projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Add missing feature test macros
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / mgmt.c
CommitLineData
0381101f
JH		 1/*
2 BlueZ - Bluetooth protocol stack for Linux
ea585ab5 3
0381101f 4 Copyright (C) 2010 Nokia Corporation
ea585ab5 5 Copyright (C) 2011-2012 Intel Corporation
0381101f
JH		 6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI Management interface */
26
3a9a231d 27#include <linux/module.h>
0381101f
JH		 28#include <asm/unaligned.h>
29
30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
5fe57d9e 33#include <net/bluetooth/smp.h>
0381101f 34
d7b7e796 35bool enable_hs;
d7b7e796 36
2da9c55c 37#define MGMT_VERSION 1
23b3b133 38#define MGMT_REVISION 2
02d98129 39
e70bb2e8
JH		 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST,
42 MGMT_OP_READ_INFO,
43 MGMT_OP_SET_POWERED,
44 MGMT_OP_SET_DISCOVERABLE,
45 MGMT_OP_SET_CONNECTABLE,
46 MGMT_OP_SET_FAST_CONNECTABLE,
47 MGMT_OP_SET_PAIRABLE,
48 MGMT_OP_SET_LINK_SECURITY,
49 MGMT_OP_SET_SSP,
50 MGMT_OP_SET_HS,
51 MGMT_OP_SET_LE,
52 MGMT_OP_SET_DEV_CLASS,
53 MGMT_OP_SET_LOCAL_NAME,
54 MGMT_OP_ADD_UUID,
55 MGMT_OP_REMOVE_UUID,
56 MGMT_OP_LOAD_LINK_KEYS,
57 MGMT_OP_LOAD_LONG_TERM_KEYS,
58 MGMT_OP_DISCONNECT,
59 MGMT_OP_GET_CONNECTIONS,
60 MGMT_OP_PIN_CODE_REPLY,
61 MGMT_OP_PIN_CODE_NEG_REPLY,
62 MGMT_OP_SET_IO_CAPABILITY,
63 MGMT_OP_PAIR_DEVICE,
64 MGMT_OP_CANCEL_PAIR_DEVICE,
65 MGMT_OP_UNPAIR_DEVICE,
66 MGMT_OP_USER_CONFIRM_REPLY,
67 MGMT_OP_USER_CONFIRM_NEG_REPLY,
68 MGMT_OP_USER_PASSKEY_REPLY,
69 MGMT_OP_USER_PASSKEY_NEG_REPLY,
70 MGMT_OP_READ_LOCAL_OOB_DATA,
71 MGMT_OP_ADD_REMOTE_OOB_DATA,
72 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
73 MGMT_OP_START_DISCOVERY,
74 MGMT_OP_STOP_DISCOVERY,
75 MGMT_OP_CONFIRM_NAME,
76 MGMT_OP_BLOCK_DEVICE,
77 MGMT_OP_UNBLOCK_DEVICE,
cdbaccca 78 MGMT_OP_SET_DEVICE_ID,
e70bb2e8
JH		 79};
80
81static const u16 mgmt_events[] = {
82 MGMT_EV_CONTROLLER_ERROR,
83 MGMT_EV_INDEX_ADDED,
84 MGMT_EV_INDEX_REMOVED,
85 MGMT_EV_NEW_SETTINGS,
86 MGMT_EV_CLASS_OF_DEV_CHANGED,
87 MGMT_EV_LOCAL_NAME_CHANGED,
88 MGMT_EV_NEW_LINK_KEY,
89 MGMT_EV_NEW_LONG_TERM_KEY,
90 MGMT_EV_DEVICE_CONNECTED,
91 MGMT_EV_DEVICE_DISCONNECTED,
92 MGMT_EV_CONNECT_FAILED,
93 MGMT_EV_PIN_CODE_REQUEST,
94 MGMT_EV_USER_CONFIRM_REQUEST,
95 MGMT_EV_USER_PASSKEY_REQUEST,
96 MGMT_EV_AUTH_FAILED,
97 MGMT_EV_DEVICE_FOUND,
98 MGMT_EV_DISCOVERING,
99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED,
92a25256 102 MGMT_EV_PASSKEY_NOTIFY,
e70bb2e8
JH		 103};
104
3fd24153
AG		 105/*
106 * These LE scan and inquiry parameters were chosen according to LE General
107 * Discovery Procedure specification.
108 */
109#define LE_SCAN_TYPE 0x01
110#define LE_SCAN_WIN 0x12
111#define LE_SCAN_INT 0x12
112#define LE_SCAN_TIMEOUT_LE_ONLY 10240 /* TGAP(gen_disc_scan_min) */
5e0452c0 113#define LE_SCAN_TIMEOUT_BREDR_LE 5120 /* TGAP(100)/2 */
3fd24153 114
e8777525 115#define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
5e0452c0 116#define INQUIRY_LEN_BREDR_LE 0x04 /* TGAP(100)/2 */
2519a1fc 117
17b02e62 118#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
7d78525d 119
4b34ee78
JH		 120#define hdev_is_powered(hdev) (test_bit(HCI_UP, &hdev->flags) && \
121 !test_bit(HCI_AUTO_OFF, &hdev->dev_flags))
122
eec8d2bc
JH		 123struct pending_cmd {
124 struct list_head list;
fc2f4b13 125 u16 opcode;
eec8d2bc 126 int index;
c68fb7ff 127 void *param;
eec8d2bc 128 struct sock *sk;
e9a416b5 129 void *user_data;
eec8d2bc
JH		 130};
131
ca69b795
JH		 132/* HCI to MGMT error code conversion table */
133static u8 mgmt_status_table[] = {
134 MGMT_STATUS_SUCCESS,
135 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
136 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
137 MGMT_STATUS_FAILED, /* Hardware Failure */
138 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
139 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
140 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
141 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
142 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
143 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
144 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
145 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
146 MGMT_STATUS_BUSY, /* Command Disallowed */
147 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
148 MGMT_STATUS_REJECTED, /* Rejected Security */
149 MGMT_STATUS_REJECTED, /* Rejected Personal */
150 MGMT_STATUS_TIMEOUT, /* Host Timeout */
151 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
152 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
153 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
154 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
155 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
156 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
157 MGMT_STATUS_BUSY, /* Repeated Attempts */
158 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
159 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
160 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
161 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
162 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
163 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
164 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
165 MGMT_STATUS_FAILED, /* Unspecified Error */
166 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
167 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
168 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
169 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
170 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
171 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
172 MGMT_STATUS_FAILED, /* Unit Link Key Used */
173 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
174 MGMT_STATUS_TIMEOUT, /* Instant Passed */
175 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
176 MGMT_STATUS_FAILED, /* Transaction Collision */
177 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
178 MGMT_STATUS_REJECTED, /* QoS Rejected */
179 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
180 MGMT_STATUS_REJECTED, /* Insufficient Security */
181 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
182 MGMT_STATUS_BUSY, /* Role Switch Pending */
183 MGMT_STATUS_FAILED, /* Slot Violation */
184 MGMT_STATUS_FAILED, /* Role Switch Failed */
185 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
186 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
187 MGMT_STATUS_BUSY, /* Host Busy Pairing */
188 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
189 MGMT_STATUS_BUSY, /* Controller Busy */
190 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
191 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
192 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
193 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
195};
196
bb4b2a9a
AE		 197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
ca69b795
JH		 202static u8 mgmt_status(u8 hci_status)
203{
204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
205 return mgmt_status_table[hci_status];
206
207 return MGMT_STATUS_FAILED;
208}
209
4e51eae9 210static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
f7b64e69
JH		 211{
212 struct sk_buff *skb;
213 struct mgmt_hdr *hdr;
214 struct mgmt_ev_cmd_status *ev;
56b7d137 215 int err;
f7b64e69 216
34eb525c 217 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
f7b64e69 218
790eff44 219 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_KERNEL);
f7b64e69
JH		 220 if (!skb)
221 return -ENOMEM;
222
223 hdr = (void *) skb_put(skb, sizeof(*hdr));
224
225 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
4e51eae9 226 hdr->index = cpu_to_le16(index);
f7b64e69
JH		 227 hdr->len = cpu_to_le16(sizeof(*ev));
228
229 ev = (void *) skb_put(skb, sizeof(*ev));
230 ev->status = status;
eb55ef07 231 ev->opcode = cpu_to_le16(cmd);
f7b64e69 232
56b7d137
GP		 233 err = sock_queue_rcv_skb(sk, skb);
234 if (err < 0)
f7b64e69
JH		 235 kfree_skb(skb);
236
56b7d137 237 return err;
f7b64e69
JH		 238}
239
aee9b218 240static int cmd_complete(struct sock *sk, u16 index, u16 cmd, u8 status,
04124681 241 void *rp, size_t rp_len)
02d98129
JH		 242{
243 struct sk_buff *skb;
244 struct mgmt_hdr *hdr;
245 struct mgmt_ev_cmd_complete *ev;
56b7d137 246 int err;
02d98129
JH		 247
248 BT_DBG("sock %p", sk);
249
790eff44 250 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_KERNEL);
02d98129
JH		 251 if (!skb)
252 return -ENOMEM;
253
254 hdr = (void *) skb_put(skb, sizeof(*hdr));
02d98129 255
a38528f1 256 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
4e51eae9 257 hdr->index = cpu_to_le16(index);
a38528f1 258 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
02d98129 259
a38528f1 260 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
eb55ef07 261 ev->opcode = cpu_to_le16(cmd);
aee9b218 262 ev->status = status;
8020c16a
SJ		 263
264 if (rp)
265 memcpy(ev->data, rp, rp_len);
02d98129 266
56b7d137
GP		 267 err = sock_queue_rcv_skb(sk, skb);
268 if (err < 0)
02d98129
JH		 269 kfree_skb(skb);
270
e5f0e151 271 return err;
02d98129
JH		 272}
273
04124681
GP		 274static int read_version(struct sock *sk, struct hci_dev *hdev, void *data,
275 u16 data_len)
a38528f1
JH		 276{
277 struct mgmt_rp_read_version rp;
278
279 BT_DBG("sock %p", sk);
280
281 rp.version = MGMT_VERSION;
eb55ef07 282 rp.revision = __constant_cpu_to_le16(MGMT_REVISION);
a38528f1 283
aee9b218 284 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, 0, &rp,
04124681 285 sizeof(rp));
a38528f1
JH		 286}
287
04124681
GP		 288static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
289 u16 data_len)
e70bb2e8
JH		 290{
291 struct mgmt_rp_read_commands *rp;
eb55ef07
MH		 292 const u16 num_commands = ARRAY_SIZE(mgmt_commands);
293 const u16 num_events = ARRAY_SIZE(mgmt_events);
2e3c35ea 294 __le16 *opcode;
e70bb2e8
JH		 295 size_t rp_size;
296 int i, err;
297
298 BT_DBG("sock %p", sk);
299
300 rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
301
302 rp = kmalloc(rp_size, GFP_KERNEL);
303 if (!rp)
304 return -ENOMEM;
305
eb55ef07
MH		 306 rp->num_commands = __constant_cpu_to_le16(num_commands);
307 rp->num_events = __constant_cpu_to_le16(num_events);
e70bb2e8
JH		 308
309 for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
310 put_unaligned_le16(mgmt_commands[i], opcode);
311
312 for (i = 0; i < num_events; i++, opcode++)
313 put_unaligned_le16(mgmt_events[i], opcode);
314
aee9b218 315 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0, rp,
04124681 316 rp_size);
e70bb2e8
JH		 317 kfree(rp);
318
319 return err;
320}
321
04124681
GP		 322static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
323 u16 data_len)
faba42eb 324{
faba42eb 325 struct mgmt_rp_read_index_list *rp;
8035ded4 326 struct hci_dev *d;
a38528f1 327 size_t rp_len;
faba42eb 328 u16 count;
a38528f1 329 int i, err;
faba42eb
JH		 330
331 BT_DBG("sock %p", sk);
332
333 read_lock(&hci_dev_list_lock);
334
335 count = 0;
bb4b2a9a
AE		 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
faba42eb
JH		 340 count++;
341 }
342
a38528f1
JH		 343 rp_len = sizeof(*rp) + (2 * count);
344 rp = kmalloc(rp_len, GFP_ATOMIC);
345 if (!rp) {
b2c60d42 346 read_unlock(&hci_dev_list_lock);
faba42eb 347 return -ENOMEM;
b2c60d42 348 }
faba42eb 349
eb55ef07 350 rp->num_controllers = cpu_to_le16(count);
faba42eb
JH		 351
352 i = 0;
8035ded4 353 list_for_each_entry(d, &hci_dev_list, list) {
a8b2d5c2 354 if (test_bit(HCI_SETUP, &d->dev_flags))
ab81cbf9
JH		 355 continue;
356
bb4b2a9a
AE		 357 if (!mgmt_valid_hdev(d))
358 continue;
359
eb55ef07 360 rp->index[i++] = cpu_to_le16(d->id);
faba42eb
JH		 361 BT_DBG("Added hci%u", d->id);
362 }
363
364 read_unlock(&hci_dev_list_lock);
365
aee9b218 366 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, 0, rp,
04124681 367 rp_len);
faba42eb 368
a38528f1
JH		 369 kfree(rp);
370
371 return err;
faba42eb
JH		 372}
373
69ab39ea
JH		 374static u32 get_supported_settings(struct hci_dev *hdev)
375{
376 u32 settings = 0;
377
378 settings |= MGMT_SETTING_POWERED;
69ab39ea
JH		 379 settings |= MGMT_SETTING_PAIRABLE;
380
9a1a1996 381 if (lmp_ssp_capable(hdev))
69ab39ea
JH		 382 settings |= MGMT_SETTING_SSP;
383
ed3fa31f 384 if (lmp_bredr_capable(hdev)) {
33c525c0
JH		 385 settings |= MGMT_SETTING_CONNECTABLE;
386 settings |= MGMT_SETTING_FAST_CONNECTABLE;
387 settings |= MGMT_SETTING_DISCOVERABLE;
69ab39ea
JH		 388 settings |= MGMT_SETTING_BREDR;
389 settings |= MGMT_SETTING_LINK_SECURITY;
390 }
391
d7b7e796
MH		 392 if (enable_hs)
393 settings |= MGMT_SETTING_HS;
394
c383ddc4 395 if (lmp_le_capable(hdev))
9d42820f 396 settings |= MGMT_SETTING_LE;
69ab39ea
JH		 397
398 return settings;
399}
400
401static u32 get_current_settings(struct hci_dev *hdev)
402{
403 u32 settings = 0;
404
f1f0eb02 405 if (hdev_is_powered(hdev))
f0d4b78a
MH		 406 settings |= MGMT_SETTING_POWERED;
407
5e5282bb 408 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
69ab39ea
JH		 409 settings |= MGMT_SETTING_CONNECTABLE;
410
5e5282bb 411 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
69ab39ea
JH		 412 settings |= MGMT_SETTING_DISCOVERABLE;
413
a8b2d5c2 414 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
69ab39ea
JH		 415 settings |= MGMT_SETTING_PAIRABLE;
416
ed3fa31f 417 if (lmp_bredr_capable(hdev))
69ab39ea
JH		 418 settings |= MGMT_SETTING_BREDR;
419
06199cf8 420 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 421 settings |= MGMT_SETTING_LE;
422
47990ea0 423 if (test_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
69ab39ea
JH		 424 settings |= MGMT_SETTING_LINK_SECURITY;
425
84bde9d6 426 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
69ab39ea
JH		 427 settings |= MGMT_SETTING_SSP;
428
6d80dfd0
JH		 429 if (test_bit(HCI_HS_ENABLED, &hdev->dev_flags))
430 settings |= MGMT_SETTING_HS;
431
69ab39ea
JH		 432 return settings;
433}
434
ef580372
JH		 435#define PNP_INFO_SVCLASS_ID 0x1200
436
437static u8 bluetooth_base_uuid[] = {
438 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
439 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
440};
441
442static u16 get_uuid16(u8 *uuid128)
443{
444 u32 val;
445 int i;
446
447 for (i = 0; i < 12; i++) {
448 if (bluetooth_base_uuid[i] != uuid128[i])
449 return 0;
450 }
451
3e9fb6d8 452 val = get_unaligned_le32(&uuid128[12]);
ef580372
JH		 453 if (val > 0xffff)
454 return 0;
455
456 return (u16) val;
457}
458
459static void create_eir(struct hci_dev *hdev, u8 *data)
460{
461 u8 *ptr = data;
462 u16 eir_len = 0;
463 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
464 int i, truncated = 0;
465 struct bt_uuid *uuid;
466 size_t name_len;
467
468 name_len = strlen(hdev->dev_name);
469
470 if (name_len > 0) {
471 /* EIR Data type */
472 if (name_len > 48) {
473 name_len = 48;
474 ptr[1] = EIR_NAME_SHORT;
475 } else
476 ptr[1] = EIR_NAME_COMPLETE;
477
478 /* EIR Data length */
479 ptr[0] = name_len + 1;
480
481 memcpy(ptr + 2, hdev->dev_name, name_len);
482
483 eir_len += (name_len + 2);
484 ptr += (name_len + 2);
485 }
486
91c4e9b1
MH		 487 if (hdev->inq_tx_power) {
488 ptr[0] = 2;
489 ptr[1] = EIR_TX_POWER;
490 ptr[2] = (u8) hdev->inq_tx_power;
491
492 eir_len += 3;
493 ptr += 3;
494 }
495
2b9be137
MH		 496 if (hdev->devid_source > 0) {
497 ptr[0] = 9;
498 ptr[1] = EIR_DEVICE_ID;
499
500 put_unaligned_le16(hdev->devid_source, ptr + 2);
501 put_unaligned_le16(hdev->devid_vendor, ptr + 4);
502 put_unaligned_le16(hdev->devid_product, ptr + 6);
503 put_unaligned_le16(hdev->devid_version, ptr + 8);
504
505 eir_len += 10;
506 ptr += 10;
507 }
508
ef580372
JH		 509 memset(uuid16_list, 0, sizeof(uuid16_list));
510
511 /* Group all UUID16 types */
512 list_for_each_entry(uuid, &hdev->uuids, list) {
513 u16 uuid16;
514
515 uuid16 = get_uuid16(uuid->uuid);
516 if (uuid16 == 0)
517 return;
518
519 if (uuid16 < 0x1100)
520 continue;
521
522 if (uuid16 == PNP_INFO_SVCLASS_ID)
523 continue;
524
525 /* Stop if not enough space to put next UUID */
526 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
527 truncated = 1;
528 break;
529 }
530
531 /* Check for duplicates */
532 for (i = 0; uuid16_list[i] != 0; i++)
533 if (uuid16_list[i] == uuid16)
534 break;
535
536 if (uuid16_list[i] == 0) {
537 uuid16_list[i] = uuid16;
538 eir_len += sizeof(u16);
539 }
540 }
541
542 if (uuid16_list[0] != 0) {
543 u8 *length = ptr;
544
545 /* EIR Data type */
546 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
547
548 ptr += 2;
549 eir_len += 2;
550
551 for (i = 0; uuid16_list[i] != 0; i++) {
552 *ptr++ = (uuid16_list[i] & 0x00ff);
553 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
554 }
555
556 /* EIR Data length */
557 *length = (i * sizeof(u16)) + 1;
558 }
559}
560
561static int update_eir(struct hci_dev *hdev)
562{
563 struct hci_cp_write_eir cp;
564
504c8dcd 565 if (!hdev_is_powered(hdev))
7770c4aa
JH		 566 return 0;
567
ef580372
JH		 568 if (!(hdev->features[6] & LMP_EXT_INQ))
569 return 0;
570
84bde9d6 571 if (!test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
ef580372
JH		 572 return 0;
573
a8b2d5c2 574 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 575 return 0;
576
577 memset(&cp, 0, sizeof(cp));
578
579 create_eir(hdev, cp.data);
580
581 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
582 return 0;
583
584 memcpy(hdev->eir, cp.data, sizeof(cp.data));
585
586 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
587}
588
589static u8 get_service_classes(struct hci_dev *hdev)
590{
591 struct bt_uuid *uuid;
592 u8 val = 0;
593
594 list_for_each_entry(uuid, &hdev->uuids, list)
595 val |= uuid->svc_hint;
596
597 return val;
598}
599
600static int update_class(struct hci_dev *hdev)
601{
602 u8 cod[3];
c95f0ba7 603 int err;
ef580372
JH		 604
605 BT_DBG("%s", hdev->name);
606
504c8dcd 607 if (!hdev_is_powered(hdev))
7770c4aa
JH		 608 return 0;
609
a8b2d5c2 610 if (test_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
ef580372
JH		 611 return 0;
612
613 cod[0] = hdev->minor_class;
614 cod[1] = hdev->major_class;
615 cod[2] = get_service_classes(hdev);
616
617 if (memcmp(cod, hdev->dev_class, 3) == 0)
618 return 0;
619
c95f0ba7
JH		 620 err = hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
621 if (err == 0)
622 set_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
623
624 return err;
ef580372
JH		 625}
626
7d78525d
JH		 627static void service_cache_off(struct work_struct *work)
628{
629 struct hci_dev *hdev = container_of(work, struct hci_dev,
04124681 630 service_cache.work);
7d78525d 631
a8b2d5c2 632 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags))
7d78525d
JH		 633 return;
634
635 hci_dev_lock(hdev);
636
637 update_eir(hdev);
638 update_class(hdev);
639
640 hci_dev_unlock(hdev);
641}
642
6a919082 643static void mgmt_init_hdev(struct sock *sk, struct hci_dev *hdev)
7d78525d 644{
4f87da80 645 if (test_and_set_bit(HCI_MGMT, &hdev->dev_flags))
6a919082
JH		 646 return;
647
4f87da80 648 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
7d78525d 649
4f87da80
JH		 650 /* Non-mgmt controlled devices get this bit set
651 * implicitly so that pairing works for them, however
652 * for mgmt we require user-space to explicitly enable
653 * it
654 */
655 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
7d78525d
JH		 656}
657
0f4e68cf 658static int read_controller_info(struct sock *sk, struct hci_dev *hdev,
04124681 659 void *data, u16 data_len)
0381101f 660{
a38528f1 661 struct mgmt_rp_read_info rp;
f7b64e69 662
bdb6d971 663 BT_DBG("sock %p %s", sk, hdev->name);
f7b64e69 664
09fd0de5 665 hci_dev_lock(hdev);
f7b64e69 666
dc4fe30b
JH		 667 memset(&rp, 0, sizeof(rp));
668
69ab39ea 669 bacpy(&rp.bdaddr, &hdev->bdaddr);
f7b64e69 670
69ab39ea 671 rp.version = hdev->hci_ver;
eb55ef07 672 rp.manufacturer = cpu_to_le16(hdev->manufacturer);
69ab39ea
JH		 673
674 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
675 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
f7b64e69 676
a38528f1 677 memcpy(rp.dev_class, hdev->dev_class, 3);
f7b64e69 678
dc4fe30b 679 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
27fcc362 680 memcpy(rp.short_name, hdev->short_name, sizeof(hdev->short_name));
dc4fe30b 681
09fd0de5 682 hci_dev_unlock(hdev);
0381101f 683
bdb6d971 684 return cmd_complete(sk, hdev->id, MGMT_OP_READ_INFO, 0, &rp,
04124681 685 sizeof(rp));
0381101f
JH		 686}
687
eec8d2bc
JH		 688static void mgmt_pending_free(struct pending_cmd *cmd)
689{
690 sock_put(cmd->sk);
c68fb7ff 691 kfree(cmd->param);
eec8d2bc
JH		 692 kfree(cmd);
693}
694
366a0336 695static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
04124681
GP		 696 struct hci_dev *hdev, void *data,
697 u16 len)
eec8d2bc
JH		 698{
699 struct pending_cmd *cmd;
700
12b94565 701 cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
eec8d2bc 702 if (!cmd)
366a0336 703 return NULL;
eec8d2bc
JH		 704
705 cmd->opcode = opcode;
2e58ef3e 706 cmd->index = hdev->id;
eec8d2bc 707
12b94565 708 cmd->param = kmalloc(len, GFP_KERNEL);
c68fb7ff 709 if (!cmd->param) {
eec8d2bc 710 kfree(cmd);
366a0336 711 return NULL;
eec8d2bc
JH		 712 }
713
8fce6357
SJ		 714 if (data)
715 memcpy(cmd->param, data, len);
eec8d2bc
JH		 716
717 cmd->sk = sk;
718 sock_hold(sk);
719
2e58ef3e 720 list_add(&cmd->list, &hdev->mgmt_pending);
eec8d2bc 721
366a0336 722 return cmd;
eec8d2bc
JH		 723}
724
744cf19e 725static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
8fc9ced3
GP		 726 void (*cb)(struct pending_cmd *cmd,
727 void *data),
04124681 728 void *data)
eec8d2bc
JH		 729{
730 struct list_head *p, *n;
731
2e58ef3e 732 list_for_each_safe(p, n, &hdev->mgmt_pending) {
eec8d2bc
JH		 733 struct pending_cmd *cmd;
734
735 cmd = list_entry(p, struct pending_cmd, list);
736
b24752fe 737 if (opcode > 0 && cmd->opcode != opcode)
eec8d2bc
JH		 738 continue;
739
eec8d2bc
JH		 740 cb(cmd, data);
741 }
742}
743
2e58ef3e 744static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
eec8d2bc 745{
8035ded4 746 struct pending_cmd *cmd;
eec8d2bc 747
2e58ef3e 748 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
2aeabcbe
JH		 749 if (cmd->opcode == opcode)
750 return cmd;
eec8d2bc
JH		 751 }
752
753 return NULL;
754}
755
a664b5bc 756static void mgmt_pending_remove(struct pending_cmd *cmd)
73f22f62 757{
73f22f62
JH		 758 list_del(&cmd->list);
759 mgmt_pending_free(cmd);
760}
761
69ab39ea 762static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
8680570b 763{
69ab39ea 764 __le32 settings = cpu_to_le32(get_current_settings(hdev));
8680570b 765
aee9b218 766 return cmd_complete(sk, hdev->id, opcode, 0, &settings,
04124681 767 sizeof(settings));
8680570b
JH		 768}
769
bdb6d971 770static int set_powered(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 771 u16 len)
eec8d2bc 772{
650f726d 773 struct mgmt_mode *cp = data;
366a0336 774 struct pending_cmd *cmd;
4b34ee78 775 int err;
eec8d2bc 776
bdb6d971 777 BT_DBG("request for %s", hdev->name);
eec8d2bc 778
09fd0de5 779 hci_dev_lock(hdev);
eec8d2bc 780
f0d4b78a
MH		 781 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) {
782 cancel_delayed_work(&hdev->power_off);
783
784 if (cp->val) {
785 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
786 mgmt_powered(hdev, 1);
787 goto failed;
788 }
789 }
790
4b34ee78 791 if (!!cp->val == hdev_is_powered(hdev)) {
69ab39ea 792 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
eec8d2bc
JH		 793 goto failed;
794 }
795
2e58ef3e 796 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
bdb6d971 797 err = cmd_status(sk, hdev->id, MGMT_OP_SET_POWERED,
04124681 798 MGMT_STATUS_BUSY);
eec8d2bc
JH		 799 goto failed;
800 }
801
2e58ef3e 802 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
366a0336
JH		 803 if (!cmd) {
804 err = -ENOMEM;
eec8d2bc 805 goto failed;
366a0336 806 }
eec8d2bc 807
72a734ec 808 if (cp->val)
7f971041 809 schedule_work(&hdev->power_on);
eec8d2bc 810 else
80b7ab33 811 schedule_work(&hdev->power_off.work);
eec8d2bc 812
366a0336 813 err = 0;
eec8d2bc
JH		 814
815failed:
09fd0de5 816 hci_dev_unlock(hdev);
366a0336 817 return err;
eec8d2bc
JH		 818}
819
04124681
GP		 820static int mgmt_event(u16 event, struct hci_dev *hdev, void *data, u16 data_len,
821 struct sock *skip_sk)
beadb2bd
JH		 822{
823 struct sk_buff *skb;
824 struct mgmt_hdr *hdr;
825
790eff44 826 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_KERNEL);
beadb2bd
JH		 827 if (!skb)
828 return -ENOMEM;
829
830 hdr = (void *) skb_put(skb, sizeof(*hdr));
831 hdr->opcode = cpu_to_le16(event);
832 if (hdev)
833 hdr->index = cpu_to_le16(hdev->id);
834 else
835 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
836 hdr->len = cpu_to_le16(data_len);
837
838 if (data)
839 memcpy(skb_put(skb, data_len), data, data_len);
840
97e0bdeb
MH		 841 /* Time stamp */
842 __net_timestamp(skb);
843
beadb2bd
JH		 844 hci_send_to_control(skb, skip_sk);
845 kfree_skb(skb);
846
847 return 0;
848}
849
850static int new_settings(struct hci_dev *hdev, struct sock *skip)
851{
852 __le32 ev;
853
854 ev = cpu_to_le32(get_current_settings(hdev));
855
856 return mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), skip);
857}
858
bdb6d971 859static int set_discoverable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 860 u16 len)
73f22f62 861{
650f726d 862 struct mgmt_cp_set_discoverable *cp = data;
366a0336 863 struct pending_cmd *cmd;
5e5282bb 864 u16 timeout;
73f22f62
JH		 865 u8 scan;
866 int err;
867
bdb6d971 868 BT_DBG("request for %s", hdev->name);
73f22f62 869
33c525c0
JH		 870 if (!lmp_bredr_capable(hdev))
871 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
872 MGMT_STATUS_NOT_SUPPORTED);
873
1f350c87 874 timeout = __le16_to_cpu(cp->timeout);
24c54a90 875 if (!cp->val && timeout > 0)
bdb6d971 876 return cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 877 MGMT_STATUS_INVALID_PARAMS);
73f22f62 878
09fd0de5 879 hci_dev_lock(hdev);
73f22f62 880
5e5282bb 881 if (!hdev_is_powered(hdev) && timeout > 0) {
bdb6d971 882 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 883 MGMT_STATUS_NOT_POWERED);
73f22f62
JH		 884 goto failed;
885 }
886
2e58ef3e 887 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 888 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 889 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 890 MGMT_STATUS_BUSY);
73f22f62
JH		 891 goto failed;
892 }
893
5e5282bb 894 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags)) {
bdb6d971 895 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DISCOVERABLE,
04124681 896 MGMT_STATUS_REJECTED);
5e5282bb
JH		 897 goto failed;
898 }
899
900 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 901 bool changed = false;
902
903 if (!!cp->val != test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
904 change_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
905 changed = true;
906 }
907
5e5282bb 908 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
0224d2fa
JH		 909 if (err < 0)
910 goto failed;
911
912 if (changed)
913 err = new_settings(hdev, sk);
914
5e5282bb
JH		 915 goto failed;
916 }
917
918 if (!!cp->val == test_bit(HCI_DISCOVERABLE, &hdev->dev_flags)) {
955638ec
MH		 919 if (hdev->discov_timeout > 0) {
920 cancel_delayed_work(&hdev->discov_off);
921 hdev->discov_timeout = 0;
922 }
923
924 if (cp->val && timeout > 0) {
925 hdev->discov_timeout = timeout;
926 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
927 msecs_to_jiffies(hdev->discov_timeout * 1000));
928 }
929
69ab39ea 930 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
73f22f62
JH		 931 goto failed;
932 }
933
2e58ef3e 934 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
366a0336
JH		 935 if (!cmd) {
936 err = -ENOMEM;
73f22f62 937 goto failed;
366a0336 938 }
73f22f62
JH		 939
940 scan = SCAN_PAGE;
941
72a734ec 942 if (cp->val)
73f22f62 943 scan |= SCAN_INQUIRY;
16ab91ab 944 else
e0f9309f 945 cancel_delayed_work(&hdev->discov_off);
73f22f62
JH		 946
947 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
948 if (err < 0)
a664b5bc 949 mgmt_pending_remove(cmd);
73f22f62 950
16ab91ab 951 if (cp->val)
5e5282bb 952 hdev->discov_timeout = timeout;
16ab91ab 953
73f22f62 954failed:
09fd0de5 955 hci_dev_unlock(hdev);
73f22f62
JH		 956 return err;
957}
958
bdb6d971 959static int set_connectable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 960 u16 len)
9fbcbb45 961{
650f726d 962 struct mgmt_mode *cp = data;
366a0336 963 struct pending_cmd *cmd;
9fbcbb45
JH		 964 u8 scan;
965 int err;
966
bdb6d971 967 BT_DBG("request for %s", hdev->name);
9fbcbb45 968
33c525c0
JH		 969 if (!lmp_bredr_capable(hdev))
970 return cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
971 MGMT_STATUS_NOT_SUPPORTED);
972
09fd0de5 973 hci_dev_lock(hdev);
9fbcbb45 974
4b34ee78 975 if (!hdev_is_powered(hdev)) {
0224d2fa
JH		 976 bool changed = false;
977
978 if (!!cp->val != test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
979 changed = true;
980
6bf0e469 981 if (cp->val) {
5e5282bb 982 set_bit(HCI_CONNECTABLE, &hdev->dev_flags);
6bf0e469 983 } else {
5e5282bb
JH		 984 clear_bit(HCI_CONNECTABLE, &hdev->dev_flags);
985 clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags);
986 }
0224d2fa 987
5e5282bb 988 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
0224d2fa
JH		 989 if (err < 0)
990 goto failed;
991
992 if (changed)
993 err = new_settings(hdev, sk);
994
9fbcbb45
JH		 995 goto failed;
996 }
997
2e58ef3e 998 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
8ce8e2b5 999 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
bdb6d971 1000 err = cmd_status(sk, hdev->id, MGMT_OP_SET_CONNECTABLE,
04124681 1001 MGMT_STATUS_BUSY);
9fbcbb45
JH		 1002 goto failed;
1003 }
1004
5e5282bb 1005 if (!!cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
69ab39ea 1006 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
9fbcbb45
JH		 1007 goto failed;
1008 }
1009
2e58ef3e 1010 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
366a0336
JH		 1011 if (!cmd) {
1012 err = -ENOMEM;
9fbcbb45 1013 goto failed;
366a0336 1014 }
9fbcbb45 1015
6bf0e469 1016 if (cp->val) {
9fbcbb45 1017 scan = SCAN_PAGE;
6bf0e469 1018 } else {
9fbcbb45
JH		 1019 scan = 0;
1020
df2c6c5e 1021 if (test_bit(HCI_ISCAN, &hdev->flags) &&
8ce8e2b5 1022 hdev->discov_timeout > 0)
df2c6c5e
JH		 1023 cancel_delayed_work(&hdev->discov_off);
1024 }
1025
9fbcbb45
JH		 1026 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
1027 if (err < 0)
a664b5bc 1028 mgmt_pending_remove(cmd);
9fbcbb45
JH		 1029
1030failed:
09fd0de5 1031 hci_dev_unlock(hdev);
9fbcbb45
JH		 1032 return err;
1033}
1034
bdb6d971 1035static int set_pairable(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1036 u16 len)
c542a06c 1037{
650f726d 1038 struct mgmt_mode *cp = data;
c542a06c
JH		 1039 int err;
1040
bdb6d971 1041 BT_DBG("request for %s", hdev->name);
c542a06c 1042
09fd0de5 1043 hci_dev_lock(hdev);
c542a06c
JH		 1044
1045 if (cp->val)
a8b2d5c2 1046 set_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1047 else
a8b2d5c2 1048 clear_bit(HCI_PAIRABLE, &hdev->dev_flags);
c542a06c 1049
69ab39ea 1050 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
c542a06c
JH		 1051 if (err < 0)
1052 goto failed;
1053
beadb2bd 1054 err = new_settings(hdev, sk);
c542a06c
JH		 1055
1056failed:
09fd0de5 1057 hci_dev_unlock(hdev);
c542a06c
JH		 1058 return err;
1059}
1060
04124681
GP		 1061static int set_link_security(struct sock *sk, struct hci_dev *hdev, void *data,
1062 u16 len)
33ef95ed
JH		 1063{
1064 struct mgmt_mode *cp = data;
1065 struct pending_cmd *cmd;
816a11d5 1066 u8 val;
33ef95ed
JH		 1067 int err;
1068
bdb6d971 1069 BT_DBG("request for %s", hdev->name);
33ef95ed 1070
33c525c0
JH		 1071 if (!lmp_bredr_capable(hdev))
1072 return cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
1073 MGMT_STATUS_NOT_SUPPORTED);
1074
33ef95ed
JH		 1075 hci_dev_lock(hdev);
1076
4b34ee78 1077 if (!hdev_is_powered(hdev)) {
47990ea0
JH		 1078 bool changed = false;
1079
1080 if (!!cp->val != test_bit(HCI_LINK_SECURITY,
8ce8e2b5 1081 &hdev->dev_flags)) {
47990ea0
JH		 1082 change_bit(HCI_LINK_SECURITY, &hdev->dev_flags);
1083 changed = true;
1084 }
1085
1086 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1087 if (err < 0)
1088 goto failed;
1089
1090 if (changed)
1091 err = new_settings(hdev, sk);
1092
33ef95ed
JH		 1093 goto failed;
1094 }
1095
1096 if (mgmt_pending_find(MGMT_OP_SET_LINK_SECURITY, hdev)) {
bdb6d971 1097 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LINK_SECURITY,
04124681 1098 MGMT_STATUS_BUSY);
33ef95ed
JH		 1099 goto failed;
1100 }
1101
1102 val = !!cp->val;
1103
1104 if (test_bit(HCI_AUTH, &hdev->flags) == val) {
1105 err = send_settings_rsp(sk, MGMT_OP_SET_LINK_SECURITY, hdev);
1106 goto failed;
1107 }
1108
1109 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LINK_SECURITY, hdev, data, len);
1110 if (!cmd) {
1111 err = -ENOMEM;
1112 goto failed;
1113 }
1114
1115 err = hci_send_cmd(hdev, HCI_OP_WRITE_AUTH_ENABLE, sizeof(val), &val);
1116 if (err < 0) {
1117 mgmt_pending_remove(cmd);
1118 goto failed;
1119 }
1120
1121failed:
1122 hci_dev_unlock(hdev);
33ef95ed
JH		 1123 return err;
1124}
1125
bdb6d971 1126static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
ed2c4ee3
JH		 1127{
1128 struct mgmt_mode *cp = data;
1129 struct pending_cmd *cmd;
816a11d5 1130 u8 val;
ed2c4ee3
JH		 1131 int err;
1132
bdb6d971 1133 BT_DBG("request for %s", hdev->name);
ed2c4ee3 1134
ed2c4ee3
JH		 1135 hci_dev_lock(hdev);
1136
9a1a1996 1137 if (!lmp_ssp_capable(hdev)) {
bdb6d971 1138 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
04124681 1139 MGMT_STATUS_NOT_SUPPORTED);
6c8f12c1
JH		 1140 goto failed;
1141 }
1142
c0ecddc2
JH		 1143 val = !!cp->val;
1144
4b34ee78 1145 if (!hdev_is_powered(hdev)) {
c0ecddc2
JH		 1146 bool changed = false;
1147
1148 if (val != test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
1149 change_bit(HCI_SSP_ENABLED, &hdev->dev_flags);
1150 changed = true;
1151 }
1152
1153 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1154 if (err < 0)
1155 goto failed;
1156
1157 if (changed)
1158 err = new_settings(hdev, sk);
1159
ed2c4ee3
JH		 1160 goto failed;
1161 }
1162
1163 if (mgmt_pending_find(MGMT_OP_SET_SSP, hdev)) {
d97dcb66
SJ		 1164 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1165 MGMT_STATUS_BUSY);
ed2c4ee3
JH		 1166 goto failed;
1167 }
1168
ed2c4ee3
JH		 1169 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags) == val) {
1170 err = send_settings_rsp(sk, MGMT_OP_SET_SSP, hdev);
1171 goto failed;
1172 }
1173
1174 cmd = mgmt_pending_add(sk, MGMT_OP_SET_SSP, hdev, data, len);
1175 if (!cmd) {
1176 err = -ENOMEM;
1177 goto failed;
1178 }
1179
1180 err = hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(val), &val);
1181 if (err < 0) {
1182 mgmt_pending_remove(cmd);
1183 goto failed;
1184 }
1185
1186failed:
1187 hci_dev_unlock(hdev);
ed2c4ee3
JH		 1188 return err;
1189}
1190
bdb6d971 1191static int set_hs(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
6d80dfd0
JH		 1192{
1193 struct mgmt_mode *cp = data;
6d80dfd0 1194
bdb6d971 1195 BT_DBG("request for %s", hdev->name);
6d80dfd0 1196
bdb6d971
JH		 1197 if (!enable_hs)
1198 return cmd_status(sk, hdev->id, MGMT_OP_SET_HS,
04124681 1199 MGMT_STATUS_NOT_SUPPORTED);
6d80dfd0
JH		 1200
1201 if (cp->val)
1202 set_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1203 else
1204 clear_bit(HCI_HS_ENABLED, &hdev->dev_flags);
1205
bdb6d971 1206 return send_settings_rsp(sk, MGMT_OP_SET_HS, hdev);
6d80dfd0
JH		 1207}
1208
bdb6d971 1209static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
06199cf8
JH		 1210{
1211 struct mgmt_mode *cp = data;
1212 struct hci_cp_write_le_host_supported hci_cp;
1213 struct pending_cmd *cmd;
06199cf8 1214 int err;
0b60eba1 1215 u8 val, enabled;
06199cf8 1216
bdb6d971 1217 BT_DBG("request for %s", hdev->name);
06199cf8 1218
1de028ce
JH		 1219 hci_dev_lock(hdev);
1220
c383ddc4 1221 if (!lmp_le_capable(hdev)) {
bdb6d971 1222 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1223 MGMT_STATUS_NOT_SUPPORTED);
1de028ce 1224 goto unlock;
06199cf8
JH		 1225 }
1226
1227 val = !!cp->val;
0b60eba1 1228 enabled = !!(hdev->host_features[0] & LMP_HOST_LE);
06199cf8 1229
0b60eba1 1230 if (!hdev_is_powered(hdev) || val == enabled) {
06199cf8
JH		 1231 bool changed = false;
1232
1233 if (val != test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
1234 change_bit(HCI_LE_ENABLED, &hdev->dev_flags);
1235 changed = true;
1236 }
1237
1238 err = send_settings_rsp(sk, MGMT_OP_SET_LE, hdev);
1239 if (err < 0)
1de028ce 1240 goto unlock;
06199cf8
JH		 1241
1242 if (changed)
1243 err = new_settings(hdev, sk);
1244
1de028ce 1245 goto unlock;
06199cf8
JH		 1246 }
1247
1248 if (mgmt_pending_find(MGMT_OP_SET_LE, hdev)) {
bdb6d971 1249 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
04124681 1250 MGMT_STATUS_BUSY);
1de028ce 1251 goto unlock;
06199cf8
JH		 1252 }
1253
1254 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LE, hdev, data, len);
1255 if (!cmd) {
1256 err = -ENOMEM;
1de028ce 1257 goto unlock;
06199cf8
JH		 1258 }
1259
1260 memset(&hci_cp, 0, sizeof(hci_cp));
1261
1262 if (val) {
1263 hci_cp.le = val;
1264 hci_cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
1265 }
1266
04124681
GP		 1267 err = hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(hci_cp),
1268 &hci_cp);
0c01bc48 1269 if (err < 0)
06199cf8 1270 mgmt_pending_remove(cmd);
06199cf8 1271
1de028ce
JH		 1272unlock:
1273 hci_dev_unlock(hdev);
06199cf8
JH		 1274 return err;
1275}
1276
bdb6d971 1277static int add_uuid(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
2aeb9a1a 1278{
650f726d 1279 struct mgmt_cp_add_uuid *cp = data;
90e70454 1280 struct pending_cmd *cmd;
2aeb9a1a 1281 struct bt_uuid *uuid;
2aeb9a1a
JH		 1282 int err;
1283
bdb6d971 1284 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1285
09fd0de5 1286 hci_dev_lock(hdev);
2aeb9a1a 1287
c95f0ba7 1288 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1289 err = cmd_status(sk, hdev->id, MGMT_OP_ADD_UUID,
04124681 1290 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1291 goto failed;
1292 }
1293
92c4c204 1294 uuid = kmalloc(sizeof(*uuid), GFP_KERNEL);
2aeb9a1a
JH		 1295 if (!uuid) {
1296 err = -ENOMEM;
1297 goto failed;
1298 }
1299
1300 memcpy(uuid->uuid, cp->uuid, 16);
1aff6f09 1301 uuid->svc_hint = cp->svc_hint;
2aeb9a1a
JH		 1302
1303 list_add(&uuid->list, &hdev->uuids);
1304
1aff6f09
JH		 1305 err = update_class(hdev);
1306 if (err < 0)
1307 goto failed;
1308
80a1e1db
JH		 1309 err = update_eir(hdev);
1310 if (err < 0)
1311 goto failed;
1312
90e70454 1313 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1314 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_UUID, 0,
04124681 1315 hdev->dev_class, 3);
90e70454
JH		 1316 goto failed;
1317 }
1318
1319 cmd = mgmt_pending_add(sk, MGMT_OP_ADD_UUID, hdev, data, len);
0c01bc48 1320 if (!cmd)
90e70454 1321 err = -ENOMEM;
2aeb9a1a
JH		 1322
1323failed:
09fd0de5 1324 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1325 return err;
1326}
1327
24b78d0f
JH		 1328static bool enable_service_cache(struct hci_dev *hdev)
1329{
1330 if (!hdev_is_powered(hdev))
1331 return false;
1332
1333 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
17b02e62 1334 schedule_delayed_work(&hdev->service_cache, CACHE_TIMEOUT);
24b78d0f
JH		 1335 return true;
1336 }
1337
1338 return false;
1339}
1340
bdb6d971 1341static int remove_uuid(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1342 u16 len)
2aeb9a1a 1343{
650f726d 1344 struct mgmt_cp_remove_uuid *cp = data;
90e70454 1345 struct pending_cmd *cmd;
2aeb9a1a 1346 struct list_head *p, *n;
2aeb9a1a 1347 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
2aeb9a1a
JH		 1348 int err, found;
1349
bdb6d971 1350 BT_DBG("request for %s", hdev->name);
2aeb9a1a 1351
09fd0de5 1352 hci_dev_lock(hdev);
2aeb9a1a 1353
c95f0ba7 1354 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1355 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1356 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1357 goto unlock;
1358 }
1359
2aeb9a1a
JH		 1360 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
1361 err = hci_uuids_clear(hdev);
4004b6d9 1362
24b78d0f 1363 if (enable_service_cache(hdev)) {
bdb6d971 1364 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1365 0, hdev->dev_class, 3);
24b78d0f
JH		 1366 goto unlock;
1367 }
4004b6d9 1368
9246a869 1369 goto update_class;
2aeb9a1a
JH		 1370 }
1371
1372 found = 0;
1373
1374 list_for_each_safe(p, n, &hdev->uuids) {
1375 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
1376
1377 if (memcmp(match->uuid, cp->uuid, 16) != 0)
1378 continue;
1379
1380 list_del(&match->list);
1381 found++;
1382 }
1383
1384 if (found == 0) {
bdb6d971 1385 err = cmd_status(sk, hdev->id, MGMT_OP_REMOVE_UUID,
04124681 1386 MGMT_STATUS_INVALID_PARAMS);
2aeb9a1a
JH		 1387 goto unlock;
1388 }
1389
9246a869 1390update_class:
1aff6f09
JH		 1391 err = update_class(hdev);
1392 if (err < 0)
1393 goto unlock;
1394
80a1e1db
JH		 1395 err = update_eir(hdev);
1396 if (err < 0)
1397 goto unlock;
1398
90e70454 1399 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1400 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_UUID, 0,
04124681 1401 hdev->dev_class, 3);
90e70454
JH		 1402 goto unlock;
1403 }
1404
1405 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_UUID, hdev, data, len);
0c01bc48 1406 if (!cmd)
90e70454 1407 err = -ENOMEM;
2aeb9a1a
JH		 1408
1409unlock:
09fd0de5 1410 hci_dev_unlock(hdev);
2aeb9a1a
JH		 1411 return err;
1412}
1413
bdb6d971 1414static int set_dev_class(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1415 u16 len)
1aff6f09 1416{
650f726d 1417 struct mgmt_cp_set_dev_class *cp = data;
90e70454 1418 struct pending_cmd *cmd;
1aff6f09
JH		 1419 int err;
1420
bdb6d971 1421 BT_DBG("request for %s", hdev->name);
1aff6f09 1422
09fd0de5 1423 hci_dev_lock(hdev);
1aff6f09 1424
c95f0ba7 1425 if (test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1426 err = cmd_status(sk, hdev->id, MGMT_OP_SET_DEV_CLASS,
04124681 1427 MGMT_STATUS_BUSY);
c95f0ba7
JH		 1428 goto unlock;
1429 }
1430
932f5ff5
JH		 1431 hdev->major_class = cp->major;
1432 hdev->minor_class = cp->minor;
1433
b5235a65 1434 if (!hdev_is_powered(hdev)) {
bdb6d971 1435 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1436 hdev->dev_class, 3);
b5235a65
JH		 1437 goto unlock;
1438 }
1439
a8b2d5c2 1440 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->dev_flags)) {
7d78525d
JH		 1441 hci_dev_unlock(hdev);
1442 cancel_delayed_work_sync(&hdev->service_cache);
1443 hci_dev_lock(hdev);
14c0b608 1444 update_eir(hdev);
7d78525d 1445 }
14c0b608 1446
1aff6f09 1447 err = update_class(hdev);
90e70454
JH		 1448 if (err < 0)
1449 goto unlock;
1aff6f09 1450
90e70454 1451 if (!test_bit(HCI_PENDING_CLASS, &hdev->dev_flags)) {
bdb6d971 1452 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEV_CLASS, 0,
04124681 1453 hdev->dev_class, 3);
90e70454
JH		 1454 goto unlock;
1455 }
1456
1457 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DEV_CLASS, hdev, data, len);
0c01bc48 1458 if (!cmd)
90e70454 1459 err = -ENOMEM;
1aff6f09 1460
b5235a65 1461unlock:
09fd0de5 1462 hci_dev_unlock(hdev);
1aff6f09
JH		 1463 return err;
1464}
1465
bdb6d971 1466static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
8ce8e2b5 1467 u16 len)
55ed8ca1 1468{
650f726d 1469 struct mgmt_cp_load_link_keys *cp = data;
4e51eae9 1470 u16 key_count, expected_len;
a492cd52 1471 int i;
55ed8ca1 1472
1f350c87 1473 key_count = __le16_to_cpu(cp->key_count);
55ed8ca1 1474
86742e1e
JH		 1475 expected_len = sizeof(*cp) + key_count *
1476 sizeof(struct mgmt_link_key_info);
a492cd52 1477 if (expected_len != len) {
86742e1e 1478 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
8ce8e2b5 1479 len, expected_len);
bdb6d971 1480 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS,
04124681 1481 MGMT_STATUS_INVALID_PARAMS);
55ed8ca1
JH		 1482 }
1483
bdb6d971 1484 BT_DBG("%s debug_keys %u key_count %u", hdev->name, cp->debug_keys,
8ce8e2b5 1485 key_count);
55ed8ca1 1486
09fd0de5 1487 hci_dev_lock(hdev);
55ed8ca1
JH		 1488
1489 hci_link_keys_clear(hdev);
1490
a8b2d5c2 1491 set_bit(HCI_LINK_KEYS, &hdev->dev_flags);
55ed8ca1
JH		 1492
1493 if (cp->debug_keys)
a8b2d5c2 1494 set_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1495 else
a8b2d5c2 1496 clear_bit(HCI_DEBUG_KEYS, &hdev->dev_flags);
55ed8ca1 1497
a492cd52 1498 for (i = 0; i < key_count; i++) {
86742e1e 1499 struct mgmt_link_key_info *key = &cp->keys[i];
55ed8ca1 1500
d753fdc4 1501 hci_add_link_key(hdev, NULL, 0, &key->addr.bdaddr, key->val,
04124681 1502 key->type, key->pin_len);
55ed8ca1
JH		 1503 }
1504
bdb6d971 1505 cmd_complete(sk, hdev->id, MGMT_OP_LOAD_LINK_KEYS, 0, NULL, 0);
0e5f875a 1506
09fd0de5 1507 hci_dev_unlock(hdev);
55ed8ca1 1508
a492cd52 1509 return 0;
55ed8ca1
JH		 1510}
1511
b1078ad0 1512static int device_unpaired(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 1513 u8 addr_type, struct sock *skip_sk)
b1078ad0
JH		 1514{
1515 struct mgmt_ev_device_unpaired ev;
1516
1517 bacpy(&ev.addr.bdaddr, bdaddr);
1518 ev.addr.type = addr_type;
1519
1520 return mgmt_event(MGMT_EV_DEVICE_UNPAIRED, hdev, &ev, sizeof(ev),
04124681 1521 skip_sk);
b1078ad0
JH		 1522}
1523
bdb6d971 1524static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1525 u16 len)
55ed8ca1 1526{
124f6e35
JH		 1527 struct mgmt_cp_unpair_device *cp = data;
1528 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 1529 struct hci_cp_disconnect dc;
1530 struct pending_cmd *cmd;
55ed8ca1 1531 struct hci_conn *conn;
55ed8ca1
JH		 1532 int err;
1533
09fd0de5 1534 hci_dev_lock(hdev);
55ed8ca1 1535
a8a1d19e 1536 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 1537 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1538 rp.addr.type = cp->addr.type;
a8a1d19e 1539
86a8cfc6 1540 if (!hdev_is_powered(hdev)) {
bdb6d971 1541 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1542 MGMT_STATUS_NOT_POWERED, &rp, sizeof(rp));
86a8cfc6
JH		 1543 goto unlock;
1544 }
1545
591f47f3 1546 if (cp->addr.type == BDADDR_BREDR)
124f6e35
JH		 1547 err = hci_remove_link_key(hdev, &cp->addr.bdaddr);
1548 else
1549 err = hci_remove_ltk(hdev, &cp->addr.bdaddr);
b0dbfb46 1550
55ed8ca1 1551 if (err < 0) {
bdb6d971 1552 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE,
04124681 1553 MGMT_STATUS_NOT_PAIRED, &rp, sizeof(rp));
55ed8ca1
JH		 1554 goto unlock;
1555 }
1556
86a8cfc6 1557 if (cp->disconnect) {
591f47f3 1558 if (cp->addr.type == BDADDR_BREDR)
86a8cfc6 1559 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
8ce8e2b5 1560 &cp->addr.bdaddr);
86a8cfc6
JH		 1561 else
1562 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK,
8ce8e2b5 1563 &cp->addr.bdaddr);
86a8cfc6
JH		 1564 } else {
1565 conn = NULL;
1566 }
124f6e35 1567
a8a1d19e 1568 if (!conn) {
bdb6d971 1569 err = cmd_complete(sk, hdev->id, MGMT_OP_UNPAIR_DEVICE, 0,
04124681 1570 &rp, sizeof(rp));
b1078ad0 1571 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, sk);
a8a1d19e
JH		 1572 goto unlock;
1573 }
55ed8ca1 1574
124f6e35 1575 cmd = mgmt_pending_add(sk, MGMT_OP_UNPAIR_DEVICE, hdev, cp,
04124681 1576 sizeof(*cp));
a8a1d19e
JH		 1577 if (!cmd) {
1578 err = -ENOMEM;
1579 goto unlock;
55ed8ca1
JH		 1580 }
1581
eb55ef07 1582 dc.handle = cpu_to_le16(conn->handle);
a8a1d19e
JH		 1583 dc.reason = 0x13; /* Remote User Terminated Connection */
1584 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1585 if (err < 0)
1586 mgmt_pending_remove(cmd);
1587
55ed8ca1 1588unlock:
09fd0de5 1589 hci_dev_unlock(hdev);
55ed8ca1
JH		 1590 return err;
1591}
1592
bdb6d971 1593static int disconnect(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1594 u16 len)
8962ee74 1595{
650f726d 1596 struct mgmt_cp_disconnect *cp = data;
8962ee74 1597 struct hci_cp_disconnect dc;
366a0336 1598 struct pending_cmd *cmd;
8962ee74 1599 struct hci_conn *conn;
8962ee74
JH		 1600 int err;
1601
1602 BT_DBG("");
1603
09fd0de5 1604 hci_dev_lock(hdev);
8962ee74
JH		 1605
1606 if (!test_bit(HCI_UP, &hdev->flags)) {
bdb6d971 1607 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1608 MGMT_STATUS_NOT_POWERED);
8962ee74
JH		 1609 goto failed;
1610 }
1611
2e58ef3e 1612 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
bdb6d971 1613 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1614 MGMT_STATUS_BUSY);
8962ee74
JH		 1615 goto failed;
1616 }
1617
591f47f3 1618 if (cp->addr.type == BDADDR_BREDR)
8fc9ced3
GP		 1619 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK,
1620 &cp->addr.bdaddr);
88c3df13
JH		 1621 else
1622 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->addr.bdaddr);
365227e5 1623
f960727e 1624 if (!conn || conn->state == BT_OPEN || conn->state == BT_CLOSED) {
bdb6d971 1625 err = cmd_status(sk, hdev->id, MGMT_OP_DISCONNECT,
04124681 1626 MGMT_STATUS_NOT_CONNECTED);
8962ee74
JH		 1627 goto failed;
1628 }
1629
2e58ef3e 1630 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
366a0336
JH		 1631 if (!cmd) {
1632 err = -ENOMEM;
8962ee74 1633 goto failed;
366a0336 1634 }
8962ee74 1635
eb55ef07 1636 dc.handle = cpu_to_le16(conn->handle);
3701f944 1637 dc.reason = HCI_ERROR_REMOTE_USER_TERM;
8962ee74
JH		 1638
1639 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1640 if (err < 0)
a664b5bc 1641 mgmt_pending_remove(cmd);
8962ee74
JH		 1642
1643failed:
09fd0de5 1644 hci_dev_unlock(hdev);
8962ee74
JH		 1645 return err;
1646}
1647
57c1477c 1648static u8 link_to_bdaddr(u8 link_type, u8 addr_type)
4c659c39
JH		 1649{
1650 switch (link_type) {
1651 case LE_LINK:
48264f06
JH		 1652 switch (addr_type) {
1653 case ADDR_LE_DEV_PUBLIC:
591f47f3 1654 return BDADDR_LE_PUBLIC;
0ed09148 1655
48264f06 1656 default:
0ed09148 1657 /* Fallback to LE Random address type */
591f47f3 1658 return BDADDR_LE_RANDOM;
48264f06 1659 }
0ed09148 1660
4c659c39 1661 default:
0ed09148 1662 /* Fallback to BR/EDR type */
591f47f3 1663 return BDADDR_BREDR;
4c659c39
JH		 1664 }
1665}
1666
04124681
GP		 1667static int get_connections(struct sock *sk, struct hci_dev *hdev, void *data,
1668 u16 data_len)
2784eb41 1669{
2784eb41 1670 struct mgmt_rp_get_connections *rp;
8035ded4 1671 struct hci_conn *c;
a38528f1 1672 size_t rp_len;
60fc5fb6
JH		 1673 int err;
1674 u16 i;
2784eb41
JH		 1675
1676 BT_DBG("");
1677
09fd0de5 1678 hci_dev_lock(hdev);
2784eb41 1679
5f97c1df 1680 if (!hdev_is_powered(hdev)) {
bdb6d971 1681 err = cmd_status(sk, hdev->id, MGMT_OP_GET_CONNECTIONS,
04124681 1682 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1683 goto unlock;
1684 }
1685
60fc5fb6 1686 i = 0;
b644ba33
JH		 1687 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1688 if (test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
60fc5fb6 1689 i++;
2784eb41
JH		 1690 }
1691
60fc5fb6 1692 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
92c4c204 1693 rp = kmalloc(rp_len, GFP_KERNEL);
a38528f1 1694 if (!rp) {
2784eb41
JH		 1695 err = -ENOMEM;
1696 goto unlock;
1697 }
1698
2784eb41 1699 i = 0;
4c659c39 1700 list_for_each_entry(c, &hdev->conn_hash.list, list) {
b644ba33
JH		 1701 if (!test_bit(HCI_CONN_MGMT_CONNECTED, &c->flags))
1702 continue;
4c659c39 1703 bacpy(&rp->addr[i].bdaddr, &c->dst);
57c1477c 1704 rp->addr[i].type = link_to_bdaddr(c->type, c->dst_type);
0ed09148 1705 if (c->type == SCO_LINK || c->type == ESCO_LINK)
4c659c39
JH		 1706 continue;
1707 i++;
1708 }
1709
eb55ef07 1710 rp->conn_count = cpu_to_le16(i);
60fc5fb6 1711
4c659c39
JH		 1712 /* Recalculate length in case of filtered SCO connections, etc */
1713 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
2784eb41 1714
bdb6d971 1715 err = cmd_complete(sk, hdev->id, MGMT_OP_GET_CONNECTIONS, 0, rp,
04124681 1716 rp_len);
2784eb41 1717
a38528f1 1718 kfree(rp);
5f97c1df
JH		 1719
1720unlock:
09fd0de5 1721 hci_dev_unlock(hdev);
2784eb41
JH		 1722 return err;
1723}
1724
bdb6d971 1725static int send_pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 1726 struct mgmt_cp_pin_code_neg_reply *cp)
96d97a67
WR		 1727{
1728 struct pending_cmd *cmd;
1729 int err;
1730
2e58ef3e 1731 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
04124681 1732 sizeof(*cp));
96d97a67
WR		 1733 if (!cmd)
1734 return -ENOMEM;
1735
d8457698 1736 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
04124681 1737 sizeof(cp->addr.bdaddr), &cp->addr.bdaddr);
96d97a67
WR		 1738 if (err < 0)
1739 mgmt_pending_remove(cmd);
1740
1741 return err;
1742}
1743
bdb6d971 1744static int pin_code_reply(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1745 u16 len)
980e1a53 1746{
96d97a67 1747 struct hci_conn *conn;
650f726d 1748 struct mgmt_cp_pin_code_reply *cp = data;
980e1a53 1749 struct hci_cp_pin_code_reply reply;
366a0336 1750 struct pending_cmd *cmd;
980e1a53
JH		 1751 int err;
1752
1753 BT_DBG("");
1754
09fd0de5 1755 hci_dev_lock(hdev);
980e1a53 1756
4b34ee78 1757 if (!hdev_is_powered(hdev)) {
bdb6d971 1758 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1759 MGMT_STATUS_NOT_POWERED);
980e1a53
JH		 1760 goto failed;
1761 }
1762
d8457698 1763 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->addr.bdaddr);
96d97a67 1764 if (!conn) {
bdb6d971 1765 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1766 MGMT_STATUS_NOT_CONNECTED);
96d97a67
WR		 1767 goto failed;
1768 }
1769
1770 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
d8457698
JH		 1771 struct mgmt_cp_pin_code_neg_reply ncp;
1772
1773 memcpy(&ncp.addr, &cp->addr, sizeof(ncp.addr));
96d97a67
WR		 1774
1775 BT_ERR("PIN code is not 16 bytes long");
1776
bdb6d971 1777 err = send_pin_code_neg_reply(sk, hdev, &ncp);
96d97a67 1778 if (err >= 0)
bdb6d971 1779 err = cmd_status(sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 1780 MGMT_STATUS_INVALID_PARAMS);
96d97a67
WR		 1781
1782 goto failed;
1783 }
1784
00abfe44 1785 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
366a0336
JH		 1786 if (!cmd) {
1787 err = -ENOMEM;
980e1a53 1788 goto failed;
366a0336 1789 }
980e1a53 1790
d8457698 1791 bacpy(&reply.bdaddr, &cp->addr.bdaddr);
980e1a53 1792 reply.pin_len = cp->pin_len;
24718ca5 1793 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
980e1a53
JH		 1794
1795 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1796 if (err < 0)
a664b5bc 1797 mgmt_pending_remove(cmd);
980e1a53
JH		 1798
1799failed:
09fd0de5 1800 hci_dev_unlock(hdev);
980e1a53
JH		 1801 return err;
1802}
1803
04124681
GP		 1804static int set_io_capability(struct sock *sk, struct hci_dev *hdev, void *data,
1805 u16 len)
17fa4b9d 1806{
650f726d 1807 struct mgmt_cp_set_io_capability *cp = data;
17fa4b9d
JH		 1808
1809 BT_DBG("");
1810
09fd0de5 1811 hci_dev_lock(hdev);
17fa4b9d
JH		 1812
1813 hdev->io_capability = cp->io_capability;
1814
1815 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
8ce8e2b5 1816 hdev->io_capability);
17fa4b9d 1817
09fd0de5 1818 hci_dev_unlock(hdev);
17fa4b9d 1819
04124681
GP		 1820 return cmd_complete(sk, hdev->id, MGMT_OP_SET_IO_CAPABILITY, 0, NULL,
1821 0);
17fa4b9d
JH		 1822}
1823
6039aa73 1824static struct pending_cmd *find_pairing(struct hci_conn *conn)
e9a416b5
JH		 1825{
1826 struct hci_dev *hdev = conn->hdev;
8035ded4 1827 struct pending_cmd *cmd;
e9a416b5 1828
2e58ef3e 1829 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
e9a416b5
JH		 1830 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1831 continue;
1832
e9a416b5
JH		 1833 if (cmd->user_data != conn)
1834 continue;
1835
1836 return cmd;
1837 }
1838
1839 return NULL;
1840}
1841
1842static void pairing_complete(struct pending_cmd *cmd, u8 status)
1843{
1844 struct mgmt_rp_pair_device rp;
1845 struct hci_conn *conn = cmd->user_data;
1846
ba4e564f 1847 bacpy(&rp.addr.bdaddr, &conn->dst);
57c1477c 1848 rp.addr.type = link_to_bdaddr(conn->type, conn->dst_type);
e9a416b5 1849
aee9b218 1850 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, status,
04124681 1851 &rp, sizeof(rp));
e9a416b5
JH		 1852
1853 /* So we don't get further callbacks for this connection */
1854 conn->connect_cfm_cb = NULL;
1855 conn->security_cfm_cb = NULL;
1856 conn->disconn_cfm_cb = NULL;
1857
1858 hci_conn_put(conn);
1859
a664b5bc 1860 mgmt_pending_remove(cmd);
e9a416b5
JH		 1861}
1862
1863static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1864{
1865 struct pending_cmd *cmd;
1866
1867 BT_DBG("status %u", status);
1868
1869 cmd = find_pairing(conn);
56e5cb86 1870 if (!cmd)
e9a416b5 1871 BT_DBG("Unable to find a pending command");
56e5cb86 1872 else
e211326c 1873 pairing_complete(cmd, mgmt_status(status));
e9a416b5
JH		 1874}
1875
4c47d739
VA		 1876static void le_connect_complete_cb(struct hci_conn *conn, u8 status)
1877{
1878 struct pending_cmd *cmd;
1879
1880 BT_DBG("status %u", status);
1881
1882 if (!status)
1883 return;
1884
1885 cmd = find_pairing(conn);
1886 if (!cmd)
1887 BT_DBG("Unable to find a pending command");
1888 else
1889 pairing_complete(cmd, mgmt_status(status));
1890}
1891
bdb6d971 1892static int pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 1893 u16 len)
e9a416b5 1894{
650f726d 1895 struct mgmt_cp_pair_device *cp = data;
1425acb7 1896 struct mgmt_rp_pair_device rp;
e9a416b5
JH		 1897 struct pending_cmd *cmd;
1898 u8 sec_level, auth_type;
1899 struct hci_conn *conn;
e9a416b5
JH		 1900 int err;
1901
1902 BT_DBG("");
1903
09fd0de5 1904 hci_dev_lock(hdev);
e9a416b5 1905
5f97c1df 1906 if (!hdev_is_powered(hdev)) {
bdb6d971 1907 err = cmd_status(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1908 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1909 goto unlock;
1910 }
1911
c908df36
VCG		 1912 sec_level = BT_SECURITY_MEDIUM;
1913 if (cp->io_cap == 0x03)
e9a416b5 1914 auth_type = HCI_AT_DEDICATED_BONDING;
c908df36 1915 else
e9a416b5 1916 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
e9a416b5 1917
591f47f3 1918 if (cp->addr.type == BDADDR_BREDR)
b12f62cf
AG		 1919 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr,
1920 cp->addr.type, sec_level, auth_type);
7a512d01 1921 else
b12f62cf
AG		 1922 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr,
1923 cp->addr.type, sec_level, auth_type);
7a512d01 1924
1425acb7
JH		 1925 memset(&rp, 0, sizeof(rp));
1926 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1927 rp.addr.type = cp->addr.type;
1928
30e76272 1929 if (IS_ERR(conn)) {
489dc48e
AK		 1930 int status;
1931
1932 if (PTR_ERR(conn) == -EBUSY)
1933 status = MGMT_STATUS_BUSY;
1934 else
1935 status = MGMT_STATUS_CONNECT_FAILED;
1936
bdb6d971 1937 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
489dc48e 1938 status, &rp,
04124681 1939 sizeof(rp));
e9a416b5
JH		 1940 goto unlock;
1941 }
1942
1943 if (conn->connect_cfm_cb) {
1944 hci_conn_put(conn);
bdb6d971 1945 err = cmd_complete(sk, hdev->id, MGMT_OP_PAIR_DEVICE,
04124681 1946 MGMT_STATUS_BUSY, &rp, sizeof(rp));
e9a416b5
JH		 1947 goto unlock;
1948 }
1949
2e58ef3e 1950 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
e9a416b5
JH		 1951 if (!cmd) {
1952 err = -ENOMEM;
1953 hci_conn_put(conn);
1954 goto unlock;
1955 }
1956
7a512d01 1957 /* For LE, just connecting isn't a proof that the pairing finished */
591f47f3 1958 if (cp->addr.type == BDADDR_BREDR)
7a512d01 1959 conn->connect_cfm_cb = pairing_complete_cb;
4c47d739
VA		 1960 else
1961 conn->connect_cfm_cb = le_connect_complete_cb;
7a512d01 1962
e9a416b5
JH		 1963 conn->security_cfm_cb = pairing_complete_cb;
1964 conn->disconn_cfm_cb = pairing_complete_cb;
1965 conn->io_capability = cp->io_cap;
1966 cmd->user_data = conn;
1967
1968 if (conn->state == BT_CONNECTED &&
8ce8e2b5 1969 hci_conn_security(conn, sec_level, auth_type))
e9a416b5
JH		 1970 pairing_complete(cmd, 0);
1971
1972 err = 0;
1973
1974unlock:
09fd0de5 1975 hci_dev_unlock(hdev);
e9a416b5
JH		 1976 return err;
1977}
1978
04124681
GP		 1979static int cancel_pair_device(struct sock *sk, struct hci_dev *hdev, void *data,
1980 u16 len)
28424707 1981{
0f4e68cf 1982 struct mgmt_addr_info *addr = data;
28424707
JH		 1983 struct pending_cmd *cmd;
1984 struct hci_conn *conn;
1985 int err;
1986
1987 BT_DBG("");
1988
28424707
JH		 1989 hci_dev_lock(hdev);
1990
5f97c1df 1991 if (!hdev_is_powered(hdev)) {
bdb6d971 1992 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 1993 MGMT_STATUS_NOT_POWERED);
5f97c1df
JH		 1994 goto unlock;
1995 }
1996
28424707
JH		 1997 cmd = mgmt_pending_find(MGMT_OP_PAIR_DEVICE, hdev);
1998 if (!cmd) {
bdb6d971 1999 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2000 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2001 goto unlock;
2002 }
2003
2004 conn = cmd->user_data;
2005
2006 if (bacmp(&addr->bdaddr, &conn->dst) != 0) {
bdb6d971 2007 err = cmd_status(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE,
04124681 2008 MGMT_STATUS_INVALID_PARAMS);
28424707
JH		 2009 goto unlock;
2010 }
2011
2012 pairing_complete(cmd, MGMT_STATUS_CANCELLED);
2013
bdb6d971 2014 err = cmd_complete(sk, hdev->id, MGMT_OP_CANCEL_PAIR_DEVICE, 0,
04124681 2015 addr, sizeof(*addr));
28424707
JH		 2016unlock:
2017 hci_dev_unlock(hdev);
28424707
JH		 2018 return err;
2019}
2020
bdb6d971 2021static int user_pairing_resp(struct sock *sk, struct hci_dev *hdev,
04124681
GP		 2022 bdaddr_t *bdaddr, u8 type, u16 mgmt_op,
2023 u16 hci_op, __le32 passkey)
a5c29683 2024{
a5c29683 2025 struct pending_cmd *cmd;
0df4c185 2026 struct hci_conn *conn;
a5c29683
JH		 2027 int err;
2028
09fd0de5 2029 hci_dev_lock(hdev);
08ba5382 2030
4b34ee78 2031 if (!hdev_is_powered(hdev)) {
bdb6d971 2032 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2033 MGMT_STATUS_NOT_POWERED);
0df4c185 2034 goto done;
a5c29683
JH		 2035 }
2036
591f47f3 2037 if (type == BDADDR_BREDR)
272d90df
JH		 2038 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
2039 else
47c15e2b 2040 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
272d90df
JH		 2041
2042 if (!conn) {
bdb6d971 2043 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2044 MGMT_STATUS_NOT_CONNECTED);
272d90df
JH		 2045 goto done;
2046 }
47c15e2b 2047
591f47f3 2048 if (type == BDADDR_LE_PUBLIC || type == BDADDR_LE_RANDOM) {
47c15e2b 2049 /* Continue with pairing via SMP */
5fe57d9e
BG		 2050 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
2051
2052 if (!err)
bdb6d971 2053 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2054 MGMT_STATUS_SUCCESS);
5fe57d9e 2055 else
bdb6d971 2056 err = cmd_status(sk, hdev->id, mgmt_op,
04124681 2057 MGMT_STATUS_FAILED);
47c15e2b 2058
47c15e2b
BG		 2059 goto done;
2060 }
2061
0df4c185 2062 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
a5c29683
JH		 2063 if (!cmd) {
2064 err = -ENOMEM;
0df4c185 2065 goto done;
a5c29683
JH		 2066 }
2067
0df4c185 2068 /* Continue with pairing via HCI */
604086b7
BG		 2069 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
2070 struct hci_cp_user_passkey_reply cp;
2071
2072 bacpy(&cp.bdaddr, bdaddr);
2073 cp.passkey = passkey;
2074 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
2075 } else
2076 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
2077
a664b5bc
JH		 2078 if (err < 0)
2079 mgmt_pending_remove(cmd);
a5c29683 2080
0df4c185 2081done:
09fd0de5 2082 hci_dev_unlock(hdev);
a5c29683
JH		 2083 return err;
2084}
2085
afeb019d
JK		 2086static int pin_code_neg_reply(struct sock *sk, struct hci_dev *hdev,
2087 void *data, u16 len)
2088{
2089 struct mgmt_cp_pin_code_neg_reply *cp = data;
2090
2091 BT_DBG("");
2092
2093 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
2094 MGMT_OP_PIN_CODE_NEG_REPLY,
2095 HCI_OP_PIN_CODE_NEG_REPLY, 0);
2096}
2097
04124681
GP		 2098static int user_confirm_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2099 u16 len)
0df4c185 2100{
650f726d 2101 struct mgmt_cp_user_confirm_reply *cp = data;
0df4c185
BG		 2102
2103 BT_DBG("");
2104
2105 if (len != sizeof(*cp))
bdb6d971 2106 return cmd_status(sk, hdev->id, MGMT_OP_USER_CONFIRM_REPLY,
04124681 2107 MGMT_STATUS_INVALID_PARAMS);
0df4c185 2108
bdb6d971 2109 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2110 MGMT_OP_USER_CONFIRM_REPLY,
2111 HCI_OP_USER_CONFIRM_REPLY, 0);
0df4c185
BG		 2112}
2113
bdb6d971 2114static int user_confirm_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2115 void *data, u16 len)
0df4c185 2116{
c9c2659f 2117 struct mgmt_cp_user_confirm_neg_reply *cp = data;
0df4c185
BG		 2118
2119 BT_DBG("");
2120
bdb6d971 2121 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2122 MGMT_OP_USER_CONFIRM_NEG_REPLY,
2123 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
0df4c185
BG		 2124}
2125
04124681
GP		 2126static int user_passkey_reply(struct sock *sk, struct hci_dev *hdev, void *data,
2127 u16 len)
604086b7 2128{
650f726d 2129 struct mgmt_cp_user_passkey_reply *cp = data;
604086b7
BG		 2130
2131 BT_DBG("");
2132
bdb6d971 2133 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2134 MGMT_OP_USER_PASSKEY_REPLY,
2135 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
604086b7
BG		 2136}
2137
bdb6d971 2138static int user_passkey_neg_reply(struct sock *sk, struct hci_dev *hdev,
04124681 2139 void *data, u16 len)
604086b7 2140{
650f726d 2141 struct mgmt_cp_user_passkey_neg_reply *cp = data;
604086b7
BG		 2142
2143 BT_DBG("");
2144
bdb6d971 2145 return user_pairing_resp(sk, hdev, &cp->addr.bdaddr, cp->addr.type,
04124681
GP		 2146 MGMT_OP_USER_PASSKEY_NEG_REPLY,
2147 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
604086b7
BG		 2148}
2149
2b4bf397
JH		 2150static int update_name(struct hci_dev *hdev, const char *name)
2151{
2152 struct hci_cp_write_local_name cp;
2153
2154 memcpy(cp.name, name, sizeof(cp.name));
2155
2156 return hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(cp), &cp);
2157}
2158
bdb6d971 2159static int set_local_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2160 u16 len)
b312b161 2161{
2b4bf397 2162 struct mgmt_cp_set_local_name *cp = data;
b312b161
JH		 2163 struct pending_cmd *cmd;
2164 int err;
2165
2166 BT_DBG("");
2167
09fd0de5 2168 hci_dev_lock(hdev);
b312b161 2169
2b4bf397 2170 memcpy(hdev->short_name, cp->short_name, sizeof(hdev->short_name));
28cc7bde 2171
b5235a65 2172 if (!hdev_is_powered(hdev)) {
2b4bf397 2173 memcpy(hdev->dev_name, cp->name, sizeof(hdev->dev_name));
28cc7bde
JH		 2174
2175 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0,
04124681 2176 data, len);
28cc7bde
JH		 2177 if (err < 0)
2178 goto failed;
2179
2180 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, data, len,
04124681 2181 sk);
28cc7bde 2182
b5235a65
JH		 2183 goto failed;
2184 }
2185
28cc7bde 2186 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
b312b161
JH		 2187 if (!cmd) {
2188 err = -ENOMEM;
2189 goto failed;
2190 }
2191
2b4bf397 2192 err = update_name(hdev, cp->name);
b312b161
JH		 2193 if (err < 0)
2194 mgmt_pending_remove(cmd);
2195
2196failed:
09fd0de5 2197 hci_dev_unlock(hdev);
b312b161
JH		 2198 return err;
2199}
2200
0f4e68cf 2201static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2202 void *data, u16 data_len)
c35938b2 2203{
c35938b2
SJ		 2204 struct pending_cmd *cmd;
2205 int err;
2206
bdb6d971 2207 BT_DBG("%s", hdev->name);
c35938b2 2208
09fd0de5 2209 hci_dev_lock(hdev);
c35938b2 2210
4b34ee78 2211 if (!hdev_is_powered(hdev)) {
bdb6d971 2212 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2213 MGMT_STATUS_NOT_POWERED);
c35938b2
SJ		 2214 goto unlock;
2215 }
2216
9a1a1996 2217 if (!lmp_ssp_capable(hdev)) {
bdb6d971 2218 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2219 MGMT_STATUS_NOT_SUPPORTED);
c35938b2
SJ		 2220 goto unlock;
2221 }
2222
2e58ef3e 2223 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
bdb6d971 2224 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
04124681 2225 MGMT_STATUS_BUSY);
c35938b2
SJ		 2226 goto unlock;
2227 }
2228
2e58ef3e 2229 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
c35938b2
SJ		 2230 if (!cmd) {
2231 err = -ENOMEM;
2232 goto unlock;
2233 }
2234
2235 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
2236 if (err < 0)
2237 mgmt_pending_remove(cmd);
2238
2239unlock:
09fd0de5 2240 hci_dev_unlock(hdev);
c35938b2
SJ		 2241 return err;
2242}
2243
bdb6d971 2244static int add_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
04124681 2245 void *data, u16 len)
2763eda6 2246{
650f726d 2247 struct mgmt_cp_add_remote_oob_data *cp = data;
bf1e3541 2248 u8 status;
2763eda6
SJ		 2249 int err;
2250
bdb6d971 2251 BT_DBG("%s ", hdev->name);
2763eda6 2252
09fd0de5 2253 hci_dev_lock(hdev);
2763eda6 2254
5f97c1df 2255 if (!hdev_is_powered(hdev)) {
bdb6d971 2256 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA,
04124681
GP		 2257 MGMT_STATUS_NOT_POWERED, &cp->addr,
2258 sizeof(cp->addr));
5f97c1df
JH		 2259 goto unlock;
2260 }
2261
664ce4cc 2262 err = hci_add_remote_oob_data(hdev, &cp->addr.bdaddr, cp->hash,
04124681 2263 cp->randomizer);
2763eda6 2264 if (err < 0)
bf1e3541 2265 status = MGMT_STATUS_FAILED;
2763eda6 2266 else
bf1e3541
JH		 2267 status = 0;
2268
bdb6d971 2269 err = cmd_complete(sk, hdev->id, MGMT_OP_ADD_REMOTE_OOB_DATA, status,
04124681 2270 &cp->addr, sizeof(cp->addr));
2763eda6 2271
5f97c1df 2272unlock:
09fd0de5 2273 hci_dev_unlock(hdev);
2763eda6
SJ		 2274 return err;
2275}
2276
bdb6d971 2277static int remove_remote_oob_data(struct sock *sk, struct hci_dev *hdev,
8ce8e2b5 2278 void *data, u16 len)
2763eda6 2279{
650f726d 2280 struct mgmt_cp_remove_remote_oob_data *cp = data;
bf1e3541 2281 u8 status;
2763eda6
SJ		 2282 int err;
2283
bdb6d971 2284 BT_DBG("%s", hdev->name);
2763eda6 2285
09fd0de5 2286 hci_dev_lock(hdev);
2763eda6 2287
5f97c1df 2288 if (!hdev_is_powered(hdev)) {
bdb6d971 2289 err = cmd_complete(sk, hdev->id,
04124681
GP		 2290 MGMT_OP_REMOVE_REMOTE_OOB_DATA,
2291 MGMT_STATUS_NOT_POWERED, &cp->addr,
2292 sizeof(cp->addr));
5f97c1df
JH		 2293 goto unlock;
2294 }
2295
664ce4cc 2296 err = hci_remove_remote_oob_data(hdev, &cp->addr.bdaddr);
2763eda6 2297 if (err < 0)
bf1e3541 2298 status = MGMT_STATUS_INVALID_PARAMS;
2763eda6 2299 else
bf1e3541
JH		 2300 status = 0;
2301
bdb6d971 2302 err = cmd_complete(sk, hdev->id, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
04124681 2303 status, &cp->addr, sizeof(cp->addr));
2763eda6 2304
5f97c1df 2305unlock:
09fd0de5 2306 hci_dev_unlock(hdev);
2763eda6
SJ		 2307 return err;
2308}
2309
5e0452c0
AG		 2310int mgmt_interleaved_discovery(struct hci_dev *hdev)
2311{
2312 int err;
2313
2314 BT_DBG("%s", hdev->name);
2315
2316 hci_dev_lock(hdev);
2317
2318 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR_LE);
2319 if (err < 0)
2320 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2321
2322 hci_dev_unlock(hdev);
2323
2324 return err;
2325}
2326
bdb6d971 2327static int start_discovery(struct sock *sk, struct hci_dev *hdev,
04124681 2328 void *data, u16 len)
14a53664 2329{
650f726d 2330 struct mgmt_cp_start_discovery *cp = data;
14a53664 2331 struct pending_cmd *cmd;
14a53664
JH		 2332 int err;
2333
bdb6d971 2334 BT_DBG("%s", hdev->name);
14a53664 2335
09fd0de5 2336 hci_dev_lock(hdev);
14a53664 2337
4b34ee78 2338 if (!hdev_is_powered(hdev)) {
bdb6d971 2339 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2340 MGMT_STATUS_NOT_POWERED);
bd2d1334
JH		 2341 goto failed;
2342 }
2343
642be6c7
AG		 2344 if (test_bit(HCI_PERIODIC_INQ, &hdev->dev_flags)) {
2345 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
2346 MGMT_STATUS_BUSY);
2347 goto failed;
2348 }
2349
ff9ef578 2350 if (hdev->discovery.state != DISCOVERY_STOPPED) {
bdb6d971 2351 err = cmd_status(sk, hdev->id, MGMT_OP_START_DISCOVERY,
04124681 2352 MGMT_STATUS_BUSY);
ff9ef578
JH		 2353 goto failed;
2354 }
2355
2e58ef3e 2356 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2357 if (!cmd) {
2358 err = -ENOMEM;
2359 goto failed;
2360 }
2361
4aab14e5
AG		 2362 hdev->discovery.type = cp->type;
2363
2364 switch (hdev->discovery.type) {
f39799f5 2365 case DISCOV_TYPE_BREDR:
8b90129c
AG		 2366 if (lmp_bredr_capable(hdev))
2367 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
2368 else
2369 err = -ENOTSUPP;
f39799f5
AG		 2370 break;
2371
2372 case DISCOV_TYPE_LE:
8b90129c
AG		 2373 if (lmp_host_le_capable(hdev))
2374 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681 2375 LE_SCAN_WIN, LE_SCAN_TIMEOUT_LE_ONLY);
8b90129c
AG		 2376 else
2377 err = -ENOTSUPP;
f39799f5
AG		 2378 break;
2379
5e0452c0 2380 case DISCOV_TYPE_INTERLEAVED:
426c189a
AG		 2381 if (lmp_host_le_capable(hdev) && lmp_bredr_capable(hdev))
2382 err = hci_le_scan(hdev, LE_SCAN_TYPE, LE_SCAN_INT,
04124681
GP		 2383 LE_SCAN_WIN,
2384 LE_SCAN_TIMEOUT_BREDR_LE);
426c189a
AG		 2385 else
2386 err = -ENOTSUPP;
5e0452c0
AG		 2387 break;
2388
f39799f5 2389 default:
3fd24153 2390 err = -EINVAL;
f39799f5 2391 }
3fd24153 2392
14a53664
JH		 2393 if (err < 0)
2394 mgmt_pending_remove(cmd);
ff9ef578
JH		 2395 else
2396 hci_discovery_set_state(hdev, DISCOVERY_STARTING);
14a53664
JH		 2397
2398failed:
09fd0de5 2399 hci_dev_unlock(hdev);
14a53664
JH		 2400 return err;
2401}
2402
bdb6d971 2403static int stop_discovery(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2404 u16 len)
14a53664 2405{
d930650b 2406 struct mgmt_cp_stop_discovery *mgmt_cp = data;
14a53664 2407 struct pending_cmd *cmd;
30dc78e1
JH		 2408 struct hci_cp_remote_name_req_cancel cp;
2409 struct inquiry_entry *e;
14a53664
JH		 2410 int err;
2411
bdb6d971 2412 BT_DBG("%s", hdev->name);
14a53664 2413
09fd0de5 2414 hci_dev_lock(hdev);
14a53664 2415
30dc78e1 2416 if (!hci_discovery_active(hdev)) {
bdb6d971 2417 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2418 MGMT_STATUS_REJECTED, &mgmt_cp->type,
2419 sizeof(mgmt_cp->type));
d930650b
JH		 2420 goto unlock;
2421 }
2422
2423 if (hdev->discovery.type != mgmt_cp->type) {
bdb6d971 2424 err = cmd_complete(sk, hdev->id, MGMT_OP_STOP_DISCOVERY,
04124681
GP		 2425 MGMT_STATUS_INVALID_PARAMS, &mgmt_cp->type,
2426 sizeof(mgmt_cp->type));
30dc78e1 2427 goto unlock;
ff9ef578
JH		 2428 }
2429
2e58ef3e 2430 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
14a53664
JH		 2431 if (!cmd) {
2432 err = -ENOMEM;
30dc78e1
JH		 2433 goto unlock;
2434 }
2435
e0d9727e
AG		 2436 switch (hdev->discovery.state) {
2437 case DISCOVERY_FINDING:
c9ecc48e
AG		 2438 if (test_bit(HCI_INQUIRY, &hdev->flags))
2439 err = hci_cancel_inquiry(hdev);
2440 else
2441 err = hci_cancel_le_scan(hdev);
2442
e0d9727e
AG		 2443 break;
2444
2445 case DISCOVERY_RESOLVING:
2446 e = hci_inquiry_cache_lookup_resolve(hdev, BDADDR_ANY,
8ce8e2b5 2447 NAME_PENDING);
e0d9727e 2448 if (!e) {
30dc78e1 2449 mgmt_pending_remove(cmd);
e0d9727e
AG		 2450 err = cmd_complete(sk, hdev->id,
2451 MGMT_OP_STOP_DISCOVERY, 0,
2452 &mgmt_cp->type,
2453 sizeof(mgmt_cp->type));
2454 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
2455 goto unlock;
2456 }
30dc78e1 2457
e0d9727e
AG		 2458 bacpy(&cp.bdaddr, &e->data.bdaddr);
2459 err = hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ_CANCEL,
2460 sizeof(cp), &cp);
2461
2462 break;
2463
2464 default:
2465 BT_DBG("unknown discovery state %u", hdev->discovery.state);
2466 err = -EFAULT;
14a53664
JH		 2467 }
2468
14a53664
JH		 2469 if (err < 0)
2470 mgmt_pending_remove(cmd);
ff9ef578
JH		 2471 else
2472 hci_discovery_set_state(hdev, DISCOVERY_STOPPING);
14a53664 2473
30dc78e1 2474unlock:
09fd0de5 2475 hci_dev_unlock(hdev);
14a53664
JH		 2476 return err;
2477}
2478
bdb6d971 2479static int confirm_name(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2480 u16 len)
561aafbc 2481{
650f726d 2482 struct mgmt_cp_confirm_name *cp = data;
561aafbc 2483 struct inquiry_entry *e;
561aafbc
JH		 2484 int err;
2485
bdb6d971 2486 BT_DBG("%s", hdev->name);
561aafbc 2487
561aafbc
JH		 2488 hci_dev_lock(hdev);
2489
30dc78e1 2490 if (!hci_discovery_active(hdev)) {
bdb6d971 2491 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2492 MGMT_STATUS_FAILED);
30dc78e1
JH		 2493 goto failed;
2494 }
2495
a198e7b1 2496 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->addr.bdaddr);
561aafbc 2497 if (!e) {
bdb6d971 2498 err = cmd_status(sk, hdev->id, MGMT_OP_CONFIRM_NAME,
04124681 2499 MGMT_STATUS_INVALID_PARAMS);
561aafbc
JH		 2500 goto failed;
2501 }
2502
2503 if (cp->name_known) {
2504 e->name_state = NAME_KNOWN;
2505 list_del(&e->list);
2506 } else {
2507 e->name_state = NAME_NEEDED;
a3d4e20a 2508 hci_inquiry_cache_update_resolve(hdev, e);
561aafbc
JH		 2509 }
2510
2511 err = 0;
2512
2513failed:
2514 hci_dev_unlock(hdev);
561aafbc
JH		 2515 return err;
2516}
2517
bdb6d971 2518static int block_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2519 u16 len)
7fbec224 2520{
650f726d 2521 struct mgmt_cp_block_device *cp = data;
f0eeea8b 2522 u8 status;
7fbec224
AJ		 2523 int err;
2524
bdb6d971 2525 BT_DBG("%s", hdev->name);
7fbec224 2526
09fd0de5 2527 hci_dev_lock(hdev);
5e762444 2528
88c1fe4b 2529 err = hci_blacklist_add(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2530 if (err < 0)
f0eeea8b 2531 status = MGMT_STATUS_FAILED;
7fbec224 2532 else
f0eeea8b
JH		 2533 status = 0;
2534
bdb6d971 2535 err = cmd_complete(sk, hdev->id, MGMT_OP_BLOCK_DEVICE, status,
04124681 2536 &cp->addr, sizeof(cp->addr));
5e762444 2537
09fd0de5 2538 hci_dev_unlock(hdev);
7fbec224
AJ		 2539
2540 return err;
2541}
2542
bdb6d971 2543static int unblock_device(struct sock *sk, struct hci_dev *hdev, void *data,
04124681 2544 u16 len)
7fbec224 2545{
650f726d 2546 struct mgmt_cp_unblock_device *cp = data;
f0eeea8b 2547 u8 status;
7fbec224
AJ		 2548 int err;
2549
bdb6d971 2550 BT_DBG("%s", hdev->name);
7fbec224 2551
09fd0de5 2552 hci_dev_lock(hdev);
5e762444 2553
88c1fe4b 2554 err = hci_blacklist_del(hdev, &cp->addr.bdaddr, cp->addr.type);
7fbec224 2555 if (err < 0)
f0eeea8b 2556 status = MGMT_STATUS_INVALID_PARAMS;
7fbec224 2557 else
f0eeea8b
JH		 2558 status = 0;
2559
bdb6d971 2560 err = cmd_complete(sk, hdev->id, MGMT_OP_UNBLOCK_DEVICE, status,
04124681 2561 &cp->addr, sizeof(cp->addr));
5e762444 2562
09fd0de5 2563 hci_dev_unlock(hdev);
7fbec224
AJ		 2564
2565 return err;
2566}
2567
cdbaccca
MH		 2568static int set_device_id(struct sock *sk, struct hci_dev *hdev, void *data,
2569 u16 len)
2570{
2571 struct mgmt_cp_set_device_id *cp = data;
2572 int err;
c72d4b8a 2573 __u16 source;
cdbaccca
MH		 2574
2575 BT_DBG("%s", hdev->name);
2576
c72d4b8a
SJ		 2577 source = __le16_to_cpu(cp->source);
2578
2579 if (source > 0x0002)
2580 return cmd_status(sk, hdev->id, MGMT_OP_SET_DEVICE_ID,
2581 MGMT_STATUS_INVALID_PARAMS);
2582
cdbaccca
MH		 2583 hci_dev_lock(hdev);
2584
c72d4b8a 2585 hdev->devid_source = source;
cdbaccca
MH		 2586 hdev->devid_vendor = __le16_to_cpu(cp->vendor);
2587 hdev->devid_product = __le16_to_cpu(cp->product);
2588 hdev->devid_version = __le16_to_cpu(cp->version);
2589
2590 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_DEVICE_ID, 0, NULL, 0);
2591
2592 update_eir(hdev);
2593
2594 hci_dev_unlock(hdev);
2595
2596 return err;
2597}
2598
bdb6d971 2599static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,
04124681 2600 void *data, u16 len)
f6422ec6 2601{
650f726d 2602 struct mgmt_mode *cp = data;
f6422ec6
AJ		 2603 struct hci_cp_write_page_scan_activity acp;
2604 u8 type;
2605 int err;
2606
bdb6d971 2607 BT_DBG("%s", hdev->name);
f6422ec6 2608
33c525c0
JH		 2609 if (!lmp_bredr_capable(hdev))
2610 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
2611 MGMT_STATUS_NOT_SUPPORTED);
2612
5400c044 2613 if (!hdev_is_powered(hdev))
bdb6d971 2614 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2615 MGMT_STATUS_NOT_POWERED);
5400c044
JH		 2616
2617 if (!test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
bdb6d971 2618 return cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2619 MGMT_STATUS_REJECTED);
f6422ec6
AJ		 2620
2621 hci_dev_lock(hdev);
2622
f7c6869c 2623 if (cp->val) {
f6422ec6 2624 type = PAGE_SCAN_TYPE_INTERLACED;
76ec9de8 2625
83ce9a06
JH		 2626 /* 160 msec page scan interval */
2627 acp.interval = __constant_cpu_to_le16(0x0100);
f6422ec6
AJ		 2628 } else {
2629 type = PAGE_SCAN_TYPE_STANDARD; /* default */
76ec9de8
AE		 2630
2631 /* default 1.28 sec page scan */
2632 acp.interval = __constant_cpu_to_le16(0x0800);
f6422ec6
AJ		 2633 }
2634
76ec9de8
AE		 2635 /* default 11.25 msec page scan window */
2636 acp.window = __constant_cpu_to_le16(0x0012);
f6422ec6 2637
04124681
GP		 2638 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY, sizeof(acp),
2639 &acp);
f6422ec6 2640 if (err < 0) {
bdb6d971 2641 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2642 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2643 goto done;
2644 }
2645
2646 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2647 if (err < 0) {
bdb6d971 2648 err = cmd_status(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE,
04124681 2649 MGMT_STATUS_FAILED);
f6422ec6
AJ		 2650 goto done;
2651 }
2652
bdb6d971 2653 err = cmd_complete(sk, hdev->id, MGMT_OP_SET_FAST_CONNECTABLE, 0,
04124681 2654 NULL, 0);
f6422ec6
AJ		 2655done:
2656 hci_dev_unlock(hdev);
f6422ec6
AJ		 2657 return err;
2658}
2659
bdb6d971 2660static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
04124681 2661 void *cp_data, u16 len)
346af67b 2662{
346af67b
VCG		 2663 struct mgmt_cp_load_long_term_keys *cp = cp_data;
2664 u16 key_count, expected_len;
2665 int i;
2666
1f350c87 2667 key_count = __le16_to_cpu(cp->key_count);
346af67b
VCG		 2668
2669 expected_len = sizeof(*cp) + key_count *
2670 sizeof(struct mgmt_ltk_info);
2671 if (expected_len != len) {
2672 BT_ERR("load_keys: expected %u bytes, got %u bytes",
8ce8e2b5 2673 len, expected_len);
bdb6d971 2674 return cmd_status(sk, hdev->id, MGMT_OP_LOAD_LONG_TERM_KEYS,
04124681 2675 EINVAL);
346af67b
VCG		 2676 }
2677
bdb6d971 2678 BT_DBG("%s key_count %u", hdev->name, key_count);
346af67b
VCG		 2679
2680 hci_dev_lock(hdev);
2681
2682 hci_smp_ltks_clear(hdev);
2683
2684 for (i = 0; i < key_count; i++) {
2685 struct mgmt_ltk_info *key = &cp->keys[i];
2686 u8 type;
2687
2688 if (key->master)
2689 type = HCI_SMP_LTK;
2690 else
2691 type = HCI_SMP_LTK_SLAVE;
2692
4596fde5 2693 hci_add_ltk(hdev, &key->addr.bdaddr,
378b5b7e 2694 bdaddr_to_le(key->addr.type),
04124681
GP		 2695 type, 0, key->authenticated, key->val,
2696 key->enc_size, key->ediv, key->rand);
346af67b
VCG		 2697 }
2698
2699 hci_dev_unlock(hdev);
346af67b
VCG		 2700
2701 return 0;
2702}
2703
2e3c35ea 2704static const struct mgmt_handler {
04124681
GP		 2705 int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
2706 u16 data_len);
be22b54e
JH		 2707 bool var_len;
2708 size_t data_len;
0f4e68cf
JH		 2709} mgmt_handlers[] = {
2710 { NULL }, /* 0x0000 (no command) */
be22b54e
JH		 2711 { read_version, false, MGMT_READ_VERSION_SIZE },
2712 { read_commands, false, MGMT_READ_COMMANDS_SIZE },
2713 { read_index_list, false, MGMT_READ_INDEX_LIST_SIZE },
2714 { read_controller_info, false, MGMT_READ_INFO_SIZE },
2715 { set_powered, false, MGMT_SETTING_SIZE },
2716 { set_discoverable, false, MGMT_SET_DISCOVERABLE_SIZE },
2717 { set_connectable, false, MGMT_SETTING_SIZE },
2718 { set_fast_connectable, false, MGMT_SETTING_SIZE },
2719 { set_pairable, false, MGMT_SETTING_SIZE },
2720 { set_link_security, false, MGMT_SETTING_SIZE },
2721 { set_ssp, false, MGMT_SETTING_SIZE },
2722 { set_hs, false, MGMT_SETTING_SIZE },
2723 { set_le, false, MGMT_SETTING_SIZE },
2724 { set_dev_class, false, MGMT_SET_DEV_CLASS_SIZE },
2725 { set_local_name, false, MGMT_SET_LOCAL_NAME_SIZE },
2726 { add_uuid, false, MGMT_ADD_UUID_SIZE },
2727 { remove_uuid, false, MGMT_REMOVE_UUID_SIZE },
2728 { load_link_keys, true, MGMT_LOAD_LINK_KEYS_SIZE },
2729 { load_long_term_keys, true, MGMT_LOAD_LONG_TERM_KEYS_SIZE },
2730 { disconnect, false, MGMT_DISCONNECT_SIZE },
2731 { get_connections, false, MGMT_GET_CONNECTIONS_SIZE },
2732 { pin_code_reply, false, MGMT_PIN_CODE_REPLY_SIZE },
2733 { pin_code_neg_reply, false, MGMT_PIN_CODE_NEG_REPLY_SIZE },
2734 { set_io_capability, false, MGMT_SET_IO_CAPABILITY_SIZE },
2735 { pair_device, false, MGMT_PAIR_DEVICE_SIZE },
2736 { cancel_pair_device, false, MGMT_CANCEL_PAIR_DEVICE_SIZE },
2737 { unpair_device, false, MGMT_UNPAIR_DEVICE_SIZE },
2738 { user_confirm_reply, false, MGMT_USER_CONFIRM_REPLY_SIZE },
2739 { user_confirm_neg_reply, false, MGMT_USER_CONFIRM_NEG_REPLY_SIZE },
2740 { user_passkey_reply, false, MGMT_USER_PASSKEY_REPLY_SIZE },
2741 { user_passkey_neg_reply, false, MGMT_USER_PASSKEY_NEG_REPLY_SIZE },
2742 { read_local_oob_data, false, MGMT_READ_LOCAL_OOB_DATA_SIZE },
2743 { add_remote_oob_data, false, MGMT_ADD_REMOTE_OOB_DATA_SIZE },
2744 { remove_remote_oob_data, false, MGMT_REMOVE_REMOTE_OOB_DATA_SIZE },
2745 { start_discovery, false, MGMT_START_DISCOVERY_SIZE },
2746 { stop_discovery, false, MGMT_STOP_DISCOVERY_SIZE },
2747 { confirm_name, false, MGMT_CONFIRM_NAME_SIZE },
2748 { block_device, false, MGMT_BLOCK_DEVICE_SIZE },
2749 { unblock_device, false, MGMT_UNBLOCK_DEVICE_SIZE },
cdbaccca 2750 { set_device_id, false, MGMT_SET_DEVICE_ID_SIZE },
0f4e68cf
JH		 2751};
2752
2753
0381101f
JH		 2754int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2755{
650f726d
VCG		 2756 void *buf;
2757 u8 *cp;
0381101f 2758 struct mgmt_hdr *hdr;
4e51eae9 2759 u16 opcode, index, len;
bdb6d971 2760 struct hci_dev *hdev = NULL;
2e3c35ea 2761 const struct mgmt_handler *handler;
0381101f
JH		 2762 int err;
2763
2764 BT_DBG("got %zu bytes", msglen);
2765
2766 if (msglen < sizeof(*hdr))
2767 return -EINVAL;
2768
e63a15ec 2769 buf = kmalloc(msglen, GFP_KERNEL);
0381101f
JH		 2770 if (!buf)
2771 return -ENOMEM;
2772
2773 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2774 err = -EFAULT;
2775 goto done;
2776 }
2777
650f726d 2778 hdr = buf;
1f350c87
MH		 2779 opcode = __le16_to_cpu(hdr->opcode);
2780 index = __le16_to_cpu(hdr->index);
2781 len = __le16_to_cpu(hdr->len);
0381101f
JH		 2782
2783 if (len != msglen - sizeof(*hdr)) {
2784 err = -EINVAL;
2785 goto done;
2786 }
2787
0f4e68cf 2788 if (index != MGMT_INDEX_NONE) {
bdb6d971
JH		 2789 hdev = hci_dev_get(index);
2790 if (!hdev) {
2791 err = cmd_status(sk, index, opcode,
04124681 2792 MGMT_STATUS_INVALID_INDEX);
bdb6d971
JH		 2793 goto done;
2794 }
2795 }
2796
0f4e68cf 2797 if (opcode >= ARRAY_SIZE(mgmt_handlers) ||
8ce8e2b5 2798 mgmt_handlers[opcode].func == NULL) {
0381101f 2799 BT_DBG("Unknown op %u", opcode);
ca69b795 2800 err = cmd_status(sk, index, opcode,
04124681 2801 MGMT_STATUS_UNKNOWN_COMMAND);
0f4e68cf
JH		 2802 goto done;
2803 }
2804
2805 if ((hdev && opcode < MGMT_OP_READ_INFO) ||
8ce8e2b5 2806 (!hdev && opcode >= MGMT_OP_READ_INFO)) {
0f4e68cf 2807 err = cmd_status(sk, index, opcode,
04124681 2808 MGMT_STATUS_INVALID_INDEX);
0f4e68cf 2809 goto done;
0381101f
JH		 2810 }
2811
be22b54e
JH		 2812 handler = &mgmt_handlers[opcode];
2813
2814 if ((handler->var_len && len < handler->data_len) ||
8ce8e2b5 2815 (!handler->var_len && len != handler->data_len)) {
be22b54e 2816 err = cmd_status(sk, index, opcode,
04124681 2817 MGMT_STATUS_INVALID_PARAMS);
be22b54e
JH		 2818 goto done;
2819 }
2820
0f4e68cf
JH		 2821 if (hdev)
2822 mgmt_init_hdev(sk, hdev);
2823
2824 cp = buf + sizeof(*hdr);
2825
be22b54e 2826 err = handler->func(sk, hdev, cp, len);
e41d8b4e
JH		 2827 if (err < 0)
2828 goto done;
2829
0381101f
JH		 2830 err = msglen;
2831
2832done:
bdb6d971
JH		 2833 if (hdev)
2834 hci_dev_put(hdev);
2835
0381101f
JH		 2836 kfree(buf);
2837 return err;
2838}
c71e97bf 2839
b24752fe
JH		 2840static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2841{
2842 u8 *status = data;
2843
2844 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2845 mgmt_pending_remove(cmd);
2846}
2847
744cf19e 2848int mgmt_index_added(struct hci_dev *hdev)
c71e97bf 2849{
bb4b2a9a
AE		 2850 if (!mgmt_valid_hdev(hdev))
2851 return -ENOTSUPP;
2852
744cf19e 2853 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
c71e97bf
JH		 2854}
2855
744cf19e 2856int mgmt_index_removed(struct hci_dev *hdev)
c71e97bf 2857{
5f159032 2858 u8 status = MGMT_STATUS_INVALID_INDEX;
b24752fe 2859
bb4b2a9a
AE		 2860 if (!mgmt_valid_hdev(hdev))
2861 return -ENOTSUPP;
2862
744cf19e 2863 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe 2864
744cf19e 2865 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
eec8d2bc
JH		 2866}
2867
73f22f62 2868struct cmd_lookup {
eec8d2bc 2869 struct sock *sk;
69ab39ea 2870 struct hci_dev *hdev;
90e70454 2871 u8 mgmt_status;
eec8d2bc
JH		 2872};
2873
69ab39ea 2874static void settings_rsp(struct pending_cmd *cmd, void *data)
eec8d2bc 2875{
73f22f62 2876 struct cmd_lookup *match = data;
eec8d2bc 2877
69ab39ea 2878 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
eec8d2bc
JH		 2879
2880 list_del(&cmd->list);
2881
2882 if (match->sk == NULL) {
2883 match->sk = cmd->sk;
2884 sock_hold(match->sk);
2885 }
2886
2887 mgmt_pending_free(cmd);
c71e97bf 2888}
5add6af8 2889
7f0ae647
JH		 2890static int set_bredr_scan(struct hci_dev *hdev)
2891{
2892 u8 scan = 0;
2893
2894 if (test_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2895 scan |= SCAN_PAGE;
2896 if (test_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2897 scan |= SCAN_INQUIRY;
2898
2899 if (!scan)
2900 return 0;
2901
2902 return hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
2903}
2904
744cf19e 2905int mgmt_powered(struct hci_dev *hdev, u8 powered)
5add6af8 2906{
76a7f3a4 2907 struct cmd_lookup match = { NULL, hdev };
7bb895d6 2908 int err;
5add6af8 2909
5e5282bb
JH		 2910 if (!test_bit(HCI_MGMT, &hdev->dev_flags))
2911 return 0;
2912
69ab39ea 2913 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
5add6af8 2914
5e5282bb 2915 if (powered) {
3d1cbdd6
AK		 2916 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
2917 u8 ssp = 1;
2918
2919 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, 1, &ssp);
2920 }
2921
562fcc24
AK		 2922 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) {
2923 struct hci_cp_write_le_host_supported cp;
2924
2925 cp.le = 1;
2926 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
2927
2928 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED,
2929 sizeof(cp), &cp);
2930 }
2931
7f0ae647
JH		 2932 if (lmp_bredr_capable(hdev)) {
2933 set_bredr_scan(hdev);
2934 update_class(hdev);
2935 update_name(hdev, hdev->dev_name);
2936 update_eir(hdev);
2937 }
5e5282bb 2938 } else {
d4f68526 2939 u8 status = MGMT_STATUS_NOT_POWERED;
744cf19e 2940 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
b24752fe
JH		 2941 }
2942
beadb2bd 2943 err = new_settings(hdev, match.sk);
eec8d2bc
JH		 2944
2945 if (match.sk)
2946 sock_put(match.sk);
2947
7bb895d6 2948 return err;
5add6af8 2949}
73f22f62 2950
744cf19e 2951int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
73f22f62 2952{
76a7f3a4 2953 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2954 bool changed = false;
2955 int err = 0;
73f22f62 2956
5e5282bb
JH		 2957 if (discoverable) {
2958 if (!test_and_set_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2959 changed = true;
2960 } else {
2961 if (test_and_clear_bit(HCI_DISCOVERABLE, &hdev->dev_flags))
2962 changed = true;
2963 }
73f22f62 2964
ed9b5f2f 2965 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp,
04124681 2966 &match);
ed9b5f2f 2967
beadb2bd
JH		 2968 if (changed)
2969 err = new_settings(hdev, match.sk);
5e5282bb 2970
73f22f62
JH		 2971 if (match.sk)
2972 sock_put(match.sk);
2973
7bb895d6 2974 return err;
73f22f62 2975}
9fbcbb45 2976
744cf19e 2977int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
9fbcbb45 2978{
76a7f3a4 2979 struct cmd_lookup match = { NULL, hdev };
5e5282bb
JH		 2980 bool changed = false;
2981 int err = 0;
9fbcbb45 2982
5e5282bb
JH		 2983 if (connectable) {
2984 if (!test_and_set_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2985 changed = true;
2986 } else {
2987 if (test_and_clear_bit(HCI_CONNECTABLE, &hdev->dev_flags))
2988 changed = true;
2989 }
9fbcbb45 2990
ed9b5f2f 2991 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
04124681 2992 &match);
ed9b5f2f 2993
beadb2bd
JH		 2994 if (changed)
2995 err = new_settings(hdev, match.sk);
9fbcbb45
JH		 2996
2997 if (match.sk)
2998 sock_put(match.sk);
2999
7bb895d6 3000 return err;
9fbcbb45 3001}
55ed8ca1 3002
744cf19e 3003int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2d7cee58 3004{
ca69b795
JH		 3005 u8 mgmt_err = mgmt_status(status);
3006
2d7cee58 3007 if (scan & SCAN_PAGE)
744cf19e 3008 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
04124681 3009 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3010
3011 if (scan & SCAN_INQUIRY)
744cf19e 3012 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
04124681 3013 cmd_status_rsp, &mgmt_err);
2d7cee58
JH		 3014
3015 return 0;
3016}
3017
53168e5b
CC		 3018int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
3019 bool persistent)
55ed8ca1 3020{
86742e1e 3021 struct mgmt_ev_new_link_key ev;
55ed8ca1 3022
a492cd52 3023 memset(&ev, 0, sizeof(ev));
55ed8ca1 3024
a492cd52 3025 ev.store_hint = persistent;
d753fdc4 3026 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
591f47f3 3027 ev.key.addr.type = BDADDR_BREDR;
a492cd52 3028 ev.key.type = key->type;
9b3b4460 3029 memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
a492cd52 3030 ev.key.pin_len = key->pin_len;
55ed8ca1 3031
744cf19e 3032 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
55ed8ca1 3033}
f7520543 3034
346af67b
VCG		 3035int mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, u8 persistent)
3036{
3037 struct mgmt_ev_new_long_term_key ev;
3038
3039 memset(&ev, 0, sizeof(ev));
3040
3041 ev.store_hint = persistent;
3042 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
57c1477c 3043 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
346af67b
VCG		 3044 ev.key.authenticated = key->authenticated;
3045 ev.key.enc_size = key->enc_size;
3046 ev.key.ediv = key->ediv;
3047
3048 if (key->type == HCI_SMP_LTK)
3049 ev.key.master = 1;
3050
3051 memcpy(ev.key.rand, key->rand, sizeof(key->rand));
3052 memcpy(ev.key.val, key->val, sizeof(key->val));
3053
04124681
GP		 3054 return mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev),
3055 NULL);
346af67b
VCG		 3056}
3057
afc747a6 3058int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3059 u8 addr_type, u32 flags, u8 *name, u8 name_len,
3060 u8 *dev_class)
f7520543 3061{
b644ba33
JH		 3062 char buf[512];
3063 struct mgmt_ev_device_connected *ev = (void *) buf;
3064 u16 eir_len = 0;
f7520543 3065
b644ba33 3066 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3067 ev->addr.type = link_to_bdaddr(link_type, addr_type);
f7520543 3068
c95f0ba7 3069 ev->flags = __cpu_to_le32(flags);
08c79b61 3070
b644ba33
JH		 3071 if (name_len > 0)
3072 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE,
04124681 3073 name, name_len);
b644ba33
JH		 3074
3075 if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
53156385 3076 eir_len = eir_append_data(ev->eir, eir_len,
04124681 3077 EIR_CLASS_OF_DEV, dev_class, 3);
b644ba33 3078
eb55ef07 3079 ev->eir_len = cpu_to_le16(eir_len);
b644ba33
JH		 3080
3081 return mgmt_event(MGMT_EV_DEVICE_CONNECTED, hdev, buf,
04124681 3082 sizeof(*ev) + eir_len, NULL);
f7520543
JH		 3083}
3084
8962ee74
JH		 3085static void disconnect_rsp(struct pending_cmd *cmd, void *data)
3086{
c68fb7ff 3087 struct mgmt_cp_disconnect *cp = cmd->param;
8962ee74 3088 struct sock **sk = data;
a38528f1 3089 struct mgmt_rp_disconnect rp;
8962ee74 3090
88c3df13
JH		 3091 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3092 rp.addr.type = cp->addr.type;
8962ee74 3093
aee9b218 3094 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, 0, &rp,
04124681 3095 sizeof(rp));
8962ee74
JH		 3096
3097 *sk = cmd->sk;
3098 sock_hold(*sk);
3099
a664b5bc 3100 mgmt_pending_remove(cmd);
8962ee74
JH		 3101}
3102
124f6e35 3103static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
a8a1d19e 3104{
b1078ad0 3105 struct hci_dev *hdev = data;
124f6e35
JH		 3106 struct mgmt_cp_unpair_device *cp = cmd->param;
3107 struct mgmt_rp_unpair_device rp;
a8a1d19e
JH		 3108
3109 memset(&rp, 0, sizeof(rp));
124f6e35
JH		 3110 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
3111 rp.addr.type = cp->addr.type;
a8a1d19e 3112
b1078ad0
JH		 3113 device_unpaired(hdev, &cp->addr.bdaddr, cp->addr.type, cmd->sk);
3114
aee9b218 3115 cmd_complete(cmd->sk, cmd->index, cmd->opcode, 0, &rp, sizeof(rp));
a8a1d19e
JH		 3116
3117 mgmt_pending_remove(cmd);
3118}
3119
afc747a6 3120int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
f0d6a0ea 3121 u8 link_type, u8 addr_type, u8 reason)
f7520543 3122{
f0d6a0ea 3123 struct mgmt_ev_device_disconnected ev;
8962ee74
JH		 3124 struct sock *sk = NULL;
3125 int err;
3126
744cf19e 3127 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
f7520543 3128
f0d6a0ea
MA		 3129 bacpy(&ev.addr.bdaddr, bdaddr);
3130 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3131 ev.reason = reason;
f7520543 3132
afc747a6 3133 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
04124681 3134 sk);
8962ee74
JH		 3135
3136 if (sk)
d97dcb66 3137 sock_put(sk);
8962ee74 3138
124f6e35 3139 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
04124681 3140 hdev);
a8a1d19e 3141
8962ee74
JH		 3142 return err;
3143}
3144
88c3df13 3145int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3146 u8 link_type, u8 addr_type, u8 status)
8962ee74 3147{
88c3df13 3148 struct mgmt_rp_disconnect rp;
8962ee74
JH		 3149 struct pending_cmd *cmd;
3150 int err;
3151
36a75f1b
JD		 3152 mgmt_pending_foreach(MGMT_OP_UNPAIR_DEVICE, hdev, unpair_device_rsp,
3153 hdev);
3154
2e58ef3e 3155 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
8962ee74
JH		 3156 if (!cmd)
3157 return -ENOENT;
3158
88c3df13 3159 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3160 rp.addr.type = link_to_bdaddr(link_type, addr_type);
37d9ef76 3161
88c3df13 3162 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
04124681 3163 mgmt_status(status), &rp, sizeof(rp));
8962ee74 3164
a664b5bc 3165 mgmt_pending_remove(cmd);
8962ee74
JH		 3166
3167 return err;
f7520543 3168}
17d5c04c 3169
48264f06 3170int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3171 u8 addr_type, u8 status)
17d5c04c
JH		 3172{
3173 struct mgmt_ev_connect_failed ev;
3174
4c659c39 3175 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3176 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3177 ev.status = mgmt_status(status);
17d5c04c 3178
744cf19e 3179 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
17d5c04c 3180}
980e1a53 3181
744cf19e 3182int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
980e1a53
JH		 3183{
3184 struct mgmt_ev_pin_code_request ev;
3185
d8457698 3186 bacpy(&ev.addr.bdaddr, bdaddr);
591f47f3 3187 ev.addr.type = BDADDR_BREDR;
a770bb5a 3188 ev.secure = secure;
980e1a53 3189
744cf19e 3190 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
04124681 3191 NULL);
980e1a53
JH		 3192}
3193
744cf19e 3194int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3195 u8 status)
980e1a53
JH		 3196{
3197 struct pending_cmd *cmd;
ac56fb13 3198 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3199 int err;
3200
2e58ef3e 3201 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
980e1a53
JH		 3202 if (!cmd)
3203 return -ENOENT;
3204
d8457698 3205 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3206 rp.addr.type = BDADDR_BREDR;
ac56fb13 3207
aee9b218 3208 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY,
04124681 3209 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3210
a664b5bc 3211 mgmt_pending_remove(cmd);
980e1a53
JH		 3212
3213 return err;
3214}
3215
744cf19e 3216int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3217 u8 status)
980e1a53
JH		 3218{
3219 struct pending_cmd *cmd;
ac56fb13 3220 struct mgmt_rp_pin_code_reply rp;
980e1a53
JH		 3221 int err;
3222
2e58ef3e 3223 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
980e1a53
JH		 3224 if (!cmd)
3225 return -ENOENT;
3226
d8457698 3227 bacpy(&rp.addr.bdaddr, bdaddr);
591f47f3 3228 rp.addr.type = BDADDR_BREDR;
ac56fb13 3229
aee9b218 3230 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY,
04124681 3231 mgmt_status(status), &rp, sizeof(rp));
980e1a53 3232
a664b5bc 3233 mgmt_pending_remove(cmd);
980e1a53
JH		 3234
3235 return err;
3236}
a5c29683 3237
744cf19e 3238int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681
GP		 3239 u8 link_type, u8 addr_type, __le32 value,
3240 u8 confirm_hint)
a5c29683
JH		 3241{
3242 struct mgmt_ev_user_confirm_request ev;
3243
744cf19e 3244 BT_DBG("%s", hdev->name);
a5c29683 3245
272d90df 3246 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3247 ev.addr.type = link_to_bdaddr(link_type, addr_type);
55bc1a37 3248 ev.confirm_hint = confirm_hint;
78e8098e 3249 ev.value = value;
a5c29683 3250
744cf19e 3251 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
04124681 3252 NULL);
a5c29683
JH		 3253}
3254
272d90df 3255int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5 3256 u8 link_type, u8 addr_type)
604086b7
BG		 3257{
3258 struct mgmt_ev_user_passkey_request ev;
3259
3260 BT_DBG("%s", hdev->name);
3261
272d90df 3262 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3263 ev.addr.type = link_to_bdaddr(link_type, addr_type);
604086b7
BG		 3264
3265 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
04124681 3266 NULL);
604086b7
BG		 3267}
3268
0df4c185 3269static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
8ce8e2b5
GP		 3270 u8 link_type, u8 addr_type, u8 status,
3271 u8 opcode)
a5c29683
JH		 3272{
3273 struct pending_cmd *cmd;
3274 struct mgmt_rp_user_confirm_reply rp;
3275 int err;
3276
2e58ef3e 3277 cmd = mgmt_pending_find(opcode, hdev);
a5c29683
JH		 3278 if (!cmd)
3279 return -ENOENT;
3280
272d90df 3281 bacpy(&rp.addr.bdaddr, bdaddr);
57c1477c 3282 rp.addr.type = link_to_bdaddr(link_type, addr_type);
aee9b218 3283 err = cmd_complete(cmd->sk, hdev->id, opcode, mgmt_status(status),
04124681 3284 &rp, sizeof(rp));
a5c29683 3285
a664b5bc 3286 mgmt_pending_remove(cmd);
a5c29683
JH		 3287
3288 return err;
3289}
3290
744cf19e 3291int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3292 u8 link_type, u8 addr_type, u8 status)
a5c29683 3293{
272d90df 3294 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3295 status, MGMT_OP_USER_CONFIRM_REPLY);
a5c29683
JH		 3296}
3297
272d90df 3298int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3299 u8 link_type, u8 addr_type, u8 status)
a5c29683 3300{
272d90df 3301 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3302 status,
3303 MGMT_OP_USER_CONFIRM_NEG_REPLY);
a5c29683 3304}
2a611692 3305
604086b7 3306int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3307 u8 link_type, u8 addr_type, u8 status)
604086b7 3308{
272d90df 3309 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
04124681 3310 status, MGMT_OP_USER_PASSKEY_REPLY);
604086b7
BG		 3311}
3312
272d90df 3313int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
04124681 3314 u8 link_type, u8 addr_type, u8 status)
604086b7 3315{
272d90df 3316 return user_pairing_resp_complete(hdev, bdaddr, link_type, addr_type,
8fc9ced3
GP		 3317 status,
3318 MGMT_OP_USER_PASSKEY_NEG_REPLY);
604086b7
BG		 3319}
3320
92a25256
JH		 3321int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3322 u8 link_type, u8 addr_type, u32 passkey,
3323 u8 entered)
3324{
3325 struct mgmt_ev_passkey_notify ev;
3326
3327 BT_DBG("%s", hdev->name);
3328
3329 bacpy(&ev.addr.bdaddr, bdaddr);
3330 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3331 ev.passkey = __cpu_to_le32(passkey);
3332 ev.entered = entered;
3333
3334 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3335}
3336
bab73cb6 3337int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3338 u8 addr_type, u8 status)
2a611692
JH		 3339{
3340 struct mgmt_ev_auth_failed ev;
3341
bab73cb6 3342 bacpy(&ev.addr.bdaddr, bdaddr);
57c1477c 3343 ev.addr.type = link_to_bdaddr(link_type, addr_type);
ca69b795 3344 ev.status = mgmt_status(status);
2a611692 3345
744cf19e 3346 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2a611692 3347}
b312b161 3348
33ef95ed
JH		 3349int mgmt_auth_enable_complete(struct hci_dev *hdev, u8 status)
3350{
3351 struct cmd_lookup match = { NULL, hdev };
47990ea0
JH		 3352 bool changed = false;
3353 int err = 0;
33ef95ed
JH		 3354
3355 if (status) {
3356 u8 mgmt_err = mgmt_status(status);
3357 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev,
04124681 3358 cmd_status_rsp, &mgmt_err);
33ef95ed
JH		 3359 return 0;
3360 }
3361
47990ea0
JH		 3362 if (test_bit(HCI_AUTH, &hdev->flags)) {
3363 if (!test_and_set_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3364 changed = true;
3365 } else {
3366 if (test_and_clear_bit(HCI_LINK_SECURITY, &hdev->dev_flags))
3367 changed = true;
3368 }
3369
33ef95ed 3370 mgmt_pending_foreach(MGMT_OP_SET_LINK_SECURITY, hdev, settings_rsp,
04124681 3371 &match);
33ef95ed 3372
47990ea0
JH		 3373 if (changed)
3374 err = new_settings(hdev, match.sk);
33ef95ed
JH		 3375
3376 if (match.sk)
3377 sock_put(match.sk);
3378
3379 return err;
3380}
3381
cacaf52f
JH		 3382static int clear_eir(struct hci_dev *hdev)
3383{
3384 struct hci_cp_write_eir cp;
3385
3386 if (!(hdev->features[6] & LMP_EXT_INQ))
3387 return 0;
3388
c80da27e
JH		 3389 memset(hdev->eir, 0, sizeof(hdev->eir));
3390
cacaf52f
JH		 3391 memset(&cp, 0, sizeof(cp));
3392
3393 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
3394}
3395
c0ecddc2 3396int mgmt_ssp_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
ed2c4ee3
JH		 3397{
3398 struct cmd_lookup match = { NULL, hdev };
c0ecddc2
JH		 3399 bool changed = false;
3400 int err = 0;
ed2c4ee3
JH		 3401
3402 if (status) {
3403 u8 mgmt_err = mgmt_status(status);
c0ecddc2
JH		 3404
3405 if (enable && test_and_clear_bit(HCI_SSP_ENABLED,
04124681 3406 &hdev->dev_flags))
c0ecddc2
JH		 3407 err = new_settings(hdev, NULL);
3408
04124681
GP		 3409 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, cmd_status_rsp,
3410 &mgmt_err);
c0ecddc2
JH		 3411
3412 return err;
3413 }
3414
3415 if (enable) {
3416 if (!test_and_set_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3417 changed = true;
3418 } else {
3419 if (test_and_clear_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3420 changed = true;
ed2c4ee3
JH		 3421 }
3422
3423 mgmt_pending_foreach(MGMT_OP_SET_SSP, hdev, settings_rsp, &match);
3424
c0ecddc2
JH		 3425 if (changed)
3426 err = new_settings(hdev, match.sk);
ed2c4ee3 3427
5fc6ebb1 3428 if (match.sk)
ed2c4ee3
JH		 3429 sock_put(match.sk);
3430
5fc6ebb1
JH		 3431 if (test_bit(HCI_SSP_ENABLED, &hdev->dev_flags))
3432 update_eir(hdev);
3433 else
3434 clear_eir(hdev);
cacaf52f 3435
ed2c4ee3
JH		 3436 return err;
3437}
3438
90e70454
JH		 3439static void class_rsp(struct pending_cmd *cmd, void *data)
3440{
3441 struct cmd_lookup *match = data;
3442
3443 cmd_complete(cmd->sk, cmd->index, cmd->opcode, match->mgmt_status,
04124681 3444 match->hdev->dev_class, 3);
90e70454
JH		 3445
3446 list_del(&cmd->list);
3447
3448 if (match->sk == NULL) {
3449 match->sk = cmd->sk;
3450 sock_hold(match->sk);
3451 }
3452
3453 mgmt_pending_free(cmd);
3454}
3455
7f9a903c 3456int mgmt_set_class_of_dev_complete(struct hci_dev *hdev, u8 *dev_class,
04124681 3457 u8 status)
7f9a903c 3458{
90e70454
JH		 3459 struct cmd_lookup match = { NULL, hdev, mgmt_status(status) };
3460 int err = 0;
7f9a903c 3461
c95f0ba7
JH		 3462 clear_bit(HCI_PENDING_CLASS, &hdev->dev_flags);
3463
90e70454
JH		 3464 mgmt_pending_foreach(MGMT_OP_SET_DEV_CLASS, hdev, class_rsp, &match);
3465 mgmt_pending_foreach(MGMT_OP_ADD_UUID, hdev, class_rsp, &match);
3466 mgmt_pending_foreach(MGMT_OP_REMOVE_UUID, hdev, class_rsp, &match);
3467
3468 if (!status)
04124681
GP		 3469 err = mgmt_event(MGMT_EV_CLASS_OF_DEV_CHANGED, hdev, dev_class,
3470 3, NULL);
90e70454
JH		 3471
3472 if (match.sk)
3473 sock_put(match.sk);
7f9a903c
MH		 3474
3475 return err;
3476}
3477
744cf19e 3478int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
b312b161
JH		 3479{
3480 struct pending_cmd *cmd;
3481 struct mgmt_cp_set_local_name ev;
28cc7bde
JH		 3482 bool changed = false;
3483 int err = 0;
3484
3485 if (memcmp(name, hdev->dev_name, sizeof(hdev->dev_name)) != 0) {
3486 memcpy(hdev->dev_name, name, sizeof(hdev->dev_name));
3487 changed = true;
3488 }
b312b161
JH		 3489
3490 memset(&ev, 0, sizeof(ev));
3491 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
28cc7bde 3492 memcpy(ev.short_name, hdev->short_name, HCI_MAX_SHORT_NAME_LENGTH);
b312b161 3493
2e58ef3e 3494 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
b312b161
JH		 3495 if (!cmd)
3496 goto send_event;
3497
7bdaae4a
JH		 3498 /* Always assume that either the short or the complete name has
3499 * changed if there was a pending mgmt command */
3500 changed = true;
3501
b312b161 3502 if (status) {
744cf19e 3503 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
04124681 3504 mgmt_status(status));
b312b161
JH		 3505 goto failed;
3506 }
3507
aee9b218 3508 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, 0, &ev,
04124681 3509 sizeof(ev));
b312b161
JH		 3510 if (err < 0)
3511 goto failed;
3512
3513send_event:
28cc7bde
JH		 3514 if (changed)
3515 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev,
04124681 3516 sizeof(ev), cmd ? cmd->sk : NULL);
28cc7bde 3517
f51d5b24 3518 update_eir(hdev);
b312b161
JH		 3519
3520failed:
3521 if (cmd)
3522 mgmt_pending_remove(cmd);
3523 return err;
3524}
c35938b2 3525
744cf19e 3526int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
04124681 3527 u8 *randomizer, u8 status)
c35938b2
SJ		 3528{
3529 struct pending_cmd *cmd;
3530 int err;
3531
744cf19e 3532 BT_DBG("%s status %u", hdev->name, status);
c35938b2 3533
2e58ef3e 3534 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
c35938b2
SJ		 3535 if (!cmd)
3536 return -ENOENT;
3537
3538 if (status) {
04124681
GP		 3539 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
3540 mgmt_status(status));
c35938b2
SJ		 3541 } else {
3542 struct mgmt_rp_read_local_oob_data rp;
3543
3544 memcpy(rp.hash, hash, sizeof(rp.hash));
3545 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
3546
744cf19e 3547 err = cmd_complete(cmd->sk, hdev->id,
04124681
GP		 3548 MGMT_OP_READ_LOCAL_OOB_DATA, 0, &rp,
3549 sizeof(rp));
c35938b2
SJ		 3550 }
3551
3552 mgmt_pending_remove(cmd);
3553
3554 return err;
3555}
e17acd40 3556
06199cf8
JH		 3557int mgmt_le_enable_complete(struct hci_dev *hdev, u8 enable, u8 status)
3558{
3559 struct cmd_lookup match = { NULL, hdev };
3560 bool changed = false;
3561 int err = 0;
3562
3563 if (status) {
3564 u8 mgmt_err = mgmt_status(status);
3565
3566 if (enable && test_and_clear_bit(HCI_LE_ENABLED,
04124681 3567 &hdev->dev_flags))
d97dcb66 3568 err = new_settings(hdev, NULL);
06199cf8 3569
d97dcb66
SJ		 3570 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, cmd_status_rsp,
3571 &mgmt_err);
06199cf8
JH		 3572
3573 return err;
3574 }
3575
3576 if (enable) {
3577 if (!test_and_set_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3578 changed = true;
3579 } else {
3580 if (test_and_clear_bit(HCI_LE_ENABLED, &hdev->dev_flags))
3581 changed = true;
3582 }
3583
3584 mgmt_pending_foreach(MGMT_OP_SET_LE, hdev, settings_rsp, &match);
3585
3586 if (changed)
3587 err = new_settings(hdev, match.sk);
3588
3589 if (match.sk)
3590 sock_put(match.sk);
3591
3592 return err;
3593}
3594
48264f06 3595int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681
GP		 3596 u8 addr_type, u8 *dev_class, s8 rssi, u8 cfm_name, u8
3597 ssp, u8 *eir, u16 eir_len)
e17acd40 3598{
e319d2e7
JH		 3599 char buf[512];
3600 struct mgmt_ev_device_found *ev = (void *) buf;
1dc06093 3601 size_t ev_size;
e17acd40 3602
1dc06093
JH		 3603 /* Leave 5 bytes for a potential CoD field */
3604 if (sizeof(*ev) + eir_len + 5 > sizeof(buf))
7d262f86
AG		 3605 return -EINVAL;
3606
1dc06093
JH		 3607 memset(buf, 0, sizeof(buf));
3608
e319d2e7 3609 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3610 ev->addr.type = link_to_bdaddr(link_type, addr_type);
e319d2e7 3611 ev->rssi = rssi;
9a395a80 3612 if (cfm_name)
33cef264 3613 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_CONFIRM_NAME);
388fc8fa 3614 if (!ssp)
33cef264 3615 ev->flags |= cpu_to_le32(MGMT_DEV_FOUND_LEGACY_PAIRING);
e17acd40 3616
1dc06093 3617 if (eir_len > 0)
e319d2e7 3618 memcpy(ev->eir, eir, eir_len);
e17acd40 3619
1dc06093
JH		 3620 if (dev_class && !eir_has_data_type(ev->eir, eir_len, EIR_CLASS_OF_DEV))
3621 eir_len = eir_append_data(ev->eir, eir_len, EIR_CLASS_OF_DEV,
04124681 3622 dev_class, 3);
1dc06093 3623
eb55ef07 3624 ev->eir_len = cpu_to_le16(eir_len);
1dc06093 3625 ev_size = sizeof(*ev) + eir_len;
f8523598 3626
e319d2e7 3627 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev, ev_size, NULL);
e17acd40 3628}
a88a9652 3629
b644ba33 3630int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
04124681 3631 u8 addr_type, s8 rssi, u8 *name, u8 name_len)
a88a9652 3632{
b644ba33
JH		 3633 struct mgmt_ev_device_found *ev;
3634 char buf[sizeof(*ev) + HCI_MAX_NAME_LENGTH + 2];
3635 u16 eir_len;
a88a9652 3636
b644ba33 3637 ev = (struct mgmt_ev_device_found *) buf;
a88a9652 3638
b644ba33
JH		 3639 memset(buf, 0, sizeof(buf));
3640
3641 bacpy(&ev->addr.bdaddr, bdaddr);
57c1477c 3642 ev->addr.type = link_to_bdaddr(link_type, addr_type);
b644ba33
JH		 3643 ev->rssi = rssi;
3644
3645 eir_len = eir_append_data(ev->eir, 0, EIR_NAME_COMPLETE, name,
04124681 3646 name_len);
b644ba33 3647
eb55ef07 3648 ev->eir_len = cpu_to_le16(eir_len);
a88a9652 3649
053c7e0c 3650 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
04124681 3651 sizeof(*ev) + eir_len, NULL);
a88a9652 3652}
314b2381 3653
7a135109 3654int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
164a6e78
JH		 3655{
3656 struct pending_cmd *cmd;
f808e166 3657 u8 type;
164a6e78
JH		 3658 int err;
3659
203159d4
AG		 3660 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
3661
2e58ef3e 3662 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78
JH		 3663 if (!cmd)
3664 return -ENOENT;
3665
f808e166
JH		 3666 type = hdev->discovery.type;
3667
3668 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3669 &type, sizeof(type));
164a6e78
JH		 3670 mgmt_pending_remove(cmd);
3671
3672 return err;
3673}
3674
e6d465cb
AG		 3675int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
3676{
3677 struct pending_cmd *cmd;
3678 int err;
3679
3680 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
3681 if (!cmd)
3682 return -ENOENT;
3683
d930650b 3684 err = cmd_complete(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status),
04124681 3685 &hdev->discovery.type, sizeof(hdev->discovery.type));
164a6e78
JH		 3686 mgmt_pending_remove(cmd);
3687
3688 return err;
3689}
3690
744cf19e 3691int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
314b2381 3692{
f963e8e9 3693 struct mgmt_ev_discovering ev;
164a6e78
JH		 3694 struct pending_cmd *cmd;
3695
343fb145
AG		 3696 BT_DBG("%s discovering %u", hdev->name, discovering);
3697
164a6e78 3698 if (discovering)
2e58ef3e 3699 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
164a6e78 3700 else
2e58ef3e 3701 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
164a6e78
JH		 3702
3703 if (cmd != NULL) {
f808e166
JH		 3704 u8 type = hdev->discovery.type;
3705
04124681
GP		 3706 cmd_complete(cmd->sk, hdev->id, cmd->opcode, 0, &type,
3707 sizeof(type));
164a6e78
JH		 3708 mgmt_pending_remove(cmd);
3709 }
3710
f963e8e9
JH		 3711 memset(&ev, 0, sizeof(ev));
3712 ev.type = hdev->discovery.type;
3713 ev.discovering = discovering;
3714
3715 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &ev, sizeof(ev), NULL);
314b2381 3716}
5e762444 3717
88c1fe4b 3718int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3719{
3720 struct pending_cmd *cmd;
3721 struct mgmt_ev_device_blocked ev;
3722
2e58ef3e 3723 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
5e762444 3724
88c1fe4b
JH		 3725 bacpy(&ev.addr.bdaddr, bdaddr);
3726 ev.addr.type = type;
5e762444 3727
744cf19e 3728 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
04124681 3729 cmd ? cmd->sk : NULL);
5e762444
AJ		 3730}
3731
88c1fe4b 3732int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type)
5e762444
AJ		 3733{
3734 struct pending_cmd *cmd;
3735 struct mgmt_ev_device_unblocked ev;
3736
2e58ef3e 3737 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
5e762444 3738
88c1fe4b
JH		 3739 bacpy(&ev.addr.bdaddr, bdaddr);
3740 ev.addr.type = type;
5e762444 3741
744cf19e 3742 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
04124681 3743 cmd ? cmd->sk : NULL);
5e762444 3744}
d7b7e796
MH		 3745
3746module_param(enable_hs, bool, 0644);
3747MODULE_PARM_DESC(enable_hs, "Enable High Speed support");
kernel source for telekom puls (alcatel/mediatek)