2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
50 /* Handle HCI Event packets */
52 static void hci_cc_inquiry_cancel(struct hci_dev
*hdev
, struct sk_buff
*skb
)
54 __u8 status
= *((__u8
*) skb
->data
);
56 BT_DBG("%s status 0x%x", hdev
->name
, status
);
61 if (test_and_clear_bit(HCI_INQUIRY
, &hdev
->flags
) &&
62 test_bit(HCI_MGMT
, &hdev
->flags
))
63 mgmt_discovering(hdev
->id
, 0);
65 hci_req_complete(hdev
, HCI_OP_INQUIRY_CANCEL
, status
);
67 hci_conn_check_pending(hdev
);
70 static void hci_cc_exit_periodic_inq(struct hci_dev
*hdev
, struct sk_buff
*skb
)
72 __u8 status
= *((__u8
*) skb
->data
);
74 BT_DBG("%s status 0x%x", hdev
->name
, status
);
79 if (test_and_clear_bit(HCI_INQUIRY
, &hdev
->flags
) &&
80 test_bit(HCI_MGMT
, &hdev
->flags
))
81 mgmt_discovering(hdev
->id
, 0);
83 hci_conn_check_pending(hdev
);
86 static void hci_cc_remote_name_req_cancel(struct hci_dev
*hdev
, struct sk_buff
*skb
)
88 BT_DBG("%s", hdev
->name
);
91 static void hci_cc_role_discovery(struct hci_dev
*hdev
, struct sk_buff
*skb
)
93 struct hci_rp_role_discovery
*rp
= (void *) skb
->data
;
94 struct hci_conn
*conn
;
96 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
103 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(rp
->handle
));
106 conn
->link_mode
&= ~HCI_LM_MASTER
;
108 conn
->link_mode
|= HCI_LM_MASTER
;
111 hci_dev_unlock(hdev
);
114 static void hci_cc_read_link_policy(struct hci_dev
*hdev
, struct sk_buff
*skb
)
116 struct hci_rp_read_link_policy
*rp
= (void *) skb
->data
;
117 struct hci_conn
*conn
;
119 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
126 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(rp
->handle
));
128 conn
->link_policy
= __le16_to_cpu(rp
->policy
);
130 hci_dev_unlock(hdev
);
133 static void hci_cc_write_link_policy(struct hci_dev
*hdev
, struct sk_buff
*skb
)
135 struct hci_rp_write_link_policy
*rp
= (void *) skb
->data
;
136 struct hci_conn
*conn
;
139 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
144 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_LINK_POLICY
);
150 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(rp
->handle
));
152 conn
->link_policy
= get_unaligned_le16(sent
+ 2);
154 hci_dev_unlock(hdev
);
157 static void hci_cc_read_def_link_policy(struct hci_dev
*hdev
, struct sk_buff
*skb
)
159 struct hci_rp_read_def_link_policy
*rp
= (void *) skb
->data
;
161 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
166 hdev
->link_policy
= __le16_to_cpu(rp
->policy
);
169 static void hci_cc_write_def_link_policy(struct hci_dev
*hdev
, struct sk_buff
*skb
)
171 __u8 status
= *((__u8
*) skb
->data
);
174 BT_DBG("%s status 0x%x", hdev
->name
, status
);
176 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_DEF_LINK_POLICY
);
181 hdev
->link_policy
= get_unaligned_le16(sent
);
183 hci_req_complete(hdev
, HCI_OP_WRITE_DEF_LINK_POLICY
, status
);
186 static void hci_cc_reset(struct hci_dev
*hdev
, struct sk_buff
*skb
)
188 __u8 status
= *((__u8
*) skb
->data
);
190 BT_DBG("%s status 0x%x", hdev
->name
, status
);
192 clear_bit(HCI_RESET
, &hdev
->flags
);
194 hci_req_complete(hdev
, HCI_OP_RESET
, status
);
197 static void hci_cc_write_local_name(struct hci_dev
*hdev
, struct sk_buff
*skb
)
199 __u8 status
= *((__u8
*) skb
->data
);
202 BT_DBG("%s status 0x%x", hdev
->name
, status
);
204 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_LOCAL_NAME
);
208 if (test_bit(HCI_MGMT
, &hdev
->flags
))
209 mgmt_set_local_name_complete(hdev
->id
, sent
, status
);
214 memcpy(hdev
->dev_name
, sent
, HCI_MAX_NAME_LENGTH
);
217 static void hci_cc_read_local_name(struct hci_dev
*hdev
, struct sk_buff
*skb
)
219 struct hci_rp_read_local_name
*rp
= (void *) skb
->data
;
221 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
226 memcpy(hdev
->dev_name
, rp
->name
, HCI_MAX_NAME_LENGTH
);
229 static void hci_cc_write_auth_enable(struct hci_dev
*hdev
, struct sk_buff
*skb
)
231 __u8 status
= *((__u8
*) skb
->data
);
234 BT_DBG("%s status 0x%x", hdev
->name
, status
);
236 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_AUTH_ENABLE
);
241 __u8 param
= *((__u8
*) sent
);
243 if (param
== AUTH_ENABLED
)
244 set_bit(HCI_AUTH
, &hdev
->flags
);
246 clear_bit(HCI_AUTH
, &hdev
->flags
);
249 hci_req_complete(hdev
, HCI_OP_WRITE_AUTH_ENABLE
, status
);
252 static void hci_cc_write_encrypt_mode(struct hci_dev
*hdev
, struct sk_buff
*skb
)
254 __u8 status
= *((__u8
*) skb
->data
);
257 BT_DBG("%s status 0x%x", hdev
->name
, status
);
259 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_ENCRYPT_MODE
);
264 __u8 param
= *((__u8
*) sent
);
267 set_bit(HCI_ENCRYPT
, &hdev
->flags
);
269 clear_bit(HCI_ENCRYPT
, &hdev
->flags
);
272 hci_req_complete(hdev
, HCI_OP_WRITE_ENCRYPT_MODE
, status
);
275 static void hci_cc_write_scan_enable(struct hci_dev
*hdev
, struct sk_buff
*skb
)
277 __u8 status
= *((__u8
*) skb
->data
);
280 BT_DBG("%s status 0x%x", hdev
->name
, status
);
282 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_SCAN_ENABLE
);
287 __u8 param
= *((__u8
*) sent
);
288 int old_pscan
, old_iscan
;
290 old_pscan
= test_and_clear_bit(HCI_PSCAN
, &hdev
->flags
);
291 old_iscan
= test_and_clear_bit(HCI_ISCAN
, &hdev
->flags
);
293 if (param
& SCAN_INQUIRY
) {
294 set_bit(HCI_ISCAN
, &hdev
->flags
);
296 mgmt_discoverable(hdev
->id
, 1);
297 } else if (old_iscan
)
298 mgmt_discoverable(hdev
->id
, 0);
300 if (param
& SCAN_PAGE
) {
301 set_bit(HCI_PSCAN
, &hdev
->flags
);
303 mgmt_connectable(hdev
->id
, 1);
304 } else if (old_pscan
)
305 mgmt_connectable(hdev
->id
, 0);
308 hci_req_complete(hdev
, HCI_OP_WRITE_SCAN_ENABLE
, status
);
311 static void hci_cc_read_class_of_dev(struct hci_dev
*hdev
, struct sk_buff
*skb
)
313 struct hci_rp_read_class_of_dev
*rp
= (void *) skb
->data
;
315 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
320 memcpy(hdev
->dev_class
, rp
->dev_class
, 3);
322 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev
->name
,
323 hdev
->dev_class
[2], hdev
->dev_class
[1], hdev
->dev_class
[0]);
326 static void hci_cc_write_class_of_dev(struct hci_dev
*hdev
, struct sk_buff
*skb
)
328 __u8 status
= *((__u8
*) skb
->data
);
331 BT_DBG("%s status 0x%x", hdev
->name
, status
);
336 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_CLASS_OF_DEV
);
340 memcpy(hdev
->dev_class
, sent
, 3);
343 static void hci_cc_read_voice_setting(struct hci_dev
*hdev
, struct sk_buff
*skb
)
345 struct hci_rp_read_voice_setting
*rp
= (void *) skb
->data
;
348 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
353 setting
= __le16_to_cpu(rp
->voice_setting
);
355 if (hdev
->voice_setting
== setting
)
358 hdev
->voice_setting
= setting
;
360 BT_DBG("%s voice setting 0x%04x", hdev
->name
, setting
);
363 tasklet_disable(&hdev
->tx_task
);
364 hdev
->notify(hdev
, HCI_NOTIFY_VOICE_SETTING
);
365 tasklet_enable(&hdev
->tx_task
);
369 static void hci_cc_write_voice_setting(struct hci_dev
*hdev
, struct sk_buff
*skb
)
371 __u8 status
= *((__u8
*) skb
->data
);
375 BT_DBG("%s status 0x%x", hdev
->name
, status
);
380 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_VOICE_SETTING
);
384 setting
= get_unaligned_le16(sent
);
386 if (hdev
->voice_setting
== setting
)
389 hdev
->voice_setting
= setting
;
391 BT_DBG("%s voice setting 0x%04x", hdev
->name
, setting
);
394 tasklet_disable(&hdev
->tx_task
);
395 hdev
->notify(hdev
, HCI_NOTIFY_VOICE_SETTING
);
396 tasklet_enable(&hdev
->tx_task
);
400 static void hci_cc_host_buffer_size(struct hci_dev
*hdev
, struct sk_buff
*skb
)
402 __u8 status
= *((__u8
*) skb
->data
);
404 BT_DBG("%s status 0x%x", hdev
->name
, status
);
406 hci_req_complete(hdev
, HCI_OP_HOST_BUFFER_SIZE
, status
);
409 static void hci_cc_read_ssp_mode(struct hci_dev
*hdev
, struct sk_buff
*skb
)
411 struct hci_rp_read_ssp_mode
*rp
= (void *) skb
->data
;
413 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
418 hdev
->ssp_mode
= rp
->mode
;
421 static void hci_cc_write_ssp_mode(struct hci_dev
*hdev
, struct sk_buff
*skb
)
423 __u8 status
= *((__u8
*) skb
->data
);
426 BT_DBG("%s status 0x%x", hdev
->name
, status
);
431 sent
= hci_sent_cmd_data(hdev
, HCI_OP_WRITE_SSP_MODE
);
435 hdev
->ssp_mode
= *((__u8
*) sent
);
438 static u8
hci_get_inquiry_mode(struct hci_dev
*hdev
)
440 if (hdev
->features
[6] & LMP_EXT_INQ
)
443 if (hdev
->features
[3] & LMP_RSSI_INQ
)
446 if (hdev
->manufacturer
== 11 && hdev
->hci_rev
== 0x00 &&
447 hdev
->lmp_subver
== 0x0757)
450 if (hdev
->manufacturer
== 15) {
451 if (hdev
->hci_rev
== 0x03 && hdev
->lmp_subver
== 0x6963)
453 if (hdev
->hci_rev
== 0x09 && hdev
->lmp_subver
== 0x6963)
455 if (hdev
->hci_rev
== 0x00 && hdev
->lmp_subver
== 0x6965)
459 if (hdev
->manufacturer
== 31 && hdev
->hci_rev
== 0x2005 &&
460 hdev
->lmp_subver
== 0x1805)
466 static void hci_setup_inquiry_mode(struct hci_dev
*hdev
)
470 mode
= hci_get_inquiry_mode(hdev
);
472 hci_send_cmd(hdev
, HCI_OP_WRITE_INQUIRY_MODE
, 1, &mode
);
475 static void hci_setup_event_mask(struct hci_dev
*hdev
)
477 /* The second byte is 0xff instead of 0x9f (two reserved bits
478 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
479 * command otherwise */
480 u8 events
[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
482 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
483 * any event mask for pre 1.2 devices */
484 if (hdev
->lmp_ver
<= 1)
487 events
[4] |= 0x01; /* Flow Specification Complete */
488 events
[4] |= 0x02; /* Inquiry Result with RSSI */
489 events
[4] |= 0x04; /* Read Remote Extended Features Complete */
490 events
[5] |= 0x08; /* Synchronous Connection Complete */
491 events
[5] |= 0x10; /* Synchronous Connection Changed */
493 if (hdev
->features
[3] & LMP_RSSI_INQ
)
494 events
[4] |= 0x04; /* Inquiry Result with RSSI */
496 if (hdev
->features
[5] & LMP_SNIFF_SUBR
)
497 events
[5] |= 0x20; /* Sniff Subrating */
499 if (hdev
->features
[5] & LMP_PAUSE_ENC
)
500 events
[5] |= 0x80; /* Encryption Key Refresh Complete */
502 if (hdev
->features
[6] & LMP_EXT_INQ
)
503 events
[5] |= 0x40; /* Extended Inquiry Result */
505 if (hdev
->features
[6] & LMP_NO_FLUSH
)
506 events
[7] |= 0x01; /* Enhanced Flush Complete */
508 if (hdev
->features
[7] & LMP_LSTO
)
509 events
[6] |= 0x80; /* Link Supervision Timeout Changed */
511 if (hdev
->features
[6] & LMP_SIMPLE_PAIR
) {
512 events
[6] |= 0x01; /* IO Capability Request */
513 events
[6] |= 0x02; /* IO Capability Response */
514 events
[6] |= 0x04; /* User Confirmation Request */
515 events
[6] |= 0x08; /* User Passkey Request */
516 events
[6] |= 0x10; /* Remote OOB Data Request */
517 events
[6] |= 0x20; /* Simple Pairing Complete */
518 events
[7] |= 0x04; /* User Passkey Notification */
519 events
[7] |= 0x08; /* Keypress Notification */
520 events
[7] |= 0x10; /* Remote Host Supported
521 * Features Notification */
524 if (hdev
->features
[4] & LMP_LE
)
525 events
[7] |= 0x20; /* LE Meta-Event */
527 hci_send_cmd(hdev
, HCI_OP_SET_EVENT_MASK
, sizeof(events
), events
);
530 static void hci_set_le_support(struct hci_dev
*hdev
)
532 struct hci_cp_write_le_host_supported cp
;
534 memset(&cp
, 0, sizeof(cp
));
538 cp
.simul
= !!(hdev
->features
[6] & LMP_SIMUL_LE_BR
);
541 hci_send_cmd(hdev
, HCI_OP_WRITE_LE_HOST_SUPPORTED
, sizeof(cp
), &cp
);
544 static void hci_setup(struct hci_dev
*hdev
)
546 hci_setup_event_mask(hdev
);
548 if (hdev
->lmp_ver
> 1)
549 hci_send_cmd(hdev
, HCI_OP_READ_LOCAL_COMMANDS
, 0, NULL
);
551 if (hdev
->features
[6] & LMP_SIMPLE_PAIR
) {
553 hci_send_cmd(hdev
, HCI_OP_WRITE_SSP_MODE
, sizeof(mode
), &mode
);
556 if (hdev
->features
[3] & LMP_RSSI_INQ
)
557 hci_setup_inquiry_mode(hdev
);
559 if (hdev
->features
[7] & LMP_INQ_TX_PWR
)
560 hci_send_cmd(hdev
, HCI_OP_READ_INQ_RSP_TX_POWER
, 0, NULL
);
562 if (hdev
->features
[7] & LMP_EXTFEATURES
) {
563 struct hci_cp_read_local_ext_features cp
;
566 hci_send_cmd(hdev
, HCI_OP_READ_LOCAL_EXT_FEATURES
,
570 if (hdev
->features
[4] & LMP_LE
)
571 hci_set_le_support(hdev
);
574 static void hci_cc_read_local_version(struct hci_dev
*hdev
, struct sk_buff
*skb
)
576 struct hci_rp_read_local_version
*rp
= (void *) skb
->data
;
578 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
583 hdev
->hci_ver
= rp
->hci_ver
;
584 hdev
->hci_rev
= __le16_to_cpu(rp
->hci_rev
);
585 hdev
->lmp_ver
= rp
->lmp_ver
;
586 hdev
->manufacturer
= __le16_to_cpu(rp
->manufacturer
);
587 hdev
->lmp_subver
= __le16_to_cpu(rp
->lmp_subver
);
589 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev
->name
,
591 hdev
->hci_ver
, hdev
->hci_rev
);
593 if (test_bit(HCI_INIT
, &hdev
->flags
))
597 static void hci_setup_link_policy(struct hci_dev
*hdev
)
601 if (hdev
->features
[0] & LMP_RSWITCH
)
602 link_policy
|= HCI_LP_RSWITCH
;
603 if (hdev
->features
[0] & LMP_HOLD
)
604 link_policy
|= HCI_LP_HOLD
;
605 if (hdev
->features
[0] & LMP_SNIFF
)
606 link_policy
|= HCI_LP_SNIFF
;
607 if (hdev
->features
[1] & LMP_PARK
)
608 link_policy
|= HCI_LP_PARK
;
610 link_policy
= cpu_to_le16(link_policy
);
611 hci_send_cmd(hdev
, HCI_OP_WRITE_DEF_LINK_POLICY
,
612 sizeof(link_policy
), &link_policy
);
615 static void hci_cc_read_local_commands(struct hci_dev
*hdev
, struct sk_buff
*skb
)
617 struct hci_rp_read_local_commands
*rp
= (void *) skb
->data
;
619 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
624 memcpy(hdev
->commands
, rp
->commands
, sizeof(hdev
->commands
));
626 if (test_bit(HCI_INIT
, &hdev
->flags
) && (hdev
->commands
[5] & 0x10))
627 hci_setup_link_policy(hdev
);
630 hci_req_complete(hdev
, HCI_OP_READ_LOCAL_COMMANDS
, rp
->status
);
633 static void hci_cc_read_local_features(struct hci_dev
*hdev
, struct sk_buff
*skb
)
635 struct hci_rp_read_local_features
*rp
= (void *) skb
->data
;
637 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
642 memcpy(hdev
->features
, rp
->features
, 8);
644 /* Adjust default settings according to features
645 * supported by device. */
647 if (hdev
->features
[0] & LMP_3SLOT
)
648 hdev
->pkt_type
|= (HCI_DM3
| HCI_DH3
);
650 if (hdev
->features
[0] & LMP_5SLOT
)
651 hdev
->pkt_type
|= (HCI_DM5
| HCI_DH5
);
653 if (hdev
->features
[1] & LMP_HV2
) {
654 hdev
->pkt_type
|= (HCI_HV2
);
655 hdev
->esco_type
|= (ESCO_HV2
);
658 if (hdev
->features
[1] & LMP_HV3
) {
659 hdev
->pkt_type
|= (HCI_HV3
);
660 hdev
->esco_type
|= (ESCO_HV3
);
663 if (hdev
->features
[3] & LMP_ESCO
)
664 hdev
->esco_type
|= (ESCO_EV3
);
666 if (hdev
->features
[4] & LMP_EV4
)
667 hdev
->esco_type
|= (ESCO_EV4
);
669 if (hdev
->features
[4] & LMP_EV5
)
670 hdev
->esco_type
|= (ESCO_EV5
);
672 if (hdev
->features
[5] & LMP_EDR_ESCO_2M
)
673 hdev
->esco_type
|= (ESCO_2EV3
);
675 if (hdev
->features
[5] & LMP_EDR_ESCO_3M
)
676 hdev
->esco_type
|= (ESCO_3EV3
);
678 if (hdev
->features
[5] & LMP_EDR_3S_ESCO
)
679 hdev
->esco_type
|= (ESCO_2EV5
| ESCO_3EV5
);
681 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev
->name
,
682 hdev
->features
[0], hdev
->features
[1],
683 hdev
->features
[2], hdev
->features
[3],
684 hdev
->features
[4], hdev
->features
[5],
685 hdev
->features
[6], hdev
->features
[7]);
688 static void hci_cc_read_local_ext_features(struct hci_dev
*hdev
,
691 struct hci_rp_read_local_ext_features
*rp
= (void *) skb
->data
;
693 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
698 memcpy(hdev
->extfeatures
, rp
->features
, 8);
700 hci_req_complete(hdev
, HCI_OP_READ_LOCAL_EXT_FEATURES
, rp
->status
);
703 static void hci_cc_read_buffer_size(struct hci_dev
*hdev
, struct sk_buff
*skb
)
705 struct hci_rp_read_buffer_size
*rp
= (void *) skb
->data
;
707 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
712 hdev
->acl_mtu
= __le16_to_cpu(rp
->acl_mtu
);
713 hdev
->sco_mtu
= rp
->sco_mtu
;
714 hdev
->acl_pkts
= __le16_to_cpu(rp
->acl_max_pkt
);
715 hdev
->sco_pkts
= __le16_to_cpu(rp
->sco_max_pkt
);
717 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE
, &hdev
->quirks
)) {
722 hdev
->acl_cnt
= hdev
->acl_pkts
;
723 hdev
->sco_cnt
= hdev
->sco_pkts
;
725 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev
->name
,
726 hdev
->acl_mtu
, hdev
->acl_pkts
,
727 hdev
->sco_mtu
, hdev
->sco_pkts
);
730 static void hci_cc_read_bd_addr(struct hci_dev
*hdev
, struct sk_buff
*skb
)
732 struct hci_rp_read_bd_addr
*rp
= (void *) skb
->data
;
734 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
737 bacpy(&hdev
->bdaddr
, &rp
->bdaddr
);
739 hci_req_complete(hdev
, HCI_OP_READ_BD_ADDR
, rp
->status
);
742 static void hci_cc_write_ca_timeout(struct hci_dev
*hdev
, struct sk_buff
*skb
)
744 __u8 status
= *((__u8
*) skb
->data
);
746 BT_DBG("%s status 0x%x", hdev
->name
, status
);
748 hci_req_complete(hdev
, HCI_OP_WRITE_CA_TIMEOUT
, status
);
751 static void hci_cc_delete_stored_link_key(struct hci_dev
*hdev
,
754 __u8 status
= *((__u8
*) skb
->data
);
756 BT_DBG("%s status 0x%x", hdev
->name
, status
);
758 hci_req_complete(hdev
, HCI_OP_DELETE_STORED_LINK_KEY
, status
);
761 static void hci_cc_set_event_mask(struct hci_dev
*hdev
, struct sk_buff
*skb
)
763 __u8 status
= *((__u8
*) skb
->data
);
765 BT_DBG("%s status 0x%x", hdev
->name
, status
);
767 hci_req_complete(hdev
, HCI_OP_SET_EVENT_MASK
, status
);
770 static void hci_cc_write_inquiry_mode(struct hci_dev
*hdev
,
773 __u8 status
= *((__u8
*) skb
->data
);
775 BT_DBG("%s status 0x%x", hdev
->name
, status
);
777 hci_req_complete(hdev
, HCI_OP_WRITE_INQUIRY_MODE
, status
);
780 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev
*hdev
,
783 __u8 status
= *((__u8
*) skb
->data
);
785 BT_DBG("%s status 0x%x", hdev
->name
, status
);
787 hci_req_complete(hdev
, HCI_OP_READ_INQ_RSP_TX_POWER
, status
);
790 static void hci_cc_set_event_flt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
792 __u8 status
= *((__u8
*) skb
->data
);
794 BT_DBG("%s status 0x%x", hdev
->name
, status
);
796 hci_req_complete(hdev
, HCI_OP_SET_EVENT_FLT
, status
);
799 static void hci_cc_pin_code_reply(struct hci_dev
*hdev
, struct sk_buff
*skb
)
801 struct hci_rp_pin_code_reply
*rp
= (void *) skb
->data
;
802 struct hci_cp_pin_code_reply
*cp
;
803 struct hci_conn
*conn
;
805 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
807 if (test_bit(HCI_MGMT
, &hdev
->flags
))
808 mgmt_pin_code_reply_complete(hdev
->id
, &rp
->bdaddr
, rp
->status
);
813 cp
= hci_sent_cmd_data(hdev
, HCI_OP_PIN_CODE_REPLY
);
817 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
819 conn
->pin_length
= cp
->pin_len
;
822 static void hci_cc_pin_code_neg_reply(struct hci_dev
*hdev
, struct sk_buff
*skb
)
824 struct hci_rp_pin_code_neg_reply
*rp
= (void *) skb
->data
;
826 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
828 if (test_bit(HCI_MGMT
, &hdev
->flags
))
829 mgmt_pin_code_neg_reply_complete(hdev
->id
, &rp
->bdaddr
,
832 static void hci_cc_le_read_buffer_size(struct hci_dev
*hdev
,
835 struct hci_rp_le_read_buffer_size
*rp
= (void *) skb
->data
;
837 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
842 hdev
->le_mtu
= __le16_to_cpu(rp
->le_mtu
);
843 hdev
->le_pkts
= rp
->le_max_pkt
;
845 hdev
->le_cnt
= hdev
->le_pkts
;
847 BT_DBG("%s le mtu %d:%d", hdev
->name
, hdev
->le_mtu
, hdev
->le_pkts
);
849 hci_req_complete(hdev
, HCI_OP_LE_READ_BUFFER_SIZE
, rp
->status
);
852 static void hci_cc_user_confirm_reply(struct hci_dev
*hdev
, struct sk_buff
*skb
)
854 struct hci_rp_user_confirm_reply
*rp
= (void *) skb
->data
;
856 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
858 if (test_bit(HCI_MGMT
, &hdev
->flags
))
859 mgmt_user_confirm_reply_complete(hdev
->id
, &rp
->bdaddr
,
863 static void hci_cc_user_confirm_neg_reply(struct hci_dev
*hdev
,
866 struct hci_rp_user_confirm_reply
*rp
= (void *) skb
->data
;
868 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
870 if (test_bit(HCI_MGMT
, &hdev
->flags
))
871 mgmt_user_confirm_neg_reply_complete(hdev
->id
, &rp
->bdaddr
,
875 static void hci_cc_read_local_oob_data_reply(struct hci_dev
*hdev
,
878 struct hci_rp_read_local_oob_data
*rp
= (void *) skb
->data
;
880 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
882 mgmt_read_local_oob_data_reply_complete(hdev
->id
, rp
->hash
,
883 rp
->randomizer
, rp
->status
);
886 static void hci_cc_le_set_scan_enable(struct hci_dev
*hdev
,
889 struct hci_cp_le_set_scan_enable
*cp
;
890 __u8 status
= *((__u8
*) skb
->data
);
892 BT_DBG("%s status 0x%x", hdev
->name
, status
);
897 cp
= hci_sent_cmd_data(hdev
, HCI_OP_LE_SET_SCAN_ENABLE
);
903 if (cp
->enable
== 0x01) {
904 del_timer(&hdev
->adv_timer
);
905 hci_adv_entries_clear(hdev
);
906 } else if (cp
->enable
== 0x00) {
907 mod_timer(&hdev
->adv_timer
, jiffies
+ ADV_CLEAR_TIMEOUT
);
910 hci_dev_unlock(hdev
);
913 static void hci_cc_le_ltk_reply(struct hci_dev
*hdev
, struct sk_buff
*skb
)
915 struct hci_rp_le_ltk_reply
*rp
= (void *) skb
->data
;
917 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
922 hci_req_complete(hdev
, HCI_OP_LE_LTK_REPLY
, rp
->status
);
925 static void hci_cc_le_ltk_neg_reply(struct hci_dev
*hdev
, struct sk_buff
*skb
)
927 struct hci_rp_le_ltk_neg_reply
*rp
= (void *) skb
->data
;
929 BT_DBG("%s status 0x%x", hdev
->name
, rp
->status
);
934 hci_req_complete(hdev
, HCI_OP_LE_LTK_NEG_REPLY
, rp
->status
);
937 static inline void hci_cc_write_le_host_supported(struct hci_dev
*hdev
,
940 struct hci_cp_read_local_ext_features cp
;
941 __u8 status
= *((__u8
*) skb
->data
);
943 BT_DBG("%s status 0x%x", hdev
->name
, status
);
949 hci_send_cmd(hdev
, HCI_OP_READ_LOCAL_EXT_FEATURES
, sizeof(cp
), &cp
);
952 static inline void hci_cs_inquiry(struct hci_dev
*hdev
, __u8 status
)
954 BT_DBG("%s status 0x%x", hdev
->name
, status
);
957 hci_req_complete(hdev
, HCI_OP_INQUIRY
, status
);
958 hci_conn_check_pending(hdev
);
962 if (!test_and_set_bit(HCI_INQUIRY
, &hdev
->flags
) &&
963 test_bit(HCI_MGMT
, &hdev
->flags
))
964 mgmt_discovering(hdev
->id
, 1);
967 static inline void hci_cs_create_conn(struct hci_dev
*hdev
, __u8 status
)
969 struct hci_cp_create_conn
*cp
;
970 struct hci_conn
*conn
;
972 BT_DBG("%s status 0x%x", hdev
->name
, status
);
974 cp
= hci_sent_cmd_data(hdev
, HCI_OP_CREATE_CONN
);
980 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
982 BT_DBG("%s bdaddr %s conn %p", hdev
->name
, batostr(&cp
->bdaddr
), conn
);
985 if (conn
&& conn
->state
== BT_CONNECT
) {
986 if (status
!= 0x0c || conn
->attempt
> 2) {
987 conn
->state
= BT_CLOSED
;
988 hci_proto_connect_cfm(conn
, status
);
991 conn
->state
= BT_CONNECT2
;
995 conn
= hci_conn_add(hdev
, ACL_LINK
, &cp
->bdaddr
);
998 conn
->link_mode
|= HCI_LM_MASTER
;
1000 BT_ERR("No memory for new connection");
1004 hci_dev_unlock(hdev
);
1007 static void hci_cs_add_sco(struct hci_dev
*hdev
, __u8 status
)
1009 struct hci_cp_add_sco
*cp
;
1010 struct hci_conn
*acl
, *sco
;
1013 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1018 cp
= hci_sent_cmd_data(hdev
, HCI_OP_ADD_SCO
);
1022 handle
= __le16_to_cpu(cp
->handle
);
1024 BT_DBG("%s handle %d", hdev
->name
, handle
);
1028 acl
= hci_conn_hash_lookup_handle(hdev
, handle
);
1032 sco
->state
= BT_CLOSED
;
1034 hci_proto_connect_cfm(sco
, status
);
1039 hci_dev_unlock(hdev
);
1042 static void hci_cs_auth_requested(struct hci_dev
*hdev
, __u8 status
)
1044 struct hci_cp_auth_requested
*cp
;
1045 struct hci_conn
*conn
;
1047 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1052 cp
= hci_sent_cmd_data(hdev
, HCI_OP_AUTH_REQUESTED
);
1058 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
1060 if (conn
->state
== BT_CONFIG
) {
1061 hci_proto_connect_cfm(conn
, status
);
1066 hci_dev_unlock(hdev
);
1069 static void hci_cs_set_conn_encrypt(struct hci_dev
*hdev
, __u8 status
)
1071 struct hci_cp_set_conn_encrypt
*cp
;
1072 struct hci_conn
*conn
;
1074 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1079 cp
= hci_sent_cmd_data(hdev
, HCI_OP_SET_CONN_ENCRYPT
);
1085 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
1087 if (conn
->state
== BT_CONFIG
) {
1088 hci_proto_connect_cfm(conn
, status
);
1093 hci_dev_unlock(hdev
);
1096 static int hci_outgoing_auth_needed(struct hci_dev
*hdev
,
1097 struct hci_conn
*conn
)
1099 if (conn
->state
!= BT_CONFIG
|| !conn
->out
)
1102 if (conn
->pending_sec_level
== BT_SECURITY_SDP
)
1105 /* Only request authentication for SSP connections or non-SSP
1106 * devices with sec_level HIGH */
1107 if (!(hdev
->ssp_mode
> 0 && conn
->ssp_mode
> 0) &&
1108 conn
->pending_sec_level
!= BT_SECURITY_HIGH
)
1114 static void hci_cs_remote_name_req(struct hci_dev
*hdev
, __u8 status
)
1116 struct hci_cp_remote_name_req
*cp
;
1117 struct hci_conn
*conn
;
1119 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1121 /* If successful wait for the name req complete event before
1122 * checking for the need to do authentication */
1126 cp
= hci_sent_cmd_data(hdev
, HCI_OP_REMOTE_NAME_REQ
);
1132 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
1136 if (!hci_outgoing_auth_needed(hdev
, conn
))
1139 if (!test_and_set_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
)) {
1140 struct hci_cp_auth_requested cp
;
1141 cp
.handle
= __cpu_to_le16(conn
->handle
);
1142 hci_send_cmd(hdev
, HCI_OP_AUTH_REQUESTED
, sizeof(cp
), &cp
);
1146 hci_dev_unlock(hdev
);
1149 static void hci_cs_read_remote_features(struct hci_dev
*hdev
, __u8 status
)
1151 struct hci_cp_read_remote_features
*cp
;
1152 struct hci_conn
*conn
;
1154 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1159 cp
= hci_sent_cmd_data(hdev
, HCI_OP_READ_REMOTE_FEATURES
);
1165 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
1167 if (conn
->state
== BT_CONFIG
) {
1168 hci_proto_connect_cfm(conn
, status
);
1173 hci_dev_unlock(hdev
);
1176 static void hci_cs_read_remote_ext_features(struct hci_dev
*hdev
, __u8 status
)
1178 struct hci_cp_read_remote_ext_features
*cp
;
1179 struct hci_conn
*conn
;
1181 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1186 cp
= hci_sent_cmd_data(hdev
, HCI_OP_READ_REMOTE_EXT_FEATURES
);
1192 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
1194 if (conn
->state
== BT_CONFIG
) {
1195 hci_proto_connect_cfm(conn
, status
);
1200 hci_dev_unlock(hdev
);
1203 static void hci_cs_setup_sync_conn(struct hci_dev
*hdev
, __u8 status
)
1205 struct hci_cp_setup_sync_conn
*cp
;
1206 struct hci_conn
*acl
, *sco
;
1209 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1214 cp
= hci_sent_cmd_data(hdev
, HCI_OP_SETUP_SYNC_CONN
);
1218 handle
= __le16_to_cpu(cp
->handle
);
1220 BT_DBG("%s handle %d", hdev
->name
, handle
);
1224 acl
= hci_conn_hash_lookup_handle(hdev
, handle
);
1228 sco
->state
= BT_CLOSED
;
1230 hci_proto_connect_cfm(sco
, status
);
1235 hci_dev_unlock(hdev
);
1238 static void hci_cs_sniff_mode(struct hci_dev
*hdev
, __u8 status
)
1240 struct hci_cp_sniff_mode
*cp
;
1241 struct hci_conn
*conn
;
1243 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1248 cp
= hci_sent_cmd_data(hdev
, HCI_OP_SNIFF_MODE
);
1254 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
1256 clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
);
1258 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND
, &conn
->pend
))
1259 hci_sco_setup(conn
, status
);
1262 hci_dev_unlock(hdev
);
1265 static void hci_cs_exit_sniff_mode(struct hci_dev
*hdev
, __u8 status
)
1267 struct hci_cp_exit_sniff_mode
*cp
;
1268 struct hci_conn
*conn
;
1270 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1275 cp
= hci_sent_cmd_data(hdev
, HCI_OP_EXIT_SNIFF_MODE
);
1281 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
1283 clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
);
1285 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND
, &conn
->pend
))
1286 hci_sco_setup(conn
, status
);
1289 hci_dev_unlock(hdev
);
1292 static void hci_cs_le_create_conn(struct hci_dev
*hdev
, __u8 status
)
1294 struct hci_cp_le_create_conn
*cp
;
1295 struct hci_conn
*conn
;
1297 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1299 cp
= hci_sent_cmd_data(hdev
, HCI_OP_LE_CREATE_CONN
);
1305 conn
= hci_conn_hash_lookup_ba(hdev
, LE_LINK
, &cp
->peer_addr
);
1307 BT_DBG("%s bdaddr %s conn %p", hdev
->name
, batostr(&cp
->peer_addr
),
1311 if (conn
&& conn
->state
== BT_CONNECT
) {
1312 conn
->state
= BT_CLOSED
;
1313 hci_proto_connect_cfm(conn
, status
);
1318 conn
= hci_conn_add(hdev
, LE_LINK
, &cp
->peer_addr
);
1320 conn
->dst_type
= cp
->peer_addr_type
;
1323 BT_ERR("No memory for new connection");
1328 hci_dev_unlock(hdev
);
1331 static void hci_cs_le_start_enc(struct hci_dev
*hdev
, u8 status
)
1333 BT_DBG("%s status 0x%x", hdev
->name
, status
);
1336 static inline void hci_inquiry_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1338 __u8 status
= *((__u8
*) skb
->data
);
1340 BT_DBG("%s status %d", hdev
->name
, status
);
1342 if (test_and_clear_bit(HCI_INQUIRY
, &hdev
->flags
) &&
1343 test_bit(HCI_MGMT
, &hdev
->flags
))
1344 mgmt_discovering(hdev
->id
, 0);
1346 hci_req_complete(hdev
, HCI_OP_INQUIRY
, status
);
1348 hci_conn_check_pending(hdev
);
1351 static inline void hci_inquiry_result_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1353 struct inquiry_data data
;
1354 struct inquiry_info
*info
= (void *) (skb
->data
+ 1);
1355 int num_rsp
= *((__u8
*) skb
->data
);
1357 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
1364 if (!test_and_set_bit(HCI_INQUIRY
, &hdev
->flags
)) {
1366 if (test_bit(HCI_MGMT
, &hdev
->flags
))
1367 mgmt_discovering(hdev
->id
, 1);
1370 for (; num_rsp
; num_rsp
--, info
++) {
1371 bacpy(&data
.bdaddr
, &info
->bdaddr
);
1372 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
1373 data
.pscan_period_mode
= info
->pscan_period_mode
;
1374 data
.pscan_mode
= info
->pscan_mode
;
1375 memcpy(data
.dev_class
, info
->dev_class
, 3);
1376 data
.clock_offset
= info
->clock_offset
;
1378 data
.ssp_mode
= 0x00;
1379 hci_inquiry_cache_update(hdev
, &data
);
1380 mgmt_device_found(hdev
->id
, &info
->bdaddr
, info
->dev_class
, 0,
1384 hci_dev_unlock(hdev
);
1387 static inline void hci_conn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1389 struct hci_ev_conn_complete
*ev
= (void *) skb
->data
;
1390 struct hci_conn
*conn
;
1392 BT_DBG("%s", hdev
->name
);
1396 conn
= hci_conn_hash_lookup_ba(hdev
, ev
->link_type
, &ev
->bdaddr
);
1398 if (ev
->link_type
!= SCO_LINK
)
1401 conn
= hci_conn_hash_lookup_ba(hdev
, ESCO_LINK
, &ev
->bdaddr
);
1405 conn
->type
= SCO_LINK
;
1409 conn
->handle
= __le16_to_cpu(ev
->handle
);
1411 if (conn
->type
== ACL_LINK
) {
1412 conn
->state
= BT_CONFIG
;
1413 hci_conn_hold(conn
);
1414 conn
->disc_timeout
= HCI_DISCONN_TIMEOUT
;
1415 mgmt_connected(hdev
->id
, &ev
->bdaddr
);
1417 conn
->state
= BT_CONNECTED
;
1419 hci_conn_hold_device(conn
);
1420 hci_conn_add_sysfs(conn
);
1422 if (test_bit(HCI_AUTH
, &hdev
->flags
))
1423 conn
->link_mode
|= HCI_LM_AUTH
;
1425 if (test_bit(HCI_ENCRYPT
, &hdev
->flags
))
1426 conn
->link_mode
|= HCI_LM_ENCRYPT
;
1428 /* Get remote features */
1429 if (conn
->type
== ACL_LINK
) {
1430 struct hci_cp_read_remote_features cp
;
1431 cp
.handle
= ev
->handle
;
1432 hci_send_cmd(hdev
, HCI_OP_READ_REMOTE_FEATURES
,
1436 /* Set packet type for incoming connection */
1437 if (!conn
->out
&& hdev
->hci_ver
< 3) {
1438 struct hci_cp_change_conn_ptype cp
;
1439 cp
.handle
= ev
->handle
;
1440 cp
.pkt_type
= cpu_to_le16(conn
->pkt_type
);
1441 hci_send_cmd(hdev
, HCI_OP_CHANGE_CONN_PTYPE
,
1445 conn
->state
= BT_CLOSED
;
1446 if (conn
->type
== ACL_LINK
)
1447 mgmt_connect_failed(hdev
->id
, &ev
->bdaddr
, ev
->status
);
1450 if (conn
->type
== ACL_LINK
)
1451 hci_sco_setup(conn
, ev
->status
);
1454 hci_proto_connect_cfm(conn
, ev
->status
);
1456 } else if (ev
->link_type
!= ACL_LINK
)
1457 hci_proto_connect_cfm(conn
, ev
->status
);
1460 hci_dev_unlock(hdev
);
1462 hci_conn_check_pending(hdev
);
1465 static inline void hci_conn_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1467 struct hci_ev_conn_request
*ev
= (void *) skb
->data
;
1468 int mask
= hdev
->link_mode
;
1470 BT_DBG("%s bdaddr %s type 0x%x", hdev
->name
,
1471 batostr(&ev
->bdaddr
), ev
->link_type
);
1473 mask
|= hci_proto_connect_ind(hdev
, &ev
->bdaddr
, ev
->link_type
);
1475 if ((mask
& HCI_LM_ACCEPT
) &&
1476 !hci_blacklist_lookup(hdev
, &ev
->bdaddr
)) {
1477 /* Connection accepted */
1478 struct inquiry_entry
*ie
;
1479 struct hci_conn
*conn
;
1483 ie
= hci_inquiry_cache_lookup(hdev
, &ev
->bdaddr
);
1485 memcpy(ie
->data
.dev_class
, ev
->dev_class
, 3);
1487 conn
= hci_conn_hash_lookup_ba(hdev
, ev
->link_type
, &ev
->bdaddr
);
1489 conn
= hci_conn_add(hdev
, ev
->link_type
, &ev
->bdaddr
);
1491 BT_ERR("No memory for new connection");
1492 hci_dev_unlock(hdev
);
1497 memcpy(conn
->dev_class
, ev
->dev_class
, 3);
1498 conn
->state
= BT_CONNECT
;
1500 hci_dev_unlock(hdev
);
1502 if (ev
->link_type
== ACL_LINK
|| !lmp_esco_capable(hdev
)) {
1503 struct hci_cp_accept_conn_req cp
;
1505 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
1507 if (lmp_rswitch_capable(hdev
) && (mask
& HCI_LM_MASTER
))
1508 cp
.role
= 0x00; /* Become master */
1510 cp
.role
= 0x01; /* Remain slave */
1512 hci_send_cmd(hdev
, HCI_OP_ACCEPT_CONN_REQ
,
1515 struct hci_cp_accept_sync_conn_req cp
;
1517 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
1518 cp
.pkt_type
= cpu_to_le16(conn
->pkt_type
);
1520 cp
.tx_bandwidth
= cpu_to_le32(0x00001f40);
1521 cp
.rx_bandwidth
= cpu_to_le32(0x00001f40);
1522 cp
.max_latency
= cpu_to_le16(0xffff);
1523 cp
.content_format
= cpu_to_le16(hdev
->voice_setting
);
1524 cp
.retrans_effort
= 0xff;
1526 hci_send_cmd(hdev
, HCI_OP_ACCEPT_SYNC_CONN_REQ
,
1530 /* Connection rejected */
1531 struct hci_cp_reject_conn_req cp
;
1533 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
1535 hci_send_cmd(hdev
, HCI_OP_REJECT_CONN_REQ
, sizeof(cp
), &cp
);
1539 static inline void hci_disconn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1541 struct hci_ev_disconn_complete
*ev
= (void *) skb
->data
;
1542 struct hci_conn
*conn
;
1544 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1547 mgmt_disconnect_failed(hdev
->id
);
1553 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1557 conn
->state
= BT_CLOSED
;
1559 if (conn
->type
== ACL_LINK
|| conn
->type
== LE_LINK
)
1560 mgmt_disconnected(hdev
->id
, &conn
->dst
);
1562 hci_proto_disconn_cfm(conn
, ev
->reason
);
1566 hci_dev_unlock(hdev
);
1569 static inline void hci_auth_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1571 struct hci_ev_auth_complete
*ev
= (void *) skb
->data
;
1572 struct hci_conn
*conn
;
1574 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1578 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1583 if (!(conn
->ssp_mode
> 0 && hdev
->ssp_mode
> 0) &&
1584 test_bit(HCI_CONN_REAUTH_PEND
, &conn
->pend
)) {
1585 BT_INFO("re-auth of legacy device is not possible.");
1587 conn
->link_mode
|= HCI_LM_AUTH
;
1588 conn
->sec_level
= conn
->pending_sec_level
;
1591 mgmt_auth_failed(hdev
->id
, &conn
->dst
, ev
->status
);
1594 clear_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
);
1595 clear_bit(HCI_CONN_REAUTH_PEND
, &conn
->pend
);
1597 if (conn
->state
== BT_CONFIG
) {
1598 if (!ev
->status
&& hdev
->ssp_mode
> 0 && conn
->ssp_mode
> 0) {
1599 struct hci_cp_set_conn_encrypt cp
;
1600 cp
.handle
= ev
->handle
;
1602 hci_send_cmd(hdev
, HCI_OP_SET_CONN_ENCRYPT
, sizeof(cp
),
1605 conn
->state
= BT_CONNECTED
;
1606 hci_proto_connect_cfm(conn
, ev
->status
);
1610 hci_auth_cfm(conn
, ev
->status
);
1612 hci_conn_hold(conn
);
1613 conn
->disc_timeout
= HCI_DISCONN_TIMEOUT
;
1617 if (test_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
)) {
1619 struct hci_cp_set_conn_encrypt cp
;
1620 cp
.handle
= ev
->handle
;
1622 hci_send_cmd(hdev
, HCI_OP_SET_CONN_ENCRYPT
, sizeof(cp
),
1625 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
);
1626 hci_encrypt_cfm(conn
, ev
->status
, 0x00);
1631 hci_dev_unlock(hdev
);
1634 static inline void hci_remote_name_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1636 struct hci_ev_remote_name
*ev
= (void *) skb
->data
;
1637 struct hci_conn
*conn
;
1639 BT_DBG("%s", hdev
->name
);
1641 hci_conn_check_pending(hdev
);
1645 if (ev
->status
== 0 && test_bit(HCI_MGMT
, &hdev
->flags
))
1646 mgmt_remote_name(hdev
->id
, &ev
->bdaddr
, ev
->name
);
1648 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
1652 if (!hci_outgoing_auth_needed(hdev
, conn
))
1655 if (!test_and_set_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
)) {
1656 struct hci_cp_auth_requested cp
;
1657 cp
.handle
= __cpu_to_le16(conn
->handle
);
1658 hci_send_cmd(hdev
, HCI_OP_AUTH_REQUESTED
, sizeof(cp
), &cp
);
1662 hci_dev_unlock(hdev
);
1665 static inline void hci_encrypt_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1667 struct hci_ev_encrypt_change
*ev
= (void *) skb
->data
;
1668 struct hci_conn
*conn
;
1670 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1674 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1678 /* Encryption implies authentication */
1679 conn
->link_mode
|= HCI_LM_AUTH
;
1680 conn
->link_mode
|= HCI_LM_ENCRYPT
;
1681 conn
->sec_level
= conn
->pending_sec_level
;
1683 conn
->link_mode
&= ~HCI_LM_ENCRYPT
;
1686 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
);
1688 if (conn
->state
== BT_CONFIG
) {
1690 conn
->state
= BT_CONNECTED
;
1692 hci_proto_connect_cfm(conn
, ev
->status
);
1695 hci_encrypt_cfm(conn
, ev
->status
, ev
->encrypt
);
1698 hci_dev_unlock(hdev
);
1701 static inline void hci_change_link_key_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1703 struct hci_ev_change_link_key_complete
*ev
= (void *) skb
->data
;
1704 struct hci_conn
*conn
;
1706 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1710 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1713 conn
->link_mode
|= HCI_LM_SECURE
;
1715 clear_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
);
1717 hci_key_change_cfm(conn
, ev
->status
);
1720 hci_dev_unlock(hdev
);
1723 static inline void hci_remote_features_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1725 struct hci_ev_remote_features
*ev
= (void *) skb
->data
;
1726 struct hci_conn
*conn
;
1728 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1732 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1737 memcpy(conn
->features
, ev
->features
, 8);
1739 if (conn
->state
!= BT_CONFIG
)
1742 if (!ev
->status
&& lmp_ssp_capable(hdev
) && lmp_ssp_capable(conn
)) {
1743 struct hci_cp_read_remote_ext_features cp
;
1744 cp
.handle
= ev
->handle
;
1746 hci_send_cmd(hdev
, HCI_OP_READ_REMOTE_EXT_FEATURES
,
1752 struct hci_cp_remote_name_req cp
;
1753 memset(&cp
, 0, sizeof(cp
));
1754 bacpy(&cp
.bdaddr
, &conn
->dst
);
1755 cp
.pscan_rep_mode
= 0x02;
1756 hci_send_cmd(hdev
, HCI_OP_REMOTE_NAME_REQ
, sizeof(cp
), &cp
);
1759 if (!hci_outgoing_auth_needed(hdev
, conn
)) {
1760 conn
->state
= BT_CONNECTED
;
1761 hci_proto_connect_cfm(conn
, ev
->status
);
1766 hci_dev_unlock(hdev
);
1769 static inline void hci_remote_version_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1771 BT_DBG("%s", hdev
->name
);
1774 static inline void hci_qos_setup_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1776 BT_DBG("%s", hdev
->name
);
1779 static inline void hci_cmd_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1781 struct hci_ev_cmd_complete
*ev
= (void *) skb
->data
;
1784 skb_pull(skb
, sizeof(*ev
));
1786 opcode
= __le16_to_cpu(ev
->opcode
);
1789 case HCI_OP_INQUIRY_CANCEL
:
1790 hci_cc_inquiry_cancel(hdev
, skb
);
1793 case HCI_OP_EXIT_PERIODIC_INQ
:
1794 hci_cc_exit_periodic_inq(hdev
, skb
);
1797 case HCI_OP_REMOTE_NAME_REQ_CANCEL
:
1798 hci_cc_remote_name_req_cancel(hdev
, skb
);
1801 case HCI_OP_ROLE_DISCOVERY
:
1802 hci_cc_role_discovery(hdev
, skb
);
1805 case HCI_OP_READ_LINK_POLICY
:
1806 hci_cc_read_link_policy(hdev
, skb
);
1809 case HCI_OP_WRITE_LINK_POLICY
:
1810 hci_cc_write_link_policy(hdev
, skb
);
1813 case HCI_OP_READ_DEF_LINK_POLICY
:
1814 hci_cc_read_def_link_policy(hdev
, skb
);
1817 case HCI_OP_WRITE_DEF_LINK_POLICY
:
1818 hci_cc_write_def_link_policy(hdev
, skb
);
1822 hci_cc_reset(hdev
, skb
);
1825 case HCI_OP_WRITE_LOCAL_NAME
:
1826 hci_cc_write_local_name(hdev
, skb
);
1829 case HCI_OP_READ_LOCAL_NAME
:
1830 hci_cc_read_local_name(hdev
, skb
);
1833 case HCI_OP_WRITE_AUTH_ENABLE
:
1834 hci_cc_write_auth_enable(hdev
, skb
);
1837 case HCI_OP_WRITE_ENCRYPT_MODE
:
1838 hci_cc_write_encrypt_mode(hdev
, skb
);
1841 case HCI_OP_WRITE_SCAN_ENABLE
:
1842 hci_cc_write_scan_enable(hdev
, skb
);
1845 case HCI_OP_READ_CLASS_OF_DEV
:
1846 hci_cc_read_class_of_dev(hdev
, skb
);
1849 case HCI_OP_WRITE_CLASS_OF_DEV
:
1850 hci_cc_write_class_of_dev(hdev
, skb
);
1853 case HCI_OP_READ_VOICE_SETTING
:
1854 hci_cc_read_voice_setting(hdev
, skb
);
1857 case HCI_OP_WRITE_VOICE_SETTING
:
1858 hci_cc_write_voice_setting(hdev
, skb
);
1861 case HCI_OP_HOST_BUFFER_SIZE
:
1862 hci_cc_host_buffer_size(hdev
, skb
);
1865 case HCI_OP_READ_SSP_MODE
:
1866 hci_cc_read_ssp_mode(hdev
, skb
);
1869 case HCI_OP_WRITE_SSP_MODE
:
1870 hci_cc_write_ssp_mode(hdev
, skb
);
1873 case HCI_OP_READ_LOCAL_VERSION
:
1874 hci_cc_read_local_version(hdev
, skb
);
1877 case HCI_OP_READ_LOCAL_COMMANDS
:
1878 hci_cc_read_local_commands(hdev
, skb
);
1881 case HCI_OP_READ_LOCAL_FEATURES
:
1882 hci_cc_read_local_features(hdev
, skb
);
1885 case HCI_OP_READ_LOCAL_EXT_FEATURES
:
1886 hci_cc_read_local_ext_features(hdev
, skb
);
1889 case HCI_OP_READ_BUFFER_SIZE
:
1890 hci_cc_read_buffer_size(hdev
, skb
);
1893 case HCI_OP_READ_BD_ADDR
:
1894 hci_cc_read_bd_addr(hdev
, skb
);
1897 case HCI_OP_WRITE_CA_TIMEOUT
:
1898 hci_cc_write_ca_timeout(hdev
, skb
);
1901 case HCI_OP_DELETE_STORED_LINK_KEY
:
1902 hci_cc_delete_stored_link_key(hdev
, skb
);
1905 case HCI_OP_SET_EVENT_MASK
:
1906 hci_cc_set_event_mask(hdev
, skb
);
1909 case HCI_OP_WRITE_INQUIRY_MODE
:
1910 hci_cc_write_inquiry_mode(hdev
, skb
);
1913 case HCI_OP_READ_INQ_RSP_TX_POWER
:
1914 hci_cc_read_inq_rsp_tx_power(hdev
, skb
);
1917 case HCI_OP_SET_EVENT_FLT
:
1918 hci_cc_set_event_flt(hdev
, skb
);
1921 case HCI_OP_PIN_CODE_REPLY
:
1922 hci_cc_pin_code_reply(hdev
, skb
);
1925 case HCI_OP_PIN_CODE_NEG_REPLY
:
1926 hci_cc_pin_code_neg_reply(hdev
, skb
);
1929 case HCI_OP_READ_LOCAL_OOB_DATA
:
1930 hci_cc_read_local_oob_data_reply(hdev
, skb
);
1933 case HCI_OP_LE_READ_BUFFER_SIZE
:
1934 hci_cc_le_read_buffer_size(hdev
, skb
);
1937 case HCI_OP_USER_CONFIRM_REPLY
:
1938 hci_cc_user_confirm_reply(hdev
, skb
);
1941 case HCI_OP_USER_CONFIRM_NEG_REPLY
:
1942 hci_cc_user_confirm_neg_reply(hdev
, skb
);
1945 case HCI_OP_LE_SET_SCAN_ENABLE
:
1946 hci_cc_le_set_scan_enable(hdev
, skb
);
1949 case HCI_OP_LE_LTK_REPLY
:
1950 hci_cc_le_ltk_reply(hdev
, skb
);
1953 case HCI_OP_LE_LTK_NEG_REPLY
:
1954 hci_cc_le_ltk_neg_reply(hdev
, skb
);
1957 case HCI_OP_WRITE_LE_HOST_SUPPORTED
:
1958 hci_cc_write_le_host_supported(hdev
, skb
);
1962 BT_DBG("%s opcode 0x%x", hdev
->name
, opcode
);
1966 if (ev
->opcode
!= HCI_OP_NOP
)
1967 del_timer(&hdev
->cmd_timer
);
1970 atomic_set(&hdev
->cmd_cnt
, 1);
1971 if (!skb_queue_empty(&hdev
->cmd_q
))
1972 tasklet_schedule(&hdev
->cmd_task
);
1976 static inline void hci_cmd_status_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1978 struct hci_ev_cmd_status
*ev
= (void *) skb
->data
;
1981 skb_pull(skb
, sizeof(*ev
));
1983 opcode
= __le16_to_cpu(ev
->opcode
);
1986 case HCI_OP_INQUIRY
:
1987 hci_cs_inquiry(hdev
, ev
->status
);
1990 case HCI_OP_CREATE_CONN
:
1991 hci_cs_create_conn(hdev
, ev
->status
);
1994 case HCI_OP_ADD_SCO
:
1995 hci_cs_add_sco(hdev
, ev
->status
);
1998 case HCI_OP_AUTH_REQUESTED
:
1999 hci_cs_auth_requested(hdev
, ev
->status
);
2002 case HCI_OP_SET_CONN_ENCRYPT
:
2003 hci_cs_set_conn_encrypt(hdev
, ev
->status
);
2006 case HCI_OP_REMOTE_NAME_REQ
:
2007 hci_cs_remote_name_req(hdev
, ev
->status
);
2010 case HCI_OP_READ_REMOTE_FEATURES
:
2011 hci_cs_read_remote_features(hdev
, ev
->status
);
2014 case HCI_OP_READ_REMOTE_EXT_FEATURES
:
2015 hci_cs_read_remote_ext_features(hdev
, ev
->status
);
2018 case HCI_OP_SETUP_SYNC_CONN
:
2019 hci_cs_setup_sync_conn(hdev
, ev
->status
);
2022 case HCI_OP_SNIFF_MODE
:
2023 hci_cs_sniff_mode(hdev
, ev
->status
);
2026 case HCI_OP_EXIT_SNIFF_MODE
:
2027 hci_cs_exit_sniff_mode(hdev
, ev
->status
);
2030 case HCI_OP_DISCONNECT
:
2031 if (ev
->status
!= 0)
2032 mgmt_disconnect_failed(hdev
->id
);
2035 case HCI_OP_LE_CREATE_CONN
:
2036 hci_cs_le_create_conn(hdev
, ev
->status
);
2039 case HCI_OP_LE_START_ENC
:
2040 hci_cs_le_start_enc(hdev
, ev
->status
);
2044 BT_DBG("%s opcode 0x%x", hdev
->name
, opcode
);
2048 if (ev
->opcode
!= HCI_OP_NOP
)
2049 del_timer(&hdev
->cmd_timer
);
2051 if (ev
->ncmd
&& !test_bit(HCI_RESET
, &hdev
->flags
)) {
2052 atomic_set(&hdev
->cmd_cnt
, 1);
2053 if (!skb_queue_empty(&hdev
->cmd_q
))
2054 tasklet_schedule(&hdev
->cmd_task
);
2058 static inline void hci_role_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2060 struct hci_ev_role_change
*ev
= (void *) skb
->data
;
2061 struct hci_conn
*conn
;
2063 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
2067 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2071 conn
->link_mode
&= ~HCI_LM_MASTER
;
2073 conn
->link_mode
|= HCI_LM_MASTER
;
2076 clear_bit(HCI_CONN_RSWITCH_PEND
, &conn
->pend
);
2078 hci_role_switch_cfm(conn
, ev
->status
, ev
->role
);
2081 hci_dev_unlock(hdev
);
2084 static inline void hci_num_comp_pkts_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2086 struct hci_ev_num_comp_pkts
*ev
= (void *) skb
->data
;
2090 skb_pull(skb
, sizeof(*ev
));
2092 BT_DBG("%s num_hndl %d", hdev
->name
, ev
->num_hndl
);
2094 if (skb
->len
< ev
->num_hndl
* 4) {
2095 BT_DBG("%s bad parameters", hdev
->name
);
2099 tasklet_disable(&hdev
->tx_task
);
2101 for (i
= 0, ptr
= (__le16
*) skb
->data
; i
< ev
->num_hndl
; i
++) {
2102 struct hci_conn
*conn
;
2103 __u16 handle
, count
;
2105 handle
= get_unaligned_le16(ptr
++);
2106 count
= get_unaligned_le16(ptr
++);
2108 conn
= hci_conn_hash_lookup_handle(hdev
, handle
);
2110 conn
->sent
-= count
;
2112 if (conn
->type
== ACL_LINK
) {
2113 hdev
->acl_cnt
+= count
;
2114 if (hdev
->acl_cnt
> hdev
->acl_pkts
)
2115 hdev
->acl_cnt
= hdev
->acl_pkts
;
2116 } else if (conn
->type
== LE_LINK
) {
2117 if (hdev
->le_pkts
) {
2118 hdev
->le_cnt
+= count
;
2119 if (hdev
->le_cnt
> hdev
->le_pkts
)
2120 hdev
->le_cnt
= hdev
->le_pkts
;
2122 hdev
->acl_cnt
+= count
;
2123 if (hdev
->acl_cnt
> hdev
->acl_pkts
)
2124 hdev
->acl_cnt
= hdev
->acl_pkts
;
2127 hdev
->sco_cnt
+= count
;
2128 if (hdev
->sco_cnt
> hdev
->sco_pkts
)
2129 hdev
->sco_cnt
= hdev
->sco_pkts
;
2134 tasklet_schedule(&hdev
->tx_task
);
2136 tasklet_enable(&hdev
->tx_task
);
2139 static inline void hci_mode_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2141 struct hci_ev_mode_change
*ev
= (void *) skb
->data
;
2142 struct hci_conn
*conn
;
2144 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
2148 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
2150 conn
->mode
= ev
->mode
;
2151 conn
->interval
= __le16_to_cpu(ev
->interval
);
2153 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
)) {
2154 if (conn
->mode
== HCI_CM_ACTIVE
)
2155 conn
->power_save
= 1;
2157 conn
->power_save
= 0;
2160 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND
, &conn
->pend
))
2161 hci_sco_setup(conn
, ev
->status
);
2164 hci_dev_unlock(hdev
);
2167 static inline void hci_pin_code_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2169 struct hci_ev_pin_code_req
*ev
= (void *) skb
->data
;
2170 struct hci_conn
*conn
;
2172 BT_DBG("%s", hdev
->name
);
2176 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2177 if (conn
&& conn
->state
== BT_CONNECTED
) {
2178 hci_conn_hold(conn
);
2179 conn
->disc_timeout
= HCI_PAIRING_TIMEOUT
;
2183 if (!test_bit(HCI_PAIRABLE
, &hdev
->flags
))
2184 hci_send_cmd(hdev
, HCI_OP_PIN_CODE_NEG_REPLY
,
2185 sizeof(ev
->bdaddr
), &ev
->bdaddr
);
2186 else if (test_bit(HCI_MGMT
, &hdev
->flags
)) {
2189 if (conn
->pending_sec_level
== BT_SECURITY_HIGH
)
2194 mgmt_pin_code_request(hdev
->id
, &ev
->bdaddr
, secure
);
2197 hci_dev_unlock(hdev
);
2200 static inline void hci_link_key_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2202 struct hci_ev_link_key_req
*ev
= (void *) skb
->data
;
2203 struct hci_cp_link_key_reply cp
;
2204 struct hci_conn
*conn
;
2205 struct link_key
*key
;
2207 BT_DBG("%s", hdev
->name
);
2209 if (!test_bit(HCI_LINK_KEYS
, &hdev
->flags
))
2214 key
= hci_find_link_key(hdev
, &ev
->bdaddr
);
2216 BT_DBG("%s link key not found for %s", hdev
->name
,
2217 batostr(&ev
->bdaddr
));
2221 BT_DBG("%s found key type %u for %s", hdev
->name
, key
->type
,
2222 batostr(&ev
->bdaddr
));
2224 if (!test_bit(HCI_DEBUG_KEYS
, &hdev
->flags
) &&
2225 key
->type
== HCI_LK_DEBUG_COMBINATION
) {
2226 BT_DBG("%s ignoring debug key", hdev
->name
);
2230 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2232 if (key
->type
== HCI_LK_UNAUTH_COMBINATION
&&
2233 conn
->auth_type
!= 0xff &&
2234 (conn
->auth_type
& 0x01)) {
2235 BT_DBG("%s ignoring unauthenticated key", hdev
->name
);
2239 if (key
->type
== HCI_LK_COMBINATION
&& key
->pin_len
< 16 &&
2240 conn
->pending_sec_level
== BT_SECURITY_HIGH
) {
2241 BT_DBG("%s ignoring key unauthenticated for high \
2242 security", hdev
->name
);
2246 conn
->key_type
= key
->type
;
2247 conn
->pin_length
= key
->pin_len
;
2250 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
2251 memcpy(cp
.link_key
, key
->val
, 16);
2253 hci_send_cmd(hdev
, HCI_OP_LINK_KEY_REPLY
, sizeof(cp
), &cp
);
2255 hci_dev_unlock(hdev
);
2260 hci_send_cmd(hdev
, HCI_OP_LINK_KEY_NEG_REPLY
, 6, &ev
->bdaddr
);
2261 hci_dev_unlock(hdev
);
2264 static inline void hci_link_key_notify_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2266 struct hci_ev_link_key_notify
*ev
= (void *) skb
->data
;
2267 struct hci_conn
*conn
;
2270 BT_DBG("%s", hdev
->name
);
2274 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2276 hci_conn_hold(conn
);
2277 conn
->disc_timeout
= HCI_DISCONN_TIMEOUT
;
2278 pin_len
= conn
->pin_length
;
2280 if (ev
->key_type
!= HCI_LK_CHANGED_COMBINATION
)
2281 conn
->key_type
= ev
->key_type
;
2286 if (test_bit(HCI_LINK_KEYS
, &hdev
->flags
))
2287 hci_add_link_key(hdev
, conn
, 1, &ev
->bdaddr
, ev
->link_key
,
2288 ev
->key_type
, pin_len
);
2290 hci_dev_unlock(hdev
);
2293 static inline void hci_clock_offset_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2295 struct hci_ev_clock_offset
*ev
= (void *) skb
->data
;
2296 struct hci_conn
*conn
;
2298 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
2302 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
2303 if (conn
&& !ev
->status
) {
2304 struct inquiry_entry
*ie
;
2306 ie
= hci_inquiry_cache_lookup(hdev
, &conn
->dst
);
2308 ie
->data
.clock_offset
= ev
->clock_offset
;
2309 ie
->timestamp
= jiffies
;
2313 hci_dev_unlock(hdev
);
2316 static inline void hci_pkt_type_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2318 struct hci_ev_pkt_type_change
*ev
= (void *) skb
->data
;
2319 struct hci_conn
*conn
;
2321 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
2325 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
2326 if (conn
&& !ev
->status
)
2327 conn
->pkt_type
= __le16_to_cpu(ev
->pkt_type
);
2329 hci_dev_unlock(hdev
);
2332 static inline void hci_pscan_rep_mode_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2334 struct hci_ev_pscan_rep_mode
*ev
= (void *) skb
->data
;
2335 struct inquiry_entry
*ie
;
2337 BT_DBG("%s", hdev
->name
);
2341 ie
= hci_inquiry_cache_lookup(hdev
, &ev
->bdaddr
);
2343 ie
->data
.pscan_rep_mode
= ev
->pscan_rep_mode
;
2344 ie
->timestamp
= jiffies
;
2347 hci_dev_unlock(hdev
);
2350 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2352 struct inquiry_data data
;
2353 int num_rsp
= *((__u8
*) skb
->data
);
2355 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
2362 if (!test_and_set_bit(HCI_INQUIRY
, &hdev
->flags
)) {
2364 if (test_bit(HCI_MGMT
, &hdev
->flags
))
2365 mgmt_discovering(hdev
->id
, 1);
2368 if ((skb
->len
- 1) / num_rsp
!= sizeof(struct inquiry_info_with_rssi
)) {
2369 struct inquiry_info_with_rssi_and_pscan_mode
*info
;
2370 info
= (void *) (skb
->data
+ 1);
2372 for (; num_rsp
; num_rsp
--, info
++) {
2373 bacpy(&data
.bdaddr
, &info
->bdaddr
);
2374 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
2375 data
.pscan_period_mode
= info
->pscan_period_mode
;
2376 data
.pscan_mode
= info
->pscan_mode
;
2377 memcpy(data
.dev_class
, info
->dev_class
, 3);
2378 data
.clock_offset
= info
->clock_offset
;
2379 data
.rssi
= info
->rssi
;
2380 data
.ssp_mode
= 0x00;
2381 hci_inquiry_cache_update(hdev
, &data
);
2382 mgmt_device_found(hdev
->id
, &info
->bdaddr
,
2383 info
->dev_class
, info
->rssi
,
2387 struct inquiry_info_with_rssi
*info
= (void *) (skb
->data
+ 1);
2389 for (; num_rsp
; num_rsp
--, info
++) {
2390 bacpy(&data
.bdaddr
, &info
->bdaddr
);
2391 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
2392 data
.pscan_period_mode
= info
->pscan_period_mode
;
2393 data
.pscan_mode
= 0x00;
2394 memcpy(data
.dev_class
, info
->dev_class
, 3);
2395 data
.clock_offset
= info
->clock_offset
;
2396 data
.rssi
= info
->rssi
;
2397 data
.ssp_mode
= 0x00;
2398 hci_inquiry_cache_update(hdev
, &data
);
2399 mgmt_device_found(hdev
->id
, &info
->bdaddr
,
2400 info
->dev_class
, info
->rssi
,
2405 hci_dev_unlock(hdev
);
2408 static inline void hci_remote_ext_features_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2410 struct hci_ev_remote_ext_features
*ev
= (void *) skb
->data
;
2411 struct hci_conn
*conn
;
2413 BT_DBG("%s", hdev
->name
);
2417 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
2421 if (!ev
->status
&& ev
->page
== 0x01) {
2422 struct inquiry_entry
*ie
;
2424 ie
= hci_inquiry_cache_lookup(hdev
, &conn
->dst
);
2426 ie
->data
.ssp_mode
= (ev
->features
[0] & 0x01);
2428 conn
->ssp_mode
= (ev
->features
[0] & 0x01);
2431 if (conn
->state
!= BT_CONFIG
)
2435 struct hci_cp_remote_name_req cp
;
2436 memset(&cp
, 0, sizeof(cp
));
2437 bacpy(&cp
.bdaddr
, &conn
->dst
);
2438 cp
.pscan_rep_mode
= 0x02;
2439 hci_send_cmd(hdev
, HCI_OP_REMOTE_NAME_REQ
, sizeof(cp
), &cp
);
2442 if (!hci_outgoing_auth_needed(hdev
, conn
)) {
2443 conn
->state
= BT_CONNECTED
;
2444 hci_proto_connect_cfm(conn
, ev
->status
);
2449 hci_dev_unlock(hdev
);
2452 static inline void hci_sync_conn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2454 struct hci_ev_sync_conn_complete
*ev
= (void *) skb
->data
;
2455 struct hci_conn
*conn
;
2457 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
2461 conn
= hci_conn_hash_lookup_ba(hdev
, ev
->link_type
, &ev
->bdaddr
);
2463 if (ev
->link_type
== ESCO_LINK
)
2466 conn
= hci_conn_hash_lookup_ba(hdev
, ESCO_LINK
, &ev
->bdaddr
);
2470 conn
->type
= SCO_LINK
;
2473 switch (ev
->status
) {
2475 conn
->handle
= __le16_to_cpu(ev
->handle
);
2476 conn
->state
= BT_CONNECTED
;
2478 hci_conn_hold_device(conn
);
2479 hci_conn_add_sysfs(conn
);
2482 case 0x11: /* Unsupported Feature or Parameter Value */
2483 case 0x1c: /* SCO interval rejected */
2484 case 0x1a: /* Unsupported Remote Feature */
2485 case 0x1f: /* Unspecified error */
2486 if (conn
->out
&& conn
->attempt
< 2) {
2487 conn
->pkt_type
= (hdev
->esco_type
& SCO_ESCO_MASK
) |
2488 (hdev
->esco_type
& EDR_ESCO_MASK
);
2489 hci_setup_sync(conn
, conn
->link
->handle
);
2495 conn
->state
= BT_CLOSED
;
2499 hci_proto_connect_cfm(conn
, ev
->status
);
2504 hci_dev_unlock(hdev
);
2507 static inline void hci_sync_conn_changed_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2509 BT_DBG("%s", hdev
->name
);
2512 static inline void hci_sniff_subrate_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2514 struct hci_ev_sniff_subrate
*ev
= (void *) skb
->data
;
2516 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
2519 static inline void hci_extended_inquiry_result_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2521 struct inquiry_data data
;
2522 struct extended_inquiry_info
*info
= (void *) (skb
->data
+ 1);
2523 int num_rsp
= *((__u8
*) skb
->data
);
2525 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
2530 if (!test_and_set_bit(HCI_INQUIRY
, &hdev
->flags
)) {
2532 if (test_bit(HCI_MGMT
, &hdev
->flags
))
2533 mgmt_discovering(hdev
->id
, 1);
2538 for (; num_rsp
; num_rsp
--, info
++) {
2539 bacpy(&data
.bdaddr
, &info
->bdaddr
);
2540 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
2541 data
.pscan_period_mode
= info
->pscan_period_mode
;
2542 data
.pscan_mode
= 0x00;
2543 memcpy(data
.dev_class
, info
->dev_class
, 3);
2544 data
.clock_offset
= info
->clock_offset
;
2545 data
.rssi
= info
->rssi
;
2546 data
.ssp_mode
= 0x01;
2547 hci_inquiry_cache_update(hdev
, &data
);
2548 mgmt_device_found(hdev
->id
, &info
->bdaddr
, info
->dev_class
,
2549 info
->rssi
, info
->data
);
2552 hci_dev_unlock(hdev
);
2555 static inline u8
hci_get_auth_req(struct hci_conn
*conn
)
2557 /* If remote requests dedicated bonding follow that lead */
2558 if (conn
->remote_auth
== 0x02 || conn
->remote_auth
== 0x03) {
2559 /* If both remote and local IO capabilities allow MITM
2560 * protection then require it, otherwise don't */
2561 if (conn
->remote_cap
== 0x03 || conn
->io_capability
== 0x03)
2567 /* If remote requests no-bonding follow that lead */
2568 if (conn
->remote_auth
== 0x00 || conn
->remote_auth
== 0x01)
2569 return conn
->remote_auth
| (conn
->auth_type
& 0x01);
2571 return conn
->auth_type
;
2574 static inline void hci_io_capa_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2576 struct hci_ev_io_capa_request
*ev
= (void *) skb
->data
;
2577 struct hci_conn
*conn
;
2579 BT_DBG("%s", hdev
->name
);
2583 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2587 hci_conn_hold(conn
);
2589 if (!test_bit(HCI_MGMT
, &hdev
->flags
))
2592 if (test_bit(HCI_PAIRABLE
, &hdev
->flags
) ||
2593 (conn
->remote_auth
& ~0x01) == HCI_AT_NO_BONDING
) {
2594 struct hci_cp_io_capability_reply cp
;
2596 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
2597 cp
.capability
= conn
->io_capability
;
2598 conn
->auth_type
= hci_get_auth_req(conn
);
2599 cp
.authentication
= conn
->auth_type
;
2601 if ((conn
->out
== 0x01 || conn
->remote_oob
== 0x01) &&
2602 hci_find_remote_oob_data(hdev
, &conn
->dst
))
2607 hci_send_cmd(hdev
, HCI_OP_IO_CAPABILITY_REPLY
,
2610 struct hci_cp_io_capability_neg_reply cp
;
2612 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
2613 cp
.reason
= 0x18; /* Pairing not allowed */
2615 hci_send_cmd(hdev
, HCI_OP_IO_CAPABILITY_NEG_REPLY
,
2620 hci_dev_unlock(hdev
);
2623 static inline void hci_io_capa_reply_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2625 struct hci_ev_io_capa_reply
*ev
= (void *) skb
->data
;
2626 struct hci_conn
*conn
;
2628 BT_DBG("%s", hdev
->name
);
2632 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2636 conn
->remote_cap
= ev
->capability
;
2637 conn
->remote_oob
= ev
->oob_data
;
2638 conn
->remote_auth
= ev
->authentication
;
2641 hci_dev_unlock(hdev
);
2644 static inline void hci_user_confirm_request_evt(struct hci_dev
*hdev
,
2645 struct sk_buff
*skb
)
2647 struct hci_ev_user_confirm_req
*ev
= (void *) skb
->data
;
2648 int loc_mitm
, rem_mitm
, confirm_hint
= 0;
2649 struct hci_conn
*conn
;
2651 BT_DBG("%s", hdev
->name
);
2655 if (!test_bit(HCI_MGMT
, &hdev
->flags
))
2658 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2662 loc_mitm
= (conn
->auth_type
& 0x01);
2663 rem_mitm
= (conn
->remote_auth
& 0x01);
2665 /* If we require MITM but the remote device can't provide that
2666 * (it has NoInputNoOutput) then reject the confirmation
2667 * request. The only exception is when we're dedicated bonding
2668 * initiators (connect_cfm_cb set) since then we always have the MITM
2670 if (!conn
->connect_cfm_cb
&& loc_mitm
&& conn
->remote_cap
== 0x03) {
2671 BT_DBG("Rejecting request: remote device can't provide MITM");
2672 hci_send_cmd(hdev
, HCI_OP_USER_CONFIRM_NEG_REPLY
,
2673 sizeof(ev
->bdaddr
), &ev
->bdaddr
);
2677 /* If no side requires MITM protection; auto-accept */
2678 if ((!loc_mitm
|| conn
->remote_cap
== 0x03) &&
2679 (!rem_mitm
|| conn
->io_capability
== 0x03)) {
2681 /* If we're not the initiators request authorization to
2682 * proceed from user space (mgmt_user_confirm with
2683 * confirm_hint set to 1). */
2684 if (!test_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
)) {
2685 BT_DBG("Confirming auto-accept as acceptor");
2690 BT_DBG("Auto-accept of user confirmation with %ums delay",
2691 hdev
->auto_accept_delay
);
2693 if (hdev
->auto_accept_delay
> 0) {
2694 int delay
= msecs_to_jiffies(hdev
->auto_accept_delay
);
2695 mod_timer(&conn
->auto_accept_timer
, jiffies
+ delay
);
2699 hci_send_cmd(hdev
, HCI_OP_USER_CONFIRM_REPLY
,
2700 sizeof(ev
->bdaddr
), &ev
->bdaddr
);
2705 mgmt_user_confirm_request(hdev
->id
, &ev
->bdaddr
, ev
->passkey
,
2709 hci_dev_unlock(hdev
);
2712 static inline void hci_simple_pair_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2714 struct hci_ev_simple_pair_complete
*ev
= (void *) skb
->data
;
2715 struct hci_conn
*conn
;
2717 BT_DBG("%s", hdev
->name
);
2721 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
2725 /* To avoid duplicate auth_failed events to user space we check
2726 * the HCI_CONN_AUTH_PEND flag which will be set if we
2727 * initiated the authentication. A traditional auth_complete
2728 * event gets always produced as initiator and is also mapped to
2729 * the mgmt_auth_failed event */
2730 if (!test_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
) && ev
->status
!= 0)
2731 mgmt_auth_failed(hdev
->id
, &conn
->dst
, ev
->status
);
2736 hci_dev_unlock(hdev
);
2739 static inline void hci_remote_host_features_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2741 struct hci_ev_remote_host_features
*ev
= (void *) skb
->data
;
2742 struct inquiry_entry
*ie
;
2744 BT_DBG("%s", hdev
->name
);
2748 ie
= hci_inquiry_cache_lookup(hdev
, &ev
->bdaddr
);
2750 ie
->data
.ssp_mode
= (ev
->features
[0] & 0x01);
2752 hci_dev_unlock(hdev
);
2755 static inline void hci_remote_oob_data_request_evt(struct hci_dev
*hdev
,
2756 struct sk_buff
*skb
)
2758 struct hci_ev_remote_oob_data_request
*ev
= (void *) skb
->data
;
2759 struct oob_data
*data
;
2761 BT_DBG("%s", hdev
->name
);
2765 if (!test_bit(HCI_MGMT
, &hdev
->flags
))
2768 data
= hci_find_remote_oob_data(hdev
, &ev
->bdaddr
);
2770 struct hci_cp_remote_oob_data_reply cp
;
2772 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
2773 memcpy(cp
.hash
, data
->hash
, sizeof(cp
.hash
));
2774 memcpy(cp
.randomizer
, data
->randomizer
, sizeof(cp
.randomizer
));
2776 hci_send_cmd(hdev
, HCI_OP_REMOTE_OOB_DATA_REPLY
, sizeof(cp
),
2779 struct hci_cp_remote_oob_data_neg_reply cp
;
2781 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
2782 hci_send_cmd(hdev
, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY
, sizeof(cp
),
2787 hci_dev_unlock(hdev
);
2790 static inline void hci_le_conn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2792 struct hci_ev_le_conn_complete
*ev
= (void *) skb
->data
;
2793 struct hci_conn
*conn
;
2795 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
2799 conn
= hci_conn_hash_lookup_ba(hdev
, LE_LINK
, &ev
->bdaddr
);
2801 conn
= hci_conn_add(hdev
, LE_LINK
, &ev
->bdaddr
);
2803 BT_ERR("No memory for new connection");
2804 hci_dev_unlock(hdev
);
2808 conn
->dst_type
= ev
->bdaddr_type
;
2812 mgmt_connect_failed(hdev
->id
, &ev
->bdaddr
, ev
->status
);
2813 hci_proto_connect_cfm(conn
, ev
->status
);
2814 conn
->state
= BT_CLOSED
;
2819 mgmt_connected(hdev
->id
, &ev
->bdaddr
);
2821 conn
->sec_level
= BT_SECURITY_LOW
;
2822 conn
->handle
= __le16_to_cpu(ev
->handle
);
2823 conn
->state
= BT_CONNECTED
;
2825 hci_conn_hold_device(conn
);
2826 hci_conn_add_sysfs(conn
);
2828 hci_proto_connect_cfm(conn
, ev
->status
);
2831 hci_dev_unlock(hdev
);
2834 static inline void hci_le_adv_report_evt(struct hci_dev
*hdev
,
2835 struct sk_buff
*skb
)
2837 struct hci_ev_le_advertising_info
*ev
;
2840 num_reports
= skb
->data
[0];
2841 ev
= (void *) &skb
->data
[1];
2845 hci_add_adv_entry(hdev
, ev
);
2847 while (--num_reports
) {
2848 ev
= (void *) (ev
->data
+ ev
->length
+ 1);
2849 hci_add_adv_entry(hdev
, ev
);
2852 hci_dev_unlock(hdev
);
2855 static inline void hci_le_ltk_request_evt(struct hci_dev
*hdev
,
2856 struct sk_buff
*skb
)
2858 struct hci_ev_le_ltk_req
*ev
= (void *) skb
->data
;
2859 struct hci_cp_le_ltk_reply cp
;
2860 struct hci_cp_le_ltk_neg_reply neg
;
2861 struct hci_conn
*conn
;
2862 struct link_key
*ltk
;
2864 BT_DBG("%s handle %d", hdev
->name
, cpu_to_le16(ev
->handle
));
2868 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
2872 ltk
= hci_find_ltk(hdev
, ev
->ediv
, ev
->random
);
2876 memcpy(cp
.ltk
, ltk
->val
, sizeof(ltk
->val
));
2877 cp
.handle
= cpu_to_le16(conn
->handle
);
2878 conn
->pin_length
= ltk
->pin_len
;
2880 hci_send_cmd(hdev
, HCI_OP_LE_LTK_REPLY
, sizeof(cp
), &cp
);
2882 hci_dev_unlock(hdev
);
2887 neg
.handle
= ev
->handle
;
2888 hci_send_cmd(hdev
, HCI_OP_LE_LTK_NEG_REPLY
, sizeof(neg
), &neg
);
2889 hci_dev_unlock(hdev
);
2892 static inline void hci_le_meta_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2894 struct hci_ev_le_meta
*le_ev
= (void *) skb
->data
;
2896 skb_pull(skb
, sizeof(*le_ev
));
2898 switch (le_ev
->subevent
) {
2899 case HCI_EV_LE_CONN_COMPLETE
:
2900 hci_le_conn_complete_evt(hdev
, skb
);
2903 case HCI_EV_LE_ADVERTISING_REPORT
:
2904 hci_le_adv_report_evt(hdev
, skb
);
2907 case HCI_EV_LE_LTK_REQ
:
2908 hci_le_ltk_request_evt(hdev
, skb
);
2916 void hci_event_packet(struct hci_dev
*hdev
, struct sk_buff
*skb
)
2918 struct hci_event_hdr
*hdr
= (void *) skb
->data
;
2919 __u8 event
= hdr
->evt
;
2921 skb_pull(skb
, HCI_EVENT_HDR_SIZE
);
2924 case HCI_EV_INQUIRY_COMPLETE
:
2925 hci_inquiry_complete_evt(hdev
, skb
);
2928 case HCI_EV_INQUIRY_RESULT
:
2929 hci_inquiry_result_evt(hdev
, skb
);
2932 case HCI_EV_CONN_COMPLETE
:
2933 hci_conn_complete_evt(hdev
, skb
);
2936 case HCI_EV_CONN_REQUEST
:
2937 hci_conn_request_evt(hdev
, skb
);
2940 case HCI_EV_DISCONN_COMPLETE
:
2941 hci_disconn_complete_evt(hdev
, skb
);
2944 case HCI_EV_AUTH_COMPLETE
:
2945 hci_auth_complete_evt(hdev
, skb
);
2948 case HCI_EV_REMOTE_NAME
:
2949 hci_remote_name_evt(hdev
, skb
);
2952 case HCI_EV_ENCRYPT_CHANGE
:
2953 hci_encrypt_change_evt(hdev
, skb
);
2956 case HCI_EV_CHANGE_LINK_KEY_COMPLETE
:
2957 hci_change_link_key_complete_evt(hdev
, skb
);
2960 case HCI_EV_REMOTE_FEATURES
:
2961 hci_remote_features_evt(hdev
, skb
);
2964 case HCI_EV_REMOTE_VERSION
:
2965 hci_remote_version_evt(hdev
, skb
);
2968 case HCI_EV_QOS_SETUP_COMPLETE
:
2969 hci_qos_setup_complete_evt(hdev
, skb
);
2972 case HCI_EV_CMD_COMPLETE
:
2973 hci_cmd_complete_evt(hdev
, skb
);
2976 case HCI_EV_CMD_STATUS
:
2977 hci_cmd_status_evt(hdev
, skb
);
2980 case HCI_EV_ROLE_CHANGE
:
2981 hci_role_change_evt(hdev
, skb
);
2984 case HCI_EV_NUM_COMP_PKTS
:
2985 hci_num_comp_pkts_evt(hdev
, skb
);
2988 case HCI_EV_MODE_CHANGE
:
2989 hci_mode_change_evt(hdev
, skb
);
2992 case HCI_EV_PIN_CODE_REQ
:
2993 hci_pin_code_request_evt(hdev
, skb
);
2996 case HCI_EV_LINK_KEY_REQ
:
2997 hci_link_key_request_evt(hdev
, skb
);
3000 case HCI_EV_LINK_KEY_NOTIFY
:
3001 hci_link_key_notify_evt(hdev
, skb
);
3004 case HCI_EV_CLOCK_OFFSET
:
3005 hci_clock_offset_evt(hdev
, skb
);
3008 case HCI_EV_PKT_TYPE_CHANGE
:
3009 hci_pkt_type_change_evt(hdev
, skb
);
3012 case HCI_EV_PSCAN_REP_MODE
:
3013 hci_pscan_rep_mode_evt(hdev
, skb
);
3016 case HCI_EV_INQUIRY_RESULT_WITH_RSSI
:
3017 hci_inquiry_result_with_rssi_evt(hdev
, skb
);
3020 case HCI_EV_REMOTE_EXT_FEATURES
:
3021 hci_remote_ext_features_evt(hdev
, skb
);
3024 case HCI_EV_SYNC_CONN_COMPLETE
:
3025 hci_sync_conn_complete_evt(hdev
, skb
);
3028 case HCI_EV_SYNC_CONN_CHANGED
:
3029 hci_sync_conn_changed_evt(hdev
, skb
);
3032 case HCI_EV_SNIFF_SUBRATE
:
3033 hci_sniff_subrate_evt(hdev
, skb
);
3036 case HCI_EV_EXTENDED_INQUIRY_RESULT
:
3037 hci_extended_inquiry_result_evt(hdev
, skb
);
3040 case HCI_EV_IO_CAPA_REQUEST
:
3041 hci_io_capa_request_evt(hdev
, skb
);
3044 case HCI_EV_IO_CAPA_REPLY
:
3045 hci_io_capa_reply_evt(hdev
, skb
);
3048 case HCI_EV_USER_CONFIRM_REQUEST
:
3049 hci_user_confirm_request_evt(hdev
, skb
);
3052 case HCI_EV_SIMPLE_PAIR_COMPLETE
:
3053 hci_simple_pair_complete_evt(hdev
, skb
);
3056 case HCI_EV_REMOTE_HOST_FEATURES
:
3057 hci_remote_host_features_evt(hdev
, skb
);
3060 case HCI_EV_LE_META
:
3061 hci_le_meta_evt(hdev
, skb
);
3064 case HCI_EV_REMOTE_OOB_DATA_REQUEST
:
3065 hci_remote_oob_data_request_evt(hdev
, skb
);
3069 BT_DBG("%s event 0x%x", hdev
->name
, event
);
3074 hdev
->stat
.evt_rx
++;
3077 /* Generate internal stack event */
3078 void hci_si_event(struct hci_dev
*hdev
, int type
, int dlen
, void *data
)
3080 struct hci_event_hdr
*hdr
;
3081 struct hci_ev_stack_internal
*ev
;
3082 struct sk_buff
*skb
;
3084 skb
= bt_skb_alloc(HCI_EVENT_HDR_SIZE
+ sizeof(*ev
) + dlen
, GFP_ATOMIC
);
3088 hdr
= (void *) skb_put(skb
, HCI_EVENT_HDR_SIZE
);
3089 hdr
->evt
= HCI_EV_STACK_INTERNAL
;
3090 hdr
->plen
= sizeof(*ev
) + dlen
;
3092 ev
= (void *) skb_put(skb
, sizeof(*ev
) + dlen
);
3094 memcpy(ev
->data
, data
, dlen
);
3096 bt_cb(skb
)->incoming
= 1;
3097 __net_timestamp(skb
);
3099 bt_cb(skb
)->pkt_type
= HCI_EVENT_PKT
;
3100 skb
->dev
= (void *) hdev
;
3101 hci_send_to_sock(hdev
, skb
, NULL
);
3105 module_param(enable_le
, bool, 0444);
3106 MODULE_PARM_DESC(enable_le
, "Enable LE support");