projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Create hci_do_inquiry()
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / bluetooth / mgmt.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 /* Bluetooth HCI Management interface */
24
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
27
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
31
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
34
35 #define INQUIRY_LEN_BREDR 0x08 /* TGAP(100) */
36
37 struct pending_cmd {
38 struct list_head list;
39 __u16 opcode;
40 int index;
41 void *param;
42 struct sock *sk;
43 void *user_data;
44 };
45
46 static LIST_HEAD(cmd_list);
47
48 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
49 {
50 struct sk_buff *skb;
51 struct mgmt_hdr *hdr;
52 struct mgmt_ev_cmd_status *ev;
53 int err;
54
55 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
56
57 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
58 if (!skb)
59 return -ENOMEM;
60
61 hdr = (void *) skb_put(skb, sizeof(*hdr));
62
63 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
64 hdr->index = cpu_to_le16(index);
65 hdr->len = cpu_to_le16(sizeof(*ev));
66
67 ev = (void *) skb_put(skb, sizeof(*ev));
68 ev->status = status;
69 put_unaligned_le16(cmd, &ev->opcode);
70
71 err = sock_queue_rcv_skb(sk, skb);
72 if (err < 0)
73 kfree_skb(skb);
74
75 return err;
76 }
77
78 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
79 size_t rp_len)
80 {
81 struct sk_buff *skb;
82 struct mgmt_hdr *hdr;
83 struct mgmt_ev_cmd_complete *ev;
84 int err;
85
86 BT_DBG("sock %p", sk);
87
88 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
89 if (!skb)
90 return -ENOMEM;
91
92 hdr = (void *) skb_put(skb, sizeof(*hdr));
93
94 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
95 hdr->index = cpu_to_le16(index);
96 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
97
98 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
99 put_unaligned_le16(cmd, &ev->opcode);
100
101 if (rp)
102 memcpy(ev->data, rp, rp_len);
103
104 err = sock_queue_rcv_skb(sk, skb);
105 if (err < 0)
106 kfree_skb(skb);
107
108 return err;;
109 }
110
111 static int read_version(struct sock *sk)
112 {
113 struct mgmt_rp_read_version rp;
114
115 BT_DBG("sock %p", sk);
116
117 rp.version = MGMT_VERSION;
118 put_unaligned_le16(MGMT_REVISION, &rp.revision);
119
120 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
121 sizeof(rp));
122 }
123
124 static int read_index_list(struct sock *sk)
125 {
126 struct mgmt_rp_read_index_list *rp;
127 struct list_head *p;
128 struct hci_dev *d;
129 size_t rp_len;
130 u16 count;
131 int i, err;
132
133 BT_DBG("sock %p", sk);
134
135 read_lock(&hci_dev_list_lock);
136
137 count = 0;
138 list_for_each(p, &hci_dev_list) {
139 count++;
140 }
141
142 rp_len = sizeof(*rp) + (2 * count);
143 rp = kmalloc(rp_len, GFP_ATOMIC);
144 if (!rp) {
145 read_unlock(&hci_dev_list_lock);
146 return -ENOMEM;
147 }
148
149 put_unaligned_le16(count, &rp->num_controllers);
150
151 i = 0;
152 list_for_each_entry(d, &hci_dev_list, list) {
153 hci_del_off_timer(d);
154
155 if (test_bit(HCI_SETUP, &d->flags))
156 continue;
157
158 put_unaligned_le16(d->id, &rp->index[i++]);
159 BT_DBG("Added hci%u", d->id);
160 }
161
162 read_unlock(&hci_dev_list_lock);
163
164 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
165 rp_len);
166
167 kfree(rp);
168
169 return err;
170 }
171
172 static int read_controller_info(struct sock *sk, u16 index)
173 {
174 struct mgmt_rp_read_info rp;
175 struct hci_dev *hdev;
176
177 BT_DBG("sock %p hci%u", sk, index);
178
179 hdev = hci_dev_get(index);
180 if (!hdev)
181 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
182
183 hci_del_off_timer(hdev);
184
185 hci_dev_lock_bh(hdev);
186
187 set_bit(HCI_MGMT, &hdev->flags);
188
189 memset(&rp, 0, sizeof(rp));
190
191 rp.type = hdev->dev_type;
192
193 rp.powered = test_bit(HCI_UP, &hdev->flags);
194 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
195 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
196 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
197
198 if (test_bit(HCI_AUTH, &hdev->flags))
199 rp.sec_mode = 3;
200 else if (hdev->ssp_mode > 0)
201 rp.sec_mode = 4;
202 else
203 rp.sec_mode = 2;
204
205 bacpy(&rp.bdaddr, &hdev->bdaddr);
206 memcpy(rp.features, hdev->features, 8);
207 memcpy(rp.dev_class, hdev->dev_class, 3);
208 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
209 rp.hci_ver = hdev->hci_ver;
210 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
211
212 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
213
214 hci_dev_unlock_bh(hdev);
215 hci_dev_put(hdev);
216
217 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
218 }
219
220 static void mgmt_pending_free(struct pending_cmd *cmd)
221 {
222 sock_put(cmd->sk);
223 kfree(cmd->param);
224 kfree(cmd);
225 }
226
227 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
228 u16 index, void *data, u16 len)
229 {
230 struct pending_cmd *cmd;
231
232 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
233 if (!cmd)
234 return NULL;
235
236 cmd->opcode = opcode;
237 cmd->index = index;
238
239 cmd->param = kmalloc(len, GFP_ATOMIC);
240 if (!cmd->param) {
241 kfree(cmd);
242 return NULL;
243 }
244
245 if (data)
246 memcpy(cmd->param, data, len);
247
248 cmd->sk = sk;
249 sock_hold(sk);
250
251 list_add(&cmd->list, &cmd_list);
252
253 return cmd;
254 }
255
256 static void mgmt_pending_foreach(u16 opcode, int index,
257 void (*cb)(struct pending_cmd *cmd, void *data),
258 void *data)
259 {
260 struct list_head *p, *n;
261
262 list_for_each_safe(p, n, &cmd_list) {
263 struct pending_cmd *cmd;
264
265 cmd = list_entry(p, struct pending_cmd, list);
266
267 if (opcode > 0 && cmd->opcode != opcode)
268 continue;
269
270 if (index >= 0 && cmd->index != index)
271 continue;
272
273 cb(cmd, data);
274 }
275 }
276
277 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
278 {
279 struct pending_cmd *cmd;
280
281 list_for_each_entry(cmd, &cmd_list, list) {
282 if (cmd->opcode != opcode)
283 continue;
284
285 if (index >= 0 && cmd->index != index)
286 continue;
287
288 return cmd;
289 }
290
291 return NULL;
292 }
293
294 static void mgmt_pending_remove(struct pending_cmd *cmd)
295 {
296 list_del(&cmd->list);
297 mgmt_pending_free(cmd);
298 }
299
300 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
301 {
302 struct mgmt_mode *cp;
303 struct hci_dev *hdev;
304 struct pending_cmd *cmd;
305 int err, up;
306
307 cp = (void *) data;
308
309 BT_DBG("request for hci%u", index);
310
311 if (len != sizeof(*cp))
312 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
313
314 hdev = hci_dev_get(index);
315 if (!hdev)
316 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
317
318 hci_dev_lock_bh(hdev);
319
320 up = test_bit(HCI_UP, &hdev->flags);
321 if ((cp->val && up) || (!cp->val && !up)) {
322 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
323 goto failed;
324 }
325
326 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
327 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
328 goto failed;
329 }
330
331 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
332 if (!cmd) {
333 err = -ENOMEM;
334 goto failed;
335 }
336
337 if (cp->val)
338 queue_work(hdev->workqueue, &hdev->power_on);
339 else
340 queue_work(hdev->workqueue, &hdev->power_off);
341
342 err = 0;
343
344 failed:
345 hci_dev_unlock_bh(hdev);
346 hci_dev_put(hdev);
347 return err;
348 }
349
350 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
351 u16 len)
352 {
353 struct mgmt_mode *cp;
354 struct hci_dev *hdev;
355 struct pending_cmd *cmd;
356 u8 scan;
357 int err;
358
359 cp = (void *) data;
360
361 BT_DBG("request for hci%u", index);
362
363 if (len != sizeof(*cp))
364 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
365
366 hdev = hci_dev_get(index);
367 if (!hdev)
368 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
369
370 hci_dev_lock_bh(hdev);
371
372 if (!test_bit(HCI_UP, &hdev->flags)) {
373 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
374 goto failed;
375 }
376
377 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
378 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
379 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
380 goto failed;
381 }
382
383 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
384 test_bit(HCI_PSCAN, &hdev->flags)) {
385 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
386 goto failed;
387 }
388
389 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
390 if (!cmd) {
391 err = -ENOMEM;
392 goto failed;
393 }
394
395 scan = SCAN_PAGE;
396
397 if (cp->val)
398 scan |= SCAN_INQUIRY;
399
400 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
401 if (err < 0)
402 mgmt_pending_remove(cmd);
403
404 failed:
405 hci_dev_unlock_bh(hdev);
406 hci_dev_put(hdev);
407
408 return err;
409 }
410
411 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
412 u16 len)
413 {
414 struct mgmt_mode *cp;
415 struct hci_dev *hdev;
416 struct pending_cmd *cmd;
417 u8 scan;
418 int err;
419
420 cp = (void *) data;
421
422 BT_DBG("request for hci%u", index);
423
424 if (len != sizeof(*cp))
425 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
426
427 hdev = hci_dev_get(index);
428 if (!hdev)
429 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
430
431 hci_dev_lock_bh(hdev);
432
433 if (!test_bit(HCI_UP, &hdev->flags)) {
434 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
435 goto failed;
436 }
437
438 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
439 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
440 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
441 goto failed;
442 }
443
444 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
445 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
446 goto failed;
447 }
448
449 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
450 if (!cmd) {
451 err = -ENOMEM;
452 goto failed;
453 }
454
455 if (cp->val)
456 scan = SCAN_PAGE;
457 else
458 scan = 0;
459
460 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
461 if (err < 0)
462 mgmt_pending_remove(cmd);
463
464 failed:
465 hci_dev_unlock_bh(hdev);
466 hci_dev_put(hdev);
467
468 return err;
469 }
470
471 static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
472 struct sock *skip_sk)
473 {
474 struct sk_buff *skb;
475 struct mgmt_hdr *hdr;
476
477 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
478 if (!skb)
479 return -ENOMEM;
480
481 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
482
483 hdr = (void *) skb_put(skb, sizeof(*hdr));
484 hdr->opcode = cpu_to_le16(event);
485 hdr->index = cpu_to_le16(index);
486 hdr->len = cpu_to_le16(data_len);
487
488 if (data)
489 memcpy(skb_put(skb, data_len), data, data_len);
490
491 hci_send_to_sock(NULL, skb, skip_sk);
492 kfree_skb(skb);
493
494 return 0;
495 }
496
497 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
498 {
499 struct mgmt_mode rp;
500
501 rp.val = val;
502
503 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
504 }
505
506 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
507 u16 len)
508 {
509 struct mgmt_mode *cp, ev;
510 struct hci_dev *hdev;
511 int err;
512
513 cp = (void *) data;
514
515 BT_DBG("request for hci%u", index);
516
517 if (len != sizeof(*cp))
518 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
519
520 hdev = hci_dev_get(index);
521 if (!hdev)
522 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
523
524 hci_dev_lock_bh(hdev);
525
526 if (cp->val)
527 set_bit(HCI_PAIRABLE, &hdev->flags);
528 else
529 clear_bit(HCI_PAIRABLE, &hdev->flags);
530
531 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
532 if (err < 0)
533 goto failed;
534
535 ev.val = cp->val;
536
537 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
538
539 failed:
540 hci_dev_unlock_bh(hdev);
541 hci_dev_put(hdev);
542
543 return err;
544 }
545
546 #define EIR_FLAGS 0x01 /* flags */
547 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
548 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
549 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
550 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
551 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
552 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
553 #define EIR_NAME_SHORT 0x08 /* shortened local name */
554 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
555 #define EIR_TX_POWER 0x0A /* transmit power level */
556 #define EIR_DEVICE_ID 0x10 /* device ID */
557
558 #define PNP_INFO_SVCLASS_ID 0x1200
559
560 static u8 bluetooth_base_uuid[] = {
561 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
562 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
563 };
564
565 static u16 get_uuid16(u8 *uuid128)
566 {
567 u32 val;
568 int i;
569
570 for (i = 0; i < 12; i++) {
571 if (bluetooth_base_uuid[i] != uuid128[i])
572 return 0;
573 }
574
575 memcpy(&val, &uuid128[12], 4);
576
577 val = le32_to_cpu(val);
578 if (val > 0xffff)
579 return 0;
580
581 return (u16) val;
582 }
583
584 static void create_eir(struct hci_dev *hdev, u8 *data)
585 {
586 u8 *ptr = data;
587 u16 eir_len = 0;
588 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
589 int i, truncated = 0;
590 struct bt_uuid *uuid;
591 size_t name_len;
592
593 name_len = strlen(hdev->dev_name);
594
595 if (name_len > 0) {
596 /* EIR Data type */
597 if (name_len > 48) {
598 name_len = 48;
599 ptr[1] = EIR_NAME_SHORT;
600 } else
601 ptr[1] = EIR_NAME_COMPLETE;
602
603 /* EIR Data length */
604 ptr[0] = name_len + 1;
605
606 memcpy(ptr + 2, hdev->dev_name, name_len);
607
608 eir_len += (name_len + 2);
609 ptr += (name_len + 2);
610 }
611
612 memset(uuid16_list, 0, sizeof(uuid16_list));
613
614 /* Group all UUID16 types */
615 list_for_each_entry(uuid, &hdev->uuids, list) {
616 u16 uuid16;
617
618 uuid16 = get_uuid16(uuid->uuid);
619 if (uuid16 == 0)
620 return;
621
622 if (uuid16 < 0x1100)
623 continue;
624
625 if (uuid16 == PNP_INFO_SVCLASS_ID)
626 continue;
627
628 /* Stop if not enough space to put next UUID */
629 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
630 truncated = 1;
631 break;
632 }
633
634 /* Check for duplicates */
635 for (i = 0; uuid16_list[i] != 0; i++)
636 if (uuid16_list[i] == uuid16)
637 break;
638
639 if (uuid16_list[i] == 0) {
640 uuid16_list[i] = uuid16;
641 eir_len += sizeof(u16);
642 }
643 }
644
645 if (uuid16_list[0] != 0) {
646 u8 *length = ptr;
647
648 /* EIR Data type */
649 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
650
651 ptr += 2;
652 eir_len += 2;
653
654 for (i = 0; uuid16_list[i] != 0; i++) {
655 *ptr++ = (uuid16_list[i] & 0x00ff);
656 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
657 }
658
659 /* EIR Data length */
660 *length = (i * sizeof(u16)) + 1;
661 }
662 }
663
664 static int update_eir(struct hci_dev *hdev)
665 {
666 struct hci_cp_write_eir cp;
667
668 if (!(hdev->features[6] & LMP_EXT_INQ))
669 return 0;
670
671 if (hdev->ssp_mode == 0)
672 return 0;
673
674 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
675 return 0;
676
677 memset(&cp, 0, sizeof(cp));
678
679 create_eir(hdev, cp.data);
680
681 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
682 return 0;
683
684 memcpy(hdev->eir, cp.data, sizeof(cp.data));
685
686 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
687 }
688
689 static u8 get_service_classes(struct hci_dev *hdev)
690 {
691 struct bt_uuid *uuid;
692 u8 val = 0;
693
694 list_for_each_entry(uuid, &hdev->uuids, list)
695 val |= uuid->svc_hint;
696
697 return val;
698 }
699
700 static int update_class(struct hci_dev *hdev)
701 {
702 u8 cod[3];
703
704 BT_DBG("%s", hdev->name);
705
706 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
707 return 0;
708
709 cod[0] = hdev->minor_class;
710 cod[1] = hdev->major_class;
711 cod[2] = get_service_classes(hdev);
712
713 if (memcmp(cod, hdev->dev_class, 3) == 0)
714 return 0;
715
716 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
717 }
718
719 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
720 {
721 struct mgmt_cp_add_uuid *cp;
722 struct hci_dev *hdev;
723 struct bt_uuid *uuid;
724 int err;
725
726 cp = (void *) data;
727
728 BT_DBG("request for hci%u", index);
729
730 if (len != sizeof(*cp))
731 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
732
733 hdev = hci_dev_get(index);
734 if (!hdev)
735 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
736
737 hci_dev_lock_bh(hdev);
738
739 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
740 if (!uuid) {
741 err = -ENOMEM;
742 goto failed;
743 }
744
745 memcpy(uuid->uuid, cp->uuid, 16);
746 uuid->svc_hint = cp->svc_hint;
747
748 list_add(&uuid->list, &hdev->uuids);
749
750 err = update_class(hdev);
751 if (err < 0)
752 goto failed;
753
754 err = update_eir(hdev);
755 if (err < 0)
756 goto failed;
757
758 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
759
760 failed:
761 hci_dev_unlock_bh(hdev);
762 hci_dev_put(hdev);
763
764 return err;
765 }
766
767 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
768 {
769 struct list_head *p, *n;
770 struct mgmt_cp_remove_uuid *cp;
771 struct hci_dev *hdev;
772 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
773 int err, found;
774
775 cp = (void *) data;
776
777 BT_DBG("request for hci%u", index);
778
779 if (len != sizeof(*cp))
780 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
781
782 hdev = hci_dev_get(index);
783 if (!hdev)
784 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
785
786 hci_dev_lock_bh(hdev);
787
788 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
789 err = hci_uuids_clear(hdev);
790 goto unlock;
791 }
792
793 found = 0;
794
795 list_for_each_safe(p, n, &hdev->uuids) {
796 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
797
798 if (memcmp(match->uuid, cp->uuid, 16) != 0)
799 continue;
800
801 list_del(&match->list);
802 found++;
803 }
804
805 if (found == 0) {
806 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
807 goto unlock;
808 }
809
810 err = update_class(hdev);
811 if (err < 0)
812 goto unlock;
813
814 err = update_eir(hdev);
815 if (err < 0)
816 goto unlock;
817
818 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
819
820 unlock:
821 hci_dev_unlock_bh(hdev);
822 hci_dev_put(hdev);
823
824 return err;
825 }
826
827 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
828 u16 len)
829 {
830 struct hci_dev *hdev;
831 struct mgmt_cp_set_dev_class *cp;
832 int err;
833
834 cp = (void *) data;
835
836 BT_DBG("request for hci%u", index);
837
838 if (len != sizeof(*cp))
839 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
840
841 hdev = hci_dev_get(index);
842 if (!hdev)
843 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
844
845 hci_dev_lock_bh(hdev);
846
847 hdev->major_class = cp->major;
848 hdev->minor_class = cp->minor;
849
850 err = update_class(hdev);
851
852 if (err == 0)
853 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
854
855 hci_dev_unlock_bh(hdev);
856 hci_dev_put(hdev);
857
858 return err;
859 }
860
861 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
862 u16 len)
863 {
864 struct hci_dev *hdev;
865 struct mgmt_cp_set_service_cache *cp;
866 int err;
867
868 cp = (void *) data;
869
870 if (len != sizeof(*cp))
871 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
872
873 hdev = hci_dev_get(index);
874 if (!hdev)
875 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
876
877 hci_dev_lock_bh(hdev);
878
879 BT_DBG("hci%u enable %d", index, cp->enable);
880
881 if (cp->enable) {
882 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
883 err = 0;
884 } else {
885 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
886 err = update_class(hdev);
887 if (err == 0)
888 err = update_eir(hdev);
889 }
890
891 if (err == 0)
892 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
893 0);
894 else
895 cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, -err);
896
897
898 hci_dev_unlock_bh(hdev);
899 hci_dev_put(hdev);
900
901 return err;
902 }
903
904 static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len)
905 {
906 struct hci_dev *hdev;
907 struct mgmt_cp_load_keys *cp;
908 u16 key_count, expected_len;
909 int i;
910
911 cp = (void *) data;
912
913 if (len < sizeof(*cp))
914 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, EINVAL);
915
916 key_count = get_unaligned_le16(&cp->key_count);
917
918 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
919 if (expected_len != len) {
920 BT_ERR("load_keys: expected %u bytes, got %u bytes",
921 len, expected_len);
922 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, EINVAL);
923 }
924
925 hdev = hci_dev_get(index);
926 if (!hdev)
927 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV);
928
929 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
930 key_count);
931
932 hci_dev_lock_bh(hdev);
933
934 hci_link_keys_clear(hdev);
935
936 set_bit(HCI_LINK_KEYS, &hdev->flags);
937
938 if (cp->debug_keys)
939 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
940 else
941 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
942
943 for (i = 0; i < key_count; i++) {
944 struct mgmt_key_info *key = &cp->keys[i];
945
946 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
947 key->pin_len);
948 }
949
950 hci_dev_unlock_bh(hdev);
951 hci_dev_put(hdev);
952
953 return 0;
954 }
955
956 static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len)
957 {
958 struct hci_dev *hdev;
959 struct mgmt_cp_remove_key *cp;
960 struct hci_conn *conn;
961 int err;
962
963 cp = (void *) data;
964
965 if (len != sizeof(*cp))
966 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL);
967
968 hdev = hci_dev_get(index);
969 if (!hdev)
970 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV);
971
972 hci_dev_lock_bh(hdev);
973
974 err = hci_remove_link_key(hdev, &cp->bdaddr);
975 if (err < 0) {
976 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err);
977 goto unlock;
978 }
979
980 err = 0;
981
982 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
983 goto unlock;
984
985 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
986 if (conn) {
987 struct hci_cp_disconnect dc;
988
989 put_unaligned_le16(conn->handle, &dc.handle);
990 dc.reason = 0x13; /* Remote User Terminated Connection */
991 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
992 }
993
994 unlock:
995 hci_dev_unlock_bh(hdev);
996 hci_dev_put(hdev);
997
998 return err;
999 }
1000
1001 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1002 {
1003 struct hci_dev *hdev;
1004 struct mgmt_cp_disconnect *cp;
1005 struct hci_cp_disconnect dc;
1006 struct pending_cmd *cmd;
1007 struct hci_conn *conn;
1008 int err;
1009
1010 BT_DBG("");
1011
1012 cp = (void *) data;
1013
1014 if (len != sizeof(*cp))
1015 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1016
1017 hdev = hci_dev_get(index);
1018 if (!hdev)
1019 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
1020
1021 hci_dev_lock_bh(hdev);
1022
1023 if (!test_bit(HCI_UP, &hdev->flags)) {
1024 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
1025 goto failed;
1026 }
1027
1028 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1029 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
1030 goto failed;
1031 }
1032
1033 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1034 if (!conn)
1035 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1036
1037 if (!conn) {
1038 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
1039 goto failed;
1040 }
1041
1042 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
1043 if (!cmd) {
1044 err = -ENOMEM;
1045 goto failed;
1046 }
1047
1048 put_unaligned_le16(conn->handle, &dc.handle);
1049 dc.reason = 0x13; /* Remote User Terminated Connection */
1050
1051 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1052 if (err < 0)
1053 mgmt_pending_remove(cmd);
1054
1055 failed:
1056 hci_dev_unlock_bh(hdev);
1057 hci_dev_put(hdev);
1058
1059 return err;
1060 }
1061
1062 static int get_connections(struct sock *sk, u16 index)
1063 {
1064 struct mgmt_rp_get_connections *rp;
1065 struct hci_dev *hdev;
1066 struct hci_conn *c;
1067 struct list_head *p;
1068 size_t rp_len;
1069 u16 count;
1070 int i, err;
1071
1072 BT_DBG("");
1073
1074 hdev = hci_dev_get(index);
1075 if (!hdev)
1076 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
1077
1078 hci_dev_lock_bh(hdev);
1079
1080 count = 0;
1081 list_for_each(p, &hdev->conn_hash.list) {
1082 count++;
1083 }
1084
1085 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1086 rp = kmalloc(rp_len, GFP_ATOMIC);
1087 if (!rp) {
1088 err = -ENOMEM;
1089 goto unlock;
1090 }
1091
1092 put_unaligned_le16(count, &rp->conn_count);
1093
1094 i = 0;
1095 list_for_each_entry(c, &hdev->conn_hash.list, list)
1096 bacpy(&rp->conn[i++], &c->dst);
1097
1098 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1099
1100 unlock:
1101 kfree(rp);
1102 hci_dev_unlock_bh(hdev);
1103 hci_dev_put(hdev);
1104 return err;
1105 }
1106
1107 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1108 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1109 {
1110 struct pending_cmd *cmd;
1111 int err;
1112
1113 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1114 sizeof(*cp));
1115 if (!cmd)
1116 return -ENOMEM;
1117
1118 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1119 &cp->bdaddr);
1120 if (err < 0)
1121 mgmt_pending_remove(cmd);
1122
1123 return err;
1124 }
1125
1126 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1127 u16 len)
1128 {
1129 struct hci_dev *hdev;
1130 struct hci_conn *conn;
1131 struct mgmt_cp_pin_code_reply *cp;
1132 struct mgmt_cp_pin_code_neg_reply ncp;
1133 struct hci_cp_pin_code_reply reply;
1134 struct pending_cmd *cmd;
1135 int err;
1136
1137 BT_DBG("");
1138
1139 cp = (void *) data;
1140
1141 if (len != sizeof(*cp))
1142 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1143
1144 hdev = hci_dev_get(index);
1145 if (!hdev)
1146 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
1147
1148 hci_dev_lock_bh(hdev);
1149
1150 if (!test_bit(HCI_UP, &hdev->flags)) {
1151 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
1152 goto failed;
1153 }
1154
1155 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1156 if (!conn) {
1157 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1158 goto failed;
1159 }
1160
1161 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1162 bacpy(&ncp.bdaddr, &cp->bdaddr);
1163
1164 BT_ERR("PIN code is not 16 bytes long");
1165
1166 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1167 if (err >= 0)
1168 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1169 EINVAL);
1170
1171 goto failed;
1172 }
1173
1174 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
1175 if (!cmd) {
1176 err = -ENOMEM;
1177 goto failed;
1178 }
1179
1180 bacpy(&reply.bdaddr, &cp->bdaddr);
1181 reply.pin_len = cp->pin_len;
1182 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1183
1184 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1185 if (err < 0)
1186 mgmt_pending_remove(cmd);
1187
1188 failed:
1189 hci_dev_unlock_bh(hdev);
1190 hci_dev_put(hdev);
1191
1192 return err;
1193 }
1194
1195 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1196 u16 len)
1197 {
1198 struct hci_dev *hdev;
1199 struct mgmt_cp_pin_code_neg_reply *cp;
1200 int err;
1201
1202 BT_DBG("");
1203
1204 cp = (void *) data;
1205
1206 if (len != sizeof(*cp))
1207 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1208 EINVAL);
1209
1210 hdev = hci_dev_get(index);
1211 if (!hdev)
1212 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1213 ENODEV);
1214
1215 hci_dev_lock_bh(hdev);
1216
1217 if (!test_bit(HCI_UP, &hdev->flags)) {
1218 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1219 ENETDOWN);
1220 goto failed;
1221 }
1222
1223 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1224
1225 failed:
1226 hci_dev_unlock_bh(hdev);
1227 hci_dev_put(hdev);
1228
1229 return err;
1230 }
1231
1232 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1233 u16 len)
1234 {
1235 struct hci_dev *hdev;
1236 struct mgmt_cp_set_io_capability *cp;
1237
1238 BT_DBG("");
1239
1240 cp = (void *) data;
1241
1242 if (len != sizeof(*cp))
1243 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
1244
1245 hdev = hci_dev_get(index);
1246 if (!hdev)
1247 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1248
1249 hci_dev_lock_bh(hdev);
1250
1251 hdev->io_capability = cp->io_capability;
1252
1253 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1254 hdev->io_capability);
1255
1256 hci_dev_unlock_bh(hdev);
1257 hci_dev_put(hdev);
1258
1259 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1260 }
1261
1262 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1263 {
1264 struct hci_dev *hdev = conn->hdev;
1265 struct pending_cmd *cmd;
1266
1267 list_for_each_entry(cmd, &cmd_list, list) {
1268 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1269 continue;
1270
1271 if (cmd->index != hdev->id)
1272 continue;
1273
1274 if (cmd->user_data != conn)
1275 continue;
1276
1277 return cmd;
1278 }
1279
1280 return NULL;
1281 }
1282
1283 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1284 {
1285 struct mgmt_rp_pair_device rp;
1286 struct hci_conn *conn = cmd->user_data;
1287
1288 bacpy(&rp.bdaddr, &conn->dst);
1289 rp.status = status;
1290
1291 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1292
1293 /* So we don't get further callbacks for this connection */
1294 conn->connect_cfm_cb = NULL;
1295 conn->security_cfm_cb = NULL;
1296 conn->disconn_cfm_cb = NULL;
1297
1298 hci_conn_put(conn);
1299
1300 mgmt_pending_remove(cmd);
1301 }
1302
1303 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1304 {
1305 struct pending_cmd *cmd;
1306
1307 BT_DBG("status %u", status);
1308
1309 cmd = find_pairing(conn);
1310 if (!cmd) {
1311 BT_DBG("Unable to find a pending command");
1312 return;
1313 }
1314
1315 pairing_complete(cmd, status);
1316 }
1317
1318 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1319 {
1320 struct hci_dev *hdev;
1321 struct mgmt_cp_pair_device *cp;
1322 struct pending_cmd *cmd;
1323 struct adv_entry *entry;
1324 u8 sec_level, auth_type;
1325 struct hci_conn *conn;
1326 int err;
1327
1328 BT_DBG("");
1329
1330 cp = (void *) data;
1331
1332 if (len != sizeof(*cp))
1333 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1334
1335 hdev = hci_dev_get(index);
1336 if (!hdev)
1337 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
1338
1339 hci_dev_lock_bh(hdev);
1340
1341 sec_level = BT_SECURITY_MEDIUM;
1342 if (cp->io_cap == 0x03)
1343 auth_type = HCI_AT_DEDICATED_BONDING;
1344 else
1345 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1346
1347 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1348 if (entry)
1349 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1350 auth_type);
1351 else
1352 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1353 auth_type);
1354
1355 if (IS_ERR(conn)) {
1356 err = PTR_ERR(conn);
1357 goto unlock;
1358 }
1359
1360 if (conn->connect_cfm_cb) {
1361 hci_conn_put(conn);
1362 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
1363 goto unlock;
1364 }
1365
1366 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
1367 if (!cmd) {
1368 err = -ENOMEM;
1369 hci_conn_put(conn);
1370 goto unlock;
1371 }
1372
1373 /* For LE, just connecting isn't a proof that the pairing finished */
1374 if (!entry)
1375 conn->connect_cfm_cb = pairing_complete_cb;
1376
1377 conn->security_cfm_cb = pairing_complete_cb;
1378 conn->disconn_cfm_cb = pairing_complete_cb;
1379 conn->io_capability = cp->io_cap;
1380 cmd->user_data = conn;
1381
1382 if (conn->state == BT_CONNECTED &&
1383 hci_conn_security(conn, sec_level, auth_type))
1384 pairing_complete(cmd, 0);
1385
1386 err = 0;
1387
1388 unlock:
1389 hci_dev_unlock_bh(hdev);
1390 hci_dev_put(hdev);
1391
1392 return err;
1393 }
1394
1395 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1396 u16 len, int success)
1397 {
1398 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1399 u16 mgmt_op, hci_op;
1400 struct pending_cmd *cmd;
1401 struct hci_dev *hdev;
1402 int err;
1403
1404 BT_DBG("");
1405
1406 if (success) {
1407 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1408 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1409 } else {
1410 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1411 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1412 }
1413
1414 if (len != sizeof(*cp))
1415 return cmd_status(sk, index, mgmt_op, EINVAL);
1416
1417 hdev = hci_dev_get(index);
1418 if (!hdev)
1419 return cmd_status(sk, index, mgmt_op, ENODEV);
1420
1421 hci_dev_lock_bh(hdev);
1422
1423 if (!test_bit(HCI_UP, &hdev->flags)) {
1424 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1425 goto failed;
1426 }
1427
1428 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
1429 if (!cmd) {
1430 err = -ENOMEM;
1431 goto failed;
1432 }
1433
1434 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1435 if (err < 0)
1436 mgmt_pending_remove(cmd);
1437
1438 failed:
1439 hci_dev_unlock_bh(hdev);
1440 hci_dev_put(hdev);
1441
1442 return err;
1443 }
1444
1445 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1446 u16 len)
1447 {
1448 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1449 struct hci_cp_write_local_name hci_cp;
1450 struct hci_dev *hdev;
1451 struct pending_cmd *cmd;
1452 int err;
1453
1454 BT_DBG("");
1455
1456 if (len != sizeof(*mgmt_cp))
1457 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1458
1459 hdev = hci_dev_get(index);
1460 if (!hdev)
1461 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1462
1463 hci_dev_lock_bh(hdev);
1464
1465 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1466 if (!cmd) {
1467 err = -ENOMEM;
1468 goto failed;
1469 }
1470
1471 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1472 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1473 &hci_cp);
1474 if (err < 0)
1475 mgmt_pending_remove(cmd);
1476
1477 failed:
1478 hci_dev_unlock_bh(hdev);
1479 hci_dev_put(hdev);
1480
1481 return err;
1482 }
1483
1484 static int read_local_oob_data(struct sock *sk, u16 index)
1485 {
1486 struct hci_dev *hdev;
1487 struct pending_cmd *cmd;
1488 int err;
1489
1490 BT_DBG("hci%u", index);
1491
1492 hdev = hci_dev_get(index);
1493 if (!hdev)
1494 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1495 ENODEV);
1496
1497 hci_dev_lock_bh(hdev);
1498
1499 if (!test_bit(HCI_UP, &hdev->flags)) {
1500 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1501 ENETDOWN);
1502 goto unlock;
1503 }
1504
1505 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1506 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1507 EOPNOTSUPP);
1508 goto unlock;
1509 }
1510
1511 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1512 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1513 goto unlock;
1514 }
1515
1516 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1517 if (!cmd) {
1518 err = -ENOMEM;
1519 goto unlock;
1520 }
1521
1522 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1523 if (err < 0)
1524 mgmt_pending_remove(cmd);
1525
1526 unlock:
1527 hci_dev_unlock_bh(hdev);
1528 hci_dev_put(hdev);
1529
1530 return err;
1531 }
1532
1533 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1534 u16 len)
1535 {
1536 struct hci_dev *hdev;
1537 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1538 int err;
1539
1540 BT_DBG("hci%u ", index);
1541
1542 if (len != sizeof(*cp))
1543 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1544 EINVAL);
1545
1546 hdev = hci_dev_get(index);
1547 if (!hdev)
1548 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1549 ENODEV);
1550
1551 hci_dev_lock_bh(hdev);
1552
1553 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1554 cp->randomizer);
1555 if (err < 0)
1556 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1557 else
1558 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1559 0);
1560
1561 hci_dev_unlock_bh(hdev);
1562 hci_dev_put(hdev);
1563
1564 return err;
1565 }
1566
1567 static int remove_remote_oob_data(struct sock *sk, u16 index,
1568 unsigned char *data, u16 len)
1569 {
1570 struct hci_dev *hdev;
1571 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1572 int err;
1573
1574 BT_DBG("hci%u ", index);
1575
1576 if (len != sizeof(*cp))
1577 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1578 EINVAL);
1579
1580 hdev = hci_dev_get(index);
1581 if (!hdev)
1582 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1583 ENODEV);
1584
1585 hci_dev_lock_bh(hdev);
1586
1587 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1588 if (err < 0)
1589 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1590 -err);
1591 else
1592 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1593 NULL, 0);
1594
1595 hci_dev_unlock_bh(hdev);
1596 hci_dev_put(hdev);
1597
1598 return err;
1599 }
1600
1601 static int start_discovery(struct sock *sk, u16 index)
1602 {
1603 struct pending_cmd *cmd;
1604 struct hci_dev *hdev;
1605 int err;
1606
1607 BT_DBG("hci%u", index);
1608
1609 hdev = hci_dev_get(index);
1610 if (!hdev)
1611 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1612
1613 hci_dev_lock_bh(hdev);
1614
1615 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1616 if (!cmd) {
1617 err = -ENOMEM;
1618 goto failed;
1619 }
1620
1621 err = hci_do_inquiry(hdev, INQUIRY_LEN_BREDR);
1622 if (err < 0)
1623 mgmt_pending_remove(cmd);
1624
1625 failed:
1626 hci_dev_unlock_bh(hdev);
1627 hci_dev_put(hdev);
1628
1629 return err;
1630 }
1631
1632 static int stop_discovery(struct sock *sk, u16 index)
1633 {
1634 struct hci_dev *hdev;
1635 struct pending_cmd *cmd;
1636 int err;
1637
1638 BT_DBG("hci%u", index);
1639
1640 hdev = hci_dev_get(index);
1641 if (!hdev)
1642 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1643
1644 hci_dev_lock_bh(hdev);
1645
1646 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1647 if (!cmd) {
1648 err = -ENOMEM;
1649 goto failed;
1650 }
1651
1652 err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL);
1653 if (err < 0)
1654 mgmt_pending_remove(cmd);
1655
1656 failed:
1657 hci_dev_unlock_bh(hdev);
1658 hci_dev_put(hdev);
1659
1660 return err;
1661 }
1662
1663 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1664 u16 len)
1665 {
1666 struct hci_dev *hdev;
1667 struct pending_cmd *cmd;
1668 struct mgmt_cp_block_device *cp = (void *) data;
1669 int err;
1670
1671 BT_DBG("hci%u", index);
1672
1673 if (len != sizeof(*cp))
1674 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1675 EINVAL);
1676
1677 hdev = hci_dev_get(index);
1678 if (!hdev)
1679 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1680 ENODEV);
1681
1682 hci_dev_lock_bh(hdev);
1683
1684 cmd = mgmt_pending_add(sk, MGMT_OP_BLOCK_DEVICE, index, NULL, 0);
1685 if (!cmd) {
1686 err = -ENOMEM;
1687 goto failed;
1688 }
1689
1690 err = hci_blacklist_add(hdev, &cp->bdaddr);
1691
1692 if (err < 0)
1693 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1694 else
1695 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1696 NULL, 0);
1697
1698 mgmt_pending_remove(cmd);
1699
1700 failed:
1701 hci_dev_unlock_bh(hdev);
1702 hci_dev_put(hdev);
1703
1704 return err;
1705 }
1706
1707 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1708 u16 len)
1709 {
1710 struct hci_dev *hdev;
1711 struct pending_cmd *cmd;
1712 struct mgmt_cp_unblock_device *cp = (void *) data;
1713 int err;
1714
1715 BT_DBG("hci%u", index);
1716
1717 if (len != sizeof(*cp))
1718 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1719 EINVAL);
1720
1721 hdev = hci_dev_get(index);
1722 if (!hdev)
1723 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1724 ENODEV);
1725
1726 hci_dev_lock_bh(hdev);
1727
1728 cmd = mgmt_pending_add(sk, MGMT_OP_UNBLOCK_DEVICE, index, NULL, 0);
1729 if (!cmd) {
1730 err = -ENOMEM;
1731 goto failed;
1732 }
1733
1734 err = hci_blacklist_del(hdev, &cp->bdaddr);
1735
1736 if (err < 0)
1737 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1738 else
1739 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1740 NULL, 0);
1741
1742 mgmt_pending_remove(cmd);
1743
1744 failed:
1745 hci_dev_unlock_bh(hdev);
1746 hci_dev_put(hdev);
1747
1748 return err;
1749 }
1750
1751 static int set_fast_connectable(struct sock *sk, u16 index,
1752 unsigned char *data, u16 len)
1753 {
1754 struct hci_dev *hdev;
1755 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1756 struct hci_cp_write_page_scan_activity acp;
1757 u8 type;
1758 int err;
1759
1760 BT_DBG("hci%u", index);
1761
1762 if (len != sizeof(*cp))
1763 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1764 EINVAL);
1765
1766 hdev = hci_dev_get(index);
1767 if (!hdev)
1768 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1769 ENODEV);
1770
1771 hci_dev_lock(hdev);
1772
1773 if (cp->enable) {
1774 type = PAGE_SCAN_TYPE_INTERLACED;
1775 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1776 } else {
1777 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1778 acp.interval = 0x0800; /* default 1.28 sec page scan */
1779 }
1780
1781 acp.window = 0x0012; /* default 11.25 msec page scan window */
1782
1783 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1784 sizeof(acp), &acp);
1785 if (err < 0) {
1786 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1787 -err);
1788 goto done;
1789 }
1790
1791 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1792 if (err < 0) {
1793 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1794 -err);
1795 goto done;
1796 }
1797
1798 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1799 NULL, 0);
1800 done:
1801 hci_dev_unlock(hdev);
1802 hci_dev_put(hdev);
1803
1804 return err;
1805 }
1806
1807 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1808 {
1809 unsigned char *buf;
1810 struct mgmt_hdr *hdr;
1811 u16 opcode, index, len;
1812 int err;
1813
1814 BT_DBG("got %zu bytes", msglen);
1815
1816 if (msglen < sizeof(*hdr))
1817 return -EINVAL;
1818
1819 buf = kmalloc(msglen, GFP_KERNEL);
1820 if (!buf)
1821 return -ENOMEM;
1822
1823 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1824 err = -EFAULT;
1825 goto done;
1826 }
1827
1828 hdr = (struct mgmt_hdr *) buf;
1829 opcode = get_unaligned_le16(&hdr->opcode);
1830 index = get_unaligned_le16(&hdr->index);
1831 len = get_unaligned_le16(&hdr->len);
1832
1833 if (len != msglen - sizeof(*hdr)) {
1834 err = -EINVAL;
1835 goto done;
1836 }
1837
1838 switch (opcode) {
1839 case MGMT_OP_READ_VERSION:
1840 err = read_version(sk);
1841 break;
1842 case MGMT_OP_READ_INDEX_LIST:
1843 err = read_index_list(sk);
1844 break;
1845 case MGMT_OP_READ_INFO:
1846 err = read_controller_info(sk, index);
1847 break;
1848 case MGMT_OP_SET_POWERED:
1849 err = set_powered(sk, index, buf + sizeof(*hdr), len);
1850 break;
1851 case MGMT_OP_SET_DISCOVERABLE:
1852 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
1853 break;
1854 case MGMT_OP_SET_CONNECTABLE:
1855 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
1856 break;
1857 case MGMT_OP_SET_PAIRABLE:
1858 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
1859 break;
1860 case MGMT_OP_ADD_UUID:
1861 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
1862 break;
1863 case MGMT_OP_REMOVE_UUID:
1864 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
1865 break;
1866 case MGMT_OP_SET_DEV_CLASS:
1867 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1868 break;
1869 case MGMT_OP_SET_SERVICE_CACHE:
1870 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1871 break;
1872 case MGMT_OP_LOAD_KEYS:
1873 err = load_keys(sk, index, buf + sizeof(*hdr), len);
1874 break;
1875 case MGMT_OP_REMOVE_KEY:
1876 err = remove_key(sk, index, buf + sizeof(*hdr), len);
1877 break;
1878 case MGMT_OP_DISCONNECT:
1879 err = disconnect(sk, index, buf + sizeof(*hdr), len);
1880 break;
1881 case MGMT_OP_GET_CONNECTIONS:
1882 err = get_connections(sk, index);
1883 break;
1884 case MGMT_OP_PIN_CODE_REPLY:
1885 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
1886 break;
1887 case MGMT_OP_PIN_CODE_NEG_REPLY:
1888 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
1889 break;
1890 case MGMT_OP_SET_IO_CAPABILITY:
1891 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
1892 break;
1893 case MGMT_OP_PAIR_DEVICE:
1894 err = pair_device(sk, index, buf + sizeof(*hdr), len);
1895 break;
1896 case MGMT_OP_USER_CONFIRM_REPLY:
1897 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
1898 break;
1899 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1900 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
1901 break;
1902 case MGMT_OP_SET_LOCAL_NAME:
1903 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1904 break;
1905 case MGMT_OP_READ_LOCAL_OOB_DATA:
1906 err = read_local_oob_data(sk, index);
1907 break;
1908 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1909 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1910 break;
1911 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1912 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1913 len);
1914 break;
1915 case MGMT_OP_START_DISCOVERY:
1916 err = start_discovery(sk, index);
1917 break;
1918 case MGMT_OP_STOP_DISCOVERY:
1919 err = stop_discovery(sk, index);
1920 break;
1921 case MGMT_OP_BLOCK_DEVICE:
1922 err = block_device(sk, index, buf + sizeof(*hdr), len);
1923 break;
1924 case MGMT_OP_UNBLOCK_DEVICE:
1925 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1926 break;
1927 case MGMT_OP_SET_FAST_CONNECTABLE:
1928 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1929 len);
1930 break;
1931 default:
1932 BT_DBG("Unknown op %u", opcode);
1933 err = cmd_status(sk, index, opcode, 0x01);
1934 break;
1935 }
1936
1937 if (err < 0)
1938 goto done;
1939
1940 err = msglen;
1941
1942 done:
1943 kfree(buf);
1944 return err;
1945 }
1946
1947 static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
1948 {
1949 u8 *status = data;
1950
1951 cmd_status(cmd->sk, cmd->index, cmd->opcode, *status);
1952 mgmt_pending_remove(cmd);
1953 }
1954
1955 int mgmt_index_added(u16 index)
1956 {
1957 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
1958 }
1959
1960 int mgmt_index_removed(u16 index)
1961 {
1962 u8 status = ENODEV;
1963
1964 mgmt_pending_foreach(0, index, cmd_status_rsp, &status);
1965
1966 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
1967 }
1968
1969 struct cmd_lookup {
1970 u8 val;
1971 struct sock *sk;
1972 };
1973
1974 static void mode_rsp(struct pending_cmd *cmd, void *data)
1975 {
1976 struct mgmt_mode *cp = cmd->param;
1977 struct cmd_lookup *match = data;
1978
1979 if (cp->val != match->val)
1980 return;
1981
1982 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1983
1984 list_del(&cmd->list);
1985
1986 if (match->sk == NULL) {
1987 match->sk = cmd->sk;
1988 sock_hold(match->sk);
1989 }
1990
1991 mgmt_pending_free(cmd);
1992 }
1993
1994 int mgmt_powered(u16 index, u8 powered)
1995 {
1996 struct mgmt_mode ev;
1997 struct cmd_lookup match = { powered, NULL };
1998 int ret;
1999
2000 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
2001
2002 if (!powered) {
2003 u8 status = ENETDOWN;
2004 mgmt_pending_foreach(0, index, cmd_status_rsp, &status);
2005 }
2006
2007 ev.val = powered;
2008
2009 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
2010
2011 if (match.sk)
2012 sock_put(match.sk);
2013
2014 return ret;
2015 }
2016
2017 int mgmt_discoverable(u16 index, u8 discoverable)
2018 {
2019 struct mgmt_mode ev;
2020 struct cmd_lookup match = { discoverable, NULL };
2021 int ret;
2022
2023 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
2024
2025 ev.val = discoverable;
2026
2027 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
2028 match.sk);
2029
2030 if (match.sk)
2031 sock_put(match.sk);
2032
2033 return ret;
2034 }
2035
2036 int mgmt_connectable(u16 index, u8 connectable)
2037 {
2038 struct mgmt_mode ev;
2039 struct cmd_lookup match = { connectable, NULL };
2040 int ret;
2041
2042 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
2043
2044 ev.val = connectable;
2045
2046 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
2047
2048 if (match.sk)
2049 sock_put(match.sk);
2050
2051 return ret;
2052 }
2053
2054 int mgmt_new_key(u16 index, struct link_key *key, u8 persistent)
2055 {
2056 struct mgmt_ev_new_key ev;
2057
2058 memset(&ev, 0, sizeof(ev));
2059
2060 ev.store_hint = persistent;
2061 bacpy(&ev.key.bdaddr, &key->bdaddr);
2062 ev.key.type = key->type;
2063 memcpy(ev.key.val, key->val, 16);
2064 ev.key.pin_len = key->pin_len;
2065
2066 return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL);
2067 }
2068
2069 int mgmt_connected(u16 index, bdaddr_t *bdaddr, u8 link_type)
2070 {
2071 struct mgmt_ev_connected ev;
2072
2073 bacpy(&ev.bdaddr, bdaddr);
2074 ev.link_type = link_type;
2075
2076 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
2077 }
2078
2079 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2080 {
2081 struct mgmt_cp_disconnect *cp = cmd->param;
2082 struct sock **sk = data;
2083 struct mgmt_rp_disconnect rp;
2084
2085 bacpy(&rp.bdaddr, &cp->bdaddr);
2086
2087 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2088
2089 *sk = cmd->sk;
2090 sock_hold(*sk);
2091
2092 mgmt_pending_remove(cmd);
2093 }
2094
2095 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2096 {
2097 struct mgmt_ev_disconnected ev;
2098 struct sock *sk = NULL;
2099 int err;
2100
2101 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
2102
2103 bacpy(&ev.bdaddr, bdaddr);
2104
2105 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
2106
2107 if (sk)
2108 sock_put(sk);
2109
2110 return err;
2111 }
2112
2113 int mgmt_disconnect_failed(u16 index)
2114 {
2115 struct pending_cmd *cmd;
2116 int err;
2117
2118 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2119 if (!cmd)
2120 return -ENOENT;
2121
2122 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
2123
2124 mgmt_pending_remove(cmd);
2125
2126 return err;
2127 }
2128
2129 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2130 {
2131 struct mgmt_ev_connect_failed ev;
2132
2133 bacpy(&ev.bdaddr, bdaddr);
2134 ev.status = status;
2135
2136 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
2137 }
2138
2139 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
2140 {
2141 struct mgmt_ev_pin_code_request ev;
2142
2143 bacpy(&ev.bdaddr, bdaddr);
2144 ev.secure = secure;
2145
2146 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2147 NULL);
2148 }
2149
2150 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2151 {
2152 struct pending_cmd *cmd;
2153 struct mgmt_rp_pin_code_reply rp;
2154 int err;
2155
2156 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2157 if (!cmd)
2158 return -ENOENT;
2159
2160 bacpy(&rp.bdaddr, bdaddr);
2161 rp.status = status;
2162
2163 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2164 sizeof(rp));
2165
2166 mgmt_pending_remove(cmd);
2167
2168 return err;
2169 }
2170
2171 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2172 {
2173 struct pending_cmd *cmd;
2174 struct mgmt_rp_pin_code_reply rp;
2175 int err;
2176
2177 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2178 if (!cmd)
2179 return -ENOENT;
2180
2181 bacpy(&rp.bdaddr, bdaddr);
2182 rp.status = status;
2183
2184 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2185 sizeof(rp));
2186
2187 mgmt_pending_remove(cmd);
2188
2189 return err;
2190 }
2191
2192 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2193 u8 confirm_hint)
2194 {
2195 struct mgmt_ev_user_confirm_request ev;
2196
2197 BT_DBG("hci%u", index);
2198
2199 bacpy(&ev.bdaddr, bdaddr);
2200 ev.confirm_hint = confirm_hint;
2201 put_unaligned_le32(value, &ev.value);
2202
2203 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2204 NULL);
2205 }
2206
2207 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2208 u8 opcode)
2209 {
2210 struct pending_cmd *cmd;
2211 struct mgmt_rp_user_confirm_reply rp;
2212 int err;
2213
2214 cmd = mgmt_pending_find(opcode, index);
2215 if (!cmd)
2216 return -ENOENT;
2217
2218 bacpy(&rp.bdaddr, bdaddr);
2219 rp.status = status;
2220 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
2221
2222 mgmt_pending_remove(cmd);
2223
2224 return err;
2225 }
2226
2227 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2228 {
2229 return confirm_reply_complete(index, bdaddr, status,
2230 MGMT_OP_USER_CONFIRM_REPLY);
2231 }
2232
2233 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2234 {
2235 return confirm_reply_complete(index, bdaddr, status,
2236 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2237 }
2238
2239 int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2240 {
2241 struct mgmt_ev_auth_failed ev;
2242
2243 bacpy(&ev.bdaddr, bdaddr);
2244 ev.status = status;
2245
2246 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2247 }
2248
2249 int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2250 {
2251 struct pending_cmd *cmd;
2252 struct hci_dev *hdev;
2253 struct mgmt_cp_set_local_name ev;
2254 int err;
2255
2256 memset(&ev, 0, sizeof(ev));
2257 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2258
2259 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2260 if (!cmd)
2261 goto send_event;
2262
2263 if (status) {
2264 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2265 goto failed;
2266 }
2267
2268 hdev = hci_dev_get(index);
2269 if (hdev) {
2270 hci_dev_lock_bh(hdev);
2271 update_eir(hdev);
2272 hci_dev_unlock_bh(hdev);
2273 hci_dev_put(hdev);
2274 }
2275
2276 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2277 sizeof(ev));
2278 if (err < 0)
2279 goto failed;
2280
2281 send_event:
2282 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2283 cmd ? cmd->sk : NULL);
2284
2285 failed:
2286 if (cmd)
2287 mgmt_pending_remove(cmd);
2288 return err;
2289 }
2290
2291 int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2292 u8 status)
2293 {
2294 struct pending_cmd *cmd;
2295 int err;
2296
2297 BT_DBG("hci%u status %u", index, status);
2298
2299 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2300 if (!cmd)
2301 return -ENOENT;
2302
2303 if (status) {
2304 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2305 EIO);
2306 } else {
2307 struct mgmt_rp_read_local_oob_data rp;
2308
2309 memcpy(rp.hash, hash, sizeof(rp.hash));
2310 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2311
2312 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2313 &rp, sizeof(rp));
2314 }
2315
2316 mgmt_pending_remove(cmd);
2317
2318 return err;
2319 }
2320
2321 int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2322 u8 *eir)
2323 {
2324 struct mgmt_ev_device_found ev;
2325
2326 memset(&ev, 0, sizeof(ev));
2327
2328 bacpy(&ev.bdaddr, bdaddr);
2329 ev.rssi = rssi;
2330
2331 if (eir)
2332 memcpy(ev.eir, eir, sizeof(ev.eir));
2333
2334 if (dev_class)
2335 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2336
2337 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2338 }
2339
2340 int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2341 {
2342 struct mgmt_ev_remote_name ev;
2343
2344 memset(&ev, 0, sizeof(ev));
2345
2346 bacpy(&ev.bdaddr, bdaddr);
2347 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2348
2349 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2350 }
2351
2352 int mgmt_inquiry_failed(u16 index, u8 status)
2353 {
2354 struct pending_cmd *cmd;
2355 int err;
2356
2357 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, index);
2358 if (!cmd)
2359 return -ENOENT;
2360
2361 err = cmd_status(cmd->sk, index, cmd->opcode, status);
2362 mgmt_pending_remove(cmd);
2363
2364 return err;
2365 }
2366
2367 int mgmt_discovering(u16 index, u8 discovering)
2368 {
2369 struct pending_cmd *cmd;
2370
2371 if (discovering)
2372 cmd = mgmt_pending_find(MGMT_OP_START_DISCOVERY, index);
2373 else
2374 cmd = mgmt_pending_find(MGMT_OP_STOP_DISCOVERY, index);
2375
2376 if (cmd != NULL) {
2377 cmd_complete(cmd->sk, index, cmd->opcode, NULL, 0);
2378 mgmt_pending_remove(cmd);
2379 }
2380
2381 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2382 sizeof(discovering), NULL);
2383 }
2384
2385 int mgmt_device_blocked(u16 index, bdaddr_t *bdaddr)
2386 {
2387 struct pending_cmd *cmd;
2388 struct mgmt_ev_device_blocked ev;
2389
2390 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, index);
2391
2392 bacpy(&ev.bdaddr, bdaddr);
2393
2394 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, index, &ev, sizeof(ev),
2395 cmd ? cmd->sk : NULL);
2396 }
2397
2398 int mgmt_device_unblocked(u16 index, bdaddr_t *bdaddr)
2399 {
2400 struct pending_cmd *cmd;
2401 struct mgmt_ev_device_unblocked ev;
2402
2403 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, index);
2404
2405 bacpy(&ev.bdaddr, bdaddr);
2406
2407 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, index, &ev, sizeof(ev),
2408 cmd ? cmd->sk : NULL);
2409 }
kernel source for telekom puls (alcatel/mediatek)