
1175 if (!ev->status) {
ae293196
MH		 1176 if (ev->encrypt) {
1177 /* Encryption implies authentication */
1178 conn->link_mode |= HCI_LM_AUTH;
1da177e4 1179 conn->link_mode |= HCI_LM_ENCRYPT;
ae293196 1180 } else
1da177e4
LT		 1181 conn->link_mode &= ~HCI_LM_ENCRYPT;
1182 }
1183
1184 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1185
f8558555
MH		 1186 if (conn->state == BT_CONFIG) {
1187 if (!ev->status)
1188 conn->state = BT_CONNECTED;
1189
1190 hci_proto_connect_cfm(conn, ev->status);
1191 hci_conn_put(conn);
1192 } else
1193 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 1194 }
1195
1196 hci_dev_unlock(hdev);
1197}
1198
a9de9248 1199static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1200{
a9de9248 1201 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 1202 struct hci_conn *conn;
1da177e4
LT		 1203
1204 BT_DBG("%s status %d", hdev->name, ev->status);
1205
1206 hci_dev_lock(hdev);
1207
04837f64 1208 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1209 if (conn) {
1210 if (!ev->status)
1211 conn->link_mode |= HCI_LM_SECURE;
1212
1213 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1214
1215 hci_key_change_cfm(conn, ev->status);
1216 }
1217
1218 hci_dev_unlock(hdev);
1219}
1220
a9de9248 1221static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1222{
a9de9248
MH		 1223 struct hci_ev_remote_features *ev = (void *) skb->data;
1224 struct hci_conn *conn;
1225
1226 BT_DBG("%s status %d", hdev->name, ev->status);
1227
a9de9248
MH		 1228 hci_dev_lock(hdev);
1229
1230 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 1231 if (!conn)
1232 goto unlock;
769be974 1233
ccd556fe
JH		 1234 if (!ev->status)
1235 memcpy(conn->features, ev->features, 8);
1236
1237 if (conn->state != BT_CONFIG)
1238 goto unlock;
1239
1240 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1241 struct hci_cp_read_remote_ext_features cp;
1242 cp.handle = ev->handle;
1243 cp.page = 0x01;
1244 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
bdb7524a 1245 sizeof(cp), &cp);
392599b9
JH		 1246 goto unlock;
1247 }
1248
127178d2
JH		 1249 if (!ev->status) {
1250 struct hci_cp_remote_name_req cp;
1251 memset(&cp, 0, sizeof(cp));
1252 bacpy(&cp.bdaddr, &conn->dst);
1253 cp.pscan_rep_mode = 0x02;
1254 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1255 }
392599b9 1256
127178d2 1257 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 1258 conn->state = BT_CONNECTED;
1259 hci_proto_connect_cfm(conn, ev->status);
1260 hci_conn_put(conn);
769be974 1261 }
a9de9248 1262
ccd556fe 1263unlock:
a9de9248 1264 hci_dev_unlock(hdev);
1da177e4
LT		 1265}
1266
a9de9248 1267static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1268{
a9de9248 1269 BT_DBG("%s", hdev->name);
1da177e4
LT		 1270}
1271
a9de9248 1272static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1273{
a9de9248 1274 BT_DBG("%s", hdev->name);
1da177e4
LT		 1275}
1276
a9de9248
MH		 1277static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1278{
1279 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1280 __u16 opcode;
1281
1282 skb_pull(skb, sizeof(*ev));
1283
1284 opcode = __le16_to_cpu(ev->opcode);
1285
1286 switch (opcode) {
1287 case HCI_OP_INQUIRY_CANCEL:
1288 hci_cc_inquiry_cancel(hdev, skb);
1289 break;
1290
1291 case HCI_OP_EXIT_PERIODIC_INQ:
1292 hci_cc_exit_periodic_inq(hdev, skb);
1293 break;
1294
1295 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1296 hci_cc_remote_name_req_cancel(hdev, skb);
1297 break;
1298
1299 case HCI_OP_ROLE_DISCOVERY:
1300 hci_cc_role_discovery(hdev, skb);
1301 break;
1302
e4e8e37c
MH		 1303 case HCI_OP_READ_LINK_POLICY:
1304 hci_cc_read_link_policy(hdev, skb);
1305 break;
1306
a9de9248
MH		 1307 case HCI_OP_WRITE_LINK_POLICY:
1308 hci_cc_write_link_policy(hdev, skb);
1309 break;
1310
e4e8e37c
MH		 1311 case HCI_OP_READ_DEF_LINK_POLICY:
1312 hci_cc_read_def_link_policy(hdev, skb);
1313 break;
1314
1315 case HCI_OP_WRITE_DEF_LINK_POLICY:
1316 hci_cc_write_def_link_policy(hdev, skb);
1317 break;
1318
a9de9248
MH		 1319 case HCI_OP_RESET:
1320 hci_cc_reset(hdev, skb);
1321 break;
1322
1323 case HCI_OP_WRITE_LOCAL_NAME:
1324 hci_cc_write_local_name(hdev, skb);
1325 break;
1326
1327 case HCI_OP_READ_LOCAL_NAME:
1328 hci_cc_read_local_name(hdev, skb);
1329 break;
1330
1331 case HCI_OP_WRITE_AUTH_ENABLE:
1332 hci_cc_write_auth_enable(hdev, skb);
1333 break;
1334
1335 case HCI_OP_WRITE_ENCRYPT_MODE:
1336 hci_cc_write_encrypt_mode(hdev, skb);
1337 break;
1338
1339 case HCI_OP_WRITE_SCAN_ENABLE:
1340 hci_cc_write_scan_enable(hdev, skb);
1341 break;
1342
1343 case HCI_OP_READ_CLASS_OF_DEV:
1344 hci_cc_read_class_of_dev(hdev, skb);
1345 break;
1346
1347 case HCI_OP_WRITE_CLASS_OF_DEV:
1348 hci_cc_write_class_of_dev(hdev, skb);
1349 break;
1350
1351 case HCI_OP_READ_VOICE_SETTING:
1352 hci_cc_read_voice_setting(hdev, skb);
1353 break;
1354
1355 case HCI_OP_WRITE_VOICE_SETTING:
1356 hci_cc_write_voice_setting(hdev, skb);
1357 break;
1358
1359 case HCI_OP_HOST_BUFFER_SIZE:
1360 hci_cc_host_buffer_size(hdev, skb);
1361 break;
1362
333140b5
MH		 1363 case HCI_OP_READ_SSP_MODE:
1364 hci_cc_read_ssp_mode(hdev, skb);
1365 break;
1366
1367 case HCI_OP_WRITE_SSP_MODE:
1368 hci_cc_write_ssp_mode(hdev, skb);
1369 break;
1370
a9de9248
MH		 1371 case HCI_OP_READ_LOCAL_VERSION:
1372 hci_cc_read_local_version(hdev, skb);
1373 break;
1374
1375 case HCI_OP_READ_LOCAL_COMMANDS:
1376 hci_cc_read_local_commands(hdev, skb);
1377 break;
1378
1379 case HCI_OP_READ_LOCAL_FEATURES:
1380 hci_cc_read_local_features(hdev, skb);
1381 break;
1382
1383 case HCI_OP_READ_BUFFER_SIZE:
1384 hci_cc_read_buffer_size(hdev, skb);
1385 break;
1386
1387 case HCI_OP_READ_BD_ADDR:
1388 hci_cc_read_bd_addr(hdev, skb);
1389 break;
1390
23bb5763
JH		 1391 case HCI_OP_WRITE_CA_TIMEOUT:
1392 hci_cc_write_ca_timeout(hdev, skb);
1393 break;
1394
a9de9248
MH		 1395 default:
1396 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1397 break;
1398 }
1399
1400 if (ev->ncmd) {
1401 atomic_set(&hdev->cmd_cnt, 1);
1402 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1403 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1404 }
1405}
1406
1407static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1408{
1409 struct hci_ev_cmd_status *ev = (void *) skb->data;
1410 __u16 opcode;
1411
1412 skb_pull(skb, sizeof(*ev));
1413
1414 opcode = __le16_to_cpu(ev->opcode);
1415
1416 switch (opcode) {
1417 case HCI_OP_INQUIRY:
1418 hci_cs_inquiry(hdev, ev->status);
1419 break;
1420
1421 case HCI_OP_CREATE_CONN:
1422 hci_cs_create_conn(hdev, ev->status);
1423 break;
1424
1425 case HCI_OP_ADD_SCO:
1426 hci_cs_add_sco(hdev, ev->status);
1427 break;
1428
f8558555
MH		 1429 case HCI_OP_AUTH_REQUESTED:
1430 hci_cs_auth_requested(hdev, ev->status);
1431 break;
1432
1433 case HCI_OP_SET_CONN_ENCRYPT:
1434 hci_cs_set_conn_encrypt(hdev, ev->status);
1435 break;
1436
a9de9248
MH		 1437 case HCI_OP_REMOTE_NAME_REQ:
1438 hci_cs_remote_name_req(hdev, ev->status);
1439 break;
1440
769be974
MH		 1441 case HCI_OP_READ_REMOTE_FEATURES:
1442 hci_cs_read_remote_features(hdev, ev->status);
1443 break;
1444
1445 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1446 hci_cs_read_remote_ext_features(hdev, ev->status);
1447 break;
1448
a9de9248
MH		 1449 case HCI_OP_SETUP_SYNC_CONN:
1450 hci_cs_setup_sync_conn(hdev, ev->status);
1451 break;
1452
1453 case HCI_OP_SNIFF_MODE:
1454 hci_cs_sniff_mode(hdev, ev->status);
1455 break;
1456
1457 case HCI_OP_EXIT_SNIFF_MODE:
1458 hci_cs_exit_sniff_mode(hdev, ev->status);
1459 break;
1460
1461 default:
1462 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1463 break;
1464 }
1465
1466 if (ev->ncmd) {
1467 atomic_set(&hdev->cmd_cnt, 1);
1468 if (!skb_queue_empty(&hdev->cmd_q))
c78ae283 1469 tasklet_schedule(&hdev->cmd_task);
a9de9248
MH		 1470 }
1471}
1472
1473static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1474{
1475 struct hci_ev_role_change *ev = (void *) skb->data;
1476 struct hci_conn *conn;
1477
1478 BT_DBG("%s status %d", hdev->name, ev->status);
1479
1480 hci_dev_lock(hdev);
1481
1482 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1483 if (conn) {
1484 if (!ev->status) {
1485 if (ev->role)
1486 conn->link_mode &= ~HCI_LM_MASTER;
1487 else
1488 conn->link_mode |= HCI_LM_MASTER;
1489 }
1490
1491 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1492
1493 hci_role_switch_cfm(conn, ev->status, ev->role);
1494 }
1495
1496 hci_dev_unlock(hdev);
1497}
1498
1499static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1500{
1501 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1502 __le16 *ptr;
1503 int i;
1504
1505 skb_pull(skb, sizeof(*ev));
1506
1507 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1508
1509 if (skb->len < ev->num_hndl * 4) {
1510 BT_DBG("%s bad parameters", hdev->name);
1511 return;
1512 }
1513
1514 tasklet_disable(&hdev->tx_task);
1515
1516 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1517 struct hci_conn *conn;
1518 __u16 handle, count;
1519
83985319
HH		 1520 handle = get_unaligned_le16(ptr++);
1521 count = get_unaligned_le16(ptr++);
a9de9248
MH		 1522
1523 conn = hci_conn_hash_lookup_handle(hdev, handle);
1524 if (conn) {
1525 conn->sent -= count;
1526
1527 if (conn->type == ACL_LINK) {
70f23020
AE		 1528 hdev->acl_cnt += count;
1529 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248
MH		 1530 hdev->acl_cnt = hdev->acl_pkts;
1531 } else {
70f23020
AE		 1532 hdev->sco_cnt += count;
1533 if (hdev->sco_cnt > hdev->sco_pkts)
a9de9248
MH		 1534 hdev->sco_cnt = hdev->sco_pkts;
1535 }
1536 }
1537 }
1538
c78ae283 1539 tasklet_schedule(&hdev->tx_task);
a9de9248
MH		 1540
1541 tasklet_enable(&hdev->tx_task);
1542}
1543
1544static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1545{
a9de9248 1546 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 1547 struct hci_conn *conn;
1548
1549 BT_DBG("%s status %d", hdev->name, ev->status);
1550
1551 hci_dev_lock(hdev);
1552
1553 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 1554 if (conn) {
1555 conn->mode = ev->mode;
1556 conn->interval = __le16_to_cpu(ev->interval);
1557
1558 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1559 if (conn->mode == HCI_CM_ACTIVE)
1560 conn->power_save = 1;
1561 else
1562 conn->power_save = 0;
1563 }
e73439d8
MH		 1564
1565 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1566 hci_sco_setup(conn, ev->status);
04837f64
MH		 1567 }
1568
1569 hci_dev_unlock(hdev);
1570}
1571
a9de9248
MH		 1572static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1573{
052b30b0
MH		 1574 struct hci_ev_pin_code_req *ev = (void *) skb->data;
1575 struct hci_conn *conn;
1576
a9de9248 1577 BT_DBG("%s", hdev->name);
052b30b0
MH		 1578
1579 hci_dev_lock(hdev);
1580
1581 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3d7a9d1c 1582 if (conn && conn->state == BT_CONNECTED) {
052b30b0
MH		 1583 hci_conn_hold(conn);
1584 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1585 hci_conn_put(conn);
1586 }
1587
1588 hci_dev_unlock(hdev);
a9de9248
MH		 1589}
1590
1591static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1592{
1593 BT_DBG("%s", hdev->name);
1594}
1595
1596static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1597{
052b30b0
MH		 1598 struct hci_ev_link_key_notify *ev = (void *) skb->data;
1599 struct hci_conn *conn;
1600
a9de9248 1601 BT_DBG("%s", hdev->name);
052b30b0
MH		 1602
1603 hci_dev_lock(hdev);
1604
1605 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1606 if (conn) {
1607 hci_conn_hold(conn);
1608 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1609 hci_conn_put(conn);
1610 }
1611
1612 hci_dev_unlock(hdev);
a9de9248
MH		 1613}
1614
1da177e4
LT		 1615static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1616{
a9de9248 1617 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 1618 struct hci_conn *conn;
1da177e4
LT		 1619
1620 BT_DBG("%s status %d", hdev->name, ev->status);
1621
1622 hci_dev_lock(hdev);
1623
04837f64 1624 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 1625 if (conn && !ev->status) {
1626 struct inquiry_entry *ie;
1627
cc11b9c1
AE		 1628 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
1629 if (ie) {
1da177e4
LT		 1630 ie->data.clock_offset = ev->clock_offset;
1631 ie->timestamp = jiffies;
1632 }
1633 }
1634
1635 hci_dev_unlock(hdev);
1636}
1637
a8746417
MH		 1638static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1639{
1640 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
1641 struct hci_conn *conn;
1642
1643 BT_DBG("%s status %d", hdev->name, ev->status);
1644
1645 hci_dev_lock(hdev);
1646
1647 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1648 if (conn && !ev->status)
1649 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
1650
1651 hci_dev_unlock(hdev);
1652}
1653
85a1e930
MH		 1654static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1655{
a9de9248 1656 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 1657 struct inquiry_entry *ie;
1658
1659 BT_DBG("%s", hdev->name);
1660
1661 hci_dev_lock(hdev);
1662
cc11b9c1
AE		 1663 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1664 if (ie) {
85a1e930
MH		 1665 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1666 ie->timestamp = jiffies;
1667 }
1668
1669 hci_dev_unlock(hdev);
1670}
1671
a9de9248
MH		 1672static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1673{
1674 struct inquiry_data data;
1675 int num_rsp = *((__u8 *) skb->data);
1676
1677 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1678
1679 if (!num_rsp)
1680 return;
1681
1682 hci_dev_lock(hdev);
1683
1684 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1685 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1686
1687 for (; num_rsp; num_rsp--) {
1688 bacpy(&data.bdaddr, &info->bdaddr);
1689 data.pscan_rep_mode = info->pscan_rep_mode;
1690 data.pscan_period_mode = info->pscan_period_mode;
1691 data.pscan_mode = info->pscan_mode;
1692 memcpy(data.dev_class, info->dev_class, 3);
1693 data.clock_offset = info->clock_offset;
1694 data.rssi = info->rssi;
41a96212 1695 data.ssp_mode = 0x00;
a9de9248
MH		 1696 info++;
1697 hci_inquiry_cache_update(hdev, &data);
1698 }
1699 } else {
1700 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1701
1702 for (; num_rsp; num_rsp--) {
1703 bacpy(&data.bdaddr, &info->bdaddr);
1704 data.pscan_rep_mode = info->pscan_rep_mode;
1705 data.pscan_period_mode = info->pscan_period_mode;
1706 data.pscan_mode = 0x00;
1707 memcpy(data.dev_class, info->dev_class, 3);
1708 data.clock_offset = info->clock_offset;
1709 data.rssi = info->rssi;
41a96212 1710 data.ssp_mode = 0x00;
a9de9248
MH		 1711 info++;
1712 hci_inquiry_cache_update(hdev, &data);
1713 }
1714 }
1715
1716 hci_dev_unlock(hdev);
1717}
1718
1719static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1720{
41a96212
MH		 1721 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
1722 struct hci_conn *conn;
1723
a9de9248 1724 BT_DBG("%s", hdev->name);
41a96212 1725
41a96212
MH		 1726 hci_dev_lock(hdev);
1727
1728 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 1729 if (!conn)
1730 goto unlock;
41a96212 1731
ccd556fe
JH		 1732 if (!ev->status && ev->page == 0x01) {
1733 struct inquiry_entry *ie;
41a96212 1734
cc11b9c1
AE		 1735 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
1736 if (ie)
ccd556fe 1737 ie->data.ssp_mode = (ev->features[0] & 0x01);
769be974 1738
ccd556fe
JH		 1739 conn->ssp_mode = (ev->features[0] & 0x01);
1740 }
1741
1742 if (conn->state != BT_CONFIG)
1743 goto unlock;
1744
127178d2
JH		 1745 if (!ev->status) {
1746 struct hci_cp_remote_name_req cp;
1747 memset(&cp, 0, sizeof(cp));
1748 bacpy(&cp.bdaddr, &conn->dst);
1749 cp.pscan_rep_mode = 0x02;
1750 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1751 }
392599b9 1752
127178d2 1753 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 1754 conn->state = BT_CONNECTED;
1755 hci_proto_connect_cfm(conn, ev->status);
1756 hci_conn_put(conn);
41a96212
MH		 1757 }
1758
ccd556fe 1759unlock:
41a96212 1760 hci_dev_unlock(hdev);
a9de9248
MH		 1761}
1762
1763static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1764{
b6a0dc82
MH		 1765 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
1766 struct hci_conn *conn;
1767
1768 BT_DBG("%s status %d", hdev->name, ev->status);
1769
1770 hci_dev_lock(hdev);
1771
1772 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 1773 if (!conn) {
1774 if (ev->link_type == ESCO_LINK)
1775 goto unlock;
1776
1777 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1778 if (!conn)
1779 goto unlock;
1780
1781 conn->type = SCO_LINK;
1782 }
b6a0dc82 1783
732547f9
MH		 1784 switch (ev->status) {
1785 case 0x00:
b6a0dc82
MH		 1786 conn->handle = __le16_to_cpu(ev->handle);
1787 conn->state = BT_CONNECTED;
7d0db0a3 1788
9eba32b8 1789 hci_conn_hold_device(conn);
7d0db0a3 1790 hci_conn_add_sysfs(conn);
732547f9
MH		 1791 break;
1792
705e5711 1793 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 1794 case 0x1c: /* SCO interval rejected */
1038a00b 1795 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 1796 case 0x1f: /* Unspecified error */
1797 if (conn->out && conn->attempt < 2) {
1798 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
1799 (hdev->esco_type & EDR_ESCO_MASK);
1800 hci_setup_sync(conn, conn->link->handle);
1801 goto unlock;
1802 }
1803 /* fall through */
1804
1805 default:
b6a0dc82 1806 conn->state = BT_CLOSED;
732547f9
MH		 1807 break;
1808 }
b6a0dc82
MH		 1809
1810 hci_proto_connect_cfm(conn, ev->status);
1811 if (ev->status)
1812 hci_conn_del(conn);
1813
1814unlock:
1815 hci_dev_unlock(hdev);
a9de9248
MH		 1816}
1817
1818static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
1819{
1820 BT_DBG("%s", hdev->name);
1821}
1822
04837f64
MH		 1823static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
1824{
a9de9248 1825 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64
MH		 1826 struct hci_conn *conn;
1827
1828 BT_DBG("%s status %d", hdev->name, ev->status);
1829
1830 hci_dev_lock(hdev);
1831
1832 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1833 if (conn) {
1834 }
1835
1836 hci_dev_unlock(hdev);
1837}
1838
a9de9248 1839static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1840{
a9de9248
MH		 1841 struct inquiry_data data;
1842 struct extended_inquiry_info *info = (void *) (skb->data + 1);
1843 int num_rsp = *((__u8 *) skb->data);
1da177e4 1844
a9de9248 1845 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 1846
a9de9248
MH		 1847 if (!num_rsp)
1848 return;
1da177e4 1849
a9de9248
MH		 1850 hci_dev_lock(hdev);
1851
1852 for (; num_rsp; num_rsp--) {
1853 bacpy(&data.bdaddr, &info->bdaddr);
1854 data.pscan_rep_mode = info->pscan_rep_mode;
1855 data.pscan_period_mode = info->pscan_period_mode;
1856 data.pscan_mode = 0x00;
1857 memcpy(data.dev_class, info->dev_class, 3);
1858 data.clock_offset = info->clock_offset;
1859 data.rssi = info->rssi;
41a96212 1860 data.ssp_mode = 0x01;
a9de9248
MH		 1861 info++;
1862 hci_inquiry_cache_update(hdev, &data);
1863 }
1864
1865 hci_dev_unlock(hdev);
1866}
1da177e4 1867
0493684e
MH		 1868static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1869{
1870 struct hci_ev_io_capa_request *ev = (void *) skb->data;
1871 struct hci_conn *conn;
1872
1873 BT_DBG("%s", hdev->name);
1874
1875 hci_dev_lock(hdev);
1876
1877 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1878 if (conn)
1879 hci_conn_hold(conn);
1880
1881 hci_dev_unlock(hdev);
1882}
1883
1884static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1885{
1886 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
1887 struct hci_conn *conn;
1888
1889 BT_DBG("%s", hdev->name);
1890
1891 hci_dev_lock(hdev);
1892
1893 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1894 if (conn)
1895 hci_conn_put(conn);
1896
1897 hci_dev_unlock(hdev);
1898}
1899
41a96212
MH		 1900static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1901{
1902 struct hci_ev_remote_host_features *ev = (void *) skb->data;
1903 struct inquiry_entry *ie;
1904
1905 BT_DBG("%s", hdev->name);
1906
1907 hci_dev_lock(hdev);
1908
cc11b9c1
AE		 1909 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1910 if (ie)
41a96212
MH		 1911 ie->data.ssp_mode = (ev->features[0] & 0x01);
1912
1913 hci_dev_unlock(hdev);
1914}
1915
a9de9248
MH		 1916void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
1917{
1918 struct hci_event_hdr *hdr = (void *) skb->data;
1919 __u8 event = hdr->evt;
1920
1921 skb_pull(skb, HCI_EVENT_HDR_SIZE);
1922
1923 switch (event) {
1da177e4
LT		 1924 case HCI_EV_INQUIRY_COMPLETE:
1925 hci_inquiry_complete_evt(hdev, skb);
1926 break;
1927
1928 case HCI_EV_INQUIRY_RESULT:
1929 hci_inquiry_result_evt(hdev, skb);
1930 break;
1931
a9de9248
MH		 1932 case HCI_EV_CONN_COMPLETE:
1933 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 1934 break;
1935
1da177e4
LT		 1936 case HCI_EV_CONN_REQUEST:
1937 hci_conn_request_evt(hdev, skb);
1938 break;
1939
1da177e4
LT		 1940 case HCI_EV_DISCONN_COMPLETE:
1941 hci_disconn_complete_evt(hdev, skb);
1942 break;
1943
1da177e4
LT		 1944 case HCI_EV_AUTH_COMPLETE:
1945 hci_auth_complete_evt(hdev, skb);
1946 break;
1947
a9de9248
MH		 1948 case HCI_EV_REMOTE_NAME:
1949 hci_remote_name_evt(hdev, skb);
1950 break;
1951
1da177e4
LT		 1952 case HCI_EV_ENCRYPT_CHANGE:
1953 hci_encrypt_change_evt(hdev, skb);
1954 break;
1955
a9de9248
MH		 1956 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
1957 hci_change_link_key_complete_evt(hdev, skb);
1958 break;
1959
1960 case HCI_EV_REMOTE_FEATURES:
1961 hci_remote_features_evt(hdev, skb);
1962 break;
1963
1964 case HCI_EV_REMOTE_VERSION:
1965 hci_remote_version_evt(hdev, skb);
1966 break;
1967
1968 case HCI_EV_QOS_SETUP_COMPLETE:
1969 hci_qos_setup_complete_evt(hdev, skb);
1970 break;
1971
1972 case HCI_EV_CMD_COMPLETE:
1973 hci_cmd_complete_evt(hdev, skb);
1974 break;
1975
1976 case HCI_EV_CMD_STATUS:
1977 hci_cmd_status_evt(hdev, skb);
1978 break;
1979
1980 case HCI_EV_ROLE_CHANGE:
1981 hci_role_change_evt(hdev, skb);
1982 break;
1983
1984 case HCI_EV_NUM_COMP_PKTS:
1985 hci_num_comp_pkts_evt(hdev, skb);
1986 break;
1987
1988 case HCI_EV_MODE_CHANGE:
1989 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 1990 break;
1991
1992 case HCI_EV_PIN_CODE_REQ:
1993 hci_pin_code_request_evt(hdev, skb);
1994 break;
1995
1996 case HCI_EV_LINK_KEY_REQ:
1997 hci_link_key_request_evt(hdev, skb);
1998 break;
1999
2000 case HCI_EV_LINK_KEY_NOTIFY:
2001 hci_link_key_notify_evt(hdev, skb);
2002 break;
2003
2004 case HCI_EV_CLOCK_OFFSET:
2005 hci_clock_offset_evt(hdev, skb);
2006 break;
2007
a8746417
MH		 2008 case HCI_EV_PKT_TYPE_CHANGE:
2009 hci_pkt_type_change_evt(hdev, skb);
2010 break;
2011
85a1e930
MH		 2012 case HCI_EV_PSCAN_REP_MODE:
2013 hci_pscan_rep_mode_evt(hdev, skb);
2014 break;
2015
a9de9248
MH		 2016 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2017 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 2018 break;
2019
a9de9248
MH		 2020 case HCI_EV_REMOTE_EXT_FEATURES:
2021 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 2022 break;
2023
a9de9248
MH		 2024 case HCI_EV_SYNC_CONN_COMPLETE:
2025 hci_sync_conn_complete_evt(hdev, skb);
2026 break;
1da177e4 2027
a9de9248
MH		 2028 case HCI_EV_SYNC_CONN_CHANGED:
2029 hci_sync_conn_changed_evt(hdev, skb);
2030 break;
1da177e4 2031
a9de9248
MH		 2032 case HCI_EV_SNIFF_SUBRATE:
2033 hci_sniff_subrate_evt(hdev, skb);
2034 break;
1da177e4 2035
a9de9248
MH		 2036 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2037 hci_extended_inquiry_result_evt(hdev, skb);
2038 break;
1da177e4 2039
0493684e
MH		 2040 case HCI_EV_IO_CAPA_REQUEST:
2041 hci_io_capa_request_evt(hdev, skb);
2042 break;
2043
2044 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2045 hci_simple_pair_complete_evt(hdev, skb);
2046 break;
2047
41a96212
MH		 2048 case HCI_EV_REMOTE_HOST_FEATURES:
2049 hci_remote_host_features_evt(hdev, skb);
2050 break;
2051
a9de9248
MH		 2052 default:
2053 BT_DBG("%s event 0x%x", hdev->name, event);
1da177e4
LT		 2054 break;
2055 }
2056
2057 kfree_skb(skb);
2058 hdev->stat.evt_rx++;
2059}
2060
2061/* Generate internal stack event */
2062void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2063{
2064 struct hci_event_hdr *hdr;
2065 struct hci_ev_stack_internal *ev;
2066 struct sk_buff *skb;
2067
2068 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2069 if (!skb)
2070 return;
2071
2072 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2073 hdr->evt = HCI_EV_STACK_INTERNAL;
2074 hdr->plen = sizeof(*ev) + dlen;
2075
2076 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2077 ev->type = type;
2078 memcpy(ev->data, data, dlen);
2079
576c7d85 2080 bt_cb(skb)->incoming = 1;
a61bbcf2 2081 __net_timestamp(skb);
576c7d85 2082
0d48d939 2083 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1da177e4
LT		 2084 skb->dev = (void *) hdev;
2085 hci_send_to_sock(hdev, skb);
2086 kfree_skb(skb);
2087}
kernel source for telekom puls (alcatel/mediatek)