2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 #ifndef CONFIG_BT_HCI_CORE_DEBUG
53 /* Handle HCI Event packets */
55 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
57 __u8 status = *((__u8 *) skb->data);
59 BT_DBG("%s status 0x%x", hdev->name, status);
64 clear_bit(HCI_INQUIRY, &hdev->flags);
66 hci_req_complete(hdev, status);
68 hci_conn_check_pending(hdev);
71 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
73 __u8 status = *((__u8 *) skb->data);
75 BT_DBG("%s status 0x%x", hdev->name, status);
80 clear_bit(HCI_INQUIRY, &hdev->flags);
82 hci_conn_check_pending(hdev);
85 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
87 BT_DBG("%s", hdev->name);
90 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
92 struct hci_rp_role_discovery *rp = (void *) skb->data;
93 struct hci_conn *conn;
95 BT_DBG("%s status 0x%x", hdev->name, rp->status);
102 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
105 conn->link_mode &= ~HCI_LM_MASTER;
107 conn->link_mode |= HCI_LM_MASTER;
110 hci_dev_unlock(hdev);
113 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
115 struct hci_rp_read_link_policy *rp = (void *) skb->data;
116 struct hci_conn *conn;
118 BT_DBG("%s status 0x%x", hdev->name, rp->status);
125 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
127 conn->link_policy = __le16_to_cpu(rp->policy);
129 hci_dev_unlock(hdev);
132 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
134 struct hci_rp_write_link_policy *rp = (void *) skb->data;
135 struct hci_conn *conn;
138 BT_DBG("%s status 0x%x", hdev->name, rp->status);
143 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
149 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
151 conn->link_policy = get_unaligned_le16(sent + 2);
153 hci_dev_unlock(hdev);
156 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
158 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
160 BT_DBG("%s status 0x%x", hdev->name, rp->status);
165 hdev->link_policy = __le16_to_cpu(rp->policy);
168 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
170 __u8 status = *((__u8 *) skb->data);
173 BT_DBG("%s status 0x%x", hdev->name, status);
175 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
180 hdev->link_policy = get_unaligned_le16(sent);
182 hci_req_complete(hdev, status);
185 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
187 __u8 status = *((__u8 *) skb->data);
189 BT_DBG("%s status 0x%x", hdev->name, status);
191 hci_req_complete(hdev, status);
194 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
196 __u8 status = *((__u8 *) skb->data);
199 BT_DBG("%s status 0x%x", hdev->name, status);
204 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
208 memcpy(hdev->dev_name, sent, 248);
211 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
213 struct hci_rp_read_local_name *rp = (void *) skb->data;
215 BT_DBG("%s status 0x%x", hdev->name, rp->status);
220 memcpy(hdev->dev_name, rp->name, 248);
223 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
225 __u8 status = *((__u8 *) skb->data);
228 BT_DBG("%s status 0x%x", hdev->name, status);
230 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
235 __u8 param = *((__u8 *) sent);
237 if (param == AUTH_ENABLED)
238 set_bit(HCI_AUTH, &hdev->flags);
240 clear_bit(HCI_AUTH, &hdev->flags);
243 hci_req_complete(hdev, status);
246 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
248 __u8 status = *((__u8 *) skb->data);
251 BT_DBG("%s status 0x%x", hdev->name, status);
253 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
258 __u8 param = *((__u8 *) sent);
261 set_bit(HCI_ENCRYPT, &hdev->flags);
263 clear_bit(HCI_ENCRYPT, &hdev->flags);
266 hci_req_complete(hdev, status);
269 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
271 __u8 status = *((__u8 *) skb->data);
274 BT_DBG("%s status 0x%x", hdev->name, status);
276 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
281 __u8 param = *((__u8 *) sent);
283 clear_bit(HCI_PSCAN, &hdev->flags);
284 clear_bit(HCI_ISCAN, &hdev->flags);
286 if (param & SCAN_INQUIRY)
287 set_bit(HCI_ISCAN, &hdev->flags);
289 if (param & SCAN_PAGE)
290 set_bit(HCI_PSCAN, &hdev->flags);
293 hci_req_complete(hdev, status);
296 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
298 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
300 BT_DBG("%s status 0x%x", hdev->name, rp->status);
305 memcpy(hdev->dev_class, rp->dev_class, 3);
307 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
308 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
311 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
313 __u8 status = *((__u8 *) skb->data);
316 BT_DBG("%s status 0x%x", hdev->name, status);
321 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
325 memcpy(hdev->dev_class, sent, 3);
328 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
330 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
333 BT_DBG("%s status 0x%x", hdev->name, rp->status);
338 setting = __le16_to_cpu(rp->voice_setting);
340 if (hdev->voice_setting == setting)
343 hdev->voice_setting = setting;
345 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
348 tasklet_disable(&hdev->tx_task);
349 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
350 tasklet_enable(&hdev->tx_task);
354 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
356 __u8 status = *((__u8 *) skb->data);
360 BT_DBG("%s status 0x%x", hdev->name, status);
365 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
369 setting = get_unaligned_le16(sent);
371 if (hdev->voice_setting == setting)
374 hdev->voice_setting = setting;
376 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
379 tasklet_disable(&hdev->tx_task);
380 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
381 tasklet_enable(&hdev->tx_task);
385 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
387 __u8 status = *((__u8 *) skb->data);
389 BT_DBG("%s status 0x%x", hdev->name, status);
391 hci_req_complete(hdev, status);
394 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
396 struct hci_rp_read_local_version *rp = (void *) skb->data;
398 BT_DBG("%s status 0x%x", hdev->name, rp->status);
403 hdev->hci_ver = rp->hci_ver;
404 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
405 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
407 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
409 hdev->hci_ver, hdev->hci_rev);
412 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
414 struct hci_rp_read_local_commands *rp = (void *) skb->data;
416 BT_DBG("%s status 0x%x", hdev->name, rp->status);
421 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
424 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
426 struct hci_rp_read_local_features *rp = (void *) skb->data;
428 BT_DBG("%s status 0x%x", hdev->name, rp->status);
433 memcpy(hdev->features, rp->features, 8);
435 /* Adjust default settings according to features
436 * supported by device. */
438 if (hdev->features[0] & LMP_3SLOT)
439 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
441 if (hdev->features[0] & LMP_5SLOT)
442 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
444 if (hdev->features[1] & LMP_HV2) {
445 hdev->pkt_type |= (HCI_HV2);
446 hdev->esco_type |= (ESCO_HV2);
449 if (hdev->features[1] & LMP_HV3) {
450 hdev->pkt_type |= (HCI_HV3);
451 hdev->esco_type |= (ESCO_HV3);
454 if (hdev->features[3] & LMP_ESCO)
455 hdev->esco_type |= (ESCO_EV3);
457 if (hdev->features[4] & LMP_EV4)
458 hdev->esco_type |= (ESCO_EV4);
460 if (hdev->features[4] & LMP_EV5)
461 hdev->esco_type |= (ESCO_EV5);
463 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
464 hdev->features[0], hdev->features[1],
465 hdev->features[2], hdev->features[3],
466 hdev->features[4], hdev->features[5],
467 hdev->features[6], hdev->features[7]);
470 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
472 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
474 BT_DBG("%s status 0x%x", hdev->name, rp->status);
479 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
480 hdev->sco_mtu = rp->sco_mtu;
481 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
482 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
484 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
489 hdev->acl_cnt = hdev->acl_pkts;
490 hdev->sco_cnt = hdev->sco_pkts;
492 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
493 hdev->acl_mtu, hdev->acl_pkts,
494 hdev->sco_mtu, hdev->sco_pkts);
497 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
499 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
501 BT_DBG("%s status 0x%x", hdev->name, rp->status);
504 bacpy(&hdev->bdaddr, &rp->bdaddr);
506 hci_req_complete(hdev, rp->status);
509 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
511 BT_DBG("%s status 0x%x", hdev->name, status);
514 hci_req_complete(hdev, status);
516 hci_conn_check_pending(hdev);
518 set_bit(HCI_INQUIRY, &hdev->flags);
521 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
523 struct hci_cp_create_conn *cp;
524 struct hci_conn *conn;
526 BT_DBG("%s status 0x%x", hdev->name, status);
528 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
534 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
536 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
539 if (conn && conn->state == BT_CONNECT) {
540 if (status != 0x0c || conn->attempt > 2) {
541 conn->state = BT_CLOSED;
542 hci_proto_connect_cfm(conn, status);
545 conn->state = BT_CONNECT2;
549 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
552 conn->link_mode |= HCI_LM_MASTER;
554 BT_ERR("No memmory for new connection");
558 hci_dev_unlock(hdev);
561 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
563 struct hci_cp_add_sco *cp;
564 struct hci_conn *acl, *sco;
567 BT_DBG("%s status 0x%x", hdev->name, status);
572 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
576 handle = __le16_to_cpu(cp->handle);
578 BT_DBG("%s handle %d", hdev->name, handle);
582 acl = hci_conn_hash_lookup_handle(hdev, handle);
583 if (acl && (sco = acl->link)) {
584 sco->state = BT_CLOSED;
586 hci_proto_connect_cfm(sco, status);
590 hci_dev_unlock(hdev);
593 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
595 BT_DBG("%s status 0x%x", hdev->name, status);
598 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
600 struct hci_cp_setup_sync_conn *cp;
601 struct hci_conn *acl, *sco;
604 BT_DBG("%s status 0x%x", hdev->name, status);
609 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
613 handle = __le16_to_cpu(cp->handle);
615 BT_DBG("%s handle %d", hdev->name, handle);
619 acl = hci_conn_hash_lookup_handle(hdev, handle);
620 if (acl && (sco = acl->link)) {
621 sco->state = BT_CLOSED;
623 hci_proto_connect_cfm(sco, status);
627 hci_dev_unlock(hdev);
630 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
632 struct hci_cp_sniff_mode *cp;
633 struct hci_conn *conn;
635 BT_DBG("%s status 0x%x", hdev->name, status);
640 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
646 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
648 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
650 hci_dev_unlock(hdev);
653 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
655 struct hci_cp_exit_sniff_mode *cp;
656 struct hci_conn *conn;
658 BT_DBG("%s status 0x%x", hdev->name, status);
663 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
669 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
671 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
673 hci_dev_unlock(hdev);
676 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
678 __u8 status = *((__u8 *) skb->data);
680 BT_DBG("%s status %d", hdev->name, status);
682 clear_bit(HCI_INQUIRY, &hdev->flags);
684 hci_req_complete(hdev, status);
686 hci_conn_check_pending(hdev);
689 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
691 struct inquiry_data data;
692 struct inquiry_info *info = (void *) (skb->data + 1);
693 int num_rsp = *((__u8 *) skb->data);
695 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
702 for (; num_rsp; num_rsp--) {
703 bacpy(&data.bdaddr, &info->bdaddr);
704 data.pscan_rep_mode = info->pscan_rep_mode;
705 data.pscan_period_mode = info->pscan_period_mode;
706 data.pscan_mode = info->pscan_mode;
707 memcpy(data.dev_class, info->dev_class, 3);
708 data.clock_offset = info->clock_offset;
711 hci_inquiry_cache_update(hdev, &data);
714 hci_dev_unlock(hdev);
717 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
719 struct hci_ev_conn_complete *ev = (void *) skb->data;
720 struct hci_conn *conn;
722 BT_DBG("%s", hdev->name);
726 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
731 conn->handle = __le16_to_cpu(ev->handle);
732 conn->state = BT_CONNECTED;
734 if (test_bit(HCI_AUTH, &hdev->flags))
735 conn->link_mode |= HCI_LM_AUTH;
737 if (test_bit(HCI_ENCRYPT, &hdev->flags))
738 conn->link_mode |= HCI_LM_ENCRYPT;
740 /* Get remote features */
741 if (conn->type == ACL_LINK) {
742 struct hci_cp_read_remote_features cp;
743 cp.handle = ev->handle;
744 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES, sizeof(cp), &cp);
747 /* Set packet type for incoming connection */
748 if (!conn->out && hdev->hci_ver < 3) {
749 struct hci_cp_change_conn_ptype cp;
750 cp.handle = ev->handle;
751 cp.pkt_type = cpu_to_le16(conn->pkt_type);
752 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
755 /* Update disconnect timer */
760 conn->state = BT_CLOSED;
762 if (conn->type == ACL_LINK) {
763 struct hci_conn *sco = conn->link;
766 if (lmp_esco_capable(hdev))
767 hci_setup_sync(sco, conn->handle);
769 hci_add_sco(sco, conn->handle);
771 hci_proto_connect_cfm(sco, ev->status);
777 hci_proto_connect_cfm(conn, ev->status);
782 hci_dev_unlock(hdev);
784 hci_conn_check_pending(hdev);
787 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
789 struct hci_ev_conn_request *ev = (void *) skb->data;
790 int mask = hdev->link_mode;
792 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
793 batostr(&ev->bdaddr), ev->link_type);
795 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
797 if (mask & HCI_LM_ACCEPT) {
798 /* Connection accepted */
799 struct inquiry_entry *ie;
800 struct hci_conn *conn;
804 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr)))
805 memcpy(ie->data.dev_class, ev->dev_class, 3);
807 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
809 if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) {
810 BT_ERR("No memmory for new connection");
811 hci_dev_unlock(hdev);
816 memcpy(conn->dev_class, ev->dev_class, 3);
817 conn->state = BT_CONNECT;
819 hci_dev_unlock(hdev);
821 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
822 struct hci_cp_accept_conn_req cp;
824 bacpy(&cp.bdaddr, &ev->bdaddr);
826 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
827 cp.role = 0x00; /* Become master */
829 cp.role = 0x01; /* Remain slave */
831 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
834 struct hci_cp_accept_sync_conn_req cp;
836 bacpy(&cp.bdaddr, &ev->bdaddr);
837 cp.pkt_type = cpu_to_le16(conn->pkt_type);
839 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
840 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
841 cp.max_latency = cpu_to_le16(0xffff);
842 cp.content_format = cpu_to_le16(hdev->voice_setting);
843 cp.retrans_effort = 0xff;
845 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
849 /* Connection rejected */
850 struct hci_cp_reject_conn_req cp;
852 bacpy(&cp.bdaddr, &ev->bdaddr);
854 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
858 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
860 struct hci_ev_disconn_complete *ev = (void *) skb->data;
861 struct hci_conn *conn;
863 BT_DBG("%s status %d", hdev->name, ev->status);
870 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
872 conn->state = BT_CLOSED;
873 hci_proto_disconn_ind(conn, ev->reason);
877 hci_dev_unlock(hdev);
880 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
882 struct hci_ev_auth_complete *ev = (void *) skb->data;
883 struct hci_conn *conn;
885 BT_DBG("%s status %d", hdev->name, ev->status);
889 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
892 conn->link_mode |= HCI_LM_AUTH;
894 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
896 hci_auth_cfm(conn, ev->status);
898 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
900 struct hci_cp_set_conn_encrypt cp;
901 cp.handle = cpu_to_le16(conn->handle);
903 hci_send_cmd(conn->hdev,
904 HCI_OP_SET_CONN_ENCRYPT, sizeof(cp), &cp);
906 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
907 hci_encrypt_cfm(conn, ev->status, 0x00);
912 hci_dev_unlock(hdev);
915 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
917 BT_DBG("%s", hdev->name);
919 hci_conn_check_pending(hdev);
922 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
924 struct hci_ev_encrypt_change *ev = (void *) skb->data;
925 struct hci_conn *conn;
927 BT_DBG("%s status %d", hdev->name, ev->status);
931 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
935 /* Encryption implies authentication */
936 conn->link_mode |= HCI_LM_AUTH;
937 conn->link_mode |= HCI_LM_ENCRYPT;
939 conn->link_mode &= ~HCI_LM_ENCRYPT;
942 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
944 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
947 hci_dev_unlock(hdev);
950 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
952 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
953 struct hci_conn *conn;
955 BT_DBG("%s status %d", hdev->name, ev->status);
959 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
962 conn->link_mode |= HCI_LM_SECURE;
964 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
966 hci_key_change_cfm(conn, ev->status);
969 hci_dev_unlock(hdev);
972 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
974 struct hci_ev_remote_features *ev = (void *) skb->data;
975 struct hci_conn *conn;
977 BT_DBG("%s status %d", hdev->name, ev->status);
984 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
986 memcpy(conn->features, ev->features, 8);
988 hci_dev_unlock(hdev);
991 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
993 BT_DBG("%s", hdev->name);
996 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
998 BT_DBG("%s", hdev->name);
1001 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1003 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1006 skb_pull(skb, sizeof(*ev));
1008 opcode = __le16_to_cpu(ev->opcode);
1011 case HCI_OP_INQUIRY_CANCEL:
1012 hci_cc_inquiry_cancel(hdev, skb);
1015 case HCI_OP_EXIT_PERIODIC_INQ:
1016 hci_cc_exit_periodic_inq(hdev, skb);
1019 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1020 hci_cc_remote_name_req_cancel(hdev, skb);
1023 case HCI_OP_ROLE_DISCOVERY:
1024 hci_cc_role_discovery(hdev, skb);
1027 case HCI_OP_READ_LINK_POLICY:
1028 hci_cc_read_link_policy(hdev, skb);
1031 case HCI_OP_WRITE_LINK_POLICY:
1032 hci_cc_write_link_policy(hdev, skb);
1035 case HCI_OP_READ_DEF_LINK_POLICY:
1036 hci_cc_read_def_link_policy(hdev, skb);
1039 case HCI_OP_WRITE_DEF_LINK_POLICY:
1040 hci_cc_write_def_link_policy(hdev, skb);
1044 hci_cc_reset(hdev, skb);
1047 case HCI_OP_WRITE_LOCAL_NAME:
1048 hci_cc_write_local_name(hdev, skb);
1051 case HCI_OP_READ_LOCAL_NAME:
1052 hci_cc_read_local_name(hdev, skb);
1055 case HCI_OP_WRITE_AUTH_ENABLE:
1056 hci_cc_write_auth_enable(hdev, skb);
1059 case HCI_OP_WRITE_ENCRYPT_MODE:
1060 hci_cc_write_encrypt_mode(hdev, skb);
1063 case HCI_OP_WRITE_SCAN_ENABLE:
1064 hci_cc_write_scan_enable(hdev, skb);
1067 case HCI_OP_READ_CLASS_OF_DEV:
1068 hci_cc_read_class_of_dev(hdev, skb);
1071 case HCI_OP_WRITE_CLASS_OF_DEV:
1072 hci_cc_write_class_of_dev(hdev, skb);
1075 case HCI_OP_READ_VOICE_SETTING:
1076 hci_cc_read_voice_setting(hdev, skb);
1079 case HCI_OP_WRITE_VOICE_SETTING:
1080 hci_cc_write_voice_setting(hdev, skb);
1083 case HCI_OP_HOST_BUFFER_SIZE:
1084 hci_cc_host_buffer_size(hdev, skb);
1087 case HCI_OP_READ_LOCAL_VERSION:
1088 hci_cc_read_local_version(hdev, skb);
1091 case HCI_OP_READ_LOCAL_COMMANDS:
1092 hci_cc_read_local_commands(hdev, skb);
1095 case HCI_OP_READ_LOCAL_FEATURES:
1096 hci_cc_read_local_features(hdev, skb);
1099 case HCI_OP_READ_BUFFER_SIZE:
1100 hci_cc_read_buffer_size(hdev, skb);
1103 case HCI_OP_READ_BD_ADDR:
1104 hci_cc_read_bd_addr(hdev, skb);
1108 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1113 atomic_set(&hdev->cmd_cnt, 1);
1114 if (!skb_queue_empty(&hdev->cmd_q))
1115 hci_sched_cmd(hdev);
1119 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1121 struct hci_ev_cmd_status *ev = (void *) skb->data;
1124 skb_pull(skb, sizeof(*ev));
1126 opcode = __le16_to_cpu(ev->opcode);
1129 case HCI_OP_INQUIRY:
1130 hci_cs_inquiry(hdev, ev->status);
1133 case HCI_OP_CREATE_CONN:
1134 hci_cs_create_conn(hdev, ev->status);
1137 case HCI_OP_ADD_SCO:
1138 hci_cs_add_sco(hdev, ev->status);
1141 case HCI_OP_REMOTE_NAME_REQ:
1142 hci_cs_remote_name_req(hdev, ev->status);
1145 case HCI_OP_SETUP_SYNC_CONN:
1146 hci_cs_setup_sync_conn(hdev, ev->status);
1149 case HCI_OP_SNIFF_MODE:
1150 hci_cs_sniff_mode(hdev, ev->status);
1153 case HCI_OP_EXIT_SNIFF_MODE:
1154 hci_cs_exit_sniff_mode(hdev, ev->status);
1158 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1163 atomic_set(&hdev->cmd_cnt, 1);
1164 if (!skb_queue_empty(&hdev->cmd_q))
1165 hci_sched_cmd(hdev);
1169 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1171 struct hci_ev_role_change *ev = (void *) skb->data;
1172 struct hci_conn *conn;
1174 BT_DBG("%s status %d", hdev->name, ev->status);
1178 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1182 conn->link_mode &= ~HCI_LM_MASTER;
1184 conn->link_mode |= HCI_LM_MASTER;
1187 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1189 hci_role_switch_cfm(conn, ev->status, ev->role);
1192 hci_dev_unlock(hdev);
1195 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1197 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1201 skb_pull(skb, sizeof(*ev));
1203 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1205 if (skb->len < ev->num_hndl * 4) {
1206 BT_DBG("%s bad parameters", hdev->name);
1210 tasklet_disable(&hdev->tx_task);
1212 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1213 struct hci_conn *conn;
1214 __u16 handle, count;
1216 handle = get_unaligned_le16(ptr++);
1217 count = get_unaligned_le16(ptr++);
1219 conn = hci_conn_hash_lookup_handle(hdev, handle);
1221 conn->sent -= count;
1223 if (conn->type == ACL_LINK) {
1224 if ((hdev->acl_cnt += count) > hdev->acl_pkts)
1225 hdev->acl_cnt = hdev->acl_pkts;
1227 if ((hdev->sco_cnt += count) > hdev->sco_pkts)
1228 hdev->sco_cnt = hdev->sco_pkts;
1235 tasklet_enable(&hdev->tx_task);
1238 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1240 struct hci_ev_mode_change *ev = (void *) skb->data;
1241 struct hci_conn *conn;
1243 BT_DBG("%s status %d", hdev->name, ev->status);
1247 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1249 conn->mode = ev->mode;
1250 conn->interval = __le16_to_cpu(ev->interval);
1252 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1253 if (conn->mode == HCI_CM_ACTIVE)
1254 conn->power_save = 1;
1256 conn->power_save = 0;
1260 hci_dev_unlock(hdev);
1263 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1265 BT_DBG("%s", hdev->name);
1268 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1270 BT_DBG("%s", hdev->name);
1273 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1275 BT_DBG("%s", hdev->name);
1278 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1280 struct hci_ev_clock_offset *ev = (void *) skb->data;
1281 struct hci_conn *conn;
1283 BT_DBG("%s status %d", hdev->name, ev->status);
1287 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1288 if (conn && !ev->status) {
1289 struct inquiry_entry *ie;
1291 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
1292 ie->data.clock_offset = ev->clock_offset;
1293 ie->timestamp = jiffies;
1297 hci_dev_unlock(hdev);
1300 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1302 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
1303 struct hci_conn *conn;
1305 BT_DBG("%s status %d", hdev->name, ev->status);
1309 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1310 if (conn && !ev->status)
1311 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
1313 hci_dev_unlock(hdev);
1316 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1318 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
1319 struct inquiry_entry *ie;
1321 BT_DBG("%s", hdev->name);
1325 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) {
1326 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1327 ie->timestamp = jiffies;
1330 hci_dev_unlock(hdev);
1333 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1335 struct inquiry_data data;
1336 int num_rsp = *((__u8 *) skb->data);
1338 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1345 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1346 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1348 for (; num_rsp; num_rsp--) {
1349 bacpy(&data.bdaddr, &info->bdaddr);
1350 data.pscan_rep_mode = info->pscan_rep_mode;
1351 data.pscan_period_mode = info->pscan_period_mode;
1352 data.pscan_mode = info->pscan_mode;
1353 memcpy(data.dev_class, info->dev_class, 3);
1354 data.clock_offset = info->clock_offset;
1355 data.rssi = info->rssi;
1357 hci_inquiry_cache_update(hdev, &data);
1360 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1362 for (; num_rsp; num_rsp--) {
1363 bacpy(&data.bdaddr, &info->bdaddr);
1364 data.pscan_rep_mode = info->pscan_rep_mode;
1365 data.pscan_period_mode = info->pscan_period_mode;
1366 data.pscan_mode = 0x00;
1367 memcpy(data.dev_class, info->dev_class, 3);
1368 data.clock_offset = info->clock_offset;
1369 data.rssi = info->rssi;
1371 hci_inquiry_cache_update(hdev, &data);
1375 hci_dev_unlock(hdev);
1378 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1380 BT_DBG("%s", hdev->name);
1383 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1385 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
1386 struct hci_conn *conn;
1388 BT_DBG("%s status %d", hdev->name, ev->status);
1392 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1394 if (ev->link_type == ESCO_LINK)
1397 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1401 conn->type = SCO_LINK;
1405 conn->handle = __le16_to_cpu(ev->handle);
1406 conn->state = BT_CONNECTED;
1408 conn->state = BT_CLOSED;
1410 hci_proto_connect_cfm(conn, ev->status);
1415 hci_dev_unlock(hdev);
1418 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
1420 BT_DBG("%s", hdev->name);
1423 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
1425 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
1426 struct hci_conn *conn;
1428 BT_DBG("%s status %d", hdev->name, ev->status);
1432 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1436 hci_dev_unlock(hdev);
1439 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1441 struct inquiry_data data;
1442 struct extended_inquiry_info *info = (void *) (skb->data + 1);
1443 int num_rsp = *((__u8 *) skb->data);
1445 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1452 for (; num_rsp; num_rsp--) {
1453 bacpy(&data.bdaddr, &info->bdaddr);
1454 data.pscan_rep_mode = info->pscan_rep_mode;
1455 data.pscan_period_mode = info->pscan_period_mode;
1456 data.pscan_mode = 0x00;
1457 memcpy(data.dev_class, info->dev_class, 3);
1458 data.clock_offset = info->clock_offset;
1459 data.rssi = info->rssi;
1461 hci_inquiry_cache_update(hdev, &data);
1464 hci_dev_unlock(hdev);
1467 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1469 struct hci_ev_io_capa_request *ev = (void *) skb->data;
1470 struct hci_conn *conn;
1472 BT_DBG("%s", hdev->name);
1476 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1478 hci_conn_hold(conn);
1480 hci_dev_unlock(hdev);
1483 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1485 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
1486 struct hci_conn *conn;
1488 BT_DBG("%s", hdev->name);
1492 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1496 hci_dev_unlock(hdev);
1499 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
1501 struct hci_event_hdr *hdr = (void *) skb->data;
1502 __u8 event = hdr->evt;
1504 skb_pull(skb, HCI_EVENT_HDR_SIZE);
1507 case HCI_EV_INQUIRY_COMPLETE:
1508 hci_inquiry_complete_evt(hdev, skb);
1511 case HCI_EV_INQUIRY_RESULT:
1512 hci_inquiry_result_evt(hdev, skb);
1515 case HCI_EV_CONN_COMPLETE:
1516 hci_conn_complete_evt(hdev, skb);
1519 case HCI_EV_CONN_REQUEST:
1520 hci_conn_request_evt(hdev, skb);
1523 case HCI_EV_DISCONN_COMPLETE:
1524 hci_disconn_complete_evt(hdev, skb);
1527 case HCI_EV_AUTH_COMPLETE:
1528 hci_auth_complete_evt(hdev, skb);
1531 case HCI_EV_REMOTE_NAME:
1532 hci_remote_name_evt(hdev, skb);
1535 case HCI_EV_ENCRYPT_CHANGE:
1536 hci_encrypt_change_evt(hdev, skb);
1539 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
1540 hci_change_link_key_complete_evt(hdev, skb);
1543 case HCI_EV_REMOTE_FEATURES:
1544 hci_remote_features_evt(hdev, skb);
1547 case HCI_EV_REMOTE_VERSION:
1548 hci_remote_version_evt(hdev, skb);
1551 case HCI_EV_QOS_SETUP_COMPLETE:
1552 hci_qos_setup_complete_evt(hdev, skb);
1555 case HCI_EV_CMD_COMPLETE:
1556 hci_cmd_complete_evt(hdev, skb);
1559 case HCI_EV_CMD_STATUS:
1560 hci_cmd_status_evt(hdev, skb);
1563 case HCI_EV_ROLE_CHANGE:
1564 hci_role_change_evt(hdev, skb);
1567 case HCI_EV_NUM_COMP_PKTS:
1568 hci_num_comp_pkts_evt(hdev, skb);
1571 case HCI_EV_MODE_CHANGE:
1572 hci_mode_change_evt(hdev, skb);
1575 case HCI_EV_PIN_CODE_REQ:
1576 hci_pin_code_request_evt(hdev, skb);
1579 case HCI_EV_LINK_KEY_REQ:
1580 hci_link_key_request_evt(hdev, skb);
1583 case HCI_EV_LINK_KEY_NOTIFY:
1584 hci_link_key_notify_evt(hdev, skb);
1587 case HCI_EV_CLOCK_OFFSET:
1588 hci_clock_offset_evt(hdev, skb);
1591 case HCI_EV_PKT_TYPE_CHANGE:
1592 hci_pkt_type_change_evt(hdev, skb);
1595 case HCI_EV_PSCAN_REP_MODE:
1596 hci_pscan_rep_mode_evt(hdev, skb);
1599 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
1600 hci_inquiry_result_with_rssi_evt(hdev, skb);
1603 case HCI_EV_REMOTE_EXT_FEATURES:
1604 hci_remote_ext_features_evt(hdev, skb);
1607 case HCI_EV_SYNC_CONN_COMPLETE:
1608 hci_sync_conn_complete_evt(hdev, skb);
1611 case HCI_EV_SYNC_CONN_CHANGED:
1612 hci_sync_conn_changed_evt(hdev, skb);
1615 case HCI_EV_SNIFF_SUBRATE:
1616 hci_sniff_subrate_evt(hdev, skb);
1619 case HCI_EV_EXTENDED_INQUIRY_RESULT:
1620 hci_extended_inquiry_result_evt(hdev, skb);
1623 case HCI_EV_IO_CAPA_REQUEST:
1624 hci_io_capa_request_evt(hdev, skb);
1627 case HCI_EV_SIMPLE_PAIR_COMPLETE:
1628 hci_simple_pair_complete_evt(hdev, skb);
1632 BT_DBG("%s event 0x%x", hdev->name, event);
1637 hdev->stat.evt_rx++;
1640 /* Generate internal stack event */
1641 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
1643 struct hci_event_hdr *hdr;
1644 struct hci_ev_stack_internal *ev;
1645 struct sk_buff *skb;
1647 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
1651 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
1652 hdr->evt = HCI_EV_STACK_INTERNAL;
1653 hdr->plen = sizeof(*ev) + dlen;
1655 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
1657 memcpy(ev->data, data, dlen);
1659 bt_cb(skb)->incoming = 1;
1660 __net_timestamp(skb);
1662 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1663 skb->dev = (void *) hdev;
1664 hci_send_to_sock(hdev, skb);