2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <linux/module.h>
27 #include <asm/unaligned.h>
29 #include <net/bluetooth/bluetooth.h>
30 #include <net/bluetooth/hci_core.h>
31 #include <net/bluetooth/mgmt.h>
33 #define MGMT_VERSION 0
34 #define MGMT_REVISION 1
37 struct list_head list;
45 static LIST_HEAD(cmd_list);
47 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
51 struct mgmt_ev_cmd_status *ev;
53 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
55 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
59 hdr = (void *) skb_put(skb, sizeof(*hdr));
61 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
62 hdr->index = cpu_to_le16(index);
63 hdr->len = cpu_to_le16(sizeof(*ev));
65 ev = (void *) skb_put(skb, sizeof(*ev));
67 put_unaligned_le16(cmd, &ev->opcode);
69 if (sock_queue_rcv_skb(sk, skb) < 0)
75 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
80 struct mgmt_ev_cmd_complete *ev;
82 BT_DBG("sock %p", sk);
84 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
88 hdr = (void *) skb_put(skb, sizeof(*hdr));
90 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
91 hdr->index = cpu_to_le16(index);
92 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
94 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
95 put_unaligned_le16(cmd, &ev->opcode);
98 memcpy(ev->data, rp, rp_len);
100 if (sock_queue_rcv_skb(sk, skb) < 0)
106 static int read_version(struct sock *sk)
108 struct mgmt_rp_read_version rp;
110 BT_DBG("sock %p", sk);
112 rp.version = MGMT_VERSION;
113 put_unaligned_le16(MGMT_REVISION, &rp.revision);
115 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
119 static int read_index_list(struct sock *sk)
121 struct mgmt_rp_read_index_list *rp;
127 BT_DBG("sock %p", sk);
129 read_lock(&hci_dev_list_lock);
132 list_for_each(p, &hci_dev_list) {
136 rp_len = sizeof(*rp) + (2 * count);
137 rp = kmalloc(rp_len, GFP_ATOMIC);
139 read_unlock(&hci_dev_list_lock);
143 put_unaligned_le16(count, &rp->num_controllers);
146 list_for_each(p, &hci_dev_list) {
147 struct hci_dev *d = list_entry(p, struct hci_dev, list);
149 hci_del_off_timer(d);
151 if (test_bit(HCI_SETUP, &d->flags))
154 put_unaligned_le16(d->id, &rp->index[i++]);
155 BT_DBG("Added hci%u", d->id);
158 read_unlock(&hci_dev_list_lock);
160 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
168 static int read_controller_info(struct sock *sk, u16 index)
170 struct mgmt_rp_read_info rp;
171 struct hci_dev *hdev;
173 BT_DBG("sock %p hci%u", sk, index);
175 hdev = hci_dev_get(index);
177 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
179 hci_del_off_timer(hdev);
181 hci_dev_lock_bh(hdev);
183 set_bit(HCI_MGMT, &hdev->flags);
185 memset(&rp, 0, sizeof(rp));
187 rp.type = hdev->dev_type;
189 rp.powered = test_bit(HCI_UP, &hdev->flags);
190 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
191 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
192 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
194 if (test_bit(HCI_AUTH, &hdev->flags))
196 else if (hdev->ssp_mode > 0)
201 bacpy(&rp.bdaddr, &hdev->bdaddr);
202 memcpy(rp.features, hdev->features, 8);
203 memcpy(rp.dev_class, hdev->dev_class, 3);
204 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
205 rp.hci_ver = hdev->hci_ver;
206 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
208 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
210 hci_dev_unlock_bh(hdev);
213 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
216 static void mgmt_pending_free(struct pending_cmd *cmd)
223 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
224 u16 index, void *data, u16 len)
226 struct pending_cmd *cmd;
228 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
232 cmd->opcode = opcode;
235 cmd->param = kmalloc(len, GFP_ATOMIC);
242 memcpy(cmd->param, data, len);
247 list_add(&cmd->list, &cmd_list);
252 static void mgmt_pending_foreach(u16 opcode, int index,
253 void (*cb)(struct pending_cmd *cmd, void *data),
256 struct list_head *p, *n;
258 list_for_each_safe(p, n, &cmd_list) {
259 struct pending_cmd *cmd;
261 cmd = list_entry(p, struct pending_cmd, list);
263 if (cmd->opcode != opcode)
266 if (index >= 0 && cmd->index != index)
273 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
277 list_for_each(p, &cmd_list) {
278 struct pending_cmd *cmd;
280 cmd = list_entry(p, struct pending_cmd, list);
282 if (cmd->opcode != opcode)
285 if (index >= 0 && cmd->index != index)
294 static void mgmt_pending_remove(struct pending_cmd *cmd)
296 list_del(&cmd->list);
297 mgmt_pending_free(cmd);
300 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
302 struct mgmt_mode *cp;
303 struct hci_dev *hdev;
304 struct pending_cmd *cmd;
309 BT_DBG("request for hci%u", index);
311 if (len != sizeof(*cp))
312 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
314 hdev = hci_dev_get(index);
316 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
318 hci_dev_lock_bh(hdev);
320 up = test_bit(HCI_UP, &hdev->flags);
321 if ((cp->val && up) || (!cp->val && !up)) {
322 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
326 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
327 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
331 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
338 queue_work(hdev->workqueue, &hdev->power_on);
340 queue_work(hdev->workqueue, &hdev->power_off);
345 hci_dev_unlock_bh(hdev);
350 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
353 struct mgmt_mode *cp;
354 struct hci_dev *hdev;
355 struct pending_cmd *cmd;
361 BT_DBG("request for hci%u", index);
363 if (len != sizeof(*cp))
364 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
366 hdev = hci_dev_get(index);
368 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
370 hci_dev_lock_bh(hdev);
372 if (!test_bit(HCI_UP, &hdev->flags)) {
373 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
377 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
378 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
379 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
383 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
384 test_bit(HCI_PSCAN, &hdev->flags)) {
385 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
389 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
398 scan |= SCAN_INQUIRY;
400 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
402 mgmt_pending_remove(cmd);
405 hci_dev_unlock_bh(hdev);
411 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
414 struct mgmt_mode *cp;
415 struct hci_dev *hdev;
416 struct pending_cmd *cmd;
422 BT_DBG("request for hci%u", index);
424 if (len != sizeof(*cp))
425 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
427 hdev = hci_dev_get(index);
429 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
431 hci_dev_lock_bh(hdev);
433 if (!test_bit(HCI_UP, &hdev->flags)) {
434 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
438 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
439 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
440 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
444 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
445 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
449 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
460 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
462 mgmt_pending_remove(cmd);
465 hci_dev_unlock_bh(hdev);
471 static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
472 struct sock *skip_sk)
475 struct mgmt_hdr *hdr;
477 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
481 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
483 hdr = (void *) skb_put(skb, sizeof(*hdr));
484 hdr->opcode = cpu_to_le16(event);
485 hdr->index = cpu_to_le16(index);
486 hdr->len = cpu_to_le16(data_len);
489 memcpy(skb_put(skb, data_len), data, data_len);
491 hci_send_to_sock(NULL, skb, skip_sk);
497 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
503 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
506 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
509 struct mgmt_mode *cp, ev;
510 struct hci_dev *hdev;
515 BT_DBG("request for hci%u", index);
517 if (len != sizeof(*cp))
518 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
520 hdev = hci_dev_get(index);
522 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
524 hci_dev_lock_bh(hdev);
527 set_bit(HCI_PAIRABLE, &hdev->flags);
529 clear_bit(HCI_PAIRABLE, &hdev->flags);
531 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
537 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
540 hci_dev_unlock_bh(hdev);
546 #define EIR_FLAGS 0x01 /* flags */
547 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
548 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
549 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
550 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
551 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
552 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
553 #define EIR_NAME_SHORT 0x08 /* shortened local name */
554 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
555 #define EIR_TX_POWER 0x0A /* transmit power level */
556 #define EIR_DEVICE_ID 0x10 /* device ID */
558 #define PNP_INFO_SVCLASS_ID 0x1200
560 static u8 bluetooth_base_uuid[] = {
561 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
562 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
565 static u16 get_uuid16(u8 *uuid128)
570 for (i = 0; i < 12; i++) {
571 if (bluetooth_base_uuid[i] != uuid128[i])
575 memcpy(&val, &uuid128[12], 4);
577 val = le32_to_cpu(val);
584 static void create_eir(struct hci_dev *hdev, u8 *data)
588 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
589 int i, truncated = 0;
593 name_len = strlen(hdev->dev_name);
599 ptr[1] = EIR_NAME_SHORT;
601 ptr[1] = EIR_NAME_COMPLETE;
603 /* EIR Data length */
604 ptr[0] = name_len + 1;
606 memcpy(ptr + 2, hdev->dev_name, name_len);
608 eir_len += (name_len + 2);
609 ptr += (name_len + 2);
612 memset(uuid16_list, 0, sizeof(uuid16_list));
614 /* Group all UUID16 types */
615 list_for_each(p, &hdev->uuids) {
616 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
619 uuid16 = get_uuid16(uuid->uuid);
626 if (uuid16 == PNP_INFO_SVCLASS_ID)
629 /* Stop if not enough space to put next UUID */
630 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
635 /* Check for duplicates */
636 for (i = 0; uuid16_list[i] != 0; i++)
637 if (uuid16_list[i] == uuid16)
640 if (uuid16_list[i] == 0) {
641 uuid16_list[i] = uuid16;
642 eir_len += sizeof(u16);
646 if (uuid16_list[0] != 0) {
650 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
655 for (i = 0; uuid16_list[i] != 0; i++) {
656 *ptr++ = (uuid16_list[i] & 0x00ff);
657 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
660 /* EIR Data length */
661 *length = (i * sizeof(u16)) + 1;
665 static int update_eir(struct hci_dev *hdev)
667 struct hci_cp_write_eir cp;
669 if (!(hdev->features[6] & LMP_EXT_INQ))
672 if (hdev->ssp_mode == 0)
675 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
678 memset(&cp, 0, sizeof(cp));
680 create_eir(hdev, cp.data);
682 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
685 memcpy(hdev->eir, cp.data, sizeof(cp.data));
687 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
690 static u8 get_service_classes(struct hci_dev *hdev)
695 list_for_each(p, &hdev->uuids) {
696 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
698 val |= uuid->svc_hint;
704 static int update_class(struct hci_dev *hdev)
708 BT_DBG("%s", hdev->name);
710 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
713 cod[0] = hdev->minor_class;
714 cod[1] = hdev->major_class;
715 cod[2] = get_service_classes(hdev);
717 if (memcmp(cod, hdev->dev_class, 3) == 0)
720 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
723 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
725 struct mgmt_cp_add_uuid *cp;
726 struct hci_dev *hdev;
727 struct bt_uuid *uuid;
732 BT_DBG("request for hci%u", index);
734 if (len != sizeof(*cp))
735 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
737 hdev = hci_dev_get(index);
739 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
741 hci_dev_lock_bh(hdev);
743 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
749 memcpy(uuid->uuid, cp->uuid, 16);
750 uuid->svc_hint = cp->svc_hint;
752 list_add(&uuid->list, &hdev->uuids);
754 err = update_class(hdev);
758 err = update_eir(hdev);
762 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
765 hci_dev_unlock_bh(hdev);
771 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
773 struct list_head *p, *n;
774 struct mgmt_cp_remove_uuid *cp;
775 struct hci_dev *hdev;
776 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
781 BT_DBG("request for hci%u", index);
783 if (len != sizeof(*cp))
784 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
786 hdev = hci_dev_get(index);
788 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
790 hci_dev_lock_bh(hdev);
792 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
793 err = hci_uuids_clear(hdev);
799 list_for_each_safe(p, n, &hdev->uuids) {
800 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
802 if (memcmp(match->uuid, cp->uuid, 16) != 0)
805 list_del(&match->list);
810 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
814 err = update_class(hdev);
818 err = update_eir(hdev);
822 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
825 hci_dev_unlock_bh(hdev);
831 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
834 struct hci_dev *hdev;
835 struct mgmt_cp_set_dev_class *cp;
840 BT_DBG("request for hci%u", index);
842 if (len != sizeof(*cp))
843 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
845 hdev = hci_dev_get(index);
847 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
849 hci_dev_lock_bh(hdev);
851 hdev->major_class = cp->major;
852 hdev->minor_class = cp->minor;
854 err = update_class(hdev);
857 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
859 hci_dev_unlock_bh(hdev);
865 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
868 struct hci_dev *hdev;
869 struct mgmt_cp_set_service_cache *cp;
874 if (len != sizeof(*cp))
875 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
877 hdev = hci_dev_get(index);
879 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
881 hci_dev_lock_bh(hdev);
883 BT_DBG("hci%u enable %d", index, cp->enable);
886 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
889 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
890 err = update_class(hdev);
892 err = update_eir(hdev);
896 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
899 hci_dev_unlock_bh(hdev);
905 static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len)
907 struct hci_dev *hdev;
908 struct mgmt_cp_load_keys *cp;
909 u16 key_count, expected_len;
914 if (len < sizeof(*cp))
917 key_count = get_unaligned_le16(&cp->key_count);
919 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
920 if (expected_len != len) {
921 BT_ERR("load_keys: expected %u bytes, got %u bytes",
926 hdev = hci_dev_get(index);
928 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV);
930 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
933 hci_dev_lock_bh(hdev);
935 hci_link_keys_clear(hdev);
937 set_bit(HCI_LINK_KEYS, &hdev->flags);
940 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
942 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
944 for (i = 0; i < key_count; i++) {
945 struct mgmt_key_info *key = &cp->keys[i];
947 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
951 hci_dev_unlock_bh(hdev);
957 static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len)
959 struct hci_dev *hdev;
960 struct mgmt_cp_remove_key *cp;
961 struct hci_conn *conn;
966 if (len != sizeof(*cp))
967 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL);
969 hdev = hci_dev_get(index);
971 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV);
973 hci_dev_lock_bh(hdev);
975 err = hci_remove_link_key(hdev, &cp->bdaddr);
977 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err);
983 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
986 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
988 struct hci_cp_disconnect dc;
990 put_unaligned_le16(conn->handle, &dc.handle);
991 dc.reason = 0x13; /* Remote User Terminated Connection */
992 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
996 hci_dev_unlock_bh(hdev);
1002 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1004 struct hci_dev *hdev;
1005 struct mgmt_cp_disconnect *cp;
1006 struct hci_cp_disconnect dc;
1007 struct pending_cmd *cmd;
1008 struct hci_conn *conn;
1015 if (len != sizeof(*cp))
1016 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1018 hdev = hci_dev_get(index);
1020 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
1022 hci_dev_lock_bh(hdev);
1024 if (!test_bit(HCI_UP, &hdev->flags)) {
1025 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
1029 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1030 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
1034 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1036 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1039 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
1043 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
1049 put_unaligned_le16(conn->handle, &dc.handle);
1050 dc.reason = 0x13; /* Remote User Terminated Connection */
1052 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1054 mgmt_pending_remove(cmd);
1057 hci_dev_unlock_bh(hdev);
1063 static int get_connections(struct sock *sk, u16 index)
1065 struct mgmt_rp_get_connections *rp;
1066 struct hci_dev *hdev;
1067 struct list_head *p;
1074 hdev = hci_dev_get(index);
1076 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
1078 hci_dev_lock_bh(hdev);
1081 list_for_each(p, &hdev->conn_hash.list) {
1085 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1086 rp = kmalloc(rp_len, GFP_ATOMIC);
1092 put_unaligned_le16(count, &rp->conn_count);
1095 list_for_each(p, &hdev->conn_hash.list) {
1096 struct hci_conn *c = list_entry(p, struct hci_conn, list);
1098 bacpy(&rp->conn[i++], &c->dst);
1101 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1105 hci_dev_unlock_bh(hdev);
1110 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1111 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1113 struct pending_cmd *cmd;
1116 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1121 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1124 mgmt_pending_remove(cmd);
1129 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1132 struct hci_dev *hdev;
1133 struct hci_conn *conn;
1134 struct mgmt_cp_pin_code_reply *cp;
1135 struct mgmt_cp_pin_code_neg_reply ncp;
1136 struct hci_cp_pin_code_reply reply;
1137 struct pending_cmd *cmd;
1144 if (len != sizeof(*cp))
1145 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1147 hdev = hci_dev_get(index);
1149 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
1151 hci_dev_lock_bh(hdev);
1153 if (!test_bit(HCI_UP, &hdev->flags)) {
1154 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
1158 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1160 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1164 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1165 bacpy(&ncp.bdaddr, &cp->bdaddr);
1167 BT_ERR("PIN code is not 16 bytes long");
1169 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1171 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1177 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
1183 bacpy(&reply.bdaddr, &cp->bdaddr);
1184 reply.pin_len = cp->pin_len;
1185 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1187 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1189 mgmt_pending_remove(cmd);
1192 hci_dev_unlock_bh(hdev);
1198 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1201 struct hci_dev *hdev;
1202 struct mgmt_cp_pin_code_neg_reply *cp;
1209 if (len != sizeof(*cp))
1210 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1213 hdev = hci_dev_get(index);
1215 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1218 hci_dev_lock_bh(hdev);
1220 if (!test_bit(HCI_UP, &hdev->flags)) {
1221 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1226 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1229 hci_dev_unlock_bh(hdev);
1235 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1238 struct hci_dev *hdev;
1239 struct mgmt_cp_set_io_capability *cp;
1245 if (len != sizeof(*cp))
1246 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
1248 hdev = hci_dev_get(index);
1250 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1252 hci_dev_lock_bh(hdev);
1254 hdev->io_capability = cp->io_capability;
1256 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1257 hdev->io_capability);
1259 hci_dev_unlock_bh(hdev);
1262 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1265 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1267 struct hci_dev *hdev = conn->hdev;
1268 struct list_head *p;
1270 list_for_each(p, &cmd_list) {
1271 struct pending_cmd *cmd;
1273 cmd = list_entry(p, struct pending_cmd, list);
1275 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1278 if (cmd->index != hdev->id)
1281 if (cmd->user_data != conn)
1290 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1292 struct mgmt_rp_pair_device rp;
1293 struct hci_conn *conn = cmd->user_data;
1295 bacpy(&rp.bdaddr, &conn->dst);
1298 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1300 /* So we don't get further callbacks for this connection */
1301 conn->connect_cfm_cb = NULL;
1302 conn->security_cfm_cb = NULL;
1303 conn->disconn_cfm_cb = NULL;
1307 mgmt_pending_remove(cmd);
1310 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1312 struct pending_cmd *cmd;
1314 BT_DBG("status %u", status);
1316 cmd = find_pairing(conn);
1318 BT_DBG("Unable to find a pending command");
1322 pairing_complete(cmd, status);
1325 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1327 struct hci_dev *hdev;
1328 struct mgmt_cp_pair_device *cp;
1329 struct pending_cmd *cmd;
1330 struct adv_entry *entry;
1331 u8 sec_level, auth_type;
1332 struct hci_conn *conn;
1339 if (len != sizeof(*cp))
1340 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1342 hdev = hci_dev_get(index);
1344 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
1346 hci_dev_lock_bh(hdev);
1348 sec_level = BT_SECURITY_MEDIUM;
1349 if (cp->io_cap == 0x03)
1350 auth_type = HCI_AT_DEDICATED_BONDING;
1352 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1354 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1356 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1359 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1363 err = PTR_ERR(conn);
1367 if (conn->connect_cfm_cb) {
1369 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
1373 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
1380 /* For LE, just connecting isn't a proof that the pairing finished */
1382 conn->connect_cfm_cb = pairing_complete_cb;
1384 conn->security_cfm_cb = pairing_complete_cb;
1385 conn->disconn_cfm_cb = pairing_complete_cb;
1386 conn->io_capability = cp->io_cap;
1387 cmd->user_data = conn;
1389 if (conn->state == BT_CONNECTED &&
1390 hci_conn_security(conn, sec_level, auth_type))
1391 pairing_complete(cmd, 0);
1396 hci_dev_unlock_bh(hdev);
1402 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1403 u16 len, int success)
1405 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1406 u16 mgmt_op, hci_op;
1407 struct pending_cmd *cmd;
1408 struct hci_dev *hdev;
1414 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1415 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1417 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1418 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1421 if (len != sizeof(*cp))
1422 return cmd_status(sk, index, mgmt_op, EINVAL);
1424 hdev = hci_dev_get(index);
1426 return cmd_status(sk, index, mgmt_op, ENODEV);
1428 hci_dev_lock_bh(hdev);
1430 if (!test_bit(HCI_UP, &hdev->flags)) {
1431 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1435 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
1441 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1443 mgmt_pending_remove(cmd);
1446 hci_dev_unlock_bh(hdev);
1452 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1455 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1456 struct hci_cp_write_local_name hci_cp;
1457 struct hci_dev *hdev;
1458 struct pending_cmd *cmd;
1463 if (len != sizeof(*mgmt_cp))
1464 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1466 hdev = hci_dev_get(index);
1468 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1470 hci_dev_lock_bh(hdev);
1472 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1478 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1479 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1482 mgmt_pending_remove(cmd);
1485 hci_dev_unlock_bh(hdev);
1491 static int read_local_oob_data(struct sock *sk, u16 index)
1493 struct hci_dev *hdev;
1494 struct pending_cmd *cmd;
1497 BT_DBG("hci%u", index);
1499 hdev = hci_dev_get(index);
1501 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1504 hci_dev_lock_bh(hdev);
1506 if (!test_bit(HCI_UP, &hdev->flags)) {
1507 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1512 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1513 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1518 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1519 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1523 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1529 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1531 mgmt_pending_remove(cmd);
1534 hci_dev_unlock_bh(hdev);
1540 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1543 struct hci_dev *hdev;
1544 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1547 BT_DBG("hci%u ", index);
1549 if (len != sizeof(*cp))
1550 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1553 hdev = hci_dev_get(index);
1555 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1558 hci_dev_lock_bh(hdev);
1560 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1563 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1565 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1568 hci_dev_unlock_bh(hdev);
1574 static int remove_remote_oob_data(struct sock *sk, u16 index,
1575 unsigned char *data, u16 len)
1577 struct hci_dev *hdev;
1578 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1581 BT_DBG("hci%u ", index);
1583 if (len != sizeof(*cp))
1584 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1587 hdev = hci_dev_get(index);
1589 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1592 hci_dev_lock_bh(hdev);
1594 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1596 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1599 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1602 hci_dev_unlock_bh(hdev);
1608 static int start_discovery(struct sock *sk, u16 index)
1610 u8 lap[3] = { 0x33, 0x8b, 0x9e };
1611 struct hci_cp_inquiry cp;
1612 struct pending_cmd *cmd;
1613 struct hci_dev *hdev;
1616 BT_DBG("hci%u", index);
1618 hdev = hci_dev_get(index);
1620 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1622 hci_dev_lock_bh(hdev);
1624 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1630 memset(&cp, 0, sizeof(cp));
1631 memcpy(&cp.lap, lap, 3);
1635 err = hci_send_cmd(hdev, HCI_OP_INQUIRY, sizeof(cp), &cp);
1637 mgmt_pending_remove(cmd);
1640 hci_dev_unlock_bh(hdev);
1646 static int stop_discovery(struct sock *sk, u16 index)
1648 struct hci_dev *hdev;
1649 struct pending_cmd *cmd;
1652 BT_DBG("hci%u", index);
1654 hdev = hci_dev_get(index);
1656 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1658 hci_dev_lock_bh(hdev);
1660 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1666 err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL);
1668 mgmt_pending_remove(cmd);
1671 hci_dev_unlock_bh(hdev);
1677 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1680 struct hci_dev *hdev;
1681 struct pending_cmd *cmd;
1682 struct mgmt_cp_block_device *cp = (void *) data;
1685 BT_DBG("hci%u", index);
1687 if (len != sizeof(*cp))
1688 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1691 hdev = hci_dev_get(index);
1693 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1696 hci_dev_lock_bh(hdev);
1698 cmd = mgmt_pending_add(sk, MGMT_OP_BLOCK_DEVICE, index, NULL, 0);
1704 err = hci_blacklist_add(hdev, &cp->bdaddr);
1707 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1709 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1712 mgmt_pending_remove(cmd);
1715 hci_dev_unlock_bh(hdev);
1721 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1724 struct hci_dev *hdev;
1725 struct pending_cmd *cmd;
1726 struct mgmt_cp_unblock_device *cp = (void *) data;
1729 BT_DBG("hci%u", index);
1731 if (len != sizeof(*cp))
1732 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1735 hdev = hci_dev_get(index);
1737 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1740 hci_dev_lock_bh(hdev);
1742 cmd = mgmt_pending_add(sk, MGMT_OP_UNBLOCK_DEVICE, index, NULL, 0);
1748 err = hci_blacklist_del(hdev, &cp->bdaddr);
1751 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1753 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1756 mgmt_pending_remove(cmd);
1759 hci_dev_unlock_bh(hdev);
1765 static int set_fast_connectable(struct sock *sk, u16 index,
1766 unsigned char *data, u16 len)
1768 struct hci_dev *hdev;
1769 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1770 struct hci_cp_write_page_scan_activity acp;
1774 BT_DBG("hci%u", index);
1776 if (len != sizeof(*cp))
1777 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1780 hdev = hci_dev_get(index);
1782 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1788 type = PAGE_SCAN_TYPE_INTERLACED;
1789 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1791 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1792 acp.interval = 0x0800; /* default 1.28 sec page scan */
1795 acp.window = 0x0012; /* default 11.25 msec page scan window */
1797 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1800 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1805 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1807 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1812 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1815 hci_dev_unlock(hdev);
1821 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1824 struct mgmt_hdr *hdr;
1825 u16 opcode, index, len;
1828 BT_DBG("got %zu bytes", msglen);
1830 if (msglen < sizeof(*hdr))
1833 buf = kmalloc(msglen, GFP_KERNEL);
1837 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1842 hdr = (struct mgmt_hdr *) buf;
1843 opcode = get_unaligned_le16(&hdr->opcode);
1844 index = get_unaligned_le16(&hdr->index);
1845 len = get_unaligned_le16(&hdr->len);
1847 if (len != msglen - sizeof(*hdr)) {
1853 case MGMT_OP_READ_VERSION:
1854 err = read_version(sk);
1856 case MGMT_OP_READ_INDEX_LIST:
1857 err = read_index_list(sk);
1859 case MGMT_OP_READ_INFO:
1860 err = read_controller_info(sk, index);
1862 case MGMT_OP_SET_POWERED:
1863 err = set_powered(sk, index, buf + sizeof(*hdr), len);
1865 case MGMT_OP_SET_DISCOVERABLE:
1866 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
1868 case MGMT_OP_SET_CONNECTABLE:
1869 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
1871 case MGMT_OP_SET_PAIRABLE:
1872 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
1874 case MGMT_OP_ADD_UUID:
1875 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
1877 case MGMT_OP_REMOVE_UUID:
1878 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
1880 case MGMT_OP_SET_DEV_CLASS:
1881 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1883 case MGMT_OP_SET_SERVICE_CACHE:
1884 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1886 case MGMT_OP_LOAD_KEYS:
1887 err = load_keys(sk, index, buf + sizeof(*hdr), len);
1889 case MGMT_OP_REMOVE_KEY:
1890 err = remove_key(sk, index, buf + sizeof(*hdr), len);
1892 case MGMT_OP_DISCONNECT:
1893 err = disconnect(sk, index, buf + sizeof(*hdr), len);
1895 case MGMT_OP_GET_CONNECTIONS:
1896 err = get_connections(sk, index);
1898 case MGMT_OP_PIN_CODE_REPLY:
1899 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
1901 case MGMT_OP_PIN_CODE_NEG_REPLY:
1902 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
1904 case MGMT_OP_SET_IO_CAPABILITY:
1905 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
1907 case MGMT_OP_PAIR_DEVICE:
1908 err = pair_device(sk, index, buf + sizeof(*hdr), len);
1910 case MGMT_OP_USER_CONFIRM_REPLY:
1911 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
1913 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1914 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
1916 case MGMT_OP_SET_LOCAL_NAME:
1917 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1919 case MGMT_OP_READ_LOCAL_OOB_DATA:
1920 err = read_local_oob_data(sk, index);
1922 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1923 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1925 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1926 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1929 case MGMT_OP_START_DISCOVERY:
1930 err = start_discovery(sk, index);
1932 case MGMT_OP_STOP_DISCOVERY:
1933 err = stop_discovery(sk, index);
1935 case MGMT_OP_BLOCK_DEVICE:
1936 err = block_device(sk, index, buf + sizeof(*hdr), len);
1938 case MGMT_OP_UNBLOCK_DEVICE:
1939 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1941 case MGMT_OP_SET_FAST_CONNECTABLE:
1942 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1946 BT_DBG("Unknown op %u", opcode);
1947 err = cmd_status(sk, index, opcode, 0x01);
1961 int mgmt_index_added(u16 index)
1963 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
1966 int mgmt_index_removed(u16 index)
1968 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
1976 static void mode_rsp(struct pending_cmd *cmd, void *data)
1978 struct mgmt_mode *cp = cmd->param;
1979 struct cmd_lookup *match = data;
1981 if (cp->val != match->val)
1984 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1986 list_del(&cmd->list);
1988 if (match->sk == NULL) {
1989 match->sk = cmd->sk;
1990 sock_hold(match->sk);
1993 mgmt_pending_free(cmd);
1996 int mgmt_powered(u16 index, u8 powered)
1998 struct mgmt_mode ev;
1999 struct cmd_lookup match = { powered, NULL };
2002 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
2006 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
2014 int mgmt_discoverable(u16 index, u8 discoverable)
2016 struct mgmt_mode ev;
2017 struct cmd_lookup match = { discoverable, NULL };
2020 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
2022 ev.val = discoverable;
2024 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
2033 int mgmt_connectable(u16 index, u8 connectable)
2035 struct mgmt_mode ev;
2036 struct cmd_lookup match = { connectable, NULL };
2039 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
2041 ev.val = connectable;
2043 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
2051 int mgmt_new_key(u16 index, struct link_key *key, u8 persistent)
2053 struct mgmt_ev_new_key ev;
2055 memset(&ev, 0, sizeof(ev));
2057 ev.store_hint = persistent;
2058 bacpy(&ev.key.bdaddr, &key->bdaddr);
2059 ev.key.type = key->type;
2060 memcpy(ev.key.val, key->val, 16);
2061 ev.key.pin_len = key->pin_len;
2063 return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL);
2066 int mgmt_connected(u16 index, bdaddr_t *bdaddr, u8 link_type)
2068 struct mgmt_ev_connected ev;
2070 bacpy(&ev.bdaddr, bdaddr);
2071 ev.link_type = link_type;
2073 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
2076 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2078 struct mgmt_cp_disconnect *cp = cmd->param;
2079 struct sock **sk = data;
2080 struct mgmt_rp_disconnect rp;
2082 bacpy(&rp.bdaddr, &cp->bdaddr);
2084 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2089 mgmt_pending_remove(cmd);
2092 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2094 struct mgmt_ev_disconnected ev;
2095 struct sock *sk = NULL;
2098 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
2100 bacpy(&ev.bdaddr, bdaddr);
2102 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
2110 int mgmt_disconnect_failed(u16 index)
2112 struct pending_cmd *cmd;
2115 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2119 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
2121 mgmt_pending_remove(cmd);
2126 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2128 struct mgmt_ev_connect_failed ev;
2130 bacpy(&ev.bdaddr, bdaddr);
2133 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
2136 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
2138 struct mgmt_ev_pin_code_request ev;
2140 bacpy(&ev.bdaddr, bdaddr);
2143 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2147 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2149 struct pending_cmd *cmd;
2150 struct mgmt_rp_pin_code_reply rp;
2153 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2157 bacpy(&rp.bdaddr, bdaddr);
2160 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2163 mgmt_pending_remove(cmd);
2168 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2170 struct pending_cmd *cmd;
2171 struct mgmt_rp_pin_code_reply rp;
2174 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2178 bacpy(&rp.bdaddr, bdaddr);
2181 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2184 mgmt_pending_remove(cmd);
2189 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2192 struct mgmt_ev_user_confirm_request ev;
2194 BT_DBG("hci%u", index);
2196 bacpy(&ev.bdaddr, bdaddr);
2197 ev.confirm_hint = confirm_hint;
2198 put_unaligned_le32(value, &ev.value);
2200 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2204 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2207 struct pending_cmd *cmd;
2208 struct mgmt_rp_user_confirm_reply rp;
2211 cmd = mgmt_pending_find(opcode, index);
2215 bacpy(&rp.bdaddr, bdaddr);
2217 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
2219 mgmt_pending_remove(cmd);
2224 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2226 return confirm_reply_complete(index, bdaddr, status,
2227 MGMT_OP_USER_CONFIRM_REPLY);
2230 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2232 return confirm_reply_complete(index, bdaddr, status,
2233 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2236 int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2238 struct mgmt_ev_auth_failed ev;
2240 bacpy(&ev.bdaddr, bdaddr);
2243 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2246 int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2248 struct pending_cmd *cmd;
2249 struct hci_dev *hdev;
2250 struct mgmt_cp_set_local_name ev;
2253 memset(&ev, 0, sizeof(ev));
2254 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2256 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2261 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2265 hdev = hci_dev_get(index);
2267 hci_dev_lock_bh(hdev);
2269 hci_dev_unlock_bh(hdev);
2273 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2279 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2280 cmd ? cmd->sk : NULL);
2284 mgmt_pending_remove(cmd);
2288 int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2291 struct pending_cmd *cmd;
2294 BT_DBG("hci%u status %u", index, status);
2296 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2301 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2304 struct mgmt_rp_read_local_oob_data rp;
2306 memcpy(rp.hash, hash, sizeof(rp.hash));
2307 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2309 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2313 mgmt_pending_remove(cmd);
2318 int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2321 struct mgmt_ev_device_found ev;
2323 memset(&ev, 0, sizeof(ev));
2325 bacpy(&ev.bdaddr, bdaddr);
2329 memcpy(ev.eir, eir, sizeof(ev.eir));
2332 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2334 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2337 int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2339 struct mgmt_ev_remote_name ev;
2341 memset(&ev, 0, sizeof(ev));
2343 bacpy(&ev.bdaddr, bdaddr);
2344 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2346 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2349 int mgmt_discovering(u16 index, u8 discovering)
2351 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2352 sizeof(discovering), NULL);
2355 int mgmt_device_blocked(u16 index, bdaddr_t *bdaddr)
2357 struct pending_cmd *cmd;
2358 struct mgmt_ev_device_blocked ev;
2360 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, index);
2362 bacpy(&ev.bdaddr, bdaddr);
2364 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, index, &ev, sizeof(ev),
2365 cmd ? cmd->sk : NULL);
2368 int mgmt_device_unblocked(u16 index, bdaddr_t *bdaddr)
2370 struct pending_cmd *cmd;
2371 struct mgmt_ev_device_unblocked ev;
2373 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, index);
2375 bacpy(&ev.bdaddr, bdaddr);
2377 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, index, &ev, sizeof(ev),
2378 cmd ? cmd->sk : NULL);
git.openpandora.org / pandora-kernel.git / blob