2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <linux/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
50 /* Handle HCI Event packets */
52 static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb)
54 __u8 status = *((__u8 *) skb->data);
56 BT_DBG("%s status 0x%x", hdev->name, status);
60 mgmt_stop_discovery_failed(hdev, status);
65 clear_bit(HCI_INQUIRY, &hdev->flags);
68 mgmt_discovering(hdev, 0);
71 hci_req_complete(hdev, HCI_OP_INQUIRY_CANCEL, status);
73 hci_conn_check_pending(hdev);
76 static void hci_cc_exit_periodic_inq(struct hci_dev *hdev, struct sk_buff *skb)
78 __u8 status = *((__u8 *) skb->data);
80 BT_DBG("%s status 0x%x", hdev->name, status);
85 hci_conn_check_pending(hdev);
88 static void hci_cc_remote_name_req_cancel(struct hci_dev *hdev, struct sk_buff *skb)
90 BT_DBG("%s", hdev->name);
93 static void hci_cc_role_discovery(struct hci_dev *hdev, struct sk_buff *skb)
95 struct hci_rp_role_discovery *rp = (void *) skb->data;
96 struct hci_conn *conn;
98 BT_DBG("%s status 0x%x", hdev->name, rp->status);
105 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
108 conn->link_mode &= ~HCI_LM_MASTER;
110 conn->link_mode |= HCI_LM_MASTER;
113 hci_dev_unlock(hdev);
116 static void hci_cc_read_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
118 struct hci_rp_read_link_policy *rp = (void *) skb->data;
119 struct hci_conn *conn;
121 BT_DBG("%s status 0x%x", hdev->name, rp->status);
128 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
130 conn->link_policy = __le16_to_cpu(rp->policy);
132 hci_dev_unlock(hdev);
135 static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
137 struct hci_rp_write_link_policy *rp = (void *) skb->data;
138 struct hci_conn *conn;
141 BT_DBG("%s status 0x%x", hdev->name, rp->status);
146 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LINK_POLICY);
152 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
154 conn->link_policy = get_unaligned_le16(sent + 2);
156 hci_dev_unlock(hdev);
159 static void hci_cc_read_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
161 struct hci_rp_read_def_link_policy *rp = (void *) skb->data;
163 BT_DBG("%s status 0x%x", hdev->name, rp->status);
168 hdev->link_policy = __le16_to_cpu(rp->policy);
171 static void hci_cc_write_def_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
173 __u8 status = *((__u8 *) skb->data);
176 BT_DBG("%s status 0x%x", hdev->name, status);
178 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_DEF_LINK_POLICY);
183 hdev->link_policy = get_unaligned_le16(sent);
185 hci_req_complete(hdev, HCI_OP_WRITE_DEF_LINK_POLICY, status);
188 static void hci_cc_reset(struct hci_dev *hdev, struct sk_buff *skb)
190 __u8 status = *((__u8 *) skb->data);
192 BT_DBG("%s status 0x%x", hdev->name, status);
194 clear_bit(HCI_RESET, &hdev->flags);
196 hci_req_complete(hdev, HCI_OP_RESET, status);
199 static void hci_cc_write_local_name(struct hci_dev *hdev, struct sk_buff *skb)
201 __u8 status = *((__u8 *) skb->data);
204 BT_DBG("%s status 0x%x", hdev->name, status);
206 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_LOCAL_NAME);
212 if (test_bit(HCI_MGMT, &hdev->flags))
213 mgmt_set_local_name_complete(hdev, sent, status);
216 memcpy(hdev->dev_name, sent, HCI_MAX_NAME_LENGTH);
218 hci_dev_unlock(hdev);
221 static void hci_cc_read_local_name(struct hci_dev *hdev, struct sk_buff *skb)
223 struct hci_rp_read_local_name *rp = (void *) skb->data;
225 BT_DBG("%s status 0x%x", hdev->name, rp->status);
230 memcpy(hdev->dev_name, rp->name, HCI_MAX_NAME_LENGTH);
233 static void hci_cc_write_auth_enable(struct hci_dev *hdev, struct sk_buff *skb)
235 __u8 status = *((__u8 *) skb->data);
238 BT_DBG("%s status 0x%x", hdev->name, status);
240 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_AUTH_ENABLE);
245 __u8 param = *((__u8 *) sent);
247 if (param == AUTH_ENABLED)
248 set_bit(HCI_AUTH, &hdev->flags);
250 clear_bit(HCI_AUTH, &hdev->flags);
253 hci_req_complete(hdev, HCI_OP_WRITE_AUTH_ENABLE, status);
256 static void hci_cc_write_encrypt_mode(struct hci_dev *hdev, struct sk_buff *skb)
258 __u8 status = *((__u8 *) skb->data);
261 BT_DBG("%s status 0x%x", hdev->name, status);
263 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_ENCRYPT_MODE);
268 __u8 param = *((__u8 *) sent);
271 set_bit(HCI_ENCRYPT, &hdev->flags);
273 clear_bit(HCI_ENCRYPT, &hdev->flags);
276 hci_req_complete(hdev, HCI_OP_WRITE_ENCRYPT_MODE, status);
279 static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
281 __u8 param, status = *((__u8 *) skb->data);
282 int old_pscan, old_iscan;
285 BT_DBG("%s status 0x%x", hdev->name, status);
287 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SCAN_ENABLE);
291 param = *((__u8 *) sent);
296 mgmt_write_scan_failed(hdev, param, status);
297 hdev->discov_timeout = 0;
301 old_pscan = test_and_clear_bit(HCI_PSCAN, &hdev->flags);
302 old_iscan = test_and_clear_bit(HCI_ISCAN, &hdev->flags);
304 if (param & SCAN_INQUIRY) {
305 set_bit(HCI_ISCAN, &hdev->flags);
307 mgmt_discoverable(hdev, 1);
308 if (hdev->discov_timeout > 0) {
309 int to = msecs_to_jiffies(hdev->discov_timeout * 1000);
310 queue_delayed_work(hdev->workqueue, &hdev->discov_off,
313 } else if (old_iscan)
314 mgmt_discoverable(hdev, 0);
316 if (param & SCAN_PAGE) {
317 set_bit(HCI_PSCAN, &hdev->flags);
319 mgmt_connectable(hdev, 1);
320 } else if (old_pscan)
321 mgmt_connectable(hdev, 0);
324 hci_dev_unlock(hdev);
325 hci_req_complete(hdev, HCI_OP_WRITE_SCAN_ENABLE, status);
328 static void hci_cc_read_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
330 struct hci_rp_read_class_of_dev *rp = (void *) skb->data;
332 BT_DBG("%s status 0x%x", hdev->name, rp->status);
337 memcpy(hdev->dev_class, rp->dev_class, 3);
339 BT_DBG("%s class 0x%.2x%.2x%.2x", hdev->name,
340 hdev->dev_class[2], hdev->dev_class[1], hdev->dev_class[0]);
343 static void hci_cc_write_class_of_dev(struct hci_dev *hdev, struct sk_buff *skb)
345 __u8 status = *((__u8 *) skb->data);
348 BT_DBG("%s status 0x%x", hdev->name, status);
353 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_CLASS_OF_DEV);
357 memcpy(hdev->dev_class, sent, 3);
360 static void hci_cc_read_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
362 struct hci_rp_read_voice_setting *rp = (void *) skb->data;
365 BT_DBG("%s status 0x%x", hdev->name, rp->status);
370 setting = __le16_to_cpu(rp->voice_setting);
372 if (hdev->voice_setting == setting)
375 hdev->voice_setting = setting;
377 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
380 tasklet_disable(&hdev->tx_task);
381 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
382 tasklet_enable(&hdev->tx_task);
386 static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb)
388 __u8 status = *((__u8 *) skb->data);
392 BT_DBG("%s status 0x%x", hdev->name, status);
397 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_VOICE_SETTING);
401 setting = get_unaligned_le16(sent);
403 if (hdev->voice_setting == setting)
406 hdev->voice_setting = setting;
408 BT_DBG("%s voice setting 0x%04x", hdev->name, setting);
411 tasklet_disable(&hdev->tx_task);
412 hdev->notify(hdev, HCI_NOTIFY_VOICE_SETTING);
413 tasklet_enable(&hdev->tx_task);
417 static void hci_cc_host_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
419 __u8 status = *((__u8 *) skb->data);
421 BT_DBG("%s status 0x%x", hdev->name, status);
423 hci_req_complete(hdev, HCI_OP_HOST_BUFFER_SIZE, status);
426 static void hci_cc_read_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
428 struct hci_rp_read_ssp_mode *rp = (void *) skb->data;
430 BT_DBG("%s status 0x%x", hdev->name, rp->status);
435 hdev->ssp_mode = rp->mode;
438 static void hci_cc_write_ssp_mode(struct hci_dev *hdev, struct sk_buff *skb)
440 __u8 status = *((__u8 *) skb->data);
443 BT_DBG("%s status 0x%x", hdev->name, status);
448 sent = hci_sent_cmd_data(hdev, HCI_OP_WRITE_SSP_MODE);
452 hdev->ssp_mode = *((__u8 *) sent);
455 static u8 hci_get_inquiry_mode(struct hci_dev *hdev)
457 if (hdev->features[6] & LMP_EXT_INQ)
460 if (hdev->features[3] & LMP_RSSI_INQ)
463 if (hdev->manufacturer == 11 && hdev->hci_rev == 0x00 &&
464 hdev->lmp_subver == 0x0757)
467 if (hdev->manufacturer == 15) {
468 if (hdev->hci_rev == 0x03 && hdev->lmp_subver == 0x6963)
470 if (hdev->hci_rev == 0x09 && hdev->lmp_subver == 0x6963)
472 if (hdev->hci_rev == 0x00 && hdev->lmp_subver == 0x6965)
476 if (hdev->manufacturer == 31 && hdev->hci_rev == 0x2005 &&
477 hdev->lmp_subver == 0x1805)
483 static void hci_setup_inquiry_mode(struct hci_dev *hdev)
487 mode = hci_get_inquiry_mode(hdev);
489 hci_send_cmd(hdev, HCI_OP_WRITE_INQUIRY_MODE, 1, &mode);
492 static void hci_setup_event_mask(struct hci_dev *hdev)
494 /* The second byte is 0xff instead of 0x9f (two reserved bits
495 * disabled) since a Broadcom 1.2 dongle doesn't respond to the
496 * command otherwise */
497 u8 events[8] = { 0xff, 0xff, 0xfb, 0xff, 0x00, 0x00, 0x00, 0x00 };
499 /* CSR 1.1 dongles does not accept any bitfield so don't try to set
500 * any event mask for pre 1.2 devices */
501 if (hdev->lmp_ver <= 1)
504 events[4] |= 0x01; /* Flow Specification Complete */
505 events[4] |= 0x02; /* Inquiry Result with RSSI */
506 events[4] |= 0x04; /* Read Remote Extended Features Complete */
507 events[5] |= 0x08; /* Synchronous Connection Complete */
508 events[5] |= 0x10; /* Synchronous Connection Changed */
510 if (hdev->features[3] & LMP_RSSI_INQ)
511 events[4] |= 0x04; /* Inquiry Result with RSSI */
513 if (hdev->features[5] & LMP_SNIFF_SUBR)
514 events[5] |= 0x20; /* Sniff Subrating */
516 if (hdev->features[5] & LMP_PAUSE_ENC)
517 events[5] |= 0x80; /* Encryption Key Refresh Complete */
519 if (hdev->features[6] & LMP_EXT_INQ)
520 events[5] |= 0x40; /* Extended Inquiry Result */
522 if (hdev->features[6] & LMP_NO_FLUSH)
523 events[7] |= 0x01; /* Enhanced Flush Complete */
525 if (hdev->features[7] & LMP_LSTO)
526 events[6] |= 0x80; /* Link Supervision Timeout Changed */
528 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
529 events[6] |= 0x01; /* IO Capability Request */
530 events[6] |= 0x02; /* IO Capability Response */
531 events[6] |= 0x04; /* User Confirmation Request */
532 events[6] |= 0x08; /* User Passkey Request */
533 events[6] |= 0x10; /* Remote OOB Data Request */
534 events[6] |= 0x20; /* Simple Pairing Complete */
535 events[7] |= 0x04; /* User Passkey Notification */
536 events[7] |= 0x08; /* Keypress Notification */
537 events[7] |= 0x10; /* Remote Host Supported
538 * Features Notification */
541 if (hdev->features[4] & LMP_LE)
542 events[7] |= 0x20; /* LE Meta-Event */
544 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
547 static void hci_set_le_support(struct hci_dev *hdev)
549 struct hci_cp_write_le_host_supported cp;
551 memset(&cp, 0, sizeof(cp));
555 cp.simul = !!(hdev->features[6] & LMP_SIMUL_LE_BR);
558 hci_send_cmd(hdev, HCI_OP_WRITE_LE_HOST_SUPPORTED, sizeof(cp), &cp);
561 static void hci_setup(struct hci_dev *hdev)
563 hci_setup_event_mask(hdev);
565 if (hdev->lmp_ver > 1)
566 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_COMMANDS, 0, NULL);
568 if (hdev->features[6] & LMP_SIMPLE_PAIR) {
570 hci_send_cmd(hdev, HCI_OP_WRITE_SSP_MODE, sizeof(mode), &mode);
573 if (hdev->features[3] & LMP_RSSI_INQ)
574 hci_setup_inquiry_mode(hdev);
576 if (hdev->features[7] & LMP_INQ_TX_PWR)
577 hci_send_cmd(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, 0, NULL);
579 if (hdev->features[7] & LMP_EXTFEATURES) {
580 struct hci_cp_read_local_ext_features cp;
583 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES,
587 if (hdev->features[4] & LMP_LE)
588 hci_set_le_support(hdev);
591 static void hci_cc_read_local_version(struct hci_dev *hdev, struct sk_buff *skb)
593 struct hci_rp_read_local_version *rp = (void *) skb->data;
595 BT_DBG("%s status 0x%x", hdev->name, rp->status);
600 hdev->hci_ver = rp->hci_ver;
601 hdev->hci_rev = __le16_to_cpu(rp->hci_rev);
602 hdev->lmp_ver = rp->lmp_ver;
603 hdev->manufacturer = __le16_to_cpu(rp->manufacturer);
604 hdev->lmp_subver = __le16_to_cpu(rp->lmp_subver);
606 BT_DBG("%s manufacturer %d hci ver %d:%d", hdev->name,
608 hdev->hci_ver, hdev->hci_rev);
610 if (test_bit(HCI_INIT, &hdev->flags))
614 static void hci_setup_link_policy(struct hci_dev *hdev)
618 if (hdev->features[0] & LMP_RSWITCH)
619 link_policy |= HCI_LP_RSWITCH;
620 if (hdev->features[0] & LMP_HOLD)
621 link_policy |= HCI_LP_HOLD;
622 if (hdev->features[0] & LMP_SNIFF)
623 link_policy |= HCI_LP_SNIFF;
624 if (hdev->features[1] & LMP_PARK)
625 link_policy |= HCI_LP_PARK;
627 link_policy = cpu_to_le16(link_policy);
628 hci_send_cmd(hdev, HCI_OP_WRITE_DEF_LINK_POLICY,
629 sizeof(link_policy), &link_policy);
632 static void hci_cc_read_local_commands(struct hci_dev *hdev, struct sk_buff *skb)
634 struct hci_rp_read_local_commands *rp = (void *) skb->data;
636 BT_DBG("%s status 0x%x", hdev->name, rp->status);
641 memcpy(hdev->commands, rp->commands, sizeof(hdev->commands));
643 if (test_bit(HCI_INIT, &hdev->flags) && (hdev->commands[5] & 0x10))
644 hci_setup_link_policy(hdev);
647 hci_req_complete(hdev, HCI_OP_READ_LOCAL_COMMANDS, rp->status);
650 static void hci_cc_read_local_features(struct hci_dev *hdev, struct sk_buff *skb)
652 struct hci_rp_read_local_features *rp = (void *) skb->data;
654 BT_DBG("%s status 0x%x", hdev->name, rp->status);
659 memcpy(hdev->features, rp->features, 8);
661 /* Adjust default settings according to features
662 * supported by device. */
664 if (hdev->features[0] & LMP_3SLOT)
665 hdev->pkt_type |= (HCI_DM3 | HCI_DH3);
667 if (hdev->features[0] & LMP_5SLOT)
668 hdev->pkt_type |= (HCI_DM5 | HCI_DH5);
670 if (hdev->features[1] & LMP_HV2) {
671 hdev->pkt_type |= (HCI_HV2);
672 hdev->esco_type |= (ESCO_HV2);
675 if (hdev->features[1] & LMP_HV3) {
676 hdev->pkt_type |= (HCI_HV3);
677 hdev->esco_type |= (ESCO_HV3);
680 if (hdev->features[3] & LMP_ESCO)
681 hdev->esco_type |= (ESCO_EV3);
683 if (hdev->features[4] & LMP_EV4)
684 hdev->esco_type |= (ESCO_EV4);
686 if (hdev->features[4] & LMP_EV5)
687 hdev->esco_type |= (ESCO_EV5);
689 if (hdev->features[5] & LMP_EDR_ESCO_2M)
690 hdev->esco_type |= (ESCO_2EV3);
692 if (hdev->features[5] & LMP_EDR_ESCO_3M)
693 hdev->esco_type |= (ESCO_3EV3);
695 if (hdev->features[5] & LMP_EDR_3S_ESCO)
696 hdev->esco_type |= (ESCO_2EV5 | ESCO_3EV5);
698 BT_DBG("%s features 0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", hdev->name,
699 hdev->features[0], hdev->features[1],
700 hdev->features[2], hdev->features[3],
701 hdev->features[4], hdev->features[5],
702 hdev->features[6], hdev->features[7]);
705 static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
708 struct hci_rp_read_local_ext_features *rp = (void *) skb->data;
710 BT_DBG("%s status 0x%x", hdev->name, rp->status);
715 memcpy(hdev->extfeatures, rp->features, 8);
717 hci_req_complete(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, rp->status);
720 static void hci_cc_read_flow_control_mode(struct hci_dev *hdev,
723 struct hci_rp_read_flow_control_mode *rp = (void *) skb->data;
725 BT_DBG("%s status 0x%x", hdev->name, rp->status);
730 hdev->flow_ctl_mode = rp->mode;
732 hci_req_complete(hdev, HCI_OP_READ_FLOW_CONTROL_MODE, rp->status);
735 static void hci_cc_read_buffer_size(struct hci_dev *hdev, struct sk_buff *skb)
737 struct hci_rp_read_buffer_size *rp = (void *) skb->data;
739 BT_DBG("%s status 0x%x", hdev->name, rp->status);
744 hdev->acl_mtu = __le16_to_cpu(rp->acl_mtu);
745 hdev->sco_mtu = rp->sco_mtu;
746 hdev->acl_pkts = __le16_to_cpu(rp->acl_max_pkt);
747 hdev->sco_pkts = __le16_to_cpu(rp->sco_max_pkt);
749 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks)) {
754 hdev->acl_cnt = hdev->acl_pkts;
755 hdev->sco_cnt = hdev->sco_pkts;
757 BT_DBG("%s acl mtu %d:%d sco mtu %d:%d", hdev->name,
758 hdev->acl_mtu, hdev->acl_pkts,
759 hdev->sco_mtu, hdev->sco_pkts);
762 static void hci_cc_read_bd_addr(struct hci_dev *hdev, struct sk_buff *skb)
764 struct hci_rp_read_bd_addr *rp = (void *) skb->data;
766 BT_DBG("%s status 0x%x", hdev->name, rp->status);
769 bacpy(&hdev->bdaddr, &rp->bdaddr);
771 hci_req_complete(hdev, HCI_OP_READ_BD_ADDR, rp->status);
774 static void hci_cc_write_ca_timeout(struct hci_dev *hdev, struct sk_buff *skb)
776 __u8 status = *((__u8 *) skb->data);
778 BT_DBG("%s status 0x%x", hdev->name, status);
780 hci_req_complete(hdev, HCI_OP_WRITE_CA_TIMEOUT, status);
783 static void hci_cc_read_local_amp_info(struct hci_dev *hdev,
786 struct hci_rp_read_local_amp_info *rp = (void *) skb->data;
788 BT_DBG("%s status 0x%x", hdev->name, rp->status);
793 hdev->amp_status = rp->amp_status;
794 hdev->amp_total_bw = __le32_to_cpu(rp->total_bw);
795 hdev->amp_max_bw = __le32_to_cpu(rp->max_bw);
796 hdev->amp_min_latency = __le32_to_cpu(rp->min_latency);
797 hdev->amp_max_pdu = __le32_to_cpu(rp->max_pdu);
798 hdev->amp_type = rp->amp_type;
799 hdev->amp_pal_cap = __le16_to_cpu(rp->pal_cap);
800 hdev->amp_assoc_size = __le16_to_cpu(rp->max_assoc_size);
801 hdev->amp_be_flush_to = __le32_to_cpu(rp->be_flush_to);
802 hdev->amp_max_flush_to = __le32_to_cpu(rp->max_flush_to);
804 hci_req_complete(hdev, HCI_OP_READ_LOCAL_AMP_INFO, rp->status);
807 static void hci_cc_delete_stored_link_key(struct hci_dev *hdev,
810 __u8 status = *((__u8 *) skb->data);
812 BT_DBG("%s status 0x%x", hdev->name, status);
814 hci_req_complete(hdev, HCI_OP_DELETE_STORED_LINK_KEY, status);
817 static void hci_cc_set_event_mask(struct hci_dev *hdev, struct sk_buff *skb)
819 __u8 status = *((__u8 *) skb->data);
821 BT_DBG("%s status 0x%x", hdev->name, status);
823 hci_req_complete(hdev, HCI_OP_SET_EVENT_MASK, status);
826 static void hci_cc_write_inquiry_mode(struct hci_dev *hdev,
829 __u8 status = *((__u8 *) skb->data);
831 BT_DBG("%s status 0x%x", hdev->name, status);
833 hci_req_complete(hdev, HCI_OP_WRITE_INQUIRY_MODE, status);
836 static void hci_cc_read_inq_rsp_tx_power(struct hci_dev *hdev,
839 __u8 status = *((__u8 *) skb->data);
841 BT_DBG("%s status 0x%x", hdev->name, status);
843 hci_req_complete(hdev, HCI_OP_READ_INQ_RSP_TX_POWER, status);
846 static void hci_cc_set_event_flt(struct hci_dev *hdev, struct sk_buff *skb)
848 __u8 status = *((__u8 *) skb->data);
850 BT_DBG("%s status 0x%x", hdev->name, status);
852 hci_req_complete(hdev, HCI_OP_SET_EVENT_FLT, status);
855 static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
857 struct hci_rp_pin_code_reply *rp = (void *) skb->data;
858 struct hci_cp_pin_code_reply *cp;
859 struct hci_conn *conn;
861 BT_DBG("%s status 0x%x", hdev->name, rp->status);
865 if (test_bit(HCI_MGMT, &hdev->flags))
866 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
871 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
875 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
877 conn->pin_length = cp->pin_len;
880 hci_dev_unlock(hdev);
883 static void hci_cc_pin_code_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
885 struct hci_rp_pin_code_neg_reply *rp = (void *) skb->data;
887 BT_DBG("%s status 0x%x", hdev->name, rp->status);
891 if (test_bit(HCI_MGMT, &hdev->flags))
892 mgmt_pin_code_neg_reply_complete(hdev, &rp->bdaddr,
895 hci_dev_unlock(hdev);
898 static void hci_cc_le_read_buffer_size(struct hci_dev *hdev,
901 struct hci_rp_le_read_buffer_size *rp = (void *) skb->data;
903 BT_DBG("%s status 0x%x", hdev->name, rp->status);
908 hdev->le_mtu = __le16_to_cpu(rp->le_mtu);
909 hdev->le_pkts = rp->le_max_pkt;
911 hdev->le_cnt = hdev->le_pkts;
913 BT_DBG("%s le mtu %d:%d", hdev->name, hdev->le_mtu, hdev->le_pkts);
915 hci_req_complete(hdev, HCI_OP_LE_READ_BUFFER_SIZE, rp->status);
918 static void hci_cc_user_confirm_reply(struct hci_dev *hdev, struct sk_buff *skb)
920 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
922 BT_DBG("%s status 0x%x", hdev->name, rp->status);
926 if (test_bit(HCI_MGMT, &hdev->flags))
927 mgmt_user_confirm_reply_complete(hdev, &rp->bdaddr,
930 hci_dev_unlock(hdev);
933 static void hci_cc_user_confirm_neg_reply(struct hci_dev *hdev,
936 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
938 BT_DBG("%s status 0x%x", hdev->name, rp->status);
942 if (test_bit(HCI_MGMT, &hdev->flags))
943 mgmt_user_confirm_neg_reply_complete(hdev, &rp->bdaddr,
946 hci_dev_unlock(hdev);
949 static void hci_cc_user_passkey_reply(struct hci_dev *hdev, struct sk_buff *skb)
951 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
953 BT_DBG("%s status 0x%x", hdev->name, rp->status);
957 if (test_bit(HCI_MGMT, &hdev->flags))
958 mgmt_user_passkey_reply_complete(hdev, &rp->bdaddr,
961 hci_dev_unlock(hdev);
964 static void hci_cc_user_passkey_neg_reply(struct hci_dev *hdev,
967 struct hci_rp_user_confirm_reply *rp = (void *) skb->data;
969 BT_DBG("%s status 0x%x", hdev->name, rp->status);
973 if (test_bit(HCI_MGMT, &hdev->flags))
974 mgmt_user_passkey_neg_reply_complete(hdev, &rp->bdaddr,
977 hci_dev_unlock(hdev);
980 static void hci_cc_read_local_oob_data_reply(struct hci_dev *hdev,
983 struct hci_rp_read_local_oob_data *rp = (void *) skb->data;
985 BT_DBG("%s status 0x%x", hdev->name, rp->status);
988 mgmt_read_local_oob_data_reply_complete(hdev, rp->hash,
989 rp->randomizer, rp->status);
990 hci_dev_unlock(hdev);
993 static void hci_cc_le_set_scan_enable(struct hci_dev *hdev,
996 struct hci_cp_le_set_scan_enable *cp;
997 __u8 status = *((__u8 *) skb->data);
999 BT_DBG("%s status 0x%x", hdev->name, status);
1004 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_SET_SCAN_ENABLE);
1008 if (cp->enable == 0x01) {
1009 del_timer(&hdev->adv_timer);
1012 hci_adv_entries_clear(hdev);
1013 hci_dev_unlock(hdev);
1014 } else if (cp->enable == 0x00) {
1015 mod_timer(&hdev->adv_timer, jiffies + ADV_CLEAR_TIMEOUT);
1019 static void hci_cc_le_ltk_reply(struct hci_dev *hdev, struct sk_buff *skb)
1021 struct hci_rp_le_ltk_reply *rp = (void *) skb->data;
1023 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1028 hci_req_complete(hdev, HCI_OP_LE_LTK_REPLY, rp->status);
1031 static void hci_cc_le_ltk_neg_reply(struct hci_dev *hdev, struct sk_buff *skb)
1033 struct hci_rp_le_ltk_neg_reply *rp = (void *) skb->data;
1035 BT_DBG("%s status 0x%x", hdev->name, rp->status);
1040 hci_req_complete(hdev, HCI_OP_LE_LTK_NEG_REPLY, rp->status);
1043 static inline void hci_cc_write_le_host_supported(struct hci_dev *hdev,
1044 struct sk_buff *skb)
1046 struct hci_cp_read_local_ext_features cp;
1047 __u8 status = *((__u8 *) skb->data);
1049 BT_DBG("%s status 0x%x", hdev->name, status);
1055 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_EXT_FEATURES, sizeof(cp), &cp);
1058 static inline void hci_cs_inquiry(struct hci_dev *hdev, __u8 status)
1060 BT_DBG("%s status 0x%x", hdev->name, status);
1063 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1064 hci_conn_check_pending(hdev);
1066 if (test_bit(HCI_MGMT, &hdev->flags))
1067 mgmt_start_discovery_failed(hdev, status);
1068 hci_dev_unlock(hdev);
1072 set_bit(HCI_INQUIRY, &hdev->flags);
1075 mgmt_discovering(hdev, 1);
1076 hci_dev_unlock(hdev);
1079 static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
1081 struct hci_cp_create_conn *cp;
1082 struct hci_conn *conn;
1084 BT_DBG("%s status 0x%x", hdev->name, status);
1086 cp = hci_sent_cmd_data(hdev, HCI_OP_CREATE_CONN);
1092 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1094 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->bdaddr), conn);
1097 if (conn && conn->state == BT_CONNECT) {
1098 if (status != 0x0c || conn->attempt > 2) {
1099 conn->state = BT_CLOSED;
1100 hci_proto_connect_cfm(conn, status);
1103 conn->state = BT_CONNECT2;
1107 conn = hci_conn_add(hdev, ACL_LINK, &cp->bdaddr);
1110 conn->link_mode |= HCI_LM_MASTER;
1112 BT_ERR("No memory for new connection");
1116 hci_dev_unlock(hdev);
1119 static void hci_cs_add_sco(struct hci_dev *hdev, __u8 status)
1121 struct hci_cp_add_sco *cp;
1122 struct hci_conn *acl, *sco;
1125 BT_DBG("%s status 0x%x", hdev->name, status);
1130 cp = hci_sent_cmd_data(hdev, HCI_OP_ADD_SCO);
1134 handle = __le16_to_cpu(cp->handle);
1136 BT_DBG("%s handle %d", hdev->name, handle);
1140 acl = hci_conn_hash_lookup_handle(hdev, handle);
1144 sco->state = BT_CLOSED;
1146 hci_proto_connect_cfm(sco, status);
1151 hci_dev_unlock(hdev);
1154 static void hci_cs_auth_requested(struct hci_dev *hdev, __u8 status)
1156 struct hci_cp_auth_requested *cp;
1157 struct hci_conn *conn;
1159 BT_DBG("%s status 0x%x", hdev->name, status);
1164 cp = hci_sent_cmd_data(hdev, HCI_OP_AUTH_REQUESTED);
1170 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1172 if (conn->state == BT_CONFIG) {
1173 hci_proto_connect_cfm(conn, status);
1178 hci_dev_unlock(hdev);
1181 static void hci_cs_set_conn_encrypt(struct hci_dev *hdev, __u8 status)
1183 struct hci_cp_set_conn_encrypt *cp;
1184 struct hci_conn *conn;
1186 BT_DBG("%s status 0x%x", hdev->name, status);
1191 cp = hci_sent_cmd_data(hdev, HCI_OP_SET_CONN_ENCRYPT);
1197 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1199 if (conn->state == BT_CONFIG) {
1200 hci_proto_connect_cfm(conn, status);
1205 hci_dev_unlock(hdev);
1208 static int hci_outgoing_auth_needed(struct hci_dev *hdev,
1209 struct hci_conn *conn)
1211 if (conn->state != BT_CONFIG || !conn->out)
1214 if (conn->pending_sec_level == BT_SECURITY_SDP)
1217 /* Only request authentication for SSP connections or non-SSP
1218 * devices with sec_level HIGH or if MITM protection is requested */
1219 if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
1220 conn->pending_sec_level != BT_SECURITY_HIGH &&
1221 !(conn->auth_type & 0x01))
1227 static void hci_cs_remote_name_req(struct hci_dev *hdev, __u8 status)
1229 struct hci_cp_remote_name_req *cp;
1230 struct hci_conn *conn;
1232 BT_DBG("%s status 0x%x", hdev->name, status);
1234 /* If successful wait for the name req complete event before
1235 * checking for the need to do authentication */
1239 cp = hci_sent_cmd_data(hdev, HCI_OP_REMOTE_NAME_REQ);
1245 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &cp->bdaddr);
1249 if (!hci_outgoing_auth_needed(hdev, conn))
1252 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1253 struct hci_cp_auth_requested cp;
1254 cp.handle = __cpu_to_le16(conn->handle);
1255 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1259 hci_dev_unlock(hdev);
1262 static void hci_cs_read_remote_features(struct hci_dev *hdev, __u8 status)
1264 struct hci_cp_read_remote_features *cp;
1265 struct hci_conn *conn;
1267 BT_DBG("%s status 0x%x", hdev->name, status);
1272 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_FEATURES);
1278 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1280 if (conn->state == BT_CONFIG) {
1281 hci_proto_connect_cfm(conn, status);
1286 hci_dev_unlock(hdev);
1289 static void hci_cs_read_remote_ext_features(struct hci_dev *hdev, __u8 status)
1291 struct hci_cp_read_remote_ext_features *cp;
1292 struct hci_conn *conn;
1294 BT_DBG("%s status 0x%x", hdev->name, status);
1299 cp = hci_sent_cmd_data(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES);
1305 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1307 if (conn->state == BT_CONFIG) {
1308 hci_proto_connect_cfm(conn, status);
1313 hci_dev_unlock(hdev);
1316 static void hci_cs_setup_sync_conn(struct hci_dev *hdev, __u8 status)
1318 struct hci_cp_setup_sync_conn *cp;
1319 struct hci_conn *acl, *sco;
1322 BT_DBG("%s status 0x%x", hdev->name, status);
1327 cp = hci_sent_cmd_data(hdev, HCI_OP_SETUP_SYNC_CONN);
1331 handle = __le16_to_cpu(cp->handle);
1333 BT_DBG("%s handle %d", hdev->name, handle);
1337 acl = hci_conn_hash_lookup_handle(hdev, handle);
1341 sco->state = BT_CLOSED;
1343 hci_proto_connect_cfm(sco, status);
1348 hci_dev_unlock(hdev);
1351 static void hci_cs_sniff_mode(struct hci_dev *hdev, __u8 status)
1353 struct hci_cp_sniff_mode *cp;
1354 struct hci_conn *conn;
1356 BT_DBG("%s status 0x%x", hdev->name, status);
1361 cp = hci_sent_cmd_data(hdev, HCI_OP_SNIFF_MODE);
1367 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1369 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1371 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1372 hci_sco_setup(conn, status);
1375 hci_dev_unlock(hdev);
1378 static void hci_cs_exit_sniff_mode(struct hci_dev *hdev, __u8 status)
1380 struct hci_cp_exit_sniff_mode *cp;
1381 struct hci_conn *conn;
1383 BT_DBG("%s status 0x%x", hdev->name, status);
1388 cp = hci_sent_cmd_data(hdev, HCI_OP_EXIT_SNIFF_MODE);
1394 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(cp->handle));
1396 clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend);
1398 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
1399 hci_sco_setup(conn, status);
1402 hci_dev_unlock(hdev);
1405 static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1407 struct hci_cp_le_create_conn *cp;
1408 struct hci_conn *conn;
1410 BT_DBG("%s status 0x%x", hdev->name, status);
1412 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN);
1418 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr);
1420 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr),
1424 if (conn && conn->state == BT_CONNECT) {
1425 conn->state = BT_CLOSED;
1426 hci_proto_connect_cfm(conn, status);
1431 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1433 conn->dst_type = cp->peer_addr_type;
1436 BT_ERR("No memory for new connection");
1441 hci_dev_unlock(hdev);
1444 static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
1446 BT_DBG("%s status 0x%x", hdev->name, status);
1449 static inline void hci_inquiry_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1451 __u8 status = *((__u8 *) skb->data);
1453 BT_DBG("%s status %d", hdev->name, status);
1455 hci_req_complete(hdev, HCI_OP_INQUIRY, status);
1457 hci_conn_check_pending(hdev);
1459 if (!test_and_clear_bit(HCI_INQUIRY, &hdev->flags))
1463 mgmt_discovering(hdev, 0);
1464 hci_dev_unlock(hdev);
1467 static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
1469 struct inquiry_data data;
1470 struct inquiry_info *info = (void *) (skb->data + 1);
1471 int num_rsp = *((__u8 *) skb->data);
1473 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
1480 for (; num_rsp; num_rsp--, info++) {
1481 bacpy(&data.bdaddr, &info->bdaddr);
1482 data.pscan_rep_mode = info->pscan_rep_mode;
1483 data.pscan_period_mode = info->pscan_period_mode;
1484 data.pscan_mode = info->pscan_mode;
1485 memcpy(data.dev_class, info->dev_class, 3);
1486 data.clock_offset = info->clock_offset;
1488 data.ssp_mode = 0x00;
1489 hci_inquiry_cache_update(hdev, &data);
1490 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
1491 info->dev_class, 0, NULL);
1494 hci_dev_unlock(hdev);
1497 static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1499 struct hci_ev_conn_complete *ev = (void *) skb->data;
1500 struct hci_conn *conn;
1502 BT_DBG("%s", hdev->name);
1506 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1508 if (ev->link_type != SCO_LINK)
1511 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
1515 conn->type = SCO_LINK;
1519 conn->handle = __le16_to_cpu(ev->handle);
1521 if (conn->type == ACL_LINK) {
1522 conn->state = BT_CONFIG;
1523 hci_conn_hold(conn);
1524 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1525 mgmt_connected(hdev, &ev->bdaddr, conn->type,
1528 conn->state = BT_CONNECTED;
1530 hci_conn_hold_device(conn);
1531 hci_conn_add_sysfs(conn);
1533 if (test_bit(HCI_AUTH, &hdev->flags))
1534 conn->link_mode |= HCI_LM_AUTH;
1536 if (test_bit(HCI_ENCRYPT, &hdev->flags))
1537 conn->link_mode |= HCI_LM_ENCRYPT;
1539 /* Get remote features */
1540 if (conn->type == ACL_LINK) {
1541 struct hci_cp_read_remote_features cp;
1542 cp.handle = ev->handle;
1543 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_FEATURES,
1547 /* Set packet type for incoming connection */
1548 if (!conn->out && hdev->hci_ver < 3) {
1549 struct hci_cp_change_conn_ptype cp;
1550 cp.handle = ev->handle;
1551 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1552 hci_send_cmd(hdev, HCI_OP_CHANGE_CONN_PTYPE,
1556 conn->state = BT_CLOSED;
1557 if (conn->type == ACL_LINK)
1558 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
1559 conn->dst_type, ev->status);
1562 if (conn->type == ACL_LINK)
1563 hci_sco_setup(conn, ev->status);
1566 hci_proto_connect_cfm(conn, ev->status);
1568 } else if (ev->link_type != ACL_LINK)
1569 hci_proto_connect_cfm(conn, ev->status);
1572 hci_dev_unlock(hdev);
1574 hci_conn_check_pending(hdev);
1577 static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1579 struct hci_ev_conn_request *ev = (void *) skb->data;
1580 int mask = hdev->link_mode;
1582 BT_DBG("%s bdaddr %s type 0x%x", hdev->name,
1583 batostr(&ev->bdaddr), ev->link_type);
1585 mask |= hci_proto_connect_ind(hdev, &ev->bdaddr, ev->link_type);
1587 if ((mask & HCI_LM_ACCEPT) &&
1588 !hci_blacklist_lookup(hdev, &ev->bdaddr)) {
1589 /* Connection accepted */
1590 struct inquiry_entry *ie;
1591 struct hci_conn *conn;
1595 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
1597 memcpy(ie->data.dev_class, ev->dev_class, 3);
1599 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
1601 conn = hci_conn_add(hdev, ev->link_type, &ev->bdaddr);
1603 BT_ERR("No memory for new connection");
1604 hci_dev_unlock(hdev);
1609 memcpy(conn->dev_class, ev->dev_class, 3);
1610 conn->state = BT_CONNECT;
1612 hci_dev_unlock(hdev);
1614 if (ev->link_type == ACL_LINK || !lmp_esco_capable(hdev)) {
1615 struct hci_cp_accept_conn_req cp;
1617 bacpy(&cp.bdaddr, &ev->bdaddr);
1619 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
1620 cp.role = 0x00; /* Become master */
1622 cp.role = 0x01; /* Remain slave */
1624 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ,
1627 struct hci_cp_accept_sync_conn_req cp;
1629 bacpy(&cp.bdaddr, &ev->bdaddr);
1630 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1632 cp.tx_bandwidth = cpu_to_le32(0x00001f40);
1633 cp.rx_bandwidth = cpu_to_le32(0x00001f40);
1634 cp.max_latency = cpu_to_le16(0xffff);
1635 cp.content_format = cpu_to_le16(hdev->voice_setting);
1636 cp.retrans_effort = 0xff;
1638 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
1642 /* Connection rejected */
1643 struct hci_cp_reject_conn_req cp;
1645 bacpy(&cp.bdaddr, &ev->bdaddr);
1646 cp.reason = HCI_ERROR_REJ_BAD_ADDR;
1647 hci_send_cmd(hdev, HCI_OP_REJECT_CONN_REQ, sizeof(cp), &cp);
1651 static inline void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1653 struct hci_ev_disconn_complete *ev = (void *) skb->data;
1654 struct hci_conn *conn;
1656 BT_DBG("%s status %d", hdev->name, ev->status);
1660 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1664 if (ev->status == 0)
1665 conn->state = BT_CLOSED;
1667 if (conn->type == ACL_LINK || conn->type == LE_LINK) {
1668 if (ev->status != 0)
1669 mgmt_disconnect_failed(hdev, &conn->dst, ev->status);
1671 mgmt_disconnected(hdev, &conn->dst, conn->type,
1675 if (ev->status == 0) {
1676 hci_proto_disconn_cfm(conn, ev->reason);
1681 hci_dev_unlock(hdev);
1684 static inline void hci_auth_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1686 struct hci_ev_auth_complete *ev = (void *) skb->data;
1687 struct hci_conn *conn;
1689 BT_DBG("%s status %d", hdev->name, ev->status);
1693 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1698 if (!(conn->ssp_mode > 0 && hdev->ssp_mode > 0) &&
1699 test_bit(HCI_CONN_REAUTH_PEND, &conn->pend)) {
1700 BT_INFO("re-auth of legacy device is not possible.");
1702 conn->link_mode |= HCI_LM_AUTH;
1703 conn->sec_level = conn->pending_sec_level;
1706 mgmt_auth_failed(hdev, &conn->dst, ev->status);
1709 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1710 clear_bit(HCI_CONN_REAUTH_PEND, &conn->pend);
1712 if (conn->state == BT_CONFIG) {
1713 if (!ev->status && hdev->ssp_mode > 0 && conn->ssp_mode > 0) {
1714 struct hci_cp_set_conn_encrypt cp;
1715 cp.handle = ev->handle;
1717 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1720 conn->state = BT_CONNECTED;
1721 hci_proto_connect_cfm(conn, ev->status);
1725 hci_auth_cfm(conn, ev->status);
1727 hci_conn_hold(conn);
1728 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
1732 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) {
1734 struct hci_cp_set_conn_encrypt cp;
1735 cp.handle = ev->handle;
1737 hci_send_cmd(hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
1740 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1741 hci_encrypt_cfm(conn, ev->status, 0x00);
1746 hci_dev_unlock(hdev);
1749 static inline void hci_remote_name_evt(struct hci_dev *hdev, struct sk_buff *skb)
1751 struct hci_ev_remote_name *ev = (void *) skb->data;
1752 struct hci_conn *conn;
1754 BT_DBG("%s", hdev->name);
1756 hci_conn_check_pending(hdev);
1760 if (ev->status == 0 && test_bit(HCI_MGMT, &hdev->flags))
1761 mgmt_remote_name(hdev, &ev->bdaddr, ev->name);
1763 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
1767 if (!hci_outgoing_auth_needed(hdev, conn))
1770 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
1771 struct hci_cp_auth_requested cp;
1772 cp.handle = __cpu_to_le16(conn->handle);
1773 hci_send_cmd(hdev, HCI_OP_AUTH_REQUESTED, sizeof(cp), &cp);
1777 hci_dev_unlock(hdev);
1780 static inline void hci_encrypt_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
1782 struct hci_ev_encrypt_change *ev = (void *) skb->data;
1783 struct hci_conn *conn;
1785 BT_DBG("%s status %d", hdev->name, ev->status);
1789 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1793 /* Encryption implies authentication */
1794 conn->link_mode |= HCI_LM_AUTH;
1795 conn->link_mode |= HCI_LM_ENCRYPT;
1796 conn->sec_level = conn->pending_sec_level;
1798 conn->link_mode &= ~HCI_LM_ENCRYPT;
1801 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
1803 if (conn->state == BT_CONFIG) {
1805 conn->state = BT_CONNECTED;
1807 hci_proto_connect_cfm(conn, ev->status);
1810 hci_encrypt_cfm(conn, ev->status, ev->encrypt);
1813 hci_dev_unlock(hdev);
1816 static inline void hci_change_link_key_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1818 struct hci_ev_change_link_key_complete *ev = (void *) skb->data;
1819 struct hci_conn *conn;
1821 BT_DBG("%s status %d", hdev->name, ev->status);
1825 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1828 conn->link_mode |= HCI_LM_SECURE;
1830 clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
1832 hci_key_change_cfm(conn, ev->status);
1835 hci_dev_unlock(hdev);
1838 static inline void hci_remote_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
1840 struct hci_ev_remote_features *ev = (void *) skb->data;
1841 struct hci_conn *conn;
1843 BT_DBG("%s status %d", hdev->name, ev->status);
1847 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1852 memcpy(conn->features, ev->features, 8);
1854 if (conn->state != BT_CONFIG)
1857 if (!ev->status && lmp_ssp_capable(hdev) && lmp_ssp_capable(conn)) {
1858 struct hci_cp_read_remote_ext_features cp;
1859 cp.handle = ev->handle;
1861 hci_send_cmd(hdev, HCI_OP_READ_REMOTE_EXT_FEATURES,
1867 struct hci_cp_remote_name_req cp;
1868 memset(&cp, 0, sizeof(cp));
1869 bacpy(&cp.bdaddr, &conn->dst);
1870 cp.pscan_rep_mode = 0x02;
1871 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
1874 if (!hci_outgoing_auth_needed(hdev, conn)) {
1875 conn->state = BT_CONNECTED;
1876 hci_proto_connect_cfm(conn, ev->status);
1881 hci_dev_unlock(hdev);
1884 static inline void hci_remote_version_evt(struct hci_dev *hdev, struct sk_buff *skb)
1886 BT_DBG("%s", hdev->name);
1889 static inline void hci_qos_setup_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1891 BT_DBG("%s", hdev->name);
1894 static inline void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1896 struct hci_ev_cmd_complete *ev = (void *) skb->data;
1899 skb_pull(skb, sizeof(*ev));
1901 opcode = __le16_to_cpu(ev->opcode);
1904 case HCI_OP_INQUIRY_CANCEL:
1905 hci_cc_inquiry_cancel(hdev, skb);
1908 case HCI_OP_EXIT_PERIODIC_INQ:
1909 hci_cc_exit_periodic_inq(hdev, skb);
1912 case HCI_OP_REMOTE_NAME_REQ_CANCEL:
1913 hci_cc_remote_name_req_cancel(hdev, skb);
1916 case HCI_OP_ROLE_DISCOVERY:
1917 hci_cc_role_discovery(hdev, skb);
1920 case HCI_OP_READ_LINK_POLICY:
1921 hci_cc_read_link_policy(hdev, skb);
1924 case HCI_OP_WRITE_LINK_POLICY:
1925 hci_cc_write_link_policy(hdev, skb);
1928 case HCI_OP_READ_DEF_LINK_POLICY:
1929 hci_cc_read_def_link_policy(hdev, skb);
1932 case HCI_OP_WRITE_DEF_LINK_POLICY:
1933 hci_cc_write_def_link_policy(hdev, skb);
1937 hci_cc_reset(hdev, skb);
1940 case HCI_OP_WRITE_LOCAL_NAME:
1941 hci_cc_write_local_name(hdev, skb);
1944 case HCI_OP_READ_LOCAL_NAME:
1945 hci_cc_read_local_name(hdev, skb);
1948 case HCI_OP_WRITE_AUTH_ENABLE:
1949 hci_cc_write_auth_enable(hdev, skb);
1952 case HCI_OP_WRITE_ENCRYPT_MODE:
1953 hci_cc_write_encrypt_mode(hdev, skb);
1956 case HCI_OP_WRITE_SCAN_ENABLE:
1957 hci_cc_write_scan_enable(hdev, skb);
1960 case HCI_OP_READ_CLASS_OF_DEV:
1961 hci_cc_read_class_of_dev(hdev, skb);
1964 case HCI_OP_WRITE_CLASS_OF_DEV:
1965 hci_cc_write_class_of_dev(hdev, skb);
1968 case HCI_OP_READ_VOICE_SETTING:
1969 hci_cc_read_voice_setting(hdev, skb);
1972 case HCI_OP_WRITE_VOICE_SETTING:
1973 hci_cc_write_voice_setting(hdev, skb);
1976 case HCI_OP_HOST_BUFFER_SIZE:
1977 hci_cc_host_buffer_size(hdev, skb);
1980 case HCI_OP_READ_SSP_MODE:
1981 hci_cc_read_ssp_mode(hdev, skb);
1984 case HCI_OP_WRITE_SSP_MODE:
1985 hci_cc_write_ssp_mode(hdev, skb);
1988 case HCI_OP_READ_LOCAL_VERSION:
1989 hci_cc_read_local_version(hdev, skb);
1992 case HCI_OP_READ_LOCAL_COMMANDS:
1993 hci_cc_read_local_commands(hdev, skb);
1996 case HCI_OP_READ_LOCAL_FEATURES:
1997 hci_cc_read_local_features(hdev, skb);
2000 case HCI_OP_READ_LOCAL_EXT_FEATURES:
2001 hci_cc_read_local_ext_features(hdev, skb);
2004 case HCI_OP_READ_BUFFER_SIZE:
2005 hci_cc_read_buffer_size(hdev, skb);
2008 case HCI_OP_READ_BD_ADDR:
2009 hci_cc_read_bd_addr(hdev, skb);
2012 case HCI_OP_WRITE_CA_TIMEOUT:
2013 hci_cc_write_ca_timeout(hdev, skb);
2016 case HCI_OP_READ_FLOW_CONTROL_MODE:
2017 hci_cc_read_flow_control_mode(hdev, skb);
2020 case HCI_OP_READ_LOCAL_AMP_INFO:
2021 hci_cc_read_local_amp_info(hdev, skb);
2024 case HCI_OP_DELETE_STORED_LINK_KEY:
2025 hci_cc_delete_stored_link_key(hdev, skb);
2028 case HCI_OP_SET_EVENT_MASK:
2029 hci_cc_set_event_mask(hdev, skb);
2032 case HCI_OP_WRITE_INQUIRY_MODE:
2033 hci_cc_write_inquiry_mode(hdev, skb);
2036 case HCI_OP_READ_INQ_RSP_TX_POWER:
2037 hci_cc_read_inq_rsp_tx_power(hdev, skb);
2040 case HCI_OP_SET_EVENT_FLT:
2041 hci_cc_set_event_flt(hdev, skb);
2044 case HCI_OP_PIN_CODE_REPLY:
2045 hci_cc_pin_code_reply(hdev, skb);
2048 case HCI_OP_PIN_CODE_NEG_REPLY:
2049 hci_cc_pin_code_neg_reply(hdev, skb);
2052 case HCI_OP_READ_LOCAL_OOB_DATA:
2053 hci_cc_read_local_oob_data_reply(hdev, skb);
2056 case HCI_OP_LE_READ_BUFFER_SIZE:
2057 hci_cc_le_read_buffer_size(hdev, skb);
2060 case HCI_OP_USER_CONFIRM_REPLY:
2061 hci_cc_user_confirm_reply(hdev, skb);
2064 case HCI_OP_USER_CONFIRM_NEG_REPLY:
2065 hci_cc_user_confirm_neg_reply(hdev, skb);
2068 case HCI_OP_USER_PASSKEY_REPLY:
2069 hci_cc_user_passkey_reply(hdev, skb);
2072 case HCI_OP_USER_PASSKEY_NEG_REPLY:
2073 hci_cc_user_passkey_neg_reply(hdev, skb);
2076 case HCI_OP_LE_SET_SCAN_ENABLE:
2077 hci_cc_le_set_scan_enable(hdev, skb);
2080 case HCI_OP_LE_LTK_REPLY:
2081 hci_cc_le_ltk_reply(hdev, skb);
2084 case HCI_OP_LE_LTK_NEG_REPLY:
2085 hci_cc_le_ltk_neg_reply(hdev, skb);
2088 case HCI_OP_WRITE_LE_HOST_SUPPORTED:
2089 hci_cc_write_le_host_supported(hdev, skb);
2093 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2097 if (ev->opcode != HCI_OP_NOP)
2098 del_timer(&hdev->cmd_timer);
2101 atomic_set(&hdev->cmd_cnt, 1);
2102 if (!skb_queue_empty(&hdev->cmd_q))
2103 tasklet_schedule(&hdev->cmd_task);
2107 static inline void hci_cmd_status_evt(struct hci_dev *hdev, struct sk_buff *skb)
2109 struct hci_ev_cmd_status *ev = (void *) skb->data;
2112 skb_pull(skb, sizeof(*ev));
2114 opcode = __le16_to_cpu(ev->opcode);
2117 case HCI_OP_INQUIRY:
2118 hci_cs_inquiry(hdev, ev->status);
2121 case HCI_OP_CREATE_CONN:
2122 hci_cs_create_conn(hdev, ev->status);
2125 case HCI_OP_ADD_SCO:
2126 hci_cs_add_sco(hdev, ev->status);
2129 case HCI_OP_AUTH_REQUESTED:
2130 hci_cs_auth_requested(hdev, ev->status);
2133 case HCI_OP_SET_CONN_ENCRYPT:
2134 hci_cs_set_conn_encrypt(hdev, ev->status);
2137 case HCI_OP_REMOTE_NAME_REQ:
2138 hci_cs_remote_name_req(hdev, ev->status);
2141 case HCI_OP_READ_REMOTE_FEATURES:
2142 hci_cs_read_remote_features(hdev, ev->status);
2145 case HCI_OP_READ_REMOTE_EXT_FEATURES:
2146 hci_cs_read_remote_ext_features(hdev, ev->status);
2149 case HCI_OP_SETUP_SYNC_CONN:
2150 hci_cs_setup_sync_conn(hdev, ev->status);
2153 case HCI_OP_SNIFF_MODE:
2154 hci_cs_sniff_mode(hdev, ev->status);
2157 case HCI_OP_EXIT_SNIFF_MODE:
2158 hci_cs_exit_sniff_mode(hdev, ev->status);
2161 case HCI_OP_DISCONNECT:
2162 if (ev->status != 0)
2163 mgmt_disconnect_failed(hdev, NULL, ev->status);
2166 case HCI_OP_LE_CREATE_CONN:
2167 hci_cs_le_create_conn(hdev, ev->status);
2170 case HCI_OP_LE_START_ENC:
2171 hci_cs_le_start_enc(hdev, ev->status);
2175 BT_DBG("%s opcode 0x%x", hdev->name, opcode);
2179 if (ev->opcode != HCI_OP_NOP)
2180 del_timer(&hdev->cmd_timer);
2182 if (ev->ncmd && !test_bit(HCI_RESET, &hdev->flags)) {
2183 atomic_set(&hdev->cmd_cnt, 1);
2184 if (!skb_queue_empty(&hdev->cmd_q))
2185 tasklet_schedule(&hdev->cmd_task);
2189 static inline void hci_role_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2191 struct hci_ev_role_change *ev = (void *) skb->data;
2192 struct hci_conn *conn;
2194 BT_DBG("%s status %d", hdev->name, ev->status);
2198 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2202 conn->link_mode &= ~HCI_LM_MASTER;
2204 conn->link_mode |= HCI_LM_MASTER;
2207 clear_bit(HCI_CONN_RSWITCH_PEND, &conn->pend);
2209 hci_role_switch_cfm(conn, ev->status, ev->role);
2212 hci_dev_unlock(hdev);
2215 static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *skb)
2217 struct hci_ev_num_comp_pkts *ev = (void *) skb->data;
2221 skb_pull(skb, sizeof(*ev));
2223 BT_DBG("%s num_hndl %d", hdev->name, ev->num_hndl);
2225 if (skb->len < ev->num_hndl * 4) {
2226 BT_DBG("%s bad parameters", hdev->name);
2230 tasklet_disable(&hdev->tx_task);
2232 for (i = 0, ptr = (__le16 *) skb->data; i < ev->num_hndl; i++) {
2233 struct hci_conn *conn;
2234 __u16 handle, count;
2236 handle = get_unaligned_le16(ptr++);
2237 count = get_unaligned_le16(ptr++);
2239 conn = hci_conn_hash_lookup_handle(hdev, handle);
2241 conn->sent -= count;
2243 if (conn->type == ACL_LINK) {
2244 hdev->acl_cnt += count;
2245 if (hdev->acl_cnt > hdev->acl_pkts)
2246 hdev->acl_cnt = hdev->acl_pkts;
2247 } else if (conn->type == LE_LINK) {
2248 if (hdev->le_pkts) {
2249 hdev->le_cnt += count;
2250 if (hdev->le_cnt > hdev->le_pkts)
2251 hdev->le_cnt = hdev->le_pkts;
2253 hdev->acl_cnt += count;
2254 if (hdev->acl_cnt > hdev->acl_pkts)
2255 hdev->acl_cnt = hdev->acl_pkts;
2258 hdev->sco_cnt += count;
2259 if (hdev->sco_cnt > hdev->sco_pkts)
2260 hdev->sco_cnt = hdev->sco_pkts;
2265 tasklet_schedule(&hdev->tx_task);
2267 tasklet_enable(&hdev->tx_task);
2270 static inline void hci_mode_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2272 struct hci_ev_mode_change *ev = (void *) skb->data;
2273 struct hci_conn *conn;
2275 BT_DBG("%s status %d", hdev->name, ev->status);
2279 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2281 conn->mode = ev->mode;
2282 conn->interval = __le16_to_cpu(ev->interval);
2284 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
2285 if (conn->mode == HCI_CM_ACTIVE)
2286 conn->power_save = 1;
2288 conn->power_save = 0;
2291 if (test_and_clear_bit(HCI_CONN_SCO_SETUP_PEND, &conn->pend))
2292 hci_sco_setup(conn, ev->status);
2295 hci_dev_unlock(hdev);
2298 static inline void hci_pin_code_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2300 struct hci_ev_pin_code_req *ev = (void *) skb->data;
2301 struct hci_conn *conn;
2303 BT_DBG("%s", hdev->name);
2307 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2311 if (conn->state == BT_CONNECTED) {
2312 hci_conn_hold(conn);
2313 conn->disc_timeout = HCI_PAIRING_TIMEOUT;
2317 if (!test_bit(HCI_PAIRABLE, &hdev->flags))
2318 hci_send_cmd(hdev, HCI_OP_PIN_CODE_NEG_REPLY,
2319 sizeof(ev->bdaddr), &ev->bdaddr);
2320 else if (test_bit(HCI_MGMT, &hdev->flags)) {
2323 if (conn->pending_sec_level == BT_SECURITY_HIGH)
2328 mgmt_pin_code_request(hdev, &ev->bdaddr, secure);
2332 hci_dev_unlock(hdev);
2335 static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2337 struct hci_ev_link_key_req *ev = (void *) skb->data;
2338 struct hci_cp_link_key_reply cp;
2339 struct hci_conn *conn;
2340 struct link_key *key;
2342 BT_DBG("%s", hdev->name);
2344 if (!test_bit(HCI_LINK_KEYS, &hdev->flags))
2349 key = hci_find_link_key(hdev, &ev->bdaddr);
2351 BT_DBG("%s link key not found for %s", hdev->name,
2352 batostr(&ev->bdaddr));
2356 BT_DBG("%s found key type %u for %s", hdev->name, key->type,
2357 batostr(&ev->bdaddr));
2359 if (!test_bit(HCI_DEBUG_KEYS, &hdev->flags) &&
2360 key->type == HCI_LK_DEBUG_COMBINATION) {
2361 BT_DBG("%s ignoring debug key", hdev->name);
2365 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2367 if (key->type == HCI_LK_UNAUTH_COMBINATION &&
2368 conn->auth_type != 0xff &&
2369 (conn->auth_type & 0x01)) {
2370 BT_DBG("%s ignoring unauthenticated key", hdev->name);
2374 if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
2375 conn->pending_sec_level == BT_SECURITY_HIGH) {
2376 BT_DBG("%s ignoring key unauthenticated for high \
2377 security", hdev->name);
2381 conn->key_type = key->type;
2382 conn->pin_length = key->pin_len;
2385 bacpy(&cp.bdaddr, &ev->bdaddr);
2386 memcpy(cp.link_key, key->val, 16);
2388 hci_send_cmd(hdev, HCI_OP_LINK_KEY_REPLY, sizeof(cp), &cp);
2390 hci_dev_unlock(hdev);
2395 hci_send_cmd(hdev, HCI_OP_LINK_KEY_NEG_REPLY, 6, &ev->bdaddr);
2396 hci_dev_unlock(hdev);
2399 static inline void hci_link_key_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
2401 struct hci_ev_link_key_notify *ev = (void *) skb->data;
2402 struct hci_conn *conn;
2405 BT_DBG("%s", hdev->name);
2409 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2411 hci_conn_hold(conn);
2412 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
2413 pin_len = conn->pin_length;
2415 if (ev->key_type != HCI_LK_CHANGED_COMBINATION)
2416 conn->key_type = ev->key_type;
2421 if (test_bit(HCI_LINK_KEYS, &hdev->flags))
2422 hci_add_link_key(hdev, conn, 1, &ev->bdaddr, ev->link_key,
2423 ev->key_type, pin_len);
2425 hci_dev_unlock(hdev);
2428 static inline void hci_clock_offset_evt(struct hci_dev *hdev, struct sk_buff *skb)
2430 struct hci_ev_clock_offset *ev = (void *) skb->data;
2431 struct hci_conn *conn;
2433 BT_DBG("%s status %d", hdev->name, ev->status);
2437 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2438 if (conn && !ev->status) {
2439 struct inquiry_entry *ie;
2441 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2443 ie->data.clock_offset = ev->clock_offset;
2444 ie->timestamp = jiffies;
2448 hci_dev_unlock(hdev);
2451 static inline void hci_pkt_type_change_evt(struct hci_dev *hdev, struct sk_buff *skb)
2453 struct hci_ev_pkt_type_change *ev = (void *) skb->data;
2454 struct hci_conn *conn;
2456 BT_DBG("%s status %d", hdev->name, ev->status);
2460 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2461 if (conn && !ev->status)
2462 conn->pkt_type = __le16_to_cpu(ev->pkt_type);
2464 hci_dev_unlock(hdev);
2467 static inline void hci_pscan_rep_mode_evt(struct hci_dev *hdev, struct sk_buff *skb)
2469 struct hci_ev_pscan_rep_mode *ev = (void *) skb->data;
2470 struct inquiry_entry *ie;
2472 BT_DBG("%s", hdev->name);
2476 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2478 ie->data.pscan_rep_mode = ev->pscan_rep_mode;
2479 ie->timestamp = jiffies;
2482 hci_dev_unlock(hdev);
2485 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev, struct sk_buff *skb)
2487 struct inquiry_data data;
2488 int num_rsp = *((__u8 *) skb->data);
2490 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2497 if ((skb->len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
2498 struct inquiry_info_with_rssi_and_pscan_mode *info;
2499 info = (void *) (skb->data + 1);
2501 for (; num_rsp; num_rsp--, info++) {
2502 bacpy(&data.bdaddr, &info->bdaddr);
2503 data.pscan_rep_mode = info->pscan_rep_mode;
2504 data.pscan_period_mode = info->pscan_period_mode;
2505 data.pscan_mode = info->pscan_mode;
2506 memcpy(data.dev_class, info->dev_class, 3);
2507 data.clock_offset = info->clock_offset;
2508 data.rssi = info->rssi;
2509 data.ssp_mode = 0x00;
2510 hci_inquiry_cache_update(hdev, &data);
2511 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2512 info->dev_class, info->rssi,
2516 struct inquiry_info_with_rssi *info = (void *) (skb->data + 1);
2518 for (; num_rsp; num_rsp--, info++) {
2519 bacpy(&data.bdaddr, &info->bdaddr);
2520 data.pscan_rep_mode = info->pscan_rep_mode;
2521 data.pscan_period_mode = info->pscan_period_mode;
2522 data.pscan_mode = 0x00;
2523 memcpy(data.dev_class, info->dev_class, 3);
2524 data.clock_offset = info->clock_offset;
2525 data.rssi = info->rssi;
2526 data.ssp_mode = 0x00;
2527 hci_inquiry_cache_update(hdev, &data);
2528 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2529 info->dev_class, info->rssi,
2534 hci_dev_unlock(hdev);
2537 static inline void hci_remote_ext_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2539 struct hci_ev_remote_ext_features *ev = (void *) skb->data;
2540 struct hci_conn *conn;
2542 BT_DBG("%s", hdev->name);
2546 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
2550 if (!ev->status && ev->page == 0x01) {
2551 struct inquiry_entry *ie;
2553 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
2555 ie->data.ssp_mode = (ev->features[0] & 0x01);
2557 conn->ssp_mode = (ev->features[0] & 0x01);
2560 if (conn->state != BT_CONFIG)
2564 struct hci_cp_remote_name_req cp;
2565 memset(&cp, 0, sizeof(cp));
2566 bacpy(&cp.bdaddr, &conn->dst);
2567 cp.pscan_rep_mode = 0x02;
2568 hci_send_cmd(hdev, HCI_OP_REMOTE_NAME_REQ, sizeof(cp), &cp);
2571 if (!hci_outgoing_auth_needed(hdev, conn)) {
2572 conn->state = BT_CONNECTED;
2573 hci_proto_connect_cfm(conn, ev->status);
2578 hci_dev_unlock(hdev);
2581 static inline void hci_sync_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2583 struct hci_ev_sync_conn_complete *ev = (void *) skb->data;
2584 struct hci_conn *conn;
2586 BT_DBG("%s status %d", hdev->name, ev->status);
2590 conn = hci_conn_hash_lookup_ba(hdev, ev->link_type, &ev->bdaddr);
2592 if (ev->link_type == ESCO_LINK)
2595 conn = hci_conn_hash_lookup_ba(hdev, ESCO_LINK, &ev->bdaddr);
2599 conn->type = SCO_LINK;
2602 switch (ev->status) {
2604 conn->handle = __le16_to_cpu(ev->handle);
2605 conn->state = BT_CONNECTED;
2607 hci_conn_hold_device(conn);
2608 hci_conn_add_sysfs(conn);
2611 case 0x11: /* Unsupported Feature or Parameter Value */
2612 case 0x1c: /* SCO interval rejected */
2613 case 0x1a: /* Unsupported Remote Feature */
2614 case 0x1f: /* Unspecified error */
2615 if (conn->out && conn->attempt < 2) {
2616 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2617 (hdev->esco_type & EDR_ESCO_MASK);
2618 hci_setup_sync(conn, conn->link->handle);
2624 conn->state = BT_CLOSED;
2628 hci_proto_connect_cfm(conn, ev->status);
2633 hci_dev_unlock(hdev);
2636 static inline void hci_sync_conn_changed_evt(struct hci_dev *hdev, struct sk_buff *skb)
2638 BT_DBG("%s", hdev->name);
2641 static inline void hci_sniff_subrate_evt(struct hci_dev *hdev, struct sk_buff *skb)
2643 struct hci_ev_sniff_subrate *ev = (void *) skb->data;
2645 BT_DBG("%s status %d", hdev->name, ev->status);
2648 static inline void hci_extended_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff *skb)
2650 struct inquiry_data data;
2651 struct extended_inquiry_info *info = (void *) (skb->data + 1);
2652 int num_rsp = *((__u8 *) skb->data);
2654 BT_DBG("%s num_rsp %d", hdev->name, num_rsp);
2661 for (; num_rsp; num_rsp--, info++) {
2662 bacpy(&data.bdaddr, &info->bdaddr);
2663 data.pscan_rep_mode = info->pscan_rep_mode;
2664 data.pscan_period_mode = info->pscan_period_mode;
2665 data.pscan_mode = 0x00;
2666 memcpy(data.dev_class, info->dev_class, 3);
2667 data.clock_offset = info->clock_offset;
2668 data.rssi = info->rssi;
2669 data.ssp_mode = 0x01;
2670 hci_inquiry_cache_update(hdev, &data);
2671 mgmt_device_found(hdev, &info->bdaddr, ACL_LINK, 0x00,
2672 info->dev_class, info->rssi, info->data);
2675 hci_dev_unlock(hdev);
2678 static inline u8 hci_get_auth_req(struct hci_conn *conn)
2680 /* If remote requests dedicated bonding follow that lead */
2681 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) {
2682 /* If both remote and local IO capabilities allow MITM
2683 * protection then require it, otherwise don't */
2684 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03)
2690 /* If remote requests no-bonding follow that lead */
2691 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01)
2692 return conn->remote_auth | (conn->auth_type & 0x01);
2694 return conn->auth_type;
2697 static inline void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
2699 struct hci_ev_io_capa_request *ev = (void *) skb->data;
2700 struct hci_conn *conn;
2702 BT_DBG("%s", hdev->name);
2706 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2710 hci_conn_hold(conn);
2712 if (!test_bit(HCI_MGMT, &hdev->flags))
2715 if (test_bit(HCI_PAIRABLE, &hdev->flags) ||
2716 (conn->remote_auth & ~0x01) == HCI_AT_NO_BONDING) {
2717 struct hci_cp_io_capability_reply cp;
2719 bacpy(&cp.bdaddr, &ev->bdaddr);
2720 cp.capability = conn->io_capability;
2721 conn->auth_type = hci_get_auth_req(conn);
2722 cp.authentication = conn->auth_type;
2724 if ((conn->out == 0x01 || conn->remote_oob == 0x01) &&
2725 hci_find_remote_oob_data(hdev, &conn->dst))
2730 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_REPLY,
2733 struct hci_cp_io_capability_neg_reply cp;
2735 bacpy(&cp.bdaddr, &ev->bdaddr);
2736 cp.reason = HCI_ERROR_PAIRING_NOT_ALLOWED;
2738 hci_send_cmd(hdev, HCI_OP_IO_CAPABILITY_NEG_REPLY,
2743 hci_dev_unlock(hdev);
2746 static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *skb)
2748 struct hci_ev_io_capa_reply *ev = (void *) skb->data;
2749 struct hci_conn *conn;
2751 BT_DBG("%s", hdev->name);
2755 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2759 conn->remote_cap = ev->capability;
2760 conn->remote_oob = ev->oob_data;
2761 conn->remote_auth = ev->authentication;
2764 hci_dev_unlock(hdev);
2767 static inline void hci_user_confirm_request_evt(struct hci_dev *hdev,
2768 struct sk_buff *skb)
2770 struct hci_ev_user_confirm_req *ev = (void *) skb->data;
2771 int loc_mitm, rem_mitm, confirm_hint = 0;
2772 struct hci_conn *conn;
2774 BT_DBG("%s", hdev->name);
2778 if (!test_bit(HCI_MGMT, &hdev->flags))
2781 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2785 loc_mitm = (conn->auth_type & 0x01);
2786 rem_mitm = (conn->remote_auth & 0x01);
2788 /* If we require MITM but the remote device can't provide that
2789 * (it has NoInputNoOutput) then reject the confirmation
2790 * request. The only exception is when we're dedicated bonding
2791 * initiators (connect_cfm_cb set) since then we always have the MITM
2793 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) {
2794 BT_DBG("Rejecting request: remote device can't provide MITM");
2795 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
2796 sizeof(ev->bdaddr), &ev->bdaddr);
2800 /* If no side requires MITM protection; auto-accept */
2801 if ((!loc_mitm || conn->remote_cap == 0x03) &&
2802 (!rem_mitm || conn->io_capability == 0x03)) {
2804 /* If we're not the initiators request authorization to
2805 * proceed from user space (mgmt_user_confirm with
2806 * confirm_hint set to 1). */
2807 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
2808 BT_DBG("Confirming auto-accept as acceptor");
2813 BT_DBG("Auto-accept of user confirmation with %ums delay",
2814 hdev->auto_accept_delay);
2816 if (hdev->auto_accept_delay > 0) {
2817 int delay = msecs_to_jiffies(hdev->auto_accept_delay);
2818 mod_timer(&conn->auto_accept_timer, jiffies + delay);
2822 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_REPLY,
2823 sizeof(ev->bdaddr), &ev->bdaddr);
2828 mgmt_user_confirm_request(hdev, &ev->bdaddr, ev->passkey,
2832 hci_dev_unlock(hdev);
2835 static inline void hci_user_passkey_request_evt(struct hci_dev *hdev,
2836 struct sk_buff *skb)
2838 struct hci_ev_user_passkey_req *ev = (void *) skb->data;
2840 BT_DBG("%s", hdev->name);
2844 if (test_bit(HCI_MGMT, &hdev->flags))
2845 mgmt_user_passkey_request(hdev, &ev->bdaddr);
2847 hci_dev_unlock(hdev);
2850 static inline void hci_simple_pair_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2852 struct hci_ev_simple_pair_complete *ev = (void *) skb->data;
2853 struct hci_conn *conn;
2855 BT_DBG("%s", hdev->name);
2859 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
2863 /* To avoid duplicate auth_failed events to user space we check
2864 * the HCI_CONN_AUTH_PEND flag which will be set if we
2865 * initiated the authentication. A traditional auth_complete
2866 * event gets always produced as initiator and is also mapped to
2867 * the mgmt_auth_failed event */
2868 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->pend) && ev->status != 0)
2869 mgmt_auth_failed(hdev, &conn->dst, ev->status);
2874 hci_dev_unlock(hdev);
2877 static inline void hci_remote_host_features_evt(struct hci_dev *hdev, struct sk_buff *skb)
2879 struct hci_ev_remote_host_features *ev = (void *) skb->data;
2880 struct inquiry_entry *ie;
2882 BT_DBG("%s", hdev->name);
2886 ie = hci_inquiry_cache_lookup(hdev, &ev->bdaddr);
2888 ie->data.ssp_mode = (ev->features[0] & 0x01);
2890 hci_dev_unlock(hdev);
2893 static inline void hci_remote_oob_data_request_evt(struct hci_dev *hdev,
2894 struct sk_buff *skb)
2896 struct hci_ev_remote_oob_data_request *ev = (void *) skb->data;
2897 struct oob_data *data;
2899 BT_DBG("%s", hdev->name);
2903 if (!test_bit(HCI_MGMT, &hdev->flags))
2906 data = hci_find_remote_oob_data(hdev, &ev->bdaddr);
2908 struct hci_cp_remote_oob_data_reply cp;
2910 bacpy(&cp.bdaddr, &ev->bdaddr);
2911 memcpy(cp.hash, data->hash, sizeof(cp.hash));
2912 memcpy(cp.randomizer, data->randomizer, sizeof(cp.randomizer));
2914 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_REPLY, sizeof(cp),
2917 struct hci_cp_remote_oob_data_neg_reply cp;
2919 bacpy(&cp.bdaddr, &ev->bdaddr);
2920 hci_send_cmd(hdev, HCI_OP_REMOTE_OOB_DATA_NEG_REPLY, sizeof(cp),
2925 hci_dev_unlock(hdev);
2928 static inline void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
2930 struct hci_ev_le_conn_complete *ev = (void *) skb->data;
2931 struct hci_conn *conn;
2933 BT_DBG("%s status %d", hdev->name, ev->status);
2937 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
2939 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
2941 BT_ERR("No memory for new connection");
2942 hci_dev_unlock(hdev);
2946 conn->dst_type = ev->bdaddr_type;
2950 mgmt_connect_failed(hdev, &ev->bdaddr, conn->type,
2951 conn->dst_type, ev->status);
2952 hci_proto_connect_cfm(conn, ev->status);
2953 conn->state = BT_CLOSED;
2958 mgmt_connected(hdev, &ev->bdaddr, conn->type, conn->dst_type);
2960 conn->sec_level = BT_SECURITY_LOW;
2961 conn->handle = __le16_to_cpu(ev->handle);
2962 conn->state = BT_CONNECTED;
2964 hci_conn_hold_device(conn);
2965 hci_conn_add_sysfs(conn);
2967 hci_proto_connect_cfm(conn, ev->status);
2970 hci_dev_unlock(hdev);
2973 static inline void hci_le_adv_report_evt(struct hci_dev *hdev,
2974 struct sk_buff *skb)
2976 u8 num_reports = skb->data[0];
2977 void *ptr = &skb->data[1];
2981 while (num_reports--) {
2982 struct hci_ev_le_advertising_info *ev = ptr;
2984 hci_add_adv_entry(hdev, ev);
2986 ptr += sizeof(*ev) + ev->length + 1;
2989 hci_dev_unlock(hdev);
2992 static inline void hci_le_ltk_request_evt(struct hci_dev *hdev,
2993 struct sk_buff *skb)
2995 struct hci_ev_le_ltk_req *ev = (void *) skb->data;
2996 struct hci_cp_le_ltk_reply cp;
2997 struct hci_cp_le_ltk_neg_reply neg;
2998 struct hci_conn *conn;
2999 struct link_key *ltk;
3001 BT_DBG("%s handle %d", hdev->name, cpu_to_le16(ev->handle));
3005 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
3009 ltk = hci_find_ltk(hdev, ev->ediv, ev->random);
3013 memcpy(cp.ltk, ltk->val, sizeof(ltk->val));
3014 cp.handle = cpu_to_le16(conn->handle);
3015 conn->pin_length = ltk->pin_len;
3017 hci_send_cmd(hdev, HCI_OP_LE_LTK_REPLY, sizeof(cp), &cp);
3019 hci_dev_unlock(hdev);
3024 neg.handle = ev->handle;
3025 hci_send_cmd(hdev, HCI_OP_LE_LTK_NEG_REPLY, sizeof(neg), &neg);
3026 hci_dev_unlock(hdev);
3029 static inline void hci_le_meta_evt(struct hci_dev *hdev, struct sk_buff *skb)
3031 struct hci_ev_le_meta *le_ev = (void *) skb->data;
3033 skb_pull(skb, sizeof(*le_ev));
3035 switch (le_ev->subevent) {
3036 case HCI_EV_LE_CONN_COMPLETE:
3037 hci_le_conn_complete_evt(hdev, skb);
3040 case HCI_EV_LE_ADVERTISING_REPORT:
3041 hci_le_adv_report_evt(hdev, skb);
3044 case HCI_EV_LE_LTK_REQ:
3045 hci_le_ltk_request_evt(hdev, skb);
3053 void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3055 struct hci_event_hdr *hdr = (void *) skb->data;
3056 __u8 event = hdr->evt;
3058 skb_pull(skb, HCI_EVENT_HDR_SIZE);
3061 case HCI_EV_INQUIRY_COMPLETE:
3062 hci_inquiry_complete_evt(hdev, skb);
3065 case HCI_EV_INQUIRY_RESULT:
3066 hci_inquiry_result_evt(hdev, skb);
3069 case HCI_EV_CONN_COMPLETE:
3070 hci_conn_complete_evt(hdev, skb);
3073 case HCI_EV_CONN_REQUEST:
3074 hci_conn_request_evt(hdev, skb);
3077 case HCI_EV_DISCONN_COMPLETE:
3078 hci_disconn_complete_evt(hdev, skb);
3081 case HCI_EV_AUTH_COMPLETE:
3082 hci_auth_complete_evt(hdev, skb);
3085 case HCI_EV_REMOTE_NAME:
3086 hci_remote_name_evt(hdev, skb);
3089 case HCI_EV_ENCRYPT_CHANGE:
3090 hci_encrypt_change_evt(hdev, skb);
3093 case HCI_EV_CHANGE_LINK_KEY_COMPLETE:
3094 hci_change_link_key_complete_evt(hdev, skb);
3097 case HCI_EV_REMOTE_FEATURES:
3098 hci_remote_features_evt(hdev, skb);
3101 case HCI_EV_REMOTE_VERSION:
3102 hci_remote_version_evt(hdev, skb);
3105 case HCI_EV_QOS_SETUP_COMPLETE:
3106 hci_qos_setup_complete_evt(hdev, skb);
3109 case HCI_EV_CMD_COMPLETE:
3110 hci_cmd_complete_evt(hdev, skb);
3113 case HCI_EV_CMD_STATUS:
3114 hci_cmd_status_evt(hdev, skb);
3117 case HCI_EV_ROLE_CHANGE:
3118 hci_role_change_evt(hdev, skb);
3121 case HCI_EV_NUM_COMP_PKTS:
3122 hci_num_comp_pkts_evt(hdev, skb);
3125 case HCI_EV_MODE_CHANGE:
3126 hci_mode_change_evt(hdev, skb);
3129 case HCI_EV_PIN_CODE_REQ:
3130 hci_pin_code_request_evt(hdev, skb);
3133 case HCI_EV_LINK_KEY_REQ:
3134 hci_link_key_request_evt(hdev, skb);
3137 case HCI_EV_LINK_KEY_NOTIFY:
3138 hci_link_key_notify_evt(hdev, skb);
3141 case HCI_EV_CLOCK_OFFSET:
3142 hci_clock_offset_evt(hdev, skb);
3145 case HCI_EV_PKT_TYPE_CHANGE:
3146 hci_pkt_type_change_evt(hdev, skb);
3149 case HCI_EV_PSCAN_REP_MODE:
3150 hci_pscan_rep_mode_evt(hdev, skb);
3153 case HCI_EV_INQUIRY_RESULT_WITH_RSSI:
3154 hci_inquiry_result_with_rssi_evt(hdev, skb);
3157 case HCI_EV_REMOTE_EXT_FEATURES:
3158 hci_remote_ext_features_evt(hdev, skb);
3161 case HCI_EV_SYNC_CONN_COMPLETE:
3162 hci_sync_conn_complete_evt(hdev, skb);
3165 case HCI_EV_SYNC_CONN_CHANGED:
3166 hci_sync_conn_changed_evt(hdev, skb);
3169 case HCI_EV_SNIFF_SUBRATE:
3170 hci_sniff_subrate_evt(hdev, skb);
3173 case HCI_EV_EXTENDED_INQUIRY_RESULT:
3174 hci_extended_inquiry_result_evt(hdev, skb);
3177 case HCI_EV_IO_CAPA_REQUEST:
3178 hci_io_capa_request_evt(hdev, skb);
3181 case HCI_EV_IO_CAPA_REPLY:
3182 hci_io_capa_reply_evt(hdev, skb);
3185 case HCI_EV_USER_CONFIRM_REQUEST:
3186 hci_user_confirm_request_evt(hdev, skb);
3189 case HCI_EV_USER_PASSKEY_REQUEST:
3190 hci_user_passkey_request_evt(hdev, skb);
3193 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3194 hci_simple_pair_complete_evt(hdev, skb);
3197 case HCI_EV_REMOTE_HOST_FEATURES:
3198 hci_remote_host_features_evt(hdev, skb);
3201 case HCI_EV_LE_META:
3202 hci_le_meta_evt(hdev, skb);
3205 case HCI_EV_REMOTE_OOB_DATA_REQUEST:
3206 hci_remote_oob_data_request_evt(hdev, skb);
3210 BT_DBG("%s event 0x%x", hdev->name, event);
3215 hdev->stat.evt_rx++;
3218 /* Generate internal stack event */
3219 void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
3221 struct hci_event_hdr *hdr;
3222 struct hci_ev_stack_internal *ev;
3223 struct sk_buff *skb;
3225 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
3229 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
3230 hdr->evt = HCI_EV_STACK_INTERNAL;
3231 hdr->plen = sizeof(*ev) + dlen;
3233 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
3235 memcpy(ev->data, data, dlen);
3237 bt_cb(skb)->incoming = 1;
3238 __net_timestamp(skb);
3240 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
3241 skb->dev = (void *) hdev;
3242 hci_send_to_sock(hdev, skb, NULL);
3246 module_param(enable_le, bool, 0644);
3247 MODULE_PARM_DESC(enable_le, "Enable LE support");
projects / linux-flexiantxendom0-3.2.10.git / blob