search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bluetooth: Add support for connect failed management event
[linux-2.6/btrfs-unstable.git] / net / bluetooth / hci_event.c
blob995ae6c17f119708465549471fac6e42d9d1eeee
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI event handling. */
26
27 #include <linux/module.h>
28
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
39 #include <net/sock.h>
40
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
44
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47
48 /* Handle HCI Event packets */
49
50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
51 {
52 __u8 status = *((__u8 *) skb->data);
53
54 BT_DBG("%s status 0x%x", hdev->name, status);
55
56 if (status)
57 return;
58
59 clear_bit(HCI_INQUIRY, &hdev->flags);
60
61 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
62
63 hci_conn_check_pending(hdev);
64 }
65
66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67 {
68 __u8 status = *((__u8 *) skb->data);
69
70 BT_DBG("%s status 0x%x", hdev->name, status);
71
72 if (status)
73 return;
74
75 clear_bit(HCI_INQUIRY, &hdev->flags);
76
77 hci_conn_check_pending(hdev);
78 }
79
80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
81 {
82 BT_DBG("%s", hdev->name);
83 }
84
85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
86 {
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
89
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
91
92 if (rp->status)
93 return;
94
95 hci_dev_lock(hdev);
96
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
98 if (conn) {
99 if (rp->role)
100 conn->link_mode &= ~HCI_LM_MASTER;
101 else
102 conn->link_mode |= HCI_LM_MASTER;
103 }
104
105 hci_dev_unlock(hdev);
106 }
107
108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
109 {
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
112
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
114
115 if (rp->status)
116 return;
117
118 hci_dev_lock(hdev);
119
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
121 if (conn)
122 conn->link_policy = __le16_to_cpu(rp->policy);
123
124 hci_dev_unlock(hdev);
125 }
126
127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
128 {
129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
130 struct hci_conn *conn;
131 void *sent;
132
133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
134
135 if (rp->status)
136 return;
137
138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
139 if (!sent)
140 return;
141
142 hci_dev_lock(hdev);
143
144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
145 if (conn)
146 conn->link_policy = get_unaligned_le16(sent + 2);
147
148 hci_dev_unlock(hdev);
149 }
150
151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
152 {
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
154
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
156
157 if (rp->status)
158 return;
159
160 hdev->link_policy = __le16_to_cpu(rp->policy);
161 }
162
163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
164 {
165 __u8 status = *((__u8 *) skb->data);
166 void *sent;
167
168 BT_DBG("%s status 0x%x", hdev->name, status);
169
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
171 if (!sent)
172 return;
173
174 if (!status)
175 hdev->link_policy = get_unaligned_le16(sent);
176
177 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
178 }
179
180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
181 {
182 __u8 status = *((__u8 *) skb->data);
183
184 BT_DBG("%s status 0x%x", hdev->name, status);
185
186 hci_req_complete(hdev, HCI_OP_RESET, status);
187 }
188
189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
190 {
191 __u8 status = *((__u8 *) skb->data);
192 void *sent;
193
194 BT_DBG("%s status 0x%x", hdev->name, status);
195
196 if (status)
197 return;
198
199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
200 if (!sent)
201 return;
202
203 memcpy(hdev->dev_name, sent, 248);
204 }
205
206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
207 {
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
209
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
211
212 if (rp->status)
213 return;
214
215 memcpy(hdev->dev_name, rp->name, 248);
216 }
217
218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
219 {
220 __u8 status = *((__u8 *) skb->data);
221 void *sent;
222
223 BT_DBG("%s status 0x%x", hdev->name, status);
224
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
226 if (!sent)
227 return;
228
229 if (!status) {
230 __u8 param = *((__u8 *) sent);
231
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
234 else
235 clear_bit(HCI_AUTH, &hdev->flags);
236 }
237
238 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
239 }
240
241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
242 {
243 __u8 status = *((__u8 *) skb->data);
244 void *sent;
245
246 BT_DBG("%s status 0x%x", hdev->name, status);
247
248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
249 if (!sent)
250 return;
251
252 if (!status) {
253 __u8 param = *((__u8 *) sent);
254
255 if (param)
256 set_bit(HCI_ENCRYPT, &hdev->flags);
257 else
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
259 }
260
261 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
262 }
263
264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
265 {
266 __u8 status = *((__u8 *) skb->data);
267 void *sent;
268
269 BT_DBG("%s status 0x%x", hdev->name, status);
270
271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
272 if (!sent)
273 return;
274
275 if (!status) {
276 __u8 param = *((__u8 *) sent);
277 int old_pscan, old_iscan;
278
279 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
280 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
281
282 if (param & SCAN_INQUIRY) {
283 set_bit(HCI_ISCAN, &hdev->flags);
284 if (!old_iscan)
285 mgmt_discoverable(hdev->id, 1);
286 } else if (old_iscan)
287 mgmt_discoverable(hdev->id, 0);
288
289 if (param & SCAN_PAGE) {
290 set_bit(HCI_PSCAN, &hdev->flags);
291 if (!old_pscan)
292 mgmt_connectable(hdev->id, 1);
293 } else if (old_pscan)
294 mgmt_connectable(hdev->id, 0);
295 }
296
297 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
298 }
299
300 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
301 {
302 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
303
304 BT_DBG("%s status 0x%x", hdev->name, rp->status);
305
306 if (rp->status)
307 return;
308
309 memcpy(hdev->dev_class, rp->dev_class, 3);
310
311 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
312 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
313 }
314
315 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
316 {
317 __u8 status = *((__u8 *) skb->data);
318 void *sent;
319
320 BT_DBG("%s status 0x%x", hdev->name, status);
321
322 if (status)
323 return;
324
325 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
326 if (!sent)
327 return;
328
329 memcpy(hdev->dev_class, sent, 3);
330 }
331
332 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
333 {
334 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
335 __u16 setting;
336
337 BT_DBG("%s status 0x%x", hdev->name, rp->status);
338
339 if (rp->status)
340 return;
341
342 setting = __le16_to_cpu(rp->voice_setting);
343
344 if (hdev->voice_setting == setting)
345 return;
346
347 hdev->voice_setting = setting;
348
349 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
350
351 if (hdev->notify) {
352 tasklet_disable(&hdev->tx_task);
353 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
354 tasklet_enable(&hdev->tx_task);
355 }
356 }
357
358 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
359 {
360 __u8 status = *((__u8 *) skb->data);
361 __u16 setting;
362 void *sent;
363
364 BT_DBG("%s status 0x%x", hdev->name, status);
365
366 if (status)
367 return;
368
369 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
370 if (!sent)
371 return;
372
373 setting = get_unaligned_le16(sent);
374
375 if (hdev->voice_setting == setting)
376 return;
377
378 hdev->voice_setting = setting;
379
380 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
381
382 if (hdev->notify) {
383 tasklet_disable(&hdev->tx_task);
384 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
385 tasklet_enable(&hdev->tx_task);
386 }
387 }
388
389 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
390 {
391 __u8 status = *((__u8 *) skb->data);
392
393 BT_DBG("%s status 0x%x", hdev->name, status);
394
395 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
396 }
397
398 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
399 {
400 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
401
402 BT_DBG("%s status 0x%x", hdev->name, rp->status);
403
404 if (rp->status)
405 return;
406
407 hdev->ssp_mode = rp->mode;
408 }
409
410 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
411 {
412 __u8 status = *((__u8 *) skb->data);
413 void *sent;
414
415 BT_DBG("%s status 0x%x", hdev->name, status);
416
417 if (status)
418 return;
419
420 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
421 if (!sent)
422 return;
423
424 hdev->ssp_mode = *((__u8 *) sent);
425 }
426
427 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
428 {
429 if (hdev->features[6] & LMP_EXT_INQ)
430 return 2;
431
432 if (hdev->features[3] & LMP_RSSI_INQ)
433 return 1;
434
435 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
436 hdev->lmp_subver == 0x0757)
437 return 1;
438
439 if (hdev->manufacturer == 15) {
440 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
441 return 1;
442 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
443 return 1;
444 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
445 return 1;
446 }
447
448 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
449 hdev->lmp_subver == 0x1805)
450 return 1;
451
452 return 0;
453 }
454
455 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
456 {
457 u8 mode;
458
459 mode = hci_get_inquiry_mode(hdev);
460
461 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
462 }
463
464 static void hci_setup_event_mask(struct hci_dev *hdev)
465 {
466 /* The second byte is 0xff instead of 0x9f (two reserved bits
467 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
468 * command otherwise */
469 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
470
471 /* Events for 1.2 and newer controllers */
472 if (hdev->lmp_ver > 1) {
473 events[4] |= 0x01; /* Flow Specification Complete */
474 events[4] |= 0x02; /* Inquiry Result with RSSI */
475 events[4] |= 0x04; /* Read Remote Extended Features Complete */
476 events[5] |= 0x08; /* Synchronous Connection Complete */
477 events[5] |= 0x10; /* Synchronous Connection Changed */
478 }
479
480 if (hdev->features[3] & LMP_RSSI_INQ)
481 events[4] |= 0x04; /* Inquiry Result with RSSI */
482
483 if (hdev->features[5] & LMP_SNIFF_SUBR)
484 events[5] |= 0x20; /* Sniff Subrating */
485
486 if (hdev->features[5] & LMP_PAUSE_ENC)
487 events[5] |= 0x80; /* Encryption Key Refresh Complete */
488
489 if (hdev->features[6] & LMP_EXT_INQ)
490 events[5] |= 0x40; /* Extended Inquiry Result */
491
492 if (hdev->features[6] & LMP_NO_FLUSH)
493 events[7] |= 0x01; /* Enhanced Flush Complete */
494
495 if (hdev->features[7] & LMP_LSTO)
496 events[6] |= 0x80; /* Link Supervision Timeout Changed */
497
498 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
499 events[6] |= 0x01; /* IO Capability Request */
500 events[6] |= 0x02; /* IO Capability Response */
501 events[6] |= 0x04; /* User Confirmation Request */
502 events[6] |= 0x08; /* User Passkey Request */
503 events[6] |= 0x10; /* Remote OOB Data Request */
504 events[6] |= 0x20; /* Simple Pairing Complete */
505 events[7] |= 0x04; /* User Passkey Notification */
506 events[7] |= 0x08; /* Keypress Notification */
507 events[7] |= 0x10; /* Remote Host Supported
508 * Features Notification */
509 }
510
511 if (hdev->features[4] & LMP_LE)
512 events[7] |= 0x20; /* LE Meta-Event */
513
514 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
515 }
516
517 static void hci_setup(struct hci_dev *hdev)
518 {
519 hci_setup_event_mask(hdev);
520
521 if (hdev->lmp_ver > 1)
522 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
523
524 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
525 u8 mode = 0x01;
526 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
527 }
528
529 if (hdev->features[3] & LMP_RSSI_INQ)
530 hci_setup_inquiry_mode(hdev);
531
532 if (hdev->features[7] & LMP_INQ_TX_PWR)
533 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
534 }
535
536 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
537 {
538 struct hci_rp_read_local_version *rp = (void *) skb->data;
539
540 BT_DBG("%s status 0x%x", hdev->name, rp->status);
541
542 if (rp->status)
543 return;
544
545 hdev->hci_ver = rp->hci_ver;
546 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
547 hdev->lmp_ver = rp->lmp_ver;
548 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
549 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
550
551 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
552 hdev->manufacturer,
553 hdev->hci_ver, hdev->hci_rev);
554
555 if (test_bit(HCI_INIT, &hdev->flags))
556 hci_setup(hdev);
557 }
558
559 static void hci_setup_link_policy(struct hci_dev *hdev)
560 {
561 u16 link_policy = 0;
562
563 if (hdev->features[0] & LMP_RSWITCH)
564 link_policy |= HCI_LP_RSWITCH;
565 if (hdev->features[0] & LMP_HOLD)
566 link_policy |= HCI_LP_HOLD;
567 if (hdev->features[0] & LMP_SNIFF)
568 link_policy |= HCI_LP_SNIFF;
569 if (hdev->features[1] & LMP_PARK)
570 link_policy |= HCI_LP_PARK;
571
572 link_policy = cpu_to_le16(link_policy);
573 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
574 sizeof(link_policy), &link_policy);
575 }
576
577 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
578 {
579 struct hci_rp_read_local_commands *rp = (void *) skb->data;
580
581 BT_DBG("%s status 0x%x", hdev->name, rp->status);
582
583 if (rp->status)
584 goto done;
585
586 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
587
588 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
589 hci_setup_link_policy(hdev);
590
591 done:
592 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
593 }
594
595 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
596 {
597 struct hci_rp_read_local_features *rp = (void *) skb->data;
598
599 BT_DBG("%s status 0x%x", hdev->name, rp->status);
600
601 if (rp->status)
602 return;
603
604 memcpy(hdev->features, rp->features, 8);
605
606 /* Adjust default settings according to features
607 * supported by device. */
608
609 if (hdev->features[0] & LMP_3SLOT)
610 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
611
612 if (hdev->features[0] & LMP_5SLOT)
613 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
614
615 if (hdev->features[1] & LMP_HV2) {
616 hdev->pkt_type |= (HCI_HV2);
617 hdev->esco_type |= (ESCO_HV2);
618 }
619
620 if (hdev->features[1] & LMP_HV3) {
621 hdev->pkt_type |= (HCI_HV3);
622 hdev->esco_type |= (ESCO_HV3);
623 }
624
625 if (hdev->features[3] & LMP_ESCO)
626 hdev->esco_type |= (ESCO_EV3);
627
628 if (hdev->features[4] & LMP_EV4)
629 hdev->esco_type |= (ESCO_EV4);
630
631 if (hdev->features[4] & LMP_EV5)
632 hdev->esco_type |= (ESCO_EV5);
633
634 if (hdev->features[5] & LMP_EDR_ESCO_2M)
635 hdev->esco_type |= (ESCO_2EV3);
636
637 if (hdev->features[5] & LMP_EDR_ESCO_3M)
638 hdev->esco_type |= (ESCO_3EV3);
639
640 if (hdev->features[5] & LMP_EDR_3S_ESCO)
641 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
642
643 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
644 hdev->features[0], hdev->features[1],
645 hdev->features[2], hdev->features[3],
646 hdev->features[4], hdev->features[5],
647 hdev->features[6], hdev->features[7]);
648 }
649
650 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
651 {
652 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
653
654 BT_DBG("%s status 0x%x", hdev->name, rp->status);
655
656 if (rp->status)
657 return;
658
659 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
660 hdev->sco_mtu = rp->sco_mtu;
661 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
662 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
663
664 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
665 hdev->sco_mtu = 64;
666 hdev->sco_pkts = 8;
667 }
668
669 hdev->acl_cnt = hdev->acl_pkts;
670 hdev->sco_cnt = hdev->sco_pkts;
671
672 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
673 hdev->acl_mtu, hdev->acl_pkts,
674 hdev->sco_mtu, hdev->sco_pkts);
675 }
676
677 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
678 {
679 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
680
681 BT_DBG("%s status 0x%x", hdev->name, rp->status);
682
683 if (!rp->status)
684 bacpy(&hdev->bdaddr, &rp->bdaddr);
685
686 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
687 }
688
689 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
690 {
691 __u8 status = *((__u8 *) skb->data);
692
693 BT_DBG("%s status 0x%x", hdev->name, status);
694
695 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
696 }
697
698 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
699 struct sk_buff *skb)
700 {
701 __u8 status = *((__u8 *) skb->data);
702
703 BT_DBG("%s status 0x%x", hdev->name, status);
704
705 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
706 }
707
708 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
709 {
710 __u8 status = *((__u8 *) skb->data);
711
712 BT_DBG("%s status 0x%x", hdev->name, status);
713
714 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
715 }
716
717 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
718 struct sk_buff *skb)
719 {
720 __u8 status = *((__u8 *) skb->data);
721
722 BT_DBG("%s status 0x%x", hdev->name, status);
723
724 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
725 }
726
727 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
728 struct sk_buff *skb)
729 {
730 __u8 status = *((__u8 *) skb->data);
731
732 BT_DBG("%s status 0x%x", hdev->name, status);
733
734 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
735 }
736
737 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
738 {
739 __u8 status = *((__u8 *) skb->data);
740
741 BT_DBG("%s status 0x%x", hdev->name, status);
742
743 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
744 }
745
746 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
747 {
748 BT_DBG("%s status 0x%x", hdev->name, status);
749
750 if (status) {
751 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
752
753 hci_conn_check_pending(hdev);
754 } else
755 set_bit(HCI_INQUIRY, &hdev->flags);
756 }
757
758 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
759 {
760 struct hci_cp_create_conn *cp;
761 struct hci_conn *conn;
762
763 BT_DBG("%s status 0x%x", hdev->name, status);
764
765 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
766 if (!cp)
767 return;
768
769 hci_dev_lock(hdev);
770
771 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
772
773 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
774
775 if (status) {
776 if (conn && conn->state == BT_CONNECT) {
777 if (status != 0x0c || conn->attempt > 2) {
778 conn->state = BT_CLOSED;
779 hci_proto_connect_cfm(conn, status);
780 hci_conn_del(conn);
781 } else
782 conn->state = BT_CONNECT2;
783 }
784 } else {
785 if (!conn) {
786 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
787 if (conn) {
788 conn->out = 1;
789 conn->link_mode |= HCI_LM_MASTER;
790 } else
791 BT_ERR("No memory for new connection");
792 }
793 }
794
795 hci_dev_unlock(hdev);
796 }
797
798 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
799 {
800 struct hci_cp_add_sco *cp;
801 struct hci_conn *acl, *sco;
802 __u16 handle;
803
804 BT_DBG("%s status 0x%x", hdev->name, status);
805
806 if (!status)
807 return;
808
809 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
810 if (!cp)
811 return;
812
813 handle = __le16_to_cpu(cp->handle);
814
815 BT_DBG("%s handle %d", hdev->name, handle);
816
817 hci_dev_lock(hdev);
818
819 acl = hci_conn_hash_lookup_handle(hdev, handle);
820 if (acl && (sco = acl->link)) {
821 sco->state = BT_CLOSED;
822
823 hci_proto_connect_cfm(sco, status);
824 hci_conn_del(sco);
825 }
826
827 hci_dev_unlock(hdev);
828 }
829
830 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
831 {
832 struct hci_cp_auth_requested *cp;
833 struct hci_conn *conn;
834
835 BT_DBG("%s status 0x%x", hdev->name, status);
836
837 if (!status)
838 return;
839
840 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
841 if (!cp)
842 return;
843
844 hci_dev_lock(hdev);
845
846 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
847 if (conn) {
848 if (conn->state == BT_CONFIG) {
849 hci_proto_connect_cfm(conn, status);
850 hci_conn_put(conn);
851 }
852 }
853
854 hci_dev_unlock(hdev);
855 }
856
857 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
858 {
859 struct hci_cp_set_conn_encrypt *cp;
860 struct hci_conn *conn;
861
862 BT_DBG("%s status 0x%x", hdev->name, status);
863
864 if (!status)
865 return;
866
867 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
868 if (!cp)
869 return;
870
871 hci_dev_lock(hdev);
872
873 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
874 if (conn) {
875 if (conn->state == BT_CONFIG) {
876 hci_proto_connect_cfm(conn, status);
877 hci_conn_put(conn);
878 }
879 }
880
881 hci_dev_unlock(hdev);
882 }
883
884 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
885 struct hci_conn *conn)
886 {
887 if (conn->state != BT_CONFIG || !conn->out)
888 return 0;
889
890 if (conn->pending_sec_level == BT_SECURITY_SDP)
891 return 0;
892
893 /* Only request authentication for SSP connections or non-SSP
894 * devices with sec_level HIGH */
895 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
896 conn->pending_sec_level != BT_SECURITY_HIGH)
897 return 0;
898
899 return 1;
900 }
901
902 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
903 {
904 struct hci_cp_remote_name_req *cp;
905 struct hci_conn *conn;
906
907 BT_DBG("%s status 0x%x", hdev->name, status);
908
909 /* If successful wait for the name req complete event before
910 * checking for the need to do authentication */
911 if (!status)
912 return;
913
914 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
915 if (!cp)
916 return;
917
918 hci_dev_lock(hdev);
919
920 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
921 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
922 struct hci_cp_auth_requested cp;
923 cp.handle = __cpu_to_le16(conn->handle);
924 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
925 }
926
927 hci_dev_unlock(hdev);
928 }
929
930 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
931 {
932 struct hci_cp_read_remote_features *cp;
933 struct hci_conn *conn;
934
935 BT_DBG("%s status 0x%x", hdev->name, status);
936
937 if (!status)
938 return;
939
940 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
941 if (!cp)
942 return;
943
944 hci_dev_lock(hdev);
945
946 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
947 if (conn) {
948 if (conn->state == BT_CONFIG) {
949 hci_proto_connect_cfm(conn, status);
950 hci_conn_put(conn);
951 }
952 }
953
954 hci_dev_unlock(hdev);
955 }
956
957 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
958 {
959 struct hci_cp_read_remote_ext_features *cp;
960 struct hci_conn *conn;
961
962 BT_DBG("%s status 0x%x", hdev->name, status);
963
964 if (!status)
965 return;
966
967 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
968 if (!cp)
969 return;
970
971 hci_dev_lock(hdev);
972
973 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
974 if (conn) {
975 if (conn->state == BT_CONFIG) {
976 hci_proto_connect_cfm(conn, status);
977 hci_conn_put(conn);
978 }
979 }
980
981 hci_dev_unlock(hdev);
982 }
983
984 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
985 {
986 struct hci_cp_setup_sync_conn *cp;
987 struct hci_conn *acl, *sco;
988 __u16 handle;
989
990 BT_DBG("%s status 0x%x", hdev->name, status);
991
992 if (!status)
993 return;
994
995 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
996 if (!cp)
997 return;
998
999 handle = __le16_to_cpu(cp->handle);
1000
1001 BT_DBG("%s handle %d", hdev->name, handle);
1002
1003 hci_dev_lock(hdev);
1004
1005 acl = hci_conn_hash_lookup_handle(hdev, handle);
1006 if (acl && (sco = acl->link)) {
1007 sco->state = BT_CLOSED;
1008
1009 hci_proto_connect_cfm(sco, status);
1010 hci_conn_del(sco);
1011 }
1012
1013 hci_dev_unlock(hdev);
1014 }
1015
1016 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1017 {
1018 struct hci_cp_sniff_mode *cp;
1019 struct hci_conn *conn;
1020
1021 BT_DBG("%s status 0x%x", hdev->name, status);
1022
1023 if (!status)
1024 return;
1025
1026 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1027 if (!cp)
1028 return;
1029
1030 hci_dev_lock(hdev);
1031
1032 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1033 if (conn) {
1034 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1035
1036 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1037 hci_sco_setup(conn, status);
1038 }
1039
1040 hci_dev_unlock(hdev);
1041 }
1042
1043 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1044 {
1045 struct hci_cp_exit_sniff_mode *cp;
1046 struct hci_conn *conn;
1047
1048 BT_DBG("%s status 0x%x", hdev->name, status);
1049
1050 if (!status)
1051 return;
1052
1053 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1054 if (!cp)
1055 return;
1056
1057 hci_dev_lock(hdev);
1058
1059 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1060 if (conn) {
1061 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1062
1063 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1064 hci_sco_setup(conn, status);
1065 }
1066
1067 hci_dev_unlock(hdev);
1068 }
1069
1070 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1071 {
1072 __u8 status = *((__u8 *) skb->data);
1073
1074 BT_DBG("%s status %d", hdev->name, status);
1075
1076 clear_bit(HCI_INQUIRY, &hdev->flags);
1077
1078 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1079
1080 hci_conn_check_pending(hdev);
1081 }
1082
1083 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1084 {
1085 struct inquiry_data data;
1086 struct inquiry_info *info = (void *) (skb->data + 1);
1087 int num_rsp = *((__u8 *) skb->data);
1088
1089 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1090
1091 if (!num_rsp)
1092 return;
1093
1094 hci_dev_lock(hdev);
1095
1096 for (; num_rsp; num_rsp--) {
1097 bacpy(&data.bdaddr, &info->bdaddr);
1098 data.pscan_rep_mode = info->pscan_rep_mode;
1099 data.pscan_period_mode = info->pscan_period_mode;
1100 data.pscan_mode = info->pscan_mode;
1101 memcpy(data.dev_class, info->dev_class, 3);
1102 data.clock_offset = info->clock_offset;
1103 data.rssi = 0x00;
1104 data.ssp_mode = 0x00;
1105 info++;
1106 hci_inquiry_cache_update(hdev, &data);
1107 }
1108
1109 hci_dev_unlock(hdev);
1110 }
1111
1112 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1113 {
1114 struct hci_ev_conn_complete *ev = (void *) skb->data;
1115 struct hci_conn *conn;
1116
1117 BT_DBG("%s", hdev->name);
1118
1119 hci_dev_lock(hdev);
1120
1121 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1122 if (!conn) {
1123 if (ev->link_type != SCO_LINK)
1124 goto unlock;
1125
1126 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1127 if (!conn)
1128 goto unlock;
1129
1130 conn->type = SCO_LINK;
1131 }
1132
1133 if (!ev->status) {
1134 conn->handle = __le16_to_cpu(ev->handle);
1135
1136 if (conn->type == ACL_LINK) {
1137 conn->state = BT_CONFIG;
1138 hci_conn_hold(conn);
1139 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1140 mgmt_connected(hdev->id, &ev->bdaddr);
1141 } else
1142 conn->state = BT_CONNECTED;
1143
1144 hci_conn_hold_device(conn);
1145 hci_conn_add_sysfs(conn);
1146
1147 if (test_bit(HCI_AUTH, &hdev->flags))
1148 conn->link_mode |= HCI_LM_AUTH;
1149
1150 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1151 conn->link_mode |= HCI_LM_ENCRYPT;
1152
1153 /* Get remote features */
1154 if (conn->type == ACL_LINK) {
1155 struct hci_cp_read_remote_features cp;
1156 cp.handle = ev->handle;
1157 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1158 sizeof(cp), &cp);
1159 }
1160
1161 /* Set packet type for incoming connection */
1162 if (!conn->out && hdev->hci_ver < 3) {
1163 struct hci_cp_change_conn_ptype cp;
1164 cp.handle = ev->handle;
1165 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1166 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1167 sizeof(cp), &cp);
1168 }
1169 } else {
1170 conn->state = BT_CLOSED;
1171 if (conn->type == ACL_LINK)
1172 mgmt_connect_failed(hdev->id, &ev->bdaddr, ev->status);
1173 }
1174
1175 if (conn->type == ACL_LINK)
1176 hci_sco_setup(conn, ev->status);
1177
1178 if (ev->status) {
1179 hci_proto_connect_cfm(conn, ev->status);
1180 hci_conn_del(conn);
1181 } else if (ev->link_type != ACL_LINK)
1182 hci_proto_connect_cfm(conn, ev->status);
1183
1184 unlock:
1185 hci_dev_unlock(hdev);
1186
1187 hci_conn_check_pending(hdev);
1188 }
1189
1190 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1191 {
1192 struct hci_ev_conn_request *ev = (void *) skb->data;
1193 int mask = hdev->link_mode;
1194
1195 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1196 batostr(&ev->bdaddr), ev->link_type);
1197
1198 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1199
1200 if ((mask & HCI_LM_ACCEPT) && !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1201 /* Connection accepted */
1202 struct inquiry_entry *ie;
1203 struct hci_conn *conn;
1204
1205 hci_dev_lock(hdev);
1206
1207 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1208 if (ie)
1209 memcpy(ie->data.dev_class, ev->dev_class, 3);
1210
1211 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1212 if (!conn) {
1213 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1214 if (!conn) {
1215 BT_ERR("No memory for new connection");
1216 hci_dev_unlock(hdev);
1217 return;
1218 }
1219 }
1220
1221 memcpy(conn->dev_class, ev->dev_class, 3);
1222 conn->state = BT_CONNECT;
1223
1224 hci_dev_unlock(hdev);
1225
1226 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1227 struct hci_cp_accept_conn_req cp;
1228
1229 bacpy(&cp.bdaddr, &ev->bdaddr);
1230
1231 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1232 cp.role = 0x00; /* Become master */
1233 else
1234 cp.role = 0x01; /* Remain slave */
1235
1236 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1237 sizeof(cp), &cp);
1238 } else {
1239 struct hci_cp_accept_sync_conn_req cp;
1240
1241 bacpy(&cp.bdaddr, &ev->bdaddr);
1242 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1243
1244 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1245 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1246 cp.max_latency = cpu_to_le16(0xffff);
1247 cp.content_format = cpu_to_le16(hdev->voice_setting);
1248 cp.retrans_effort = 0xff;
1249
1250 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1251 sizeof(cp), &cp);
1252 }
1253 } else {
1254 /* Connection rejected */
1255 struct hci_cp_reject_conn_req cp;
1256
1257 bacpy(&cp.bdaddr, &ev->bdaddr);
1258 cp.reason = 0x0f;
1259 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1260 }
1261 }
1262
1263 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1264 {
1265 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1266 struct hci_conn *conn;
1267
1268 BT_DBG("%s status %d", hdev->name, ev->status);
1269
1270 if (ev->status) {
1271 mgmt_disconnect_failed(hdev->id);
1272 return;
1273 }
1274
1275 hci_dev_lock(hdev);
1276
1277 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1278 if (!conn)
1279 goto unlock;
1280
1281 conn->state = BT_CLOSED;
1282
1283 if (conn->type == ACL_LINK)
1284 mgmt_disconnected(hdev->id, &conn->dst);
1285
1286 hci_proto_disconn_cfm(conn, ev->reason);
1287 hci_conn_del(conn);
1288
1289 unlock:
1290 hci_dev_unlock(hdev);
1291 }
1292
1293 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1294 {
1295 struct hci_ev_auth_complete *ev = (void *) skb->data;
1296 struct hci_conn *conn;
1297
1298 BT_DBG("%s status %d", hdev->name, ev->status);
1299
1300 hci_dev_lock(hdev);
1301
1302 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1303 if (conn) {
1304 if (!ev->status) {
1305 conn->link_mode |= HCI_LM_AUTH;
1306 conn->sec_level = conn->pending_sec_level;
1307 } else
1308 conn->sec_level = BT_SECURITY_LOW;
1309
1310 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1311
1312 if (conn->state == BT_CONFIG) {
1313 if (!ev->status && hdev->ssp_mode > 0 &&
1314 conn->ssp_mode > 0) {
1315 struct hci_cp_set_conn_encrypt cp;
1316 cp.handle = ev->handle;
1317 cp.encrypt = 0x01;
1318 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1319 sizeof(cp), &cp);
1320 } else {
1321 conn->state = BT_CONNECTED;
1322 hci_proto_connect_cfm(conn, ev->status);
1323 hci_conn_put(conn);
1324 }
1325 } else {
1326 hci_auth_cfm(conn, ev->status);
1327
1328 hci_conn_hold(conn);
1329 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1330 hci_conn_put(conn);
1331 }
1332
1333 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1334 if (!ev->status) {
1335 struct hci_cp_set_conn_encrypt cp;
1336 cp.handle = ev->handle;
1337 cp.encrypt = 0x01;
1338 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1339 sizeof(cp), &cp);
1340 } else {
1341 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1342 hci_encrypt_cfm(conn, ev->status, 0x00);
1343 }
1344 }
1345 }
1346
1347 hci_dev_unlock(hdev);
1348 }
1349
1350 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1351 {
1352 struct hci_ev_remote_name *ev = (void *) skb->data;
1353 struct hci_conn *conn;
1354
1355 BT_DBG("%s", hdev->name);
1356
1357 hci_conn_check_pending(hdev);
1358
1359 hci_dev_lock(hdev);
1360
1361 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1362 if (conn && hci_outgoing_auth_needed(hdev, conn)) {
1363 struct hci_cp_auth_requested cp;
1364 cp.handle = __cpu_to_le16(conn->handle);
1365 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1366 }
1367
1368 hci_dev_unlock(hdev);
1369 }
1370
1371 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1372 {
1373 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1374 struct hci_conn *conn;
1375
1376 BT_DBG("%s status %d", hdev->name, ev->status);
1377
1378 hci_dev_lock(hdev);
1379
1380 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1381 if (conn) {
1382 if (!ev->status) {
1383 if (ev->encrypt) {
1384 /* Encryption implies authentication */
1385 conn->link_mode |= HCI_LM_AUTH;
1386 conn->link_mode |= HCI_LM_ENCRYPT;
1387 } else
1388 conn->link_mode &= ~HCI_LM_ENCRYPT;
1389 }
1390
1391 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1392
1393 if (conn->state == BT_CONFIG) {
1394 if (!ev->status)
1395 conn->state = BT_CONNECTED;
1396
1397 hci_proto_connect_cfm(conn, ev->status);
1398 hci_conn_put(conn);
1399 } else
1400 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1401 }
1402
1403 hci_dev_unlock(hdev);
1404 }
1405
1406 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1407 {
1408 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1409 struct hci_conn *conn;
1410
1411 BT_DBG("%s status %d", hdev->name, ev->status);
1412
1413 hci_dev_lock(hdev);
1414
1415 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1416 if (conn) {
1417 if (!ev->status)
1418 conn->link_mode |= HCI_LM_SECURE;
1419
1420 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1421
1422 hci_key_change_cfm(conn, ev->status);
1423 }
1424
1425 hci_dev_unlock(hdev);
1426 }
1427
1428 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1429 {
1430 struct hci_ev_remote_features *ev = (void *) skb->data;
1431 struct hci_conn *conn;
1432
1433 BT_DBG("%s status %d", hdev->name, ev->status);
1434
1435 hci_dev_lock(hdev);
1436
1437 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1438 if (!conn)
1439 goto unlock;
1440
1441 if (!ev->status)
1442 memcpy(conn->features, ev->features, 8);
1443
1444 if (conn->state != BT_CONFIG)
1445 goto unlock;
1446
1447 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1448 struct hci_cp_read_remote_ext_features cp;
1449 cp.handle = ev->handle;
1450 cp.page = 0x01;
1451 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1452 sizeof(cp), &cp);
1453 goto unlock;
1454 }
1455
1456 if (!ev->status) {
1457 struct hci_cp_remote_name_req cp;
1458 memset(&cp, 0, sizeof(cp));
1459 bacpy(&cp.bdaddr, &conn->dst);
1460 cp.pscan_rep_mode = 0x02;
1461 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1462 }
1463
1464 if (!hci_outgoing_auth_needed(hdev, conn)) {
1465 conn->state = BT_CONNECTED;
1466 hci_proto_connect_cfm(conn, ev->status);
1467 hci_conn_put(conn);
1468 }
1469
1470 unlock:
1471 hci_dev_unlock(hdev);
1472 }
1473
1474 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1475 {
1476 BT_DBG("%s", hdev->name);
1477 }
1478
1479 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1480 {
1481 BT_DBG("%s", hdev->name);
1482 }
1483
1484 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1485 {
1486 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1487 __u16 opcode;
1488
1489 skb_pull(skb, sizeof(*ev));
1490
1491 opcode = __le16_to_cpu(ev->opcode);
1492
1493 switch (opcode) {
1494 case HCI_OP_INQUIRY_CANCEL:
1495 hci_cc_inquiry_cancel(hdev, skb);
1496 break;
1497
1498 case HCI_OP_EXIT_PERIODIC_INQ:
1499 hci_cc_exit_periodic_inq(hdev, skb);
1500 break;
1501
1502 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1503 hci_cc_remote_name_req_cancel(hdev, skb);
1504 break;
1505
1506 case HCI_OP_ROLE_DISCOVERY:
1507 hci_cc_role_discovery(hdev, skb);
1508 break;
1509
1510 case HCI_OP_READ_LINK_POLICY:
1511 hci_cc_read_link_policy(hdev, skb);
1512 break;
1513
1514 case HCI_OP_WRITE_LINK_POLICY:
1515 hci_cc_write_link_policy(hdev, skb);
1516 break;
1517
1518 case HCI_OP_READ_DEF_LINK_POLICY:
1519 hci_cc_read_def_link_policy(hdev, skb);
1520 break;
1521
1522 case HCI_OP_WRITE_DEF_LINK_POLICY:
1523 hci_cc_write_def_link_policy(hdev, skb);
1524 break;
1525
1526 case HCI_OP_RESET:
1527 hci_cc_reset(hdev, skb);
1528 break;
1529
1530 case HCI_OP_WRITE_LOCAL_NAME:
1531 hci_cc_write_local_name(hdev, skb);
1532 break;
1533
1534 case HCI_OP_READ_LOCAL_NAME:
1535 hci_cc_read_local_name(hdev, skb);
1536 break;
1537
1538 case HCI_OP_WRITE_AUTH_ENABLE:
1539 hci_cc_write_auth_enable(hdev, skb);
1540 break;
1541
1542 case HCI_OP_WRITE_ENCRYPT_MODE:
1543 hci_cc_write_encrypt_mode(hdev, skb);
1544 break;
1545
1546 case HCI_OP_WRITE_SCAN_ENABLE:
1547 hci_cc_write_scan_enable(hdev, skb);
1548 break;
1549
1550 case HCI_OP_READ_CLASS_OF_DEV:
1551 hci_cc_read_class_of_dev(hdev, skb);
1552 break;
1553
1554 case HCI_OP_WRITE_CLASS_OF_DEV:
1555 hci_cc_write_class_of_dev(hdev, skb);
1556 break;
1557
1558 case HCI_OP_READ_VOICE_SETTING:
1559 hci_cc_read_voice_setting(hdev, skb);
1560 break;
1561
1562 case HCI_OP_WRITE_VOICE_SETTING:
1563 hci_cc_write_voice_setting(hdev, skb);
1564 break;
1565
1566 case HCI_OP_HOST_BUFFER_SIZE:
1567 hci_cc_host_buffer_size(hdev, skb);
1568 break;
1569
1570 case HCI_OP_READ_SSP_MODE:
1571 hci_cc_read_ssp_mode(hdev, skb);
1572 break;
1573
1574 case HCI_OP_WRITE_SSP_MODE:
1575 hci_cc_write_ssp_mode(hdev, skb);
1576 break;
1577
1578 case HCI_OP_READ_LOCAL_VERSION:
1579 hci_cc_read_local_version(hdev, skb);
1580 break;
1581
1582 case HCI_OP_READ_LOCAL_COMMANDS:
1583 hci_cc_read_local_commands(hdev, skb);
1584 break;
1585
1586 case HCI_OP_READ_LOCAL_FEATURES:
1587 hci_cc_read_local_features(hdev, skb);
1588 break;
1589
1590 case HCI_OP_READ_BUFFER_SIZE:
1591 hci_cc_read_buffer_size(hdev, skb);
1592 break;
1593
1594 case HCI_OP_READ_BD_ADDR:
1595 hci_cc_read_bd_addr(hdev, skb);
1596 break;
1597
1598 case HCI_OP_WRITE_CA_TIMEOUT:
1599 hci_cc_write_ca_timeout(hdev, skb);
1600 break;
1601
1602 case HCI_OP_DELETE_STORED_LINK_KEY:
1603 hci_cc_delete_stored_link_key(hdev, skb);
1604 break;
1605
1606 case HCI_OP_SET_EVENT_MASK:
1607 hci_cc_set_event_mask(hdev, skb);
1608 break;
1609
1610 case HCI_OP_WRITE_INQUIRY_MODE:
1611 hci_cc_write_inquiry_mode(hdev, skb);
1612 break;
1613
1614 case HCI_OP_READ_INQ_RSP_TX_POWER:
1615 hci_cc_read_inq_rsp_tx_power(hdev, skb);
1616 break;
1617
1618 case HCI_OP_SET_EVENT_FLT:
1619 hci_cc_set_event_flt(hdev, skb);
1620 break;
1621
1622 default:
1623 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1624 break;
1625 }
1626
1627 if (ev->ncmd) {
1628 atomic_set(&hdev->cmd_cnt, 1);
1629 if (!skb_queue_empty(&hdev->cmd_q))
1630 tasklet_schedule(&hdev->cmd_task);
1631 }
1632 }
1633
1634 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1635 {
1636 struct hci_ev_cmd_status *ev = (void *) skb->data;
1637 __u16 opcode;
1638
1639 skb_pull(skb, sizeof(*ev));
1640
1641 opcode = __le16_to_cpu(ev->opcode);
1642
1643 switch (opcode) {
1644 case HCI_OP_INQUIRY:
1645 hci_cs_inquiry(hdev, ev->status);
1646 break;
1647
1648 case HCI_OP_CREATE_CONN:
1649 hci_cs_create_conn(hdev, ev->status);
1650 break;
1651
1652 case HCI_OP_ADD_SCO:
1653 hci_cs_add_sco(hdev, ev->status);
1654 break;
1655
1656 case HCI_OP_AUTH_REQUESTED:
1657 hci_cs_auth_requested(hdev, ev->status);
1658 break;
1659
1660 case HCI_OP_SET_CONN_ENCRYPT:
1661 hci_cs_set_conn_encrypt(hdev, ev->status);
1662 break;
1663
1664 case HCI_OP_REMOTE_NAME_REQ:
1665 hci_cs_remote_name_req(hdev, ev->status);
1666 break;
1667
1668 case HCI_OP_READ_REMOTE_FEATURES:
1669 hci_cs_read_remote_features(hdev, ev->status);
1670 break;
1671
1672 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1673 hci_cs_read_remote_ext_features(hdev, ev->status);
1674 break;
1675
1676 case HCI_OP_SETUP_SYNC_CONN:
1677 hci_cs_setup_sync_conn(hdev, ev->status);
1678 break;
1679
1680 case HCI_OP_SNIFF_MODE:
1681 hci_cs_sniff_mode(hdev, ev->status);
1682 break;
1683
1684 case HCI_OP_EXIT_SNIFF_MODE:
1685 hci_cs_exit_sniff_mode(hdev, ev->status);
1686 break;
1687
1688 case HCI_OP_DISCONNECT:
1689 if (ev->status != 0)
1690 mgmt_disconnect_failed(hdev->id);
1691 break;
1692
1693 default:
1694 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1695 break;
1696 }
1697
1698 if (ev->ncmd) {
1699 atomic_set(&hdev->cmd_cnt, 1);
1700 if (!skb_queue_empty(&hdev->cmd_q))
1701 tasklet_schedule(&hdev->cmd_task);
1702 }
1703 }
1704
1705 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1706 {
1707 struct hci_ev_role_change *ev = (void *) skb->data;
1708 struct hci_conn *conn;
1709
1710 BT_DBG("%s status %d", hdev->name, ev->status);
1711
1712 hci_dev_lock(hdev);
1713
1714 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1715 if (conn) {
1716 if (!ev->status) {
1717 if (ev->role)
1718 conn->link_mode &= ~HCI_LM_MASTER;
1719 else
1720 conn->link_mode |= HCI_LM_MASTER;
1721 }
1722
1723 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1724
1725 hci_role_switch_cfm(conn, ev->status, ev->role);
1726 }
1727
1728 hci_dev_unlock(hdev);
1729 }
1730
1731 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1732 {
1733 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1734 __le16 *ptr;
1735 int i;
1736
1737 skb_pull(skb, sizeof(*ev));
1738
1739 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1740
1741 if (skb->len < ev->num_hndl * 4) {
1742 BT_DBG("%s bad parameters", hdev->name);
1743 return;
1744 }
1745
1746 tasklet_disable(&hdev->tx_task);
1747
1748 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1749 struct hci_conn *conn;
1750 __u16 handle, count;
1751
1752 handle = get_unaligned_le16(ptr++);
1753 count = get_unaligned_le16(ptr++);
1754
1755 conn = hci_conn_hash_lookup_handle(hdev, handle);
1756 if (conn) {
1757 conn->sent -= count;
1758
1759 if (conn->type == ACL_LINK) {
1760 hdev->acl_cnt += count;
1761 if (hdev->acl_cnt > hdev->acl_pkts)
1762 hdev->acl_cnt = hdev->acl_pkts;
1763 } else {
1764 hdev->sco_cnt += count;
1765 if (hdev->sco_cnt > hdev->sco_pkts)
1766 hdev->sco_cnt = hdev->sco_pkts;
1767 }
1768 }
1769 }
1770
1771 tasklet_schedule(&hdev->tx_task);
1772
1773 tasklet_enable(&hdev->tx_task);
1774 }
1775
1776 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1777 {
1778 struct hci_ev_mode_change *ev = (void *) skb->data;
1779 struct hci_conn *conn;
1780
1781 BT_DBG("%s status %d", hdev->name, ev->status);
1782
1783 hci_dev_lock(hdev);
1784
1785 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1786 if (conn) {
1787 conn->mode = ev->mode;
1788 conn->interval = __le16_to_cpu(ev->interval);
1789
1790 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1791 if (conn->mode == HCI_CM_ACTIVE)
1792 conn->power_save = 1;
1793 else
1794 conn->power_save = 0;
1795 }
1796
1797 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1798 hci_sco_setup(conn, ev->status);
1799 }
1800
1801 hci_dev_unlock(hdev);
1802 }
1803
1804 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1805 {
1806 struct hci_ev_pin_code_req *ev = (void *) skb->data;
1807 struct hci_conn *conn;
1808
1809 BT_DBG("%s", hdev->name);
1810
1811 hci_dev_lock(hdev);
1812
1813 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1814 if (conn && conn->state == BT_CONNECTED) {
1815 hci_conn_hold(conn);
1816 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
1817 hci_conn_put(conn);
1818 }
1819
1820 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
1821 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
1822 sizeof(ev->bdaddr), &ev->bdaddr);
1823
1824 hci_dev_unlock(hdev);
1825 }
1826
1827 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1828 {
1829 struct hci_ev_link_key_req *ev = (void *) skb->data;
1830 struct hci_cp_link_key_reply cp;
1831 struct hci_conn *conn;
1832 struct link_key *key;
1833
1834 BT_DBG("%s", hdev->name);
1835
1836 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
1837 return;
1838
1839 hci_dev_lock(hdev);
1840
1841 key = hci_find_link_key(hdev, &ev->bdaddr);
1842 if (!key) {
1843 BT_DBG("%s link key not found for %s", hdev->name,
1844 batostr(&ev->bdaddr));
1845 goto not_found;
1846 }
1847
1848 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
1849 batostr(&ev->bdaddr));
1850
1851 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) && key->type == 0x03) {
1852 BT_DBG("%s ignoring debug key", hdev->name);
1853 goto not_found;
1854 }
1855
1856 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1857
1858 if (key->type == 0x04 && conn && conn->auth_type != 0xff &&
1859 (conn->auth_type & 0x01)) {
1860 BT_DBG("%s ignoring unauthenticated key", hdev->name);
1861 goto not_found;
1862 }
1863
1864 bacpy(&cp.bdaddr, &ev->bdaddr);
1865 memcpy(cp.link_key, key->val, 16);
1866
1867 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
1868
1869 hci_dev_unlock(hdev);
1870
1871 return;
1872
1873 not_found:
1874 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
1875 hci_dev_unlock(hdev);
1876 }
1877
1878 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1879 {
1880 struct hci_ev_link_key_notify *ev = (void *) skb->data;
1881 struct hci_conn *conn;
1882 u8 pin_len = 0;
1883
1884 BT_DBG("%s", hdev->name);
1885
1886 hci_dev_lock(hdev);
1887
1888 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1889 if (conn) {
1890 hci_conn_hold(conn);
1891 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1892 hci_conn_put(conn);
1893 }
1894
1895 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
1896 hci_add_link_key(hdev, 1, &ev->bdaddr, ev->link_key,
1897 ev->key_type, pin_len);
1898
1899 hci_dev_unlock(hdev);
1900 }
1901
1902 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1903 {
1904 struct hci_ev_clock_offset *ev = (void *) skb->data;
1905 struct hci_conn *conn;
1906
1907 BT_DBG("%s status %d", hdev->name, ev->status);
1908
1909 hci_dev_lock(hdev);
1910
1911 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1912 if (conn && !ev->status) {
1913 struct inquiry_entry *ie;
1914
1915 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
1916 if (ie) {
1917 ie->data.clock_offset = ev->clock_offset;
1918 ie->timestamp = jiffies;
1919 }
1920 }
1921
1922 hci_dev_unlock(hdev);
1923 }
1924
1925 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1926 {
1927 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
1928 struct hci_conn *conn;
1929
1930 BT_DBG("%s status %d", hdev->name, ev->status);
1931
1932 hci_dev_lock(hdev);
1933
1934 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1935 if (conn && !ev->status)
1936 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
1937
1938 hci_dev_unlock(hdev);
1939 }
1940
1941 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1942 {
1943 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
1944 struct inquiry_entry *ie;
1945
1946 BT_DBG("%s", hdev->name);
1947
1948 hci_dev_lock(hdev);
1949
1950 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1951 if (ie) {
1952 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1953 ie->timestamp = jiffies;
1954 }
1955
1956 hci_dev_unlock(hdev);
1957 }
1958
1959 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1960 {
1961 struct inquiry_data data;
1962 int num_rsp = *((__u8 *) skb->data);
1963
1964 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1965
1966 if (!num_rsp)
1967 return;
1968
1969 hci_dev_lock(hdev);
1970
1971 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1972 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1973
1974 for (; num_rsp; num_rsp--) {
1975 bacpy(&data.bdaddr, &info->bdaddr);
1976 data.pscan_rep_mode = info->pscan_rep_mode;
1977 data.pscan_period_mode = info->pscan_period_mode;
1978 data.pscan_mode = info->pscan_mode;
1979 memcpy(data.dev_class, info->dev_class, 3);
1980 data.clock_offset = info->clock_offset;
1981 data.rssi = info->rssi;
1982 data.ssp_mode = 0x00;
1983 info++;
1984 hci_inquiry_cache_update(hdev, &data);
1985 }
1986 } else {
1987 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1988
1989 for (; num_rsp; num_rsp--) {
1990 bacpy(&data.bdaddr, &info->bdaddr);
1991 data.pscan_rep_mode = info->pscan_rep_mode;
1992 data.pscan_period_mode = info->pscan_period_mode;
1993 data.pscan_mode = 0x00;
1994 memcpy(data.dev_class, info->dev_class, 3);
1995 data.clock_offset = info->clock_offset;
1996 data.rssi = info->rssi;
1997 data.ssp_mode = 0x00;
1998 info++;
1999 hci_inquiry_cache_update(hdev, &data);
2000 }
2001 }
2002
2003 hci_dev_unlock(hdev);
2004 }
2005
2006 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2007 {
2008 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2009 struct hci_conn *conn;
2010
2011 BT_DBG("%s", hdev->name);
2012
2013 hci_dev_lock(hdev);
2014
2015 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2016 if (!conn)
2017 goto unlock;
2018
2019 if (!ev->status && ev->page == 0x01) {
2020 struct inquiry_entry *ie;
2021
2022 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2023 if (ie)
2024 ie->data.ssp_mode = (ev->features[0] & 0x01);
2025
2026 conn->ssp_mode = (ev->features[0] & 0x01);
2027 }
2028
2029 if (conn->state != BT_CONFIG)
2030 goto unlock;
2031
2032 if (!ev->status) {
2033 struct hci_cp_remote_name_req cp;
2034 memset(&cp, 0, sizeof(cp));
2035 bacpy(&cp.bdaddr, &conn->dst);
2036 cp.pscan_rep_mode = 0x02;
2037 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2038 }
2039
2040 if (!hci_outgoing_auth_needed(hdev, conn)) {
2041 conn->state = BT_CONNECTED;
2042 hci_proto_connect_cfm(conn, ev->status);
2043 hci_conn_put(conn);
2044 }
2045
2046 unlock:
2047 hci_dev_unlock(hdev);
2048 }
2049
2050 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2051 {
2052 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2053 struct hci_conn *conn;
2054
2055 BT_DBG("%s status %d", hdev->name, ev->status);
2056
2057 hci_dev_lock(hdev);
2058
2059 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2060 if (!conn) {
2061 if (ev->link_type == ESCO_LINK)
2062 goto unlock;
2063
2064 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2065 if (!conn)
2066 goto unlock;
2067
2068 conn->type = SCO_LINK;
2069 }
2070
2071 switch (ev->status) {
2072 case 0x00:
2073 conn->handle = __le16_to_cpu(ev->handle);
2074 conn->state = BT_CONNECTED;
2075
2076 hci_conn_hold_device(conn);
2077 hci_conn_add_sysfs(conn);
2078 break;
2079
2080 case 0x11: /* Unsupported Feature or Parameter Value */
2081 case 0x1c: /* SCO interval rejected */
2082 case 0x1a: /* Unsupported Remote Feature */
2083 case 0x1f: /* Unspecified error */
2084 if (conn->out && conn->attempt < 2) {
2085 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2086 (hdev->esco_type & EDR_ESCO_MASK);
2087 hci_setup_sync(conn, conn->link->handle);
2088 goto unlock;
2089 }
2090 /* fall through */
2091
2092 default:
2093 conn->state = BT_CLOSED;
2094 break;
2095 }
2096
2097 hci_proto_connect_cfm(conn, ev->status);
2098 if (ev->status)
2099 hci_conn_del(conn);
2100
2101 unlock:
2102 hci_dev_unlock(hdev);
2103 }
2104
2105 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2106 {
2107 BT_DBG("%s", hdev->name);
2108 }
2109
2110 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2111 {
2112 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2113 struct hci_conn *conn;
2114
2115 BT_DBG("%s status %d", hdev->name, ev->status);
2116
2117 hci_dev_lock(hdev);
2118
2119 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2120 if (conn) {
2121 }
2122
2123 hci_dev_unlock(hdev);
2124 }
2125
2126 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2127 {
2128 struct inquiry_data data;
2129 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2130 int num_rsp = *((__u8 *) skb->data);
2131
2132 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2133
2134 if (!num_rsp)
2135 return;
2136
2137 hci_dev_lock(hdev);
2138
2139 for (; num_rsp; num_rsp--) {
2140 bacpy(&data.bdaddr, &info->bdaddr);
2141 data.pscan_rep_mode = info->pscan_rep_mode;
2142 data.pscan_period_mode = info->pscan_period_mode;
2143 data.pscan_mode = 0x00;
2144 memcpy(data.dev_class, info->dev_class, 3);
2145 data.clock_offset = info->clock_offset;
2146 data.rssi = info->rssi;
2147 data.ssp_mode = 0x01;
2148 info++;
2149 hci_inquiry_cache_update(hdev, &data);
2150 }
2151
2152 hci_dev_unlock(hdev);
2153 }
2154
2155 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2156 {
2157 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2158 struct hci_conn *conn;
2159
2160 BT_DBG("%s", hdev->name);
2161
2162 hci_dev_lock(hdev);
2163
2164 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2165 if (!conn)
2166 goto unlock;
2167
2168 hci_conn_hold(conn);
2169
2170 if (!test_bit(HCI_MGMT, &hdev->flags))
2171 goto unlock;
2172
2173 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2174 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2175 /* FIXME: Do IO capa response based on information
2176 * provided through the management interface */
2177 } else {
2178 struct hci_cp_io_capability_neg_reply cp;
2179
2180 bacpy(&cp.bdaddr, &ev->bdaddr);
2181 cp.reason = 0x16; /* Pairing not allowed */
2182
2183 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2184 sizeof(cp), &cp);
2185 }
2186
2187 unlock:
2188 hci_dev_unlock(hdev);
2189 }
2190
2191 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2192 {
2193 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2194 struct hci_conn *conn;
2195
2196 BT_DBG("%s", hdev->name);
2197
2198 hci_dev_lock(hdev);
2199
2200 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2201 if (!conn)
2202 goto unlock;
2203
2204 hci_conn_hold(conn);
2205
2206 conn->remote_cap = ev->capability;
2207 conn->remote_oob = ev->oob_data;
2208 conn->remote_auth = ev->authentication;
2209
2210 unlock:
2211 hci_dev_unlock(hdev);
2212 }
2213
2214 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2215 {
2216 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2217 struct hci_conn *conn;
2218
2219 BT_DBG("%s", hdev->name);
2220
2221 hci_dev_lock(hdev);
2222
2223 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2224 if (conn)
2225 hci_conn_put(conn);
2226
2227 hci_dev_unlock(hdev);
2228 }
2229
2230 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2231 {
2232 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2233 struct inquiry_entry *ie;
2234
2235 BT_DBG("%s", hdev->name);
2236
2237 hci_dev_lock(hdev);
2238
2239 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2240 if (ie)
2241 ie->data.ssp_mode = (ev->features[0] & 0x01);
2242
2243 hci_dev_unlock(hdev);
2244 }
2245
2246 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
2247 {
2248 struct hci_event_hdr *hdr = (void *) skb->data;
2249 __u8 event = hdr->evt;
2250
2251 skb_pull(skb, HCI_EVENT_HDR_SIZE);
2252
2253 switch (event) {
2254 case HCI_EV_INQUIRY_COMPLETE:
2255 hci_inquiry_complete_evt(hdev, skb);
2256 break;
2257
2258 case HCI_EV_INQUIRY_RESULT:
2259 hci_inquiry_result_evt(hdev, skb);
2260 break;
2261
2262 case HCI_EV_CONN_COMPLETE:
2263 hci_conn_complete_evt(hdev, skb);
2264 break;
2265
2266 case HCI_EV_CONN_REQUEST:
2267 hci_conn_request_evt(hdev, skb);
2268 break;
2269
2270 case HCI_EV_DISCONN_COMPLETE:
2271 hci_disconn_complete_evt(hdev, skb);
2272 break;
2273
2274 case HCI_EV_AUTH_COMPLETE:
2275 hci_auth_complete_evt(hdev, skb);
2276 break;
2277
2278 case HCI_EV_REMOTE_NAME:
2279 hci_remote_name_evt(hdev, skb);
2280 break;
2281
2282 case HCI_EV_ENCRYPT_CHANGE:
2283 hci_encrypt_change_evt(hdev, skb);
2284 break;
2285
2286 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
2287 hci_change_link_key_complete_evt(hdev, skb);
2288 break;
2289
2290 case HCI_EV_REMOTE_FEATURES:
2291 hci_remote_features_evt(hdev, skb);
2292 break;
2293
2294 case HCI_EV_REMOTE_VERSION:
2295 hci_remote_version_evt(hdev, skb);
2296 break;
2297
2298 case HCI_EV_QOS_SETUP_COMPLETE:
2299 hci_qos_setup_complete_evt(hdev, skb);
2300 break;
2301
2302 case HCI_EV_CMD_COMPLETE:
2303 hci_cmd_complete_evt(hdev, skb);
2304 break;
2305
2306 case HCI_EV_CMD_STATUS:
2307 hci_cmd_status_evt(hdev, skb);
2308 break;
2309
2310 case HCI_EV_ROLE_CHANGE:
2311 hci_role_change_evt(hdev, skb);
2312 break;
2313
2314 case HCI_EV_NUM_COMP_PKTS:
2315 hci_num_comp_pkts_evt(hdev, skb);
2316 break;
2317
2318 case HCI_EV_MODE_CHANGE:
2319 hci_mode_change_evt(hdev, skb);
2320 break;
2321
2322 case HCI_EV_PIN_CODE_REQ:
2323 hci_pin_code_request_evt(hdev, skb);
2324 break;
2325
2326 case HCI_EV_LINK_KEY_REQ:
2327 hci_link_key_request_evt(hdev, skb);
2328 break;
2329
2330 case HCI_EV_LINK_KEY_NOTIFY:
2331 hci_link_key_notify_evt(hdev, skb);
2332 break;
2333
2334 case HCI_EV_CLOCK_OFFSET:
2335 hci_clock_offset_evt(hdev, skb);
2336 break;
2337
2338 case HCI_EV_PKT_TYPE_CHANGE:
2339 hci_pkt_type_change_evt(hdev, skb);
2340 break;
2341
2342 case HCI_EV_PSCAN_REP_MODE:
2343 hci_pscan_rep_mode_evt(hdev, skb);
2344 break;
2345
2346 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
2347 hci_inquiry_result_with_rssi_evt(hdev, skb);
2348 break;
2349
2350 case HCI_EV_REMOTE_EXT_FEATURES:
2351 hci_remote_ext_features_evt(hdev, skb);
2352 break;
2353
2354 case HCI_EV_SYNC_CONN_COMPLETE:
2355 hci_sync_conn_complete_evt(hdev, skb);
2356 break;
2357
2358 case HCI_EV_SYNC_CONN_CHANGED:
2359 hci_sync_conn_changed_evt(hdev, skb);
2360 break;
2361
2362 case HCI_EV_SNIFF_SUBRATE:
2363 hci_sniff_subrate_evt(hdev, skb);
2364 break;
2365
2366 case HCI_EV_EXTENDED_INQUIRY_RESULT:
2367 hci_extended_inquiry_result_evt(hdev, skb);
2368 break;
2369
2370 case HCI_EV_IO_CAPA_REQUEST:
2371 hci_io_capa_request_evt(hdev, skb);
2372 break;
2373
2374 case HCI_EV_IO_CAPA_REPLY:
2375 hci_io_capa_reply_evt(hdev, skb);
2376 break;
2377
2378 case HCI_EV_SIMPLE_PAIR_COMPLETE:
2379 hci_simple_pair_complete_evt(hdev, skb);
2380 break;
2381
2382 case HCI_EV_REMOTE_HOST_FEATURES:
2383 hci_remote_host_features_evt(hdev, skb);
2384 break;
2385
2386 default:
2387 BT_DBG("%s event 0x%x", hdev->name, event);
2388 break;
2389 }
2390
2391 kfree_skb(skb);
2392 hdev->stat.evt_rx++;
2393 }
2394
2395 /* Generate internal stack event */
2396 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
2397 {
2398 struct hci_event_hdr *hdr;
2399 struct hci_ev_stack_internal *ev;
2400 struct sk_buff *skb;
2401
2402 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
2403 if (!skb)
2404 return;
2405
2406 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
2407 hdr->evt = HCI_EV_STACK_INTERNAL;
2408 hdr->plen = sizeof(*ev) + dlen;
2409
2410 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
2411 ev->type = type;
2412 memcpy(ev->data, data, dlen);
2413
2414 bt_cb(skb)->incoming = 1;
2415 __net_timestamp(skb);
2416
2417 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
2418 skb->dev = (void *) hdev;
2419 hci_send_to_sock(hdev, skb, NULL);
2420 kfree_skb(skb);
2421 }
(deprecated) Btrfs devel tree