2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 /* Handle HCI Event packets */
50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
52 __u8 status = *((__u8 *) skb->data);
54 BT_DBG("%s status 0x%x", hdev->name, status);
59 clear_bit(HCI_INQUIRY, &hdev->flags);
61 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
63 hci_conn_check_pending(hdev);
66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
68 __u8 status = *((__u8 *) skb->data);
70 BT_DBG("%s status 0x%x", hdev->name, status);
75 clear_bit(HCI_INQUIRY, &hdev->flags);
77 hci_conn_check_pending(hdev);
80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
82 BT_DBG("%s", hdev->name);
85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
100 conn->link_mode &= ~HCI_LM_MASTER;
102 conn->link_mode |= HCI_LM_MASTER;
105 hci_dev_unlock(hdev);
108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
122 conn->link_policy = __le16_to_cpu(rp->policy);
124 hci_dev_unlock(hdev);
127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
130 struct hci_conn *conn;
133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
146 conn->link_policy = get_unaligned_le16(sent + 2);
148 hci_dev_unlock(hdev);
151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
160 hdev->link_policy = __le16_to_cpu(rp->policy);
163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
165 __u8 status = *((__u8 *) skb->data);
168 BT_DBG("%s status 0x%x", hdev->name, status);
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
175 hdev->link_policy = get_unaligned_le16(sent);
177 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
182 __u8 status = *((__u8 *) skb->data);
184 BT_DBG("%s status 0x%x", hdev->name, status);
186 hci_req_complete(hdev, HCI_OP_RESET, status);
189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
191 __u8 status = *((__u8 *) skb->data);
194 BT_DBG("%s status 0x%x", hdev->name, status);
199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
203 memcpy(hdev->dev_name, sent, 248);
206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
215 memcpy(hdev->dev_name, rp->name, 248);
218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
220 __u8 status = *((__u8 *) skb->data);
223 BT_DBG("%s status 0x%x", hdev->name, status);
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
230 __u8 param = *((__u8 *) sent);
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
235 clear_bit(HCI_AUTH, &hdev->flags);
238 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
243 __u8 status = *((__u8 *) skb->data);
246 BT_DBG("%s status 0x%x", hdev->name, status);
248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
253 __u8 param = *((__u8 *) sent);
256 set_bit(HCI_ENCRYPT, &hdev->flags);
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
261 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
266 __u8 status = *((__u8 *) skb->data);
269 BT_DBG("%s status 0x%x", hdev->name, status);
271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
276 __u8 param = *((__u8 *) sent);
277 int old_pscan, old_iscan;
279 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
280 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
282 if (param & SCAN_INQUIRY) {
283 set_bit(HCI_ISCAN, &hdev->flags);
285 mgmt_discoverable(hdev->id, 1);
286 } else if (old_iscan)
287 mgmt_discoverable(hdev->id, 0);
289 if (param & SCAN_PAGE) {
290 set_bit(HCI_PSCAN, &hdev->flags);
292 mgmt_connectable(hdev->id, 1);
293 } else if (old_pscan)
294 mgmt_connectable(hdev->id, 0);
297 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
300 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
302 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
304 BT_DBG("%s status 0x%x", hdev->name, rp->status);
309 memcpy(hdev->dev_class, rp->dev_class, 3);
311 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
312 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
315 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
317 __u8 status = *((__u8 *) skb->data);
320 BT_DBG("%s status 0x%x", hdev->name, status);
325 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
329 memcpy(hdev->dev_class, sent, 3);
332 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
334 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
337 BT_DBG("%s status 0x%x", hdev->name, rp->status);
342 setting = __le16_to_cpu(rp->voice_setting);
344 if (hdev->voice_setting == setting)
347 hdev->voice_setting = setting;
349 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
352 tasklet_disable(&hdev->tx_task);
353 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
354 tasklet_enable(&hdev->tx_task);
358 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
360 __u8 status = *((__u8 *) skb->data);
364 BT_DBG("%s status 0x%x", hdev->name, status);
369 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
373 setting = get_unaligned_le16(sent);
375 if (hdev->voice_setting == setting)
378 hdev->voice_setting = setting;
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
383 tasklet_disable(&hdev->tx_task);
384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 tasklet_enable(&hdev->tx_task);
389 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
391 __u8 status = *((__u8 *) skb->data);
393 BT_DBG("%s status 0x%x", hdev->name, status);
395 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
398 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
400 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
402 BT_DBG("%s status 0x%x", hdev->name, rp->status);
407 hdev->ssp_mode = rp->mode;
410 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
412 __u8 status = *((__u8 *) skb->data);
415 BT_DBG("%s status 0x%x", hdev->name, status);
420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
424 hdev->ssp_mode = *((__u8 *) sent);
427 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
429 if (hdev->features[6] & LMP_EXT_INQ)
432 if (hdev->features[3] & LMP_RSSI_INQ)
435 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
436 hdev->lmp_subver == 0x0757)
439 if (hdev->manufacturer == 15) {
440 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
442 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
444 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
448 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
449 hdev->lmp_subver == 0x1805)
455 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
459 mode = hci_get_inquiry_mode(hdev);
461 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
464 static void hci_setup_event_mask(struct hci_dev *hdev)
466 /* The second byte is 0xff instead of 0x9f (two reserved bits
467 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
468 * command otherwise */
469 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
471 /* Events for 1.2 and newer controllers */
472 if (hdev->lmp_ver > 1) {
473 events[4] |= 0x01; /* Flow Specification Complete */
474 events[4] |= 0x02; /* Inquiry Result with RSSI */
475 events[4] |= 0x04; /* Read Remote Extended Features Complete */
476 events[5] |= 0x08; /* Synchronous Connection Complete */
477 events[5] |= 0x10; /* Synchronous Connection Changed */
480 if (hdev->features[3] & LMP_RSSI_INQ)
481 events[4] |= 0x04; /* Inquiry Result with RSSI */
483 if (hdev->features[5] & LMP_SNIFF_SUBR)
484 events[5] |= 0x20; /* Sniff Subrating */
486 if (hdev->features[5] & LMP_PAUSE_ENC)
487 events[5] |= 0x80; /* Encryption Key Refresh Complete */
489 if (hdev->features[6] & LMP_EXT_INQ)
490 events[5] |= 0x40; /* Extended Inquiry Result */
492 if (hdev->features[6] & LMP_NO_FLUSH)
493 events[7] |= 0x01; /* Enhanced Flush Complete */
495 if (hdev->features[7] & LMP_LSTO)
496 events[6] |= 0x80; /* Link Supervision Timeout Changed */
498 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
499 events[6] |= 0x01; /* IO Capability Request */
500 events[6] |= 0x02; /* IO Capability Response */
501 events[6] |= 0x04; /* User Confirmation Request */
502 events[6] |= 0x08; /* User Passkey Request */
503 events[6] |= 0x10; /* Remote OOB Data Request */
504 events[6] |= 0x20; /* Simple Pairing Complete */
505 events[7] |= 0x04; /* User Passkey Notification */
506 events[7] |= 0x08; /* Keypress Notification */
507 events[7] |= 0x10; /* Remote Host Supported
508 * Features Notification */
511 if (hdev->features[4] & LMP_LE)
512 events[7] |= 0x20; /* LE Meta-Event */
514 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
517 static void hci_setup(struct hci_dev *hdev)
519 hci_setup_event_mask(hdev);
521 if (hdev->lmp_ver > 1)
522 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
526 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
529 if (hdev->features[3] & LMP_RSSI_INQ)
530 hci_setup_inquiry_mode(hdev);
532 if (hdev->features[7] & LMP_INQ_TX_PWR)
533 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
536 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
538 struct hci_rp_read_local_version *rp = (void *) skb->data;
540 BT_DBG("%s status 0x%x", hdev->name, rp->status);
545 hdev->hci_ver = rp->hci_ver;
546 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
547 hdev->lmp_ver = rp->lmp_ver;
548 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
549 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
551 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
553 hdev->hci_ver, hdev->hci_rev);
555 if (test_bit(HCI_INIT, &hdev->flags))
559 static void hci_setup_link_policy(struct hci_dev *hdev)
563 if (hdev->features[0] & LMP_RSWITCH)
564 link_policy |= HCI_LP_RSWITCH;
565 if (hdev->features[0] & LMP_HOLD)
566 link_policy |= HCI_LP_HOLD;
567 if (hdev->features[0] & LMP_SNIFF)
568 link_policy |= HCI_LP_SNIFF;
569 if (hdev->features[1] & LMP_PARK)
570 link_policy |= HCI_LP_PARK;
572 link_policy = cpu_to_le16(link_policy);
573 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
574 sizeof(link_policy), &link_policy);
577 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
579 struct hci_rp_read_local_commands *rp = (void *) skb->data;
581 BT_DBG("%s status 0x%x", hdev->name, rp->status);
586 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
588 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
589 hci_setup_link_policy(hdev);
592 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
595 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
597 struct hci_rp_read_local_features *rp = (void *) skb->data;
599 BT_DBG("%s status 0x%x", hdev->name, rp->status);
604 memcpy(hdev->features, rp->features, 8);
606 /* Adjust default settings according to features
607 * supported by device. */
609 if (hdev->features[0] & LMP_3SLOT)
610 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
612 if (hdev->features[0] & LMP_5SLOT)
613 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
615 if (hdev->features[1] & LMP_HV2) {
616 hdev->pkt_type |= (HCI_HV2);
617 hdev->esco_type |= (ESCO_HV2);
620 if (hdev->features[1] & LMP_HV3) {
621 hdev->pkt_type |= (HCI_HV3);
622 hdev->esco_type |= (ESCO_HV3);
625 if (hdev->features[3] & LMP_ESCO)
626 hdev->esco_type |= (ESCO_EV3);
628 if (hdev->features[4] & LMP_EV4)
629 hdev->esco_type |= (ESCO_EV4);
631 if (hdev->features[4] & LMP_EV5)
632 hdev->esco_type |= (ESCO_EV5);
634 if (hdev->features[5] & LMP_EDR_ESCO_2M)
635 hdev->esco_type |= (ESCO_2EV3);
637 if (hdev->features[5] & LMP_EDR_ESCO_3M)
638 hdev->esco_type |= (ESCO_3EV3);
640 if (hdev->features[5] & LMP_EDR_3S_ESCO)
641 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
643 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
644 hdev->features[0], hdev->features[1],
645 hdev->features[2], hdev->features[3],
646 hdev->features[4], hdev->features[5],
647 hdev->features[6], hdev->features[7]);
650 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
652 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
654 BT_DBG("%s status 0x%x", hdev->name, rp->status);
659 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
660 hdev->sco_mtu = rp->sco_mtu;
661 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
662 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
664 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
669 hdev->acl_cnt = hdev->acl_pkts;
670 hdev->sco_cnt = hdev->sco_pkts;
672 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
673 hdev->acl_mtu, hdev->acl_pkts,
674 hdev->sco_mtu, hdev->sco_pkts);
677 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
679 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
681 BT_DBG("%s status 0x%x", hdev->name, rp->status);
684 bacpy(&hdev->bdaddr, &rp->bdaddr);
686 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
689 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
691 __u8 status = *((__u8 *) skb->data);
693 BT_DBG("%s status 0x%x", hdev->name, status);
695 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
698 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
701 __u8 status = *((__u8 *) skb->data);
703 BT_DBG("%s status 0x%x", hdev->name, status);
705 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
708 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
710 __u8 status = *((__u8 *) skb->data);
712 BT_DBG("%s status 0x%x", hdev->name, status);
714 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
717 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
720 __u8 status = *((__u8 *) skb->data);
722 BT_DBG("%s status 0x%x", hdev->name, status);
724 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
727 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
730 __u8 status = *((__u8 *) skb->data);
732 BT_DBG("%s status 0x%x", hdev->name, status);
734 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
737 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
739 __u8 status = *((__u8 *) skb->data);
741 BT_DBG("%s status 0x%x", hdev->name, status);
743 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
746 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
748 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
749 struct hci_cp_pin_code_reply *cp;
750 struct hci_conn *conn;
752 BT_DBG("%s status 0x%x", hdev->name, rp->status);
754 if (test_bit(HCI_MGMT, &hdev->flags))
755 mgmt_pin_code_reply_complete(hdev->id, &rp->bdaddr, rp->status);
760 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
764 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
766 conn->pin_length = cp->pin_len;
769 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
771 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
773 BT_DBG("%s status 0x%x", hdev->name, rp->status);
775 if (test_bit(HCI_MGMT, &hdev->flags))
776 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
779 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
782 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
784 BT_DBG("%s status 0x%x", hdev->name, rp->status);
789 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
790 hdev->le_pkts = rp->le_max_pkt;
792 hdev->le_cnt = hdev->le_pkts;
794 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
796 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
799 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
801 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
803 BT_DBG("%s status 0x%x", hdev->name, rp->status);
805 if (test_bit(HCI_MGMT, &hdev->flags))
806 mgmt_user_confirm_reply_complete(hdev->id, &rp->bdaddr,
810 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
813 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
815 BT_DBG("%s status 0x%x", hdev->name, rp->status);
817 if (test_bit(HCI_MGMT, &hdev->flags))
818 mgmt_user_confirm_neg_reply_complete(hdev->id, &rp->bdaddr,
822 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
824 BT_DBG("%s status 0x%x", hdev->name, status);
827 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
829 hci_conn_check_pending(hdev);
831 set_bit(HCI_INQUIRY, &hdev->flags);
834 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
836 struct hci_cp_create_conn *cp;
837 struct hci_conn *conn;
839 BT_DBG("%s status 0x%x", hdev->name, status);
841 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
847 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
849 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
852 if (conn && conn->state == BT_CONNECT) {
853 if (status != 0x0c || conn->attempt > 2) {
854 conn->state = BT_CLOSED;
855 hci_proto_connect_cfm(conn, status);
858 conn->state = BT_CONNECT2;
862 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
865 conn->link_mode |= HCI_LM_MASTER;
867 BT_ERR("No memory for new connection");
871 hci_dev_unlock(hdev);
874 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
876 struct hci_cp_add_sco *cp;
877 struct hci_conn *acl, *sco;
880 BT_DBG("%s status 0x%x", hdev->name, status);
885 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
889 handle = __le16_to_cpu(cp->handle);
891 BT_DBG("%s handle %d", hdev->name, handle);
895 acl = hci_conn_hash_lookup_handle(hdev, handle);
899 sco->state = BT_CLOSED;
901 hci_proto_connect_cfm(sco, status);
906 hci_dev_unlock(hdev);
909 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
911 struct hci_cp_auth_requested *cp;
912 struct hci_conn *conn;
914 BT_DBG("%s status 0x%x", hdev->name, status);
919 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
925 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
927 if (conn->state == BT_CONFIG) {
928 hci_proto_connect_cfm(conn, status);
933 hci_dev_unlock(hdev);
936 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
938 struct hci_cp_set_conn_encrypt *cp;
939 struct hci_conn *conn;
941 BT_DBG("%s status 0x%x", hdev->name, status);
946 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
952 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
954 if (conn->state == BT_CONFIG) {
955 hci_proto_connect_cfm(conn, status);
960 hci_dev_unlock(hdev);
963 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
964 struct hci_conn *conn)
966 if (conn->state != BT_CONFIG || !conn->out)
969 if (conn->pending_sec_level == BT_SECURITY_SDP)
972 /* Only request authentication for SSP connections or non-SSP
973 * devices with sec_level HIGH */
974 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
975 conn->pending_sec_level != BT_SECURITY_HIGH)
981 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
983 struct hci_cp_remote_name_req *cp;
984 struct hci_conn *conn;
986 BT_DBG("%s status 0x%x", hdev->name, status);
988 /* If successful wait for the name req complete event before
989 * checking for the need to do authentication */
993 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
999 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1000 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1001 struct hci_cp_auth_requested cp;
1002 cp.handle = __cpu_to_le16(conn->handle);
1003 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1006 hci_dev_unlock(hdev);
1009 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1011 struct hci_cp_read_remote_features *cp;
1012 struct hci_conn *conn;
1014 BT_DBG("%s status 0x%x", hdev->name, status);
1019 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1025 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1027 if (conn->state == BT_CONFIG) {
1028 hci_proto_connect_cfm(conn, status);
1033 hci_dev_unlock(hdev);
1036 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1038 struct hci_cp_read_remote_ext_features *cp;
1039 struct hci_conn *conn;
1041 BT_DBG("%s status 0x%x", hdev->name, status);
1046 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1052 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1054 if (conn->state == BT_CONFIG) {
1055 hci_proto_connect_cfm(conn, status);
1060 hci_dev_unlock(hdev);
1063 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1065 struct hci_cp_setup_sync_conn *cp;
1066 struct hci_conn *acl, *sco;
1069 BT_DBG("%s status 0x%x", hdev->name, status);
1074 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1078 handle = __le16_to_cpu(cp->handle);
1080 BT_DBG("%s handle %d", hdev->name, handle);
1084 acl = hci_conn_hash_lookup_handle(hdev, handle);
1088 sco->state = BT_CLOSED;
1090 hci_proto_connect_cfm(sco, status);
1095 hci_dev_unlock(hdev);
1098 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1100 struct hci_cp_sniff_mode *cp;
1101 struct hci_conn *conn;
1103 BT_DBG("%s status 0x%x", hdev->name, status);
1108 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1114 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1116 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1118 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1119 hci_sco_setup(conn, status);
1122 hci_dev_unlock(hdev);
1125 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1127 struct hci_cp_exit_sniff_mode *cp;
1128 struct hci_conn *conn;
1130 BT_DBG("%s status 0x%x", hdev->name, status);
1135 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1141 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1143 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1145 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1146 hci_sco_setup(conn, status);
1149 hci_dev_unlock(hdev);
1152 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1154 struct hci_cp_le_create_conn *cp;
1155 struct hci_conn *conn;
1157 BT_DBG("%s status 0x%x", hdev->name, status);
1159 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1165 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1167 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1171 if (conn && conn->state == BT_CONNECT) {
1172 conn->state = BT_CLOSED;
1173 hci_proto_connect_cfm(conn, status);
1178 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1182 BT_ERR("No memory for new connection");
1186 hci_dev_unlock(hdev);
1189 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1191 __u8 status = *((__u8 *) skb->data);
1193 BT_DBG("%s status %d", hdev->name, status);
1195 clear_bit(HCI_INQUIRY, &hdev->flags);
1197 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1199 hci_conn_check_pending(hdev);
1202 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1204 struct inquiry_data data;
1205 struct inquiry_info *info = (void *) (skb->data + 1);
1206 int num_rsp = *((__u8 *) skb->data);
1208 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1215 for (; num_rsp; num_rsp--) {
1216 bacpy(&data.bdaddr, &info->bdaddr);
1217 data.pscan_rep_mode = info->pscan_rep_mode;
1218 data.pscan_period_mode = info->pscan_period_mode;
1219 data.pscan_mode = info->pscan_mode;
1220 memcpy(data.dev_class, info->dev_class, 3);
1221 data.clock_offset = info->clock_offset;
1223 data.ssp_mode = 0x00;
1225 hci_inquiry_cache_update(hdev, &data);
1228 hci_dev_unlock(hdev);
1231 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1233 struct hci_ev_conn_complete *ev = (void *) skb->data;
1234 struct hci_conn *conn;
1236 BT_DBG("%s", hdev->name);
1240 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1242 if (ev->link_type != SCO_LINK)
1245 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1249 conn->type = SCO_LINK;
1253 conn->handle = __le16_to_cpu(ev->handle);
1255 if (conn->type == ACL_LINK) {
1256 conn->state = BT_CONFIG;
1257 hci_conn_hold(conn);
1258 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1259 mgmt_connected(hdev->id, &ev->bdaddr);
1261 conn->state = BT_CONNECTED;
1263 hci_conn_hold_device(conn);
1264 hci_conn_add_sysfs(conn);
1266 if (test_bit(HCI_AUTH, &hdev->flags))
1267 conn->link_mode |= HCI_LM_AUTH;
1269 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1270 conn->link_mode |= HCI_LM_ENCRYPT;
1272 /* Get remote features */
1273 if (conn->type == ACL_LINK) {
1274 struct hci_cp_read_remote_features cp;
1275 cp.handle = ev->handle;
1276 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1280 /* Set packet type for incoming connection */
1281 if (!conn->out && hdev->hci_ver < 3) {
1282 struct hci_cp_change_conn_ptype cp;
1283 cp.handle = ev->handle;
1284 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1285 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1289 conn->state = BT_CLOSED;
1290 if (conn->type == ACL_LINK)
1291 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1294 if (conn->type == ACL_LINK)
1295 hci_sco_setup(conn, ev->status);
1298 hci_proto_connect_cfm(conn, ev->status);
1300 } else if (ev->link_type != ACL_LINK)
1301 hci_proto_connect_cfm(conn, ev->status);
1304 hci_dev_unlock(hdev);
1306 hci_conn_check_pending(hdev);
1309 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1311 struct hci_ev_conn_request *ev = (void *) skb->data;
1312 int mask = hdev->link_mode;
1314 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1315 batostr(&ev->bdaddr), ev->link_type);
1317 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1319 if ((mask & HCI_LM_ACCEPT) &&
1320 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1321 /* Connection accepted */
1322 struct inquiry_entry *ie;
1323 struct hci_conn *conn;
1327 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1329 memcpy(ie->data.dev_class, ev->dev_class, 3);
1331 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1333 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1335 BT_ERR("No memory for new connection");
1336 hci_dev_unlock(hdev);
1341 memcpy(conn->dev_class, ev->dev_class, 3);
1342 conn->state = BT_CONNECT;
1344 hci_dev_unlock(hdev);
1346 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1347 struct hci_cp_accept_conn_req cp;
1349 bacpy(&cp.bdaddr, &ev->bdaddr);
1351 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1352 cp.role = 0x00; /* Become master */
1354 cp.role = 0x01; /* Remain slave */
1356 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1359 struct hci_cp_accept_sync_conn_req cp;
1361 bacpy(&cp.bdaddr, &ev->bdaddr);
1362 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1364 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1365 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1366 cp.max_latency = cpu_to_le16(0xffff);
1367 cp.content_format = cpu_to_le16(hdev->voice_setting);
1368 cp.retrans_effort = 0xff;
1370 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1374 /* Connection rejected */
1375 struct hci_cp_reject_conn_req cp;
1377 bacpy(&cp.bdaddr, &ev->bdaddr);
1379 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1383 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1385 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1386 struct hci_conn *conn;
1388 BT_DBG("%s status %d", hdev->name, ev->status);
1391 mgmt_disconnect_failed(hdev->id);
1397 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1401 conn->state = BT_CLOSED;
1403 if (conn->type == ACL_LINK)
1404 mgmt_disconnected(hdev->id, &conn->dst);
1406 hci_proto_disconn_cfm(conn, ev->reason);
1410 hci_dev_unlock(hdev);
1413 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1415 struct hci_ev_auth_complete *ev = (void *) skb->data;
1416 struct hci_conn *conn;
1418 BT_DBG("%s status %d", hdev->name, ev->status);
1422 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1425 conn->link_mode |= HCI_LM_AUTH;
1426 conn->sec_level = conn->pending_sec_level;
1428 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
1429 conn->sec_level = BT_SECURITY_LOW;
1432 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1434 if (conn->state == BT_CONFIG) {
1435 if (!ev->status && hdev->ssp_mode > 0 &&
1436 conn->ssp_mode > 0) {
1437 struct hci_cp_set_conn_encrypt cp;
1438 cp.handle = ev->handle;
1440 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1443 conn->state = BT_CONNECTED;
1444 hci_proto_connect_cfm(conn, ev->status);
1448 hci_auth_cfm(conn, ev->status);
1450 hci_conn_hold(conn);
1451 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1455 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1457 struct hci_cp_set_conn_encrypt cp;
1458 cp.handle = ev->handle;
1460 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1463 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1464 hci_encrypt_cfm(conn, ev->status, 0x00);
1469 hci_dev_unlock(hdev);
1472 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1474 struct hci_ev_remote_name *ev = (void *) skb->data;
1475 struct hci_conn *conn;
1477 BT_DBG("%s", hdev->name);
1479 hci_conn_check_pending(hdev);
1483 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1484 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1485 struct hci_cp_auth_requested cp;
1486 cp.handle = __cpu_to_le16(conn->handle);
1487 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1490 hci_dev_unlock(hdev);
1493 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1495 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1496 struct hci_conn *conn;
1498 BT_DBG("%s status %d", hdev->name, ev->status);
1502 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1506 /* Encryption implies authentication */
1507 conn->link_mode |= HCI_LM_AUTH;
1508 conn->link_mode |= HCI_LM_ENCRYPT;
1510 conn->link_mode &= ~HCI_LM_ENCRYPT;
1513 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1515 if (conn->state == BT_CONFIG) {
1517 conn->state = BT_CONNECTED;
1519 hci_proto_connect_cfm(conn, ev->status);
1522 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1525 hci_dev_unlock(hdev);
1528 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1530 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1531 struct hci_conn *conn;
1533 BT_DBG("%s status %d", hdev->name, ev->status);
1537 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1540 conn->link_mode |= HCI_LM_SECURE;
1542 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1544 hci_key_change_cfm(conn, ev->status);
1547 hci_dev_unlock(hdev);
1550 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1552 struct hci_ev_remote_features *ev = (void *) skb->data;
1553 struct hci_conn *conn;
1555 BT_DBG("%s status %d", hdev->name, ev->status);
1559 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1564 memcpy(conn->features, ev->features, 8);
1566 if (conn->state != BT_CONFIG)
1569 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1570 struct hci_cp_read_remote_ext_features cp;
1571 cp.handle = ev->handle;
1573 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1579 struct hci_cp_remote_name_req cp;
1580 memset(&cp, 0, sizeof(cp));
1581 bacpy(&cp.bdaddr, &conn->dst);
1582 cp.pscan_rep_mode = 0x02;
1583 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1586 if (!hci_outgoing_auth_needed(hdev, conn)) {
1587 conn->state = BT_CONNECTED;
1588 hci_proto_connect_cfm(conn, ev->status);
1593 hci_dev_unlock(hdev);
1596 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1598 BT_DBG("%s", hdev->name);
1601 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1603 BT_DBG("%s", hdev->name);
1606 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1608 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1611 skb_pull(skb, sizeof(*ev));
1613 opcode = __le16_to_cpu(ev->opcode);
1616 case HCI_OP_INQUIRY_CANCEL:
1617 hci_cc_inquiry_cancel(hdev, skb);
1620 case HCI_OP_EXIT_PERIODIC_INQ:
1621 hci_cc_exit_periodic_inq(hdev, skb);
1624 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1625 hci_cc_remote_name_req_cancel(hdev, skb);
1628 case HCI_OP_ROLE_DISCOVERY:
1629 hci_cc_role_discovery(hdev, skb);
1632 case HCI_OP_READ_LINK_POLICY:
1633 hci_cc_read_link_policy(hdev, skb);
1636 case HCI_OP_WRITE_LINK_POLICY:
1637 hci_cc_write_link_policy(hdev, skb);
1640 case HCI_OP_READ_DEF_LINK_POLICY:
1641 hci_cc_read_def_link_policy(hdev, skb);
1644 case HCI_OP_WRITE_DEF_LINK_POLICY:
1645 hci_cc_write_def_link_policy(hdev, skb);
1649 hci_cc_reset(hdev, skb);
1652 case HCI_OP_WRITE_LOCAL_NAME:
1653 hci_cc_write_local_name(hdev, skb);
1656 case HCI_OP_READ_LOCAL_NAME:
1657 hci_cc_read_local_name(hdev, skb);
1660 case HCI_OP_WRITE_AUTH_ENABLE:
1661 hci_cc_write_auth_enable(hdev, skb);
1664 case HCI_OP_WRITE_ENCRYPT_MODE:
1665 hci_cc_write_encrypt_mode(hdev, skb);
1668 case HCI_OP_WRITE_SCAN_ENABLE:
1669 hci_cc_write_scan_enable(hdev, skb);
1672 case HCI_OP_READ_CLASS_OF_DEV:
1673 hci_cc_read_class_of_dev(hdev, skb);
1676 case HCI_OP_WRITE_CLASS_OF_DEV:
1677 hci_cc_write_class_of_dev(hdev, skb);
1680 case HCI_OP_READ_VOICE_SETTING:
1681 hci_cc_read_voice_setting(hdev, skb);
1684 case HCI_OP_WRITE_VOICE_SETTING:
1685 hci_cc_write_voice_setting(hdev, skb);
1688 case HCI_OP_HOST_BUFFER_SIZE:
1689 hci_cc_host_buffer_size(hdev, skb);
1692 case HCI_OP_READ_SSP_MODE:
1693 hci_cc_read_ssp_mode(hdev, skb);
1696 case HCI_OP_WRITE_SSP_MODE:
1697 hci_cc_write_ssp_mode(hdev, skb);
1700 case HCI_OP_READ_LOCAL_VERSION:
1701 hci_cc_read_local_version(hdev, skb);
1704 case HCI_OP_READ_LOCAL_COMMANDS:
1705 hci_cc_read_local_commands(hdev, skb);
1708 case HCI_OP_READ_LOCAL_FEATURES:
1709 hci_cc_read_local_features(hdev, skb);
1712 case HCI_OP_READ_BUFFER_SIZE:
1713 hci_cc_read_buffer_size(hdev, skb);
1716 case HCI_OP_READ_BD_ADDR:
1717 hci_cc_read_bd_addr(hdev, skb);
1720 case HCI_OP_WRITE_CA_TIMEOUT:
1721 hci_cc_write_ca_timeout(hdev, skb);
1724 case HCI_OP_DELETE_STORED_LINK_KEY:
1725 hci_cc_delete_stored_link_key(hdev, skb);
1728 case HCI_OP_SET_EVENT_MASK:
1729 hci_cc_set_event_mask(hdev, skb);
1732 case HCI_OP_WRITE_INQUIRY_MODE:
1733 hci_cc_write_inquiry_mode(hdev, skb);
1736 case HCI_OP_READ_INQ_RSP_TX_POWER:
1737 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1740 case HCI_OP_SET_EVENT_FLT:
1741 hci_cc_set_event_flt(hdev, skb);
1744 case HCI_OP_PIN_CODE_REPLY:
1745 hci_cc_pin_code_reply(hdev, skb);
1748 case HCI_OP_PIN_CODE_NEG_REPLY:
1749 hci_cc_pin_code_neg_reply(hdev, skb);
1752 case HCI_OP_LE_READ_BUFFER_SIZE:
1753 hci_cc_le_read_buffer_size(hdev, skb);
1756 case HCI_OP_USER_CONFIRM_REPLY:
1757 hci_cc_user_confirm_reply(hdev, skb);
1760 case HCI_OP_USER_CONFIRM_NEG_REPLY:
1761 hci_cc_user_confirm_neg_reply(hdev, skb);
1765 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1769 if (ev->opcode != HCI_OP_NOP)
1770 del_timer(&hdev->cmd_timer);
1773 atomic_set(&hdev->cmd_cnt, 1);
1774 if (!skb_queue_empty(&hdev->cmd_q))
1775 tasklet_schedule(&hdev->cmd_task);
1779 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1781 struct hci_ev_cmd_status *ev = (void *) skb->data;
1784 skb_pull(skb, sizeof(*ev));
1786 opcode = __le16_to_cpu(ev->opcode);
1789 case HCI_OP_INQUIRY:
1790 hci_cs_inquiry(hdev, ev->status);
1793 case HCI_OP_CREATE_CONN:
1794 hci_cs_create_conn(hdev, ev->status);
1797 case HCI_OP_ADD_SCO:
1798 hci_cs_add_sco(hdev, ev->status);
1801 case HCI_OP_AUTH_REQUESTED:
1802 hci_cs_auth_requested(hdev, ev->status);
1805 case HCI_OP_SET_CONN_ENCRYPT:
1806 hci_cs_set_conn_encrypt(hdev, ev->status);
1809 case HCI_OP_REMOTE_NAME_REQ:
1810 hci_cs_remote_name_req(hdev, ev->status);
1813 case HCI_OP_READ_REMOTE_FEATURES:
1814 hci_cs_read_remote_features(hdev, ev->status);
1817 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1818 hci_cs_read_remote_ext_features(hdev, ev->status);
1821 case HCI_OP_SETUP_SYNC_CONN:
1822 hci_cs_setup_sync_conn(hdev, ev->status);
1825 case HCI_OP_SNIFF_MODE:
1826 hci_cs_sniff_mode(hdev, ev->status);
1829 case HCI_OP_EXIT_SNIFF_MODE:
1830 hci_cs_exit_sniff_mode(hdev, ev->status);
1833 case HCI_OP_DISCONNECT:
1834 if (ev->status != 0)
1835 mgmt_disconnect_failed(hdev->id);
1838 case HCI_OP_LE_CREATE_CONN:
1839 hci_cs_le_create_conn(hdev, ev->status);
1843 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1847 if (ev->opcode != HCI_OP_NOP)
1848 del_timer(&hdev->cmd_timer);
1851 atomic_set(&hdev->cmd_cnt, 1);
1852 if (!skb_queue_empty(&hdev->cmd_q))
1853 tasklet_schedule(&hdev->cmd_task);
1857 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1859 struct hci_ev_role_change *ev = (void *) skb->data;
1860 struct hci_conn *conn;
1862 BT_DBG("%s status %d", hdev->name, ev->status);
1866 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1870 conn->link_mode &= ~HCI_LM_MASTER;
1872 conn->link_mode |= HCI_LM_MASTER;
1875 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1877 hci_role_switch_cfm(conn, ev->status, ev->role);
1880 hci_dev_unlock(hdev);
1883 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1885 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1889 skb_pull(skb, sizeof(*ev));
1891 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1893 if (skb->len < ev->num_hndl * 4) {
1894 BT_DBG("%s bad parameters", hdev->name);
1898 tasklet_disable(&hdev->tx_task);
1900 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1901 struct hci_conn *conn;
1902 __u16 handle, count;
1904 handle = get_unaligned_le16(ptr++);
1905 count = get_unaligned_le16(ptr++);
1907 conn = hci_conn_hash_lookup_handle(hdev, handle);
1909 conn->sent -= count;
1911 if (conn->type == ACL_LINK) {
1912 hdev->acl_cnt += count;
1913 if (hdev->acl_cnt > hdev->acl_pkts)
1914 hdev->acl_cnt = hdev->acl_pkts;
1915 } else if (conn->type == LE_LINK) {
1916 if (hdev->le_pkts) {
1917 hdev->le_cnt += count;
1918 if (hdev->le_cnt > hdev->le_pkts)
1919 hdev->le_cnt = hdev->le_pkts;
1921 hdev->acl_cnt += count;
1922 if (hdev->acl_cnt > hdev->acl_pkts)
1923 hdev->acl_cnt = hdev->acl_pkts;
1926 hdev->sco_cnt += count;
1927 if (hdev->sco_cnt > hdev->sco_pkts)
1928 hdev->sco_cnt = hdev->sco_pkts;
1933 tasklet_schedule(&hdev->tx_task);
1935 tasklet_enable(&hdev->tx_task);
1938 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1940 struct hci_ev_mode_change *ev = (void *) skb->data;
1941 struct hci_conn *conn;
1943 BT_DBG("%s status %d", hdev->name, ev->status);
1947 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1949 conn->mode = ev->mode;
1950 conn->interval = __le16_to_cpu(ev->interval);
1952 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1953 if (conn->mode == HCI_CM_ACTIVE)
1954 conn->power_save = 1;
1956 conn->power_save = 0;
1959 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1960 hci_sco_setup(conn, ev->status);
1963 hci_dev_unlock(hdev);
1966 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1968 struct hci_ev_pin_code_req *ev = (void *) skb->data;
1969 struct hci_conn *conn;
1971 BT_DBG("%s", hdev->name);
1975 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1976 if (conn && conn->state == BT_CONNECTED) {
1977 hci_conn_hold(conn);
1978 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1982 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
1983 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1984 sizeof(ev->bdaddr), &ev->bdaddr);
1986 if (test_bit(HCI_MGMT, &hdev->flags))
1987 mgmt_pin_code_request(hdev->id, &ev->bdaddr);
1989 hci_dev_unlock(hdev);
1992 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1994 struct hci_ev_link_key_req *ev = (void *) skb->data;
1995 struct hci_cp_link_key_reply cp;
1996 struct hci_conn *conn;
1997 struct link_key *key;
1999 BT_DBG("%s", hdev->name);
2001 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2006 key = hci_find_link_key(hdev, &ev->bdaddr);
2008 BT_DBG("%s link key not found for %s", hdev->name,
2009 batostr(&ev->bdaddr));
2013 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2014 batostr(&ev->bdaddr));
2016 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) && key->type == 0x03) {
2017 BT_DBG("%s ignoring debug key", hdev->name);
2021 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2023 if (key->type == 0x04 && conn && conn->auth_type != 0xff &&
2024 (conn->auth_type & 0x01)) {
2025 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2029 bacpy(&cp.bdaddr, &ev->bdaddr);
2030 memcpy(cp.link_key, key->val, 16);
2032 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2034 hci_dev_unlock(hdev);
2039 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2040 hci_dev_unlock(hdev);
2043 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2045 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2046 struct hci_conn *conn;
2049 BT_DBG("%s", hdev->name);
2053 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2055 hci_conn_hold(conn);
2056 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2057 pin_len = conn->pin_length;
2061 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2062 hci_add_link_key(hdev, 1, &ev->bdaddr, ev->link_key,
2063 ev->key_type, pin_len);
2065 hci_dev_unlock(hdev);
2068 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2070 struct hci_ev_clock_offset *ev = (void *) skb->data;
2071 struct hci_conn *conn;
2073 BT_DBG("%s status %d", hdev->name, ev->status);
2077 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2078 if (conn && !ev->status) {
2079 struct inquiry_entry *ie;
2081 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2083 ie->data.clock_offset = ev->clock_offset;
2084 ie->timestamp = jiffies;
2088 hci_dev_unlock(hdev);
2091 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2093 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2094 struct hci_conn *conn;
2096 BT_DBG("%s status %d", hdev->name, ev->status);
2100 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2101 if (conn && !ev->status)
2102 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2104 hci_dev_unlock(hdev);
2107 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2109 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2110 struct inquiry_entry *ie;
2112 BT_DBG("%s", hdev->name);
2116 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2118 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2119 ie->timestamp = jiffies;
2122 hci_dev_unlock(hdev);
2125 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2127 struct inquiry_data data;
2128 int num_rsp = *((__u8 *) skb->data);
2130 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2137 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2138 struct inquiry_info_with_rssi_and_pscan_mode *info;
2139 info = (void *) (skb->data + 1);
2141 for (; num_rsp; num_rsp--) {
2142 bacpy(&data.bdaddr, &info->bdaddr);
2143 data.pscan_rep_mode = info->pscan_rep_mode;
2144 data.pscan_period_mode = info->pscan_period_mode;
2145 data.pscan_mode = info->pscan_mode;
2146 memcpy(data.dev_class, info->dev_class, 3);
2147 data.clock_offset = info->clock_offset;
2148 data.rssi = info->rssi;
2149 data.ssp_mode = 0x00;
2151 hci_inquiry_cache_update(hdev, &data);
2154 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2156 for (; num_rsp; num_rsp--) {
2157 bacpy(&data.bdaddr, &info->bdaddr);
2158 data.pscan_rep_mode = info->pscan_rep_mode;
2159 data.pscan_period_mode = info->pscan_period_mode;
2160 data.pscan_mode = 0x00;
2161 memcpy(data.dev_class, info->dev_class, 3);
2162 data.clock_offset = info->clock_offset;
2163 data.rssi = info->rssi;
2164 data.ssp_mode = 0x00;
2166 hci_inquiry_cache_update(hdev, &data);
2170 hci_dev_unlock(hdev);
2173 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2175 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2176 struct hci_conn *conn;
2178 BT_DBG("%s", hdev->name);
2182 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2186 if (!ev->status && ev->page == 0x01) {
2187 struct inquiry_entry *ie;
2189 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2191 ie->data.ssp_mode = (ev->features[0] & 0x01);
2193 conn->ssp_mode = (ev->features[0] & 0x01);
2196 if (conn->state != BT_CONFIG)
2200 struct hci_cp_remote_name_req cp;
2201 memset(&cp, 0, sizeof(cp));
2202 bacpy(&cp.bdaddr, &conn->dst);
2203 cp.pscan_rep_mode = 0x02;
2204 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2207 if (!hci_outgoing_auth_needed(hdev, conn)) {
2208 conn->state = BT_CONNECTED;
2209 hci_proto_connect_cfm(conn, ev->status);
2214 hci_dev_unlock(hdev);
2217 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2219 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2220 struct hci_conn *conn;
2222 BT_DBG("%s status %d", hdev->name, ev->status);
2226 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2228 if (ev->link_type == ESCO_LINK)
2231 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2235 conn->type = SCO_LINK;
2238 switch (ev->status) {
2240 conn->handle = __le16_to_cpu(ev->handle);
2241 conn->state = BT_CONNECTED;
2243 hci_conn_hold_device(conn);
2244 hci_conn_add_sysfs(conn);
2247 case 0x11: /* Unsupported Feature or Parameter Value */
2248 case 0x1c: /* SCO interval rejected */
2249 case 0x1a: /* Unsupported Remote Feature */
2250 case 0x1f: /* Unspecified error */
2251 if (conn->out && conn->attempt < 2) {
2252 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2253 (hdev->esco_type & EDR_ESCO_MASK);
2254 hci_setup_sync(conn, conn->link->handle);
2260 conn->state = BT_CLOSED;
2264 hci_proto_connect_cfm(conn, ev->status);
2269 hci_dev_unlock(hdev);
2272 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2274 BT_DBG("%s", hdev->name);
2277 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2279 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2281 BT_DBG("%s status %d", hdev->name, ev->status);
2284 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2286 struct inquiry_data data;
2287 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2288 int num_rsp = *((__u8 *) skb->data);
2290 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2297 for (; num_rsp; num_rsp--) {
2298 bacpy(&data.bdaddr, &info->bdaddr);
2299 data.pscan_rep_mode = info->pscan_rep_mode;
2300 data.pscan_period_mode = info->pscan_period_mode;
2301 data.pscan_mode = 0x00;
2302 memcpy(data.dev_class, info->dev_class, 3);
2303 data.clock_offset = info->clock_offset;
2304 data.rssi = info->rssi;
2305 data.ssp_mode = 0x01;
2307 hci_inquiry_cache_update(hdev, &data);
2310 hci_dev_unlock(hdev);
2313 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2315 /* If remote requests dedicated bonding follow that lead */
2316 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2317 /* If both remote and local IO capabilities allow MITM
2318 * protection then require it, otherwise don't */
2319 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2325 /* If remote requests no-bonding follow that lead */
2326 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2329 return conn->auth_type;
2332 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2334 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2335 struct hci_conn *conn;
2337 BT_DBG("%s", hdev->name);
2341 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2345 hci_conn_hold(conn);
2347 if (!test_bit(HCI_MGMT, &hdev->flags))
2350 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2351 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2352 struct hci_cp_io_capability_reply cp;
2354 bacpy(&cp.bdaddr, &ev->bdaddr);
2355 cp.capability = conn->io_capability;
2357 cp.authentication = hci_get_auth_req(conn);
2359 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2362 struct hci_cp_io_capability_neg_reply cp;
2364 bacpy(&cp.bdaddr, &ev->bdaddr);
2365 cp.reason = 0x16; /* Pairing not allowed */
2367 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2372 hci_dev_unlock(hdev);
2375 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2377 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2378 struct hci_conn *conn;
2380 BT_DBG("%s", hdev->name);
2384 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2388 hci_conn_hold(conn);
2390 conn->remote_cap = ev->capability;
2391 conn->remote_oob = ev->oob_data;
2392 conn->remote_auth = ev->authentication;
2395 hci_dev_unlock(hdev);
2398 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2399 struct sk_buff *skb)
2401 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2403 BT_DBG("%s", hdev->name);
2407 if (test_bit(HCI_MGMT, &hdev->flags))
2408 mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey);
2410 hci_dev_unlock(hdev);
2413 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2415 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2416 struct hci_conn *conn;
2418 BT_DBG("%s", hdev->name);
2422 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2426 /* To avoid duplicate auth_failed events to user space we check
2427 * the HCI_CONN_AUTH_PEND flag which will be set if we
2428 * initiated the authentication. A traditional auth_complete
2429 * event gets always produced as initiator and is also mapped to
2430 * the mgmt_auth_failed event */
2431 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2432 mgmt_auth_failed(hdev->id, &conn->dst, ev->status);
2437 hci_dev_unlock(hdev);
2440 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2442 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2443 struct inquiry_entry *ie;
2445 BT_DBG("%s", hdev->name);
2449 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2451 ie->data.ssp_mode = (ev->features[0] & 0x01);
2453 hci_dev_unlock(hdev);
2456 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2458 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2459 struct hci_conn *conn;
2461 BT_DBG("%s status %d", hdev->name, ev->status);
2465 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2467 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2469 BT_ERR("No memory for new connection");
2470 hci_dev_unlock(hdev);
2476 hci_proto_connect_cfm(conn, ev->status);
2477 conn->state = BT_CLOSED;
2482 conn->handle = __le16_to_cpu(ev->handle);
2483 conn->state = BT_CONNECTED;
2485 hci_conn_hold_device(conn);
2486 hci_conn_add_sysfs(conn);
2488 hci_proto_connect_cfm(conn, ev->status);
2491 hci_dev_unlock(hdev);
2494 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2496 struct hci_ev_le_meta *le_ev = (void *) skb->data;
2498 skb_pull(skb, sizeof(*le_ev));
2500 switch (le_ev->subevent) {
2501 case HCI_EV_LE_CONN_COMPLETE:
2502 hci_le_conn_complete_evt(hdev, skb);
2510 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2512 struct hci_event_hdr *hdr = (void *) skb->data;
2513 __u8 event = hdr->evt;
2515 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2518 case HCI_EV_INQUIRY_COMPLETE:
2519 hci_inquiry_complete_evt(hdev, skb);
2522 case HCI_EV_INQUIRY_RESULT:
2523 hci_inquiry_result_evt(hdev, skb);
2526 case HCI_EV_CONN_COMPLETE:
2527 hci_conn_complete_evt(hdev, skb);
2530 case HCI_EV_CONN_REQUEST:
2531 hci_conn_request_evt(hdev, skb);
2534 case HCI_EV_DISCONN_COMPLETE:
2535 hci_disconn_complete_evt(hdev, skb);
2538 case HCI_EV_AUTH_COMPLETE:
2539 hci_auth_complete_evt(hdev, skb);
2542 case HCI_EV_REMOTE_NAME:
2543 hci_remote_name_evt(hdev, skb);
2546 case HCI_EV_ENCRYPT_CHANGE:
2547 hci_encrypt_change_evt(hdev, skb);
2550 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2551 hci_change_link_key_complete_evt(hdev, skb);
2554 case HCI_EV_REMOTE_FEATURES:
2555 hci_remote_features_evt(hdev, skb);
2558 case HCI_EV_REMOTE_VERSION:
2559 hci_remote_version_evt(hdev, skb);
2562 case HCI_EV_QOS_SETUP_COMPLETE:
2563 hci_qos_setup_complete_evt(hdev, skb);
2566 case HCI_EV_CMD_COMPLETE:
2567 hci_cmd_complete_evt(hdev, skb);
2570 case HCI_EV_CMD_STATUS:
2571 hci_cmd_status_evt(hdev, skb);
2574 case HCI_EV_ROLE_CHANGE:
2575 hci_role_change_evt(hdev, skb);
2578 case HCI_EV_NUM_COMP_PKTS:
2579 hci_num_comp_pkts_evt(hdev, skb);
2582 case HCI_EV_MODE_CHANGE:
2583 hci_mode_change_evt(hdev, skb);
2586 case HCI_EV_PIN_CODE_REQ:
2587 hci_pin_code_request_evt(hdev, skb);
2590 case HCI_EV_LINK_KEY_REQ:
2591 hci_link_key_request_evt(hdev, skb);
2594 case HCI_EV_LINK_KEY_NOTIFY:
2595 hci_link_key_notify_evt(hdev, skb);
2598 case HCI_EV_CLOCK_OFFSET:
2599 hci_clock_offset_evt(hdev, skb);
2602 case HCI_EV_PKT_TYPE_CHANGE:
2603 hci_pkt_type_change_evt(hdev, skb);
2606 case HCI_EV_PSCAN_REP_MODE:
2607 hci_pscan_rep_mode_evt(hdev, skb);
2610 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2611 hci_inquiry_result_with_rssi_evt(hdev, skb);
2614 case HCI_EV_REMOTE_EXT_FEATURES:
2615 hci_remote_ext_features_evt(hdev, skb);
2618 case HCI_EV_SYNC_CONN_COMPLETE:
2619 hci_sync_conn_complete_evt(hdev, skb);
2622 case HCI_EV_SYNC_CONN_CHANGED:
2623 hci_sync_conn_changed_evt(hdev, skb);
2626 case HCI_EV_SNIFF_SUBRATE:
2627 hci_sniff_subrate_evt(hdev, skb);
2630 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2631 hci_extended_inquiry_result_evt(hdev, skb);
2634 case HCI_EV_IO_CAPA_REQUEST:
2635 hci_io_capa_request_evt(hdev, skb);
2638 case HCI_EV_IO_CAPA_REPLY:
2639 hci_io_capa_reply_evt(hdev, skb);
2642 case HCI_EV_USER_CONFIRM_REQUEST:
2643 hci_user_confirm_request_evt(hdev, skb);
2646 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2647 hci_simple_pair_complete_evt(hdev, skb);
2650 case HCI_EV_REMOTE_HOST_FEATURES:
2651 hci_remote_host_features_evt(hdev, skb);
2654 case HCI_EV_LE_META:
2655 hci_le_meta_evt(hdev, skb);
2659 BT_DBG("%s event 0x%x", hdev->name, event);
2664 hdev->stat.evt_rx++;
2667 /* Generate internal stack event */
2668 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2670 struct hci_event_hdr *hdr;
2671 struct hci_ev_stack_internal *ev;
2672 struct sk_buff *skb;
2674 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2678 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2679 hdr->evt = HCI_EV_STACK_INTERNAL;
2680 hdr->plen = sizeof(*ev) + dlen;
2682 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2684 memcpy(ev->data, data, dlen);
2686 bt_cb(skb)->incoming = 1;
2687 __net_timestamp(skb);
2689 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
2690 skb->dev = (void *) hdev;
2691 hci_send_to_sock(hdev, skb, NULL);
git.openpandora.org / pandora-kernel.git / blob