2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
36 struct list_head list;
46 static int cmd_status(struct sock *sk, u16 cmd, u8 status)
50 struct mgmt_ev_cmd_status *ev;
52 BT_DBG("sock %p", sk);
54 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
58 hdr = (void *) skb_put(skb, sizeof(*hdr));
60 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
61 hdr->len = cpu_to_le16(sizeof(*ev));
63 ev = (void *) skb_put(skb, sizeof(*ev));
65 put_unaligned_le16(cmd, &ev->opcode);
67 if (sock_queue_rcv_skb(sk, skb) < 0)
73 static int cmd_complete(struct sock *sk, u16 cmd, void *rp, size_t rp_len)
77 struct mgmt_ev_cmd_complete *ev;
79 BT_DBG("sock %p", sk);
81 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
85 hdr = (void *) skb_put(skb, sizeof(*hdr));
87 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
88 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
90 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
91 put_unaligned_le16(cmd, &ev->opcode);
92 memcpy(ev->data, rp, rp_len);
94 if (sock_queue_rcv_skb(sk, skb) < 0)
100 static int read_version(struct sock *sk)
102 struct mgmt_rp_read_version rp;
104 BT_DBG("sock %p", sk);
106 rp.version = MGMT_VERSION;
107 put_unaligned_le16(MGMT_REVISION, &rp.revision);
109 return cmd_complete(sk, MGMT_OP_READ_VERSION, &rp, sizeof(rp));
112 static int read_index_list(struct sock *sk)
114 struct mgmt_rp_read_index_list *rp;
120 BT_DBG("sock %p", sk);
122 read_lock(&hci_dev_list_lock);
125 list_for_each(p, &hci_dev_list) {
129 rp_len = sizeof(*rp) + (2 * count);
130 rp = kmalloc(rp_len, GFP_ATOMIC);
132 read_unlock(&hci_dev_list_lock);
136 put_unaligned_le16(count, &rp->num_controllers);
139 list_for_each(p, &hci_dev_list) {
140 struct hci_dev *d = list_entry(p, struct hci_dev, list);
142 hci_del_off_timer(d);
144 set_bit(HCI_MGMT, &d->flags);
146 if (test_bit(HCI_SETUP, &d->flags))
149 put_unaligned_le16(d->id, &rp->index[i++]);
150 BT_DBG("Added hci%u", d->id);
153 read_unlock(&hci_dev_list_lock);
155 err = cmd_complete(sk, MGMT_OP_READ_INDEX_LIST, rp, rp_len);
162 static int read_controller_info(struct sock *sk, unsigned char *data, u16 len)
164 struct mgmt_rp_read_info rp;
165 struct mgmt_cp_read_info *cp = (void *) data;
166 struct hci_dev *hdev;
169 BT_DBG("sock %p", sk);
172 return cmd_status(sk, MGMT_OP_READ_INFO, EINVAL);
174 dev_id = get_unaligned_le16(&cp->index);
176 BT_DBG("request for hci%u", dev_id);
178 hdev = hci_dev_get(dev_id);
180 return cmd_status(sk, MGMT_OP_READ_INFO, ENODEV);
182 hci_del_off_timer(hdev);
184 hci_dev_lock_bh(hdev);
186 set_bit(HCI_MGMT, &hdev->flags);
188 put_unaligned_le16(hdev->id, &rp.index);
189 rp.type = hdev->dev_type;
191 rp.powered = test_bit(HCI_UP, &hdev->flags);
192 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
193 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
194 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
196 if (test_bit(HCI_AUTH, &hdev->flags))
198 else if (hdev->ssp_mode > 0)
203 bacpy(&rp.bdaddr, &hdev->bdaddr);
204 memcpy(rp.features, hdev->features, 8);
205 memcpy(rp.dev_class, hdev->dev_class, 3);
206 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
207 rp.hci_ver = hdev->hci_ver;
208 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
210 hci_dev_unlock_bh(hdev);
213 return cmd_complete(sk, MGMT_OP_READ_INFO, &rp, sizeof(rp));
216 static void mgmt_pending_free(struct pending_cmd *cmd)
223 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
224 u16 index, void *data, u16 len)
226 struct pending_cmd *cmd;
228 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
232 cmd->opcode = opcode;
235 cmd->cmd = kmalloc(len, GFP_ATOMIC);
241 memcpy(cmd->cmd, data, len);
246 list_add(&cmd->list, &cmd_list);
251 static void mgmt_pending_foreach(u16 opcode, int index,
252 void (*cb)(struct pending_cmd *cmd, void *data),
255 struct list_head *p, *n;
257 list_for_each_safe(p, n, &cmd_list) {
258 struct pending_cmd *cmd;
260 cmd = list_entry(p, struct pending_cmd, list);
262 if (cmd->opcode != opcode)
265 if (index >= 0 && cmd->index != index)
272 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
276 list_for_each(p, &cmd_list) {
277 struct pending_cmd *cmd;
279 cmd = list_entry(p, struct pending_cmd, list);
281 if (cmd->opcode != opcode)
284 if (index >= 0 && cmd->index != index)
293 static void mgmt_pending_remove(u16 opcode, int index)
295 struct pending_cmd *cmd;
297 cmd = mgmt_pending_find(opcode, index);
301 list_del(&cmd->list);
302 mgmt_pending_free(cmd);
305 static int set_powered(struct sock *sk, unsigned char *data, u16 len)
307 struct mgmt_mode *cp;
308 struct hci_dev *hdev;
309 struct pending_cmd *cmd;
314 dev_id = get_unaligned_le16(&cp->index);
316 BT_DBG("request for hci%u", dev_id);
318 hdev = hci_dev_get(dev_id);
320 return cmd_status(sk, MGMT_OP_SET_POWERED, ENODEV);
322 hci_dev_lock_bh(hdev);
324 up = test_bit(HCI_UP, &hdev->flags);
325 if ((cp->val && up) || (!cp->val && !up)) {
326 err = cmd_status(sk, MGMT_OP_SET_POWERED, EALREADY);
330 if (mgmt_pending_find(MGMT_OP_SET_POWERED, dev_id)) {
331 err = cmd_status(sk, MGMT_OP_SET_POWERED, EBUSY);
335 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, dev_id, data, len);
342 queue_work(hdev->workqueue, &hdev->power_on);
344 queue_work(hdev->workqueue, &hdev->power_off);
349 hci_dev_unlock_bh(hdev);
354 static int set_discoverable(struct sock *sk, unsigned char *data, u16 len)
356 struct mgmt_mode *cp;
357 struct hci_dev *hdev;
358 struct pending_cmd *cmd;
364 dev_id = get_unaligned_le16(&cp->index);
366 BT_DBG("request for hci%u", dev_id);
368 hdev = hci_dev_get(dev_id);
370 return cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, ENODEV);
372 hci_dev_lock_bh(hdev);
374 if (!test_bit(HCI_UP, &hdev->flags)) {
375 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
379 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, dev_id) ||
380 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, dev_id)) {
381 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, EBUSY);
385 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
386 test_bit(HCI_PSCAN, &hdev->flags)) {
387 err = cmd_status(sk, MGMT_OP_SET_DISCOVERABLE, EALREADY);
391 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, dev_id, data, len);
400 scan |= SCAN_INQUIRY;
402 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
404 mgmt_pending_remove(MGMT_OP_SET_DISCOVERABLE, dev_id);
407 hci_dev_unlock_bh(hdev);
413 static int set_connectable(struct sock *sk, unsigned char *data, u16 len)
415 struct mgmt_mode *cp;
416 struct hci_dev *hdev;
417 struct pending_cmd *cmd;
423 dev_id = get_unaligned_le16(&cp->index);
425 BT_DBG("request for hci%u", dev_id);
427 hdev = hci_dev_get(dev_id);
429 return cmd_status(sk, MGMT_OP_SET_CONNECTABLE, ENODEV);
431 hci_dev_lock_bh(hdev);
433 if (!test_bit(HCI_UP, &hdev->flags)) {
434 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
438 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, dev_id) ||
439 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, dev_id)) {
440 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, EBUSY);
444 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
445 err = cmd_status(sk, MGMT_OP_SET_CONNECTABLE, EALREADY);
449 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, dev_id, data, len);
460 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
462 mgmt_pending_remove(MGMT_OP_SET_CONNECTABLE, dev_id);
465 hci_dev_unlock_bh(hdev);
471 static int mgmt_event(u16 event, void *data, u16 data_len, struct sock *skip_sk)
474 struct mgmt_hdr *hdr;
476 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
480 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
482 hdr = (void *) skb_put(skb, sizeof(*hdr));
483 hdr->opcode = cpu_to_le16(event);
484 hdr->len = cpu_to_le16(data_len);
486 memcpy(skb_put(skb, data_len), data, data_len);
488 hci_send_to_sock(NULL, skb, skip_sk);
494 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
498 put_unaligned_le16(index, &rp.index);
501 return cmd_complete(sk, opcode, &rp, sizeof(rp));
504 static int set_pairable(struct sock *sk, unsigned char *data, u16 len)
506 struct mgmt_mode *cp, ev;
507 struct hci_dev *hdev;
512 dev_id = get_unaligned_le16(&cp->index);
514 BT_DBG("request for hci%u", dev_id);
516 hdev = hci_dev_get(dev_id);
518 return cmd_status(sk, MGMT_OP_SET_PAIRABLE, ENODEV);
520 hci_dev_lock_bh(hdev);
523 set_bit(HCI_PAIRABLE, &hdev->flags);
525 clear_bit(HCI_PAIRABLE, &hdev->flags);
527 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, dev_id, cp->val);
531 put_unaligned_le16(dev_id, &ev.index);
534 err = mgmt_event(MGMT_EV_PAIRABLE, &ev, sizeof(ev), sk);
537 hci_dev_unlock_bh(hdev);
543 static u8 get_service_classes(struct hci_dev *hdev)
548 list_for_each(p, &hdev->uuids) {
549 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
551 val |= uuid->svc_hint;
557 static int update_class(struct hci_dev *hdev)
561 BT_DBG("%s", hdev->name);
563 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
566 cod[0] = hdev->minor_class;
567 cod[1] = hdev->major_class;
568 cod[2] = get_service_classes(hdev);
570 if (memcmp(cod, hdev->dev_class, 3) == 0)
573 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
576 static int add_uuid(struct sock *sk, unsigned char *data, u16 len)
578 struct mgmt_cp_add_uuid *cp;
579 struct hci_dev *hdev;
580 struct bt_uuid *uuid;
585 dev_id = get_unaligned_le16(&cp->index);
587 BT_DBG("request for hci%u", dev_id);
589 hdev = hci_dev_get(dev_id);
591 return cmd_status(sk, MGMT_OP_ADD_UUID, ENODEV);
593 hci_dev_lock_bh(hdev);
595 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
601 memcpy(uuid->uuid, cp->uuid, 16);
602 uuid->svc_hint = cp->svc_hint;
604 list_add(&uuid->list, &hdev->uuids);
606 err = update_class(hdev);
610 err = cmd_complete(sk, MGMT_OP_ADD_UUID, &dev_id, sizeof(dev_id));
613 hci_dev_unlock_bh(hdev);
619 static int remove_uuid(struct sock *sk, unsigned char *data, u16 len)
621 struct list_head *p, *n;
622 struct mgmt_cp_add_uuid *cp;
623 struct hci_dev *hdev;
624 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
629 dev_id = get_unaligned_le16(&cp->index);
631 BT_DBG("request for hci%u", dev_id);
633 hdev = hci_dev_get(dev_id);
635 return cmd_status(sk, MGMT_OP_REMOVE_UUID, ENODEV);
637 hci_dev_lock_bh(hdev);
639 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
640 err = hci_uuids_clear(hdev);
646 list_for_each_safe(p, n, &hdev->uuids) {
647 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
649 if (memcmp(match->uuid, cp->uuid, 16) != 0)
652 list_del(&match->list);
657 err = cmd_status(sk, MGMT_OP_REMOVE_UUID, ENOENT);
661 err = update_class(hdev);
665 err = cmd_complete(sk, MGMT_OP_REMOVE_UUID, &dev_id, sizeof(dev_id));
668 hci_dev_unlock_bh(hdev);
674 static int set_dev_class(struct sock *sk, unsigned char *data, u16 len)
676 struct hci_dev *hdev;
677 struct mgmt_cp_set_dev_class *cp;
682 dev_id = get_unaligned_le16(&cp->index);
684 BT_DBG("request for hci%u", dev_id);
686 hdev = hci_dev_get(dev_id);
688 return cmd_status(sk, MGMT_OP_SET_DEV_CLASS, ENODEV);
690 hci_dev_lock_bh(hdev);
692 hdev->major_class = cp->major;
693 hdev->minor_class = cp->minor;
695 err = update_class(hdev);
698 err = cmd_complete(sk, MGMT_OP_SET_DEV_CLASS, &dev_id,
701 hci_dev_unlock_bh(hdev);
707 static int set_service_cache(struct sock *sk, unsigned char *data, u16 len)
709 struct hci_dev *hdev;
710 struct mgmt_cp_set_service_cache *cp;
715 dev_id = get_unaligned_le16(&cp->index);
717 hdev = hci_dev_get(dev_id);
719 return cmd_status(sk, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
721 hci_dev_lock_bh(hdev);
723 BT_DBG("hci%u enable %d", dev_id, cp->enable);
726 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
729 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
730 err = update_class(hdev);
734 err = cmd_complete(sk, MGMT_OP_SET_SERVICE_CACHE, &dev_id,
737 hci_dev_unlock_bh(hdev);
743 static int load_keys(struct sock *sk, unsigned char *data, u16 len)
745 struct hci_dev *hdev;
746 struct mgmt_cp_load_keys *cp;
747 u16 dev_id, key_count, expected_len;
751 dev_id = get_unaligned_le16(&cp->index);
752 key_count = get_unaligned_le16(&cp->key_count);
754 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
755 if (expected_len != len) {
756 BT_ERR("load_keys: expected %u bytes, got %u bytes",
761 hdev = hci_dev_get(dev_id);
763 return cmd_status(sk, MGMT_OP_LOAD_KEYS, ENODEV);
765 BT_DBG("hci%u debug_keys %u key_count %u", dev_id, cp->debug_keys,
768 hci_dev_lock_bh(hdev);
770 hci_link_keys_clear(hdev);
772 set_bit(HCI_LINK_KEYS, &hdev->flags);
775 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
777 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
779 for (i = 0; i < key_count; i++) {
780 struct mgmt_key_info *key = &cp->keys[i];
782 hci_add_link_key(hdev, 0, &key->bdaddr, key->val, key->type,
786 hci_dev_unlock_bh(hdev);
792 static int remove_key(struct sock *sk, unsigned char *data, u16 len)
794 struct hci_dev *hdev;
795 struct mgmt_cp_remove_key *cp;
796 struct hci_conn *conn;
801 dev_id = get_unaligned_le16(&cp->index);
803 hdev = hci_dev_get(dev_id);
805 return cmd_status(sk, MGMT_OP_REMOVE_KEY, ENODEV);
807 hci_dev_lock_bh(hdev);
809 err = hci_remove_link_key(hdev, &cp->bdaddr);
811 err = cmd_status(sk, MGMT_OP_REMOVE_KEY, -err);
817 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
820 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
822 struct hci_cp_disconnect dc;
824 put_unaligned_le16(conn->handle, &dc.handle);
825 dc.reason = 0x13; /* Remote User Terminated Connection */
826 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, 0, NULL);
830 hci_dev_unlock_bh(hdev);
836 static int disconnect(struct sock *sk, unsigned char *data, u16 len)
838 struct hci_dev *hdev;
839 struct mgmt_cp_disconnect *cp;
840 struct hci_cp_disconnect dc;
841 struct pending_cmd *cmd;
842 struct hci_conn *conn;
849 dev_id = get_unaligned_le16(&cp->index);
851 hdev = hci_dev_get(dev_id);
853 return cmd_status(sk, MGMT_OP_DISCONNECT, ENODEV);
855 hci_dev_lock_bh(hdev);
857 if (!test_bit(HCI_UP, &hdev->flags)) {
858 err = cmd_status(sk, MGMT_OP_DISCONNECT, ENETDOWN);
862 if (mgmt_pending_find(MGMT_OP_DISCONNECT, dev_id)) {
863 err = cmd_status(sk, MGMT_OP_DISCONNECT, EBUSY);
867 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
869 err = cmd_status(sk, MGMT_OP_DISCONNECT, ENOTCONN);
873 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, dev_id, data, len);
879 put_unaligned_le16(conn->handle, &dc.handle);
880 dc.reason = 0x13; /* Remote User Terminated Connection */
882 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
884 mgmt_pending_remove(MGMT_OP_DISCONNECT, dev_id);
887 hci_dev_unlock_bh(hdev);
893 static int get_connections(struct sock *sk, unsigned char *data, u16 len)
895 struct mgmt_cp_get_connections *cp;
896 struct mgmt_rp_get_connections *rp;
897 struct hci_dev *hdev;
906 dev_id = get_unaligned_le16(&cp->index);
908 hdev = hci_dev_get(dev_id);
910 return cmd_status(sk, MGMT_OP_GET_CONNECTIONS, ENODEV);
912 hci_dev_lock_bh(hdev);
915 list_for_each(p, &hdev->conn_hash.list) {
919 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
920 rp = kmalloc(rp_len, GFP_ATOMIC);
926 put_unaligned_le16(dev_id, &rp->index);
927 put_unaligned_le16(count, &rp->conn_count);
929 read_lock(&hci_dev_list_lock);
932 list_for_each(p, &hdev->conn_hash.list) {
933 struct hci_conn *c = list_entry(p, struct hci_conn, list);
935 bacpy(&rp->conn[i++], &c->dst);
938 read_unlock(&hci_dev_list_lock);
940 err = cmd_complete(sk, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
944 hci_dev_unlock_bh(hdev);
949 static int pin_code_reply(struct sock *sk, unsigned char *data, u16 len)
951 struct hci_dev *hdev;
952 struct mgmt_cp_pin_code_reply *cp;
953 struct hci_cp_pin_code_reply reply;
954 struct pending_cmd *cmd;
961 dev_id = get_unaligned_le16(&cp->index);
963 hdev = hci_dev_get(dev_id);
965 return cmd_status(sk, MGMT_OP_DISCONNECT, ENODEV);
967 hci_dev_lock_bh(hdev);
969 if (!test_bit(HCI_UP, &hdev->flags)) {
970 err = cmd_status(sk, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
974 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, dev_id, data, len);
980 bacpy(&reply.bdaddr, &cp->bdaddr);
981 reply.pin_len = cp->pin_len;
982 memcpy(reply.pin_code, cp->pin_code, 16);
984 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
986 mgmt_pending_remove(MGMT_OP_PIN_CODE_REPLY, dev_id);
989 hci_dev_unlock_bh(hdev);
995 static int pin_code_neg_reply(struct sock *sk, unsigned char *data, u16 len)
997 struct hci_dev *hdev;
998 struct mgmt_cp_pin_code_neg_reply *cp;
999 struct pending_cmd *cmd;
1006 dev_id = get_unaligned_le16(&cp->index);
1008 hdev = hci_dev_get(dev_id);
1010 return cmd_status(sk, MGMT_OP_PIN_CODE_NEG_REPLY, ENODEV);
1012 hci_dev_lock_bh(hdev);
1014 if (!test_bit(HCI_UP, &hdev->flags)) {
1015 err = cmd_status(sk, MGMT_OP_PIN_CODE_NEG_REPLY, ENETDOWN);
1019 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, dev_id,
1026 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(bdaddr_t),
1029 mgmt_pending_remove(MGMT_OP_PIN_CODE_NEG_REPLY, dev_id);
1032 hci_dev_unlock_bh(hdev);
1038 static int set_io_capability(struct sock *sk, unsigned char *data, u16 len)
1040 struct hci_dev *hdev;
1041 struct mgmt_cp_set_io_capability *cp;
1047 dev_id = get_unaligned_le16(&cp->index);
1049 hdev = hci_dev_get(dev_id);
1051 return cmd_status(sk, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1053 hci_dev_lock_bh(hdev);
1055 hdev->io_capability = cp->io_capability;
1057 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1058 hdev->io_capability);
1060 hci_dev_unlock_bh(hdev);
1063 return cmd_complete(sk, MGMT_OP_SET_IO_CAPABILITY,
1064 &dev_id, sizeof(dev_id));
1067 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1069 struct hci_dev *hdev = conn->hdev;
1070 struct list_head *p;
1072 list_for_each(p, &cmd_list) {
1073 struct pending_cmd *cmd;
1075 cmd = list_entry(p, struct pending_cmd, list);
1077 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1080 if (cmd->index != hdev->id)
1083 if (cmd->user_data != conn)
1092 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1094 struct mgmt_rp_pair_device rp;
1095 struct hci_conn *conn = cmd->user_data;
1097 rp.index = cmd->index;
1098 bacpy(&rp.bdaddr, &conn->dst);
1101 cmd_complete(cmd->sk, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1103 /* So we don't get further callbacks for this connection */
1104 conn->connect_cfm_cb = NULL;
1105 conn->security_cfm_cb = NULL;
1106 conn->disconn_cfm_cb = NULL;
1110 list_del(&cmd->list);
1111 mgmt_pending_free(cmd);
1114 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1116 struct pending_cmd *cmd;
1118 BT_DBG("status %u", status);
1120 cmd = find_pairing(conn);
1122 BT_DBG("Unable to find a pending command");
1126 pairing_complete(cmd, status);
1129 static int pair_device(struct sock *sk, unsigned char *data, u16 len)
1131 struct hci_dev *hdev;
1132 struct mgmt_cp_pair_device *cp;
1133 struct pending_cmd *cmd;
1134 u8 sec_level, auth_type;
1135 struct hci_conn *conn;
1142 dev_id = get_unaligned_le16(&cp->index);
1144 hdev = hci_dev_get(dev_id);
1146 return cmd_status(sk, MGMT_OP_PAIR_DEVICE, ENODEV);
1148 hci_dev_lock_bh(hdev);
1150 if (cp->io_cap == 0x03) {
1151 sec_level = BT_SECURITY_MEDIUM;
1152 auth_type = HCI_AT_DEDICATED_BONDING;
1154 sec_level = BT_SECURITY_HIGH;
1155 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1158 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level, auth_type);
1164 if (conn->connect_cfm_cb) {
1166 err = cmd_status(sk, MGMT_OP_PAIR_DEVICE, EBUSY);
1170 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, dev_id, data, len);
1177 conn->connect_cfm_cb = pairing_complete_cb;
1178 conn->security_cfm_cb = pairing_complete_cb;
1179 conn->disconn_cfm_cb = pairing_complete_cb;
1180 conn->io_capability = cp->io_cap;
1181 cmd->user_data = conn;
1183 if (conn->state == BT_CONNECTED &&
1184 hci_conn_security(conn, sec_level, auth_type))
1185 pairing_complete(cmd, 0);
1190 hci_dev_unlock_bh(hdev);
1196 static int user_confirm_reply(struct sock *sk, unsigned char *data, u16 len,
1199 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1200 u16 dev_id, mgmt_op, hci_op;
1201 struct pending_cmd *cmd;
1202 struct hci_dev *hdev;
1207 dev_id = get_unaligned_le16(&cp->index);
1210 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1211 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1213 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1214 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1217 hdev = hci_dev_get(dev_id);
1219 return cmd_status(sk, mgmt_op, ENODEV);
1221 if (!test_bit(HCI_UP, &hdev->flags)) {
1222 err = cmd_status(sk, mgmt_op, ENETDOWN);
1226 cmd = mgmt_pending_add(sk, mgmt_op, dev_id, data, len);
1232 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1234 list_del(&cmd->list);
1235 mgmt_pending_free(cmd);
1239 hci_dev_unlock_bh(hdev);
1245 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1248 struct mgmt_hdr *hdr;
1252 BT_DBG("got %zu bytes", msglen);
1254 if (msglen < sizeof(*hdr))
1257 buf = kmalloc(msglen, GFP_ATOMIC);
1261 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1266 hdr = (struct mgmt_hdr *) buf;
1267 opcode = get_unaligned_le16(&hdr->opcode);
1268 len = get_unaligned_le16(&hdr->len);
1270 if (len != msglen - sizeof(*hdr)) {
1276 case MGMT_OP_READ_VERSION:
1277 err = read_version(sk);
1279 case MGMT_OP_READ_INDEX_LIST:
1280 err = read_index_list(sk);
1282 case MGMT_OP_READ_INFO:
1283 err = read_controller_info(sk, buf + sizeof(*hdr), len);
1285 case MGMT_OP_SET_POWERED:
1286 err = set_powered(sk, buf + sizeof(*hdr), len);
1288 case MGMT_OP_SET_DISCOVERABLE:
1289 err = set_discoverable(sk, buf + sizeof(*hdr), len);
1291 case MGMT_OP_SET_CONNECTABLE:
1292 err = set_connectable(sk, buf + sizeof(*hdr), len);
1294 case MGMT_OP_SET_PAIRABLE:
1295 err = set_pairable(sk, buf + sizeof(*hdr), len);
1297 case MGMT_OP_ADD_UUID:
1298 err = add_uuid(sk, buf + sizeof(*hdr), len);
1300 case MGMT_OP_REMOVE_UUID:
1301 err = remove_uuid(sk, buf + sizeof(*hdr), len);
1303 case MGMT_OP_SET_DEV_CLASS:
1304 err = set_dev_class(sk, buf + sizeof(*hdr), len);
1306 case MGMT_OP_SET_SERVICE_CACHE:
1307 err = set_service_cache(sk, buf + sizeof(*hdr), len);
1309 case MGMT_OP_LOAD_KEYS:
1310 err = load_keys(sk, buf + sizeof(*hdr), len);
1312 case MGMT_OP_REMOVE_KEY:
1313 err = remove_key(sk, buf + sizeof(*hdr), len);
1315 case MGMT_OP_DISCONNECT:
1316 err = disconnect(sk, buf + sizeof(*hdr), len);
1318 case MGMT_OP_GET_CONNECTIONS:
1319 err = get_connections(sk, buf + sizeof(*hdr), len);
1321 case MGMT_OP_PIN_CODE_REPLY:
1322 err = pin_code_reply(sk, buf + sizeof(*hdr), len);
1324 case MGMT_OP_PIN_CODE_NEG_REPLY:
1325 err = pin_code_neg_reply(sk, buf + sizeof(*hdr), len);
1327 case MGMT_OP_SET_IO_CAPABILITY:
1328 err = set_io_capability(sk, buf + sizeof(*hdr), len);
1330 case MGMT_OP_PAIR_DEVICE:
1331 err = pair_device(sk, buf + sizeof(*hdr), len);
1333 case MGMT_OP_USER_CONFIRM_REPLY:
1334 err = user_confirm_reply(sk, buf + sizeof(*hdr), len, 1);
1336 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1337 err = user_confirm_reply(sk, buf + sizeof(*hdr), len, 0);
1340 BT_DBG("Unknown op %u", opcode);
1341 err = cmd_status(sk, opcode, 0x01);
1355 int mgmt_index_added(u16 index)
1357 struct mgmt_ev_index_added ev;
1359 put_unaligned_le16(index, &ev.index);
1361 return mgmt_event(MGMT_EV_INDEX_ADDED, &ev, sizeof(ev), NULL);
1364 int mgmt_index_removed(u16 index)
1366 struct mgmt_ev_index_added ev;
1368 put_unaligned_le16(index, &ev.index);
1370 return mgmt_event(MGMT_EV_INDEX_REMOVED, &ev, sizeof(ev), NULL);
1378 static void mode_rsp(struct pending_cmd *cmd, void *data)
1380 struct mgmt_mode *cp = cmd->cmd;
1381 struct cmd_lookup *match = data;
1383 if (cp->val != match->val)
1386 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1388 list_del(&cmd->list);
1390 if (match->sk == NULL) {
1391 match->sk = cmd->sk;
1392 sock_hold(match->sk);
1395 mgmt_pending_free(cmd);
1398 int mgmt_powered(u16 index, u8 powered)
1400 struct mgmt_mode ev;
1401 struct cmd_lookup match = { powered, NULL };
1404 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
1406 put_unaligned_le16(index, &ev.index);
1409 ret = mgmt_event(MGMT_EV_POWERED, &ev, sizeof(ev), match.sk);
1417 int mgmt_discoverable(u16 index, u8 discoverable)
1419 struct mgmt_mode ev;
1420 struct cmd_lookup match = { discoverable, NULL };
1423 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index,
1426 put_unaligned_le16(index, &ev.index);
1427 ev.val = discoverable;
1429 ret = mgmt_event(MGMT_EV_DISCOVERABLE, &ev, sizeof(ev), match.sk);
1437 int mgmt_connectable(u16 index, u8 connectable)
1439 struct mgmt_mode ev;
1440 struct cmd_lookup match = { connectable, NULL };
1443 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
1445 put_unaligned_le16(index, &ev.index);
1446 ev.val = connectable;
1448 ret = mgmt_event(MGMT_EV_CONNECTABLE, &ev, sizeof(ev), match.sk);
1456 int mgmt_new_key(u16 index, struct link_key *key, u8 old_key_type)
1458 struct mgmt_ev_new_key ev;
1460 memset(&ev, 0, sizeof(ev));
1462 put_unaligned_le16(index, &ev.index);
1464 bacpy(&ev.key.bdaddr, &key->bdaddr);
1465 ev.key.type = key->type;
1466 memcpy(ev.key.val, key->val, 16);
1467 ev.key.pin_len = key->pin_len;
1468 ev.old_key_type = old_key_type;
1470 return mgmt_event(MGMT_EV_NEW_KEY, &ev, sizeof(ev), NULL);
1473 int mgmt_connected(u16 index, bdaddr_t *bdaddr)
1475 struct mgmt_ev_connected ev;
1477 put_unaligned_le16(index, &ev.index);
1478 bacpy(&ev.bdaddr, bdaddr);
1480 return mgmt_event(MGMT_EV_CONNECTED, &ev, sizeof(ev), NULL);
1483 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
1485 struct mgmt_cp_disconnect *cp = cmd->cmd;
1486 struct sock **sk = data;
1487 struct mgmt_rp_disconnect rp;
1489 put_unaligned_le16(cmd->index, &rp.index);
1490 bacpy(&rp.bdaddr, &cp->bdaddr);
1492 cmd_complete(cmd->sk, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
1497 list_del(&cmd->list);
1498 mgmt_pending_free(cmd);
1501 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
1503 struct mgmt_ev_disconnected ev;
1504 struct sock *sk = NULL;
1507 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
1509 put_unaligned_le16(index, &ev.index);
1510 bacpy(&ev.bdaddr, bdaddr);
1512 err = mgmt_event(MGMT_EV_DISCONNECTED, &ev, sizeof(ev), sk);
1520 int mgmt_disconnect_failed(u16 index)
1522 struct pending_cmd *cmd;
1525 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
1529 err = cmd_status(cmd->sk, MGMT_OP_DISCONNECT, EIO);
1531 list_del(&cmd->list);
1532 mgmt_pending_free(cmd);
1537 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
1539 struct mgmt_ev_connect_failed ev;
1541 put_unaligned_le16(index, &ev.index);
1542 bacpy(&ev.bdaddr, bdaddr);
1545 return mgmt_event(MGMT_EV_CONNECT_FAILED, &ev, sizeof(ev), NULL);
1548 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr)
1550 struct mgmt_ev_pin_code_request ev;
1552 put_unaligned_le16(index, &ev.index);
1553 bacpy(&ev.bdaddr, bdaddr);
1555 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, &ev, sizeof(ev), NULL);
1558 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
1560 struct pending_cmd *cmd;
1563 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
1568 err = cmd_status(cmd->sk, MGMT_OP_PIN_CODE_REPLY, status);
1570 err = cmd_complete(cmd->sk, MGMT_OP_PIN_CODE_REPLY,
1571 bdaddr, sizeof(*bdaddr));
1573 list_del(&cmd->list);
1574 mgmt_pending_free(cmd);
1579 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
1581 struct pending_cmd *cmd;
1584 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
1589 err = cmd_status(cmd->sk, MGMT_OP_PIN_CODE_NEG_REPLY, status);
1591 err = cmd_complete(cmd->sk, MGMT_OP_PIN_CODE_NEG_REPLY,
1592 bdaddr, sizeof(*bdaddr));
1594 list_del(&cmd->list);
1595 mgmt_pending_free(cmd);
1600 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value)
1602 struct mgmt_ev_user_confirm_request ev;
1604 BT_DBG("hci%u", index);
1606 put_unaligned_le16(index, &ev.index);
1607 bacpy(&ev.bdaddr, bdaddr);
1608 put_unaligned_le32(value, &ev.value);
1610 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, &ev, sizeof(ev), NULL);
1613 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
1616 struct pending_cmd *cmd;
1617 struct mgmt_rp_user_confirm_reply rp;
1620 cmd = mgmt_pending_find(opcode, index);
1624 put_unaligned_le16(index, &rp.index);
1625 bacpy(&rp.bdaddr, bdaddr);
1627 err = cmd_complete(cmd->sk, opcode, &rp, sizeof(rp));
1629 list_del(&cmd->list);
1630 mgmt_pending_free(cmd);
1635 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
1637 return confirm_reply_complete(index, bdaddr, status,
1638 MGMT_OP_USER_CONFIRM_REPLY);
1641 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr,
1644 return confirm_reply_complete(index, bdaddr, status,
1645 MGMT_OP_USER_CONFIRM_NEG_REPLY);
git.openpandora.org / pandora-kernel.git / blob