2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2010 Nokia Corporation
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 /* Bluetooth HCI Management interface */
25 #include <linux/uaccess.h>
26 #include <asm/unaligned.h>
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/mgmt.h>
32 #define MGMT_VERSION 0
33 #define MGMT_REVISION 1
36 struct list_head list;
44 static LIST_HEAD(cmd_list);
46 static int cmd_status(struct sock *sk, u16 index, u16 cmd, u8 status)
50 struct mgmt_ev_cmd_status *ev;
52 BT_DBG("sock %p, index %u, cmd %u, status %u", sk, index, cmd, status);
54 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
58 hdr = (void *) skb_put(skb, sizeof(*hdr));
60 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
61 hdr->index = cpu_to_le16(index);
62 hdr->len = cpu_to_le16(sizeof(*ev));
64 ev = (void *) skb_put(skb, sizeof(*ev));
66 put_unaligned_le16(cmd, &ev->opcode);
68 if (sock_queue_rcv_skb(sk, skb) < 0)
74 static int cmd_complete(struct sock *sk, u16 index, u16 cmd, void *rp,
79 struct mgmt_ev_cmd_complete *ev;
81 BT_DBG("sock %p", sk);
83 skb = alloc_skb(sizeof(*hdr) + sizeof(*ev) + rp_len, GFP_ATOMIC);
87 hdr = (void *) skb_put(skb, sizeof(*hdr));
89 hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE);
90 hdr->index = cpu_to_le16(index);
91 hdr->len = cpu_to_le16(sizeof(*ev) + rp_len);
93 ev = (void *) skb_put(skb, sizeof(*ev) + rp_len);
94 put_unaligned_le16(cmd, &ev->opcode);
97 memcpy(ev->data, rp, rp_len);
99 if (sock_queue_rcv_skb(sk, skb) < 0)
105 static int read_version(struct sock *sk)
107 struct mgmt_rp_read_version rp;
109 BT_DBG("sock %p", sk);
111 rp.version = MGMT_VERSION;
112 put_unaligned_le16(MGMT_REVISION, &rp.revision);
114 return cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_VERSION, &rp,
118 static int read_index_list(struct sock *sk)
120 struct mgmt_rp_read_index_list *rp;
126 BT_DBG("sock %p", sk);
128 read_lock(&hci_dev_list_lock);
131 list_for_each(p, &hci_dev_list) {
135 rp_len = sizeof(*rp) + (2 * count);
136 rp = kmalloc(rp_len, GFP_ATOMIC);
138 read_unlock(&hci_dev_list_lock);
142 put_unaligned_le16(count, &rp->num_controllers);
145 list_for_each(p, &hci_dev_list) {
146 struct hci_dev *d = list_entry(p, struct hci_dev, list);
148 hci_del_off_timer(d);
150 set_bit(HCI_MGMT, &d->flags);
152 if (test_bit(HCI_SETUP, &d->flags))
155 put_unaligned_le16(d->id, &rp->index[i++]);
156 BT_DBG("Added hci%u", d->id);
159 read_unlock(&hci_dev_list_lock);
161 err = cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_INDEX_LIST, rp,
169 static int read_controller_info(struct sock *sk, u16 index)
171 struct mgmt_rp_read_info rp;
172 struct hci_dev *hdev;
174 BT_DBG("sock %p hci%u", sk, index);
176 hdev = hci_dev_get(index);
178 return cmd_status(sk, index, MGMT_OP_READ_INFO, ENODEV);
180 hci_del_off_timer(hdev);
182 hci_dev_lock_bh(hdev);
184 set_bit(HCI_MGMT, &hdev->flags);
186 memset(&rp, 0, sizeof(rp));
188 rp.type = hdev->dev_type;
190 rp.powered = test_bit(HCI_UP, &hdev->flags);
191 rp.connectable = test_bit(HCI_PSCAN, &hdev->flags);
192 rp.discoverable = test_bit(HCI_ISCAN, &hdev->flags);
193 rp.pairable = test_bit(HCI_PSCAN, &hdev->flags);
195 if (test_bit(HCI_AUTH, &hdev->flags))
197 else if (hdev->ssp_mode > 0)
202 bacpy(&rp.bdaddr, &hdev->bdaddr);
203 memcpy(rp.features, hdev->features, 8);
204 memcpy(rp.dev_class, hdev->dev_class, 3);
205 put_unaligned_le16(hdev->manufacturer, &rp.manufacturer);
206 rp.hci_ver = hdev->hci_ver;
207 put_unaligned_le16(hdev->hci_rev, &rp.hci_rev);
209 memcpy(rp.name, hdev->dev_name, sizeof(hdev->dev_name));
211 hci_dev_unlock_bh(hdev);
214 return cmd_complete(sk, index, MGMT_OP_READ_INFO, &rp, sizeof(rp));
217 static void mgmt_pending_free(struct pending_cmd *cmd)
224 static struct pending_cmd *mgmt_pending_add(struct sock *sk, u16 opcode,
225 u16 index, void *data, u16 len)
227 struct pending_cmd *cmd;
229 cmd = kmalloc(sizeof(*cmd), GFP_ATOMIC);
233 cmd->opcode = opcode;
236 cmd->param = kmalloc(len, GFP_ATOMIC);
243 memcpy(cmd->param, data, len);
248 list_add(&cmd->list, &cmd_list);
253 static void mgmt_pending_foreach(u16 opcode, int index,
254 void (*cb)(struct pending_cmd *cmd, void *data),
257 struct list_head *p, *n;
259 list_for_each_safe(p, n, &cmd_list) {
260 struct pending_cmd *cmd;
262 cmd = list_entry(p, struct pending_cmd, list);
264 if (cmd->opcode != opcode)
267 if (index >= 0 && cmd->index != index)
274 static struct pending_cmd *mgmt_pending_find(u16 opcode, int index)
278 list_for_each(p, &cmd_list) {
279 struct pending_cmd *cmd;
281 cmd = list_entry(p, struct pending_cmd, list);
283 if (cmd->opcode != opcode)
286 if (index >= 0 && cmd->index != index)
295 static void mgmt_pending_remove(struct pending_cmd *cmd)
297 list_del(&cmd->list);
298 mgmt_pending_free(cmd);
301 static int set_powered(struct sock *sk, u16 index, unsigned char *data, u16 len)
303 struct mgmt_mode *cp;
304 struct hci_dev *hdev;
305 struct pending_cmd *cmd;
310 BT_DBG("request for hci%u", index);
312 if (len != sizeof(*cp))
313 return cmd_status(sk, index, MGMT_OP_SET_POWERED, EINVAL);
315 hdev = hci_dev_get(index);
317 return cmd_status(sk, index, MGMT_OP_SET_POWERED, ENODEV);
319 hci_dev_lock_bh(hdev);
321 up = test_bit(HCI_UP, &hdev->flags);
322 if ((cp->val && up) || (!cp->val && !up)) {
323 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EALREADY);
327 if (mgmt_pending_find(MGMT_OP_SET_POWERED, index)) {
328 err = cmd_status(sk, index, MGMT_OP_SET_POWERED, EBUSY);
332 cmd = mgmt_pending_add(sk, MGMT_OP_SET_POWERED, index, data, len);
339 queue_work(hdev->workqueue, &hdev->power_on);
341 queue_work(hdev->workqueue, &hdev->power_off);
346 hci_dev_unlock_bh(hdev);
351 static int set_discoverable(struct sock *sk, u16 index, unsigned char *data,
354 struct mgmt_mode *cp;
355 struct hci_dev *hdev;
356 struct pending_cmd *cmd;
362 BT_DBG("request for hci%u", index);
364 if (len != sizeof(*cp))
365 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EINVAL);
367 hdev = hci_dev_get(index);
369 return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENODEV);
371 hci_dev_lock_bh(hdev);
373 if (!test_bit(HCI_UP, &hdev->flags)) {
374 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, ENETDOWN);
378 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
379 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
380 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EBUSY);
384 if (cp->val == test_bit(HCI_ISCAN, &hdev->flags) &&
385 test_bit(HCI_PSCAN, &hdev->flags)) {
386 err = cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, EALREADY);
390 cmd = mgmt_pending_add(sk, MGMT_OP_SET_DISCOVERABLE, index, data, len);
399 scan |= SCAN_INQUIRY;
401 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
403 mgmt_pending_remove(cmd);
406 hci_dev_unlock_bh(hdev);
412 static int set_connectable(struct sock *sk, u16 index, unsigned char *data,
415 struct mgmt_mode *cp;
416 struct hci_dev *hdev;
417 struct pending_cmd *cmd;
423 BT_DBG("request for hci%u", index);
425 if (len != sizeof(*cp))
426 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EINVAL);
428 hdev = hci_dev_get(index);
430 return cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENODEV);
432 hci_dev_lock_bh(hdev);
434 if (!test_bit(HCI_UP, &hdev->flags)) {
435 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, ENETDOWN);
439 if (mgmt_pending_find(MGMT_OP_SET_DISCOVERABLE, index) ||
440 mgmt_pending_find(MGMT_OP_SET_CONNECTABLE, index)) {
441 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EBUSY);
445 if (cp->val == test_bit(HCI_PSCAN, &hdev->flags)) {
446 err = cmd_status(sk, index, MGMT_OP_SET_CONNECTABLE, EALREADY);
450 cmd = mgmt_pending_add(sk, MGMT_OP_SET_CONNECTABLE, index, data, len);
461 err = hci_send_cmd(hdev, HCI_OP_WRITE_SCAN_ENABLE, 1, &scan);
463 mgmt_pending_remove(cmd);
466 hci_dev_unlock_bh(hdev);
472 static int mgmt_event(u16 event, u16 index, void *data, u16 data_len,
473 struct sock *skip_sk)
476 struct mgmt_hdr *hdr;
478 skb = alloc_skb(sizeof(*hdr) + data_len, GFP_ATOMIC);
482 bt_cb(skb)->channel = HCI_CHANNEL_CONTROL;
484 hdr = (void *) skb_put(skb, sizeof(*hdr));
485 hdr->opcode = cpu_to_le16(event);
486 hdr->index = cpu_to_le16(index);
487 hdr->len = cpu_to_le16(data_len);
490 memcpy(skb_put(skb, data_len), data, data_len);
492 hci_send_to_sock(NULL, skb, skip_sk);
498 static int send_mode_rsp(struct sock *sk, u16 opcode, u16 index, u8 val)
504 return cmd_complete(sk, index, opcode, &rp, sizeof(rp));
507 static int set_pairable(struct sock *sk, u16 index, unsigned char *data,
510 struct mgmt_mode *cp, ev;
511 struct hci_dev *hdev;
516 BT_DBG("request for hci%u", index);
518 if (len != sizeof(*cp))
519 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, EINVAL);
521 hdev = hci_dev_get(index);
523 return cmd_status(sk, index, MGMT_OP_SET_PAIRABLE, ENODEV);
525 hci_dev_lock_bh(hdev);
528 set_bit(HCI_PAIRABLE, &hdev->flags);
530 clear_bit(HCI_PAIRABLE, &hdev->flags);
532 err = send_mode_rsp(sk, MGMT_OP_SET_PAIRABLE, index, cp->val);
538 err = mgmt_event(MGMT_EV_PAIRABLE, index, &ev, sizeof(ev), sk);
541 hci_dev_unlock_bh(hdev);
547 #define EIR_FLAGS 0x01 /* flags */
548 #define EIR_UUID16_SOME 0x02 /* 16-bit UUID, more available */
549 #define EIR_UUID16_ALL 0x03 /* 16-bit UUID, all listed */
550 #define EIR_UUID32_SOME 0x04 /* 32-bit UUID, more available */
551 #define EIR_UUID32_ALL 0x05 /* 32-bit UUID, all listed */
552 #define EIR_UUID128_SOME 0x06 /* 128-bit UUID, more available */
553 #define EIR_UUID128_ALL 0x07 /* 128-bit UUID, all listed */
554 #define EIR_NAME_SHORT 0x08 /* shortened local name */
555 #define EIR_NAME_COMPLETE 0x09 /* complete local name */
556 #define EIR_TX_POWER 0x0A /* transmit power level */
557 #define EIR_DEVICE_ID 0x10 /* device ID */
559 #define PNP_INFO_SVCLASS_ID 0x1200
561 static u8 bluetooth_base_uuid[] = {
562 0xFB, 0x34, 0x9B, 0x5F, 0x80, 0x00, 0x00, 0x80,
563 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
566 static u16 get_uuid16(u8 *uuid128)
571 for (i = 0; i < 12; i++) {
572 if (bluetooth_base_uuid[i] != uuid128[i])
576 memcpy(&val, &uuid128[12], 4);
578 val = le32_to_cpu(val);
585 static void create_eir(struct hci_dev *hdev, u8 *data)
589 u16 uuid16_list[HCI_MAX_EIR_LENGTH / sizeof(u16)];
590 int i, truncated = 0;
594 name_len = strlen(hdev->dev_name);
600 ptr[1] = EIR_NAME_SHORT;
602 ptr[1] = EIR_NAME_COMPLETE;
604 /* EIR Data length */
605 ptr[0] = name_len + 1;
607 memcpy(ptr + 2, hdev->dev_name, name_len);
609 eir_len += (name_len + 2);
610 ptr += (name_len + 2);
613 memset(uuid16_list, 0, sizeof(uuid16_list));
615 /* Group all UUID16 types */
616 list_for_each(p, &hdev->uuids) {
617 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
620 uuid16 = get_uuid16(uuid->uuid);
627 if (uuid16 == PNP_INFO_SVCLASS_ID)
630 /* Stop if not enough space to put next UUID */
631 if (eir_len + 2 + sizeof(u16) > HCI_MAX_EIR_LENGTH) {
636 /* Check for duplicates */
637 for (i = 0; uuid16_list[i] != 0; i++)
638 if (uuid16_list[i] == uuid16)
641 if (uuid16_list[i] == 0) {
642 uuid16_list[i] = uuid16;
643 eir_len += sizeof(u16);
647 if (uuid16_list[0] != 0) {
651 ptr[1] = truncated ? EIR_UUID16_SOME : EIR_UUID16_ALL;
656 for (i = 0; uuid16_list[i] != 0; i++) {
657 *ptr++ = (uuid16_list[i] & 0x00ff);
658 *ptr++ = (uuid16_list[i] & 0xff00) >> 8;
661 /* EIR Data length */
662 *length = (i * sizeof(u16)) + 1;
666 static int update_eir(struct hci_dev *hdev)
668 struct hci_cp_write_eir cp;
670 if (!(hdev->features[6] & LMP_EXT_INQ))
673 if (hdev->ssp_mode == 0)
676 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
679 memset(&cp, 0, sizeof(cp));
681 create_eir(hdev, cp.data);
683 if (memcmp(cp.data, hdev->eir, sizeof(cp.data)) == 0)
686 memcpy(hdev->eir, cp.data, sizeof(cp.data));
688 return hci_send_cmd(hdev, HCI_OP_WRITE_EIR, sizeof(cp), &cp);
691 static u8 get_service_classes(struct hci_dev *hdev)
696 list_for_each(p, &hdev->uuids) {
697 struct bt_uuid *uuid = list_entry(p, struct bt_uuid, list);
699 val |= uuid->svc_hint;
705 static int update_class(struct hci_dev *hdev)
709 BT_DBG("%s", hdev->name);
711 if (test_bit(HCI_SERVICE_CACHE, &hdev->flags))
714 cod[0] = hdev->minor_class;
715 cod[1] = hdev->major_class;
716 cod[2] = get_service_classes(hdev);
718 if (memcmp(cod, hdev->dev_class, 3) == 0)
721 return hci_send_cmd(hdev, HCI_OP_WRITE_CLASS_OF_DEV, sizeof(cod), cod);
724 static int add_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
726 struct mgmt_cp_add_uuid *cp;
727 struct hci_dev *hdev;
728 struct bt_uuid *uuid;
733 BT_DBG("request for hci%u", index);
735 if (len != sizeof(*cp))
736 return cmd_status(sk, index, MGMT_OP_ADD_UUID, EINVAL);
738 hdev = hci_dev_get(index);
740 return cmd_status(sk, index, MGMT_OP_ADD_UUID, ENODEV);
742 hci_dev_lock_bh(hdev);
744 uuid = kmalloc(sizeof(*uuid), GFP_ATOMIC);
750 memcpy(uuid->uuid, cp->uuid, 16);
751 uuid->svc_hint = cp->svc_hint;
753 list_add(&uuid->list, &hdev->uuids);
755 err = update_class(hdev);
759 err = update_eir(hdev);
763 err = cmd_complete(sk, index, MGMT_OP_ADD_UUID, NULL, 0);
766 hci_dev_unlock_bh(hdev);
772 static int remove_uuid(struct sock *sk, u16 index, unsigned char *data, u16 len)
774 struct list_head *p, *n;
775 struct mgmt_cp_remove_uuid *cp;
776 struct hci_dev *hdev;
777 u8 bt_uuid_any[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
782 BT_DBG("request for hci%u", index);
784 if (len != sizeof(*cp))
785 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, EINVAL);
787 hdev = hci_dev_get(index);
789 return cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENODEV);
791 hci_dev_lock_bh(hdev);
793 if (memcmp(cp->uuid, bt_uuid_any, 16) == 0) {
794 err = hci_uuids_clear(hdev);
800 list_for_each_safe(p, n, &hdev->uuids) {
801 struct bt_uuid *match = list_entry(p, struct bt_uuid, list);
803 if (memcmp(match->uuid, cp->uuid, 16) != 0)
806 list_del(&match->list);
811 err = cmd_status(sk, index, MGMT_OP_REMOVE_UUID, ENOENT);
815 err = update_class(hdev);
819 err = update_eir(hdev);
823 err = cmd_complete(sk, index, MGMT_OP_REMOVE_UUID, NULL, 0);
826 hci_dev_unlock_bh(hdev);
832 static int set_dev_class(struct sock *sk, u16 index, unsigned char *data,
835 struct hci_dev *hdev;
836 struct mgmt_cp_set_dev_class *cp;
841 BT_DBG("request for hci%u", index);
843 if (len != sizeof(*cp))
844 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, EINVAL);
846 hdev = hci_dev_get(index);
848 return cmd_status(sk, index, MGMT_OP_SET_DEV_CLASS, ENODEV);
850 hci_dev_lock_bh(hdev);
852 hdev->major_class = cp->major;
853 hdev->minor_class = cp->minor;
855 err = update_class(hdev);
858 err = cmd_complete(sk, index, MGMT_OP_SET_DEV_CLASS, NULL, 0);
860 hci_dev_unlock_bh(hdev);
866 static int set_service_cache(struct sock *sk, u16 index, unsigned char *data,
869 struct hci_dev *hdev;
870 struct mgmt_cp_set_service_cache *cp;
875 if (len != sizeof(*cp))
876 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, EINVAL);
878 hdev = hci_dev_get(index);
880 return cmd_status(sk, index, MGMT_OP_SET_SERVICE_CACHE, ENODEV);
882 hci_dev_lock_bh(hdev);
884 BT_DBG("hci%u enable %d", index, cp->enable);
887 set_bit(HCI_SERVICE_CACHE, &hdev->flags);
890 clear_bit(HCI_SERVICE_CACHE, &hdev->flags);
891 err = update_class(hdev);
893 err = update_eir(hdev);
897 err = cmd_complete(sk, index, MGMT_OP_SET_SERVICE_CACHE, NULL,
900 hci_dev_unlock_bh(hdev);
906 static int load_keys(struct sock *sk, u16 index, unsigned char *data, u16 len)
908 struct hci_dev *hdev;
909 struct mgmt_cp_load_keys *cp;
910 u16 key_count, expected_len;
915 if (len < sizeof(*cp))
918 key_count = get_unaligned_le16(&cp->key_count);
920 expected_len = sizeof(*cp) + key_count * sizeof(struct mgmt_key_info);
921 if (expected_len != len) {
922 BT_ERR("load_keys: expected %u bytes, got %u bytes",
927 hdev = hci_dev_get(index);
929 return cmd_status(sk, index, MGMT_OP_LOAD_KEYS, ENODEV);
931 BT_DBG("hci%u debug_keys %u key_count %u", index, cp->debug_keys,
934 hci_dev_lock_bh(hdev);
936 hci_link_keys_clear(hdev);
938 set_bit(HCI_LINK_KEYS, &hdev->flags);
941 set_bit(HCI_DEBUG_KEYS, &hdev->flags);
943 clear_bit(HCI_DEBUG_KEYS, &hdev->flags);
945 for (i = 0; i < key_count; i++) {
946 struct mgmt_key_info *key = &cp->keys[i];
948 hci_add_link_key(hdev, NULL, 0, &key->bdaddr, key->val, key->type,
952 hci_dev_unlock_bh(hdev);
958 static int remove_key(struct sock *sk, u16 index, unsigned char *data, u16 len)
960 struct hci_dev *hdev;
961 struct mgmt_cp_remove_key *cp;
962 struct hci_conn *conn;
967 if (len != sizeof(*cp))
968 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, EINVAL);
970 hdev = hci_dev_get(index);
972 return cmd_status(sk, index, MGMT_OP_REMOVE_KEY, ENODEV);
974 hci_dev_lock_bh(hdev);
976 err = hci_remove_link_key(hdev, &cp->bdaddr);
978 err = cmd_status(sk, index, MGMT_OP_REMOVE_KEY, -err);
984 if (!test_bit(HCI_UP, &hdev->flags) || !cp->disconnect)
987 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
989 struct hci_cp_disconnect dc;
991 put_unaligned_le16(conn->handle, &dc.handle);
992 dc.reason = 0x13; /* Remote User Terminated Connection */
993 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
997 hci_dev_unlock_bh(hdev);
1003 static int disconnect(struct sock *sk, u16 index, unsigned char *data, u16 len)
1005 struct hci_dev *hdev;
1006 struct mgmt_cp_disconnect *cp;
1007 struct hci_cp_disconnect dc;
1008 struct pending_cmd *cmd;
1009 struct hci_conn *conn;
1016 if (len != sizeof(*cp))
1017 return cmd_status(sk, index, MGMT_OP_DISCONNECT, EINVAL);
1019 hdev = hci_dev_get(index);
1021 return cmd_status(sk, index, MGMT_OP_DISCONNECT, ENODEV);
1023 hci_dev_lock_bh(hdev);
1025 if (!test_bit(HCI_UP, &hdev->flags)) {
1026 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENETDOWN);
1030 if (mgmt_pending_find(MGMT_OP_DISCONNECT, index)) {
1031 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, EBUSY);
1035 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1037 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->bdaddr);
1040 err = cmd_status(sk, index, MGMT_OP_DISCONNECT, ENOTCONN);
1044 cmd = mgmt_pending_add(sk, MGMT_OP_DISCONNECT, index, data, len);
1050 put_unaligned_le16(conn->handle, &dc.handle);
1051 dc.reason = 0x13; /* Remote User Terminated Connection */
1053 err = hci_send_cmd(hdev, HCI_OP_DISCONNECT, sizeof(dc), &dc);
1055 mgmt_pending_remove(cmd);
1058 hci_dev_unlock_bh(hdev);
1064 static int get_connections(struct sock *sk, u16 index)
1066 struct mgmt_rp_get_connections *rp;
1067 struct hci_dev *hdev;
1068 struct list_head *p;
1075 hdev = hci_dev_get(index);
1077 return cmd_status(sk, index, MGMT_OP_GET_CONNECTIONS, ENODEV);
1079 hci_dev_lock_bh(hdev);
1082 list_for_each(p, &hdev->conn_hash.list) {
1086 rp_len = sizeof(*rp) + (count * sizeof(bdaddr_t));
1087 rp = kmalloc(rp_len, GFP_ATOMIC);
1093 put_unaligned_le16(count, &rp->conn_count);
1096 list_for_each(p, &hdev->conn_hash.list) {
1097 struct hci_conn *c = list_entry(p, struct hci_conn, list);
1099 bacpy(&rp->conn[i++], &c->dst);
1102 err = cmd_complete(sk, index, MGMT_OP_GET_CONNECTIONS, rp, rp_len);
1106 hci_dev_unlock_bh(hdev);
1111 static int send_pin_code_neg_reply(struct sock *sk, u16 index,
1112 struct hci_dev *hdev, struct mgmt_cp_pin_code_neg_reply *cp)
1114 struct pending_cmd *cmd;
1117 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_NEG_REPLY, index, cp,
1122 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY, sizeof(cp->bdaddr),
1125 mgmt_pending_remove(cmd);
1130 static int pin_code_reply(struct sock *sk, u16 index, unsigned char *data,
1133 struct hci_dev *hdev;
1134 struct hci_conn *conn;
1135 struct mgmt_cp_pin_code_reply *cp;
1136 struct mgmt_cp_pin_code_neg_reply ncp;
1137 struct hci_cp_pin_code_reply reply;
1138 struct pending_cmd *cmd;
1145 if (len != sizeof(*cp))
1146 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, EINVAL);
1148 hdev = hci_dev_get(index);
1150 return cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENODEV);
1152 hci_dev_lock_bh(hdev);
1154 if (!test_bit(HCI_UP, &hdev->flags)) {
1155 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENETDOWN);
1159 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1161 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY, ENOTCONN);
1165 if (conn->pending_sec_level == BT_SECURITY_HIGH && cp->pin_len != 16) {
1166 bacpy(&ncp.bdaddr, &cp->bdaddr);
1168 BT_ERR("PIN code is not 16 bytes long");
1170 err = send_pin_code_neg_reply(sk, index, hdev, &ncp);
1172 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_REPLY,
1178 cmd = mgmt_pending_add(sk, MGMT_OP_PIN_CODE_REPLY, index, data, len);
1184 bacpy(&reply.bdaddr, &cp->bdaddr);
1185 reply.pin_len = cp->pin_len;
1186 memcpy(reply.pin_code, cp->pin_code, sizeof(reply.pin_code));
1188 err = hci_send_cmd(hdev, HCI_OP_PIN_CODE_REPLY, sizeof(reply), &reply);
1190 mgmt_pending_remove(cmd);
1193 hci_dev_unlock_bh(hdev);
1199 static int pin_code_neg_reply(struct sock *sk, u16 index, unsigned char *data,
1202 struct hci_dev *hdev;
1203 struct mgmt_cp_pin_code_neg_reply *cp;
1210 if (len != sizeof(*cp))
1211 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1214 hdev = hci_dev_get(index);
1216 return cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1219 hci_dev_lock_bh(hdev);
1221 if (!test_bit(HCI_UP, &hdev->flags)) {
1222 err = cmd_status(sk, index, MGMT_OP_PIN_CODE_NEG_REPLY,
1227 err = send_pin_code_neg_reply(sk, index, hdev, cp);
1230 hci_dev_unlock_bh(hdev);
1236 static int set_io_capability(struct sock *sk, u16 index, unsigned char *data,
1239 struct hci_dev *hdev;
1240 struct mgmt_cp_set_io_capability *cp;
1246 if (len != sizeof(*cp))
1247 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, EINVAL);
1249 hdev = hci_dev_get(index);
1251 return cmd_status(sk, index, MGMT_OP_SET_IO_CAPABILITY, ENODEV);
1253 hci_dev_lock_bh(hdev);
1255 hdev->io_capability = cp->io_capability;
1257 BT_DBG("%s IO capability set to 0x%02x", hdev->name,
1258 hdev->io_capability);
1260 hci_dev_unlock_bh(hdev);
1263 return cmd_complete(sk, index, MGMT_OP_SET_IO_CAPABILITY, NULL, 0);
1266 static inline struct pending_cmd *find_pairing(struct hci_conn *conn)
1268 struct hci_dev *hdev = conn->hdev;
1269 struct list_head *p;
1271 list_for_each(p, &cmd_list) {
1272 struct pending_cmd *cmd;
1274 cmd = list_entry(p, struct pending_cmd, list);
1276 if (cmd->opcode != MGMT_OP_PAIR_DEVICE)
1279 if (cmd->index != hdev->id)
1282 if (cmd->user_data != conn)
1291 static void pairing_complete(struct pending_cmd *cmd, u8 status)
1293 struct mgmt_rp_pair_device rp;
1294 struct hci_conn *conn = cmd->user_data;
1296 bacpy(&rp.bdaddr, &conn->dst);
1299 cmd_complete(cmd->sk, cmd->index, MGMT_OP_PAIR_DEVICE, &rp, sizeof(rp));
1301 /* So we don't get further callbacks for this connection */
1302 conn->connect_cfm_cb = NULL;
1303 conn->security_cfm_cb = NULL;
1304 conn->disconn_cfm_cb = NULL;
1308 mgmt_pending_remove(cmd);
1311 static void pairing_complete_cb(struct hci_conn *conn, u8 status)
1313 struct pending_cmd *cmd;
1315 BT_DBG("status %u", status);
1317 cmd = find_pairing(conn);
1319 BT_DBG("Unable to find a pending command");
1323 pairing_complete(cmd, status);
1326 static int pair_device(struct sock *sk, u16 index, unsigned char *data, u16 len)
1328 struct hci_dev *hdev;
1329 struct mgmt_cp_pair_device *cp;
1330 struct pending_cmd *cmd;
1331 struct adv_entry *entry;
1332 u8 sec_level, auth_type;
1333 struct hci_conn *conn;
1340 if (len != sizeof(*cp))
1341 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
1343 hdev = hci_dev_get(index);
1345 return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, ENODEV);
1347 hci_dev_lock_bh(hdev);
1349 sec_level = BT_SECURITY_MEDIUM;
1350 if (cp->io_cap == 0x03)
1351 auth_type = HCI_AT_DEDICATED_BONDING;
1353 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1355 entry = hci_find_adv_entry(hdev, &cp->bdaddr);
1357 conn = hci_connect(hdev, LE_LINK, &cp->bdaddr, sec_level,
1360 conn = hci_connect(hdev, ACL_LINK, &cp->bdaddr, sec_level,
1364 err = PTR_ERR(conn);
1368 if (conn->connect_cfm_cb) {
1370 err = cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EBUSY);
1374 cmd = mgmt_pending_add(sk, MGMT_OP_PAIR_DEVICE, index, data, len);
1381 /* For LE, just connecting isn't a proof that the pairing finished */
1383 conn->connect_cfm_cb = pairing_complete_cb;
1385 conn->security_cfm_cb = pairing_complete_cb;
1386 conn->disconn_cfm_cb = pairing_complete_cb;
1387 conn->io_capability = cp->io_cap;
1388 cmd->user_data = conn;
1390 if (conn->state == BT_CONNECTED &&
1391 hci_conn_security(conn, sec_level, auth_type))
1392 pairing_complete(cmd, 0);
1397 hci_dev_unlock_bh(hdev);
1403 static int user_confirm_reply(struct sock *sk, u16 index, unsigned char *data,
1404 u16 len, int success)
1406 struct mgmt_cp_user_confirm_reply *cp = (void *) data;
1407 u16 mgmt_op, hci_op;
1408 struct pending_cmd *cmd;
1409 struct hci_dev *hdev;
1415 mgmt_op = MGMT_OP_USER_CONFIRM_REPLY;
1416 hci_op = HCI_OP_USER_CONFIRM_REPLY;
1418 mgmt_op = MGMT_OP_USER_CONFIRM_NEG_REPLY;
1419 hci_op = HCI_OP_USER_CONFIRM_NEG_REPLY;
1422 if (len != sizeof(*cp))
1423 return cmd_status(sk, index, mgmt_op, EINVAL);
1425 hdev = hci_dev_get(index);
1427 return cmd_status(sk, index, mgmt_op, ENODEV);
1429 hci_dev_lock_bh(hdev);
1431 if (!test_bit(HCI_UP, &hdev->flags)) {
1432 err = cmd_status(sk, index, mgmt_op, ENETDOWN);
1436 cmd = mgmt_pending_add(sk, mgmt_op, index, data, len);
1442 err = hci_send_cmd(hdev, hci_op, sizeof(cp->bdaddr), &cp->bdaddr);
1444 mgmt_pending_remove(cmd);
1447 hci_dev_unlock_bh(hdev);
1453 static int set_local_name(struct sock *sk, u16 index, unsigned char *data,
1456 struct mgmt_cp_set_local_name *mgmt_cp = (void *) data;
1457 struct hci_cp_write_local_name hci_cp;
1458 struct hci_dev *hdev;
1459 struct pending_cmd *cmd;
1464 if (len != sizeof(*mgmt_cp))
1465 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, EINVAL);
1467 hdev = hci_dev_get(index);
1469 return cmd_status(sk, index, MGMT_OP_SET_LOCAL_NAME, ENODEV);
1471 hci_dev_lock_bh(hdev);
1473 cmd = mgmt_pending_add(sk, MGMT_OP_SET_LOCAL_NAME, index, data, len);
1479 memcpy(hci_cp.name, mgmt_cp->name, sizeof(hci_cp.name));
1480 err = hci_send_cmd(hdev, HCI_OP_WRITE_LOCAL_NAME, sizeof(hci_cp),
1483 mgmt_pending_remove(cmd);
1486 hci_dev_unlock_bh(hdev);
1492 static int read_local_oob_data(struct sock *sk, u16 index)
1494 struct hci_dev *hdev;
1495 struct pending_cmd *cmd;
1498 BT_DBG("hci%u", index);
1500 hdev = hci_dev_get(index);
1502 return cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1505 hci_dev_lock_bh(hdev);
1507 if (!test_bit(HCI_UP, &hdev->flags)) {
1508 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1513 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) {
1514 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
1519 if (mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index)) {
1520 err = cmd_status(sk, index, MGMT_OP_READ_LOCAL_OOB_DATA, EBUSY);
1524 cmd = mgmt_pending_add(sk, MGMT_OP_READ_LOCAL_OOB_DATA, index, NULL, 0);
1530 err = hci_send_cmd(hdev, HCI_OP_READ_LOCAL_OOB_DATA, 0, NULL);
1532 mgmt_pending_remove(cmd);
1535 hci_dev_unlock_bh(hdev);
1541 static int add_remote_oob_data(struct sock *sk, u16 index, unsigned char *data,
1544 struct hci_dev *hdev;
1545 struct mgmt_cp_add_remote_oob_data *cp = (void *) data;
1548 BT_DBG("hci%u ", index);
1550 if (len != sizeof(*cp))
1551 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1554 hdev = hci_dev_get(index);
1556 return cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA,
1559 hci_dev_lock_bh(hdev);
1561 err = hci_add_remote_oob_data(hdev, &cp->bdaddr, cp->hash,
1564 err = cmd_status(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, -err);
1566 err = cmd_complete(sk, index, MGMT_OP_ADD_REMOTE_OOB_DATA, NULL,
1569 hci_dev_unlock_bh(hdev);
1575 static int remove_remote_oob_data(struct sock *sk, u16 index,
1576 unsigned char *data, u16 len)
1578 struct hci_dev *hdev;
1579 struct mgmt_cp_remove_remote_oob_data *cp = (void *) data;
1582 BT_DBG("hci%u ", index);
1584 if (len != sizeof(*cp))
1585 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1588 hdev = hci_dev_get(index);
1590 return cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1593 hci_dev_lock_bh(hdev);
1595 err = hci_remove_remote_oob_data(hdev, &cp->bdaddr);
1597 err = cmd_status(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1600 err = cmd_complete(sk, index, MGMT_OP_REMOVE_REMOTE_OOB_DATA,
1603 hci_dev_unlock_bh(hdev);
1609 static int start_discovery(struct sock *sk, u16 index)
1611 u8 lap[3] = { 0x33, 0x8b, 0x9e };
1612 struct hci_cp_inquiry cp;
1613 struct pending_cmd *cmd;
1614 struct hci_dev *hdev;
1617 BT_DBG("hci%u", index);
1619 hdev = hci_dev_get(index);
1621 return cmd_status(sk, index, MGMT_OP_START_DISCOVERY, ENODEV);
1623 hci_dev_lock_bh(hdev);
1625 cmd = mgmt_pending_add(sk, MGMT_OP_START_DISCOVERY, index, NULL, 0);
1631 memset(&cp, 0, sizeof(cp));
1632 memcpy(&cp.lap, lap, 3);
1636 err = hci_send_cmd(hdev, HCI_OP_INQUIRY, sizeof(cp), &cp);
1638 mgmt_pending_remove(cmd);
1641 hci_dev_unlock_bh(hdev);
1647 static int stop_discovery(struct sock *sk, u16 index)
1649 struct hci_dev *hdev;
1650 struct pending_cmd *cmd;
1653 BT_DBG("hci%u", index);
1655 hdev = hci_dev_get(index);
1657 return cmd_status(sk, index, MGMT_OP_STOP_DISCOVERY, ENODEV);
1659 hci_dev_lock_bh(hdev);
1661 cmd = mgmt_pending_add(sk, MGMT_OP_STOP_DISCOVERY, index, NULL, 0);
1667 err = hci_send_cmd(hdev, HCI_OP_INQUIRY_CANCEL, 0, NULL);
1669 mgmt_pending_remove(cmd);
1672 hci_dev_unlock_bh(hdev);
1678 static int block_device(struct sock *sk, u16 index, unsigned char *data,
1681 struct hci_dev *hdev;
1682 struct pending_cmd *cmd;
1683 struct mgmt_cp_block_device *cp = (void *) data;
1686 BT_DBG("hci%u", index);
1688 if (len != sizeof(*cp))
1689 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1692 hdev = hci_dev_get(index);
1694 return cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE,
1697 hci_dev_lock_bh(hdev);
1699 cmd = mgmt_pending_add(sk, MGMT_OP_BLOCK_DEVICE, index, NULL, 0);
1705 err = hci_blacklist_add(hdev, &cp->bdaddr);
1708 err = cmd_status(sk, index, MGMT_OP_BLOCK_DEVICE, -err);
1710 err = cmd_complete(sk, index, MGMT_OP_BLOCK_DEVICE,
1713 mgmt_pending_remove(cmd);
1716 hci_dev_unlock_bh(hdev);
1722 static int unblock_device(struct sock *sk, u16 index, unsigned char *data,
1725 struct hci_dev *hdev;
1726 struct pending_cmd *cmd;
1727 struct mgmt_cp_unblock_device *cp = (void *) data;
1730 BT_DBG("hci%u", index);
1732 if (len != sizeof(*cp))
1733 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1736 hdev = hci_dev_get(index);
1738 return cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1741 hci_dev_lock_bh(hdev);
1743 cmd = mgmt_pending_add(sk, MGMT_OP_UNBLOCK_DEVICE, index, NULL, 0);
1749 err = hci_blacklist_del(hdev, &cp->bdaddr);
1752 err = cmd_status(sk, index, MGMT_OP_UNBLOCK_DEVICE, -err);
1754 err = cmd_complete(sk, index, MGMT_OP_UNBLOCK_DEVICE,
1757 mgmt_pending_remove(cmd);
1760 hci_dev_unlock_bh(hdev);
1766 static int set_fast_connectable(struct sock *sk, u16 index,
1767 unsigned char *data, u16 len)
1769 struct hci_dev *hdev;
1770 struct mgmt_cp_set_fast_connectable *cp = (void *) data;
1771 struct hci_cp_write_page_scan_activity acp;
1775 BT_DBG("hci%u", index);
1777 if (len != sizeof(*cp))
1778 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1781 hdev = hci_dev_get(index);
1783 return cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1789 type = PAGE_SCAN_TYPE_INTERLACED;
1790 acp.interval = 0x0024; /* 22.5 msec page scan interval */
1792 type = PAGE_SCAN_TYPE_STANDARD; /* default */
1793 acp.interval = 0x0800; /* default 1.28 sec page scan */
1796 acp.window = 0x0012; /* default 11.25 msec page scan window */
1798 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_ACTIVITY,
1801 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1806 err = hci_send_cmd(hdev, HCI_OP_WRITE_PAGE_SCAN_TYPE, 1, &type);
1808 err = cmd_status(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1813 err = cmd_complete(sk, index, MGMT_OP_SET_FAST_CONNECTABLE,
1816 hci_dev_unlock(hdev);
1822 int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
1825 struct mgmt_hdr *hdr;
1826 u16 opcode, index, len;
1829 BT_DBG("got %zu bytes", msglen);
1831 if (msglen < sizeof(*hdr))
1834 buf = kmalloc(msglen, GFP_KERNEL);
1838 if (memcpy_fromiovec(buf, msg->msg_iov, msglen)) {
1843 hdr = (struct mgmt_hdr *) buf;
1844 opcode = get_unaligned_le16(&hdr->opcode);
1845 index = get_unaligned_le16(&hdr->index);
1846 len = get_unaligned_le16(&hdr->len);
1848 if (len != msglen - sizeof(*hdr)) {
1854 case MGMT_OP_READ_VERSION:
1855 err = read_version(sk);
1857 case MGMT_OP_READ_INDEX_LIST:
1858 err = read_index_list(sk);
1860 case MGMT_OP_READ_INFO:
1861 err = read_controller_info(sk, index);
1863 case MGMT_OP_SET_POWERED:
1864 err = set_powered(sk, index, buf + sizeof(*hdr), len);
1866 case MGMT_OP_SET_DISCOVERABLE:
1867 err = set_discoverable(sk, index, buf + sizeof(*hdr), len);
1869 case MGMT_OP_SET_CONNECTABLE:
1870 err = set_connectable(sk, index, buf + sizeof(*hdr), len);
1872 case MGMT_OP_SET_PAIRABLE:
1873 err = set_pairable(sk, index, buf + sizeof(*hdr), len);
1875 case MGMT_OP_ADD_UUID:
1876 err = add_uuid(sk, index, buf + sizeof(*hdr), len);
1878 case MGMT_OP_REMOVE_UUID:
1879 err = remove_uuid(sk, index, buf + sizeof(*hdr), len);
1881 case MGMT_OP_SET_DEV_CLASS:
1882 err = set_dev_class(sk, index, buf + sizeof(*hdr), len);
1884 case MGMT_OP_SET_SERVICE_CACHE:
1885 err = set_service_cache(sk, index, buf + sizeof(*hdr), len);
1887 case MGMT_OP_LOAD_KEYS:
1888 err = load_keys(sk, index, buf + sizeof(*hdr), len);
1890 case MGMT_OP_REMOVE_KEY:
1891 err = remove_key(sk, index, buf + sizeof(*hdr), len);
1893 case MGMT_OP_DISCONNECT:
1894 err = disconnect(sk, index, buf + sizeof(*hdr), len);
1896 case MGMT_OP_GET_CONNECTIONS:
1897 err = get_connections(sk, index);
1899 case MGMT_OP_PIN_CODE_REPLY:
1900 err = pin_code_reply(sk, index, buf + sizeof(*hdr), len);
1902 case MGMT_OP_PIN_CODE_NEG_REPLY:
1903 err = pin_code_neg_reply(sk, index, buf + sizeof(*hdr), len);
1905 case MGMT_OP_SET_IO_CAPABILITY:
1906 err = set_io_capability(sk, index, buf + sizeof(*hdr), len);
1908 case MGMT_OP_PAIR_DEVICE:
1909 err = pair_device(sk, index, buf + sizeof(*hdr), len);
1911 case MGMT_OP_USER_CONFIRM_REPLY:
1912 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 1);
1914 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1915 err = user_confirm_reply(sk, index, buf + sizeof(*hdr), len, 0);
1917 case MGMT_OP_SET_LOCAL_NAME:
1918 err = set_local_name(sk, index, buf + sizeof(*hdr), len);
1920 case MGMT_OP_READ_LOCAL_OOB_DATA:
1921 err = read_local_oob_data(sk, index);
1923 case MGMT_OP_ADD_REMOTE_OOB_DATA:
1924 err = add_remote_oob_data(sk, index, buf + sizeof(*hdr), len);
1926 case MGMT_OP_REMOVE_REMOTE_OOB_DATA:
1927 err = remove_remote_oob_data(sk, index, buf + sizeof(*hdr),
1930 case MGMT_OP_START_DISCOVERY:
1931 err = start_discovery(sk, index);
1933 case MGMT_OP_STOP_DISCOVERY:
1934 err = stop_discovery(sk, index);
1936 case MGMT_OP_BLOCK_DEVICE:
1937 err = block_device(sk, index, buf + sizeof(*hdr), len);
1939 case MGMT_OP_UNBLOCK_DEVICE:
1940 err = unblock_device(sk, index, buf + sizeof(*hdr), len);
1942 case MGMT_OP_SET_FAST_CONNECTABLE:
1943 err = set_fast_connectable(sk, index, buf + sizeof(*hdr),
1947 BT_DBG("Unknown op %u", opcode);
1948 err = cmd_status(sk, index, opcode, 0x01);
1962 int mgmt_index_added(u16 index)
1964 return mgmt_event(MGMT_EV_INDEX_ADDED, index, NULL, 0, NULL);
1967 int mgmt_index_removed(u16 index)
1969 return mgmt_event(MGMT_EV_INDEX_REMOVED, index, NULL, 0, NULL);
1977 static void mode_rsp(struct pending_cmd *cmd, void *data)
1979 struct mgmt_mode *cp = cmd->param;
1980 struct cmd_lookup *match = data;
1982 if (cp->val != match->val)
1985 send_mode_rsp(cmd->sk, cmd->opcode, cmd->index, cp->val);
1987 list_del(&cmd->list);
1989 if (match->sk == NULL) {
1990 match->sk = cmd->sk;
1991 sock_hold(match->sk);
1994 mgmt_pending_free(cmd);
1997 int mgmt_powered(u16 index, u8 powered)
1999 struct mgmt_mode ev;
2000 struct cmd_lookup match = { powered, NULL };
2003 mgmt_pending_foreach(MGMT_OP_SET_POWERED, index, mode_rsp, &match);
2007 ret = mgmt_event(MGMT_EV_POWERED, index, &ev, sizeof(ev), match.sk);
2015 int mgmt_discoverable(u16 index, u8 discoverable)
2017 struct mgmt_mode ev;
2018 struct cmd_lookup match = { discoverable, NULL };
2021 mgmt_pending_foreach(MGMT_OP_SET_DISCOVERABLE, index, mode_rsp, &match);
2023 ev.val = discoverable;
2025 ret = mgmt_event(MGMT_EV_DISCOVERABLE, index, &ev, sizeof(ev),
2034 int mgmt_connectable(u16 index, u8 connectable)
2036 struct mgmt_mode ev;
2037 struct cmd_lookup match = { connectable, NULL };
2040 mgmt_pending_foreach(MGMT_OP_SET_CONNECTABLE, index, mode_rsp, &match);
2042 ev.val = connectable;
2044 ret = mgmt_event(MGMT_EV_CONNECTABLE, index, &ev, sizeof(ev), match.sk);
2052 int mgmt_new_key(u16 index, struct link_key *key, u8 persistent)
2054 struct mgmt_ev_new_key ev;
2056 memset(&ev, 0, sizeof(ev));
2058 ev.store_hint = persistent;
2059 bacpy(&ev.key.bdaddr, &key->bdaddr);
2060 ev.key.type = key->type;
2061 memcpy(ev.key.val, key->val, 16);
2062 ev.key.pin_len = key->pin_len;
2064 return mgmt_event(MGMT_EV_NEW_KEY, index, &ev, sizeof(ev), NULL);
2067 int mgmt_connected(u16 index, bdaddr_t *bdaddr, u8 link_type)
2069 struct mgmt_ev_connected ev;
2071 bacpy(&ev.bdaddr, bdaddr);
2072 ev.link_type = link_type;
2074 return mgmt_event(MGMT_EV_CONNECTED, index, &ev, sizeof(ev), NULL);
2077 static void disconnect_rsp(struct pending_cmd *cmd, void *data)
2079 struct mgmt_cp_disconnect *cp = cmd->param;
2080 struct sock **sk = data;
2081 struct mgmt_rp_disconnect rp;
2083 bacpy(&rp.bdaddr, &cp->bdaddr);
2085 cmd_complete(cmd->sk, cmd->index, MGMT_OP_DISCONNECT, &rp, sizeof(rp));
2090 mgmt_pending_remove(cmd);
2093 int mgmt_disconnected(u16 index, bdaddr_t *bdaddr)
2095 struct mgmt_ev_disconnected ev;
2096 struct sock *sk = NULL;
2099 mgmt_pending_foreach(MGMT_OP_DISCONNECT, index, disconnect_rsp, &sk);
2101 bacpy(&ev.bdaddr, bdaddr);
2103 err = mgmt_event(MGMT_EV_DISCONNECTED, index, &ev, sizeof(ev), sk);
2111 int mgmt_disconnect_failed(u16 index)
2113 struct pending_cmd *cmd;
2116 cmd = mgmt_pending_find(MGMT_OP_DISCONNECT, index);
2120 err = cmd_status(cmd->sk, index, MGMT_OP_DISCONNECT, EIO);
2122 mgmt_pending_remove(cmd);
2127 int mgmt_connect_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2129 struct mgmt_ev_connect_failed ev;
2131 bacpy(&ev.bdaddr, bdaddr);
2134 return mgmt_event(MGMT_EV_CONNECT_FAILED, index, &ev, sizeof(ev), NULL);
2137 int mgmt_pin_code_request(u16 index, bdaddr_t *bdaddr, u8 secure)
2139 struct mgmt_ev_pin_code_request ev;
2141 bacpy(&ev.bdaddr, bdaddr);
2144 return mgmt_event(MGMT_EV_PIN_CODE_REQUEST, index, &ev, sizeof(ev),
2148 int mgmt_pin_code_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2150 struct pending_cmd *cmd;
2151 struct mgmt_rp_pin_code_reply rp;
2154 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_REPLY, index);
2158 bacpy(&rp.bdaddr, bdaddr);
2161 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_REPLY, &rp,
2164 mgmt_pending_remove(cmd);
2169 int mgmt_pin_code_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2171 struct pending_cmd *cmd;
2172 struct mgmt_rp_pin_code_reply rp;
2175 cmd = mgmt_pending_find(MGMT_OP_PIN_CODE_NEG_REPLY, index);
2179 bacpy(&rp.bdaddr, bdaddr);
2182 err = cmd_complete(cmd->sk, index, MGMT_OP_PIN_CODE_NEG_REPLY, &rp,
2185 mgmt_pending_remove(cmd);
2190 int mgmt_user_confirm_request(u16 index, bdaddr_t *bdaddr, __le32 value,
2193 struct mgmt_ev_user_confirm_request ev;
2195 BT_DBG("hci%u", index);
2197 bacpy(&ev.bdaddr, bdaddr);
2198 ev.confirm_hint = confirm_hint;
2199 put_unaligned_le32(value, &ev.value);
2201 return mgmt_event(MGMT_EV_USER_CONFIRM_REQUEST, index, &ev, sizeof(ev),
2205 static int confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status,
2208 struct pending_cmd *cmd;
2209 struct mgmt_rp_user_confirm_reply rp;
2212 cmd = mgmt_pending_find(opcode, index);
2216 bacpy(&rp.bdaddr, bdaddr);
2218 err = cmd_complete(cmd->sk, index, opcode, &rp, sizeof(rp));
2220 mgmt_pending_remove(cmd);
2225 int mgmt_user_confirm_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2227 return confirm_reply_complete(index, bdaddr, status,
2228 MGMT_OP_USER_CONFIRM_REPLY);
2231 int mgmt_user_confirm_neg_reply_complete(u16 index, bdaddr_t *bdaddr, u8 status)
2233 return confirm_reply_complete(index, bdaddr, status,
2234 MGMT_OP_USER_CONFIRM_NEG_REPLY);
2237 int mgmt_auth_failed(u16 index, bdaddr_t *bdaddr, u8 status)
2239 struct mgmt_ev_auth_failed ev;
2241 bacpy(&ev.bdaddr, bdaddr);
2244 return mgmt_event(MGMT_EV_AUTH_FAILED, index, &ev, sizeof(ev), NULL);
2247 int mgmt_set_local_name_complete(u16 index, u8 *name, u8 status)
2249 struct pending_cmd *cmd;
2250 struct hci_dev *hdev;
2251 struct mgmt_cp_set_local_name ev;
2254 memset(&ev, 0, sizeof(ev));
2255 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2257 cmd = mgmt_pending_find(MGMT_OP_SET_LOCAL_NAME, index);
2262 err = cmd_status(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, EIO);
2266 hdev = hci_dev_get(index);
2268 hci_dev_lock_bh(hdev);
2270 hci_dev_unlock_bh(hdev);
2274 err = cmd_complete(cmd->sk, index, MGMT_OP_SET_LOCAL_NAME, &ev,
2280 err = mgmt_event(MGMT_EV_LOCAL_NAME_CHANGED, index, &ev, sizeof(ev),
2281 cmd ? cmd->sk : NULL);
2285 mgmt_pending_remove(cmd);
2289 int mgmt_read_local_oob_data_reply_complete(u16 index, u8 *hash, u8 *randomizer,
2292 struct pending_cmd *cmd;
2295 BT_DBG("hci%u status %u", index, status);
2297 cmd = mgmt_pending_find(MGMT_OP_READ_LOCAL_OOB_DATA, index);
2302 err = cmd_status(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2305 struct mgmt_rp_read_local_oob_data rp;
2307 memcpy(rp.hash, hash, sizeof(rp.hash));
2308 memcpy(rp.randomizer, randomizer, sizeof(rp.randomizer));
2310 err = cmd_complete(cmd->sk, index, MGMT_OP_READ_LOCAL_OOB_DATA,
2314 mgmt_pending_remove(cmd);
2319 int mgmt_device_found(u16 index, bdaddr_t *bdaddr, u8 *dev_class, s8 rssi,
2322 struct mgmt_ev_device_found ev;
2324 memset(&ev, 0, sizeof(ev));
2326 bacpy(&ev.bdaddr, bdaddr);
2330 memcpy(ev.eir, eir, sizeof(ev.eir));
2333 memcpy(ev.dev_class, dev_class, sizeof(ev.dev_class));
2335 return mgmt_event(MGMT_EV_DEVICE_FOUND, index, &ev, sizeof(ev), NULL);
2338 int mgmt_remote_name(u16 index, bdaddr_t *bdaddr, u8 *name)
2340 struct mgmt_ev_remote_name ev;
2342 memset(&ev, 0, sizeof(ev));
2344 bacpy(&ev.bdaddr, bdaddr);
2345 memcpy(ev.name, name, HCI_MAX_NAME_LENGTH);
2347 return mgmt_event(MGMT_EV_REMOTE_NAME, index, &ev, sizeof(ev), NULL);
2350 int mgmt_discovering(u16 index, u8 discovering)
2352 return mgmt_event(MGMT_EV_DISCOVERING, index, &discovering,
2353 sizeof(discovering), NULL);
2356 int mgmt_device_blocked(u16 index, bdaddr_t *bdaddr)
2358 struct pending_cmd *cmd;
2359 struct mgmt_ev_device_blocked ev;
2361 cmd = mgmt_pending_find(MGMT_OP_BLOCK_DEVICE, index);
2363 bacpy(&ev.bdaddr, bdaddr);
2365 return mgmt_event(MGMT_EV_DEVICE_BLOCKED, index, &ev, sizeof(ev),
2366 cmd ? cmd->sk : NULL);
2369 int mgmt_device_unblocked(u16 index, bdaddr_t *bdaddr)
2371 struct pending_cmd *cmd;
2372 struct mgmt_ev_device_unblocked ev;
2374 cmd = mgmt_pending_find(MGMT_OP_UNBLOCK_DEVICE, index);
2376 bacpy(&ev.bdaddr, bdaddr);
2378 return mgmt_event(MGMT_EV_DEVICE_UNBLOCKED, index, &ev, sizeof(ev),
2379 cmd ? cmd->sk : NULL);
git.openpandora.org / pandora-kernel.git / blob