2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 #ifndef CONFIG_BT_HCI_CORE_DEBUG
53 /* Handle HCI Event packets */
55 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
57 __u8 status = *((__u8 *) skb->data);
59 BT_DBG("%s status 0x%x", hdev->name, status);
64 clear_bit(HCI_INQUIRY, &hdev->flags);
66 hci_req_complete(hdev, status);
68 hci_conn_check_pending(hdev);
71 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
73 __u8 status = *((__u8 *) skb->data);
75 BT_DBG("%s status 0x%x", hdev->name, status);
80 clear_bit(HCI_INQUIRY, &hdev->flags);
82 hci_conn_check_pending(hdev);
85 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
87 BT_DBG("%s", hdev->name);
90 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
92 struct hci_rp_role_discovery *rp = (void *) skb->data;
93 struct hci_conn *conn;
95 BT_DBG("%s status 0x%x", hdev->name, rp->status);
102 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
105 conn->link_mode &= ~HCI_LM_MASTER;
107 conn->link_mode |= HCI_LM_MASTER;
110 hci_dev_unlock(hdev);
113 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
115 struct hci_rp_write_link_policy *rp = (void *) skb->data;
116 struct hci_conn *conn;
119 BT_DBG("%s status 0x%x", hdev->name, rp->status);
124 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
130 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
132 conn->link_policy = get_unaligned_le16(sent + 2);
135 hci_dev_unlock(hdev);
138 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
140 __u8 status = *((__u8 *) skb->data);
142 BT_DBG("%s status 0x%x", hdev->name, status);
144 hci_req_complete(hdev, status);
147 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
149 __u8 status = *((__u8 *) skb->data);
152 BT_DBG("%s status 0x%x", hdev->name, status);
154 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
159 memcpy(hdev->dev_name, sent, 248);
162 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
164 struct hci_rp_read_local_name *rp = (void *) skb->data;
166 BT_DBG("%s status 0x%x", hdev->name, rp->status);
171 memcpy(hdev->dev_name, rp->name, 248);
174 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
176 __u8 status = *((__u8 *) skb->data);
179 BT_DBG("%s status 0x%x", hdev->name, status);
181 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
186 __u8 param = *((__u8 *) sent);
188 if (param == AUTH_ENABLED)
189 set_bit(HCI_AUTH, &hdev->flags);
191 clear_bit(HCI_AUTH, &hdev->flags);
194 hci_req_complete(hdev, status);
197 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
199 __u8 status = *((__u8 *) skb->data);
202 BT_DBG("%s status 0x%x", hdev->name, status);
204 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
209 __u8 param = *((__u8 *) sent);
212 set_bit(HCI_ENCRYPT, &hdev->flags);
214 clear_bit(HCI_ENCRYPT, &hdev->flags);
217 hci_req_complete(hdev, status);
220 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
222 __u8 status = *((__u8 *) skb->data);
225 BT_DBG("%s status 0x%x", hdev->name, status);
227 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
232 __u8 param = *((__u8 *) sent);
234 clear_bit(HCI_PSCAN, &hdev->flags);
235 clear_bit(HCI_ISCAN, &hdev->flags);
237 if (param & SCAN_INQUIRY)
238 set_bit(HCI_ISCAN, &hdev->flags);
240 if (param & SCAN_PAGE)
241 set_bit(HCI_PSCAN, &hdev->flags);
244 hci_req_complete(hdev, status);
247 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
249 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
251 BT_DBG("%s status 0x%x", hdev->name, rp->status);
256 memcpy(hdev->dev_class, rp->dev_class, 3);
258 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
259 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
262 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
264 __u8 status = *((__u8 *) skb->data);
267 BT_DBG("%s status 0x%x", hdev->name, status);
269 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
274 memcpy(hdev->dev_class, sent, 3);
277 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
279 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
282 BT_DBG("%s status 0x%x", hdev->name, rp->status);
287 setting = __le16_to_cpu(rp->voice_setting);
289 if (hdev->voice_setting == setting )
292 hdev->voice_setting = setting;
294 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
297 tasklet_disable(&hdev->tx_task);
298 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
299 tasklet_enable(&hdev->tx_task);
303 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
305 __u8 status = *((__u8 *) skb->data);
308 BT_DBG("%s status 0x%x", hdev->name, status);
310 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
315 __u16 setting = get_unaligned_le16(sent);
317 if (hdev->voice_setting != setting) {
318 hdev->voice_setting = setting;
320 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
323 tasklet_disable(&hdev->tx_task);
324 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
325 tasklet_enable(&hdev->tx_task);
331 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
333 __u8 status = *((__u8 *) skb->data);
335 BT_DBG("%s status 0x%x", hdev->name, status);
337 hci_req_complete(hdev, status);
340 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
342 struct hci_rp_read_local_version *rp = (void *) skb->data;
344 BT_DBG("%s status 0x%x", hdev->name, rp->status);
349 hdev->hci_ver = rp->hci_ver;
350 hdev->hci_rev = btohs(rp->hci_rev);
351 hdev->manufacturer = btohs(rp->manufacturer);
353 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
355 hdev->hci_ver, hdev->hci_rev);
358 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
360 struct hci_rp_read_local_commands *rp = (void *) skb->data;
362 BT_DBG("%s status 0x%x", hdev->name, rp->status);
367 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
370 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
372 struct hci_rp_read_local_features *rp = (void *) skb->data;
374 BT_DBG("%s status 0x%x", hdev->name, rp->status);
379 memcpy(hdev->features, rp->features, 8);
381 /* Adjust default settings according to features
382 * supported by device. */
384 if (hdev->features[0] & LMP_3SLOT)
385 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
387 if (hdev->features[0] & LMP_5SLOT)
388 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
390 if (hdev->features[1] & LMP_HV2) {
391 hdev->pkt_type |= (HCI_HV2);
392 hdev->esco_type |= (ESCO_HV2);
395 if (hdev->features[1] & LMP_HV3) {
396 hdev->pkt_type |= (HCI_HV3);
397 hdev->esco_type |= (ESCO_HV3);
400 if (hdev->features[3] & LMP_ESCO)
401 hdev->esco_type |= (ESCO_EV3);
403 if (hdev->features[4] & LMP_EV4)
404 hdev->esco_type |= (ESCO_EV4);
406 if (hdev->features[4] & LMP_EV5)
407 hdev->esco_type |= (ESCO_EV5);
409 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
410 hdev->features[0], hdev->features[1],
411 hdev->features[2], hdev->features[3],
412 hdev->features[4], hdev->features[5],
413 hdev->features[6], hdev->features[7]);
416 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
418 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
420 BT_DBG("%s status 0x%x", hdev->name, rp->status);
425 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
426 hdev->sco_mtu = rp->sco_mtu;
427 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
428 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
430 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
435 hdev->acl_cnt = hdev->acl_pkts;
436 hdev->sco_cnt = hdev->sco_pkts;
438 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
439 hdev->acl_mtu, hdev->acl_pkts,
440 hdev->sco_mtu, hdev->sco_pkts);
443 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
445 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
447 BT_DBG("%s status 0x%x", hdev->name, rp->status);
450 bacpy(&hdev->bdaddr, &rp->bdaddr);
452 hci_req_complete(hdev, rp->status);
455 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
457 BT_DBG("%s status 0x%x", hdev->name, status);
460 hci_req_complete(hdev, status);
462 hci_conn_check_pending(hdev);
464 set_bit(HCI_INQUIRY, &hdev->flags);
467 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
469 struct hci_cp_create_conn *cp;
470 struct hci_conn *conn;
472 BT_DBG("%s status 0x%x", hdev->name, status);
474 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
480 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
482 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
485 if (conn && conn->state == BT_CONNECT) {
486 if (status != 0x0c || conn->attempt > 2) {
487 conn->state = BT_CLOSED;
488 hci_proto_connect_cfm(conn, status);
491 conn->state = BT_CONNECT2;
495 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
498 conn->link_mode |= HCI_LM_MASTER;
500 BT_ERR("No memmory for new connection");
504 hci_dev_unlock(hdev);
507 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
509 struct hci_cp_add_sco *cp;
510 struct hci_conn *acl, *sco;
513 BT_DBG("%s status 0x%x", hdev->name, status);
518 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
522 handle = __le16_to_cpu(cp->handle);
524 BT_DBG("%s handle %d", hdev->name, handle);
528 acl = hci_conn_hash_lookup_handle(hdev, handle);
529 if (acl && (sco = acl->link)) {
530 sco->state = BT_CLOSED;
532 hci_proto_connect_cfm(sco, status);
536 hci_dev_unlock(hdev);
539 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
541 BT_DBG("%s status 0x%x", hdev->name, status);
544 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
546 struct hci_cp_setup_sync_conn *cp;
547 struct hci_conn *acl, *sco;
550 BT_DBG("%s status 0x%x", hdev->name, status);
555 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
559 handle = __le16_to_cpu(cp->handle);
561 BT_DBG("%s handle %d", hdev->name, handle);
565 acl = hci_conn_hash_lookup_handle(hdev, handle);
566 if (acl && (sco = acl->link)) {
567 sco->state = BT_CLOSED;
569 hci_proto_connect_cfm(sco, status);
573 hci_dev_unlock(hdev);
576 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
578 struct hci_cp_sniff_mode *cp;
579 struct hci_conn *conn;
581 BT_DBG("%s status 0x%x", hdev->name, status);
586 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
592 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
594 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
596 hci_dev_unlock(hdev);
599 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
601 struct hci_cp_exit_sniff_mode *cp;
602 struct hci_conn *conn;
604 BT_DBG("%s status 0x%x", hdev->name, status);
609 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
615 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
617 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
619 hci_dev_unlock(hdev);
622 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
624 __u8 status = *((__u8 *) skb->data);
626 BT_DBG("%s status %d", hdev->name, status);
628 clear_bit(HCI_INQUIRY, &hdev->flags);
630 hci_req_complete(hdev, status);
632 hci_conn_check_pending(hdev);
635 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
637 struct inquiry_data data;
638 struct inquiry_info *info = (void *) (skb->data + 1);
639 int num_rsp = *((__u8 *) skb->data);
641 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
648 for (; num_rsp; num_rsp--) {
649 bacpy(&data.bdaddr, &info->bdaddr);
650 data.pscan_rep_mode = info->pscan_rep_mode;
651 data.pscan_period_mode = info->pscan_period_mode;
652 data.pscan_mode = info->pscan_mode;
653 memcpy(data.dev_class, info->dev_class, 3);
654 data.clock_offset = info->clock_offset;
657 hci_inquiry_cache_update(hdev, &data);
660 hci_dev_unlock(hdev);
663 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
665 struct hci_ev_conn_complete *ev = (void *) skb->data;
666 struct hci_conn *conn;
668 BT_DBG("%s", hdev->name);
672 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
677 conn->handle = __le16_to_cpu(ev->handle);
678 conn->state = BT_CONNECTED;
680 if (test_bit(HCI_AUTH, &hdev->flags))
681 conn->link_mode |= HCI_LM_AUTH;
683 if (test_bit(HCI_ENCRYPT, &hdev->flags))
684 conn->link_mode |= HCI_LM_ENCRYPT;
686 /* Get remote features */
687 if (conn->type == ACL_LINK) {
688 struct hci_cp_read_remote_features cp;
689 cp.handle = ev->handle;
690 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES, sizeof(cp), &cp);
693 /* Set link policy */
694 if (conn->type == ACL_LINK && hdev->link_policy) {
695 struct hci_cp_write_link_policy cp;
696 cp.handle = ev->handle;
697 cp.policy = cpu_to_le16(hdev->link_policy);
698 hci_send_cmd(hdev, HCI_OP_WRITE_LINK_POLICY, sizeof(cp), &cp);
701 /* Set packet type for incoming connection */
703 struct hci_cp_change_conn_ptype cp;
704 cp.handle = ev->handle;
705 cp.pkt_type = (conn->type == ACL_LINK) ?
706 cpu_to_le16(hdev->pkt_type & ACL_PTYPE_MASK):
707 cpu_to_le16(hdev->pkt_type & SCO_PTYPE_MASK);
709 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE, sizeof(cp), &cp);
711 /* Update disconnect timer */
716 conn->state = BT_CLOSED;
718 if (conn->type == ACL_LINK) {
719 struct hci_conn *sco = conn->link;
722 if (lmp_esco_capable(hdev))
723 hci_setup_sync(sco, conn->handle);
725 hci_add_sco(sco, conn->handle);
727 hci_proto_connect_cfm(sco, ev->status);
733 hci_proto_connect_cfm(conn, ev->status);
738 hci_dev_unlock(hdev);
740 hci_conn_check_pending(hdev);
743 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
745 struct hci_ev_conn_request *ev = (void *) skb->data;
746 int mask = hdev->link_mode;
748 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
749 batostr(&ev->bdaddr), ev->link_type);
751 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
753 if (mask & HCI_LM_ACCEPT) {
754 /* Connection accepted */
755 struct hci_conn *conn;
759 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
761 if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) {
762 BT_ERR("No memmory for new connection");
763 hci_dev_unlock(hdev);
768 memcpy(conn->dev_class, ev->dev_class, 3);
769 conn->state = BT_CONNECT;
771 hci_dev_unlock(hdev);
773 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
774 struct hci_cp_accept_conn_req cp;
776 bacpy(&cp.bdaddr, &ev->bdaddr);
778 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
779 cp.role = 0x00; /* Become master */
781 cp.role = 0x01; /* Remain slave */
783 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
786 struct hci_cp_accept_sync_conn_req cp;
788 bacpy(&cp.bdaddr, &ev->bdaddr);
789 cp.pkt_type = cpu_to_le16(hdev->esco_type);
791 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
792 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
793 cp.max_latency = cpu_to_le16(0xffff);
794 cp.content_format = cpu_to_le16(hdev->voice_setting);
795 cp.retrans_effort = 0xff;
797 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
801 /* Connection rejected */
802 struct hci_cp_reject_conn_req cp;
804 bacpy(&cp.bdaddr, &ev->bdaddr);
806 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
810 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
812 struct hci_ev_disconn_complete *ev = (void *) skb->data;
813 struct hci_conn *conn;
815 BT_DBG("%s status %d", hdev->name, ev->status);
822 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
824 conn->state = BT_CLOSED;
825 hci_proto_disconn_ind(conn, ev->reason);
829 hci_dev_unlock(hdev);
832 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
834 struct hci_ev_auth_complete *ev = (void *) skb->data;
835 struct hci_conn *conn;
837 BT_DBG("%s status %d", hdev->name, ev->status);
841 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
844 conn->link_mode |= HCI_LM_AUTH;
846 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
848 hci_auth_cfm(conn, ev->status);
850 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
852 struct hci_cp_set_conn_encrypt cp;
853 cp.handle = cpu_to_le16(conn->handle);
855 hci_send_cmd(conn->hdev,
856 HCI_OP_SET_CONN_ENCRYPT, sizeof(cp), &cp);
858 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
859 hci_encrypt_cfm(conn, ev->status, 0x00);
864 hci_dev_unlock(hdev);
867 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
869 BT_DBG("%s", hdev->name);
871 hci_conn_check_pending(hdev);
874 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
876 struct hci_ev_encrypt_change *ev = (void *) skb->data;
877 struct hci_conn *conn;
879 BT_DBG("%s status %d", hdev->name, ev->status);
883 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
887 /* Encryption implies authentication */
888 conn->link_mode |= HCI_LM_AUTH;
889 conn->link_mode |= HCI_LM_ENCRYPT;
891 conn->link_mode &= ~HCI_LM_ENCRYPT;
894 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
896 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
899 hci_dev_unlock(hdev);
902 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
904 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
905 struct hci_conn *conn;
907 BT_DBG("%s status %d", hdev->name, ev->status);
911 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
914 conn->link_mode |= HCI_LM_SECURE;
916 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
918 hci_key_change_cfm(conn, ev->status);
921 hci_dev_unlock(hdev);
924 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
926 struct hci_ev_remote_features *ev = (void *) skb->data;
927 struct hci_conn *conn;
929 BT_DBG("%s status %d", hdev->name, ev->status);
936 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
938 memcpy(conn->features, ev->features, 8);
940 hci_dev_unlock(hdev);
943 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
945 BT_DBG("%s", hdev->name);
948 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
950 BT_DBG("%s", hdev->name);
953 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
955 struct hci_ev_cmd_complete *ev = (void *) skb->data;
958 skb_pull(skb, sizeof(*ev));
960 opcode = __le16_to_cpu(ev->opcode);
963 case HCI_OP_INQUIRY_CANCEL:
964 hci_cc_inquiry_cancel(hdev, skb);
967 case HCI_OP_EXIT_PERIODIC_INQ:
968 hci_cc_exit_periodic_inq(hdev, skb);
971 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
972 hci_cc_remote_name_req_cancel(hdev, skb);
975 case HCI_OP_ROLE_DISCOVERY:
976 hci_cc_role_discovery(hdev, skb);
979 case HCI_OP_WRITE_LINK_POLICY:
980 hci_cc_write_link_policy(hdev, skb);
984 hci_cc_reset(hdev, skb);
987 case HCI_OP_WRITE_LOCAL_NAME:
988 hci_cc_write_local_name(hdev, skb);
991 case HCI_OP_READ_LOCAL_NAME:
992 hci_cc_read_local_name(hdev, skb);
995 case HCI_OP_WRITE_AUTH_ENABLE:
996 hci_cc_write_auth_enable(hdev, skb);
999 case HCI_OP_WRITE_ENCRYPT_MODE:
1000 hci_cc_write_encrypt_mode(hdev, skb);
1003 case HCI_OP_WRITE_SCAN_ENABLE:
1004 hci_cc_write_scan_enable(hdev, skb);
1007 case HCI_OP_READ_CLASS_OF_DEV:
1008 hci_cc_read_class_of_dev(hdev, skb);
1011 case HCI_OP_WRITE_CLASS_OF_DEV:
1012 hci_cc_write_class_of_dev(hdev, skb);
1015 case HCI_OP_READ_VOICE_SETTING:
1016 hci_cc_read_voice_setting(hdev, skb);
1019 case HCI_OP_WRITE_VOICE_SETTING:
1020 hci_cc_write_voice_setting(hdev, skb);
1023 case HCI_OP_HOST_BUFFER_SIZE:
1024 hci_cc_host_buffer_size(hdev, skb);
1027 case HCI_OP_READ_LOCAL_VERSION:
1028 hci_cc_read_local_version(hdev, skb);
1031 case HCI_OP_READ_LOCAL_COMMANDS:
1032 hci_cc_read_local_commands(hdev, skb);
1035 case HCI_OP_READ_LOCAL_FEATURES:
1036 hci_cc_read_local_features(hdev, skb);
1039 case HCI_OP_READ_BUFFER_SIZE:
1040 hci_cc_read_buffer_size(hdev, skb);
1043 case HCI_OP_READ_BD_ADDR:
1044 hci_cc_read_bd_addr(hdev, skb);
1048 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1053 atomic_set(&hdev->cmd_cnt, 1);
1054 if (!skb_queue_empty(&hdev->cmd_q))
1055 hci_sched_cmd(hdev);
1059 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1061 struct hci_ev_cmd_status *ev = (void *) skb->data;
1064 skb_pull(skb, sizeof(*ev));
1066 opcode = __le16_to_cpu(ev->opcode);
1069 case HCI_OP_INQUIRY:
1070 hci_cs_inquiry(hdev, ev->status);
1073 case HCI_OP_CREATE_CONN:
1074 hci_cs_create_conn(hdev, ev->status);
1077 case HCI_OP_ADD_SCO:
1078 hci_cs_add_sco(hdev, ev->status);
1081 case HCI_OP_REMOTE_NAME_REQ:
1082 hci_cs_remote_name_req(hdev, ev->status);
1085 case HCI_OP_SETUP_SYNC_CONN:
1086 hci_cs_setup_sync_conn(hdev, ev->status);
1089 case HCI_OP_SNIFF_MODE:
1090 hci_cs_sniff_mode(hdev, ev->status);
1093 case HCI_OP_EXIT_SNIFF_MODE:
1094 hci_cs_exit_sniff_mode(hdev, ev->status);
1098 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1103 atomic_set(&hdev->cmd_cnt, 1);
1104 if (!skb_queue_empty(&hdev->cmd_q))
1105 hci_sched_cmd(hdev);
1109 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1111 struct hci_ev_role_change *ev = (void *) skb->data;
1112 struct hci_conn *conn;
1114 BT_DBG("%s status %d", hdev->name, ev->status);
1118 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1122 conn->link_mode &= ~HCI_LM_MASTER;
1124 conn->link_mode |= HCI_LM_MASTER;
1127 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1129 hci_role_switch_cfm(conn, ev->status, ev->role);
1132 hci_dev_unlock(hdev);
1135 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1137 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1141 skb_pull(skb, sizeof(*ev));
1143 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1145 if (skb->len < ev->num_hndl * 4) {
1146 BT_DBG("%s bad parameters", hdev->name);
1150 tasklet_disable(&hdev->tx_task);
1152 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1153 struct hci_conn *conn;
1154 __u16 handle, count;
1156 handle = get_unaligned_le16(ptr++);
1157 count = get_unaligned_le16(ptr++);
1159 conn = hci_conn_hash_lookup_handle(hdev, handle);
1161 conn->sent -= count;
1163 if (conn->type == ACL_LINK) {
1164 if ((hdev->acl_cnt += count) > hdev->acl_pkts)
1165 hdev->acl_cnt = hdev->acl_pkts;
1167 if ((hdev->sco_cnt += count) > hdev->sco_pkts)
1168 hdev->sco_cnt = hdev->sco_pkts;
1175 tasklet_enable(&hdev->tx_task);
1178 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1180 struct hci_ev_mode_change *ev = (void *) skb->data;
1181 struct hci_conn *conn;
1183 BT_DBG("%s status %d", hdev->name, ev->status);
1187 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1189 conn->mode = ev->mode;
1190 conn->interval = __le16_to_cpu(ev->interval);
1192 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1193 if (conn->mode == HCI_CM_ACTIVE)
1194 conn->power_save = 1;
1196 conn->power_save = 0;
1200 hci_dev_unlock(hdev);
1203 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1205 BT_DBG("%s", hdev->name);
1208 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1210 BT_DBG("%s", hdev->name);
1213 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1215 BT_DBG("%s", hdev->name);
1218 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1220 struct hci_ev_clock_offset *ev = (void *) skb->data;
1221 struct hci_conn *conn;
1223 BT_DBG("%s status %d", hdev->name, ev->status);
1227 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1228 if (conn && !ev->status) {
1229 struct inquiry_entry *ie;
1231 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
1232 ie->data.clock_offset = ev->clock_offset;
1233 ie->timestamp = jiffies;
1237 hci_dev_unlock(hdev);
1240 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1242 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
1243 struct inquiry_entry *ie;
1245 BT_DBG("%s", hdev->name);
1249 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) {
1250 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1251 ie->timestamp = jiffies;
1254 hci_dev_unlock(hdev);
1257 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1259 struct inquiry_data data;
1260 int num_rsp = *((__u8 *) skb->data);
1262 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1269 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1270 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1272 for (; num_rsp; num_rsp--) {
1273 bacpy(&data.bdaddr, &info->bdaddr);
1274 data.pscan_rep_mode = info->pscan_rep_mode;
1275 data.pscan_period_mode = info->pscan_period_mode;
1276 data.pscan_mode = info->pscan_mode;
1277 memcpy(data.dev_class, info->dev_class, 3);
1278 data.clock_offset = info->clock_offset;
1279 data.rssi = info->rssi;
1281 hci_inquiry_cache_update(hdev, &data);
1284 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1286 for (; num_rsp; num_rsp--) {
1287 bacpy(&data.bdaddr, &info->bdaddr);
1288 data.pscan_rep_mode = info->pscan_rep_mode;
1289 data.pscan_period_mode = info->pscan_period_mode;
1290 data.pscan_mode = 0x00;
1291 memcpy(data.dev_class, info->dev_class, 3);
1292 data.clock_offset = info->clock_offset;
1293 data.rssi = info->rssi;
1295 hci_inquiry_cache_update(hdev, &data);
1299 hci_dev_unlock(hdev);
1302 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1304 BT_DBG("%s", hdev->name);
1307 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1309 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
1310 struct hci_conn *conn;
1312 BT_DBG("%s status %d", hdev->name, ev->status);
1316 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1318 if (ev->link_type == ESCO_LINK)
1321 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1325 conn->type = SCO_LINK;
1329 conn->handle = __le16_to_cpu(ev->handle);
1330 conn->state = BT_CONNECTED;
1332 conn->state = BT_CLOSED;
1334 hci_proto_connect_cfm(conn, ev->status);
1339 hci_dev_unlock(hdev);
1342 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
1344 BT_DBG("%s", hdev->name);
1347 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
1349 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
1350 struct hci_conn *conn;
1352 BT_DBG("%s status %d", hdev->name, ev->status);
1356 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1360 hci_dev_unlock(hdev);
1363 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1365 struct inquiry_data data;
1366 struct extended_inquiry_info *info = (void *) (skb->data + 1);
1367 int num_rsp = *((__u8 *) skb->data);
1369 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1376 for (; num_rsp; num_rsp--) {
1377 bacpy(&data.bdaddr, &info->bdaddr);
1378 data.pscan_rep_mode = info->pscan_rep_mode;
1379 data.pscan_period_mode = info->pscan_period_mode;
1380 data.pscan_mode = 0x00;
1381 memcpy(data.dev_class, info->dev_class, 3);
1382 data.clock_offset = info->clock_offset;
1383 data.rssi = info->rssi;
1385 hci_inquiry_cache_update(hdev, &data);
1388 hci_dev_unlock(hdev);
1391 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
1393 struct hci_event_hdr *hdr = (void *) skb->data;
1394 __u8 event = hdr->evt;
1396 skb_pull(skb, HCI_EVENT_HDR_SIZE);
1399 case HCI_EV_INQUIRY_COMPLETE:
1400 hci_inquiry_complete_evt(hdev, skb);
1403 case HCI_EV_INQUIRY_RESULT:
1404 hci_inquiry_result_evt(hdev, skb);
1407 case HCI_EV_CONN_COMPLETE:
1408 hci_conn_complete_evt(hdev, skb);
1411 case HCI_EV_CONN_REQUEST:
1412 hci_conn_request_evt(hdev, skb);
1415 case HCI_EV_DISCONN_COMPLETE:
1416 hci_disconn_complete_evt(hdev, skb);
1419 case HCI_EV_AUTH_COMPLETE:
1420 hci_auth_complete_evt(hdev, skb);
1423 case HCI_EV_REMOTE_NAME:
1424 hci_remote_name_evt(hdev, skb);
1427 case HCI_EV_ENCRYPT_CHANGE:
1428 hci_encrypt_change_evt(hdev, skb);
1431 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
1432 hci_change_link_key_complete_evt(hdev, skb);
1435 case HCI_EV_REMOTE_FEATURES:
1436 hci_remote_features_evt(hdev, skb);
1439 case HCI_EV_REMOTE_VERSION:
1440 hci_remote_version_evt(hdev, skb);
1443 case HCI_EV_QOS_SETUP_COMPLETE:
1444 hci_qos_setup_complete_evt(hdev, skb);
1447 case HCI_EV_CMD_COMPLETE:
1448 hci_cmd_complete_evt(hdev, skb);
1451 case HCI_EV_CMD_STATUS:
1452 hci_cmd_status_evt(hdev, skb);
1455 case HCI_EV_ROLE_CHANGE:
1456 hci_role_change_evt(hdev, skb);
1459 case HCI_EV_NUM_COMP_PKTS:
1460 hci_num_comp_pkts_evt(hdev, skb);
1463 case HCI_EV_MODE_CHANGE:
1464 hci_mode_change_evt(hdev, skb);
1467 case HCI_EV_PIN_CODE_REQ:
1468 hci_pin_code_request_evt(hdev, skb);
1471 case HCI_EV_LINK_KEY_REQ:
1472 hci_link_key_request_evt(hdev, skb);
1475 case HCI_EV_LINK_KEY_NOTIFY:
1476 hci_link_key_notify_evt(hdev, skb);
1479 case HCI_EV_CLOCK_OFFSET:
1480 hci_clock_offset_evt(hdev, skb);
1483 case HCI_EV_PSCAN_REP_MODE:
1484 hci_pscan_rep_mode_evt(hdev, skb);
1487 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
1488 hci_inquiry_result_with_rssi_evt(hdev, skb);
1491 case HCI_EV_REMOTE_EXT_FEATURES:
1492 hci_remote_ext_features_evt(hdev, skb);
1495 case HCI_EV_SYNC_CONN_COMPLETE:
1496 hci_sync_conn_complete_evt(hdev, skb);
1499 case HCI_EV_SYNC_CONN_CHANGED:
1500 hci_sync_conn_changed_evt(hdev, skb);
1503 case HCI_EV_SNIFF_SUBRATE:
1504 hci_sniff_subrate_evt(hdev, skb);
1507 case HCI_EV_EXTENDED_INQUIRY_RESULT:
1508 hci_extended_inquiry_result_evt(hdev, skb);
1512 BT_DBG("%s event 0x%x", hdev->name, event);
1517 hdev->stat.evt_rx++;
1520 /* Generate internal stack event */
1521 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
1523 struct hci_event_hdr *hdr;
1524 struct hci_ev_stack_internal *ev;
1525 struct sk_buff *skb;
1527 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
1531 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
1532 hdr->evt = HCI_EV_STACK_INTERNAL;
1533 hdr->plen = sizeof(*ev) + dlen;
1535 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
1537 memcpy(ev->data, data, dlen);
1539 bt_cb(skb)->incoming = 1;
1540 __net_timestamp(skb);
1542 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1543 skb->dev = (void *) hdev;
1544 hci_send_to_sock(hdev, skb);