projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: AMP: Accept Physical Link
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / hci_event.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI event handling. */
26
8c520a59 27#include <linux/export.h>
1da177e4
LT		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
f0d6a0ea 32#include <net/bluetooth/mgmt.h>
8e2a0d92 33#include <net/bluetooth/a2mp.h>
903e4541 34#include <net/bluetooth/amp.h>
1da177e4 35
1da177e4
LT		 36/* Handle HCI Event packets */
37
a9de9248 38static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 39{
a9de9248 40 __u8 status = *((__u8 *) skb->data);
1da177e4 41
9f1db00c 42 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 43
e6d465cb
AG		 44 if (status) {
45 hci_dev_lock(hdev);
46 mgmt_stop_discovery_failed(hdev, status);
47 hci_dev_unlock(hdev);
a9de9248 48 return;
e6d465cb 49 }
1da177e4 50
89352e7d
AG		 51 clear_bit(HCI_INQUIRY, &hdev->flags);
52
56e5cb86 53 hci_dev_lock(hdev);
ff9ef578 54 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
56e5cb86 55 hci_dev_unlock(hdev);
6bd57416 56
23bb5763 57 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
a9de9248
MH		 58
59 hci_conn_check_pending(hdev);
60}
6bd57416 61
4d93483b
AG		 62static void hci_cc_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
63{
64 __u8 status = *((__u8 *) skb->data);
65
9f1db00c 66 BT_DBG("%s status 0x%2.2x", hdev->name, status);
ae854a70
AG		 67
68 if (status)
69 return;
70
71 set_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
4d93483b
AG		 72}
73
a9de9248
MH		 74static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
75{
76 __u8 status = *((__u8 *) skb->data);
6bd57416 77
9f1db00c 78 BT_DBG("%s status 0x%2.2x", hdev->name, status);
6bd57416 79
a9de9248
MH		 80 if (status)
81 return;
1da177e4 82
ae854a70
AG		 83 clear_bit(HCI_PERIODIC_INQ, &hdev->dev_flags);
84
a9de9248
MH		 85 hci_conn_check_pending(hdev);
86}
87
807deac2
GP		 88static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev,
89 struct sk_buff *skb)
a9de9248
MH		 90{
91 BT_DBG("%s", hdev->name);
92}
93
94static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95{
96 struct hci_rp_role_discovery *rp = (void *) skb->data;
97 struct hci_conn *conn;
98
9f1db00c 99 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 100
101 if (rp->status)
102 return;
103
104 hci_dev_lock(hdev);
105
106 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
107 if (conn) {
108 if (rp->role)
109 conn->link_mode &= ~HCI_LM_MASTER;
110 else
111 conn->link_mode |= HCI_LM_MASTER;
1da177e4 112 }
a9de9248
MH		 113
114 hci_dev_unlock(hdev);
1da177e4
LT		 115}
116
e4e8e37c
MH		 117static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118{
119 struct hci_rp_read_link_policy *rp = (void *) skb->data;
120 struct hci_conn *conn;
121
9f1db00c 122 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 123
124 if (rp->status)
125 return;
126
127 hci_dev_lock(hdev);
128
129 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 if (conn)
131 conn->link_policy = __le16_to_cpu(rp->policy);
132
133 hci_dev_unlock(hdev);
134}
135
a9de9248 136static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 137{
a9de9248 138 struct hci_rp_write_link_policy *rp = (void *) skb->data;
1da177e4 139 struct hci_conn *conn;
04837f64 140 void *sent;
1da177e4 141
9f1db00c 142 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 143
a9de9248
MH		 144 if (rp->status)
145 return;
1da177e4 146
a9de9248
MH		 147 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
148 if (!sent)
149 return;
1da177e4 150
a9de9248 151 hci_dev_lock(hdev);
1da177e4 152
a9de9248 153 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
e4e8e37c 154 if (conn)
83985319 155 conn->link_policy = get_unaligned_le16(sent + 2);
1da177e4 156
a9de9248
MH		 157 hci_dev_unlock(hdev);
158}
1da177e4 159
807deac2
GP		 160static void hci_cc_read_def_link_policy(struct hci_dev *hdev,
161 struct sk_buff *skb)
e4e8e37c
MH		 162{
163 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
164
9f1db00c 165 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
e4e8e37c
MH		 166
167 if (rp->status)
168 return;
169
170 hdev->link_policy = __le16_to_cpu(rp->policy);
171}
172
807deac2
GP		 173static void hci_cc_write_def_link_policy(struct hci_dev *hdev,
174 struct sk_buff *skb)
e4e8e37c
MH		 175{
176 __u8 status = *((__u8 *) skb->data);
177 void *sent;
178
9f1db00c 179 BT_DBG("%s status 0x%2.2x", hdev->name, status);
e4e8e37c
MH		 180
181 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
182 if (!sent)
183 return;
184
185 if (!status)
186 hdev->link_policy = get_unaligned_le16(sent);
187
23bb5763 188 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
e4e8e37c
MH		 189}
190
a9de9248
MH		 191static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
192{
193 __u8 status = *((__u8 *) skb->data);
04837f64 194
9f1db00c 195 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 196
10572132
GP		 197 clear_bit(HCI_RESET, &hdev->flags);
198
23bb5763 199 hci_req_complete(hdev, HCI_OP_RESET, status);
d23264a8 200
a297e97c 201 /* Reset all non-persistent flags */
ae854a70
AG		 202 hdev->dev_flags &= ~(BIT(HCI_LE_SCAN) | BIT(HCI_PENDING_CLASS) |
203 BIT(HCI_PERIODIC_INQ));
69775ff6
AG		 204
205 hdev->discovery.state = DISCOVERY_STOPPED;
a9de9248 206}
04837f64 207
a9de9248
MH		 208static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
209{
210 __u8 status = *((__u8 *) skb->data);
211 void *sent;
04837f64 212
9f1db00c 213 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 214
a9de9248
MH		 215 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
216 if (!sent)
217 return;
04837f64 218
56e5cb86
JH		 219 hci_dev_lock(hdev);
220
f51d5b24
JH		 221 if (test_bit(HCI_MGMT, &hdev->dev_flags))
222 mgmt_set_local_name_complete(hdev, sent, status);
28cc7bde
JH		 223 else if (!status)
224 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
f51d5b24 225
56e5cb86 226 hci_dev_unlock(hdev);
3159d384
JH		 227
228 hci_req_complete(hdev, HCI_OP_WRITE_LOCAL_NAME, status);
a9de9248
MH		 229}
230
231static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
232{
233 struct hci_rp_read_local_name *rp = (void *) skb->data;
234
9f1db00c 235 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 236
237 if (rp->status)
238 return;
239
db99b5fc
JH		 240 if (test_bit(HCI_SETUP, &hdev->dev_flags))
241 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
a9de9248
MH		 242}
243
244static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
245{
246 __u8 status = *((__u8 *) skb->data);
247 void *sent;
248
9f1db00c 249 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 250
251 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
252 if (!sent)
253 return;
254
255 if (!status) {
256 __u8 param = *((__u8 *) sent);
257
258 if (param == AUTH_ENABLED)
259 set_bit(HCI_AUTH, &hdev->flags);
260 else
261 clear_bit(HCI_AUTH, &hdev->flags);
1da177e4 262 }
a9de9248 263
33ef95ed
JH		 264 if (test_bit(HCI_MGMT, &hdev->dev_flags))
265 mgmt_auth_enable_complete(hdev, status);
266
23bb5763 267 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
1da177e4
LT		 268}
269
a9de9248 270static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 271{
a9de9248 272 __u8 status = *((__u8 *) skb->data);
1da177e4
LT		 273 void *sent;
274
9f1db00c 275 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 276
a9de9248
MH		 277 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
278 if (!sent)
279 return;
1da177e4 280
a9de9248
MH		 281 if (!status) {
282 __u8 param = *((__u8 *) sent);
283
284 if (param)
285 set_bit(HCI_ENCRYPT, &hdev->flags);
286 else
287 clear_bit(HCI_ENCRYPT, &hdev->flags);
288 }
1da177e4 289
23bb5763 290 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
a9de9248 291}
1da177e4 292
a9de9248
MH		 293static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
294{
36f7fc7e
JH		 295 __u8 param, status = *((__u8 *) skb->data);
296 int old_pscan, old_iscan;
a9de9248 297 void *sent;
1da177e4 298
9f1db00c 299 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 300
a9de9248
MH		 301 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
302 if (!sent)
303 return;
1da177e4 304
36f7fc7e
JH		 305 param = *((__u8 *) sent);
306
56e5cb86
JH		 307 hci_dev_lock(hdev);
308
fa1bd918 309 if (status) {
744cf19e 310 mgmt_write_scan_failed(hdev, param, status);
2d7cee58
JH		 311 hdev->discov_timeout = 0;
312 goto done;
313 }
314
36f7fc7e
JH		 315 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
316 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
317
318 if (param & SCAN_INQUIRY) {
319 set_bit(HCI_ISCAN, &hdev->flags);
320 if (!old_iscan)
744cf19e 321 mgmt_discoverable(hdev, 1);
16ab91ab
JH		 322 if (hdev->discov_timeout > 0) {
323 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
324 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
807deac2 325 to);
16ab91ab 326 }
36f7fc7e 327 } else if (old_iscan)
744cf19e 328 mgmt_discoverable(hdev, 0);
36f7fc7e
JH		 329
330 if (param & SCAN_PAGE) {
331 set_bit(HCI_PSCAN, &hdev->flags);
332 if (!old_pscan)
744cf19e 333 mgmt_connectable(hdev, 1);
36f7fc7e 334 } else if (old_pscan)
744cf19e 335 mgmt_connectable(hdev, 0);
1da177e4 336
36f7fc7e 337done:
56e5cb86 338 hci_dev_unlock(hdev);
23bb5763 339 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
a9de9248 340}
1da177e4 341
a9de9248
MH		 342static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
343{
344 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
1da177e4 345
9f1db00c 346 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 347
a9de9248
MH		 348 if (rp->status)
349 return;
1da177e4 350
a9de9248 351 memcpy(hdev->dev_class, rp->dev_class, 3);
1da177e4 352
a9de9248 353 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
807deac2 354 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
a9de9248 355}
1da177e4 356
a9de9248
MH		 357static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
358{
359 __u8 status = *((__u8 *) skb->data);
360 void *sent;
1da177e4 361
9f1db00c 362 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 363
a9de9248
MH		 364 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
365 if (!sent)
366 return;
1da177e4 367
7f9a903c
MH		 368 hci_dev_lock(hdev);
369
370 if (status == 0)
371 memcpy(hdev->dev_class, sent, 3);
372
373 if (test_bit(HCI_MGMT, &hdev->dev_flags))
374 mgmt_set_class_of_dev_complete(hdev, sent, status);
375
376 hci_dev_unlock(hdev);
a9de9248 377}
1da177e4 378
a9de9248
MH		 379static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
380{
381 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
382 __u16 setting;
383
9f1db00c 384 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 385
386 if (rp->status)
387 return;
388
389 setting = __le16_to_cpu(rp->voice_setting);
390
f383f275 391 if (hdev->voice_setting == setting)
a9de9248
MH		 392 return;
393
394 hdev->voice_setting = setting;
395
9f1db00c 396 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
a9de9248 397
3c54711c 398 if (hdev->notify)
a9de9248 399 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
a9de9248
MH		 400}
401
8fc9ced3
GP		 402static void hci_cc_write_voice_setting(struct hci_dev *hdev,
403 struct sk_buff *skb)
a9de9248
MH		 404{
405 __u8 status = *((__u8 *) skb->data);
f383f275 406 __u16 setting;
a9de9248
MH		 407 void *sent;
408
9f1db00c 409 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 410
f383f275
MH		 411 if (status)
412 return;
413
a9de9248
MH		 414 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
415 if (!sent)
416 return;
1da177e4 417
f383f275 418 setting = get_unaligned_le16(sent);
1da177e4 419
f383f275
MH		 420 if (hdev->voice_setting == setting)
421 return;
422
423 hdev->voice_setting = setting;
1da177e4 424
9f1db00c 425 BT_DBG("%s voice setting 0x%4.4x", hdev->name, setting);
1da177e4 426
3c54711c 427 if (hdev->notify)
f383f275 428 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
1da177e4
LT		 429}
430
a9de9248 431static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 432{
a9de9248 433 __u8 status = *((__u8 *) skb->data);
1da177e4 434
9f1db00c 435 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 436
23bb5763 437 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
a9de9248 438}
1143e5a6 439
333140b5
MH		 440static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
441{
442 __u8 status = *((__u8 *) skb->data);
443 void *sent;
444
9f1db00c 445 BT_DBG("%s status 0x%2.2x", hdev->name, status);
333140b5 446
333140b5
MH		 447 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
448 if (!sent)
449 return;
450
ed2c4ee3 451 if (test_bit(HCI_MGMT, &hdev->dev_flags))
c0ecddc2
JH		 452 mgmt_ssp_enable_complete(hdev, *((u8 *) sent), status);
453 else if (!status) {
454 if (*((u8 *) sent))
455 set_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
456 else
457 clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
458 }
333140b5
MH		 459}
460
d5859e22
JH		 461static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
462{
463 if (hdev->features[6] & LMP_EXT_INQ)
464 return 2;
465
466 if (hdev->features[3] & LMP_RSSI_INQ)
467 return 1;
468
469 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
807deac2 470 hdev->lmp_subver == 0x0757)
d5859e22
JH		 471 return 1;
472
473 if (hdev->manufacturer == 15) {
474 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
475 return 1;
476 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
477 return 1;
478 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
479 return 1;
480 }
481
482 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
807deac2 483 hdev->lmp_subver == 0x1805)
d5859e22
JH		 484 return 1;
485
486 return 0;
487}
488
489static void hci_setup_inquiry_mode(struct hci_dev *hdev)
490{
491 u8 mode;
492
493 mode = hci_get_inquiry_mode(hdev);
494
495 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
496}
497
498static void hci_setup_event_mask(struct hci_dev *hdev)
499{
500 /* The second byte is 0xff instead of 0x9f (two reserved bits
501 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
502 * command otherwise */
503 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
504
6de6c18d
VT		 505 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
506 * any event mask for pre 1.2 devices */
5a13b095 507 if (hdev->hci_ver < BLUETOOTH_VER_1_2)
6de6c18d
VT		 508 return;
509
510 events[4] |= 0x01; /* Flow Specification Complete */
511 events[4] |= 0x02; /* Inquiry Result with RSSI */
512 events[4] |= 0x04; /* Read Remote Extended Features Complete */
513 events[5] |= 0x08; /* Synchronous Connection Complete */
514 events[5] |= 0x10; /* Synchronous Connection Changed */
d5859e22
JH		 515
516 if (hdev->features[3] & LMP_RSSI_INQ)
a24299e6 517 events[4] |= 0x02; /* Inquiry Result with RSSI */
d5859e22 518
999dcd10 519 if (lmp_sniffsubr_capable(hdev))
d5859e22
JH		 520 events[5] |= 0x20; /* Sniff Subrating */
521
522 if (hdev->features[5] & LMP_PAUSE_ENC)
523 events[5] |= 0x80; /* Encryption Key Refresh Complete */
524
525 if (hdev->features[6] & LMP_EXT_INQ)
526 events[5] |= 0x40; /* Extended Inquiry Result */
527
c58e810e 528 if (lmp_no_flush_capable(hdev))
d5859e22
JH		 529 events[7] |= 0x01; /* Enhanced Flush Complete */
530
531 if (hdev->features[7] & LMP_LSTO)
532 events[6] |= 0x80; /* Link Supervision Timeout Changed */
533
9a1a1996 534 if (lmp_ssp_capable(hdev)) {
d5859e22
JH		 535 events[6] |= 0x01; /* IO Capability Request */
536 events[6] |= 0x02; /* IO Capability Response */
537 events[6] |= 0x04; /* User Confirmation Request */
538 events[6] |= 0x08; /* User Passkey Request */
539 events[6] |= 0x10; /* Remote OOB Data Request */
540 events[6] |= 0x20; /* Simple Pairing Complete */
541 events[7] |= 0x04; /* User Passkey Notification */
542 events[7] |= 0x08; /* Keypress Notification */
543 events[7] |= 0x10; /* Remote Host Supported
544 * Features Notification */
545 }
546
c383ddc4 547 if (lmp_le_capable(hdev))
d5859e22
JH		 548 events[7] |= 0x20; /* LE Meta-Event */
549
550 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
551}
552
553static void hci_setup(struct hci_dev *hdev)
554{
e61ef499
AE		 555 if (hdev->dev_type != HCI_BREDR)
556 return;
557
d5859e22
JH		 558 hci_setup_event_mask(hdev);
559
d095c1eb 560 if (hdev->hci_ver > BLUETOOTH_VER_1_1)
d5859e22
JH		 561 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
562
6d3c730f 563 if (lmp_ssp_capable(hdev)) {
54d04dbb
JH		 564 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
565 u8 mode = 0x01;
566 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE,
04124681 567 sizeof(mode), &mode);
54d04dbb
JH		 568 } else {
569 struct hci_cp_write_eir cp;
570
571 memset(hdev->eir, 0, sizeof(hdev->eir));
572 memset(&cp, 0, sizeof(cp));
573
574 hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
575 }
d5859e22
JH		 576 }
577
578 if (hdev->features[3] & LMP_RSSI_INQ)
579 hci_setup_inquiry_mode(hdev);
580
581 if (hdev->features[7] & LMP_INQ_TX_PWR)
582 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
971e3a4b
AG		 583
584 if (hdev->features[7] & LMP_EXTFEATURES) {
585 struct hci_cp_read_local_ext_features cp;
586
587 cp.page = 0x01;
04124681
GP		 588 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp),
589 &cp);
971e3a4b 590 }
e6100a25 591
47990ea0
JH		 592 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags)) {
593 u8 enable = 1;
04124681
GP		 594 hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(enable),
595 &enable);
47990ea0 596 }
d5859e22
JH		 597}
598
a9de9248
MH		 599static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
600{
601 struct hci_rp_read_local_version *rp = (void *) skb->data;
1143e5a6 602
9f1db00c 603 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143e5a6 604
a9de9248 605 if (rp->status)
28b8df77 606 goto done;
1143e5a6 607
a9de9248 608 hdev->hci_ver = rp->hci_ver;
e4e8e37c 609 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
d5859e22 610 hdev->lmp_ver = rp->lmp_ver;
e4e8e37c 611 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
d5859e22 612 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
1143e5a6 613
9f1db00c 614 BT_DBG("%s manufacturer 0x%4.4x hci ver %d:%d", hdev->name,
807deac2 615 hdev->manufacturer, hdev->hci_ver, hdev->hci_rev);
d5859e22
JH		 616
617 if (test_bit(HCI_INIT, &hdev->flags))
618 hci_setup(hdev);
28b8df77
AE		 619
620done:
621 hci_req_complete(hdev, HCI_OP_READ_LOCAL_VERSION, rp->status);
d5859e22
JH		 622}
623
624static void hci_setup_link_policy(struct hci_dev *hdev)
625{
035100c8 626 struct hci_cp_write_def_link_policy cp;
d5859e22
JH		 627 u16 link_policy = 0;
628
9f92ebf6 629 if (lmp_rswitch_capable(hdev))
d5859e22
JH		 630 link_policy |= HCI_LP_RSWITCH;
631 if (hdev->features[0] & LMP_HOLD)
632 link_policy |= HCI_LP_HOLD;
6eded100 633 if (lmp_sniff_capable(hdev))
d5859e22
JH		 634 link_policy |= HCI_LP_SNIFF;
635 if (hdev->features[1] & LMP_PARK)
636 link_policy |= HCI_LP_PARK;
637
035100c8
AE		 638 cp.policy = cpu_to_le16(link_policy);
639 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, sizeof(cp), &cp);
a9de9248 640}
1da177e4 641
8fc9ced3
GP		 642static void hci_cc_read_local_commands(struct hci_dev *hdev,
643 struct sk_buff *skb)
a9de9248
MH		 644{
645 struct hci_rp_read_local_commands *rp = (void *) skb->data;
1da177e4 646
9f1db00c 647 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 648
a9de9248 649 if (rp->status)
d5859e22 650 goto done;
1da177e4 651
a9de9248 652 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
d5859e22
JH		 653
654 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
655 hci_setup_link_policy(hdev);
656
657done:
658 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
a9de9248 659}
1da177e4 660
8fc9ced3
GP		 661static void hci_cc_read_local_features(struct hci_dev *hdev,
662 struct sk_buff *skb)
a9de9248
MH		 663{
664 struct hci_rp_read_local_features *rp = (void *) skb->data;
5b7f9909 665
9f1db00c 666 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 667
a9de9248
MH		 668 if (rp->status)
669 return;
5b7f9909 670
a9de9248 671 memcpy(hdev->features, rp->features, 8);
5b7f9909 672
a9de9248
MH		 673 /* Adjust default settings according to features
674 * supported by device. */
1da177e4 675
a9de9248
MH		 676 if (hdev->features[0] & LMP_3SLOT)
677 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
1da177e4 678
a9de9248
MH		 679 if (hdev->features[0] & LMP_5SLOT)
680 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
1da177e4 681
a9de9248
MH		 682 if (hdev->features[1] & LMP_HV2) {
683 hdev->pkt_type |= (HCI_HV2);
684 hdev->esco_type |= (ESCO_HV2);
685 }
1da177e4 686
a9de9248
MH		 687 if (hdev->features[1] & LMP_HV3) {
688 hdev->pkt_type |= (HCI_HV3);
689 hdev->esco_type |= (ESCO_HV3);
690 }
1da177e4 691
45db810f 692 if (lmp_esco_capable(hdev))
a9de9248 693 hdev->esco_type |= (ESCO_EV3);
da1f5198 694
a9de9248
MH		 695 if (hdev->features[4] & LMP_EV4)
696 hdev->esco_type |= (ESCO_EV4);
da1f5198 697
a9de9248
MH		 698 if (hdev->features[4] & LMP_EV5)
699 hdev->esco_type |= (ESCO_EV5);
1da177e4 700
efc7688b
MH		 701 if (hdev->features[5] & LMP_EDR_ESCO_2M)
702 hdev->esco_type |= (ESCO_2EV3);
703
704 if (hdev->features[5] & LMP_EDR_ESCO_3M)
705 hdev->esco_type |= (ESCO_3EV3);
706
707 if (hdev->features[5] & LMP_EDR_3S_ESCO)
708 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
709
a9de9248 710 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
807deac2
GP		 711 hdev->features[0], hdev->features[1],
712 hdev->features[2], hdev->features[3],
713 hdev->features[4], hdev->features[5],
714 hdev->features[6], hdev->features[7]);
a9de9248 715}
1da177e4 716
8f984dfa
JH		 717static void hci_set_le_support(struct hci_dev *hdev)
718{
719 struct hci_cp_write_le_host_supported cp;
720
721 memset(&cp, 0, sizeof(cp));
722
9d42820f 723 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
8f984dfa
JH		 724 cp.le = 1;
725 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
726 }
727
728 if (cp.le != !!(hdev->host_features[0] & LMP_HOST_LE))
04124681
GP		 729 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp),
730 &cp);
8f984dfa
JH		 731}
732
971e3a4b 733static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
807deac2 734 struct sk_buff *skb)
971e3a4b
AG		 735{
736 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
737
9f1db00c 738 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
971e3a4b
AG		 739
740 if (rp->status)
8f984dfa 741 goto done;
971e3a4b 742
b5b32b65
AG		 743 switch (rp->page) {
744 case 0:
745 memcpy(hdev->features, rp->features, 8);
746 break;
747 case 1:
748 memcpy(hdev->host_features, rp->features, 8);
749 break;
750 }
971e3a4b 751
c383ddc4 752 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
8f984dfa
JH		 753 hci_set_le_support(hdev);
754
755done:
971e3a4b
AG		 756 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
757}
758
1e89cffb 759static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
807deac2 760 struct sk_buff *skb)
1e89cffb
AE		 761{
762 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
763
9f1db00c 764 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1e89cffb
AE		 765
766 if (rp->status)
767 return;
768
769 hdev->flow_ctl_mode = rp->mode;
770
771 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
772}
773
a9de9248
MH		 774static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
775{
776 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
1da177e4 777
9f1db00c 778 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1da177e4 779
a9de9248
MH		 780 if (rp->status)
781 return;
1da177e4 782
a9de9248
MH		 783 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
784 hdev->sco_mtu = rp->sco_mtu;
785 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
786 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
787
788 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
789 hdev->sco_mtu = 64;
790 hdev->sco_pkts = 8;
1da177e4 791 }
a9de9248
MH		 792
793 hdev->acl_cnt = hdev->acl_pkts;
794 hdev->sco_cnt = hdev->sco_pkts;
795
807deac2
GP		 796 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name, hdev->acl_mtu,
797 hdev->acl_pkts, hdev->sco_mtu, hdev->sco_pkts);
a9de9248
MH		 798}
799
800static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
801{
802 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
803
9f1db00c 804 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a9de9248
MH		 805
806 if (!rp->status)
807 bacpy(&hdev->bdaddr, &rp->bdaddr);
808
23bb5763
JH		 809 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
810}
811
350ee4cf 812static void hci_cc_read_data_block_size(struct hci_dev *hdev,
807deac2 813 struct sk_buff *skb)
350ee4cf
AE		 814{
815 struct hci_rp_read_data_block_size *rp = (void *) skb->data;
816
9f1db00c 817 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
350ee4cf
AE		 818
819 if (rp->status)
820 return;
821
822 hdev->block_mtu = __le16_to_cpu(rp->max_acl_len);
823 hdev->block_len = __le16_to_cpu(rp->block_len);
824 hdev->num_blocks = __le16_to_cpu(rp->num_blocks);
825
826 hdev->block_cnt = hdev->num_blocks;
827
828 BT_DBG("%s blk mtu %d cnt %d len %d", hdev->name, hdev->block_mtu,
807deac2 829 hdev->block_cnt, hdev->block_len);
350ee4cf
AE		 830
831 hci_req_complete(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, rp->status);
832}
833
23bb5763
JH		 834static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
835{
836 __u8 status = *((__u8 *) skb->data);
837
9f1db00c 838 BT_DBG("%s status 0x%2.2x", hdev->name, status);
23bb5763
JH		 839
840 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
a9de9248
MH		 841}
842
928abaa7 843static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
807deac2 844 struct sk_buff *skb)
928abaa7
AE		 845{
846 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
847
9f1db00c 848 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
928abaa7
AE		 849
850 if (rp->status)
8e2a0d92 851 goto a2mp_rsp;
928abaa7
AE		 852
853 hdev->amp_status = rp->amp_status;
854 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
855 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
856 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
857 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
858 hdev->amp_type = rp->amp_type;
859 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
860 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
861 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
862 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
863
864 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
8e2a0d92
AE		 865
866a2mp_rsp:
867 a2mp_send_getinfo_rsp(hdev);
928abaa7
AE		 868}
869
903e4541
AE		 870static void hci_cc_read_local_amp_assoc(struct hci_dev *hdev,
871 struct sk_buff *skb)
872{
873 struct hci_rp_read_local_amp_assoc *rp = (void *) skb->data;
874 struct amp_assoc *assoc = &hdev->loc_assoc;
875 size_t rem_len, frag_len;
876
877 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
878
879 if (rp->status)
880 goto a2mp_rsp;
881
882 frag_len = skb->len - sizeof(*rp);
883 rem_len = __le16_to_cpu(rp->rem_len);
884
885 if (rem_len > frag_len) {
886 BT_DBG("frag_len %d rem_len %d", frag_len, rem_len);
887
888 memcpy(assoc->data + assoc->offset, rp->frag, frag_len);
889 assoc->offset += frag_len;
890
891 /* Read other fragments */
892 amp_read_loc_assoc_frag(hdev, rp->phy_handle);
893
894 return;
895 }
896
897 memcpy(assoc->data + assoc->offset, rp->frag, rem_len);
898 assoc->len = assoc->offset + rem_len;
899 assoc->offset = 0;
900
901a2mp_rsp:
902 /* Send A2MP Rsp when all fragments are received */
903 a2mp_send_getampassoc_rsp(hdev, rp->status);
9495b2ee 904 a2mp_send_create_phy_link_req(hdev, rp->status);
903e4541
AE		 905}
906
b0916ea0 907static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
807deac2 908 struct sk_buff *skb)
b0916ea0
JH		 909{
910 __u8 status = *((__u8 *) skb->data);
911
9f1db00c 912 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b0916ea0
JH		 913
914 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
915}
916
d5859e22
JH		 917static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
918{
919 __u8 status = *((__u8 *) skb->data);
920
9f1db00c 921 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 922
923 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
924}
925
926static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
807deac2 927 struct sk_buff *skb)
d5859e22
JH		 928{
929 __u8 status = *((__u8 *) skb->data);
930
9f1db00c 931 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 932
933 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
934}
935
936static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
807deac2 937 struct sk_buff *skb)
d5859e22 938{
91c4e9b1 939 struct hci_rp_read_inq_rsp_tx_power *rp = (void *) skb->data;
d5859e22 940
9f1db00c 941 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
91c4e9b1
MH		 942
943 if (!rp->status)
944 hdev->inq_tx_power = rp->tx_power;
d5859e22 945
91c4e9b1 946 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, rp->status);
d5859e22
JH		 947}
948
949static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
950{
951 __u8 status = *((__u8 *) skb->data);
952
9f1db00c 953 BT_DBG("%s status 0x%2.2x", hdev->name, status);
d5859e22
JH		 954
955 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
956}
957
980e1a53
JH		 958static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
959{
960 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
961 struct hci_cp_pin_code_reply *cp;
962 struct hci_conn *conn;
963
9f1db00c 964 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 965
56e5cb86
JH		 966 hci_dev_lock(hdev);
967
a8b2d5c2 968 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 969 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
980e1a53 970
fa1bd918 971 if (rp->status)
56e5cb86 972 goto unlock;
980e1a53
JH		 973
974 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
975 if (!cp)
56e5cb86 976 goto unlock;
980e1a53
JH		 977
978 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
979 if (conn)
980 conn->pin_length = cp->pin_len;
56e5cb86
JH		 981
982unlock:
983 hci_dev_unlock(hdev);
980e1a53
JH		 984}
985
986static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
987{
988 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
989
9f1db00c 990 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
980e1a53 991
56e5cb86
JH		 992 hci_dev_lock(hdev);
993
a8b2d5c2 994 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 995 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
807deac2 996 rp->status);
56e5cb86
JH		 997
998 hci_dev_unlock(hdev);
980e1a53 999}
56e5cb86 1000
6ed58ec5
VT		 1001static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
1002 struct sk_buff *skb)
1003{
1004 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
1005
9f1db00c 1006 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
6ed58ec5
VT		 1007
1008 if (rp->status)
1009 return;
1010
1011 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
1012 hdev->le_pkts = rp->le_max_pkt;
1013
1014 hdev->le_cnt = hdev->le_pkts;
1015
1016 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
1017
1018 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
1019}
980e1a53 1020
a5c29683
JH		 1021static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
1022{
1023 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1024
9f1db00c 1025 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1026
56e5cb86
JH		 1027 hci_dev_lock(hdev);
1028
a8b2d5c2 1029 if (test_bit(HCI_MGMT, &hdev->dev_flags))
04124681
GP		 1030 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr, ACL_LINK, 0,
1031 rp->status);
56e5cb86
JH		 1032
1033 hci_dev_unlock(hdev);
a5c29683
JH		 1034}
1035
1036static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
807deac2 1037 struct sk_buff *skb)
a5c29683
JH		 1038{
1039 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1040
9f1db00c 1041 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a5c29683 1042
56e5cb86
JH		 1043 hci_dev_lock(hdev);
1044
a8b2d5c2 1045 if (test_bit(HCI_MGMT, &hdev->dev_flags))
744cf19e 1046 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1047 ACL_LINK, 0, rp->status);
56e5cb86
JH		 1048
1049 hci_dev_unlock(hdev);
a5c29683
JH		 1050}
1051
1143d458
BG		 1052static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
1053{
1054 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1055
9f1db00c 1056 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1057
1058 hci_dev_lock(hdev);
1059
a8b2d5c2 1060 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 1061 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr, ACL_LINK,
04124681 1062 0, rp->status);
1143d458
BG		 1063
1064 hci_dev_unlock(hdev);
1065}
1066
1067static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
807deac2 1068 struct sk_buff *skb)
1143d458
BG		 1069{
1070 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
1071
9f1db00c 1072 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
1143d458
BG		 1073
1074 hci_dev_lock(hdev);
1075
a8b2d5c2 1076 if (test_bit(HCI_MGMT, &hdev->dev_flags))
1143d458 1077 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
04124681 1078 ACL_LINK, 0, rp->status);
1143d458
BG		 1079
1080 hci_dev_unlock(hdev);
1081}
1082
c35938b2 1083static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
807deac2 1084 struct sk_buff *skb)
c35938b2
SJ		 1085{
1086 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
1087
9f1db00c 1088 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
c35938b2 1089
56e5cb86 1090 hci_dev_lock(hdev);
744cf19e 1091 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
c35938b2 1092 rp->randomizer, rp->status);
56e5cb86 1093 hci_dev_unlock(hdev);
c35938b2
SJ		 1094}
1095
07f7fa5d
AG		 1096static void hci_cc_le_set_scan_param(struct hci_dev *hdev, struct sk_buff *skb)
1097{
1098 __u8 status = *((__u8 *) skb->data);
1099
9f1db00c 1100 BT_DBG("%s status 0x%2.2x", hdev->name, status);
7ba8b4be
AG		 1101
1102 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_PARAM, status);
3fd24153
AG		 1103
1104 if (status) {
1105 hci_dev_lock(hdev);
1106 mgmt_start_discovery_failed(hdev, status);
1107 hci_dev_unlock(hdev);
1108 return;
1109 }
07f7fa5d
AG		 1110}
1111
eb9d91f5 1112static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
807deac2 1113 struct sk_buff *skb)
eb9d91f5
AG		 1114{
1115 struct hci_cp_le_set_scan_enable *cp;
1116 __u8 status = *((__u8 *) skb->data);
1117
9f1db00c 1118 BT_DBG("%s status 0x%2.2x", hdev->name, status);
eb9d91f5 1119
eb9d91f5
AG		 1120 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1121 if (!cp)
1122 return;
1123
68a8aea4
AE		 1124 switch (cp->enable) {
1125 case LE_SCANNING_ENABLED:
7ba8b4be
AG		 1126 hci_req_complete(hdev, HCI_OP_LE_SET_SCAN_ENABLE, status);
1127
3fd24153
AG		 1128 if (status) {
1129 hci_dev_lock(hdev);
1130 mgmt_start_discovery_failed(hdev, status);
1131 hci_dev_unlock(hdev);
7ba8b4be 1132 return;
3fd24153 1133 }
7ba8b4be 1134
d23264a8
AG		 1135 set_bit(HCI_LE_SCAN, &hdev->dev_flags);
1136
a8f13c8c 1137 hci_dev_lock(hdev);
343f935b 1138 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
a8f13c8c 1139 hci_dev_unlock(hdev);
68a8aea4
AE		 1140 break;
1141
1142 case LE_SCANNING_DISABLED:
c9ecc48e
AG		 1143 if (status) {
1144 hci_dev_lock(hdev);
1145 mgmt_stop_discovery_failed(hdev, status);
1146 hci_dev_unlock(hdev);
7ba8b4be 1147 return;
c9ecc48e 1148 }
7ba8b4be 1149
d23264a8
AG		 1150 clear_bit(HCI_LE_SCAN, &hdev->dev_flags);
1151
bc3dd33c
AG		 1152 if (hdev->discovery.type == DISCOV_TYPE_INTERLEAVED &&
1153 hdev->discovery.state == DISCOVERY_FINDING) {
5e0452c0
AG		 1154 mgmt_interleaved_discovery(hdev);
1155 } else {
1156 hci_dev_lock(hdev);
1157 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1158 hci_dev_unlock(hdev);
1159 }
1160
68a8aea4
AE		 1161 break;
1162
1163 default:
1164 BT_ERR("Used reserved LE_Scan_Enable param %d", cp->enable);
1165 break;
35815085 1166 }
eb9d91f5
AG		 1167}
1168
a7a595f6
VCG		 1169static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1170{
1171 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1172
9f1db00c 1173 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1174
1175 if (rp->status)
1176 return;
1177
1178 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1179}
1180
1181static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1182{
1183 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1184
9f1db00c 1185 BT_DBG("%s status 0x%2.2x", hdev->name, rp->status);
a7a595f6
VCG		 1186
1187 if (rp->status)
1188 return;
1189
1190 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1191}
1192
6039aa73
GP		 1193static void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1194 struct sk_buff *skb)
f9b49306 1195{
06199cf8 1196 struct hci_cp_write_le_host_supported *sent;
f9b49306
AG		 1197 __u8 status = *((__u8 *) skb->data);
1198
9f1db00c 1199 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f9b49306 1200
06199cf8 1201 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED);
8f984dfa 1202 if (!sent)
f9b49306
AG		 1203 return;
1204
8f984dfa
JH		 1205 if (!status) {
1206 if (sent->le)
1207 hdev->host_features[0] |= LMP_HOST_LE;
1208 else
1209 hdev->host_features[0] &= ~LMP_HOST_LE;
1210 }
1211
1212 if (test_bit(HCI_MGMT, &hdev->dev_flags) &&
807deac2 1213 !test_bit(HCI_INIT, &hdev->flags))
8f984dfa
JH		 1214 mgmt_le_enable_complete(hdev, sent->le, status);
1215
1216 hci_req_complete(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, status);
f9b49306
AG		 1217}
1218
93c284ee
AE		 1219static void hci_cc_write_remote_amp_assoc(struct hci_dev *hdev,
1220 struct sk_buff *skb)
1221{
1222 struct hci_rp_write_remote_amp_assoc *rp = (void *) skb->data;
1223
1224 BT_DBG("%s status 0x%2.2x phy_handle 0x%2.2x",
1225 hdev->name, rp->status, rp->phy_handle);
1226
1227 if (rp->status)
1228 return;
1229
1230 amp_write_rem_assoc_continue(hdev, rp->phy_handle);
1231}
1232
6039aa73 1233static void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
a9de9248 1234{
9f1db00c 1235 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1236
1237 if (status) {
23bb5763 1238 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
a9de9248 1239 hci_conn_check_pending(hdev);
56e5cb86 1240 hci_dev_lock(hdev);
a8b2d5c2 1241 if (test_bit(HCI_MGMT, &hdev->dev_flags))
7a135109 1242 mgmt_start_discovery_failed(hdev, status);
56e5cb86 1243 hci_dev_unlock(hdev);
314b2381
JH		 1244 return;
1245 }
1246
89352e7d
AG		 1247 set_bit(HCI_INQUIRY, &hdev->flags);
1248
56e5cb86 1249 hci_dev_lock(hdev);
343f935b 1250 hci_discovery_set_state(hdev, DISCOVERY_FINDING);
56e5cb86 1251 hci_dev_unlock(hdev);
1da177e4
LT		 1252}
1253
6039aa73 1254static void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1da177e4 1255{
a9de9248 1256 struct hci_cp_create_conn *cp;
1da177e4 1257 struct hci_conn *conn;
1da177e4 1258
9f1db00c 1259 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a9de9248
MH		 1260
1261 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1da177e4
LT		 1262 if (!cp)
1263 return;
1264
1265 hci_dev_lock(hdev);
1266
1267 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1268
9f1db00c 1269 BT_DBG("%s bdaddr %s hcon %p", hdev->name, batostr(&cp->bdaddr), conn);
1da177e4
LT		 1270
1271 if (status) {
1272 if (conn && conn->state == BT_CONNECT) {
4c67bc74
MH		 1273 if (status != 0x0c || conn->attempt > 2) {
1274 conn->state = BT_CLOSED;
1275 hci_proto_connect_cfm(conn, status);
1276 hci_conn_del(conn);
1277 } else
1278 conn->state = BT_CONNECT2;
1da177e4
LT		 1279 }
1280 } else {
1281 if (!conn) {
1282 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1283 if (conn) {
a0c808b3 1284 conn->out = true;
1da177e4
LT		 1285 conn->link_mode |= HCI_LM_MASTER;
1286 } else
893ef971 1287 BT_ERR("No memory for new connection");
1da177e4
LT		 1288 }
1289 }
1290
1291 hci_dev_unlock(hdev);
1292}
1293
a9de9248 1294static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1da177e4 1295{
a9de9248
MH		 1296 struct hci_cp_add_sco *cp;
1297 struct hci_conn *acl, *sco;
1298 __u16 handle;
1da177e4 1299
9f1db00c 1300 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82 1301
a9de9248
MH		 1302 if (!status)
1303 return;
1da177e4 1304
a9de9248
MH		 1305 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1306 if (!cp)
1307 return;
1da177e4 1308
a9de9248 1309 handle = __le16_to_cpu(cp->handle);
1da177e4 1310
9f1db00c 1311 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
1da177e4 1312
a9de9248 1313 hci_dev_lock(hdev);
1da177e4 1314
a9de9248 1315 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1316 if (acl) {
1317 sco = acl->link;
1318 if (sco) {
1319 sco->state = BT_CLOSED;
1da177e4 1320
5a08ecce
AE		 1321 hci_proto_connect_cfm(sco, status);
1322 hci_conn_del(sco);
1323 }
a9de9248 1324 }
1da177e4 1325
a9de9248
MH		 1326 hci_dev_unlock(hdev);
1327}
1da177e4 1328
f8558555
MH		 1329static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1330{
1331 struct hci_cp_auth_requested *cp;
1332 struct hci_conn *conn;
1333
9f1db00c 1334 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1335
1336 if (!status)
1337 return;
1338
1339 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1340 if (!cp)
1341 return;
1342
1343 hci_dev_lock(hdev);
1344
1345 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1346 if (conn) {
1347 if (conn->state == BT_CONFIG) {
1348 hci_proto_connect_cfm(conn, status);
1349 hci_conn_put(conn);
1350 }
1351 }
1352
1353 hci_dev_unlock(hdev);
1354}
1355
1356static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1357{
1358 struct hci_cp_set_conn_encrypt *cp;
1359 struct hci_conn *conn;
1360
9f1db00c 1361 BT_DBG("%s status 0x%2.2x", hdev->name, status);
f8558555
MH		 1362
1363 if (!status)
1364 return;
1365
1366 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1367 if (!cp)
1368 return;
1369
1370 hci_dev_lock(hdev);
1371
1372 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1373 if (conn) {
1374 if (conn->state == BT_CONFIG) {
1375 hci_proto_connect_cfm(conn, status);
1376 hci_conn_put(conn);
1377 }
1378 }
1379
1380 hci_dev_unlock(hdev);
1381}
1382
127178d2 1383static int hci_outgoing_auth_needed(struct hci_dev *hdev,
807deac2 1384 struct hci_conn *conn)
392599b9 1385{
392599b9
JH		 1386 if (conn->state != BT_CONFIG || !conn->out)
1387 return 0;
1388
765c2a96 1389 if (conn->pending_sec_level == BT_SECURITY_SDP)
392599b9
JH		 1390 return 0;
1391
1392 /* Only request authentication for SSP connections or non-SSP
e9bf2bf0 1393 * devices with sec_level HIGH or if MITM protection is requested */
807deac2
GP		 1394 if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
1395 conn->pending_sec_level != BT_SECURITY_HIGH)
392599b9
JH		 1396 return 0;
1397
392599b9
JH		 1398 return 1;
1399}
1400
6039aa73 1401static int hci_resolve_name(struct hci_dev *hdev,
04124681 1402 struct inquiry_entry *e)
30dc78e1
JH		 1403{
1404 struct hci_cp_remote_name_req cp;
1405
1406 memset(&cp, 0, sizeof(cp));
1407
1408 bacpy(&cp.bdaddr, &e->data.bdaddr);
1409 cp.pscan_rep_mode = e->data.pscan_rep_mode;
1410 cp.pscan_mode = e->data.pscan_mode;
1411 cp.clock_offset = e->data.clock_offset;
1412
1413 return hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1414}
1415
b644ba33 1416static bool hci_resolve_next_name(struct hci_dev *hdev)
30dc78e1
JH		 1417{
1418 struct discovery_state *discov = &hdev->discovery;
1419 struct inquiry_entry *e;
1420
b644ba33
JH		 1421 if (list_empty(&discov->resolve))
1422 return false;
1423
1424 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
c810089c
RM		 1425 if (!e)
1426 return false;
1427
b644ba33
JH		 1428 if (hci_resolve_name(hdev, e) == 0) {
1429 e->name_state = NAME_PENDING;
1430 return true;
1431 }
1432
1433 return false;
1434}
1435
1436static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
04124681 1437 bdaddr_t *bdaddr, u8 *name, u8 name_len)
b644ba33
JH		 1438{
1439 struct discovery_state *discov = &hdev->discovery;
1440 struct inquiry_entry *e;
1441
1442 if (conn && !test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
04124681
GP		 1443 mgmt_device_connected(hdev, bdaddr, ACL_LINK, 0x00, 0, name,
1444 name_len, conn->dev_class);
b644ba33
JH		 1445
1446 if (discov->state == DISCOVERY_STOPPED)
1447 return;
1448
30dc78e1
JH		 1449 if (discov->state == DISCOVERY_STOPPING)
1450 goto discov_complete;
1451
1452 if (discov->state != DISCOVERY_RESOLVING)
1453 return;
1454
1455 e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
7cc8380e
RM		 1456 /* If the device was not found in a list of found devices names of which
1457 * are pending. there is no need to continue resolving a next name as it
1458 * will be done upon receiving another Remote Name Request Complete
1459 * Event */
1460 if (!e)
1461 return;
1462
1463 list_del(&e->list);
1464 if (name) {
30dc78e1 1465 e->name_state = NAME_KNOWN;
7cc8380e
RM		 1466 mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
1467 e->data.rssi, name, name_len);
c3e7c0d9
RM		 1468 } else {
1469 e->name_state = NAME_NOT_KNOWN;
30dc78e1
JH		 1470 }
1471
b644ba33 1472 if (hci_resolve_next_name(hdev))
30dc78e1 1473 return;
30dc78e1
JH		 1474
1475discov_complete:
1476 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1477}
1478
a9de9248
MH		 1479static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1480{
127178d2
JH		 1481 struct hci_cp_remote_name_req *cp;
1482 struct hci_conn *conn;
1483
9f1db00c 1484 BT_DBG("%s status 0x%2.2x", hdev->name, status);
127178d2
JH		 1485
1486 /* If successful wait for the name req complete event before
1487 * checking for the need to do authentication */
1488 if (!status)
1489 return;
1490
1491 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1492 if (!cp)
1493 return;
1494
1495 hci_dev_lock(hdev);
1496
b644ba33
JH		 1497 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1498
a8b2d5c2 1499 if (test_bit(HCI_MGMT, &hdev->dev_flags))
b644ba33 1500 hci_check_pending_name(hdev, conn, &cp->bdaddr, NULL, 0);
30dc78e1 1501
79c6c70c
JH		 1502 if (!conn)
1503 goto unlock;
1504
1505 if (!hci_outgoing_auth_needed(hdev, conn))
1506 goto unlock;
1507
51a8efd7 1508 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 1509 struct hci_cp_auth_requested cp;
1510 cp.handle = __cpu_to_le16(conn->handle);
1511 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1512 }
1513
79c6c70c 1514unlock:
127178d2 1515 hci_dev_unlock(hdev);
a9de9248 1516}
1da177e4 1517
769be974
MH		 1518static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1519{
1520 struct hci_cp_read_remote_features *cp;
1521 struct hci_conn *conn;
1522
9f1db00c 1523 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1524
1525 if (!status)
1526 return;
1527
1528 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1529 if (!cp)
1530 return;
1531
1532 hci_dev_lock(hdev);
1533
1534 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1535 if (conn) {
1536 if (conn->state == BT_CONFIG) {
769be974
MH		 1537 hci_proto_connect_cfm(conn, status);
1538 hci_conn_put(conn);
1539 }
1540 }
1541
1542 hci_dev_unlock(hdev);
1543}
1544
1545static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1546{
1547 struct hci_cp_read_remote_ext_features *cp;
1548 struct hci_conn *conn;
1549
9f1db00c 1550 BT_DBG("%s status 0x%2.2x", hdev->name, status);
769be974
MH		 1551
1552 if (!status)
1553 return;
1554
1555 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1556 if (!cp)
1557 return;
1558
1559 hci_dev_lock(hdev);
1560
1561 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1562 if (conn) {
1563 if (conn->state == BT_CONFIG) {
769be974
MH		 1564 hci_proto_connect_cfm(conn, status);
1565 hci_conn_put(conn);
1566 }
1567 }
1568
1569 hci_dev_unlock(hdev);
1570}
1571
a9de9248
MH		 1572static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1573{
b6a0dc82
MH		 1574 struct hci_cp_setup_sync_conn *cp;
1575 struct hci_conn *acl, *sco;
1576 __u16 handle;
1577
9f1db00c 1578 BT_DBG("%s status 0x%2.2x", hdev->name, status);
b6a0dc82
MH		 1579
1580 if (!status)
1581 return;
1582
1583 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1584 if (!cp)
1585 return;
1586
1587 handle = __le16_to_cpu(cp->handle);
1588
9f1db00c 1589 BT_DBG("%s handle 0x%4.4x", hdev->name, handle);
b6a0dc82
MH		 1590
1591 hci_dev_lock(hdev);
1592
1593 acl = hci_conn_hash_lookup_handle(hdev, handle);
5a08ecce
AE		 1594 if (acl) {
1595 sco = acl->link;
1596 if (sco) {
1597 sco->state = BT_CLOSED;
b6a0dc82 1598
5a08ecce
AE		 1599 hci_proto_connect_cfm(sco, status);
1600 hci_conn_del(sco);
1601 }
b6a0dc82
MH		 1602 }
1603
1604 hci_dev_unlock(hdev);
1da177e4
LT		 1605}
1606
a9de9248 1607static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1da177e4 1608{
a9de9248
MH		 1609 struct hci_cp_sniff_mode *cp;
1610 struct hci_conn *conn;
1da177e4 1611
9f1db00c 1612 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1613
a9de9248
MH		 1614 if (!status)
1615 return;
04837f64 1616
a9de9248
MH		 1617 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1618 if (!cp)
1619 return;
04837f64 1620
a9de9248 1621 hci_dev_lock(hdev);
04837f64 1622
a9de9248 1623 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1624 if (conn) {
51a8efd7 1625 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
04837f64 1626
51a8efd7 1627 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1628 hci_sco_setup(conn, status);
1629 }
1630
a9de9248
MH		 1631 hci_dev_unlock(hdev);
1632}
04837f64 1633
a9de9248
MH		 1634static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1635{
1636 struct hci_cp_exit_sniff_mode *cp;
1637 struct hci_conn *conn;
04837f64 1638
9f1db00c 1639 BT_DBG("%s status 0x%2.2x", hdev->name, status);
04837f64 1640
a9de9248
MH		 1641 if (!status)
1642 return;
04837f64 1643
a9de9248
MH		 1644 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1645 if (!cp)
1646 return;
04837f64 1647
a9de9248 1648 hci_dev_lock(hdev);
1da177e4 1649
a9de9248 1650 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
e73439d8 1651 if (conn) {
51a8efd7 1652 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags);
1da177e4 1653
51a8efd7 1654 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8
MH		 1655 hci_sco_setup(conn, status);
1656 }
1657
a9de9248 1658 hci_dev_unlock(hdev);
1da177e4
LT		 1659}
1660
88c3df13
JH		 1661static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1662{
1663 struct hci_cp_disconnect *cp;
1664 struct hci_conn *conn;
1665
1666 if (!status)
1667 return;
1668
1669 cp = hci_sent_cmd_data(hdev, HCI_OP_DISCONNECT);
1670 if (!cp)
1671 return;
1672
1673 hci_dev_lock(hdev);
1674
1675 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1676 if (conn)
1677 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
04124681 1678 conn->dst_type, status);
88c3df13
JH		 1679
1680 hci_dev_unlock(hdev);
1681}
1682
fcd89c09
VT		 1683static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1684{
fcd89c09
VT		 1685 struct hci_conn *conn;
1686
9f1db00c 1687 BT_DBG("%s status 0x%2.2x", hdev->name, status);
fcd89c09 1688
f00a06ac
AG		 1689 if (status) {
1690 hci_dev_lock(hdev);
fcd89c09 1691
0c95ab78 1692 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
f00a06ac
AG		 1693 if (!conn) {
1694 hci_dev_unlock(hdev);
1695 return;
1696 }
fcd89c09 1697
0c95ab78 1698 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&conn->dst),
f00a06ac 1699 conn);
fcd89c09 1700
f00a06ac 1701 conn->state = BT_CLOSED;
0c95ab78 1702 mgmt_connect_failed(hdev, &conn->dst, conn->type,
f00a06ac
AG		 1703 conn->dst_type, status);
1704 hci_proto_connect_cfm(conn, status);
1705 hci_conn_del(conn);
fcd89c09 1706
f00a06ac
AG		 1707 hci_dev_unlock(hdev);
1708 }
fcd89c09
VT		 1709}
1710
a7a595f6
VCG		 1711static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1712{
9f1db00c 1713 BT_DBG("%s status 0x%2.2x", hdev->name, status);
a7a595f6
VCG		 1714}
1715
a02226d6
AE		 1716static void hci_cs_create_phylink(struct hci_dev *hdev, u8 status)
1717{
93c284ee
AE		 1718 struct hci_cp_create_phy_link *cp;
1719
a02226d6 1720 BT_DBG("%s status 0x%2.2x", hdev->name, status);
93c284ee
AE		 1721
1722 if (status)
1723 return;
1724
1725 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_PHY_LINK);
1726 if (!cp)
1727 return;
1728
1729 amp_write_remote_assoc(hdev, cp->phy_handle);
a02226d6
AE		 1730}
1731
6039aa73 1732static void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4
LT		 1733{
1734 __u8 status = *((__u8 *) skb->data);
30dc78e1
JH		 1735 struct discovery_state *discov = &hdev->discovery;
1736 struct inquiry_entry *e;
1da177e4 1737
9f1db00c 1738 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1da177e4 1739
23bb5763 1740 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
6bd57416 1741
a9de9248 1742 hci_conn_check_pending(hdev);
89352e7d
AG		 1743
1744 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1745 return;
1746
a8b2d5c2 1747 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
30dc78e1
JH		 1748 return;
1749
56e5cb86 1750 hci_dev_lock(hdev);
30dc78e1 1751
343f935b 1752 if (discov->state != DISCOVERY_FINDING)
30dc78e1
JH		 1753 goto unlock;
1754
1755 if (list_empty(&discov->resolve)) {
1756 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1757 goto unlock;
1758 }
1759
1760 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY, NAME_NEEDED);
1761 if (e && hci_resolve_name(hdev, e) == 0) {
1762 e->name_state = NAME_PENDING;
1763 hci_discovery_set_state(hdev, DISCOVERY_RESOLVING);
1764 } else {
1765 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
1766 }
1767
1768unlock:
56e5cb86 1769 hci_dev_unlock(hdev);
1da177e4
LT		 1770}
1771
6039aa73 1772static void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1773{
45bb4bf0 1774 struct inquiry_data data;
a9de9248 1775 struct inquiry_info *info = (void *) (skb->data + 1);
1da177e4
LT		 1776 int num_rsp = *((__u8 *) skb->data);
1777
1778 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1779
45bb4bf0
MH		 1780 if (!num_rsp)
1781 return;
1782
1519cc17
AG		 1783 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
1784 return;
1785
1da177e4 1786 hci_dev_lock(hdev);
45bb4bf0 1787
e17acd40 1788 for (; num_rsp; num_rsp--, info++) {
388fc8fa 1789 bool name_known, ssp;
3175405b 1790
1da177e4
LT		 1791 bacpy(&data.bdaddr, &info->bdaddr);
1792 data.pscan_rep_mode = info->pscan_rep_mode;
1793 data.pscan_period_mode = info->pscan_period_mode;
1794 data.pscan_mode = info->pscan_mode;
1795 memcpy(data.dev_class, info->dev_class, 3);
1796 data.clock_offset = info->clock_offset;
1797 data.rssi = 0x00;
41a96212 1798 data.ssp_mode = 0x00;
3175405b 1799
388fc8fa 1800 name_known = hci_inquiry_cache_update(hdev, &data, false, &ssp);
48264f06 1801 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 1802 info->dev_class, 0, !name_known, ssp, NULL,
1803 0);
1da177e4 1804 }
45bb4bf0 1805
1da177e4
LT		 1806 hci_dev_unlock(hdev);
1807}
1808
6039aa73 1809static void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1810{
a9de9248
MH		 1811 struct hci_ev_conn_complete *ev = (void *) skb->data;
1812 struct hci_conn *conn;
1da177e4
LT		 1813
1814 BT_DBG("%s", hdev->name);
1815
1816 hci_dev_lock(hdev);
1817
1818 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9499237a
MH		 1819 if (!conn) {
1820 if (ev->link_type != SCO_LINK)
1821 goto unlock;
1822
1823 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1824 if (!conn)
1825 goto unlock;
1826
1827 conn->type = SCO_LINK;
1828 }
1da177e4
LT		 1829
1830 if (!ev->status) {
1831 conn->handle = __le16_to_cpu(ev->handle);
769be974
MH		 1832
1833 if (conn->type == ACL_LINK) {
1834 conn->state = BT_CONFIG;
1835 hci_conn_hold(conn);
a9ea3ed9
SJ		 1836
1837 if (!conn->out && !hci_conn_ssp_enabled(conn) &&
1838 !hci_find_link_key(hdev, &ev->bdaddr))
1839 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1840 else
1841 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
769be974
MH		 1842 } else
1843 conn->state = BT_CONNECTED;
1da177e4 1844
9eba32b8 1845 hci_conn_hold_device(conn);
7d0db0a3
MH		 1846 hci_conn_add_sysfs(conn);
1847
1da177e4
LT		 1848 if (test_bit(HCI_AUTH, &hdev->flags))
1849 conn->link_mode |= HCI_LM_AUTH;
1850
1851 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1852 conn->link_mode |= HCI_LM_ENCRYPT;
1853
04837f64
MH		 1854 /* Get remote features */
1855 if (conn->type == ACL_LINK) {
1856 struct hci_cp_read_remote_features cp;
1857 cp.handle = ev->handle;
769be974 1858 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
04124681 1859 sizeof(cp), &cp);
04837f64
MH		 1860 }
1861
1da177e4 1862 /* Set packet type for incoming connection */
d095c1eb 1863 if (!conn->out && hdev->hci_ver < BLUETOOTH_VER_2_0) {
1da177e4
LT		 1864 struct hci_cp_change_conn_ptype cp;
1865 cp.handle = ev->handle;
a8746417 1866 cp.pkt_type = cpu_to_le16(conn->pkt_type);
04124681
GP		 1867 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp),
1868 &cp);
1da177e4 1869 }
17d5c04c 1870 } else {
1da177e4 1871 conn->state = BT_CLOSED;
17d5c04c 1872 if (conn->type == ACL_LINK)
744cf19e 1873 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
04124681 1874 conn->dst_type, ev->status);
17d5c04c 1875 }
1da177e4 1876
e73439d8
MH		 1877 if (conn->type == ACL_LINK)
1878 hci_sco_setup(conn, ev->status);
1da177e4 1879
769be974
MH		 1880 if (ev->status) {
1881 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1882 hci_conn_del(conn);
c89b6e6b
MH		 1883 } else if (ev->link_type != ACL_LINK)
1884 hci_proto_connect_cfm(conn, ev->status);
1da177e4 1885
a9de9248 1886unlock:
1da177e4 1887 hci_dev_unlock(hdev);
1da177e4 1888
a9de9248 1889 hci_conn_check_pending(hdev);
1da177e4
LT		 1890}
1891
6039aa73 1892static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 1893{
a9de9248
MH		 1894 struct hci_ev_conn_request *ev = (void *) skb->data;
1895 int mask = hdev->link_mode;
1da177e4 1896
807deac2
GP		 1897 BT_DBG("%s bdaddr %s type 0x%x", hdev->name, batostr(&ev->bdaddr),
1898 ev->link_type);
1da177e4 1899
a9de9248 1900 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1da177e4 1901
138d22ef 1902 if ((mask & HCI_LM_ACCEPT) &&
807deac2 1903 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
a9de9248 1904 /* Connection accepted */
c7bdd502 1905 struct inquiry_entry *ie;
1da177e4 1906 struct hci_conn *conn;
1da177e4 1907
a9de9248 1908 hci_dev_lock(hdev);
b6a0dc82 1909
cc11b9c1
AE		 1910 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1911 if (ie)
c7bdd502
MH		 1912 memcpy(ie->data.dev_class, ev->dev_class, 3);
1913
8fc9ced3
GP		 1914 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type,
1915 &ev->bdaddr);
a9de9248 1916 if (!conn) {
cc11b9c1
AE		 1917 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1918 if (!conn) {
893ef971 1919 BT_ERR("No memory for new connection");
a9de9248
MH		 1920 hci_dev_unlock(hdev);
1921 return;
1da177e4
LT		 1922 }
1923 }
b6a0dc82 1924
a9de9248
MH		 1925 memcpy(conn->dev_class, ev->dev_class, 3);
1926 conn->state = BT_CONNECT;
b6a0dc82 1927
a9de9248 1928 hci_dev_unlock(hdev);
1da177e4 1929
b6a0dc82
MH		 1930 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1931 struct hci_cp_accept_conn_req cp;
1da177e4 1932
b6a0dc82
MH		 1933 bacpy(&cp.bdaddr, &ev->bdaddr);
1934
1935 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1936 cp.role = 0x00; /* Become master */
1937 else
1938 cp.role = 0x01; /* Remain slave */
1939
04124681
GP		 1940 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp),
1941 &cp);
b6a0dc82
MH		 1942 } else {
1943 struct hci_cp_accept_sync_conn_req cp;
1944
1945 bacpy(&cp.bdaddr, &ev->bdaddr);
a8746417 1946 cp.pkt_type = cpu_to_le16(conn->pkt_type);
b6a0dc82 1947
82781e63
AE		 1948 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1949 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
1950 cp.max_latency = __constant_cpu_to_le16(0xffff);
b6a0dc82
MH		 1951 cp.content_format = cpu_to_le16(hdev->voice_setting);
1952 cp.retrans_effort = 0xff;
1da177e4 1953
b6a0dc82 1954 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
04124681 1955 sizeof(cp), &cp);
b6a0dc82 1956 }
a9de9248
MH		 1957 } else {
1958 /* Connection rejected */
1959 struct hci_cp_reject_conn_req cp;
1da177e4 1960
a9de9248 1961 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 1962 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
a9de9248 1963 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1da177e4 1964 }
1da177e4
LT		 1965}
1966
f0d6a0ea
MA		 1967static u8 hci_to_mgmt_reason(u8 err)
1968{
1969 switch (err) {
1970 case HCI_ERROR_CONNECTION_TIMEOUT:
1971 return MGMT_DEV_DISCONN_TIMEOUT;
1972 case HCI_ERROR_REMOTE_USER_TERM:
1973 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1974 case HCI_ERROR_REMOTE_POWER_OFF:
1975 return MGMT_DEV_DISCONN_REMOTE;
1976 case HCI_ERROR_LOCAL_HOST_TERM:
1977 return MGMT_DEV_DISCONN_LOCAL_HOST;
1978 default:
1979 return MGMT_DEV_DISCONN_UNKNOWN;
1980 }
1981}
1982
6039aa73 1983static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 1984{
a9de9248 1985 struct hci_ev_disconn_complete *ev = (void *) skb->data;
04837f64
MH		 1986 struct hci_conn *conn;
1987
9f1db00c 1988 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 1989
1990 hci_dev_lock(hdev);
1991
1992 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
f7520543
JH		 1993 if (!conn)
1994 goto unlock;
7d0db0a3 1995
37d9ef76
JH		 1996 if (ev->status == 0)
1997 conn->state = BT_CLOSED;
04837f64 1998
b644ba33 1999 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
807deac2 2000 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
f0d6a0ea 2001 if (ev->status) {
88c3df13 2002 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
807deac2 2003 conn->dst_type, ev->status);
f0d6a0ea
MA		 2004 } else {
2005 u8 reason = hci_to_mgmt_reason(ev->reason);
2006
afc747a6 2007 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
f0d6a0ea
MA		 2008 conn->dst_type, reason);
2009 }
37d9ef76 2010 }
f7520543 2011
37d9ef76 2012 if (ev->status == 0) {
6ec5bcad
VA		 2013 if (conn->type == ACL_LINK && conn->flush_key)
2014 hci_remove_link_key(hdev, &conn->dst);
37d9ef76
JH		 2015 hci_proto_disconn_cfm(conn, ev->reason);
2016 hci_conn_del(conn);
2017 }
f7520543
JH		 2018
2019unlock:
04837f64
MH		 2020 hci_dev_unlock(hdev);
2021}
2022
6039aa73 2023static void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2024{
a9de9248 2025 struct hci_ev_auth_complete *ev = (void *) skb->data;
04837f64 2026 struct hci_conn *conn;
1da177e4 2027
9f1db00c 2028 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2029
2030 hci_dev_lock(hdev);
2031
04837f64 2032 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
d7556e20
WR		 2033 if (!conn)
2034 goto unlock;
2035
2036 if (!ev->status) {
aa64a8b5 2037 if (!hci_conn_ssp_enabled(conn) &&
807deac2 2038 test_bit(HCI_CONN_REAUTH_PEND, &conn->flags)) {
d7556e20 2039 BT_INFO("re-auth of legacy device is not possible.");
2a611692 2040 } else {
d7556e20
WR		 2041 conn->link_mode |= HCI_LM_AUTH;
2042 conn->sec_level = conn->pending_sec_level;
2a611692 2043 }
d7556e20 2044 } else {
bab73cb6 2045 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 2046 ev->status);
d7556e20 2047 }
1da177e4 2048
51a8efd7
JH		 2049 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
2050 clear_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 2051
d7556e20 2052 if (conn->state == BT_CONFIG) {
aa64a8b5 2053 if (!ev->status && hci_conn_ssp_enabled(conn)) {
d7556e20
WR		 2054 struct hci_cp_set_conn_encrypt cp;
2055 cp.handle = ev->handle;
2056 cp.encrypt = 0x01;
2057 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2058 &cp);
052b30b0 2059 } else {
d7556e20
WR		 2060 conn->state = BT_CONNECTED;
2061 hci_proto_connect_cfm(conn, ev->status);
052b30b0
MH		 2062 hci_conn_put(conn);
2063 }
d7556e20
WR		 2064 } else {
2065 hci_auth_cfm(conn, ev->status);
052b30b0 2066
d7556e20
WR		 2067 hci_conn_hold(conn);
2068 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2069 hci_conn_put(conn);
2070 }
2071
51a8efd7 2072 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
d7556e20
WR		 2073 if (!ev->status) {
2074 struct hci_cp_set_conn_encrypt cp;
2075 cp.handle = ev->handle;
2076 cp.encrypt = 0x01;
2077 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
807deac2 2078 &cp);
d7556e20 2079 } else {
51a8efd7 2080 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
d7556e20 2081 hci_encrypt_cfm(conn, ev->status, 0x00);
1da177e4
LT		 2082 }
2083 }
2084
d7556e20 2085unlock:
1da177e4
LT		 2086 hci_dev_unlock(hdev);
2087}
2088
6039aa73 2089static void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2090{
127178d2
JH		 2091 struct hci_ev_remote_name *ev = (void *) skb->data;
2092 struct hci_conn *conn;
2093
a9de9248 2094 BT_DBG("%s", hdev->name);
1da177e4 2095
a9de9248 2096 hci_conn_check_pending(hdev);
127178d2
JH		 2097
2098 hci_dev_lock(hdev);
2099
b644ba33 2100 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
30dc78e1 2101
b644ba33
JH		 2102 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2103 goto check_auth;
a88a9652 2104
b644ba33
JH		 2105 if (ev->status == 0)
2106 hci_check_pending_name(hdev, conn, &ev->bdaddr, ev->name,
04124681 2107 strnlen(ev->name, HCI_MAX_NAME_LENGTH));
b644ba33
JH		 2108 else
2109 hci_check_pending_name(hdev, conn, &ev->bdaddr, NULL, 0);
2110
2111check_auth:
79c6c70c
JH		 2112 if (!conn)
2113 goto unlock;
2114
2115 if (!hci_outgoing_auth_needed(hdev, conn))
2116 goto unlock;
2117
51a8efd7 2118 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
127178d2
JH		 2119 struct hci_cp_auth_requested cp;
2120 cp.handle = __cpu_to_le16(conn->handle);
2121 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
2122 }
2123
79c6c70c 2124unlock:
127178d2 2125 hci_dev_unlock(hdev);
a9de9248
MH		 2126}
2127
6039aa73 2128static void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2129{
2130 struct hci_ev_encrypt_change *ev = (void *) skb->data;
2131 struct hci_conn *conn;
2132
9f1db00c 2133 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2134
2135 hci_dev_lock(hdev);
2136
04837f64 2137 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2138 if (conn) {
2139 if (!ev->status) {
ae293196
MH		 2140 if (ev->encrypt) {
2141 /* Encryption implies authentication */
2142 conn->link_mode |= HCI_LM_AUTH;
1da177e4 2143 conn->link_mode |= HCI_LM_ENCRYPT;
da85e5e5 2144 conn->sec_level = conn->pending_sec_level;
ae293196 2145 } else
1da177e4
LT		 2146 conn->link_mode &= ~HCI_LM_ENCRYPT;
2147 }
2148
51a8efd7 2149 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
1da177e4 2150
a7d7723a 2151 if (ev->status && conn->state == BT_CONNECTED) {
d839c813 2152 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
a7d7723a
GP		 2153 hci_conn_put(conn);
2154 goto unlock;
2155 }
2156
f8558555
MH		 2157 if (conn->state == BT_CONFIG) {
2158 if (!ev->status)
2159 conn->state = BT_CONNECTED;
2160
2161 hci_proto_connect_cfm(conn, ev->status);
2162 hci_conn_put(conn);
2163 } else
2164 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1da177e4
LT		 2165 }
2166
a7d7723a 2167unlock:
1da177e4
LT		 2168 hci_dev_unlock(hdev);
2169}
2170
6039aa73
GP		 2171static void hci_change_link_key_complete_evt(struct hci_dev *hdev,
2172 struct sk_buff *skb)
1da177e4 2173{
a9de9248 2174 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
04837f64 2175 struct hci_conn *conn;
1da177e4 2176
9f1db00c 2177 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2178
2179 hci_dev_lock(hdev);
2180
04837f64 2181 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2182 if (conn) {
2183 if (!ev->status)
2184 conn->link_mode |= HCI_LM_SECURE;
2185
51a8efd7 2186 clear_bit(HCI_CONN_AUTH_PEND, &conn->flags);
1da177e4
LT		 2187
2188 hci_key_change_cfm(conn, ev->status);
2189 }
2190
2191 hci_dev_unlock(hdev);
2192}
2193
6039aa73
GP		 2194static void hci_remote_features_evt(struct hci_dev *hdev,
2195 struct sk_buff *skb)
1da177e4 2196{
a9de9248
MH		 2197 struct hci_ev_remote_features *ev = (void *) skb->data;
2198 struct hci_conn *conn;
2199
9f1db00c 2200 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248 2201
a9de9248
MH		 2202 hci_dev_lock(hdev);
2203
2204 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2205 if (!conn)
2206 goto unlock;
769be974 2207
ccd556fe
JH		 2208 if (!ev->status)
2209 memcpy(conn->features, ev->features, 8);
2210
2211 if (conn->state != BT_CONFIG)
2212 goto unlock;
2213
2214 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
2215 struct hci_cp_read_remote_ext_features cp;
2216 cp.handle = ev->handle;
2217 cp.page = 0x01;
2218 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
807deac2 2219 sizeof(cp), &cp);
392599b9
JH		 2220 goto unlock;
2221 }
2222
671267bf 2223 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 2224 struct hci_cp_remote_name_req cp;
2225 memset(&cp, 0, sizeof(cp));
2226 bacpy(&cp.bdaddr, &conn->dst);
2227 cp.pscan_rep_mode = 0x02;
2228 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 2229 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
2230 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 2231 conn->dst_type, 0, NULL, 0,
2232 conn->dev_class);
392599b9 2233
127178d2 2234 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 2235 conn->state = BT_CONNECTED;
2236 hci_proto_connect_cfm(conn, ev->status);
2237 hci_conn_put(conn);
769be974 2238 }
a9de9248 2239
ccd556fe 2240unlock:
a9de9248 2241 hci_dev_unlock(hdev);
1da177e4
LT		 2242}
2243
6039aa73 2244static void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2245{
a9de9248 2246 BT_DBG("%s", hdev->name);
1da177e4
LT		 2247}
2248
6039aa73
GP		 2249static void hci_qos_setup_complete_evt(struct hci_dev *hdev,
2250 struct sk_buff *skb)
1da177e4 2251{
a9de9248 2252 BT_DBG("%s", hdev->name);
1da177e4
LT		 2253}
2254
6039aa73 2255static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2256{
2257 struct hci_ev_cmd_complete *ev = (void *) skb->data;
2258 __u16 opcode;
2259
2260 skb_pull(skb, sizeof(*ev));
2261
2262 opcode = __le16_to_cpu(ev->opcode);
2263
2264 switch (opcode) {
2265 case HCI_OP_INQUIRY_CANCEL:
2266 hci_cc_inquiry_cancel(hdev, skb);
2267 break;
2268
4d93483b
AG		 2269 case HCI_OP_PERIODIC_INQ:
2270 hci_cc_periodic_inq(hdev, skb);
2271 break;
2272
a9de9248
MH		 2273 case HCI_OP_EXIT_PERIODIC_INQ:
2274 hci_cc_exit_periodic_inq(hdev, skb);
2275 break;
2276
2277 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
2278 hci_cc_remote_name_req_cancel(hdev, skb);
2279 break;
2280
2281 case HCI_OP_ROLE_DISCOVERY:
2282 hci_cc_role_discovery(hdev, skb);
2283 break;
2284
e4e8e37c
MH		 2285 case HCI_OP_READ_LINK_POLICY:
2286 hci_cc_read_link_policy(hdev, skb);
2287 break;
2288
a9de9248
MH		 2289 case HCI_OP_WRITE_LINK_POLICY:
2290 hci_cc_write_link_policy(hdev, skb);
2291 break;
2292
e4e8e37c
MH		 2293 case HCI_OP_READ_DEF_LINK_POLICY:
2294 hci_cc_read_def_link_policy(hdev, skb);
2295 break;
2296
2297 case HCI_OP_WRITE_DEF_LINK_POLICY:
2298 hci_cc_write_def_link_policy(hdev, skb);
2299 break;
2300
a9de9248
MH		 2301 case HCI_OP_RESET:
2302 hci_cc_reset(hdev, skb);
2303 break;
2304
2305 case HCI_OP_WRITE_LOCAL_NAME:
2306 hci_cc_write_local_name(hdev, skb);
2307 break;
2308
2309 case HCI_OP_READ_LOCAL_NAME:
2310 hci_cc_read_local_name(hdev, skb);
2311 break;
2312
2313 case HCI_OP_WRITE_AUTH_ENABLE:
2314 hci_cc_write_auth_enable(hdev, skb);
2315 break;
2316
2317 case HCI_OP_WRITE_ENCRYPT_MODE:
2318 hci_cc_write_encrypt_mode(hdev, skb);
2319 break;
2320
2321 case HCI_OP_WRITE_SCAN_ENABLE:
2322 hci_cc_write_scan_enable(hdev, skb);
2323 break;
2324
2325 case HCI_OP_READ_CLASS_OF_DEV:
2326 hci_cc_read_class_of_dev(hdev, skb);
2327 break;
2328
2329 case HCI_OP_WRITE_CLASS_OF_DEV:
2330 hci_cc_write_class_of_dev(hdev, skb);
2331 break;
2332
2333 case HCI_OP_READ_VOICE_SETTING:
2334 hci_cc_read_voice_setting(hdev, skb);
2335 break;
2336
2337 case HCI_OP_WRITE_VOICE_SETTING:
2338 hci_cc_write_voice_setting(hdev, skb);
2339 break;
2340
2341 case HCI_OP_HOST_BUFFER_SIZE:
2342 hci_cc_host_buffer_size(hdev, skb);
2343 break;
2344
333140b5
MH		 2345 case HCI_OP_WRITE_SSP_MODE:
2346 hci_cc_write_ssp_mode(hdev, skb);
2347 break;
2348
a9de9248
MH		 2349 case HCI_OP_READ_LOCAL_VERSION:
2350 hci_cc_read_local_version(hdev, skb);
2351 break;
2352
2353 case HCI_OP_READ_LOCAL_COMMANDS:
2354 hci_cc_read_local_commands(hdev, skb);
2355 break;
2356
2357 case HCI_OP_READ_LOCAL_FEATURES:
2358 hci_cc_read_local_features(hdev, skb);
2359 break;
2360
971e3a4b
AG		 2361 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2362 hci_cc_read_local_ext_features(hdev, skb);
2363 break;
2364
a9de9248
MH		 2365 case HCI_OP_READ_BUFFER_SIZE:
2366 hci_cc_read_buffer_size(hdev, skb);
2367 break;
2368
2369 case HCI_OP_READ_BD_ADDR:
2370 hci_cc_read_bd_addr(hdev, skb);
2371 break;
2372
350ee4cf
AE		 2373 case HCI_OP_READ_DATA_BLOCK_SIZE:
2374 hci_cc_read_data_block_size(hdev, skb);
2375 break;
2376
23bb5763
JH		 2377 case HCI_OP_WRITE_CA_TIMEOUT:
2378 hci_cc_write_ca_timeout(hdev, skb);
2379 break;
2380
1e89cffb
AE		 2381 case HCI_OP_READ_FLOW_CONTROL_MODE:
2382 hci_cc_read_flow_control_mode(hdev, skb);
2383 break;
2384
928abaa7
AE		 2385 case HCI_OP_READ_LOCAL_AMP_INFO:
2386 hci_cc_read_local_amp_info(hdev, skb);
2387 break;
2388
903e4541
AE		 2389 case HCI_OP_READ_LOCAL_AMP_ASSOC:
2390 hci_cc_read_local_amp_assoc(hdev, skb);
2391 break;
2392
b0916ea0
JH		 2393 case HCI_OP_DELETE_STORED_LINK_KEY:
2394 hci_cc_delete_stored_link_key(hdev, skb);
2395 break;
2396
d5859e22
JH		 2397 case HCI_OP_SET_EVENT_MASK:
2398 hci_cc_set_event_mask(hdev, skb);
2399 break;
2400
2401 case HCI_OP_WRITE_INQUIRY_MODE:
2402 hci_cc_write_inquiry_mode(hdev, skb);
2403 break;
2404
2405 case HCI_OP_READ_INQ_RSP_TX_POWER:
2406 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2407 break;
2408
2409 case HCI_OP_SET_EVENT_FLT:
2410 hci_cc_set_event_flt(hdev, skb);
2411 break;
2412
980e1a53
JH		 2413 case HCI_OP_PIN_CODE_REPLY:
2414 hci_cc_pin_code_reply(hdev, skb);
2415 break;
2416
2417 case HCI_OP_PIN_CODE_NEG_REPLY:
2418 hci_cc_pin_code_neg_reply(hdev, skb);
2419 break;
2420
c35938b2
SJ		 2421 case HCI_OP_READ_LOCAL_OOB_DATA:
2422 hci_cc_read_local_oob_data_reply(hdev, skb);
2423 break;
2424
6ed58ec5
VT		 2425 case HCI_OP_LE_READ_BUFFER_SIZE:
2426 hci_cc_le_read_buffer_size(hdev, skb);
2427 break;
2428
a5c29683
JH		 2429 case HCI_OP_USER_CONFIRM_REPLY:
2430 hci_cc_user_confirm_reply(hdev, skb);
2431 break;
2432
2433 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2434 hci_cc_user_confirm_neg_reply(hdev, skb);
2435 break;
2436
1143d458
BG		 2437 case HCI_OP_USER_PASSKEY_REPLY:
2438 hci_cc_user_passkey_reply(hdev, skb);
2439 break;
2440
2441 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2442 hci_cc_user_passkey_neg_reply(hdev, skb);
16cde993 2443 break;
07f7fa5d
AG		 2444
2445 case HCI_OP_LE_SET_SCAN_PARAM:
2446 hci_cc_le_set_scan_param(hdev, skb);
1143d458
BG		 2447 break;
2448
eb9d91f5
AG		 2449 case HCI_OP_LE_SET_SCAN_ENABLE:
2450 hci_cc_le_set_scan_enable(hdev, skb);
2451 break;
2452
a7a595f6
VCG		 2453 case HCI_OP_LE_LTK_REPLY:
2454 hci_cc_le_ltk_reply(hdev, skb);
2455 break;
2456
2457 case HCI_OP_LE_LTK_NEG_REPLY:
2458 hci_cc_le_ltk_neg_reply(hdev, skb);
2459 break;
2460
f9b49306
AG		 2461 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2462 hci_cc_write_le_host_supported(hdev, skb);
2463 break;
2464
93c284ee
AE		 2465 case HCI_OP_WRITE_REMOTE_AMP_ASSOC:
2466 hci_cc_write_remote_amp_assoc(hdev, skb);
2467 break;
2468
a9de9248 2469 default:
9f1db00c 2470 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2471 break;
2472 }
2473
6bd32326
VT		 2474 if (ev->opcode != HCI_OP_NOP)
2475 del_timer(&hdev->cmd_timer);
2476
a9de9248
MH		 2477 if (ev->ncmd) {
2478 atomic_set(&hdev->cmd_cnt, 1);
2479 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2480 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2481 }
2482}
2483
6039aa73 2484static void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2485{
2486 struct hci_ev_cmd_status *ev = (void *) skb->data;
2487 __u16 opcode;
2488
2489 skb_pull(skb, sizeof(*ev));
2490
2491 opcode = __le16_to_cpu(ev->opcode);
2492
2493 switch (opcode) {
2494 case HCI_OP_INQUIRY:
2495 hci_cs_inquiry(hdev, ev->status);
2496 break;
2497
2498 case HCI_OP_CREATE_CONN:
2499 hci_cs_create_conn(hdev, ev->status);
2500 break;
2501
2502 case HCI_OP_ADD_SCO:
2503 hci_cs_add_sco(hdev, ev->status);
2504 break;
2505
f8558555
MH		 2506 case HCI_OP_AUTH_REQUESTED:
2507 hci_cs_auth_requested(hdev, ev->status);
2508 break;
2509
2510 case HCI_OP_SET_CONN_ENCRYPT:
2511 hci_cs_set_conn_encrypt(hdev, ev->status);
2512 break;
2513
a9de9248
MH		 2514 case HCI_OP_REMOTE_NAME_REQ:
2515 hci_cs_remote_name_req(hdev, ev->status);
2516 break;
2517
769be974
MH		 2518 case HCI_OP_READ_REMOTE_FEATURES:
2519 hci_cs_read_remote_features(hdev, ev->status);
2520 break;
2521
2522 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2523 hci_cs_read_remote_ext_features(hdev, ev->status);
2524 break;
2525
a9de9248
MH		 2526 case HCI_OP_SETUP_SYNC_CONN:
2527 hci_cs_setup_sync_conn(hdev, ev->status);
2528 break;
2529
2530 case HCI_OP_SNIFF_MODE:
2531 hci_cs_sniff_mode(hdev, ev->status);
2532 break;
2533
2534 case HCI_OP_EXIT_SNIFF_MODE:
2535 hci_cs_exit_sniff_mode(hdev, ev->status);
2536 break;
2537
8962ee74 2538 case HCI_OP_DISCONNECT:
88c3df13 2539 hci_cs_disconnect(hdev, ev->status);
8962ee74
JH		 2540 break;
2541
fcd89c09
VT		 2542 case HCI_OP_LE_CREATE_CONN:
2543 hci_cs_le_create_conn(hdev, ev->status);
2544 break;
2545
a7a595f6
VCG		 2546 case HCI_OP_LE_START_ENC:
2547 hci_cs_le_start_enc(hdev, ev->status);
2548 break;
2549
a02226d6
AE		 2550 case HCI_OP_CREATE_PHY_LINK:
2551 hci_cs_create_phylink(hdev, ev->status);
2552 break;
2553
a9de9248 2554 default:
9f1db00c 2555 BT_DBG("%s opcode 0x%4.4x", hdev->name, opcode);
a9de9248
MH		 2556 break;
2557 }
2558
6bd32326
VT		 2559 if (ev->opcode != HCI_OP_NOP)
2560 del_timer(&hdev->cmd_timer);
2561
10572132 2562 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
a9de9248
MH		 2563 atomic_set(&hdev->cmd_cnt, 1);
2564 if (!skb_queue_empty(&hdev->cmd_q))
c347b765 2565 queue_work(hdev->workqueue, &hdev->cmd_work);
a9de9248
MH		 2566 }
2567}
2568
6039aa73 2569static void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2570{
2571 struct hci_ev_role_change *ev = (void *) skb->data;
2572 struct hci_conn *conn;
2573
9f1db00c 2574 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a9de9248
MH		 2575
2576 hci_dev_lock(hdev);
2577
2578 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2579 if (conn) {
2580 if (!ev->status) {
2581 if (ev->role)
2582 conn->link_mode &= ~HCI_LM_MASTER;
2583 else
2584 conn->link_mode |= HCI_LM_MASTER;
2585 }
2586
51a8efd7 2587 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->flags);
a9de9248
MH		 2588
2589 hci_role_switch_cfm(conn, ev->status, ev->role);
2590 }
2591
2592 hci_dev_unlock(hdev);
2593}
2594
6039aa73 2595static void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 2596{
2597 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
a9de9248
MH		 2598 int i;
2599
32ac5b9b
AE		 2600 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_PACKET_BASED) {
2601 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2602 return;
2603 }
2604
c5993de8 2605 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2606 ev->num_hndl * sizeof(struct hci_comp_pkts_info)) {
a9de9248
MH		 2607 BT_DBG("%s bad parameters", hdev->name);
2608 return;
2609 }
2610
c5993de8
AE		 2611 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2612
613a1c0c
AE		 2613 for (i = 0; i < ev->num_hndl; i++) {
2614 struct hci_comp_pkts_info *info = &ev->handles[i];
a9de9248
MH		 2615 struct hci_conn *conn;
2616 __u16 handle, count;
2617
613a1c0c
AE		 2618 handle = __le16_to_cpu(info->handle);
2619 count = __le16_to_cpu(info->count);
a9de9248
MH		 2620
2621 conn = hci_conn_hash_lookup_handle(hdev, handle);
f4280918
AE		 2622 if (!conn)
2623 continue;
2624
2625 conn->sent -= count;
2626
2627 switch (conn->type) {
2628 case ACL_LINK:
2629 hdev->acl_cnt += count;
2630 if (hdev->acl_cnt > hdev->acl_pkts)
2631 hdev->acl_cnt = hdev->acl_pkts;
2632 break;
2633
2634 case LE_LINK:
2635 if (hdev->le_pkts) {
2636 hdev->le_cnt += count;
2637 if (hdev->le_cnt > hdev->le_pkts)
2638 hdev->le_cnt = hdev->le_pkts;
2639 } else {
70f23020
AE		 2640 hdev->acl_cnt += count;
2641 if (hdev->acl_cnt > hdev->acl_pkts)
a9de9248 2642 hdev->acl_cnt = hdev->acl_pkts;
a9de9248 2643 }
f4280918
AE		 2644 break;
2645
2646 case SCO_LINK:
2647 hdev->sco_cnt += count;
2648 if (hdev->sco_cnt > hdev->sco_pkts)
2649 hdev->sco_cnt = hdev->sco_pkts;
2650 break;
2651
2652 default:
2653 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2654 break;
a9de9248
MH		 2655 }
2656 }
2657
3eff45ea 2658 queue_work(hdev->workqueue, &hdev->tx_work);
a9de9248
MH		 2659}
2660
6039aa73 2661static void hci_num_comp_blocks_evt(struct hci_dev *hdev, struct sk_buff *skb)
25e89e99
AE		 2662{
2663 struct hci_ev_num_comp_blocks *ev = (void *) skb->data;
2664 int i;
2665
2666 if (hdev->flow_ctl_mode != HCI_FLOW_CTL_MODE_BLOCK_BASED) {
2667 BT_ERR("Wrong event for mode %d", hdev->flow_ctl_mode);
2668 return;
2669 }
2670
2671 if (skb->len < sizeof(*ev) || skb->len < sizeof(*ev) +
807deac2 2672 ev->num_hndl * sizeof(struct hci_comp_blocks_info)) {
25e89e99
AE		 2673 BT_DBG("%s bad parameters", hdev->name);
2674 return;
2675 }
2676
2677 BT_DBG("%s num_blocks %d num_hndl %d", hdev->name, ev->num_blocks,
807deac2 2678 ev->num_hndl);
25e89e99
AE		 2679
2680 for (i = 0; i < ev->num_hndl; i++) {
2681 struct hci_comp_blocks_info *info = &ev->handles[i];
2682 struct hci_conn *conn;
2683 __u16 handle, block_count;
2684
2685 handle = __le16_to_cpu(info->handle);
2686 block_count = __le16_to_cpu(info->blocks);
2687
2688 conn = hci_conn_hash_lookup_handle(hdev, handle);
2689 if (!conn)
2690 continue;
2691
2692 conn->sent -= block_count;
2693
2694 switch (conn->type) {
2695 case ACL_LINK:
2696 hdev->block_cnt += block_count;
2697 if (hdev->block_cnt > hdev->num_blocks)
2698 hdev->block_cnt = hdev->num_blocks;
2699 break;
2700
2701 default:
2702 BT_ERR("Unknown type %d conn %p", conn->type, conn);
2703 break;
2704 }
2705 }
2706
2707 queue_work(hdev->workqueue, &hdev->tx_work);
2708}
2709
6039aa73 2710static void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 2711{
a9de9248 2712 struct hci_ev_mode_change *ev = (void *) skb->data;
04837f64
MH		 2713 struct hci_conn *conn;
2714
9f1db00c 2715 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 2716
2717 hci_dev_lock(hdev);
2718
2719 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
a9de9248
MH		 2720 if (conn) {
2721 conn->mode = ev->mode;
2722 conn->interval = __le16_to_cpu(ev->interval);
2723
8fc9ced3
GP		 2724 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND,
2725 &conn->flags)) {
a9de9248 2726 if (conn->mode == HCI_CM_ACTIVE)
58a681ef 2727 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2728 else
58a681ef 2729 clear_bit(HCI_CONN_POWER_SAVE, &conn->flags);
a9de9248 2730 }
e73439d8 2731
51a8efd7 2732 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->flags))
e73439d8 2733 hci_sco_setup(conn, ev->status);
04837f64
MH		 2734 }
2735
2736 hci_dev_unlock(hdev);
2737}
2738
6039aa73 2739static void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2740{
052b30b0
MH		 2741 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2742 struct hci_conn *conn;
2743
a9de9248 2744 BT_DBG("%s", hdev->name);
052b30b0
MH		 2745
2746 hci_dev_lock(hdev);
2747
2748 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
b6f98044
WR		 2749 if (!conn)
2750 goto unlock;
2751
2752 if (conn->state == BT_CONNECTED) {
052b30b0
MH		 2753 hci_conn_hold(conn);
2754 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2755 hci_conn_put(conn);
2756 }
2757
a8b2d5c2 2758 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags))
03b555e1 2759 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
807deac2 2760 sizeof(ev->bdaddr), &ev->bdaddr);
a8b2d5c2 2761 else if (test_bit(HCI_MGMT, &hdev->dev_flags)) {
a770bb5a
WR		 2762 u8 secure;
2763
2764 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2765 secure = 1;
2766 else
2767 secure = 0;
2768
744cf19e 2769 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
a770bb5a 2770 }
980e1a53 2771
b6f98044 2772unlock:
052b30b0 2773 hci_dev_unlock(hdev);
a9de9248
MH		 2774}
2775
6039aa73 2776static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2777{
55ed8ca1
JH		 2778 struct hci_ev_link_key_req *ev = (void *) skb->data;
2779 struct hci_cp_link_key_reply cp;
2780 struct hci_conn *conn;
2781 struct link_key *key;
2782
a9de9248 2783 BT_DBG("%s", hdev->name);
55ed8ca1 2784
a8b2d5c2 2785 if (!test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
55ed8ca1
JH		 2786 return;
2787
2788 hci_dev_lock(hdev);
2789
2790 key = hci_find_link_key(hdev, &ev->bdaddr);
2791 if (!key) {
2792 BT_DBG("%s link key not found for %s", hdev->name,
807deac2 2793 batostr(&ev->bdaddr));
55ed8ca1
JH		 2794 goto not_found;
2795 }
2796
2797 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
807deac2 2798 batostr(&ev->bdaddr));
55ed8ca1 2799
a8b2d5c2 2800 if (!test_bit(HCI_DEBUG_KEYS, &hdev->dev_flags) &&
807deac2 2801 key->type == HCI_LK_DEBUG_COMBINATION) {
55ed8ca1
JH		 2802 BT_DBG("%s ignoring debug key", hdev->name);
2803 goto not_found;
2804 }
2805
2806 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
60b83f57
WR		 2807 if (conn) {
2808 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
807deac2 2809 conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
60b83f57
WR		 2810 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2811 goto not_found;
2812 }
55ed8ca1 2813
60b83f57 2814 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
807deac2 2815 conn->pending_sec_level == BT_SECURITY_HIGH) {
8fc9ced3
GP		 2816 BT_DBG("%s ignoring key unauthenticated for high security",
2817 hdev->name);
60b83f57
WR		 2818 goto not_found;
2819 }
2820
2821 conn->key_type = key->type;
2822 conn->pin_length = key->pin_len;
55ed8ca1
JH		 2823 }
2824
2825 bacpy(&cp.bdaddr, &ev->bdaddr);
9b3b4460 2826 memcpy(cp.link_key, key->val, HCI_LINK_KEY_SIZE);
55ed8ca1
JH		 2827
2828 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2829
2830 hci_dev_unlock(hdev);
2831
2832 return;
2833
2834not_found:
2835 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2836 hci_dev_unlock(hdev);
a9de9248
MH		 2837}
2838
6039aa73 2839static void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248 2840{
052b30b0
MH		 2841 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2842 struct hci_conn *conn;
55ed8ca1 2843 u8 pin_len = 0;
052b30b0 2844
a9de9248 2845 BT_DBG("%s", hdev->name);
052b30b0
MH		 2846
2847 hci_dev_lock(hdev);
2848
2849 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2850 if (conn) {
2851 hci_conn_hold(conn);
2852 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
980e1a53 2853 pin_len = conn->pin_length;
13d39315
WR		 2854
2855 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2856 conn->key_type = ev->key_type;
2857
052b30b0
MH		 2858 hci_conn_put(conn);
2859 }
2860
a8b2d5c2 2861 if (test_bit(HCI_LINK_KEYS, &hdev->dev_flags))
d25e28ab 2862 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
807deac2 2863 ev->key_type, pin_len);
55ed8ca1 2864
052b30b0 2865 hci_dev_unlock(hdev);
a9de9248
MH		 2866}
2867
6039aa73 2868static void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1da177e4 2869{
a9de9248 2870 struct hci_ev_clock_offset *ev = (void *) skb->data;
04837f64 2871 struct hci_conn *conn;
1da177e4 2872
9f1db00c 2873 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
1da177e4
LT		 2874
2875 hci_dev_lock(hdev);
2876
04837f64 2877 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1da177e4
LT		 2878 if (conn && !ev->status) {
2879 struct inquiry_entry *ie;
2880
cc11b9c1
AE		 2881 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2882 if (ie) {
1da177e4
LT		 2883 ie->data.clock_offset = ev->clock_offset;
2884 ie->timestamp = jiffies;
2885 }
2886 }
2887
2888 hci_dev_unlock(hdev);
2889}
2890
6039aa73 2891static void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
a8746417
MH		 2892{
2893 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2894 struct hci_conn *conn;
2895
9f1db00c 2896 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
a8746417
MH		 2897
2898 hci_dev_lock(hdev);
2899
2900 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2901 if (conn && !ev->status)
2902 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2903
2904 hci_dev_unlock(hdev);
2905}
2906
6039aa73 2907static void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
85a1e930 2908{
a9de9248 2909 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
85a1e930
MH		 2910 struct inquiry_entry *ie;
2911
2912 BT_DBG("%s", hdev->name);
2913
2914 hci_dev_lock(hdev);
2915
cc11b9c1
AE		 2916 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2917 if (ie) {
85a1e930
MH		 2918 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2919 ie->timestamp = jiffies;
2920 }
2921
2922 hci_dev_unlock(hdev);
2923}
2924
6039aa73
GP		 2925static void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
2926 struct sk_buff *skb)
a9de9248
MH		 2927{
2928 struct inquiry_data data;
2929 int num_rsp = *((__u8 *) skb->data);
388fc8fa 2930 bool name_known, ssp;
a9de9248
MH		 2931
2932 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2933
2934 if (!num_rsp)
2935 return;
2936
1519cc17
AG		 2937 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
2938 return;
2939
a9de9248
MH		 2940 hci_dev_lock(hdev);
2941
2942 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
138d22ef
SJ		 2943 struct inquiry_info_with_rssi_and_pscan_mode *info;
2944 info = (void *) (skb->data + 1);
a9de9248 2945
e17acd40 2946 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2947 bacpy(&data.bdaddr, &info->bdaddr);
2948 data.pscan_rep_mode = info->pscan_rep_mode;
2949 data.pscan_period_mode = info->pscan_period_mode;
2950 data.pscan_mode = info->pscan_mode;
2951 memcpy(data.dev_class, info->dev_class, 3);
2952 data.clock_offset = info->clock_offset;
2953 data.rssi = info->rssi;
41a96212 2954 data.ssp_mode = 0x00;
3175405b
JH		 2955
2956 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2957 false, &ssp);
48264f06 2958 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2959 info->dev_class, info->rssi,
2960 !name_known, ssp, NULL, 0);
a9de9248
MH		 2961 }
2962 } else {
2963 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2964
e17acd40 2965 for (; num_rsp; num_rsp--, info++) {
a9de9248
MH		 2966 bacpy(&data.bdaddr, &info->bdaddr);
2967 data.pscan_rep_mode = info->pscan_rep_mode;
2968 data.pscan_period_mode = info->pscan_period_mode;
2969 data.pscan_mode = 0x00;
2970 memcpy(data.dev_class, info->dev_class, 3);
2971 data.clock_offset = info->clock_offset;
2972 data.rssi = info->rssi;
41a96212 2973 data.ssp_mode = 0x00;
3175405b 2974 name_known = hci_inquiry_cache_update(hdev, &data,
04124681 2975 false, &ssp);
48264f06 2976 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681
GP		 2977 info->dev_class, info->rssi,
2978 !name_known, ssp, NULL, 0);
a9de9248
MH		 2979 }
2980 }
2981
2982 hci_dev_unlock(hdev);
2983}
2984
6039aa73
GP		 2985static void hci_remote_ext_features_evt(struct hci_dev *hdev,
2986 struct sk_buff *skb)
a9de9248 2987{
41a96212
MH		 2988 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2989 struct hci_conn *conn;
2990
a9de9248 2991 BT_DBG("%s", hdev->name);
41a96212 2992
41a96212
MH		 2993 hci_dev_lock(hdev);
2994
2995 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
ccd556fe
JH		 2996 if (!conn)
2997 goto unlock;
41a96212 2998
ccd556fe
JH		 2999 if (!ev->status && ev->page == 0x01) {
3000 struct inquiry_entry *ie;
41a96212 3001
cc11b9c1
AE		 3002 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
3003 if (ie)
02b7cc62 3004 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
769be974 3005
02b7cc62 3006 if (ev->features[0] & LMP_HOST_SSP)
58a681ef 3007 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
ccd556fe
JH		 3008 }
3009
3010 if (conn->state != BT_CONFIG)
3011 goto unlock;
3012
671267bf 3013 if (!ev->status && !test_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) {
127178d2
JH		 3014 struct hci_cp_remote_name_req cp;
3015 memset(&cp, 0, sizeof(cp));
3016 bacpy(&cp.bdaddr, &conn->dst);
3017 cp.pscan_rep_mode = 0x02;
3018 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
b644ba33
JH		 3019 } else if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3020 mgmt_device_connected(hdev, &conn->dst, conn->type,
04124681
GP		 3021 conn->dst_type, 0, NULL, 0,
3022 conn->dev_class);
392599b9 3023
127178d2 3024 if (!hci_outgoing_auth_needed(hdev, conn)) {
ccd556fe
JH		 3025 conn->state = BT_CONNECTED;
3026 hci_proto_connect_cfm(conn, ev->status);
3027 hci_conn_put(conn);
41a96212
MH		 3028 }
3029
ccd556fe 3030unlock:
41a96212 3031 hci_dev_unlock(hdev);
a9de9248
MH		 3032}
3033
6039aa73
GP		 3034static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
3035 struct sk_buff *skb)
a9de9248 3036{
b6a0dc82
MH		 3037 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
3038 struct hci_conn *conn;
3039
9f1db00c 3040 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
b6a0dc82
MH		 3041
3042 hci_dev_lock(hdev);
3043
3044 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
9dc0a3af
MH		 3045 if (!conn) {
3046 if (ev->link_type == ESCO_LINK)
3047 goto unlock;
3048
3049 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
3050 if (!conn)
3051 goto unlock;
3052
3053 conn->type = SCO_LINK;
3054 }
b6a0dc82 3055
732547f9
MH		 3056 switch (ev->status) {
3057 case 0x00:
b6a0dc82
MH		 3058 conn->handle = __le16_to_cpu(ev->handle);
3059 conn->state = BT_CONNECTED;
7d0db0a3 3060
9eba32b8 3061 hci_conn_hold_device(conn);
7d0db0a3 3062 hci_conn_add_sysfs(conn);
732547f9
MH		 3063 break;
3064
705e5711 3065 case 0x11: /* Unsupported Feature or Parameter Value */
732547f9 3066 case 0x1c: /* SCO interval rejected */
1038a00b 3067 case 0x1a: /* Unsupported Remote Feature */
732547f9
MH		 3068 case 0x1f: /* Unspecified error */
3069 if (conn->out && conn->attempt < 2) {
3070 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
3071 (hdev->esco_type & EDR_ESCO_MASK);
3072 hci_setup_sync(conn, conn->link->handle);
3073 goto unlock;
3074 }
3075 /* fall through */
3076
3077 default:
b6a0dc82 3078 conn->state = BT_CLOSED;
732547f9
MH		 3079 break;
3080 }
b6a0dc82
MH		 3081
3082 hci_proto_connect_cfm(conn, ev->status);
3083 if (ev->status)
3084 hci_conn_del(conn);
3085
3086unlock:
3087 hci_dev_unlock(hdev);
a9de9248
MH		 3088}
3089
6039aa73 3090static void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
a9de9248
MH		 3091{
3092 BT_DBG("%s", hdev->name);
3093}
3094
6039aa73 3095static void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
04837f64 3096{
a9de9248 3097 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
04837f64 3098
9f1db00c 3099 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
04837f64
MH		 3100}
3101
6039aa73
GP		 3102static void hci_extended_inquiry_result_evt(struct hci_dev *hdev,
3103 struct sk_buff *skb)
1da177e4 3104{
a9de9248
MH		 3105 struct inquiry_data data;
3106 struct extended_inquiry_info *info = (void *) (skb->data + 1);
3107 int num_rsp = *((__u8 *) skb->data);
9d939d94 3108 size_t eir_len;
1da177e4 3109
a9de9248 3110 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1da177e4 3111
a9de9248
MH		 3112 if (!num_rsp)
3113 return;
1da177e4 3114
1519cc17
AG		 3115 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags))
3116 return;
3117
a9de9248
MH		 3118 hci_dev_lock(hdev);
3119
e17acd40 3120 for (; num_rsp; num_rsp--, info++) {
388fc8fa 3121 bool name_known, ssp;
561aafbc 3122
a9de9248 3123 bacpy(&data.bdaddr, &info->bdaddr);
138d22ef
SJ		 3124 data.pscan_rep_mode = info->pscan_rep_mode;
3125 data.pscan_period_mode = info->pscan_period_mode;
3126 data.pscan_mode = 0x00;
a9de9248 3127 memcpy(data.dev_class, info->dev_class, 3);
138d22ef
SJ		 3128 data.clock_offset = info->clock_offset;
3129 data.rssi = info->rssi;
41a96212 3130 data.ssp_mode = 0x01;
561aafbc 3131
a8b2d5c2 3132 if (test_bit(HCI_MGMT, &hdev->dev_flags))
4ddb1930 3133 name_known = eir_has_data_type(info->data,
04124681
GP		 3134 sizeof(info->data),
3135 EIR_NAME_COMPLETE);
561aafbc
JH		 3136 else
3137 name_known = true;
3138
388fc8fa 3139 name_known = hci_inquiry_cache_update(hdev, &data, name_known,
04124681 3140 &ssp);
9d939d94 3141 eir_len = eir_get_length(info->data, sizeof(info->data));
48264f06 3142 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
04124681 3143 info->dev_class, info->rssi, !name_known,
9d939d94 3144 ssp, info->data, eir_len);
a9de9248
MH		 3145 }
3146
3147 hci_dev_unlock(hdev);
3148}
1da177e4 3149
1c2e0041
JH		 3150static void hci_key_refresh_complete_evt(struct hci_dev *hdev,
3151 struct sk_buff *skb)
3152{
3153 struct hci_ev_key_refresh_complete *ev = (void *) skb->data;
3154 struct hci_conn *conn;
3155
9f1db00c 3156 BT_DBG("%s status 0x%2.2x handle 0x%4.4x", hdev->name, ev->status,
1c2e0041
JH		 3157 __le16_to_cpu(ev->handle));
3158
3159 hci_dev_lock(hdev);
3160
3161 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3162 if (!conn)
3163 goto unlock;
3164
3165 if (!ev->status)
3166 conn->sec_level = conn->pending_sec_level;
3167
3168 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
3169
3170 if (ev->status && conn->state == BT_CONNECTED) {
3171 hci_acl_disconn(conn, HCI_ERROR_AUTH_FAILURE);
3172 hci_conn_put(conn);
3173 goto unlock;
3174 }
3175
3176 if (conn->state == BT_CONFIG) {
3177 if (!ev->status)
3178 conn->state = BT_CONNECTED;
3179
3180 hci_proto_connect_cfm(conn, ev->status);
3181 hci_conn_put(conn);
3182 } else {
3183 hci_auth_cfm(conn, ev->status);
3184
3185 hci_conn_hold(conn);
3186 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
3187 hci_conn_put(conn);
3188 }
3189
3190unlock:
3191 hci_dev_unlock(hdev);
3192}
3193
6039aa73 3194static u8 hci_get_auth_req(struct hci_conn *conn)
17fa4b9d
JH		 3195{
3196 /* If remote requests dedicated bonding follow that lead */
3197 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
3198 /* If both remote and local IO capabilities allow MITM
3199 * protection then require it, otherwise don't */
3200 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
3201 return 0x02;
3202 else
3203 return 0x03;
3204 }
3205
3206 /* If remote requests no-bonding follow that lead */
3207 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
58797bf7 3208 return conn->remote_auth | (conn->auth_type & 0x01);
17fa4b9d
JH		 3209
3210 return conn->auth_type;
3211}
3212
6039aa73 3213static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
0493684e
MH		 3214{
3215 struct hci_ev_io_capa_request *ev = (void *) skb->data;
3216 struct hci_conn *conn;
3217
3218 BT_DBG("%s", hdev->name);
3219
3220 hci_dev_lock(hdev);
3221
3222 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
03b555e1
JH		 3223 if (!conn)
3224 goto unlock;
3225
3226 hci_conn_hold(conn);
3227
a8b2d5c2 3228 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
03b555e1
JH		 3229 goto unlock;
3230
a8b2d5c2 3231 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags) ||
807deac2 3232 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
17fa4b9d
JH		 3233 struct hci_cp_io_capability_reply cp;
3234
3235 bacpy(&cp.bdaddr, &ev->bdaddr);
7a7f1e7c
HG		 3236 /* Change the IO capability from KeyboardDisplay
3237 * to DisplayYesNo as it is not supported by BT spec. */
3238 cp.capability = (conn->io_capability == 0x04) ?
3239 0x01 : conn->io_capability;
7cbc9bd9
JH		 3240 conn->auth_type = hci_get_auth_req(conn);
3241 cp.authentication = conn->auth_type;
17fa4b9d 3242
8fc9ced3
GP		 3243 if (hci_find_remote_oob_data(hdev, &conn->dst) &&
3244 (conn->out || test_bit(HCI_CONN_REMOTE_OOB, &conn->flags)))
ce85ee13
SJ		 3245 cp.oob_data = 0x01;
3246 else
3247 cp.oob_data = 0x00;
3248
17fa4b9d 3249 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
807deac2 3250 sizeof(cp), &cp);
03b555e1
JH		 3251 } else {
3252 struct hci_cp_io_capability_neg_reply cp;
3253
3254 bacpy(&cp.bdaddr, &ev->bdaddr);
9f5a0d7b 3255 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
0493684e 3256
03b555e1 3257 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
807deac2 3258 sizeof(cp), &cp);
03b555e1
JH		 3259 }
3260
3261unlock:
3262 hci_dev_unlock(hdev);
3263}
3264
6039aa73 3265static void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
03b555e1
JH		 3266{
3267 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
3268 struct hci_conn *conn;
3269
3270 BT_DBG("%s", hdev->name);
3271
3272 hci_dev_lock(hdev);
3273
3274 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3275 if (!conn)
3276 goto unlock;
3277
03b555e1 3278 conn->remote_cap = ev->capability;
03b555e1 3279 conn->remote_auth = ev->authentication;
58a681ef
JH		 3280 if (ev->oob_data)
3281 set_bit(HCI_CONN_REMOTE_OOB, &conn->flags);
03b555e1
JH		 3282
3283unlock:
0493684e
MH		 3284 hci_dev_unlock(hdev);
3285}
3286
6039aa73
GP		 3287static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3288 struct sk_buff *skb)
a5c29683
JH		 3289{
3290 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
55bc1a37 3291 int loc_mitm, rem_mitm, confirm_hint = 0;
7a828908 3292 struct hci_conn *conn;
a5c29683
JH		 3293
3294 BT_DBG("%s", hdev->name);
3295
3296 hci_dev_lock(hdev);
3297
a8b2d5c2 3298 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
7a828908 3299 goto unlock;
a5c29683 3300
7a828908
JH		 3301 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3302 if (!conn)
3303 goto unlock;
3304
3305 loc_mitm = (conn->auth_type & 0x01);
3306 rem_mitm = (conn->remote_auth & 0x01);
3307
3308 /* If we require MITM but the remote device can't provide that
3309 * (it has NoInputNoOutput) then reject the confirmation
3310 * request. The only exception is when we're dedicated bonding
3311 * initiators (connect_cfm_cb set) since then we always have the MITM
3312 * bit set. */
3313 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
3314 BT_DBG("Rejecting request: remote device can't provide MITM");
3315 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
807deac2 3316 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3317 goto unlock;
3318 }
3319
3320 /* If no side requires MITM protection; auto-accept */
3321 if ((!loc_mitm || conn->remote_cap == 0x03) &&
807deac2 3322 (!rem_mitm || conn->io_capability == 0x03)) {
55bc1a37
JH		 3323
3324 /* If we're not the initiators request authorization to
3325 * proceed from user space (mgmt_user_confirm with
3326 * confirm_hint set to 1). */
51a8efd7 3327 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
55bc1a37
JH		 3328 BT_DBG("Confirming auto-accept as acceptor");
3329 confirm_hint = 1;
3330 goto confirm;
3331 }
3332
9f61656a 3333 BT_DBG("Auto-accept of user confirmation with %ums delay",
807deac2 3334 hdev->auto_accept_delay);
9f61656a
JH		 3335
3336 if (hdev->auto_accept_delay > 0) {
3337 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
3338 mod_timer(&conn->auto_accept_timer, jiffies + delay);
3339 goto unlock;
3340 }
3341
7a828908 3342 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
807deac2 3343 sizeof(ev->bdaddr), &ev->bdaddr);
7a828908
JH		 3344 goto unlock;
3345 }
3346
55bc1a37 3347confirm:
272d90df 3348 mgmt_user_confirm_request(hdev, &ev->bdaddr, ACL_LINK, 0, ev->passkey,
04124681 3349 confirm_hint);
7a828908
JH		 3350
3351unlock:
a5c29683
JH		 3352 hci_dev_unlock(hdev);
3353}
3354
6039aa73
GP		 3355static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3356 struct sk_buff *skb)
1143d458
BG		 3357{
3358 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
3359
3360 BT_DBG("%s", hdev->name);
3361
a8b2d5c2 3362 if (test_bit(HCI_MGMT, &hdev->dev_flags))
272d90df 3363 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
1143d458
BG		 3364}
3365
92a25256
JH		 3366static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3367 struct sk_buff *skb)
3368{
3369 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3370 struct hci_conn *conn;
3371
3372 BT_DBG("%s", hdev->name);
3373
3374 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3375 if (!conn)
3376 return;
3377
3378 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3379 conn->passkey_entered = 0;
3380
3381 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3382 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3383 conn->dst_type, conn->passkey_notify,
3384 conn->passkey_entered);
3385}
3386
3387static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3388{
3389 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3390 struct hci_conn *conn;
3391
3392 BT_DBG("%s", hdev->name);
3393
3394 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3395 if (!conn)
3396 return;
3397
3398 switch (ev->type) {
3399 case HCI_KEYPRESS_STARTED:
3400 conn->passkey_entered = 0;
3401 return;
3402
3403 case HCI_KEYPRESS_ENTERED:
3404 conn->passkey_entered++;
3405 break;
3406
3407 case HCI_KEYPRESS_ERASED:
3408 conn->passkey_entered--;
3409 break;
3410
3411 case HCI_KEYPRESS_CLEARED:
3412 conn->passkey_entered = 0;
3413 break;
3414
3415 case HCI_KEYPRESS_COMPLETED:
3416 return;
3417 }
3418
3419 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3420 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3421 conn->dst_type, conn->passkey_notify,
3422 conn->passkey_entered);
3423}
3424
6039aa73
GP		 3425static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3426 struct sk_buff *skb)
0493684e
MH		 3427{
3428 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
3429 struct hci_conn *conn;
3430
3431 BT_DBG("%s", hdev->name);
3432
3433 hci_dev_lock(hdev);
3434
3435 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2a611692
JH		 3436 if (!conn)
3437 goto unlock;
3438
3439 /* To avoid duplicate auth_failed events to user space we check
3440 * the HCI_CONN_AUTH_PEND flag which will be set if we
3441 * initiated the authentication. A traditional auth_complete
3442 * event gets always produced as initiator and is also mapped to
3443 * the mgmt_auth_failed event */
fa1bd918 3444 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
bab73cb6 3445 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
04124681 3446 ev->status);
0493684e 3447
2a611692
JH		 3448 hci_conn_put(conn);
3449
3450unlock:
0493684e
MH		 3451 hci_dev_unlock(hdev);
3452}
3453
6039aa73
GP		 3454static void hci_remote_host_features_evt(struct hci_dev *hdev,
3455 struct sk_buff *skb)
41a96212
MH		 3456{
3457 struct hci_ev_remote_host_features *ev = (void *) skb->data;
3458 struct inquiry_entry *ie;
3459
3460 BT_DBG("%s", hdev->name);
3461
3462 hci_dev_lock(hdev);
3463
cc11b9c1
AE		 3464 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
3465 if (ie)
02b7cc62 3466 ie->data.ssp_mode = (ev->features[0] & LMP_HOST_SSP);
41a96212
MH		 3467
3468 hci_dev_unlock(hdev);
3469}
3470
6039aa73
GP		 3471static void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
3472 struct sk_buff *skb)
2763eda6
SJ		 3473{
3474 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
3475 struct oob_data *data;
3476
3477 BT_DBG("%s", hdev->name);
3478
3479 hci_dev_lock(hdev);
3480
a8b2d5c2 3481 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
e1ba1f15
SJ		 3482 goto unlock;
3483
2763eda6
SJ		 3484 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
3485 if (data) {
3486 struct hci_cp_remote_oob_data_reply cp;
3487
3488 bacpy(&cp.bdaddr, &ev->bdaddr);
3489 memcpy(cp.hash, data->hash, sizeof(cp.hash));
3490 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
3491
3492 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
807deac2 3493 &cp);
2763eda6
SJ		 3494 } else {
3495 struct hci_cp_remote_oob_data_neg_reply cp;
3496
3497 bacpy(&cp.bdaddr, &ev->bdaddr);
3498 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
807deac2 3499 &cp);
2763eda6
SJ		 3500 }
3501
e1ba1f15 3502unlock:
2763eda6
SJ		 3503 hci_dev_unlock(hdev);
3504}
3505
6039aa73 3506static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3507{
3508 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
3509 struct hci_conn *conn;
3510
9f1db00c 3511 BT_DBG("%s status 0x%2.2x", hdev->name, ev->status);
fcd89c09
VT		 3512
3513 hci_dev_lock(hdev);
3514
b47a09b3 3515 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
b62f328b
VT		 3516 if (!conn) {
3517 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3518 if (!conn) {
3519 BT_ERR("No memory for new connection");
230fd16a 3520 goto unlock;
b62f328b 3521 }
29b7988a
AG		 3522
3523 conn->dst_type = ev->bdaddr_type;
b9b343d2
AG		 3524
3525 if (ev->role == LE_CONN_ROLE_MASTER) {
3526 conn->out = true;
3527 conn->link_mode |= HCI_LM_MASTER;
3528 }
b62f328b 3529 }
fcd89c09 3530
cd17decb
AG		 3531 if (ev->status) {
3532 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3533 conn->dst_type, ev->status);
3534 hci_proto_connect_cfm(conn, ev->status);
3535 conn->state = BT_CLOSED;
3536 hci_conn_del(conn);
3537 goto unlock;
3538 }
3539
b644ba33
JH		 3540 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3541 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
04124681 3542 conn->dst_type, 0, NULL, 0, NULL);
83bc71b4 3543
7b5c0d52 3544 conn->sec_level = BT_SECURITY_LOW;
fcd89c09
VT		 3545 conn->handle = __le16_to_cpu(ev->handle);
3546 conn->state = BT_CONNECTED;
3547
3548 hci_conn_hold_device(conn);
3549 hci_conn_add_sysfs(conn);
3550
3551 hci_proto_connect_cfm(conn, ev->status);
3552
3553unlock:
3554 hci_dev_unlock(hdev);
3555}
3556
6039aa73 3557static void hci_le_adv_report_evt(struct hci_dev *hdev, struct sk_buff *skb)
9aa04c91 3558{
e95beb41
AG		 3559 u8 num_reports = skb->data[0];
3560 void *ptr = &skb->data[1];
3c9e9195 3561 s8 rssi;
9aa04c91
AG		 3562
3563 hci_dev_lock(hdev);
3564
e95beb41
AG		 3565 while (num_reports--) {
3566 struct hci_ev_le_advertising_info *ev = ptr;
9aa04c91 3567
3c9e9195
AG		 3568 rssi = ev->data[ev->length];
3569 mgmt_device_found(hdev, &ev->bdaddr, LE_LINK, ev->bdaddr_type,
04124681 3570 NULL, rssi, 0, 1, ev->data, ev->length);
3c9e9195 3571
e95beb41 3572 ptr += sizeof(*ev) + ev->length + 1;
9aa04c91
AG		 3573 }
3574
3575 hci_dev_unlock(hdev);
3576}
3577
6039aa73 3578static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
a7a595f6
VCG		 3579{
3580 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
3581 struct hci_cp_le_ltk_reply cp;
bea710fe 3582 struct hci_cp_le_ltk_neg_reply neg;
a7a595f6 3583 struct hci_conn *conn;
c9839a11 3584 struct smp_ltk *ltk;
a7a595f6 3585
9f1db00c 3586 BT_DBG("%s handle 0x%4.4x", hdev->name, __le16_to_cpu(ev->handle));
a7a595f6
VCG		 3587
3588 hci_dev_lock(hdev);
3589
3590 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
bea710fe
VCG		 3591 if (conn == NULL)
3592 goto not_found;
a7a595f6 3593
bea710fe
VCG		 3594 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3595 if (ltk == NULL)
3596 goto not_found;
3597
3598 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
a7a595f6 3599 cp.handle = cpu_to_le16(conn->handle);
c9839a11
VCG		 3600
3601 if (ltk->authenticated)
3602 conn->sec_level = BT_SECURITY_HIGH;
a7a595f6
VCG		 3603
3604 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3605
c9839a11
VCG		 3606 if (ltk->type & HCI_SMP_STK) {
3607 list_del(&ltk->list);
3608 kfree(ltk);
3609 }
3610
a7a595f6 3611 hci_dev_unlock(hdev);
bea710fe
VCG		 3612
3613 return;
3614
3615not_found:
3616 neg.handle = ev->handle;
3617 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3618 hci_dev_unlock(hdev);
a7a595f6
VCG		 3619}
3620
6039aa73 3621static void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
fcd89c09
VT		 3622{
3623 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3624
3625 skb_pull(skb, sizeof(*le_ev));
3626
3627 switch (le_ev->subevent) {
3628 case HCI_EV_LE_CONN_COMPLETE:
3629 hci_le_conn_complete_evt(hdev, skb);
3630 break;
3631
9aa04c91
AG		 3632 case HCI_EV_LE_ADVERTISING_REPORT:
3633 hci_le_adv_report_evt(hdev, skb);
3634 break;
3635
a7a595f6
VCG		 3636 case HCI_EV_LE_LTK_REQ:
3637 hci_le_ltk_request_evt(hdev, skb);
3638 break;
3639
fcd89c09
VT		 3640 default:
3641 break;
3642 }
3643}
3644
9495b2ee
AE		 3645static void hci_chan_selected_evt(struct hci_dev *hdev, struct sk_buff *skb)
3646{
3647 struct hci_ev_channel_selected *ev = (void *) skb->data;
3648 struct hci_conn *hcon;
3649
3650 BT_DBG("%s handle 0x%2.2x", hdev->name, ev->phy_handle);
3651
3652 skb_pull(skb, sizeof(*ev));
3653
3654 hcon = hci_conn_hash_lookup_handle(hdev, ev->phy_handle);
3655 if (!hcon)
3656 return;
3657
3658 amp_read_loc_assoc_final_data(hdev, hcon);
3659}
3660
a9de9248
MH		 3661void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3662{
3663 struct hci_event_hdr *hdr = (void *) skb->data;
3664 __u8 event = hdr->evt;
3665
3666 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3667
3668 switch (event) {
1da177e4
LT		 3669 case HCI_EV_INQUIRY_COMPLETE:
3670 hci_inquiry_complete_evt(hdev, skb);
3671 break;
3672
3673 case HCI_EV_INQUIRY_RESULT:
3674 hci_inquiry_result_evt(hdev, skb);
3675 break;
3676
a9de9248
MH		 3677 case HCI_EV_CONN_COMPLETE:
3678 hci_conn_complete_evt(hdev, skb);
21d9e30e
MH		 3679 break;
3680
1da177e4
LT		 3681 case HCI_EV_CONN_REQUEST:
3682 hci_conn_request_evt(hdev, skb);
3683 break;
3684
1da177e4
LT		 3685 case HCI_EV_DISCONN_COMPLETE:
3686 hci_disconn_complete_evt(hdev, skb);
3687 break;
3688
1da177e4
LT		 3689 case HCI_EV_AUTH_COMPLETE:
3690 hci_auth_complete_evt(hdev, skb);
3691 break;
3692
a9de9248
MH		 3693 case HCI_EV_REMOTE_NAME:
3694 hci_remote_name_evt(hdev, skb);
3695 break;
3696
1da177e4
LT		 3697 case HCI_EV_ENCRYPT_CHANGE:
3698 hci_encrypt_change_evt(hdev, skb);
3699 break;
3700
a9de9248
MH		 3701 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3702 hci_change_link_key_complete_evt(hdev, skb);
3703 break;
3704
3705 case HCI_EV_REMOTE_FEATURES:
3706 hci_remote_features_evt(hdev, skb);
3707 break;
3708
3709 case HCI_EV_REMOTE_VERSION:
3710 hci_remote_version_evt(hdev, skb);
3711 break;
3712
3713 case HCI_EV_QOS_SETUP_COMPLETE:
3714 hci_qos_setup_complete_evt(hdev, skb);
3715 break;
3716
3717 case HCI_EV_CMD_COMPLETE:
3718 hci_cmd_complete_evt(hdev, skb);
3719 break;
3720
3721 case HCI_EV_CMD_STATUS:
3722 hci_cmd_status_evt(hdev, skb);
3723 break;
3724
3725 case HCI_EV_ROLE_CHANGE:
3726 hci_role_change_evt(hdev, skb);
3727 break;
3728
3729 case HCI_EV_NUM_COMP_PKTS:
3730 hci_num_comp_pkts_evt(hdev, skb);
3731 break;
3732
3733 case HCI_EV_MODE_CHANGE:
3734 hci_mode_change_evt(hdev, skb);
1da177e4
LT		 3735 break;
3736
3737 case HCI_EV_PIN_CODE_REQ:
3738 hci_pin_code_request_evt(hdev, skb);
3739 break;
3740
3741 case HCI_EV_LINK_KEY_REQ:
3742 hci_link_key_request_evt(hdev, skb);
3743 break;
3744
3745 case HCI_EV_LINK_KEY_NOTIFY:
3746 hci_link_key_notify_evt(hdev, skb);
3747 break;
3748
3749 case HCI_EV_CLOCK_OFFSET:
3750 hci_clock_offset_evt(hdev, skb);
3751 break;
3752
a8746417
MH		 3753 case HCI_EV_PKT_TYPE_CHANGE:
3754 hci_pkt_type_change_evt(hdev, skb);
3755 break;
3756
85a1e930
MH		 3757 case HCI_EV_PSCAN_REP_MODE:
3758 hci_pscan_rep_mode_evt(hdev, skb);
3759 break;
3760
a9de9248
MH		 3761 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3762 hci_inquiry_result_with_rssi_evt(hdev, skb);
04837f64
MH		 3763 break;
3764
a9de9248
MH		 3765 case HCI_EV_REMOTE_EXT_FEATURES:
3766 hci_remote_ext_features_evt(hdev, skb);
1da177e4
LT		 3767 break;
3768
a9de9248
MH		 3769 case HCI_EV_SYNC_CONN_COMPLETE:
3770 hci_sync_conn_complete_evt(hdev, skb);
3771 break;
1da177e4 3772
a9de9248
MH		 3773 case HCI_EV_SYNC_CONN_CHANGED:
3774 hci_sync_conn_changed_evt(hdev, skb);
3775 break;
1da177e4 3776
a9de9248
MH		 3777 case HCI_EV_SNIFF_SUBRATE:
3778 hci_sniff_subrate_evt(hdev, skb);
3779 break;
1da177e4 3780
a9de9248
MH		 3781 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3782 hci_extended_inquiry_result_evt(hdev, skb);
3783 break;
1da177e4 3784
1c2e0041
JH		 3785 case HCI_EV_KEY_REFRESH_COMPLETE:
3786 hci_key_refresh_complete_evt(hdev, skb);
3787 break;
3788
0493684e
MH		 3789 case HCI_EV_IO_CAPA_REQUEST:
3790 hci_io_capa_request_evt(hdev, skb);
3791 break;
3792
03b555e1
JH		 3793 case HCI_EV_IO_CAPA_REPLY:
3794 hci_io_capa_reply_evt(hdev, skb);
3795 break;
3796
a5c29683
JH		 3797 case HCI_EV_USER_CONFIRM_REQUEST:
3798 hci_user_confirm_request_evt(hdev, skb);
3799 break;
3800
1143d458
BG		 3801 case HCI_EV_USER_PASSKEY_REQUEST:
3802 hci_user_passkey_request_evt(hdev, skb);
3803 break;
3804
92a25256
JH		 3805 case HCI_EV_USER_PASSKEY_NOTIFY:
3806 hci_user_passkey_notify_evt(hdev, skb);
3807 break;
3808
3809 case HCI_EV_KEYPRESS_NOTIFY:
3810 hci_keypress_notify_evt(hdev, skb);
3811 break;
3812
0493684e
MH		 3813 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3814 hci_simple_pair_complete_evt(hdev, skb);
3815 break;
3816
41a96212
MH		 3817 case HCI_EV_REMOTE_HOST_FEATURES:
3818 hci_remote_host_features_evt(hdev, skb);
3819 break;
3820
fcd89c09
VT		 3821 case HCI_EV_LE_META:
3822 hci_le_meta_evt(hdev, skb);
3823 break;
3824
9495b2ee
AE		 3825 case HCI_EV_CHANNEL_SELECTED:
3826 hci_chan_selected_evt(hdev, skb);
3827 break;
3828
2763eda6
SJ		 3829 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3830 hci_remote_oob_data_request_evt(hdev, skb);
3831 break;
3832
25e89e99
AE		 3833 case HCI_EV_NUM_COMP_BLOCKS:
3834 hci_num_comp_blocks_evt(hdev, skb);
3835 break;
3836
a9de9248 3837 default:
9f1db00c 3838 BT_DBG("%s event 0x%2.2x", hdev->name, event);
1da177e4
LT		 3839 break;
3840 }
3841
3842 kfree_skb(skb);
3843 hdev->stat.evt_rx++;
3844}
kernel source for telekom puls (alcatel/mediatek)