2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 /* Handle HCI Event packets */
50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
52 __u8 status = *((__u8 *) skb->data);
54 BT_DBG("%s status 0x%x", hdev->name, status);
59 clear_bit(HCI_INQUIRY, &hdev->flags);
61 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
63 hci_conn_check_pending(hdev);
66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
68 __u8 status = *((__u8 *) skb->data);
70 BT_DBG("%s status 0x%x", hdev->name, status);
75 clear_bit(HCI_INQUIRY, &hdev->flags);
77 hci_conn_check_pending(hdev);
80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
82 BT_DBG("%s", hdev->name);
85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
100 conn->link_mode &= ~HCI_LM_MASTER;
102 conn->link_mode |= HCI_LM_MASTER;
105 hci_dev_unlock(hdev);
108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
122 conn->link_policy = __le16_to_cpu(rp->policy);
124 hci_dev_unlock(hdev);
127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
130 struct hci_conn *conn;
133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
146 conn->link_policy = get_unaligned_le16(sent + 2);
148 hci_dev_unlock(hdev);
151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
160 hdev->link_policy = __le16_to_cpu(rp->policy);
163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
165 __u8 status = *((__u8 *) skb->data);
168 BT_DBG("%s status 0x%x", hdev->name, status);
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
175 hdev->link_policy = get_unaligned_le16(sent);
177 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
182 __u8 status = *((__u8 *) skb->data);
184 BT_DBG("%s status 0x%x", hdev->name, status);
186 hci_req_complete(hdev, HCI_OP_RESET, status);
189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
191 __u8 status = *((__u8 *) skb->data);
194 BT_DBG("%s status 0x%x", hdev->name, status);
199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
203 memcpy(hdev->dev_name, sent, 248);
206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
215 memcpy(hdev->dev_name, rp->name, 248);
218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
220 __u8 status = *((__u8 *) skb->data);
223 BT_DBG("%s status 0x%x", hdev->name, status);
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
230 __u8 param = *((__u8 *) sent);
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
235 clear_bit(HCI_AUTH, &hdev->flags);
238 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
243 __u8 status = *((__u8 *) skb->data);
246 BT_DBG("%s status 0x%x", hdev->name, status);
248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
253 __u8 param = *((__u8 *) sent);
256 set_bit(HCI_ENCRYPT, &hdev->flags);
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
261 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
266 __u8 status = *((__u8 *) skb->data);
269 BT_DBG("%s status 0x%x", hdev->name, status);
271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
276 __u8 param = *((__u8 *) sent);
277 int old_pscan, old_iscan;
279 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
280 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
282 if (param & SCAN_INQUIRY) {
283 set_bit(HCI_ISCAN, &hdev->flags);
285 mgmt_discoverable(hdev->id, 1);
286 } else if (old_iscan)
287 mgmt_discoverable(hdev->id, 0);
289 if (param & SCAN_PAGE) {
290 set_bit(HCI_PSCAN, &hdev->flags);
292 mgmt_connectable(hdev->id, 1);
293 } else if (old_pscan)
294 mgmt_connectable(hdev->id, 0);
297 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
300 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
302 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
304 BT_DBG("%s status 0x%x", hdev->name, rp->status);
309 memcpy(hdev->dev_class, rp->dev_class, 3);
311 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
312 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
315 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
317 __u8 status = *((__u8 *) skb->data);
320 BT_DBG("%s status 0x%x", hdev->name, status);
325 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
329 memcpy(hdev->dev_class, sent, 3);
332 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
334 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
337 BT_DBG("%s status 0x%x", hdev->name, rp->status);
342 setting = __le16_to_cpu(rp->voice_setting);
344 if (hdev->voice_setting == setting)
347 hdev->voice_setting = setting;
349 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
352 tasklet_disable(&hdev->tx_task);
353 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
354 tasklet_enable(&hdev->tx_task);
358 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
360 __u8 status = *((__u8 *) skb->data);
364 BT_DBG("%s status 0x%x", hdev->name, status);
369 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
373 setting = get_unaligned_le16(sent);
375 if (hdev->voice_setting == setting)
378 hdev->voice_setting = setting;
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
383 tasklet_disable(&hdev->tx_task);
384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 tasklet_enable(&hdev->tx_task);
389 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
391 __u8 status = *((__u8 *) skb->data);
393 BT_DBG("%s status 0x%x", hdev->name, status);
395 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
398 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
400 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
402 BT_DBG("%s status 0x%x", hdev->name, rp->status);
407 hdev->ssp_mode = rp->mode;
410 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
412 __u8 status = *((__u8 *) skb->data);
415 BT_DBG("%s status 0x%x", hdev->name, status);
420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
424 hdev->ssp_mode = *((__u8 *) sent);
427 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
429 if (hdev->features[6] & LMP_EXT_INQ)
432 if (hdev->features[3] & LMP_RSSI_INQ)
435 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
436 hdev->lmp_subver == 0x0757)
439 if (hdev->manufacturer == 15) {
440 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
442 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
444 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
448 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
449 hdev->lmp_subver == 0x1805)
455 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
459 mode = hci_get_inquiry_mode(hdev);
461 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
464 static void hci_setup_event_mask(struct hci_dev *hdev)
466 /* The second byte is 0xff instead of 0x9f (two reserved bits
467 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
468 * command otherwise */
469 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
471 /* Events for 1.2 and newer controllers */
472 if (hdev->lmp_ver > 1) {
473 events[4] |= 0x01; /* Flow Specification Complete */
474 events[4] |= 0x02; /* Inquiry Result with RSSI */
475 events[4] |= 0x04; /* Read Remote Extended Features Complete */
476 events[5] |= 0x08; /* Synchronous Connection Complete */
477 events[5] |= 0x10; /* Synchronous Connection Changed */
480 if (hdev->features[3] & LMP_RSSI_INQ)
481 events[4] |= 0x04; /* Inquiry Result with RSSI */
483 if (hdev->features[5] & LMP_SNIFF_SUBR)
484 events[5] |= 0x20; /* Sniff Subrating */
486 if (hdev->features[5] & LMP_PAUSE_ENC)
487 events[5] |= 0x80; /* Encryption Key Refresh Complete */
489 if (hdev->features[6] & LMP_EXT_INQ)
490 events[5] |= 0x40; /* Extended Inquiry Result */
492 if (hdev->features[6] & LMP_NO_FLUSH)
493 events[7] |= 0x01; /* Enhanced Flush Complete */
495 if (hdev->features[7] & LMP_LSTO)
496 events[6] |= 0x80; /* Link Supervision Timeout Changed */
498 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
499 events[6] |= 0x01; /* IO Capability Request */
500 events[6] |= 0x02; /* IO Capability Response */
501 events[6] |= 0x04; /* User Confirmation Request */
502 events[6] |= 0x08; /* User Passkey Request */
503 events[6] |= 0x10; /* Remote OOB Data Request */
504 events[6] |= 0x20; /* Simple Pairing Complete */
505 events[7] |= 0x04; /* User Passkey Notification */
506 events[7] |= 0x08; /* Keypress Notification */
507 events[7] |= 0x10; /* Remote Host Supported
508 * Features Notification */
511 if (hdev->features[4] & LMP_LE)
512 events[7] |= 0x20; /* LE Meta-Event */
514 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
517 static void hci_setup(struct hci_dev *hdev)
519 hci_setup_event_mask(hdev);
521 if (hdev->lmp_ver > 1)
522 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
526 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
529 if (hdev->features[3] & LMP_RSSI_INQ)
530 hci_setup_inquiry_mode(hdev);
532 if (hdev->features[7] & LMP_INQ_TX_PWR)
533 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
536 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
538 struct hci_rp_read_local_version *rp = (void *) skb->data;
540 BT_DBG("%s status 0x%x", hdev->name, rp->status);
545 hdev->hci_ver = rp->hci_ver;
546 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
547 hdev->lmp_ver = rp->lmp_ver;
548 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
549 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
551 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
553 hdev->hci_ver, hdev->hci_rev);
555 if (test_bit(HCI_INIT, &hdev->flags))
559 static void hci_setup_link_policy(struct hci_dev *hdev)
563 if (hdev->features[0] & LMP_RSWITCH)
564 link_policy |= HCI_LP_RSWITCH;
565 if (hdev->features[0] & LMP_HOLD)
566 link_policy |= HCI_LP_HOLD;
567 if (hdev->features[0] & LMP_SNIFF)
568 link_policy |= HCI_LP_SNIFF;
569 if (hdev->features[1] & LMP_PARK)
570 link_policy |= HCI_LP_PARK;
572 link_policy = cpu_to_le16(link_policy);
573 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
574 sizeof(link_policy), &link_policy);
577 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
579 struct hci_rp_read_local_commands *rp = (void *) skb->data;
581 BT_DBG("%s status 0x%x", hdev->name, rp->status);
586 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
588 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
589 hci_setup_link_policy(hdev);
592 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
595 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
597 struct hci_rp_read_local_features *rp = (void *) skb->data;
599 BT_DBG("%s status 0x%x", hdev->name, rp->status);
604 memcpy(hdev->features, rp->features, 8);
606 /* Adjust default settings according to features
607 * supported by device. */
609 if (hdev->features[0] & LMP_3SLOT)
610 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
612 if (hdev->features[0] & LMP_5SLOT)
613 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
615 if (hdev->features[1] & LMP_HV2) {
616 hdev->pkt_type |= (HCI_HV2);
617 hdev->esco_type |= (ESCO_HV2);
620 if (hdev->features[1] & LMP_HV3) {
621 hdev->pkt_type |= (HCI_HV3);
622 hdev->esco_type |= (ESCO_HV3);
625 if (hdev->features[3] & LMP_ESCO)
626 hdev->esco_type |= (ESCO_EV3);
628 if (hdev->features[4] & LMP_EV4)
629 hdev->esco_type |= (ESCO_EV4);
631 if (hdev->features[4] & LMP_EV5)
632 hdev->esco_type |= (ESCO_EV5);
634 if (hdev->features[5] & LMP_EDR_ESCO_2M)
635 hdev->esco_type |= (ESCO_2EV3);
637 if (hdev->features[5] & LMP_EDR_ESCO_3M)
638 hdev->esco_type |= (ESCO_3EV3);
640 if (hdev->features[5] & LMP_EDR_3S_ESCO)
641 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
643 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
644 hdev->features[0], hdev->features[1],
645 hdev->features[2], hdev->features[3],
646 hdev->features[4], hdev->features[5],
647 hdev->features[6], hdev->features[7]);
650 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
652 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
654 BT_DBG("%s status 0x%x", hdev->name, rp->status);
659 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
660 hdev->sco_mtu = rp->sco_mtu;
661 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
662 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
664 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
669 hdev->acl_cnt = hdev->acl_pkts;
670 hdev->sco_cnt = hdev->sco_pkts;
672 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
673 hdev->acl_mtu, hdev->acl_pkts,
674 hdev->sco_mtu, hdev->sco_pkts);
677 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
679 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
681 BT_DBG("%s status 0x%x", hdev->name, rp->status);
684 bacpy(&hdev->bdaddr, &rp->bdaddr);
686 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
689 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
691 __u8 status = *((__u8 *) skb->data);
693 BT_DBG("%s status 0x%x", hdev->name, status);
695 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
698 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
701 __u8 status = *((__u8 *) skb->data);
703 BT_DBG("%s status 0x%x", hdev->name, status);
705 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
708 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
710 __u8 status = *((__u8 *) skb->data);
712 BT_DBG("%s status 0x%x", hdev->name, status);
714 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
717 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
720 __u8 status = *((__u8 *) skb->data);
722 BT_DBG("%s status 0x%x", hdev->name, status);
724 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
727 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
730 __u8 status = *((__u8 *) skb->data);
732 BT_DBG("%s status 0x%x", hdev->name, status);
734 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
737 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
739 __u8 status = *((__u8 *) skb->data);
741 BT_DBG("%s status 0x%x", hdev->name, status);
743 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
746 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
748 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
749 struct hci_cp_pin_code_reply *cp;
750 struct hci_conn *conn;
752 BT_DBG("%s status 0x%x", hdev->name, rp->status);
754 if (test_bit(HCI_MGMT, &hdev->flags))
755 mgmt_pin_code_reply_complete(hdev->id, &rp->bdaddr, rp->status);
760 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
764 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
766 conn->pin_length = cp->pin_len;
769 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
771 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
773 BT_DBG("%s status 0x%x", hdev->name, rp->status);
775 if (test_bit(HCI_MGMT, &hdev->flags))
776 mgmt_pin_code_neg_reply_complete(hdev->id, &rp->bdaddr,
779 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
782 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
784 BT_DBG("%s status 0x%x", hdev->name, rp->status);
789 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
790 hdev->le_pkts = rp->le_max_pkt;
792 hdev->le_cnt = hdev->le_pkts;
794 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
796 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
799 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
801 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
803 BT_DBG("%s status 0x%x", hdev->name, rp->status);
805 if (test_bit(HCI_MGMT, &hdev->flags))
806 mgmt_user_confirm_reply_complete(hdev->id, &rp->bdaddr,
810 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
813 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
815 BT_DBG("%s status 0x%x", hdev->name, rp->status);
817 if (test_bit(HCI_MGMT, &hdev->flags))
818 mgmt_user_confirm_neg_reply_complete(hdev->id, &rp->bdaddr,
822 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
824 BT_DBG("%s status 0x%x", hdev->name, status);
827 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
829 hci_conn_check_pending(hdev);
831 set_bit(HCI_INQUIRY, &hdev->flags);
834 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
836 struct hci_cp_create_conn *cp;
837 struct hci_conn *conn;
839 BT_DBG("%s status 0x%x", hdev->name, status);
841 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
847 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
849 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
852 if (conn && conn->state == BT_CONNECT) {
853 if (status != 0x0c || conn->attempt > 2) {
854 conn->state = BT_CLOSED;
855 hci_proto_connect_cfm(conn, status);
858 conn->state = BT_CONNECT2;
862 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
865 conn->link_mode |= HCI_LM_MASTER;
867 BT_ERR("No memory for new connection");
871 hci_dev_unlock(hdev);
874 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
876 struct hci_cp_add_sco *cp;
877 struct hci_conn *acl, *sco;
880 BT_DBG("%s status 0x%x", hdev->name, status);
885 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
889 handle = __le16_to_cpu(cp->handle);
891 BT_DBG("%s handle %d", hdev->name, handle);
895 acl = hci_conn_hash_lookup_handle(hdev, handle);
899 sco->state = BT_CLOSED;
901 hci_proto_connect_cfm(sco, status);
906 hci_dev_unlock(hdev);
909 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
911 struct hci_cp_auth_requested *cp;
912 struct hci_conn *conn;
914 BT_DBG("%s status 0x%x", hdev->name, status);
919 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
925 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
927 if (conn->state == BT_CONFIG) {
928 hci_proto_connect_cfm(conn, status);
933 hci_dev_unlock(hdev);
936 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
938 struct hci_cp_set_conn_encrypt *cp;
939 struct hci_conn *conn;
941 BT_DBG("%s status 0x%x", hdev->name, status);
946 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
952 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
954 if (conn->state == BT_CONFIG) {
955 hci_proto_connect_cfm(conn, status);
960 hci_dev_unlock(hdev);
963 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
964 struct hci_conn *conn)
966 if (conn->state != BT_CONFIG || !conn->out)
969 if (conn->pending_sec_level == BT_SECURITY_SDP)
972 /* Only request authentication for SSP connections or non-SSP
973 * devices with sec_level HIGH */
974 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
975 conn->pending_sec_level != BT_SECURITY_HIGH)
981 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
983 struct hci_cp_remote_name_req *cp;
984 struct hci_conn *conn;
986 BT_DBG("%s status 0x%x", hdev->name, status);
988 /* If successful wait for the name req complete event before
989 * checking for the need to do authentication */
993 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
999 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1000 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1001 struct hci_cp_auth_requested cp;
1002 cp.handle = __cpu_to_le16(conn->handle);
1003 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1006 hci_dev_unlock(hdev);
1009 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1011 struct hci_cp_read_remote_features *cp;
1012 struct hci_conn *conn;
1014 BT_DBG("%s status 0x%x", hdev->name, status);
1019 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1025 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1027 if (conn->state == BT_CONFIG) {
1028 hci_proto_connect_cfm(conn, status);
1033 hci_dev_unlock(hdev);
1036 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1038 struct hci_cp_read_remote_ext_features *cp;
1039 struct hci_conn *conn;
1041 BT_DBG("%s status 0x%x", hdev->name, status);
1046 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1052 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1054 if (conn->state == BT_CONFIG) {
1055 hci_proto_connect_cfm(conn, status);
1060 hci_dev_unlock(hdev);
1063 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1065 struct hci_cp_setup_sync_conn *cp;
1066 struct hci_conn *acl, *sco;
1069 BT_DBG("%s status 0x%x", hdev->name, status);
1074 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1078 handle = __le16_to_cpu(cp->handle);
1080 BT_DBG("%s handle %d", hdev->name, handle);
1084 acl = hci_conn_hash_lookup_handle(hdev, handle);
1088 sco->state = BT_CLOSED;
1090 hci_proto_connect_cfm(sco, status);
1095 hci_dev_unlock(hdev);
1098 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1100 struct hci_cp_sniff_mode *cp;
1101 struct hci_conn *conn;
1103 BT_DBG("%s status 0x%x", hdev->name, status);
1108 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1114 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1116 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1118 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1119 hci_sco_setup(conn, status);
1122 hci_dev_unlock(hdev);
1125 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1127 struct hci_cp_exit_sniff_mode *cp;
1128 struct hci_conn *conn;
1130 BT_DBG("%s status 0x%x", hdev->name, status);
1135 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1141 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1143 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1145 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1146 hci_sco_setup(conn, status);
1149 hci_dev_unlock(hdev);
1152 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1154 struct hci_cp_le_create_conn *cp;
1155 struct hci_conn *conn;
1157 BT_DBG("%s status 0x%x", hdev->name, status);
1159 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1165 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1167 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1171 if (conn && conn->state == BT_CONNECT) {
1172 conn->state = BT_CLOSED;
1173 hci_proto_connect_cfm(conn, status);
1178 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1182 BT_ERR("No memory for new connection");
1186 hci_dev_unlock(hdev);
1189 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1191 __u8 status = *((__u8 *) skb->data);
1193 BT_DBG("%s status %d", hdev->name, status);
1195 clear_bit(HCI_INQUIRY, &hdev->flags);
1197 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1199 hci_conn_check_pending(hdev);
1202 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1204 struct inquiry_data data;
1205 struct inquiry_info *info = (void *) (skb->data + 1);
1206 int num_rsp = *((__u8 *) skb->data);
1208 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1215 for (; num_rsp; num_rsp--) {
1216 bacpy(&data.bdaddr, &info->bdaddr);
1217 data.pscan_rep_mode = info->pscan_rep_mode;
1218 data.pscan_period_mode = info->pscan_period_mode;
1219 data.pscan_mode = info->pscan_mode;
1220 memcpy(data.dev_class, info->dev_class, 3);
1221 data.clock_offset = info->clock_offset;
1223 data.ssp_mode = 0x00;
1225 hci_inquiry_cache_update(hdev, &data);
1228 hci_dev_unlock(hdev);
1231 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1233 struct hci_ev_conn_complete *ev = (void *) skb->data;
1234 struct hci_conn *conn;
1236 BT_DBG("%s", hdev->name);
1240 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1242 if (ev->link_type != SCO_LINK)
1245 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1249 conn->type = SCO_LINK;
1253 conn->handle = __le16_to_cpu(ev->handle);
1255 if (conn->type == ACL_LINK) {
1256 conn->state = BT_CONFIG;
1257 hci_conn_hold(conn);
1258 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1259 mgmt_connected(hdev->id, &ev->bdaddr);
1261 conn->state = BT_CONNECTED;
1263 hci_conn_hold_device(conn);
1264 hci_conn_add_sysfs(conn);
1266 if (test_bit(HCI_AUTH, &hdev->flags))
1267 conn->link_mode |= HCI_LM_AUTH;
1269 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1270 conn->link_mode |= HCI_LM_ENCRYPT;
1272 /* Get remote features */
1273 if (conn->type == ACL_LINK) {
1274 struct hci_cp_read_remote_features cp;
1275 cp.handle = ev->handle;
1276 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1280 /* Set packet type for incoming connection */
1281 if (!conn->out && hdev->hci_ver < 3) {
1282 struct hci_cp_change_conn_ptype cp;
1283 cp.handle = ev->handle;
1284 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1285 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1289 conn->state = BT_CLOSED;
1290 if (conn->type == ACL_LINK)
1291 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1294 if (conn->type == ACL_LINK)
1295 hci_sco_setup(conn, ev->status);
1298 hci_proto_connect_cfm(conn, ev->status);
1300 } else if (ev->link_type != ACL_LINK)
1301 hci_proto_connect_cfm(conn, ev->status);
1304 hci_dev_unlock(hdev);
1306 hci_conn_check_pending(hdev);
1309 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1311 struct hci_ev_conn_request *ev = (void *) skb->data;
1312 int mask = hdev->link_mode;
1314 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1315 batostr(&ev->bdaddr), ev->link_type);
1317 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1319 if ((mask & HCI_LM_ACCEPT) &&
1320 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1321 /* Connection accepted */
1322 struct inquiry_entry *ie;
1323 struct hci_conn *conn;
1327 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1329 memcpy(ie->data.dev_class, ev->dev_class, 3);
1331 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1333 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1335 BT_ERR("No memory for new connection");
1336 hci_dev_unlock(hdev);
1341 memcpy(conn->dev_class, ev->dev_class, 3);
1342 conn->state = BT_CONNECT;
1344 hci_dev_unlock(hdev);
1346 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1347 struct hci_cp_accept_conn_req cp;
1349 bacpy(&cp.bdaddr, &ev->bdaddr);
1351 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1352 cp.role = 0x00; /* Become master */
1354 cp.role = 0x01; /* Remain slave */
1356 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1359 struct hci_cp_accept_sync_conn_req cp;
1361 bacpy(&cp.bdaddr, &ev->bdaddr);
1362 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1364 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1365 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1366 cp.max_latency = cpu_to_le16(0xffff);
1367 cp.content_format = cpu_to_le16(hdev->voice_setting);
1368 cp.retrans_effort = 0xff;
1370 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1374 /* Connection rejected */
1375 struct hci_cp_reject_conn_req cp;
1377 bacpy(&cp.bdaddr, &ev->bdaddr);
1379 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1383 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1385 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1386 struct hci_conn *conn;
1388 BT_DBG("%s status %d", hdev->name, ev->status);
1391 mgmt_disconnect_failed(hdev->id);
1397 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1401 conn->state = BT_CLOSED;
1403 if (conn->type == ACL_LINK)
1404 mgmt_disconnected(hdev->id, &conn->dst);
1406 hci_proto_disconn_cfm(conn, ev->reason);
1410 hci_dev_unlock(hdev);
1413 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1415 struct hci_ev_auth_complete *ev = (void *) skb->data;
1416 struct hci_conn *conn;
1418 BT_DBG("%s status %d", hdev->name, ev->status);
1422 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1425 conn->link_mode |= HCI_LM_AUTH;
1426 conn->sec_level = conn->pending_sec_level;
1428 conn->sec_level = BT_SECURITY_LOW;
1430 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1432 if (conn->state == BT_CONFIG) {
1433 if (!ev->status && hdev->ssp_mode > 0 &&
1434 conn->ssp_mode > 0) {
1435 struct hci_cp_set_conn_encrypt cp;
1436 cp.handle = ev->handle;
1438 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1441 conn->state = BT_CONNECTED;
1442 hci_proto_connect_cfm(conn, ev->status);
1446 hci_auth_cfm(conn, ev->status);
1448 hci_conn_hold(conn);
1449 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1453 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1455 struct hci_cp_set_conn_encrypt cp;
1456 cp.handle = ev->handle;
1458 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1461 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1462 hci_encrypt_cfm(conn, ev->status, 0x00);
1467 hci_dev_unlock(hdev);
1470 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1472 struct hci_ev_remote_name *ev = (void *) skb->data;
1473 struct hci_conn *conn;
1475 BT_DBG("%s", hdev->name);
1477 hci_conn_check_pending(hdev);
1481 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1482 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1483 struct hci_cp_auth_requested cp;
1484 cp.handle = __cpu_to_le16(conn->handle);
1485 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1488 hci_dev_unlock(hdev);
1491 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1493 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1494 struct hci_conn *conn;
1496 BT_DBG("%s status %d", hdev->name, ev->status);
1500 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1504 /* Encryption implies authentication */
1505 conn->link_mode |= HCI_LM_AUTH;
1506 conn->link_mode |= HCI_LM_ENCRYPT;
1508 conn->link_mode &= ~HCI_LM_ENCRYPT;
1511 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1513 if (conn->state == BT_CONFIG) {
1515 conn->state = BT_CONNECTED;
1517 hci_proto_connect_cfm(conn, ev->status);
1520 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1523 hci_dev_unlock(hdev);
1526 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1528 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1529 struct hci_conn *conn;
1531 BT_DBG("%s status %d", hdev->name, ev->status);
1535 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1538 conn->link_mode |= HCI_LM_SECURE;
1540 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1542 hci_key_change_cfm(conn, ev->status);
1545 hci_dev_unlock(hdev);
1548 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1550 struct hci_ev_remote_features *ev = (void *) skb->data;
1551 struct hci_conn *conn;
1553 BT_DBG("%s status %d", hdev->name, ev->status);
1557 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1562 memcpy(conn->features, ev->features, 8);
1564 if (conn->state != BT_CONFIG)
1567 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1568 struct hci_cp_read_remote_ext_features cp;
1569 cp.handle = ev->handle;
1571 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1577 struct hci_cp_remote_name_req cp;
1578 memset(&cp, 0, sizeof(cp));
1579 bacpy(&cp.bdaddr, &conn->dst);
1580 cp.pscan_rep_mode = 0x02;
1581 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1584 if (!hci_outgoing_auth_needed(hdev, conn)) {
1585 conn->state = BT_CONNECTED;
1586 hci_proto_connect_cfm(conn, ev->status);
1591 hci_dev_unlock(hdev);
1594 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1596 BT_DBG("%s", hdev->name);
1599 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1601 BT_DBG("%s", hdev->name);
1604 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1606 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1609 skb_pull(skb, sizeof(*ev));
1611 opcode = __le16_to_cpu(ev->opcode);
1614 case HCI_OP_INQUIRY_CANCEL:
1615 hci_cc_inquiry_cancel(hdev, skb);
1618 case HCI_OP_EXIT_PERIODIC_INQ:
1619 hci_cc_exit_periodic_inq(hdev, skb);
1622 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1623 hci_cc_remote_name_req_cancel(hdev, skb);
1626 case HCI_OP_ROLE_DISCOVERY:
1627 hci_cc_role_discovery(hdev, skb);
1630 case HCI_OP_READ_LINK_POLICY:
1631 hci_cc_read_link_policy(hdev, skb);
1634 case HCI_OP_WRITE_LINK_POLICY:
1635 hci_cc_write_link_policy(hdev, skb);
1638 case HCI_OP_READ_DEF_LINK_POLICY:
1639 hci_cc_read_def_link_policy(hdev, skb);
1642 case HCI_OP_WRITE_DEF_LINK_POLICY:
1643 hci_cc_write_def_link_policy(hdev, skb);
1647 hci_cc_reset(hdev, skb);
1650 case HCI_OP_WRITE_LOCAL_NAME:
1651 hci_cc_write_local_name(hdev, skb);
1654 case HCI_OP_READ_LOCAL_NAME:
1655 hci_cc_read_local_name(hdev, skb);
1658 case HCI_OP_WRITE_AUTH_ENABLE:
1659 hci_cc_write_auth_enable(hdev, skb);
1662 case HCI_OP_WRITE_ENCRYPT_MODE:
1663 hci_cc_write_encrypt_mode(hdev, skb);
1666 case HCI_OP_WRITE_SCAN_ENABLE:
1667 hci_cc_write_scan_enable(hdev, skb);
1670 case HCI_OP_READ_CLASS_OF_DEV:
1671 hci_cc_read_class_of_dev(hdev, skb);
1674 case HCI_OP_WRITE_CLASS_OF_DEV:
1675 hci_cc_write_class_of_dev(hdev, skb);
1678 case HCI_OP_READ_VOICE_SETTING:
1679 hci_cc_read_voice_setting(hdev, skb);
1682 case HCI_OP_WRITE_VOICE_SETTING:
1683 hci_cc_write_voice_setting(hdev, skb);
1686 case HCI_OP_HOST_BUFFER_SIZE:
1687 hci_cc_host_buffer_size(hdev, skb);
1690 case HCI_OP_READ_SSP_MODE:
1691 hci_cc_read_ssp_mode(hdev, skb);
1694 case HCI_OP_WRITE_SSP_MODE:
1695 hci_cc_write_ssp_mode(hdev, skb);
1698 case HCI_OP_READ_LOCAL_VERSION:
1699 hci_cc_read_local_version(hdev, skb);
1702 case HCI_OP_READ_LOCAL_COMMANDS:
1703 hci_cc_read_local_commands(hdev, skb);
1706 case HCI_OP_READ_LOCAL_FEATURES:
1707 hci_cc_read_local_features(hdev, skb);
1710 case HCI_OP_READ_BUFFER_SIZE:
1711 hci_cc_read_buffer_size(hdev, skb);
1714 case HCI_OP_READ_BD_ADDR:
1715 hci_cc_read_bd_addr(hdev, skb);
1718 case HCI_OP_WRITE_CA_TIMEOUT:
1719 hci_cc_write_ca_timeout(hdev, skb);
1722 case HCI_OP_DELETE_STORED_LINK_KEY:
1723 hci_cc_delete_stored_link_key(hdev, skb);
1726 case HCI_OP_SET_EVENT_MASK:
1727 hci_cc_set_event_mask(hdev, skb);
1730 case HCI_OP_WRITE_INQUIRY_MODE:
1731 hci_cc_write_inquiry_mode(hdev, skb);
1734 case HCI_OP_READ_INQ_RSP_TX_POWER:
1735 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1738 case HCI_OP_SET_EVENT_FLT:
1739 hci_cc_set_event_flt(hdev, skb);
1742 case HCI_OP_PIN_CODE_REPLY:
1743 hci_cc_pin_code_reply(hdev, skb);
1746 case HCI_OP_PIN_CODE_NEG_REPLY:
1747 hci_cc_pin_code_neg_reply(hdev, skb);
1750 case HCI_OP_LE_READ_BUFFER_SIZE:
1751 hci_cc_le_read_buffer_size(hdev, skb);
1754 case HCI_OP_USER_CONFIRM_REPLY:
1755 hci_cc_user_confirm_reply(hdev, skb);
1758 case HCI_OP_USER_CONFIRM_NEG_REPLY:
1759 hci_cc_user_confirm_neg_reply(hdev, skb);
1763 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1767 if (ev->opcode != HCI_OP_NOP)
1768 del_timer(&hdev->cmd_timer);
1771 atomic_set(&hdev->cmd_cnt, 1);
1772 if (!skb_queue_empty(&hdev->cmd_q))
1773 tasklet_schedule(&hdev->cmd_task);
1777 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1779 struct hci_ev_cmd_status *ev = (void *) skb->data;
1782 skb_pull(skb, sizeof(*ev));
1784 opcode = __le16_to_cpu(ev->opcode);
1787 case HCI_OP_INQUIRY:
1788 hci_cs_inquiry(hdev, ev->status);
1791 case HCI_OP_CREATE_CONN:
1792 hci_cs_create_conn(hdev, ev->status);
1795 case HCI_OP_ADD_SCO:
1796 hci_cs_add_sco(hdev, ev->status);
1799 case HCI_OP_AUTH_REQUESTED:
1800 hci_cs_auth_requested(hdev, ev->status);
1803 case HCI_OP_SET_CONN_ENCRYPT:
1804 hci_cs_set_conn_encrypt(hdev, ev->status);
1807 case HCI_OP_REMOTE_NAME_REQ:
1808 hci_cs_remote_name_req(hdev, ev->status);
1811 case HCI_OP_READ_REMOTE_FEATURES:
1812 hci_cs_read_remote_features(hdev, ev->status);
1815 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1816 hci_cs_read_remote_ext_features(hdev, ev->status);
1819 case HCI_OP_SETUP_SYNC_CONN:
1820 hci_cs_setup_sync_conn(hdev, ev->status);
1823 case HCI_OP_SNIFF_MODE:
1824 hci_cs_sniff_mode(hdev, ev->status);
1827 case HCI_OP_EXIT_SNIFF_MODE:
1828 hci_cs_exit_sniff_mode(hdev, ev->status);
1831 case HCI_OP_DISCONNECT:
1832 if (ev->status != 0)
1833 mgmt_disconnect_failed(hdev->id);
1836 case HCI_OP_LE_CREATE_CONN:
1837 hci_cs_le_create_conn(hdev, ev->status);
1841 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1845 if (ev->opcode != HCI_OP_NOP)
1846 del_timer(&hdev->cmd_timer);
1849 atomic_set(&hdev->cmd_cnt, 1);
1850 if (!skb_queue_empty(&hdev->cmd_q))
1851 tasklet_schedule(&hdev->cmd_task);
1855 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1857 struct hci_ev_role_change *ev = (void *) skb->data;
1858 struct hci_conn *conn;
1860 BT_DBG("%s status %d", hdev->name, ev->status);
1864 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1868 conn->link_mode &= ~HCI_LM_MASTER;
1870 conn->link_mode |= HCI_LM_MASTER;
1873 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1875 hci_role_switch_cfm(conn, ev->status, ev->role);
1878 hci_dev_unlock(hdev);
1881 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1883 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1887 skb_pull(skb, sizeof(*ev));
1889 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1891 if (skb->len < ev->num_hndl * 4) {
1892 BT_DBG("%s bad parameters", hdev->name);
1896 tasklet_disable(&hdev->tx_task);
1898 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1899 struct hci_conn *conn;
1900 __u16 handle, count;
1902 handle = get_unaligned_le16(ptr++);
1903 count = get_unaligned_le16(ptr++);
1905 conn = hci_conn_hash_lookup_handle(hdev, handle);
1907 conn->sent -= count;
1909 if (conn->type == ACL_LINK) {
1910 hdev->acl_cnt += count;
1911 if (hdev->acl_cnt > hdev->acl_pkts)
1912 hdev->acl_cnt = hdev->acl_pkts;
1913 } else if (conn->type == LE_LINK) {
1914 if (hdev->le_pkts) {
1915 hdev->le_cnt += count;
1916 if (hdev->le_cnt > hdev->le_pkts)
1917 hdev->le_cnt = hdev->le_pkts;
1919 hdev->acl_cnt += count;
1920 if (hdev->acl_cnt > hdev->acl_pkts)
1921 hdev->acl_cnt = hdev->acl_pkts;
1924 hdev->sco_cnt += count;
1925 if (hdev->sco_cnt > hdev->sco_pkts)
1926 hdev->sco_cnt = hdev->sco_pkts;
1931 tasklet_schedule(&hdev->tx_task);
1933 tasklet_enable(&hdev->tx_task);
1936 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1938 struct hci_ev_mode_change *ev = (void *) skb->data;
1939 struct hci_conn *conn;
1941 BT_DBG("%s status %d", hdev->name, ev->status);
1945 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1947 conn->mode = ev->mode;
1948 conn->interval = __le16_to_cpu(ev->interval);
1950 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1951 if (conn->mode == HCI_CM_ACTIVE)
1952 conn->power_save = 1;
1954 conn->power_save = 0;
1957 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1958 hci_sco_setup(conn, ev->status);
1961 hci_dev_unlock(hdev);
1964 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1966 struct hci_ev_pin_code_req *ev = (void *) skb->data;
1967 struct hci_conn *conn;
1969 BT_DBG("%s", hdev->name);
1973 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1974 if (conn && conn->state == BT_CONNECTED) {
1975 hci_conn_hold(conn);
1976 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1980 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
1981 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1982 sizeof(ev->bdaddr), &ev->bdaddr);
1984 if (test_bit(HCI_MGMT, &hdev->flags))
1985 mgmt_pin_code_request(hdev->id, &ev->bdaddr);
1987 hci_dev_unlock(hdev);
1990 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1992 struct hci_ev_link_key_req *ev = (void *) skb->data;
1993 struct hci_cp_link_key_reply cp;
1994 struct hci_conn *conn;
1995 struct link_key *key;
1997 BT_DBG("%s", hdev->name);
1999 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2004 key = hci_find_link_key(hdev, &ev->bdaddr);
2006 BT_DBG("%s link key not found for %s", hdev->name,
2007 batostr(&ev->bdaddr));
2011 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2012 batostr(&ev->bdaddr));
2014 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) && key->type == 0x03) {
2015 BT_DBG("%s ignoring debug key", hdev->name);
2019 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2021 if (key->type == 0x04 && conn && conn->auth_type != 0xff &&
2022 (conn->auth_type & 0x01)) {
2023 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2027 bacpy(&cp.bdaddr, &ev->bdaddr);
2028 memcpy(cp.link_key, key->val, 16);
2030 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2032 hci_dev_unlock(hdev);
2037 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2038 hci_dev_unlock(hdev);
2041 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2043 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2044 struct hci_conn *conn;
2047 BT_DBG("%s", hdev->name);
2051 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2053 hci_conn_hold(conn);
2054 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2055 pin_len = conn->pin_length;
2059 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2060 hci_add_link_key(hdev, 1, &ev->bdaddr, ev->link_key,
2061 ev->key_type, pin_len);
2063 hci_dev_unlock(hdev);
2066 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2068 struct hci_ev_clock_offset *ev = (void *) skb->data;
2069 struct hci_conn *conn;
2071 BT_DBG("%s status %d", hdev->name, ev->status);
2075 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2076 if (conn && !ev->status) {
2077 struct inquiry_entry *ie;
2079 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2081 ie->data.clock_offset = ev->clock_offset;
2082 ie->timestamp = jiffies;
2086 hci_dev_unlock(hdev);
2089 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2091 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2092 struct hci_conn *conn;
2094 BT_DBG("%s status %d", hdev->name, ev->status);
2098 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2099 if (conn && !ev->status)
2100 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2102 hci_dev_unlock(hdev);
2105 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2107 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2108 struct inquiry_entry *ie;
2110 BT_DBG("%s", hdev->name);
2114 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2116 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2117 ie->timestamp = jiffies;
2120 hci_dev_unlock(hdev);
2123 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2125 struct inquiry_data data;
2126 int num_rsp = *((__u8 *) skb->data);
2128 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2135 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2136 struct inquiry_info_with_rssi_and_pscan_mode *info;
2137 info = (void *) (skb->data + 1);
2139 for (; num_rsp; num_rsp--) {
2140 bacpy(&data.bdaddr, &info->bdaddr);
2141 data.pscan_rep_mode = info->pscan_rep_mode;
2142 data.pscan_period_mode = info->pscan_period_mode;
2143 data.pscan_mode = info->pscan_mode;
2144 memcpy(data.dev_class, info->dev_class, 3);
2145 data.clock_offset = info->clock_offset;
2146 data.rssi = info->rssi;
2147 data.ssp_mode = 0x00;
2149 hci_inquiry_cache_update(hdev, &data);
2152 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2154 for (; num_rsp; num_rsp--) {
2155 bacpy(&data.bdaddr, &info->bdaddr);
2156 data.pscan_rep_mode = info->pscan_rep_mode;
2157 data.pscan_period_mode = info->pscan_period_mode;
2158 data.pscan_mode = 0x00;
2159 memcpy(data.dev_class, info->dev_class, 3);
2160 data.clock_offset = info->clock_offset;
2161 data.rssi = info->rssi;
2162 data.ssp_mode = 0x00;
2164 hci_inquiry_cache_update(hdev, &data);
2168 hci_dev_unlock(hdev);
2171 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2173 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2174 struct hci_conn *conn;
2176 BT_DBG("%s", hdev->name);
2180 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2184 if (!ev->status && ev->page == 0x01) {
2185 struct inquiry_entry *ie;
2187 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2189 ie->data.ssp_mode = (ev->features[0] & 0x01);
2191 conn->ssp_mode = (ev->features[0] & 0x01);
2194 if (conn->state != BT_CONFIG)
2198 struct hci_cp_remote_name_req cp;
2199 memset(&cp, 0, sizeof(cp));
2200 bacpy(&cp.bdaddr, &conn->dst);
2201 cp.pscan_rep_mode = 0x02;
2202 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2205 if (!hci_outgoing_auth_needed(hdev, conn)) {
2206 conn->state = BT_CONNECTED;
2207 hci_proto_connect_cfm(conn, ev->status);
2212 hci_dev_unlock(hdev);
2215 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2217 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2218 struct hci_conn *conn;
2220 BT_DBG("%s status %d", hdev->name, ev->status);
2224 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2226 if (ev->link_type == ESCO_LINK)
2229 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2233 conn->type = SCO_LINK;
2236 switch (ev->status) {
2238 conn->handle = __le16_to_cpu(ev->handle);
2239 conn->state = BT_CONNECTED;
2241 hci_conn_hold_device(conn);
2242 hci_conn_add_sysfs(conn);
2245 case 0x11: /* Unsupported Feature or Parameter Value */
2246 case 0x1c: /* SCO interval rejected */
2247 case 0x1a: /* Unsupported Remote Feature */
2248 case 0x1f: /* Unspecified error */
2249 if (conn->out && conn->attempt < 2) {
2250 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2251 (hdev->esco_type & EDR_ESCO_MASK);
2252 hci_setup_sync(conn, conn->link->handle);
2258 conn->state = BT_CLOSED;
2262 hci_proto_connect_cfm(conn, ev->status);
2267 hci_dev_unlock(hdev);
2270 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2272 BT_DBG("%s", hdev->name);
2275 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2277 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2279 BT_DBG("%s status %d", hdev->name, ev->status);
2282 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2284 struct inquiry_data data;
2285 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2286 int num_rsp = *((__u8 *) skb->data);
2288 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2295 for (; num_rsp; num_rsp--) {
2296 bacpy(&data.bdaddr, &info->bdaddr);
2297 data.pscan_rep_mode = info->pscan_rep_mode;
2298 data.pscan_period_mode = info->pscan_period_mode;
2299 data.pscan_mode = 0x00;
2300 memcpy(data.dev_class, info->dev_class, 3);
2301 data.clock_offset = info->clock_offset;
2302 data.rssi = info->rssi;
2303 data.ssp_mode = 0x01;
2305 hci_inquiry_cache_update(hdev, &data);
2308 hci_dev_unlock(hdev);
2311 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2313 /* If remote requests dedicated bonding follow that lead */
2314 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2315 /* If both remote and local IO capabilities allow MITM
2316 * protection then require it, otherwise don't */
2317 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2323 /* If remote requests no-bonding follow that lead */
2324 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2327 return conn->auth_type;
2330 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2332 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2333 struct hci_conn *conn;
2335 BT_DBG("%s", hdev->name);
2339 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2343 hci_conn_hold(conn);
2345 if (!test_bit(HCI_MGMT, &hdev->flags))
2348 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2349 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2350 struct hci_cp_io_capability_reply cp;
2352 bacpy(&cp.bdaddr, &ev->bdaddr);
2353 cp.capability = conn->io_capability;
2355 cp.authentication = hci_get_auth_req(conn);
2357 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2360 struct hci_cp_io_capability_neg_reply cp;
2362 bacpy(&cp.bdaddr, &ev->bdaddr);
2363 cp.reason = 0x16; /* Pairing not allowed */
2365 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2370 hci_dev_unlock(hdev);
2373 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2375 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2376 struct hci_conn *conn;
2378 BT_DBG("%s", hdev->name);
2382 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2386 hci_conn_hold(conn);
2388 conn->remote_cap = ev->capability;
2389 conn->remote_oob = ev->oob_data;
2390 conn->remote_auth = ev->authentication;
2393 hci_dev_unlock(hdev);
2396 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2397 struct sk_buff *skb)
2399 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2401 BT_DBG("%s", hdev->name);
2405 if (test_bit(HCI_MGMT, &hdev->flags))
2406 mgmt_user_confirm_request(hdev->id, &ev->bdaddr, ev->passkey);
2408 hci_dev_unlock(hdev);
2411 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2413 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2414 struct hci_conn *conn;
2416 BT_DBG("%s", hdev->name);
2420 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2424 hci_dev_unlock(hdev);
2427 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2429 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2430 struct inquiry_entry *ie;
2432 BT_DBG("%s", hdev->name);
2436 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2438 ie->data.ssp_mode = (ev->features[0] & 0x01);
2440 hci_dev_unlock(hdev);
2443 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2445 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2446 struct hci_conn *conn;
2448 BT_DBG("%s status %d", hdev->name, ev->status);
2452 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2454 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2456 BT_ERR("No memory for new connection");
2457 hci_dev_unlock(hdev);
2463 hci_proto_connect_cfm(conn, ev->status);
2464 conn->state = BT_CLOSED;
2469 conn->handle = __le16_to_cpu(ev->handle);
2470 conn->state = BT_CONNECTED;
2472 hci_conn_hold_device(conn);
2473 hci_conn_add_sysfs(conn);
2475 hci_proto_connect_cfm(conn, ev->status);
2478 hci_dev_unlock(hdev);
2481 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
2483 struct hci_ev_le_meta *le_ev = (void *) skb->data;
2485 skb_pull(skb, sizeof(*le_ev));
2487 switch (le_ev->subevent) {
2488 case HCI_EV_LE_CONN_COMPLETE:
2489 hci_le_conn_complete_evt(hdev, skb);
2497 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2499 struct hci_event_hdr *hdr = (void *) skb->data;
2500 __u8 event = hdr->evt;
2502 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2505 case HCI_EV_INQUIRY_COMPLETE:
2506 hci_inquiry_complete_evt(hdev, skb);
2509 case HCI_EV_INQUIRY_RESULT:
2510 hci_inquiry_result_evt(hdev, skb);
2513 case HCI_EV_CONN_COMPLETE:
2514 hci_conn_complete_evt(hdev, skb);
2517 case HCI_EV_CONN_REQUEST:
2518 hci_conn_request_evt(hdev, skb);
2521 case HCI_EV_DISCONN_COMPLETE:
2522 hci_disconn_complete_evt(hdev, skb);
2525 case HCI_EV_AUTH_COMPLETE:
2526 hci_auth_complete_evt(hdev, skb);
2529 case HCI_EV_REMOTE_NAME:
2530 hci_remote_name_evt(hdev, skb);
2533 case HCI_EV_ENCRYPT_CHANGE:
2534 hci_encrypt_change_evt(hdev, skb);
2537 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2538 hci_change_link_key_complete_evt(hdev, skb);
2541 case HCI_EV_REMOTE_FEATURES:
2542 hci_remote_features_evt(hdev, skb);
2545 case HCI_EV_REMOTE_VERSION:
2546 hci_remote_version_evt(hdev, skb);
2549 case HCI_EV_QOS_SETUP_COMPLETE:
2550 hci_qos_setup_complete_evt(hdev, skb);
2553 case HCI_EV_CMD_COMPLETE:
2554 hci_cmd_complete_evt(hdev, skb);
2557 case HCI_EV_CMD_STATUS:
2558 hci_cmd_status_evt(hdev, skb);
2561 case HCI_EV_ROLE_CHANGE:
2562 hci_role_change_evt(hdev, skb);
2565 case HCI_EV_NUM_COMP_PKTS:
2566 hci_num_comp_pkts_evt(hdev, skb);
2569 case HCI_EV_MODE_CHANGE:
2570 hci_mode_change_evt(hdev, skb);
2573 case HCI_EV_PIN_CODE_REQ:
2574 hci_pin_code_request_evt(hdev, skb);
2577 case HCI_EV_LINK_KEY_REQ:
2578 hci_link_key_request_evt(hdev, skb);
2581 case HCI_EV_LINK_KEY_NOTIFY:
2582 hci_link_key_notify_evt(hdev, skb);
2585 case HCI_EV_CLOCK_OFFSET:
2586 hci_clock_offset_evt(hdev, skb);
2589 case HCI_EV_PKT_TYPE_CHANGE:
2590 hci_pkt_type_change_evt(hdev, skb);
2593 case HCI_EV_PSCAN_REP_MODE:
2594 hci_pscan_rep_mode_evt(hdev, skb);
2597 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2598 hci_inquiry_result_with_rssi_evt(hdev, skb);
2601 case HCI_EV_REMOTE_EXT_FEATURES:
2602 hci_remote_ext_features_evt(hdev, skb);
2605 case HCI_EV_SYNC_CONN_COMPLETE:
2606 hci_sync_conn_complete_evt(hdev, skb);
2609 case HCI_EV_SYNC_CONN_CHANGED:
2610 hci_sync_conn_changed_evt(hdev, skb);
2613 case HCI_EV_SNIFF_SUBRATE:
2614 hci_sniff_subrate_evt(hdev, skb);
2617 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2618 hci_extended_inquiry_result_evt(hdev, skb);
2621 case HCI_EV_IO_CAPA_REQUEST:
2622 hci_io_capa_request_evt(hdev, skb);
2625 case HCI_EV_IO_CAPA_REPLY:
2626 hci_io_capa_reply_evt(hdev, skb);
2629 case HCI_EV_USER_CONFIRM_REQUEST:
2630 hci_user_confirm_request_evt(hdev, skb);
2633 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2634 hci_simple_pair_complete_evt(hdev, skb);
2637 case HCI_EV_REMOTE_HOST_FEATURES:
2638 hci_remote_host_features_evt(hdev, skb);
2641 case HCI_EV_LE_META:
2642 hci_le_meta_evt(hdev, skb);
2646 BT_DBG("%s event 0x%x", hdev->name, event);
2651 hdev->stat.evt_rx++;
2654 /* Generate internal stack event */
2655 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2657 struct hci_event_hdr *hdr;
2658 struct hci_ev_stack_internal *ev;
2659 struct sk_buff *skb;
2661 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2665 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2666 hdr->evt = HCI_EV_STACK_INTERNAL;
2667 hdr->plen = sizeof(*ev) + dlen;
2669 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2671 memcpy(ev->data, data, dlen);
2673 bt_cb(skb)->incoming = 1;
2674 __net_timestamp(skb);
2676 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
2677 skb->dev = (void *) hdev;
2678 hci_send_to_sock(hdev, skb, NULL);
git.openpandora.org / pandora-kernel.git / blob