projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Add initial mgmt_confirm_name support
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / mgmt.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 /* Bluetooth HCI Management interface */
24
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <linux/module.h>
28 #include <asm/unaligned.h>
29
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/mgmt.h>
33 #include <net/bluetooth/smp.h>
34
35 #define MGMT_VERSION 0
36 #define MGMT_REVISION 1
37
38 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
39
40 #define SERVICE_CACHE_TIMEOUT (5 * 1000)
41
42 struct pending_cmd {
43 struct list_head list;
44 u16 opcode;
45 int index;
46 void *param;
47 struct sock *sk;
48 void *user_data;
49 };
50
51 /* HCI to MGMT error code conversion table */
52 static u8 mgmt_status_table[] = {
53 MGMT_STATUS_SUCCESS,
54 MGMT_STATUS_UNKNOWN_COMMAND, /* Unknown Command */
55 MGMT_STATUS_NOT_CONNECTED, /* No Connection */
56 MGMT_STATUS_FAILED, /* Hardware Failure */
57 MGMT_STATUS_CONNECT_FAILED, /* Page Timeout */
58 MGMT_STATUS_AUTH_FAILED, /* Authentication Failed */
59 MGMT_STATUS_NOT_PAIRED, /* PIN or Key Missing */
60 MGMT_STATUS_NO_RESOURCES, /* Memory Full */
61 MGMT_STATUS_TIMEOUT, /* Connection Timeout */
62 MGMT_STATUS_NO_RESOURCES, /* Max Number of Connections */
63 MGMT_STATUS_NO_RESOURCES, /* Max Number of SCO Connections */
64 MGMT_STATUS_ALREADY_CONNECTED, /* ACL Connection Exists */
65 MGMT_STATUS_BUSY, /* Command Disallowed */
66 MGMT_STATUS_NO_RESOURCES, /* Rejected Limited Resources */
67 MGMT_STATUS_REJECTED, /* Rejected Security */
68 MGMT_STATUS_REJECTED, /* Rejected Personal */
69 MGMT_STATUS_TIMEOUT, /* Host Timeout */
70 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Feature */
71 MGMT_STATUS_INVALID_PARAMS, /* Invalid Parameters */
72 MGMT_STATUS_DISCONNECTED, /* OE User Ended Connection */
73 MGMT_STATUS_NO_RESOURCES, /* OE Low Resources */
74 MGMT_STATUS_DISCONNECTED, /* OE Power Off */
75 MGMT_STATUS_DISCONNECTED, /* Connection Terminated */
76 MGMT_STATUS_BUSY, /* Repeated Attempts */
77 MGMT_STATUS_REJECTED, /* Pairing Not Allowed */
78 MGMT_STATUS_FAILED, /* Unknown LMP PDU */
79 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported Remote Feature */
80 MGMT_STATUS_REJECTED, /* SCO Offset Rejected */
81 MGMT_STATUS_REJECTED, /* SCO Interval Rejected */
82 MGMT_STATUS_REJECTED, /* Air Mode Rejected */
83 MGMT_STATUS_INVALID_PARAMS, /* Invalid LMP Parameters */
84 MGMT_STATUS_FAILED, /* Unspecified Error */
85 MGMT_STATUS_NOT_SUPPORTED, /* Unsupported LMP Parameter Value */
86 MGMT_STATUS_FAILED, /* Role Change Not Allowed */
87 MGMT_STATUS_TIMEOUT, /* LMP Response Timeout */
88 MGMT_STATUS_FAILED, /* LMP Error Transaction Collision */
89 MGMT_STATUS_FAILED, /* LMP PDU Not Allowed */
90 MGMT_STATUS_REJECTED, /* Encryption Mode Not Accepted */
91 MGMT_STATUS_FAILED, /* Unit Link Key Used */
92 MGMT_STATUS_NOT_SUPPORTED, /* QoS Not Supported */
93 MGMT_STATUS_TIMEOUT, /* Instant Passed */
94 MGMT_STATUS_NOT_SUPPORTED, /* Pairing Not Supported */
95 MGMT_STATUS_FAILED, /* Transaction Collision */
96 MGMT_STATUS_INVALID_PARAMS, /* Unacceptable Parameter */
97 MGMT_STATUS_REJECTED, /* QoS Rejected */
98 MGMT_STATUS_NOT_SUPPORTED, /* Classification Not Supported */
99 MGMT_STATUS_REJECTED, /* Insufficient Security */
100 MGMT_STATUS_INVALID_PARAMS, /* Parameter Out Of Range */
101 MGMT_STATUS_BUSY, /* Role Switch Pending */
102 MGMT_STATUS_FAILED, /* Slot Violation */
103 MGMT_STATUS_FAILED, /* Role Switch Failed */
104 MGMT_STATUS_INVALID_PARAMS, /* EIR Too Large */
105 MGMT_STATUS_NOT_SUPPORTED, /* Simple Pairing Not Supported */
106 MGMT_STATUS_BUSY, /* Host Busy Pairing */
107 MGMT_STATUS_REJECTED, /* Rejected, No Suitable Channel */
108 MGMT_STATUS_BUSY, /* Controller Busy */
109 MGMT_STATUS_INVALID_PARAMS, /* Unsuitable Connection Interval */
110 MGMT_STATUS_TIMEOUT, /* Directed Advertising Timeout */
111 MGMT_STATUS_AUTH_FAILED, /* Terminated Due to MIC Failure */
112 MGMT_STATUS_CONNECT_FAILED, /* Connection Establishment Failed */
113 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
114 };
115
116 static u8 mgmt_status(u8 hci_status)
117 {
118 if (hci_status < ARRAY_SIZE(mgmt_status_table))
119 return mgmt_status_table[hci_status];
120
121 return MGMT_STATUS_FAILED;
122 }
123
124 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
125 {
126 struct sk_buff *skb;
127 struct mgmt_hdr *hdr;
128 struct mgmt_ev_cmd_status *ev;
129 int err;
130
131 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
132
133 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
134 if (!skb)
135 return -ENOMEM;
136
137 hdr = (void *) skb_put(skb, sizeof(*hdr));
138
139 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
140 hdr->index = cpu_to_le16(index);
141 hdr->len = cpu_to_le16(sizeof(*ev));
142
143 ev = (void *) skb_put(skb, sizeof(*ev));
144 ev->status = status;
145 put_unaligned_le16(cmd, &ev->opcode);
146
147 err = sock_queue_rcv_skb(sk, skb);
148 if (err < 0)
149 kfree_skb(skb);
150
151 return err;
152 }
153
154 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
155 size_t rp_len)
156 {
157 struct sk_buff *skb;
158 struct mgmt_hdr *hdr;
159 struct mgmt_ev_cmd_complete *ev;
160 int err;
161
162 BT_DBG("sock %p", sk);
163
164 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
165 if (!skb)
166 return -ENOMEM;
167
168 hdr = (void *) skb_put(skb, sizeof(*hdr));
169
170 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
171 hdr->index = cpu_to_le16(index);
172 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
173
174 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
175 put_unaligned_le16(cmd, &ev->opcode);
176
177 if (rp)
178 memcpy(ev->data, rp, rp_len);
179
180 err = sock_queue_rcv_skb(sk, skb);
181 if (err < 0)
182 kfree_skb(skb);
183
184 return err;;
185 }
186
187 static int read_version(struct sock *sk)
188 {
189 struct mgmt_rp_read_version rp;
190
191 BT_DBG("sock %p", sk);
192
193 rp.version = MGMT_VERSION;
194 put_unaligned_le16(MGMT_REVISION, &rp.revision);
195
196 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
197 sizeof(rp));
198 }
199
200 static int read_index_list(struct sock *sk)
201 {
202 struct mgmt_rp_read_index_list *rp;
203 struct list_head *p;
204 struct hci_dev *d;
205 size_t rp_len;
206 u16 count;
207 int i, err;
208
209 BT_DBG("sock %p", sk);
210
211 read_lock(&hci_dev_list_lock);
212
213 count = 0;
214 list_for_each(p, &hci_dev_list) {
215 count++;
216 }
217
218 rp_len = sizeof(*rp) + (2 * count);
219 rp = kmalloc(rp_len, GFP_ATOMIC);
220 if (!rp) {
221 read_unlock(&hci_dev_list_lock);
222 return -ENOMEM;
223 }
224
225 put_unaligned_le16(count, &rp->num_controllers);
226
227 i = 0;
228 list_for_each_entry(d, &hci_dev_list, list) {
229 if (test_and_clear_bit(HCI_AUTO_OFF, &d->flags))
230 cancel_delayed_work(&d->power_off);
231
232 if (test_bit(HCI_SETUP, &d->flags))
233 continue;
234
235 put_unaligned_le16(d->id, &rp->index[i++]);
236 BT_DBG("Added hci%u", d->id);
237 }
238
239 read_unlock(&hci_dev_list_lock);
240
241 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
242 rp_len);
243
244 kfree(rp);
245
246 return err;
247 }
248
249 static u32 get_supported_settings(struct hci_dev *hdev)
250 {
251 u32 settings = 0;
252
253 settings |= MGMT_SETTING_POWERED;
254 settings |= MGMT_SETTING_CONNECTABLE;
255 settings |= MGMT_SETTING_FAST_CONNECTABLE;
256 settings |= MGMT_SETTING_DISCOVERABLE;
257 settings |= MGMT_SETTING_PAIRABLE;
258
259 if (hdev->features[6] & LMP_SIMPLE_PAIR)
260 settings |= MGMT_SETTING_SSP;
261
262 if (!(hdev->features[4] & LMP_NO_BREDR)) {
263 settings |= MGMT_SETTING_BREDR;
264 settings |= MGMT_SETTING_LINK_SECURITY;
265 }
266
267 if (hdev->features[4] & LMP_LE)
268 settings |= MGMT_SETTING_LE;
269
270 return settings;
271 }
272
273 static u32 get_current_settings(struct hci_dev *hdev)
274 {
275 u32 settings = 0;
276
277 if (test_bit(HCI_UP, &hdev->flags))
278 settings |= MGMT_SETTING_POWERED;
279 else
280 return settings;
281
282 if (test_bit(HCI_PSCAN, &hdev->flags))
283 settings |= MGMT_SETTING_CONNECTABLE;
284
285 if (test_bit(HCI_ISCAN, &hdev->flags))
286 settings |= MGMT_SETTING_DISCOVERABLE;
287
288 if (test_bit(HCI_PAIRABLE, &hdev->flags))
289 settings |= MGMT_SETTING_PAIRABLE;
290
291 if (!(hdev->features[4] & LMP_NO_BREDR))
292 settings |= MGMT_SETTING_BREDR;
293
294 if (hdev->host_features[0] & LMP_HOST_LE)
295 settings |= MGMT_SETTING_LE;
296
297 if (test_bit(HCI_AUTH, &hdev->flags))
298 settings |= MGMT_SETTING_LINK_SECURITY;
299
300 if (hdev->ssp_mode > 0)
301 settings |= MGMT_SETTING_SSP;
302
303 return settings;
304 }
305
306 #define PNP_INFO_SVCLASS_ID 0x1200
307
308 static u8 bluetooth_base_uuid[] = {
309 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
310 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
311 };
312
313 static u16 get_uuid16(u8 *uuid128)
314 {
315 u32 val;
316 int i;
317
318 for (i = 0; i < 12; i++) {
319 if (bluetooth_base_uuid[i] != uuid128[i])
320 return 0;
321 }
322
323 memcpy(&val, &uuid128[12], 4);
324
325 val = le32_to_cpu(val);
326 if (val > 0xffff)
327 return 0;
328
329 return (u16) val;
330 }
331
332 static void create_eir(struct hci_dev *hdev, u8 *data)
333 {
334 u8 *ptr = data;
335 u16 eir_len = 0;
336 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
337 int i, truncated = 0;
338 struct bt_uuid *uuid;
339 size_t name_len;
340
341 name_len = strlen(hdev->dev_name);
342
343 if (name_len > 0) {
344 /* EIR Data type */
345 if (name_len > 48) {
346 name_len = 48;
347 ptr[1] = EIR_NAME_SHORT;
348 } else
349 ptr[1] = EIR_NAME_COMPLETE;
350
351 /* EIR Data length */
352 ptr[0] = name_len + 1;
353
354 memcpy(ptr + 2, hdev->dev_name, name_len);
355
356 eir_len += (name_len + 2);
357 ptr += (name_len + 2);
358 }
359
360 memset(uuid16_list, 0, sizeof(uuid16_list));
361
362 /* Group all UUID16 types */
363 list_for_each_entry(uuid, &hdev->uuids, list) {
364 u16 uuid16;
365
366 uuid16 = get_uuid16(uuid->uuid);
367 if (uuid16 == 0)
368 return;
369
370 if (uuid16 < 0x1100)
371 continue;
372
373 if (uuid16 == PNP_INFO_SVCLASS_ID)
374 continue;
375
376 /* Stop if not enough space to put next UUID */
377 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
378 truncated = 1;
379 break;
380 }
381
382 /* Check for duplicates */
383 for (i = 0; uuid16_list[i] != 0; i++)
384 if (uuid16_list[i] == uuid16)
385 break;
386
387 if (uuid16_list[i] == 0) {
388 uuid16_list[i] = uuid16;
389 eir_len += sizeof(u16);
390 }
391 }
392
393 if (uuid16_list[0] != 0) {
394 u8 *length = ptr;
395
396 /* EIR Data type */
397 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
398
399 ptr += 2;
400 eir_len += 2;
401
402 for (i = 0; uuid16_list[i] != 0; i++) {
403 *ptr++ = (uuid16_list[i] & 0x00ff);
404 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
405 }
406
407 /* EIR Data length */
408 *length = (i * sizeof(u16)) + 1;
409 }
410 }
411
412 static int update_eir(struct hci_dev *hdev)
413 {
414 struct hci_cp_write_eir cp;
415
416 if (!(hdev->features[6] & LMP_EXT_INQ))
417 return 0;
418
419 if (hdev->ssp_mode == 0)
420 return 0;
421
422 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
423 return 0;
424
425 memset(&cp, 0, sizeof(cp));
426
427 create_eir(hdev, cp.data);
428
429 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
430 return 0;
431
432 memcpy(hdev->eir, cp.data, sizeof(cp.data));
433
434 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
435 }
436
437 static u8 get_service_classes(struct hci_dev *hdev)
438 {
439 struct bt_uuid *uuid;
440 u8 val = 0;
441
442 list_for_each_entry(uuid, &hdev->uuids, list)
443 val |= uuid->svc_hint;
444
445 return val;
446 }
447
448 static int update_class(struct hci_dev *hdev)
449 {
450 u8 cod[3];
451
452 BT_DBG("%s", hdev->name);
453
454 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
455 return 0;
456
457 cod[0] = hdev->minor_class;
458 cod[1] = hdev->major_class;
459 cod[2] = get_service_classes(hdev);
460
461 if (memcmp(cod, hdev->dev_class, 3) == 0)
462 return 0;
463
464 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
465 }
466
467 static void service_cache_off(struct work_struct *work)
468 {
469 struct hci_dev *hdev = container_of(work, struct hci_dev,
470 service_cache.work);
471
472 if (!test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->flags))
473 return;
474
475 hci_dev_lock(hdev);
476
477 update_eir(hdev);
478 update_class(hdev);
479
480 hci_dev_unlock(hdev);
481 }
482
483 static void mgmt_init_hdev(struct hci_dev *hdev)
484 {
485 if (!test_and_set_bit(HCI_MGMT, &hdev->flags))
486 INIT_DELAYED_WORK(&hdev->service_cache, service_cache_off);
487
488 if (!test_and_set_bit(HCI_SERVICE_CACHE, &hdev->flags))
489 schedule_delayed_work(&hdev->service_cache,
490 msecs_to_jiffies(SERVICE_CACHE_TIMEOUT));
491 }
492
493 static int read_controller_info(struct sock *sk, u16 index)
494 {
495 struct mgmt_rp_read_info rp;
496 struct hci_dev *hdev;
497
498 BT_DBG("sock %p hci%u", sk, index);
499
500 hdev = hci_dev_get(index);
501 if (!hdev)
502 return cmd_status(sk, index, MGMT_OP_READ_INFO,
503 MGMT_STATUS_INVALID_PARAMS);
504
505 if (test_and_clear_bit(HCI_AUTO_OFF, &hdev->flags))
506 cancel_delayed_work_sync(&hdev->power_off);
507
508 hci_dev_lock(hdev);
509
510 if (test_and_clear_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags))
511 mgmt_init_hdev(hdev);
512
513 memset(&rp, 0, sizeof(rp));
514
515 bacpy(&rp.bdaddr, &hdev->bdaddr);
516
517 rp.version = hdev->hci_ver;
518
519 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
520
521 rp.supported_settings = cpu_to_le32(get_supported_settings(hdev));
522 rp.current_settings = cpu_to_le32(get_current_settings(hdev));
523
524 memcpy(rp.dev_class, hdev->dev_class, 3);
525
526 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
527
528 hci_dev_unlock(hdev);
529 hci_dev_put(hdev);
530
531 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
532 }
533
534 static void mgmt_pending_free(struct pending_cmd *cmd)
535 {
536 sock_put(cmd->sk);
537 kfree(cmd->param);
538 kfree(cmd);
539 }
540
541 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
542 struct hci_dev *hdev,
543 void *data, u16 len)
544 {
545 struct pending_cmd *cmd;
546
547 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
548 if (!cmd)
549 return NULL;
550
551 cmd->opcode = opcode;
552 cmd->index = hdev->id;
553
554 cmd->param = kmalloc(len, GFP_ATOMIC);
555 if (!cmd->param) {
556 kfree(cmd);
557 return NULL;
558 }
559
560 if (data)
561 memcpy(cmd->param, data, len);
562
563 cmd->sk = sk;
564 sock_hold(sk);
565
566 list_add(&cmd->list, &hdev->mgmt_pending);
567
568 return cmd;
569 }
570
571 static void mgmt_pending_foreach(u16 opcode, struct hci_dev *hdev,
572 void (*cb)(struct pending_cmd *cmd, void *data),
573 void *data)
574 {
575 struct list_head *p, *n;
576
577 list_for_each_safe(p, n, &hdev->mgmt_pending) {
578 struct pending_cmd *cmd;
579
580 cmd = list_entry(p, struct pending_cmd, list);
581
582 if (opcode > 0 && cmd->opcode != opcode)
583 continue;
584
585 cb(cmd, data);
586 }
587 }
588
589 static struct pending_cmd *mgmt_pending_find(u16 opcode, struct hci_dev *hdev)
590 {
591 struct pending_cmd *cmd;
592
593 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
594 if (cmd->opcode == opcode)
595 return cmd;
596 }
597
598 return NULL;
599 }
600
601 static void mgmt_pending_remove(struct pending_cmd *cmd)
602 {
603 list_del(&cmd->list);
604 mgmt_pending_free(cmd);
605 }
606
607 static int send_settings_rsp(struct sock *sk, u16 opcode, struct hci_dev *hdev)
608 {
609 __le32 settings = cpu_to_le32(get_current_settings(hdev));
610
611 return cmd_complete(sk, hdev->id, opcode, &settings, sizeof(settings));
612 }
613
614 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
615 {
616 struct mgmt_mode *cp;
617 struct hci_dev *hdev;
618 struct pending_cmd *cmd;
619 int err, up;
620
621 cp = (void *) data;
622
623 BT_DBG("request for hci%u", index);
624
625 if (len != sizeof(*cp))
626 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
627 MGMT_STATUS_INVALID_PARAMS);
628
629 hdev = hci_dev_get(index);
630 if (!hdev)
631 return cmd_status(sk, index, MGMT_OP_SET_POWERED,
632 MGMT_STATUS_INVALID_PARAMS);
633
634 hci_dev_lock(hdev);
635
636 up = test_bit(HCI_UP, &hdev->flags);
637 if ((cp->val && up) || (!cp->val && !up)) {
638 err = send_settings_rsp(sk, MGMT_OP_SET_POWERED, hdev);
639 goto failed;
640 }
641
642 if (mgmt_pending_find(MGMT_OP_SET_POWERED, hdev)) {
643 err = cmd_status(sk, index, MGMT_OP_SET_POWERED,
644 MGMT_STATUS_BUSY);
645 goto failed;
646 }
647
648 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, hdev, data, len);
649 if (!cmd) {
650 err = -ENOMEM;
651 goto failed;
652 }
653
654 if (cp->val)
655 schedule_work(&hdev->power_on);
656 else
657 schedule_work(&hdev->power_off.work);
658
659 err = 0;
660
661 failed:
662 hci_dev_unlock(hdev);
663 hci_dev_put(hdev);
664 return err;
665 }
666
667 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
668 u16 len)
669 {
670 struct mgmt_cp_set_discoverable *cp;
671 struct hci_dev *hdev;
672 struct pending_cmd *cmd;
673 u8 scan;
674 int err;
675
676 cp = (void *) data;
677
678 BT_DBG("request for hci%u", index);
679
680 if (len != sizeof(*cp))
681 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
682 MGMT_STATUS_INVALID_PARAMS);
683
684 hdev = hci_dev_get(index);
685 if (!hdev)
686 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
687 MGMT_STATUS_INVALID_PARAMS);
688
689 hci_dev_lock(hdev);
690
691 if (!test_bit(HCI_UP, &hdev->flags)) {
692 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
693 MGMT_STATUS_NOT_POWERED);
694 goto failed;
695 }
696
697 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
698 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
699 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE,
700 MGMT_STATUS_BUSY);
701 goto failed;
702 }
703
704 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
705 test_bit(HCI_PSCAN, &hdev->flags)) {
706 err = send_settings_rsp(sk, MGMT_OP_SET_DISCOVERABLE, hdev);
707 goto failed;
708 }
709
710 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, hdev, data, len);
711 if (!cmd) {
712 err = -ENOMEM;
713 goto failed;
714 }
715
716 scan = SCAN_PAGE;
717
718 if (cp->val)
719 scan |= SCAN_INQUIRY;
720 else
721 cancel_delayed_work(&hdev->discov_off);
722
723 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
724 if (err < 0)
725 mgmt_pending_remove(cmd);
726
727 if (cp->val)
728 hdev->discov_timeout = get_unaligned_le16(&cp->timeout);
729
730 failed:
731 hci_dev_unlock(hdev);
732 hci_dev_put(hdev);
733
734 return err;
735 }
736
737 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
738 u16 len)
739 {
740 struct mgmt_mode *cp;
741 struct hci_dev *hdev;
742 struct pending_cmd *cmd;
743 u8 scan;
744 int err;
745
746 cp = (void *) data;
747
748 BT_DBG("request for hci%u", index);
749
750 if (len != sizeof(*cp))
751 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
752 MGMT_STATUS_INVALID_PARAMS);
753
754 hdev = hci_dev_get(index);
755 if (!hdev)
756 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
757 MGMT_STATUS_INVALID_PARAMS);
758
759 hci_dev_lock(hdev);
760
761 if (!test_bit(HCI_UP, &hdev->flags)) {
762 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
763 MGMT_STATUS_NOT_POWERED);
764 goto failed;
765 }
766
767 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, hdev) ||
768 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, hdev)) {
769 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE,
770 MGMT_STATUS_BUSY);
771 goto failed;
772 }
773
774 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
775 err = send_settings_rsp(sk, MGMT_OP_SET_CONNECTABLE, hdev);
776 goto failed;
777 }
778
779 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, hdev, data, len);
780 if (!cmd) {
781 err = -ENOMEM;
782 goto failed;
783 }
784
785 if (cp->val)
786 scan = SCAN_PAGE;
787 else
788 scan = 0;
789
790 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
791 if (err < 0)
792 mgmt_pending_remove(cmd);
793
794 failed:
795 hci_dev_unlock(hdev);
796 hci_dev_put(hdev);
797
798 return err;
799 }
800
801 static int mgmt_event(u16 event, struct hci_dev *hdev, void *data,
802 u16 data_len, struct sock *skip_sk)
803 {
804 struct sk_buff *skb;
805 struct mgmt_hdr *hdr;
806
807 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
808 if (!skb)
809 return -ENOMEM;
810
811 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
812
813 hdr = (void *) skb_put(skb, sizeof(*hdr));
814 hdr->opcode = cpu_to_le16(event);
815 if (hdev)
816 hdr->index = cpu_to_le16(hdev->id);
817 else
818 hdr->index = cpu_to_le16(MGMT_INDEX_NONE);
819 hdr->len = cpu_to_le16(data_len);
820
821 if (data)
822 memcpy(skb_put(skb, data_len), data, data_len);
823
824 hci_send_to_sock(NULL, skb, skip_sk);
825 kfree_skb(skb);
826
827 return 0;
828 }
829
830 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
831 u16 len)
832 {
833 struct mgmt_mode *cp;
834 struct hci_dev *hdev;
835 __le32 ev;
836 int err;
837
838 cp = (void *) data;
839
840 BT_DBG("request for hci%u", index);
841
842 if (len != sizeof(*cp))
843 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
844 MGMT_STATUS_INVALID_PARAMS);
845
846 hdev = hci_dev_get(index);
847 if (!hdev)
848 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE,
849 MGMT_STATUS_INVALID_PARAMS);
850
851 hci_dev_lock(hdev);
852
853 if (cp->val)
854 set_bit(HCI_PAIRABLE, &hdev->flags);
855 else
856 clear_bit(HCI_PAIRABLE, &hdev->flags);
857
858 err = send_settings_rsp(sk, MGMT_OP_SET_PAIRABLE, hdev);
859 if (err < 0)
860 goto failed;
861
862 ev = cpu_to_le32(get_current_settings(hdev));
863
864 err = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), sk);
865
866 failed:
867 hci_dev_unlock(hdev);
868 hci_dev_put(hdev);
869
870 return err;
871 }
872
873 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
874 {
875 struct mgmt_cp_add_uuid *cp;
876 struct hci_dev *hdev;
877 struct bt_uuid *uuid;
878 int err;
879
880 cp = (void *) data;
881
882 BT_DBG("request for hci%u", index);
883
884 if (len != sizeof(*cp))
885 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
886 MGMT_STATUS_INVALID_PARAMS);
887
888 hdev = hci_dev_get(index);
889 if (!hdev)
890 return cmd_status(sk, index, MGMT_OP_ADD_UUID,
891 MGMT_STATUS_INVALID_PARAMS);
892
893 hci_dev_lock(hdev);
894
895 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
896 if (!uuid) {
897 err = -ENOMEM;
898 goto failed;
899 }
900
901 memcpy(uuid->uuid, cp->uuid, 16);
902 uuid->svc_hint = cp->svc_hint;
903
904 list_add(&uuid->list, &hdev->uuids);
905
906 err = update_class(hdev);
907 if (err < 0)
908 goto failed;
909
910 err = update_eir(hdev);
911 if (err < 0)
912 goto failed;
913
914 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
915
916 failed:
917 hci_dev_unlock(hdev);
918 hci_dev_put(hdev);
919
920 return err;
921 }
922
923 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
924 {
925 struct list_head *p, *n;
926 struct mgmt_cp_remove_uuid *cp;
927 struct hci_dev *hdev;
928 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
929 int err, found;
930
931 cp = (void *) data;
932
933 BT_DBG("request for hci%u", index);
934
935 if (len != sizeof(*cp))
936 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
937 MGMT_STATUS_INVALID_PARAMS);
938
939 hdev = hci_dev_get(index);
940 if (!hdev)
941 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
942 MGMT_STATUS_INVALID_PARAMS);
943
944 hci_dev_lock(hdev);
945
946 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
947 err = hci_uuids_clear(hdev);
948 goto unlock;
949 }
950
951 found = 0;
952
953 list_for_each_safe(p, n, &hdev->uuids) {
954 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
955
956 if (memcmp(match->uuid, cp->uuid, 16) != 0)
957 continue;
958
959 list_del(&match->list);
960 found++;
961 }
962
963 if (found == 0) {
964 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID,
965 MGMT_STATUS_INVALID_PARAMS);
966 goto unlock;
967 }
968
969 err = update_class(hdev);
970 if (err < 0)
971 goto unlock;
972
973 err = update_eir(hdev);
974 if (err < 0)
975 goto unlock;
976
977 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
978
979 unlock:
980 hci_dev_unlock(hdev);
981 hci_dev_put(hdev);
982
983 return err;
984 }
985
986 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
987 u16 len)
988 {
989 struct hci_dev *hdev;
990 struct mgmt_cp_set_dev_class *cp;
991 int err;
992
993 cp = (void *) data;
994
995 BT_DBG("request for hci%u", index);
996
997 if (len != sizeof(*cp))
998 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
999 MGMT_STATUS_INVALID_PARAMS);
1000
1001 hdev = hci_dev_get(index);
1002 if (!hdev)
1003 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS,
1004 MGMT_STATUS_INVALID_PARAMS);
1005
1006 hci_dev_lock(hdev);
1007
1008 hdev->major_class = cp->major;
1009 hdev->minor_class = cp->minor;
1010
1011 if (test_and_clear_bit(HCI_SERVICE_CACHE, &hdev->flags)) {
1012 hci_dev_unlock(hdev);
1013 cancel_delayed_work_sync(&hdev->service_cache);
1014 hci_dev_lock(hdev);
1015 update_eir(hdev);
1016 }
1017
1018 err = update_class(hdev);
1019
1020 if (err == 0)
1021 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
1022
1023 hci_dev_unlock(hdev);
1024 hci_dev_put(hdev);
1025
1026 return err;
1027 }
1028
1029 static int load_link_keys(struct sock *sk, u16 index, unsigned char *data,
1030 u16 len)
1031 {
1032 struct hci_dev *hdev;
1033 struct mgmt_cp_load_link_keys *cp;
1034 u16 key_count, expected_len;
1035 int i;
1036
1037 cp = (void *) data;
1038
1039 if (len < sizeof(*cp))
1040 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1041 MGMT_STATUS_INVALID_PARAMS);
1042
1043 key_count = get_unaligned_le16(&cp->key_count);
1044
1045 expected_len = sizeof(*cp) + key_count *
1046 sizeof(struct mgmt_link_key_info);
1047 if (expected_len != len) {
1048 BT_ERR("load_link_keys: expected %u bytes, got %u bytes",
1049 len, expected_len);
1050 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1051 MGMT_STATUS_INVALID_PARAMS);
1052 }
1053
1054 hdev = hci_dev_get(index);
1055 if (!hdev)
1056 return cmd_status(sk, index, MGMT_OP_LOAD_LINK_KEYS,
1057 MGMT_STATUS_INVALID_PARAMS);
1058
1059 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
1060 key_count);
1061
1062 hci_dev_lock(hdev);
1063
1064 hci_link_keys_clear(hdev);
1065
1066 set_bit(HCI_LINK_KEYS, &hdev->flags);
1067
1068 if (cp->debug_keys)
1069 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
1070 else
1071 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
1072
1073 for (i = 0; i < key_count; i++) {
1074 struct mgmt_link_key_info *key = &cp->keys[i];
1075
1076 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
1077 key->pin_len);
1078 }
1079
1080 cmd_complete(sk, index, MGMT_OP_LOAD_LINK_KEYS, NULL, 0);
1081
1082 hci_dev_unlock(hdev);
1083 hci_dev_put(hdev);
1084
1085 return 0;
1086 }
1087
1088 static int remove_keys(struct sock *sk, u16 index, unsigned char *data,
1089 u16 len)
1090 {
1091 struct hci_dev *hdev;
1092 struct mgmt_cp_remove_keys *cp;
1093 struct mgmt_rp_remove_keys rp;
1094 struct hci_cp_disconnect dc;
1095 struct pending_cmd *cmd;
1096 struct hci_conn *conn;
1097 int err;
1098
1099 cp = (void *) data;
1100
1101 if (len != sizeof(*cp))
1102 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1103 MGMT_STATUS_INVALID_PARAMS);
1104
1105 hdev = hci_dev_get(index);
1106 if (!hdev)
1107 return cmd_status(sk, index, MGMT_OP_REMOVE_KEYS,
1108 MGMT_STATUS_INVALID_PARAMS);
1109
1110 hci_dev_lock(hdev);
1111
1112 memset(&rp, 0, sizeof(rp));
1113 bacpy(&rp.bdaddr, &cp->bdaddr);
1114 rp.status = MGMT_STATUS_FAILED;
1115
1116 err = hci_remove_link_key(hdev, &cp->bdaddr);
1117 if (err < 0) {
1118 rp.status = MGMT_STATUS_NOT_PAIRED;
1119 goto unlock;
1120 }
1121
1122 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect) {
1123 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1124 sizeof(rp));
1125 goto unlock;
1126 }
1127
1128 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1129 if (!conn) {
1130 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1131 sizeof(rp));
1132 goto unlock;
1133 }
1134
1135 cmd = mgmt_pending_add(sk, MGMT_OP_REMOVE_KEYS, hdev, cp, sizeof(*cp));
1136 if (!cmd) {
1137 err = -ENOMEM;
1138 goto unlock;
1139 }
1140
1141 put_unaligned_le16(conn->handle, &dc.handle);
1142 dc.reason = 0x13; /* Remote User Terminated Connection */
1143 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1144 if (err < 0)
1145 mgmt_pending_remove(cmd);
1146
1147 unlock:
1148 if (err < 0)
1149 err = cmd_complete(sk, index, MGMT_OP_REMOVE_KEYS, &rp,
1150 sizeof(rp));
1151 hci_dev_unlock(hdev);
1152 hci_dev_put(hdev);
1153
1154 return err;
1155 }
1156
1157 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1158 {
1159 struct hci_dev *hdev;
1160 struct mgmt_cp_disconnect *cp;
1161 struct hci_cp_disconnect dc;
1162 struct pending_cmd *cmd;
1163 struct hci_conn *conn;
1164 int err;
1165
1166 BT_DBG("");
1167
1168 cp = (void *) data;
1169
1170 if (len != sizeof(*cp))
1171 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1172 MGMT_STATUS_INVALID_PARAMS);
1173
1174 hdev = hci_dev_get(index);
1175 if (!hdev)
1176 return cmd_status(sk, index, MGMT_OP_DISCONNECT,
1177 MGMT_STATUS_INVALID_PARAMS);
1178
1179 hci_dev_lock(hdev);
1180
1181 if (!test_bit(HCI_UP, &hdev->flags)) {
1182 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1183 MGMT_STATUS_NOT_POWERED);
1184 goto failed;
1185 }
1186
1187 if (mgmt_pending_find(MGMT_OP_DISCONNECT, hdev)) {
1188 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1189 MGMT_STATUS_BUSY);
1190 goto failed;
1191 }
1192
1193 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1194 if (!conn)
1195 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1196
1197 if (!conn) {
1198 err = cmd_status(sk, index, MGMT_OP_DISCONNECT,
1199 MGMT_STATUS_NOT_CONNECTED);
1200 goto failed;
1201 }
1202
1203 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, hdev, data, len);
1204 if (!cmd) {
1205 err = -ENOMEM;
1206 goto failed;
1207 }
1208
1209 put_unaligned_le16(conn->handle, &dc.handle);
1210 dc.reason = 0x13; /* Remote User Terminated Connection */
1211
1212 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1213 if (err < 0)
1214 mgmt_pending_remove(cmd);
1215
1216 failed:
1217 hci_dev_unlock(hdev);
1218 hci_dev_put(hdev);
1219
1220 return err;
1221 }
1222
1223 static u8 link_to_mgmt(u8 link_type, u8 addr_type)
1224 {
1225 switch (link_type) {
1226 case LE_LINK:
1227 switch (addr_type) {
1228 case ADDR_LE_DEV_PUBLIC:
1229 return MGMT_ADDR_LE_PUBLIC;
1230 case ADDR_LE_DEV_RANDOM:
1231 return MGMT_ADDR_LE_RANDOM;
1232 default:
1233 return MGMT_ADDR_INVALID;
1234 }
1235 case ACL_LINK:
1236 return MGMT_ADDR_BREDR;
1237 default:
1238 return MGMT_ADDR_INVALID;
1239 }
1240 }
1241
1242 static int get_connections(struct sock *sk, u16 index)
1243 {
1244 struct mgmt_rp_get_connections *rp;
1245 struct hci_dev *hdev;
1246 struct hci_conn *c;
1247 struct list_head *p;
1248 size_t rp_len;
1249 u16 count;
1250 int i, err;
1251
1252 BT_DBG("");
1253
1254 hdev = hci_dev_get(index);
1255 if (!hdev)
1256 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS,
1257 MGMT_STATUS_INVALID_PARAMS);
1258
1259 hci_dev_lock(hdev);
1260
1261 count = 0;
1262 list_for_each(p, &hdev->conn_hash.list) {
1263 count++;
1264 }
1265
1266 rp_len = sizeof(*rp) + (count * sizeof(struct mgmt_addr_info));
1267 rp = kmalloc(rp_len, GFP_ATOMIC);
1268 if (!rp) {
1269 err = -ENOMEM;
1270 goto unlock;
1271 }
1272
1273 put_unaligned_le16(count, &rp->conn_count);
1274
1275 i = 0;
1276 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1277 bacpy(&rp->addr[i].bdaddr, &c->dst);
1278 rp->addr[i].type = link_to_mgmt(c->type, c->dst_type);
1279 if (rp->addr[i].type == MGMT_ADDR_INVALID)
1280 continue;
1281 i++;
1282 }
1283
1284 /* Recalculate length in case of filtered SCO connections, etc */
1285 rp_len = sizeof(*rp) + (i * sizeof(struct mgmt_addr_info));
1286
1287 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1288
1289 unlock:
1290 kfree(rp);
1291 hci_dev_unlock(hdev);
1292 hci_dev_put(hdev);
1293 return err;
1294 }
1295
1296 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1297 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1298 {
1299 struct pending_cmd *cmd;
1300 int err;
1301
1302 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, hdev, cp,
1303 sizeof(*cp));
1304 if (!cmd)
1305 return -ENOMEM;
1306
1307 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1308 &cp->bdaddr);
1309 if (err < 0)
1310 mgmt_pending_remove(cmd);
1311
1312 return err;
1313 }
1314
1315 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1316 u16 len)
1317 {
1318 struct hci_dev *hdev;
1319 struct hci_conn *conn;
1320 struct mgmt_cp_pin_code_reply *cp;
1321 struct mgmt_cp_pin_code_neg_reply ncp;
1322 struct hci_cp_pin_code_reply reply;
1323 struct pending_cmd *cmd;
1324 int err;
1325
1326 BT_DBG("");
1327
1328 cp = (void *) data;
1329
1330 if (len != sizeof(*cp))
1331 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1332 MGMT_STATUS_INVALID_PARAMS);
1333
1334 hdev = hci_dev_get(index);
1335 if (!hdev)
1336 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1337 MGMT_STATUS_INVALID_PARAMS);
1338
1339 hci_dev_lock(hdev);
1340
1341 if (!test_bit(HCI_UP, &hdev->flags)) {
1342 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1343 MGMT_STATUS_NOT_POWERED);
1344 goto failed;
1345 }
1346
1347 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1348 if (!conn) {
1349 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1350 MGMT_STATUS_NOT_CONNECTED);
1351 goto failed;
1352 }
1353
1354 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1355 bacpy(&ncp.bdaddr, &cp->bdaddr);
1356
1357 BT_ERR("PIN code is not 16 bytes long");
1358
1359 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1360 if (err >= 0)
1361 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1362 MGMT_STATUS_INVALID_PARAMS);
1363
1364 goto failed;
1365 }
1366
1367 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, hdev, data, len);
1368 if (!cmd) {
1369 err = -ENOMEM;
1370 goto failed;
1371 }
1372
1373 bacpy(&reply.bdaddr, &cp->bdaddr);
1374 reply.pin_len = cp->pin_len;
1375 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1376
1377 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1378 if (err < 0)
1379 mgmt_pending_remove(cmd);
1380
1381 failed:
1382 hci_dev_unlock(hdev);
1383 hci_dev_put(hdev);
1384
1385 return err;
1386 }
1387
1388 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1389 u16 len)
1390 {
1391 struct hci_dev *hdev;
1392 struct mgmt_cp_pin_code_neg_reply *cp;
1393 int err;
1394
1395 BT_DBG("");
1396
1397 cp = (void *) data;
1398
1399 if (len != sizeof(*cp))
1400 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1401 MGMT_STATUS_INVALID_PARAMS);
1402
1403 hdev = hci_dev_get(index);
1404 if (!hdev)
1405 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1406 MGMT_STATUS_INVALID_PARAMS);
1407
1408 hci_dev_lock(hdev);
1409
1410 if (!test_bit(HCI_UP, &hdev->flags)) {
1411 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1412 MGMT_STATUS_NOT_POWERED);
1413 goto failed;
1414 }
1415
1416 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1417
1418 failed:
1419 hci_dev_unlock(hdev);
1420 hci_dev_put(hdev);
1421
1422 return err;
1423 }
1424
1425 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1426 u16 len)
1427 {
1428 struct hci_dev *hdev;
1429 struct mgmt_cp_set_io_capability *cp;
1430
1431 BT_DBG("");
1432
1433 cp = (void *) data;
1434
1435 if (len != sizeof(*cp))
1436 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1437 MGMT_STATUS_INVALID_PARAMS);
1438
1439 hdev = hci_dev_get(index);
1440 if (!hdev)
1441 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY,
1442 MGMT_STATUS_INVALID_PARAMS);
1443
1444 hci_dev_lock(hdev);
1445
1446 hdev->io_capability = cp->io_capability;
1447
1448 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1449 hdev->io_capability);
1450
1451 hci_dev_unlock(hdev);
1452 hci_dev_put(hdev);
1453
1454 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1455 }
1456
1457 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1458 {
1459 struct hci_dev *hdev = conn->hdev;
1460 struct pending_cmd *cmd;
1461
1462 list_for_each_entry(cmd, &hdev->mgmt_pending, list) {
1463 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1464 continue;
1465
1466 if (cmd->user_data != conn)
1467 continue;
1468
1469 return cmd;
1470 }
1471
1472 return NULL;
1473 }
1474
1475 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1476 {
1477 struct mgmt_rp_pair_device rp;
1478 struct hci_conn *conn = cmd->user_data;
1479
1480 bacpy(&rp.addr.bdaddr, &conn->dst);
1481 rp.addr.type = link_to_mgmt(conn->type, conn->dst_type);
1482 rp.status = status;
1483
1484 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1485
1486 /* So we don't get further callbacks for this connection */
1487 conn->connect_cfm_cb = NULL;
1488 conn->security_cfm_cb = NULL;
1489 conn->disconn_cfm_cb = NULL;
1490
1491 hci_conn_put(conn);
1492
1493 mgmt_pending_remove(cmd);
1494 }
1495
1496 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1497 {
1498 struct pending_cmd *cmd;
1499
1500 BT_DBG("status %u", status);
1501
1502 cmd = find_pairing(conn);
1503 if (!cmd)
1504 BT_DBG("Unable to find a pending command");
1505 else
1506 pairing_complete(cmd, status);
1507 }
1508
1509 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1510 {
1511 struct hci_dev *hdev;
1512 struct mgmt_cp_pair_device *cp;
1513 struct mgmt_rp_pair_device rp;
1514 struct pending_cmd *cmd;
1515 u8 sec_level, auth_type;
1516 struct hci_conn *conn;
1517 int err;
1518
1519 BT_DBG("");
1520
1521 cp = (void *) data;
1522
1523 if (len != sizeof(*cp))
1524 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1525 MGMT_STATUS_INVALID_PARAMS);
1526
1527 hdev = hci_dev_get(index);
1528 if (!hdev)
1529 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE,
1530 MGMT_STATUS_INVALID_PARAMS);
1531
1532 hci_dev_lock(hdev);
1533
1534 sec_level = BT_SECURITY_MEDIUM;
1535 if (cp->io_cap == 0x03)
1536 auth_type = HCI_AT_DEDICATED_BONDING;
1537 else
1538 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1539
1540 if (cp->addr.type == MGMT_ADDR_BREDR)
1541 conn = hci_connect(hdev, ACL_LINK, &cp->addr.bdaddr, sec_level,
1542 auth_type);
1543 else
1544 conn = hci_connect(hdev, LE_LINK, &cp->addr.bdaddr, sec_level,
1545 auth_type);
1546
1547 memset(&rp, 0, sizeof(rp));
1548 bacpy(&rp.addr.bdaddr, &cp->addr.bdaddr);
1549 rp.addr.type = cp->addr.type;
1550
1551 if (IS_ERR(conn)) {
1552 rp.status = -PTR_ERR(conn);
1553 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1554 &rp, sizeof(rp));
1555 goto unlock;
1556 }
1557
1558 if (conn->connect_cfm_cb) {
1559 hci_conn_put(conn);
1560 rp.status = EBUSY;
1561 err = cmd_complete(sk, index, MGMT_OP_PAIR_DEVICE,
1562 &rp, sizeof(rp));
1563 goto unlock;
1564 }
1565
1566 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, hdev, data, len);
1567 if (!cmd) {
1568 err = -ENOMEM;
1569 hci_conn_put(conn);
1570 goto unlock;
1571 }
1572
1573 /* For LE, just connecting isn't a proof that the pairing finished */
1574 if (cp->addr.type == MGMT_ADDR_BREDR)
1575 conn->connect_cfm_cb = pairing_complete_cb;
1576
1577 conn->security_cfm_cb = pairing_complete_cb;
1578 conn->disconn_cfm_cb = pairing_complete_cb;
1579 conn->io_capability = cp->io_cap;
1580 cmd->user_data = conn;
1581
1582 if (conn->state == BT_CONNECTED &&
1583 hci_conn_security(conn, sec_level, auth_type))
1584 pairing_complete(cmd, 0);
1585
1586 err = 0;
1587
1588 unlock:
1589 hci_dev_unlock(hdev);
1590 hci_dev_put(hdev);
1591
1592 return err;
1593 }
1594
1595 static int user_pairing_resp(struct sock *sk, u16 index, bdaddr_t *bdaddr,
1596 u16 mgmt_op, u16 hci_op, __le32 passkey)
1597 {
1598 struct pending_cmd *cmd;
1599 struct hci_dev *hdev;
1600 struct hci_conn *conn;
1601 int err;
1602
1603 hdev = hci_dev_get(index);
1604 if (!hdev)
1605 return cmd_status(sk, index, mgmt_op,
1606 MGMT_STATUS_INVALID_PARAMS);
1607
1608 hci_dev_lock(hdev);
1609
1610 if (!test_bit(HCI_UP, &hdev->flags)) {
1611 err = cmd_status(sk, index, mgmt_op, MGMT_STATUS_NOT_POWERED);
1612 goto done;
1613 }
1614
1615 /*
1616 * Check for an existing ACL link, if present pair via
1617 * HCI commands.
1618 *
1619 * If no ACL link is present, check for an LE link and if
1620 * present, pair via the SMP engine.
1621 *
1622 * If neither ACL nor LE links are present, fail with error.
1623 */
1624 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, bdaddr);
1625 if (!conn) {
1626 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, bdaddr);
1627 if (!conn) {
1628 err = cmd_status(sk, index, mgmt_op,
1629 MGMT_STATUS_NOT_CONNECTED);
1630 goto done;
1631 }
1632
1633 /* Continue with pairing via SMP */
1634 err = smp_user_confirm_reply(conn, mgmt_op, passkey);
1635
1636 if (!err)
1637 err = cmd_status(sk, index, mgmt_op,
1638 MGMT_STATUS_SUCCESS);
1639 else
1640 err = cmd_status(sk, index, mgmt_op,
1641 MGMT_STATUS_FAILED);
1642
1643 goto done;
1644 }
1645
1646 cmd = mgmt_pending_add(sk, mgmt_op, hdev, bdaddr, sizeof(*bdaddr));
1647 if (!cmd) {
1648 err = -ENOMEM;
1649 goto done;
1650 }
1651
1652 /* Continue with pairing via HCI */
1653 if (hci_op == HCI_OP_USER_PASSKEY_REPLY) {
1654 struct hci_cp_user_passkey_reply cp;
1655
1656 bacpy(&cp.bdaddr, bdaddr);
1657 cp.passkey = passkey;
1658 err = hci_send_cmd(hdev, hci_op, sizeof(cp), &cp);
1659 } else
1660 err = hci_send_cmd(hdev, hci_op, sizeof(*bdaddr), bdaddr);
1661
1662 if (err < 0)
1663 mgmt_pending_remove(cmd);
1664
1665 done:
1666 hci_dev_unlock(hdev);
1667 hci_dev_put(hdev);
1668
1669 return err;
1670 }
1671
1672 static int user_confirm_reply(struct sock *sk, u16 index, void *data, u16 len)
1673 {
1674 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1675
1676 BT_DBG("");
1677
1678 if (len != sizeof(*cp))
1679 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_REPLY,
1680 MGMT_STATUS_INVALID_PARAMS);
1681
1682 return user_pairing_resp(sk, index, &cp->bdaddr,
1683 MGMT_OP_USER_CONFIRM_REPLY,
1684 HCI_OP_USER_CONFIRM_REPLY, 0);
1685 }
1686
1687 static int user_confirm_neg_reply(struct sock *sk, u16 index, void *data,
1688 u16 len)
1689 {
1690 struct mgmt_cp_user_confirm_neg_reply *cp = data;
1691
1692 BT_DBG("");
1693
1694 if (len != sizeof(*cp))
1695 return cmd_status(sk, index, MGMT_OP_USER_CONFIRM_NEG_REPLY,
1696 MGMT_STATUS_INVALID_PARAMS);
1697
1698 return user_pairing_resp(sk, index, &cp->bdaddr,
1699 MGMT_OP_USER_CONFIRM_NEG_REPLY,
1700 HCI_OP_USER_CONFIRM_NEG_REPLY, 0);
1701 }
1702
1703 static int user_passkey_reply(struct sock *sk, u16 index, void *data, u16 len)
1704 {
1705 struct mgmt_cp_user_passkey_reply *cp = (void *) data;
1706
1707 BT_DBG("");
1708
1709 if (len != sizeof(*cp))
1710 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_REPLY,
1711 EINVAL);
1712
1713 return user_pairing_resp(sk, index, &cp->bdaddr,
1714 MGMT_OP_USER_PASSKEY_REPLY,
1715 HCI_OP_USER_PASSKEY_REPLY, cp->passkey);
1716 }
1717
1718 static int user_passkey_neg_reply(struct sock *sk, u16 index, void *data,
1719 u16 len)
1720 {
1721 struct mgmt_cp_user_passkey_neg_reply *cp = (void *) data;
1722
1723 BT_DBG("");
1724
1725 if (len != sizeof(*cp))
1726 return cmd_status(sk, index, MGMT_OP_USER_PASSKEY_NEG_REPLY,
1727 EINVAL);
1728
1729 return user_pairing_resp(sk, index, &cp->bdaddr,
1730 MGMT_OP_USER_PASSKEY_NEG_REPLY,
1731 HCI_OP_USER_PASSKEY_NEG_REPLY, 0);
1732 }
1733
1734 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1735 u16 len)
1736 {
1737 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1738 struct hci_cp_write_local_name hci_cp;
1739 struct hci_dev *hdev;
1740 struct pending_cmd *cmd;
1741 int err;
1742
1743 BT_DBG("");
1744
1745 if (len != sizeof(*mgmt_cp))
1746 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1747 MGMT_STATUS_INVALID_PARAMS);
1748
1749 hdev = hci_dev_get(index);
1750 if (!hdev)
1751 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME,
1752 MGMT_STATUS_INVALID_PARAMS);
1753
1754 hci_dev_lock(hdev);
1755
1756 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, hdev, data, len);
1757 if (!cmd) {
1758 err = -ENOMEM;
1759 goto failed;
1760 }
1761
1762 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1763 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1764 &hci_cp);
1765 if (err < 0)
1766 mgmt_pending_remove(cmd);
1767
1768 failed:
1769 hci_dev_unlock(hdev);
1770 hci_dev_put(hdev);
1771
1772 return err;
1773 }
1774
1775 static int read_local_oob_data(struct sock *sk, u16 index)
1776 {
1777 struct hci_dev *hdev;
1778 struct pending_cmd *cmd;
1779 int err;
1780
1781 BT_DBG("hci%u", index);
1782
1783 hdev = hci_dev_get(index);
1784 if (!hdev)
1785 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1786 MGMT_STATUS_INVALID_PARAMS);
1787
1788 hci_dev_lock(hdev);
1789
1790 if (!test_bit(HCI_UP, &hdev->flags)) {
1791 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1792 MGMT_STATUS_NOT_POWERED);
1793 goto unlock;
1794 }
1795
1796 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1797 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1798 MGMT_STATUS_NOT_SUPPORTED);
1799 goto unlock;
1800 }
1801
1802 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev)) {
1803 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1804 MGMT_STATUS_BUSY);
1805 goto unlock;
1806 }
1807
1808 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, hdev, NULL, 0);
1809 if (!cmd) {
1810 err = -ENOMEM;
1811 goto unlock;
1812 }
1813
1814 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1815 if (err < 0)
1816 mgmt_pending_remove(cmd);
1817
1818 unlock:
1819 hci_dev_unlock(hdev);
1820 hci_dev_put(hdev);
1821
1822 return err;
1823 }
1824
1825 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1826 u16 len)
1827 {
1828 struct hci_dev *hdev;
1829 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1830 int err;
1831
1832 BT_DBG("hci%u ", index);
1833
1834 if (len != sizeof(*cp))
1835 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1836 MGMT_STATUS_INVALID_PARAMS);
1837
1838 hdev = hci_dev_get(index);
1839 if (!hdev)
1840 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1841 MGMT_STATUS_INVALID_PARAMS);
1842
1843 hci_dev_lock(hdev);
1844
1845 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1846 cp->randomizer);
1847 if (err < 0)
1848 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1849 MGMT_STATUS_FAILED);
1850 else
1851 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1852 0);
1853
1854 hci_dev_unlock(hdev);
1855 hci_dev_put(hdev);
1856
1857 return err;
1858 }
1859
1860 static int remove_remote_oob_data(struct sock *sk, u16 index,
1861 unsigned char *data, u16 len)
1862 {
1863 struct hci_dev *hdev;
1864 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1865 int err;
1866
1867 BT_DBG("hci%u ", index);
1868
1869 if (len != sizeof(*cp))
1870 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1871 MGMT_STATUS_INVALID_PARAMS);
1872
1873 hdev = hci_dev_get(index);
1874 if (!hdev)
1875 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1876 MGMT_STATUS_INVALID_PARAMS);
1877
1878 hci_dev_lock(hdev);
1879
1880 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1881 if (err < 0)
1882 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1883 MGMT_STATUS_INVALID_PARAMS);
1884 else
1885 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1886 NULL, 0);
1887
1888 hci_dev_unlock(hdev);
1889 hci_dev_put(hdev);
1890
1891 return err;
1892 }
1893
1894 static int start_discovery(struct sock *sk, u16 index,
1895 unsigned char *data, u16 len)
1896 {
1897 struct mgmt_cp_start_discovery *cp = (void *) data;
1898 struct pending_cmd *cmd;
1899 struct hci_dev *hdev;
1900 int err;
1901
1902 BT_DBG("hci%u", index);
1903
1904 if (len != sizeof(*cp))
1905 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1906 MGMT_STATUS_INVALID_PARAMS);
1907
1908 hdev = hci_dev_get(index);
1909 if (!hdev)
1910 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1911 MGMT_STATUS_INVALID_PARAMS);
1912
1913 hci_dev_lock(hdev);
1914
1915 if (!test_bit(HCI_UP, &hdev->flags)) {
1916 err = cmd_status(sk, index, MGMT_OP_START_DISCOVERY,
1917 MGMT_STATUS_NOT_POWERED);
1918 goto failed;
1919 }
1920
1921 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, hdev, NULL, 0);
1922 if (!cmd) {
1923 err = -ENOMEM;
1924 goto failed;
1925 }
1926
1927 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1928 if (err < 0)
1929 mgmt_pending_remove(cmd);
1930
1931 failed:
1932 hci_dev_unlock(hdev);
1933 hci_dev_put(hdev);
1934
1935 return err;
1936 }
1937
1938 static int stop_discovery(struct sock *sk, u16 index)
1939 {
1940 struct hci_dev *hdev;
1941 struct pending_cmd *cmd;
1942 int err;
1943
1944 BT_DBG("hci%u", index);
1945
1946 hdev = hci_dev_get(index);
1947 if (!hdev)
1948 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY,
1949 MGMT_STATUS_INVALID_PARAMS);
1950
1951 hci_dev_lock(hdev);
1952
1953 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, hdev, NULL, 0);
1954 if (!cmd) {
1955 err = -ENOMEM;
1956 goto failed;
1957 }
1958
1959 err = hci_cancel_inquiry(hdev);
1960 if (err < 0)
1961 mgmt_pending_remove(cmd);
1962
1963 failed:
1964 hci_dev_unlock(hdev);
1965 hci_dev_put(hdev);
1966
1967 return err;
1968 }
1969
1970 static int confirm_name(struct sock *sk, u16 index, unsigned char *data,
1971 u16 len)
1972 {
1973 struct mgmt_cp_confirm_name *cp = (void *) data;
1974 struct inquiry_entry *e;
1975 struct hci_dev *hdev;
1976 int err;
1977
1978 BT_DBG("hci%u", index);
1979
1980 if (len != sizeof(*cp))
1981 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
1982 MGMT_STATUS_INVALID_PARAMS);
1983
1984 hdev = hci_dev_get(index);
1985 if (!hdev)
1986 return cmd_status(sk, index, MGMT_OP_CONFIRM_NAME,
1987 MGMT_STATUS_INVALID_PARAMS);
1988
1989 hci_dev_lock(hdev);
1990
1991 e = hci_inquiry_cache_lookup_unknown(hdev, &cp->bdaddr);
1992 if (!e) {
1993 err = cmd_status (sk, index, MGMT_OP_CONFIRM_NAME,
1994 MGMT_STATUS_INVALID_PARAMS);
1995 goto failed;
1996 }
1997
1998 if (cp->name_known) {
1999 e->name_state = NAME_KNOWN;
2000 list_del(&e->list);
2001 } else {
2002 e->name_state = NAME_NEEDED;
2003 list_move(&e->list, &hdev->inq_cache.resolve);
2004 }
2005
2006 err = 0;
2007
2008 failed:
2009 hci_dev_unlock(hdev);
2010
2011 return err;
2012 }
2013
2014 static int block_device(struct sock *sk, u16 index, unsigned char *data,
2015 u16 len)
2016 {
2017 struct hci_dev *hdev;
2018 struct mgmt_cp_block_device *cp = (void *) data;
2019 int err;
2020
2021 BT_DBG("hci%u", index);
2022
2023 if (len != sizeof(*cp))
2024 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2025 MGMT_STATUS_INVALID_PARAMS);
2026
2027 hdev = hci_dev_get(index);
2028 if (!hdev)
2029 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2030 MGMT_STATUS_INVALID_PARAMS);
2031
2032 hci_dev_lock(hdev);
2033
2034 err = hci_blacklist_add(hdev, &cp->bdaddr);
2035 if (err < 0)
2036 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
2037 MGMT_STATUS_FAILED);
2038 else
2039 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
2040 NULL, 0);
2041
2042 hci_dev_unlock(hdev);
2043 hci_dev_put(hdev);
2044
2045 return err;
2046 }
2047
2048 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
2049 u16 len)
2050 {
2051 struct hci_dev *hdev;
2052 struct mgmt_cp_unblock_device *cp = (void *) data;
2053 int err;
2054
2055 BT_DBG("hci%u", index);
2056
2057 if (len != sizeof(*cp))
2058 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2059 MGMT_STATUS_INVALID_PARAMS);
2060
2061 hdev = hci_dev_get(index);
2062 if (!hdev)
2063 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2064 MGMT_STATUS_INVALID_PARAMS);
2065
2066 hci_dev_lock(hdev);
2067
2068 err = hci_blacklist_del(hdev, &cp->bdaddr);
2069
2070 if (err < 0)
2071 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2072 MGMT_STATUS_INVALID_PARAMS);
2073 else
2074 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
2075 NULL, 0);
2076
2077 hci_dev_unlock(hdev);
2078 hci_dev_put(hdev);
2079
2080 return err;
2081 }
2082
2083 static int set_fast_connectable(struct sock *sk, u16 index,
2084 unsigned char *data, u16 len)
2085 {
2086 struct hci_dev *hdev;
2087 struct mgmt_mode *cp = (void *) data;
2088 struct hci_cp_write_page_scan_activity acp;
2089 u8 type;
2090 int err;
2091
2092 BT_DBG("hci%u", index);
2093
2094 if (len != sizeof(*cp))
2095 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2096 MGMT_STATUS_INVALID_PARAMS);
2097
2098 hdev = hci_dev_get(index);
2099 if (!hdev)
2100 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2101 MGMT_STATUS_INVALID_PARAMS);
2102
2103 hci_dev_lock(hdev);
2104
2105 if (cp->val) {
2106 type = PAGE_SCAN_TYPE_INTERLACED;
2107 acp.interval = 0x0024; /* 22.5 msec page scan interval */
2108 } else {
2109 type = PAGE_SCAN_TYPE_STANDARD; /* default */
2110 acp.interval = 0x0800; /* default 1.28 sec page scan */
2111 }
2112
2113 acp.window = 0x0012; /* default 11.25 msec page scan window */
2114
2115 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
2116 sizeof(acp), &acp);
2117 if (err < 0) {
2118 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2119 MGMT_STATUS_FAILED);
2120 goto done;
2121 }
2122
2123 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
2124 if (err < 0) {
2125 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2126 MGMT_STATUS_FAILED);
2127 goto done;
2128 }
2129
2130 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
2131 NULL, 0);
2132 done:
2133 hci_dev_unlock(hdev);
2134 hci_dev_put(hdev);
2135
2136 return err;
2137 }
2138
2139 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
2140 {
2141 unsigned char *buf;
2142 struct mgmt_hdr *hdr;
2143 u16 opcode, index, len;
2144 int err;
2145
2146 BT_DBG("got %zu bytes", msglen);
2147
2148 if (msglen < sizeof(*hdr))
2149 return -EINVAL;
2150
2151 buf = kmalloc(msglen, GFP_KERNEL);
2152 if (!buf)
2153 return -ENOMEM;
2154
2155 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
2156 err = -EFAULT;
2157 goto done;
2158 }
2159
2160 hdr = (struct mgmt_hdr *) buf;
2161 opcode = get_unaligned_le16(&hdr->opcode);
2162 index = get_unaligned_le16(&hdr->index);
2163 len = get_unaligned_le16(&hdr->len);
2164
2165 if (len != msglen - sizeof(*hdr)) {
2166 err = -EINVAL;
2167 goto done;
2168 }
2169
2170 switch (opcode) {
2171 case MGMT_OP_READ_VERSION:
2172 err = read_version(sk);
2173 break;
2174 case MGMT_OP_READ_INDEX_LIST:
2175 err = read_index_list(sk);
2176 break;
2177 case MGMT_OP_READ_INFO:
2178 err = read_controller_info(sk, index);
2179 break;
2180 case MGMT_OP_SET_POWERED:
2181 err = set_powered(sk, index, buf + sizeof(*hdr), len);
2182 break;
2183 case MGMT_OP_SET_DISCOVERABLE:
2184 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
2185 break;
2186 case MGMT_OP_SET_CONNECTABLE:
2187 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
2188 break;
2189 case MGMT_OP_SET_FAST_CONNECTABLE:
2190 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
2191 len);
2192 break;
2193 case MGMT_OP_SET_PAIRABLE:
2194 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
2195 break;
2196 case MGMT_OP_ADD_UUID:
2197 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
2198 break;
2199 case MGMT_OP_REMOVE_UUID:
2200 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
2201 break;
2202 case MGMT_OP_SET_DEV_CLASS:
2203 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
2204 break;
2205 case MGMT_OP_LOAD_LINK_KEYS:
2206 err = load_link_keys(sk, index, buf + sizeof(*hdr), len);
2207 break;
2208 case MGMT_OP_REMOVE_KEYS:
2209 err = remove_keys(sk, index, buf + sizeof(*hdr), len);
2210 break;
2211 case MGMT_OP_DISCONNECT:
2212 err = disconnect(sk, index, buf + sizeof(*hdr), len);
2213 break;
2214 case MGMT_OP_GET_CONNECTIONS:
2215 err = get_connections(sk, index);
2216 break;
2217 case MGMT_OP_PIN_CODE_REPLY:
2218 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
2219 break;
2220 case MGMT_OP_PIN_CODE_NEG_REPLY:
2221 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
2222 break;
2223 case MGMT_OP_SET_IO_CAPABILITY:
2224 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
2225 break;
2226 case MGMT_OP_PAIR_DEVICE:
2227 err = pair_device(sk, index, buf + sizeof(*hdr), len);
2228 break;
2229 case MGMT_OP_USER_CONFIRM_REPLY:
2230 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len);
2231 break;
2232 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
2233 err = user_confirm_neg_reply(sk, index, buf + sizeof(*hdr),
2234 len);
2235 break;
2236 case MGMT_OP_USER_PASSKEY_REPLY:
2237 err = user_passkey_reply(sk, index, buf + sizeof(*hdr), len);
2238 break;
2239 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
2240 err = user_passkey_neg_reply(sk, index, buf + sizeof(*hdr),
2241 len);
2242 break;
2243 case MGMT_OP_SET_LOCAL_NAME:
2244 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
2245 break;
2246 case MGMT_OP_READ_LOCAL_OOB_DATA:
2247 err = read_local_oob_data(sk, index);
2248 break;
2249 case MGMT_OP_ADD_REMOTE_OOB_DATA:
2250 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
2251 break;
2252 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
2253 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
2254 len);
2255 break;
2256 case MGMT_OP_START_DISCOVERY:
2257 err = start_discovery(sk, index, buf + sizeof(*hdr), len);
2258 break;
2259 case MGMT_OP_STOP_DISCOVERY:
2260 err = stop_discovery(sk, index);
2261 break;
2262 case MGMT_OP_CONFIRM_NAME:
2263 err = confirm_name(sk, index, buf + sizeof(*hdr), len);
2264 break;
2265 case MGMT_OP_BLOCK_DEVICE:
2266 err = block_device(sk, index, buf + sizeof(*hdr), len);
2267 break;
2268 case MGMT_OP_UNBLOCK_DEVICE:
2269 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
2270 break;
2271 default:
2272 BT_DBG("Unknown op %u", opcode);
2273 err = cmd_status(sk, index, opcode,
2274 MGMT_STATUS_UNKNOWN_COMMAND);
2275 break;
2276 }
2277
2278 if (err < 0)
2279 goto done;
2280
2281 err = msglen;
2282
2283 done:
2284 kfree(buf);
2285 return err;
2286 }
2287
2288 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2289 {
2290 u8 *status = data;
2291
2292 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
2293 mgmt_pending_remove(cmd);
2294 }
2295
2296 int mgmt_index_added(struct hci_dev *hdev)
2297 {
2298 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
2299 }
2300
2301 int mgmt_index_removed(struct hci_dev *hdev)
2302 {
2303 u8 status = ENODEV;
2304
2305 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2306
2307 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
2308 }
2309
2310 struct cmd_lookup {
2311 u8 val;
2312 struct sock *sk;
2313 struct hci_dev *hdev;
2314 };
2315
2316 static void settings_rsp(struct pending_cmd *cmd, void *data)
2317 {
2318 struct cmd_lookup *match = data;
2319
2320 send_settings_rsp(cmd->sk, cmd->opcode, match->hdev);
2321
2322 list_del(&cmd->list);
2323
2324 if (match->sk == NULL) {
2325 match->sk = cmd->sk;
2326 sock_hold(match->sk);
2327 }
2328
2329 mgmt_pending_free(cmd);
2330 }
2331
2332 int mgmt_powered(struct hci_dev *hdev, u8 powered)
2333 {
2334 struct cmd_lookup match = { powered, NULL, hdev };
2335 __le32 ev;
2336 int ret;
2337
2338 mgmt_pending_foreach(MGMT_OP_SET_POWERED, hdev, settings_rsp, &match);
2339
2340 if (!powered) {
2341 u8 status = ENETDOWN;
2342 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2343 }
2344
2345 ev = cpu_to_le32(get_current_settings(hdev));
2346
2347 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2348 match.sk);
2349
2350 if (match.sk)
2351 sock_put(match.sk);
2352
2353 return ret;
2354 }
2355
2356 int mgmt_discoverable(struct hci_dev *hdev, u8 discoverable)
2357 {
2358 struct cmd_lookup match = { discoverable, NULL, hdev };
2359 __le32 ev;
2360 int ret;
2361
2362 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev, settings_rsp, &match);
2363
2364 ev = cpu_to_le32(get_current_settings(hdev));
2365
2366 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev),
2367 match.sk);
2368 if (match.sk)
2369 sock_put(match.sk);
2370
2371 return ret;
2372 }
2373
2374 int mgmt_connectable(struct hci_dev *hdev, u8 connectable)
2375 {
2376 __le32 ev;
2377 struct cmd_lookup match = { connectable, NULL, hdev };
2378 int ret;
2379
2380 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev, settings_rsp,
2381 &match);
2382
2383 ev = cpu_to_le32(get_current_settings(hdev));
2384
2385 ret = mgmt_event(MGMT_EV_NEW_SETTINGS, hdev, &ev, sizeof(ev), match.sk);
2386
2387 if (match.sk)
2388 sock_put(match.sk);
2389
2390 return ret;
2391 }
2392
2393 int mgmt_write_scan_failed(struct hci_dev *hdev, u8 scan, u8 status)
2394 {
2395 u8 mgmt_err = mgmt_status(status);
2396
2397 if (scan & SCAN_PAGE)
2398 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, hdev,
2399 cmd_status_rsp, &mgmt_err);
2400
2401 if (scan & SCAN_INQUIRY)
2402 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, hdev,
2403 cmd_status_rsp, &mgmt_err);
2404
2405 return 0;
2406 }
2407
2408 int mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
2409 u8 persistent)
2410 {
2411 struct mgmt_ev_new_link_key ev;
2412
2413 memset(&ev, 0, sizeof(ev));
2414
2415 ev.store_hint = persistent;
2416 bacpy(&ev.key.bdaddr, &key->bdaddr);
2417 ev.key.type = key->type;
2418 memcpy(ev.key.val, key->val, 16);
2419 ev.key.pin_len = key->pin_len;
2420
2421 return mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
2422 }
2423
2424 int mgmt_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2425 u8 addr_type)
2426 {
2427 struct mgmt_addr_info ev;
2428
2429 bacpy(&ev.bdaddr, bdaddr);
2430 ev.type = link_to_mgmt(link_type, addr_type);
2431
2432 return mgmt_event(MGMT_EV_CONNECTED, hdev, &ev, sizeof(ev), NULL);
2433 }
2434
2435 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2436 {
2437 struct mgmt_cp_disconnect *cp = cmd->param;
2438 struct sock **sk = data;
2439 struct mgmt_rp_disconnect rp;
2440
2441 bacpy(&rp.bdaddr, &cp->bdaddr);
2442 rp.status = 0;
2443
2444 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2445
2446 *sk = cmd->sk;
2447 sock_hold(*sk);
2448
2449 mgmt_pending_remove(cmd);
2450 }
2451
2452 static void remove_keys_rsp(struct pending_cmd *cmd, void *data)
2453 {
2454 u8 *status = data;
2455 struct mgmt_cp_remove_keys *cp = cmd->param;
2456 struct mgmt_rp_remove_keys rp;
2457
2458 memset(&rp, 0, sizeof(rp));
2459 bacpy(&rp.bdaddr, &cp->bdaddr);
2460 if (status != NULL)
2461 rp.status = *status;
2462
2463 cmd_complete(cmd->sk, cmd->index, MGMT_OP_REMOVE_KEYS, &rp,
2464 sizeof(rp));
2465
2466 mgmt_pending_remove(cmd);
2467 }
2468
2469 int mgmt_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2470 u8 addr_type)
2471 {
2472 struct mgmt_addr_info ev;
2473 struct sock *sk = NULL;
2474 int err;
2475
2476 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
2477
2478 bacpy(&ev.bdaddr, bdaddr);
2479 ev.type = link_to_mgmt(link_type, addr_type);
2480
2481 err = mgmt_event(MGMT_EV_DISCONNECTED, hdev, &ev, sizeof(ev), sk);
2482
2483 if (sk)
2484 sock_put(sk);
2485
2486 mgmt_pending_foreach(MGMT_OP_REMOVE_KEYS, hdev, remove_keys_rsp, NULL);
2487
2488 return err;
2489 }
2490
2491 int mgmt_disconnect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2492 {
2493 struct pending_cmd *cmd;
2494 u8 mgmt_err = mgmt_status(status);
2495 int err;
2496
2497 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, hdev);
2498 if (!cmd)
2499 return -ENOENT;
2500
2501 if (bdaddr) {
2502 struct mgmt_rp_disconnect rp;
2503
2504 bacpy(&rp.bdaddr, bdaddr);
2505 rp.status = status;
2506
2507 err = cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT,
2508 &rp, sizeof(rp));
2509 } else
2510 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_DISCONNECT,
2511 mgmt_err);
2512
2513 mgmt_pending_remove(cmd);
2514
2515 return err;
2516 }
2517
2518 int mgmt_connect_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2519 u8 addr_type, u8 status)
2520 {
2521 struct mgmt_ev_connect_failed ev;
2522
2523 bacpy(&ev.addr.bdaddr, bdaddr);
2524 ev.addr.type = link_to_mgmt(link_type, addr_type);
2525 ev.status = mgmt_status(status);
2526
2527 return mgmt_event(MGMT_EV_CONNECT_FAILED, hdev, &ev, sizeof(ev), NULL);
2528 }
2529
2530 int mgmt_pin_code_request(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 secure)
2531 {
2532 struct mgmt_ev_pin_code_request ev;
2533
2534 bacpy(&ev.bdaddr, bdaddr);
2535 ev.secure = secure;
2536
2537 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, hdev, &ev, sizeof(ev),
2538 NULL);
2539 }
2540
2541 int mgmt_pin_code_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2542 u8 status)
2543 {
2544 struct pending_cmd *cmd;
2545 struct mgmt_rp_pin_code_reply rp;
2546 int err;
2547
2548 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, hdev);
2549 if (!cmd)
2550 return -ENOENT;
2551
2552 bacpy(&rp.bdaddr, bdaddr);
2553 rp.status = mgmt_status(status);
2554
2555 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_REPLY, &rp,
2556 sizeof(rp));
2557
2558 mgmt_pending_remove(cmd);
2559
2560 return err;
2561 }
2562
2563 int mgmt_pin_code_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2564 u8 status)
2565 {
2566 struct pending_cmd *cmd;
2567 struct mgmt_rp_pin_code_reply rp;
2568 int err;
2569
2570 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, hdev);
2571 if (!cmd)
2572 return -ENOENT;
2573
2574 bacpy(&rp.bdaddr, bdaddr);
2575 rp.status = mgmt_status(status);
2576
2577 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2578 sizeof(rp));
2579
2580 mgmt_pending_remove(cmd);
2581
2582 return err;
2583 }
2584
2585 int mgmt_user_confirm_request(struct hci_dev *hdev, bdaddr_t *bdaddr,
2586 __le32 value, u8 confirm_hint)
2587 {
2588 struct mgmt_ev_user_confirm_request ev;
2589
2590 BT_DBG("%s", hdev->name);
2591
2592 bacpy(&ev.bdaddr, bdaddr);
2593 ev.confirm_hint = confirm_hint;
2594 put_unaligned_le32(value, &ev.value);
2595
2596 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, hdev, &ev, sizeof(ev),
2597 NULL);
2598 }
2599
2600 int mgmt_user_passkey_request(struct hci_dev *hdev, bdaddr_t *bdaddr)
2601 {
2602 struct mgmt_ev_user_passkey_request ev;
2603
2604 BT_DBG("%s", hdev->name);
2605
2606 bacpy(&ev.bdaddr, bdaddr);
2607
2608 return mgmt_event(MGMT_EV_USER_PASSKEY_REQUEST, hdev, &ev, sizeof(ev),
2609 NULL);
2610 }
2611
2612 static int user_pairing_resp_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2613 u8 status, u8 opcode)
2614 {
2615 struct pending_cmd *cmd;
2616 struct mgmt_rp_user_confirm_reply rp;
2617 int err;
2618
2619 cmd = mgmt_pending_find(opcode, hdev);
2620 if (!cmd)
2621 return -ENOENT;
2622
2623 bacpy(&rp.bdaddr, bdaddr);
2624 rp.status = mgmt_status(status);
2625 err = cmd_complete(cmd->sk, hdev->id, opcode, &rp, sizeof(rp));
2626
2627 mgmt_pending_remove(cmd);
2628
2629 return err;
2630 }
2631
2632 int mgmt_user_confirm_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2633 u8 status)
2634 {
2635 return user_pairing_resp_complete(hdev, bdaddr, status,
2636 MGMT_OP_USER_CONFIRM_REPLY);
2637 }
2638
2639 int mgmt_user_confirm_neg_reply_complete(struct hci_dev *hdev,
2640 bdaddr_t *bdaddr, u8 status)
2641 {
2642 return user_pairing_resp_complete(hdev, bdaddr, status,
2643 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2644 }
2645
2646 int mgmt_user_passkey_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
2647 u8 status)
2648 {
2649 return user_pairing_resp_complete(hdev, bdaddr, status,
2650 MGMT_OP_USER_PASSKEY_REPLY);
2651 }
2652
2653 int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev,
2654 bdaddr_t *bdaddr, u8 status)
2655 {
2656 return user_pairing_resp_complete(hdev, bdaddr, status,
2657 MGMT_OP_USER_PASSKEY_NEG_REPLY);
2658 }
2659
2660 int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 status)
2661 {
2662 struct mgmt_ev_auth_failed ev;
2663
2664 bacpy(&ev.bdaddr, bdaddr);
2665 ev.status = mgmt_status(status);
2666
2667 return mgmt_event(MGMT_EV_AUTH_FAILED, hdev, &ev, sizeof(ev), NULL);
2668 }
2669
2670 int mgmt_set_local_name_complete(struct hci_dev *hdev, u8 *name, u8 status)
2671 {
2672 struct pending_cmd *cmd;
2673 struct mgmt_cp_set_local_name ev;
2674 int err;
2675
2676 memset(&ev, 0, sizeof(ev));
2677 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2678
2679 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, hdev);
2680 if (!cmd)
2681 goto send_event;
2682
2683 if (status) {
2684 err = cmd_status(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME,
2685 mgmt_status(status));
2686 goto failed;
2687 }
2688
2689 update_eir(hdev);
2690
2691 err = cmd_complete(cmd->sk, hdev->id, MGMT_OP_SET_LOCAL_NAME, &ev,
2692 sizeof(ev));
2693 if (err < 0)
2694 goto failed;
2695
2696 send_event:
2697 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, hdev, &ev, sizeof(ev),
2698 cmd ? cmd->sk : NULL);
2699
2700 failed:
2701 if (cmd)
2702 mgmt_pending_remove(cmd);
2703 return err;
2704 }
2705
2706 int mgmt_read_local_oob_data_reply_complete(struct hci_dev *hdev, u8 *hash,
2707 u8 *randomizer, u8 status)
2708 {
2709 struct pending_cmd *cmd;
2710 int err;
2711
2712 BT_DBG("%s status %u", hdev->name, status);
2713
2714 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, hdev);
2715 if (!cmd)
2716 return -ENOENT;
2717
2718 if (status) {
2719 err = cmd_status(cmd->sk, hdev->id,
2720 MGMT_OP_READ_LOCAL_OOB_DATA,
2721 mgmt_status(status));
2722 } else {
2723 struct mgmt_rp_read_local_oob_data rp;
2724
2725 memcpy(rp.hash, hash, sizeof(rp.hash));
2726 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2727
2728 err = cmd_complete(cmd->sk, hdev->id,
2729 MGMT_OP_READ_LOCAL_OOB_DATA,
2730 &rp, sizeof(rp));
2731 }
2732
2733 mgmt_pending_remove(cmd);
2734
2735 return err;
2736 }
2737
2738 int mgmt_device_found(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
2739 u8 addr_type, u8 *dev_class, s8 rssi,
2740 u8 cfm_name, u8 *eir)
2741 {
2742 struct mgmt_ev_device_found ev;
2743
2744 memset(&ev, 0, sizeof(ev));
2745
2746 bacpy(&ev.addr.bdaddr, bdaddr);
2747 ev.addr.type = link_to_mgmt(link_type, addr_type);
2748 ev.rssi = rssi;
2749 ev.confirm_name = cfm_name;
2750
2751 if (eir)
2752 memcpy(ev.eir, eir, sizeof(ev.eir));
2753
2754 if (dev_class)
2755 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2756
2757 return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL);
2758 }
2759
2760 int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 *name)
2761 {
2762 struct mgmt_ev_remote_name ev;
2763
2764 memset(&ev, 0, sizeof(ev));
2765
2766 bacpy(&ev.bdaddr, bdaddr);
2767 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2768
2769 return mgmt_event(MGMT_EV_REMOTE_NAME, hdev, &ev, sizeof(ev), NULL);
2770 }
2771
2772 int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
2773 {
2774 struct pending_cmd *cmd;
2775 int err;
2776
2777 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2778 if (!cmd)
2779 return -ENOENT;
2780
2781 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
2782 mgmt_pending_remove(cmd);
2783
2784 return err;
2785 }
2786
2787 int mgmt_stop_discovery_failed(struct hci_dev *hdev, u8 status)
2788 {
2789 struct pending_cmd *cmd;
2790 int err;
2791
2792 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2793 if (!cmd)
2794 return -ENOENT;
2795
2796 err = cmd_status(cmd->sk, hdev->id, cmd->opcode, mgmt_status(status));
2797 mgmt_pending_remove(cmd);
2798
2799 return err;
2800 }
2801
2802 int mgmt_discovering(struct hci_dev *hdev, u8 discovering)
2803 {
2804 struct pending_cmd *cmd;
2805
2806 if (discovering)
2807 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, hdev);
2808 else
2809 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, hdev);
2810
2811 if (cmd != NULL) {
2812 cmd_complete(cmd->sk, hdev->id, cmd->opcode, NULL, 0);
2813 mgmt_pending_remove(cmd);
2814 }
2815
2816 return mgmt_event(MGMT_EV_DISCOVERING, hdev, &discovering,
2817 sizeof(discovering), NULL);
2818 }
2819
2820 int mgmt_device_blocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2821 {
2822 struct pending_cmd *cmd;
2823 struct mgmt_ev_device_blocked ev;
2824
2825 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, hdev);
2826
2827 bacpy(&ev.bdaddr, bdaddr);
2828
2829 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, hdev, &ev, sizeof(ev),
2830 cmd ? cmd->sk : NULL);
2831 }
2832
2833 int mgmt_device_unblocked(struct hci_dev *hdev, bdaddr_t *bdaddr)
2834 {
2835 struct pending_cmd *cmd;
2836 struct mgmt_ev_device_unblocked ev;
2837
2838 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, hdev);
2839
2840 bacpy(&ev.bdaddr, bdaddr);
2841
2842 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, hdev, &ev, sizeof(ev),
2843 cmd ? cmd->sk : NULL);
2844 }
kernel source for telekom puls (alcatel/mediatek)