search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MIPS: Fix sign-extension bug in 32-bit kernel on 32-bit hardware.
[linux-2.6/linux-loongson.git] / net / bluetooth / hci_event.c
blob15f40ea8d544e3ef68dc4d2be853427a70e2b577
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI event handling. */
26
27 #include <linux/module.h>
28
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
39 #include <net/sock.h>
40
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
44
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47
48 /* Handle HCI Event packets */
49
50 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
51 {
52 __u8 status = *((__u8 *) skb->data);
53
54 BT_DBG("%s status 0x%x", hdev->name, status);
55
56 if (status)
57 return;
58
59 clear_bit(HCI_INQUIRY, &hdev->flags);
60
61 hci_req_complete(hdev, status);
62
63 hci_conn_check_pending(hdev);
64 }
65
66 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
67 {
68 __u8 status = *((__u8 *) skb->data);
69
70 BT_DBG("%s status 0x%x", hdev->name, status);
71
72 if (status)
73 return;
74
75 clear_bit(HCI_INQUIRY, &hdev->flags);
76
77 hci_conn_check_pending(hdev);
78 }
79
80 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
81 {
82 BT_DBG("%s", hdev->name);
83 }
84
85 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
86 {
87 struct hci_rp_role_discovery *rp = (void *) skb->data;
88 struct hci_conn *conn;
89
90 BT_DBG("%s status 0x%x", hdev->name, rp->status);
91
92 if (rp->status)
93 return;
94
95 hci_dev_lock(hdev);
96
97 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
98 if (conn) {
99 if (rp->role)
100 conn->link_mode &= ~HCI_LM_MASTER;
101 else
102 conn->link_mode |= HCI_LM_MASTER;
103 }
104
105 hci_dev_unlock(hdev);
106 }
107
108 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
109 {
110 struct hci_rp_read_link_policy *rp = (void *) skb->data;
111 struct hci_conn *conn;
112
113 BT_DBG("%s status 0x%x", hdev->name, rp->status);
114
115 if (rp->status)
116 return;
117
118 hci_dev_lock(hdev);
119
120 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
121 if (conn)
122 conn->link_policy = __le16_to_cpu(rp->policy);
123
124 hci_dev_unlock(hdev);
125 }
126
127 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
128 {
129 struct hci_rp_write_link_policy *rp = (void *) skb->data;
130 struct hci_conn *conn;
131 void *sent;
132
133 BT_DBG("%s status 0x%x", hdev->name, rp->status);
134
135 if (rp->status)
136 return;
137
138 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
139 if (!sent)
140 return;
141
142 hci_dev_lock(hdev);
143
144 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
145 if (conn)
146 conn->link_policy = get_unaligned_le16(sent + 2);
147
148 hci_dev_unlock(hdev);
149 }
150
151 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
152 {
153 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
154
155 BT_DBG("%s status 0x%x", hdev->name, rp->status);
156
157 if (rp->status)
158 return;
159
160 hdev->link_policy = __le16_to_cpu(rp->policy);
161 }
162
163 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
164 {
165 __u8 status = *((__u8 *) skb->data);
166 void *sent;
167
168 BT_DBG("%s status 0x%x", hdev->name, status);
169
170 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
171 if (!sent)
172 return;
173
174 if (!status)
175 hdev->link_policy = get_unaligned_le16(sent);
176
177 hci_req_complete(hdev, status);
178 }
179
180 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
181 {
182 __u8 status = *((__u8 *) skb->data);
183
184 BT_DBG("%s status 0x%x", hdev->name, status);
185
186 hci_req_complete(hdev, status);
187 }
188
189 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
190 {
191 __u8 status = *((__u8 *) skb->data);
192 void *sent;
193
194 BT_DBG("%s status 0x%x", hdev->name, status);
195
196 if (status)
197 return;
198
199 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
200 if (!sent)
201 return;
202
203 memcpy(hdev->dev_name, sent, 248);
204 }
205
206 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
207 {
208 struct hci_rp_read_local_name *rp = (void *) skb->data;
209
210 BT_DBG("%s status 0x%x", hdev->name, rp->status);
211
212 if (rp->status)
213 return;
214
215 memcpy(hdev->dev_name, rp->name, 248);
216 }
217
218 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
219 {
220 __u8 status = *((__u8 *) skb->data);
221 void *sent;
222
223 BT_DBG("%s status 0x%x", hdev->name, status);
224
225 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
226 if (!sent)
227 return;
228
229 if (!status) {
230 __u8 param = *((__u8 *) sent);
231
232 if (param == AUTH_ENABLED)
233 set_bit(HCI_AUTH, &hdev->flags);
234 else
235 clear_bit(HCI_AUTH, &hdev->flags);
236 }
237
238 hci_req_complete(hdev, status);
239 }
240
241 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
242 {
243 __u8 status = *((__u8 *) skb->data);
244 void *sent;
245
246 BT_DBG("%s status 0x%x", hdev->name, status);
247
248 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
249 if (!sent)
250 return;
251
252 if (!status) {
253 __u8 param = *((__u8 *) sent);
254
255 if (param)
256 set_bit(HCI_ENCRYPT, &hdev->flags);
257 else
258 clear_bit(HCI_ENCRYPT, &hdev->flags);
259 }
260
261 hci_req_complete(hdev, status);
262 }
263
264 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
265 {
266 __u8 status = *((__u8 *) skb->data);
267 void *sent;
268
269 BT_DBG("%s status 0x%x", hdev->name, status);
270
271 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
272 if (!sent)
273 return;
274
275 if (!status) {
276 __u8 param = *((__u8 *) sent);
277
278 clear_bit(HCI_PSCAN, &hdev->flags);
279 clear_bit(HCI_ISCAN, &hdev->flags);
280
281 if (param & SCAN_INQUIRY)
282 set_bit(HCI_ISCAN, &hdev->flags);
283
284 if (param & SCAN_PAGE)
285 set_bit(HCI_PSCAN, &hdev->flags);
286 }
287
288 hci_req_complete(hdev, status);
289 }
290
291 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
292 {
293 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
294
295 BT_DBG("%s status 0x%x", hdev->name, rp->status);
296
297 if (rp->status)
298 return;
299
300 memcpy(hdev->dev_class, rp->dev_class, 3);
301
302 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
303 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
304 }
305
306 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
307 {
308 __u8 status = *((__u8 *) skb->data);
309 void *sent;
310
311 BT_DBG("%s status 0x%x", hdev->name, status);
312
313 if (status)
314 return;
315
316 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
317 if (!sent)
318 return;
319
320 memcpy(hdev->dev_class, sent, 3);
321 }
322
323 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
324 {
325 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
326 __u16 setting;
327
328 BT_DBG("%s status 0x%x", hdev->name, rp->status);
329
330 if (rp->status)
331 return;
332
333 setting = __le16_to_cpu(rp->voice_setting);
334
335 if (hdev->voice_setting == setting)
336 return;
337
338 hdev->voice_setting = setting;
339
340 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
341
342 if (hdev->notify) {
343 tasklet_disable(&hdev->tx_task);
344 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
345 tasklet_enable(&hdev->tx_task);
346 }
347 }
348
349 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
350 {
351 __u8 status = *((__u8 *) skb->data);
352 __u16 setting;
353 void *sent;
354
355 BT_DBG("%s status 0x%x", hdev->name, status);
356
357 if (status)
358 return;
359
360 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
361 if (!sent)
362 return;
363
364 setting = get_unaligned_le16(sent);
365
366 if (hdev->voice_setting == setting)
367 return;
368
369 hdev->voice_setting = setting;
370
371 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
372
373 if (hdev->notify) {
374 tasklet_disable(&hdev->tx_task);
375 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
376 tasklet_enable(&hdev->tx_task);
377 }
378 }
379
380 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
381 {
382 __u8 status = *((__u8 *) skb->data);
383
384 BT_DBG("%s status 0x%x", hdev->name, status);
385
386 hci_req_complete(hdev, status);
387 }
388
389 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
390 {
391 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
392
393 BT_DBG("%s status 0x%x", hdev->name, rp->status);
394
395 if (rp->status)
396 return;
397
398 hdev->ssp_mode = rp->mode;
399 }
400
401 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
402 {
403 __u8 status = *((__u8 *) skb->data);
404 void *sent;
405
406 BT_DBG("%s status 0x%x", hdev->name, status);
407
408 if (status)
409 return;
410
411 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
412 if (!sent)
413 return;
414
415 hdev->ssp_mode = *((__u8 *) sent);
416 }
417
418 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
419 {
420 struct hci_rp_read_local_version *rp = (void *) skb->data;
421
422 BT_DBG("%s status 0x%x", hdev->name, rp->status);
423
424 if (rp->status)
425 return;
426
427 hdev->hci_ver = rp->hci_ver;
428 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
429 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
430
431 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
432 hdev->manufacturer,
433 hdev->hci_ver, hdev->hci_rev);
434 }
435
436 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
437 {
438 struct hci_rp_read_local_commands *rp = (void *) skb->data;
439
440 BT_DBG("%s status 0x%x", hdev->name, rp->status);
441
442 if (rp->status)
443 return;
444
445 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
446 }
447
448 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
449 {
450 struct hci_rp_read_local_features *rp = (void *) skb->data;
451
452 BT_DBG("%s status 0x%x", hdev->name, rp->status);
453
454 if (rp->status)
455 return;
456
457 memcpy(hdev->features, rp->features, 8);
458
459 /* Adjust default settings according to features
460 * supported by device. */
461
462 if (hdev->features[0] & LMP_3SLOT)
463 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
464
465 if (hdev->features[0] & LMP_5SLOT)
466 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
467
468 if (hdev->features[1] & LMP_HV2) {
469 hdev->pkt_type |= (HCI_HV2);
470 hdev->esco_type |= (ESCO_HV2);
471 }
472
473 if (hdev->features[1] & LMP_HV3) {
474 hdev->pkt_type |= (HCI_HV3);
475 hdev->esco_type |= (ESCO_HV3);
476 }
477
478 if (hdev->features[3] & LMP_ESCO)
479 hdev->esco_type |= (ESCO_EV3);
480
481 if (hdev->features[4] & LMP_EV4)
482 hdev->esco_type |= (ESCO_EV4);
483
484 if (hdev->features[4] & LMP_EV5)
485 hdev->esco_type |= (ESCO_EV5);
486
487 if (hdev->features[5] & LMP_EDR_ESCO_2M)
488 hdev->esco_type |= (ESCO_2EV3);
489
490 if (hdev->features[5] & LMP_EDR_ESCO_3M)
491 hdev->esco_type |= (ESCO_3EV3);
492
493 if (hdev->features[5] & LMP_EDR_3S_ESCO)
494 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
495
496 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
497 hdev->features[0], hdev->features[1],
498 hdev->features[2], hdev->features[3],
499 hdev->features[4], hdev->features[5],
500 hdev->features[6], hdev->features[7]);
501 }
502
503 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
504 {
505 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
506
507 BT_DBG("%s status 0x%x", hdev->name, rp->status);
508
509 if (rp->status)
510 return;
511
512 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
513 hdev->sco_mtu = rp->sco_mtu;
514 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
515 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
516
517 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
518 hdev->sco_mtu = 64;
519 hdev->sco_pkts = 8;
520 }
521
522 hdev->acl_cnt = hdev->acl_pkts;
523 hdev->sco_cnt = hdev->sco_pkts;
524
525 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
526 hdev->acl_mtu, hdev->acl_pkts,
527 hdev->sco_mtu, hdev->sco_pkts);
528 }
529
530 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
531 {
532 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
533
534 BT_DBG("%s status 0x%x", hdev->name, rp->status);
535
536 if (!rp->status)
537 bacpy(&hdev->bdaddr, &rp->bdaddr);
538
539 hci_req_complete(hdev, rp->status);
540 }
541
542 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
543 {
544 BT_DBG("%s status 0x%x", hdev->name, status);
545
546 if (status) {
547 hci_req_complete(hdev, status);
548
549 hci_conn_check_pending(hdev);
550 } else
551 set_bit(HCI_INQUIRY, &hdev->flags);
552 }
553
554 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
555 {
556 struct hci_cp_create_conn *cp;
557 struct hci_conn *conn;
558
559 BT_DBG("%s status 0x%x", hdev->name, status);
560
561 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
562 if (!cp)
563 return;
564
565 hci_dev_lock(hdev);
566
567 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
568
569 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
570
571 if (status) {
572 if (conn && conn->state == BT_CONNECT) {
573 if (status != 0x0c || conn->attempt > 2) {
574 conn->state = BT_CLOSED;
575 hci_proto_connect_cfm(conn, status);
576 hci_conn_del(conn);
577 } else
578 conn->state = BT_CONNECT2;
579 }
580 } else {
581 if (!conn) {
582 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
583 if (conn) {
584 conn->out = 1;
585 conn->link_mode |= HCI_LM_MASTER;
586 } else
587 BT_ERR("No memmory for new connection");
588 }
589 }
590
591 hci_dev_unlock(hdev);
592 }
593
594 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
595 {
596 struct hci_cp_add_sco *cp;
597 struct hci_conn *acl, *sco;
598 __u16 handle;
599
600 BT_DBG("%s status 0x%x", hdev->name, status);
601
602 if (!status)
603 return;
604
605 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
606 if (!cp)
607 return;
608
609 handle = __le16_to_cpu(cp->handle);
610
611 BT_DBG("%s handle %d", hdev->name, handle);
612
613 hci_dev_lock(hdev);
614
615 acl = hci_conn_hash_lookup_handle(hdev, handle);
616 if (acl && (sco = acl->link)) {
617 sco->state = BT_CLOSED;
618
619 hci_proto_connect_cfm(sco, status);
620 hci_conn_del(sco);
621 }
622
623 hci_dev_unlock(hdev);
624 }
625
626 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
627 {
628 struct hci_cp_auth_requested *cp;
629 struct hci_conn *conn;
630
631 BT_DBG("%s status 0x%x", hdev->name, status);
632
633 if (!status)
634 return;
635
636 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
637 if (!cp)
638 return;
639
640 hci_dev_lock(hdev);
641
642 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
643 if (conn) {
644 if (conn->state == BT_CONFIG) {
645 hci_proto_connect_cfm(conn, status);
646 hci_conn_put(conn);
647 }
648 }
649
650 hci_dev_unlock(hdev);
651 }
652
653 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
654 {
655 struct hci_cp_set_conn_encrypt *cp;
656 struct hci_conn *conn;
657
658 BT_DBG("%s status 0x%x", hdev->name, status);
659
660 if (!status)
661 return;
662
663 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
664 if (!cp)
665 return;
666
667 hci_dev_lock(hdev);
668
669 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
670 if (conn) {
671 if (conn->state == BT_CONFIG) {
672 hci_proto_connect_cfm(conn, status);
673 hci_conn_put(conn);
674 }
675 }
676
677 hci_dev_unlock(hdev);
678 }
679
680 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
681 {
682 BT_DBG("%s status 0x%x", hdev->name, status);
683 }
684
685 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
686 {
687 struct hci_cp_read_remote_features *cp;
688 struct hci_conn *conn;
689
690 BT_DBG("%s status 0x%x", hdev->name, status);
691
692 if (!status)
693 return;
694
695 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
696 if (!cp)
697 return;
698
699 hci_dev_lock(hdev);
700
701 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
702 if (conn) {
703 if (conn->state == BT_CONFIG) {
704 hci_proto_connect_cfm(conn, status);
705 hci_conn_put(conn);
706 }
707 }
708
709 hci_dev_unlock(hdev);
710 }
711
712 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
713 {
714 struct hci_cp_read_remote_ext_features *cp;
715 struct hci_conn *conn;
716
717 BT_DBG("%s status 0x%x", hdev->name, status);
718
719 if (!status)
720 return;
721
722 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
723 if (!cp)
724 return;
725
726 hci_dev_lock(hdev);
727
728 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
729 if (conn) {
730 if (conn->state == BT_CONFIG) {
731 hci_proto_connect_cfm(conn, status);
732 hci_conn_put(conn);
733 }
734 }
735
736 hci_dev_unlock(hdev);
737 }
738
739 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
740 {
741 struct hci_cp_setup_sync_conn *cp;
742 struct hci_conn *acl, *sco;
743 __u16 handle;
744
745 BT_DBG("%s status 0x%x", hdev->name, status);
746
747 if (!status)
748 return;
749
750 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
751 if (!cp)
752 return;
753
754 handle = __le16_to_cpu(cp->handle);
755
756 BT_DBG("%s handle %d", hdev->name, handle);
757
758 hci_dev_lock(hdev);
759
760 acl = hci_conn_hash_lookup_handle(hdev, handle);
761 if (acl && (sco = acl->link)) {
762 sco->state = BT_CLOSED;
763
764 hci_proto_connect_cfm(sco, status);
765 hci_conn_del(sco);
766 }
767
768 hci_dev_unlock(hdev);
769 }
770
771 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
772 {
773 struct hci_cp_sniff_mode *cp;
774 struct hci_conn *conn;
775
776 BT_DBG("%s status 0x%x", hdev->name, status);
777
778 if (!status)
779 return;
780
781 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
782 if (!cp)
783 return;
784
785 hci_dev_lock(hdev);
786
787 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
788 if (conn)
789 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
790
791 hci_dev_unlock(hdev);
792 }
793
794 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
795 {
796 struct hci_cp_exit_sniff_mode *cp;
797 struct hci_conn *conn;
798
799 BT_DBG("%s status 0x%x", hdev->name, status);
800
801 if (!status)
802 return;
803
804 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
805 if (!cp)
806 return;
807
808 hci_dev_lock(hdev);
809
810 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
811 if (conn)
812 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
813
814 hci_dev_unlock(hdev);
815 }
816
817 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
818 {
819 __u8 status = *((__u8 *) skb->data);
820
821 BT_DBG("%s status %d", hdev->name, status);
822
823 clear_bit(HCI_INQUIRY, &hdev->flags);
824
825 hci_req_complete(hdev, status);
826
827 hci_conn_check_pending(hdev);
828 }
829
830 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
831 {
832 struct inquiry_data data;
833 struct inquiry_info *info = (void *) (skb->data + 1);
834 int num_rsp = *((__u8 *) skb->data);
835
836 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
837
838 if (!num_rsp)
839 return;
840
841 hci_dev_lock(hdev);
842
843 for (; num_rsp; num_rsp--) {
844 bacpy(&data.bdaddr, &info->bdaddr);
845 data.pscan_rep_mode = info->pscan_rep_mode;
846 data.pscan_period_mode = info->pscan_period_mode;
847 data.pscan_mode = info->pscan_mode;
848 memcpy(data.dev_class, info->dev_class, 3);
849 data.clock_offset = info->clock_offset;
850 data.rssi = 0x00;
851 data.ssp_mode = 0x00;
852 info++;
853 hci_inquiry_cache_update(hdev, &data);
854 }
855
856 hci_dev_unlock(hdev);
857 }
858
859 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
860 {
861 struct hci_ev_conn_complete *ev = (void *) skb->data;
862 struct hci_conn *conn;
863
864 BT_DBG("%s", hdev->name);
865
866 hci_dev_lock(hdev);
867
868 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
869 if (!conn) {
870 if (ev->link_type != SCO_LINK)
871 goto unlock;
872
873 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
874 if (!conn)
875 goto unlock;
876
877 conn->type = SCO_LINK;
878 }
879
880 if (!ev->status) {
881 conn->handle = __le16_to_cpu(ev->handle);
882
883 if (conn->type == ACL_LINK) {
884 conn->state = BT_CONFIG;
885 hci_conn_hold(conn);
886 } else
887 conn->state = BT_CONNECTED;
888
889 hci_conn_add_sysfs(conn);
890
891 if (test_bit(HCI_AUTH, &hdev->flags))
892 conn->link_mode |= HCI_LM_AUTH;
893
894 if (test_bit(HCI_ENCRYPT, &hdev->flags))
895 conn->link_mode |= HCI_LM_ENCRYPT;
896
897 /* Get remote features */
898 if (conn->type == ACL_LINK) {
899 struct hci_cp_read_remote_features cp;
900 cp.handle = ev->handle;
901 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
902 sizeof(cp), &cp);
903 }
904
905 /* Set packet type for incoming connection */
906 if (!conn->out && hdev->hci_ver < 3) {
907 struct hci_cp_change_conn_ptype cp;
908 cp.handle = ev->handle;
909 cp.pkt_type = cpu_to_le16(conn->pkt_type);
910 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
911 sizeof(cp), &cp);
912 }
913 } else
914 conn->state = BT_CLOSED;
915
916 if (conn->type == ACL_LINK) {
917 struct hci_conn *sco = conn->link;
918 if (sco) {
919 if (!ev->status) {
920 if (lmp_esco_capable(hdev))
921 hci_setup_sync(sco, conn->handle);
922 else
923 hci_add_sco(sco, conn->handle);
924 } else {
925 hci_proto_connect_cfm(sco, ev->status);
926 hci_conn_del(sco);
927 }
928 }
929 }
930
931 if (ev->status) {
932 hci_proto_connect_cfm(conn, ev->status);
933 hci_conn_del(conn);
934 } else if (ev->link_type != ACL_LINK)
935 hci_proto_connect_cfm(conn, ev->status);
936
937 unlock:
938 hci_dev_unlock(hdev);
939
940 hci_conn_check_pending(hdev);
941 }
942
943 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
944 {
945 struct hci_ev_conn_request *ev = (void *) skb->data;
946 int mask = hdev->link_mode;
947
948 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
949 batostr(&ev->bdaddr), ev->link_type);
950
951 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
952
953 if (mask & HCI_LM_ACCEPT) {
954 /* Connection accepted */
955 struct inquiry_entry *ie;
956 struct hci_conn *conn;
957
958 hci_dev_lock(hdev);
959
960 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr)))
961 memcpy(ie->data.dev_class, ev->dev_class, 3);
962
963 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
964 if (!conn) {
965 if (!(conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr))) {
966 BT_ERR("No memmory for new connection");
967 hci_dev_unlock(hdev);
968 return;
969 }
970 }
971
972 memcpy(conn->dev_class, ev->dev_class, 3);
973 conn->state = BT_CONNECT;
974
975 hci_dev_unlock(hdev);
976
977 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
978 struct hci_cp_accept_conn_req cp;
979
980 bacpy(&cp.bdaddr, &ev->bdaddr);
981
982 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
983 cp.role = 0x00; /* Become master */
984 else
985 cp.role = 0x01; /* Remain slave */
986
987 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
988 sizeof(cp), &cp);
989 } else {
990 struct hci_cp_accept_sync_conn_req cp;
991
992 bacpy(&cp.bdaddr, &ev->bdaddr);
993 cp.pkt_type = cpu_to_le16(conn->pkt_type);
994
995 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
996 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
997 cp.max_latency = cpu_to_le16(0xffff);
998 cp.content_format = cpu_to_le16(hdev->voice_setting);
999 cp.retrans_effort = 0xff;
1000
1001 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1002 sizeof(cp), &cp);
1003 }
1004 } else {
1005 /* Connection rejected */
1006 struct hci_cp_reject_conn_req cp;
1007
1008 bacpy(&cp.bdaddr, &ev->bdaddr);
1009 cp.reason = 0x0f;
1010 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1011 }
1012 }
1013
1014 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1015 {
1016 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1017 struct hci_conn *conn;
1018
1019 BT_DBG("%s status %d", hdev->name, ev->status);
1020
1021 if (ev->status)
1022 return;
1023
1024 hci_dev_lock(hdev);
1025
1026 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1027 if (conn) {
1028 conn->state = BT_CLOSED;
1029
1030 hci_proto_disconn_cfm(conn, ev->reason);
1031 hci_conn_del(conn);
1032 }
1033
1034 hci_dev_unlock(hdev);
1035 }
1036
1037 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1038 {
1039 struct hci_ev_auth_complete *ev = (void *) skb->data;
1040 struct hci_conn *conn;
1041
1042 BT_DBG("%s status %d", hdev->name, ev->status);
1043
1044 hci_dev_lock(hdev);
1045
1046 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1047 if (conn) {
1048 if (!ev->status)
1049 conn->link_mode |= HCI_LM_AUTH;
1050
1051 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1052
1053 if (conn->state == BT_CONFIG) {
1054 if (!ev->status && hdev->ssp_mode > 0 &&
1055 conn->ssp_mode > 0) {
1056 struct hci_cp_set_conn_encrypt cp;
1057 cp.handle = ev->handle;
1058 cp.encrypt = 0x01;
1059 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1060 sizeof(cp), &cp);
1061 } else {
1062 conn->state = BT_CONNECTED;
1063 hci_proto_connect_cfm(conn, ev->status);
1064 hci_conn_put(conn);
1065 }
1066 } else
1067 hci_auth_cfm(conn, ev->status);
1068
1069 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1070 if (!ev->status) {
1071 struct hci_cp_set_conn_encrypt cp;
1072 cp.handle = ev->handle;
1073 cp.encrypt = 0x01;
1074 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT,
1075 sizeof(cp), &cp);
1076 } else {
1077 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1078 hci_encrypt_cfm(conn, ev->status, 0x00);
1079 }
1080 }
1081 }
1082
1083 hci_dev_unlock(hdev);
1084 }
1085
1086 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1087 {
1088 BT_DBG("%s", hdev->name);
1089
1090 hci_conn_check_pending(hdev);
1091 }
1092
1093 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1094 {
1095 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1096 struct hci_conn *conn;
1097
1098 BT_DBG("%s status %d", hdev->name, ev->status);
1099
1100 hci_dev_lock(hdev);
1101
1102 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1103 if (conn) {
1104 if (!ev->status) {
1105 if (ev->encrypt) {
1106 /* Encryption implies authentication */
1107 conn->link_mode |= HCI_LM_AUTH;
1108 conn->link_mode |= HCI_LM_ENCRYPT;
1109 } else
1110 conn->link_mode &= ~HCI_LM_ENCRYPT;
1111 }
1112
1113 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1114
1115 if (conn->state == BT_CONFIG) {
1116 if (!ev->status)
1117 conn->state = BT_CONNECTED;
1118
1119 hci_proto_connect_cfm(conn, ev->status);
1120 hci_conn_put(conn);
1121 } else
1122 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1123 }
1124
1125 hci_dev_unlock(hdev);
1126 }
1127
1128 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1129 {
1130 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1131 struct hci_conn *conn;
1132
1133 BT_DBG("%s status %d", hdev->name, ev->status);
1134
1135 hci_dev_lock(hdev);
1136
1137 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1138 if (conn) {
1139 if (!ev->status)
1140 conn->link_mode |= HCI_LM_SECURE;
1141
1142 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1143
1144 hci_key_change_cfm(conn, ev->status);
1145 }
1146
1147 hci_dev_unlock(hdev);
1148 }
1149
1150 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1151 {
1152 struct hci_ev_remote_features *ev = (void *) skb->data;
1153 struct hci_conn *conn;
1154
1155 BT_DBG("%s status %d", hdev->name, ev->status);
1156
1157 hci_dev_lock(hdev);
1158
1159 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1160 if (conn) {
1161 if (!ev->status)
1162 memcpy(conn->features, ev->features, 8);
1163
1164 if (conn->state == BT_CONFIG) {
1165 if (!ev->status && lmp_ssp_capable(hdev) &&
1166 lmp_ssp_capable(conn)) {
1167 struct hci_cp_read_remote_ext_features cp;
1168 cp.handle = ev->handle;
1169 cp.page = 0x01;
1170 hci_send_cmd(hdev,
1171 HCI_OP_READ_REMOTE_EXT_FEATURES,
1172 sizeof(cp), &cp);
1173 } else {
1174 conn->state = BT_CONNECTED;
1175 hci_proto_connect_cfm(conn, ev->status);
1176 hci_conn_put(conn);
1177 }
1178 }
1179 }
1180
1181 hci_dev_unlock(hdev);
1182 }
1183
1184 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1185 {
1186 BT_DBG("%s", hdev->name);
1187 }
1188
1189 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1190 {
1191 BT_DBG("%s", hdev->name);
1192 }
1193
1194 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1195 {
1196 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1197 __u16 opcode;
1198
1199 skb_pull(skb, sizeof(*ev));
1200
1201 opcode = __le16_to_cpu(ev->opcode);
1202
1203 switch (opcode) {
1204 case HCI_OP_INQUIRY_CANCEL:
1205 hci_cc_inquiry_cancel(hdev, skb);
1206 break;
1207
1208 case HCI_OP_EXIT_PERIODIC_INQ:
1209 hci_cc_exit_periodic_inq(hdev, skb);
1210 break;
1211
1212 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1213 hci_cc_remote_name_req_cancel(hdev, skb);
1214 break;
1215
1216 case HCI_OP_ROLE_DISCOVERY:
1217 hci_cc_role_discovery(hdev, skb);
1218 break;
1219
1220 case HCI_OP_READ_LINK_POLICY:
1221 hci_cc_read_link_policy(hdev, skb);
1222 break;
1223
1224 case HCI_OP_WRITE_LINK_POLICY:
1225 hci_cc_write_link_policy(hdev, skb);
1226 break;
1227
1228 case HCI_OP_READ_DEF_LINK_POLICY:
1229 hci_cc_read_def_link_policy(hdev, skb);
1230 break;
1231
1232 case HCI_OP_WRITE_DEF_LINK_POLICY:
1233 hci_cc_write_def_link_policy(hdev, skb);
1234 break;
1235
1236 case HCI_OP_RESET:
1237 hci_cc_reset(hdev, skb);
1238 break;
1239
1240 case HCI_OP_WRITE_LOCAL_NAME:
1241 hci_cc_write_local_name(hdev, skb);
1242 break;
1243
1244 case HCI_OP_READ_LOCAL_NAME:
1245 hci_cc_read_local_name(hdev, skb);
1246 break;
1247
1248 case HCI_OP_WRITE_AUTH_ENABLE:
1249 hci_cc_write_auth_enable(hdev, skb);
1250 break;
1251
1252 case HCI_OP_WRITE_ENCRYPT_MODE:
1253 hci_cc_write_encrypt_mode(hdev, skb);
1254 break;
1255
1256 case HCI_OP_WRITE_SCAN_ENABLE:
1257 hci_cc_write_scan_enable(hdev, skb);
1258 break;
1259
1260 case HCI_OP_READ_CLASS_OF_DEV:
1261 hci_cc_read_class_of_dev(hdev, skb);
1262 break;
1263
1264 case HCI_OP_WRITE_CLASS_OF_DEV:
1265 hci_cc_write_class_of_dev(hdev, skb);
1266 break;
1267
1268 case HCI_OP_READ_VOICE_SETTING:
1269 hci_cc_read_voice_setting(hdev, skb);
1270 break;
1271
1272 case HCI_OP_WRITE_VOICE_SETTING:
1273 hci_cc_write_voice_setting(hdev, skb);
1274 break;
1275
1276 case HCI_OP_HOST_BUFFER_SIZE:
1277 hci_cc_host_buffer_size(hdev, skb);
1278 break;
1279
1280 case HCI_OP_READ_SSP_MODE:
1281 hci_cc_read_ssp_mode(hdev, skb);
1282 break;
1283
1284 case HCI_OP_WRITE_SSP_MODE:
1285 hci_cc_write_ssp_mode(hdev, skb);
1286 break;
1287
1288 case HCI_OP_READ_LOCAL_VERSION:
1289 hci_cc_read_local_version(hdev, skb);
1290 break;
1291
1292 case HCI_OP_READ_LOCAL_COMMANDS:
1293 hci_cc_read_local_commands(hdev, skb);
1294 break;
1295
1296 case HCI_OP_READ_LOCAL_FEATURES:
1297 hci_cc_read_local_features(hdev, skb);
1298 break;
1299
1300 case HCI_OP_READ_BUFFER_SIZE:
1301 hci_cc_read_buffer_size(hdev, skb);
1302 break;
1303
1304 case HCI_OP_READ_BD_ADDR:
1305 hci_cc_read_bd_addr(hdev, skb);
1306 break;
1307
1308 default:
1309 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1310 break;
1311 }
1312
1313 if (ev->ncmd) {
1314 atomic_set(&hdev->cmd_cnt, 1);
1315 if (!skb_queue_empty(&hdev->cmd_q))
1316 hci_sched_cmd(hdev);
1317 }
1318 }
1319
1320 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
1321 {
1322 struct hci_ev_cmd_status *ev = (void *) skb->data;
1323 __u16 opcode;
1324
1325 skb_pull(skb, sizeof(*ev));
1326
1327 opcode = __le16_to_cpu(ev->opcode);
1328
1329 switch (opcode) {
1330 case HCI_OP_INQUIRY:
1331 hci_cs_inquiry(hdev, ev->status);
1332 break;
1333
1334 case HCI_OP_CREATE_CONN:
1335 hci_cs_create_conn(hdev, ev->status);
1336 break;
1337
1338 case HCI_OP_ADD_SCO:
1339 hci_cs_add_sco(hdev, ev->status);
1340 break;
1341
1342 case HCI_OP_AUTH_REQUESTED:
1343 hci_cs_auth_requested(hdev, ev->status);
1344 break;
1345
1346 case HCI_OP_SET_CONN_ENCRYPT:
1347 hci_cs_set_conn_encrypt(hdev, ev->status);
1348 break;
1349
1350 case HCI_OP_REMOTE_NAME_REQ:
1351 hci_cs_remote_name_req(hdev, ev->status);
1352 break;
1353
1354 case HCI_OP_READ_REMOTE_FEATURES:
1355 hci_cs_read_remote_features(hdev, ev->status);
1356 break;
1357
1358 case HCI_OP_READ_REMOTE_EXT_FEATURES:
1359 hci_cs_read_remote_ext_features(hdev, ev->status);
1360 break;
1361
1362 case HCI_OP_SETUP_SYNC_CONN:
1363 hci_cs_setup_sync_conn(hdev, ev->status);
1364 break;
1365
1366 case HCI_OP_SNIFF_MODE:
1367 hci_cs_sniff_mode(hdev, ev->status);
1368 break;
1369
1370 case HCI_OP_EXIT_SNIFF_MODE:
1371 hci_cs_exit_sniff_mode(hdev, ev->status);
1372 break;
1373
1374 default:
1375 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
1376 break;
1377 }
1378
1379 if (ev->ncmd) {
1380 atomic_set(&hdev->cmd_cnt, 1);
1381 if (!skb_queue_empty(&hdev->cmd_q))
1382 hci_sched_cmd(hdev);
1383 }
1384 }
1385
1386 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1387 {
1388 struct hci_ev_role_change *ev = (void *) skb->data;
1389 struct hci_conn *conn;
1390
1391 BT_DBG("%s status %d", hdev->name, ev->status);
1392
1393 hci_dev_lock(hdev);
1394
1395 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1396 if (conn) {
1397 if (!ev->status) {
1398 if (ev->role)
1399 conn->link_mode &= ~HCI_LM_MASTER;
1400 else
1401 conn->link_mode |= HCI_LM_MASTER;
1402 }
1403
1404 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
1405
1406 hci_role_switch_cfm(conn, ev->status, ev->role);
1407 }
1408
1409 hci_dev_unlock(hdev);
1410 }
1411
1412 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
1413 {
1414 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
1415 __le16 *ptr;
1416 int i;
1417
1418 skb_pull(skb, sizeof(*ev));
1419
1420 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
1421
1422 if (skb->len < ev->num_hndl * 4) {
1423 BT_DBG("%s bad parameters", hdev->name);
1424 return;
1425 }
1426
1427 tasklet_disable(&hdev->tx_task);
1428
1429 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
1430 struct hci_conn *conn;
1431 __u16 handle, count;
1432
1433 handle = get_unaligned_le16(ptr++);
1434 count = get_unaligned_le16(ptr++);
1435
1436 conn = hci_conn_hash_lookup_handle(hdev, handle);
1437 if (conn) {
1438 conn->sent -= count;
1439
1440 if (conn->type == ACL_LINK) {
1441 if ((hdev->acl_cnt += count) > hdev->acl_pkts)
1442 hdev->acl_cnt = hdev->acl_pkts;
1443 } else {
1444 if ((hdev->sco_cnt += count) > hdev->sco_pkts)
1445 hdev->sco_cnt = hdev->sco_pkts;
1446 }
1447 }
1448 }
1449
1450 hci_sched_tx(hdev);
1451
1452 tasklet_enable(&hdev->tx_task);
1453 }
1454
1455 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1456 {
1457 struct hci_ev_mode_change *ev = (void *) skb->data;
1458 struct hci_conn *conn;
1459
1460 BT_DBG("%s status %d", hdev->name, ev->status);
1461
1462 hci_dev_lock(hdev);
1463
1464 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1465 if (conn) {
1466 conn->mode = ev->mode;
1467 conn->interval = __le16_to_cpu(ev->interval);
1468
1469 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
1470 if (conn->mode == HCI_CM_ACTIVE)
1471 conn->power_save = 1;
1472 else
1473 conn->power_save = 0;
1474 }
1475 }
1476
1477 hci_dev_unlock(hdev);
1478 }
1479
1480 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1481 {
1482 BT_DBG("%s", hdev->name);
1483 }
1484
1485 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1486 {
1487 BT_DBG("%s", hdev->name);
1488 }
1489
1490 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
1491 {
1492 BT_DBG("%s", hdev->name);
1493 }
1494
1495 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
1496 {
1497 struct hci_ev_clock_offset *ev = (void *) skb->data;
1498 struct hci_conn *conn;
1499
1500 BT_DBG("%s status %d", hdev->name, ev->status);
1501
1502 hci_dev_lock(hdev);
1503
1504 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1505 if (conn && !ev->status) {
1506 struct inquiry_entry *ie;
1507
1508 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
1509 ie->data.clock_offset = ev->clock_offset;
1510 ie->timestamp = jiffies;
1511 }
1512 }
1513
1514 hci_dev_unlock(hdev);
1515 }
1516
1517 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1518 {
1519 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
1520 struct hci_conn *conn;
1521
1522 BT_DBG("%s status %d", hdev->name, ev->status);
1523
1524 hci_dev_lock(hdev);
1525
1526 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1527 if (conn && !ev->status)
1528 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
1529
1530 hci_dev_unlock(hdev);
1531 }
1532
1533 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
1534 {
1535 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
1536 struct inquiry_entry *ie;
1537
1538 BT_DBG("%s", hdev->name);
1539
1540 hci_dev_lock(hdev);
1541
1542 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr))) {
1543 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
1544 ie->timestamp = jiffies;
1545 }
1546
1547 hci_dev_unlock(hdev);
1548 }
1549
1550 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
1551 {
1552 struct inquiry_data data;
1553 int num_rsp = *((__u8 *) skb->data);
1554
1555 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1556
1557 if (!num_rsp)
1558 return;
1559
1560 hci_dev_lock(hdev);
1561
1562 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
1563 struct inquiry_info_with_rssi_and_pscan_mode *info = (void *) (skb->data + 1);
1564
1565 for (; num_rsp; num_rsp--) {
1566 bacpy(&data.bdaddr, &info->bdaddr);
1567 data.pscan_rep_mode = info->pscan_rep_mode;
1568 data.pscan_period_mode = info->pscan_period_mode;
1569 data.pscan_mode = info->pscan_mode;
1570 memcpy(data.dev_class, info->dev_class, 3);
1571 data.clock_offset = info->clock_offset;
1572 data.rssi = info->rssi;
1573 data.ssp_mode = 0x00;
1574 info++;
1575 hci_inquiry_cache_update(hdev, &data);
1576 }
1577 } else {
1578 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
1579
1580 for (; num_rsp; num_rsp--) {
1581 bacpy(&data.bdaddr, &info->bdaddr);
1582 data.pscan_rep_mode = info->pscan_rep_mode;
1583 data.pscan_period_mode = info->pscan_period_mode;
1584 data.pscan_mode = 0x00;
1585 memcpy(data.dev_class, info->dev_class, 3);
1586 data.clock_offset = info->clock_offset;
1587 data.rssi = info->rssi;
1588 data.ssp_mode = 0x00;
1589 info++;
1590 hci_inquiry_cache_update(hdev, &data);
1591 }
1592 }
1593
1594 hci_dev_unlock(hdev);
1595 }
1596
1597 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1598 {
1599 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
1600 struct hci_conn *conn;
1601
1602 BT_DBG("%s", hdev->name);
1603
1604 hci_dev_lock(hdev);
1605
1606 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1607 if (conn) {
1608 if (!ev->status && ev->page == 0x01) {
1609 struct inquiry_entry *ie;
1610
1611 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst)))
1612 ie->data.ssp_mode = (ev->features[0] & 0x01);
1613
1614 conn->ssp_mode = (ev->features[0] & 0x01);
1615 }
1616
1617 if (conn->state == BT_CONFIG) {
1618 if (!ev->status && hdev->ssp_mode > 0 &&
1619 conn->ssp_mode > 0 && conn->out &&
1620 conn->sec_level != BT_SECURITY_SDP) {
1621 struct hci_cp_auth_requested cp;
1622 cp.handle = ev->handle;
1623 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED,
1624 sizeof(cp), &cp);
1625 } else {
1626 conn->state = BT_CONNECTED;
1627 hci_proto_connect_cfm(conn, ev->status);
1628 hci_conn_put(conn);
1629 }
1630 }
1631 }
1632
1633 hci_dev_unlock(hdev);
1634 }
1635
1636 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1637 {
1638 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
1639 struct hci_conn *conn;
1640
1641 BT_DBG("%s status %d", hdev->name, ev->status);
1642
1643 hci_dev_lock(hdev);
1644
1645 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1646 if (!conn) {
1647 if (ev->link_type == ESCO_LINK)
1648 goto unlock;
1649
1650 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1651 if (!conn)
1652 goto unlock;
1653
1654 conn->type = SCO_LINK;
1655 }
1656
1657 switch (ev->status) {
1658 case 0x00:
1659 conn->handle = __le16_to_cpu(ev->handle);
1660 conn->state = BT_CONNECTED;
1661
1662 hci_conn_add_sysfs(conn);
1663 break;
1664
1665 case 0x1c: /* SCO interval rejected */
1666 case 0x1f: /* Unspecified error */
1667 if (conn->out && conn->attempt < 2) {
1668 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
1669 (hdev->esco_type & EDR_ESCO_MASK);
1670 hci_setup_sync(conn, conn->link->handle);
1671 goto unlock;
1672 }
1673 /* fall through */
1674
1675 default:
1676 conn->state = BT_CLOSED;
1677 break;
1678 }
1679
1680 hci_proto_connect_cfm(conn, ev->status);
1681 if (ev->status)
1682 hci_conn_del(conn);
1683
1684 unlock:
1685 hci_dev_unlock(hdev);
1686 }
1687
1688 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
1689 {
1690 BT_DBG("%s", hdev->name);
1691 }
1692
1693 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
1694 {
1695 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
1696 struct hci_conn *conn;
1697
1698 BT_DBG("%s status %d", hdev->name, ev->status);
1699
1700 hci_dev_lock(hdev);
1701
1702 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1703 if (conn) {
1704 }
1705
1706 hci_dev_unlock(hdev);
1707 }
1708
1709 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1710 {
1711 struct inquiry_data data;
1712 struct extended_inquiry_info *info = (void *) (skb->data + 1);
1713 int num_rsp = *((__u8 *) skb->data);
1714
1715 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1716
1717 if (!num_rsp)
1718 return;
1719
1720 hci_dev_lock(hdev);
1721
1722 for (; num_rsp; num_rsp--) {
1723 bacpy(&data.bdaddr, &info->bdaddr);
1724 data.pscan_rep_mode = info->pscan_rep_mode;
1725 data.pscan_period_mode = info->pscan_period_mode;
1726 data.pscan_mode = 0x00;
1727 memcpy(data.dev_class, info->dev_class, 3);
1728 data.clock_offset = info->clock_offset;
1729 data.rssi = info->rssi;
1730 data.ssp_mode = 0x01;
1731 info++;
1732 hci_inquiry_cache_update(hdev, &data);
1733 }
1734
1735 hci_dev_unlock(hdev);
1736 }
1737
1738 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1739 {
1740 struct hci_ev_io_capa_request *ev = (void *) skb->data;
1741 struct hci_conn *conn;
1742
1743 BT_DBG("%s", hdev->name);
1744
1745 hci_dev_lock(hdev);
1746
1747 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1748 if (conn)
1749 hci_conn_hold(conn);
1750
1751 hci_dev_unlock(hdev);
1752 }
1753
1754 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1755 {
1756 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
1757 struct hci_conn *conn;
1758
1759 BT_DBG("%s", hdev->name);
1760
1761 hci_dev_lock(hdev);
1762
1763 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1764 if (conn)
1765 hci_conn_put(conn);
1766
1767 hci_dev_unlock(hdev);
1768 }
1769
1770 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1771 {
1772 struct hci_ev_remote_host_features *ev = (void *) skb->data;
1773 struct inquiry_entry *ie;
1774
1775 BT_DBG("%s", hdev->name);
1776
1777 hci_dev_lock(hdev);
1778
1779 if ((ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr)))
1780 ie->data.ssp_mode = (ev->features[0] & 0x01);
1781
1782 hci_dev_unlock(hdev);
1783 }
1784
1785 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
1786 {
1787 struct hci_event_hdr *hdr = (void *) skb->data;
1788 __u8 event = hdr->evt;
1789
1790 skb_pull(skb, HCI_EVENT_HDR_SIZE);
1791
1792 switch (event) {
1793 case HCI_EV_INQUIRY_COMPLETE:
1794 hci_inquiry_complete_evt(hdev, skb);
1795 break;
1796
1797 case HCI_EV_INQUIRY_RESULT:
1798 hci_inquiry_result_evt(hdev, skb);
1799 break;
1800
1801 case HCI_EV_CONN_COMPLETE:
1802 hci_conn_complete_evt(hdev, skb);
1803 break;
1804
1805 case HCI_EV_CONN_REQUEST:
1806 hci_conn_request_evt(hdev, skb);
1807 break;
1808
1809 case HCI_EV_DISCONN_COMPLETE:
1810 hci_disconn_complete_evt(hdev, skb);
1811 break;
1812
1813 case HCI_EV_AUTH_COMPLETE:
1814 hci_auth_complete_evt(hdev, skb);
1815 break;
1816
1817 case HCI_EV_REMOTE_NAME:
1818 hci_remote_name_evt(hdev, skb);
1819 break;
1820
1821 case HCI_EV_ENCRYPT_CHANGE:
1822 hci_encrypt_change_evt(hdev, skb);
1823 break;
1824
1825 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
1826 hci_change_link_key_complete_evt(hdev, skb);
1827 break;
1828
1829 case HCI_EV_REMOTE_FEATURES:
1830 hci_remote_features_evt(hdev, skb);
1831 break;
1832
1833 case HCI_EV_REMOTE_VERSION:
1834 hci_remote_version_evt(hdev, skb);
1835 break;
1836
1837 case HCI_EV_QOS_SETUP_COMPLETE:
1838 hci_qos_setup_complete_evt(hdev, skb);
1839 break;
1840
1841 case HCI_EV_CMD_COMPLETE:
1842 hci_cmd_complete_evt(hdev, skb);
1843 break;
1844
1845 case HCI_EV_CMD_STATUS:
1846 hci_cmd_status_evt(hdev, skb);
1847 break;
1848
1849 case HCI_EV_ROLE_CHANGE:
1850 hci_role_change_evt(hdev, skb);
1851 break;
1852
1853 case HCI_EV_NUM_COMP_PKTS:
1854 hci_num_comp_pkts_evt(hdev, skb);
1855 break;
1856
1857 case HCI_EV_MODE_CHANGE:
1858 hci_mode_change_evt(hdev, skb);
1859 break;
1860
1861 case HCI_EV_PIN_CODE_REQ:
1862 hci_pin_code_request_evt(hdev, skb);
1863 break;
1864
1865 case HCI_EV_LINK_KEY_REQ:
1866 hci_link_key_request_evt(hdev, skb);
1867 break;
1868
1869 case HCI_EV_LINK_KEY_NOTIFY:
1870 hci_link_key_notify_evt(hdev, skb);
1871 break;
1872
1873 case HCI_EV_CLOCK_OFFSET:
1874 hci_clock_offset_evt(hdev, skb);
1875 break;
1876
1877 case HCI_EV_PKT_TYPE_CHANGE:
1878 hci_pkt_type_change_evt(hdev, skb);
1879 break;
1880
1881 case HCI_EV_PSCAN_REP_MODE:
1882 hci_pscan_rep_mode_evt(hdev, skb);
1883 break;
1884
1885 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
1886 hci_inquiry_result_with_rssi_evt(hdev, skb);
1887 break;
1888
1889 case HCI_EV_REMOTE_EXT_FEATURES:
1890 hci_remote_ext_features_evt(hdev, skb);
1891 break;
1892
1893 case HCI_EV_SYNC_CONN_COMPLETE:
1894 hci_sync_conn_complete_evt(hdev, skb);
1895 break;
1896
1897 case HCI_EV_SYNC_CONN_CHANGED:
1898 hci_sync_conn_changed_evt(hdev, skb);
1899 break;
1900
1901 case HCI_EV_SNIFF_SUBRATE:
1902 hci_sniff_subrate_evt(hdev, skb);
1903 break;
1904
1905 case HCI_EV_EXTENDED_INQUIRY_RESULT:
1906 hci_extended_inquiry_result_evt(hdev, skb);
1907 break;
1908
1909 case HCI_EV_IO_CAPA_REQUEST:
1910 hci_io_capa_request_evt(hdev, skb);
1911 break;
1912
1913 case HCI_EV_SIMPLE_PAIR_COMPLETE:
1914 hci_simple_pair_complete_evt(hdev, skb);
1915 break;
1916
1917 case HCI_EV_REMOTE_HOST_FEATURES:
1918 hci_remote_host_features_evt(hdev, skb);
1919 break;
1920
1921 default:
1922 BT_DBG("%s event 0x%x", hdev->name, event);
1923 break;
1924 }
1925
1926 kfree_skb(skb);
1927 hdev->stat.evt_rx++;
1928 }
1929
1930 /* Generate internal stack event */
1931 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
1932 {
1933 struct hci_event_hdr *hdr;
1934 struct hci_ev_stack_internal *ev;
1935 struct sk_buff *skb;
1936
1937 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
1938 if (!skb)
1939 return;
1940
1941 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
1942 hdr->evt = HCI_EV_STACK_INTERNAL;
1943 hdr->plen = sizeof(*ev) + dlen;
1944
1945 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
1946 ev->type = type;
1947 memcpy(ev->data, data, dlen);
1948
1949 bt_cb(skb)->incoming = 1;
1950 __net_timestamp(skb);
1951
1952 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
1953 skb->dev = (void *) hdev;
1954 hci_send_to_sock(hdev, skb);
1955 kfree_skb(skb);
1956 }
linux kernel for loongson